August 10, 2020
TL;DR:
When it was first founded in September 2016, the mission of the Sovrin Foundation was captured in just three words: “Identity for All”. It was an extremely concise way of articulating the overall vision of “self-sovereign identity”—a category now so widely recognized it is called simply “SSI”.
But because the early efforts of the Sovrin Foundation were focused on the first foundational components needed for SSI—the Sovrin ledger (aka “blockchain”) and the Sovrin Governance Framework—it was easy to overlook that a purpose-built SSI ledger is only one component of SSI infrastructure. As SSI architecture matured, it became clear there are three more layers to the “stack”—and only by providing all four layers can we actually deliver “Identity for All”.
In the first half of this year, two evolutionary steps unfolded (ironically, neither had anything to do with the COVID-19 pandemic):
In this post we will explain what these two developments mean for the future of the Sovrin Foundation and the Sovrin community.
After the launch of the ToIP Foundation in the first week of May, information about the ToIP stack is now plentiful. If this topic is new to you, we recommend the ToIP white paper as an introduction. Here’s the standard picture of the four layers:
For the purposes of this article, the key takeaway is this: each layer requires a governance framework designed to meet the needs of a specific trust community at that layer. For example, a governance framework at Layer One can define what a trust community needs from a public utility network—such as the Sovrin public ledger (or other Hyperledger Indy-based ledgers, or the Ethereum blockchain, or any other verifiable data registry).
As you go up the stack, different types of governance frameworks address different needs at each layer. For example:
When the ToIP Foundation was announced, some were surprised to hear that it will not itself produce any governance frameworks—nor will it serve as a governance authority. The reason is that the role of the ToIP Foundation is only to define the standards, models, templates, and best practices necessary to achieve a globally interoperable digital trust infrastructure.
Once these “guardrails and guidelines” are defined, it is up to the market to drive real-world implementations. Specifically, this means:
To use an analogy, the ToIP Foundation is like the National Basketball Association (NBA). It defines the overall rules by which everyone agrees to play professional basketball, but it doesn’t actually field any teams or play any matches. Governance authorities are the “teams” that define their own governance frameworks as the “playbook” for the members of their trust community (the “players”)—as long as they stay within the overall interoperability rules defined by the ToIP stack.¹
From the standpoint of the ToIP stack, the Sovrin Foundation is a governance authority. Following our sports analogy, the Sovrin Foundation’s job is to field an operational “team” to define the governance framework needed by its trust community—the Sovrin community.
Who is the Sovrin community? In the Sovrin Glossary, it is defined as:²
…the set of all Identity Owners cooperating under the Sovrin Governance Framework.
The purpose of the Sovrin Governance Framework is:
…to provide a decentralized global public utility for self-sovereign identity that serves as the foundation for the Sovrin Network—a decentralized global web of trust interconnecting all Identity Owners and the Things they control.
In short, the Sovrin community is the totality of all people and organizations who want to enjoy the benefits of self-sovereign identity.
From this perspective, it is clear that “Identity for All” cannot be delivered by the Sovrin ledger alone. Although it is unquestionably a vital component—the Sovrin ledger is the first and largest SSI utility with over 70 Stewards and very close to 100% uptime—it still only addresses the requirements of the Sovrin community at ToIP Layer One.
To truly deliver “Identity for All’ we need to move all the way up the ToIP stack to Layer Four—to define how SSI should operate as an entire digital trust ecosystem.
That term is intentionally very broad, because a digital trust ecosystem can form around any set of requirements from any trust community. In just its first few months, the ToIP Ecosystem Foundry Working Group has already seen proposals for digital trust ecosystem projects in healthcare, education, financial services, travel, and government.
But “Identity for All” is a very special kind of digital trust ecosystem. It is very horizontal— encompassing every individual and organization in the world who wants to live by the principles of self-sovereign identity. It is an ecosystem that will contain many other ecosystems, all of whom want to share a consistent, actionable set of principles and policies for practicing SSI.
So when the second generation Sovrin Board of Trustees was elected on 17 July, their first directive to the Sovrin Governance Framework Working Group (SGFWG) was to begin developing a new governance framework for this specific ecosystem—the Sovrin Ecosystem Governance Framework.
The starting point for this work was the existing second-generation Sovrin Governance Framework (SGF V2). The product of three-and-a-half years of effort, the SGF V2 represents an amalgam of principles for SSI as a whole (Section 2 of the Master Document) together with 16 Controlled Documents aimed primarily at operational governance of the Sovrin ledger.
To begin the process of separating the current SGF V2 into two new governance frameworks—the Sovrin Utility Governance Framework (SUGF) and Sovrin Ecosystem Governance Framework (SEGF)—the SGFWG held its first “Doc-a-thon” on 29 July. Sixteen people from around the world (India, UK, Belgium, Italy, Germany, the Netherlands, Canada, USA) spent three hours focused on refining the purpose statements for the SEGF. Here is the wording they came up with:
The Sovrin Ecosystem enables Self Sovereign Identity (SSI) as a Universal Service for all.
The Sovrin Ecosystem Governance Framework (SEGF) defines the principles, policies, and accountabilities that govern the Sovrin Ecosystem.
The Sovrin Trust mark is a means of asserting an organization’s compliance with the SEGF.
The key focal point of discussion at the Doc-a-thon was the term Universal Service. The concept of SSI as a Universal Service was first brought to the SGFWG by Nicky Hickman (former co-chair of the Sovrin Guardianship Task Force, now a Sovrin Trustee). Nicky was deeply familiar with the term from her two decades of work with telcos around the world on digital identity, accessibility, and inclusion. As it says in the opening sentences of the Wikipedia article:
Universal service is an economic, legal and business term used mostly in regulated industries, referring to the practice of providing a baseline level of services to every resident of a country. An example of this concept is found in the US Telecommunications Act of 1996, whose goals are:
The thesis that Nicky brought to the Sovrin Foundation was that, as communications and commerce grows increasingly digital, digital identity is increasingly required to effectively operate and communicate online—so much so that governments and industries everywhere should commit to supporting SSI as a Universal Service for their citizens and customers.
The sixteen participants in the first Sovrin Doc-a-thon unanimously agreed that making SSI as a Universal Service the explicit purpose of the SEGF would give “Identity for All” the real teeth it needed to make a difference in our lives.
In the first Doc-a-thon we spent so much time discussing the purpose statements for the SEGF that we didn’t have much time left to move on to the principles that define what we want SSI to really stand for. While there is general agreement that the twelve Core Principles in Section 2 of the current SGF Master Document are a good start, there was a consensus that we need to visit each principle in much greater depth, asking:
We concluded a second Sovrin Doc-a-thon was needed in order to spend another three hours focused on these vital questions. We also agree we’d very much like to widen the contributors to the discussion. So we are extending an invitation to anyone interested in defining the future of SSI as a Universal Service— regardless of whether you are brand new to the Sovrin community or an old hand.
All that is required is a genuine interest in the topic and an ability to join a Zoom meeting (and don’t worry, you don’t have to join for the full three hours if you’re not able, and we will take a break at the midpoint of the meeting to give everyone a breather).
To maximize time zone coverage, the meeting will be held from 07:00-10:00 PT / 14:00-17:00 UTC on Wednesday 26 August. Click here to register at Eventbrite and receive a calendar invite to the meeting.
Also, we strongly recommend the following documents as pre-reading for the event: