Monthly Archives: April 2021

The Verifiable Economy: Architecture Reference Model (VE-ARM) 0.2: Step-by-Step

Michael Herman
Hyperonomy Digital Identity Lab
Trusted Digital Web Project
Parallelspace Corporation

NOTE: This article supersedes an older version of this article:

1. Introduction

1.1 Goals

The goals of this article are three-fold:

  1. Introduce the concept of a Verifiable Capability Authorizations (VCA) and how they can be use to implement controls over which specific methods a particular party is allowed execute against a particular instance of a Fully Decentralized Object (FDO).
  2. Illustrate how #graphitization techniques can be used for visualizing:
    • Trusted Decentralized Identifiers (DIDs)
    • DID Documents
    • Trusted Digital Agents (and their Service Endpoints (SEPs))
    • Verifiable Credentials (VCs)
    • Verifiable Capability Authorizations (VCAs) and,
    • Most importantly, their myriad of interrelationships.
  3. Use the above 2 goals to further detail and describe how to use the VE-ARM model for implementing trusted, reliable, efficient, frictionless, standards-based, global-scale software systems based on Fully Decentralized Objects (FDOs).

1.2 Purpose

This article takes the following “All-in” graph view of The Verifiable Economy Architecture Reference Model (VE-ARM) and partitions it into a series of subgraphs that depict the key elements of the overall architecture reference model for FDOs. Each subgraph is documented with a narrative that is mapped to the numbered blue targets used to identify each element in each subgraph.

Figure 1. The Verifiable Economy Architecture Reference Model (VE-ARM)

The above visualization is the result of a several iterations validating The Verifiable Economy Architecture Reference Model (VE-ARM) against the following live scenario:

Erin acquiring a personal DID and DID Document to enable Erin to acquire a Province of Sovronia Driver’s License (SDL) (represented as an FDO) and hold the SDL in Erin’s digital wallet.

TDW Glossary: Self-Sovereign Identity (SSI) User Scenarios: Erin Buys a Car in Sovronia (3 User Scenarios)

An Fully Decentralized Object (FDO) is comprised of the following minimal elements:

  1. DID (and correspond DID Document)
  2. Master Verifiable Capability Authorization (MVCA) for the object’s DID and DID Document
  3. Zero or more Verifiable Capability Authorizations (VCAs) linked to the above MVCA for the object (recursively)
  4. A Property Set for the object
    • Property Set DID (and corresponding DID Document)
    • Property Set MVCA for the property set’s DID and DID Document
    • Property Set Verifiable Credential (VC) to hold the object’s properties and their values
    • Zero or more Verifiable Capability Authorizations (VCAs) linked to the above property set MVCA (recursively)
  5. A Trusted Digital Agent registered with a Service Endpoint (SEP) in the object’s DID Document that implements the VCA controlled methods for accessing and interacting with the object and/or it’s property set. Control over which methods are invokable by a party is controlled by the respective MVCAs and a Delegated Directed Graphs of VCAs (if there are any).

The goal and purpose of the VE-ARM is to describe a Fully-Decentralized Object (FDO) model that unites the following concepts into a single integrated, operational model:

  • Verifiable Identifiers, Decentralized Identifiers (DIDs), and DID Documents;
  • Verifiable Claims, Relationships, and Verifiable Credentials (VCs);
  • Verifiable Capability Proclamations, Verifiable Capability Invocations, and Verifiable Capability Authorizations (VCAs); and
  • Trusted Digital Agents (TDAs)

1.3 Background

The scenario used to model the VE-ARM is an example of a citizen (Erin) of a fictional Canadian province called Sovronia holding a valid physical Sovronia Driver’s License (Erin RW SDL) as well as a digital, verifiable Sovronia Driver’s License (Erin SDL).

Figure 2. Erin’s Real-World Sovronia Driver’s License (Erin RW SDL)

1.4 Creation of the Verifiable Economy Architecture Reference Model (VE-ARM)

The underlying model was built automatically using a series of Neo4j Cypher queries running against a collection of actual DID Document, Verifiable Credential, and Verifiable Capability Authorization JSON files. The visualization was laid out using the Neo4j Browser. The resulting layout was manually optimized to produce the final version of the visualization that appears below. The numbered targets were added using Microsoft PowerPoint.

2. Organization of this Article

Following a list of Key Definitions, the remainder of this article is organized as a series of increasingly more detailed explanations of the VE-ARM model.

Each subgraph is described by a narrative that explains the purpose of each element in the particular subgraph. Each narrative is organized as a list of numbered bullets that further describe to the corresponding numbered blue targets used to identify each element in each subgraph .

A narrative is a story. It recounts a series of events that have taken place. … These essays are telling a story in order to drive a point home. Narration, however, is the act of telling a story.

