- From: <meetings@w3c-ccg.org>
- Date: Tue, 12 Aug 2025 15:12:18 -0700
- To: public-credentials@w3.org
- Message-ID: <CA+ChqYeCANYyHveJ6JrHnTuEj1NnFEOAjBCS8340NSdanSgH5g@mail.gmail.com>
CCG Weekly Meeting Summary - 2025/08/12
*Topics Covered:*
- *Administrative Matters:* Code of ethics, intellectual property
rights, meeting recording and transcription.
- *Announcements and Reminders:* Cancelled incubation/promotion call,
Verifiable Credential WG meeting, Verifiable Credential API call, Data
Integrity call update (new meeting URL). Doodle poll for organizing talks
in the Asia-Pacific timezone. Discussion of Data Integrity proposal (BIP
340).
- *First Person Project Update:* This was the main focus of the meeting.
Drummond Reed presented an update, focusing on:
- *Universal Privacy-Preserving Proof of Personhood:* The project
aims to achieve this without a global biometric database, using a
decentralized trust graph. This was contrasted with Worldcoin's approach.
- *Decentralized Trust Graph:* This is the core of the project,
requiring two types of verifiable credentials (VCs): Personal Credentials
and Verifiable Relationship Credentials (VRCs).
- *Personal Credentials:* These act as anchors for individuals in the
decentralized trust graph, with requirements of one credential per person
and unlinkable pseudonymity. The importance of PHC issuers and digital
trust ecosystems was discussed.
- *Verifiable Relationship Credentials (VRCs):* These attest to
relationships between individuals, enabling pairwise private DIDs and
personal private channels. The process of establishing VRCs between Alice
and Bob was explained, including the use of QR codes for
connection and the
generation of DID documents. The concept of persona management was
introduced as a key feature, enabling privacy-preserving personas across
different contexts.
- *DID SKID:* A specific type of DID (location-independent,
self-certifying identifiers) was highlighted as well-suited for
the project.
- *Verifiable Relationship Trust Triangle:* This concept ensures the
integrity of VRCs by anchoring them to personal credentials, preventing
attacks.
- *Linux Foundation Collaboration:* The Linux Foundation is a key
partner due to concerns around malware injection and bot contributions to
open source projects.
- *Decentralized Trust Working Group:* A new working group launching
in September to standardize aspects of the decentralized trust graph.
*Key Points:*
- The First Person Project aims for universal and privacy-preserving
proof of personhood using a decentralized trust graph, contrasting with
centralized approaches.
- Personal Credentials (PHCs) and Verifiable Relationship Credentials
(VRCs) are key components of this decentralized trust graph.
- Persona management with privacy-preserving DIDs is a crucial aspect of
the system.
- The Linux Foundation is a primary collaborator due to its interest in
addressing trust and identity issues in open-source projects.
- A new Decentralized Trust Working Group will focus on standardizing
components of the decentralized trust graph.
- Key challenges discussed include the prevention of civil attacks and
the challenge of one-to-one mapping in Personal Credential issuance without
centralization.
Text: https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-weekly-2025-08-12.md
Video: https://meet.w3c-ccg.org/archives/w3c-ccg-ccg-weekly-2025-08-12.mp4
*CCG Weekly - 2025/08/12 11:57 EDT - Transcript* *Attendees*
Adrian Ludwig, Alan Karp, Alex Higuera, Andor Kesselman, Ariel Gentile,
Benjamin Young, Brent Zundel, Carly, Carly Huitema, Drummond Reed, Erica
Connell, Gabe Cohen, Geun-Hyung Kim, Greg Bernstein, Gregory Natran,
Harrison Tang, Hiroyuki Sano, James Chartrand, JeffO - HumanOS, Jennie
Meier, Joe Andrieu, Jonathan Bryce, Jorge Flores, Kaliya Identity Woman,
Kayode Ezike, Manu Sporny, Michel Plante, Michel's Fathom Notetaker, Parth
Bhatt, Phillip Long, Rob Padula, Tawanda Mahere, Ted Thibodeau Jr, Vanessa
Xu, Venu Tech, wendy seltzer, Will Abramson, Will Kreth
*Transcript*
Harrison Tang: Are you drawing?
Drummond Reed: Hey, I glad I could make it.
Drummond Reed: I'm going to warn you right up front. I do have a cold and I
picked it up on my last trip to the Bay Area and San and LA. So, I'm going
to while we're waiting, go grab a glass of water because I'm certain I'll
need it. all right.
Harrison Tang: Sounds good. Yeah, you sound fine. Yeah, but Yeah,…
Drummond Reed:
Drummond Reed: Have a little gra.
Harrison Tang: sounds good.
Drummond Reed: Let me grab the glass of water.
Harrison Tang: Sounds good.
Alan Karp: People always blame the Bay Area for their troubles.
Harrison Tang: Is that a new thing?
Alan Karp: Not, since Google became evil.
Harrison Tang: So the 2000s is the Wall Street and now it's the Silicon
Valley. Is that…
Alan Karp: Yeah. Yep. Absolutely.
Harrison Tang: what it is? Yeah. So we should have a movie like Wolf of
Silicon Valley…
Ted Thibodeau Jr: Everybody knows that's…
Ted Thibodeau Jr: where CO 19 started.
Harrison Tang: where Silicon Valley is the new Wall Street or something,
right? So Yep.
Alan Karp: And it'll have to have something to do with AI, of course.
Harrison Tang: Yep. That's what everyone talks about. there's a summit
talking about Google and AI and c There's a summit this week at Google on
the zero knowledge proof and AI and web3 identities this week. So I'm
actually working on getting someone to present the takeaways in the coming
weeks.
