Understanding the concepts of decentralized identity requires knowledge of how blockchains work. This blog is not the definitive guide to blockchains nor is it a deep dive. We will only discuss some of the key attributes and features that make blockchains ideal for decentralized identity platforms.
What is a blockchain?
A blockchain is a series of blocks that form a chain. If you could imagine a chain link and we add a new link, this represents a block on a chain. Each additional link we add is dependent upon the next block that continues the chain. If we remove a link in the middle the entire chain falls apart.
Each one of these blocks contains a series of transactions. These transactions can be financial (payments, transfers), smart contract, or identity-based (DIDs, verifiable credentials). Transactions make up the block that gets added to the chain. This explanation is an incredibly simplified version of what is happening. Still, it is the basis of what we need to know to explore how decentralized identity functions.
So, where does this magical blockchain live? A blockchain is a distributed system, meaning there is not a single server somewhere with all the information. There are host machines worldwide that run the code that supports specific blockchains. Anyone can host a "server" or instance of a blockchain with the know-how. Typically, the hosts are incentivized by earning tokens (currency) supported by the specific blockchain (i.e., Bitcoin, ada).
Blockchains have different flavors of how blocks are validated. The most common consensus mechanisms are proof-of-work (PoW) and proof-of-stake (PoS). These consensus protocols determine how the blocks are validated. The people running instances of blockchains validate the blocks. In Bitcoin, it is called mining; for ada, it is called staking – for more information regarding mining and stake pools follow this link. When a consensus is reached among the individual instances that the information is authentic, the block gets confirmed and accepted as a valid block and added to the chain.
If this did not happen, anyone could spoof a transaction. Having validators confirm that each transaction and block is authentic helps prevent fraud and ensures the accuracy of the data.
Blockchains are transparent, which means they are auditable––by anyone. Nobody is required to have a special certification nor privileged position in government to perform an audit. Those familiar with blockchains will know this is a great thing––if anything questionable occurs, it is in the open for all to see.
For those unfamiliar with the technology, do not worry––no personal information is visible. Only pseudonymous data is associated with transactions when making financial transactions. These addresses consist of a string of random characters generated through cryptographic methods. So if I look up a transaction on the blockchain, I will not see any details about a specific person, just an address that identifies the transaction's sender and receiver. Every transaction is publicly available but what data is associated with it is not––this becomes key when discussing identity, governance (voting), smart contracts, NFTs, etc.
Imagine if we could vote on a blockchain, which is possible (see Catalyst). Individuals could vote on an issue that can not be changed once submitted. Any concern of tampering is gone. Adding identity to the voting process validates that only the applicable people are voting on specific matters––and how many times they vote can be controlled. These votes would be publicly viewable on the blockchain, providing complete transparency of the governance process.
We mentioned that data cannot get changed once written to the blockchain. In theory, it is possible to change a transaction in a block, but it is astronomically difficult, rendering it impossible. The importance of immutability is enormous. When we begin digging into verifiable credentials, a hash represents an issued credential. It can be revoked, or made invalid, but the hash still exists as a representation of the data initially gathered, meaning the document's history is still there. This will prove to be monumental for people without identity documents, especially refugees building an identity dossier to prove who they are.
Without getting too far off the blockchain path, it is possible to lose your credentials if you lose control of your wallet. It could be recovered but the credentials will not be recoverable when the wallet is restored with a seed phrase. The reason this is a complex problem is that the credentials themselves do not live on the blockchain––just the hash of the transaction. If a backup was created of the wallet, that could be used to reinstate the credentials prior to the loss. We will get deeper into this idea of wallets, recovery, and backups in a later section.
Blockchains are layer-1 solutions, and this is the case with Cardano. Atala PRISM, the decentralized identity solution from IOG, sits on top of Cardano as a layer-2 solution. This concept is important because identities built with Atala PRISM require the Cardano blockchain. Some things can occur cross-chain, but we will get more into that later in this series.