Trust Registries And Your Digital Wallet
In order to trust the various credentials that are stored in a digital wallet, it is essential to be able to know that the Issuer of the credential is trustworthy. The Issuer is responsible for creating every credential, so understanding how their authority has been established is crucial. Otherwise, a crafty teenager will create a DMV that issues driver’s licences that “look real” (i.e. the credentials validate cryptographically and have data that make sense). They may even create a fake website that fools folks. But with the concept of a Trust Registry, their efforts would fail.
We’ll get to a more detailed description of a Trust Registry. However, in this case, all that a law enforcement officer’s Digital Wallet needs to know is the list of official DIDs from each province/state/federal authority that it recognizes. A concise list that doesn’t change.
To get lists of the Issuers (e.g. the actual DMV), a Wallet will need to be aware of the concept of Trust Registries (aka Trust Hubs).
The concept behind a Trust Registry is that a Wallet needs to know which decentralized identifiers (DIDs) to “trust” as a source of truth. At many levels, this “trust” translates to “authority” – knowing that somebody, centralized or decentralized, is responsible for maintaining a list of trusted DIDs.
A Wallet will need to know which Registries are to be trusted. Over time the community will need to have Trust Registries that are anchored by various means:
Legislative Authority. Many Vital Statistics and other government Issuers. They are authoritative due to their legislative authority. Examples of these include issuers of:
- driver licences, hunting permits, building permits, passports, etc.
Community Authority. Some communities, associations, etc. that exist through either a formal (similar to legislative) or de facto authority will create Trust Hubs. Examples include:
- registry of licenced doctors, banks and credit unions, industry associations, local business improvement areas/chambers of commerce, etc.
Informal Authority. A Trust Hub should be able to exist without formal authority. We can imagine consolidated reputations (e.g. Uber & Lyft combined; Yelp and TripAdvisor) that allow someone to aggregate reputation across platforms. It likely derives its power from the larger community that “lends” its reputation.
Trust Web. A Wallet’s Owner(s) needs to know that their Wallet is using the correct list of Trusted Issuers. Therefore, a Wallet needs to be able to “explain” how it created the levels of Trust and what anchored these trust levels. We can imagine the following chain of actions when we, as a homeowner, receive a bid folder from a renovation contractor:
- We check our contractor’s business licence by confirming with the province/state corporate registry.
- To verify that a given insurance certificate is valid, we check it against a list of insurance companies maintained in a trust registry. This list, anchored to various province/state/federal registries, acts as the “source of truth” for insurance company establishment.
- We verify the training status of all employees upon arrival to ensure they possess the necessary certificates and training for their respective roles.
- We check the city to ensure our contractor is licensed to operate. The municipality maintains a trust registry of businesses. We back-check the city licence bureau against their master list of Issuer DIDs. The city has a master DID that signed said registry and points back to its legislative source of authority and the master list of municipalities for that jurisdiction.
To summarize, that sounds like a lot of work, doesn’t it? Here’s the thing, we don’t have to do it on our own. Our Agent (see this article that has some ideas of types of Agents) can do it all for us. If everything is good, we see a nice green checkbox. Likewise, if there are problems, our Agent lets us know.