Fees and onboarding of users for corporate customers

I am doing pre-research for decentralized identity managment for the company I am working for. I am testing few solutions on implementing SSI and one that solutions is Sovrin Network. I like the idea behind Sovrin implementation, the API seems well-thought, the examples work flawlessly, network has nice finalization time… but all of that falls apart as soon as I start to count the costs of onboarding the users.

I am not sure if I get the math behind the costs correctly so I wanted to confirm using following example. Lets assume I have an application which has database of users and certificates belonging to those users. There is 1 mln users and avg number of certifications per user is 3. I want to onboard all of that info by creating decentralized wallets for that users. That would mean I would require to create and write 4 mln DIDs (1 mln for each user and 3 mln for each certificate belonging to one user).

When I go to https://sovrin.org/issue-credentials/ it shows me cost of 10$ per DID write. Does it mean in my example that my hypothetical company would need to spend 40 mln $ jsut for onboarding their users? Or am I getting something wrong here?

I addressed this a bit in my response to your other question.

You don’t want user DIDs on the ledger. That is private personal data. Each user (credential holder) will generate a new pair-wise DIDs each time they create a new connection with an issuer or verifier.

You only have to write to the network to define a schema. That includes a Public DID (Indy calls it a Nym), a Schema Definition, and a Credentials Definition. You might also want a revocation registry. With that handful of writes, you can issue an unlimited number of credentials to an unlimited number of users.

In your example, you want 3 credentials per user. So you would write 7 times to the ledger (1 Public DID, 3 Schema Definitions, and 3 Credential Definitions). Then you would create 3 million pair-wise connections between you as an issuer and the users as credential holders. Finally, you would issue 9 million credentials.

The good news is that you are indeed getting something wrong there. :slight_smile:

The underlying technology used by Sovrin (Hyperledger Indy and Aries) use pairwise DIDs to establish connection between peers - secure communication paths. Pairwise DIDs are not put on the public ledger, but are just exchanged between the peers. Thus, for your 1 mln users, the company would create 1 mln pairwise DIDs ($0 to Sovrin) and would receive from the users 1 mln pairwise DIDs ($0 to Sovrin).

To issue 3 credential types, the company will need a public DID on Sovrin ($10), perhaps will have to write a schema and and will definitely have to write 3 credential definitions, one for each type of credential (I am assuming the 3 credentials per user are each of a different type). I don’t have the pricing handy, but I think that’s about $180?

You would then issue the 3mln credentials, which is all peer to peer ($0 to Sovrin). From time to time you will need to revoke credentials. Likely you will do that periodically - once a day, maybe, so that is another $0.10/day times 3 (each credential type) so that $109.50 to Sovrin per year. If you need to either do real time revocations, or more frequent periodic revocations, that would change accordingly. You can do the math on that.

So there you go - not as bad as you thought.

1 Like