Jessica Galang: The material and information presented in this podcast is for discussion and general informational purposes only and is not intended to be and should not be construed as legal, business, tax, investment advice, or other professional advice. The material and information does not constitute a recommendation, offer, solicitation, or invitation for the sale of any securities, financial instruments, investments, or other services, including any securities of any investment fund or other entity managed or advised directly or indirectly by Georgian or any of its affiliates. The views and opinions expressed by any guest are their own views and does not reflect the opinions of Georgian. Hi everyone and welcome to Bridging Web3. I'm your host and Georgian's content editor, Jessica Galang. In this series, we focus each conversation on just one technology or concept that is part of the infrastructure for building Web3. Our goal is to highlight the building blocks that make Web3 more usable and understand the real world opportunities in the long term. For better or worse, in Web2, we're used to social media platforms owning our data and monitoring our activity. Facebook and Google know who you are and what you're doing, and if you decide to use those credentials to log into other services, it expands the reach of what they're seeing. In Web3, there's this idea that users should fully own their data and their digital identity, called self- sovereign identity. The idea is that under self- sovereign identity standards, people can easily prove their credentials without sacrificing privacy and stay fully informed of how their data is used. That's an extremely high level explanation, but our next guest, Riley Hughes from Trinsic, will explain the intricacies of this idea. Trinsic, a Georgian customer, builds infrastructure for people building digital identity products. The company believes that digital identity should be just as nuanced as physical identity. I'm so excited to talk about how something as simple as identity can unlock some really interesting use cases for businesses. So, welcome Riley.

Riley Hughes: Thank you. I'm glad to be here.

Jessica Galang: Can you give us a brief on what self- sovereign identity is and maybe a breakdown of the philosophy behind it?

Riley Hughes: Yeah, absolutely. Self- sovereign identity, it's a philosophy or an ideal that basically says that our identity online should be as useful and nuanced as our real world identity. Today, identity online is pretty much relegated to login, but identity in the real world is so much more. Identity in the real world is everything from your social, political, gender identity, all the way to things like what other people say about you. Things like your driver's license issued by a government or your passport issued by a federal government or your library card issued by a library or your utility bill from your utility company or your W- 2 two from your employer or whatever else. There are hundreds of examples of things that could be sort of lumped into this sum total of your identity, both things you say about yourself and things that others say about you. And self- sovereign identity is really the idea that we could represent more of our whole selves online. People can show up as themselves and as their whole self online as opposed to needing to only be represented as what other corporations want to see or say about you. These corporations may not have your best interests at heart, like you already alluded to with some of the big tech companies. So what does this mean for the average person? It means that instead of needing to pull a plastic card out of your pocket and take a photograph of it and take a selfie to prove something about yourself online, to prove your age or you actually are who you say you are, for example, in the future you will have a digital wallet that contains cards and credentials and attestations of all different kinds. Regardless of where you go online or in person, you'll be able to use those credentials and attestations to get access to the things that you need easier, faster, safer, more privately.

Jessica Galang: Sometimes when I'm speaking to people in this space, I hear digital identity on the blockchain used as a term, sometimes I hear self- sovereign identity. Is there a difference between some of these terms? Just so people can wrap their heads around the semantics of it.

