Web5 - The Decentralized Internet

In this day and age, having an online presence has become integral to both our personal lives and professional endeavours. Platforms like X(formerly known as Twitter), LinkedIn, and Instagram have given us the power to create digital personas that resonate with others, enabling us to connect with friends and family as well as build brands and businesses. However, recent incidents have shed light on a fundamental question:

Do we truly own our user handles on these platforms?

Events relating to Twitter's rebranding and the subsequent takeover of the @x handle from a long-time user (about 20 years of use), shed light on the intricate web of ownership, and accountability that revolves around these usernames, and how account models across the web work today. Well, Twitter did automatically give the user with the @X handle a new handle. But then, what if the company decided to close the account instead? The user would have lost not just his username, but his entire digital existence on Twitter if his profile had been wiped out.

While this may be alarming, it is not illegal. We tend to assume the usernames we create on these platforms are tied to our account but the ownership is often dictated by the terms of service set by these platforms. These terms outline the rights and limitations we the users have over our username or account, establishing a virtual "landlord and tenant" relationship between us and the platform provider. We often don't read the prints on the Terms of Service agreement (I mean who has the time, right?), and therefore don't realize how much control these centralized organizations have over our data and digital identity.

In the current web, users don't own their data or identity. They're given accounts by companies and their data is held captive in app storage facilities.

Web 3.0 made an effort to decentralize the Internet but a lot of its tools are still controlled by centralized entities and not still very easy to use, hence the birth of Web5.

Entity in this context refers to us as an individual or an organization.

What is Web5?

Web5 is a decentralized platform that provides a new identity layer for the web to enable decentralized apps and protocols. Web5 enables a web that eliminates the traditional barriers of centralized data control. Web5 will change how our identities are being managed by restoring control to us while allowing applications to focus solely on enhancing our user experience.

Components of Web5

Web5 works thanks to a series of elements that allow developers to create decentralized applications that are, in practice, self-contained.

Web5, the Decentralized Web is built on three major components:

1. Decentralized Identifiers(DIDs):

As individuals and organizations, many of us use globally unique identifiers in a wide variety of contexts. They serve as communication addresses (telephone numbers, email addresses, usernames on social media), ID numbers (for driver's license, health insurance, passport etc.), and product identifiers (barcodes, serial numbers etc.). The majority of these globally unique identifiers are not under our control. They're issued by external authorities(government, companies, organizations, or some intermediaries) that decide who or what they refer to and when they can be revoked. For example, our email address and social media handles are identifiers associated with us but are owned and controlled by the service providers(Twitter, Google etc.). They're useful only in certain contexts and are recognized only by certain bodies not of our choosing. These companies can decide to ban, disable or delete these identifications and we have little to no control over this. They might unnecessarily reveal personal information. They can even be fraudulently replicated and asserted by a malicious third party, which is more commonly known as "identity theft".

So to truly enjoy the flex of decentralized web platforms, we need decentralized identifiers that users own and control. This removes the need to depend on centralized entities to authenticate and represent us.

Decentralized Identifiers (DIDs) are a new type of globally unique identifiers. They are designed to enable individuals and organizations to generate their identifiers using systems they trust. These new identifiers enable entities to prove control over them by authenticating using cryptographic proofs such as digital signatures.

A Decentralized Identifier (DID) is an address representing who we are on the decentralized web. It can point to a person, organization, thing, data model, or abstract entity. It is a type of identifier that enables "verifiable, decentralized digital identity". It is created and managed independently of any centralized authority or organization. The basic idea behind Decentralized Identifiers is to give individuals and organizations control over their identity information and allow them to share that information selectively and securely with others as needed. This means that they can choose when and how to share their identity information and with whom.

Decentralized Identifiers are W3C standard.

W3C standards are web standards - the building blocks of the web. They're the blueprints of how to implement browsers, blogs, graphic editors, search engines, and many more software that power our experience on the web. They enable developers to build rich interactive experiences that can be available on any device.

Decentralized identifiers are typically represented as a unique resource identifier (URI) and are designed to be used for identity, verification, authentication, and authorization.

DIDs have a standardized structure that essentially links to you and your information.

Every DID can be resolved in a corresponding DID document.

A resolver is a mechanism that allows you to look up and retrieve the DID document associated with a particular DID, the same way a URL typed in a browser resolves to a web page.

