Digital Trust in the Metaverse & Decentralized Internet of Everything

Okay, maybe we can quickly start with a round of introductions. So I ask the panelist starting from Sam to introduce yourself. Summer Sam, do not even need an introduction, but let's have a quick one. Sam Kern. I am a an architect with nicio. I spent a lot of my time in the community with opensource projects that relate to the concepts in our working groups. I'm Heather Doll, I'm CEO of ndco and I work with our customers in deploying decentralized identity for trusted digital ecosystems into commercial solutions. Julie Dawson, chief regulatory and policy officer at yoti.

We're a company, have set up 13 million reusable digital identities, doing also a lot of age assurance. So over 600 million age assurance checks in the last couple of years, but also spanning e-signatures and credentials. Andy Tobin, Andy Tobin from Jen Digital. Some of you might have heard this history. I did work at e and m startup in the SSI space. Avast Cybersecurity Company bought e and m, Norton bought Avast and launched a new brand called Gen Digital, which is the the largest cybersecurity company in the world.

Thanks, ID thanks all. Hi Fraser Edwards we're I'm CEO checked where we're building payment infrastructure, commercial models for self-sovereign id, decentralized ID VCs, all that kind stuff as well as decentralized reputation, which we might touch later on in the panel line. Thank you. So I'll quickly start with the opening question and let's start with some of the common problems that arise with centralized identity verification systems and how can decentralized identity help to solve this issue? So this is for the panel. Anyone can start. Okay. Okay. Hi.

So I think one example that's really crystallized it for me recently in the UK is I assume everyone here knows Nike that makes footwear in the uk. There is then GD Sports and Footlocker, which just sell trainers and shoes and you now have Nike as an idp, like an identity provider, an attribute provider going into Footlocker and JD Sports. And that's just a sign now that like everyone is gonna become every company and their dog is gonna become an attribute provider. And if you do that in a centralized manner, I'll try to federate that. It's just gonna become spaghetti and it's just not feasible.

It's not gonna scale. So I think for me that's the primarily the primary issue that I'm start to see is just if everyone's an identity attribute provider, who do you centralize around? And realistically the only person logically to central centralize around is the individual, which I'm gonna steal your phrase that you use so I please don't punch me. But basically the individual becomes the api, like they become the central source.

Sorry, ay Yeah, that, that's trademarked. I, I think we should point out, we should be, should be aware centralized ID systems actually work really, really well in that we'll use them all the time, but it doesn't mean they, they can't be improved. And I think particularly where you've got multiple silos that you need to get across, you know, different islands of functionality that are too complicated or expensive to knit together or they're for regulatory reasons, they can't be stuck together. You give the data to the person and the person can carry it across.

So yeah, we shouldn't really sort of dis decentralized stuff because everyone uses it and it works, but there's a whole load of ways it can be improved and new experiences, new business processes can be created that were too expensive or too complex to do before. And that's gonna open up a whole new evolution of innovation in in the digitization of of processes. This is another third way. The ferry is coined by Tony Blair a few years ago, which is a hybrid approach.

So you can also have a, a system whereby you have a non-relational database at the core and provide each individual with the private key on the secure module of their device. So then you have a hybrid of both a central and a decentralized approach. So the central approach on the governance, some elements there are things that still organizations are keen on, but also very much giving the individual the charge, being in part in charge, no one single point of failure cuz it's not a scalable attack attack vector, but that re non-relational database at the core.

So food for thought Enterprises are often looking to receive an exchange, authoritative, verified data for the most part. They rarely see this as identity. They see it as trying to exchange the pieces of identity, excuse me, the pieces of data.

However, in today's macroeconomic climate, many organizations are looking to reduce the costs that they have around federated systems or centralized systems. And they're trying to obtain that authoritative verified data without any direct integration, without the requirement of federation or they're trying to expand and create new revenue streams based on receiving that verified data.

And so where we see this is the move towards decentralization is allowing companies either to save money and reduce cost immediately or to make new streams of revenue that before they couldn't actually access because they had to do direct integrations or work within a federated system. So this offers them more opportunity to make new revenues, create new partnerships, and develop new solutions for their customers. So as the last one to answer the question, I get to, you know, respond of course, which is helpful.

