 Agreed. You didn't get the exponential growth until the web browser. This is typically, I guess, the launching of the web. The internet was doing well, but it went to hundreds of millions of people largely because of the web, not just email. Regardless, we need in this space, we need a user interface moment. My fear is we're actually pretty far from it. Yeah, we could be we could be there are so many problems. Anyway, I think we can start. And before we go, we have to talk about two things. One is the antitrust policy of the Linux Foundation, which obviously means that we are not engaged in any collusive activities. The second is that we there is a court of conduct, which means that even when we disagree with people, we are not disagreeable. There are only the only two rules. And if you don't agree with these, you can probably leave the car. That's that's what I'm supposed to say. Anyway, Darrell O'Donnell, the man Jim Sinclair says he agrees to be disagreeable. Well, I don't know about that, but in fact, it's more in the line of a joke than anything else. Darrell O'Donnell, what can I say, he's well known for being in the forefront of the SSI movement, being an early investor in many enterprises that you're familiar with, and also a technologist who has written, you know, that seminal paper on digital wallets after having engaged with the community for a long time. And now, part of the chapters in the SSI book by Drummond is by Darrell. I hope that we can march down the chapters or sections, I should say, and have the people present on the different sections. So hopefully that's what we're going to do in the next few sessions. Without saying anything more, I think Darrell is going to take it away and perfect. I'll share my screen when let me know when you're when you're ready for me to take over there. Yeah, I just want to say that we are recording the session so you know, don't be disagreeable. That's it you're you're on Darrell. Perfect. I'm just, I've got some crazy zoom action going on. Let me know are you seeing open system preferences I've into new laptop. Okay, it's not allowed to see the screen that's why. And I'm praying it doesn't say. Okay, I'll be right back into zoom I just need to quit and reopen zoom not reboot. Be right back. Okay, while Darrell is taking a short break, because of zoom issues which we all understand. I just didn't want. Oh, here he's back. He's back. So I'm going to share my screen here. Okay, perfect. So I've got the this is a deck that I think some of us have already seen on this particular venue. What I've gone through is because I want to say Mike Brown indicates I'm the og of wallets. Mike is one of the supporters of the project. Yeah, I'll save a little tidbit for a little bit later of you know why we created this. This research project that turned into a monster and thus the paper. But this this presentation as you've been is very very much based on one I think I gave similarly last January. So just a little over a year ago. What's interesting is the digital wallet report itself. Let me just actually December 11 2019. So that was about nine months after we released the report. And so it's now been another 1314 months. What's interesting is is to me at least the bigger picture the broad strokes of the wallets haven't changed that much what's really happened is is updates and learnings and some surprises that that I've found along the way. But quickly you know I'm going to go through why we did a study. Talk a little bit about the capabilities and this deck will be available as the recording of the meeting. Talk a bit about the state of where tech is the business and markets and then a couple of these updates throughout the deck you'll see the this particular color font. I've actually got I've modified the slides to raise some attention to things that either have changed been learned been updated been understood more. So I'll just get right into it. So first off why a study this is where Mike Brown is one of the people who we were well first off I don't do reports I can't believe how many I can't believe I wrote. And you're, it's I'm flattered you call it the seminal report it's strange for me to have anyone say that, and you're not the only one it's kind of weird because I really don't do reports. I typically get involved in projects that are executing on a mission critical basis, or are potentially in trouble and struggling. And it really can't tell you how much I hate reports and Mike can tell you how whiny I was about doing it. So why did we do it. This comes into Mike and I, at one point we read down and I I w. And I was just getting annoyed. I got angry. That's why I wrote the report that's why we committed to a bunch of us in Canada committed to throwing resources at this and doing the research and report. Because at that point in time that would have been fall 2018, I guess, every answer to every question every probable how will you do that all the world while it handles that. It's just simply hand waving. And as as a system of systems type of engineer, I couldn't handle it. So this lack of clarity in the digital world what is a wallet what does it do what does it not do was really impacting things. Just a quick sound check. Are you guys hearing me okay. We are hearing you loud and clear. Good because I'm actually in a factory that's producing some surgical masks in front of me and it's actually quite loud I'm really impressed with the audio of of Apple and stuff. So what what Mike and I were talking with some other leaders in the space is that the lack of clarity was creating problems at all levels. Very very small list of startups, Mike is with a relatively large bank in Canada. Everybody was getting this this this all the wallet this nefarious wallet thing is going to solve it. So really to for us as an engineer, Mike is both technical and business oriented and everyone else we were talking to is kind of. You couldn't really point your finger at all the problems we need to solve so we don't we dove in and just wanted to know where to start. What's that bare minimum of what what do we need to know about wallets and where does this go. So what did we do we did a bunch of research the classic I I w internet and the workshop, rebooting Web of Trust got involved with a bunch of different leaders around the globe and wrote two reports and I can't tell you again how much I hate right reports. The public one which is what I'm dealing with mostly here is Creative Commons, it's intended to be used broadly by anybody. It would be good to have attribution but hey, the other side was a private report which was aimed