0x499 Interview: As the cornerstone of the decentralized society: How should DID expand its utility?
Interviewer: Luci Web3先锋, 0x499 Core Member & YouTuber
Interviewee: w3tester, Founder of zCloak Network
On October 6, 2022, 0x499 interviewed the founder of zCloak Network, w3tester, about his opinion on how DID should expand its utility in the future.
- Web2 data needs to be utilized in the Web3 world in some ways in order to enrich application scenarios of DID on-chain.
- A complete DID system needs to have four basic characteristics: an identifier system based on cryptography, a verifiable trust transfer mechanism, an identity data storage solution where users have absolute sovereignty, and protection of user privacy.
- Future reputation of individuals or organizations no longer has to come from the endorsement of centralized organizations, but can be gradually accumulated through interactions among decentralized parties in the system.
- During the transition period to the cyber world, DID will carry the mapping of Web2 identity and social relations in the Web3 world.
Luci: Please introduce yourself and your project.
w3tester: Thank you for the invitation, it’s an honor. I’m w3tester, the founder of the zCloak Network project. I studied at the University of Twente in the Netherlands, where I received my MS and PhD in Computer Science. When I was doing my doctoral research around 2011, I studied the algorithm of Bitcoin and conducted some research on it as a distributed system. After returning to China, around 2019, I became the first batch of Chinese ambassadors of Polkadot.
zCloak Network is a privacy-preserving computation platform based on zk-VM (zero-knowledge virtual machine) technology. In zCloak, we have created a new computation paradigm, which includes self-sovereign data and self-proving computation—the storage and computing of user data take place in client device, not in centralized servers. At the same time, we use DID and ZKP (zero-knowledge proof) technology to prove the integrity of the user’s computation. This paradigm is the exact opposite of the model of Web2’s big data and cloud computing. To put it simply, zCloak implements a new privacy-preserving computation paradigm of “invisible yet verifiable data,” allowing users to use Web2 data in a privacy-preserving manner in Web3 scenarios. It will greatly enrich the use cases in Web3.
Luci: As the cornerstone of a decentralized society, how should DID’s application scenarios be extended? Why does Web3 need to rebuild identity for everyone and does it matter for Web3 people?
w3tester: In Web2, data is as important as land and oil, and it is a new material of production. Whoever controls the data basically controls the production relations in the data era. zCloak believes that the core of Web3 lies in user Self-Sovereignty, i.e. data ownership. In Web3, users should control their own data storage and the computation process—that is how users can fully control their own identity, property and other rights. Therefore, in the Web3 era, we need to rebuild the way we express, manage and control our own identity, and then use this as an anchor to build a new type of production relationship based on data.
But how do users really take control of their data? How do you prove the data is your data? How do you express your interactions or attitudes towards another entity without going through a third-party company? These all require the decentralized identity technology. Therefore, in the Web3 era, it is very important to use DID technology to rebuild everyone’s own digital identity.
Luci: Can you introduce W3C DID? What are the underlying data sources of current DID protocols? How can we migrate the original large amount of identity data in Web2, such as proof of education and work experience, to Web3?
w3tester: Let’s briefly talk about the definition of DID and its development history.
For the definition of DID, there are currently two different but mix-used definitions of DID in the Web3 context — Decentralized Identifier and Decentralized Identity. Technically speaking, DID is a decentralized identifier technology. An identifier is a unique identification that distinguishes each subject, like our ID card number. Identity refers to one’s unique characteristics in general. DID contains the dual meanings of decentralized identifier and decentralized identity. In today’s discussion, let’s take its meaning of decentralized identity first.
