Steve Magennis
Founder, Polywug
I am Groot
And other perspectives on Self-Sovereign Identity
May 6, 2019
Self-Sovereign Identity (SSI) has been gaining attention for use cases as diverse as refugee services to autonomous vehicles. It is a powerful new tool that encourages honesty-at-scale by significantly limiting the ability to benefit from certain types of fraudulent or repressive activity. This not only can make existing business functions operate more effectively, but allows for the evolution of modern consortium business models. To get the most out of SSI though, it is important to clearly understand what it is and when to use it.
With a nod to the Guardians of the Galaxy franchise and in hopes of not receiving a cease and desist letter from Marvel’s lawyers (though that would be pretty cool too), I offer up Groot, a wonderful archetype for Self-Sovereign Identity. In many ways our lignin-based friend represents the problems, opportunities and new ways of thinking about meaningful digital identity.
Both Descartes and Groot share the notion that somewhere deep within our biology is the ability to fully recognize our self. The notion of self is unwavering and does not depend upon a third party to offer or withhold validation. “I am Groot” stands on its own, though only from the perspective of Groot. Sharing what we know about ourselves with others is where things get complicated. Along with having a self, we also come hardwired with a self-interest, thereby casting situational degrees of doubt upon the accuracy and completeness of any claim we make to others.
Reputation is one way we encourage others to trust what we say. We can build our reputation through direct interactions with other people. This allows one person at a time to decide for themselves if they trust or distrust us based on their direct experience. To demonstrate our reputation to people who don’t have direct experience with us, we incorporate credentials or statements from others to attest to our accomplishments and sing our praises. The worth afforded to these attestations in turn is based upon the reputation of the voucher. This is central because it means the value of any SSI ecosystem will be determined by the amount of trust afforded the participants that are in a position to make claims about others. Fortunately, there are a lot of businesses, organizations and individuals out there that work hard to maintain strong and credible reputations.
SSI shines by making it easy for a person to present a truthful claim about themselves to a third-party. Even if the third-party has had no prior relationship with the person making the claim, the third-party can immediately trust the authenticity of what is presented to them and simultaneously evaluate the reputation of the source of the claim.
Using a Groot-centric example, we imagine Groot approaching a bouncer at a 21 and over club. Groot nods to his companion, who appears to be a racoon (or maybe a rabbit) wearing a leather vest. The friend casually states that he has known Groot all his life and that indeed he is over 21. The friend of course has no credibility with the bouncer even if the statement is completely correct. Undaunted, Groot hands over a pilot’s license and presents that as proof of age. The bouncer recognizes the Nova Corps issued license and immediately accepts it as a credible source of information, but sees something hinky about the photo lamination on the card. In this case the bouncer accepts the validity of the credential, but rejects the document itself as being potentially altered. Our now-suspect, though still persistent, Groot tries one more time to enter the club by presenting a newly issued Xandarian passport to the bouncer. The bouncer examines the physical document, the photo, the text and especially the date of grafting. Everything looks consistent and legitimate and so the bouncer lets Groot in.
In the end it was the combination of trust in the reputation of the government to issue a truthful document and the conclusion that the document was not altered that finally got Groot in the door. All other attempts at entry failed.
Another perspective I want to offer, at the risk of going out on a limb, is that Groot travels a lot. By moving around, Groot is subject to both friendly and not-so-friendly governments, legal systems and enforcement ecosystems. This has two major implications related to SSI. First is that the credentials and attestations travel with the individual. While third parties create credentials and thereby pass through their reputation to the holder, the credentials remain under the control and possession of individual they were issued to. Both the existence and authenticity of a credential are not subject to dispute and the issuance cannot be usurped by anyone else (though they can be revoked or expire). This is very different from a centralized authority model where the credential issuer is always the authority and retains ultimate control over the communications. The second implication is a little less obvious. Even though the credentials themselves cannot be disputed, they can be devalued by a recipient. In other words, there is nothing preventing the recipient of a credential from effectively saying “I don’t care about this credential, it means nothing to me.” The point here is that along with trusted participants, a good SSI ecosystem thrives when players participate in good faith or at least participate within a social construct that values and enforces integrity and consistency.
SSI designs use a ‘trustless’ model of interaction. Trustless in the sense that two parties can confidently accept information from one another even if the parties have never interacted before and have never built trust between themselves. Good SSI builds upon social systems that generally operate in good faith by adding a layer that elevates trust between parties, creates the potential for trust relationships to extend beyond the limits of centralized authority models and creates a highly efficient mechanism for validating trust at scale. When you stop to think about all of the decisions each of us makes every day that involve evaluating the level of trust we have in someone or some entity we have never directly interacted with, the ability to reduce distrust at scale is a game changer.
…now off to save the universe!