at the main sponsors of the project, which was okay cool here's the big picture. Now, given your particular business context. Here's what makes more sense. I'll be talking about the public side and really you can just imagine any businesses can have a different flavor of different pieces. So if we look at the wall capabilities I'm not going to deal with these too much because they kind of rip through and we've all seen a bunch of these. I will point out a few things that people that are one really concerning backup and recovery is one that was concerning back then remains concerning the concept of vaults was what we the term we were using to over two years ago, which now if you want to deal with Tim Berners Lee, the pod concept diff uses the term hub. How do you support multiple devices these terms have really kind of evolved the term. There was no answer for where do I put my stuff that's in the cloud and keep it safe for me. So we called it a vault and that term has really kind of evolved into multiple spaces hub itself has has spawned into multiple places in multiple different distinct capabilities at diff. Then we got into guardianship delegation which still remains a bugaboo, all of these different things all of these capabilities were dug dealt with in the report. It's one of these reports that another one of the one of the one of the team members of the projects asked, he said, can I just get a summary because it's about 90 pages. I said yeah but that's double because summarizing and removing content was really really hard, but the goal here and what we found and drama and I went through and it unfortunately, unfortunately the wallet report has turned into content in the SSI book that's coming this coming I think the next month. It is a little thin skinnier, but we actually focus really on digital wallet and agents because we kind of separated the terminology a bit. But behind the behind the digital wallets themselves this is where one of the changes is we wanted to make sure that things were understood to be, you know, consent driven, largely speaking, in most of the societies that are dealing with we need to want to make sure that we're supporting consent there are different jurisdictions that you know it'll be you know it's it's my way or the highway and there really won't be any consent, but the goal being that any of this is run by consent is privacy by design security by design and portable and open by default. And there's a new one, which is kind of a refinement of privacy by design I wanted to bring this up this is just a recent clarification from. So a bunch of players again in Canada, more on the government side and john Jordan recently at one of the trust over IP foundation meetings, kind of just casually throughout a few requirements that that I actually I don't normally watch recordings, especially if I've been in the meeting, I went and went through the recording multiple times to capture the following which is this again this is new content. I'm going to talk about the two concepts here in the center here first off that these wallets, the requirements when we talk about proof requesting credentials how do we use them. They must support requesting proofs from parts of one or more credentials. This is a guiding requirement order for you know larger scale adoption to happen single use case you don't need this. But if you take a look at things like good health pass right now. You're talking about a vaccine certification that's tied to a passport that's linked up to a an airplane tickets and has rules that crosses all three of those other credentials that need to be processed in order for you to walk into another country at the border. By definition, you are ideally selecting doing selective disclosure on multiple credentials, or you're at least granting access to full multiple credentials. But what this really falls down to is that only one service this is down the road. We knew in the role wall report referred to the in the long term. This really is an operating system plan the smartphone. It's going to be an apple. It's going to be a Samsung and Samsung and all separate and say Android because they do kind of do their own thing in the wallet space, but really means only one service on the phone can can respond to such a request. You can't have a reuse a realistic use case where I walk up to a customs officer. As I enter a country and say I'll just use me just yeah just keep hitting me and I'll I'll respond you through these various different apps, you can do it. It won't fly. Literally. That's a terrible pun. But so that's one of those conditions. The other one gets into real confidentiality, which is the connections that are formed. These are those pairwise connections we have, whether that's between the issue of the holder, the holder and verifier. Just people must be confidential and the analogy john uses really good. And he said, it's like the fact you don't know that I went to the doctor, unless I tell you. Or perhaps there's a third party needed. And we agree that that third party is needed. In the banking space if I move more than a certain amount of money, you're there is a highly recommended. At least one third party to be involved. Otherwise you are very, very likely going to fall into the grounds of money laundering or suspect suspicious activity reporting. This doesn't make for a good day if you do that. But the requirement being that that there's no third party has awareness of that connection, you don't know I went to the doctor. Unless we agree and agree can mean that there are external requirements that force that upon us, but it's not a baseline capability of the technology to require third party. Similarly, that the contents of those communications are not disclosed. Unless the parties agree. So you don't know what I talked to the doctor about. You don't know what my financial transaction was about. Again, unless we want third parties involved in that. This is one of the biggest sort of aha moments in the wallet space that I've had in the last certainly year. And I wanted to share that one in particular. What about wallets you know what kind of stuff is in wallets we've talked many times that anybody has been at IIW or any of the identity when you're getting into digital wallets. There's a lot of stuff you put in your wallet. Whether that's, you know, receipts you may buy, you can imagine in the future buying a TV at Best Buy, and your Sony TV warranty is automatically assigned throwing your wallet beside the receipt. What Sony would love about that is now maybe they have a direct connection with you as a customer. Best