Trusted Registry

To include trusted Issuers; verifiers.

Initially centralised with roadmap to decentralisation and permissionless or delegated accreditation structure.

Phase 1

Manual and non-scalable where necessary to ensure integrity (ie we manually accredit and check issuer organisations and associated admin users)

Make use of verified public ledgers such as stock market indices and regulated approved registries such as the FCA register.

Do not rely on unverified public registers which may have the appearance of verification and trust. Classic example is UK Companies House company register which does not contain verfied data and can be too easily used for money laundering.

Phase 2

Building in collaboration with other SSI issuer platforms a permissionless and/or accredited issuance system.

Key traits:

• Avoid issuer duplication - 1 organisation per issuer (note this is a simplication as issuers may have sub-issuers and various badge types with levels of admin authorisation internally).

• Decentralised issuer trust registry on chain - system can reference issuer data - ie current assumed approach is that each issuer is public (while users and badge holder identity can be private behind ZK if the user wishes).

• To research and explore:

  • Accreditation of issuers:

    • is this the right thing to do?

    • process and rules

    • scalable mechanism - onboarding and offboarding issuers

  • Permissionless issuer trust registry and protocol

    • how can this not rely on a central authority?

    • what does the 'org chart' look like.

    • onboarding and offboarding issuers