Overview of Decentralized Identities

Identity, Credentials and Privacy

Identity is a set of characteristics of something or someone that distinguishes the subject from others. In order to describe an identity you need to assign it attributes. Attributes can either be self-asserted ("my name is Anna") or asserted by a trusted third-party ("she assures you that my name is Anna"). Commonly, such third-parties are authorities, like governments, that put and assert certain attributes about an identity in a credential like a passport. By trusting the authority and by having means to verify the validity of the credential and its holder, a verifier has certain assurance about the identity of the subject.

The set of attributes in conventional credentials is defined by the authorities and static. Whenever such a credential is used as part of an identification process all of its attributes are revealed no matter if they are required or not. This results in oversharing. Oversharing can imply risks for companies such as compliance concerns, for example, in cases where identity data contains personal data. For the user, oversharing lifts privacy concerns. What is more, sharing too much identity data may lead to impersonation attacks.

In the digital world, traditionally services act as the central authority for an identity assertion. Such services assert identities on demand. Consequently, an identity service (e.g., the government in the illustrated example) can track users by their actions because it gets aware of the different places a user interacts with (e.g., the bank). This raises even more privacy concerns for users.

The challenge of an identification process is to collect a minimum of attributes, just enough to identify the subject. However, conventional credentials do not provide a way for either the subject or the verifier to specify which attributes they want or require to be shared with whom. This identity dilemma applies to the physical as well as the digital world.

Verifiable credentials provide the means for a privacy focused, decentralized ecosystem for digital identification that helps to solve the identity dilemma. The idea is to decouple the issuance process from the verification where the user can store credentials in a digital wallet and present them when needed. It is completely in the user's power to decide, when to share what with whom. The ecosystem enables decentralization because there is (ideally) no need to contact any central service for the purpose of identification. It even supports presenting several credentials from various issuers at once, something that is not straight forward outside this ecosystem.

Decentralized Identities

An identity ecosystem, no matter if physical, digital, central or decentralized has some common actors: An authority, a verifier and a user. The authority is the party that can assert something about the user whereas the verifier wants to know something about her. For the user to fulfill such a request, she can ask for a credential from the authority (e.g., the passport like in the illustrated example). When the user wants to interact with the verifier at a later stage (e.g., the bank), she simply presents the credential.

The verifier knows what to expect from the credential and how to verify it. For example, it knows what a passport from the given authority should look like and what data it is supposed to contain. It also knows how to verify that the credential belongs to the user by, for example, checking the picture with the user's face. Though the authority is important for establishing the trust, it is not involved in the identification process itself - the system is decentralized.

What sounds self-evident in the physical world requires certain building blocks in its digital counterpart. First of all, a credential must be verifiable. For that, issuers sign credentials using cryptographic methods, i.e. digital signatures. As with physical credentials, digital credentials must comply to a certain format. Verifiable credentials can have different formats and there are multiple types of credentials. For example, W3C Data Model for Verifiable Credentials is one format, ISO/IEC 18013-5 and AnonCreds are others. For the ecosystem to work, it needs well-defined processes, that is, there must be protocols such as the OpenID4VC specifications, that define how to create, obtain and present verifiable credentials.

Finally, the verifier must be able to validate the presenter of the credential. This is where decentralized identifiers (DIDs) come into play. DIDs provide a way to bind keys that the user controls to a globally unique ID. This ID is commonly used in verifiable credentials to identify the user. More importantly, it is also utilized for a proof of ownership of a presented credential using the associated key of the DID. The related private keys of a DID are stored in the wallet, next to the credential.

Decentralized Identifiers

A DID is a globally unique string that identifies a so-called DID subject. Technically, the DID subject can be any resource - physical, digital or even abstract. In the context of decentralized identities, the DID subject, however, is commonly a natural person (or legal entity). A DID points to a document with some data about the subject including keys for different purposes. Authentication being one of them. This document is called the DID document.

The Wallet

The wallet is an application that holds verifiable credentials and related keys. When using DIDs, the wallet publishes (the public part of) a key via a DID and that DID is later included in the verifiable credential. The keys are important because they allow users to prove that they actually own the verifiable credentials, i.e. they are supposed to possess and hold them.

A wallet can be a remote application like a key escrow service that stores keys in the cloud. Such an application is portable because the user may access it from any device. It may offer services like backup or recovery for availability. However, a wallet can also work without any backend. For example, users may install wallets as applications on devices such as mobile phones, and store keys locally.