Riley Hughes: Yeah, so you'll hear things like digital identity, self- sovereign identity, decentralized identity, you'll hear Web3, you'll hear Web5, you'll hear all kinds of different terms. Reusable identity is another one. These terms all exist for a reason, they all mean a little different things and resonate a little better with different audiences. I think the term digital identity is really the umbrella. Identity, today, really is still paper based for the most part. There are exceptions to this rule, but the rule is that identity is still on paper. It's really the reason you need to carry around a physical leather wallet in your pocket today is because it has identity cards in it that still don't exist on your device, whereas payments and other things generally are on your device. So in general, identity is still paper, and talking about digital identity is a way to allude to this progression and future state where we will have an identity that is represented electronically as well. Now you could have a digital identity based on Web2, Web3, Web whatever. It's a very generic term that could mean a lot of different things. And so when you start to get into self- sovereign identity, that's alluding more to this philosophical ideal that is that people should be the sole arbiter and the sole entity in control of their data and their identity. It does have a little bit more of a, again, a philosophical ambition to it. Decentralized identity generally is a term that refers more to the specific technologies related to the way that people want to represent digital identity in a more decentralized way. And yeah, there's nuance to all these terms. One more term that is useful to understand is the term IDtech. IDtech generally refers to products that are built using self- sovereign identity or decentralized identity or digital identity or whatever. IDtech is sort of where the rubber meets the road. It's where the conceptual meets the practical. It's something a user can actually download. IDtech is obviously a play on fintech and edtech and agtech and biotech and all these other terms that are sort of familiar to us. But one of the ways that decentralized identity or identity generally in Web3 is hitting the market is it's hitting the market in the form of IDtech products.

Jessica Galang: I want to bring the conversation back to your own background and experience. How did you get into this field exploring identity?

Riley Hughes: I am incredibly lucky to have ended up in this space. It's a space that is full, it's fast moving, there's lots of problems to be solved, there's a lot of opportunity and interest. So I ended up in this space sort of randomly because I wanted to differentiate my resume so I could go work at a big consulting company and whatever. I was looking for some off the wall internship while I was in college that would, again, differentiate me, give me some unique experience. I ended up applying to work at a company called Sovrin Foundation and I ended up becoming the first employee hired there. Sovrin was an early, well, is, it's still around obviously, but at the time it was an early blockchain meets identity project. Specifically, it was one of the first blockchains that was purpose- built from the ground up all the way from the consensus algorithm to the SDK to interact with it, just for identity. As the first employee there, I was really involved with a lot of the aspects of Sovrin's initial growth and adoption by developers. After being at Sovrin for a couple of years, I spent a lot of my time trying to figure out how to help Sovrin get adopted by developers and companies that were interested in self- sovereign identity. That path of searching for improving adoption led to starting Trinsic. When we started Trinsic, really was a simple premise. It was like, let's make Sovrin easier to use for developers. It was really an API that abstracted a lot of the complexity away and made it easier. And of course since then, we have evolved. We support additional blockchains now, we support other protocols beyond what the initial Sovrin vision was and today we describe ourselves as an infrastructure for building identity products or infrastructure for building IDtech products.

Jessica Galang: I'd like to pull that thread a little of what you do at Trinsic. Where do you fit in the broader Web3 landscape?

Riley Hughes: It'd be helpful to add a timing elements to this question because there's a whole lot of potential for what decentralized identity could mean. It could mean proving in a privacy preserving way that you have a degree in engineering from a certain university and therefore you should be eligible to contribute to a DAO in a certain way or something like that. I mean, there's all kinds of potential use cases that could exist where identity and Web3 meet. Another common one is a reusable KYC credential where you could prove that you are not on any block lists or something like that and you could prove that you're eligible to access services. Some of these use cases today don't exist because there hasn't been an IDtech product that has been introduced to really solve that problem specifically. So what we're really focused on is helping companies who are looking to solve these problems, be able to focus all their energy on productizing, monetizing, going to market, and really nailing the solution without having to maintain all of the infrastructure in whatever else, themselves, in- house. So that their engineering team can focus all on things that will help their business succeed instead of reinventing the wheel from a decentralized identity perspective. So we're focused on, again, enabling those products to be successful. A lot of these companies, our customers, are targeting the Web3 ecosystem. Others of our customers are targeting different ecosystems though, and that's one thing that we do at Trinsic. We're sort of agnostic to whether it is kind of Super Web3 native or whether it is something that is a little bit more meeting users where they are today. We can support both those models.

Jessica Galang: That makes sense. So it's more about the idea of enabling some of these self- sovereign identity principles and allowing people to have more control over how their identity is used online. Is that accurate?

