- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Thu, 17 Jul 2025 23:27:55 +0200
- To: Steve Capell <steve.capell@gmail.com>
- Cc: Adrian Gropper <agropper@healthurl.com>, Credentials Community Group <public-credentials@w3.org>
- Message-ID: <CAKaEYh+hE_xduT3pAkd4cZgOko97CvqrLj22eYaMR7M710jPYQ@mail.gmail.com>
čt 17. 7. 2025 v 22:58 odesílatel Steve Capell <steve.capell@gmail.com>
napsal:
> Anytime I hear anyone say anything like “Bitcoin is a good thing” it makes
> me shudder and want to vomit. As far as I can tell It’s a monstrous Ponzi
> scheme that is good for money laundering and not much else
>
Steve, could we keep the discussion focused on the technical merits? The
W3C Code asks us to treat one another with respect and avoid personal
attacks; strong critiques of technologies are welcome, but let’s phrase
them in ways that keep everyone comfortable participating. Thanks!
>
> Why do we perceive did:web (or its improved variants like did:webvh) as
> “centralised”? What could be more decentralised than the web? Certainly not
> any distributed ledger
>
>
> Steven Capell
> Mob: 0410 437854
>
> On 17 Jul 2025, at 10:41 pm, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
>
>
>
>
> čt 17. 7. 2025 v 22:24 odesílatel Adrian Gropper <agropper@healthurl.com>
> napsal:
>
>> Nostr might be a good start for de-platforming social media on the basis
>> of pseudonymity and relay-based discovery, but unless the architecture also
>> supports untraceable payment the major surveillance platforms will persist.
>>
>
> Nostr is tied to any payment system. But it is largely built by people in
> the bitcoin community, so there have been some integrations with bitcoin
> technologies, such as the lightning network.
>
> Innovation continues in this area. I think that integration with
> Blockstream's Liquid [1] would be a good start.
>
> [1] https://blockstream.com/liquid/
>
>
>>
>> Adrian
>>
>> On Thu, Jul 17, 2025 at 3:58 PM Melvin Carvalho <melvincarvalho@gmail.com>
>> wrote:
>>
>>>
>>>
>>> čt 17. 7. 2025 v 21:38 odesílatel Adrian Gropper <agropper@healthurl.com>
>>> napsal:
>>>
>>>> It's clearly time for a new architecture. One that benefits from our
>>>> experience with SSI as an anti-pattern that is too easily inverted or
>>>> ignored.
>>>>
>>>> I would suggest an architecture that sees platforms for payment and
>>>> social media as the problem instead of focusing on identity. An
>>>> architecture that, like cash and geocaches, defaults to anonymity by design.
>>>>
>>>> I would also suggest an architecture that ignores licensed
>>>> professionals and things. With the benefit of hindsight, the premise that
>>>> identity standards must span licensing and supply chains seems inane.
>>>>
>>>
>>> We have a fairly advanced ecosystem working on all these problems over
>>> at Nostr, with several million users, and several thousand DAU.
>>>
>>> We also have a W3C Nostr Community Group [1] and have already begun work
>>> on a did:nostr spec.
>>>
>>> [1] https://www.w3.org/community/nostr/
>>>
>>>
>>>>
>>>> Sorry,
>>>> - Adrian
>>>>
>>>>
>>>> On Wed, Jul 16, 2025 at 3:59 AM Christopher Allen <
>>>> ChristopherA@lifewithalacrity.com> wrote:
>>>>
>>>>> I have occasionally posted a link to one of my blog articles to this
>>>>> group, but I thought this article deserved a broader discussion by our CCG
>>>>> community, so I'm sharing here.
