 We're gonna get started about two minutes, folks. I wanna thank everybody who showed up earlier on time. We're gonna get started in about one minute, but thank you for joining us for this introduction to Decentralized Identity Seminar. I am going to post in the chat some relevant links. We are going to record this. It's being recorded right now and we are going to post that to the Hyperledge YouTube and I'll make sure that Morgan Steak, it's a copy of the video as well. And Scott, if you can send me a PDF of your deck, I will share that with Morgan State and put it on the Discord if folks wanna review it after the fact. Absolutely. And if I could ask everybody, if you do have questions, please either put them in the chat and I will go through the questions, but Scott, after he's done with his presentation and we're gonna get started in one more minute, give folks a chance to settle down. All right, everybody, let's kick it off. Thank you everyone for joining us for today's introduction to Decentralized Identity Seminar. As with all Linux Foundation meetings, this is held on the Linux Foundation Antitrust Policy as well as the Hyperledger Code of Conduct and I have links to the Hyperledger Code of Conduct in the chat as well as links to things like Indicio, who's the Hyperledger member who's giving this presentation along with places like the Hyperledger GitHub, the Hyperledger Wiki, and I will let Tanisha kick it off and then I'll introduce you to Hyperledger and then we'll get right to Scott in his presentation. Tanisha. Thank you, Sean. Welcome Hyperledger community and the HBCU Network of the National Fencex Center. I wanna give a special thank you to Sean Bohan, David Boswell by Jones for collaborating with the National Fencex Center on this decentralized identity webinar. Special thank you to the NDCL team for putting this together and presenting for us today. This is gonna be a great webinar for everyone to learn. So thank you again. Awesome, thank you Tanisha. My name is Sean Bohan, I am a community architect at the Hyperledger Foundation. Hyperledger is part of the Linux Foundation. We are an organization and open source, I'm sorry, we're an organization dedicated to enterprise open source blockchain. We host a number of open source blockchain projects like Hyperledger Fabric, Hyperledger Indy, Hyperledger Aries, Indian Aries are very related to identity, also things like Bezu, Hyperledger Sawtooth and a number of other projects. Our work is in the enterprise. Software space, so the kinds of use cases that Hyperledger projects apply to include supply chain and what we're talking about today with identity, enterprise resource management, lots of different use cases that can use blockchain. We do not really deal with NFTs or cryptocurrencies. We're more on the side of projects and programs like central bank backed digital currencies. So that being said, Hyperledger is an organization has a mentorship program. The link is in the chat. I'm gonna repost it in about three or four minutes for those who joined late. Our mentorship program gives folks an opportunity. It's kind of like an internship where the mentee proposes a project and if that project is accepted, they're paired up with a maintainer or a senior contributor of Hyperledger who works with them to bring that project to life. We're pretty excited about it. The application deadline is March 15th, so that link will be in the chat. I would like to introduce Scott Harris from NDCO. NDCO is a member of Hyperledger and they are really awesome members. They do incredible work in the identity space. I've worked with a lot of folks at NDCO even before I worked at Hyperledger. They're an absolutely great team and this is part of a seminar series we're gonna be doing with Morgan State. This week is What is Decentralized Identity? This is an intro to the topic. Next week is going to be same time, same place. The technical underpinnings of Decentralized Identity, not really a hands-on but really talking about the technology itself. And Scott's gonna give his presentation and after that we're gonna do Q&A. So if you do have questions by all means put it in the chat or in the Discord. We've set up a special channel in the Hyperledger Discord just for Morgan State seminars. So folks wanna join our Discord, the link is in chat and they can go there and they can ask questions there as well. And also they can check out the other projects that we have. And with that I'm going to, I stop sharing, Scott's sharing and I'm gonna turn it over to Scott. Welcome and thank you. Thank you, Sean. I appreciate the time and the invitation. Just a quick confirmation that you're seeing the slide on the screen there before I move forward. Looking good. Excellent. My name is Scott Harris. I'm Vice President of Operations at Indicio and I feel a lot of roles as most operations folks do. One of them is some of these educational activities to work with our clients and prospective clients and others in this space to bring a shared understanding to the decentralized identity technology, the business value of decentralized identity and to work out some use cases. So I spent quite a bit of time with our clients along with Sam who you'll hear from next week looking at where this unique technology applies and how it can very quickly bring value to different verticals and different organizations. We have clients everywhere from large enterprise to some very small businesses and so there are ways to apply this in many, many use cases. Today's talk is again about gaining a shared understanding of sort of where we came from and why we're here, why this stuff needs to exist and then a little bit about how we execute this stuff, this decentralized identity magic so that it can bring some business value and then we can drive adoption and we certainly thank Hyperledger for all of their support and everything they've done to enable this because it is a sort of game changer in the way we share data amongst each other and with that off we go. So being that we probably have a very wide audience we'll start very simple here with a slide that indicates the problem as a whole. The internet was created without a way of identifying people on the other end of the line so who's using it and anonymity is a two-sided coin. There are tons of places where you want to be anonymous and you want to protect your privacy and so anonymity maybe is not the right word but privacy protection is the right word and so to be able to enable someone to positively identify themselves and prove who they are while still protecting their privacy is a value prop here and that's what we're after because when we don't understand who's on the other end of the line or what that data is and where it's coming from we have some problems with trust and that's really what decentralized identity is about it's about trust. If you have a LinkedIn account or any other type of social media account I typically ask, well, what did you do to obtain that account and for the most people you just typed in an email address and then they send an email to that email