Compilation: Baize Research Institute

Daniel Buchner joined Mozilla in 2012 to research decentralized applications and shifted to the decentralized identity space during his five years at Microsoft, where he was a senior product manager for Microsoft's decentralized identity system, ION. He is currently managing decentralized identity technology at Square. Daniel has also been a strong advocate for decentralized identity systems. The views in this article are derived from a video dialogue featuring Daniel Buchner.

What is Decentralized Identity?

Identity (ID) is an all-encompassing concept. Your identity defines everything about you. It includes all your communications, thoughts, beliefs, writings, and the data you leave behind while using applications. Anything related to you is part of your "fingerprint" in the digital world. Your identity is singular and unique.

When presenting yourself to others online, you may have multiple roles: you can be very public, such as displaying more information in your Twitter profile; or you can have very private information that doesn't reveal too much of your privacy.

In short, identity represents the individual. Roles are just a small part of that identity, which can be presented to different people.

The difference between centralized identity and decentralized identity is that your centralized identity is typically owned by a company. Clearly, we see today on social platforms that you have a public identifier (account, nickname, etc.), which is how others recognize you. The problem is that your data is stored within a company, whether it's Facebook or another company, and your identifier can likely be severed. You don't truly own your public identity. Even owning a private or semi-private identity is very difficult.

This is a problem. Companies providing decentralized identity solutions address these issues through several key criteria: while facing opposition from other companies, they have standardized the concept of "decentralization"; another is the storage of personal data. Essentially, it's like a username or a Twitter account, which is unique and does not rely on any third-party company.

Is Decentralized Identity Important?

Some readers may think that decentralized identity is not something they need to consider, but it is indeed very important.

First, according to the World Bank, over 1 billion people worldwide cannot prove their identity, and decentralized identity systems can provide people with a trustless identity.

Next, in my decentralized identity, I can obtain a certificate stating, "I worked at Microsoft for five years, from 201x to 201y."

Finally, when you look back at the entire history of the internet, some large companies, like Google, Facebook, and Amazon, entered early and became the center of the internet "universe." Now we have reached a point where we need protocols to create decentralized identities, using decentralized identity to escape the "prisons" they have built.

Now almost every company can say, "I don't want to do business with these IDs." But please don't underestimate them, as they have corporate standards and their own policies.

If we had a decentralized identity system, suppose you used it as an identifier in Twitter, just like you use your Twitter account, you could publish messages directly from your personal data storage. No one could say your identity doesn't exist, or that the messages you published don't exist.

Decentralized identity makes all of this better, allowing you to choose any application you want. And applications can provide you with any service, with no restrictions on any ID, and will not adhere to any "blacklist."

How Are Microsoft and Square Doing in Decentralized Identity?

Currently, almost 95% of the top 10,000 companies (including Microsoft) are using Azure Active Directory, a set of account and access management systems developed by Microsoft, but it does not truly involve identity. I expect Microsoft to officially launch a decentralized identity system sometime next year. For Microsoft, this is a multi-billion dollar business.

Microsoft is a significant player, especially in the identity verification industry. I think this is a good time because they are moving toward success in the decentralized identity space. I have done a lot of technical architecture for them.

Now, Microsoft is using the ION system. ION is a second-layer protocol built on the Bitcoin blockchain for decentralized identity running on Bitcoin, and it is completely decentralized. Some may think it is centralized, but it is actually developed within the Decentralized Identity Foundation, with Microsoft being a major contributor. It does not rely on Microsoft's servers; in a sense, if Microsoft stopped its servers, the ION network would not disappear. As far as I know, they are still running today.

After joining Square, I became even more interested in the decentralized identity space, and I am trying to build something new that differs from Microsoft's perspective. Clearly, Square, as a Bitcoin-first company, is at the forefront of this field. But today is actually my second day at Square. They will release some content later this month, and I really can't share too much right now.

A Deep Dive into Microsoft ION

ION is a decentralized identity solution. It is a second-layer protocol built on the Bitcoin blockchain, open and without any central authority or trusted authority. It is not a separate blockchain or some kind of tethered system.

Technically, it acts like a blockchain that maintains a consistent final state. It utilizes the method of embedding data in Bitcoin transactions to provide a global state of decentralized identity on a second-layer network. Suppose Alice wants to create an identity; she would use some kind of wallet to generate an ID, while also generating a private key associated with that ID. The system would place her data in an encrypted file and then use an IPFS hash on the Bitcoin blockchain, rather than listing personal data directly on the blockchain. All ION nodes focus on these encoded Bitcoin transactions, and they "catch" these encrypted files and process them, ultimately achieving consensus on the state of the ID across the entire network.

You can create multiple identities. Suppose your phone is lost, and you get a new one; you can recreate your identity. So another question arises: if Alice created 10 identities over 10 years, how do we determine which identity is her new one? Which identities might have been stolen for fraud? In fact, the Bitcoin blockchain acts like a large clock that can order things sequentially. This greatly aids the construction of ION, as it correctly orders things, ensuring that old identities never precede new ones.

If you are already running a Bitcoin node, it will be easy for you to run an ION node. I currently have a node running plan that is three-quarters complete, and you can run it directly in your wallet. If you transfer your wallet to your phone, then the mobile wallet can also run a node, and the standards will be much lower.

Clearly, we need to develop the community, and we need to take the adoption of decentralized identity systems seriously. Decentralized identity is still in its early stages.

Envisioning Applications of Decentralized Identity

Let's take a music application as an example. I have a separate music application on my laptop that is not linked to the music application on my phone. I have my own playlists and preferred music set in the music application. I want to listen to music similar to what I have set, but my music preferences do not change based on the application I use. This is frustrating because every time I switch music applications, I have to spend time and effort recreating my playlists.

With decentralized identity, the system can store your music playlists and personal preferences in personal data. This way, even if you switch to another music application, your playlists will appear in the new program. It will be seamless, eliminating the need for you to redo things and wasting time.

Tim Berners-Lee published an article in Scientific American in May 2001 about the "Semantic Web." The story he described was about a pair of siblings whose mother had an accident, and they began using the "Semantic Web" to solve everything they wanted to do, and everything would happen automatically for them. It really sounds like science fiction. Ironically, in my view, all of this is possible, and the only missing link is the decentralized identity system.

The decentralized identity system acts as a connection point. You can imagine that a doctor's office would have its own identity center, health insurance companies would have their identity centers, and these centers would all be built on a decentralized identity system. When you talk to a digital doctor and express your needs, hundreds of information exchanges will occur in the background immediately, achieving interoperability of identity information across different platforms.