 Hello, everyone, and thank you for coming to my talk today at Open Source Summit North America. My name is Brian Bellendorf. I'm Executive Director of Hyperledger, which is an initiative hosted within the Linux Foundation. Some of you may know more about Hyperledger. I'll do a little bit of kind of about our background, but I really wanted to spend today talking about the application of blockchain technology, really, what we're doing at Hyperledger, to the field of digital identity, and using it as a way to reinvent how digital identity works today on the internet and really the progress that this community has made in moving forward with it. I'll speak for about 30 minutes and then open it up for about 20 minutes of Q&A at the end. I feel free to start asking questions and dropping them into the Q&A box, and I will work through those when I get to the end. Also, we have an Ask the Expert session with Dave Huseby, who is the security maven at Hyperledger, starting immediately after the end of this talk, so at 1.15 p.m. central time, and that's in the Ask the Expert B channel over on Slack. Between this talk and your conversation with Dave, hopefully a lot of your questions will be answered, but this is a really rich space, and I'm really excited to be talking with you about this today. Just a bit of a brief background on Hyperledger. We are an open-source project, again, hosted at the Linux Foundation. We're a global consortium that's been running for about four years now, building underlying technologies for distributed ledgers to support use cases in finance, in supply chains, in all sorts of interesting applications, and in particular in digital technology. Every Hyperledger project actually works the same way as the Linux Foundation projects do, where we bring together some tooling around a common license, a common IP framework, collaboration tools, Jira, chat, GitHub, those sorts of things, but also add to it some process around marketing and getting the word out there about how we're building what we're building, as well as security audits and other best practices for managing open-source communities at scale. There's obviously the real meat of what gets created, comes from the developer community. We're not paying for development directly, it all comes from the people who show up to the project and decide what to build, and it's incredibly rich as an ecosystem because of that. And then at the Linux Foundation, we have a staff assigned to help and grow both the technical side of the community and the commercial side as well. So there's quite a few companies now offering hosted services and shrink wrap product and other types of commercial activities around Hyperledger projects. So it's really an exciting place to be. We are an umbrella project, like many at the Linux Foundation. We are home to a number of different what we call ledgers. These are really like databases, right, but fanned out, distributed over multiple nodes and lots of different models for how to do this. You could think of those ledgers as being as different from each other as say MySQL is from MongoDB. There are a few of these actually very focused on digital identity. And those are where I'll be focusing the time today. Those are Hyperledger, Indy, Aries and Ursa. But if you have an interest in decentralized technologies in trying to bring trust really to this world, and because of the tooling used, not just trust in an individual or an organization or an institution, but actually trust in technology and processes, these are technologies you really want to get to understand and learn about. So feel free to check them out at hyperledger.org. But let me start a bit with backing up and trying to talk just abstractly about what is identity? I mean, that term is such a loaded term, especially in 2020. And I don't mean to define this in a rigorously philosophical way. I'd really like to try to define it in a matter that is applicable to the digital world that we're in today. But first, let's just try to understand how identity works in most cases in the physical world. Identity, I'm thinking of things that you do as the holder of identity documents to prove things about yourself. You're not defined by your driver's license or social security number, but those documents, your driver's license and the social security card and your diploma and other credentials, they form an essential part of who you are and what you can do in this world. And we have, I think, an interest in making sure that the digital world kind of brings along some of the advantages of identity as it works in the physical world, but also trying to do better than that and deal with perhaps some complications that arise from that in the real world. But let's look at this in the real world today. You have issuers of credentials, the state DMV, for example, for your driver's license. You have holders of those credentials, you. You have this driver's license. And then there's a verifier. Like, let's say you go to a bar and you need to prove that you're 21 years of age, you're presenting that credential to a verifier, right? And what's interesting here is the verifier has to have some trust relationship with the issuer. The bar has to have a trust relationship that the Department of Motor Vehicles is not going to issue a credential to me unless I'm actually of the appropriate age, unless it has the date of birth on it and the verifier trusts that the issuer has done that due diligence. But in the real world, the issuer doesn't know where I present those credentials, right? The issuer can't automatically cause that driver's license to disappear out of my wallet and