address and really all that proved is that you had control of that email address and from then on you can sort of pretend to be whoever you'd like to be in the world and our CEO, Heather Doll who's also on the hyper leisure board I believe now likes to say there were no fewer than six of her on LinkedIn all using her same profile picture so there's a problem with the ability to identify people on the other end of the line and you've all experienced this in your daily life with 2FA and 3FA and let's text your phone and give you these codes and all these sorts of things and those are all efforts to put trust in any given interaction or any given relationship this technology has the ability to remove the need for all that and put trust back into things but to go even one step further back into our title here decentralized identity we can ask the question what is identity as it relates to this technology typically you would think of identity as this type of thing this stuff on your driver's license, right? And when I asked anyone sort of off the street or in these trainings to define identity these are the typical answers that we get biographic data, demographic data your name, date of birth the things that are on government documents or that sort of thing and that's absolutely and entirely true however and here's the big however identity is more than that when we talk decentralized identity we'll talk often about how we identify individuals how we know who's on the other end of the digital transaction but it's not really about that these are only data points so let's start looking at identity in the driver's license sense as simply a collection of data points that referred to a particular data subject identity can come from anywhere it doesn't have to be a government document so you generate data points by virtue of your existence and your relationship with various entities an employer or your university social media governments anywhere you purchase something from there's a set of data points that is generated as a result of that relationship and various transactions any of those data points can then be valuable to someone down the line or be valuable for you to prove something about yourself maybe not about yourself in the biographic and demographic sense but maybe you want to prove that you actually did purchase an item in order to get a refund or to move forward in some sort of business transaction so identity is a collection of data points and going back to trust we need to be able to trust those data points in order to move someone through a business type workflow so we typically refer to identity not with the lowercase i but a capital i what we sort of call the everything identity and it's in this Venn diagram anything is potentially identity and this is where I'm going to ask everyone to sort of reframe their definition of the word from the things on your driver's license or the things on your passport to any given data point that could be found valuable by someone who would like to receive it and understand that it's true so the takeaway from this presentation one of the many that I'm going to ask you to take away is that identity is everything and this technology is about proving those data points that we refer to as identity so in that sense humans have identity as we've just discussed but so do businesses so do government so do corporate entities enterprises small businesses if you're a small business and operating a gas station you've got a ton of data that you generate by virtue of your operations and all of those data points could be useful to somewhere else and as we go through this think about some use cases where this might be applicable and we have clients that are looking to take agricultural entities and allow them to prove ownership of land and allow them to prove about the volume of crops that they harvest and then sell online in order to get government tax credits all those sorts of things are identity for that entity likewise inanimate objects IoT devices automobiles anything like that can be part of an identity so again and reframing the way we think decentralized identity is not about people entirely that's a large part of the use case that we develop but there are tons and tons of use cases out there that point to other types of identity the larger pieces so we've sort of deconstructed identity as a word in a title and we can deconstruct the centralization here for just a minute decentralization is really about breaking apart some connections that exist right now in the world and I'll talk about that shortly but when things are centralized and very complicated or large systems talk to each other in order to share data we have a lot of risk with that we carry a huge amount of cybersecurity risk when systems have to talk to each other right all of the big breaches and hacks that you've always heard about are rarely a case of someone hacking into the place where they got the data they've hacked into somewhere three or four or five or six degrees downline and eventually got there to get that data likewise when things are centralized and tied together any given entity that goes down or offline takes everything with it maybe your members about a year ago or so that Facebook went offline and then Instagram went offline and anything you logged into with Facebook went offline so all of those things are centralization problems so our goal is to sort of break up those connections and alleviate some of those problems from a personal data point of view centralization has a problem of consent and tracking and compliance and transparency or I guess it's a set of problems right if you have a digital driver's license in the traditional sense and you go to buy an age-restricted item at the grocery store with that driver's license and the grocery store calls back to the DMV to check whether it's real we've got a centralization problem because now the government knows every time you go to buy that age-restricted item so there's a way to solve that and decentralized identity does it but the way we solve that is by trying to create a digital model of the analog world and that's really the goal of the centralized identity so a bit of a history lesson let's go back and look at the analog world 3200 BC give or take to around 1964 and here's here would be one of my quiz questions Sean is what happened on or about 3200 BC and that's the first generally the first record of written things in a clay tablet right so somebody started writing something down and until then we had things that we carried around with us in order to prove things about ourselves and we had all sorts of trust marks in those sorts of things we had notary stamps and seals and registered mail laminations holograms all that sort of stuff and it worked well from a trust point of view because then someone needed something for me they asked for it and I took it out of my pocket and gave it to them and they could look at it and handle it and decide whether it's trustworthy and so we didn't have a ton of problems just a second Scott all right Scott you should be you