- From: Adrian Gropper <agropper@healthurl.com>
- Date: Thu, 17 Jul 2025 16:24:41 -0400
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CANYRo8g0MkAO=yAO09f3wY5N5BWGAeFXBOSs=Ljr6a=saESH6w@mail.gmail.com>
Nostr might be a good start for de-platforming social media on the basis of
pseudonymity and relay-based discovery, but unless the architecture also
supports untraceable payment the major surveillance platforms will persist.
Adrian
On Thu, Jul 17, 2025 at 3:58 PM Melvin Carvalho <melvincarvalho@gmail.com>
wrote:
>
>
> čt 17. 7. 2025 v 21:38 odesílatel Adrian Gropper <agropper@healthurl.com>
> napsal:
>
>> It's clearly time for a new architecture. One that benefits from our
>> experience with SSI as an anti-pattern that is too easily inverted or
>> ignored.
>>
>> I would suggest an architecture that sees platforms for payment and
>> social media as the problem instead of focusing on identity. An
>> architecture that, like cash and geocaches, defaults to anonymity by design.
>>
>> I would also suggest an architecture that ignores licensed professionals
>> and things. With the benefit of hindsight, the premise that identity
>> standards must span licensing and supply chains seems inane.
>>
>
> We have a fairly advanced ecosystem working on all these problems over at
> Nostr, with several million users, and several thousand DAU.
>
> We also have a W3C Nostr Community Group [1] and have already begun work
> on a did:nostr spec.
>
> [1] https://www.w3.org/community/nostr/
>
>
>>
>> Sorry,
>> - Adrian
>>
>>
>> On Wed, Jul 16, 2025 at 3:59 AM Christopher Allen <
>> ChristopherA@lifewithalacrity.com> wrote:
>>
>>> I have occasionally posted a link to one of my blog articles to this
>>> group, but I thought this article deserved a broader discussion by our CCG
>>> community, so I'm sharing here.
>>>
>>> The original article is at
>>> https://www.blockchaincommons.com/musings/gdc25/
>>>
>>> -- Christopher Allen
>>>
>>> Musings of a Trust Architect: When Technical Standards Meet Geopolitical
>>> Reality
>>> Digital Identity, Sovereignty, and the Erosion of Foundational Principles
>>> By Christopher Allen <ChristopherA@LifeWithAlacrity.com>
>>> 2025-07-15
>>>
>>> *Reflections on recent conversations about digital identity,
>>> sovereignty, and the erosion of foundational principles*
>>>
>>> Echoes from Geneva
>>>
>>> I wasn't present at the [Global Digital Collaboration](
>>> https://globaldigitalcollaboration.org/) conference (GDC25), but the
>>> observations shared by colleagues who attended have crystallized some
>>> issues I've been wrestling with for years. I should note there's a
>>> selection bias here: I'm the author of the [10 principles of self-sovereign
>>> identity](
>>> https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/self-sovereign-identity-principles.md),
>>> so my community tends to have strong opinions about digital identity.
>>> Still, when multiple trusted voices independently report similar concerns,
>>> patterns emerge that are worth examining. And these weren't casual
>>> observers sharing these concerns. They were seasoned practitioners who've
>>> spent decades building identity infrastructure. Their collective unease
>>> speaks to something deeper than technical disagreements.
>>>
>>> It's hard to boil the problems at GDC25 down to a single issue, because
>>> they were so encompassing. For example, there was a pattern of scheduling
>>> issues that undercut the community co-organizing goal of the conference and
>>> seemed to particularly impact decentralized talks. One session ended up in
>>> a small, hot room on the top floor that was hard to find. (It was packed
>>> anyway!) Generally, the decentralized-centric talks were in bad locations,
>>> they were short, they had restricted topics, or they were shared with other
>>> panelists.
>>>
>>> I think that logistical shuffling of events may point out one of the
>>> biggest issues: decentralized systems weren't given much respect. This may
>>> be true generally. There may be lip service to decentralized systems, but
>>> not deeper commitments. Its value isn't appreciated, so we're losing its
>>> principles. Worse, I see the intent of decentralization being inverted:
>>> where our goal is to give individuals independence and power by reducing
>>> the control of centralized entities, we're often doing the opposite —
>>> still in the name of decentralization.
