Identity

For everyone and everything.

Background

Supporting ...

Identity. It's a universal right.

Recognition of skills gained (skills identity) leads to economic identity.

Economic identity of individuals leads to a better society (collective).

The selfdriven identity framework helps with ...

  • Creating identities for people, organisations and things.
  • Assigning skill attributes as per the selfdriven Universal Skills Set.
  • Sharing and verifing skills; helping with trust between learning partners (people and organisations) that don't know each other i.e. don't have existing established trust.
  • Creating "On-Chain" identity; powered by Cardano.
  • Linking to existing "On-Chain" Decentralised ID (DID) frameworks.
What

We are delivering on the following three key outcomes.

[Update with identity overview and move this to verification section below.]

Identity

What is identity?

selfdriven IDs

The selfdriven SDI identity tokens.

Verification

The process by which a person or organisation ("learning-partner") that can verify the learner experience and assign the skills gained etc.

Issuing

Issuing of identity and verified achievements & skills.

Working With Others

The selfdriven Identity Protocol/Framework works well with others.

Sovereign State Issued Credentials

Working with state/sovereign issued frameworks national credentials etc

Identity

Who or What is It?

Identity is made up of the following core components:
  • Unchangeable Attributes; Date of Birth etc.
  • Changeable Attributes; Skills etc
  • Can be any type of entity; Individuals, Organisations (including DAOs) and Things (Real-World and Digital).

Digital Identity

  • Tokenisation (Representation) of Identity.
  • Attributes are via claims; Digital Verifiable Credentials (VCs)
  • Digital Verifiable Credentials (VCs) are used to share attributes and build trust between entities.

Self-Sovereign Identity
(SSI)

Control over the information (tokens) that represent an identity.

Decentralised Identifiers
(DIDs)

Representation (token) that allows the secure exchange of information between entities.
Based on the WC3 DID Core Specification, DIDs:
  • Are controlled by the entities that hold them.
  • Enable cryptographic authentication of the DID holder.
  • Describe the discovery of information needed to launch secure and privacy-preserving communication methods.
  • Give access to service-independent data portability.

W3C DIDs Core Specification

Enables interoperability and portability, so DIDs and VCs created by different entities (including selfdriven) can be understood by verifiers or storable in a single identity wallet.

Using Existing Trust Frameworks

The use of existing trust frameworks typically provided by state based of governance can be leveraged to build on-chain identity.
e.g. The email address that is issued to students (learners) & teachers (learning partners) by a state education department can be used to establish the identity. i.e. to issue the SDI token and one-time unique code is sent to the email address.

selfdriven IDs

SDI

All information managed by selfdrivenOS (ie via the App) is issued a unique selfdriven ID (SDI) as a UUID.

SDI Types

Type of SDI Type
Identity Trust Starts Here.
4f931792-4a4a-4bf8-a2aa-3af8411babf1
Community Member
Individual i.e. Learners, Learning Partners
ca904a6e-2ed7-4fa6-93c4-fdb8712e0074
Community Organisation
Learning Partner Organisation i.e. "School", "Learning Community"
7994f6d4-0208-4f9c-bb51-46af5dea3a12
Skill
Universal Skill Set
1f59abe4-ad7b-4f0b-9af8-794522e87b85
Skill Source
The source of the skills in the Universal Skill Set
b697bd6e-7780-4a15-92eb-fc44c7068846
Skill Domain
The domain of the skills in the Universal Skill Set
722f771d-ff01-47aa-9c96-1272d49aab5b
Skill Level
The level of the skills in the Universal Skill Set
4b6448c4-b01a-4056-bf65-56ef96a372d9
Skill Capacity
The capacity of the skills in the Universal Skill Set
279b33e3-826c-4eb5-b485-61d20b4ccc7f
Community Resource
A community resource i.e. document
5d1ee227-66d9-4d7b-861e-a731a433f04d
Project Template
A community shared project template i.e. learning template
ca3bd1a8-43f1-4ea4-9556-232996a4b692

Verification

Example Process of Learning Partner Verifing Achievements & Endorsements

Deeper Dive Into Verification & Establishing Trust

Issuing

Identity

After the verification process has been completed, a community member is issued a SDI, which can be minted on "On-Chain" as a digital asset (NFT).
A selfdriven Verification (SDV) token can also be issued to help users (consumers) of the digital assets verify via the SDI that the person making the claim can be verified (i.e. the claim proven).
The SDV can be retrieved via the slfdrvn.io permissioned API or, if stored on-chain by querying the Cardano block chain using the SDV Policy ID - see below for more details..
! Important
Be careful hashing/encrypting any personal data on-chain directly.
Recommend using a DID service provider and then linking to it as "did/wc3" attribute.

Skills

After verification of achievements (based on learning templates) by the trusted learning partner has been completed, they are created as SDA tokens with links to associated skills (SDI tokens).

Verifing the selfdriven Tokens (NFTs) as a Consumer

Example Verification of Skills Using the SDV Token

A person is applying for a course with say a university or position with an organisation that requires the learner has verifiable existing skills.
The person provides their SDI e.g. 9cbdb0a2-45e7-4be3-83d8-c8d0723aea87, and their email address e.g. jane@email.com.
selfdriven has issued a SDV token for the SDI which includes the email attribute that was verified as controlled by the person at the time of issuing - On-Chain Example
Using the well-known selfdriven Policy ID (9a9fc2f60bbfb73eb9bfd71786778f39e400599c8f45ebaee773af20) the organisation queries the Cardano blockchain for the matching SDV based on the provided SDI.
Once the organisation has verified the person still has control of the email address - by say sending them a unique code and asking for them communicate it back to them - they then hash the SDI & email adddress and check that it matches the hash in the SDV token as per below.