should be good to go let's see what happens here and you go back to it all right are we back on my slide there we're back in your slide super okay let's see I was talking in trust Kai is requesting remote control of my screen no we're gonna pass on that Kai Kai is again requesting remote control of my screen so so it was very trustworthy someone could handle something and decide whether it's real however really inefficient right every time someone wants something I've got to get it out of my pocket out of my file cabinet and I've got to go hand it over to them drive it into a location something like that it's great for protecting privacy I have complete and clear transparency about what I'm giving and to whom I'm giving it we move a little bit long a little further to 1964 and here's quiz question number two what happened around 1964 give or take that's the incidence or the the date of the first fax being sent and maybe telegraph is a better better way to go but let's say fax and take the root of that word fax similarly and understand that we're not taking something that is real like a passport or birth certificate let's say to to send your employer and you're digitizing it and giving an output on the other end that is a fax similarly it's not the real thing and yet that employer receiving your birth certificate on the other end treats it as if it's real and in 1964 it wasn't that big a deal we could kind of trust that because the technology didn't exist to do any fakery with it maybe you could use white out or an eraser or something like that but it but it didn't happen much however in our hybrid world up to about 2020 a lot of digital tools came along that could that could change those documents and so instead of maybe faxing now we're taking a photo of something or we're sending a PDF of my tax return to the mortgage company and all of those things are prone to fraud and error and when they're prone to fraud they're prone to losses for businesses so we're taking things that are real and pretending that they're real and when we do so we assume a lot of risk and pretending that something is real the decentralized world has the ability to take all three of these factors trust efficiency and privacy and maximize them so we can get maximum trust using some of the hyper ledger tools and services that we have built on top of that we can make things very very efficient and we can make things private and gain consent by decentralizing things so that's our goal here and when we talk about receiving something that is real and or is not real treating it as if it is we begin to trust the data and the reality is most data that businesses and governments and educational entities receive is trustworthy people aren't doing fraud in large percentages however that small percentage of untrustworthy data is very very costly so if you're looking at use cases that we deal with at our company in fentech in travel in healthcare a little bit of fraudulent or error data or untrustworthy data costs a ton of money why does it cost well we have to make a choice as a business when we receive that data of doing one or two things we either dig deep and we analyze it and we decide whether it's real and we build expensive integrations with the DMV to check your driver's license so we we do a lot of work with AI to decide whether documents real and we do liveness check on document PDF photos and all sorts of things it's all very costly right or we say we don't want to spend all of that money on analyzing that stuff we're just going to assume the risk and take the and trust that it is real and when you do that inevitably there are some losses associated with that so when we try to talk about business value and why decentralized identity needs to exist from our customers point of view and from the enterprise world's point of view this is it this is taking data any given data point and removing all of those costs associated with the percentage that it's untrustworthy and in financial services this is numbers in the billions globally annually billions of dollars of risk cost and analysis cost for data and we can remove all of that cost for them and all those losses you have to ask the question when you receive an email or a scan or an upload of some document let's suppose I'm providing a tax return and a W-2 to a mortgage company where I'm applying for a mortgage they've got to do all of that work analysis work or risk assumption work to say how do I know it's real how do I know it hasn't been altered how do I know you didn't give it to your your kid in adobe to go create a fake tax return right and I know we all experienced this in the last few years with COVID tests and COVID results and all that sort of stuff right where people are just creating their own and every time something is created on it's something like that there's a massive cost to individual businesses individual governments and to society as a whole and that's what we're aiming to solve for so let's ask the question what is trust in data trust amounts to two and a half things or three things but first it's about authenticity so for a given data point that's received whether it's in a spreadsheet or on a pdf or anything else can we identify that that data came from the place it claims to have come from so did that COVID test or that COVID vaccination card come from the health department or did it come from Scott's basement health department right that's a very important distinction if you're going to allow somebody into some a venue that has restrictions if you're going to rent someone a car did that driver's license that you've asked them to upload come from the state of Maryland DMV or did it come from Scott's basement driver's license pdf generator these are important points authenticity the second point is data integrity is the data real in other words has it been altered it hasn't been tampered with and we talked about something as we work in the travel industry at DCO something that is a big push from TSA in Homeland Security which is digital drivers license at TSA so if I hand you a driver's license as a TSA agent a regular physical one and it's somewhat delaminated they have some ability to decide whether it might have been altered as they receive it but a photo of a driver's license is a very different thing right it's very easy to alter those things and very hard when you're trying to process things efficiently and at scale like pushing people through TSA checkpoints for any given agent to look at a PDF or look at a JPEG and decide whether it's been altered so we have to have a way to take those digital credentials and make them trustworthy so and this is how we do it we prove their authenticity and we prove their integrity and we do that using the tools with hype that are associated with hyper ledger ND and Aries and Urson and those things that we'll talk about a little bit later the third piece of trust in data is about usefulness so once you receive it you can decide whether or not it's trustworthy but is it actually useful to you once you've proven it's authentic and prove it it