 So, welcome everyone and thanks for having me here today. I would like to put some lies on the topic of decentralized authentication as a, as a, I hope that this will set up as well your mindset about how to look on the digital space from that perspective, and what actually decentralized I mean, because as I mentioned decentralized distributed federated, you can put a lot of different names towards it and what's the difference and why actually call it decentralized. Shortly about myself. So my name is Robert Mitvitsky. I'm stem cell at human classes foundation. I'm head of the technology council there. I'm responsible for the technological development and architecture of the dynamic data economy vision which we are building within the human classes foundation. The vision and human classes foundation is a nonprofit organization based in Geneva in Switzerland, where we housing, not only the vision of the dynamic data economy but as well the development and the components of dynamic data economy. So we actually actively participating in building those components and making that happen. My background is in the software engineering. I was a software architect developer for many years recent years I was focusing on the decentralized technologies, including decentralized semantic identity and the governance and with that experience I would like to add some audio insights into dynamic data economy at the level of this decentralized authentication as I'm already mentioned this is a one of the presentation from the series of three presentation on the decentralized semantic authentication and distributed data governance. So I would like to focus on the on the authentication input. So, as you may remember from the previous presentation from the first series about the semantic with build it up. So one of the characteristics of each corresponding domain, trying to explain what actually we are dealing with and obviously without having a properly name those stuff it's really hard to try to solve the problem. Because without, you know, identifying the bits and bytes of that it's it's hard to do. And the input domain is basically all about events, something which happened, how you can prove that something happened how do you prove that something happened or how you prove where it comes from. And there are different activity characteristics around that in a in a different flavors of different formats of that and I would like to talk today about that, what that means and how actually we can achieve that. So, from the perspective of the model, which we are operating in the human classes foundation is so called rugby model, which represent the digital network model, where we distinguish it between the semantic and the inputs about the semantic that last week, and today about the inputs where we are dealing with the records, we dealing with the persistent data, which can describe a multiple things and one of them is identity. As you may know identity is just a sets of data points, which describes who you are in the digital space right so now we need to discuss how actually we can get to the position that we can trust those records and how we can use them to in a digital space. So, one of the core aspects and the kind of dependency chain within what we are doing within the dynamic data economy something which we called accurate data pyramid, which basically shows the interdependency of those layers and shows that actually the higher data cannot exist without the lower layer. And this is very important because a lot of communities trying to build different solutions and they are trying to address just one layer, for example, building governance, but how they can build the governance if they kind of trust in the underlying layers about the data and the integrity of the information which is behind that, and so on. So just a quickly recap on that how we envision that in the lower flavor we are dealing just purely about deterministic objects so we're trying to answer the questions what it is, not where it comes from, not how it was created is just what it is. And this allows you to reason about the integrity of the information that it's persistent and is not changing. It's immutable in a sense. With that you can create a semantic architecture which we heard about last time, and only if you have that layer, you can actually start building authenticity on top of it, which is simply trying to address a question is where does it come from, and who created it, how this came to the existence, how I know from where this information comes from, right. And this factual authenticity, which is the key characteristics of that layer, allows you to actually start capturing the data, persist the information within the digital space. And this is obviously later on used for authentication and different mechanisms of that ecosystem. And on top of that, and only if we have those two layers, the veracity comes into the game, which is about, is that true or not. Obviously the truth is very subject to, and there is no, and there is no one sets of the rules in one piece of the information in one ecosystem could be true and other one could be false. So it's really about this governance which will decide about what and how we follow the rules within the given ecosystem, right, but about this one we'll hear in the next, next session. So, starting with this few definitions so obviously we mentioned that the main characteristic is this factual authenticity, but actually what that means, because one of the critical aspects of the data in the digital space is how you can prove that something exists or something was created by individual person and so on. So how you can authentic information in a way that actually you can be sure that it was not corrupted, it was not temper, and it was not modified or changed since its creations, and it leads you to the source of the information so who actually created that who put that into the system, and when that happened. So time stamping as well as very important part of that aspect but we'll talk about that later on. So, when we speaking about decentralized authentication. First of all we need to establish a couple of basics from the perspective of what actually it means. So the decentralized, it's very tricky. It