Hyperledger Aries Archives

Apr 21

Why Distributed Ledger Technology (DLT) for Identity?

By Stephen Curran, Hyperledger Aries Maintainer, Cloud Compass Computing Inc. Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa, Identity

As we continue our pandemic journey that is 2021, more and more people are getting vaccinated against COVID-19. Once vaccinated, people are (finally!) able to do more “in the real world.” However, in some cases such as international travel, there is a need to prove that you have been vaccinated before you can participate. In the past, that proof has been accomplished in the form of the paper World Health Organization Carte Jaune/Yellow Card. But in our 21st century pandemic, a handwritten paper document is not particularly trusted. It’s just too easy to buy or make your own. The sudden, urgent need to be able to prove health information in a safe, privacy-preserving and secure way has brought the spotlight on the concept of verifiable credentials and, for Hyperledger, on the three identity-focused projects in the community, Indy (a distributed ledger for identity), Aries (data exchange protocols and implementations of agents for people, organizations and things), and Ursa (a cryptographic library underlying Indy and Aries).

While people understand that paper credentials are insufficient and that a trusted digital solution is needed, they don’t understand why verifiable credentials, or more generally, identity, works extremely well with distributed ledger technology (DLT)—a distributed database spread across multiple nodes, of which blockchain is an example. To be clear from the start, it is not to put the credentials on a public ledger so everyone can see them! We’ll reiterate that a lot in this post. No private data ever goes on the blockchain!!!

To understand why DLT is useful for identity, we need to go back to the basics—paper credentials, how that model has worked for 1000s of years, and how the use of DLTs with verifiable credentials allows us to transition the great parts—security and privacy—of that model to the digital age.

Since as far back as 450BC, people have used paper credentials to enable trusted identity. Legend has it that King Artixerxes of the Persian Empire signed and gave Nehemiah a paper “safe transit” authorization that he used in travels across the empire. People have been using such documents ever since. In technical terms, a credential is an attestation of qualification, competence, or authority issued to an entity (e.g., an individual or organization) by a third party with a relevant or de facto authority or assumed competence to do so. Examples of credentials issued to people include a driver’s license, a passport, an academic degree, proof-of-vaccination and so on. Credentials are also issued to companies, such as business registrations, building permits, and even health inspection certifications.

Examples of Paper Credentials
*By Peter Stokyo,* *peter.stoyko@elanica.com, Licensed under* *CC By 4.0*

The Paper Credential Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

Verification in the paper credential model (ideally) proves:

Who issued the credential.
That the credential was issued to the entity presenting it.
That the claims have not been altered.

The caveat “ideally” is included because of the real possibility of forgery in the use of paper credentials. Back to our “proof-of-vaccination” problem.

Let’s see how the good parts of the paper credential model are retained in the verifiable credentials model. With verifiable credentials:

An authority decides you are eligible to receive a credential and issues you one.
You hold your credential in your (digital) wallet—it does not go on the distributed ledger!
At some point, a verifier asks you to prove the claims from one or more credentials.
If you decide to share your data with the verifier, you provide a verifiable presentation to the verifier, proving the same three things as with the paper credentials.
Plus: You may be able to prove one more thing—that the issued credentials have not been revoked.

As we’ll see, verifiable credentials and presentations are not simple documents that anyone can create. They are cryptographically constructed so that a presentation of the claims within a credential proves four attributes:

Who issued the credential–their identifier is part of the credential and they signed the credential.

Who holds the credential–there is a cryptographic binding to the prover.
The claims have not been altered–they were signed at the time of issuance.
The credential has not been revoked.

Unlike a paper credential, those four attributes are evaluated not based on the judgment and expertise of the person looking at the credential, but rather by machine using cryptographic algorithms that are extremely difficult to forge. Like the paper credential, the verifier does not go back to the issuer to ask about the credential being presented. Only the prover and verifier, the participants in the interaction, need to know about the presentation. So where do the prover and verifier get the information they need for their transaction? We’re just getting to that…

The Verifiable Credentials Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

Compared to the paper credentials model, verifiable credentials are far more secure. When the cryptographic verification succeeds, the verifier can be certain of the validity of the data—those four attributes stemming from verifying the presentation. They are left only with the same question that paper credentials have—do I trust the issuer enough

So where does the DLT fit in?