Buy may not like that, but they may have to do it. All of these different things we talked about address books, relationships, consent, but how do I, you know, mark that I have consented to something, how do I revoke that. All these very different things that we put in the wallet it gets pretty complicated pretty darn quickly. So in the report talked a little bit about the enterprise. What's unique there about the enterprise one of which is scale large companies tend to deal with thousands or tens hundreds millions of connections millions of things that they want to track billions of things they want to track. Well, as well as you have multiple agents, both on the agent as a software paradigm you may have an HR department has one part of the business that they're handling. You have a purchasing department accounts receivable. You have messaging you have legal sign off all of these different agents are acting on software basis, but you also have multiple people, which is where you now have to get into delegation. And if it's humorous to think about now I mean I, about companies still using they still do this we talked to multiples of the, I would say the dinner slash beer discussions while doing the report research that you know big corporations, one of the most protective things that have their vault is a corporate stamp, which is kind of humorous because as a technology it's pretty outdated, but it's something that needs to be protected because only the people can access those very particular roles and responsibilities and actions that they can take really need that delegation what rights do I have as President CEO of my company. What rights and responsibilities and do I have as an employee somewhere, or as a member of an association. All of this delegation becomes much much more important on an enterprise basis, because when you look at it, I as an individual can sign for something. A corporation cannot, by definition, that role of signing is delegated to a human right now in the future perhaps it'll be an AI, but there's a separate entity who is actually doing the work on behalf of the enterprise and that becomes very important quickly. As well as the protection required at an enterprise level, I'm losing your personal keys is a tragic thing, losing your keys for a full corporation can impact lives of thousands or millions of people potentially, as we know with breaches. But even if I was just reading about a Reddit a couple weeks ago, a company had their whole ERP their customer management their CMS had a custom domain name service DNS resolution tooling inside of it. And it crashed, and they lost it. They lost their complete ERP and CMS they believe the company may die. And this is thousands of people who are employed there. You need to protect these things need to be backed up and you need to make sure that you know backup is not an attack vector that type of thing. Another thing one thing we didn't cover was the initial thinking was this and this has happened multiple times in multiple different vendors in not just the sovereign H hyper ledger airy space but other places that I've talked to where people were adamant that, you know, no keys no coins that an enterprise must and wants to support the part hold the private key and do all of the signing actions for their did when they're doing any decentralized identity stuff. We have found multiple people have gone and spent the money to do that, so that there's kind of this signing virtual machine that you as a customer have to take care of and feed. And it will do all the signing such that your your partner your software as a service partner doesn't know your keys. I have yet to find any enterprise barring and actually Jim you're on the phone. There are healthcare enterprises who don't want that. But I'm still betting there is a third party who actually has that service level agreements and a contract to manage those keys, because the customers don't want the complexity. And they've already been doing key management in various different aspects. They understand the ramifications of screwing it up of losing it of being compromised. What they want is a partner, typically a top tier consultancy type of partner. So they have a throat to choke when something goes wrong. So what's interesting is people spent the engineering dollars on keeping that wallet completely separate, having the signing capability. When it turns out, it's not a, I've asked people how many of you sold the answer has been zero to date that I've heard. We got into wallets and agents this is another area where the, the SSI and it's funny because I went through the report and I forgot to go through the book but the book actually kind of really brought the agents and wallets into what I would call a kind of a peer a top level relationship. So it's the agents are just as and I think actually in time, they become even more important I want wallets to get really boring, unsexy. We'll talk about different types of agents you can see on the right side here, running from messaging to privacy to, you know, home delivery, your health agent reputation management, all of these different agents are going to be there. One of the key things we also brought up was, you know, the term that I've used in blog posts and in tweets and stuff is who is in your wallet because we this does this a nap them but you know it's my keys. It's my wallet I don't want anyone in there. And I that's great. Love it. Take care of your life that way but right now, I don't have the time or the or the inkling to go and manage my own health records when I can have somebody do that. I have digital assets, things I want to protect and make sure that they're backed up. I would love to be able to tap a bank or credit union for that type of thing because they have the right infrastructure. So how do they join into the wallet. But additionally, what about things like a break glass capability for care for Clark clarity. This is the break glass in case of emergency. There are electronic health record solutions that if somebody is not able to respond you that they don't have a mental capacity. They're unconscious. There is sort of a bare minimum set of records that are typically available to someone. When and if things have gone horribly wrong and you can't answer the question. Do you mind if we look at your files assert or man. That capability is pretty key and really does start to become and require a third party to say, yes, we're in that break glass scenario. There are also insurance people who may be involved in monitoring some of my assets, people who just monitor things in