Summary of the Live Telegram AMA held in the dbcrypto community Telegram chat on 8 February 2019.
This afternoon we had the pleasure of welcoming Phil Windley — Chair of the Sovrin Foundation — into the dbcrypto Community Telegram for a live AMA.
Sovrin is a project working on disrupting the digital identity space and truly shaking up the way that we all use and prove our identities online — in a safe and privacy preserving way.
AMA Question Highlights
Hi everyone, I’m Phil Windley, Chair of the Sovrin Foundation, a non-profit building a global, decentralized identity metasystem. I’m happy to answer your questions — Phil Windley
Daniel [dbcrypto]
We had our conversation for YouTube about a month and a half ago now Phil, do you have anything to share for progress since we spoke?
Phil Windley
I’m pleased with how well the roll out of the business credentialing systems in British Columbia and Ontario have gone. They’ve been busy creating a decentralized alternative to business registration. And there’s been quite a bit of momentum building behind the MyCUID that the credit unions are doing.
On the technical front, we have already moved much of our crypto work into its own independent effort at Hyperledger underneath the recently announced Ursa project. Along with Hyperledger Ursa’s release, there will also be improvements to revocation, performance of the crypto code, and re-usability of the protocol and crypto constructs for various use cases. These improvements will bring new feature enhancements to Hyperledger Indy and Sovrin. And moreover, they will also apply to other blockchain networks.
In terms of the ledger codebase, we are seeing a greater demand for its capability, scalability, and performance. We have opened up the Ledger 2.0 effort to address fundamental platform questions and are in early planning stages for a number of significant improvements. We expect that major project enhancements across the identity stack will lead to a full 2.0 release this year. This effort includes some really good improvements regarding semantics and payment interfaces on the ledger.
Perhaps the largest amount of work going on right now has to do with the agent ecosystem. Since we now have a stable ledger with a usable anonymous credentials protocol, everyone is trying to use it. As a result, we’ve discovered missing or incomplete parts of the protocol and its reference implementations which will be improved this year.
In addition, a lot of exciting work is happening around the edge connector app and a reference framework for developing your own connector app. This will allow your customers to be able to securely manage their keys and connections, along with installing different kinds of extensions to those systems.
Daniel [dbcrypto]
CULedger is working with Evernym to build MyCUID… is that right? What exactly is it, how important is this for adoption of the Sovrin network?
Phil Windley
Yes, that’s right. Evernym, as you might recall, is a commercial company building software for enterprises to use Sovrin.
They are the prime contractor for CULedger’s MyCUID effort. MyCUID will use Evernym’s commercial agent, called Verifty, to issue credentials.
The reason this is exciting is that it represents a major push to get consumers using Sovrin-based credentials. They plan to issue 1 million this year. And there are 235 million credit union members worldwide, so if this goes well, there’s a lot of room for expansion.
Telegram user albogino
I live in Toronto. What businesses do you see or are currently in line to use your tech?
Phil Windley
Glad to hear from Toronto. Canada is a big player in the SSI (self-sovereign identity) space. In addition to the governments of BC and Ontario, we have partnerships with ATB Financial in Alberta and Telus, one of Canada’s phone companies. How they’ll use this depends on their business, but I expect most initial use will be internal (even if it’s just letting employees or customers log in without user names and passwords) and spread from there. Think about how many credentials there are in the world. All of those can be moved onto Sovrin.
On the under-documented, there’s a huge push in that area. One of our partners is iRespond who does biometric authentication for under-documented persons in Asia and Africa. There’s also pilots going on with the Red Cross and we have contact with ID2020, WEF, and other players in this space. We’ve got a dedicated Identity for All (I4A) program that helps us keep up with this important area.
Daniel [dbcrypto]
On the note of agents and stable ledger… who are these agents exactly? What type of role does the agent play? By stable ledger does this mean that you are happy with the number of Stewards at the moment?
Phil Windley
An agent is a software system that represents a person, organization, or thing. Agents talk peer-to-peer. That’s how credentials are exchanged and that’s why Sovrin scales to well. Most people will have more than one agent, the same way that you keep different paper credentials in different places.
We’re doing an interoperability ‘connectathon’ in Provo, Utah the week of February 19 with people coming from around the world to work on their agents together.
Stable ledger isn’t about the number of stewards. That refers to the inner workings of the ledger itself and how it behaves.
Telegram user Justin_Freeman
Hi Phil, thanks for your time. Do you foresee the integration of biometrics with Sovrin tech? Or is that something a third party could offer?
Phil Windley
The right place for biometrics is on the device, not in the cloud or the blockchain. So, yes, biometrics will play a role, but locally, not globally.
In the case of under-documented, a guardian might hold their biometrics for them at the edge of the network, for people with smart devices, you’ll host your own.
The biometric gives you access to your edge agent, but goes no further. Storing biometrics on a ledger, even hashed, has significant dangers for privacy and security. We don’t recommend it.
