In a previous post, we discussed Trinsic’s commitment to making sure our platform is based on the most recent self-sovereign identity (SSI) standards. Because of that commitment, solutions built with Trinsic will always be interoperable and untethered from vendor lock-in. We implement those standards through open source codebases which power everything we do at Trinsic.
The SSI industry is growing quickly in quantity and quality of use cases, and so too are SSI-related codebases. Since this is an introductory post, we do not intend to provide an exhaustive list of all the SSI open source codebases. Instead we hope to list three main “categories” of tried-and-true open source codebases that are maintained by the SSI developer community.
Hyperledger is an open source community hosted by the Linux Foundation that acts as a greenhouse for cross-industry, blockchain-based projects. There are three projects within Hyperledger that directly relate to SSI—Aries, Indy, and Ursa. The Trinsic platform is built upon these codebases.
Aries was created out of the Hyperledger Indy community due to a need for open source agents. The vision for Aries is that it’s a ledger-agnostic toolkit for managing verifiable credentials. A complete summary of Aries codebases can be found in the Hyperledger GitHub repository, but we’ll highlight a few here:
- Aries Framework .NET: Trinsic’s entire product stack is based on Aries Framework .NET—a mature codebase for building interoperable, SSI agents that run on all platforms (cloud, mobile, IoT, etc.). Trinsic developed the framework and now continues to maintain it alongside the contributions of many other developers and vendors.
- Aries Cloud Agent Python (ACA-Py): Similar to Aries Framework .NET, ACA-Py is a mature codebase for building SSI agents, although it’s unable to be used in mobile environments. It’s maintained by the Government of British Columbia, Canada and a large community of developers.
- Aries Framework Go: Another mature Aries initiative, the Go codebase leverages Hyperledger Fabric, not Indy, for its public key infrastructure.
- Aries RFCs: The Aries RFCs specify the protocols Aries agents will run. Interoperability profiles are based off a combination of several RFCs that must be proven to be interoperable with one another.
Hyperledger Indy & Ursa
Hyperledger Indy is a blockchain purpose-built for decentralized identity. It was the first production-grade SSI solution which is still run by Sovrin today in a production network by nodes around the world.
Hyperledger Ursa is a library of cryptography-related code so that all Hyperledger projects can leverage existing, proven libraries. The cryptography required for zero-knowledge proofs lives in this codebase.
The Decentralized Identity Foundation (DIF) is an industry association focused on developing the specifications, protocols, and other components needed to “establish an open ecosystem for decentralized identity and ensure interop between all participants”¹.
The DIF has various working groups through which its open source codebases are developed and maintained. The topics of the working groups include Identifiers & Discovery, Storage & Compute, DID Authentication, Claims & Credentials, DID Communication, Sidetree, Secure Data Storage, and Interop. Trinsic’s engineering team actively participates in various DIF working groups.
A few DIF codebases related to SSI that we want to highlight include:
According to the Sidetree specification, “Sidetree is a protocol for creating scalable decentralized public key infrastructure (DPKI) networks that can run atop of any existing decentralized ledger system (e.g., Bitcoin) and be as open, public, and permissionless as the underlying ledger they utilize.”
The DIF GitHub page explains that “a Universal Resolver is an identifier resolver that works with any decentralized identifier system, including Decentralized Identifiers (DIDs).”
KERI is “a ledger-less approach to identity that enables a universal decentralized key management infrastructure (DKMI)”².
Individual vendors as well have codebases that apply to different levels of the SSI tech stack. Almost all SSI vendors have a GitHub repository full of a variety of codebases, from components (like Trinsic’s implementation of DID:key in Rust) to more complete solutions (like this DIF project). Trinsic has a set of open source reference applications that developers can take advantage of, including:
Using these reference apps, developers can instantly have an out-of-the-box app that’s integrated with Trinsic and can choose to use it as a reference when building their own app, or they can simply take the app as is and customize it.
Reducing the complexity
As you can see, there are many places a developer who is looking to build a self-sovereign identity solution can spend his or her time. Instead of having to focus on learning the ins and outs of different SSI codebases, developers can use Trinsic’s API to reduce the complexity of implementing self-sovereign identity and focus entirely on building their solution. Development time can be reduced from several months to weeks, and that’s because Trinsic simply makes SSI easy to implement.