>>>>>
>>>>> The original article is at
>>>>> https://www.blockchaincommons.com/musings/gdc25/
>>>>>
>>>>> -- Christopher Allen
>>>>>
>>>>> Musings of a Trust Architect: When Technical Standards Meet
>>>>> Geopolitical Reality
>>>>> Digital Identity, Sovereignty, and the Erosion of Foundational
>>>>> Principles
>>>>> By Christopher Allen <ChristopherA@LifeWithAlacrity.com>
>>>>> 2025-07-15
>>>>>
>>>>> *Reflections on recent conversations about digital identity,
>>>>> sovereignty, and the erosion of foundational principles*
>>>>>
>>>>> Echoes from Geneva
>>>>>
>>>>> I wasn't present at the [Global Digital Collaboration](
>>>>> https://globaldigitalcollaboration.org/) conference (GDC25), but the
>>>>> observations shared by colleagues who attended have crystallized some
>>>>> issues I've been wrestling with for years. I should note there's a
>>>>> selection bias here: I'm the author of the [10 principles of self-sovereign
>>>>> identity](
>>>>> https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/self-sovereign-identity-principles.md),
>>>>> so my community tends to have strong opinions about digital identity.
>>>>> Still, when multiple trusted voices independently report similar concerns,
>>>>> patterns emerge that are worth examining. And these weren't casual
>>>>> observers sharing these concerns. They were seasoned practitioners who've
>>>>> spent decades building identity infrastructure. Their collective unease
>>>>> speaks to something deeper than technical disagreements.
>>>>>
>>>>> It's hard to boil the problems at GDC25 down to a single issue,
>>>>> because they were so encompassing. For example, there was a pattern of
>>>>> scheduling issues that undercut the community co-organizing goal of the
>>>>> conference and seemed to particularly impact decentralized talks. One
>>>>> session ended up in a small, hot room on the top floor that was hard to
>>>>> find. (It was packed anyway!) Generally, the decentralized-centric talks
>>>>> were in bad locations, they were short, they had restricted topics, or they
>>>>> were shared with other panelists.
>>>>>
>>>>> I think that logistical shuffling of events may point out one of the
>>>>> biggest issues: decentralized systems weren't given much respect. This may
>>>>> be true generally. There may be lip service to decentralized systems, but
>>>>> not deeper commitments. Its value isn't appreciated, so we're losing its
>>>>> principles. Worse, I see the intent of decentralization being inverted:
>>>>> where our goal is to give individuals independence and power by reducing
>>>>> the control of centralized entities, we're often doing the opposite —
>>>>> still in the name of decentralization.
>>>>>
>>>>> The Echo Chamber Paradox
>>>>>
>>>>> The problems at GDC25 remind me of Rebooting the Web of Trust (RWOT)
>>>>> community discussions I've been following, which reiterate that this is a
>>>>> larger issue. We debate the finer points of zero-knowledge proofs and DID
>>>>> conformance while missing the forest for the trees. Case in point: the
>>>>> recent emergence of "[`did:genuineid`](https://genuinein.com/DIDMethod)"
>>>>> — a centralized identifier system that fundamentally contradicts the
>>>>> "D" in DID.
>>>>>
>>>>> Obviously, decentralization is a threat to those who currently hold
>>>>> power (whether they be governments, corporations, billionaires, or others
>>>>> who hold any sort of power), because it tries to remove their
>>>>> centralization (and therefore their power), to instead empower the
>>>>> individual. But if we can't even maintain the semantic integrity of
>>>>> "decentralized" within our own technical community, devoted to the ideal,
>>>>> how can we fight for it in the larger world?
>>>>>
>>>>> The Corpocratic Complication
>>>>>
>>>>> GDC25 was held in Geneva, Switzerland. 30+ standards organizations
>>>>> convened to discuss the future of digital identity. Participants spanned
>>>>> the world from the United States to China. There was the opportunity that
>>>>> GDC25 was going to be a truly international conference. Indeed, Swiss
>>>>> presenters were there, and they spoke of privacy, democratic involvement,
>>>>> and achieving public buy-in. It was exactly the themes that we as
>>>>> decentralized technologists wanted to hear.
>>>>>
>>>>> But from what I've heard, things quickly degraded from that ideal.