pretend that it never existed, right? Now, I might lose my driver's license by, say, getting too many drunk driving arrests or something like that. But that's not a document that just can be disappeared or forgotten about. And that's really important to how I think digital identity works in the real world. In the digital world, we kind of want it to work the same way. But sadly, right now, your equivalent of your identity documents typically sit on the other end of a name and password at a portal somewhere, right? It's your Google account. It's your Facebook account. It's login with Twitter and share your social graphs from all of these different networks. But those credentials could disappear at any time. They could be edited at any time. And they aren't really portable outside of the ecosystems defined by those companies, right? It's not really possible for me to present my good standing as a member of Twitter for over 10 years in a context outside of that in a way that it doesn't notify Twitter and can't be taken away by Twitter, right? And that knowingness that issuers today have in the digital identity world is actually a big problem from a privacy and surveillance point of view. The fact that Twitter knows everywhere that I log in with Twitter, Facebook knows everywhere, not just that I log in with Facebook, but if I'm logged into Facebook, if I go to a site that has the login with Facebook button, that sends a ping over to Facebook that I've gone and visited CNN or whatever. And this is a big issue for a lot of people out there and one that we should be able to do better on. So in the digital world, how do we get closer to that? Well, let's break this down a little bit further as well into a little bit more detail. There are three different aspects or even dimensions really to identity to consider. There are the relationships, the people you know. You have a relationship with family, with your employer, with friends, with the government, right? That's one dimension of this. There are attributes that are inherent to you or inherent to your experiences, things like where and when you were born, your credit history, your history of having paid things in time or not, your healthcare records, your education. These are certainly not things you want to be public record, right? These are things, in fact, you want to really know who you've shared that data with and things like GDPR and CCPA give us the chance to retract some of that when we feel we have to. But those are attributes of who you are. And then third, we have agents out there who act on our behalf or should act on our behalf, who we trust with aspects of our identity. If you're buying a house, you trust your realtor to share information about you to a prospective seller of the house that you want to buy. Your lawyer acts as an agent for you. And then technologically speaking, even your cloud services, your iPhone app act as an agent for you in many of these engagements around identity in the digital world, for sure. And increasingly in the physical world. Think about when, I don't know if any of you have stored your flight boarding pass in your Apple wallet, but you're starting to cross over between the digital and the real when you do that. And then finally, not to overstate the case that you are your data, you're much more than your data, I promise. But there are things inherent to you that are intrinsic, right? Things like the knowledge you have about who knows what about me. About representation, who represents me. And also finally, this sense of data leakage, who can share what about me. All these are ways of understanding these three dimensions. Apologize for the noise in the background. So as things have evolved digitally, we've really seen three stages of digital identity. The first two of which are very much centralized. One where you have an account, as I mentioned, with a central organization. And there are standards that have been built off of federating that or trying to federate that. And have worked reasonably well for the scalability at least of institutional trust. So things like the TLS standards in HTTP, which have really done a lot to help us build a secure internet, really. Going forward from that, there are architectures for federating that even further and using third parties. And you've seen standards like SAML and OpenID Connect and OAuth2. Which is how we got to the login with Facebook, login with Twitter through an IDP, some sort of identity provider. To a third-party organization. And again, architecturally, the challenge with that solution is just how much that puts power in the hands of the IDPs. To not only issue or revoke those credentials, but also I know everywhere that you've been using those credentials. So the third concept is one where really there is a direct connection between you and the party that you're trying to prove things to. Or perhaps get issued credentials from. And where underneath that is a common distributed ledger, a blockchain, a shared database of any sort. That is neutral, that is independent of the two of you. And that can serve as a backbone much the same way that the internet serves as a backbone for communications. That at this point we simply can take for granted. And again, kind of the actors in this soap opera are issuers, credential holders and verifiers. And you could really take anybody who's active out there in this ecosystem to find them as these parties. They might even be simultaneously somebody could be a credential holder and a verifier. I might hold a house party and only want to allow people in who have been vaccinated for a serious disease, for example. I should