Examples of Narration: 3 Main Types in Literature

2.1 Table of Subgraphs

  • Subgraph F1 – Erin’s DID Document (DD) Neighborhood
  • Subgraph F2 – Erin’s DD Master Verifiable Capability Authorization (MVCA) Neighborhood
  • Subgraph F3 – Province of Sovronia DID Document (DD) Neighborhood
  • Subgraph F4 – Province of Sovronia DD Master Verifiable Capability Authorization (MVCA) Neighborhood
  • Subgraph F5 – DID Documents (DDs) and Master Verifiable Capability Authorizations (MVCAs) Neighborhood
  • Subgraph F6 – Erin’s Sovronia Drivers License Property Set Verifiable Credential (VC) Neighborhood
  • Subgraph F7 – Erin’s SDL Property Set Delegated Directed Graph of Verifiable Capability Authorizations Neighborhood
  • Subgraph F8 – Erin “Real-World” Neighborhood
  • Subgraph F9 – SOVRONA Trusted Decentralized Identity Provider (TDIDP) Neighborhood
  • Subgraph F10 – The Verifiable Economy “All-In” Graph View
Figure 4. Table of Subgraphs

3. Key Definitions

Several of the following definitions (those related to verifiable capability authorizations) are inspired by the following RWoT5 article:

Additional context can be found in Authorization Capabilities for Linked Data v0.3.

3.1 VE-ARM Verifiable Capability Authorization (VCA) Model

The VE-ARM Verifiable Capability Authorization (VCA) model used to grant the authority to specific parties to invoke specific methods against a instance of a Fully Decentralized Object (FDO). The VE-ARM VCA model is based, in part, on the Object-Capability Model. The VE-ARM VCA model supports Delegation and Attenuation.

3.2 Object Capability Model

The object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination:

An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages.
A message that specifies the operation to be performed.

Object-Capability Model (https://en.wikipedia.org/wiki/Object-capability_model)

3.3 VCA Model Principles Delegation and Attenuation

With delegation, a capability holder can transfer his capability to another entity, whereas with attenuation he can confine a capability before delegating it.

Capability-based access control for multi-tenant systems using OAuth 2.0 and Verifiable Credentials

3.4 Fully Decentralized Object (FDO)

In The Verifiable Economy, a Fully Decentralized Object (FDO) is comprised of the following minimal elements:

  1. DID (and correspond DID Document)
  2. Master Verifiable Capability Authorization (MVCA) for the object’s DID and DID Document
  3. Zero or more Verifiable Capability Authorizations (VCAs) linked to the above MVCA for the object (recursively)
  4. A Property Set
    • Property Set DID (and corresponding DID Document)
    • Property Set MVCA for the property set’s DID and DID Document
    • Property Set Verifiable Credential (VC) to hold the object’s properties and their values
    • Zero or more Verifiable Capability Authorizations (VCAs) linked to the above property set MVCA (recursively)
  5. An Trusted Digital Agent registered with a Service Endpoint (SEP) in the object’s DID Document that implements the VCA controlled methods for accessing and interacting with the object and/or it’s property set. Control over which methods are invokable by a party is controlled by the respective MVCAs and a Delegated Directed Graphs of VCAs (if there are any).

3.5 Fully Decentralized Object (FDO) Model

A complete decentralized object system based on the concept of FDOs.

3.6 Verifiable Capability Authorization (VCA)

A Verifiable Capability Authorization (VCA) is a JSON-LD structure that grants (or restricts) a specific parts (the controller of a key (grantedKey)) the ability to invoke specific methods against a specific instance of a Fully Decentralized Object (FDO). A VCA typically has a type of Proclamation (unless it is a Method Invocation VCA).

Each VCA has:

  • id – trusted, verifiable decentralized identifier for the VCA
  • type – “Proclamation”
  • parent – trusted, verifiable decentralized identifier for a parent VCA whose control supersedes this current VCA. The current VCA’s capabilities must be equal to or an attenuation of the parent VCA’s capabilities. The part of the VCA model is recursive.
  • subject – trusted, verifiable decentralized identifier of the specific instance of the FDO. An FDO can be an object or a service represented as an object.
  • grantedKey – trusted, verifiable key of the party to whom the specified capabilities are being granted specifically with respect to the specific instance of the FDO.
  • caveat – the collection of specific capabilities the party represented by grantedKey is granted (or restricted) from invoking against a specific instance of the FDO identified by the subject identifier.
  • signature – trusted, verifiable proof that this VCA is legitimate.

The following is an example of a VCA associated with Erin and Erin’s Sovronia Driver’s License Property Set.

Snippet 1. Verifiable Credential Authorization (VCA) Example

3.7 Master Verifiable Capability Authorization (MVCA)

A Master Verifiable Capability Authorization (MVCA) is a Proclamation-type VCA that is created for every FDO at the time that the DID and DID Document for the FDO is issued by a Trusted Decentralized Identity Provider (TDIDP) (e.g. SOVRONIA).

That is, a new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA typically grants authorization for any and all methods to the controller of the DID. (This is the essence of the definition of self-sovereign identity principle.)

Each MVCA has:

  • id – trusted, verifiable decentralized identifier for the VCA
  • type – “Proclamation” (or “Invocation”)
  • subject – trusted, verifiable decentralized identifier of the specific instance of the FDO. An FDO can be an object or a service represented as an object.
  • grantedKey – trusted, verifiable key of the party to whom the specified capabilities are being granted specifically with respect to the specific instance of the FDO.
  • caveat – the collection of specific capabilities the party represented by grantedKey is granted (or restricted) from invoking against a specific instance of the FDO identified by the subject identifier. Typically, this is set to RestrictToMethod( * ) granting the controller of the grantedKey to execute any and all methods against the subject. (This is where and how the essence of the definition of the self-sovereign identity principle is realized.)
  • signature – trusted, verifiable proof that this VCA is legitimate.