One of the things about, about, about these ecosystems that we're talking about is that a lot of the, a lot of the data isn't necessarily about like logging in or authenticating. And so you have the Nike example and, and, and a lot of people like I don't, I don't wanna be an idp, but they do have you, you may use the term attribute provider, which is what they're doing, right?

They is that they're, they're sh they can share some data or provide some data about the individual and there's a lot more of that the for, for companies that have no idea, they don't, they're not really interested in being a, an authenticator of users, but they have information about users that that is very useful. And the other really important thing here is that in a decentralized system, you, the architecture ends up being different. And so verifiable credentials allow you to make data portable without sacrificing trust. And that's really important.

You often trust where the data actually came from and because you asked the source and you got the data that you trust that it's valid and it hasn't been, hasn't been manipulated or tampered with the verifiable credentials allow that same trust to happen with regardless of of the actual travel path of the bits on the way to you because you can validate that credential cryptographically to make sure that it is issued by the individual issuer and then of course with governance that it's an issuer that you should in fact trust for their opinion on that, on that particular data.

And that portable trust is, is an element that doesn't typically show up in centralized systems cuz it's much, much easier to stand up a big API and have everyone call it. Could I just chip in with one one more thought on this. So early days of Nym, I was a SSI maximalist, let's call it, you know, if you, it is important to think of a spectrum of fully centralized at one end to kind of SSI maximalism at the other and then kind of reality hits home and people need to implement things and people need to write rules and people need to create trustless.

I thought it was a great presentation Trevor, by the way, on, on the, this whole need for trustless and and governance and therein sort of brings in some degree of centralization and I think we'll see a lot of that with IDAs and just a quick trailer Friday morning, tomorrow morning, IDAs track, all day's gonna be epic. But I think you'll see there decisions being made about some centralization happening, like who's gonna hold the register for wallets that are trusted, for example.

So you, you pick your point on the spectrum and I think IDAs is sort of is, it's, it's well away from the SSI maximalism bit, but really interesting progress away from the centralization side as well. Yeah, I I agree with a lot of that. And we had, Fraser mentioned Nike as an example of a use case, another use case. I think Julie and I were talking before when it comes to this dealing with security of the minors in in in in the metaverse space. What are your thoughts on that? Maybe we could explain the points that we talked about using this as a use case.

Sure, yes, thank you. So you can't have been alive on the planet for the last few years to see the sorts of things that are, that are happening online. And a third of people online are actually under the age of 18 classically societies around the world as they've evolved or thought, how do we help young people achieve their potential but know they are risk seating? And also look at what guardrails can you put in place.

You know, it took us a hundred years to get from the motor car to seat belts and car seats for for kids. Will we take a hundred years in this environment? But importantly, if you look at things like contract, you can't really take part in a contract under the age of 18 or 13 for the digital age of consent. What is the conduct that is acceptable in the presence of, of minors? What is the content? And different countries will have different views on that.

And then what is the contact, if you've got your five year old sat there, do you really want them live streaming and dancing around without clothes? Do a bunch of 50 year olds? So there's a lot of problems with the four Cs and if you look at Metaverse environments, look at the top 10 Christmas presents, there'll be a lot of parents that aren't really aware of what their kids are able to do and find and experience online. So I have the, the, the dubious but but pleasure, responsibility of serving on a lot of the groups that are looking at the potential child harms.

So we protect global alliance, the World Economic forums, global Coalition on digital safety, looking at both the data leakage sides in terms of data that's leaked from miners and then all the different regs around the rule, the world coming in around age appropriate design, can they capture those? So in short, looking at data minimized ways for people of all ages to just share over or under a certain age is really important.

Some of those could well come through in certain areas with the IDAs, but lots of young people don't have a document until a certain age and the age at which IDAs will kick in will be different in every country. And then what about the rest of the world? So AI-based approaches are coming in a lot and in in, in long and short you need a range of approaches because there's not one size fits all and what not one data point that will fit all, but absolutely I think it's, it's worn for all of us with our different hats to think about the liability side, the fraud side, and the harm side. Thank you.

