Sovrin

Sovrin aims to offer a digital identity solution via publicly visible keys on a blockchain facilitating verification of interactions leveraging permissioned data stewards administered by a non-profit and a token economics incentivising credential issuance, verification and a consensual market for identity data.

Overview

Background

Sovrin aims to provide digital identity tools that could have fundamental implications for the business models of cybersecurity, RegTech, data integration, and identity and access management industries. A digital identity solution akin to Sovrin’s will enable users to choose which elements of their identifying information are made public, in addition to improving user experience.

Two recent developments help motivate and position Sovrin, namely the standardization of digital signature formats by W3C and the recently proved ability to register and verify public keys decentrally. Blockchains enable decentralised registration and verification of public keys associated to digital signatures, this is the concept of a Distributed Identifier (DID), another standard being driven by the W3C. Sovrin believes that these developments together will enable a publicly available self-sovereign identity system, enhancing confidence in identity records and finally establishing a secure, private and functional means of determining identity online. The open-source Sovrin network was launched in July 2017 and operates with publicly available access and permissioned validation. The Sovrin network was originally developed by Evernym before the code base was donated to the Linux Foundation to become the Hyperledger Indy Project.

Protocol Details

An individual’s identity on Sovrin includes Sovrin identifiers, claims, disclosures and proofs. The Sovrin Identity Network (SIDN) consists of nodes run by ‘stewards’ approved by the Sovrin Foundation. Sovrin verifies IDs via a standardised digital format which reduces variance relative to a variety of ID formats being assessed. Sovrin issue a unique identifier for each of a user’s relationships with various institutions and businesses, preserving privacy by mitigating the risk of service providers accruing significant data on a user in the event of their sharing one (conventional) identifier that can be correlated across uses. Publicly verifiable claims made about oneself or by others about the person in question (such as age/gender and a driver’s license, respectively) are digitally signed such that the issuer is discernable to concerned parties. Selective disclosures can be made against a claim, across multiple sources, through zero-knowledge proofs and the user’s possession of a master secret (a key). Again, these identifiers are not correlatable, so one issuing agency does not hold information from the disclosure proof that could be used to look up the individual to whom they refer in another issuing bodies systems. Accountability in a consent based identity data market will be facilitated by consent receipts stored on Sovrin, which specify the terms under which a business can use someones data.

Asset and Token Economy Details

The Sovrin token will be used to transfer value whenever verifiable claims are exchanged on the network; such as transfer of one’s accrued credentials on the network to another verifier. The Sovrin token will allow issuers of varying forms of credentials to offer services to verifiers and owners; for instance one’s mobile phone carrier could offer a credential around a users location, with their consent. Sovrin hopes to benefit from a long-tail of verifiable claims that, due to an insufficient gain in confidence given the difficulty of verifying many claims, are not presently economically viable. Sovrin also envision a change in attitude towards identity claims whereby they become viewed as risks that one should insure against, with the Sovrin token being the natural medium of exchange for such transactions. More immediately, Sovrin intends to facilitate the emergence of a market for explicitly permissioned identity information where owners can delegate specifically which items of their information they wish to make available, it is envisioned that certain items of private information might be quite valuable to the appropriate verifier and Sovrin will allow users to decide for themselves to exchange it. The Sovrin token distribution event is expected to happen in mid to late 2018.