Closely linked to DID is Self-Sovereign Identity, which was proposed many years ago. Today’s DID technology is actually a natural continuation and extension of the concept of self-sovereign identity under the new technology conditions of the new era. The core of self-sovereign identity enables users to protect their identity information and data sovereignty in a cryptographic way. Decentralized digital identity technology and DID technology are to a large extent the implementation of self-sovereign identity technology based on blockchain and new cryptography technology. DID has been widely and enthusiastically discussed in Web3 recently. Personally, I believe that today’s Web3 DID projects can be divided into two categories:
- W3C DID project: DID projects that conform to the W3C standard;
- On-chain DID projects: DID projects related to everyone’s on-chain data and on-chain addresses.
W3C DID projects usually include both on-chain and off-chain data. On-chain DID projects only use on-chain data, so on-chain DID projects are actually a subset of W3C DID projects.
W3C is the acronym of World Wide Web Consortium, which is a global standardization organization founded by Tim Berners-Lee in 1994. Common Internet standards such as HTML, CSS and AJAX come from this organization. In the Internet environment, since people need to communicate with each other, the connection between points and interactions between different projects are needed. So it is very important to have a common standard under a large number of connection needs. The Web needs standards for interoperability, and the W3C is responsible for developing these standards.
In the field of DID, W3C has also developed a lot of standards related to decentralized digital identity, including DID, verifiable credential, and has recommended many cryptographic algorithms. It is because these DID standards developed by W3C have been supported and used worldwide for a long time until today and continuing, so when DID is mentioned, the W3C standard is an important topic.
The core of W3C DID includes the DID Document, which stores various keys generated by various public key cryptography. They allow you to perform two very high-frequency operations in identity interactions — trust delivery in the form of signature algorithms, and data transmission through end-to-end encryption.
The main task of DID Document is to describe the cryptographic algorithm and express the user’s public key. DID Document is essentially an extension of public key cryptography. The system for secure communication based on public key cryptography also includes PGP. In the early days, I used PGP to communicate with members of the Ethereum Foundation. The problem with it is that it is difficult to let others know what your public key is on a verifiable or large-scale network — and this is one of the core problems the W3C DID system is trying to solve. We surely know our own public key, but how do we let others know that what they see is the public keys that belong to me which has not been modified? At this point, the VDR (Verifiable Data Registry) mechanism is needed, which is a carrier of the DID Document, used to store various keys generated by various cryptographic algorithms in the DID mentioned above.
There are many ways to implement VDR, such as using blockchain, database, IPFS, etc. zCloak’s zkID DID system also has its own VDR implementation.
Therefore, the current on-chain DID track is actually a subset of the DID track under the W3C standard, but with the addition of blockchain technology. For example, the W3C DID can be substituted by on-chain address, and the verifiable credential can be partially substituted by the transaction information on-chain, so that a small facet of the subject identity can be formed, which can partially realize some functions of the W3C DID. However, the on-chain DID track does not have the core privacy protection function in DID, such as end-to-end encryption in messaging. Also limited is that, people can only use existing cryptographic algorithms of the chosen blockchain.
Recently, various on-chain DID applications have emerged. This may be because the on-chain DID project is easier to design and implement. With a wallet, you can participate in community activities every day, or conduct on-chain marketing, and there are many other use cases. But from a technical point of view, the on-chain DID project is much simpler than the W3C DID project, in the sense that an on-chain DID project doesn’t need to design its own cryptographic tools, as the chain itself provides all the cryptographic mechanisms. Some of the current on-chain DID projects are more focused on resources, communities, and marketing.
However, if the DID system wants to achieve greater development, it cannot be limited to using on-chain data only—it has to include Web2 data. The mechanisms and methods need to be taken careful considerations—for example, Tornado Cash has begun to be regulated by OFAC, and voices coming form Europe and the US pushing forward to regulate on-chain DeFi activities, in which an important step is to reinforce that KYC information to be used on-chain. That means user’s off-chain data need to be used for on-chain app in some way. Another example would be some Move to Earn project, since user data is still processed through their centralized servers, now they are facing some regulatory and legal issues.