NOTE: A MVCA has no parent property because an MVCA always represents the top-level root VCA in a Delegated Directed Graphs of Verifiable Capability Authorizations (see below).

The following is an example of a MVCA for Erin’s Sovronia Drivers License Property Set. This MVCA is the parent of the above VCA.

Snippet 2. Master Verifiable Credential Authorization (MVCA) Example

3.8 VCA Method Invocation (MI)

A VCA Method Invocation (MI) is a JSON-LD structure that attempts to invoke a specific method against a specific instance of a Fully Decentralized Object (FDO) on behalf of a specific invoking party. An MI is of type Invocation (not Proclamation).

Each VCA has:

  • id – trusted, verifiable decentralized identifier for the MI
  • type – “Invocation”
  • proclamation – trusted, verifiable decentralized identifier for the VCA to be used for this MI against the specific instance of an FDO by a specific party.
  • method – specific name of the method to be invoked against the specific instance of an FDO by a specific party.
  • usingKey – trusted, verifiable key of the party to be used to attempt the invocation of the above method against a specific instance of the FDO.
  • signature – trusted, verifiable proof that this VCA is legitimate.

NOTE: An MI doesn’t have a subject property. The target object is specified by the subject property of the proclamation VCA.

The following is an example of a MI that attempts to invoke the Present method on behalf of Erin against Erin’s Sovronia Drivers License Property Set. The referenced VCA is the VCA example from above.

Snippet 3. Verifiable Credential Authorization Method Invocation (MI) Example

3.9 Delegated Directed Graph of Verifiable Capability Authorizations

A Delegated Directed Graph of Verifiable Capability Authorizations is a directed list of VCAs that starts with an MVCA as it’s top-level, root VCA. Each VCA in the graph points to the previous VCA in the graph via its parent property. An MI, in turn, refers to a single VCA in the graph via the MI’s proclamation property. The capabilities in effect are those that are specifically listed in the target VCA’s caveat property. While there is no inheritance of capabilities in this model, the capabilities specified by each VCA must be equal or less than (a subset of) the capabilities of the parent VCA (Principles of Delegation and Attenuation).

The above examples of a MVCA, VCA and MI, taken together, form an example of a Delegated Directed Graph of Verifiable Capability Authorizations.

Figure 3. Delegated Directed Graph of Verifiable Capability Authorizations Example

3.8.1 Narrative

17. Erin SDL Prop Set MVCA. Erin SDL Prop Set MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL Prop Set (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

18. Erin SDL VCA. Erin SDL VCA is the Verifiable Capability Authorization (VCA) created for Erin’s SDL Prop Set DD. The VCA was issued by the Province of Sovronia authorizing Erin to be able to present the properties (and their values) of Erin’s SDL to a third party using the Present method associated with Erin’s SDL Prop Set and supported (implemented) by Erin’s AGENT. The parent of Erin’s SDL VCA is the Erin SDL MVCA.

19. Erin SDL VCA MI. Erin SDL VCA MI is an example of a MVCA Method Invocation (VCA MI) that uses the Erin SCL VCA which authorizes the potential execution of the Present method by Erin against Erin’s SDL Prop Set.

3.10 Resource Servers and Authentication Servers

A resource server that hosts a protected resource owned by a resource owner, a client wishing to access that resource, and an authorization server responsible for generating access tokens. Access tokens are granted to clients authorized by the resource owner: client authorization is proven using an authorization grant. In our system we are using the ‘client credentials’ grant. As it can be seen from Fig. 1, when this type of grant is used, a resource owner configures the authentication server with the credentials of the authorized clients; a client authenticates to the authorization server and receives an access token, then it uses the access token to access the protected resource.

Capability-based access control for multi-tenant systems using OAuth 2.0 and Verifiable Credentials

Although these terms are not currently used in the VE-ARM, the resource server role is assigned to the FDO AGENT specified in the subject’s DID document. The authorization server role is assigned to the actor who is responsible for creating Verifiable Capability Authorizations (VCAs). In the current example, SOVORONIA hosts the authorization server on behalf of either the Province of Sovronia or Erin.

4. VE-ARM Principles

The following principles are used to guide The Verifiable Economy Architecture Reference Model (VE-ARM):

  1. DD MVCA Principle. Every DID (and DID Document) has a corresponding Master Verifiable Capability Authorization (MCVA). Whenever a DID and corresponding DID Document is issued, a corresponding Master Verifiable Capability Authorization (MCVA) is automatically created. See F2 in Figure 1. Snippet 4 is an example of a DID Document Master Verifiable Capability Authorization (DD MVCA).
  2. Property Set VC Principle. All of the properties (and their values), a Property Set, for a particular decentralized object are stored in a Verifiable Credential (VC) that has an id value that is equal to the DID id of the decentralized object. See F6 in Figure 6. Snippet 5 is a partial example of a Property Set Verifiable Credential (PS VC).
Snippet 4. DID Document Master Verifiable Capability Authorization (MVCA) Example
Snippet 5. Partial Property Set Verifiable Credential (VC) Example

5. Erin’s DID Document (DD) and DD Master Verifiable Capability Authorization (MVCA) Neighborhoods

Erin Amanda Lee Anderson is a Person, a Citizen of Sovronia, and a Sovronia Driver’s License Holder).

