Background - Adding Trust to the Internet
Putting Internet users - and organizations - in control of their own online Identity has been a growing challenge since the start of the internet. With the creation of massive centralized stores of private data (e.g. Equifax, Google, Facebook, etc.), the ability for holders to use that data in ways that are not always in the best interest of the data owner (you!). Further, given the rise of cyber-hacking which exposes that data, a change is needed in how our data is handled. Self-Sovereign Identity (SSI) is a promising approach to decentralize the control and location of our data, giving control of our data back to us. Taken further, SSI enables a higher level of trust on the Internet by providing mechanisms that enable verifiable identification of parties to a transaction, reducing the need for high-cost mechanisms to establish trust.
This project is particularly interested in the trust attribute of the SSI approach. We aim to create a trusted digital network of verifiable data about organizations which is globally connected, interoperable, secure, and easy to join. We believe the novel capabilities of distributed ledger based Self-Sovereign Identity ecosystems to provide increased levels of trust for online transactions will foster economic activity for BC companies locally and across the globe. We call this the Verifiable Organizations Network.
Our first step - Creating a Network Effect
We recognize that there is a particular problem we face in creating a Verifiable Organizations Network. The challenge we face is the lack of government services whom can issue Verifiable Claims about organizations, as well as the fact that there are no organizations who have the ability to hold these claims. Therefore we are going to use strategies suggested in the very helpful presentation by the venture capital firm Andreessen Horowitz which describes approaches to building network effects. A network effect occurs when a product or service becomes more valuable to its users as more people use it. This effect is easily observed in any communications network from the telephone network to Facebook.
The particular strategy we are putting into action is similar to the one which was deployed by Facebook. TheFaceBook at Harvard used a very clever network effect to bootstrap the new world of Social Networks. Mark Zuckerberg pre-loaded TheFacebook with accounts that provided a core of users with one common attribute (they went to Harvard) as an effective starting point for building an ever growing network. This approach bootstrapped the network effect which magnified subsequent actions of users, resulting in the ever-faster growth of TheFaceBook's, and ultimately, Facebook's network. Without seeding the network, there growth may never have come.
We're trying to use "TheOrgBook" to generate that same network effect for building Self-Sovereign Identities and the use of Verifiable Claims for Verifiable Organizations.
The problem: Creating Network Effects for the VON
The challenge in creating an SSI enabled is:
- Supply: Services don't support Verifiable Claims because there are no Organizations with their own SSI Digital Wallets.
- Demand: Organizations don't have a need for their own SSI Digital Wallets because there are no Services that support Verifiable Claims.
We can't directly influence the demand, but as a major supplier of Services (registrations, licenses, permits, etc.) to organizations, we can enhance our local Services to drive supply. TheOrgBook gives Services a place to both issue Verifiable Claims and receive proofs about Verifiable Claims without needing Organizations to have their own wallets.
Here's a simple picture of the system:
- Desks are Services that Organizations use to register their business and from which they receive permits and licenses
- TheOrgBook is a repository of the public claims generated by those Services
- Claims are equivalent to the "Permit to Operate" documents posted on the wall
- The repo is web-searchable, listing organizations, claims and claim details
- The Identity Register Network is underlies the system to drive trust
- a decentralized Self-Sovereign Identity network based on distributed ledger technology
As an Organization goes through an online process to acquire their Registrations/Licenses/Permits, the Services gets proofs (and their associated data) from Verifiable Claims already stored in the database.
- This saves the users from having to re-type the information for each Service (and eliminates typos in the data)
- Each Service can trust the information because it comes from a trusted source - and is cryptographically signed
We're currently building two components to support TheOrgBook:
TheOrgBook (this repo)
Code to make it easy to spin up instances of TheOrgBook in different jurisdictions or in different business domains. The capabilities of each instance of TheOrgBook includes:
- A repository of Verifiable Organizations built around a foundational claim about an Organization
- in our case, the foundational claim is from BC Registries
- Web interface for searching/displaying Verifiable Organizations by name, location and types of claims held.
- An interface to underlying Identity Register Networks - initially a Hyperledger Indy network, with capabilities to:
- Receive issued Verifiable Claims from known Services about subject Verifiable Organizations
- Provide Proofs to Services about subject Verifiable Organizations
We have identified the requirements for extending the Hyperledger Indy implementation of a key component of TheOrgBook - the wallet - and noted those requirements here. We welcome suggestions and solutions to these requirements.
Verifiable Organization Network (VON) Connector (repo to be created)
The VON-Connector is code to minimize the effort for a Service to become SSI-enabled and able to use an instance of TheOrgBook. The capabilities of a VON-Connector include:
- An interface to underlying Identity Register Networks
- A query interface to known instances of the TheOrgBook
- Request proofs about a Verifiable Organization's claim from an instance of TheOrgBook
- Issue Verifiable Claims about an Organization to an instance of TheOrgBook
- Request proofs from an SSI-enabled Organization
- Issue Verifiable Claims to an SSI-enabled Organization
- Provide updates (including revocations) of Verifiable Claims to TheOrgBook and/or SSI-enabled Organizations
Want to know more?
A detailed document about our first demonstration project can be found here.
Want to help?
Fork the code, get in touch and let's build this together.