depends who you ask what means decentralized, you will get a different definition. So, just to set some frames around that. Let's agree for the purpose of that talk that the decentralized is basically a function of increase of user sovereignty within the ecosystem. Because decentralized could mean that you run some multiple servers that you have a decentralized governance that you have full control over the mechanism and activities within the digital space. But there is always some kind of dependency so you can't always have a full independent or independency within the interactions, but increasing that independency defines the decentralization or decentralized system, more freedom you have or more kind of sovereignty you gain, then more decentralized system is. So, now the authentication so as we mentioned authentication is about figure it out who where it comes from who actually created that. And, and we need to speak all the bit about the basics of the trust and relationship which we have, which we know from the real world, analog world versus that what we're operating in the digital space. So the root of trust, which normally appears in the human interactions is so called human basis of trust in person. What it means that when you speak with someone you meet someone you establish a relationship and you build up this relationship and based on the effects or results of that relationship built building relationship. You establish a certain trust, and, and you can basically summarize it is that I know you therefore I can trust you more I know you more trust I can put into you right. But the problem with the digital basis of trust. So, digital I mean on the internet in the digital space is not so easy because actually, you can't really know someone who is on other side of the screen, you can for example know that you're interacting with someone with an email address, but you don't know if that's a real person behind that email address or any identifier any messenger or any chat. It's really hard even on on video conferences we know from the perspective of the fake news and you know what I can do with the video editing and stuff like that it's really hard to get this like, I know you therefore I can trust you. It's the opposite that I can't really know you therefore I can't really trust you, and this is why it's the biggest problem on the internet is to establish a trust relationship. So to solve that problem, we need to actually look on this basis of trust and how to replace this human basis of trust with something which is uniquely identifiable within the digital space. It's versus bits. So it means that in the analog world, there is a limitation in how many places one person can be physics, I mean you can't overcome those, those, those basic principles time and space. So far was not broken in a sense, and it's really hard to have one book in multiple places or one car in multiple places or one person in multiple places interacting with multiple entities. But in a digital world, that's super easy duplication and replication is so easy that actually you can be in one or 10 meetings in the same time. Similarly, someone will actually notice that you are not physically present or paying attention, right, or when you're interacting sending out messages you can have a bot which does that on your behalf. So there is a lot of problems related with that. So we need to find something which is uniquely enough in the digital space, which cannot be easily duplicated cannot be easily stolen or regenerated. So the thing which we have is entropy entropy in a sense is random numbers so high that the probability of guessing that what number is yours. It's so low that that's basically impossible. So this is the basics of the cryptography. The cryptography is based on the entropy which you generate and out of that you're generating us some elements which can be used for the cryptographical operation like signing encryption the decryption and verification right So we want to to solve the problem of trust within the digital space we want to replace the human basic of trust with the cryptographical root of trust, something which is unique enough, and allows us to be uniquely recognized in a digital space. So by having a cryptography as a part of that discussion, it basically boils down to, as we mentioned at the beginning, key management. So, generating a keys public private key to actually being able to have some sort of identifier, which can be uniquely recognized to those public private keys, basically push out everything towards a problem of key management because obviously if you lose your private key, someone is able to take over your identifier, and therefore, we'll get back to the situation where we started with that it will be easy to impersonate someone So we need to make sure that this problem the key management is properly solved. And so far actually a lot of systems and technologies which was created. They said that the key management cannot be solved. And based on that there was assumption that we can't rely on the key management as a basis for for those problems and they tried to fix the problem on the internet in a different places. And there, we have a solid proofs for that, where people actually build it and technologies were actually proving that the key management is solvable problem and we can do it in a way that actually user doesn't need to have very technical knowledge about that how to do it. So it's all all boys downs to having something which we called or which is called in a in the technology which was invented for that purpose self certifying identifier, which basically it's a digital identifier, so a set of string so string sets of characters which is cryptographically linked to the public private key, but it is done in a way that actually even if you change rotate and modify those keys later on that identifier is keeping it's stability means that it doesn't change means that you don't need to reintroduce yourself every time when you lose your key or change your key or something will change in that relationship. So basically it's all about the state of that identifier and the keys which represents that key in a given point of time. So, as I mentioned, so the key management problem is