Figure 5. Subgraphs F1 and F2: Erin’s DID Document (DD) and DD Master Verifiable Capability Authorization (MVCA) Neighborhoods

5.1 Erin’s DID Document Narrative (F1)

1. Erin. Erin is a RW_PERSON (Real-World Person) and a citizen of the Province of Sovronia. Erin also holds a (valid) Sovronia Driver’s License (SDL) and controls a Real-World Wallet (RW_WALLET) as well as a Digital Wallet (PDR).

2. Erin D Wallet. Erin D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by Erin, a Person.

3. Erin DD. Erin DD is the primary DIDDOC (DID Document) for Erin, a Person. It is issued by SOVRONA who records it on the SOVRONA VDR and it is also held in the Erin DD Wallet.

4. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1 is the identifier for the primary AGENT for Erin, a Person.

5. http://services.sovronia.ca/agent. http://services.sovronia.ca/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by the Province of Sovronia, an Organization. This includes all of the DID(s) and DID Document(s) associated with Erin.

6. SOVRONA VDR. SOVRONA VDR is the primary VDR (Verifiable Data Registry) controlled by SOVRONA, an Organization. The SOVRONA VDR is used to host the SVRN DID Method.

5.2 Erin’s DD Master Capability Authorization Narrative (F2)

7. Erin DD MVCA. Erin DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s DID Document at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to Erin.)

6. Province of Sovronia DID Document (DD) and DD Master Verifiable Capability Authorization (MVCA) Neighborhood

Province of Sovronia is an Organization and a Real World Nation State (sovronia.ca).

Figure 6. Subgraphs F3 and F4: Province of Sovronia DID Document (DD) and Master Verifiable Capability Authorization (MVCA) Neighborhood

6.1 Province of Sovronia DID Document (DD) Narrative (F3)

6. SOVRONA VDR. SOVRONA VDR is the primary VDR (Verifiable Data Registry) controlled by SOVRONA, an Organization. The SOVRONA VDR is used to host the SVRN DID Method.

8. PoS RW Nation State. The Province of Sovronia is a (fictitious) Province (RW_NATIONSTATE (Real-World Nation State)) in Canada and the legal government jurisdiction for the citizens of the province. The Province of Sovronia is an Organization. The Province of Sovronia issues Real-World Sovronia Driver’s Licenses (SDLs) but relies on SOVRONA to issue digital, verifiable SDLs.

9. PoS D Wallet. PoS D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by the Province of Sovronia, an Organization.

10. PoS DD. PoS DD is the primary DIDDOC (DID Document) for the Province of Sovronia, an Organization. It is issued by SOVRONA who records it on the SOVRONA VDR and it is held in the PoS D Wallet.

11. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1 is the identifier for the primary AGENT for the Province of Sovronia, an Organization.

12. http://services.sovrona.com/agent. http://services.sovrona.com/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by SOVRONA, an Organization.

6.2 Province of Sovronia DD Master Capability Authorization Neighborhood (F4)

13. PoS DD MVCA. PoS DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for the Province of Sovronia’s DID Document (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of itself for the Province of Sovronia. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to the Province of Sovronia.)

7. DID Document (DD) and Master Verifiable Capability Authorization (MVCA) Neighborhoods

A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. This subgraph highlights that with every new DID and DID Document, a corresponding MVCA is issued at the same time.

Figure 7. DID Document (DD) and Master Verifiable Capability Authorization (MVCA) Neighborhoods

7.1 DID Documents (DDs) and Master Verifiable Capability Authorizations (MVCAs) Narratives (F5)

3. Erin DD. Erin DD is the primary DIDDOC (DID Document) for Erin, a Person. It is issued by SOVRONA who records it on the SOVRONA VDR and it is also held in the Erin DD Wallet.

7. Erin DD MVCA. Erin DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s DID Document at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to Erin.)

10. PoS DD. PoS DD is the primary DIDDOC (DID Document) for the Province of Sovronia, an Organization. It is issued by SOVRONA who records it on the SOVRONA VDR and it is held in the PoS D Wallet.

13. PoS DD MVCA. PoS DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for the Province of Sovronia’s DID Document (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of itself for the Province of Sovronia. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to the Province of Sovronia.)

14. Erin SDL DD. Erin SDL DD is the primary DIDDOC (DID Document) for Erin’s digital, verifiable SDL.

15. Erin SDL MVCA. Erin SDL MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

16. Erin SDL Prop Set DD. Erin SDL Prop Set DD is the primary DIDDOC (DID Document) for the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

17. Erin SDL Prop Set MVCA. Erin SDL Prop Set MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL Prop Set (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

8. Erin’s Sovronia Drivers License Property Set DID Document (DD) and Master Verifiable Capability Authorization (MVCA) Neighborhood

Subgraph F6 illustrates how a property set for an FDO is realized by a Verifiable Credential (VC).