Drummond Reed: I tell you,…
Harrison Tang: All right. yeah,…
Drummond Reed: San Francisco is an ai mania right now.
Alan Karp: It's revitalizing the city.
Harrison Tang: that was a gentic AI.
Alan Karp: It's revitalizing the People are moving back.
Drummond Reed: Yeah, when I was there last week, ironically, Wendy was not.
She was on vacation and, we drove up and down 101 and 95% of the billboards
are something about AI.
Harrison Tang: I'm actually a believer I like three years ago everyone is
building models like…
Harrison Tang: then people are having this hype around large X model large
action model large something model I think that was just kind of BS but I
think agentic AI personally I'm a believer actually Yeah,…
Alan Karp: Yeah,…
Alan Karp: I live here and it's impossible to escape.
Drummond Reed: Put.
Harrison Tang: I'll try to schedule some topics around it. last time
someone mentioned about agency building the infrastructure for AI agents.
we're going to have them actually talk about here around October.
Harrison Tang: So, I'm trying to schedule something around it. So, I also
try
Drummond Reed: Ironic. No,…
Drummond Reed: I was just going to say ironically as I'll explain even
though there's now very strong connections between what I'm going to talk
about today, the first person project and AI agents there. It's just too
much to go into.
Drummond Reed: I couldn't cover it in this so I'm not going into that
today. but we will at least refer to it a few times.
00:05:00
Harrison Tang: Yeah, by the way,…
Harrison Tang: the Asian to Asian protocol from Google that uses DIDs,
right? If I remember correctly or no.
Drummond Reed: You would think I would know the answer to that, but I know
that it's one option with the agency protocol from Cisco. So all of this
stuff or ADA and agency have both landed the Linux Foundation and the MIT
Nanda project which is all also about the internet of AI agents the agentic
web is heavy on DIDs.
Drummond Reed: Yeah we will talk about DIDs today.
Harrison Tang: Sounds good.
Harrison Tang: So, we'll have the agency, the Cisco guys, come here and…
Harrison Tang: I'm working on MIT Nanda. so yeah, it's going to be exciting
topics.
Drummond Reed: If…
Drummond Reed: if you need help with that, I know the person that can get
them
Harrison Tang: Okay. Cool. I'll ping you on it. I'm working on the MIT one.
The agency will come up So yeah, I just need to nail down the dates. But
Thanks, Drummond. We'll start right away. so today we're very excited to
have Drummond here actually to kind of present and give an update on the
first person person with credentials project. but before we start, we just
wanted to quickly go over some administrative matters.
Harrison Tang: first of all just a quick reminder on code of ethics and
professional conduct. I just want to make sure we hold constructive and
respectful conversations that we always do. just a quick reminder on the
intellectual property anyone can participate in these calls. However, all
substive contributions to any GCG work items must be member of the CCG with
full IPR agreement signed. I haven't encountered any issues in the past few
years but if you have any questions in regards to getting a W3C account
which is all free as well as the contributor license agreements feel free
to just reach out to me or any of the chairs. All right. these calls are
automatically recorded and transcribed and we will publish the recording
and share the recordings and publish the transcriptions within the next 24
hours.
Harrison Tang: Okay, I just want to take a quick moment for the
introductions and reintroduction. So, if you're new to the community or you
haven't been active and want to reintroduce yourself, feel free to just
unmute or use the raise hand feature in Google Meet. All right. what about
announcements and reminders? any announcements reminders. Money, please.
Manu Sporny: Just a few. the CCG incubation and promotion call this week is
cancelled because it's happening as the same time as the verifiable
credential working group which is meeting for the first time after the
summer break this Wednesday. So, instead of doing the incubation promotion
call, we're going to be doing the, VCWG call, instead. you should have got
an invite for that, that went out earlier, yesterday or something like
that. the, verifiable credential API call still going to happen tomorrow.
we're finishing that spec up to kind of transfer it over to something more
standards tracky.
Manu Sporny: and so we're going to keep meeting there to finish up the last
little bits of it. And then those of you might have seen that unfortunately
we lost our minutes and transcription for the discussion with Google on
Longfellow CK and that stuff. And the following week for the data integrity
call, we think there was a bug with Google Meet. It reassigned our meeting
to some random person on the internet called Zoe, who is now holding our
transcription and recording. We don't know who Zoe is, but hopefully they
have a great time with our meeting minutes. because of that, we had to
recreate the meeting. everything's updated. There is a new meeting URL. So,
if you're going to come to the data integrity call this Friday, please be
aware of that. There's a new meeting URL. It's in the invite.
Manu Sporny: Please use that one instead. that's it.
Harrison Tang: Thank you. Maybe it's always just a AI agent, right? So, will
00:10:00
Will Abramson: Hi. I have a couple of things. first, I mean, I sent out an
email, right? And I reminded everyone there's a doodle poll for people who
want to help organize a series of talks in the AC Pacific time zone in just
a reminder and to let you know that I'll be closing that poll on Friday.
So, if you're interested in helping figure out a time and help sort out the
agenda for those sessions, great to have you there. and then the second
thing is about the data integrity proposal. I think there was some
discussion on the mailing list. It's issue 254 on the community. It's a new
work item right for the BIP 340 data integrity suite. there was some good
discussion on the mailing list. I think we worked through it. So hopefully
we can adopt this but I don't know if anyone else has any concerns to
address.
Will Abramson: That's it.
Harrison Tang: any concerns? I haven't heard any. So maybe you can send out
a final email and then if no concerns, we'll just officially adopt it. All
right. Any other announcements Any updates on the work item related stuff?