general we may have auditors, especially when you get into a corporate capability. If I have a digital signing capability that is completely unmonitored, I've got a serious compliance problem. I need to have logging of that so there's a requirement to be able to not not not not make it mandatory, but be able to bring people into your world these different services so that you can either farm it out to somebody, you want to be able to reclaim it obviously, but to actually bring those folks in. To me the the message I've had over the past year and a half, two years since the report came out is that agents are becoming more and more important. Right now, we're still at the very most basic of agents if you take a look in the hyper ledger space itself. There's recently a couple groups released, you know a new version of a mediator agent. That's a really basic agent, you know, basic answer the question, where's my phone send this to it, as opposed to doing anything real intensive of acting on my behalf, merging things that type of thing. So, talk a little bit about the state of the tech of the tech of the possible and talk about successes and in the old report I really had very few outside the lab, there really were two years ago, none. Now we're seeing real solutions, one that I was involved with was see ledgers member past, which was launched a little bit after after the report was, but really went live, I guess it was it went live really in early 2020. And now they've got, I think they're approaching 100,000 live connections to real credit union members and they have something like 3 million prospects and the and the feedback thus far has been fantastic, but it is the most basic of uses. We're seeing more and more of those. We're seeing again the agents the hyper ledger areas is really one of the state of the tech yard the possible that has really kind of come into its own over the past little while. And it has become helpful for many different groups to to hit it in very different forms. We've even seen some hyper ledger areas work that's not anchoring down to India tank different networks, which is an awesome interoperability thing, but also where things working and failing right now. Right now, the single purpose use cases are really the only cases I'm seeing in the wild of digital wallets. When I say single purpose use case if I take a look at, as it just as an example one of my clients have see ledger with the member pass. The member pass is a clone. That's a copy of ever names connect me with a bunch of features removed. You can't browse credentials. You can't browse connections, unless you have more than one credential and more than one connection, which I believe would probably be somewhere on the order of point zero zero one percent, if not lower of the member pass users. They don't need it. They don't want it. They don't want to know about the complexity of what's a connection. They don't want to know what's complexity. What's a credential, because right now there's not enough value for them. So the biggest thing was that that's even stronger than I thought it would be. I've also got cases what I would call hidden wallets seven passes kind of one of them we do speak to it. The credit unions speak to members, but they don't know that it's using this thing called self sovereign identity that SSI term has not been raised in the credit union space in some time it adds absolutely no value to the casual user to understand the digital wallet with self sovereign identity you control the they get that from the user experience. They don't need or care which is kind of cool because we don't need to justify things anymore, that baseline we're using. It's just there. Where is it really hard to me this is the learning has been that the user experience is brutal, which is why if you take a look at member passage is a dumbed down dead simple. It's almost trivialized as an engineer developer for reform developer it's trivialized version of connect me, but it's meeting the need. What's really hard backup and recovery to the point that we say okay one of the features to turn off on the member pass side was turn off backup backup depending on how you do it is an attack vector. One of the sad things we learned about the the society at large, that we're kind of sheltered in the tech space because we're probably you know a little bit above, certainly likely middle class, and don't see as much of the desperate crime. One of the number one attack vectors in the credit union banking space is family fraud, where, and then here's the attack vector if I go and fall asleep. I use my phone, this is back or use my thumb whatever use my phone to copy the backup restore to your phone and I have no idea that that's been done but I'm no longer receiving messages, but you are. You've now taken over my account, and that is a major attack vector, and always has been is family members taking over accounts and then you get strangers and stuff, but the number of family members to do it is amazing. Another hard thing is migration. What's this technology is so early stage decisions have been made that at times have painted us into corners. So lifting from a version to another version when you take a look at and this is this discussion in the end and I'll get into our ability in a bit. So discussion is space over who's interoperable who's not. Well the reality is no one is, if you think you are you don't know what interoperability is in the big picture. I mean people among their own technology stack can't migrate from version to version without some pretty serious stuff so that's something people are learning right now. I believe largely overcoming, but it was a it was a, it was a learning in the space that was like, Oh, yeah, that was a pretty short study decision we made. How do we, how do we back it up, and then move away from it. Interop as I mentioned is a little hard I'm going to talk about that in a little bit. So the R&D is required. All of these pieces still really do warrant R&D, whether it be, you know, Kapilar academic research or little D versus full commercial development, all of these are sitting in various different places. Let's talk a little bit about standards this is one that I meant to, I'm going to cover in a second in more detail. This one of the surprises that I guess, and I realized when I reread it, I wasn't strong enough on my statements. I'm actually going to post a new blog article on what I've been saying as opposed to what I've written on protocol evolution, and where the standards are really where we really are as a space. The standards on on on the assurance