Riley Hughes: In the long run, a lot of those ideals can be actualized in a really, really amazing way. In the short run, the question is how do we get there? And the answer to that question is that developers are building products to solve some of those problems in the near term and we're supporting those developers in taking those first steps in that direction of self sovereignty. That jump can sometimes be quite the distance for somebody who's used to just logging in with Google or something.

Jessica Galang: A lot of conversations in Web3 are about getting to the next billion users and I think part of that is trying to meet people where they are and guide them along the way. Before this podcast, we've talked about the role of personal data interoperability in making that happen. Can you talk about what that means and why it's important?

Riley Hughes: This is the crux of decentralized identity right here. This is the most exciting thing about what we're working on because in the real world, I have this plastic card in my pocket right now that says that I'm allowed to drive. And despite that card, like its purpose, it was issued to me by a government agency to prove that I could drive, and its purpose is really that. I use it for all kinds of things that have nothing to do with driving. I use it to get on airplanes, I use it to open bank accounts, I use it to whatever. I use it for all kinds of different use cases. That credential is useful in so many places. And the reason it's useful in so many places is because it's generally accepted that the DMV does a good job of vetting me and making sure that the right credential is issued to the right person and they put a picture on it to sort of bind that to me so that I can't hand that credential off to somebody else to use. And so because there's a high degree of trust in the source of the credential, the data inside of it can be used in lots of places. It can be used anywhere that it's trusted and accepted. What decentralized identity allows us to do is really that same thing for any data. We saw customers, for example, putting COVID-19 vaccination certificate into a digital wallet and of course using that to prove that they are eligible to travel. But then we saw other use cases for that credential as well, use cases in insurance or even in education. For some people, they didn't have a legally recognized form of digital identity, but they did have a COVID vaccine card, and so they were able to use that card to get access to other services. It really generalizes the trust model behind the most interoperable identity credentials that we know and use today to a much larger scope.

Jessica Galang: Okay, and are you talking about creating a central place where identity is accepted or giving people more access to their info so they can actually use their credentials to prove who they are?

Riley Hughes: Yes. Central from the perspective of the user maybe, but decentralized from a technology perspective.

Jessica Galang: Can you talk about how solving for these identity challenges in Web3 is important for scaling Web3's use cases in the long term? We've talked about how this is like open banking and fintech, this idea of getting more users access to their identity and data and paving the way for new applications. So I just want your perspective on that and some of the connections between open banking and fintech and working in Web3.

