Understanding DID documents & verifiable credentials inside web3.

Decentralised Identifiers: A Shift in Power

The concept of identity is becoming an increasingly complex issue. Traditional online identifiers, such as email addresses, are often controlled by central entities like Google, Facebook, and Apple. This arrangement gives these organisations an enormous amount of power, including the ability to shut down your identifier or potentially misuse your personal data without your knowledge.  To combat this, Decentralised Identifiers (DIDs) have emerged as a powerful solution that can put control of personal identities back into the hands of the users themselves.

Decentralised Identifiers or DIDs, represent a seismic shift in the way we understand online identity. Unlike traditional identifiers like URLs, which are governed through centralised domain registries, DIDs are built on decentralized technology, liberating them from reliance on a central authority for their existence or verification.

With DIDs, you are not just the "owner" of your identifier; you are the "controller". This means you cannot be deprived of your identifier, and you have the power to create multiple identifiers if you so desire. This level of control gives you the autonomy to decide who or what you trust, removing the need for a third party to make this decision for you.

Cryptographic Verification: The Bedrock of DIDs

Decentralised Identifiers (DIDs) are a type of identifier that allows the controller to prove control over it without requiring a centralized registration authority. They are created and managed by cryptographic mechanisms, which indeed provide an inherent layer of security.

However, as you correctly pointed out, while a DID is under your control, it doesn't validate the truth of the information that the DID refers to. This means that while a DID can prove that a certain piece of data came from a certain source, it doesn't verify the accuracy of that data. The responsibility of establishing trust, therefore, lies with the user.

It's also worth noting that DIDs are often used in conjunction with Verifiable Credentials (VCs), which can provide additional layers of trust and validation. VCs allow for the verification of claims made by the holder of the DID, which can help to establish trust in the information associated with the DID.

Togggle and DIDs: A Partnership for the Future

At Togggle, we are excited about the potential of DIDs in building a safer, more secure, and decentralized web. By integrating DIDs into our platform, Togggle is setting the stage for users to regain control of their identities while preserving their privacy.

Togggle's decentralized KYC (Know Your Customer) solution leverages the power of DIDs to offer users a secure, privacy-preserving way to verify their identities. With Togggle, you're always in the driver's seat of your identity and personal data. You decide who gets access to your information and when, providing an unmatched level of autonomy and privacy that traditional KYC processes cannot deliver.

Even though DIDs are still in the early stages of development, we're already seeing innovative and promising applications. One such example is a digital credential solution being developed by Evernym for the International Air Transport Association (IATA). This solution uses DIDs to enable airlines, governments, and other organizations to instantly verify travel and health documents in a highly secure and privacy-preserving manner.

This is just the tip of the iceberg. The potential applications for DIDs are vast, encompassing areas as diverse as secure voting systems, confidential healthcare records, and private financial transactions. In each of these cases, DIDs empower the user to remain in control of their identity and data.

Shaping the Future with DIDs and Togggle

As we look to the future, it's clear that DIDs will play a central role in the evolution of the internet. By offering a more secure, decentralized alternative to traditional online identifiers, Decentralized Identifiers (DIDs) are a relatively new concept, part of a broader movement towards a decentralized web. Their creation has been driven by concerns about the centralization of power among tech giants like Facebook, Google, and Apple. In a centralized model, individuals lack control over their personal data and identity. DIDs promise to give control back to the users by offering a decentralized, verifiable digital identity system.

Think about how crucial your Google, Facebook, or Apple login is to everything you do on the web. However, in the current system, these platforms have control over your identity. For instance, Google or Apple could shut down your email address, which is generally used as your login. Facebook can de-platform you if you're deemed to have violated its rules. Furthermore, governments can potentially subpoena your data on these platforms without your knowledge.

DIDs come in to solve this problem. They represent a specification from the World Wide Web Consortium (W3C) that could soon become a web standard, enabling users to choose a decentralized identity. The specification for DIDs was released as a draft recommendation at the end of June 2021. A DID is "a new type of identifier that enables verifiable, decentralized digital identity." A DID can refer to any subject, from a person to an organization, or practically anything "determined by the controller of the DID".

DIDs vs URLs

At first glance, DIDs may seem like URLs (Uniform Resource Locators), which are commonly known as web addresses. However, while both serve as identifiers, DIDs differ in their underlying technology. Unlike URLs, which are managed through centralized domain registries, DIDs are based on decentralized technology.

The concept of "control" is essential in understanding DIDs.

The DID working group shifted from the idea of "owning" an identity to "controlling" it. According to Daniel Burnett, the co-chair of the DID working group, the need for an identifier, especially a subject identifier that one could control, was a primary driver for him. In this framework, no one can take away your identifier, and you can create as many of them as you want.

Both Burnett and his co-chair, Brent Zundel, have a background in blockchain technology. Despite the association with blockchain and its cryptographic verification capabilities, the draft specification of DIDs is a bit more ambiguous. DIDs are defined as "globally unique persistent identifiers that do not require a centralized registration authority and are often generated and/or registered cryptographically".

Regardless of how a DID is verified, it is entirely under your control. However, this doesn't guarantee that the information the DID refers to is necessarily accurate. This was a deliberate design choice in the DID system; you alone get to decide whom or what you trust. There is no third-party authority to make that decision for you.

Though DIDs are in their early stages (the specification is still a draft recommendation), there are some exciting use cases already. For instance, Zundel talked about a travel pass being developed by his company Evernym for the International Air Transport Association (IATA). This travel pass is a digital credential solution that enables airlines, governments, and other organizations to instantly verify travel and health documents, such as COVID-19 test results, in a secure and privacy-preserving manner.

While DIDs represent a significant stride towards a decentralized web, they also pose new challenges and questions.

For instance, how do we prevent malicious actors from misusing the system? How will the DID ecosystem manage conflicts and disputes? What will be the legal implications of DIDs?