>>>
>>> The Echo Chamber Paradox
>>>
>>> The problems at GDC25 remind me of Rebooting the Web of Trust (RWOT)
>>> community discussions I've been following, which reiterate that this is a
>>> larger issue. We debate the finer points of zero-knowledge proofs and DID
>>> conformance while missing the forest for the trees. Case in point: the
>>> recent emergence of "[`did:genuineid`](https://genuinein.com/DIDMethod)"
>>> — a centralized identifier system that fundamentally contradicts the
>>> "D" in DID.
>>>
>>> Obviously, decentralization is a threat to those who currently hold
>>> power (whether they be governments, corporations, billionaires, or others
>>> who hold any sort of power), because it tries to remove their
>>> centralization (and therefore their power), to instead empower the
>>> individual. But if we can't even maintain the semantic integrity of
>>> "decentralized" within our own technical community, devoted to the ideal,
>>> how can we fight for it in the larger world?
>>>
>>> The Corpocratic Complication
>>>
>>> GDC25 was held in Geneva, Switzerland. 30+ standards organizations
>>> convened to discuss the future of digital identity. Participants spanned
>>> the world from the United States to China. There was the opportunity that
>>> GDC25 was going to be a truly international conference. Indeed, Swiss
>>> presenters were there, and they spoke of privacy, democratic involvement,
>>> and achieving public buy-in. It was exactly the themes that we as
>>> decentralized technologists wanted to hear.
>>>
>>> But from what I've heard, things quickly degraded from that ideal. Take
>>> the United States. The sole representative of the country as a whole
>>> attended via teleconference. (He was the only presenter who did so!) His
>>> talk was all about Real ID, framed as a response to 9/11 and rooted in the
>>> Patriot Act. It lay somewhere between security-theatre and
>>> identity-as-surveillance, and that's definitely not what we wanted to hear.
>>> (The contrast between the US and Swiss presentations was apparently
>>> jarring.)
>>>
>>> And with that representative only attending remotely, the United State's
>>> real representatives ended up being Google and Apple, each advancing their
>>> own corpocratic interests, not the interests of the people we try to
>>> empower with decentralized identities.
>>>
>>> This isn't just an American problem. It's a symptom of a deeper issue
>>> happening across our digital infrastructure. It's likely the heart of the
>>> inversions of decentralized goals that we're seeing — and likely why
>>> those logistical reshufflings occurred: to please the gold sponsors. In
>>> fact, the conference sponsors tell the story: Google, Visa, Mastercard, and
>>> Huawei were positioned as "leading organizations supporting the advancement
>>> of wallets, credentials and trusted infrastructure in a manner of global
>>> collaboration."
>>>
>>> While Huawei's presence demonstrates international diversity — a Swiss
>>> conference bringing together Europe and Asia — it also raised questions
>>> about whose vision of "trust" would ultimately prevail. When payment
>>> platforms and surveillance-capable tech giants frame the future of identity
>>> infrastructure, we shouldn't be surprised when the architecture serves
>>> their interests first.
>>>
>>> This echoes my concerns from ["Has SSI Become Morally Bankrupt?"](
>>> https://www.blockchaincommons.com/musings/musings-ssi-bankruptcy/).
>>> We've allowed the narrative of self-sovereignty to be co-opted by the very
>>> platforms it was meant to challenge. The technical standards exist, but
>>> they're being implemented in ways that invert their original purpose. Even
>>> [UNECE sessions acknowledged](
>>> https://unece.org/trade/events/global-digital-collaboration-conference-international-trade-identity-across-borders)
>>> the risk of "diluting the autonomy and decentralization that SSI is meant
>>> to provide."
>>>
>>> The Sovereignty Shell Game
>>>
>>> Google was partnered with German Sparkasse on ZKP technology and that
>>> revealed a specific example of this co-opting.