All right, last calls for introuction reintroductions, announcements,
reminders, and work item related matters. All right, let's get to the main
agenda. So today, again very excited to have Drummond here to talk about
first person personhood credentials project. it is trying to solve the
proof of humanity or proof of personhood problems.
Harrison Tang: a couple month ago we actually have warcoin here talking
about their solutions. So this is a alternative solutions. Actually
Drummond a couple months ago also talked about verifiable relationship
credentials which is a kind of unique solution to this proof of personhood
problem. very excited to have Drummond here to talk about that. So Drummond
the floor is yours.
Drummond Reed: Thanks Harrison very much. I am sharing how does this appear?
Harrison Tang: Yes.
Drummond Reed: Are you seeing these slides? Okay, Good. It's just wanted to
make sure these are coming across. So, again, I'm going to apologize for my
cold. If I start into wild fits of coughing, you'll know why. summer calls,
I just love them. so I'm going to give an update again. You've heard about
the first person project on some earlier calls. I look back, last one was
in April. I actually stepped down from Jen where I was director of trust
services for three and a half years in May to focus entirely on
first-person project.
Drummond Reed: although I then promptly ran off to Africa for 3 weeks with
my family and did a bunch of personal travel so just got back on it really
this month but have quite a bit to update you on some of it you have seen
before some of it's going to be new I will say we are working very
diligently right now on the first person project white paper which it's
going to be every bit as long as the famous person with credentials paper
if not a longer covering all the aspects of the project. so today I can't
cover all that. we don't have enough time and I want to make sure what we
do cover we get to in decent depth. So I'm going to be covering these six
topics here. and I want to leave also time for Q\&A.
Drummond Reed: So, feel free sort of in chapters if there questions that
come up, I'm going to leave it to you Harrison if you can keep an eye and
just tell me, hey, there's a question and we'll just, go into it. All
right. So, for anyone who is new, why is it called the first person
project? it's because of this 11year-old now blog post from Doc Surles with
project VRM. and this quote from it is when I went back and when we decided
to call it this about a year ago, I reread that blog post and I highlighted
something that I think all of us are well aware of and a situation which I
would say is accelerating unless we do something about these problems.
Drummond Reed: So the goals of the first person project you're absolutely
right it is very much about universal and privacy preserving proof of
personhood. However I want to make sure folks understand it's become quite
a bit more than that. it's about decentralized trust graph as an internet
utility. that will also lead into a new category of personal community
network managers. the actual apps we will have on our phones and desktops
and cars and all that kind of stuff. And of course that means first person
AI agents and a topic that is very much my focus these days and that of the
first project which is starting the first digital cooperative for this
purpose. I am not going to be able to cover all this today. I'm only going
to be able in today's talk to talk about the first two of these items.
00:15:00
Drummond Reed: I'm more than happy to follow up with The first person white
paper when it's available later this month. Our goal is to have it ready by
the end of the month. Will cover all of these topics and more. But today
I'm just going to talk about these first two. All right. So let's start
with universal privacy preserving proof of personhood. This was of course
the reason the spearhead to start the process and it was to do it without
using a global biometric database which means without using one of these
and I think world has done quite a bit of work we have a whole section
about world's approach in the first person white paper and what they've
done for their privacy architecture but I think you'll see
Drummond Reed: what they're not doing is creating an open standard
decentralized trust graph. And we believe that has a lot of potential
beyond just proof of personhood. But when it comes to proof of personhood,
and you may have seen this before, but I'm going to repeat it because I
think it's important. when the world approached Vitalic Buterine in 2023 to
ask for his appraisal and hopefully endorsement of what world was doing. he
concluded his 6,500word essay with this table and the third column is which
was their name at the time. They're now worldcoin is their cryptocurrency
tied to the world blockchain.
Drummond Reed: he said it was a better solution than general purpose
general hardware biometrics. However, his preferred solution was social
graph-based. but he notes in the paper that these two privacy and
accessibility and scalability were the problem areas he saw with social
graph-based proof of personhood. And when I read I was asked by the then
president of Jen to read the paper and get back to him because he'd heard
me talking about proof of personhood and how we could tackle it. And I came
back and I said I think Vitalik's exactly right about social graph based
approach but he's looking at the problems he sees if you look at it through
a blockchain lens.
Drummond Reed: If you look at it through a decentralized identity lens, the
stuff that we've been doing here at CCG for I don't know what is it 15 plus
years now. then I think we can solve it quite elegantly because we can
build a decentralized trust graph very privacy preserving and very human
empowering. So if you go back to this chart yes we can absolutely make it
very secure against fake people. We can make it very decentralized but we
can also deal with accessibility and scalability and we can make it very
private. This is why we became very excited about the potential for the
first person project. This is really what got us launched.
Drummond Reed: I'm going to spend most of the rest of this really talking
about the core elements of the decentralized trust graph. because this is
not only the heart of the project, but it is become the unifying piece of
why different, communities and projects are interested now in the first
person project. And as I'll get to towards the end it is the reason we're
launching the decentralized trust working group in September. but I'm
getting ahead of myself. I'll start here. So our assessment and this
started about a year ago is that doing the decentralized trust graph will
require two specific types of VCs.
Drummond Reed: I want to make it clear we're not talking about Z u VC
formats here we're talking about just simply designs of personal
credentials and verifiable relationship credentials and I'll talk about
both of them next now with personal credentials the beauty is I don't need
to tell you very much because some of the folks on this call are the
authors of this paper that came out a year ago and I want to again
congratulate them because as far as I'm concerned, this paper reset the
whole conversation about proof of personhood. it just put a huge stake on
the ground to say we can solve this with verifiable credentials in an open
standard way.