be able to verify directly with you rather than being an institution that you have indeed received a vaccine for a certain disease. And so in this identity ecosystem that we're trying to build, we take that very simplified model and extend it one step further to talk about basically these actions and standards in between these different parties. Issuers both issue a credential to the credential holder, but then they also register a proof of that claim and their own integrity and provenance to this common registry. To a blockchain registry, distributed ledger, shared database, that sort of thing. The credential holder then when they present that claim to the verifier, the verifier, it's basically a cryptographically signed document. And they can verify that that ownership came from the credential holder using standard public key cryptography. But then they can also verify the integrity of that claim by validating the signatures and the integrity of that doc if it's actually been registered into this common registry. And it's wildly simplified. There's a lot more cryptographically that lies underneath these concepts. This is really what started to emerge as self sovereign identity or user centric identity. That's where the term SSI really comes from. But underneath what pulls it all together is a standard called the decentralized identifier, which is as fundamental to this new approach to building things as say the URL is to the way that the web took off and grew. And then really also fundamentally common is having a common place where these DIDs exist and are expressed, which is a public blockchain or other decentralized network. And I should add here that in between the issuer and credential holder, you can use your knowledge proofs to help support the idea of selective disclosure between the parties. So that, for example, a driver's license, think about all the biographic data that you have on that driver's license. It's got your birthday, it's got your weight, your eye color, it's got your photo. It has your home address, right? If you're going to a bar and you need to prove that you're over the age of 21, you don't necessarily want all of that information to follow with that and be available to the bar, right? Like the bar owner, if they had a full copy of all that data, you know, that would be a surveillance and privacy kind of disaster, right? So instead, there are ways to use their knowledge proofs and this technology called verifiable credentials that is also emerged out of this ecosystem to present a subset of that data just enough to be able to prove to the bouncer at the door to the bar owner. Yes, I actually am who I am. Here's my face, my eye color, that sort of thing, but without having to share my birth date. In fact, it might even state I'm over the age of 21 without stating the year that I was born. So some really exciting stuff happening in that space. I think it's important to help clarify what self-sovereign identity is not. It's not a replacement for civil registries like birth registries, driver's license authorities, passport offices. This is not about eliminating the need for those kinds of organizations, institutions or functions. This isn't a rip and replace for all existing identity schemes. There are lots of systems today that start centralized that this technology will be able to support those centralized parties becoming issuers of credentials on a decentralized network. So it could be possible that at some future point I'll prove I'm a Twitter user for 10 years in good standing or with this many followers in the form of a verifiable credential that I could use to log into another site without Twitter ever knowing. But with that new site being able to trust that that data is accurate and complete. So that's really cool. It doesn't work for blocking folks either. It's not meant for no fly lists or sanctions lists. This is really about just proving positive things. Although in a distributed ledger that's assumed to be complete, the absence of say, you know, if I show that, hey, I've got a valid driver's license, right? And that's checked in the ledger. By checking in the ledger one also can check to see if there's ever been a recording of a revocation of that license. Say I have been arrested for DUI and lost my driver's license. The DMV can issue a retraction or a, you know, kind of a pull back that license. And that can be seen by the bar owners. They know, OK, I've lost my driver's license. So that system, you know, if you build upon the sense that the blockchain ledger is complete for those purposes, then they can see there has been no revocation. And that that provides an extra layer of trust in the system. It also doesn't mean everybody self attests all the information. This is not just about me claiming who I am and claiming I'm over 21 and I'm actually 19. All of this is about about verifiable data, right? And most importantly, it's not about removing the need for governments, nor is it about expanding the role of governments. I want to be very clear. Right now we tend to overload social security numbers and driver's licenses and other things for the purposes of identity or the purposes of credit checks and those sorts of things. And that's a dangerous trend, right? That's one where we see privacy breaches all the time. We see people's credit history ruined through credit fraud. We can do this better. We sincerely can. And that's not by casting government as the enemy, but by saying, are there ways to reduce the burden on government of the digital systems that we implement? And I think this is this is a big key to that. So, so sovereign ID inside Hyperledger has