Figure 8. Subgraphs F6. Erin’s Sovronia Drivers License Property Set DID Document (DD) and Master Verifiable Capability Authorization (MVCA) Neighborhood

8.1 Erin’s Sovronia Drivers License Property Set Verifiable Credential (VC) Narrative (F6)

16. Erin SDL Prop Set DD. Erin SDL Prop Set DD is the primary DIDDOC (DID Document) for the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

17. Erin SDL Prop Set MVCA. Erin SDL Prop Set MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL Prop Set (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

20. Erin SDL Prop Set VC. Erin SDL Prop Set VC is the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set VC, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

9. Erin’s Sovronia Drivers License Property Set Delegated Directed Graph of Verifiable Capability Authorizations Neighborhood

This subgraph illustrates what a Delegated Directed Graph of Verifiable Capability Authorizations looks like. In this example, it is the VCA Delegated Directed Graph for Erin’s Sovronia Drivers License Property Set.

Figure 9. Subgraphs F7. Erin’s Sovronia Drivers License Property Set Delegated Directed Graph of Verifiable Capability Authorizations Neighborhood

9.1 Erin’s SDL Property Set Delegated Directed Graph of Verifiable Capability Authorizations Narrative (F7)

16. Erin SDL Prop Set DD. Erin SDL Prop Set DD is the primary DIDDOC (DID Document) for the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

17. Erin SDL Prop Set MVCA. Erin SDL Prop Set MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL Prop Set (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

18. Erin SDL VCA. Erin SDL VCA is the Verifiable Capability Authorization (VCA) created for Erin’s SDL Prop Set DD. The VCA was issued by the Province of Sovronia authorizing Erin to be able to present the properties (and their values) of Erin’s SDL to a third party using the Present method associated with Erin’s SDL Prop Set and supported (implemented) by Erin’s AGENT. The parent of Erin’s SDL VCA is the Erin SDL MVCA.

19. Erin SDL VCA MI. Erin SDL VCA MI is an example of a MVCA Method Invocation (VCA MI) that uses the Erin SCL VCA which authorizes the potential execution of the Present method by Erin against Erin’s SDL Prop Set.

10. SOVRONA Trusted Decentralized Identity Provider (TDIDP) DID Document (DD), DD Master Verifiable Capability Authorization (MVCA) and Erin “Real-World” Neighborhoods

Figure 10. SOVRONA TDIDP DID Document (DD), DD Master Verifiable Capability Authorization (MVCA) and Erin “Real-World” Neighborhoods

10.1 Erin’s “Real-World” Narrative (F9)

1. Erin. Erin is a RW_PERSON (Real-World Person) and a citizen of the Province of Sovronia. Erin also holds a (valid) Sovronia Driver’s License (SDL) and controls a Real-World Wallet (RW_WALLET) as well as a Digital Wallet (PDR).

8. PoS RW Nation State. The Province of Sovronia is a (fictitious) Province (RW_NATIONSTATE (Real-World Nation State)) in Canada and the legal government jurisdiction for the citizens of the province. The Province of Sovronia is an Organization. The Province of Sovronia issues Real-World Sovronia Driver’s Licenses (SDLs) but relies on SOVRONA to issue digital, verifiable SDLs.

22. Erin RW Wallet. Erin RW Wallet is a RW_WALLET (Real-World (Leather) Wallet) and it is used to hold Erin’s Real-World Sovronia Driver’s License (Erin RW SDL). Erin RW Wallet is owned and controlled by Erin.

23. Erin RW SDL. Erin RW SDL is Erin’s RW_SDL (Real-World Sovronia Driver’s License) and it is held by Erin in Erin’s RW Wallet.

10.2 SOVRONA TDIDP Narrative (F10)

12. http://services.sovrona.com/agent. http://services.sovrona.com/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by SOVRONA, an Organization.

24. SOVRONA Organization. SOVRONA is an Organization and the primary Real-World TDIDP (RW_DIDPROVIDER) for the citizens and government of Sovronia, a fictitious province in Canada. SOVRONA controls a Digital Wallet (PDR (Personal Data Registry)), SOVRONA D Wallet, as well as the SOVRONA Verifiable Data Registry (VDR).

25. SOVRONA D Wallet. SOVRONA D Wallet is a Digital Wallet (PDR (Private Data Registry)) that is controlled by SOVRONA, an Organization.

26. SOVRONA DD. SOVRONA DD is the primary DIDDOC (DID Document) for SOVRONA, an Organization.

27. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1 is the identifier for the primary AGENT for SOVRONA, an Organization.

28. SOVRONA DD MVCA. SOVRONA DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for SOVRONA’s DID Document (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of itself for SOVRONA’s DD. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is SOVRONA, the Organization.)

11. VE-ARM “All-In” Graph View

The following is a depiction of the “All-In” view of the The Verifiable Economy Architecture Reference Model (VE-ARM) graph. This graph view represents the union of all of the previous subgraphs.

Figure 11. Subgraph F10. The Verifiable Economy “All-In” Graph View

11.1 Narrative

1. Erin. Erin is a RW_PERSON (Real-World Person) and a citizen of the Province of Sovronia. Erin also holds a (valid) Sovronia Driver’s License (SDL) and controls a Real-World Wallet (RW_WALLET) as well as a Digital Wallet (PDR).

2. Erin D Wallet. Erin D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by Erin, a Person.

3. Erin DD. Erin DD is the primary DIDDOC (DID Document) for Erin, a Person. It is issued by SOVRONA who records it on the SOVRONA VDR and it is also held in the Erin DD Wallet.

4. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1 is the identifier for the primary AGENT for Erin, a Person.