nothing new, a lot of people probably listening to that session they are familiar with that, but just to highlight a basic problems which we need to deal with is the generation of the keys how to securely generate them. There is a lot of solutions on the market which everyone is actually not is using not even knowing that like TPM trusted platform modules secure elements secure enclaves simple, you know biometrics method of unlocking the phone is actually linked with the billing with the keys which are stored in the subsystems of the of the device. But the generation is one of the simplest one. I mean, simplest in comparing to two other aspects but the way how you exchange the keys how you actually can communicate which key is yours, the public key, how you store it how you split the key. You have a multiple control over one identifier, how to replace the key or how you rotate the key in case of the key is compromised or how you fall back in case of the keys compromise that someone stole your private key, how you can recover from that. And all those aspects are addressed with the with the protocol design, which was introduced some time ago by Sam Smith, which is called key event receipt infrastructure, and this is the basis technology for the, for this for the key decentralized key management solution which we are discussing here. And obviously those protocols, the design the procedures how how they are connects and how they are used is is the part of our development and we're trying to to build on top of that. So, from the input domain from the perspective of dynamic data economy. There are two main principles, which I think is worth to mention here. So, first of all, authentic data events. So, how you can record piece of information. And later on, you can verify the origin and immutability of that of that record in a sense that obviously you leveraging the mechanism of those cryptographical primitives that you can link that to the public private key infrastructure, and then you can rely on those digital signatures and and verify those information, no matter of point of time or place or location of the data. And then verifiability of the event identifier is how to have this data provenance and how to provide this historical record, how it change over time. So this if you think about the identifier which is sets of the data about the key state of that identifier so specifically about managing the key. It's basically a log event, or for those who are familiar with the blockchain technology is pretty much the same as cryptographically linked pieces of information that you can verify the history of that, how it evolves and how it change over time. And obviously that allows us to create something which is called event log, which shows you how the keys are changing over time, depending on which identifier you're looking. But the same technology can be used to identify any history of any type of the data not always need not always necessarily related with identification system or authentication system, but it could be simply, for example, record of data, how, how describes a specific object or, or history of money flow or any other events which which we are interested to verify over time. So why actually we care about decentralized authentication and those decentralized technologies how we can. I mean, there's a lot of systems who actually solve those problems from the perspective of centralized federated distributed system, and they are, they are somehow dealing with those topics in a different way. So, obviously the challenge is the whole data economy. So, as you notice, operating in the digital space more and more, you need to exchange your information with more and more actors. Different entities, different organization, you on your own as well, you want to leverage the data which you're collecting in a way that actually serves you. One of the most famous example is that within the current systems that if you buy something online, after buying that product you will get advertisements for our next two or three weeks, exactly about the same product which you just bought, right. And the reason for that is because systems are trying to collect enough information about your interaction and then targeting you, hoping that actually it will work somehow, right, because they don't have a full picture of you what you did how you did where you did it, because the systems are not connected enough, some of the laws actually forbid to exchange some of the information. If you go to the healthcare system, it's even more restrict about who and how can access information. But all those information needs to be exchanged to serve the purpose of providing services, serving the individuals in the digital space. So if you will have a method for auditing the flows of the data and allows to to to secure the data in a way that doesn't depend on the one specific location, then you, you're able to enrich the ecosystem with the data flows, right. So what we are quite often repeating is that with this approach, what we are making is actually securing the data, not the location, which enables us a flow of the data across a multiple parties multiple jurisdictions and multiple entities in a secure and fantasy preserved way, because you can verify who is behind those information who to whom the data belongs who is the controller of those information. And not only that you can audit any interaction in any part of the ecosystem independently from any network or system provider to check that the information which you possess is possessing about the individual user is something which you actually got in the legal way, right. So this is what we mean about this data authentication. And this is why we need to have decentralized authentication mechanism. So what I can do with the decentralized authentication. So obviously the most prominent and most important aspect is to create some kind of identifier that I can represent myself in a digital space that I can use for any interactions with anybody. And when I say that I would like to have something like that, think about any entity, businesses, devices, IoT supply chain, any use case where you can think of it, where you need to identify something. And this boils down to this kind of conflict