evolved quite a bit. I originally, so back at the very beginning of Hyperledger, we had one technology framework called fabric. But it was pretty clear that fabric had a certain point of view on how smart contracts should work, how consensus should work. And that was designed for, you know, not so much the set of use cases, but a deployment paradigm that was not necessarily the one answered everything in blockchain and distributed ledger. So we opened the door as an umbrella to other projects. And very quickly, a group stepped in from Evernim, a startup company based out in Utah, that actually some folks who I've known for 15 years in the digital identity space played a role in starting. And Evernim said, do we think there's something really here in this self sovereign identity space? We're going to jump in. They wrote a technology that became Hyperledger Indie. And that is software to run on a node of a distributed digital identity network. That common layer for a blockchain is what's implemented by Indie and actually go into that in a little bit. And that project took off. It became the basis for a network hosted by sovereign, the sovereign foundation. Sovereign is think of them a little bit like ICANN in that they are a governance organization for a decentralized blockchain network. And they, there's a whole kind of story around sovereign and where they are now, but they are still very much alive and serving as a volunteer run platform for verifying digital credentials. And it's a really, it'll be interesting to see where they go. And they've contributed quite a bit as has Evernim to the development of Indie, as have a number of other organizations, including government organizations, which is pretty cool. And then splitting out from Indie are two projects called URSA and ARIES that I'll talk about more in a bit, but URSA is kind of a shared crypto library and ARIES is a collection of software for building peer to peer connections and wallet messaging and key management that is essential to getting this vision to work. So here's more of a structural or architectural kind of diagram for these things. URSA is intended to be kind of like our version of open SSL, right, to be something that other Hyperledger applications plug into and beyond to perform these kind of underlying functions. Hyperledger Indie kind of at the bottom is the the software to run on each node to serve up this network. And then ARIES are those layers that I mentioned built on top. And there's more that we can go into, but I just want to keep things moving a bit briskly. In fact, Indie is really best thought of as the toolkit to build these networks. Sovereign is one kind of those networks. There could be other networks. I know of several that are in development now. And we'll talk about some of the examples at the very end. But Indie is that fundamental software that you need to run to be able to make this whole thing work and be worth doing. Indie is hosted at Hyperledger, of course. It uses Byzantine consensus between those nodes instead of proof of work. There is no token in this network. There's no need for a token, at least fundamentally to make it operate. It is based on the premise of radically trying to reduce the costs of both reads and of writes. Costs should be free. I'm sorry, reads should be absolutely free. It should cost nothing to verify the integrity of a credential I'm presenting. In the same way that reading a domain name into an IP address should be so cheap as to be not even worth metering, not even worth charging for. And writes, arguably, should also be free. Blockchains of all sorts have upper bounds on the number of writes per second that you can support to actually get to global consensus. There's a lot of work going on now to figure out how to continue to reduce the amount of writes that are necessary to support a large number of credentials. Some really exciting stuff happening in that field actually. So the goal as well is to try to bring the cost of writes to zero or as low as possible. But still there's usually some fundamental constraints involved there. So it's all a question of seeing what we can do and how quickly that can be converged. And then finally, Indie is just about the software. It's not about the governance model. It's not about specifying who gets on or not or what the rules are. Again, that's kind of the thing you want to leave to an organization like an ICANN to decide independently for their cohort, for their network of identity providers. In fact, there is a one of the follow ups in the in the as the experts conversation, I'll post a link there to something called the trust over IP foundation, which is really working to build those kinds of governance organizations that will use Hyperledger Indie and areas and other platforms to go and build the complete kind of identity ecosystem out there. So the things you can do with Indie are use it as a way to establish channels between wallets, use it to send and receive messages with high security and privacy. Use it to prove things about yourself to receive and validate proofs and and then create agents that proxy in that into the cloud or to edge devices. It really is about managing your own identity as well, although the presumption is that many people, especially consumers will have custodial agents for their identity information. Likely people like Apple and Google, but hopefully a competitive marketplace of people who can provide those kinds of custodial services for your identity credentials. And so Indie has also a client SDK that makes building these kinds of applications easier. There are several instances out there. I'll go