Three of the four things that the verifier has to prove (listed above) involves published data from the issuer that has to be available in some trusted, public distributed place, a place that is not controlled by a central authority (hmm…sounds like a DLT!). In Indy and Aries, data published to a DLT is used to verify the credential without having to check with the issuer. In particular:

The verifier has to know who issued the credential based on an identifier and cryptographic signature. From the presentation, it gets an identifier for the issuer, looks it up on a DLT to get a public key associated with the issuer to verify the signature in the presentation. Thus, the identity of the issuer is known.
The verifier has to verify that the claims data has not been altered by verifying a cryptographic signature across the data. Based on an identifier for the type of credential, the verifier gets from a DLT a set of public keys and verifies the signatures. Thus, the verifier knows no one has tampered with the claims data.
The issuer periodically updates a revocation registry on a DLT indicating the credentials that have been revoked. If the holder’s credential is revoked, they are unable to create a proof of non-revocation (yes, that’s a double negative…). If the holder can generate that proof, the verifier can check it. Thus, the verifier knows the credential has not been revoked.

The fourth attribute (the binding of the credential to the holder) in Indy is done using some privacy-preserving cryptographic magic (called a Zero Knowledge Proof) that prevents having a unique identifier for the holder or credential being given to the verifier. Thus, no PII is needed for sharing trusted data.

So why DLT? First, we can get the good parts of paper credentials—private transactions between holders and verifiers and no callback to the issuer. Second, the issuer gets a trusted, open and transparent way to publish the cryptographic material needed for those private holder-verifier transactions. Third, there is no need to have a “Trusted Third Party” participating in the interactions.

And did I mention, no private data goes on the DLT!!!

Hyperledger Indy, Aries and Ursa are enabling this approach to “self-sovereign identity” in a big way, bringing about a new layer of trust on the Internet that will let us preserve our privacy and give us control over our identity and data—where it belongs. There is a lot to learn. If you’re curious, a great place to start is this Linux Foundation edX course.

Cover image by Nick Youngson CC BY-SA 3.0 Alpha Stock Images

Feb 26

Love0

Hyperledger Aries Graduates To Active Status; Joins Indy As “Production Ready” Hyperledger Projects for Decentralized Identity

By Sam Curren, Hyperledger Indy contributor, Indicio.tech and Stephen Curran, Aries Cloud Agent Python Maintainer, Cloud Compass Computing Inc. Blog, Hyperledger Aries

The Hyperledger Technical Steering Committee (TSC) has approved Hyperledger Aries as the latest of Hyperledger’s projects to graduate from incubation to active status.

Hyperledger Aries provides reusable, interoperable tool kits designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials. The Aries project grew out of the need for protocols, open source tools and interoperability test suites that leverage networks enabling verifiable credentials, such as those supported by Hyperledger Indy.

This major milestone shows that Hyperledger’s technical leadership recognizes the maturity of the Aries community and project. The TSC applies rigorous standards to active projects including code quality, security best practices, open source governance, and a diverse pool of contributors. Becoming an active Hyperledger project is a sign that Aries has grown in both community and code and is a big step forward for the decentralized digital identity community.

“This approval is further evidence that Hyperledger Aries is a breakout success for the Hyperledger community,” said Brian Behlendorf, General Manager for Blockchain, Healthcare and Identity at the Linux Foundation. “Convergence on common libraries for the exchange of credentials will help speed the development of urgently-needed solutions and systems, ranging from education to finance to the fight against the pandemic. Aries is key to that convergence.”

The TSC’s endorsement of Hyperledger Aries as out of incubation and into active project status is particularly important as the world grapples with finding trusted ways for people to prove their COVID-19 vaccination or test results. Aries’ maturity and protocol-driven approach to issuing verifiable credentials and presenting verified proofs has meant that Aries is a part of every technical discussion in that domain, and a core component of many of the technical stacks being deployed.

Key components of an Aries solution are:

Agent Frameworks: In the digital world, humans, organizations and things need a way to store, manage and exchange verifiable data, including the crypto that decentralized identity demands. Agents do this work in a decentralized environment, and Aries Frameworks make it easy for anyone to build agents tied to specific business needs.
DID communications (DIDComm): Agent-like things have to interact with one another to get work done. How they talk in general is DIDComm. DIDComm was born in the Aries project, and work on the next version continues within a working group at the Decentralized Identity Foundation.
Protocols: The Aries protocols run on top of DIDComm and enable peer-to-peer application-level interactions among agents, and shows how they should be designed and documented. The Aries community has developed an approach called Aries Interop Profiles (AIP) that formalizes specific sets of protocols that any agent-maker must use to be interoperable across the community, and a test harness that verifies interoperability across disparate implementations using the protocols that make up an AIP.

A Wallet is a common term for a mobile agent used by a person. Wallets are the important link that enables people to manage their connections, credentials, and other aspects of involvement in the decentralized identity ecosystem. This important area of work has just recently received another boost with the community organization of work around creating an open source mobile agent using the Aries Framework Javascript and React Native.

