SSI Fundamentals VII: Who do we trust?

This series has covered a lot of ground, often discussing trust and related issues. That's because trust is key to decentralized identity. Establishing even a baseline of trust in the real world can take a long time.

The problem

In the digital world, we expect to be able to trust an entity with minimal effort. Unfortunately, that is not a reality. In the age of deep fake videos, easily accessible photo and document editing tools, and quickly spread misinformation, it is becoming more and more difficult to trust anything in the digital realm.

Self-Sovereign Identity uses decentralized identifiers (DIDs) and verifiable credentials (VCs) as cryptographic proofs to address digital trust concerns. Over the past few years, the original trust model, the Trust triangle, has had several iterations to address this problem.

Trust triangle


This model has three key stakeholders: holder, issuer, and verifier. The holder and issuer have a relationship, and because of this, a credential was issued. The point of contention is between the verifier and the issuer. This model implies trust between them, but implicit trust is not secure. It relies on the "because I said so" method, a shallow standard for private information exchange.

Trust diamond


The next model builds upon the first and introduces a new player, a governance or trust framework. The terms governance and trust are interchangeable in this context. Before we get into the trust framework itself, the main issue is that the introduction of the trust framework helps establish a baseline of trust. However, the interaction between the verifier and the issuer has not changed - so we are still dependent on implicit trust.

Trust Framework

A trust framework (TF) is a body of members in a specific ecosystem that determines or governs standards, like credential schemas, and decides who can issue credentials. Decentralization purists may take some issue with this, understandably so. However, it is possible to manage a trust framework using a Decentralized Autonomous Organization (DAO). The second component is the word governance - in this specific context, a direct relationship with a government body is not necessary. Depending on the ecosystem and implementation, it may be, but it does not have to be.

In the world today, these frameworks exist but are probably called something else like boards or licensures. For example, the federal government does not determine who can practice medicine in the United States. This responsibility is delegated to each state’s medical boards of leading experts that define the requirements and who can issue the licenses.

A protocol must be available to trust and authenticate the holder, and the issuer must have proper authority to issue a specific type of credential. It should be clear that not all ecosystems will require a trust framework. It will depend on the use cases within that ecosystem.

In cases where a high degree of confidence is required, like government ID, passports, healthcare, certain professions, etc., some mechanism to verify that the issuer has proper authority is needed.
In this example, students in Zambia applying for university in the United Kingdom are possible through the verifiable trust established via the trust frameworks. In this example, each country would be responsible for its trust framework and participate in a global network of trust frameworks and verifiable trust registries.

Trust Registry

A trust registry is a mechanism where a trusted source can be authenticated. The trust framework establishes the registry and maintains a list of the approved credential issuers. This registry provides an authenticatable way for a verifier to validate an issuer. To return to our student question, if the UK school is aware of the trust registry of schools in Zambia, then the university can verify the student's academic record credentials.

Trust registries will need updating to remove and add sources as required. The trust framework sets the qualifications to become part of the registry, as we described above. This registry is the source of truth for specific kinds of credentials and will need to be accessible to other industries and entities.

Extended trust diamond


The extended trust diamond is the last and final iteration of the trust model. As you can see, this takes all the concepts we have discussed and wraps them into a complete package. In this model, we are no longer dependent upon implicit trust but have an established and verifiable source of trust. This solution provides a protocol for a verifier to authenticate the issuer as a trusted source via the trust registry established by the trust framework. The circle of trust is now set and verifiable.

Wrap up

Digital trust is a heavy and complex subject. It requires a shift in our thinking about how we trust information today. These mechanisms exist all around us, but we do not think about "how it works" until we examine a new method or protocol that comes along. Eventually, there may be other methods to explore once digital identity has been in use for some time and trustworthy parties have a history. Without getting too far off the trail, this introduces new problems, like unfairness in new players in an ecosystem with "lower" trust established than others. The takeaway from this is that trust is complicated. It requires confidence in entities we may be unfamiliar with and the claims about themselves or others we rely on.

In the final post in this series, we will discuss how these concepts and principles come together with decentralized identity in practice. See you there.