Dangers of “decentralized” ID systems
Government ID and (De)centralization
- US and Australia cited as messy, semi-decentralized ID regimes: multiple authorities, inconsistent acceptance, edge cases for people without “standard” documents.
- Some argue passports and green cards are in practice centralized IDs; others note they’re optional (for citizens), unevenly recognized, and don’t form a universal “base layer.”
- Real ID partly standardized US state IDs but stopped short of a fully centralized federal database.
DID, Verifiable Credentials, and Web3
- Several commenters say the article conflates Decentralized Identifiers (DIDs) with Verifiable Credentials (VCs). DID is the underlying identifier; VC is an optional layer on top.
- Critics of DID/VC see it as another crypto/Web3 attempt to find a use case, with similar problems: hard/irreversible compromises, revocation issues, complexity, and weak real demand.
- Others stress that VC’s main purpose is convenience (e.g., “tap to show ID”), not social inclusion, and that revocation mechanisms (status endpoints) exist—though this reintroduces centralization.
Revocation, Key Management, and Biometrics
- Key management and binding keys to real people is seen as a long-standing hard problem. DID/VC doesn’t change that; it just repackages web-of-trust, PKI, etc.
- Revocation is a core pain point: if a key is lost or stolen, strong decentralization clashes with usability and recovery.
- Biometrics are proposed as “crypto-bio hashes,” but others note they can’t be revoked, are easily copied once leaked, and require trusted hardware; acceptable for device unlock, dubious as global ID.
Privacy, Surveillance, and KYC
- One camp argues robust, centralized ID makes government services more efficient, reduces fraud, and fixes real-world problems (e.g., duplicate dependents).
- The opposing camp sees any universal ID as a step toward a panopticon: facilitates sanctions, de‑platforming, social credit–like control, and large-scale abuse once a bad actor gains power.
- KYC/AML split: some call it “necessary and good” for large-scale finance; others say it inverts “innocent until proven guilty” and embeds mass surveillance.
Alternative Models and Broader Reflections
- Web-of-trust is discussed as legally valid in some places and historically used, but hard to scale and vulnerable to social inequality.
- Aadhaar is raised as a minimal, biometric-based national ID that anchors further attestations.
- Several comments distinguish identity vs authentication vs authorization, warning that conflating them leads to “identity theft” and overreach.
- Underlying fault line: trade-off between efficiency/fraud prevention and preserving meaningful spaces for anonymity, error, and resistance.