Self-contained wallets are the most privacy protecting option as they do not involve a third party that potentially could pry into users' wallets as is the case with cloud based wallets. Self-contained wallets give the user full power to control their data, credentials and keys. As a consequence, backup and recovery are at the discretion of the user. Without any mitigation, if the user loses the wallet, she will also lose any credentials and keys with it.

Since a wallet stores the user's private keys, it is important that the wallet behaves correctly. Only if the user, the verifier and the issuer trust the wallet to actually store the private keys safely, they can trust the system. One solution is to use accredited software, like an official wallet that the user installs from a trusted source. In addition, the credential issuer needs to perform some checks so that it only releases credentials to trusted wallets. The verifier may want to make sure that the credential is presented by a trusted wallet (and not some that may have shared the user's private key with some other parties). The industry is still working on creating trust frameworks that will help with identifying the most secure options.

Verifiable Credentials

A verifiable credential is a set of attested claims about a subject, typically but not limited to a natural person. It is verifiable because the issuer includes a proof in the credential that a receiver, like the wallet, can check. This proof is typically a digital signature. Any party requesting the presentation of credentials ("verifier") must trust the credential issuer (implicitly or explicitly) in order to be able to verify the credentials.

A credential issuer binds a verifiable credential to a subject. This binding allows for verifying not only the issuer of a credential but also the subject e.g., via the DID and the associated key. As long as the verifier knows how to retrieve the DID document and the subject's public keys from the DID (or more generally from the credential) it has a standardized way for validating the authenticity of the subject.

There are different formats for verifiable credentials. The W3C Data Model for Verifiable Credentials and ISO/IEC 18013-5 for mobile driving license (mDL) are just two examples. The data models define the elements of a credential and the relationship between them. They describe how to leverage subject claims like the subject identifier and the proof of holder, among others. DIDs, for example, lend themselves well to subject identifiers in the W3C data model. Other formats have different means for identifying the subject and verifying the holder of verifiable credentials.

The following shows a non-formative example of a W3C verifiable credential (without proof for readability):

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.w3.org/2018/credentials/examples/v1"
  ],
  "type": [
    "VerifiableCredential",
    "BasicExampleCredential"
  ],
  "issuer": "did:example:credential-issuer",
  "issued": "2023-05-31T11:27:24.604489485Z",
  "expirationDate": "2023-06-10T11:27:24.604489485Z",
  "id": "urn:uuid:de1e0cb9-e596-4979-b4a1-f68eb68c70ba",
  "credentialSubject": {
    "id": "did:example:user-id",
    "name": "Anna",
    "birthdate": "1970-01-01",
  }
}

Verifiable credentials pave the way for privacy preserving identification and authentication. A credential issuer can, for example, add a simple claim such as age_over_18=true in a credential instead of - or even in addition to - the birthdate. Users can present this credential to any party they want without having to reveal any other information such as the name. This method is called the selective disclosure of claims. Another technique with similar outcome are zero-knowledge proofs (ZKPs).

Applications

With decoupling the issuing process from the identification, applications do not need to integrate directly with the credential issuer. Instead, applications can request the presentation of credentials directly from the wallet. The wallet prompts the user for approval and authentication (to release the keys), calculates the holder-proof and returns it together with the credential to the application.

As verifiers, applications validate that the presented credential is indeed issued to the same entity that holds it. This means, they check that the holder-proof is a proof of possession of the private key associated with the subject in the verifiable credential. The application also verifies the credential itself, namely the proof of the issuer. If the credential is valid, the user is identified, and thanks to the holder-proof, the user is also authenticated.

Authorization servers can act as verifiers as well, accepting the presentation of verifiable credentials for authentication or identity assertion. Consequently, such an authorization server is able to identify and authenticate users that it does not know beforehand, i.e. unregistered users. It can then issue access tokens based on the data provided by the user via a presented credential. In this case, the use of verifiable credentials is completely seamless for the client (application) or APIs.

Compliance

The ability of decentralized identities to explicitly define which claims a verifier requests, combined with mechanisms of selective disclosure of claims allows for implementations that only share a minimum of data. Such implementations not only help to improve user's privacy in the digital space, but also provide benefits for companies. Decentralized identities can potentially avoid the need to store any personal data about users because the user provides required information on demand. Consequently, decentralized identities can help conforming to expensive regulations such as GDPR in Europe, and cutting costs.

Conclusion

Decentralized identities have the capability to revolutionize digital identities. They put individuals and their privacy into focus. However, there are still unresolved questions such as how to revoke credentials in a decentralized ecosystem. Undoubtedly, having digital credentials in a digital world is not only a convenience but necessity, and so is preserving users' privacy. Decentralized identities with verifiable credentials are a big step in the right direction that provides benefits for users as well as organizations.