Thank you. Julie, would any of you like to add to that?

I'd, I'd love to. One of the, one of the benefits I think of the, of the approach that decentralized identity has taken is that we don't tend to consider online very separate from in-person, very separate from in some place like a metaverse because the concepts are the same and lots of the problems are the same.

There, there's some obviously some application differences in, in UX in particular, but the, the fact that you might need to prove your age in a variety of those locations is, is kind of true regardless of where you are, right? It used to be that there was the online, the internet and then offline and, and we've realized that that the digital relationships that we have actually exist in a multitude of forms. And so striving to serve those across all over the forms produces a a really effective thing.

The benefit there is that some of the work already being done outside the metaverse of course also applies in the metaverse because of those exact reasons Just to add in as well. Firstly, I think Yoti are doing an epic job with the age verification stuff and getting some really good results in terms of business. And the reason for that is because it's a solution to a, a live problem with regulatory, a regulatory stick hammering people as well. And I think we are surely gonna see a real explosion in the need for very fast, very cheap verification.

You are a human, you are over a certain age, not necessarily about id, this is not an ID thing. It's some attributes about yourself and my friend and colleague Jamie Smith coin the term, the explosion of fake, which is coming with ai. People are all excited, they can draw interesting pictures with mid journey and you know, write up a business proposition in in, in two clicks on chat G P T. But what's coming next is fake everything. So in that environment, how do you prove that you are Julie, right? And and that's coming thick and fast. Would you like to add something?

I, I think just leveraging on something that Andy mentioned around, I think it has to do with like general attributes about yourself and that's why like we as a company have maybe stopped talking about digital identity so much and started talking about like decentralized or digital reputation because then you can kind of shift that into like general attributes like who you interact with like for your example on the age side of things obviously like if you are missing an IDE identity document that like attest to how old you are.

Maybe another way around that for us is looking at like how long your history is and therefore that you can present out that you have like transactions beyond a certain age. You've been part of some social club that you can point back to over time and you can start to share those where it's nothing to do with like your real name, your real address, your passport or or your documents. But it's all to do with like how long have you been around, are you a trusted person?

Like we deal with a lot with web three and we have people that we know who they are sending like five to six figure sums to people they've never met. They dunno the names of, but they've been in a telegram group for five years and therefore there's implicit trust and so they're basing it on just social signals which have nothing to do with an underlying identity.

And I think that's one of the fascinating things that we're seeing is like more and more of that is coming through where it's relying less on like strong assurance underneath it whilst acknowledging there's always gonna be a place for those use cases where you do need that high assurance, especially in cases where you are protecting minors. So I think there's an interesting point there that there's a continuum between the verification approaches that may or may not be based on documents and the estimation ones.

And we spend a lot of time trying to educate regulators who seem to think that just because there might be an identity document at somewhere historically that that's gonna be the a hundred percent. But you know, and we try and then explain what a fraudulently obtained genuine is, how many lost and stolen there might be.

You know, do you know that there's authentication, this is the right person owning the document, all the things everyone in this room will be well aware of. That seems to be news to some people and actually some of the estimation approaches you can actually have a better idea of what the false positive false negatives are. But it takes a lot of education for the penny to drop. And we're actually seeing the estimation approaches when offered side by side are the ones that 75% of the public are going for versus actually using document-based approaches.

But actually looking at the audit and the transparency and how the data sets and all the rest is the, the thing we're still with. Thanks Julie.

You know, now we, we talked about some of the vulnerable age groups and identities out there. There's another use case which we can talk about and that's decentralized healthcare and finance. And in this case, what are the, what are some of the key considerations when implementing these systems and is that even realistic? Right? I think we can actually pick up on a thread here when it came to the idea of verification based on document and reputation and how those, and, and also for, you know, understanding minors in their role and how that applies to financial services and healthcare.

And there's an underlying need to know whether an individual is over 18, whether they are over 18 and maybe have, are incapacitated in some way and therefore someone else needs to make that decision. And we talked about hierarchical governance, maybe someone needs to make a decision at this point and that point and you really have to build both into healthcare and finance because it is such an important part of our lives.

