Blockchain for Decentralized Identity — dApp — Education

Anita Rao
Block Magnates
Published in
6 min readJun 7, 2022

--

Education is a crucial aspect of our identity. After graduating from School or University, we continue our learning journey. Hence, we require the ability to add to our education and keep the records. It is another form of identity that we share with verifiers to close a transaction. For example, while applying for a job, the employer may require proof of a candidate’s education.

Educational institutions implement Diploma management using a hybrid blockchain (permissioned and public blockchain explained in the third blog). In this scenario — the University issues diplomas to their students who hold them as verifiable credentials (described in the fifth blog) in their digital wallets (explained in the fourth blog). The experience looks like this:

1. At first, a trusted accredited body (Trust Anchor explained in the sixth blog) registers itself on the blockchain. This body has the authority to hand out verifiable credentials to Universities.

2. Next, the University requests the Trust Anchor with an application for a verifiable credential for a license to be in business.

3. The trusted accredited body provides the license to the University to impart education and hand out diplomas. It is the onboarding process for the University. The verifiable credential gets stored in an organization’s wallet (University) and is accessible to that person with authority to use it. To stay in business, the University follows the rules and legal norms per the accredited body’s requirements that play the role of a regulator. The University is added to a trusted register and stays there as long as it is compliant.

4. The University registers itself with a public key (DID — decentralized identifier explained in the third blog) on the blockchain. It has the metadata to go along with it in the DID Doc.

5. Next, the University registers a verifiable credential with the diploma’s schema on the blockchain. Each has its schema for multiple types of diplomas offered, and their attributes are different. Finally, the University can set up each department as an issuer of documents to run its operations.

6. A student is accepted to the University to study and sends a request with some identity information as verifiable credentials (VC). Once the University verifies them, the student is onboarded and assigned a student ID as a VC. The digital wallet stores the student ID. The peer-to-peer connection established enables further communication between the student and University.

7. Upon graduation, the University sends a request to the student as an issuer of the diploma. After the student accepts the same, the University sends the diploma as a verifiable credential. Finally, the student stores it in their digital wallet.

8. When the student applies for a job, the employer requests her educational qualifications. The student accepts the same and creates proof sent back to the employer via a QR code.

9. The employer verifies that the proof has not been tampered with, is still valid, and accepts the same. Upon employment, the employer issues an employee ID to the candidate, who stores it as a verifiable credential in their wallet.

10. The student goes through the same process while opening a bank account or renting an apartment. First, accepts a request from the bank for an ID. Then, she presents the same, uses the ID to fill in forms, and completes the KYC (Know Your Customer) process within seconds.

11. A single workflow completes the above steps. Utilizing the self-sovereign principle of minimization, the relevant claims from a verifiable credential complete the application. It is fast, cost-effective, and efficient.

12. The process described above applies when the student goes back to school for higher education. In addition, future degrees get added to the digital wallet as verifiable credentials.

13. The exact process also works with short-term courses, internships, etc., anytime skills are developed. Students who learn and grow by taking courses on MOOCs (Massive Open Online Courses) can also track them.

Holding diplomas as verifiable credentials in one’s digital wallet makes it easy to prove educational qualifications. The completion of the forms uses data from the credential to complete a transaction. Efficiently within seconds, there is no need to contact the University to verify. Life-long learners have their records at their fingertips.

Education is a popular use case for verifiable credentials. Some implementations include:

1. Yoma2 in South Africa, where youth can develop their skills, find opportunities and achieve impact.

2. SCOIR2 in the USA enables high-schoolers to share their achievements securely with universities. It is a private implementation for 4 million users in the pilot phase.

3. RANDA2 Teacher Wallet in the USA is also a private implementation for 4 million users in the pilot. It enables teachers to obtain their licenses as verifiable credentials.

4. KEIO2 University in pilot in Japan to prove student identification for thirty thousand students.

5. EBSI4Austria2 in pilot in Austria, for issuing diplomas to students as part of EBSI (European Blockchain Service Infrastructure explained the thirteenth blog)

6. US Dept. Education2 — Lifelong Learner Record in a pilot to enable students to obtain their records, transcripts, and other educational information. It targets 50 million users.

7. KRAKEN1 is piloting a solution to allow students to share academic records with recruiting agencies in a privacy-preserving way. With KRAKEN, students export their data into a digital wallet on the cloud. As a result, universities can exchange student data securely.

In the next post, I will cover Enterprise.

To reference previous posts refer to this link. Again, I would suggest reading the posts in succession.

Glossary:

Credential:

An attestation of qualification or authority that is issued by an entity. It can contain multiple claims. For example, a driver’s license is a credential that has various claims such as name, date of birth, address…

DID (Decentralized Identifier)

Like a Uniform Resource Name, a globally unique identifier that somebody can universally discover a DID on a blockchain using a method. A DID is an interoperable, open-sourced web standard delivered by the W3C2. Each DID is associated with only one DID document.

DDO (A DID Document)

The DID document holds the description of the DID, the public key for verification, a set of authentication protocols, service endpoints, a timestamp, and a signature.

Digital Wallet

A digital wallet is a software used to digitally store (usually in a smartphone) the contents of a wallet, like IDs, loyalty cards, and financial instruments used for payments. In essence, it is a digital version of a physical wallet.

Entity

A person, organization, or thing

Holder

An identity owner and user of a Digital Wallet where their credentials are accepted, stored, and controlled using verifiable credentials. The holder approves attestation requests from verifiers and delivers the same.

Issuer

An issuer is a credible provider of identification documents; their signature (key) attests to the credentials’ validity. Governed by Governing Bodies or Trusted Anchors, issuers can belong to an ecosystem of trusted entities that issue documents/credentials with claims data. Issuers have the infrastructure to access a public blockchain to issue and revoke credentials. The schema and their definition of credentials are on the blockchain.

Private Key

A private key is stored cryptographically in the digital wallet of the entity (holder) in the decentralized identity ecosystem. As the name implies, it is personal for the identity owner.

Presentation or Proof

The proof attests a claim or compound claims from the holder to the verifier to prove some form of identification to complete a transaction. All are achieved without making contact with the issuer.

Public Key

A public key is a cryptographic key stored on the blockchain visible to others. It identifies the identity of an entity. Along with the private key, the public key can read encrypted messages for the entity.

Self-Sovereign Identity (SSI):

A decentralized way to manage the identity of an entity is built on the principles of transparency, interoperability, portability, and consent from the owner who controls what they own, know, and have.

References

1. Krakenh2020.eu

2. www.trinsic.com Global VC Adoption Tracker

Contact

Linkedin https://www.linkedin.com/in/anitarao/,

Twitter @anitaprao,

Blog https://rao-anita.medium.com/

#SSI; #decentralizedidentity; #blockchain; #digitalidentity; #selfsovereignidentity; #identity; #dlt; #web3; #web3.0; #dApps; #digitalwallets; #distributedledger

--

--

Passionate about Self-Sovereign Identity delivered decentralized via Blockchain. Member of Trust Over IP Foundation, W3C, and Decentralized Identity Foundation.