Gimly, a blockchain and decentralized identity company focusing on self-sovereign identity (SSI) and secure data exchange, built EOSIO.ID, an EOSIO framework for SSI that reduces the obscurity and data processing related to proof of credentials.
Today’s identification systems are heavily dependent on centralized systems that manage account permissions. For example, using a Google account to login to any number of connected websites provides greater accessibility, however it comes at the cost of general obscurity regarding how data containing personal identifiers is used. While Google may delete private user data after 18 months, before that happens the company harvests information about sites users visit, places they go, what they buy, and more.
As technology plays a more pivotal role in society, the same devices users have come to rely on now harbor the potential to provide corporate interests a pervasive window into the day to day lives of consumers. SSI frameworks allow users to shield that information, so they can selectively choose when, and by whom, it can be accessed.
For those that wish to build on SSI frameworks, there are guidelines for implementing Decentralized Identifiers (DIDs) that serve as the foundation for the protocol. DID Core is a set of specifications for DIDs and Verifiable Credentials (VCs) created by the Decentralized Identity Foundation. Founder of Gimly, Caspar Roelofs explains that with SSI, the ultimate goal is to achieve complete interoperability between any SSI solutions and providers. “DID core can be considered a standard for standards, ensuring that SSI solutions can work together even if they use different DIDs or verifiable credentials on different blockchains. By conforming to these standards we aimed to build EOSIO.ID in a way that it not only can be implemented with any EOSIO chain but that it will even be interoperable outside the EOSIO ecosystem. An EOSIO.ID based application should work with verifiable credentials and DIDs on WAX just as easily as the EOS Public Blockchain as well as Ethereum or Hyperledger Indy.”
Gimly designed EOSIO.ID to adhere to the DID core standard, and built a protocol to provide users a level of control over their personal identification data, while affording the same accessibility and portability present in today’s ID verification protocols.
A Decentralized Approach To Identification
The DID framework utilizes a standards-based approach to digital identity that works on top of decentralized registries.
When connected via cryptographic key-pair, often managed securely by biometric identification on a mobile device, an SSI based system offers a secure and modern alternative to central identity management systems. Rather than giving a centralized entity command over identification data, EOSIO.ID introduces a self-sovereign component to credentials that imparts both control and convenience to individual users.
EOSIO.ID minimizes data processing. For platforms that turn over data to users to manage, this means less red tape related to data compliance, as this personal information that may be subject to regulatory standards won’t be processed on their systems. It also means less exposure to potential attack vectors as users selectively process their ID verification data.
Caspar believes that this is why SSI will be such a central building block in Web3, both in the crypto industry and in enterprise spaces. “It converges the need for enterprises to minimize liability and compliance costs with the need of users to regain control over their data. The user is able to fully control who gains access to which data”.
A Community Driven Approach
Gimly’s journey to build EOSIO.ID also encompassed a good deal of community effort. “We wanted to ensure engagement and support from the EOSIO community when drafting these new specifications. We set up the EOSIO identity working group,” explains Caspar. “With our tech lead Jack Tanner leading the work, we opened up the process by inviting community members to join. We had OmniOne join, EuropeChain, EOS Nation, EOS Costa Rica and many other players joined in the process.”
To build EOSIO.ID, Gimly participated as a member of the Decentralized Identity Foundation and the W3C credentials community group (W3C-CCG), ultimately working to develop a new specification called Verifiable Conditions. This will be the final building block to allow the types of key structure permissions present on EOSIO-based systems to be expressed in a standard compliant way, and thereby ensure interoperability within the broader SSI ecosystem.
Gimly built Verifiable Conditions as a general purpose open standard, to be used by any blockchain featuring complex account management and key management structures. In addition to being compatible with EOSIO-based account structures it also works with Hyperledger Indy, Ripple, and BigchainDB. EOSIO.ID represents the first implementation of Verifiable Conditions to express EOSIO’s unique account permission structure.
Meet Caspar Roelofs
Caspar is the founder of Gimly Blockchain Projects, and is a product developer with expertise in blockchain technology and SSI. He has an academic background in science and technology studies, and experience in technology and innovation consulting.
From this background, Caspar found an interest in interoperability and innovation through building networks, partnerships and ecosystems. With Gimly, Caspar is a member of the European self-sovereign identity framework (eSSIf) ecosystem, the Decentralized Identity Foundation (DIF), and the W3C credentials community group (W3C-CCG).
Are You Building on EOSIO?
Our #BuiltOnEOSIO series showcases some of the amazing projects leveraging EOSIO technology to build a more secure and connected world. If you would like to suggest a project for us to feature please send an email to [email protected] for our Developer Relations team to review.
For more information on how EOS VC supports the EOSIO ecosystem through strategic investments and venture capital partnership funds, visit vc.eos.io.
– Block.one Developer Relations team
Important: All material is provided subject to this important notice and you must familiarize yourself with its terms. The notice contains important information, limitations and restrictions, relating to our software, publications, trademarks, third-party resources and forward-looking statements. By accessing any of our material, you accept and agree to the terms of the notice.
Send us a link to your project, for consideration in our voting slate. No confidential submissions will be accepted and, depending on how many submissions we receive, we can’t guarantee when or if we’ll get to review each submission.