has integrity you need to make the business decision of whether or not it's useful so could Starbucks for example issue a digital driver's license sure would you give would you give someone car keys based on that Starbucks driver's license well no because you don't know what they did before they issued it but if the DMV of Maryland gave you a driver's license you've got a pretty good idea as the current agency what the state of Maryland did before they handed that to you they gave you some tests right so usefulness is the other piece of trust and when we talk about usefulness we talk about whether data is trustworthy or untrustworthy and it's actually useful in either case because useful or the decision about trust or lack of trust provides an instant efficiency if it's trusted it provides an instant risk production if the data point is not trusted so so moving backwards for just a second we prove that a given data point is authentic and has integrity and if it has both of those things and is useful we get instant business efficiency no more integrations no more work to check whether it's real no more risk assumption if it comes from an untrusted source we get instant risk reduction because we can kick that data right out of our system and move things along or if you're a mortgage agency and you realize that the W-2 and the tax return didn't come from the employer in the IRS because it's not authentic you can move that person right out of your mortgage system and find some remediation to whatever business process you're trying to move them through but quickly and instantly identifying that is what decentralized identity gives us the ability to do so just a moment here on governance and that's a this is I do an entire hour and a half on governance and I'm going to give you about three-minute summary but governance is about the decision-making for these data points and the trust model involves two halves it involves the cryptographic trust that's the stuff you'll hear about next week and a little bit with me today about how we actually execute the proof of authenticity and the proof of integrity using Hyperledger Indy and the associated tools that we've created on top of it and it's about really just knowing the tech and knowing that it works the way it claims to work right the other piece of governance is philosophical trust the human trust hey I'll give you the keys to the car because your driver's license is from a real state and a real DMV versus Scott's basement DMV that gave you a driver's license okay so those are those are things that are already in place if I walked in with a paper driver's license to to hurt a tremendous car they wouldn't give me the keys and we need to just give Hertz the ability to look at the digital driver's license the digital credential and say awesome this is real and here's the keys to your car off you go which brings us to decision making right this is what we're talking about decision making on data and decentralization gives each participant autonomy and control it doesn't seed control to any central organization we don't have to trust someone to trust someone to trust someone it's about direct relationships peer to peer between entities or between a person and an entity and this is really really key to privacy protection like we talked about in the beginning and data rights and human rights and we live in a country here where where the US is quite a bit behind the rest of the world when it comes to protecting individual data rights and and the way data is used outside of your control if you live in in other parts of the world there are much better protections in place to help you manage your digital life so these centralized identity or the decentralized part of it helps you maintain control of your data and it helps each entity that's either giving you data or taking data from you have a full understanding of what decisions they're making based on it so when we go to some of the business use cases here we can gain efficiency and trust without all of that expense without integrations without centralizations without all of that analysis cost of data and without all the risk cost of just trusting things to be real even though they may or may not be so in the case of something like a digital travel credential which is essentially a credentialized version of a passport using the ledger stuff that I'll talk about shortly we can present that travel credential to a border control agency to cross a border actually before you fly and instead of what we do now taking a photo of your passport giving it to the airline and then giving it to the border control agency and then you still having to stop and take your passport out right because it's all just a jpeg or a pdf now we have a digitized version of this credential that can prove itself to be authentic and prove itself to have integrity and now the border control agency can just let you walk off the plane and walk right down to the beach in the country of course the airlines like that because once we have trust in the system and trust in a credential they can just let you get right on the plane without a boarding pass a bank can say well hey if the border control agency trusts this it's good enough for us to fulfill our KYC and AML requirements for background checks and identification of individuals come up with an account instantly with this travel credential and the car rental agency can say we know you're over 25 so here's the key to your car and the hotel can say I don't need to make a copy of your passport now just share this digital credential and we have instant efficiency so a single trusted credential can provide business value to any number of organizations so as you begin to think about use cases and how we apply this which is really the focus of my job in DCO is applying these use cases we start to see that a single trustworthy digital credential based on decentralized identity can bring instant efficiency and instantly actionable data to all sorts of organizations so how do we do all this stuff well we start to identify first the participants in any given data exchange and we start with something we call the trust triangle or just a simple workflow of issuers so an issuer will take some data points that they have right from that big Venn diagram of data points that I showed you at the beginning and say here's some data that we'd like to like to package up we're going to call it verifiable credential and we're going to give it to you the credential holder or to someone who is a credential holder when it comes time to share that just like in the analog world that I talked about you'll in essence take that digital credential out of your pocket on a wallet type device and share it with someone who wants to receive that we call those folks verifiers because they're going to receive the data and they're going to verify something what are they going to verify the things that I talked about they're going to verify the data's authenticity and they're going to verify the data's integrity and they're going to do that using the ledger and the