5. http://services.sovronia.ca/agent. http://services.sovronia.ca/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by the Province of Sovronia, an Organization. This includes all of the DID(s) and DID Document(s) associated with Erin.

6. SOVRONA VDR. SOVRONA VDR is the primary VDR (Verifiable Data Registry) controlled by SOVRONA, an Organization. The SOVRONA VDR is used to host the SVRN DID Method.

7. Erin DD MVCA. Erin DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s DID Document at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to Erin.)

8. PoS RW Nation State. The Province of Sovronia is a (fictitious) Province (RW_NATIONSTATE (Real-World Nation State)) in Canada and the legal government jurisdiction for the citizens of the province. The Province of Sovronia is an Organization. The Province of Sovronia issues Real-World Sovronia Driver’s Licenses (SDLs) but relies on SOVRONA to issue digital, verifiable SDLs.

9. PoS D Wallet. PoS D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by the Province of Sovronia, an Organization.

10. PoS DD. PoS DD is the primary DIDDOC (DID Document) for the Province of Sovronia, an Organization. It is issued by SOVRONA who records it on the SOVRONA VDR and it is held in the PoS D Wallet.

11. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1 is the identifier for the primary AGENT for the Province of Sovronia, an Organization.

12. http://services.sovrona.com/agent. http://services.sovrona.com/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by SOVRONA, an Organization.

13. PoS DD MVCA. PoS DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for the Province of Sovronia’s DID Document (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of itself for the Province of Sovronia. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods to the Province of Sovronia.)

14. Erin SDL DD. Erin SDL DD is the primary DIDDOC (DID Document) for Erin’s digital, verifiable SDL.

15. Erin SDL MVCA. Erin SDL MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

16. Erin SDL Prop Set DD. Erin SDL Prop Set DD is the primary DIDDOC (DID Document) for the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

17. Erin SDL Prop Set MVCA. Erin SDL Prop Set MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL Prop Set (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

18. Erin SDL VCA. Erin SDL VCA is the Verifiable Capability Authorization (VCA) created for Erin’s SDL Prop Set DD. The VCA was issued by the Province of Sovronia authorizing Erin to be able to present the properties (and their values) of Erin’s SDL to a third party using the Present method associated with Erin’s SDL Prop Set and supported (implemented) by Erin’s AGENT. The parent of Erin’s SDL VCA is the Erin SDL MVCA.

19. Erin SDL VCA MI. Erin SDL VCA MI is an example of a MVCA Method Invocation (VCA MI) that uses the Erin SCL VCA which authorizes the potential execution of the Present method by Erin against Erin’s SDL Prop Set.

20. Erin SDL Prop Set VC. Erin SDL Prop Set VC is the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop Set VC, a Verifiable Credential associated with the DID in Erin SDL Prop Set DD.

21. DID:SVRN:VC:0B114A04-2559-4C68-AE43-B7004646BD76#fdom1. DID:SVRN:VC:0B114A04-2559-4C68-AE43-B7004646BD76#fdom1 is the identifier for the primary AGENT for Erin SDL Property Set DD.

22. Erin RW Wallet. Erin RW Wallet is a RW_WALLET (Real-World (Leather) Wallet) and it is used to hold Erin’s Real-World Sovronia Driver’s License (Erin RW SDL). Erin RW Wallet is owned and controlled by Erin.

23. Erin RW SDL. Erin RW SDL is Erin’s RW_SDL (Real-World Sovronia Driver’s License) and it is held by Erin in Erin’s RW Wallet.

24. SOVRONA Organization. SOVRONA is an Organization and the primary Real-World TDIDP (RW_DIDPROVIDER) for the citizens and government of Sovronia, a fictitious province in Canada. SOVRONA controls a Digital Wallet (PDR (Personal Data Registry)), SOVRONA D Wallet, as well as the SOVRONA Verifiable Data Registry (VDR).

25. SOVRONA D Wallet. SOVRONA D Wallet is a Digital Wallet (PDR (Private Data Registry)) that is controlled by SOVRONA, an Organization.

26. SOVRONA DD. SOVRONA DD is the primary DIDDOC (DID Document) for SOVRONA, an Organization.

27. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1 is the identifier for the primary AGENT for SOVRONA, an Organization.

28. SOVRONA DD MVCA. SOVRONA DD MVCA is the Master Verifiable Capability Authorization (MVCA) created for SOVRONA’s DID Document (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of itself for SOVRONA’s DD. (A new MVCA is created whenever a new DID and DID Document are issued by a TDIDP. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is SOVRONA, the Organization.)

29. DID:SVRN:LICENSE:999902-638#fdom1. DID:SVRN:LICENSE:999902-638#fdom1 is the identifier for the primary AGENT for Erin SDL DD.

12. Conclusions

The goals of this article are three-fold:

  1. Introduce the concept of a Verifiable Capability Authorizations (VCA) and how they can be use to implement controls over which specific methods a particular party is allowed execute against a particular instance of a Fully Decentralized Object (FDO).
  2. Illustrate how #graphitization techniques can be used for visualizing:
    • Trusted Decentralized Identifiers (DIDs)
    • DID Documents
    • Trusted Digital Agents (and their Service Endpoints (SEPs))
    • Verifiable Credentials (VCs)
    • Verifiable Capability Authorizations (VCAs) and,
    • Most importantly, their myriad of interrelationships.
  3. Use the above 2 goals to further detail and describe how to use the VE-ARM model for implementing trusted, reliable, efficient, frictionless, standards-based, global-scale software systems based on Fully Decentralized Objects (FDOs).

