I’m sorry, we’re perhaps not doing a great job explaining the terminology. There are many terms that people tend to use interchangeably for more or less the same thing. E.g. “agent”, “identity container”, “personal cloud”, “personal information management system”, “personal data store”, etc.
As has been discussed also on other threads in this forum, we don’t want to store personal data on the ledger (unless you want it to be completely public). Therefore you need a place where you can store it. A place that you own and control. This place can be described using terms such as the ones above (e.g. “a Sovrin agent that holds your identity container”). Perhaps you have suggestions for terminology to describe this concept?
We also have a Sovrin Glossary that explains the key terms we are using.
And you need a data format and technology that connects all the pieces, i.e. the ledger, the agents, client applications, services, etc. This is where we think XDI can fit in.
Now let me try to provide a few examples:
Decentralized address book: This could be a useful application that allows me and you to connect and then always stay up-to-date on our current contact information. If my phone number changes, you receive a notification on your app screen. In this example, our identifiers, cryptographic keys, and some other information are stored on the ledger. Our private data (address, phone number) is NOT stored on the ledger, they are stored in your “identity container”. Your “Sovrin agent” does the following: It enforces link contracts, i.e. it only allows access to my phone number and address to the people I want to share them with. And it sends out a notification to you when some of my data changes. The data is exchanged between my agent and your agent, it does not touch the ledger.
Sharing data with a business on the web: You interact with a website online, and the website asks you for some information (e.g. credit card, or a proof that you are over 21y). Using the same mechanisms as in example #1, you can share personal data with the website. Again, only your identifiers and cryptographic information are stored on the ledger, but the actual data connection and sharing is handled by your Sovrin agent and by the link contracts.
Receiving data: In several countries, there are movements to “give data back to the user”. E.g. a bank or government may hold certain records about you, and offers to return this data to you, so that it then truly belongs to you in a self-sovereign way. In this scenario, your Sovrin agent helps to set up a connection from the bank/government to your identity container, and a link contract allows them to send you data that belongs to you. Again, the Sovrin ledger doesn’t see any of this data, it only contains the identifiers and keys that make it possible for the Sovrin agent and client applications to set up link contracts and send/receive data.
Hope these examples help a bit. One of the strengths of Sovrin is that all of the above happens in a very privacy preserving way, using things such as pairwise identifiers, anonymous credentials, etc. This is all described in more detail in the Sovrin whitepapers.
Please keep questions/comments coming