of understanding or maybe lack of understanding of the differences between authentication, authorization identification, and all those aspects because in many cases, what we care about is not to authenticate or not to authorize someone to perform a specific action. But what we want to know is all those three in the same time means that authenticate means let someone in, no matter what he is allowed to do inside the place where you let him in right authorization is to checking what kind of permission he have to actually perform within the location which was which he entered right. But what actually in many cases, what we mean is that we want to identify that person based on that who he is and not what he have it's really depends on the use case, because normally if you have a car. And using the car, the car doesn't care who you are as soon as you have a key, you're allowed to drive right, but if you're logging to the banking system. The bank doesn't care if you're the person who possess login and password know what they care about like who you really are, are you the person who actually is the owner of the account. So they are thinking in a form of identification, which is important to understand who you are and not if you have authorization or authentication to get in right. And this is something which is relatively hard in the digital space without a properly having linked data and banks actually nowadays using those techniques to for the risk management and analyzing for example different signals from the user who operates on the bank. And if you for example living in Germany, and suddenly your credit card is using Panama, they can raise an alarm and say that's probably not him. That's probably someone stole his credit card and trying to do some fancy stuff. So they're already going towards this identification but not from the perspective of identifying a person to let you in, or for the authentication and authorization mechanism, but basically reducing the risk of losing assets and operation of the service. But more and more we see companies actually leveraging the identification mechanism, including biometrics, behavioral data, a different aspects of your physical presence that they want to assure that you are really you. But this is one of the aspects of this decentralized authentication because obviously identity sets of the data, which we can combine together as identified and we can attach a credential to it we can leverage those credentials to a for different mechanism, but you can do that basically with any type of the data, not only identity related topics, you could do it for auditing, you could do it for tracking the changes of a certain data. For example, a document which change over time and you want to identify who changes and when. So even sourcing and so on and so forth. Because of this data provenance chain and so the cryptographic link objects, it allows you to build up a zero trust platform, which and zero trust I mean that you never trust you don't trust anybody always verify it you always check if actually this chain was not broken. And because of those cryptographical properties, you can assure that actually that's the case. And then you can use that for different verbal credential mechanism you can use it for the authorization mechanism you can use it for traceability and transparency for the certain data sets. You could use it for something which we call legitimize human meaningful identifiers, which is basically identifier, which do not have a security properties like email address which actually anybody can own, depending on who owns the domain. But we can do it in a way with this technology you can do it in a way that actually you can truly own that human meaningful identifier so a string, which normally is kind of scarcity of those identifiers, and you can actually prove that you're controlling that identifier in a in a given governance. So, obviously, we mentioned about that one of the challenge here is the key management solution, right so how to manage the keys and how the keys can be managed in a way that it's secure, because we know the history from the perspective of the PGP and and the system's Web of Web of trust and and and similar approaches where you could use those technology long time ago but each time when you lost the key you needed to actually distribute or start basically from scratch. So means that people are not equipped to deal with this kind of keys and actually there was no proper mechanism to to properly handle that. So, obviously, average person will not dive into the details of the technology how it works and what keys I need to have and where and stuff like that. Think about the simple example that nowadays if you are owner of a smartphone with biometrics fingerprint face recognition and stuff like that, you're really using such a system. So what it means is that you have a device, which obviously you as a human being you're not equipped to interact in a digital space. So you need to have something for that, right. So, from that perspective you have a hardware, which obviously cannot operate without the software so need to assure about that the hardware and the software is securely bind in a way that actually nobody can temper it means that someone cannot modify the hardware and run some malicious pieces on it and so on. So nowadays modern hardware is actually equipped with the technologies like trusted platform modules, secure enclave secure elements and and and and similar stuff, which basically what it is is a which is designed in a way that as soon as you put the key on it right, there is no physical possibility to extract that or steal that key from from that place right. And if you have a mobile device when you're unlocking your phone with the fingerprint. What you have is the secure binding between us a human being and the hardware which actually stores the keys for you. So you have a biometric link towards those security enclaves where actually helps you to store the key. And this allows you to link that securely with the human being, and then the software running on that hardware gives you the possibility to have the full stack connected. And then when you using that identifier within the digital space, you can actually use the private