So when we're working with hospitals on medical record exchange, there is that point where in the governance maybe someone is over 18 and therefore can make their own medical decisions but they're completely incapacitated because they're in the ER and conscious. So at what point do you make what we call break the box decisions where suddenly a physician has ultimate access to all of their records with the implicit consent provided ahead of time in order to make that happen.

The same thing goes with the financial history where you have people that actually may have the ability to make a decision, but because they're in advanced ages, they've just decided that they want their children to make those decisions either because it's convenient or maybe they don't trust their decisions.

And so that's really important to what we just talked about previously with age, is that oftentimes you have to bring one the legal documentation that someone else can make that decision on your behalf and combine that with the reputation of that person that you have assigned it, assigned that decision making to whether that is that ER physician who has the reputation to be working in that ER or whether it is a family member that has gained that reputation to make the decisions on behalf of your family.

So I think both of those use cases are active, they're being pursued now, they are deploying verifiable credentials and they're also thinking about these advanced governance challenges and how do you implement them technically into the solutions. I think that's a really good example actually that you're incapacitated in er that's a really good example of something that the, the digital credential world can do because you could say, well if somebody can prove they're a verified doctor, then sure let 'em have access to a med. My medical reviews, not to everything else but just to that.

But the, the actual implementation of it is actually quite complex. But once you get over the hurdle of this kind of approach of guardianship and, and third party access, once you can do it once, you can do it for lots of different use cases. So I think that's, that's an excellent example and it's something again just to bring it back to sort of Europe and IDAs, there's no thinking about that yet.

We know it's gonna have to come, but all of the edge cases, like what if you die, what if you're incapacitating hospital or what if it's your, your elderly mother who's got Alzheimer's and you need to have power of attorney. All those edge use cases need to be handled.

So there, there's a long, long way to go on that yet, but there are things you can do with digital credentials that you couldn't do before or involve the whole load of paperwork and we're really complex. So policy-based stuff is really important there in addition to all the custodial cases with either the young and the old. Right? One of the other things that I had a conversation with earlier is about delegation with, with banks and, and healthcare.

Often you, you know, the laws require specific authorization by the folks, which means that if my wife and I are on a, on a bank account, like sometimes I'll have to come into the room and s verbally say I approve my wife to be involved in this regardless of the fact that that could be faked so easily, right? But that satisfies the legal requirement for them.

If we, when we start to use verifiable credentials and they get stronger, we gain some advantages of not being able to to to to, to spoof them or to to use them maliciously, but it can also remove the ability that we have to delegate access that we do. Now my wife, for example, knows all the passwords to all the things that we share in common and, and that's a really useful thing. Now I don't share her my work credentials because she's not involved in those. Although someone told me earlier that I should, so she could do my work for me, but that's not a thing I do.

She's not, Yeah. So, but but, but that, that's the thing, right? And if we remove the, the delegation systems that we actually have today, we have to make sure that we can respect that that useful delegation that we have that can, if you're not looking at it right, looks like a violation of, of, of all the policies involved, but is in fact a really incredibly useful thing to have, you know, particularly in trusted relationships and being able to delegate access to that. For example, I live in a really small place.

I can send a, my nine year old kid, not nine anymore, but I did when she was nine to the grocery store with my credit card and she can buy a bunch of stuff using my credit card and leave. And it's clear to the checker that that's not her credit card. She's nine. But I live in a place with a lot of farm kids and farm kids run chores for their parents all the time. And so that's the type of a thing that could be easily not allowed but should still be in cases where in cases where we're sort of tightening up the security of things.

So just to add to the complexity of both the care of the young and the old delegations. Another complicated factor here. And if I just add into that all the tech, if we get the tech rights, brilliant, but if the user interface doesn't work, no one's gonna use it. And that's, that's another huge challenge to get into is there's this new paradigm, this new way of doing things, nobody understands it yet apart from some of us weird people in the room here. So making it easy to use is, is vital, Right?