Aries also has close community ties with the Trust Over IP (ToIP) project, which is also housed at the Linux Foundation. Both projects are working on the issuing, holding, and presenting of cryptographically-verifiable digital credentials without the necessity of intermediaries. While Aries is focused on the tools required for verifiable credential exchange, the Trust over IP Foundation is a project working to define a complete architecture, or stack, that combines both cryptographic trust and human trust relating to decentralized identity.

The TSC commended the Aries project during the meeting for the project’s highly diverse contributors. Achieving a high number of organizations contributing to a project at Hyperledger is often a challenge. Congratulations are due to those participating in and supporting the Aries Project.

What to learn more about Identity and Hyperledger Aries?

Hyperledger offers free introductory training courses in partnership with The Linux Foundation and edX.org including:

Introduction to Hyperledger Sovereign Identity Blockchain Solutions: Indy, Aries & Ursa

Becoming a Hyperledger Aries Developer

Do you want to get involved in Hyperledger Aries?If you’d like to support Aries, join our community and contribute! Your contributions will help to fix digital identity for everyone. You can participate in the discussions or help write the code powering Aries. Together, we will build a better platform for digital identity.

Feb 12

Love0

Working Together on What “Good” Looks Like

By Brian Behlendorf Blog, Healthcare, Hyperledger Aries, Hyperledger Indy

On Tuesday, the Good Health Pass Collaborative (GHPC) launched. This initiative is intended to define, in the context of test results and vaccination records for opening up borders for travel and commerce, a high bar for implementations of identity and credentialing systems to meet with regards to privacy, ethics and portability. They will also work with the implementers of such systems to converge towards common standards and governance.

A set of Linux Foundation organizations – TrustOverIP, Hyperledger, Linux Foundation Public Health, and its Covid Credentials Initiative – have engaged as supporting organizations and were part of the announcement. We did this based on very encouraging signs during formation discussions that GHPC would not only help bring many of the organizations emerging into the self-sovereign identity space into alignment on platforms and standards we have long championed, but would also give us an external reference point for our position on the importance of privacy in the design and implementation of such systems.

Hyperledger has been home to the pioneering digital identity ledger Indy and agent toolkit Aries, which form the basis of so many production privacy-preserving digital identity systems and, now, are serving as the basis for many of these emerging health pass solutions. The TrustOverIP Foundation led the formal recognition of the need and role for governance organizations in the digital identity landscape – showing how we can get both optionality and interoperability when we weave global identity and credentialing systems together in a decentralized way.

The Covid Credentials Initiative, starting way back in March 2020, recognized the potential for credentials of all sorts in the fight against this and future pandemics, and have pulled together an amazing community of technologists and entrepreneurs working together on this. Now, as part of Linux Foundation Public Health, we are working to bring together a set of software projects that can implement credential systems and help accelerate adoption of these globally, centered on the needs of public health authorities.

On Thursday’s GHPC webinar, Charlie Walton from Mastercard said GHPC is “in the business of describing what good looks like.” We will be working with GHPC to bring our own communities’ views of not just what good looks like, but how we’re already working together to standardize and implement this work. Furthermore we’ll see if our processes can directly support GHPC’s efforts to harmonize this domain.

We recognize there are quite a few of these initiatives now, reflecting just how broadly this issue is felt across society. We can play – we must play – a key role in channeling all this market activity and good-faith sharing of expertise into applications directly in people’s hands, so we can get back to travel and re-opening workplaces and schools in a safe and equitable way. Our key levers to move the world are open source software and open public engagement, and we will double-down on those tools to have a unique and substantive impact.

Look for more on this soon within our communities. We’re incredibly excited to be a part of this global effort.

Feb 02

Love1

Once Again, Forbes “Blockchain 50” Shows Enterprise Blockchain’s Footprint and Impact, with Hyperledger Technologies Leading The Pack

By Hyperledger Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Grid, Hyperledger Indy, Hyperledger Sawtooth

Declaring that blockchain has “gone mainstream,” Forbes today released its 2021 “Blockchain 50,” featuring companies that have at least $1 billion in revenues or are valued at $1 billion or more and “lead in employing distributed ledger technology.” And, once again, half of the companies on the list are using Hyperledger technology.

Twenty five companies on the list name at least one Hyperledger technology as part of their solution platform. Hyperledger Fabric, specifically, is cited as a platform by 24 of the companies, topping the list as the most widely used technology. Hyperledger Aries, Indy, Grid and Sawtooth are all also deployed by companies on this list.