This article described The Verifiable Economy Architecture Reference Model (VE-ARM) using a #graphiziation approach for visualization. The resulting overall graph was partitioned into a series of subgraphs that depict the key elements of the architecture reference model. Each subgraph was documented with a narrative that is mapped to the numbered blue targets used to identify each element in each subgraph .

1 Comment

Filed under Uncategorized

The Verifiable Economy: Architecture Reference Model (VE-ARM) 0.1: Original Concepts [OLD]

Michael Herman
Hyperonomy Digital Identity Lab
Trusted Digital Web Project
Parallelspace Corporation

NOTE: This article has been superseded by a newer article:

Introduction

This visualization represents the first complete iteration of The Verifiable Economy Architecture Reference Model (VE-ARM). It is the first complete example of a Fully-Decentralized Object Model (FDOM) that unites the following into a single integrated model:

  • Verifiable Identifiers, Decentralized Identifiers (DIDs), and DID Documents;
  • Verifiable Claims, Relationships, and Verifiable Credentials (VCs); and
  • Verifiable Capability Proclamations, Verifiable Capability Invocations, and Verifiable Capability Authorizations (VCAs).

Background

The scenario used to model the VE-ARM is an example of a citizen (Erin) of a fictional Canadian province called Sovronia holding a valid physical Sovronia Driver’s License (Erin RW SDL) as well as a digital, verifiable Sovronia Driver’s License (Erin SDL).

Figure 1. Erin’s Real-World Sovronia Driver’s License (Erin RW SDL)

Creation of the Verifiable Economy Architecture Reference Model (VE-ARM)

The underlying model was built automatically using a series of Neo4j Cypher queries running against a collection of actual DID Document, Verifiable Credential, and Verifiable Capability Authorization JSON files. The visualization was laid out using the Neo4j Browser. The resulting layout was manually optimized to produce the final version of the visualization that appears below. The numbered markers were added using Microsoft PowerPoint.

The Legends and Narration sections that follow further describe the VE-ARM in more detail. A whitepaper will be available shortly. The whitepaper will contain copies of the underlying DID Document, Verifiable Credential, and Verifiable Capability Authorization JSON files.

Click the image to enlarge it.

Figure 2. The Verifiable Economy Architecture Reference Model (VE-ARM)

Legend

Figure 3. Legend

Narrative

The numbered bullets in the following narrative refer to the corresponding numbered markers in Figure 2.

SOVRONA, a DID Provider (sovrona.com)

1. SOVRONA Organization. SOVRONA is an Organization and the primary Real-World DID Provider (RW_DIDPROVIDER) for the citizens and government of Sovronia, a fictitious province in Canada. SOVRONA controls a Digital Wallet (PDR (Personal Data Registry)), SOVRONA D Wallet, as well as the SOVRONA Verifiable Data Registry (VDR).

2. SOVRONA D Wallet. SOVRONA D Wallet is a Digital Wallet (PDR (Private Data Registry)) that is controlled by SOVRONA, an Organization.

3. SOVRONA DD. SOVRONA DD is the primary DIDDOC (DID Document) for SOVRONA, an Organization.

4. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1. DID:SVRN:ORG:01E9CFEA-E36D-4111-AB68-D99AE9D86D51#fdom1 is the identifier for the primary AGENT for SOVRONA, an Organization.

5. http://services.sovrona.com/agent. http://services.sovrona.com/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by SOVRONA, an Organization.

6. SOVRONA VDR. SOVRONA VDR is the primary VDR (Verifiable Data Registry) controlled by SOVRONA, an Organization. The SOVRONA VDR is used to host the SVRN DID Method.

Province of Sovronia, an Organization and Nation State (sovronia.ca)

7. PoS Nation State. The Province of Sovronia is a (fictitious) Province (RW_NATIONSTATE (Real-World Nation State)) in Canada and the legal government jurisdiction for the citizens of the province. The Province of Sovronia is an Organization. The Province of Sovronia issues Real-World Sovronia Driver’s Licenses (SDLs) but relies on SOVRONA to issue digital, verifiable SDLs.

8. PoS D Wallet. PoS D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by the Province of Sovronia, an Organization.

9. PoS DD. PoS DD is the primary DIDDOC (DID Document) for the Province of Sovronia, an Organization.

10. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1. DID:SVRN:ORG:0E51593F-99F7-4722-9139-3E564B7B8D2B#fdom1 is the identifier for the primary AGENT for the Province of Sovronia, an Organization.

Erin Amanda Lee Anderson, a Person and Citizen of Sovronia (and Sovronia Driver’s License Holder)

11. Erin. Erin is a RW_PERSON (Real-World Person) and a citizen of the Province of Sovronia. Erin also holds a (valid) Sovronia Driver’s License (SDL) and controls a Real-World Wallet (RW_WALLET) as well as a Digital Wallet (PDR).

