Digital Identity

Privado ID is a set of tools for developers that can be used to facilitate trusted and secure relationships between apps and users. Developers can use Privado ID to enable the exchange of verifiable credentials secured by cryptography and the blockchain. Privado ID is designed for developers with a strong focus on privacy, decentralization and user data self-sovereignty.

Verifiable credentials are issued according to the W3C standards and signed cryptographically to ensure they are tamper-proof. This is performed by Issuers, which are trusted organizations or companies. In the real world, this could include your government, university, or bank. In Web3, this could include KYC providers, oracles, DAOs, reputation services, etc.

For these Issuers, Privado ID includes the Issuer Node, a self hosted API capable of creating these credentials.

Credentials are not created in the void. They are created when a user requests them to prove something. The user then has to request, collect and store the credential. This is done through an identity wallet. In the same way a crypto wallet holds your crypto private keys, an identity wallet holds your identity keys and your credentials.

For these identity wallets (and for crypto wallets willing to expand to hold identity keys and credentials), Privado ID includes the Wallet SDK. The Wallet SDK can be used to develop mobile wallets that request, store and present credentials or proof of credentials (using zero-knowledge proofs). Privado ID also includes a JavaScript SDK for developing web-based wallets, browser extensions and dApps.

Last but not least, these credentials are meant to give the user some “power” - the power to prove something about him/herself to a dApp or SmartContract (the Verifers of the credential).

The process is like a “question-answer” dialog. A dApp needs to verify that I’m older than 18 to give me access to some content, or a SmartContract needs to verify that I’m human and unique before giving me an airdrop. These Verifiers can “ask” my wallet these questions and my wallet will produce a valid answer using my credentials.

The entire process is highly resistant to tampering - thanks to the use of PKI (public key infrastructure) and blockchain, and privacy preserving - thanks to the use of zero knowledge proofs.

For the verification part of the process, Privado ID includes the Verifier SDK and smart contracts for off-chain and on-chain verification. These libraries allow the Verifier to compose different queries (questions) without having to deal with the complexity of reconfiguring the underlying cryptography.

For further information please see this playlist.

Although technically speaking Privado ID is a set of tools - it’s value is much more than that - it’s all about the ecosystem.

Privado ID tooling is continuously being integrated by new Issuers, Verifiers and Wallet providers (you can see the growing Privado ID ecosystem here, creating a positive network effect where everyone benefits from the addition of new builders.

As a Web3 developer, your users will soon have access to a big market of credentials (from Issuers in the broader Privado ID ecosystem). Your users will be able to reuse their credentials across multiple Verifiers, using different wallets.

The Privado ID team is committed to creating an open, interoperable and decentralized space for the community to exchange verifiable credentials for Web3. That’s why Privado ID follows the industry standards (W3C, DIF), offers all of the tools under open source licenses and makes the tooling work with any EVM-compatible blockchain.

The core Privado ID technology stack is available under an open source license in a self-service/self-hosted fashion with support for DID and verifiable credentials.

The following tools help developers integrate decentralized identity solutions into their applications:
‍
• Privado ID Wallet SDK
Allows builders to create identity wallets or to incorporate identity solutions into their existing crypto wallet offerings. As a reference implementation of an identity wallet, you can find the Privado ID Wallet App, which has been created by the Privado ID team to help builders understand one way to incorporate the Wallet SDK into their wallets.

• Privado ID Issuer Node
The Issuer Node is an application that Issuers can host themselves to keep control of their data. It exposes API methods that can be used by Issuers to issue Verifiable Credentials and a user interface.

• Privado ID Verifier SDK
Allows developers, for example dApps, to set verification criteria and construct queries for users.

• Privado ID JS SDK (Beta Version)
Java Script Libraries to create client applications as browser extensions, which allows users to issue credentials about themselves, to store credentials and a key, and then to generate proofs of having those credentials.

Moreover you have two additional tools created to facilitate the work of Privado ID developers:

• Schema Builder
Schema Builder is an indispensable tool for developers looking to streamline the creation and management of credential schemas. The schema builder not only makes it easier for developers but also empowers them to create schemas as public goods, contributing to the standardization and interoperability of credentials in our ecosystem. The Schema Builder is accessible here.

• Query Builder
If you're developing a dApp and need to verify user credentials, our Query Builder is here to assist you. The Query Builder eliminates the need for developers to have in-depth knowledge of de zkQuery language, providing a more intuitive and user-friendly way to create queries. The Query Builder is accesible here.
‍
For further information please see this video.

The main two uses of zero-knowledge technology used in Privado ID are:
1. Preserve privacy: the user (Identity Holder) can send a proof of any information inside a credential to the Verifier (dApp) without revealing the information inside the credential. In the Selective Disclosure mode, the user can also select which information inside the credential he wants to share (without having to select the whole credential). While sharing this information, he also sends a proof about this information so the Verifier can check its correctness.

2. Verification of computation:  zero-knowledge proofs can be used to prove that a computation has been performed correctly without the Verifier having to recompute it. For example, within Privado ID, it is used to prove that an identity is performing a state transition correctly.

For further information please see this video.

There are three main uses of the blockchain for Privado ID.

1. Issuing a Merkle Tree Proof (MTP) signature to a credential: The Issuer can issue a credential with an MTP which holds information about the Issuer state tree published on-chain.