The annual list, now in its third year, reflects the growing global impact of blockchain technology with 25 members from the U.S., 13 from Europe and a record 12 from Africa, Asia, the Middle East and Latin America. All in all, there were 21 companies that were new to the list, and 15 of them, including ones from Australia (BHP), India (Tech Mahindra) and Africa (Sappi), use Hyperledger-based platforms.

Of the 12 companies that have made the list every year, six (Ant Group, Cargill, DTCC, IBM, ING and Walmart) use Hyperledger technologies.

More than just a basic list of companies and technologies, the Forbes Blockchain 50 provides a snapshot of the market-changing deployments these blockchain leaders have deployed. Accompanying stories add even more analysis and context.

This annual look at the market is a good reflection point for the traction our technologies have in the current market but also a guidepost to what needs to come next. The increasing global adoption of blockchain – public, private, hybrid – and coming shifts in currency adoption and payments as well as uptake in markets as diverse as mining, telecom, pharma and shipping all point to the growing reach of distributed ledger technology. And, in the face of such challenges as the pandemic, climate change and income equality, it is important to put the focus on what we can accomplish building on blockchain as a cornerstone.

Jan 20

Love0

Kiva Protocol, Built on Hyperledger Indy, Ursa and Aries, Powers Africa’s First Decentralized National ID system

By Hyperledger Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa

For the 1.7 billion unbanked adults around the world, access to financial services is extremely limited. Without even a basic savings account, economic opportunity is often limited to informal offerings such as local shopkeepers who extend credit to their customers, microfinance institutions that work to serve the last mile, and community savings and credit associations that are setup by individuals living in the same village.

In the unbanked world, individuals borrow a few hundred to a few thousand dollars at a time, paying back over a relatively short time frame of 12-18 months. But despite excellent credit records, they are unable to receive even similar credit facilities at local banks. This is because the data from their informal transactions is essentially invisible: the banks either do not trust the data sources, or are otherwise unable to verify the provenance of the data.

While this is the state of the world today, it does not have to be our future. Kiva, a US-based nonprofit organization focused on financial inclusion, has built Kiva Protocol to bridge the data disconnect and help enable universal financial access. In 2019, Sierra Leone, a West African nation of about 7 million, launched the National Digital Identity Platform (NDIP) that used Kiva Protocol to enable fast, cheap, and secure identity verification for its citizens.

Kiva Protocol is built using Hyperledger Indy, Aries, and Ursa, and as implemented in Sierra Leone, allows citizens to perform electronic Know Your Customer (eKYC) verifications in about 11 seconds, using just their national ID number and a fingerprint. With this verification, it is possible for the nation’s unbanked to open a savings account and move into the formally banked population.

To find the right platform, Kiva assessed more than 20 software stacks, both centralized and decentralized. Blockchain and decentralized ledger technologies quickly emerged as good solutions for the developing world as they enable data provenance at the protocol level and stakeholders can act relatively independently to enable their various activities in the formal and informal sectors.

After deep consideration, Kiva decided to use Hyperledger’s stack for identity: Indy, Aries, Ursa. While all three projects are closely related, each has a distinct mandate:

Hyperledger Indy is a distributed ledger purpose-built for decentralized ID with transferable, private, and secure credentials;
Hyperledger Aries is infrastructure that supports interactions between peers and between blockchains and other DLTs; and
Hyperledger Ursa is a modular, flexible library that enables developers to share time-tested and secure cryptography.

In August 2019, Kiva launched the beta of Kiva Protocol with a public event opened by the president of Sierra Leone. Since that launch, global regulators have made significant progress in terms of how they are considering digital identity and eKYC verifications. There is a growing global movement towards user-owned and -controlled data, better privacy, and more universal access.

As of today, Kiva is focusing on building additional ecosystem applications and services to make it easier for all stakeholders to access and use Kiva Protocol. Much of this is being contributed upstream into the Hyperledger Indy and Aires projects, with the remaining components hosted in Kiva’s repository.

Hyperledger teamed up with Kiva on a detailed case study covering the challenges of the unbanked, requirements for a solution that delivers fast, cheap and secure ID exchange, and plans for expanding Kiva Protocols’ use to other countries and other applications.

Read the full case study here.

