Background - Adding Trust to the Internet
To see and hear about what we are building, watch this webinar by John Jordan of the BC Government about TheOrgBook and Verifiable Organizations Network.
Putting Internet users - and organizations - in control of their own online Identity has been a growing need since the start of the Internet. With the creation of massive centralized stores of private data (e.g. Equifax, Google, Facebook, etc.), has grown the ability for holders of that data to use (and misuse) that data in ways that are not always in the best interest of the data owner - You. Compounding that problem has been the corresponding rise in cyber-hacks that expose user’s personal data held in those centralized stores. The result of all this data about you being “in the wild” is that it’s very difficult for you to prove “you are you” online because it’s too easy for someone else to pretend to be you.
This has created an urgency to change how our data - data we (should) own - is handled. Self-Sovereign Identity (SSI) is a promising approach to decentralize the handling of personal data that gives the control of that data back to us, where it belongs. SSI enables a higher level of trust on the Internet by providing mechanisms that enable verifiable identification of parties to a transaction, reducing the need for high-cost, in person mechanisms to establish trust. With SSI, people can’t pretend to be you simply be showing that know things about you.
The Verifiable Organization Network (VON) project is particularly interested in the trust attribute of the SSI approach. We aim to create a trusted digital network of verifiable data about organizations which is globally connected, interoperable, secure, and easy to join. We believe the novel capabilities of distributed ledger based Self-Sovereign Identity ecosystems to provide increased levels of trust for online transactions will foster economic activity for BC companies locally and across the globe.
Our first step - Creating a Network Effect
We recognize there is an immediate problem in creating VON - a network of Verifiable Credential Issuers/Verifiers and Holders - organizations. The chicken-and-egg challenge is there is a lack of Services (for example, government organizations) that issue Verifiable Credentials about organizations, and a lack of organizations who have the ability to hold Verifiable Credentials about themselves. To bootstrap VON we are using strategies suggested in this excellent presentation by the venture capital firm Andreessen Horowitz on building network effects. A network effect is needed when a product or service becomes more valuable to its users only when there enough people they know using it. This effect has been observed in any successful communications network from the telephones to Facebook.
The particular strategy we are putting into action is similar to the one which was deployed by Facebook. TheFaceBook at Harvard used a very clever network effect to bootstrap the new world of Social Networks. Mark Zuckerberg pre-loaded TheFacebook with accounts that provided a core of users with one common attribute (they went to Harvard). This one steps triggered a network effect, magnifying the subsequent actions of users and resulting in the ever-faster growth of TheFaceBook’s, and ultimately, Facebook’s, social network. Without seeding the network, that growth may not have come.
We’re trying to use VON’s “TheOrgBook” to generate that same network effect for building organizational Self-Sovereign Identities and the use of Verifiable Credentials.
Triggering Network Effects for the VON
The challenge in creating an Organizational SSI network is:
- Supply: Services don’t support Verifiable Credentials because there are no Organizations with their own SSI Digital Agents.
- Demand: Organizations don’t have a need for their own SSI Digital Agents because there are no Services that support Verifiable Credentials.
The BC Government can’t directly influence the demand side. However, as a major supplier of Services (registrations, licenses, permits, etc.) to organizations, BC can enhance Government Services to drive the supply side. TheOrgBook gives Government Services a place to issue Verifiable Credentials and from which to receive proofs of Verifiable Claims - without needing Organizations to have their own Agents.
Here’s a simple picture of the system:
- The desks represent Government Services that Organizations use to register their business and apply for permits and licenses
- TheOrgBook is a repository of the public Credentials generated by those Services
- Credentials are equivalent to the “Permit to Operate” documents posted on businesses’ walls
- TheOrgBook’s repository of Credentials is web-searchable, listing organizations, Credentials and Credential details (claims)
- The Identity Registry Network underlies the system to infuse trust
- a decentralized Self-Sovereign Identity network based on distributed ledger technology
As an Organization goes through online processes to acquire Registrations/Licenses/Permits, the Services get proofs (and their associated data) from Verifiable Credentials already stored in TheOrgBook. Once the Service completes the approval process and decides to issue a Registration/Licence/Permit, they can issue the Verifiable Credential digitally to TheOrgBook about the Organization.
- This saves the users from having to re-type the information for each Service (and eliminates typos in the data)
- Each Service can trust the information because it comes from a trusted source - cryptographically proving:
- The information was issued by the Issuer
- The information was issued to TheOrgBook (was not forged)
- The information has not been tampered with
- The information has not been revoked
Want to know more?
A detailed document about our first demonstration project can be found here.
Want to help?
Fork the code, get in touch and let’s build this together.