Riley Hughes: I think riffing off of my last point about data interoperability, what open banking and what crypto in general did for finance was really make your financial transaction data useful, or some people call it composable, but useful in third party applications. So open banking means I can use my banking data in any number of fintech apps that I want to permission it to. And in crypto, your transaction data and NFT holdings and all of those types of things are public on chain. That same general concept is what these decentralized identity protocols do for personal data, but it does it in a way that is private and sort of consent driven by design. So as opposed to a blockchain where everything's public and anyone can read the transactions on it, which is really cool for a lot of use cases, that's not necessarily super cool for a lot of identity use cases. The worst case scenario is everything is on- chain and it means everything's public and so from a surveillance perspective or privacy perspective, that's not very ideal. Open banking made it so much easier to build useful fintech products, products that enable people to invest in new ways, to save in new ways, to collaborate on savings with other people, to budget, to do all kinds of interesting things with their money that would've been really, really hard to build before that. If you look at the number of fintech companies that were created from the 1960s through to 2010, you'll see a certain amount of companies. There are some winners there, you'll see PayPal, you'll see Mint and Intuit, you'll see Visa, you'll see a few. But then after 2010, after the global financial collapse happened and after the emergence of open banking and products like Plaid, infrastructure tools, infrastructure tooling on the identity side that made it easier to do KYC things and some of these pieces were available, you see the amount of fintech innovation just absolutely skyrocket over the last decade. To the point where today there's like over a quarter of unicorn startups are fintech companies. Just because really we made it easier to start fintech companies, reduced the barrier to entry, made financial data more useful and more applicable in more products, and then all of a sudden we see lots more products and lots of innovation happen there to the benefit of consumers. And I think what we're seeing is that the COVID-19 pandemic and some of the implications of that with regard to vaccines, vaccine data mandates, as well as other things that have been happening from a macro perspective around privacy and data protection and things like that have really been the catalyst, I think, similar to what the 2008 financial meltdown was that triggered fintech and crypto to exist. I believe that this pandemic and a lot of the other macro trends around privacy are triggering this decentralized identity movement. You also asked about how this will help the growth of Web3 and how it will help onboard the next billion users. I think when you look at a lot of use cases in Web3, I would say you can kind of group them into two different buckets. Bucket one are use cases where you're using on- chain data to do on- chain things. I mean, a lot of DeFi is in this department. A lot of the early NFT and DAO traction has been in that bucket. But a lot of the future use cases that people in Web3 talk about and Web3 skeptics or people outside of Web3 are anticipating are those use cases where essentially off- chain and on- chain things can interact in a way that's trustworthy. We hear about real estate use cases or healthcare use cases or education use cases, frankly, the use cases that most everyday people actually really care about and where I believe most of the value will be created. Decentralized identity, it represents a really elegant way to bridge those two worlds. You could imagine you could have a verifiable credential from a title company or something, you can prove that you own your home, so then you can do things on- chain with it. As opposed to maybe trying to do everything on- chain, which may have higher barriers to entry and some other challenges, like I mentioned, regarding privacy and other things. None of this is black and white. I think there will be a mixture, but I've definitely seen the decentralized identity protocols helping with some of these on- chain to off- chain use cases like the one I mentioned about using your education credentials from the off- chain world to prove that you are eligible to do certain things with a DAO, for example.

Jessica Galang: You've talked about how solving some of these challenges with digital identity and getting people to embrace it can make it easier to build natively with Web3 based technology. Digital identity solutions can also make user control and sovereignty at the center of designing these products. Can you unpack that?

Riley Hughes: Yeah, what I sort of mean there is that, I think one thing that I've been waiting for since, I don't know, 2016 or something was I've been waiting to be able to use my Bitcoin to just buy things at an everyday store or something. I think the challenge with that is that, I mean the elephant in the room is like Visa already exists and I can already pay for things pretty easily, and so there's just not a real hair on fire problem there. I see the problems related to transaction fees maybe, but even then you can make arguments about value added services that the payments networks provide regarding chargebacks and other things that are valuable, that are helpful. And so for a lot of payments use cases or financial use cases, there's already so much existing infrastructure that's there that in a lot of cases is sort of good enough. The interesting thing with identity is identity is still paper. The only way to prove who I am online is still to take a photograph of a plastic card. Clearly we do not have good digital identity yet, and so as we go to drive adoption of something like a digitally native university diploma that can be composable and shareable and whatever else, as you think about how would we go about building that, you can build it from the ideal technologies instead of needing to think too much about integrating with some of the old school technologies. Again, this is not black and white. Obviously there are existing systems that do some of these things and get a little of the ways there. But I guess the point is that instead of needing to think about a lot of the, for example, payments networks that were built in the 1960s with doing their best at that point in time, we today have at our hands, at our disposal, things like blockchain and modern crypto algorithms and things like that that we can bring to bear to solve some of these problems from the get- go.

Jessica Galang: So is this just a re- imagining of what's possible rather than just being like, oh, well I guess we're stuck with these centralized tools.

Riley Hughes: The way to maybe drive this home is if Visa were to build itself today from scratch, they would definitely do some things differently because different technology is available today. But because they've ended up where they have, some things are harder to do because you need to make it backwards compatible and work with legacy systems and all of that. The cool thing about identity right now, most of these things still just don't exist at all. So we get to build them now with the best technology available to us in a way that is more challenging in purely financial or payments based use cases in particular.