Nov 05

Love0

DEON: A Hyperledger-based DEcentralized Off-grid Network

By Harris Niavis, Yale University Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Indy

The DEON project focuses on the application of blockchains to secure data sharing in private networks and was initiated in 2018 in the wireless and sensor networks laboratory at the Yale Institute for Network Science. The use case of off-grid communication networks was identified with the goal of enabling their full decentralization in terms of data management and identity management. Off-grid (communication) networks are peer-to-peer networks that are autonomous, without super nodes and not dependent on the Internet’s physical infrastructure. Several recent developments like goTenna^[1] and the Beartooth^[2] offer standalone wireless devices that could be used to form local peer-to-peer networks. Other developments like the well-known Guifi community network^[3] in Catalonia, Spain, are community-led paradigms in that space. Although these networks promote decentralization, openness, and fairness, they rely on legacy, centralized technologies for specific parts of their architecture like data and identity management. The integration of blockchains into off-grid networks appeared promising since blockchain provides attributes like transparency, privacy, distribution of governance and decentralization that are highly desirable in off-grid networks.

We chose Hyperledger Fabric as the framework to build our architecture because of its flexibility, performance and the potential we saw behind this huge community of enthusiasts and developers to further advance the technology. After we got familiar with the framework, we identified a key missing aspect: a decentralized identity management component. Unlike the rest of Fabric’s architecture, its native identity management is centralized and based on Certificate Authorities. So we came across the following questions: “which of the nodes in the network is going to host and manage the CA?”, “can we stick with the initial plan of having equal nodes?”and “how can we preserve the decentralization of off-grid networks if we rely on centralized nodes?”

Looking at the rest of the Hyperledger ecosystem, we found that Hyperledger Indy and Aries enable decentralized identity management. We could transform the centralized CAs of Fabric to a distributed CA entity, aka the Indy ledger, so that they are accessible by all nodes but not hosted by a specific one. This approach would work like a distributed oracle of trust in the network but necessitated some changes in Fabric and other extensions in the entire stack to bring DIDs into the “Fabric world.”

Approach and proposed architecture

The first Fabric extension identified as necessary for the integration was an Indy-based MSP to verify identities, signatures and transactions signed by DIDs. In addition, we had to enable the Fabric SDK (Go) to sign transactions using DIDs. For the Indy/Aries part, we leveraged the Hyperledger Aries Cloud Agent (aca-py)^[4], which is deployed in each node of the network and serves as both the verifier and the issuer in the network. On one hand, it signs Fabric transactions using DIDs and issues credentials to the users of the network, and on the other it verifies proofs and transactions signed by DIDs. The DEON Core Service leverages Fabric private data collections and an interface to IPFS to expose a REST API for secure, transparent, fast and privacy-preserving data storage. An overview of the integration is shown in the figure below. The proposed architecture can be employed by off-grid networks of any kind, from IoT to communication and inter-enterprise consortia networks, for enabling self-sovereign identity and user-centric data sharing.

Figure 1: HL Fabric-Indy/Aries integration

Project outcomes and future work

The work started as a joint effort between the wireless and sensor networks lab of Professor Leandros Tassiulas at the Yale Institute for Network Science and Tata Consultancy Services (TCS), which put its expertise in decentralized identity to work in the development of the identity parts. Part of the work and initial benchmarks of the architecture deployed in off-grid settings are presented in the paper “A Blockchain-based Decentralized Data Sharing Infrastructure for Off-grid Networking^[5].”

Currently the Yale team is working on improving the code to make it more usable by others as a standalone solution for integrating Fabric and Indy/Aries. The team is also working on feature enhancements for the DEON platform, such as supporting Fabric v2, updating DEON identity agents to the latest version of the aca-py agent, extending the DEON REST API with admin functionalities and finally looking for new applications of the platform. The code of the project can be found on GitHub https://github.com/off-grid-block.

[1] goTenna off-grid device: https://gotenna.com/
[2] Beartooth off-grid device: https://beartooth.com/
[3] Guifi.net: https://guifi.net/
[4] aca-py agent: https://github.com/hyperledger/aries-cloudagent-python/
[5] “A Blockchain-based Decentralized Data Sharing Infrastructure for Off-grid Networking”: https://arxiv.org/abs/2006.07521v2

About the author
Harris Niavis is a Research Engineer at Yale University. His research interests lie in enterprise blockchain networks, decentralized identity management, mesh networks and IoT.

Cover image by Pete Linforth from Pixabay

Aug 26

Love5

Hyperledger-Powered Education Solutions in Action

By Hyperledger Blog, Education, Hyperledger Aries, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha

Just before the age of COVID began in earnest, The New York Times ran a feature on “How Technology Is Changing the Future of Higher Education.” The rise of remote learning and other pandemic-related changes and challenges have added to the need and opportunity for technology-driven advances.