levels was key to understand the panicking and trust framework has really really that's a big change I should have marked that I wanted and read. It has done a couple things one at the national standard level what's called the CIO strategy council. I'm one of the vice chairs and one of the one of their streams has passed a, a very solid governance trust framework guidance. And it was anchored on the public sector version of the panicking and trust framework. That was a key win for the industry because it's some of the best terminology we've seen it's actually quite compatible with trust over IP. Portability standards as far as trust over IP was really another learning. It only launched last May. It's got, I think there's a couple hundred members now different organizations is mean many hundreds of people. And the big warning I would say comes back to standardization and interoperability. And the term I'm using this again I'm going to start posting about this is what I call premature standardization or premature interoperability. I think we're kidding ourselves on where we actually are today and how hard it's going to be and what we're looking at. I'm going to skip past user experience and jump into the past the business that I noticed at the time I want to get to this point here which relates to both the standards and where we really are as an industry. And the message I'm giving to people is anyone who thinks that we're at a utility level equivalent to, you know, S3 storage at Amazon or your electricity provider is smoking something. They're deluded and they're wrong about and they're going to be making really, really bad decisions on a business basis, because they don't understand the industry and where it is. If anybody's following and I'll share the link to this deck. But this is Simon wordly wordly maps as a concept. I tweeted out in just about a while earlier this month, where we really are now stage one is called Genesis it's the unknown it's that, hey, didn't see that coming. I wish I remember when I first talked to Mike Brown about SSI when we, he and I both I guess the prior year prior had realized it's changing how things are done. It came out of nowhere. No one has a clue and let's be clear. We still don't. The concept of Genesis and unknown means it's truly bleeding edge and custom means there is no standard. There is no obvious winner in the market. And this is what Simon wordly is on a great job of delineating this and I went through and each of his characteristics of where we are. There isn't a single one where we're solidly in two, meaning it's custom, which is still custom is a very exciting startup phase of an industry, but it is not like Salesforce is full utility now. A few years ago, it was still product the whole CRM space was product. And before that it was just a bunch of databases we'd all written. But this is where the thinking is if you think you're in a product or utility phase which is really the strategies you're using are wrong. If you recognize where you really are if you're going to go from a to B. It's really important to know where B is. It is far more important to know where a is. So don't kid yourself about where we are is my biggest message. And I've probably been harping on that the last about probably since report hit the ground. And just speaking quickly to what I call premature standardization and interoperability. There's my view of the world is that when we're looking at this kind of a technology. We're really looking at isolated proprietary protocols. Trust over IP is working to create what I would call a community protocol. There are very certain decisions being made or certain design dominant design patterns emerging. But we still haven't gone all the way to the various different are multiple standards specifications that need to be created that go into the full formal whether just over IP which is an SDO and can produce it. We push some certain parts over to itf Oasis W3C, etc. These things are sitting here at this isolated in community level, not where people think they are and the amount of work to get there is heavy. It also is driven by more and more adoption, which means you get slower, because you can't change everybody all at once. But I think we're a lot people are not understanding how far and hard this is. We're involved in the breaking of the back of what we call proprietary geospatial proprietary GIS back in the 90s. And it was a Herculean effort. The results though were I know on the defense space, the defense and intelligence space, especially the classified world saw cost savings of 10x. What was costing them a million dollars suddenly cost less than $100,000 in that kind of a ratio for data for imagery. We ended up creating what was called, you know, specifications and interoperability test suites, which has already started a trust over IP and hyperledger areas project. They're kind of merging together to create an interoperability test suite, because what the interoperability test suite did in the mapping age. And if anybody knows and watches on a slow connection, when you're on Google maps and you see these tiles come in. Even prior to that there was a standard that was driven called the web mapping standard that once the specification got to a certain point and interoperability testing got to a certain point. The industry stopped whining stop pointing at each other stop blaming each other. And as I mentioned the costs of data fell by 10x 90% reduction in cost. And that's when you change the game. It's also when you know I'm no longer on the bleeding edge of things as a company, not knowing what surprise I'm going to hit. There's an exact as an answer to exactly what does good enough look like. So that's a lot of work we still have to do ahead of us. The trust over IP foundation I raise that here, because it's it's new, we launched in May. It came out of a bunch of the work in various different spaces, including deeply and sovereign that that we knew that there needed to be somebody focus on the bigger picture that governance and tech stack is dual tech stack and I'll show that in a moment that was created, really allows us to. We've had very, very amazing to see the work at the Central Identity Foundation diff. For example, there was a lot of pushback on the four layer model because it's, but then as we as we as we work together, started to break things on a technical basis we realized this thing actually is falling into place quite nicely. They've got a beautiful architecture saying here are the different layers here's the interface between layers. Here's the various different standards