“As established before, at the core of VETRI lies the self-sovereign digital identity component.”
As we embark on the journey of making VETRI a reality, we are excited by the technical challenges which stand before us. In this blogpost we will provide an update on our progress on the technical front. The first steps in this journey involved designing the architecture for the identity component and the marketplace. Upon finalizing that, our efforts are now focused on establishing the technology stack, growing our technology and integrating design and branding concerns into the development roadmap.
As established before, at the core of VETRI lies the self-sovereign digital identity component.
Today users’ identities are concentrated in centralized databases of big tech enterprises, data brokers, financial institutions and governments among others. Over the past decade, these digital identities permitted the proliferation of digital services delivering massive gains in convenience and efficiency across the economy. Unfortunately, security and user privacy often took a backseat, leaving us with the many high-profile data breaches that we read about today.
Beyond creating a honeypot for attackers, the centralized identity systems of today also allow users limited control over the personal data that is collected, stored and shared. In the wake of the upcoming GDPR regulation, a host of companies have been reaching out to users with updated privacy policies which attempt to reassure users about their control over their digital identities. As we learned from our experience during VETRI’s data experiment however, there are stark discrepancies between the apparent readiness of different companies to adapt to this new regime.
With the new legislations, data consumers face the challenge of accessing and processing user data in a compliant fashion. On the other hand, the laws also present data owners with the opportunity to take back control over their personal data and even derive monetary benefits from it. This raises questions of how to change the current technology and in our view a decentralized blockchain based identity presents the best solution for all stakeholders. These are lofty goals to achieve, but as software engineers our mission is to transform these great promises into code and further into a working solution.
We believe that the decentralized identity of tomorrow is enabled by three technological developments:
While the promise of decentralized identity is undisputable, it is worth noting that the development of these technologies still remain in its rudimentary stages. Various standards are emerging; some are leveraging existing smart-contract platforms like Ethereum and NEO — others are building their own network from the ground up.
One of the key differences between each of these solutions is their approach to the nature of data that they put on the blockchain. While some advocate adding to the blockchain the bare minimum of identity attributes required for a functioning identity ecosystem, others advocate complete transparency by adding every single identity claim to the blockchain. The second approach however presents the risk of partially compromising a user’s anonymity.
In the Ethereum ecosystem, there have been a number of proposals for identity protocols, the most prominent ones being ERC 725, ERC 735 and ERC 780. The ERC 725 and ERC 735 protocols propose that every single claim must be put on the ledger, opening up users to the above-mentioned privacy risks. Sovrin and Uport on the other hand, follow the former approach, limiting storage on the blockchain to the bare minimum. This raises further challenges, since some processes can still disclose information (such as revocation of claims). One can also foresee a future scenario where zero-knowledge transactions can guarantee privacy, even with a model which puts every claim on the blockchain.
Another interesting development is the World Wide Web Consortium’s (W3C) DID (Decentralized Identifiers) standard for self-sovereign identities. It promises interoperability between different blockchain identity systems by providing a standard interface. Support for it is picking up quickly, for example Evernym (the company behind Sovrin) is very actively taking part in the design and bases their identity layer on it , but also big players like Microsoft are starting to adopt it.
At VETRI, after some experiments with ERC725/735 we quickly recognized that existing Ethereum based standards do not provide the level of privacy we would like to achieve. We have adopted elements from each of these protocols and have identified a system which best aligns with VETRI’s goal to hand back control over personal data to the user. As a first step, we will build an identity system based on Ethereum. However, unlike the described standards, we will only use the blockchain for key management, access control, timestamping and revocation. We are now working on building this solution upon our existing government trusted eID+ solution which forms the foundation of the VETRI wallet.
The team is currently working on building an MVP version of the VETRI wallet based on react-native. This puts us on course to quickly prototype, following this we will release native applications built with Java and Swift.
With the Ethereum digital identity protocols being among the more mature options, the first part of the VETRI digital identity ecosystem will be built on the Ethereum blockchain. With the emergence of the DID standard, we can expect an explosion in the number of applications built in compliance with this standard. In line with our protocol agnostic approach, we are constantly monitoring developments on several decentralized digital identity protocols which could integrate into the VETRI ecosystem in the future.
To mitigate scaling issues and enable “free” transactions of VETRI tokens, the team is also experimenting with multiple setups. This would most likely be achieved using a Proof of Authority (PoA) based sidechain with a bridge component, that allows secure transfers of VLD between both networks. There already exist example implementations of this, such as the Parity Bridge. We believe this will prove to be a crucial factor which will catalyze user adoption upon the launch of the VETRI marketplace.
We have also set in motion the first steps towards the VETRI marketplace. We are in the process of a detailed market analysis which involves interviewing prospective data consumers and data owners across Europe to develop an understanding of their needs and problems. The findings from this research will be published in our detailed roadmap.
With blockchain applications still in their infancy, VETRI is among the pioneers in architecting the decentralized digital identity landscape of tomorrow. Our vision is to create an open-source project utilizing blockchain as a single source of trust. However, it is also vital that we keep in mind that blockchain is not a silver bullet and its application must be limited to areas where it is relevant. For us this means utilizing a hybrid web application that uses a scalable architecture in combination with state of the art blockchain technology.
As a project which disrupts the status quo in the management of personal data, one of VETRI’s biggest challenges is to allow for a seamless shift in user behavior to enable this change. Blockchain applications are still new to users requiring them to learn and adapt to new concepts. Thus, good user experience is one of the most important aspects of VETRI.
With this in mind, we’ve hired an experienced UX designer to make sure high-quality user experience is embedded into the development process right from the start.
The current area of research involves studying the difference in UX between blockchain apps and regular apps and mitigating the complexity to make the experience smooth for users. We’re happy to share excerpts from our work with you.
Do you believe in blockchain and the future we are building at Procivis? Come work with us. We’re actively looking for talented engineers with a background in technology. Feel free to reach out to us via AngelList or email (email@example.com).