key securely stored on your device to sign the messages or verify information or encrypt the information if needed, right. But now we said that we need to somehow manage that in a way that actually user will not need to worry about that because obviously I can lose my device what's then do I lose my identity they are completely lost. Do I lose all my bitcoins assets and whatever is behind it. So that's, that's where it comes this concept of the trusted digital assistant. So the trusted digital assistant is basically you in the digital space. So, and this is not the app or a mobile device or anything like that is basically a set of the components, which could be run in the form of the agents, it could be run on your device on your laptop, different places, it's really depends on where you need that. And in many cases you will need to have a governance around that who helps you to manage that trusted digital assistant. So we're looking after these cases where for example banks can offer you this kind of infrastructure, securing your keys and allowing you to interact in a digital space that in case if something happens. You can go back to them and say hey guys I lost all my devices please recover it for me right and they can help you out. How they do it. Obviously they need to have a different checks and different methods to verify if you are really the person owning that trusted digital assistant. It could be through the biometrics, it could be through the environment signals. For example, behavioral data, or it could be even information about your closest ones or different proofs which you can collect from the ecosystem which you are living, proving that you're doing what you do. Right. And, and this is this basically allows you to create this ecosystems where the people don't need to deal with the technical complexity of that system, but they still have a trust within the organization which actually doing that for them. And they can get support from them, but then you will ask like, what's the point of decentralization if we have a D bank or the organization doing that for me. The difference here is that actually this system allows you to choose who you trust. It allows you to go to one bank and tell them sorry guys I don't trust you anymore I take it I move it somewhere else. I can move it to my government I can move it to my local doctor I can move it to my basement, whatever serves you without having any impact on your digital interactions and how you're operating that digital space. So you have a completely freedom to choose where this infrastructure will be provided to you, and by whom, and you can establish this trust within that organization which helps you to do it. This gives us possibility to actually create ecosystem, which is completely network agnostic, there is no platform, there is no blockchain there is no network there is no federated or decentralized ecosystem behind that is truly decentralized from the perspective that you can take your toys and move to another sandbox, as soon as you don't like the one which you started with. That's very important because many systems which we saw in the space of identity on our dedication system. They are assuming a certain boundaries of those identifiers and those digital interactions they're assuming a network they're assuming a specific blockchain or specific ecosystem and specific governance. And instead of trying to solve the problem on the protocol level, as it is suggested by Kerry, key event receipt infrastructure. They are trying to solve that problem on the higher layers and then always hitting a limitation different sorts. So, from that perspective, this is very important to understand. That what we mentioned at the beginning that the decentralization of that system is basically the increase of the sovereignty of the user who can decide where to go and where he wants to operate, even if his governance is compromise. Imagine that you are living in a country where I think good example is Afghanistan from the recent history, where everything was kind of fine, until the whole government was collapsed and the new government came in. And the people who actually were in charge of the of this new government, they didn't like a certain people, and they were actually knocking to the doors and killing those people because they have access to all the information, which was collected by the previous government, right. And, and obviously pushing that back to the to the to the extreme but, but this gives you the idea that you can't trust any government, and you need to protect yourself against those government, or the governance of that ecosystem as well. And in that case, what the governance does for you is to helping out you to manage the keys, but they do not have a control over that identifier or overdose keys, you have a mechanism to recovery, you can have you have a mechanism for the rotation you can basically switch the governance anytime and move somewhere else without much of the losses in the digital interactions which you're performing. Okay, Robert, thank you so much for for that, for the insights on this. Okay, so I didn't kind of started as I have obviously a few questions, maybe I can kick it off and then we'll see if anybody on on zoom or you to have some questions and then I can take them also. So, so for me, I mean I, I have two question one just on this authentication or kind of the key, the key principle right so I think the lens that I look at. Let me think of bad examples of because you know many of the programmers and so all of us are more familiar with how it was. Right. So, you know, largely we had you know past phrase or password linked authentications right and I think in the last decade we have moved to what you are calling or what I would call you know federated credentials or federated authentication right we trust someone. You know it could be Google Apple it could be some or provider, but it's basically I trust someone else and they provide me an authentication and maybe even some authorization on one beta has to be done. And as you mentioned, you know the PGP key kind of stuff public private key cryptography didn't really take off till now, which was just linked to our devices right so which is what you're