Roles (main stakeholders)
The main stakeholders of the idOS ecosystem
Last updated
The main stakeholders of the idOS ecosystem
Last updated
Data owners (also simplified "Users") are the central stakeholder in the idOS. They can view their own data in the Data Dashboard. They can also add, share, review and revoke access to their data. Users encrypt their data with their own self-generated public/private keypair. Users can ask Data Issuers for Verifiable Credentials to be added to their idOS account (or add them on their own). Users can also chose to delete their data. Users can add one or multiple addresses to control their idOS account across multiple blockchain ecosystems.
Data Issuers are entities that cryptographically sign claims towards a User (in this context also known as Subject) in form of a Verifiable Credentials. Within the idOS context Data Issuers are often also Data Consumers, because they rely in the validity of the provided information and are able to reuse previously issued information if the User approaches their application with a different identifier (e.g. wallet). Data Issuers are vouching for the correctness of the provided information and have the ability to revoke previously issued Credentials in order to inform third parties that they are no longer able to vouch for the correctness of the Subjects data.
Data Consumers can request data access from users using the SDK by asking the user for a signature and querying an idOS node. This data can be sent to the applications backend, for example when it needs to be decrypted and/or privately stored. They can access data even if the user is offline with the precondition that the access grant is still active. Data Consumers can verify that data provided by the user has been issued by a trusted data provider. They can send users that are new to the idOS to a data provider onboarding journey. They may also leverage other tools built on and for the idOS, like the Data Dashboard to allow users to view their data.
Users can also be asked for data access grants. In this scenario, the dApp would ask the user for a transaction into the idOS whitelist contract. After this step, the dApp can use its backend to get idOS data directly.
Node providers host user data and execute the idOS dStorage Network of Nodes that governs access and administration rights. Node operators provide an endpoint that allows all stakeholders to communicate with the idOS. They enforce access rights and block unauthorized access. Node providers sync encrypted data among the dStorage Network of Nodes and enforce the state consensus. Node providers are the main role to become progressively decentralized.
In todays internet verification economy, there exist a lot of external services that facilitate the verification process of individuals (e.g. KYC providers). However, these services generally only operating in the legal context of "outsourcing" and do not vouch for the adherence to regulatory requirements themselves (Law Speak: They are NOT obliged entities). That's why Identity verification providers generally don't suit well as Data Issuers in the idOS directly, since the information has no regulatory value per se.
Providers usually support onboarding journeys that can be used by decentralized applications to onboard users to the idOS. They supply a variety of data points in regard that are interpreted by an obliged entity to make a regulatory access decision and issue a standardized W3C Verifiable Credential into the idOS . Identity verification providers are the trust layer that confirms claims that users are making about themselves.