Checking the SDV Token Identifier Attribute

Check the SDV metadata for the version
Version type of privacy protection is open, but common options are:
sdvk = SDVk; the verfication key (password) that goes with the SDV verification token and issued to community member when they get their public on-chain SDI. They can then share it with anyone wanting to verify them.
Then using the matching algorithm version; hash or encrypt:
eg
  • sha256; [SDI]-[Attribute]-[Value]
  • sha256-sdvk; [SDI]-[Attribute]-[Value]-[SDVk]
  • aes256; [SDI]-[Attribute]-[Value]
eg for sha256-sdvk:
9cbdb0a2-45e7-4be3-83d8-c8d0723aea87-11942f7e-b6f4-4375-920e-fbe1991951da-9cbdb0a2-45e7-4be3-83d8-c8d0723aea87-email-john@email.com
Which hashes as:
4bd1c5d26d688b0383b0db8fc33cd08209525c7feb3d84f28b7f372310bd7fcf
Then verify that this value equals the one in the SDV token metadata.
And this either proving or disproving that the claim by the person that the SDI is theirs.

SDV Identified Attributes Structure

Version
Can be any algorithm, but typically, including our mixed "sdvk" hashing:
"sha256", "sha512", "sha256-sdvk", "sha512-sdvk", "aes256", "pem"
Category
The Importance Of values as lower kebab case.
eg 'environment', 'social-interaction'
Type
"virtual", "physical"
Context
Can be as required, but typically:
"uri", "communication", "geolocation", "service", "cardano", "avatar", "website", "did"
Attibutes
Can be as required, but typically:
"email", "usi", "mobile", "address", "transaction", "uxto", "url", "name", "w3c", "public-key-rsa-spki", "hash"
On-Chain Example

Working With Others

Identity Tokens, Protocols & Services

The selfdriven Identity Token (SDI) can be linked to other identity tokens (like IAMX, a W3C compliant DID*) using the selfdriven Verification Token (SDV).
* DID; Decentralised Identifier

Services

You can use the following protocols/services as a DID issuers for use with the selfdriven SDV.
e.g. State (Department of Education) issued email address converted to W3C based SDV|did/w3c attribute.

Sovereign State Issued Credentials

National Identity

As per the Working With Other section, selfdriven identity framework can be linked to other identity frameworks - directly or via open standards like the W3C standard.

Credentials & Education Wallets, Passports etc

As state/sovereign based departments of education develop their own educational credentials issuing systems, we will work to support, collaborate and align with them.
A state/sovereign based department of education can of course base their system on the public domain selfdriven protocols & frameworks as part of their identity, metadata, governance, standards & certification based regulatory structure.

Self-Sovereign Identity

Methods

did:selfdriven:
Description
did:selfdriven:
{{Ed25519-public-key|base58}}
Ed25519 public key encoded into Base58
did:selfdriven:anon:
{{Ed25519-public-key|hash-blake2b}}
Ed25519 public key hashed using Blake2b.
did:selfdriven:sdi:
{{SDI}}
The selfdriven SDI assigned to each community member. It uses the common UUID format. e.g. ddea7071-c37b-4c3f-ab69-603870f5c9f6
did:selfdriven:sdip:
{{SDI|hash-sha256}}
The SHA256 hashed selfdriven SDI assigned to each community member.
did:selfdriven:cardano:
{{bip32-address}}
Uses the Cardano key/hash/addressing based on BIP32-Ed25519.
did:dsociety:
Description
did:dsociety:1:0:
{{secp256k1-public-key}}
Uses the dsociety SSI schema based on secp256k1.
did:dsociety:1:1:
{{secp256k1-public-key|hash-sha256}}
Uses the dsociety SSI schema based on secp256k1 and SHA256 hash.
did:dsociety:2:0:
{{ed25519-public-key}}
Uses the dsociety SSI schema based on Ed25519.
did:dsociety:2:1:
{{ed25519-public-key|hash-sha256}}
Uses the dsociety SSI schema based on Ed25519 and SHA256 hash.
did:dsociety:2:2:
{{ed25519-public-key|hash-blake2b}}
Uses the dsociety SSI schema based on Ed25519 and Blake2b hash.

Trust

Establishing trust on-cloud (off-chain) & on-chain. For Everyone and everything.

Open

Governance

How we improve, make decisions & establishing trust.

Open

Tokens

selfdriven "On-Chain" tokens/assets.

Open

Skills

Explore the universal skills set.

Explorer

Help

Talk to us about any help you may need.

Contact Us

Decentralised Identifiers (DIDs)

"URL-based identifiers (URIs) in use on the Web today (2019) require that the identifier be leased from an authority such as a Domain Name Registrar. A Decentralized Identifier (DID) is an identifier that does not need to be leased; its creation and use is possible without a central authority to manage it. The advent of Blockchains and Decentralized Ledger Technologies have led to other innovations that support this new type of decentralized URI. DIDs have various benefits over more traditional URIs." - W3C - More...