Centre Blog

Verite: A Technical Deep Dive with Kim Hamilton, Director of Identity & Standards

CENTRE Consortium
CENTRE Consortium
Follow

Mar 10, 2022 11:51:28 AM

 

Visions and Values

Following the launch of Verite, we’ve received a strong showing of support from all corners of the crypto community and beyond. We’re encouraged to hear validation that Verite’s approach is aligned with crypto’s foundational ethos, supporting an open ecosystem by designing standards, governance, and interoperability into the ground floor of an open protocol. 

Increasingly, we are seeing a range of circumstances in which identity-related attestations could be valuable to crypto and DeFi, such as:

  • Enabling individuals to interact more easily and confidently with crypto and DeFi by reducing friction, risk, theft, and fraud
  • Enabling better financial offerings for individuals, for example, by lowering collateral requirements
  • Increasing participation in DeFi by financial institutions bound by regulatory requirements around customer identity

Proposed solutions have started to appear, yet many introduce their own privacy risks and raise concerns around re-centralization and the establishment of lockin or “toll roads”. 

To avoid these risks, many have become increasingly aware of “decentralized identity”, which refers to standards and principles for making sensitive identity data portable, secure, and trustworthy in trustless contexts. Decentralized identity creates mechanisms for real-world evidence to be directly controlled and even custodied by individuals, without forcing them to rely on off-chain authorities, and without compromising the contextual privacy of their on-chain pseudonyms. These approaches are highly aligned with the values and needs of the crypto ecosystem, while introducing innovative new capabilities for binding on-chain identifiers and off-chain data. 

Decentralized identity primitives and tools compose into whole new capabilities for verification/identity systems, which include: 

  • Bringing sensitive data off-chain without losing any of the verifiability and tamper-proofing of “on-chain data”
  • Novel anti-correlation measures
  • Minimizing the data leakage and risk inherent in putting identity claims on-chain
  • New forms of identity and account recovery

What Verite Is and What Verite Does

Verite is a decentralized identity framework demonstrating end-to-end, ecosystem-scale crypto and DeFi prototypes. With Verite, our focus is iteratively building open protocols rather than a product or a platform. 

Verite is based on open-source building blocks that are developed collaboratively at international standards organizations:

  • Claims about data subjects are signed in a tamper-proof, portable format called a “Verifiable Credential” that can be readily adapted to web3 cryptographic systems (W3C) 
  • Data subjects can be identified in a similarly portable way using a chain-agnostic identity format called a Decentralized Identifier, or “DID” (W3C)
  • The “Presentation Exchange” data model enables protocols to exchange these data objects and verify custody of them across dApps, wallets, and browsers (DIF)
  • The related “Credential Manifest” data model gives ecosystem participants a way to publicize their APIs and capabilities to the market in a way favoring decentralized discovery (DIF)

Developing with Open Standards

We developed Verite closely with the decentralized identity standards community, advancing the maturity of specifications focused on self-custodied wallet use cases and supporting credential issuance and exchange. The specific goals of that work were to:

  • document interoperability targets
  • optimize for cross-context portability, 
  • roadmap progressively more sophisticated privacy mechanisms, and 
  • maximize control for credential holders across many different kinds of wallets

Additional factors in our implementation choices, such as deciding which software libraries to use, included:

  • Avoiding technological or data-format lock-in
  • Long-view considerations about emerging Zero-Knowledge technologies and other advances in cybersecurity and privacy technology from outside the crypto space
  • Vendor-independence and decentralization at the business layer

Our developer documentation goes into more detail on these goals, but it is worth noting that these values influenced, for example, our choice of DID “methods” to include in the initial release of Verite. We established criteria includings A.) free or inexpensive access for end-users, B.) governed by open standards, C.) Not requiring use of a permissioned blockchain, D.) multiple language/library support. This isn’t meant to be exclusive or definitive, however – the choice of DID method is flexible and is entirely open to each implementer. We anticipate continuing to add support for DID methods that fit these criteria – including did:pkh, did:ion, and more. Further, our guidance will evolve along with the technological community and the business ecosystem’s requirements both continue to evolve 

Centre’s Role and Ecosystem Governance

Centre has earned a solid reputation as an independent standards-setting body at the intersection of financial services and web3, so it was a natural choice to steward and promote those same principles in the design and elaboration of the Verite standard. Fiat-backed stablecoins are shaping up to take a central role in the regulatory conversation around cryptocurrencies, and we saw Verite as an orthogonal but highly relevant opportunity for co-developing public goods for the benefit of the whole industry. Identity mechanisms need to be standardized and impartial if they are going to safeguard the rights and privacy of individuals, which is why Centre was the right venue for bootstrapping this open standard.

We believe the intersection of USDC as a payment rail and Verite as an identity rail has deep potential for innovation, far beyond the crypto/DeFi use cases we targeted for our initial build-out. Verite is already poised to improve individuals' ability to control and manage their own data through wallets, and to give developers and platforms a standardized way of keeping the end-user “in the loop” when their data needs to be shared for regulatory purposes or for everyday business needs.  

Empowering easier access to crypto and associated economic opportunities for individuals and communities around the world is a core part of Centre’s mission, and we are confident that as decentralized identity goes more mainstream, Verite will be an important pillar of Centre’s approach, putting individuals in direct control not just of their assets, but of their online identity and reputation as well.

Ecosystem and Use Cases First

Verite was designed from the ground up with ecosystem in mind. We started with a focused collection of companies representing various roles in the crypto ecosystem — from companies including exchanges, chains, wallets, and more This enabled a tight focus on relevant use cases to ensure fitness for purpose. 

The use cases we’re excited to see Verite applied to first are front-of-mind for many in crypto, DeFi, and web3, and we’re eager to engage with different communities on them. The common thread across them all isn’t just identity, but rather, common rails for identity: each is difficult to take to the next level without harmonizing practices across competitors and communities. These could be summarized at a high level as:

  1. Keeping the personal data disclosed for KYC/auditing process, as well as the audience and the “audit trail”, to the minimum possible with today’s technology
  2. Interoperability and common data formats between “permissioned pool” systems, creating audit trails and high levels of assurance, but making them trustless, vendor-neutral, and portable for maximum decentralization. 
  3. Fraud and liability rails, tax reporting, licensing, and other identity-centric capabilities for NFT markets

The patterns, data schemata, and architectures we’ve designed and documented so far incorporate wide research and deep expertise from our partners, balancing privacy, compliance, and fitness for purpose. They are, however, only a starting point, and we look forward to evolving a governance culture around them that allows them to be iterated and expanded as the ecosystem we’re building takes root and gains traction. 

If you’ve read this far and you think this sounds like an ecosystem your business or community might benefit from, dive into the documentation and comment in our github issues or discussions (Discord to follow soon). You can also reach out to verite@centre.io for general and business development inquiries and verite-dev@centre.io for technical questions.