Jessica Galang: You've also talked about how interoperability of identity does require a set of standards that people agree on. How do you build standardization in a decentralized world like Web3? If we're using the visa example, a lot of fintechs were built on the back of Visa, but it is still a centralized provider. How do you reconcile that?

Riley Hughes: Yeah, standardization is key because building everything in a silo is not a recipe for success. You can sort of look at a lot of past attempts at solving the digital identity problem and things that are done in a proprietary way are rarely accepted. Digital identity is one of those things that is so core to who people are and is so core to many business's core processes, there's a reason your bank doesn't let you log in with Google. Some of these things are really, really important and depending on one single provider to provide all of that is just unlikely to work. So standards are an absolute necessity when you're building with identity. I think we're fortunate to have lots of incredibly smart people who have been working on identity standards for decades who can bring to bear a lot of the knowledge of what's worked in the past and who have been working on specific things for a very long time. So take for example, the verifiable credential standard. That is something that's commonly used in decentralized identity systems. Verifiable credential is like an NFT in the sense that it's a unique digital thing, but it's off- chain and it's nontransferable, so it has a little different properties relative to an NFT. It works a little better for identity, I guess, or private data. Verifiable credentials are a standard from the W3C that have been in the works for quite some time. Since really, I think before a lot of the current Web3 hype, this standard has been in development. So we can actually look to some of the existing standards bodies for the internet, things like W3C or IETF or ISO or whatever else, and take some of the things that the digital identity industry has been working on for years and bring those to bear and apply them in decentralized way or in a Web3 context.

Jessica Galang: That makes sense. Going back to one of your answers before where you talked about how there's some really interesting opportunities for IDtech because a lot of solutions don't exist, can you share some hypothetical examples of that?

Riley Hughes: I can speak to some use cases that our customers have been developing. You can imagine something like, once you have a self- driving car, how does the car prove that it has insurance or prove who its owner is? What happens if a police officer needs to pull over a self- driving car, how does that work? How does that happen? The answer is that the car needs an identity. The car needs an identity wallet that contains credentials that the police can trust and verify, and this can expand beyond just police. It can expand to individual people who maybe want to verify the environmental friendliness or the greenness of the car that they're about to hop into from a robotaxi perspective and whatever. So you can imagine a world where this car has an identity that is, again, that can use its data for all kinds of different use cases that just don't exist today. Another example that we saw a lot during the pandemic was Healthpass. Somebody who is able to take their, maybe, vaccine information or a recent COVID test and use it to access services in a really seamless way without having to re- verify or retest over and over. That was something that just really didn't exist before people started developing these digital health wallets. So we're seeing examples in the supply chain space, in the education space, in the healthcare domain, in the employment and HR worlds, and other industries as well where people are applying the same general model to build products that solve unique problems.

Jessica Galang: Okay, great. So a lot of people are comfortable with the fact that they're exchanging their data for an easier browsing experience in Web2. Do you think there will ever be a point where Web3 is as user- friendly as Web2?

Riley Hughes: I think this answer is nuanced because I personally believe that the lines between Web2 and Web3 will blur. In fact, we already see the lines blurring with a large portion of Web3 traffic flowing through centralized entities like OpenSea or a Coinbase or something like that, which, Coinbase looks a lot like a Web2 company, except that it gives you access to the Web3 ecosystem in an easier way. And so again, I think of course we will continue to see the open source world get easier to use, the protocols get easier to use, the open systems and self custody solutions get easier to use, but I think there will always be a role for companies that want to come in and create really nice to use products for specific purposes. And so I think we'll see those worlds blend a little bit. They'll still, of course, tell users about some of the benefits. For example, they'll say, your data is secure, your data is encrypted and only you can access it, we'll never share your data without your consent because we technically can't because it's owned by you. Some of those types of things I think users care about and maybe want to hear, but I don't know if they necessarily need to be educated about all the details. Again, depends on your target customer, depends on the use case, maybe depends on if you are trying to sell or talk to my mom who maybe wouldn't care as much about this versus an IT department who may care a lot about this. But I think in general, I mean we could build the greatest, most elegant, most self- sovereign thing on planet Earth, but if it doesn't get adoption by people, then what's the point? I think I'm seeing companies who are prioritizing ease of use and great products winning over ones that are prioritizing the philosophical ideals, maybe. What that translates into is less of a need for education and more of a need to get better at identifying pain points and problems to solve and productizing the solutions to those problems in a way that people can adopt versus making it a big difference or gap between Web2 versus Web3, if that makes sense.

