How can one prove “I am me” in the world of the internet? Authenticate identity information on site A, and then need to authenticate again on site B? Taking a photo with an ID card and uploading it, manual verification—too cumbersome? Multiple accounts and passwords that are hard to remember, easy to mix up, and difficult to manage? The concept of Self-sovereign identity (SSI) is precisely the idea that can solve these problems.
SSI is a concept in the digital identity movement, where only the user owns all and complete digital identity information, without other managers and organizations involved. In the concept of SSI, users have their own decentralized identifiers (DIDs) and can fully control their identity information. They can use, update, or delete information at any time. Users can create and manage their own verifiable credentials and decide when to use and share their credentials without needing to request authorization from centralized institutions.
Using an SSI system, all key information can be managed through a digital identity wallet, allowing users to log in to all websites with one account. In the wallet terminal, users can apply to authoritative institutions for certificates such as ID cards, driver’s licenses, and residence permits, all stored in digital form on phones or computers. Digital certificates are machine-readable and verifiable, allowing safe presentation to third-party applications. Third-party applications can directly verify the certificate’s validity without human intervention and without the issuing institution’s participation.
Thanks to the continuous development of blockchain technology, the realization of the SSI concept is gradually becoming possible. Blockchain systems are inherently decentralized, with unique data structure designs and cryptographic technology applications. Combined with consensus algorithms’ excellent capabilities in multi-node data synchronization, blockchain can protect data privacy and security. Once data is written into the system, no one can tamper with it, providing a highly credible storage environment. In constructing an SSI system, using blockchain as a verifiable data registry is undoubtedly the best choice.
There are already many precedents for SSI. In 2017, the Sovrin Foundation released the world’s first public distributed ledger network for self-sovereign digital identity. The entire system runs on open standards and the open-source Sovrin protocol, maintained by the Linux Foundation’s Hyperledger Indy project. Sovrin’s white paper in 2018 posed and answered the question, “Why is there no certificate to prove identity in the network world like in the physical world? Until the advent of blockchain technology, we solved this problem!” Combining W3C’s DIDs, Sovrin proposed a complete solution for digital identity and credentials. Sovrin’s idea has always been clear: to build and use an open, accessible blockchain network like Bitcoin and Ethereum.
eSSIF-Lab (European Self-Sovereign Identity Lab) is another case. The European Blockchain Partnership proposed the EBSI (The European Blockchain Services Infrastructure), a cross-European distributed node network providing cross-border public services, with 28 member states signing related declarations. The eSSIF-Lab project, funded by the European Commission, aims to promote SSI as the next-generation open, trusted, and secure digital identity solution. On July 23, 2014, the EU established the eIDAS (electronic IDentification, Authentication and trust Services) regulation for electronic transactions in the common EU market. In May 2019, eIDAS announced support for self-sovereign digital identity based on W3C-related specifications.
Microsoft has also been active in this field. In October 2018, Microsoft released the white paper “Decentralized Identity,” introducing the technical solution for constructing a decentralized digital identity system based on blockchain. This includes DIDs specification, decentralized data systems, DID user terminals, DID universal resolvers, DID identity hubs, DID authentication systems, decentralized clients, and services. It detailed the components of each module and the interaction processes of various roles in the system, providing an excellent template for constructing SSI systems. Currently, Microsoft offers an open service platform to experience related products and capabilities.
In addition, uPort on Ethereum and IPFS networks, Blockstack with its self-developed blockchain and third-party DApp support, and ShoCard, adaptable to the Bitcoin network, are excellent examples. Domestic companies and institutions are also working in this area. For example, AntChain provides Decentralized Identity Service (DIS), Tencent Cloud’s digital identity solutions, and WeBank’s WeIdentity, a blockchain-based distributed multi-center technical solution, all utilizing blockchain’s decentralized, highly credible data characteristics to construct reliable digital identity identification and authentication systems.
Blockchain is an advanced technology with tremendous potential, broad development prospects, and application space. Whether in national policy support or practical application cases, the countless possibilities of blockchain in the future are evident. We are also actively exploring and promoting the development of blockchain-related technologies and application scenarios, combining blockchain with homomorphic encryption, federated learning, multi-party computation, zero-knowledge proofs, and other cutting-edge technologies to use the best technical capabilities to usher in the next internet era.