00:20:00
Drummond Reed: And ever since then, I mean, not only did it just like put a
rocket booster on what we were doing with the first person project cuz we
already had a pretty good sense of this, but we didn't have a 63page paper
with 32 authors that really explained it from top to bottom. This is an
outstanding paper. I highly recommend it to anyone who hasn't looked at it
yet, even if you just read the four and a half page executive summary and
the infographic which I like very much. the folks I've highlighted here
were also attended the DARPA personhood workshop that in last February
where Steven Adler gave a great presentation about this and it's pretty
much everything around personal credentials. I'll refer you to the paper.
It boils down to these two strict requirements that the issuers only issue
one per person and that they need unlinkable pseudonymity.
Drummond Reed: and there's good explanations of the ZKP that's needed.
believe me, we're going to talk a little bit more about that project about
that aspect because it's a major piece of what we're concentrating on now
with the first person project. So it's important to think when you think
about it from decentralized trust graph approach, these personal
credentials are the anchors for individuals that establish that link
between and we're
Drummond Reed: many different you words get used for who is the issuer and
we're just simply going to talk about PHC issuers in digital trust
ecosystems and that's the word we've used particularly a trust of IP for a
long time any group or social construct can be a digital trust ecosystem
obviously nation states companies universities but all the way down to
industries and communities ities and groups of any time. Certainly social
networks, all of them can function as digital trust ecosystems. whether
they are qualified to issue a personal credential is the primary governance
task. and we'll talk a little bit about that. in terms of the governance
framework, yeah, thank you for putting I'm watching the chat. That's a link
to the paper.
Drummond Reed: by the way, most of these slides have QR codes that you can
just scan to go straight to that resource. So, we're going to talk about
Alice and Bob here and just again establishing that person credentials from
whoever that person credential issuer is give us these anchors of unique
human beings within the decentralized trust graph. a lot of the work of the
first person project started with the realization that if you wanted to
create a personal credential system, and the paper does a great job of
explaining all the requirements, but it's very explicit about saying we're
not telling you how to build a personal credential system. that's another
reason I love it is because the point of the first person project is to
build that system.
Drummond Reed: and that's why we're that's essentially the recipe we are
cooking the meal and one of the requirements if you want personal
credentials to work and you want them verifiable in a universal way any
place is you need a decentralized trust registry network. as you've heard
before from earlier presentations here IRA association as a Swiss
association was launched in January. Its purpose is to be a trust network
with trust networks, a decentralized trust registry network. And I'm not
going to, if you're interested in that, definitely go to IRA forum listen
to the CG meeting. I believe it was April 24th. I looked it up last night.
and Ira steaming along too. I should probably have another update from
them, Harrison, before the end of the year. so that's that piece really
enables that.
Drummond Reed: Okay, we can do this now. But we also work have been going
on for quite a while on the importance of relationships, not just
credentials, but relationships that credentials can attest to. And when we
really started to focus on decentralized trust graph, we said personhood
credentials are very strong links in that but they don't represent the many
other cross relationships especially that people have personto person. So
that led us to the second new type of a verifiable relationship credential.
And again, you may thank you, Harrison. He's got both of the IRA ones. And
again, I'm certain Daryl will be happy to do another one this fall. as
they've been proceeding, we are obviously a first-person project at IRA
working together on a bunch of things.
00:25:00
Drummond Reed: So when it comes to this since we've last gave a bunch of
presentations on the first person project at IW last April and Phil Windley
really did yeah maybe a little prejudice but I think this is a fabulous
blog post that covered all of it. It also talks about our cards and a
little bit about social vouching which we're not going to cover here today.
just so we can stick to the main topic. so I do recommend this if you want
to sort of dive deep into verifiable relationship credentials. But my
personal favorite explanation came from Jim Zlin at the Lance Foundation
member summit last March.
Drummond Reed: And again, if you've seen this before, this is a little bit
enhanced version, but Jim in his opening keynote to the conference
basically said, "Hey, the cool thing about first-person credentials is
they're an instant key signing party." And that wasn't an abstract thing
for him because the Linux kernel project actually requires key signing
among all contributors. you can only contribute to the Linux kernel if two
other contributors members of that project have signed your keys.
Drummond Reed: This is currently a manual process and as we'll talk about
later in this that's the pro the automating that process and making
eliminating work for the developers and increasing the trust in the
contributors is the reason that Linux Foundation wants to be one of the
first implementers but we'll cover that later. Once he made this analogy in
his opening keynote that night, I said, "I've got to show him exactly how
that works." we had a two-hour workshop the next day that he chaired, and I
said, "Jim, you're exactly right, and I'm going to show you how Alice and
Bob actually how a verifiable relationship credential process works.
Drummond Reed: So, we're going to give both of them and since we can never
decide on the term agent or wallet, I'm just going to call it an agent
wallet. And both Alice and Bob have that. this is an example that is
personto person. Verifiable relationship credentials actually work in any
type of relationship. And I think they will be particularly powerful in
relationships between people and their personal AI agents, but again that's
not a topic we have time for today. in this case, we're just going to
imagine Bob and Allan are meeting at, for instance, a conference and
they're going to do exactly the same process that they could currently do
today on LinkedIn or WhatsApp or WeChat or Telegram or Signal, Alice
they're going to form a connection, but rather than form it on any specific
network as those others do, they're forming a firsterson connection.
