Self-sovereign identity (SSI) is the next big thing in Web3 (You don’t have to take our word for it, see Forbes Web3 predictions for 2024, where 65% of trends revolve around decentralized identity). This ingenious method of issuing, storing, and verifying data is underpinned by innovative technology.

In the article, we will explore one of the key concepts — the SSI triangle. Let’s dive in!

What is the SSI Triangle?

SSI is all about trust, and the SSI triangle explains who trusts who in this framework. It is a convenient model depicting the core participants of an SSI framework. These participants are:

Issuer: The entity (organization or person) that issues data as verifiable credentials (VCs). This data can include various qualities, affiliations, or achievements of the next participant in the SSI triangle — the Holder.

Holder: The individual who receives data (verifiable credentials) from the issuer or issuers, and stores it in their digital wallet. The holder has complete control over their data and decides what information to share with the next participant in the SSI triangle — the Verifier.

Verifier: The party interested in verifying the data (verifiable credentials) presented by the Holder. A Verifier can be a service provider, employer, or other organization that needs to confirm the Holder’s information.

These three participants, Issuer, Holder, and Verifier, form the three tips of the SSI triangle. Let’s get to know them better.

Issuer

The participant of the SSI triangle (an organization, institution, or even an individual), is responsible for creating and issuing verifiable credentials (VCs) to Holders. These verifiable credentials contain specific information or attributes that the Issuer can vouch for, such as a Holder’s educational qualifications, professional certifications, or membership in an organization.

When an Issuer issues a verifiable credential, it digitally signs it using cryptographic techniques, ensuring its integrity and authenticity. This cryptographic signature serves as proof of the credential’s origin and validity.

One of the key principles of self-sovereign identity is that individuals have full control over their digital identities and associated data. As such, Issuers play a crucial role in empowering individuals to manage and control their digital identities by issuing credentials directly to the individual’s digital wallet, where they can be securely stored and managed.

In summary, the Issuer acts as a trusted authority that provides individuals with verifiable credentials of specific attributes or qualifications. By issuing credentials directly to individuals, the Issuer enables self-sovereign identity and empowers individuals to control and share their data securely and selectively.

Holder

The Holder, an essential participant of the SSI triangle, are individuals or entities who receive and store verifiable credentials (VCs) issued by Issuers. As the custodian of these credentials, the Holder maintains control over their data and decides when and what data to share with Verifiers.

When a Holder receives a verifiable credential from an Issuer, they store it securely in their digital wallet — an application designed to manage digital credentials. Such wallet employs cryptographic techniques to ensure data privacy and security.

Holders decide which credentials they share, with whom, and when. This puts individuals in charge of their digital identities, enabling them to prove specific attributes without relying on centralized authorities.

Holders can share their credentials with Verifiers when accessing services, participating in transactions, or proving their qualifications or affiliations. By selectively disclosing only the necessary information, Holders can minimize the amount of personal data shared while still satisfying the requirements of Verifiers.

The Holder plays a key role in self-sovereign identity by receiving, storing, and selectively sharing verifiable credentials issued by Issuers.

Verifier

The third tip of the SSI triangle is the Verifier. This entity verifies the authenticity and validity of verifiable credentials (VCs) presented by Holders. Verifiers could include service providers, employers, educational institutions, government agencies, or any other organization that requires assurance of an individual’s credentials or attributes.

When a Holder presents verifiable credentials to a Verifier, the Verifier’s role is to assess the credentials’ authenticity to make informed decisions. This assessment typically involves verifying the cryptographic signatures embedded within the credentials to ensure they originate from trusted Issuers and have not been tampered with.

Verifiers may use the information contained in the verifiable credentials to grant access to services, approve transactions, or make informed decisions based on an individual’s qualifications or attributes. By accepting verifiable credentials directly from Holders and verifying them without contacting Issuers, Verifiers benefit from streamlined identity verification processes. This move decentralizes identity verification, relying on secure tech like cryptographic mechanisms and blockchain-based decentralized networks, not middlemen or central databases. Independent credentials’ authenticity verification without the Issuer’s involvement protects the Holder’s privacy. It promotes greater trust, transparency, and efficiency in identity verification, setting data verification within the SSI Triangle apart from traditional methods.

By leveraging cryptographic techniques and decentralized networks to verify Holders’ claims, Verifiers promote trust, transparency, and efficiency in identity verification processes.

