Web3: Self-Sovereign Authority and Self-Certifying Protocols; Technometria - Issue #40

I stumbled across Web3 is Self-Certifying from Jay Graber. Jay’s post resonated with me on several points. First, her tweet about the article said “You might notice I wrote this whole post on the ‘decentralized web’ without using the words ‘decentralized’ or ‘distributed’ even once. I am tired of defining the things we want to build through negatives. That doesn’t say what it is.” This has been a sticking point for me for some time. For example, in an answer I authored on Quora about Web3, I said:

Decentralization isn’t the goal. The goals are much more grand and include nothing less than a digital world that respects human dignity and autonomy.

Jay defines Web3 as user-generated authority, enabled by self-certifying web protocols. I like “self-sovereign” better than “user-generated” because I think it better speaks to the the source of our authority to act. Besides, user makes me think of a druggie dependent on someone for their next fix. Sovereign is the right word for describing the essential distinction between our inalienable self and the administrative identifiers and accounts endemic in Web2. But still, her work to define Web3 in terms of sovereign-source authority and self-certifying protocols gives me hope.

Following up on this, Jay distinguishes Web 1.0 from Web 2.0 from Web 3.0. I’ve tried to capture her thoughts, briefly, in this graphic:

In this figure, a “host” is some server, somewhere. In Web 1.0, it was just the machine under my desk with no notion of users other than me. Web 2.0 separated the need to host the content from the desire to generate it. Blogging on a platform like Radio, Typepad, or Wordpress was one example. Later, Twitter, Facebook, and other social media platforms filled this role and became behemoths. In Web 3.0, people (a word I like better than “user”) can return to generating content (broadly defined) under their own authority.

The term “self-certifying is also something that caught my eye because it’s a core feature of autonomic identity systems which I believe must form the basis for any future web where people have the tools to act independently—what I’ve called digital embodiment. An easy way to think about self-certification is that it describes systems (and protocols) that don’t rely on third parties. Peer DIDs and KERI are self-certifying because they rely solely on self-sovereign authority.

Closely related to the idea of self-certification is self-administration. Self-administration means that something is independently administered by the controller. Again, no third party needed. I wrote about an example of this, NoFilter.org that provides self-certifying and self-administered blogging using Metamask, some Javascript, and IPFS. No third parties (hosts or platforms) to say what can or can’t be posted, surveil me, or otherwise intermediate me and my post.

A self-certifying protocol is based on a self-certifying, cryptographic identifier (I call them autonomic identifiers), but uses content addressable data. Content addressable data is any data that can be located based on its cryptographic hash. Using the private key associated with an autonomic identifier to sign the hash of the data provides a way to claim control of that data. This is self-sovereign authority and makes data portable because it’s authenticity is not based on where its found, but the signature. This is in contrast to Web 2.0 where the authenticity of data (say a tweet) depends on its particular place on the Twitter servers in a hierarchy controlled by Twitter. Goodbye client-server. Note that in all of this blockchains and other decentralizing technologies are just implementation strategies, not end results.

Web3, that is self-sovereign authority enabled by self-certifying protocols, gives us a mechanism for creating a digital existence that respects human dignity and autonomy. We can live lives as digitally embodied beings able to operationalize our digital relationships in ways that provide rich, meaningful interactions. Self-sovereign identity (SSI) and self-certifying protocols provide people with the tools they need to operationalize their self-sovereign authority and act as peers with others online. When we dine at a restaurant or shop at a store in the physical world, we do not do so within some administrative system. Rather, as embodied agents, we operationalize our relationships, whether they be long-lived or nascent, by acting for ourselves. Web3, built in this way allows people to act as full-fledged participants in the digital realm.

That’s all for this week. Thanks for reading.

Please follow me on Twitter.

If you enjoyed this, please consider sharing it with a friend or twenty. Just forward this email, or point them at my news page.

I’d love to hear what you enjoyed and what you’d like to see more (or less) of. And if you see something you think I’d enjoy, let me know. Just reply to this email.

P.S. You may be receiving this email because you signed up for my Substack. If you’re not interested, simply unsubscribe.

Photo Credit: Bison calf suckling from Frank Schulenburg (CC BY-SA 4.0)

© 2022 Phillip J. Windley. Some rights reserved. Technometria is a trademark of PJW LC.