Drummond Reed: Alice is going to present a QR code on her smartphone, show
it to Bob who's going to scan it and say yes, he wants to proceed with this
relationship. At which point his agent wallet there will generate a key
pair and a dead document from that. And we'll talk more about that in a
little bit, the specific type of dead method that we are preparing to use
for that. And Bob will now ship that over to send that to Alice and
together with the non that was in that so that Alice's agent wallet can
confirm yeah this is a legitimate new relationship at which point she will
do the same thing generate the key pair on her did doc and share it back
with Bob.
Drummond Reed: So these are pairwise private DIDs, a concept that is, not
new probably to many of the folks here at CCG and all our work on DIDs, but
we're now putting them into practice and there's a name for this
relationship now that we're using. This is a personal private channel. and
as I think many folks know, there's several protocols that have been
created to take advantage of this did of course deadcom also decentralized
web nodes both of them at diff and at trust this is the basis for the trust
spanning protocol which also we won't have time to talk about today but
that is what we are planning to use for the first person project.
00:30:00
Drummond Reed: once this channel is set up and there are many other uses
for this channel but the first use we will make of this channel is to say
okay now they can issue pairwise verifiable relationship credentials and
what I'm showing here is the bare bones of a VRC we can talk about many
other things that could been included but right now we're talking about the
pair of ds a date stamp And Bob is going to sign it with his private key of
his here. I will talk about personas in a minute. So Bob prepares that and
now issues that he is the issuer of that credential to Alice who will now
be the holder. And Alice will verify the signature and if everything's
good, she will do the same thing for Bob and she will sign it with her
private key and issue that back to Bob.
Drummond Reed: And lo and behold, we have in seconds done a key signing
party between the two of them in which they've actually also issued a
credential attesting to those keys in the DID cuments whatever was in those
DID documents and to this relationship. Now to astute observers such as we
have on the CCG will turn around and say these pair wise private dids Bob
and Alice can now prove this that they have these but nobody knows about
these DIDs.
Drummond Reed: So let me talk about what I think is going to be one of the
really signature features of VRC's but of the first person project in
general which is persona management and the ability to have privacy
preserving personas at a very deep level. So everything about first person
project privacy by design and therefore that's why we use pair wise private
dids by default for every relationship you have to community person to
business person to government person to AI agent but if they're wise
private dids how can anyone else know who you're actually identifying right
so the answer is personas and personas we're proposing they're implemented
as dids.
Drummond Reed: There's a big difference between the pair wise private dids
and persona dids because the latter persona dids are how you manage
intentional correlation when you want to prove you are the same person or
entity but we're talking about people right now with first person project
across different u ecosystems or context because you can prove control of a
persona did because A designed what we're calling a first-person sovereign
wallet will provide that key management for you and make it intuitive as to
how you will assert a persona in a particular relationship. This is really
the heart of how we think the first person ecosystem infrastructure will be
enabled.
Drummond Reed: this is about as deep as we go here today. I'm going to talk
more about the ZKP behind this but assuming that the individual needs to
have the ZKP support for that we've talked about the whole time. You could
say that the DIDs manage and a first-person sovereign wallet fall into
these two categories. is the blue at the bottom is those pairwise private
dids used in each relationship. And those are exchanged between those two
parties. The dead documents I'll talk about the type of ds in a minute but
we want the full support for key rotation for endpoint rotation but the
default for any relationship is pair wise private.
Drummond Reed: So the whole point of personas is to say all right now
whatever didss you add to that that you can also prove control over and
every did on this the R just stands for relationship P for public C for
community U for it's U I can't remember why I was just trying to these are
all bids they're all managed in the same wallet but the category of the
persona bids
00:35:00
Drummond Reed: is in the intentional correlation and you could categorize
these any way you want but what we've seen is the three major use cases are
you have a public persona that you want to be able to prove publicly
anywhere interesting enough a public persona does not have to reveal
anything about real world identity or legal identity if you're Picasso and
everybody knows about you then you have a well-known public persona that is
your real world. But if you're Banksy, you can have a public persona that
he could prove anywhere and not tie to his real world identity. the
community level is you have a persona that you want to share in one or more
communities in order to be, correlated and known within that community and
the relationships you have in that community. But you can have as many of
those as you want.
Drummond Reed: You could do one per community or one per aspect of your
life. The classic ways that we think of personas. Most interesting is the
fact of needing private personas. ways in which you need to prove it's to
some group that's not an inherent it's not public or not. That's a
community. There are several examples for medical records that you want,
for continuity of care to be sure you're the same person, but you don't
want to necessarily be correlated with anything else. Another one is a
legal persona where you're signing documents and you need to prove you're
the same one. And then of course any cases around a whistleblower or places
where you need a pseudonym that you can prove but you don't want it
correlated elsewhere.
Drummond Reed: So the whole point of this is persona management and the
challenge of course of designing a UX that makes it easy which I considered
to be one of the biggest challenges until I attended the global digital
collaborative in Geneva and had an I remember show me an app where even
before they'd seen this diagram they'd already started building in DIDbased
persona management and a very intuitive interface and I was just delighted
to see that. So I think there's going to be a lot of innovation around how
that can happen. last point I'll make is the holder of this wallet and
these DIDs can prove control over any of them. But that to do so in a
privacy preserving way means all of them need to be able to be approved
using CKP and some form.
Drummond Reed: I've been told I've simplified it by showing a master secret
key down here. with the ZKP experts, we'll probably come up with a more
accurate way to portray this. and I'm seeing timewise I'm going to whip
through the balance of these slides just so we can get to Q\&A. I suppose
there might be a lot of questions. I want to reinforce having spent seven
years of my life on DIDs and them being so central to this there is a very
specific kind of DID that we believe is well suited for the digital
sovereignty that we're about with the first person project and that is
DIDSKID location independent fully portable self-certifying identifiers. if
you're not familiar with DIDSKID it is a deliverable DIDSKID task force of
trust IP.