Jessica Galang: That makes sense. It's really about communicating that value when the average customer probably doesn't care how they're getting that service or the better experience as long as it's happening. So just to go back to the Web3 landscape, there's been a lot of negative news around crypto and people in this space have been talking about a crypto winter. How are people like yourselves working in the Web3 space or blockchain space in the long term look at what's happening?

Riley Hughes: Yeah, I think we need all these different kinds of people to create. We need the pragmatists and the idealists both in an ecosystem to make it thrive because we have to balance building the right things with building things that will get adopted, and both those perspectives are valuable. I tend to be more of a pragmatist, and so when I look at the space, I think I see some compelling use cases. I think one of the use cases that I see though is gambling and speculating, and I think the result of some of that is unfortunately crashes and people losing money. That happens regardless of whether it's in Web2 or Web3. I had a friend who lost a bunch of money investing in GameStop stock because it was kind of gambling a little bit in the stock market, and that's normal. So I think that yes, it's a bit tumultuous, there's a lot going on, but I think that the companies that are really just focused on solving problems and solving new problems in ways that empower users are really unfazed by a lot of the tumultuous aspects of the space and are staying heads down focused on adding value to users. I hope that there are smart investors, smart regulators, smart people all around who are able to see through the hype to the actual business value being created.

Jessica Galang: Definitely. So what's next for Trinsic? Is there anything you're working on that you're excited about?

Riley Hughes: Yeah, I think one of the things that's really exciting about decentralized identity is that it overlaps or it is applicable in lots of areas that are very real world. I've mentioned finance, healthcare, education, supply chain, retail, I've mentioned a lot of these existing industries. These are industries where decentralized identity is really, really good at addressing real world problems. And so we've actually seen with tumult or with hiccups in the Web3 space more broadly or with the bear market, if you want to call it that, with less hype around traditional Web3 use cases, we're seeing more people flock toward the things that preserve the ethos of user control, sovereignty and user owned information, but that maybe are a little more grounded in where users are at today. Again, people go to school, people drive their cars, people do all sorts of things in their everyday life that are ripe for improvement and that are ripe for more user control. And so we're actually seeing as the Web3 use cases surrounding speculation, maybe get less prevalent, we are seeing an increase in attention toward a decentralized identity from some of those folks who are flocking toward more safety or realism in building, again, products that solve problems for users. So that's really exciting. One other thing is that if decentralized identity, self- sovereign identity, these topics are interesting to you and you want to learn more, we just started a podcast called The Future of Identity. In the Future of Identity podcast, I talk to entrepreneurs and product leaders who are taking identity products to market and oftentimes using decentralized identity to do so. I try to dig deep into the insights they've gained and what they've learned about the market and why they're using things like verifiable credentials in their products. So if you liked this conversation, that's probably an interesting one to check out. You should be able to find it anywhere else you find podcasts. If this resonates, of course, if you're a builder and interested in playing around with our platform, it's free to get started. You can go to Trinsic. id and get access to our SDKs and sample applications and start playing around, and reach out to me on LinkedIn, Twitter, whatever, and I'm happy to hear about what you build.

Jessica Galang: Awesome. I'm so excited to see more of what you're working on at Trinsic. Thanks so much again for coming on to chat and explaining these nuances with digital identity.

Riley Hughes: Thanks a lot, Jess. It was great to chat.