Cordentity is an identity Corda application (CorDapp) that brings Self Sovereign Identity (SSI) capabilities to other CorDapps. In other words, Cordentity = Corda + Identity.
We developed Cordentity to take advantage of SSI capabilities enabled by Hyperledger Indy. As there’s no official definition of Self Sovereign Identity, it’s important to clarify that Hyperledger Indy is based on two important concepts: DIDs (Decentralized Identifiers) and ABCs (Attribute Based Credentials aka Verifiable Claims).
Self Sovereign, in this context, means that the Credentials (digitally signed Claims, or set of attributes) are stored directly by identity owner and only shared on a need-to-know basis. These credentials are cryptographically signed by well known entities (e.g. Passport Office, Hospital, University, Bank, etc) who are authoritative actors in their domain. This way we can combine existing authorities and “trusted sources” (that have public DID’s) with a very flexible, scalable and secure way to share information.
One can use this powerful combination of technologies to solve many challenges related to digital identity management and verification of credentials in a privacy-preserving way. This approach is also GDPR compliant and enables many applications that have to deal with Personally Identifiable Information (PII) that otherwise would be very difficult to implement.
In fact, if we look at the many use-cases being implemented by the blockchain community, most of them deal with identity and credentialing. Of course, at a very basic level, public/private key combinations that are used to sign and verify transactions define identity, or at least “ownership” of a digital asset. However, as soon as we try to add additional attributes — age, nationality, banking relationship, insurance information and so on, the need arises for a solution that will give us a privacy preserving and scalable way to handle this sensitive data. Storing this data on immutable ledgers is not a viable option.
In other words, to realise the full power of decentralization technology and smart contracts we should combine the functionality of SSI and Verifiable Claims with DLT and blockchain based systems.