Drummond Reed: has been submitted to the u ded method working group at diff
and there's I think we might be a working draft for now but I haven't
updated the slide anyone who's interested in that or has any questions
please join us there and in September I think we're going to do the work to
get that through the diff process so I'll wrap up the technical u part of
it by just saying okay so we have these two types of credentials, the PHC's
and the VRC's. We need ZKP architecture that can make proofs about both. In
fact, it's important to look at them as what the verifiable relationship
trust triangle.
Drummond Reed: The challenge we ran into with VRC's is that Alice and Bob
could easily in the absence of some other solution trivially create a civil
attack where they create a thousand bots have them all exchange VRC's and
make it look like they have a thousand relationships. So the way to prevent
that kind of simple attack is to say a verifiable relationship you would
only be able to produce a proof against it if it is provably anchored to
personal credentials in the same ecosystem. so that you can prove it's a
unique relationship in that ecosystem between two unique persons or
entities because you can also prove other types of unique relationships but
particularly we're here around people.
00:40:00
Drummond Reed: So we're calling this a verifiable relationship trust
triangle. This is what you're producing proofs of in ZKP as proof of
personhood or proof of and the more it's simple to say the more PhDs you
have in different ecosystems and the more provable relationships you have
in those ecosystems the stronger the overall proof that you are a unique
person. and the analogy I'm really liking since it's based on triangles is
that means the decentralized trust graph where the atomic element is like
the polyhedrin in geodeic and it's a very strong small tensile element but
the more you put them together the greater you're spreading out the load
across the whole thing which is why us domes are so strong.
Drummond Reed: All right, I think we're doing okay for time here. I'm going
to turn around and now just quickly explain. So why is customer number one
for the first person project the Linux Foundation? again I've already
referred to the meeting in March where we had this workshop and what we
didn't expect is that Jim Zmo was actually going to make the subject of
this keynote presentation to the entire summit and he opened that by
explaining how malware injection attacks are now forming an existential
threat to the whole industry and a Second piece of it is now and the use of
bots to contribute to open source projects is a second form of how do you
actually know the providence of those bots.
Drummond Reed: So Jim told the story. I recommend if you're not familiar
with it. the very scary story of the XC attack. and this wired article does
a good job. And he just said, "Look, this is rapidly colliding issues that
really mean we need decentralized trust systems." And that's why I
highlighted the formation of decentralized trust last October. And it was a
challenge issue there. That is why we came back to Daniellea Barbosa, the
executive director, and Art Montgomery, the CTO, and said, "Hey, we're
working on this first person project. We think this is what u is needed to
address this issue." And they presented to Jim, of course, we presented to
them said, "Read this paper. This is an incredibly strong argument about
this stuff." And he was quite convinced by that.
Drummond Reed: he also okay why do we need to start with open source
infrastructure? By the way, these are all slides. pictures I literally took
sitting in the front row and he said, " open source is a really good place
to start because we need identity and trust of the relationships of
contributors to open source projects. And that in doing so in a privacy
respecting way is how we can support the two of these tenants of open
source, permissionless entry and worldwide participation.
Drummond Reed: and we need the trust to support that in the face of these
attacks. And this again was another slide we had given him. and our point
here is to say that with the first person project some of the very hard
questions and challenges of interoperability that we have in the
decentralized identity space. We can address by saying we're going to have
a set of requirements around wallets. We're going to have a set of
requirements on credentials. We're going to have a set of requirements
around ecosystems.
Drummond Reed: and they all have to align for this to work. But if the
value is there, we can finally have a through line to produce
interoperability at a scale that has yet to be achieved so far by
verifiable credentials. I'm not saying it's the only way we get there. I
hope there are a bunch of ways, but at least that was our contention. And
it was another reason that Jim and the Linux Foundation board said, "Yeah,
let's get on board. Let's do this.
Drummond Reed: So I will finish now by just as I mentioned earlier what
happened after the Linux foundation made that commitment we said there are
a number of pieces here beyond what we're doing currently at trust over IP
with the protocol level where we want to standardize those pieces too we
want this to be open a decentralized trust graph to be an open internet
utility just like the internet itself that anyone can implement and build
on andor create trust networks on top of. So trust approved a new working
group there is the entire charter folks who are familiar with joint
development foundation projects at the Linux Foundation know that your
working group charter is one paragraph.
00:45:00
Drummond Reed: this is a little bit on the long side because we wanted to
make it explicit. They look this working group is it needs to cover all the
elements of what are going to be necessary in a decentralized trust graph.
but this is what again the trust steering committee approved that in I
think it was the end of May. we knew that summer would be a slow period and
we wanted to line up a bunch of work for that. So this working group is
going to kick off in September and it is again the starting point was trust
RP. we want this to be what is called a joint participation working group.
Drummond Reed: I think a number of you are familiar with that because
that's already the case of several of the working groups such as the
creator assertions working group that was started at diff and so it is
currently we are collaborating with all of these four Linux Foundation
projects. but as a joint participation working group I understand CCG has
been part of at least one or two of those before and this is an open
invitation to CCG to say do you also want to be part of that and if so just
let us know and I think that's it I do have anyone who's interested the
only public information right now is the firstp person.network
Drummond Reed: network site which has very little information because what
we were doing this is where the white paper and a fact will land by the end
of the month. I just saw Brent put and you're absolutely right. The current
didkid method register with W3C is not the didkid method that we've
developed. we've checked into that and didkid appears to be a dead did
method. So, I'd love to discuss that in the Q\&A. Okay. what do we do about
actually dealing with a dead method? last thing, there is a mailing list,
besides the website. If you're interested in being on the mailing list,
there's code. Anyone is welcome to join. It is moderated, as in we actually
need a way to make sure you're a real human. I guess it's okay. Bot
subscribe.
