Overview
Self-Sovereign Identity (SSI) is a model of digital identity in which individuals or organizations own, control, and present their own credentials without depending on a central identity provider. Instead of logging in through Google or Facebook, users manage cryptographic keys that prove their identity and credentials.
Core Components
- Decentralized Identifiers (DIDs): W3C standard for creating identifiers anchored to a distributed ledger or other decentralized infrastructure
- Verifiable Credentials (VCs): Cryptographically signed assertions (e.g., βthis person is over 18β) issued by trusted authorities, held by the subject, and verifiable by any party
- Digital wallets: User-controlled applications for storing DIDs and VCs
- Trust registries: Distributed lists of trusted credential issuers
Key Properties
- Portability: Credentials work across services without vendor lock-in
- Selective disclosure: Share only the minimum necessary (e.g., βover 18β without revealing birthdate)
- Revocability: Issuers can revoke credentials while users retain the key
- Privacy by design: No correlation across services via shared identifiers
Related
- Decentralized Web β The infrastructure SSI builds on
- Cryptography β The cryptographic primitives enabling SSI
- Governance and Community β Identity as a governance and sovereignty concern