or code bases that are out there and how architecture actually fits together. Just the good health pass collaborative. I'm co chair of one of the the trust registries group. It's hosted the trust IP foundation. This is pretty much where a lot of the governance and the big picture tech stack work has really moved over hyper ledger areas as an example in this particular group. The business side of it the government side of it's there over a trust IP hyper ledger areas is really where the code of the test suite sitting there. But the idea as you go through trust IP and again this is probably the biggest change to the wallet the agent space is this consistent terminology that we can use what is and where does an agent fit. Where does a trust registry fit whose role who's a governance authority at which particular layer. This started to really clear up a lot of the questions that were out there. That's it for me folks any questions I'd be happy to answer any any input. Don't feel shy. Oh, Sean has got his hand up already. Thank you for sharing that. I've been out of the game for about, well rooting from the stands but out of the game for about almost two years now. When you go back to that slide that you and john Jordan worked on. I think it was the second or third one in the deck. Quick question so I see it as it's with a split perfect. I see it as sort of the analog to warm introductions right like I know vipin and I know Darrell. And Darrell wants to meet vipin I just don't connect you to I say hey vipin I know this guy Darrell he wants to meet up. Here's the reason why I don't do that just in general in the real world. Does this open up though, you know, in this idea that connection should be aware of the connection parties need to agree. Does this open up an opportunity for verifiable credentials where I am a bank would be willing to use a bank to give me a credential for proof of address, but only for renting a house, not for being used with another bank. Yeah, or my airline would give me a credential for the number of frequent flyer miles but the rule set behind it the terms and conditions they'd be willing to apply would include you can use these you can share these miles with anybody but another airline. Is there sort of an overlay of rules of use or terms of use that you're seeing there. Oh yeah, totally totally this comes down to really the bottom level of that of that, both the the credentialing and the connection is don't force the third party. So let's take your example you introduced vipin and I. Let's do a double opt in which is the best approach right right up, vipin or myself responds to the message puts you on BCC that lets you know that we're going to talk. Cool, we got connected. We may just talk to each other, and you may have no knowledge of that that would be kind of weird, but it's not required for me to tell you. If you build into the bottom level architecture that it's required for that third party. If you allow for a third party. And I love the idea of you know that that's, and Mike would tell you it's the telco that does the address but they might be willing for a good customer to do a rental credential that has very specific rules that say for the purposes of rental yes for the purposes of moving money. No, right like what's the risk tolerance which they would allow 100% exactly and that would require more. They would require more than potentially you know, multiple credentials and or multiple connections, but at the base level you're not enforcing a third party in the play. That's all. So not it's not excluding the third party. It's saying, you're welcome. If you're welcome. You're not required them. Thank you for that and the only other question I have is around the side. You mentioned agents later on the deck. Is there a possibility, based on a relationship that I create that I'd be forced to use an agent like an audit that agent for auditing. For example, I could see, I could see actually yes. I believe I can speak to this or generically speaking. There are banks that have that will bank companies that are mining crypto with a caveat that says you will tell us your wallet address, and we are applying a service to monitor that address, because we want to tell you if and when you're getting dirty with a coin. So, like anything else is always used to enter into that relationship or not. Exactly. If you have now, one would say if there's only one bank in the country. Oh, it's kind of coercive. That said, you don't have to do it. There's no one with a gun to your head. I would say there will be regimes there where there is no option. If you use this wallet, and it has these agents, you likely don't even know. But if you look at the data moving around you can probably figure out okay the state has an agent in there. That's my life but I'm not that's that's a different world than where within what we're talking about here I think. And also you end up, you know, you on this slide you say no third party has awareness of a connection unless the parties agree, one of the initial sort of big benefits of self sovereign identity as a concept was correlation resistant. And then put them together. Right, like if I'm going to make a compound proof for getting a new apartment which includes data from my bank, my last, my last landlord and my electric company. If they make it a requirement that they know the other connections in the proof they're going to, that would kind of break or at least is differential sort of. And this gets into some of the work we're actually doing in the good health past where you can imagine a situation where someone says, I need to know it was signed by your bank and I need to know which bank it is. Over time, I think there'll be a list of bona fide banks. I know where the list of bona fide credit unions is in the US it's a member pass. So you may just say it is a better really the certified bank certified your address. Good to go I don't need anything more than that I don't need to know you're dealing with chase or UBS or whatever. Gotcha. Thank you. Great stuff. Good to hear your voice dude. Anyone else. I'm sure that there are others with burning questions. Otherwise I'll ask a couple. I'm a VIP and Luke has a has a question with a UI for this to work like with sign in with Indy or areas. There certainly are Luke different user experiences a lot of them right now are more along the lines and this is something that is not done in member pass right now but we've been working with. They've been working I was CTO there for some contract CTO for a while. As a supervisor, we were working with the use case where you