Drummond Reed: But in any case, I think that's it. and good. We got 13
minutes for Q\&A.
Harrison Tang: If people have questions just use the raise hand feature in
Google meet but John there's a question in the comments earlier.
Harrison Tang: So the question is if each relationship is using unique dids
then a person can delete a compel relationship in the future Hey, cool.
Drummond Reed: Yes.
Drummond Reed: Relationships are consensual by both parties. Either party
can cut it off. I've used for a long time the analogy of A relationship is
string and either party can get out the scissors and cut the string. I see
Carly saying you can be compelled in person and cut it off later.
Drummond Reed: I'm not sure, Carly, what that means or is that a question?
she doesn't have sound right now. Okay. Yeah,…
Harrison Tang: Yes,…
Carly: Wait, does it work now?
Drummond Reed: we can hear you now, Carly.
Harrison Tang: he does.
Carly: Yeah, my question was surely everybody has been in this situation
where you're in an uncomfortable situation and being compelled to do
something and you're like, "Yeah, yeah, okay, okay,…
Carly: Here we've connected now." And then when you leave, you're
disconnected because you didn't want that relationship, but it was easier
to go along and then leave.
Drummond Reed: I totally understand.
Drummond Reed: We didn't again have time to talk about our relationship
cards, which is what you can actually now share over a personal private
channel. but one of the appeals I know from at least some audiences is
being able to share essentially a pseudonymous card. So you can form a
relationship but without sharing any actual contact data and as soon as you
decide no I don't really want that relationship there's some obvious
situations you can imagine there you can delete it and the other person
will have no way of contacting you.
00:50:00
Carly: As long as you can make it look real at the time.
Drummond Reed: Yeah yeah yeah of course.
Drummond Reed: Yeah. Yeah. I totally understand there was the social
dynamics around the use of verifiable relationship credentials. I until we
actually can put this in people's hands. We had a very early demo at IW
back in April and just the conversations in that one room.
Drummond Reed: I wish I could have been around with and frankly the use
user experience was extremely difficult and still people were just
fascinated with what they would be able to do with verbal relationships and
the relationship cards that you can exchange as a result.
Carly: Excellent. …
Carly: it sounds like at some point I want to join your working group and
we should dedicate some time occasionally to doing a risk assessment where
everybody throws out the terrible whatifs and then put that into spec.
Drummond Reed: absolutely trust networks build on the decentralized trust
graph and…
Drummond Reed: again I didn't talk about the first person network but that
is the whole point to actually say hey we're going to build a network on
this decentralized trust graph and the governance of that is a huge deal.
we are planning an entire governance work stream. Anyone who's interested
in that aspects of it, please do join the mailing list. And I mean we have
a technical aspect, we have the governance aspect, and then we have what I
would call the marketing or go to market aspect. yeah, and there's a huge
amount of work in front of us. I know there are some other hands up.
Drummond Reed: So I can see from here.
Harrison Tang: Yeah, Ellen.
Drummond Reed: Harrison, it looks like Allen's first. Is that right?
Alan Karp: Yeah. Yeah.
Alan Karp: It seems like a person is a misnomer. I mean it's certainly very
useful for person and it fills a gap that's there, but for example,…
Alan Karp: I could use this for a bunch of IoT devices in my home. It seems
like the protocol would work perfectly well with things other than persons.
Drummond Reed: Harrison,…
Drummond Reed: you got to have a special designation for folks that are too
advanced to be on these calls. That's a way of saying Alan, of course
you're totally right. But we started with proof of personhood, so that's
why it's called the first person project. You're totally right. And I'm
actually really excited especially I think I would love this fall or later
on november December to just come back and say hey here's the relationship
of the first person project and personal AI agents in particular obviously
any AI agent but the whole challenge of authenticated delegation we feel
that verified relationship credentials and the decentralized trust graph is
a powerful tool we can use for that and I was in a bunch of meetings in San
Francisco last week where folks are leaning into that. So, Allan, you're
absolutely right.
Drummond Reed: and by the way, we'd also love to have you on the working
group because you bring a huge amount of experience in this space.
Harrison Tang: All right, we got another pro question here from Greg.
Greg Bernstein: Hi Drummond. have you encountered any new pseudonym type
requirements when we first started our pseudonym work to extend We had a
fairly simple model and then as we looked at the applications for VCs and
such like that it expanded and expanded and just the other day two weeks
ago on one of our data integrity calls we were talking with the Longfellow
ZK people and we were saying hey these are the set of pseudonym
requirements we need for any of these type solutions and…
Greg Bernstein: this is what we're putting in the BBS but we want this
whether it's postquantum or it's a ZKP thing any new requirements for the
cryptographers have you seen Kim Hamilton helped us we put together a
little blog post about pseudonyms and…
Drummond Reed: That is such a I have not seen that blog post and…
Greg Bernstein: the kind of requirements
Drummond Reed: I would love to look that over. again, I didn't have time
today to really dive into the ZKP requirements that we have. other than
high level the verifiable relationship trust the good news is, I'm not a
ZKP expert. I'm just a ZKP advocate ever since Evern came to the conclusion
in the early days,…
Greg Bernstein: Okay.
00:55:00
Drummond Reed: hey, this is the only way we'll get to strong privacy
preservation.