Daniel [dbcrypto]
Working at a new firm this week I wasted so much time with their temporary passwords and different logins for all the programs and systems… I can just imagine how seamless it would be to forget these login/password systems.
Phil Windley
Username/password is the low hanging fruit in this play. For traditional identity systems, that’s more or less all they do. But this is just the beginning for a credential-based identity system. The world is full of credentials, everything from a driving license to a car title to a grocery store receipt. We haven’t been able to use them online the way we do in the physical world, but now we can.
Telegram user Justin_Freeman
From my knowledge, zero-knowledge proofs are central to the Sovrin Network tech. This tech is relatively new. Who worked on this and were they difficult to implement?
Phil Windley
We have a great team of cryptographers both in Utah and in Europe working on that. When we proposed doing zero-knowledge proofs for credentials some people said it couldn’t be done, it would be too slow.
Sovrin has proven that wrong. If you look at our Technical Governance Board, you’ll note that Jan Camenisch, one of the superstars of the zero-knowledge proof world is helping guide this effort. Watch this video and note the times in the proofs from credentials. This isn’t a demo, it’s real. The zero-knowledge proof stuff works and is fast enough to use all the time.
Telegram user Justin_Freeman
How did you attract these superstars?
Personally, I think Sovrin sells itself but it’s hard to filter out so much crap in the space and attract the right people.
Phil Windley
Jason Law, the CTO of Evernym and Sam Smith, a local cryptographer started thinking about this several years ago. They’re both deep thinkers and great architects. They connected with many of the technical superstars. Utah also has some crypto/security roots because of Symantec having offices here. Nathan George, the Sovrin CTO is one of the best technologists in this space and holds his own with people worldwide. I was at the Hyperledger Global Summit in December and Indy (the open source codebase for Sovrin) was the star of the show. It’s no wonder that Ursa, the common crypto library project, is based on Sovrin code.
Telegram user albogino
Will I be able to use my identity to verify myself across various businesses, platforms? Eventually like for my bank, for work, for taxes, for picking up mail etc? All using just my Sovrin profile?
Phil Windley
Yes, in the video you’ll note that John Smith is using credentials from his bank, telco, and the drivers license to prove things in concert to Skyway Airlines. That’s the beauty and strength of Sovrin: multi-source, user-controlled identity.
Telegram user ansteadm
Any reason why you guys are sticking to a permissioned chain? Is there a point where you’ll want to use a permissionless chain in different use cases? Or will you not be interoperable?
Phil Windley
The easy answer is that permissioned ledgers scale more nicely, but that’s not the killer idea. The reason that Sovrin’s ledger works the way it does is state proofs. These allow for offline interactions.
You could, for example, use your Sovrin wallet to prove you have tickets (aka credentials) to a concert out in the desert where there’s no connectivity and the person taking tickets could know those tickets are valid. Without permissioning, state proofs are impossible and so is offline verification.
The permissioning is about establishing a reputational stake and strong community governance guarantees, not about restricting access. It is a public utility.
Telegram user ansteadm
That’s awesome! To be honest, with how the world is developing and how pretty much everything is interconnected digitally, being able to access some of that info offline might not be as crucial. That’s just my personal opinion though. I do like the scalability and governance aspect that it would bring to the table.
Phil Windley
Maybe, but let’s say your driving license is in a Sovrin agent and you get pulled over and for what ever reason there’s no connectivity? That scenario will limit adoption because people will feel like they can’t use digital credentials or they have to have a backup. We don’t want that.
Daniel [dbcrypto]
The video demo is great, how will a digital token come into play in this system? We know it would need to be very low cost transactions.
Phil Windley
There are a number of places a token could be used. If you look at the white paper, we talk a lot about credential exchange. Many credentials are free (store receipts) but some are not (driving license, credit check, house title, etc.). If those credentials are paid for out of band, that means you need to have credential escrow systems and other things that reduce flexibility and speed. So, having tokens as part of the ecosystem makes sense.
The primary initial use of tokens will be paying for writes to the ledger. This reduces spam and provides funds for the ongoing operations of the ledger.
Telegram user Justin_Freeman
Phil, how did you develop your way of dealing with “moon boys” in the Sovrin chat?
I have literally sat there scrolling through the Sovrin Telegram to look at the “when ico” comments and your responses.
Phil Windley
Teaching college for 25 years, I guess. I try to be funny, firm, and not TOO snarky.
Thanks everyone for the great questions. Feel free to join the Sovrin Chat where you can literally AMA all the time. — Phil Windley
Thank you to Phil for giving up his time on a Friday afternoon to chat with the community about the Sovrin project. Sovrin is a favorite project of mine, and I really think this network could shake up the way that we all use our identities online— Daniel [dbcrypto]
Website
https://www.dbcrypto.io
Twitter
https://www.twitter.com/dalb0013
Telegram
https://www.t.me/dbcryptochat
YouTube
https://www.youtube.com/c/dbcrypto
Please note that some questions and or answers may have been edited to account for grammatical errors and appropriate presentation. This summary does not necessarily include all questions asked and answered during the event.
