5 SSI architecture: The big picture

 

Daniel Hardman

    The purpose of this chapter is to take the basic building blocks, usage scenarios, features, and benefits of SSI that we introduced in part 1 and place them into an overarching picture of SSI architecture. As we will keep repeating, SSI is young, and many facets are still evolving. Still, the basic layering has emerged, along with several of the key underpinning standards, so the main questions are about how these standards will be implemented and how much interoperability will depend on specific design choices. In this chapter, Daniel Hardman, former chief architect and CISO at Evernym, now principal ecosystem engineer at SICPA—and a contributor to most of the core standards and protocols discussed here—walks you through four layers of SSI architecture, the key components and technologies at each layer, and the critical design decisions facing architects and implementers throughout the stack. This chapter sets the stage for the rest of the chapters in part 2 that dive deeper into specific SSI technologies.

    5.1 The SSI stack

    5.2 Layer 1: Identifiers and public keys

    5.2.1 Blockchains as DID registries

    5.2.2 Adapting general-purpose public blockchains for SSI

    5.2.3 Special-purpose blockchains designed for SSI

    5.2.4 Conventional databases as DID registries

    5.2.5 Peer-to-peer protocols as DID registries

    5.3 Layer 2: Secure communication and interfaces

    5.3.1 Protocol design options

    5.3.2 Web-based protocol design using TLS

    5.3.3 Message-based protocol design using DIDComm

    5.3.4 Interface design options

    5.3.5 API-oriented interface design using wallet Dapps

    5.3.6 Data-oriented interface design using identity hubs (encrypted data vaults)

    5.3.7 Message-oriented interface design using agents