go to log in and your phone would say just like if you're using Microsoft authenticator now would say, Hey Darrell, are you logging in unify financial credit union. Yes or no. Yes, boom passwordless login. The same login with Indy login with member pass absolutely people are looking at those. I think of the hope that certainly I've got is that I never seen another logging button it just just works and it's secure and it's mine. Anyone else. Okay. I have a couple, you know, let's say observations. First thing is, last time we presented we were very much on the wallets for credentials related to identity. And now the wallets use case as you know has exploded in the, in the crypto space and elsewhere. I mean it is the UX that that is needed. And you mentioned a couple like for example the healthcare. But what about the other other use cases like you know, I sort of started talking about them a little bit, but as a self hosted wallet or something controlling value somewhere. You know, what, what are your thoughts on that. When you say controlling value, like a typical crypto wallet, let's say, okay, that I can move stuff I can do stuff. And we are not talking about, you know, the other controls the supervisory controls that are required by let's say OCC, or FATF or some, some other body but. So, yeah, I mean the initial focus again yeah what was definitely on on quote identity you know self sovereign identity. To me the, the, the key really is and I think Dave use these using the term authentic data, John Jordan and I were talking about its verifiable data, where the difference now with this system is one of the guys that work with I'm my own endpoint, meaning I'm my own API, I carry my data you don't need to go and integrate an API, you just need to know, can you trust my data you trust my data by looking at the data, as I've been tampered with and do I know, and understand who the issuer was the ability to carry this data is huge and it's actually to me bigger than the identity side of it, the ability to have verifiable information to be exchanged is far more powerful. So if you get into the, the, the linkages into the crypto and crypto wallet space. There's a largely speaking they're quite similar. But if you take a look at the three different kinds of, of crypto there's, there's the real you know the fungible token style where it's a value it's a Bitcoin Ethereum, you know, I, you and I exchange a Bitcoin I don't care it's a different address but it's still a you know just like a dollar is a dollar. There's non fungible tokens which somebody just actually joked on the internet yesterday that they're going to sell their vaccination credential vaccination certificate as an NFT, which is I think brilliant because you look at NFT well I'm really hoping you're not getting a vaccination credential as an NFT, although if I'm going for a flight VIP and I might want to borrow yours, and I'll pay you to borrow your vaccination credential. Some of these things are going to be transferable some of them are not one of the learnings on the wallet side in the banking space and other spaces healthcare to I may decide I want don't trust the wallet app you're using. So I'm not going to let you do anything and I may not allow you to transfer your data without my knowledge and or approval. That might be for protection of you as an individual that might be for protection of the enterprise itself, because I don't want you to suddenly and the joke I use them in the report is you know can I trust Bob as wallet. You know it's got the best user experience, everything's transferable and turns out is written by North Korea. We have to be careful of those kinds of things. Does that make sense vipin is that help answer. I mean, you know, there are these wallets that we are talking about. They are called wallets are being used at scale, and Dan is correct that, you know, a wallet is a portal. Right. I mean, basically, in some sense it's a portal. In some sense, it controls access to some credentials. There's, you know, a mix of things in a wallet. I mean, wallet in the beginning was just just probably to store gold or money, which actually had the actual thing in it. But when you use a card, for example, you're, it's more of a more of a portal into your credit. So it is, you know, you, you're holding this credential, this physical credential that can let you into your credit. And of course, the same applies when you're, when you're moving value on a blockchain. It is some kind of a way to a key to unlock things. Well, when the wallet is got all these different dimensions, it's very difficult to talk about it. Right. I mean, you, you, yeah, exactly. That is this tough in a wallet. Nice about that while it's flexible, as you can see, yeah, and when you use that wallet could be different than the way I do, which is really cool. And Dan also Dan, Dan also raised, you know, the wallet, if you look at the pure, the, the, actually the opening of the wallet report and the opening of the chapter in the book is developers may say wallet is really about the keys. The reality is that's not what an Apple wallet is. That is not what a Samsung and Android wallet is. That's what the market thinks it's, it's just my digital stuff on my phone. And the developers may call this is very particular while we actually delineate that in both report and the, the chapter because I think we do ourselves a disservice when we're very, very focused on what I would call wallet storage. And there's a diagram and the thing that the terminology we use is pretty tough but Dan I'd love to follow up with you on that because reality is, we don't have a definition in the market defines it for us. I wasn't saying that it is one or the other. I was just saying that it's got a multi dimensional, you know, let's say a footprint, right. I mean it is it's it's many things to many people. I mean, if you think about the fairy tales with the wallet. You know, that's where you keep your apples for that. Yeah. So that he can feed the dragon on the way or whatever you know. Hey vip and Mike actually asked a really neat question I just noticed that's where do we see the state of wallet interact with multiple networks are most still aligned with single network, or good examples of merging support more than one and if so is our model for sharing credentials across networks. Okay, in a couple things, the interact with multiple networks is a hard absolute requirement if you want to have any kind of a generic wallet, a single use where you don't even know you have a wallet that I don't know if that really matters. If you decide to support