Technology for Human Autonomy
Rebooting the Web of Trust aims toward autonomy for individuals. In his seminal 2017 paper, The Path to Self-Sovereign Identity, https://github.com/ChristopherA/self-sovereign-identity/blob/master/ThePathToSelf-SovereignIdentity.md , Christopher Allen lists ten principles of self-sovereign identity. But to achieve autonomy, the individual must have agency and agency requires an ability to act beyond identity.
A self-sovereign agent, able to act autonomously to the extent it’s human owner allows, will have many of the same ten principles of self-sovereign identity. Characteristics such as Free software, standards for interoperability, portability, and censorship-resistance are a must for a self-sovereign agent. These same characteristics, however, limit the ability to finance work on a self-sovereign agent in established ways. Bitcoin, ethereum, and other public blockchains are an example of self-sovereign technology. Finance of public blockchain projects is based on issuance of the equivalent of founders’ stock to the developers and the hope that many of them will maintain the technology in order to preserve and grow the value of their stake. Could such a finance mechanism be applied to develop self-sovereign agent technology?
This is, to a large extent, the structure behind Ethereum dapps and ConsenSys. As long as Ethereum’s early adopters could reach critical mass and governance stability, their finance of ConsenSys and similar support organizations could, in theory, be used to construct an autonomous agent for an individual. In practice, however an agent requires secrecy to keep an individual’s policies away from public disclosure in a manner reminiscent of zero-knowledge proofs. Along with scalability and the need to sometimes operate without a connection to the network, Ethereum is not an ideal substrate for a self-sovereign agent and the public blockchain finance strategy is difficult to apply.
A Standards-Based Self-Sovereign Technology Stack
Starting with the second Rebooting Web of Trust, the HIE of One project has been designed and managed as a reference implementation of a self-sovereign technology stack. The agency concept is instantiated as an authorization server based on the User Managed Access (UMA) standard running as Free software on non-proprietary hardware owned by the individual. Client access to the authorization server is based on self-sovereign identity and related credentials of requesting parties. Autonomy is preserved because the authorization server hides their owner’s policies just as a wallet hides the owner’s private keys. An open source reference implementation of standards is nothing more than an open source project and not financeable in the normal sense of the term. How are we to create a supported, sustainable product for anyone to use?
HIE of One, PBC was incorporated in 2014 as a Public Benefits Corporation to act as the governance and finance entity. The corporation registered Trustee as trademark for their version of the software and services. There is also a Trustee hardware option. We then set about to apply for grants, seek strategic and financial investors, and considered a token sale linked to the “fat protocol” that is the combination of UMA, OAuth, Decentralized IDentifier, and Verifiable Credentials standards combined into the self-sovereign technology stack branded Trustee.
A technology, be it self-sovereign identity or self-sovereign agency, is not sufficient to get customers and have a business. Trustee must actually compete to provide a service that people want to buy and use in the real world. HIE of One chose health records for seriously ill people as the service. HIE stands for Health Information Exchange. Seriously ill or elderly patients interact with many different institutional systems and need to monitor and connect their interfaces in a practical way. The healthcare industry is in the process of adopting a standard for application programming interfaces (API) called FHIR. FHIR is a RESTful API protected by OAuth and therefore easily adapted to delegation of control to an UMA authorization server such as Trustee. The growing availability of health records via a standard API underlies the value proposition for Trustee as a commercial product.
Financing Autonomy
Aside from the blockchain pioneers, there’s little experience with financing self-sovereign technology in any market segment and it’s not even clear that the path they took in the first decade can be sustained or replicated. It’s a bit like Zooko’s Triangle: You can have two of: Software Freedom, Substitutability, or Decentralization as long as you finance on the basis of control in one of the three areas. But granting control to others compromises autonomy.
Over about five years, as we continue to develop Trustee using the open source, non-commercial collaboration model, HIE of One has tried various approaches to financing the transition to commercial product. We tried:
-
Government grants (both on our own and as subcontractors)
-
Citizen coops (we help establish and participate in the Digital Life Collective)
-
Physician coops (via established medical societies and start-up physician initiative)
-
Global Healthcare NGOs (in US and UK, but Trustee is not “research”)
-
Blockchain Tokens (so many issues)
-
Blockchain investors (healthcare is sooo complicated)
No luck so far.
Bootstrapping Self-Sovereign Technology
HIE of One is now trying something completely different. To the extent a Free software product can be developed by volunteers and brought to market without up-front tooling, the customers might finance the scale-up and commercialization themselves. This is similar to some public blockchains but the compensation of the developers and early adopters is not directly linked to the protocol itself. Users subscribe to the service with some degree of pre-payment and a promise of future discounts as the network grows.
Can bootstrap financing support self-sovereign autonomy? The software is licensed under the Affero GPL. The service is substitutable to the extent the DID, VC, and UMA standards are adopted. The service and support are mostly decentralized with only governance of the Trustee brand and contracts related to it under the control of HIE of One.
Business models for self-sovereign identity and self-sovereign technology are experimental. The standards are just starting to gel. The interest in systems that promote freedom of speech and assembly is growing. Business structures for sustainable decentralized and potentially autonomous systems are still to be invented.