What is decentralized identity?
Decentralized identity (DID) refers to identity systems where individuals control their own identifiers and credentials without dependence on centralised authorities. The core standard, W3C DID v1.0 (recommendation 2022), defines a URI scheme (did:method:identifier) that lets users register self-sovereign identifiers on various registries — including blockchains, distributed ledgers, or even web domains.
DID architecture
Three components. (1) DIDs — globally unique identifiers like “did:ethr:0x…”. The “method” specifies the registry mechanism (did:ethr uses Ethereum; did:web uses DNS-based publication). (2) DID Documents — JSON-LD documents describing the DID’s public keys, services, and verification methods. (3) Verifiable Credentials (VCs) — cryptographically signed claims about the DID subject, often issued by trusted authorities.
DID methods
Multiple registry mechanisms exist. (1) did:ethr — Ethereum-based DIDs. (2) did:web — DIDs published on web domains, lightweight but requires DNS trust. (3) did:ion — Microsoft’s ION network built on Bitcoin. (4) did:key — purely cryptographic, no registry needed. (5) did:peer — direct peer-to-peer DIDs without public registry. Each method balances decentralisation, cost, and complexity differently.
Verifiable Credentials ecosystem
The VC ecosystem complements DIDs by enabling trustworthy claims. A university issues a VC stating “DID subject X holds Computer Science MSc, graduated 2024.” The credential is signed by the university’s DID and verifiable independently. The user holds the VC in a wallet and presents it (often via zero-knowledge proofs to reveal only required attributes) to verifiers.
Real-world adoption
DID adoption emerged from several initiatives. (1) EU Digital Identity Wallet — eIDAS 2.0 framework integrates DID-style verifiable credentials. (2) Microsoft Entra Verified ID — enterprise identity verification using DIDs. (3) Cheqd, Spruce, Dock — DID-as-a-service infrastructure providers. (4) Government adoption — Buenos Aires QuarkID, Bhutan citizen identity. Mainstream adoption progresses but remains in early-majority territory.
Regulatory considerations
DIDs interact with privacy and identity regulations. GDPR/KVKK rights to deletion challenge blockchain-anchored DIDs. eIDAS 2.0 explicitly accommodates VC presentation while maintaining data subject rights. Türkiye’s KVKK framework requires careful design of DID systems handling Türk citizen identity — particularly relating to verifiable credentials for KYC compliance.
Türkiye context
For Türk identity infrastructure, DIDs offer interesting potential applications: e-devlet integration via verifiable credentials, KVKK-compliant cross-border identity verification, and Türk citizen credential portability for diaspora. Türk financial institutions evaluating BDDK KYC requirements should monitor DID standards evolution for compliance-efficient verification frameworks.
Related: Soulbound Token, Account Abstraction, KYC.