The easiest way to explain self-sovereign identity (SSI) is to pull out an item that people carry on a daily basis—a wallet.¹ It’s strange to use a leather pouch to explain such a complex, nascent technology as SSI, but it works! And it works because most of the magic of SSI happens within and between digital wallets.
Going from leather to digital
Apart from money, the leather wallet you carry in your pocket or purse stores important identifying cards (i.e., your driver’s license, health insurance card, employee badge, etc.). We show these cards to people and organizations on a daily basis to receive access to services by proving we are who we say we are. A wallet makes it easy to access these cards when we need them, and it keeps the cards from being lost or stolen.²
Just like a leather wallet stores a variety of important physical cards, an SSI digital wallet stores your verifiable credentials, making it easy for you to show those credentials to others in a secure, private way. As the name implies, a digital wallet is digital and can exist locally (ie., on your mobile device or desktop) or in the cloud. A more formal definition of digital wallets is below:
A digital wallet, in the context of self-sovereign identity, is a software application and encrypted database that stores credentials, keys, and other secrets necessary for self-sovereign identity.³
Each participant in the SSI ecosystem (the issuer, the holder, and the verifier) needs a digital wallet in order to issue, hold, and verify verifiable credentials.
What can you do with an SSI digital wallet?
Collect credentials
Just like the leather pouch in your pocket stores important documents, your digital wallet stores your verifiable credentials. When you are issued a credential, it will be stored in your wallet. The wallet makes it so that the credentials are:
- Easily accessible: With a click of a button, you have access to all of your credentials which you can seamlessly share with others.
- Secure: Your credentials are stored only on your device. No one else has access to them—not even the wallet provider (e.g., Trinsic).
- Private: You are in full control of who you send the credential to and what pieces of information on the credential you show them.
Share verifiable information
Here’s where the rubber meets the road. When you have a digital wallet, anybody can request information from you. The information is entirely under your control, so you can choose to share the information or reject their request. If you decide to respond, the wallet finds credentials with the relevant data and shares just what they need to know, without sharing everything. For example, you might share your address from your driver’s license credential without sharing your name or birthdate. This is possible through zero-knowledge proofs (ZKPs).
Best of all, the information you share is instantly verifiable, so you can receive access to services seamlessly, just like you do in the real world when you use your physical wallet.
Connect with others
Finally, if there are parties you want to interact with frequently over time, you can establish a super-private, securely-encrypted connection between you and the other party. You can share information, messages, or any other interaction through this channel with a high degree of trust. While connections are powerful, they’re not always needed; connectionless credential exchange is sometimes a faster, more convenient way to interact, especially when the relationship isn’t long-term.
Making a connection is as easy as scanning a QR code with your wallet, after which your connection will show up under your “Connections” tab in your wallet. You can also create your own QR code so others can connect with you.
The Trinsic Wallet
The Trinsic Wallet is the world’s first SSI digital wallet to have proven interoperability and has become one of the most-used SSI wallets globally. As a cross-platform mobile application with a locally-stored wallet, the Trinsic Wallet is built to be ideal for developers while being accessible and simple enough for the average user. Also, when you use the Trinsic Wallet, you don’t need to worry about vendor lock-in because you can easily export your verifiable credentials and import them into another Aries-based digital wallet that supports import/export functionality. Download the Trinsic Wallet for free today or build your own wallet with Trinsic’s tools.
Where to start?
If you’re seeking to implement an SSI solution, you have two options:
- Use an existing mobile wallet, like the popular Trinsic Wallet, Connect.Me, or Lissi.
- Develop your own wallet, custom-made for your use case.
To determine which option is best for you, read our blog “Building SSI Digital Wallets: The 3 Major Decisions“. Read more about SSI digital wallets in our documentation.
Notes
- Drummond Reed, an SSI expert, is famous for pulling out his wallet during presentations on SSI. Timothy Ruff, wrote about this tactic in his blog “When Explaining SSI, Start with the Wallet“.
- Of course wallets are not foolproof. They can be stolen or lost, but overall, they do a pretty good job of keeping all of our cards in one place that we can keep on us most times throughout the day. SSI digital wallets have their own security protections that are not listed out in detail here as this is an intro post.
- For simplicity’s sake, at Trinsic, we call it all a “wallet” although in more technical circles, you’ll find the term “agent” used for the application that routes messages and decrypts the wallet, and “wallet” used for the storage layer of the agent.