The 8 Orthogonal Principles of Self-Sovereign Identity (2026)

Copyright © 2026 Michael Herman (Bindloss, Alberta, Canada) – Creative Commons Attribution-ShareAlike 4.0 International Public License
Web 7.0™, Web 7.0 DIDLibOS™, TDW AgenticOS™, TDW™, Trusted Digital Web™ and Hyperonomy™ are trademarks of the Web 7.0 Foundation. All Rights Reserved.

The presentation of the 8 Orthogonal Principles of Self-Sovereign Identity is organized as follows: an introduction, followed by conceptual descriptions of each principle, followed by a clean, testable scoring rubric as an appendices.

This work was inspired by Christopher Allen’s draft 16 Principles of SSI (2026): https://revisitingssi.com/library/ssi-principles-2026-redline/.

The 8 Orthogonal Principles are independent dimensions—each answers a different, irreducible question about identity systems. Together they form a coordinate system for evaluating SSI.

Orthogonality

Orthogonality (in this context) means that each principle captures a distinct dimension of the problem space that cannot be derived from, reduced to, or substituted by any combination of the others. Improving one dimension does not automatically improve another, and failure in one cannot be compensated for by strength in the rest.

In practice, this implies the set is non-redundant, supports clear trade-off analysis, and allows systems to be evaluated as coordinates in a multidimensional space rather than as a single blended score.

1) Existential Sovereignty

Does identity exist independently of systems?

Identity must originate with the subject, not be granted by a platform, issuer, or authority. A system can recognize or attest to identity, but must not be the source of its existence.

Without this, identity reduces to an account or permission.

2) Agency

Can the subject meaningfully choose?

The individual must be able to authorize, refuse, revoke, and delegate actions involving their identity. This includes protection against manipulation, coercion, or “forced consent” patterns.

Without agency, control is illusory—even if the system appears user-centric.

3) Data Boundary Control

What can others see—and what can they infer?

The subject must be able to constrain disclosure to the minimum necessary, ideally proving claims without exposing raw data. Observability (who accessed what) is part of this boundary.

Without this, identity becomes a surveillance surface.

4) System Independence

Where can identity function?

Identity must operate across systems without lock-in. No single vendor, platform, or protocol should be a required dependency for use.

Without independence, sovereignty collapses when you switch contexts.

5) Temporal Continuity

Does identity endure and evolve over time?

Identity must persist through change—devices, keys, credentials, and life events—while maintaining continuity and integrity. This includes recovery, rotation, and revocation.

Without continuity, identity fragments or becomes unusable.

6) Power Symmetry Constraints

Can power distort identity interactions?

Systems must actively resist coercion, exploitation, and structural inequities. This includes both technical safeguards and interaction design that prevents abuse.

Without this, all other properties can exist formally but fail in practice.

7) Epistemic Integrity

Can identity claims be trusted?

Claims about identity must be verifiable, traceable to their origin, and revocable when no longer valid. The system must handle conflicting claims and prevent large-scale fraud.

Without epistemic integrity, identity becomes meaningless—even if perfectly controlled.

8) Incentive Alignment

Do participants have reason to behave correctly?

The system must align incentives so that honest behavior is rewarded and abuse is costly. This includes economic, reputational, and governance mechanisms.

Without this, systems that look sound will degrade or be exploited over time.

Appendix A — Scoring Rubric (0–5 per dimension)

Each dimension is scored using observable evidence and adversarial tests, not claims.

1) Existential Sovereignty

0 – Platform-bound account only
1 – Exportable but not reusable
2 – External identifiers, system-bound
3 – Decentralized identifiers usable across systems
4 – Multiple independent identity roots
5 – Fully self-generated, issuer-independent identity

Tests

• Can identity be created without permission?
• Can it exist before any credential?
• Does it survive system shutdown?

2) Agency

0 – No meaningful user control
1 – Non-binding consent UI
2 – One-time consent only
3 – Consent + revocation
4 – Fine-grained, contextual permissions
5 – Delegation and policy-constrained agents

Tests

• Can users refuse without losing access?
• Can they revoke after sharing?
• Is consent granular?

3) Data Boundary Control

0 – Full disclosure required
1 – Basic field-level sharing
2 – Manual minimization
3 – Selective disclosure
4 – Zero-knowledge or equivalent proofs
5 – Minimal disclosure by default + full auditability

Tests

• Can claims be proven without revealing raw data?
• Is disclosure strictly minimized?
• Can users audit access?

4) System Independence

0 – Single-vendor system
1 – Lossy export/import
2 – Partial interoperability
3 – Standards-based interoperability
4 – Multi-vendor ecosystem functioning
5 – No single point of dependency

Tests

• Cross-vendor verification works?
• Wallet switching without loss?
• Standards truly interoperable?

5) Temporal Continuity

0 – Identity lost if device lost
1 – Centralized backup only
2 – Weak recovery
3 – Secure recovery + key rotation
4 – Continuity with revocation
5 – Full lifecycle (recovery, rotation, revocation, evolution)

Tests

• Device loss scenario?
• Safe key rotation?
• Clean revocation?

6) Power Symmetry Constraints

0 – Fully coercive system
1 – Weak protections
2 – Easily bypassed protections
3 – Explicit anti-coercion measures
4 – Active mitigation of asymmetry
5 – Robust under adversarial conditions

Tests

• Can verifiers over-demand data?
• Are alternatives available?
• Are vulnerable users protected?

7) Epistemic Integrity

0 – Unverifiable claims
1 – Central authority trust only
2 – Signed claims, weak provenance
3 – Verifiable credentials
4 – Strong proofs + revocation + provenance
5 – Multi-source validation + conflict resolution

Tests

• Cryptographic verification possible?
• Conflict detection/resolution?
• Reliable revocation?

8) Incentive Alignment

0 – Incentives reward abuse
1 – No clear incentives
2 – Weak (reputation only)
3 – Some costs for bad behavior
4 – Clear rewards and penalties
5 – Robust, capture-resistant mechanism design

Tests

• Can bad actors profit?
• Is over-collection penalized?
• Is honest behavior advantaged?

Appendix B — Aggregation

Vector format

[Ex, Ag, Data, Sys, Temp, Power, Epistemic, Incentive]

Weighted score (recommended)

Weights emphasize real-world failure risks:

• Existential: 1.0
• Agency: 1.5
• Data: 1.2
• System: 1.0
• Temporal: 1.0
• Power: 1.5
• Epistemic: 1.3
• Incentive: 1.5

Score = Σ(weight × score) / Σ(weights)

Final framing

• The principles define the space
• The rubric makes it measurable

Together, they turn SSI from a philosophy into something you can audit, compare, and stress-test.