into a bit more depth on the Kiva one, but just in the interest of time, I want to move through the others. I mentioned sovereign has both a live network and a test network up. And then there's one that was put together by the government of British Columbia focused on an application called the org book, which is kind of the organizational equivalent of Facebook. But it's for digital identity for small and mid-sized businesses actually, which is which is pretty interesting to see. Hyperledger areas is much more of a client toolkit designed for building wallets and web interfaces that use and deal with identity information. It is really infrastructure for blockchain rooted peer to peer interactions. And we see lots of wallets today, they're building and using this technology. And then it leverages Ursa, which I'll talk about in just a bit. So there's actually I'll go into more depth on this at the along with Dave at the ask the expert. I just want to kind of keep the pace of this kind of brisk, but you have in areas as well an encrypted messaging system for point to point communication between wallets. Again, just to help with the privacy and the integrity of these of these transactions. A way to try to avoid having to go through a central party for for for any step of verification and even even issuance. And frankly, it's areas is about making digital identity systems more like human identity systems, more like back to that very first set of slides I created. Within Hyperledger, we treat these as three distinct projects and I'll talk about Ursa in a bit. And there's a lot of overlap between the developers on each. They work very tightly together around common standards and the touch points that they all have to each other. There are also working groups that that come into play here. In fact, there's an identity working group at Hyperledger, which covers the field pretty broadly and as it applies to all of our projects. But then looking outside of Hyperledger, what are the standards emerging? What are the big deployments? What are the, you know, position papers people are writing about how identity should work. And then within Hyperledger, we have quite a few special interest groups focused on domains like health care and trade finance and supply chain, social impact, public sector uses. And we see identities seep in to pretty much every one of these use cases. And so there's been a lot of kind of communication between those groups and the technical communities on on what we're building and why they might be a value. Sorry for the repeat. Let me let me just skip ahead finally to talk about Hyperledger. Ursa is a shared cryptographic library that makes it easier to avoid duplicating other cryptographic work and hopefully along the way increasing security in the process. We've put this together to be something accessible to all the different projects at Hyperledger and a place to collect together. The more challenging cryptographic work around especially zero knowledge proofs and other systems. Let me show you how we would do it wrong if we were to do it this way, which is, you know, it's always recommended against to build your own crypto library. There are a lot of people who've gotten in very, very wrong out there. I don't have to cite the examples. It's hard work and it's something that is very hard to do if each project decides to do it on their own. And we're really eager to see communities beyond Hyperledger look at adopting this technology. So it's really to try to fight this kind of monoculture kind of concept and create something in a very developer friendly kind of way, one that makes it hard to use it wrong. That's a tall order, but we're going to do our best just to give you a snapshot of some of the actual interfaces and standards supported. There is a big focus on elliptic curve cryptography on it does cover digital signatures, encryption schemes, key exchange. It is intended to be multi-platform. It is also intended to cover multiple languages, although where new stuff is needing to be written. I think the preference of that community has been to write it in Rust. That does seem to be where the security conscious and performance sensitive interests of our community tend to come together. But we also know that there's a lot of usage of go in the Hyperledger community and publicly and obviously languages like Python and others continue to be important. So definitely would love to see folks join that if they want to learn more. We did also put together some training materials on the Linux foundations segment on edX round Hyperledger in the areas in Ursa just trying to understand that broadly. Enrollment is open and I believe the course has launched. I want to end with some use cases and then I'll dive into questions. I did mention this before, but the government of British Columbia established a network for verifiable credentials for small and mid-sized businesses in the province of British Columbia to be able to use to manage their engagements with government agencies. If any of you have ever started a business, you know that you have dealings with both like local governments like city government, etc. You might have a dealing with a state government and you might have a province government and you might have a dealing with a national government. And if you do business across borders, which increasingly everybody is, you're probably doing that with multiple jurisdictions, right? So, you know, weaving together the official documents you get and the permits you get across all of these organizations is really hard if you're going to wait for all of them to tie their back end systems together