verifiable data registry we sort of use those words interchangeably but they are rooted in hyperledger indeed so they use the ledger to prove authenticity and integrity the thing about these roles issuers, holders and verifiers while we talk in simple terms often about use cases where let's say a DMV issues a driver's license credential to a holder who then shares it with an airline the roles are not mutually exclusive so we've created many many use cases where an issuer will then consume their own credentials banking and financial services is a great example of this where a bank may issue an account holders credential to you and then allow you to present it back to them in order to prove you are to transfer money around or gain access to your account or deposit or withdraw all of which replaces usernames and passwords and all of which when linked to your biometrics in a given wallet or device has a far greater capacity to prove who you are than any 2FA or 3FA or password or text code sort of system that's going on so issuers make consumer credentials and can be verifiers likewise issuers can issue credentials to themselves and have others verify them this is sort of the case of the farms that I talked about the agricultural entities that are issuing themselves their own credentials and then allowing others to verify that that farm data as proof of it being authentic and having integrity if anyone remembers a few years ago a German car maker had an issue with emissions data and fudging that and putting it in a spreadsheet basically instead of taking it straight from the automobiles here's the case where the automobile could be a holder of its own data right so back to what we said identity is everything and then present that credential to the government who's verifying its actual emissions so the rules are not mutually exclusive here but the workflow and the concept is the same throughout so next week Sam Curran our chief architect will talk at length about how we actually make all of this stuff work but I'll give you a quick preview here and we use hyperledger indie and we use something called decentralized identifiers or dids and dids dids are gaining popularity and some culture as you may hear about it in various platforms and it's important to make the distinction about the did and its relationship to this type of use case versus some other that Sean said is not really part of the ecosystem here it's not the NFTs it's not the crypto piece of it this is using a blockchain technology and the decentralized identifiers that are written to a blockchain to build a relationship between two organizations a peer-to-peer decentralized relationship between a person and an issuer or a verifier and a holder the did is basically a blind address on the blockchain and if you manage the cryptography properly and have the private key and the public key you can go down to that did and unlock it if you will and see who controls it and who owns it and therefore understand who's on the other end of a transaction which is the problem we identified at the beginning of this presentation identifying who you're dealing with who's on the other side in addition to writing a did to the blockchain we write a few other things we write something called a schema a schema is just a blank form so if you if you read my slide closely here you'll see that a schema written to a blockchain for let's say a driver's license has the attributes last name first name date of birth etc etc but we are not writing to the blockchain any actual personal information we're just writing a blank form this is a blank driver's license it's a blank passport it's a blank bachelor's degree credential schema it's blank that's the thing I want you to take away we're not writing personal information to any ledger because for the ledger to be useful and functional and gain adoption and be truly decentralized it needs to be readable by any entity that wants to read it so we can't write things there we can't write your personal information there we don't want to we shouldn't but we have to have some context and understanding of where your data point comes from so here's the schema thing think about the wallet that you carry around every day or your purse or your collection of things credentials physical credentials the likelihood is that all of them have your name on them and if I'm going to share my name in this decentralized identity way using the ledger and the verifiable credentials it's important that the person receiving my name verifying my name understands the context of my name in other words if I'm going to rent a car they need to know that my name came from a driver's license and not from my Starbucks card or not from my ID at work or not from my debit card at the bank right so schemas are a list or blank form but it provides context for the person receiving it we also write something called definitions and that's maybe the most complicated thing to understand and all of this so I'm not going to spend a lot of time on it but the definition is basically a restriction on the type of data that various entities might be able to access and this helps aid in some of the privacy protections and autonomy and control that we want to create with this sort of technology and lastly and certainly not least to lead into Sam's talk about hyper ledger Andy the ledger that underpins all of this and really makes it all work the ledger that allows us to prove authenticity and help prove integrity of the data is based on hyper ledger Andy and so we build a network there are a number of them out there and DCO has four of them now for various uses with some nodes and node operators and we have node operators I think on every continent except Antarctica to help support this geographically to of course alleviate latency and other things that may be an issue the nodes create the network and help support the ledger on top of the ledger we build some agents and these agents are another point of confusion sometimes in vocabulary but agents are simply software programs that help do things for people every app on your phone is an agent of sorts that allows you to interact with some back-end system so we have decentralized identity agents that talk to the ledger and help manage all of this stuff all of the writing to the ledger all of the reading from the ledger on top of those agents or along with them boy and my apologize there we go on top of the the ledger and the agents are some interfaces so we can build a web interface things can be hosted in the cloud and allow everybody to sort of communicate efficiently we have something called the mediator that Sam will talk about next week the important part here is just to see the big picture architecture and when we build all of that we arrive at this endpoint where everything is decentralized and no personal information is written to a ledger but we now have the capability providing the business value and the individual value for people of proving things about themselves about proving any given data points authenticity proving any data points integrity and