What and Who Is In Your Wallet?
A submission to Rebooting the Web of Trust #7
Darrell O'Donnell, P.Eng.
Digital wallets currently have a pretty simple range of types:
- OS Wallets - Basic "info card" style wallets like Apple Wallet and Google Pay - they are focused on a few use cases - payment and presenting very basic "credentials" - a loaded term in the RWoT realm.
- Crypto Wallets - containing one or more cryptocurrencies/tokens/coins and allowing you to send/spend (or hodl) and receive them.
- Credential Wallets - there are few here but they are growing. Allowing you to compile a list of credentials.
Several of Canada's leaders in digital identity are working together to produce a guidance paper that discusses the role of a digital wallet for "regular people" - both today and as the digital wallet evolves into a major new capability that is broadly used. We are just getting started and want to bring the conversation into the RWoT world.
Outcome of Discussion
This paper and subsequent discussions are intended to accomplish the following:
- spark discussion on areas of importance to current and evolving digital wallets. We anticipate that many have been, but some may not have been, discussed;
- raise the priority on key areas that may be getting attention;
- gather information about where groups are headed either in the pure open (open source / open standards) or closed/proprietary (to the extent that can be discussed in an open forum) realms; and
- produce a list of active teams and standards efforts for the community to be aware of.
What Do You Want In Your Wallet
In the physical world we make decisions about what we put in our wallets. We don't generally put all of our savings, in cash, into our wallet. Nor do we carry around our home ownership - though we may carry our car ownership.
In the digital world we could carry everything with us - but the analog world's ideas of vaults, safe deposit boxes, and other secure storage have real value. Carrying everything is terrifying unless you can recover your wallet - while being certain that bad actors can't take over your digital wallet.
Who Else Has a Role in Your Wallet
In a decentralized world, at the extreme, we don't want anyone in our wallet - it is ours. But that view limits the value of holding your digital life in your wallet. When may you want a third-party - a person or an organization - to join you in your wallet?
Some cases are pretty clear it seems but it gets murky quickly:
Emergency Use - imagine someone is unconscious and they hold health information in their wallet - either directly or the key to unlock it. Can the first responder or good samaritan access it?
- How do we allow for this in the current world? In the world where a Verifiable Credential may be able to prove that there is a recognized First Responder AND they are on an active response (as opposed to snooping your phone that you left out).
- How does the WoT get established here? What happens when you're unconscious in a municipality that is way behind the times on tech and doesn't do digital?
Power of Attorney - let's look at an elderly person that has "gone digital but then needs to be taken under care of one of their children.
- Do they have a role? Can they stop their elderly mother from sending their life savings to "that nice man on the phone"?
- Does that elderly mother now need her son's active permission to buy a $10 magazine?
Digital Loss - this is the author's nightmare scenario. Drummond Reed asked "Will you remember where you put your 25-word mnemonic in 10 years?" 10 years? 10 weeks was enough to nearly throw out a QR code that provided recovery for an online crypto account.
- Can I bring my bank, assuming I trust them, into play as part of my recovery strategy?
- When the result of digital loss is catastrophic (e.g. permanent loss of digital assets) what recourse do we have? What could we do to prevent this?
As we look at various organizations and people in our lives what roles can they play.
Start open discussion about the state of digital wallets:
- here-and-now - Where are we currently? Who is doing what? What standards are in use, evolving, and needed?
- the-future - Where do digital wallets need to go? Are they really the "next web browser"? What is blocking us? What would this look like if it was easy (to steal a Tim Ferriss thinking questions)?
The author will have starting points that are loose enough to take in many directions.
Outputs will include summary of inputs on players in the space, standards (existing and needed), user experience, and many other artifacts for the community.