When Explaining SSI, Start with the Wallet

Timothy Ruff
6 min readApr 21, 2020

After possibly thousands of conversations about SSI over the last five years, I’ve tried just about everything to help people quickly understand it. Early on it would take hours. Seriously. We just didn’t have the terminology or the useful analogies or frankly, the understanding, to be more concise. Then it was sixty minutes, then thirty, and now it’s plateaued at about five. Five minutes for someone to really grok SSI, which is about four minutes and fifty seconds longer than the ideal.

And I’ve tried — and my team at Evernym tried — many different approaches. Even with a bad approach we would eventually gain understanding, but it was messy and came with a significant cost: those who finally got that aha! moment struggled to convey the same understanding to anyone else.

To this day SSI struggles mightily with second-level messaging: when a received message can be accurately re-conveyed by the receiver. This is a primary reason why many still misunderstand SSI and why the simpler, incorrect interpretations of it readily translate from person to person, unfortunately.

So today, April 18, 2020, I had an important realization that can reduce the time to convey a correct understanding to less than thirty seconds, where it belongs. The key? Follow Drummond Reed’s example. Consistently.

For years I’ve watched Drummond pull out his wallet and explain how SSI works just like a physical wallet, and watched him use the same approach virtually with images of wallets in slide decks, to great effect. Today it hit me *why* the wallet analogy is effective, and the reasons, I think, are profound. I am concluding it is the best way for everyone to start an explanation or pitch that involves SSI use cases.

Before diving into those reasons here’s a simplified wallet-first pitch, so we’re all talking about the same thing:

SSI is like a physical wallet, but digital. It holds strong digital credentials given to you by orgs you deal with — digital versions of the same physical credentials you already have — that you can choose to share with others. Unlike an Apple or proprietary wallet, no one else can see it, change it, or take it away; the wallet and credentials inside are yours, and you can move them off your device or from device to device.

That’s it, that’s SSI in less than thirty seconds, shorter than your average elevator ride (remember those?). Add another 10–30 seconds of your favorite couple of use cases to answer the “what’s the so what?” question before it arises. Of course less than sixty total seconds isn’t sufficient to administer “the bite” — that aha! moment with SSI that’s like a vampire bite, after which the world never looks the same — but if you start wallet-first like Drummond, you’ve laid an important foundation that can avoid messy, confusing, unnecessarily long and often misguided conversations. Critically, your shorter, simpler narrative will give your listener a fighting chance to effectively convey SSI to the next person.

But why is this wallet-first more effective?

Because the common subconscious understanding of physical wallets aligns well with core principles of SSI, and gaining that understanding up-front prevents frustrating rabbit holes, like what you predictably get when you start instead with — God forbid — identity.

Identity means so many different things to different people in different contexts and in different cultures, it is a lousy foundation on which to build understanding for just about anything. Want to get a room full of identity experts to roll their eyes? Announce that you want to discuss the definition of ‘identity’; it can easily start an argument. They’re so jaded to the topic that most of the time they’ll just change the subject, and these are the experts in the field. With lay people it is worse, all over the map (literally).

Start your SSI explanation with identity at your peril.

By starting with a digital wallet— something traditional identity experts know little about, ironically — you get all of the following subconscious understandings of wallets for free:

  • It starts out empty
  • The wallet is mine and remains in my possession; no one can see it, change it or take it away without my consent
  • I can fill it with the things I choose
  • I can add different types of things: ID cards, payment cards, membership cards, loyalty cards, key cards, cash, receipts, photos, and more
  • Most things I put in my wallet are issued to me by third parties; they can revoke validity, but I retain control of the artifact
  • I choose what I share with whom, without sharing anything else
  • Wallet contents remain concealed until I choose to reveal something
  • If I lose an important credential, I must return to the issuer, prove my identity and ask them to re-issue to me
  • My wallet is portable with me everywhere I go
  • If I don’t like my wallet I can get a different one and transfer my contents; the contents are portable
  • I don’t usually make my own wallet, I obtain it from those who make wallets
  • Wallet makers cannot see, change, or take away my wallet contents without my consent
  • If my wallet is stolen, the thief can’t drain my entire net worth, there are limits to what thieves can get away with: there’s only so much cash, the cards have limits, they’ll soon be shut off, etc.
  • I shouldn’t carry around too many valuables at one time
  • I must be careful with my wallet, keep it secure

I’ve bolded four core principles: the three primitive functions of SSI (issue, hold, verify), plus the foundational premise of sovereignty over the container.

Before having my wallet-first-always aha! moment today— sorry Drummond, I’m a slow learner — I had concluded that the most important concept to convey to folks, especially smart techie types, was the issue-hold-verify model. People don’t realize that issue-hold-verify is how drivers licenses, passports, loyalty cards, merit badges, and every other credential works in meatspace. Teaching this simple-to-understand principle, and how it’s the same as every physical credential they’ve ever had, makes an easy transition to how the lack of cryptographic-strength issue-hold-verify workflows in cyberspace creates the big trust, privacy, and security problems we have today.

There are exceptions. Issue-hold-verify is how the Apple wallet works, too. But Apple is proprietary for Apple; you can’t take Apple wallet contents with you when you switch to Android. There’s no standards or interoperability between Apple’s and other wallets, each application has its own special trust domain where it works only with Apple devices. And of course Apple can see and track everything in your wallet, if and when they choose to. I believe it’s inevitable that, as SSI adoption accelerates, Apple will desire greater interoperability and adopt support for standardized Verifiable Credentials at some point and build it right into iOS, hopefully sooner rather than later.

By starting your SSI explanation wallet-first you get, for free, the critical understanding of issue-hold-verify on the part of your listener, without having to even speak the words issue-hold-verify. They’ll also understand why they need a digital container of their own to hold digital credentials, rather than complaining about downloading another ‘app’. And with a bit more mental exertion, they can come to see the ramifications of using wallets that are inextricably embedded into other apps, tying bits of their personal stuff to those organizations (which may be a necessary and useful place for SSI adoption to begin), versus having all their credentials and relationships in one place they control: their favorite general purpose digital wallet that can (eventually) work with every organization.

Other benefits of starting wallet-first:

  • Avoiding the confusion, controversy and related rabbit holes around the concept of identity
  • Avoiding the misconception that SSI means self-attested
  • Avoiding the misconception that SSI somehow challenges authority
  • It logically organizes the discussion of use cases — including identity, which becomes a preeminent use case — because use cases typically begin with a credential or credentials being received from an issuer.

Here’s an example wallet-first narrative in higher education:

Start with the digital wallet, then receive a digital student ID from the university, then a skill certification badge, then a digital key to the laboratory, then a digital ticket to the game, then a digital receipt for buying food, and so on. Anyone can understand that. Starting with the wallet is a much easier conversation than starting with the student ID or digital key use case, and then working backward.

Of course, a wallet is only a container and only a small (but critical) component of SSI: it has little to do with agents, relationships, communications, consent, digital signatures, issuing creds to others, verifying creds received from others, and more. But while the term ‘wallet’ falls woefully short of conveying a complete understanding of SSI, there are no words that I have found, at least in the English language, after five years and thousands of conversations of trying, that provide a better starting foundation.

And neither has Drummond.