calling trusted key. And the main challenge for that, as you articulated very nicely in your talk is how do I share this trusted key potential right so I need a sync fabric, where I can, I can move these keys from one platform to another. Right, and I think that's my question on how, how do you emphasize that happening so at the moment, you know, the examples that you shared on smartphones or, you know, on the web for example, the secure enclave and all that are tied to the device. And I think, at least the Apple Google and Microsoft to the world will create a sync fabric which will then tie those to your account. Right, but it's still tied to my account. I would still not be able to move them to let's say, a third party. Right. So, what I'm trying to understand is, is there a possible solution where I can actually say, these are all my keys, you know, created through all these devices or all these stuff that I've used. I want to go to, you know, one password or some other password, or some other authentication tool, or it could be my bank, or it could be, you know, whoever provides that service and say, Okay, transfer it because as you said, at every hierarchy in the cryptographic trust me trust something, you know, at the highest level so how do you and besides solve, how do you, what have you seen as kind of solutions that solve that problem. Right, so there is a complex answer for that, which is bear deep into cryptography and the technology which is behind that. But let's try, let me try to answer that in a high level, or high level enough that will not lose people. But touching on the important aspects of that and very, very important thing is within that, within understanding of those technologies to change the mindset about something which we know right now from the modern internet, to do somewhere to get something, right, and based on that from where you get it you trust it, right, versus much more content centric network, where I don't care from where I get it, I can verify that this is exactly what I'm looking for. For example, BitTorrent network works based on those principles. If I'm downloading a movie, I don't care from whom I'm downloading the piece of it. As soon as I can verify that this piece belongs to the movie which I'm looking for, right. This way, like if you keep that in mind and start thinking about, now we have identifier, right, mean the digital space, let's say a set of the strings which represent my digital identifier. So now what you are interested in is to find out what is the public key behind that, right, because you want to sign a message for me, right. So now you need to go somewhere to retrieve that public key, right. So let's assume right now there is a magical box on the internet where you go and ask what is the public key of this identifier, that you get that information. And on your own, you can verify that that's really true, means that this public key is cryptographically linked with this identifier, and it has not changed, that's the latest state of that key, right. So having that mechanism allows you to achieve that what we need to go somewhere, ask for something and verify it on your own. So now the question immediately arises, like, what is this something where I go to whom I go, right. And this is where the magic comes in. And a lot of people actually have a problem with that because it's changed a little bit way how we think about the internet that the location doesn't matter. What it matters is the content. So what the carry introduce is, there's a lot of layers but I will just speak about the one highest one which gives the picture how it works. You have a network of witnesses, which are basically a component software components which are runs by multiple entities, which observe the change of the key state, right. They are not alternative entities to tell you what is the real value behind the identifier so what is the real public key, what they their task is just to observe what is happening in the ecosystem. If you are changing the key state because you say that you would like to rotate your key means your public key will change right. So basically they keep a track of those staff and each of them is keeping track of other witnesses what they're doing and based on that the information propagate within the network, right. So that's like certificate transparency that runs for similar exactly similar concept as the certificate transparency and how the certificates are linked to each other who is issuing what who is revoking what and so on. Which is that because this network as we mentioned it at the beginning we care what it is not where it is. Right, doesn't matter how many people are which organization will participate in that ecosystem, because if one organization or two organization organization, sorry, if 99% of the organization will try to trick you and fake the information and provide you the misleading information, and only one will tell you through right, you'll be able to detect that something is wrong, something is not right because everyone should be telling the same thing because they are observing the reality and not that someone opinion or anything like that. Right. So, so I think it took us 20 years to get there for certificate transparency and we still have a lot of these certificate providers and then we have auditors auditing them as you know, as an infrastructure to see, and yes it's all compressed and all of that but, but we still needed that and that's for domains where there are millions of them, but still probably a smaller fraction than what you're in massaging in, in a decentralized data family, right, where every interaction can be an identifier, right, machine to machine IOT to IOT. So we're really looking at an explosion of this scope, and, and in terms of managing that so do you think that will ultimately again get verticalized in some way that we will have, you know, there is a supply chain data governance and you know there is, you know, like the barcode IDs now we have some certificate for, you know, logistical stuff, and then we have some certificate for ad tracking, or you know, you know, my identity on the web or my identity for payments. Right. So, again, are we looking at like this decentralized, but decentralized