AnonCreds is a new Hyperledger project that enables privacy-enhanced verifiable credentials.
The technology itself is not new, as it was originally part of Hyperledger Indy, the digital identity ledger project. However, it has now been separated from Indy so that it can be used for verifiable credentials on ledgers such as Hyperledger Fabric or Ethereum-based Hyperledger Besu, or others.
The core concept that underpins AnonCreds, Indy and Project Aries is to enable users to share identity data with others, but only on a need-to-know basis. For example, in a bar, someone can prove they are of drinking age and perhaps share a picture tied to the credential without disclosing their name and address.
AnonCreds, which stands for Anonymous Credentials, uses Zero Knowledge Proof (ZKP) encryption to enable these sorts of selective disclosures.
The concept could work well for some applications and perhaps less for others. If a financial process involves Know Your Customer compliance, there may be a need to share quite a bit of data, and most certainly your name.
In the digital identity sector, AnonCreds has attracted a little controversy.
AnonCreds pre-dates the W3C verifiable credentials standard and doesn’t fully comply. It also uses cryptography which is not approved by NIST (it’s not alone). However, some of the criticisms have been rebutted (and here). And the fact that there are 25 project sponsors demonstrates the extent of its support.
At the same time, the AnonCreds project appears willing to revisit the signature scheme (cryptography) and, in the future, support credential presentations using the W3C data model.
As outsiders, we’ve seen divisions in the digital identity sector on multiple topics. However, given the importance of digital identity, healthy debates are critical. While the desire for interoperability is an important one, there’s an argument that privacy is more so. And the groups behind AnonCreds are some of the most earnest about protecting privacy.