Hardcore Analysis: Key Factors and Specific Investment Directions for the Large-Scale Adoption of DID in the Future

Original Title *: * DID - Putting Control Back Into The Hands of Users

Author *: * Avant Blockchain Capital

Translation *: * Qianwen ， Chai nCatcher

In the modern digital age, various data constitute everyone's digital identity. A person's identity can be viewed as legal identity, social identity, online identity, etc. Essentially, these identities form a unique network of data points, often stored in a centralized manner, interconnected across devices, applications, and third-party services. This setup leaves individuals without the power to selectively share personal data, thereby increasing the potential risks of data breaches and cyber threats. Most importantly, individual users cannot control others' access to this data.

Web3 marks a significant advancement, inventing a new user-centric online marketplace. This digital vision is built on the principles of blockchain technology, capable of operating independently without any intermediary platform monopolizing user IDs, paving the way for a truly decentralized internet. In such a new framework, everyone can have complete ownership of their data.

The beauty of Web3 lies in its ability to empower users, allowing them to customize their profiles in a single account and securely store personal data. Imagine being able to use this account for all online activities, whether participating in social media networks or accessing cryptocurrency wallets. It can provide a seamless, user-oriented experience, which is exactly the future we anticipate.

Principles of DID

DID is a new method of digital identity recognition designed to provide a secure, decentralized, and verifiable way to prove an individual's online identity—it enables users to selectively disclose information, provide verifiable credentials, and simplify online interactions. The mechanism of decentralized identity relies on some form of decentralized storage to contain a user's decentralized identifier (DID)—it can be viewed as a vault of identity owned by the user. This vault can take the form of applications, browser extension wallets, or smart contracts, allowing users to forge decentralized identities and determine the level of access third-party service providers can have. In this model, users have exclusive ownership of the relevant public keys and private keys.

DID startups have developed various technologies to address the traditional issues of CIDs, but so far, no consensus has been reached. Some wallets have adopted alternative authentication methods, such as pairing users' credentials with real-world verification data (like biometrics) and securing them on the blockchain. When identity verification is needed in Web3, users can sign transactions on applications that support decentralized identity verification using their private keys or biometric data. Subsequently, service providers use the shared decentralized identity to find the corresponding unique DID on the blockchain. This user-centric innovation returns power to users, secures personal data, and enhances the digital experience.

DID is a unique identifier (URI) that enables entities to generate and control their identifiers in the digital world, possessing the following key attributes:

• No centralized identity registry
• Decentralized ledger or network (though not mandatory)
• A permanent identifier
• Verifiable through cryptography
• Links a DID subject to a DID document
• Interoperable if compliant with W3C standards

These are the classic features of DID (though there are other alternatives in the market).

DID as a Uniform Resource Identifier (URI) marks the association with transactions and DID. The "method" is the second part of the DID architecture. This involves a verifiable registry and execution protocols that specify how to look up a DID. This part includes many methods, primarily focusing on creating, reading, updating, and deleting procedures. The operation of DID methods is similar to how DNS addresses work in a computational environment. DID methods are typically associated with verifiable data registries, which unify DIDs, DID documents, and DID methods. The forms of verifiable data registries can vary, including trusted databases, decentralized databases, distributed ledgers, or government ID databases like DigiLocker.

In short, DID includes a unique identifier used to retrieve the DID document associated with the DID subject. This document is stored on one or more decentralized storage platforms, such as IPFS or STORJ. The workflow is as follows:

1. The DID subject decides to create a DID to share with others (including the document itself);
2. A timestamp is created;
3. Metadata related to delegation and authorization;
4. Validity is proven through encryption with a public key;
5. Using a DID service list;
6. Verifying the integrity of the document with a JSON-LD signature (off-chain proof, i.e., proof held in a JSON file or smart contract on-chain).

Here are the key differences between DNS and DID:

Key to DID Adoption

We believe that the adoption of DID will continue in the Web 3 world, but considering the usage challenges faced by users in many current solutions, end users may not necessarily adopt purely on-chain DID solutions. Generally, we believe that the adoption of DID will be determined by the following key factors:

SDK

DID systems typically come with an SDK that makes it easy for developers to incorporate identity systems for users. In the past, many DID systems lacked interoperability and developer-friendliness, hindering the adoption of these protocols. For example, the Lens protocol is a composable, decentralized social graph protocol that has developed the LensClient SDK, built with TypeScript, making interaction with the API easier. Systems that can develop intuitive and user-friendly SDKs will significantly achieve higher adoption rates.

Compliance and Regulation

Governments and regulatory bodies are increasingly recognizing the importance of digital identity, privacy, and security. For instance, the EU General Data Protection Regulation addresses the "right to erasure" or "right to be forgotten," allowing users to request companies to delete all traces of their data from their systems. As a result, companies will face significant costs to restructure their data management systems to comply with this requirement. If regulation continues in this direction, sovereign DID identification methods will be a key focus for companies, or they may face consequences for regulatory violations.

Artificial Intelligence

Artificial intelligence enables users to have customer experiences in terms of content and consumption. This data layer should be composable and open. With the advancement of deepfake technology and artificial intelligence, verifiable identities are becoming increasingly valuable. It is essential to efficiently establish the relationship between valid identities and content.

Demand for Interoperability

DID systems are designed with interoperability in mind from the outset, allowing seamless communication between different identity systems. The technology's ability to connect with various other systems will increase its value. Various forms of reputation systems will emerge to accommodate more seamless integration, leading to greater adoption in real life.

Some General Technology Directions Worth Investing In

Authentication

Authentication involves using cryptographic methods to verify ownership and control of a DID. This process typically relies on decentralized public key infrastructure (DPKI), without depending on centralized certificate authorities. Instead, DID owners generate their own public-private key pairs, enabling them to securely prove their identity and authenticate without relying on third parties. This approach enhances the security, privacy, and user autonomy of digital identity management.