>>>
>>> Google's open-sourcing of its Zero-Knowledge Proof libraries, announced
>>> July 3rd in partnership with Germany's network of public savings banks, was
>>> positioned as supporting privacy in age verification. Yet as [Carsten
>>> Stöcker pointed out](
>>> https://www.linkedin.com/posts/dr-carsten-st%C3%B6cker-1145871_opening-up-zero-knowledge-proof-technology-activity-7348195852085067776-nKDB),
>>> zero-knowledge doesn't mean zero-tracking when the entire stack runs
>>> through platform intermediaries. Carsten noted that Google has "extensive
>>> tracking practices across mobile devices, web platforms and advertising
>>> infrastructure." Meanwhile, the Google Play API makes no promises that the
>>> operations are protected from the rest of the OS.
>>>
>>> The Google ZKP libraries ("longfellow-sk") could be a great [building
>>> block](https://news.dyne.org/longfellow-zero-knowledge-google-zk/) for
>>> truly user-centric systems, as they link Zero-Knowledge Proofs to legacy
>>> cryptographic signature systems that are still mandatory for some hardware.
>>> But they'd have to be detached from the rest of Google's technology stack.
>>> Without that, there are too many questions. Could Google access some of the
>>> knowledge supposedly protected by ZKPs? Could they link it to other data?
>>> We have no idea.
>>>
>>> The European Union's eIDAS Regulation, set to take effect in 2026,
>>> encourages Member States to integrate privacy-enhancing technologies like
>>> ZKP into the European Digital Identity Wallet, but integration at the
>>> platform level offers similar dangers and could again invert the very
>>> privacy guarantees ZKP promises.
>>>
>>> Historical Echoes, Modern Inversions
>>>
>>> Identity technology's goals being inverted, so that identity becomes a
>>> threat rather than a boon, isn't a new problem. In ["Echoes of History"](
>>> https://www.blockchaincommons.com/articles/echoes-history/), I examined
>>> how the contrasting approaches of Lentz and Carmille during WWII
>>> demonstrate the life-or-death importance of data minimization. Lentz's
>>> comprehensive Dutch identity system enabled the Holocaust's efficiency;
>>> Carmille's deliberate exclusion of religious data from French records saved
>>> lives. Even when they're decentralized, today's digital identity systems
>>> face the same fundamental questions: what data should we collect, what
>>> should we reveal, and what should we refuse to record entirely?
>>>
>>> But we're adding a new layer of complexity. Not only must we consider
>>> what data to collect, but who controls the infrastructure that processes
>>> it. When Google partners with Sparkasse on "privacy-preserving" age
>>> verification, when eIDAS mandates integration at the operating system
>>> level, we're not just risking data collection: we're embedding it within
>>> platforms whose business models depend on surveillance. Even if the data is
>>> theoretically self-sovereign, the threat of data collected is still data
>>> revealed — just as happened with Lentz's records.
>>>
>>> The European eIDAS framework, which I analyzed in a [follow-up piece to
>>> "Echoes from History"](https://www.blockchaincommons.com/articles/eidas/),
>>> shows how even well-intentioned regulatory efforts can accelerate platform
>>> capture when they mandate integration at the operating system level. As I
>>> wrote at the time, a history of problematic EU legislation that had the
>>> best of intentions but resulted in unintended consequences has laid the
>>> groundwork, and now identity is straight in that crosshairs. One of the
>>> first, and most obvious problems with eIDAS is the mandate "that web
>>> browsers accept security certificates from individual member states and the
>>> EU can refuse to revoke them even if they’re dangerous." There are many
>>> more — and I'm not [the only voice](
>>> https://news.dyne.org/the-problems-of-european-digital-identity/) on
>>> eIDAS and EUDI issues.
>>>
>>> Supposedly self-sovereign certificates phoning home whenever they're
>>> accessed is another recent threat that demonstrates best intentions gone
>>> awry. This not only violates privacy, but it undercuts some of our best
>>> arguments for self-sovereign control of credentials by returning liability
>>> for data leaks to the issuer. The [No Phone Home](
>>> https://www.blockchaincommons.com/news/No-Phone-Home/) initiative that
>>> Blockchain Commons joined last month represents one attempt to push back on
>>> that, but it feels like plugging holes in a dam that's already cracking. It
>>> all does.
>>>
>>> The Builder's Dilemma
>>>
>>> What troubles me most is the split I see in our community. On one side,
>>> technology purists build increasingly sophisticated protocols in isolation
>>> from policy reality. On the other, pragmatists make compromise after
>>> compromise until nothing remains of the original vision.
