Last updated 2 months ago
Atala PRISM v2 provides SSI infrastructure in the form of SDKs, yet we still lack a simple method to integrate our digital identity into all the ideas, projects, and organizations out there.
This is the total amount allocated to BLOCKTRUST Credential workflow platform. 1 out of 5 milestones are completed.
1/5
Project setup and Start of development
Cost: ₳ 40,000
Delivery: Month 3 - Jun 2024
2/5
Build out a basic trigger-action-output flow
Cost: ₳ 40,000
Delivery: Month 6 - Sep 2024
3/5
Extend the basic-flow
Cost: ₳ 50,000
Delivery: Month 9 - Dec 2024
4/5
Generalize and improve
Cost: ₳ 40,000
Delivery: Month 11 - Feb 2025
5/5
Finalization, Documentation and Release
Cost: ₳ 30,000
Delivery: Month 12 - Mar 2025
NB: Monthly reporting was deprecated from January 2024 and replaced fully by the Milestones Program framework. Learn more here
A no-code SaaS toolbox for building SSI workflows that allow for easy integration. e.g. when a link is clicked, it issues a credential; or when a credential is provided, it generates a sign-in token.
No dependencies.
The project will be put under the Apache 2.0 licence.
The problem
The blocktrust team has been working on PRISM-related projects, including wallets, mediators, and analytics tools, for over a year and a half (see https://blocktrust.dev). Although PRISM has significantly evolved, its adoption isn't as widespread as we all had hoped. Our experience suggests that one major obstacle is the complexity, concepts, and language surrounding SSI, which is quite different from the general crypto space. Grasping the capabilities of an SDK and writing software to integrate it into one's projects, such as issuing a schema-compliant credential, onboarding user DIDs, or offering a way for a user to provide a credential to a website, is not trivial. Costly proprietary solutions that aim to lock you in without the ability to retrieve your credentials aren't viable options for the community either.
Identifying the gap
When looking at the challenges many projects face with integrating digital identity into their endeavors, it's apparent that these problems are often similar and can be grouped into two main categories:
The Atala PRISM SDK (or the agent) provides methods for both these groups (which obviously often overlap), but it lacks the intermediate steps. It misses the ability to model all this in a workflow: if this, then that. Here are a few examples:
Of course, these features can be built out by each project, integrated with the PRISM SDK/agent in their respective codebase. However, it isn't straightforward, and in many cases, these are common problems which don't have be solved over and over again. Each project should focus on their core value proposition and not deal with the code details of SSI which they want to use DIDs and VC for these common use-cases. Think of this proposal as Zapier of IFTTT for SSI.
Bridging the gap
We propose building an open-source toolkit with an easy-to-use UI for enabling these workflows. One should be able to set up these default workflows and modify them to fit the requirements for issuing and validating credentials. We believe this can be achieved without the user writing any code related to SSI. The solution will be completely open-source, based on open standards (refer to the standards section below), and will include a version of the service hosted by us. This way, anyone can utilize it for their project integration. The primary goal of this proposal is to get the SSI adoption finally started.
Technical details
The solution will be written in C#, compatible with .NET, and can be easily hosted on Windows, Linux, or macOS. It will be shipped as a Docker image, containing both the application and a PostgreSQL database. This allows everyone to run it in their preferred hosting environment, either locally or in the cloud.
The solution will be tenant-based and can be easily set up for a single tenant or multiple ones. Each tenant can establish multiple workflows (based on the "If this, then that" principle) which can be integrated into various projects. The following features are being planned:
Triggers are operations that the application can listen to. Once configured, they can be activated to receive inputs. The inputs could include:
Actions are optional operations that can extract, validate, or transform all or parts of the inputs into an output based on prior configuration. These actions can include:
Outputs are executed depending on the action. These could include:
These building blocks of triggers, actions, and outputs can be arranged in an arbitrary manner. Some projects might only need a mechanism for sign-in with a DID, while other projects may require multiple interconnected workflows, from onboarding to credential issuing and various levels of verification. To drive adoption, we'll offer templates for the most common workflows.
In a later stage (not part of this proposal, to maintain a manageable scope), we could add further integrations, such as the ability to integrate with an KYC-provider, listen to operations on the blockchain like a specific metadata payload, a PRISM event (e.g., a new DID published), or a payment sent.
