top of page

Todo acerca de Web 3 y GovTech


What is a Decentralized Digital Identity System?

By Chuy Cepeda

I remember my good friend Guille, from Extrimian, telling us: "be careful, when you enter the world of identity you will open a Pandora's box." How right he was...

From the terminology to the multiple scenarios of methods, standards, initiatives, regulations, applications, protocols, blockchain networks, functionalities; oh! a huge world, we definitely opened a Pandora's box.

So, in this post, what I hope is to share with you the basic ideas and pointers that will help you understand it easily, or, if you wish, to delve deeply into it. To do this, I believe it is key to understand the following.

What is a decentralized digital identity system?

Simply put, an identity system is one in which a clear way of recognizing, remembering, and identifying the users of a certain relationship is established. To achieve this in web3, that is, in the decentralized digital world, the following components are needed.

Decentralized Identifiers (DIDs)

  • Non-reassignable, meaning they are permanent, persistent and non-interchangeable identifiers in such a way that they always refer to the same user or entity, and therefore a better alternative to current identification methods such as a domain, an IP, an email, or a phone number. This is key to user control and self-sovereignty.

  • Cryptographically verifiable, meaning they are associated with a public-private key pair, and with the DIDs of the users or entities that control them (controllers) to demonstrate their ownership and belonging. They are a more secure alternative to current authentication methods such as a password. Using the key pair allows a user or entity to verify that they are the owners of a decentralized identifier and therefore of the associated attributes.

  • Decentralized, meaning they do not rely on a central authority for their registration or issuance. Creating a new identifier will depend solely on the specified "DID Methods," and their revocation, deletion, update, or censorship is outside the scope of any central authority.

  • A controller can be a person, an organization, or even a software whose way of identifying itself is also through a DID and its cryptographic verification. For example, an adult person who has a DID as their unique identifier can use that same DID as their controller. However, a minor could identify themselves with their unique DID but have their parents or guardians as controllers. The same could happen in the case of a company, whose unique identification DID could have its partners as controllers

Authentication Factors (Authenticators)

  • Authentication factors are the mechanisms through which a user or entity demonstrates ownership of a DID. This can be a hardware element that the user possesses, a knowledge element such as a public-private key pair, or inherent factors of the person such as their biometrics.

Information processors (Validators)

  • Information processors are usually service providers in charge of managing DIDs, Controllers, and Authentication Factors. In the case of public blockchain networks, we could refer to miner nodes or validators who participate in the consensus process. However, we could also include application developers for digital identity management, commonly known as wallets.

The ability to obtain a decentralized identifier and be its controller, that is, to possess the authentication factors that demonstrate that it belongs to you (for example, having the public and private key), is what we call obtaining a decentralized digital identity, also known as a self-sovereign identity.

In summary, DIDs have become a better alternative to email as a user identifier, and authentication factors based on public and private keys beyond a password, along with the inherent characteristics of blockchain technology, make digital interactions more private and secure.

This is entering the world of Web3, and the best way to do it is by obtaining your decentralized digital identity and starting to manage your DIDs, and for that, you need an identity wallet


Additional notes on terminology

  • Blockchain is the infrastructure where Web3 runs.

  • Web3 is the evolution of the web with new users and data governance.

  • Decentralized digital identity is the act of obtaining a decentralized identifier (DID) to interact in Web3.

  • Self-sovereign identity is another name for decentralized digital identity.

  • Web3 digital identity is another name for decentralized digital identity.

  • Bitcoin is a decentralized finance (DeFi) digital asset, also known as a cryptocurrency, and runs on blockchain.

  • Ethereum is a decentralized application ecosystem, and it also has an asset like Bitcoin called Ether.

  • Cryptocurrencies in general are DeFi assets and can be associated with a DID.

  • A NFT is a digital asset similar to cryptocurrencies but with a defined scarcity, which is why they are typically used as collectibles, and can also be associated with a DID.

  • A verifiable credential is another type of digital asset that can represent a document or certificate and can be associated with a DID.

  • A wallet is an application that allows you to manage DIDs and their associated elements such as credentials, NFTs, or cryptocurrencies. It also allows you to connect (login) to different decentralized applications.



Lucas Jolias, Director de OS City

Jesús Cepeda, CEO at OS City

22 views0 comments


OS City +

Todo acerca de Web 3 y GovTech

©2023 by OS City

bottom of page