It’s obvious that when Web2 data is used in a Web3 scenario, we must pay attention to the user’s data sovereignty and user privacy protection. This is not only a problem that projects need to include in their structure, but could even rise to the regulatory and legal level. In other words, Web3 projects should not use the big data and cloud computing mechanism to process user data like Web2 projects do. But if we only focus on on-chain data, it is not enough to form a multi-dimensional user identity. Therefore, only when Web2 data can be freely used in Web3, the application scenarios of DID on-chain can be truly enriched.
Luci: What do you think of the user privacy of DID and SBT projects? Is this a problem?
w3tester: Privacy is one of the most important propositions of the Web3 DID projects, and it is a must, not an option. I think user data privacy is the most fundamental reason for Web3 to exist. One of the core concepts of Web3 is to respect user sovereignty, especially the data sovereignty of users. But what’s special about data is that as long as I see your data, I can copy your data, so this data is not only yours, but mine as well. This is different from physical assets, which cannot be used by others just because of a simple copy operation. Therefore, as long as someone can see your data, you have no sovereignty over your data — the premise of data sovereignty is that everyone’s data cannot be seen by others. In order to protect data sovereignty, it is necessary to protect the data privacy of users. Conversely, without data privacy, there is no data sovereignty, and there is no Web3.
Of course, not all types of applications have to be 100% private, and some on-chain data can be publicly revealed. For example, information about posts and likes, participating in a hackathon, or someone being a member of a certain institution/organization… These information can be certified by using SBT — which is completely open on-chain, without any concept of privacy.
But in many scenarios where user data is used, privacy is a necessity. Just think about your friend relationships, contact information, family members, health data, medical cases, daily expenses on Alipay and WeChat, what you bought, where you bought it, when you bought it, etc., are basically all privacy information we want to protect. Web3 is here to help users protect this kind of data that needs privacy.
At the same time, it should be noted that these data must not be put on blockchains. Storing personal private information in an open channel — blockchain or IPFS — is a very dangerous move. On-chain DID projects, including the SBT mentioned just now, cannot carry this privacy concept in their current form. SBT expresses a concept of Yes or No — whether you have participated in a certain activity, whether you have passed the KYC of a certain exchange—it is a concept of a sign. Therefore, the application of SBT is limited, but if SBT can carry more user privacy information in some way and exist in the form of NFT, its use case will be expanded a lot. zCloak first proposed the concept of zk-SBT in the first half of 2022, which is to combine privacy digital credentials with SBT. In this way, your SBT has both an open side and a dark side, and the information on the dark side is presented through ZKP.
In general, on-chain privacy is a necessity for many Web3 projects, and at the same time, better technologies are needed to protect users’ private data.
Luci: What are the technical, commercial and practical (such as regulatory) difficulties in the process of aggregating various credentials into an identity?
w3tester: Let’s briefly talk about the concept of Credential. A person is the aggregation of social attributes, and the various information, attributes, and characteristics of a person’s identity are actually given to you by others, not by yourself. Think about it, if you participated in an event, who can prove your participation? Can you say that you are an employee of a certain company without the company’s certification? Can you prove that you own certain assets without a bank statement? Therefore, the process of people proving their identity or having certain attributes is the concept of proof by others or mutual proof, not self proof. In the field of identity, the vast majority of identity-related information is proof by others and mutual proof.
Two core elements of the DID identity system are:
- Identifier, mentioned earlier: represents any form of a subject. The mechanism that distinguishes a subject from another includes Identifier, Document, and Registry and other components.
- Trust transfer mechanism: the most important technology/element in the DID identity system is actually how to transfer trust between different subjects. Many people ignore this when discussing DID.
VC (Verifiable Credential) is verifiable because the credential itself comes with a digital signature. This digital signature method can describe the identity attributes of a subject, and the content of the credential is composed of identity information of the subject — such as passport, name, age, home address, passport number, proof of various on-chain activities, etc. That is, the content of the credential is a description of some identity attributes of the subject. The digital credential allows a trusted organization to transfer its trust in the information presented on the credential through the use of digital signature. This trust transfer mechanism is the cornerstone of the entire DID system. When a subject accumulates a large number of such credentials, there will be a digital identity of an individual with rich dimensions.
