Kaliya Young, a respected leader in the decentralized identity community, produced a paper about Hyperledger Indy and Aries that some of our customers may have questions about. We’d like to publish our response in the open. While we won’t get into specifics in this post, we resonate with many of her points and have been evolving our platform to not only remain relevant, but innovate on what it means to be a decentralized identity platform.
Background on Trinsic and Hyperledger Identity Technology
The Hyperledger Indy + Aries bundle of technologies, complete with Anoncreds verifiable credential format, was the first production-ready suite of SSI technologies to hit the market. Trinsic’s founding team were key contributors in the beginnings of the Aries project. Shortly thereafter, Trinsic launched the world’s first full-stack SSI platform based on these technologies. Subsequently, that Aries-powered platform has been used in hundreds of proofs-of-concept, pilot projects, and production deployments. Those experiences produced mountains of learnings critical for application developers, infrastructure vendors such as ourselves, and the open source community in our shared goal of self-sovereign identity.
As more customers went into production, we gathered their feedback and heard them loud and clear. We made improvements to our platform to address their concerns where it was possible. However, when we realized our customers were facing critical limitations caused by the underlying tech stack, we began developing an updated version of our platform that would reduce our dependency on these technologies and enable a better platform for our customers.
Moving Forward with Trinsic Ecosystems
Trinsic’s goal is to be the infrastructure of choice for developers who are building identity wallets and ecosystems to provide more people access to re-usable and self-sovereign identity. We make complex technology easy to use through turnkey APIs and understandable documentation.
As an infrastructure provider, it is critical we build on modular technologies that are scalable and extensible so we can:
- Support a variety of standards as they evolve, including verifiable credential formats like W3C VC Data Model, BBS Signature w/ VCs, KERI ACDCs, and ISO 18013-5 mDLs; communication protocols such as OIDC and DIDComm; and roots of trust such as ION, Ethereum, and traditional DNS infrastructure.
- Scale to the volumes and metrics needed by our customers, in terms of throughput, response time, and reliability.
- Build developer tools that fit our customers’ workflows, including wallets that are accessible using any device, available in multiple programming languages, and support built-in governance.
These are the main motivations behind our development of Trinsic Ecosystems, the next iteration of our platform. Trinsic Ecosystems is built with the lessons learned from production deployments with over 100,000 live, end-users across the world. In addition, Trinsic Ecosystems already has customers using it in production with extremely positive results.
While we are investing all our efforts into making Trinsic Ecosystems the best it can be, we will continue to support our existing platform for the foreseeable future. We have many customers whose projects are built on the Indy/Aries stack, and we have every intention of making each of them successful. Moving forward:
- We will eventually sunset our existing platform based on Aries, although we do not have a specific date set for that. When we make that decision we’ll communicate it publicly and work with each team with production deployment on a migration plan.
- Other than a few edge cases, Trinsic Ecosystems is far superior to Trinsic’s existing platform, and we will work closely with any of our customers who wish to migrate to ensure a smooth transition.
- We are targeting for Trinsic Ecosystems to become the exclusive platform we provide to new customers by the end of the calendar year.
For more information about Trinsic Ecosystems and the specific technical differences relative to our existing platform, please see our Migration Guide in our documentation.
Trinsic Ecosystems is being used in production, and we (and our customers!) couldn’t be happier with the results. We’re working closely with an exclusive set of customers to ensure their feedback makes it into the product rapidly. If you’re interested in building on Trinsic Ecosystems, you can get started for free today.
Interoperability is a keystone of SSI and something our customers almost universally need eventually. Today, Trinsic Ecosystems supports the W3C verifiable credential standard and OIDC-based verifications, which are interoperable in their respective domains, but Trinsic Ecosystems is not interoperable with Aries yet.
We intend on bringing support for Aries interoperability to Trinsic Ecosystems over time. One of the most challenging issues with the Hyperledger Indy/Aries tech is how bundled the current implementations are. Trinsic Ecosystems is built in such a way where we can easily add support for components of the stack separately—and some of these components are on the roadmap already:
- Indy: a legitimate option for anchoring public DIDs
- Aries: messaging protocols and interoperability profiles for exchanging data between wallets
- Anoncreds: a variant of verifiable credential which is now beginning to be documented and standardized
Of course the answer is “it depends”. If you’re experimenting with a proof-of-concept, then you probably don’t have much to worry about. We wrote a document outlining who should migrate, and how, in our documentation. If you’re intending on scaling to users in production or have questions about migration, we suggest you get in touch with us to discuss your situation.
We invested months of time and hundreds of thousands of dollars on improving Trinsic’s existing platform. But we found some of the challenges with the underlying tech caused scaling and performance problems that couldn’t be feasibly overcome. The best option ahead of us was to develop something built from the ground-up with the requirements of real-world, production usage in mind.
We’re focused on building the best products, period. We don’t have a “not built here” complex with regard to developments in the SSI the space. Our customers and partners put their trust in us to be objective in our pursuit of the best possible platform. This is our only incentive—we don’t have consulting revenue or other forms of income to sustain us, so if we don’t create the best platform on earth, our business will be at risk.
So while we welcome developments of the open source ecosystem, we can’t sit around and wait for improvements like Anoncreds 2.0, which has been discussed for ~4 years, to be completed. If there are solutions that better solve our problems, we have a fiduciary duty to opt for those solutions.
We are all in this space because we envision a future where users have more control of their identity. At Trinsic, we’ll continue to support technologies that usher in that future as quickly as possible by helping developers build fantastic products that will be adopted. We encourage everyone to share their opinions and experiences using our technology. We hope Kaliya’s analysis will spur constructive dialog in the community that will drive improvements and innovation in SSI.
We are happy to engage with specific questions you have on our Community Slack channel or on Twitter and look forward to the discourse.