Some questions on XDI


#1

For the time being, there are three questions I can ask about XDI:

  1. Is there any ongoing (or already done) work on actually using XDI for real Sovrin-Agent functionality? Any library, or any piece of software actually interacting with the Sovrin ledger and/or other components?

  2. Given the flexibility and complexity that is likely to arise on XDI graph issuing and processing, would you say it might get to the point of behaving as a “smart contract” component for Sovrin?

  3. It seems XDI can be used for issuing and proving verifiable claims, but is there any way to utilize Sovrin to proof the validity of XDI graphs or more specifically to verify the validity of a previous XDI contract having been effectively processed? For example: let’s say I have an XDI contract that gives access to certain data if the requester is able to present certain claim/proof. Now, assuming there was a successful run/verification of this contract by some component (that would be an agent, I assume), how can it provide or store a proof of such claim having been effectively provided and thus the given contract terms were successfully met?

(Also, if XDI is effectively envisioned to take an active part on Sovrin, maybe we could create a sub-category for it on the forum? :slight_smile: )


#2

Hello Carlos, some thoughts on your questions:

  1. Yes this work is happening, but it is dependent on completing some other items first, most importantly the libsovrin library that allows us to set up wallets, connect to the ledger, register DIDs, etc. The last agent WG call had some really good information on libsovrin. I am working on a Java binding for this library, and I know @ewelton is planning to contribute to a JavaScript version. Once this library is available and the Sovrin Provisional Network becomes operational, we can “connect” the XDI components (in the form of the XDI2 open-source project) to the Sovrin infrastructure. Several projects are currently underway to then build on top of Sovrin and XDI, e.g. the CULedger initiative and some others.

  2. Even though this would certainly sound sexy, I think from a technical perspective putting it like this goes a bit too far. I think the term “smart contract” is usually understood as a piece of code that is executed by many nodes in a distributed environment and subject to a consensus mechanism, e.g. in Ethereum. XDI link contracts don’t really do that. They enforce permissions and control behavior in individual agents and clients, not for a network as a whole. (At least for now, who knows what we will do with XDI in the future).

  3. Yes this is absolutely part of what we are working on. When a link contract is established, a proof of this can be recorded on the ledger. Link contracts may contain policies that will only “work” if certain verifiable claims are provided. I tried to do some brainstorming on what this would look like in my recent topic paper for Rebooting Web-of-Trust in Paris. When a link contract’s policy is validated and execution of a certain operation is permitted, proof of this can also be recorded.

Finally, keep in mind that XDI is not an “integral” part of Sovrin. There will probably be XDI agents and other types of agents. @TelegramSam, @nage, and others are doing great work on developing an open and extensible architectural vision, and we will hopefully see many protocols running on top of Sovrin infrastructure in the future.


#3

Thanks, Markus, for your detailed answer as usual.

I’m really looking forward to see the the advances on XDI, as it really looks like a very powerful (if not fundamental) component for achieving really interesting things on Sovrin. Some significant work would need to be done, though, to provide the proper interfaces and tools to be able to leverage it effectively, as requiring any kind of user (even developers) to actually understand XDI language looks like a big hurdle, or at least it looks like it to me.


#4

Carlos, you quite right: XDI as a graph model and protocol for semantic data interchange is a great complement to Sovrin as a global public utility for self-sovereign identity, but both technologies exist independently, and both are maturing side by side.

You are also right that XDI is still hard for newcomers to grasp, and we don’t have the tooling and documentation that would make it accessible to a wide audience.

One step at a time…