Announcing Decentralized Identity on Tezos

Spruce Systems, Inc.
Aug 27 · 4 min read
Image for post
Image for post

Today, we are proud to announce our collaboration with the Tezos ecosystem, with which we have begun working to add decentralized identity capabilities built using the latest W3C standards. Our first efforts will result in extensible open-source identity products built on Tezos, including tools for the issuance, storage, verification, and governance of trusted information to allow any Tezos account to demonstrate who (or what) they are on their own terms, without sacrificing privacy.

We are thrilled to be working with the team at TQ Tezos in order to bring digital identity to life, and are looking forward to working with ecosystem projects such as Tezos Domains, Taquito, Beacon, Kukai, and Agora in order to augment their initiatives with Tezos-based decentralized identities.

Digital identity and blockchain-based smart contracts

Image for post
Image for post
Examples of opportunities to refactor trusted workflows

To drive impact outside of on-chain transactions and smart contracts, blockchains must construct read and write pointers to the real-world as secure digital representations. Anything from asset issuance, to business contract verification, to trusted oracles require some form of digital identity, which is the way we recognize, remember, and respond to other actors. We’ve seen projects spend valuable engineering hours re-constructing the same digital identity components in order to satisfy their trust and compliance needs.

Spruce is building common identity infrastructure that offers standard and interoperable ways to manage things like documents, authorizations, and integrations with third-party verifiers. These processes are then used to establish credentials for people and things (e.g., account ownership, investor sophistication assessments, authoritative copies, data feeds, etc.) held by account controllers and presented at will without requiring intermediaries.

These are critical building blocks to enable use cases such as compliance for digital assets, transparent government, and scalable data storage without loss of integrity. This way, applications can focus more on their core business logic instead of reinventing identity components.

Why Tezos

We believe the Tezos ecosystem is a strong fit for Spruce’s efforts considering its vision, community practices, and focus on high assurance. Additionally, the decentralized identity ecosystem has much to gain from the Tezos ecosystem’s reciprocal involvement. By focusing our efforts within a single ecosystem from the outset, we are able to ensure production readiness across a complete integrated stack so that solutions will function flawlessly from the end-user interfaces down to the blockchain protocol level.

Tezos’ focus on governance and upgradable protocols aligns with the notion of trust frameworks in mapping human-made rules into machine-readable protocols. As an example, there are several common activities in the baking ecosystem, such as staking rewards auditing, which are excellent candidates for formalizing into verifiable credentials-based interactions.

We also look forward to interacting with Tezos’ rich ecosystem of formal verification engineers to prove properties of our software, such as that it is impossible to issue a credential in an invalid state. We also anticipate collaborations using zero-knowledge protocols to advance the state of the art in the decentralized identity ecosystem, which has already pioneered selective credential disclosure using BBS+ signatures in conjunction with BLS12–381 (the Zcash pairing-friendly elliptic curve). There is immense opportunity for mutual gain at both the ecosystem and technology layers.

Our vision

Our long-term vision is to enable every Tezos wallet with identity capabilities and to allow any project to issue credentials for end-users to utilize throughout their various journeys. With these components, Tezos products will have standard capabilities to tie into reality: Tezos accounts can be selectively augmented with real-world credentials while preserving privacy, asset structuring time can be reduced from months to days, and transactions can generate credentials spawning off-chain interactions.

Historically, decentralized identifiers (DIDs) have relied on public blockchains to produce DID methods that are censorship-resistant, free of gatekeepers, and globally unique and consistent. However, we believe that decentralized identifiers and verifiable credentials (VCs) are key to unlocking the true economic value of smart contracts by bridging on-chain accounts to real-world entities, assets, relationships, and regulators. They allow transactions to break out of the blockchain sandbox and directly impact or become impacted by real-world systems while remaining peer-to-peer.

For example, the EU-based eIDAS Observatory is discussing the use of blockchain-based DIDs within the eIDAS trust framework to take legally binding and non-repudiable actions tied to registered entities. The Verifiable Organizations Network has been adopted at the Government of British Columbia in Canada as the OrgBook to provide authentic and authoritative DID-based business identifiers and credentials. The Global Legal Entity Identifier Foundation, established by recommendations from the G20 to prevent another financial crisis, is using verifiable credentials to establish trust and authenticity for business entities globally.

We believe that building the standard way to interact with verifiable credentials and decentralized identifiers on Tezos will allow its smart contract ecosystem to fully leverage all such network effects regardless from which blockchain or network DIDs and VCs originate. This would supercharge smart contracts by building a reliable clutch to off-chain actors, assets, and legal frameworks.

Additionally, this allows identity to become a gateway to the Tezos ecosystem. A new user can be introduced and integrated into the Tezos ecosystem simply by receiving credentials and wanting to use a credential-enabled service. A DID Method alone does not necessarily add value to a network — there needs to be usage.

We look forward to continued engagement with the Tezos ecosystem as we work to make decentralized identity on Tezos a reality.


Nothing in this article should be taken as legal or investment advice.

Follow us on Twitter

Follow us on LinkedIn

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store