A Practical Example

Let’s consider a real-life example involving the interaction between the participants of the SSI Triangle.

Scenario: Job Application Verification

1. Issuer (University):

• Sarah graduates from university with a degree in Computer Science. The university serves as the Issuer in this scenario.
• The university issues Sarah a verifiable credential, digitally signed using cryptographic techniques, certifying her graduation and degree qualification. The credential includes metadata such as the degree program, graduation date, and university accreditation details.

2. Holder (Sarah):

• Sarah receives the verifiable credential from the university and stores it securely in her digital wallet.
• She also receives other credentials, such as certifications and professional memberships, from various Issuers, which she stores alongside her university degree credential in her digital wallet.

3. Verifier (Employer):

• Sarah is applying for a software developer position at a tech company. The tech company serves as the Verifier in this scenario.
• During the job application process, the tech company requests Sarah to provide evidence of her qualifications and experience.
• Sarah shares selected verifiable credentials from her digital wallet with the tech company, including her university degree credentials and relevant certifications.
• The hiring manager at the tech company checks Sarah’s credentials by confirming the cryptographic signatures.
• Upon successful verification, the tech company acknowledges Sarah’s qualifications and continues the job application process.

In this scenario, the Issuer (University) issues a verifiable credential attesting to Sarah’s graduation and degree qualification. Sarah, the Holder, receives and stores the credentials in her digital wallet. When applying for a job, Sarah selectively shares her credentials with the Employer (Verifier), who independently verifies their authenticity and relevance. This process shows how different participants of the SSI Triangle work together to ensure that Sarah’s qualifications are verified while remaining secure, and private.

The Role of Blockchain in the SSI Triangle

The revolutionary aspect of the SSI framework lies in its incorporation of blockchain technology, which ensures that all data remains secure and private throughout the credentials’ issuance, storage, and verification process. Blockchain eliminates the need to rely on centralized data authorities, reducing data breaches or misuse risks and placing users in control of their data.

Within the SSI framework, no private data is stored on the blockchain. Blockchain is used only for storing cryptographic proofs and transaction records. These proofs serve as verifiable evidence that certain credentials or claims have been issued, verified, or revoked. So, while the blockchain ensures the integrity and authenticity of the credentials’ issuance, storage, and verification process, it doesn’t contain the sensitive personal data stored by users (Holders) in their digital wallets. Verifiers, leveraging blockchain-anchored proofs, can confirm a Holder’s claim, without relying on direct access to the credential Issuer, or even accessing personal information.

EVDI: Empeiria’s Infrastructure of Decentralized Trust

Empeiria’s End-to-End Verifiable Data Infrastructure (EVDI) for unmatched data privacy & seamless web3 adoption offers tools for all three key participants of the SSI Triangle.

Issuer: Empeiria‘s’ seamless integration solutions, enable issuers to easily integrate SSI into their current data infrastructure. This integration simplifies credential issuance, making it more efficient and secure.

Holder: Empeiria places Holders in control of their data. Empe Wallet is a convenient and secure place to store verifiable credentials, which can be shared privately and securely with Verifiers.

Verifier: Using Empeiria’s easily deployable tool, verifiers can quickly check the validity of verifiable credentials, without accessing sensitive information or contacting the issuer. This makes verifying information easier and builds trust between verifiers and holders.

Overall, Empeiria’s EVDI provides the participants of the SSI Triangle with tools for credential issuance, storage, sharing, and verification. It streamlines data verification, empowers individuals with greater control over their data, and enables Web3 utility for organizations.

Final Thoughts

The SSI Triangle participants all benefit from participating in the SSI framework and collaborate to maintain trust and data integrity, empowered by the decentralized and immutable character of the blockchain. Thanks to SSI, individuals gain greater control over their data and organizations benefit from streamlined data issuance and verification, reducing costs and mitigating security risks.

Empeiria’s End-to-End Verifiable Data Infrastructure (EVDI) builds on the foundations of SSI to add a trust layer to the internet. By providing seamless integration solutions and easily deployable tools for credential issuance, storage, and verification, it transforms digital interactions with cryptographic truth and decentralized trust.

Follow Empeiria on Twitter/X, or LinkedIn for the latest news & updates. For inquiries or further information, contact Empeiria at [email protected]