Aliases and ID Aggregators

Aliases and ID aggregators are important components of the DID ecosystem. Aliases provide human-readable identifiers that can be associated with a DID, making it easier for users to manage and share their decentralized identities. These aliases can be linked to the DID while protecting privacy and remaining under the user's control. ID aggregators act as intermediaries that facilitate the discovery, exchange, and verification of identity data and credentials within the DID ecosystem. They can help users manage their various DIDs and related data across different environments and platforms. By using ID aggregators, users can maintain the privacy and security of their digital identities while simplifying their interactions with various online services and applications.

Proof of Personhood

Proof of personhood generally refers to verifying whether someone possesses uniqueness through cryptographic mechanisms, ensuring that the verified subject is a single, unique individual. This is often done to prevent Sybil attacks, where one entity creates multiple fake identities to gain more influence or manipulate the system. Proof of personhood does not necessarily require disclosing personal information but focuses on ensuring that each participant is a unique individual.

There are two types of proof of personhood projects:

• Federated identity projects: These solutions use fundamentally trusted third parties to issue valid identities. Current applications are more inclined to use existing identities rather than issuing new ones, so the market favors global federated identity projects.
• Emerging identity projects: Emerging identities come from existing data structures, such as social graphs or user behavior. Integrating existing credentials from actions taken or calculating the interconnectedness of users within social groups can yield emerging identities.

Two Types of Proof:

Off-chain proof: In this arrangement, proof is converted into a JSON file, stored off-chain (preferably on a decentralized cloud storage platform like IPFS or Swarm). However, the hash of the JSON file is stored on-chain and linked to the DID through the on-chain registry. The relevant DID can be the issuer or receiver of the proof.

On-chain proof: On-chain proof is stored in smart contracts on the Ethereum blockchain. The smart contract (acting as a registry) maps the proof to the corresponding on-chain decentralized identifier (public key).

Soulbound Tokens

Soulbound tokens are another solution that could be used as a new way to represent and manage a person's digital identity. Soulbound tokens should be unique and non-transferable, ensuring that each token is permanently associated with a specific personal identity. This will prevent tokens from being traded, sold, or stolen. Soulbound tokens should be designed to seamlessly integrate with existing DID infrastructure, including decentralized identifiers (DIDs), verifiable credentials, and decentralized key management systems. Soulbound tokens have the potential to represent various aspects of a person's identity, such as interests, achievements, or affiliations. This will allow users to personalize their digital identity representation, building meaning around their identity.

Alternatives to Wallets

In the SSI community, there are many known DID methods, but most require users to have a digital identity wallet that needs to store a seed (private key). Using a digital wallet can be cumbersome for newcomers, as they must install wallet software on their laptops or phones. An alternative is to reduce reliance on wallets and facilitate the transition from Web 2 to Web 3 through smart contracts and other means.

DID Issuance and Tools

DID issuance and tools refer to the processes and technologies used to create, manage, and use decentralized identifiers (DIDs). DID issuance involves generating unique, persistent, and verifiable identifiers that can be associated with individuals, organizations, or objects in a decentralized manner without relying on centralized authorities. Tools for DIDs include a range of software and hardware solutions that facilitate key management, authentication, and interaction with decentralized identity ecosystems. These tools can include wallets, SDKs, APIs, and libraries to simplify the integration of DIDs into applications and services. They enable users to securely manage their digital identities and interact with various Web3 platforms, bringing greater privacy, security, and user autonomy to the digital world.

Outlook

We believe that the adoption of DID will continue in the Web 3 world, and certain key technologies (as outlined below) present the most compelling opportunities. We focus on the following two technological aspects: 1) the ability to lower the barrier to initial use 2) the potential to become a core layer for verification service providers. Specifically, we have the following recommendations:

New Information Distribution Protocols

These tools can better define who we are through data analysis of DIDs. Sovereign identity systems, supported by new IDPs, can not only authenticate users but also allow users to control how, when, and where their data is used. In an increasingly complex digital ecosystem, the ability of different systems to work together (interoperability) is crucial. New IDPs that promote this interoperability may gain significant traction (e.g., RSS3, 0xScope).

On-chain Passports

Compared to other verification systems (such as traditional authentication methods), on-chain passports offer a more comprehensive, secure, and user-centric solution. Investing in this technology means investing in a solution that not only meets current security needs but also aligns with the direction of digital identity management. Verification service providers, such as Gitcoin pass and link3.to, are good examples.

Super IDs

We should look for "super IDs" in the DID world, which will encourage us to find integrators that are most widely recognized and adopted. For example, SpaceID, Dmail, ENS, Worldcoin.

Alternatives to Tools and Wallets

One of the main barriers to adopting DID methods remains the high usage threshold and the difficulty in connecting Web2 and Web3 users. Currently, there are only over 200 million Web3 users, while Instagram has over 2 billion users. Teams that build products that can simplify or bypass the entire wallet onboarding experience (seed phrases or KYC) will help drive further adoption of DID and Web 3.

Additionally, establishing complete open-source tools and interoperability standards, breaking down authentication, and rebuilding from first principles will lead to the emergence of new DID solutions. Tooling projects will facilitate the emergence of more DID solutions.

Decentralized digital identity, as a groundbreaking technology, has the potential to further drive the Web3 revolution. This innovation allows users to seamlessly navigate all their accounts without having to remember multiple usernames and passwords, while achieving greater security and data protection in the metaverse. At the same time, it enables businesses to offer personalized services to users while safeguarding their privacy. The adoption of this technology may come sooner than expected, as emerging startups and established companies have already integrated systems to oversee the verification, security, and management of identities and access rights.