It is for this reason that the data used by the on-chain DID projects is actually a generalized digital credential. These on-chain data are digital credentials or certificates made for you by miners, which prove the interactions between the subjects and various services, applications, or other subjects on-chain, and record the results of these interactions. The credential is on-chain data and the basis of the on-chain DID system.
The W3C has developed a set of digital credential standards called Verifiable Credential to help these digital credentials be used in different scenarios. These standards can meet the needs of some basic scenarios, but cannot meet some advanced needs — selective presentation, privacy proof, etc. zCloak has developed a DID protocol called zkID (Zero Knowledge Identity), which also includes a W3C-compliant verifiable credential platform.
There are generally three usage modes for digital credentials:
- Present the full text. Fully display what is contained in the verifiable credential.
- Selective disclosure. Only display the key information that is relevant and necessary for the current application scenario.
- Zero-knowledge proofs. To obtain certain services by proving that the user’s identity has certain attributes. However, it does not show the specific original plaintext data and information.
Therefore, in different scenarios, we have different usage modes of the verifiable credential technology.
What I just mentioned is more from a technical level. The realization of the technology is not the same as the realization of the product. Equally important to technology is the establishment of a trust system of business, which includes the establishment of international standards, such as the DID and verifiable credential underlying technical standards established by W3C. In addition, some trusted entities providing services, such as a notary office, law firm, audit company, accounting firm, etc., are also needed, and they have the ability and legal authority to check and audit the user’s identity. As for how these trusted institutions establish their own Web3 identities, they need the help of the DID identity anchoring mechanism to establish their own on-chain Web3 identities. Furthermore, these trusted entities may gradually gain a reputation value — because they do a lot of audit and proving work for users, thereby their reputation will be gradually driven up.
From this perspective, what we proposed is for there to be a large on-chain trust ecosystem in Web3, or which zCloak calls it an on-chain Trust Market. Why we say that, is because zCloak believes that with the development of blockchain technology and the popularity of Web3 evolving, a Web3 “Taobao” mechanism may be created in the future, but this “Taobao” does not sell goods, but sell trust between various institutions. We just need to wait and see who takes the lead in the market, and in establishing their own reputation in such Trust Market, and do various certifications for all kinds of users.
Luci: Will Web3 identity management develop into a monopoly in the future? What is the biggest competitive advantage in the track?
w3tester: The industry is still in a very early stage of exploration. In the future, the Web3 identity management track will have many subdivided tracks. Some projects may focus on technical infrastructures, some may focus on applications in a vertical track, and some may want to be embed into other applications and become part of other projects in the identity service.
There are already many related use cases in the current on-chain DID market , such as digital credentials like POAP and OAT of Galxe, or some concepts of SBT in a broader sense; there are also some applications similar to domain names, such as ENS and Space ID by BSC; or some information aggregation identity applications , such as Next.ID; and applications in the social track such as CyberConnect.
At present, everyone is still doing some very useful early discussions regarding on-chain DID, but the corresponding mechanism is not particularly perfect. Take the domain name system ENS as an example. Although you can fill in all kinds of identity information, the problem is that there is no review mechanism to prove the information you fill in. Anyone can fill in anything they want. You can apply for a billgates.eth domain, but is that name behind Bill Gates? No way to know.
Therefore, the main problem of the current domain name system is that there is no trust transfer mechanism in the system, the information expressed is relatively limited, and the application scenarios are relatively narrow. Does a credential we get for attending an event represent who we are? It seems that it does, but it also doesn’t, since this point is indeed too small. We aggregate information on-chain to do transactions, so our transaction records, NFT purchase records, and interactions with certain contracts are essentially an on-chain consumption behavior. These records are just to prove that we made such moves. They are like the shopping lists we get after checkout at a store. Is this event certificate/shopping list my identity? Obviously they are too small to describe a person’s identity. Therefore, the related on-chain DID projects are doing some very interesting attempts, but the scope of problems that can be solved by them is still relatively narrow.