The Hyperledger community is doing its part to help the higher education market adapt to an increasingly digital world. Below we look at five Hyperledger-powered solutions that are at work now in the education market. They are helping colleges and universities modernize how they tackle a number of core tasks, including issuing and verifying academic credits, automating on-campus payments and managing students’ identity and privacy.

Read on for more about these #HyperledgerEdu solutions, built using a mix of Hyperledger technologies:

Byacco, an on-campus payment system

Soramitsu has officially released Byacco, a payment system based on Hyperledger Iroha, for the University of Aizu, Japan. Byacco is a system that allows students and staff of the University of Aizu to use an application on their phones to pay for goods in the cafeteria and university store and to transfer funds within the campus. To make a transaction, all they need is to scan or to provide a QR code, depending on the operation. Byacco’s technology also has high standards for transfers: it follows the EMV® QR Code specification and has bank application level financial security protocols. The keys that are used to authorise transactions on the blockchain are stored only on the device, in a secure storage, so that no one except the owner can access the funds. Students of the university can join the development of the system, thus acquiring skills in creating financial systems based on Hyperledger technologies.

DoDream, a “Study Abroad Platform”

Dain Leaders is an education solution provider for universities in Korea. It serves more than 45 Korean universities by providing services for students’ career path development. As part of that effort, Dain Leader is introducing its “Study Abroad Platform,” called DoDream, to support the extended education ecosystem of the universities, accreditation and related agencies, and prospective employers. Based on Oracle Blockchain Platform Cloud Service (which is powered by Hyperledger Fabric), the platform is an O2O service that provides foreign students with information on studying in Korea and a matching service with Korean universities.

Oracle Digital Certificates Solution

In the face of fast-changing demographic and economic drivers and student expectations, the current processes for issuing and verifying student certificates are too inefficient and time consuming. They can also lead to fraudulent or counterfeit certifications.

The Oracle Digital Certificates Solution, built on the Oracle Blockchain Platform (based on Hyperledger Fabric), provides a complete, end-to-end solution for educational institutions to issue verifiable tamper-proof and secure credential certification that improves the student experience after graduation and improves operational efficiency. The solution enables institutions to issue digital certificates along with transcripts and provide self-sovereign capability to the students who can share them securely with third parties through an access token.

This solution has been successfully deployed in production by customers like China Distance Education Holdings Limited (CDEL) and Taibah Valley University. CDEL uses Oracle Blockchain to share educational records and professional certifications across many educational institutions to help employers and recruiters verify the educational credentials claimed by individuals.

Many other institutions like national universities, employment agencies, government organizations, professional skills academies and universities that provide student grants/scholarships are using this solution as part of ongoing or planned pilots.

PwC Smart Credentials

Data is the new gravity in the world today and organisations are gravitating to and concentrating around trust as the ultimate currency in this data driven world. This trust is crucial for people to exchange information, especially in this digital age when trust is often violated.

With that premise, PwC developed Smart Credentials, a credential issuance, sharing, reviewing and revocation platform levegering the inherent core benefits of blockchain technology such as immutability, tamper-proof nature, transparency, authenticity and security.

Built using Hyperleder Indy and Hyperledger Aries to support the verification process, Smart Credentials has two key pillars: Authentication (you are who you say you are) and Authorization (genuine claim). Both are crucial ingredients of building trust in any ecosystem.

Smart Credentials recently won a “Bronze” medal for the Best Global Blockchain Innovation 2019 at the Reimagine Innovation awards (Backed by Wharton and QS) and is a finalist in the DataIQ 2020 awards “Best data product/ service” of the year category.

Verified.Me

As higher education moves deeper into online and remote learning for traditional and non-traditional students, colleges and universities are now offering a broader array of services that extend the campus experience to the digital realm. Beyond the advent of digital programming, educational institutions are also privy to sensitive personal student, faculty and alumni data from income and payment information to disciplinary records, healthcare and insurance information.

SecureKey Technologies’ Verified.Me service is one approach that supports education’s new digital and data privacy demands. This new digital identity verification service can help verify students, alumni and faculty in a timely and secure manner, strengthening educational institutions’ ability to expand their digital offerings with confidence – while also providing much-needed cost savings. Verified.Me is built using the IBM Blockchain Platform, which is based on Linux Foundation’s open source Hyperledger Fabric.

Join the conversation about solutions and applications supporting the higher education marketing with #HyperledgerEdu this month on social channels. Also, Hyperledger has an Education Architecture Special Interest Group that is open to all.

