I am very new to SSI and trying to explore various use cases using it.
So I came across the use case of tracking the ownership of IoT device using SSI.
In this use case, the manufacturer manufactures the IoT device and sells the device to Buyer1 and issues ownership credentials to the Buyer1 and Buyer1 stores the credentials in its wallet.
Now, Buyer1 decides to move on and sell the device to Buyer2. Hence it generates new ownership credentials and issues it to Buyer2. But before issuing new ownership credentials to Buyer2, the ownership credentials of Buyer1 has to be revoked( or “something” has to be done to make them invalid).
The problem I am facing here is that Buyer1 got the credentials from the manufacturer so only the manufacturer has the right to revoke it. But we cannot invite the manufacturer again to revoke the credentials as the manufacturer may have shut his business down or may not exist by the time Buyer1 decides to sell the device to Buyer2.
This leads to a roadblock in my approach. So any suggestions or solutions here is appreciated.
And more thing to note here is all the actors involved here are trust anchors that is because they have the responsibility to issue ownership credentials to the new owner every time there is a change of ownership.
Thanks in advance.