making systems very, very efficient by providing instantly actionable data and all of this is done with hyper ledger's help and hyper ledger's code bases and we use Ursa as the cryptography library we use Indy and it's associated plugins to manage the ledger piece of it and then we use hyper ledger areas as a basis to interact with the ledger and the cryptography and providing an interface on the mobile side and a web type interface or various tools that build the agents that talk to all of us and so that's where I'm going to leave off and that's my end point here next is a technical overview of decentralized identity where Sam Curran will come in and talk to you about all of the technical questions that you may have about how we make this work and all of those are incredibly interesting but hopefully today's session has helped you gain understanding of why we have these things in the first place and where they bring value and how hyper ledger and the various companies that use it are using it to gain business value and from there I'll turn it back over to you Sean and thank you for your time today thanks everyone Scott thank you so much for that we've got about 19 minutes left we do have questions starting in the chat so I'm going to read them out Ahad wants to know who's maintaining the hyper ledger Indie network is it live can we create our own Indie network and I'll answer that question yes Ahad Indisu is running four of their own networks there's an organization called the sovereign foundation which is running three or four Indie networks in different stages but hyper ledger Indie is open source software anyone can take it and innovate with it on whatever their use case might be someone might use Indie to build a network for all of the businesses in a state so that there is a business registry for a state someone else could use Indie to build a network for concert tickets and and you know you get a credential which lets you access a concert but it's open source software anyone can build and run with it AP you asked can we see a simple live demo we do not have a did demo today we may have one next week with Sam Stephanie this is a question for Scott if no PII is written to the ledger where is the PII stored that that's an excellent question so let me try to go up to a little slide here so the PII is stored in three places initially it's stored with the issuer of a verifiable credential so ostensibly that issuer would have a right or a need for that data in their systems and and for simplicity's sake we'll talk to our driver's license right so you've given given that that entity a bunch of your data so it lives with them in their database and they do the things that they do with it and then when they create an issue the credential and package it up they build I should let me let me backtrack on this the digital communication channel that happens between issuer and holder and then holder and verifier is a peer-to-peer one and it's an encrypted channel that allows basically the holder's wallet device to talk directly to the issuer's agent up here they speak directly to each other and so in that encrypted channel the data point the PII moves from the issuer to the holder and it's now held in a digital wallet and that wallet can exist on your phone or it can exist in the cloud where your your biometric device gives access to it but it lives with the holder and then at some point when the holder decides to share that that credential and those PII data points with any given verifier the consent happens and it happens along that same peer-to-peer channel so this is where we sort of bring all the points together of understanding who's on each end of the transaction using dids bringing governance into it to help our visual agents our software tell you who's who that is by tracking their dids and things and and shares it with the verifier so issuer has the data holder has the data the verifier gets the data and then whether they keep it or store it is really up to them and and that's where we have some autonomy and transparency between holder and verifier to say what are you doing with my data once you have it well the the reality is they probably do the same things they they do anyway if you were to send them a pdf or an excel sheet or whatever and retain it to to meet their regulatory demands and their regulatory requirements cool and again if you join next week Sam will give you much more information on the the key management and how how all that happens but hopefully that answers the question it lives at three points awesome Alina asked the question one what is the database against which the identifying documents are checked and what jurisdictions are you currently operating in it can be to your first question what database are they checked against that's maybe just a little bit of I want to use the right word here you're just a little bit often you're thinking about that so they're not exactly checked against the database what you're sort of and forgive my my assumption or inferences here they're checked against the the accuracy or the integrity and the authenticity is checked against the ledger is not checked against the database there is a governance assumption that the database that contains that that data is you know is is real and that's that's really a governance question so it can be any the data can be held in any sort of database in any form anywhere but there's no call back and importantly and maybe I should have hit this a little bit harder the verifier that receives the data never ever talked to the issuer about anything they never go back and ping their database they never go back and check anything they use the ledger piece of it to check whether the credential is true and authentic hopefully that helps what was the second part of the question shown the second part of the questions and Alina's got a follow-up what jurisdictions are you currently operating in by you do we mean in DCO in DCO's customers thank your networks yeah our networks yeah our networks are as they are our our node operators who support the networks are in as they said in every continent except Antarctica so they're in they're in the EU they're in South America the Caribbean Australia throughout Asia so we're everywhere and of course the US and Canada Alina's got a follow-up because I still don't understand where the personal information sits at the issuer the person of the verifier all three so your data remains with everyone where you've submitted it to but it's not on the blockchain ledger I think there's a little bit of clarification that's needed there yeah that that's exactly right so if you think of decentralized identity as a model a digital model of the analog world if you go back to your physical driver's license the DMV has your data and they have a not only a right to your data they have a regulatory need to retain your data or let's let's talk about a bank perhaps right they have a regulatory requirement to retain your personal information as part of their KYC and AML processes so it has to live there it has to stay at the issuer