Self-Sovereign Identity Glossary

Self-Sovereign Identity (SSI) is a digital identity management concept that enables individuals to have greater control and ownership over their personal data. It operates independently of third-party public or private actors and is based on decentralized technological architectures.

Let's explore key concepts that form a self-sovereign identity system in this post;

Decentralized Identifier (DID)

A Decentralized Identifier (DID) is a new type of identifier that is created, owned, and controlled by the individual or entity it represents. Unlike traditional identifiers, DIDs are not dependent on a centralized registry, authority, or intermediary.

Verifiable Credential (VC)

A Verifiable Credential (VC) is a digital statement made by an issuer about a subject, which can be cryptographically verified. It contains a set of claims about the subject, such as name, age, or qualifications, and is signed by the issuer to ensure its authenticity.

Verifiable Presentation (VP)

A Verifiable Presentation (VP) is a collection of one or more Verifiable Credentials (VCs) shared by a holder with a verifier. It allows the holder to present claims about themselves in a verifiable manner without revealing unnecessary information.

Holder

The entity that possesses and controls Verifiable Credentials (VCs). The holder can present these credentials to verifiers to prove certain attributes or claims about themselves.

Issuer

An entity that creates and issues Verifiable Credentials (VCs) to holders. The issuer signs the credentials to ensure their authenticity and makes the necessary information available for verification.

Verifier

An entity that requests and verifies the authenticity of Verifiable Presentations (VPs) from holders. The verifier checks the cryptographic proofs to ensure the credentials were issued by a trusted issuer and have not been tampered with.

Verifiable Data Registry

A Verifiable Data Registry is a system used to store the schema and key information related to Verifiable Credentials (VCs). It ensures that the data is immutable and can be accessed by verifiers to validate credentials.

Identity Wallet

A digital tool or application that stores and manages a holder's Verifiable Credentials (VCs). It allows the holder to present their credentials to verifiers securely.

Zero-Knowledge Proof (ZKP)

A Zero-Knowledge Proof (ZKP) is a cryptographic method that allows one party to prove to another that they know a value without revealing the value itself. This is used in SSI to prove attributes like age without disclosing the exact birthdate.

Distributed Ledger Technology (DLT)

Distributed Ledger Technology (DLT) is a digital system for recording the transaction of assets in which the transactions and their details are recorded in multiple places at the same time. Unlike traditional databases, distributed ledgers have no central data store or administration functionality.

Selective Disclosure

Selective Disclosure is a privacy-preserving technique that allows users to reveal only specific pieces of information from their credentials to verifiers, rather than sharing the entire credential. This ensures that only the necessary information is disclosed, enhancing privacy and security.

Trust Registry

A Trust Registry is a system or database that lists trusted issuers, verifiers, and other entities within a decentralized identity ecosystem. It helps participants in the ecosystem verify the authenticity and trustworthiness of credentials and entities.