to give you one pane of glass, right? That's never going to happen. And so instead, the use of self sovereign identity allows you to say, okay, I will get a business registration from the state of California. I will open my restaurant in San Francisco and so engage with the city of San Francisco. I will pay my federal taxes to the U.S. government. I will get a right to serve alcohol from the county of San Francisco. I will get, you know, like, allows me to serve as the pivot point for all of these engagements and use my business credential issued by the state when I'm applying for, you know, the ability to open a restaurant. You know, the city authorities need to verify the integrity of those state issued credentials, right? So, in the far off future, all of this becomes me serving as that pivot point for proof of identity and everybody verifying the integrity of these documents very cheaply and quickly, right? That's the vision that this group inside the government of British Columbia have been pursuing. And to make things easier, they introduced a degree of centralization, which the long term goal is to kind of tease that apart as well. But it's something called the org book, which is this network of verifiable data around these different organizations using these underlying technologies, indie and verifiable credentials and DIDs to be able to make that the exchange of that information easier to cut down on fraud from counterfeit IDs to make bureaucratic processes much, much quicker, right? To get away from using the fax machine or notaries or other services that today we overly depend upon because we don't know how to trust digital data, right? So, this is a big deal and this is growing quickly and getting a lot of accolades and recognition from other governments who are starting to go, well, maybe we should reform how we deal with digital identity in a similar way. Another example of this is a group called Kiva. Kiva is a for-profit company that was one of the first to really pioneer this concept of microloans, especially international and consumer driven microloans. Find a woman's owned textile factory in Indonesia who is trying to raise $500 and so I can put $50 in and convince nine friends to put $50 more in and we can help them buy the new machine that they need for their factory, right? So, Kiva now operates in many, many countries and they found as they've expanded that they needed to help those countries improve their own ability to manage risk and manage credit bureaus and credit histories so that people who actually do pay their loans back on time are able to get better terms for the next loan that they take out and the next loan they take out. Otherwise, lending rates to account for people who don't pay back because there's no penalty for defaulting, loan rates are like 30% which is just like too high to pay for most startup companies, most businesses to have access to capital. So, they're doing a project with the government of Sierra Leone to implement a digital identity system for Sierra Leone that is based on self-sovereign ID, that is based on these technologies we've talked about, a mix of hyperledger indie and actually a bit of fabric as well. To go and implement for not just credentials for all citizens that could be used for any purpose, financial or health care related, education related, those sorts of things. But specifically to use it to implement a privacy first credit bureau system, one that doesn't work the way it does in the states where three agencies know everything about the payments you make on time but instead where your history is something you own and you can decide to share with a lender or somebody you're applying to for a loan on a very selective basis, but in a way that allows them to make sure that the that record is truthful and that it's complete. I haven't decided to just remove the items that were embarrassing to me that times I didn't pay my bills on time, right? So that's a really interesting development and Kiva is really stepping forward here, but they're working with several agencies in the United Nations, along with obviously the Sierra Leone government to implement this and that approach actually also received certification from ID 2020, which is an organization certifying digital identity projects as being respectful of civil rights and liberties. So some really exciting stuff. There's some other projects out there, something called ID chain coming out of BYU that is getting some traction in the academic world around using these systems to track academic credentials, not just your diploma, but your progress against all sorts of different academic targets. I think of it as your record, but within your control in terms of who that gets shared with in terms of being able to verify the integrity of credentials presented to you if you are hiring, for example, and try to move to just a more privacy first kind of point of view with that. And then finally, I'll mention CU ledger, which is an attempt to somewhat provide the same kind of credit bureau reform in the United States that has been seen by that that the Kiva project is attempting in Sierra Leone and CU ledger is a project of a credit bureau collaborative credit bureaus credit union sorry credit union collaborative credit unions are kind of the the more beneficent and community minded alternatives to many of the standard banks that you see out there. And so it makes sense that they're very focused on working together but also working on behalf and the interest of their customers and giving them some special powers they might not have had before. So that's all super exciting and one hour or 