Drummond Reed: but Hart McGomery the CTO of LFD decentralized trust really
leaned into this very early and said hey this is going to be a good solid
privacy infrastructure for a lot of things. I want to make sure that we get
worldclass ZKP experts working on it and he reached out to a fellow you
might know Dr. Sanjim Gar at UC Berkeley. and we first had a call with him
last February and him and several grad students and we described the
problem spaces and said this is what we need a ZKP architecture for and
they got excited about it and they began working on it and they've since
been joined by a few other cryptographers.
Drummond Reed: So, I'm circling around to say as you saw with personas, our
base line is that every pseudonym that you would want to use in a first
person relationship We're proposing to use skid, dids.
Drummond Reed: Not that there's anything particularly special from a
pseudonymity standpoint, but that the keys associated with that will need
to support the ZKP. So I would love to connect you and Hart and Dr. Gar and
his group because that's really the source of any requirements that you're
looking for. feel reach out to me.
Greg Bernstein: Okay, that sounds okay because my history is with Berkeley,
but we've been working with Anna Vice Ka over at Brown and some other folks
there and…
Greg Bernstein:
Greg Bernstein: for some of these requirements to put into the
cryptography. and so happy to get involved.
Drummond Reed: Please do just …
Drummond Reed: if you like drama.read@gmail.com reach out to me and…
Drummond Reed: I'll make that introduction. I laugh every time I do that
because one of the features I'm really excited about with first-person
infrastructure is the ability to finally make private introductions
between, people communities that you're connected to. and so it's going to
make email or LinkedIn introductions look pretty lame. So super. I think
it's Manu
Greg Bernstein: Sounds good.
Manu Sporny: Hey, Drummond. wonderful job as always, putting this into a
story that's accessible and easy to understand. it makes a lot of sense how
all the layers come together. I did have one question around the PHC stuff.
So, when we were working on that paper, there was effectively one great
unsolved problem. and I'm trying to figure out what you're proposing, how
it addresses it. So, one of the things about personhood credentials that
the paper said is that there has to be a onetoone mapping between a person
and an issuer.
Manu Sporny: And one of the really kind of scary things with that
requirement is the only way that you can really truly achieve that is to
centralize the issuance of personhood credentials which none of us want to
see. so the problem has to do with civil syibles in the system right I mean
any system is going to have a certain number of sibles in it. that's
actually a good thing. It's a feature. but how are you kind of combating
the chances that someone might sell their ability to create VRC's or sell
their personhood credential?
Manu Sporny: What's kind of the thing that catches that kind of behavior in
the ecosystem?
Drummond Reed: Someone was going to ask the really hard question,…
Drummond Reed: yes.
Manu Sporny: I mean, and I think it's fine to say there's no perfect
solution right now and that sort of thing, but I think this is one of the
key things that needs to be addressed with personhood credentials. There's
the sliding scale of fully pseudonmous and then you've got way more syibles
in your system, potentially an overrun of syibles, and then way less like
it can work,…
Manu Sporny: but then we have to hand over authority to issue personhood
credentials to centralized governments. And then we know how that's not a
good solution either.
Drummond Reed: Yeah, I'm happy I know we just have one minute left to at
least tell you a couple leanings.
Manu Sporny: So I was wondering where you were kind of leaning with the
current architecture.
Drummond Reed: I do want to highlight right now before anyone leaves that
will be one of the key hard problems that we'll be working on the central
arts working group because it's great. we've had three different requests
even with our limited visibility so far from biometrics companies they're
saying hey we have a solution that doesn't require a global biometric
database and I'm still a little bit okay but one of those calls happening
tomorrow if you're on the main list or if you join the mailing list we can
send out another link it's literally 8 o'clock Pacific time tomorrow from a
company called Realize
01:00:00
Drummond Reed: so one there may be privacy preserving biometrics that don't
require that kind of database. BD the other thing we're looking at is again
with the ZKB architecture the more personal credentials you could prove are
tied to a master secret. you can increase the probability of uniqueness.
but there that's not a perfect solution either. So the only thing that I
have seen come up a number of times is the need the more contextual you can
make the proof of uniqueness the easier it is and the more privacy
preserving it is.
Drummond Reed: one of my favorite, people to talk about this with is one of
your co-authors on that paper, Wendy Seltzer, and she's made the point,
look, yeah, you have to prove you're a unique person in a national
election, but how many other times do you have to do that? so if the real
proof of uniqueness is within an ecosystem, the person with credential
issued by that ecosystem or by another ecosystem they're close to and trust
is going to get you far enough. and that I think was one of the I think key
takeaways of that paper.
Drummond Reed: I do want to again thank you Manu and all the authors of
that paper because it didn't solve everything but it really changed the
game and made things like the first person project possible …
Harrison Tang: Thank And thanks everyone for great questions. I think we
probably want to invite work with Drummond and then invite him back again
to another great discussion probably in January. we were a little bit
hooked up, but thank you. Thanks everybody. Yeah. So I think this Yeah.
Drummond Reed: Really appreciate it.
Harrison Tang: And then I'll follow up with you Drummond on getting the
presentation slides and everything else. So thanks a lot.
Drummond Reed: You bet. Thanks everyone.
Drummond Reed: And look forward to working with everyone on this.
Harrison Tang: All right,…
Harrison Tang: this concludes this week's CCG meeting. So, I'll see you
next week. Have a good one. Bye.
Drummond Reed: Thanks all. Bye.
Meeting ended after 01:02:56 👋
*This editable transcript was computer generated and might contain errors.
People can also change the text after it was created.*
Received on Tuesday, 12 August 2025 22:12:28 UTC