And and that's an area where I've spent a, a tremendous amount of time over the last three years and what we inside in DC call it is we designed for grandma in a spacesuit. It doesn't matter how awesome the technology is but if grandma in the spacesuit can't use it, it does not matter. And so I think that's really important. Where did grandma in spacesuit actually comes from the space.

You know, it doesn't matter how amazing that spacecraft is, the astronaut can't fly, can't use it, it doesn't matter. And what I found really interesting is Ken Iverson who leads our product, he comes from the audio industry in the sense of audio like putting in systems into Wimbley Stadium, Madison Square Garden where you have these massive complex audio systems but it all comes down to a single soundboard.

And so it's the same way that we have to think about verifiable credentials is it all comes down to grandma in the spacesuit, can she use it quickly to accomplish everything that we've just talked about? And if she can't guess what we're back to the table working on u i UX and workflow until we get to the poem that she can travel and use for instance a DTC type one seamlessly but never know that's what she just did. Thank you.

Just on that note, if anyone's interested in like UX UI on the wallet side, like Rochelle's in the second row and did an awesome presentation yesterday on exactly that from the found Hoffer Institute. I think it's the best session I saw for like the last few days. So like it's really worth checking out and it's super quick, super informative, doesn't mess around, does the best and the worst, like really, really solid. So shout out to Rochelle Thank You. Come and do it again On it was so good.

Yeah, don't worry about us. That should definitely be on everyone's to-do list to read that your research. I would like to take a moment here to open up the stage to anyone from the audience who would like to comment or I have a bunch of virtual questions but maybe we can just go with the audience here first. This is redundant cuz I'm on that list, but this gets me in first. There's a tragic story in Canada about a woman fighting for the possession of her son's diary, which was stored insert platform name here.

And they said, well that's our intellectual property, there's no wills, so the contents of your son's diary who committed suicide is ours. So that's a big trust issue. So who inherits in the metaverse, right? Should the platforms be the default custodian and inheritor?

It's, it's a point actually that I don't know if some of you might know Baris bien Kidron in in the uk she's been lobbying for the last few years, not just sort of diaries but all the online digital content one that young people might have seen prior to a tragic event, but also that belongs to how can those families at the moment, you know, some, some families are waiting years to access that type of material.

And sadly it was on a coroner's court in North London where two very large platforms actually did have to witness what led to, you know, suicidal ideation over about an 18 month period for them to see both that and the inner thoughts of, of of of their daughter's sort of mind over, over that period. So I think there are now more people lobbying for that to happen, but I don't think we've quite got there. And the other point I think picking from that previous one is, is looking at the other actors that might be maline.

So elder abuse in the instance of the power of attorney one and other actors that may not want data to come to light is is the other thing back to our over point of, you know, transparency and oxygen being the best disinfection and and the more that we can encourage sort of pre-role blowing from companies that staff try to to lobby in the design and build that there is that transparency for users is is something that I hope we, we as a, a community can encourage. I think it's important too that the government plays the right role here.

Sometimes there's, there's reluctance because they don't wanna run a foul of a lawsuit to release information to the wrong party. And I think that making sure that regulation exists that applies the correct sort of legal liability or or permission process to allow those things to happen is a useful thing. It's gotta be done carefully so that it's not over applied to any individual technology. We talked about the blending between digital but in in-person, you know, metaverse online type of interactions.

It's gotta have enough generality to the regulation that it can be applied with both the current technology that we have and stuff we haven't thought of yet. And, and so allowing for that type of access, even if there isn't an explicit will for in, and that in that matter that it can be implicit rights that, that everyone has and can execute actually opens the doors and makes it easier for compliance for companies in those circumstances in addition to the ones that simply don't wanna release it.

But, but being able to, to provide those sort of implicit rights of of loved ones in those particular cases is very useful. And then I guess to extend that on like the implementation side, so as well as policy, there's like actually where is that data stored and there's starting to be a big shift towards like actually having that ownership and control.

And so you've got like Blue Sky, which a decentralized version of Twitter, you've got like block working on decentralized web nodes, spruce Id working on something similar, Walt id, VA, Rita, and all of those are basically building that, that storage, which is maybe it's hosted with another organization, but it's owned and controlled by the individual. So I think as those those tools start to come through, they'll see a lot more use because there is that awareness now that like, that content is owned by, effectively by the platforms.