2. On-chain verification: The Verifier can use an on-chain smart contract to verify credentials.

3. On-chain issuer: The issuer can use an on-chain smart contract to issue credentials.

In the future, additional uses of blockchain will be built for Privado ID, such as to enable revocation of credentials, where the Issuer publishes the revocation tree on-chain so the user (Identity Holder) can include the revocation (or non-revocation) information inside the zero-knowledge proof they send to the Verifier.

For further information please see this video.

An identity is represented by its identifier and a set of attributes. For example, your identifier could be your wallet address and your attributes could be non-fungible tokens (NFTs) or soulbound tokens (SBTs). Or your identifier could be your DID (decentralized identifier) and your attributes could be verifiable credentials (VC), the W3C standard used in Privado ID.

• Non-Fungible Tokens (NFTs): are unique representations of an asset on a blockchain. NFTs have frequently been speculative “assets” used to represent community memberships, profile pictures, art, metaverse land, and more. In digital identity, NFTs are used primarily as a form of purchasable membership pass or as a certificate. Some characteristics of  NFTs are:
‍
- Identifier is a wallet address: NFTs are associated with static, public wallet addresses.
- Transferable: NFT can be transferred to another address therefore to another user.
- Tradable: NFTs facilitate the seamless buying and selling of digital assets.
- Traceable: Anyone can see on the blockchain how an NFT has been transferred.
- Blockchain specific: An NFT is tied to a specific blockchain.
- Public: NFTs are public on the blockchain; anyone can see them.
- Costs: If you were to issue an NFT, you would have to pay blockchain minting fees.
- Standards: NFTs standards are limited to Web3 industry.

• Soulbound Tokens (SBTs): are NFTs that can't be transferred and are permanently tied to an individual owner. They are designed to store personalized data in a secure and non-transferable, non-tradable way. Although SBTs have more potential than NFTs to digitize identities, they still have the downside of being public on the blockchain and therefore are not suitable to hold sensitive data.

• Verifier Credentials (VC): are a type of credential that an Issuer cryptographically signs about a user. These credentials (e.g., KYC, credit score, master’s degree, etc.) are stored in the user’s identity wallet and not on the blockchain. These credentials are therefore private by default and are proven upon request, and in the case of Privado ID, thanks to zero-knowledge technology, they can be proven without revealing any information, unless the user decides to do so via Selective Disclosure. Verifiable credentials can be programmed to be verifiable for specific durations of time or revocable by the Issuer. Some characteristics of VCs are:

- Identifier is a DID: The identifier is not a wallet address, but a DID (decentralized identifier). The VCs are owned by the DID.
- Non-transferable: VCs are issued to a specific identity (i.e. the user/Identity Holder) and cannot be transferred.
- Non-tradable: As the VCs cannot be transferred, they cannot be traded. You cannot sell your credentials. They are part of who you are.
- Not traceable: With the profiles anti-tracking feature of Privado ID, you can interact with different vendors via multiple DIDs generated from the main DID.
- Interoperable: VCs standardize the format of information allowing Identity Holders to own their data and selectively share it with relevant parties across the internet, including between different blockchains. For example, once you have your KYC credentials, you can reuse them to authenticate you in different applications.
- Private by default: VCs are not publicly viewable as they are stored in the user’s digital wallet (you own your data), and will only be shared upon user consent and without necessarily revealing any information, thanks to zero-knowledge proofs.
- Costs: as the VC is not transferable and is not stored on the blockchain, there are no minting or transfer costs as with NFTs. For more details about the costs of running Privado ID, see the question “What is the cost of Privado ID?”.
- Standards: VCs are globally recognized for their adherence to W3C standards, widely embraced in the enterprise sector compared to the more specialized adoption of NFTs and SBTs within Web3.
‍
Verifiable credentials, the W3C standard implemented in Privado ID, are the most practical technology to digitize our identities and finally allow people to prove who they are on the internet. The challenge is user adoption, and Privado ID is leading the way in the Web3 space. Join the ecosystem of projects already implementing Privado ID!

Privado ID can run on any EVM-compatible chain. At the moment, the necessary smart contracts are deployed onto Polygon Testnet (Amoy) and Polygon PoS Mainnet, but they could be deployed into any other EVM-compatible chain including any CDK-based blockchain very soon.

Privado ID is an open-source software and is free to use. However, Privado ID plans to generate revenue by offering additional infrastructure and services.

1. Credentials: Fees are charged for the use and reuse of credentials. Verifiers (e.g., Applications) will pay these fees to the issuers via a payment rails infrastructure, and Privado ID will collect a percentage of each transaction.
2. Identity Cloud Wallet: Privado ID might charge charge a one-time fee to the verifier (e.g., Application) for each new user onboarded. This fee covers necessary services for the cloud wallet, such as storage and key custody.
3. Enterprise Support: Privado ID provides tailored support and development services for systems requiring private infrastructure, such as those operated by governments or corporations. These contracts are typically based on service-level agreements (SLAs).
4. Issuer Services: Fees are also collected for additional services provided to issuers, including revocations, on-chain issuance, trust registry, and compliant storage, using their payment rails to facilitate transactions.

This structure allows Privado ID to support a wide range of use cases while maintaining its foundational open-source principles