May 28

Love5

Interoperability and Integration Developments in the Hyperledger Community

By Hyperledger Blog, Hyperledger Aries, Hyperledger Besu, Hyperledger Cactus, Hyperledger Fabric, Hyperledger Grid, Hyperledger Indy, Hyperledger Sawtooth

Interoperability and integration are top of mind issues across the blockchain space right now. From new projects to new solutions, the Hyperledger community is taking on the challenges of cross-chain and cross application communication and data flow.

Here are some of the most recent #HyperledgerInterop developments from across the community.

New Project – Hyperledger Cactus

The newly announced Hyperledger Cactus is a blockchain integration tool designed to allow users to securely integrate different blockchains. This pluggable architecture helps enable the execution of ledger operations across multiple blockchain ledgers, including Hyperledger Besu, Hyperledger Fabric, Corda, and Quorum available today, with the aim of developers continually adding support for new blockchains in the future.

Cactus started as a Hyperledger Labs project six months ago and has attracted significant attention and become a locus of collaboration between developers from teams at Accenture and Fujitsu, and dozens of others working on DLT platforms both inside and outside Hyperledger.

Member applications

DAML, the open source smart contract language created by Digital Asset, enables application portability across three major Hyperledger frameworks: Besu, Fabric and Sawtooth. Blockchain Technology Partner’s Sextant for DAML supports both Hyperledger Besu and Sawtooth, as well as Amazon QLDB and Aurora cloud databases, allowing the same distributed application to be easily deployed across all four platforms. Hear more about the “Write Once, Interoperate Anywhere” approach in this presentation on how DAML smart contracts connect networks, especially Hyperledger Besu, Fabric and Sawtooth.

Hyperchain Labs created an oil and gas ticketing blockchain network to help companies reduce costs, improve performance and maintain compliance. The network is built using the Hyperledger Fabric framework and is run on the IBM Blockchain Platform. BlocWatch software is used to ensure the Hyperchain Labs network is running optimally and securely. As a monitoring and security tool, BlocWatch seamlessly integrates with Hyperchain Labs and IBM, empowering users to easily manage all platforms in one place. Explore how Hyperchain Labs uses BlocWatch in conjunction with the IBM Blockchain Platform in this short video.

Smart Block Laboratory built the Hyperledger Fabric-powered distributed register Cryptoenter, blockchain infrastructure for digital banking that unites banks into a single digital space for transmitting financial messages and brings a new level of interaction to the financial market. The platform is designed for p2p interaction between consumers of financial services, safe execution of payment transactions with cryptocurrencies, fiat currencies and cryptocurrencies, user interaction within a social network for investors / distributed crowdfunding platform.
The basis of the platform is the Rubicon Blockchain, a cloud platform for the blockchain economy, built on Hyperledger Fabric. Cryptoenter has a dual security system: at the Hyperledger blockchain network level and at the Rubicon Blockchain (also based on Hyperledger Fabric) network level. The solution uses an SRP authentication system. TLS (transport layer security) protocol based on SSL (Secure Sockets Layer) protocol is also included. This dual security system allows Cryptoenter to authenticate the person who signed the message, control message integrity, protect the message from fakes and prove the authorship of the person who signed the message.

Technical talks from Hyperledger Global Forum

Nathan George from the Sovrin Foundation offers his take on “Standards and Interoperability for Identity”

Identity platforms have made significant advances leveraging blockchain technology and standards developed at Hyperledger. In his talk, Nathan covers the latest in trusted information flows and the standards being incubated to promote interoperability and create network effects across multiple blockchains and identity platforms.

Key topics include the advancements incubated in Hyperledger Indy, Hyperledger Aries, the W3C Credentials Community Group and at the Decentralized Identity Foundation for Verifiable Credentials, Decentralized Identifiers (DIDs), DID Communications, Identity Hubs, Authentication, and the data models that power them.

Panelists Rich Meszaros and Sarah Banks from Accenture, Melanie Nuce from GS1 US, David Cecchi for Cargill and Patrick Erichsen from Target discuss “Business Interoperability – The Key to Supply Chain Traceability”

Technology such as blockchain has the power to solve complex challenges and achieve improved supply chain traceability. In order to tap into this powerful technology, interoperability, enabled by robust data and transaction standards, are a must! Segments of the supply chain, such as the food industry, have made significant progress leveraging data standards to support food safety and product transparency use cases. The panelists discuss their companies’ work on improved supply chain traceability, the importance of standards and the role business interoperability plays in accelerating the success of new technologies like blockchain.

Join the conversation about blockchain-based identity technologies and solutions with #HyperledgerInterop this month on social channels.

