Glossary

Self-Sovereign Identity

Self-Sovereign identity (SSI) gives users control and ownership over their identity. In centralized and federated identity, a user's identity is an account on a server, and if you delete the account you terminate the user's identity on the internet. With self-sovereign identity, users manage their identity through a digital wallet.

SSI is the end goal of identity 3.0. By using cryptographic keys, ownership of identity is transferred to the individual. SSI means an individual can be an issuer, verifier, and holder of identity. Since identity data is decentralized, no central authority owns the data. The user encrypts their identity documents with their public key, and the verifier can decrypt them on the blockchain where the user's public key sits. The individual holds private keys.

Digital Wallets

Digital wallets are a way for users to store their digital identity documents securely. These documents exist on a user's device and are used to verify digital identity.

Cryptographic Keys

Cryptographic keys work with the public and private key mechanism. When data is verified, the user authorizes the decryption of the public key. The encryption technology used is Elliptic Curve Digital Signature Algorithm (ECDSA). The largest ECDSA key broken to date is 112 bits long. ShareRing uses 256-bit strings, which is 4000 billion billion times harder to break. The passphrase is encrypted (secp256k1) and stored in the keychain/keystore. The backup data is encrypted (secp256k1) by the private key derived from the recovery phrase

Decentralized Identifiers

A Decentralized Identifier (DID) is a uniquely resolvable string that maps a document to an address. An example DID on ShareLedger is:

shareledger1sgx988mp9ie799w0xpjy7wbnky52n

This string maps back to an individual. Each document can also have its own DID, which maps a string back to the document.

Verifiable Credentials

Verifiable Credentials (VCs) are a W3C standard to express credentials on the internet.VCs can use DIDs as part of their metadata, but it is not necessary. Third parties request VCs from identity providers to verify the identity of individuals. Here is an example of a VC for a passport:

Example of passport info:
{
  "@context": [
    "https://www.sharering.network/credentials/v1",
    "https://www.sharering.network/passport/v1",
  ],
  "type": [
    "Passport"
  ],
  "credentialSubject": {
    "id": "did:example:123",
    "type": [
      "Passport"
    ],
    "givenName": "JOHN",
    "familyName": "SMITH",
    "gender": "Male",
    "image": "data:image/png;base64,iVBORw0KGgo...kJggg==",
    "birthPlace": "Bahamas",
    "DOB": "1958-08-17",
    "Number": "C2982929",
  },
  "issuer": "did:sharering-id:456",
  "issuanceDate": "2020-04-22T10:37:22Z",
  "identifier": "83627465",
  "name": "Passport",
  "description": "Sharing identity network",
  "proof": {
    "type": "SharingIdMerkleTree",
    "created": "2020-04-22T10:37:22Z",
    "proofPurpose": "assertionMethod",
    "verificationMethod": "did:SharingIdMerkleTree",
    “merkleRoot": “6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b”
}

Software Development Kit

ShareRing has developed a software development kit (SDK) that lets third parties use and interact with the ShareRing blockchain (ShareLedger). These are signup, login and vault.

Merkle Tree Algorithm

ShareRing uses the Merkle Tree algorithm to verify document proofs:

Only a single hash string (32 bytes) is stored on the blockchain instead of the whole data
This hash verifies an identity document but cannot be resolved back to the original document
We hash every field in the document, and they are all hashed together to form the Merkle root hash (final hash)
We obfuscate data to show only the required user information and not every attribute.

Ledgers

In blockchain technology, a ledger is an immutable ground truth database that all participants in the blockchain network must agree on. This ledger is only updated when consensus is reached, and the ledger will be the same for each node.

Validation

The blockchain network expands through the process of validation. To add a node to a the network, the new block must be validated by the rest of the network. This involves reaching a consensus within the network where the majority of nodes agree to add the new node. Once consensus has been reached, the block is validated and added to the network. No further changes to the network can be made unless a consensus is reached again.

Vault Query Language

ShareRing's Vault Query Language (VQL) lets you query user's information through a QR code. Users can generate and save complex queries to verify identity, and the response will be a verifiable credential.

Users can generate and save complex queries to verify identity.
The response will be a verifiable credential.
All queries interact with the ShareRing SDK.

All queries interact with the ShareRing SDK.

Self-Sovereign Identity​

Digital Wallets​

Cryptographic Keys​

Decentralized Identifiers​

Verifiable Credentials​

Software Development Kit​

Merkle Tree Algorithm​

Ledgers​

Validation​

Vault Query Language​