Decentralization in Sovrin

The Sovrin Network

  • global — The Sovrin network and the verifiable credential exchange should be available worldwide, but that’s not enough. It should be usable for any and all credential use cases. In the same way that the Internet is a global messaging system, Sovrin aims to be a global system for digital identity.
  • open — The Sovrin network is based on the open-source Hyperledger Indy project. That is important, but it’s not sufficient. The governance of the Sovrin Network should also be open. This extends to decisions about the code, who runs it, and the features that it enables.
  • public — Anyone should be able to access and use Sovrin for any purpose that it supports. Public access is a foundational element for self-sovereignty because it avoids gatekeepers that might censor some transactions. This applies not only to reading information from the ledger, but also authoring ledger transactons.
  • decentralized — no single entity should represent a single point of failure. This doesn’t just apply to the availability of the network, but also the ability of people to use the network.

The Ledger Layer

The Agent Layer

The Credential Exchange Layer

  1. Credentials are decentralized and contextual. There is no central authority for all credentials. Every party can be an issuer, an owner, and a verifier. The system can be adapted to any country, any industry, any community, any set of credentials, or any set of trust relationships.
  2. Credential issuers decide on what data is contained in their credentials. Sovrin allows anyone to write credential schemas to the ledger. Anyone can create a credential definition based on any of these schemas.
  3. Verifiers make their own trust decisions about which credentials to accept — there’s no central authority who determines what credentials are important or which are used for what purpose.
  4. Verifiers do not need to contact issuers to perform verification — that’s what the ledger is for. Credential verifiers (the people or organizations relying on a credential) don’t need to have any technical, contractual, or commercial relationship with credential issuers (the people or organizations making the credential).
  5. Credential holders are free to choose which credentials to carry and what information to disclose. People and organizations are in control of the credentials they hold (just as they are with physical credentials) and determine what to share with whom.

Decentralized, Self-Sovereign Identity

  • No one owns it
  • Everyone can use it
  • Anyone can improve it


  1. When I say “relationship” that means that both sides have an agent and have exchanged DIDs to create a pairwise pseudonymous relationship.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Phil Windley

Phil Windley

I build things; I write code; I void warranties