12. Erin D Wallet. Erin D Wallet is a Digital Wallet (PDR (Private Data Registry)) controlled by Erin, a Person.

13. Erin DD. Erin DD is the primary DIDDOC (DID Document) for Erin, a Person.

14. Erin RW Wallet. Erin RW Wallet is a RW_WALLET (Real-World (Leather) Wallet) and it is used to hold Erin’s Real-World Sovronia Driver’s License (Erin RW SDL). Erin RW Wallet is owned and controlled by Erin.

20. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1. DID:SVRN:PERSON:04900EEF-38E7-487E-8D6F-09D6C95D9D3E#fdom1 is the identifier for the primary AGENT for Erin, a Person.

Erin’s Sovronia Driver’s License

  • Verifiable Identifiers, Decentralized Identifiers (DIDs), and DID Documents;
  • Verifiable Claims, Relationships, and Verifiable Credentials (VCs); and
  • Verifiable Capability Proclamations, Verifiable Capability Invocations, and Verifiable Capability Authorizations (VCAs).

15. Erin RW SDL. Erin RW SDL is Erin’s RW_SDL (Real-World Sovronia Driver’s License) and it is held by Erin in Erin’s RW Wallet.

16. Erin SDL DD. Erin SDL DD is the primary DIDDOC (DID Document) for Erin’s digital, verifiable SDL.

17. Erin SDL Prop VC DD. Erin SDL Prop VC DD is the primary DIDDOC (DID Document) for the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop VC, a Verifiable Credential associated with the DID in Erin SDL Prop VC DD.

18. Erin SDL Prop VC. Erin SDL Prop VC is the Verified Credential (VC) that is used to represent the properties of Erin’s digital, verifiable SDL (and their values). The properties (and their values) are represented in Erin SDL Prop VC, a Verifiable Credential associated with the DID in Erin SDL Prop VC DD.

19. LicenseBackgroundImage. LicenseBackgroundImage is an IPFSIMAGE (IPFS Image Resource) used to store the Background License Image to be used in Erin’s digital and verifiable SDL. The URL of this resources is one of the property values represented in the Erin SDL Prop VC.

19. PhotoImage. PhotoImage is an IPFSIMAGE (IPFS Image Resource) used to store the Erin’s official photo. The URL of this resources is one of the property values represented in the Erin SDL Prop VC.

19. ProvinceStateLogoImage. ProvinceStateLogoImage is an IPFSIMAGE (IPFS Image Resource) used to store the office Provincial (or State) Logo Image to be used in Erin’s digital and verifiable SDL. The URL of this resources is one of the property values represented in the Erin SDL Prop VC.

19. SignatureImage. SignatureImage is an IPFSIMAGE (IPFS Image Resource) used to store the image of Erin’s official signature. The URL of this resources is one of the property values represented in the Erin SDL Prop VC.

21. DID:SVRN:LICENSE:999902-638#fdom1. DID:SVRN:LICENSE:999902-638#fdom1 is the identifier for the primary AGENT for Erin SDL DD, the DID Document for the “root” of Erin’s digital, verifiable Sovronia Driver’s License.

22. DID:SVRN:VC:0B114A04-2559-4C68-AE43-B7004646BD76#fdom1. DID:SVRN:VC:0B114A04-2559-4C68-AE43-B7004646BD76#fdom1 is the identifier for the primary AGENT for Erin SDL Prop VC DD, the DID Document for the Verified Credential used to represent the properties (and values) of Erin’s digital, verifiable Sovronia Driver’s License.

23. http://services.sovronia.ca/agent. http://services.sovronia.ca/agent is the primary SEP (Service Endpoint) for accessing the AGENT(s) associated with the DID(s) and DID Document(s) issued by the Province of Sovronia, an Organization. This includes all of the DID(s) and DID Document(s) associated with Erin and Erin’s SDL.

Erin’s Sovronia Driver’s License Verifiable Capability Authorizations (VCAs)

26. Erin SDL MVCA. Erin SDL MVCA is the Master Verifiable Capability Authorization (MVCA) created for Erin’s SDL (DD) at the time that the DID and DID Document were first issued by SOVRONA on behalf of the Province of Sovronia for Erin’s SDL. (A new MVCA is created whenever a new DID and DID Document are issued by a DID Provider. The MVCA grants authorization for any and all methods defined for the subject to the effective issuer. In this case, the effective issuer is the Province of Sovronia.)

25. Erin SDL VCA. Erin SDL VCA is the Verifiable Capability Authorization (VCA) created for Erin’s SDL Prop VC DD. The VCA was issued by the Province of Sovronia authorizing Erin to be able to present the properties (and their values) of Erin’s SDL to a third party using the Present method associated with Erin’s SDL Prop VC and supported (implemented) by Erin’s AGENT. The parent of Erin’s SDL VCA is the Erin SDL MVCA. (This is not illustrated correctly in the current version of Figure 2.)

24. Erin SDL VCA MI. Erin SDL VCA MI is an example of a MVCA Method Invocation (VCA MI) that uses the Erin SCL VCA which authorizes the potential execution of the Present method by Erin against Erin’s SDL Prop VC. (This is not illustrated correctly in the current version of Figure 2.)

NOTE: The domains sovrona.com and sovronia.ca are owned by the author.

1 Comment

Filed under Uncategorized

Trusted Digital Web Glossary (TDW Glossary): All-In View (latest version)

Click to enlarge.

TDW Glossary: All-In View (latest version)

Leave a comment

Filed under Uncategorized