Like Google is probably the best example, like anything you do on Google Docs, Gmail, any of that is basically there, right? Like it's theirs. And so everyone's using those right now because there's not really an an equivalent alternative.

But I think as that awareness comes through and the tooling comes there, I think there is gonna be a migration because then you do get ownership of that content, you can move it around and you can, I guess to the point earlier on like delegation and custody and, and all that kind of stuff, you could also control how that is handled as opposed to like leaving it to a platform with a legal system. So I'd hope that that comes through, especially as the tooling becomes available. Speaker 10 00:28:53 Sure.

Maybe as a, a follow up to what you just said, a lot of the effort that the industry puts in is on the, on the happy flow and, and the standard in the general sounds like we're now discussing what we call edge cases, but these edge cases are actually more central to our humanity. You just mentioned governments should play a robot. Can you expand a little bit on, on what we could do as an industry to pull in the edge cases and give that standard state? Because if we can cover those, then we've got a good solution in the broader sense? That's an excellent question.

The, there's a variety of methods whereby features show up in a system. Some of them are government, like government related legislative, sometimes they're, they're a, they're a feature of the architecture, like decentralized web nodes for example. If you're going to store large amounts of data in some place, then then the architecture can actually support different things as well.

And, and that's my, that's my preference. There's, there's some other things but, but government governance and or government legislation and architecture tend to be the two things that sort of drive the emergent behaviors of the system that we have.

And, and I, I'm a fan of the having architecture that promotes certain practices as a regular course because it allows for better flows and things that are edge cases to be handled more easily, you know, because of the difference in how it's constructed. And so as an industry, one of the responsibilities that we have as we're building, you know, ID identity systems is to, is to pay attention because it matters about how you do the architecture so that, so that the emergent properties are the things that you desire. I'm just, I thought that was an excellent answer, Sam.

I think we're, we're all in debt and in into the future in debt to people like Sam and Fraser and other architects in this room who are figuring this stuff out because the vast majority of people out there don't care, right? They're using Google Docs, they haven't read the Ts and Cs, et cetera. So it's just, it's just convenient, right?

So, and we're never gonna get them to care about how they do delegated access to their mother's digital wallet until they need it, right? And then to retrofit into the, the architecture is gonna be vastly, vastly complicated. So thinking about this stuff early and there's been the guardianship task force as well, it's been happening and, and and so on is really important. So we know that there's things that can be done and delivered and design now, but the vast majority of people, they, they don't care about this conference and these people in IT and credentials.

They just want something to work really simply and really easily. And if it's a business, they want it to be cheaper and faster, right? So you deliver that, but knowing the underpinning architecture handles the edge cases. And I'll take us back to IDAs again, there's no edge case consideration yet in the IDAs world, but crikey, that that needs to come really, really quickly.

Just a, so you mentioned guardianship, so there's, I don't see Judith in here, but trust over IP has like, I think a guardianship, a harms task force. So that kind of thing has been, or is being, and has been considered for a few years. It's more that you're starting to see the implementations which can take account of the conclusions and learnings that they've made so far.

You're also starting to see, like I know one of our investors has another company in the, in the US which is looking at end of life planning and it's on their roadmap to start accounting for like how do you manage a will from the point of creation to dissemination and how do you manage that across the point where like the ownership of that is gonna shift as well as like the assets, the content that, everything that fits around that and and how those entities relate. So I think it's all starting to come through.

I think what you're seeing now is a shift from like theory and like, we need to account for this early to like, we're gonna have to go and implement this very, very soon because the wave is coming. Yeah. And the last sort of couple of points I think are just the, the age old inclusion and accessibility been some great work done by open identity exchange.

Nick in the room there, fabulous paper on that, but just looking, you know, be that all the people with different impairments or be those people without access to documents and what are the other data sets that can help them prove that they do exist on this planet. So all ones likewise on our, on our radars. I have one interesting question, by the way, there is only one real word, but there are multiple metaverse worlds. Should the identity that exist in the plurality be one or can there be more than one?

