Governance of Ledger-Anchored Decentralized Identifiers
This work addresses the underexplored problem of multi-entity governance in DIDs for identity management systems, but it is primarily a conceptual and prototype contribution without quantitative results.
The paper investigates governance models for Decentralized Identifiers (DIDs) anchored on distributed ledgers, focusing on how multiple deputies can manage and enforce authorizations over DID documents. It presents a prototype using smart contracts to implement governance policies, highlighting the importance of governance for trustworthy DID deployment.
A Decentralized Identifier (DID) empowers an entity to prove control over a unique and self-issued identifier without relying on any identity provider. The public key material for the proof is encoded into an associated DID document (DDO). This is preferable shared via a distributed ledger because it guarantees algorithmically that everyone has access to the latest state of any tamper-proof DDO but only the entities in control of a DID are able to update theirs. Yet, it is possible to grant deputies the authority to update the DDO on behalf of the DID owner. However, the DID specification leaves largely open on how authorizations over a DDO are managed and enforced among multiple deputies. This article investigates what it means to govern a DID and discusses various forms of how a DID can be controlled by potentially more than one entity. It also presents a prototype of a DID-conform identifier management system where a selected set of governance policies are deployed as Smart Contracts. The article highlights the critical role of governance for the trustworthy and flexible deployment of ledger-anchored DIDs across various domains.