DID documents are JSON files stored in centralized storage systems such as IPFS - Interplanetary File system, and describe how to interact with the DID subject. The DID document contains things like the DID subjects public keys, authentication and verification methods, and service endpoint that reference the location of the subject's data. A DID document is a small JSON object that has a field for your DID, called "id".

The "id" is the only required field in a DID document with your DID as the value. A DID may also contain other fields like "verificationMethod, authenticationMethod" etc.

2. Verifiable Credentials (VCs):

Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a vehicle, University degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. These credentials provide benefits to us when used in the physical world but their use in the digital space(the web) continues to be elusive.

In the physical world, a credential might consist of :

Information related to identifying the subject of the credential (a photo, name, or identification number for example)
Information related to the issuing authority(national agency, or certification body).
Information related to the type of credential it is (for example, a health insurance card, or national identity card).
Information related to specific attributes or properties being asserted by the issuing authority about the subject(nationality, date of birth, etc.).
Evidence related to how the credential was derived.
Information related to constraints on the credential(expiration date, terms of use, etc.)

Verifiable credentials(VCs) are digital versions of traditional documents like driver's licenses, passports, birth certificates etc. They can represent all of the same information that a physical credential represents. But they are more than just digital copies, they're secured with encryption, making them tamper-evident and instantly verifiable.

Tamper-evident is a process that makes unauthorized access to a protected object easily detected. It makes it so that one can see if anything has been changed, opened, removed or damaged

The addition of technologies such as digital signatures, makes verifiable credentials more tamper-evident and more trustworthy than their physical counterparts.

What are Digital Signatures?

Digital signatures are a type of electronic signature(e-signature) that relies on public-key cryptography to support identity authentication and provide data and transaction integrity. When a signer digitally signs a document, a cryptographic hash is generated for the document. That cryptographic hash is then encrypted using the sender's private key, which is then appended to the document and sent to the recipient along with the sender's public key. The recipient can decrypt the encrypted hash with the sender's public key certificate. A cryptographic hash is again generated on the recipient's end. Both cryptographic hashes are compared to check the authenticity of the document. If they match, the document hasn't been tampered with and it's considered valid.

Verifiable credentials, therefore, are more of credentials on the web that are cryptographically secure, privacy respecting, and machine verifiable. Verifiable credentials offer a way of sharing information without oversharing.

3. Decentralized Web Nodes (DW

A Decentralized Web Node (DWN) is a data storage and message relay mechanism that entities can use to locate public or private permissioned data related to a given Decentralized Identifier (DID).

It is a personal data store where an entity can store its data, including social media platforms, financial data, and contact information. These storage units are controlled by users rather than different entities. Because these nodes are decentralized, there’s no need for other platforms, such as Facebook or Twitter, that have access to users’ public and private data.

The process of DIDs and their verifications and operations like messaging and data transfer are done on Decentralized Web Nodes.

The core features of Web5 include:

Decentralization:

Reduced reliance on central authorities and mitigating the risk of a single point of failure.
Control:

Web5 will give entities(individuals and organizations) the power to directly control their digital identities without the need to rely on an external or third-party authority. Users can choose what information to share with companies and what not to share.
Privacy and Security:

It will enable entities to control the privacy of their information, including minimal, selective, and progressive disclosure of attributes or data. Users will be able to store the credentials of all other platforms on a decentralized platform. This storage platform will only be controlled by the users, and the Internet will not collect any information about the users’ identities.
Discoverability:

Web5 will make it possible for entities to discover the DIDs of other entities, and to learn or interact with those entities.
Interoperability:

Managing identity - user names, passwords, digital currencies and related personal data, across applications. Users can switch Decentralized Apps(DApps) with ease using their unique DIDs. After a user has connected their Decentralized Identity to a DApp, all connections, relationships and posts that a user may have created on a previous social media DApp become accessible to them without creating a profile on the current DApp, allowing users to travel across platforms with a portable, social persona.

Conclusion

Web 2.0 is geared toward user-generated content which is controlled by centralized entities that have access to user's data.

Web 3.0 was an attempt or effort to decentralize the Internet. It was built upon the core concepts of decentralization, openness, and greater user utility but a lot of its tools are still controlled by centralized entities.

Compared to previous versions of the internet, Web 5.0 promotes complete decentralization and transparency, while ensuring complete control of user data remains with the user. To achieve its core idea of secure personal data by restoring the ownership of digital identity back to individual users, Web5 combines the user-friendly convenience of Web 2.0 with the mission of decentralization pioneered by Web3 design.