AI-generated content. This page was produced with the help of an AI assistant. Dates, attributions, and technical details may contain errors — verify against primary sources before relying on any specific claim.

SSI forked timeline

Six ideological streams in self-sovereign identity, 2005–2026. Click any event for context.
Roots & concepts Hyperledger / Sovrin W3C / DIF / OIDF Ethereum-native EU-regulated Peer attestation / ZK

Reading the forks

Roots & concepts — Shared substrate (PGP's Web of Trust, Kim Cameron's Laws of Identity, Bitcoin, Ethereum, Christopher Allen's Path to SSI). Not a fork; the ground everyone builds on.

Hyperledger / Sovrin — Classical SSI. Ideology: SSI needs its own neutral, permissioned ledger and purpose-built protocols (AnonCreds, DIDComm).

W3C / DIF / OIDF — Format-neutral standards. Ideology: SSI should be ledger-agnostic and interoperate across rails.

Ethereum-native — Identity as a smart-contract primitive. Ideology: the chain is the trust root.

EU-regulated — State-anchored identity with legal recognition. Ideology: legitimacy derives from the state.

Peer attestation / ZK — Composability-first. Ideology: sovereignty comes from no privileged issuer, not from well-structured credentials.

Three convergence moments: 2017 (DIF, VC WG, Indy, ERC-725 — the Big Bang), 2022 (DID Core Rec, Soulbound, Worldcoin/Polygon ID/Gitcoin Passport, eIDAS 2 negotiation — the tracks start competing), 2026 (EUDI rollout deadline forces everyone else to decide).

The fundamental split: keeping things separate vs. joining them up

The deepest divide across these tracks isn't which blockchain or which file format. It's a simpler question: when someone collects credentials about themselves, should the system actively prevent outsiders from connecting those credentials together — or should it actively encourage connecting them, so a public profile can emerge?

An everyday analogy: imagine you have a driver's license, a university diploma, and a gym membership. The "keep separate" camp says: when you show your license to the bartender, the bartender should learn only that you're old enough — nothing else, and no two bartenders should be able to compare notes that you visited them both. The "join up" camp says the opposite: publish your credentials so anyone can see the full picture, because that's how trust and reputation get built in public.

Keep things separate

Hyperledger / Sovrin · W3C / DIF · EU-regulated. Each credential check is a private, one-time interaction. The system fights against anyone joining your credentials into a profile. Reputation graphs don't fit here — they'd undo the privacy guarantees on purpose.

Join things up

Ethereum-native · Peer attestation / ZK. Attestations are typically public (or at least linkable) and meant to be combined into a profile. Reputation graphs are the natural result, and the discoverability they enable — finding people, building trust in public — is the whole point.

So whether reputation graphs "count as SSI" depends on which definition of SSI you're using. If SSI means private, controlled credential sharing, graphs sit outside it. If SSI means any system where users own and present their own credentials, graphs are squarely inside it. Both readings are common in the field — which is why the same word ends up describing very different products.

×