by different topics, because it does seem like this is going to be much bigger than what our current experience has been so far with managing the certificate transparency or key management. Right. So, first of all, maybe two things. First of all, maybe it's not obvious for everyone, but let's state that that basically the security properties of the network. We moved from securing everything to securing one thing, securing the private keys, right, because everything which is on top of that is a zero trust platform means that zero trust architecture which allows you to verify everything. So, now we move the problem to something which is way easier to solve, which is a discoverability and availability problem means that how you can provide this infrastructure to people, right. And obviously, there is a maybe not risk, but for sure there will be a tendency that will have maybe a network per country or a network. And this is wrong word. It's not a network. It's basically a set of the infrastructure. The same as you have the roads or rails within your country, right. That's the base infrastructure that everyone runs on. Right. And, and doesn't mean that if you buy a car that you are forced to drive only in German roads or in Indian roads, right, you can take your car and move somewhere else. And that's something which is worth to remember because if you have a government who is running this infrastructure for people, right. If they are starting misbehaving or doing something crazy stuff on not allowing people to interact, someone else will bootstrap his own infrastructure or components which allows the people to move. And naturally, to this open market, we'll see the evolution of that infrastructure, which provides people those basics to interact. And we see here that the main role will play organization like banks. Trust trustworthy organization like nonprofit organization we have plenty of them working in the digital space governments obviously different institutions like insurance and stuff like that. And those guys still have a benefit of running trust layer on the internet because they are benefiting not from the infrastructure but because there is no misuse of the data and and risk of losing the information because there was no secure communication between their customers or their participants. Okay, so Paul has shared a link for those who may be watching this later on key event receipt infrastructure, which is KRI added scary dot one, if you want to go and check out one implementation I guess of this or one, one way to think about this. So I think my second question is, is immutable data. Okay, and I fundamentally have one challenge with immutable data in the sense that it's immutable, and it's for their ever right like, you know, life is like in some way. There's a process and it goes away right but now we are in this process of recording everything and transitionally mapping it and mapping the delta to it and seeing what has changed over time and everything is immutable and forever. So there's two challenges that I feel in this regard. We want non immutable there, like, like say right to forget or you know maybe I, we did something that we want to remove from this chain, right, like from this database of stored events. So I want to remove all that stuff and I wanted to pass through all processing layers that will happen. How does that happen, or how do you think that wouldn't have happened. Right. Okay, go ahead then. Yeah, so, so, so there is no conflict with that and there is a simple reason for that. Immutable doesn't mean that you cannot remove it or you cannot hide it or you cannot do something with it. It's not a blockchain is not a network. Immutable means that if once present to me, I can be 100% sure that two years 10 years from now, if I will look again on those information it will be exactly the same that you cannot cheat me in a way that if you say something like this video, you said this question. If no one will watch it in the future. If no one will be able to modify that video to change your question to something else it will be exactly that thing. So what we care about is the mutability from the perspective of the liveness of that data that it didn't change is temper proof, right. If you want to remove it or take it out from the ecosystem is not a problem you just erase it right if if if you didn't share it publicly to anyone, like posting it on, you know, some social media and people took a copy of it and so on. It's really it's really depends on the use case which we are operating in, and it's only about integrity of the data and not the life mess how long they are visible on the network. Again, it's not a blockchain. It's not that someone keep track of every single interaction and data state, right, because my identity is independent from your identity. We don't need to have a global consensus on that, how we establish control over this identifier, right. So that's, that's important to keep in mind. So, so in some way, we're kind of thinking about this as, as a git hash, or I mean I'm just for the developers like you know I'm tagging, I'm signing a git hash, or a hash on the document. I can, or hash on the record, because record is the way you frame the events on a record and then if it's removed I can verify the provenance and authenticity of that record. And if later on, even if the, even if the keys are no longer used or somebody else has changed it. I just need the public key to authenticate it and that's enough for me to say this was the provenance at that time, even point of time, going back, like time travel back and it will verify even though the person like my key may have changed or I may have now be signing or an organization is signing the document with a different key. I don't need to keep track of all the original keys that are there. Exactly. Exactly. I mean, you know, you only need to keep track of the identifier, and then from the history of that identifier you can figure it out which key was used to sign that specific credential document or whatever. And if it's not valid at that time, it doesn't matter, because at the time when it was issue, it was valid and you can check with the time stamping authority mechanism that when actually that happened when this