mobile networks great, but I don't know the user will ever notice and or care. If you have any credentials across networks that's an interesting space that it comes down to, are you looking to move and re anchor something, or is it like I take it if we take you know casual discussions in with some people in in in in government you know where will they potentially long term, not now support writing a digital passport to. What do we say in time. Hey, yeah we will anchor down to the following seven networks, and we're working on networks eight nine and 10 anything beyond that go pound sand we don't support them. I think we're going to see a power law where there's a number of very large networks and a lot of smaller more discrete ones, and you're going to have to support and networks and and must be greater than one. Okay. Again, coming back to a physical wall, it does support multiple networks. I can have a visa card I can have a mastercard I can have you know various things so there's bound to be sort of parallel drawn between a regular wallet and digital wallet and we have to be ready to answer those questions, and Jim seems to have his hand up so I'm going to. Oh, yeah so the, I know Jim Mason, but Jim St. Claire I'm sorry. Oh, sorry. We've Jim St. Claire I'm gonna have to go. Okay, he lowered his hand so I guess. I just wanted to add real quick Daryl's comments as well the discussion in general has been great on this issue of multiple credentials multiple wallets to put it in a good health pass perspective. Our concern is that you get your vaccine in Cleveland you get on your southwest flight in Cleveland to fly to lax to get on your Singapore air flight to fly to Singapore and go to your Marriott. You're managing 16 credentials and wallets while sorting it out and balancing your latte in between gates as you rush between flights. So, you know verifiable presentations UX and those issues that that are real things, as well as the real reason you have multiple wallets is is part of the challenge we're looking at. Exactly. Yeah, but today you don't carry 10 different passports you only have one at the most two or three I don't know how it depends on how many. And those passports are recognized on all airlines. Right. I mean, they don't, they don't say, oh, we don't support the US passport. And I think there are standards like Dan probably knows more about the stuff that I do but there are standards about international presentation and data item elements that need to be presented. And that particular digital one I think took 15 years to actually come to realization. That's a slow moving one right. Yes. Yes, because whenever you have multiple countries involved in international and and and multiple vendors whose lives are on paper. Let's not forget that. Yeah. I was going to ask Darryl two things that when I was looking at a solution for a state and said okay we're going to try to go digital on identity and credentials. And we used in the area stack and so on, put out a prototype everything work. That was all great, no issues. But as I looked to the larger concept of saying let's get this out in production the two things that stuck out you've hit many issues what I really don't have concepts today which, as you said vaults and delegation all those kind of things that usually get lightweight in consideration, but the two things that stuck out were number one. Not everybody, not every adult over 18 in my state is going to have a digital access period. So we're still going to have to issue an electronic ID card as a substitute, but the reverse of it is. The other thing is, like it or not Darryl I'll see you in an airport and I'll steal your phone. And having done that there there goes your direct device access in the middle of an airport to your wallet. But the point is if you still have a physical ID card let's put it that way. Yep, if that ID card has a call it a potential. I'll call it proxy link that you've consented as a way to sort of delegate access to your wallet that is an evolve let's put it that way. Then the fact that I stole your phone is not really going to be a big issue. And the use case that I had was always working on at the state level was you need caught insulin vaccine from CBS in the next five minutes. And the question is given that I just stole your phone, how are you going to get that access. I have to have a backup way for you to get that access reasonably quickly so that was sort of my challenging use case. And then the seconds, the, the other issue that was really tough for me, which I don't know, and I'll call it the better minds in this call can probably answer it for me is it one of the things we're trying to do with zkp and stuff is we talk about trying to avoid the idea that using the same addresses, we have data correlation so the recommendation for many reasons is that you want to do key rotation all the time. And what I'm not hearing anywhere is proposed solutions to what I through key management services if you will, to automate key rotation so making the key flip is one thing saying, wait a minute, can I get the history of my prescriptions across different keys. Yeah, how am I doing that. I don't really see a lot of stuff showing up on that. Have you seen Jim and I do have to jump on another call momentarily but if you've seen Carrie. Yeah, we had a, we had a, we did have a carry proposal that did handle that. So, so, so if you're like me Jim carries an extremely advanced concept. There's a podcast with with with Sam, Sam Smith who's the carry dude and Tim Boma. Yeah, called definitively identity. He had a presentation right here where Yes, he did. Sam or Sam did Sam. Yeah, the reason I'm recommending the podcast with Tim is that I've seen Sam present. I've read some of Sam's material and I didn't really, I didn't really grok it until I listen to that podcast. Okay. I found it. I was just like, Oh my God. This is lightning in a bottle. Now, yeah, it's early stage lightning in a bottle. Okay, thanks a lot. It was forward key stuff that really stood out. Anyway, I think we are at time. And everybody's jumping off. But thank you so much for showing up and talking about the stuff we have a lot. Thank you. We have a lot to discuss obviously we, we, you know, one hour is nothing. Perfect. Well, thank you all very much. I do have to unfortunately run away. Thank you. Thanks. So I'm going to end the meeting. Thank you for showing up. Stefan said various people. I'm going to turn off the, you know, the zoom call. Okay, thanks. Thanks, we've been step step on we have to talk. Thank you. Call me anytime. All right. Bye. Thanks. Bye.