40 minutes or however much you have is way too short to go into the kind of depth that this requires to answer everyone's questions but I'm going to take an attempt to and answer some for the next 10 minutes, and then I'll jump over to slack and join Dave Huesby, who might already even be there on on the ask the experts be channel to answer questions. But I see one question here from Ivan Perez, who asks, does governments do our governments willing to move to this technology as issuers, especially with zero knowledge enabled. It's a really good question governments are used to having a role where they are omniscient about what happens right in the digital systems that they deploy. Some governments are better about this than others. You know, I want to be sensitive and diplomatic here so you know there's some governments who are some countries let me put it this way because it's also about the citizens in those countries. Some citizens and governments who are happy with their governments knowing a lot about about them out of a sense of safety that provides or a sense that sharing that information is better for for harmony or social cohesion and others who don't trust their governments at all and and for good reason right and you know this approach doesn't dictate, you know, one thing or another. It allows people to share information with whoever they'd like to. It allows obviously governments when they issue credentials or, you know, annotate that with additional information. They always can keep that information. What was important though was to come up with an architecture that we believe that started from the premise that the issue of my credentials shouldn't have control over where and how I use those credentials afterward and control, meaning they shouldn't be able to take that away and pretend it never existed. They may be able to issue an update that says that credential that we issued is no longer valid because that diploma that I earned turned out was fraudulent. Turns out I paid off my last couple professors and didn't really earn it right so so that's that's a you have to be able to support that. But then you know if I'm presenting my diploma to somebody they can see both the diploma and the retraction and that's more data. That's better data than if the diploma just disappeared because the academic institution went away or the website went down or they forgot about me right. So governments are starting to warm up to this and governments for the last 10 years have been deploying identity systems that are starting out as centralized perhaps the most successful example of this is in India. Something called the Aadhar, which is a centralized digital identity system for the Indian subcontinent. And it's something that now 1 billion out of the 1.2 billion Indian citizens have an Aadhar ID, I believe it is, but might even be more complete than that. And there's a whole India stack now being built on top of that number. You have to respect the fact that that platform does seem to have brought some social benefits when it comes to making sure people get access to health care and get access to rations when they need it and other other benefits. But but there have also been some clear concerns about civil liberties and privacy even by courts inside of India. So governments are still figuring this out and governments, especially in Europe, especially Canada, especially in other places where there's a strong tradition of privacy as a right baked into their constitutions or laws like GDPR are really eager to understand technology architectures that make that possible because all they've heard so far have been just let leave it up to us will build a big central server out of this. So it's been really great to see experiments like the one I mentioned in Canada and Sierra Leone. There are quite a few developments in Europe, in Finland, in the Netherlands, in Spain that are happening at both national and kind of city levels. But I think in order for this to be interesting, we have to see adoption by the private sector, by nonprofits, by others and make sure government isn't the platform. Government should be a peer, they should be a participant in this just as any government can set up a website now. But fundamentally this network doesn't really need government to operate and it can hopefully take the burden off of government institutions from having to do things they don't really need to do. And still meanwhile leave all of the appropriate kind of functions like issuing driver's licenses and social security cards and that sort of thing and proper regulatory functions to government as well. But this is, and I've seen eyes light up, I haven't seen anybody in government firmly opposed to this kind of approach. It's just sometimes you have to help governments understand that when they've taken a very centralized path, why that might be limiting to their potential future. Sorry, I went off for about 15 minutes on one question, but it's obviously one of my favorite questions in this and it does motivate a lot of why we're involved. And it's really super want to emphasize government has it can be a partner in this and it gives them some real advantages over a centralized approach. I'm looking for other questions that might emerge. I'm looking on the chat here and not sing then. Let's see. I think if we're wrapped up. This is probably a good place to wrap up. So, as I mentioned, Dave Huseby and I will be on Slack on the ask the experts channel be, and I'll jump over there to look at it. Other than that, thank you for coming to the talk and I look forward to engaging all of you on this as time allows. Thank you.