In the Web3 era, a real DID or DID management project should have four basic characteristics:
- Cryptography-based identifier system
- Complete and verifiable trust transfer mechanism
- Users must have absolutely sovereign identity data storage
- Users are able to use their data in a privacy-preserving way
On this basis, a better direction for DID projects to explore is to be compatible with the DID+VC system of the W3C standard. How to build a truly decentralized VDR (Verifiable Data Registry) on top of the DID+VC system, how to use Credential in a way that protects privacy, how to envelop the largest consensus in the Web3 industry in a universal and inclusive way to form an ecological network, etc. These are big propositions that require continuous exploration in the industry.
Under such a background, it is basically impossible for a single project to dominate, and we all very much hope to see many projects blooming together in the industry.
Luci: Under what circumstances will users take the initiative to manage their own DID identities, instead of applying and discarding them at any time like a wallet address?
w3tester: In order for users to really value their DID identity, they need to realize that DIDs are actually useful to them and need to be used from time to time. On-chain DID or generalized Web3 DID needs to provide users with some very practical and common use cases and convenience, not only on-chain, but especially in a large number of off-chain scenarios, making it a habit for users in order to popularize. In fact, the development resistance of DID and verifiable credential technology is not that big, but the industry is still relatively early. The popularization of a technology or application does not depend solely on its own conditions; the development of the industry, user awareness and usage habits are all important.
For providing convenience to users, imagine if the paper and pen signing and stamping procedures where people need to go back and forth to do manual work are completely replaced by the verifiable credential technology in DID — just clicking “confirm” after unlocking your mobile phone. At the same time, the security of the whole process is ensured by the strongest cryptographic algorithms. Then I believe that most people will not be able to return to the scene of paper, pen, and stamps. It’s just like how paying with QR code/barcode replaced the swiping of an actual bank card.
At the same time, in the process of using DID and verifiable credential, each user will accumulate a large number of credentials — which may include credentials issued by notary offices, public security bureaus, hospitals, workplaces, schools, etc. When such credentials accumulate to a certain amount, they can form a multi-dimensional description of a user’s identity. With this multi-dimensional description, users can use this data in more scenarios in a way that protects privacy. This is a very efficient and convenient network effect that makes it increasingly difficult for users to “de-habit.”
zCloak team’s zkID project has a zkID login function, which allows users to generate multiple tags describing their identity and characteristics based on their own DID and verifiable credentials, and then log in to any Web2 or Web3 website through the login function. After logging in, the other party does not know who they are, but can see their tags. We call this process the “User Self Portrait” mechanism, which contrasts with Web2’s user portrait mechanism.
Web2’s user portrait is based on big data technology, and by tagging each user’s data, it can promote advertisements and do other series of behaviors in a targeted manner. However, in Web3, although there are also tags and user characteristics, your tags are generated based on your own verifiable credentials, not given to you by someone else. You can let Web2, Web3 websites or applications provide you with a variety of personalized conveniences and services based on these tags. It sounds fascinating.
Of course, Web3 will also consider the distribution of benefits. Any project party, including zCloak, wants to select some core, high-quality users. These users who supported the projects’ communities in an early stage may be eligible for whitelisting and airdrops in the future, so as to receive rewards from the projects. Inevitably, however, there will always be robots to mess up the mechanism and prevent those who actually participated in community building from getting the most impressive rewards, which actually destroys the reward mechanism.
So, how can we solve this problem? In the future, we can add certain identity attribute requirements to the whitelist and airdrop mechanism. In this way, the project party can encourage everyone to actively participate in various community building activities, and issue credentials to these participants as prove of their participation in certain activities, that they have worked hard to contribute. Afterwards, in the airdrop phase, users can be qualified for airdrop by showing the specific credentials. In this way, the real benefits are left to users who are deeply involved in the industry and can really accompany the project for a long time. This is very fair for users, and it is not only for the project party to find its own real users, but also to maximize the reward benefit.