>>>>> Take the United States. The sole representative of the country as a whole
>>>>> attended via teleconference. (He was the only presenter who did so!) His
>>>>> talk was all about Real ID, framed as a response to 9/11 and rooted in the
>>>>> Patriot Act. It lay somewhere between security-theatre and
>>>>> identity-as-surveillance, and that's definitely not what we wanted to hear.
>>>>> (The contrast between the US and Swiss presentations was apparently
>>>>> jarring.)
>>>>>
>>>>> And with that representative only attending remotely, the United
>>>>> State's real representatives ended up being Google and Apple, each
>>>>> advancing their own corpocratic interests, not the interests of the people
>>>>> we try to empower with decentralized identities.
>>>>>
>>>>> This isn't just an American problem. It's a symptom of a deeper issue
>>>>> happening across our digital infrastructure. It's likely the heart of the
>>>>> inversions of decentralized goals that we're seeing — and likely why
>>>>> those logistical reshufflings occurred: to please the gold sponsors. In
>>>>> fact, the conference sponsors tell the story: Google, Visa, Mastercard, and
>>>>> Huawei were positioned as "leading organizations supporting the advancement
>>>>> of wallets, credentials and trusted infrastructure in a manner of global
>>>>> collaboration."
>>>>>
>>>>> While Huawei's presence demonstrates international diversity — a Swiss
>>>>> conference bringing together Europe and Asia — it also raised questions
>>>>> about whose vision of "trust" would ultimately prevail. When payment
>>>>> platforms and surveillance-capable tech giants frame the future of identity
>>>>> infrastructure, we shouldn't be surprised when the architecture serves
>>>>> their interests first.
>>>>>
>>>>> This echoes my concerns from ["Has SSI Become Morally Bankrupt?"](
>>>>> https://www.blockchaincommons.com/musings/musings-ssi-bankruptcy/).
>>>>> We've allowed the narrative of self-sovereignty to be co-opted by the very
>>>>> platforms it was meant to challenge. The technical standards exist, but
>>>>> they're being implemented in ways that invert their original purpose. Even
>>>>> [UNECE sessions acknowledged](
>>>>> https://unece.org/trade/events/global-digital-collaboration-conference-international-trade-identity-across-borders)
>>>>> the risk of "diluting the autonomy and decentralization that SSI is meant
>>>>> to provide."
>>>>>
>>>>> The Sovereignty Shell Game
>>>>>
>>>>> Google was partnered with German Sparkasse on ZKP technology and that
>>>>> revealed a specific example of this co-opting.
>>>>>
>>>>> Google's open-sourcing of its Zero-Knowledge Proof libraries,
>>>>> announced July 3rd in partnership with Germany's network of public savings
>>>>> banks, was positioned as supporting privacy in age verification. Yet as
>>>>> [Carsten Stöcker pointed out](
>>>>> https://www.linkedin.com/posts/dr-carsten-st%C3%B6cker-1145871_opening-up-zero-knowledge-proof-technology-activity-7348195852085067776-nKDB),
>>>>> zero-knowledge doesn't mean zero-tracking when the entire stack runs
>>>>> through platform intermediaries. Carsten noted that Google has "extensive
>>>>> tracking practices across mobile devices, web platforms and advertising
>>>>> infrastructure." Meanwhile, the Google Play API makes no promises that the
>>>>> operations are protected from the rest of the OS.
>>>>>
>>>>> The Google ZKP libraries ("longfellow-sk") could be a great [building
>>>>> block](https://news.dyne.org/longfellow-zero-knowledge-google-zk/)
>>>>> for truly user-centric systems, as they link Zero-Knowledge Proofs to
>>>>> legacy cryptographic signature systems that are still mandatory for some
>>>>> hardware. But they'd have to be detached from the rest of Google's
>>>>> technology stack. Without that, there are too many questions. Could Google
>>>>> access some of the knowledge supposedly protected by ZKPs? Could they link
>>>>> it to other data? We have no idea.
