Oddbean new post about login | logout Saylor is trying to create a trust anchor. But since anyone can create their own DID:BTC without Microstrategy's approval (lots of spam), the anchor must be Microstrategy's KYC platform. Microstrategy will have select DID:BTCs they have approved and probably KYCed to receive the Orange check. This means, Orange check verifiers must not only check the DID Document but verify if the DID itself was signed by Microstrategy's master key. Like nostr:nprofile1qythwumn8ghj7un9d3shjtnwdaehgu3wvfskuep0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgawaehxw309ahx7um5wghx6at5d9h8jampd3kx2apwvdhk6tcqyqzvj9w6alhrsvtl5u6ygjkwuwg2sf5lukqskgjpuhnd6dpal0kvjr7awa6 would say: ORANGE CHECKS ARE JUST BLUE CHECKS FROM A DIFFERENT COMPANY.
ORANGE IS THE NEW BLUE
No, you're combining the notion of a DID and a Verifiable Credential. A DID by itself proves / attests nothing. A DID is not KYC. Lots of misunderstanding here.
That's what I am saying. Microstrategy has to sign the DID to attest for it. Anyone can create DIDs.
The anchor is the DID itself, no? Attestations relating to KYC should come in the form of a Verifiable Credential that are controlled / issued to that DID (hopefully) as opposed to a simple signed message by a DID relating to some other entity.
The DID anchors all signed packages by the key defined inside of it. But the DID doesn't create "Trust". Spammers can have DIDs that anchor all of their messages that you can verify. But the "Trust" only comes when you verify the did (or a VC, like you said) from an entity that you already Trust. A Trust "Anchor" is then the master entity whose all trust derives from. Sure, you can have many Trust Anchors, but the Orange Check is specifically marked as Microstrategy's anchor keys. There is no way to have only one Orange Check for multiple Trust Anchors, since their trust-verifying methods can be completely different from one another. And if they are all the same, then it is almost as if there are all derived from an invisible Trust Anchor. A Trust Cartel if you want.
Yes, agree, ty. The goal (and current gap in this space, IMHO), is around your last point and deriving an open trust model / framework that would enable others to make similar (if not the same) "verified" attestations about other DIDs. I personally think this is a novel concept (putting the entire DID Doc on-chain), and I'm confused why people are shitting on it. Many are quick to espouse anti-kyc blah blah (and they're not wrong), but at the same time identity is broken and we need to find a way forward. DIDs and VCs are the obvious answer, and will return consent and sovereignty to individuals when it comes to the storage and utilization of their PII.
DIDs have been placed on blockchains for over 10 years now. They don't really solve anything by themselves. DIDs are fine, decentralized and can build the open trust model you want. But specific DID Methods are always more constrained than the DID spec. BTW, Microstrategy said in the video that the first e-mail is signed by Microstrategy's keys. So, I am not just imagining this. I don't think the approach is terrible. It's just that there is no difference from what they are doing to a regular company-owned DID process. Nostr Follow Lists already created a more "open trust" model than any DID implementation ever built.
It seems a really good idea. Decentralized ID with a centralized entity getting KYC... Stupid thing but good marketing for Microstategy.
We are discussing this here: https://stacker.news/items/527157
Sure, but despite what they say, “decentralization” isn’t the goal, and the MS Office ecosystem is an enterprise business software monopoly. Which is the space and game they’re playing.
Exactly. MicroStrategy is b2b. But b2p (pleb). He's aiming at enterprise customers. His use of inscriptions is annoying, but block space is infinite, so bitcoin doesn't care.
share everyones concerns here. what are the id systems that techs, devs, cryptographers are leaning towards? which are most universally used? would be really interested to see this thread expanded, as we can't avoid it so we may as well lead it.
I wouldn't call sheepish. People have too much to do on a daily basis. So, to simplify they attach themselves to brands until the brand doesn't work anymore: eg: "I don't know how to keep my bitcoin safe, I will just use Coinbase for now", "I don't know how to make a phone, I will just use Apple's for now", "I don't know how to plant onions, I will just use the market's for now", etc. It's not being sheep. It's practicality. But that practicality is also what rug pulls them all the time. For many, these brand rug pulls are just anticipated as "cost of living" (akin to the "cost of doing business").
These are examples of convenience. What I would add is, convenience is not always practical. Impractical convenience is sheepish. Practical convenience is a means to an end.