Open standards
To execute on this proposal we target the surface specification of the PRISM agent (2.5) and target the following open standards as they relate to a possible trigger or output in their current official specification:
DID PRISM, DID Peer, W3C VC Model 1.1, DIDComm v2, Mediator Coordinator protocol, WACI Issue credential protocol, WACI Present proof protocol, Basic Message protocol, Problem Report protocol, Trust Ping protocol, Out of Band (OOB), PRISM Connect protocol
Our proposal tries to fill a critical gap in the Cardano ecosystem - the lack of an easy-to-use, adaptable, and open-source solution for managing digital identity workflows. Current solutions demand either deep expertise in the SSI sphere or involve costly proprietary systems that create vendor lock-in situations. Our issuing and credential workflow platform significantly mitigates these challenges by offering an interface that simplifies the process of setting up workflows for issuing and validating credentials. With this, projects can integrate SSI more effectively, focusing more on their core value proposition and less on grappling with the intricacies of SSI implementation.
By fostering a higher adoption of SSI within Cardano projects, our proposed solution enhances trust-based interactions across the ecosystem. SSI empowers users with control over their digital identities, improving security and privacy in their interactions. This, in turn, would strengthen the overall Cardano network, propelling the ecosystem forward in a robust, privacy-focused manner.
Blocktrust has been an active participant in the Cardano ecosystem since early 2022, developing SSI solutions using Atala PRISM from the start. Over the last year and a half, we have been building projects and libraries based on PRISM. Many of these are open-source and all of them provide value. Some notable ones include:
The Identity Wallet and the Credential Builder have been funded with Project Catalyst and have been already successfully completed. We also have a nearly perfect record of submitting the monthly reports over 1,5 years.
Looking at our reports or our blog, you'll see we're constantly sharing videos, posts, new projects, and code.
Software Architecture, Project setup and Start of development (1 month)
Acceptance Criteria: Progress report, providing the repository
Cost: 25,000 ADA
Build out a basic trigger-action-output flow(2 month)
Acceptance Criteria: Progress reports and videos demonstrating completed activites listed here
Cost: 50,000 ADA
Extend the basic-flow (2 month)
Acceptance Criteria: Progress reports and videos demonstrating completed activites listed here
Cost: 50,000 ADA
Generalize and improve (2 month)
Acceptance Criteria: Progress reports and videos demonstrating completed activites listed here
Cost: 50,000 ADA
Finalization, Documentation and Release (1 month)
Acceptance Criteria: Progress report and video demonstrating the full application
Cost: 25,000 ADA
Björn Sandmann (Lead developer)
10+ years of full-stack development with the .net Stack. Focused on identity and privacy solutions. PRISM Pioneer, Atala ASTRO, Plutus Pioneer, already funded & successfully finished proposals. Implemented all technical core functionality of products like the blocktrust analytics platform, the blocktrust mediator and the blocktrust identity wallet. Founder of blocktrust. On the Governace Commitee of the Hyperledger Lab for the Open Enterprise Agent (PRISM agent), Trust over IP Member, DIF member
LinkedIn: https://www.linkedin.com/in/codedata/
GitHub: https://github.com/bsandmann
Ed Eykholt (Development)
20+ years of software product and engineering team leadership. C# developer. Focused on blockchain and identity projects and products since 2015. Atala ASTRO. Working on PRISM related projects with blocktrust over a year. Trust over IP Member. On different working groups related to digital identity.
LinkedIn: https://www.linkedin.com/in/edeykholt/
Github: https://github.com/edeykholt
New Team Member
Blocktrust might hire or contract with an experienced full-stack C# developer to augment Ed and Björn's contributions. The project can still be successful without this additional person.
Developer cost breakdown: 33 hr/week with 70 USD = 9,240 USD per month = 74,480 USD
Hosting costs for Milestone 1 to 5 while developing: with 200 USD per month = 1,600 USD
Total: 75,520 USD = 200,000 ADA (~0.38 USD/ADA exchange rate)
Project team: (architecture, design, software development, testing, DevOps, community, project management, documentation):
The total workload is estimated at about 30-35 hrs/week. Divided among three developers, this leaves plenty of room to also push forward other blocktrust projects, community work, marketing, and the ongoing technical support and maintenance of our digital identity infrastructure.
This project's cost is an investment that promises significant value to the Cardano ecosystem by eliminating the barriers that currently hinder the widespread adoption of Self-Sovereign Identity (SSI). Our approach essentially democratizes the integration of digital identity into various projects within the ecosystem, making SSI not just an esoteric coding problem but a practical solution to real-life use cases.
Our deep understanding and experience with the PRISM ecosystem, built over 1.5 years, ensures that we can effectively streamline the process of issuing and validating credentials for various projects. This platform will significantly reduce the time and resources required for project owners to learn, understand, and implement the deeper concepts and different protocols related to SSI, allowing them to focus on their core value propositions.
We computed effort, in hours, and multiplied that by a below-market rate of US$70 per hour (in both Germany and USA) for the expertise of our team. Then we devided this by a recent price of Ada, US$/ada = 0.38. By doing the, the team is taking a downside risk if the price of Ada drops from that point.