Luci: Although DID has a broad field of application scenarios, how should the profit model of the upstream and downstream links of DID be designed? In the end, who should pay for it?
w3tester: In a DID system, the participants generally have three parties, namely the User, the Attester, and the Verifier.
- The User. It is the party with the largest number of people. In some systems, it is called Claimer or Holder, and zCloak calls it User. They are the largest composition in the DID system.
- The Attester. Also called Issuer in the W3C standard, they are organizations that issue digital credentials to users or notarize users’ digital credentials.
- The Verifier. The attester attest to an attribute of the user, and the result of the attestation is a verifiable credential. The user submits the verifiable credential to the verifier for them to determine whether the result is correct and acceptable. If accepted, the process ends.
In the whole process, there is a very simple basic principle — whoever benefits should pay. There are several parts of the process that generate cost.
From the user’s part, they have gained some convenience by using DID and VC — such as completing manual signatures through digital signatures, verifying whether the identity credentials of other organizations and other people are correct, and using a remote way to get a credential. This saves a lot of time and is with other benefits. Therefore, in the process of using DID, it is reasonable to charge users for some fees.
From the attester’s part, the attester obtains service fees by providing attestation services. For individual users who provide attestation services, such as a lawyer, it is normal and reasonable to want to charge a certain fee for this service after performing some kind of check on the identity of a certain person or witnessing a certain contract. This process is where lawyers get paid for performing public services on an individual’s DID digital identity or document. Additionally, for institutions that provide attestation services, such as notary offices or accounting firms, in the early stages, they may also do similar services for free or even subsidized in order to occupy the market. This is actually a very simple model of providing services to gain revenue.
From the verifier’s part, they verify the user/organization’s digital credentials to meet their own business needs. For example, some countries require service providers not to provide DeFi services to their nationals, so there is a compliance requirement — how to verify whether the person using the service is a citizen of this country? The current system cannot achieve this. If there is a mechanism that allows service providers to verify that their user identities meet the regulatory requirements of their country, and at the same time, service providers do not need to do a series of tasks such as collecting user data and establishing data storage, then these service providers are certainly willing to pay a premium for this compliant service.
In addition to the three parties mentioned above, there is also a DID infrastructure provider that provides DID services to help everyone establish their identity and a trust transfer mechanism in the entire DID upstream and downstream process. Then it is also reasonable for DID infrastructure providers to obtain certain benefits for providing these technical services.
Therefore, the upstream and downstream of the entire DID process are to provide a set of trustworthy and convenient infrastructure, so that trust and identity transfer become convenient, fast, and credible, and then use these conveniences to leverage greater market and more applications. The upstream and downstream of the entire DID process allow us to interact in a more trusted way in Web3. I think there is a cost to this credibility and trustworthiness, which is worth it for many individuals/organizations.
Luci: Whether DID can develop, do you think depends on what short-term, medium-term and long-term factors?
w3tester: For the development of DID, it is still under construction in the short term, focusing on technical infrastructures.
From a medium-term perspective, the core keyword is Trust Market. We want to form a global market of trust. On the basis of infrastructure, we will establish the credibility and reputation of different market players, so that the trust and interaction between them can be flowed and expressed in a convenient way. At the same time, the market-oriented mechanism will be able to calculate, price, and pay for all kinds of behaviors in this process. The building of the trust market will be a very important proposition.
From a long-term perspective, national-level regulatory compliance, and even the drafting and publication of some UN-level technical standards and public documents, are very important. Their emergence may become a future landmark event, proving that the DID system will gain global popularization and widespread adoption. The large-scale promotion and use of decentralized digital identity systems on a global scale will be the long-term goal of the DID industry.