>>>>>
>>>>> The European Union's eIDAS Regulation, set to take effect in 2026,
>>>>> encourages Member States to integrate privacy-enhancing technologies like
>>>>> ZKP into the European Digital Identity Wallet, but integration at the
>>>>> platform level offers similar dangers and could again invert the very
>>>>> privacy guarantees ZKP promises.
>>>>>
>>>>> Historical Echoes, Modern Inversions
>>>>>
>>>>> Identity technology's goals being inverted, so that identity becomes a
>>>>> threat rather than a boon, isn't a new problem. In ["Echoes of History"](
>>>>> https://www.blockchaincommons.com/articles/echoes-history/), I
>>>>> examined how the contrasting approaches of Lentz and Carmille during WWII
>>>>> demonstrate the life-or-death importance of data minimization. Lentz's
>>>>> comprehensive Dutch identity system enabled the Holocaust's efficiency;
>>>>> Carmille's deliberate exclusion of religious data from French records saved
>>>>> lives. Even when they're decentralized, today's digital identity systems
>>>>> face the same fundamental questions: what data should we collect, what
>>>>> should we reveal, and what should we refuse to record entirely?
>>>>>
>>>>> But we're adding a new layer of complexity. Not only must we consider
>>>>> what data to collect, but who controls the infrastructure that processes
>>>>> it. When Google partners with Sparkasse on "privacy-preserving" age
>>>>> verification, when eIDAS mandates integration at the operating system
>>>>> level, we're not just risking data collection: we're embedding it within
>>>>> platforms whose business models depend on surveillance. Even if the data is
>>>>> theoretically self-sovereign, the threat of data collected is still data
>>>>> revealed — just as happened with Lentz's records.
>>>>>
>>>>> The European eIDAS framework, which I analyzed in a [follow-up piece
>>>>> to "Echoes from History"](
>>>>> https://www.blockchaincommons.com/articles/eidas/), shows how even
>>>>> well-intentioned regulatory efforts can accelerate platform capture when
>>>>> they mandate integration at the operating system level. As I wrote at the
>>>>> time, a history of problematic EU legislation that had the best of
>>>>> intentions but resulted in unintended consequences has laid the groundwork,
>>>>> and now identity is straight in that crosshairs. One of the first, and most
>>>>> obvious problems with eIDAS is the mandate "that web browsers accept
>>>>> security certificates from individual member states and the EU can refuse
>>>>> to revoke them even if they’re dangerous." There are many more — and
>>>>> I'm not [the only voice](
>>>>> https://news.dyne.org/the-problems-of-european-digital-identity/) on
>>>>> eIDAS and EUDI issues.
>>>>>
>>>>> Supposedly self-sovereign certificates phoning home whenever they're
>>>>> accessed is another recent threat that demonstrates best intentions gone
>>>>> awry. This not only violates privacy, but it undercuts some of our best
>>>>> arguments for self-sovereign control of credentials by returning liability
>>>>> for data leaks to the issuer. The [No Phone Home](
>>>>> https://www.blockchaincommons.com/news/No-Phone-Home/) initiative
>>>>> that Blockchain Commons joined last month represents one attempt to push
>>>>> back on that, but it feels like plugging holes in a dam that's already
>>>>> cracking. It all does.
>>>>>
>>>>> The Builder's Dilemma
>>>>>
>>>>> What troubles me most is the split I see in our community. On one
>>>>> side, technology purists build increasingly sophisticated protocols in
>>>>> isolation from policy reality. On the other, pragmatists make compromise
>>>>> after compromise until nothing remains of the original vision.
>>>>>
>>>>> The recent debates about [`did:web` conformance](
>>>>> https://github.com/w3c-ccg/did-method-web) illustrate this perfectly.
>>>>> Joe Andrieu correctly notes that `did:web` can't distinguish between
>>>>> deactivation and non-existence — a fundamental security boundary. Yet
>>>>> `did:web` remains essential to many implementation strategies because it
>>>>> bridges the gap between ideals and adoption. It provides developers and
>>>>> users with experience with DIDs, but in doing so undercut decentralized
>>>>> ideals for those users. We're caught between philosophical purity and
>>>>> practical irrelevance.