credential was issue, and then you can recover from that. I always give the example for people coming from a different field than the digital space. Imagine that you're signing a contract with your employee, right, you make a signature. And then you change your last name, because, you know, you get married, you move somewhere else, you change your identity, whatever. Does it mean that this contract is invalidated? No, it's not because it was you agreeing on the terms and conditions of that contract. The only problem is that how you will link the old signature with your new signature or with you still, right? Correct. And obviously in the real world is the court, you know, the law, all that stuff is in place in the digital space, we didn't have anything like that. And the carry actually introduced this audit log of the key states when was and how, and then you can trace it back according to the needs for verification or decryption or whatever else is needed. Okay, one last question rather because I think we're nearly at the end and I don't want to keep you beyond that. Are we only talking about a particular set of data that we would do this on? Or are we really thinking about fundamentally also, you know, rethinking our databases and architectures to support this right so are we talking like, can I make this work with my current SQL light or do I need a SQL light with key management and record management and all of that. So do I need to think differently about all of that and every infrastructure around has to have a trusted computing environment along with it to make this possible or decoding. So like what are the software or let's say the hardware and the software implications for this to be adopted at scale. So first of all, yes, you need to change the way how you think about the data. Secondly, no, you don't need to change your tooling databases or any infrastructure which you're using because of changing how you deal with the data, you can secure whatever you already have. So we have an example of where we running, you know, topics of supply chain, IoT systems where, you know, is just slightly change about how you identify a specific device how you verify the signatures how you establish a connection, how your data is secure and then where they go if they go to a SQL database time series database or, you know, power BI or any analytic tool, it doesn't matter because you can just add additional small bits about that this is the identifier of the provenance of the identifier of the semantic which was used where we capture it. So you're basically linking that mechanism, and you're operating on the hashes. So in many cases it boils down that you're adding just additional attribute to your database that this data record is linked with this identifier, how you calculate the hash of the data and see if it didn't change right if you need to verify it right. So there is mindset need to be changed, but the tooling and the technologies which we have, they are fitting perfectly into that what we have is just that we change the basis of the security within the digital space and then you need to bootstrap from there and then everything else will will fit nicely. So we have a question from you to let me just pose that as like the end question for you know I as you started to articulate this and you know maybe work with you know you said barracks or fintech or health and other sectors. Are there some kind of use cases or a case studies or applications where you where you've seen this or you might help companies moves to this or even government I think governments can also a really big audience so is there any pointers you would like to suggest for people to go and look for. Sure, I mean there's a couple of examples of real implementation of that as I mentioned iot supply chain, but one of the most most famous let's say and the most visible right now is the implementation in glyph for the VLEI. So for those who don't know glyph, glyph is a global legal entity identifier foundation established by FSB financial stability board to create identifiers for the company for the businesses and currently there is like. The importance of maybe even hundreds legal regulation forcing companies to operate under this umbrella, because they need to establish a trust, and now they are implementing exactly carry with ACDC so authentic chain data containers to issue something which is called VLEI verifiable legal entity identifier So basically what we just described is identifier that the company can establish control over and they can use it to link it with a different mechanism is like, you know, link it to X 509 and prove that this domain is not only have a valid certificate, but it's own actually by that company, right, and so on so there is a lot of consequences around that. And that's I think it's a very good example to look at if you're interested how this technologies actually use in real world. Excellent. Well, I think people can go to glif.org. And there is a policy based at a link, but they have another link there on verifiable legal entity yeah I think that's that sounds of moves it much further than in my head, you know which was mostly domain based and I think that our personal identity to also legal identity and, and I can see that how that can also move to, you know, government interactions and all of those things that mean right now that, well, thank you so much for for the lovely presentation, as well as kind of bearing with my questions around this topic. If you have more questions for Robert. I'm sure people hit you or reach you Twitter email. There's obviously human colossus foundation page but you know, they need to talk to you more. How can of course, so these ways to write me an email, which you can should see on the screen still. Yeah, I did meet with ski at human colossus or I'm a swollen bunch of slags and matrix element and you know different chats but yeah, I mean, the easiest way is the email and obviously based on my background I'm not very active in the social media because I'm not trying to kind of I did the fall by us to that I should have been defying that stuff and do it in a proper way. Yeah, yeah, LinkedIn you can find me there as well if you find by person last name but email is is okay.