>>>
>>> The recent debates about [`did:web` conformance](
>>> https://github.com/w3c-ccg/did-method-web) illustrate this perfectly.
>>> Joe Andrieu correctly notes that `did:web` can't distinguish between
>>> deactivation and non-existence — a fundamental security boundary. Yet
>>> `did:web` remains essential to many implementation strategies because it
>>> bridges the gap between ideals and adoption. It provides developers and
>>> users with experience with DIDs, but in doing so undercut decentralized
>>> ideals for those users. We're caught between philosophical purity and
>>> practical irrelevance.
>>>
>>> In my recent writings on [Values in Design](
>>> https://www.blockchaincommons.com/musings/ValuesDesign/) and the [Right
>>> to Transact](https://www.blockchaincommons.com/musings/RightToTransact/),
>>> I've tried to articulate what we're fighting for. But values without
>>> implementation are just philosophy, and implementation without values is
>>> just surrender.
>>>
>>> The Global Digital Collaboration highlighted this tension perfectly.
>>> International progress on digital identity proceeds apace: Europe,
>>> Singapore, and China all advance their frameworks, but there are still
>>> essential issues that invert our fundamental goals in designing
>>> self-sovereign systems. Meanwhile, the U.S. remains even more stalled, its
>>> position represented only by the platforms that benefit from the status
>>> quo. Alongside this, technical standards discussions proceed in isolation
>>> from the policy, regulatory, and social frameworks that will determine
>>> their real-world impact.
>>>
>>> Where Do We Go From Here?
>>>
>>> I find myself returning to first principles. When we designed [TLS 1.0](
>>> https://datatracker.ietf.org/doc/html/rfc2246), we understood that
>>> technical protocols encode power relationships. When we established the
>>> [principles of self-sovereign identity](
>>> https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/self-sovereign-identity-principles.md),
>>> we knew that architecture was politics. Ongoing battles, such as those
>>> between Verifiable Credentials and ISO mDLs, between DIDComm and OpenID4VC,
>>> demonstrate disagreements over these power relationships made visible in
>>> technological discussions.
>>>
>>> The question now is whether we can reclaim our ideals before they're
>>> completely inverted by the side of centralized power and controlled
>>> architecture.
>>>
>>> The path forward requires bridging the gaps Geneva revealed:
>>>
>>> - Between corporate platform dominance and global digital sovereignty
>>> - Between the promise of decentralization and the reality of
>>> recentralization
>>> - Between technical standards and policy reality
>>> - Between privacy absolutism and implementation pragmatism
>>>
>>> A Personal Note
>>>
>>> After three decades of building internet infrastructure, I've learned
>>> that the most dangerous moment isn't when systems fail, it's when they
>>> succeed in ways that invert their purpose. We built protocols for human
>>> autonomy and watched them become instruments of platform control. We
>>> created standards for decentralization and saw them twisted into new forms
>>> of centralization.
>>>
>>> This conversation continues in private Signal groups, in conference
>>> hallways, in the space between what we built and what we've become. The
>>> [Atlantic Council warns](
>>> https://dfrlab.org/2024/10/01/analysis-a-brave-new-reality-after-the-uns-global-digital-compact/)
>>> of power centralizing "in ways that threaten the open and bottom-up
>>> governance traditions of the internet." When critics from across the
>>> geopolitical spectrum — from sovereignty advocates to digital rights
>>> groups — all sense something amiss, it suggests a fundamental
>>> architectural problem that transcends ideology.
>>>
>>> Perhaps it's time for a new architecture: one that acknowledges these
>>> inversions and builds resistance into its very foundations.
>>>
>>> But that's a longer conversation for another day.
>>>
>>> ---
>>>
>>> *Christopher Allen has been architecting trust systems for over 30
>>> years, from co-authoring TLS to establishing self-sovereign identity
>>> principles. He currently works on alternative approaches to digital
>>> identity through [Blockchain Commons](
>>> https://www.blockchaincommons.com/).*
>>>
>>
Received on Thursday, 17 July 2025 20:24:58 UTC