Oddbean new post about | logout
 Self Sovereign Identity: There Is No Free Lunch?

It seems that any kind of self sovereign identity (SSI) verification mechanism must involve effort on the part of the user— because the lower the effort required, the easier it is to game. This effort—inherent friction—will be a challenge to adoption.

SSI’s necessary verification effort can be compensated for by making it worthwhile for the user; by making the SSI, once acquired, powerful and multifunctional. However, that in turn makes identity theft more profitable. 

Unless I’m missing something, there seems to be no escape here. 

Social recovery is often mentioned as a way to harden SSI. But if not done in the meatspace this can be subject to man-in-the-middle attacks. And eventually, as people’s bodies get more integrated with digital hardware (a la neuralink), the advantage of meatspace verification will diminish.

I’m not saying Self Sovereign Identity isn’t a worthy goal to pursue, just trying to identify what fundamental challenges we will be facing as this technology is rolled out. 

Thoughts?