>>>>>
>>>>> In my recent writings on [Values in Design](
>>>>> https://www.blockchaincommons.com/musings/ValuesDesign/) and the
>>>>> [Right to Transact](
>>>>> https://www.blockchaincommons.com/musings/RightToTransact/), I've
>>>>> tried to articulate what we're fighting for. But values without
>>>>> implementation are just philosophy, and implementation without values is
>>>>> just surrender.
>>>>>
>>>>> The Global Digital Collaboration highlighted this tension perfectly.
>>>>> International progress on digital identity proceeds apace: Europe,
>>>>> Singapore, and China all advance their frameworks, but there are still
>>>>> essential issues that invert our fundamental goals in designing
>>>>> self-sovereign systems. Meanwhile, the U.S. remains even more stalled, its
>>>>> position represented only by the platforms that benefit from the status
>>>>> quo. Alongside this, technical standards discussions proceed in isolation
>>>>> from the policy, regulatory, and social frameworks that will determine
>>>>> their real-world impact.
>>>>>
>>>>> Where Do We Go From Here?
>>>>>
>>>>> I find myself returning to first principles. When we designed [TLS
>>>>> 1.0](https://datatracker.ietf.org/doc/html/rfc2246), we understood
>>>>> that technical protocols encode power relationships. When we established
>>>>> the [principles of self-sovereign identity](
>>>>> https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/self-sovereign-identity-principles.md),
>>>>> we knew that architecture was politics. Ongoing battles, such as those
>>>>> between Verifiable Credentials and ISO mDLs, between DIDComm and OpenID4VC,
>>>>> demonstrate disagreements over these power relationships made visible in
>>>>> technological discussions.
>>>>>
>>>>> The question now is whether we can reclaim our ideals before they're
>>>>> completely inverted by the side of centralized power and controlled
>>>>> architecture.
>>>>>
>>>>> The path forward requires bridging the gaps Geneva revealed:
>>>>>
>>>>> - Between corporate platform dominance and global digital sovereignty
>>>>> - Between the promise of decentralization and the reality of
>>>>> recentralization
>>>>> - Between technical standards and policy reality
>>>>> - Between privacy absolutism and implementation pragmatism
>>>>>
>>>>> A Personal Note
>>>>>
>>>>> After three decades of building internet infrastructure, I've learned
>>>>> that the most dangerous moment isn't when systems fail, it's when they
>>>>> succeed in ways that invert their purpose. We built protocols for human
>>>>> autonomy and watched them become instruments of platform control. We
>>>>> created standards for decentralization and saw them twisted into new forms
>>>>> of centralization.
>>>>>
>>>>> This conversation continues in private Signal groups, in conference
>>>>> hallways, in the space between what we built and what we've become. The
>>>>> [Atlantic Council warns](
>>>>> https://dfrlab.org/2024/10/01/analysis-a-brave-new-reality-after-the-uns-global-digital-compact/)
>>>>> of power centralizing "in ways that threaten the open and bottom-up
>>>>> governance traditions of the internet." When critics from across the
>>>>> geopolitical spectrum — from sovereignty advocates to digital rights
>>>>> groups — all sense something amiss, it suggests a fundamental
>>>>> architectural problem that transcends ideology.
>>>>>
>>>>> Perhaps it's time for a new architecture: one that acknowledges these
>>>>> inversions and builds resistance into its very foundations.
>>>>>
>>>>> But that's a longer conversation for another day.
>>>>>
>>>>> ---
>>>>>
>>>>> *Christopher Allen has been architecting trust systems for over 30
>>>>> years, from co-authoring TLS to establishing self-sovereign identity
>>>>> principles. He currently works on alternative approaches to digital
>>>>> identity through [Blockchain Commons](
>>>>> https://www.blockchaincommons.com/).*
>>>>>
>>>>
Received on Thursday, 17 July 2025 21:28:13 UTC