but if the bank gives you a verifiable credential says hey I own an account here they're going to pass some of that personal information to you your account number and things like that and you're going to hold it in your digital wallet and then if you're going to let's say share that with another bank to open another account so that bank B doesn't have to go through all those KYC processes they're going to retain that data as well because they have a regulatory requirement to do so so part of the work that we do or I do and Sam does with our clients and customers is asking those exact questions the data has to be at the issuer's side because a credential has to be created in the first place it has to be with the holder because they're the ones who have the autonomy and decentralized control to obtain consent and transparency whether the verifier retains it is up to the regulatory environment that they exist in do they have to retain it do they want to retain it is data a liability or an asset for them so that's the long-winded answer to that somewhat simple question no that's awesome and I've used Alina the example in the past of renting an apartment landlord wants to see proof that you have a bank account or proof that you are a customer of like a utility company but you don't want to necessarily give them your bank statement you could give them a verifiable credential from the bank saying you've got an account there you've been a customer for X number of years and you have a balance over X and that's more than enough if the landlord trusts that bank that they don't need to see a copy of your bank statement and do who knows what with it jumping on to the next couple of questions Bert asked well David Stark asked why hyperledger indie versus fabric I will jump on that question David thank you indie is purpose built for identity I don't think a normal person would try to use indie to do a supply chain application whereas hyperledger fabric is has a lot of different utility fabric could be used for supply chain there has been there've been a couple of POCs in the past where people used indie as the identity layer on a fabric network fabric already has fabric CA this certificate authority so you would you would use indie if your use case was specific to identity or verifiable credentials and you wanted something that could quickly get you into that space Bert asked what are the benefits of blockchain ledgers versus ledgers using self sovereign identity technologies Bert hyperledger indie areas and Ursa are self sovereign identity technologies they were they were designed for this purpose there are lots of folks doing self sovereign identity and some of them are using other tools we're going to talk a little bit about that next week you know like the decentralized identity foundation has folks using indie has folks using Cosmos folks using Ion and side chains Scott this one's for you is indie the only option for identity what's the difference between each layer that's from Kartik well as you said it's not the only option for identity and we in fact at DCO while we maintain or help administer of course the decentralized indie network and the associated ledgers we have customers that have built use cases and solutions and used our tools on other things on Ion we have one now scoping out an entirely different methodology so maybe that answers this question it can be configured in architected any number of ways and to add to your last answer you know there we have explored and built a number of use cases where fabric or certain supply chain things have a need for an identity layer on top of them and I don't want to overlook that there's an opportunity here to add identity to things that don't currently have it in order to enable some of the privacy protections that you described and you know protecting your privacy with the landlord is one thing but there are businesses that need to protect private and sensitive information and proprietary information and things like that that this gives them the ability to do as well awesome what this is from Adagbenga what are the challenges of decentralized identity applications gaining mass adoption in my mind the primary blocker is well there are two one is simply education and understanding what this is and it's a huge piece of the effort that we we put into our business model at Indicio and I know Hyperledger does as well in engaging with us and others to do these these types of things because our experience has been a few hours of understanding why it needs to exist what it is and then how we do it leads to very quick you know jump in the jump in the water with us and build these use cases so it's just new and that's one of the things and I'm going to retract my statement of two things there's three things the second is governance and governance can be very very complicated and be a block for two adoption and it has been in the past so when we we and others were attempting to use this sort of self sovereign identity technology around COVID solutions there were others that tried to create a governance policy that built into the technology all of the various needs and regulatory requirements of a dozen different countries and many many different health organizations and border control and all sorts of things I won't even get into how deep it went and it never got off the ground because we were trying or I shouldn't say we others were trying to solve for all of that at once and governance can be very very complicated because every every participant has their own needs and their own requirements and it all needs to come together in some software that you know provides that functionality and so our approach to governance is a decentralized one and where we say hey here's party A and here's party B and you want to share data let's work out governance for the two of you and then somebody else is going to come to play and say let's add in my little piece and my little piece and so forth and that's where we've we've driven adoption is is through simplifying governance right and then then the third is really about about the the legacy systems that this supplants and and it's a sunk cost model for a lot of enterprises and governments and the U.S. government is a great one where they've sunk a ton of money into things like IDME and some other more centralized or federated identity providers in order to validate certain things and and we've said well you don't need that you're issuing credentials anyway government just issue them straight to your people and have them present them back in my my you know roles thing. You don't need this intermediary but those intermediaries are pretty well entrenched and interestingly those intermediaries are coming around today idea that they're about to be supplanted and they need to move onto this so it's just just that it's early stage and there's you know entrenched ideas and entrenched technology that needs to be supplanted Samry to ask are the references for abusing Aries Indy as assistant to authenticated transactions done in fabric Scott if you've got any examples