Instead, should the multiple selves be proved by one real self please? I have more than one identity now.

Yeah, right. I'm here, you see me as business work, Sam, but my kids have a different relationship with me and the same thing with other areas of life that I'm actually involved in. And so one of the important things to point out when you talk about multiple metaverse worlds is that effectively I live in multiple worlds now with the different activities that I'm involved in, right?

You, you may or may not know that, that I enjoy 3D printing. That's not something I talk about a lot, but it's a thing that I do and that's a whole different world effectively from the, from the world that I spend in digital identity. And so I think a lot of, when we recognize the, the, the, the real nature of the, of the identity that we have in this physical world, it helps you understand the different types of things that actually apply to different metaverse worlds And completely agree.

Like the, the example I always use is like, we're heavily into like web three crypto world and it's a little bit like fight club in that they're all inside these companies and no one knows who they are, but every so often when the market dips, they turn up with a black eye. And so like they have very different identities at work versus like who they are on Telegram and Discord, they're completely separate and even their telegram and discords like may not overlap.

So to Sam's point, like just co they're all different like expressions of an identity or an identity depending on the semantics that you use. And it ultimately, like it's the same individual at the core of them just expressed in different ways. It's almost like a prism is the way I think about it. I think one of the things we're gonna all have to look at is this continuum between the pseudonym anonymity, pseudonymity verification, and that any one person in one day might have different hats on in different contexts.

So we've, you know, speaking be it on gaming platforms or dating platforms, you see very different behaviors and yet the same person might be buying a house, you know, that, that, that week. So I think we will all have different hats that we wear at different times, but looking at when somebody does something illegal, you need to trace them. And how do you include people that might, for whatever reason live in a part of the world where freedoms are, are not quite so, so clear cut and how do you enable that inclusion for people that might be very much thin files.

So those are things that I know are, are, are tracks that we all all bear in mind. And then to wrap it up for the question specifically to Metaverse is how do I ensure that my avatar in Metaverse is truly bound to me is the human in the real world? And that's how we bring all of us together that I make sure that that avatar who says that they're over the age of 18 is truly over the age of 18 and I'm able to bind that.

And so then the next step is, ha when that person who has been in my metaverse event and they show up to my event and person to make sure that's the same person, but not in a way that's correlating and creepy. And that's the beauty of a verifiable credential is it removes that ability to correlate and track me not only in the metaverse but also in the physical events because there are companies who do not want to do that and there are laws that want to reduce that. And so that's how what we're talking about today applies to the metaverse and connects it to your physical world.

Well we have talked about the carpet problems, we have talked about considerations and a lot of challenges and potential risk and actual use cases around metaverse and decentralized identity. But now we just have unfortunately only one minute left and I do have still so many questions unanswered. I I hope everyone gets the time in the upcoming breaks to discuss this more with you. But just as a closing question, I would like to ask, how do you see digital trust and verification evolving over the next few years and what new technologies or approaches do you think will emerge in this space?

And Shall I start it's going to be epic. I think for us it's a shift to decentralized reputation. We're in the process of launching something creds xyz, go get that. Like go on there, like start your reputation. We're about to hit beta. So I think that's the way we think, think things are shifting and we'd welcome feedback as we start launching it.

I think for me, two words come to mind, which is just the transparency angle and, and back to Rachel's point yesterday, you know, we've got to keep it simple else we will lose a lot of the trust and understanding and then those minors, let's not forget those under 18 because it would be too easy for us to build worlds where those four Cs do not have a happy ending. No longer think about this in years. Think about how this is gonna evolve in the next 24, 48 hours. This space is moving quickly I feel like every day as a dog year.

And so build now everything we talk about, you can build this afternoon because solutions are launching and deploying to market. I think my last final comment is that I think we're, we can expect to see a lot of both government down and sort of other smaller business and organizations up and simultaneously they're not gonna happen one before the other. Thank you so much. I hope everyone gets something back to think about.

This is, this is a very complex and yet a very important topic and I thank all of you for your participation and sharing your insights. Thank you so much. Thank.