WEB3 and data decentralization - Part 1

(leggilo in italiano)

Over the past few months I have had the opportunity to talk to both investors and companies on the topic of WEB3 and data decentralization, and I have encountered a lot of confusion and misinformation.

I decided to write a series of articles on the subject to explain the concepts of decentralization, cryptography, and new technologies such as Self Sovereign Identity, abbreviated as SSI; and how to bring a company into the WEB3 world in a simple way, in order to be more streamlined and efficient by fully utilizing the decentralization processes.

I have already written about the differences between WEB2 and WEB3 but in general when we talk about WEB3 and decentralization, cryptocurrencies and digital wallets come to mind. In fact, cryptocurrencies began the process of decentralization by making it possible for payments between owners of digital wallets to be made without a central system, i.e., a bank for example. For example, in a centralized system using current currencies such as the Euro, Dollar, and Yen, it is necessary to use a centralized channel i.e., a bank, to be able to transfer money between two current account owners.

The reason it is possible to transfer funds between two current account owners is that each current account holder has an identity that the bank knows through a process called KYC, or Know Your Customer. To open a bank account for example, you have to show ID, whether you do it physically on the premises or through digital KYC. In the world of cryptocurrencies, on the other hand, this does not happen, because the identity is digital, that is, through cryptographic algorithms it is possible to identify who is sending and who is receiving, using their respective digital wallets, and therefore there is no need for a go-between to perform the transfers.

So it's clear that cryptocurrencies and digital wallets are an expression of decentralization of data, which no longer have to reside in a common, centralized place such as a bank, but can interact without a channel. In reality an information transfer medium exists and it is the blockchain, which allows these transactions to be recorded and thus enable account management as in normal banking. The difference is that the blockchain is a decentralized system, in that it does not belong to one particular entity, but it belongs to everyone, so to speak.

So having a digital wallet is equivalent to having a digital identity in the world of blockchain and cryptocurrency. But then does a decentralized system only serve cryptocurrencies and money transfers like Bitcoin, Ethereum, etc.? The answer is no. There is another technology that using the same cryptographic algorithms is capable of extending the reach of a digital wallet and being able to store, verify and transfer information that is not just cryptocurrencies. This technology, which I mentioned at the beginning of the article, is called Self Sovereign Identity for short SSI.

I have written another article that simply explains what SSI is and how it works which you can read here (https://www.dhirubhai.net/pulse/introduction-ssi-self-sovereign-identity-emilio-de-lazzari), but I take up below some of the strengths of this technology to highlight the merits and benefits it brings to companies that want to migrate to a decentralized system. And the interesting news is that companies can already do this now, because the technology exists and is already a W3C standard, the organization that regulates Internet standards.

SSI as a decentralization technology is really based on the concept of digital identity. We have seen how a digital wallet by nature has a digital identity within it, which SSI uses to be able to digitally sign information that can then be verified without interaction with the person who issued it. This information can be recorded in one's digital wallet, and then used when needed.

It all still seems nebulous for now, but with an example let's clarify this fundamental concept of SSI and data encryption in general.

Suppose we have a wax stamp with an emblem that represents me and cannot be copied. Suppose I write on a piece of paper a certain piece of information, which I then put in an envelope that I seal tightly with my super wax stamp with my emblem. In the SSI world, I would have just performed the issuance of a verifiable credential, that is, I would have issued a piece of information that I then digitally signed and sealed using proven encryption algorithms.

But let us continue our example. If I give the envelope with my seal to someone, who then takes it to a third person, the latter when she receives it gets the following information:

The envelope is sealed by a wax stamp, so the information in it has not been changed.

Since the wax stamp bears my likeness, the recipient knows that I sent it.

The moment she opens the envelope and reads the information contained it is evidently sent by me, because no one can copy my emblem and it has not been altered because the envelope has not been tampered with.??

The same thing happens in the SSI world, that is, the recipient can check that the information in the missive has not been altered by checking its digital signature, and since the signature belongs to me he also knows that it was I who wrote that information.

It is noteworthy how the receiver does not have to contact me to ask if I really wrote the information, because since my digital signature is there she can rest assured that I wrote it.

To summarize in an SSI interaction the data being issued not only contains the information to be transmitted, but also the fact that it has not been altered by including the sender’ signature. So let's say the transferred data contains not only the necessary information but also the identity and immutability of it

So how can this important property of SSI credentials be used by companies in the new decentralized system? We will see in my next article coming out soon.