The next time you enter the bar
Posted: Thu Jul 10, 2025 9:52 am
The idea is that web sites will verify you much as a bartender checks your ID before pouring a drink. The bar doesn’t store a copy of your card and the bartender doesn’t look at your name or address; only your age is pertinent to receive service. the bartender once again asks for proof of age, which you may or may not relinquish. That’s the promise of self-sovereign identity.
At the Decentralized Web Summit, questions and solutions were bounced around in the hopes of solving this fundamental problem. Developers spearheading the next web hashed out the criteria for decentralized identity, including:
secure: to prevent fraud, maintain whatsapp lead privacy, and ensure trust between all parties
self-sovereign: individual ownership of private information
consent: fine-tuned control over what information third-parties are privy to
directed identity: manage multiple identities for different contexts (for example, your doctor can access certain aspects while your insurance company accesses others)
and, of course, decentralized: no central authority or governing body holds private keys or generates identifiers
One problem with decentralized identity is that these problems often compete, pulling in polar directions.
For example, while security seems like a no-brainer, with self-sovereign identity the end-user is in control (and not Facebook, Google, or Twitter). It’s incumbent on them to secure their information. This raises questions of key management, data storage practices, and so on. Facebook, Google, and Twitter pay full-time engineers to do this job; handing that responsibility to end-users shifts the burden to someone who may not be so technically savvy. The inconvenience of key management and such also creates more hurdles for widespread adoption of the decentralized web.
At the Decentralized Web Summit, questions and solutions were bounced around in the hopes of solving this fundamental problem. Developers spearheading the next web hashed out the criteria for decentralized identity, including:
secure: to prevent fraud, maintain whatsapp lead privacy, and ensure trust between all parties
self-sovereign: individual ownership of private information
consent: fine-tuned control over what information third-parties are privy to
directed identity: manage multiple identities for different contexts (for example, your doctor can access certain aspects while your insurance company accesses others)
and, of course, decentralized: no central authority or governing body holds private keys or generates identifiers
One problem with decentralized identity is that these problems often compete, pulling in polar directions.
For example, while security seems like a no-brainer, with self-sovereign identity the end-user is in control (and not Facebook, Google, or Twitter). It’s incumbent on them to secure their information. This raises questions of key management, data storage practices, and so on. Facebook, Google, and Twitter pay full-time engineers to do this job; handing that responsibility to end-users shifts the burden to someone who may not be so technically savvy. The inconvenience of key management and such also creates more hurdles for widespread adoption of the decentralized web.