Luci: Who is likely to be the ultimate winner in the DID track? Is it current Crypto native companies, the Web2 internet corporates, or even government/official holding companies?
w3tester: As things stand, it is impossible to determine who will be the ultimate winner. But the future will definitely be a situation where many projects and companies bloom together, and the possibility of monopoly is relatively small. Everyone starts from different perspectives and uses their existing advantages to explore how to solve various problems in the DID industry and how to build. But whether it is a crypto native company or a Web2 Internet corporate or a government/official holding company, they all have their own advantages and disadvantages.
However, there is no doubt that the early infrastructure stage must mainly rely on crypto native companies, after all, everyone is already familiar with the blockchain technology. Therefore, even DID in the context of W3C is also suitable for using corresponding cryptographic methods on-chain. At present, although there are various projects in exploration, it is not easy for them to form a large-scale and comprehensive identity service platform. When a large and comprehensive platform emerges to unify all technologies and various types of credentials in some form , the exploration of some subdivision directions may be covered by large infrastructure.
For Web2 Internet companies, such as Facebook, Google, Microsoft, etc., they are likely to enter the market with their own user advantages — Facebook currently has nearly 4 billion global active users, and to which the number of tens of thousands of Web3 users is incomparable. On the other hand, most things have two sides — if Web2 adopts the DID system to return the user’s data sovereignty to users, from a certain point of view, is destroying its own life, because the core method for Web2 to obtain benefits is the exact opposite — the mastering of user data. It is like when a landlord evenly distributes his arable land to all the farmers, and the farmers take the land harvest as their own, can the landlord still rely on the land to make money? Maybe, he can make money in a new way, or maybe he can’t make money at all, but the answer to this question can only be proven by time.
For the government or state-owned enterprises, DID is still a little far away. For the development of most new technologies, some players at the national level are still in a wait-and-see state in the early stage, and will only officially enter the game when the situation is relatively determined. One of the biggest advantages of these players, however, is that they hold vast amounts of user data — the identity data of each of us is concentrated in large national databases. They have the natural advantage of being an Attester. But the advantage is not necessarily decisive, because based on the future Trust Market, a large number of behaviors will be market-oriented, and reputation needs to be accumulated. Reputation comes from the interaction and feedback between users and communities, and will not be naturally trusted just because of its official identity.
DID is an international market and system, and no country can claim to be the natural center. Just like our Belt and Road Initiative in China, if we want to expand, we must put a large number of other countries into this framework. Within this framework, these countries are in a relationship of mutual respect, equality and cooperation. International exchanges and cooperation do not have a center, nor should there be a center. Therefore, the establishment of the DID system itself is the embodiment of the spirit of decentralization, which allows different countries, nations, and subjects of any form to participate in an equal way, and also contribute in the building of the DID Trust Market. So, the real winner is really unpredictable right now, and all we can do is to do what we need to do. Just do good deeds without asking for the future.
Luci: In terms of application scenarios, including the building of credit system, reputation system, social network, and other possible application directions, which direction do you think is the first area where DID may be successfully applied?
w3tester: The scenarios you just mentioned are all good, but from my point of view, on-chain social networking will be an interesting and promising scenario.
The social network in Web3 should not be a social network in a narrow sense just like Facebook and Twitter, but should be more like a concept of a decentralized society. In this decentralized society, each subject will have its own DID identity. Cryptography gives these subjects a mechanism to interact with other subjects and protect their own privacy in Web3, and use their own private data in a verifiable but invisible way to obtain certain services.
For quite some time, it is not easy to live fully in cyberspace. In such a transitional period, what DID has to do is to map some relationships, identities, attributes, characteristics, etc. of the subjects in Meat Space based on the DID standard in cyberspace. Also, it is important to ensure the sovereignty of data and privacy security based on cryptography, enabling credible and meaningful interactions between subjects in cyberspace. If a decentralized society like this can be built, it will be of great significance from the perspective of application scenarios.