or white papers if you want to send them to me I'll put them in the notes afterwards Wilson asked how does this compare to an SSI self-sovereign identity Indian Aries and Ursa are foundational components of one solution to self-sovereign identity there are a lot out there but decentralized identifiers are kind of the root of all that I'll add Sean that that we self-sovereign identity is is sort of a legacy term it's still used clearly but from a from adoption point of view to to go back to adoption it proved to be a blocker for us it proved to be a blocker for a lot because the let's be honest who's buying this stuff and who's paying for its enterprise and and its governments and the idea even though it's the right ethical idea of ceding sovereign control to others is is the proper thing to do let's say it's it's just a word that was a blocker to go well we're a government we're the sovereign entity here not not individuals so so SSI and decentralized identity can be used interchangeably and the goal of this presentation is is actually when I when I do it for others we start with that SSI term and say okay this is this is what we mean by SSI what we really mean is it's decentralized identity and what we really mean by identity is it's just data and what we really mean by decentralized is is autonomy and control at the endpoints so so they are largely one in the same conceptually Ramesh asked how about scalability issues and benchmarking so some of the scalability issues or the major scalability issue centers around the this thing here called a mediator agent and if you look at some of the efforts in decentralized identity a European or the German driver's license is one that did not do well it's focused around a mediator agent Sam will talk about mediators next week but it's essentially a cloud based encrypted escrow for these edge agents that that come and go offline and airplane mode and power off and things like that so being able to scale that mediator to handle a lot of devices and handle a lot of things has been been you know one of the scaling challenges the the thing that's not a challenge is that the there are not a ton of ledger transactions that have to happen in fact they're very very few it's almost blockchain light and in that sense it's very very green and very well I shouldn't say it's not green but it's greener than other blockchains by quite a bit in the sense that when you write a single did to to the ledger and you write a single schema and you write a definition that's all you have to do to issue millions of credentials for three maybe four ledger writes and you can issue millions of credentials because you're not writing PII to the ledger for each and every credential you're simply writing a reference to to the things that are on the ledger to prove authenticity and integrity so when it comes to the scalability the ledger itself and hyper ledger Indy is not a blocker at all it's some of the tools built on top of that to facilitate it like these mediator agents that that are not a hyper ledger thing they're they're more of a you know commercial thing absolutely and if you think about it how often do you get a new driver's license versus how many times do you show a driver's license in a week you live in New York City you're showing a driver's license to get into most commercial buildings and you're going to use it when you go to the bank whereas you get a driver's license in the state of New York like once every four or five years AP asked is a hyper ledger Indy did better than a better choice than an Ethereum based did I'm going to jump on that one you as a user AP in the future will have multiple dids in your wallet from multiple different chains and providers and issuers and you're going to have some that are Ethereum based and some are Indy based and some are Cosmos based and they should all be on your terms in your you shouldn't have to have a wallet for each one and that's where the community is going to be even within the context the Piper ledger Indy you have multiple dids you don't really see it but you do you have one you know a unique did to transact with each each entity that you transact with because that's the did to did period of period did come piece of this right so we want interoperability into everything so I would say one is not better than the other it's what your use case is why would you do something in Ethereum versus Indy depends on what you're trying to build I'm going to see if I can get another question before we go thanks to everyone in the chat who's helping with Alina's question specifically Trevor all right last question this is a good one from Zaki what happens if you lose your digital wallet how would you recover the private keys to create the wallet okay two two quick answers on that that are very simplistic and if you join next week Sam will give you the details detailed answers if you're using what we would call a cloud hosted custodial type wallet where your your device let's say actually just taps into a back end encrypted system then you just get your new device and and and get get into that with with let's say typical means you can authenticate in a number of different ways that's less likely to be the case but going back to to what I said decentralized identity is a digital model of the analog world what happens when you lose your wallet well you go back to the DMV and you show up and you prove who you are and you get your credential and you go back to the bank and you say hey I need a new debit card and all those sorts of things so you really just reauthenticate yourself into a new wallet and go back and get those credentials reissued to you the difference in in this form format versus walking into the DMV and showing all your documents is that you can using the same methods you did before prove yourself or authenticate yourself at a distance and just sit on the various websites and perhaps scanning QR code and to get reissued your credentials depending on the regulatory environment and the workflow that that issuer wanted to create for you so you do the same thing you do as if you lose your physical wallet go back and re-get all your stuff and unfortunately that is the last question we're going to be able to ask Jamie R I just put the link to all of our links in the chat also someone asked a question about hyperledger fabric and cloud this is about indie fabric is still a fantastic project inside of hyperledger there are a ton of people working on it Scott thank you so much for such a great presentation I'd like to also thank all the attendees for joining us I really appreciate it and next Tuesday at 12 noon we are going to have Sam Curran give a technical underpinnings of decentralized identity which is the the second half of this this process and that will be brought to you by Morgan State as well as in DCO and hyperledger and I'd like to thank everyone once again I'm going to post the video to YouTube I want to trim out the the beginning of the end but get that posted and that's it thank you so much everybody have a great have a great day thanks all bye bye