Cover image by Clker-Free-Vector-Images from Pixabay

Dec 06

Love6

Why SSI Incubator: An inside look at the program and startups

By Maya Kanehara, Managing Director, Self-Sovereign Identity Incubator Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa

The identity community at Hyperledger is lucky to see the groundbreaking toolboxes, libraries, and resources grow by leaps and bounds in just a very short time. From Hyperledger Indy, then Hyperledger Ursa, to the new project Hyperledger Aries, widespread adoption of decentralized identity is closer than ever. It was this excitement and optimism for the growing industry of identity products and solutions being born out of this community from which the Self-Sovereign Identity Incubator (SSI Incubator) was launched. By combining the expert mentors from all over the decentralized identity world with some of the most passionate innovators in the identity startup scene today, the Hyperledger identity community is poised to see growth that we’ve all been waiting for.

The SSI Incubator is designed to remove barriers to startup financing and success within the self-sovereign identity (SSI) industry. More than just seed funding and high-profile pitching opportunities, participating startups also receive co-working space, educational workshops, mentorship, and networking events with some of the most influential voices in the decentralized identity community today. The startups in this program are nearing the end of this time-limited and mentor-focused program, with the 12 weeks culminating in a final evening devoted to exploring the future of SSI.

The five startup projects are:

Domi (Berlin): Digital passports for landlords and tenants that would create a fairer rental market.
HearRo (Los Angeles): A blockchain-powered phone system for trusted, effortless communication
MetaDigital Inc (Toronto): An Intelligent Healthcare Platform that would eliminate medical prescription and insurance claim fraud with real-time digital verification.
Spaceman ID Inc (Chicago): Tools for companies to easily implement private, secure, and portable digital credentials.
Xertify (Bogotá, CO): A network where people and institutions can exchange trusted information based on blockchain technology.

“The Hyperledger identity community holds the secret to growing the use and interoperability of SSI. The SSI Incubator has shined a light on the breadth of organizations of all types and sizes that see the value of decentralized identity,” said Heather C. Dahl, CEO & Executive Director of the Sovrin Foundation. “The mix of SSI solutions and startups focused on healthcare, enterprise adoption, the home rental market, telecommunications, and education joined us from around the world shows the widespread interest and development in self-sovereign identity technologies. This range of diverse solutions is what is driving SSI adoption.”

The SSI Incubator is a joint venture between the Sovrin Foundation and investment firm Hard Yaka. Join the SSI Incubator and startups for the culmination of their work by registering for their final event of the year.

Nov 22

Love0

Aries Connectathon: A Community-Driven Event for Identity Projects at Hyperledger

By Sam Curren, Sovrin Agent Architect, Sovrin Foundation Co-Chair, Hyperledger Aries Working Group Blog, Events, Hyperledger Aries

With three identity specific projects, Hyperledger is now home to a dynamic and growing community with hundreds of unique contributors and maintainers. The first identity-focused project was Hyperledger Indy first launched in 2018, then Hyperledger Ursa later that year. In early 2019, Hyperledger Aries launched to create a shared, reusable, interoperable tool kit for the exchange of verifiable credentials across systems and networks. We’re now thrilled to announce the Hyperledger Aries community will be meeting December 3-5, 2019 in Provo, Utah, for an in-person connectathon.

The goal of this event is to increase communication, interoperability, and support across the many Aries compatible projects. Like the previous, more informal, connectathon held earlier in 2019, this is a community-led event. Some of the focus will be on certain Aries projects currently in development within the community including, but not limited to:

Aries Cloud Agent – Python, developed by the government of British Columbia
Aries Framework DotNet, the Open Source foundation for StreetCred’s mobile app
Mattr Global’s Open Source Mobile Agent (OSMA)
Aries Framework Go, developed by SecureKey
LibVCX based projects, supported by Evernym

The Sovrin Foundation, a leading contributor of Indy, Ursa, and Aries projects, is hosting the Aries Connectathon.

After kicking off with an overview of the key topics at this architecture and design focused event, attendees will focus their work on collaboration across Hyperledger Aries compatible codebases with test suites, tools, and direct interoperable interaction. This includes DID Communication, Verifiable Credential Exchange, DID Exchange, and other protocols targeted for wider adoption. Time spent at this community event will primarily be workshop related, supported with speakers and discussions on relevant topics.

It’s important to note that this is primarily a coding event; however, all contributors, maintainers, and community participants from any project interested in these topics are welcome to attend. Most of the participants at this event will already be active participants in the Hyperledger community and should be ready to hit the ground running. The Aries Connectathon is a great place to roll up your sleeves and get to work!

Hyperledger and Streetcred have already generously offered sponsorship to help cover some of the costs of the three-day event. Many event sponsorships are still available.

Please see the event wiki to register and find out how to get involved.