Full-text Search for Verifiable Credential Metadata on Distributed Ledgers

Abstract: Self-sovereign Identity (SSI) powered by distributed ledger technologies enables more flexible and faster digital identification workflows, while at the same time limiting the control and influence of central authorities. However, a global identity solution must be able to handle myriad credential types from millions of issuing organizations. As metadata about types of digital credentials is readable by everyone on the public permissioned ledger with Hyperledger Indy, anyone could find relevant and trusted credential types for their use cases by looking at the records on the blockchain. To this date, no efficient full-text search mechanism exists that would allow users to search for credential types in a simple and efficient fashion tightly integrated into their applications. In this work, we propose a full-text search framework based on the publicly available metadata on the Hyperledger Indy ledger for retrieving matching credential types. The proposed solution is able to find credential types based on textual input from the user by using a full-text search engine and maintaining a local copy of the ledger. Thus, we do not need to rely on information about credentials coming from a very large candidate pool of third parties we would need to trust, such as the website of a company displaying its own identifier and a list of issued credentials. We have also proven the feasiblity of the concept by implementing and evaluating a prototype of the full-text credential metadata search service.

• The paper introduces a full-text search engine that integrates verifiable credential metadata with self-sovereign identity workflows.
• It employs Apache Solr and a microservices architecture, achieving up to 16,000 requests per second on commodity hardware.
• The approach enhances identity verification efficiency on blockchain-ledgers while promoting privacy, scalability, and trust.

Full-text Search for Verifiable Credential Metadata on Distributed Ledgers

This technical essay discusses the design, implementation, and evaluation of a full-text search engine for verifiable credential metadata on distributed ledgers. The paper focuses on integrating this search capability into Self-sovereign Identity (SSI) workflows to enhance digital identification systems using blockchain technology.

Introduction to Decentralized Identity Ecosystems

The paper presents the SSI framework as a decentralized identity management system powered by distributed ledger technologies, particularly Hyperledger Indy. It emphasizes the need for a robust method to manage a vast array of credential types from diverse issuing organizations. Unlike traditional identity systems dominated by central authorities, SSI aims to provide individuals with control over their identities, fostering privacy, accessibility, and trust across global networks.

The SSI role model encompasses three primary roles: the issuer, the holder, and the verifier. These roles interact via credential offers, requests, and verifications, as outlined in the figures below.

Figure 1: Verifiable Credentials Role Model and Search System Integration. The three main roles are: (1) issuer, (2) holder, and (3) verifier.

The search system relies on the verifiable data registry, a key element of the SSI framework, to manage metadata about digital credentials on the Hyperledger Indy ledger.

Design and Integration of the Full-text Search System

The design of the full-text search system aims to seamlessly integrate into the SSI workflow, addressing the verifier's challenge of identifying relevant credentials efficiently. This process involves creating and maintaining a local copy of the ledger, processing transactions, and utilizing a search engine such as Apache Solr to enable textual queries.

Figure 2: The full-text verifiable credential metadata search process integrated into the SSI workflow.

The architecture is designed for scalability and reliability, with provisions for handling a burgeoning number of credential definitions and schemas as global adoption of SSI expands.

Implementation Details

The implementation utilizes a microservices approach, where components are containerized and communicate via REST APIs. Apache Solr is chosen for the full-text search functionality due to its open-source nature and scalability features, making it an optimal choice for handling potentially large datasets from the ledger.

A key consideration in the implementation is ensuring data integrity and trust in the local ledger copy. The system includes capabilities for preprocessing and enriching ledger transactions to enhance search relevance and efficiency.

Evaluation of the Full-text Search System

The evaluation section highlights the performance and utility of the search system in practical scenarios. Without an integrated search, verifiers would need to manually inspect ledger transactions, a process prone to inefficiencies and errors. The full-text search system addresses these concerns by providing a user-friendly and performant solution.

Figure 3: The performance of our full-text search service powered by Solr (single node deployment on commodity hardware).

Testing results demonstrate that the system can handle up to 16,000 requests per second on commodity hardware, offering substantial throughput for real-world applications. This capability ensures that even as the number of potential credentials grows, the system remains responsive and effective.

Conclusion

The paper proposes a novel full-text search engine for verifiable credential metadata, integrating with SSI workflows to streamline and enhance digital identity management on a global scale. By leveraging distributed ledger technology, the system facilitates the discovery and verification of credentials, supporting a decentralized approach to identity management.

Future work will focus on expanding interoperability across different SSI platforms and further optimizing the search system's performance and functionality. The goal is to establish a more flexible and scalable identity ecosystem that aligns with emerging standards and technologies in digital identity management.