We refreshed our doc site!
Bookmarked links may have changed
Read release notesThe design of Verite was optimized for the privacy at various levels, but it was also optimized for flexibility for each actor in the system, to support many different kinds of business arrangements and infrastructural investments. Fundamentally, Verite only thrives (and justifies its complexity) if an organic and resilient ecosystem arises where actors can specialize, discriminate, and profit. Like all ecosystems, we need governance to balance flexibility against liability and reach against fairness. This overviews components of the governance we see as necessary.
In a network with multiple issuers, every VC issued should be on equal footing. This means a VC can be presented across the network with the same level of confidence and veracity, regardless of who issued it and who verifies it
Without common ground about the meaning and value of each VC, the Verite ecosystem will only be as strong as its weakest Issuer or Verifier:
Verite is currently orchestrated by Circle in close collaboration with its initial implementers, and grounded in feedback from early evaluators who commit seriously to considering our work to date. This is “strategically centralized,” in the sense that Circle is currently the hub at the center of major technical and business planning with implementers, but the multi-lateral collaboration has already started in Working Groups, bound by multi-lateral IP/NDA agreements. One such working group is actually focused on roadmapping and elaborating everything that follows; to get involved, reach out to Circle.
In a scaled ecosystem with multiple issuers and verifiers of differing scales and foci, Verite needs an explicit, detailed governance framework and rulebook that defines how to create, update, and enforce rules and standards that bind the network together legally and technically. These can be thought of as “by-laws” that structure how Verite expands, as community-driven governance gets formalized.
This rule-based governance will be key to making Verifiable Credentials, and the business relationships they represent, portable and interoperable, and thus to achieving mass adoption.
Verite governance will have three primary components: (1) the Governance Framework, (2) the Rulebook, and (3) the Network Utilities.
The Governance Framework refers to a standing body of humans representing organizations (companies, non-profits, and/or DAOs), who together make decisions about Verite. This includes an authoritative Verite Governance Board and the more dynamic Verite Working Groups that spin up and wind down on a “project basis” to add technical, business, product, and/or legal features to Verite as a whole.
The Verite Governance Board should authorize new Working Groups, which produce standards and technical artefact. One such working group is already working on a Rulebook (detailed below) that governs and binds key ecosystem participants. When Working Groups present upgrades to an already-functioning Verite system in production, this can create breakage (technical and economic) for participants; for this reason, the Governance Board’s primary duty is to make decisions about these changes. Specifically, the Governance Board votes to accept changes to standards and rules that protect the technical and regulatory integrity of the Verite ecosystem.
The governance framework will define (not exhaustive):
The “Network Utilities” that power Verite provide common services to all participants and end-users in the Verite ecosystem.
The first and most structural network utility is the Trusted Identity Registry. The Trusted Identity Registry defines which Issuers and Verifiers can be trusted to adhere to Circle Verite Standards. It functions as an “key directory” providing authoritative key material to prevent phishing or impersonation within the system. As Verite scales up, it will also include up-to-date information on conformance testing, to facilitate real-time decision making about the trustworthiness and roadworthiness of each actor’s implementation and credentials. Circle reserves the right to remove actors from the Registry if they have not signed the Rulebook or have been judged by the community not to be honoring it.
Circle will build, maintain, and publish the Trusted Identity Registry that includes Issuers and Verifiers which have applied for and been approved by the Verite Governance Board to join the registry.
Entities in the registry adhere to technical, operational, legal, regulatory, and compliance standards defined by Verite Governance Board.
Verifiers and Issuers in the registry must sign a Verite Rulebook which defines the rights, obligations, standards, reps & warranties, etc that they must adhere to.
The rulebook dictates the conditions under which a VC can be issued, verified, and or/revoked
The Verite Governance Board can elect to remove entities from the registry if they fall out of compliance with the rulebook.
Each one is identified by a Decentralized Identity (DID) from a supported DID method, that is listed in a machine-readable registry published on Github and in an Ethereum smart-contract for on-chain use-cases.
As the network expands and hits the market “in production”, all of this will have to be formalized: not just the governance between issuers and verifiers, but also the liabilities and obligations from issuer to end-user to consumer/relying party. These various kinds of relationships will be circumscribed and specified by rules, the sum of which can be periodically published as a versioned Verite Rulebook.
This rulebook structures the relationships, expectations, and limits of all the actors in the system. Most crucially, however, it governs and binds Issuers and Verifiers, who must sign a contract to uphold it and stay within its limits to stay in the Trusted Identity Registry over time.
The Verite Rulebook will cover a number of different topics, including but not limited to: