Verifiable Credentials: Trust on the net
For people looking to skip all the drama and see how VCs work, please jump here. Assuming you already know how I got past Denial, let's move on to...
Anger: Useless heap of esoteric mumbo jumbo!
Sir Tim Berners-Lee's one of the good guys in my book - he refused to patent the first browser and server after creating them in 1989. So when he's talks about the web going bad, and the internet becoming a place you cannot trust, I listen.
But then again, that's just another visionary lamenting on the loss of idealism. Doesn't mean trust on the internet affects you or me, does it?
Having recently moved countries, I can say it does. Here are some of things I had to deal with while moving:
Verifying educational qualifications: Thanks to fake certificates being a dozen a dime in developing countries, degrees to be attested by ministries that have a million better things to do. Finally you end up with a process that takes weeks and creates a bunch of well-fed intermediary agents.
Accessing medical records: Ditto for medical records. Most recent examples are COVID tests, where country A re-tests citizens of country B when they arrive from A to B. Fraud test certificates are even easier to get than fraud degrees (I'm told).
Creating a bank account: The "easy" online process asks for a bunch of documents, declarations and certificates. My Employment Pass was in process and I was staying in a temporary accommodation, neither of which helped. After 3 branch visits to resolve circular dependencies, the bank finally took mercy and let me open an account.
Applying for credit cards: Repeat 3 above, but now with a different bank.
Why are these processes so tedious? Do banks love making customers jump through hoops to create an account? Probably, but that's not the (only) reason. The reason is simple - because you cannot trust things on the net. Remember what Lincoln said?
A certificate image can be easily doctored, medical records can be faked, files can be altered. Most of the processes I listed out above have been hardened over the ages, with built in redundancies. The system has become more resilient at the cost of convenience.
But is the compromise necessary? Is there no way to combine convenience with security?
With VCs, there might be, thanks to cryptography & some complex math. Even if you're not be a bitcoin fan, you better believe in cryptography - it's what keeps secure web browsing, ATM withdrawals and email running!
VCs are machine readable by design - information can be combined into a single QR code. They also allow you to confirm the "issuer" of a VC - as in the entity that certified the "claim". For example, if the US govt issued you a driver's license as a VC, an agency in Singapore can check the authenticity of that VC in seconds, without going back to ask the US Govt. or looking for attestations. More on this later.
So trust on the internet does affect you and me. If VCs can solve it, they'd be more than esoteric mumbo jumbo. But then again...