Decentralized identity is a broad concept describing how individuals and organizations can prove who they are online without relying on centralized authorities like governments, corporations, or custodial services. In the context of cryptocurrency and blockchain systems, decentralized identity technologies empower users to control their credentials, reputation, and access to services in a way that is portable, verifiable, and censorship-resistant.
This page covers the major approaches in use today, with a focus on Decentralized Identifiers (DIDs), the Ethereum Name Service (ENS), and LNURL for Bitcoin’s Lightning Network.
Traditional digital identity relies on centralized databases — email providers, banks, social networks, or governments — each siloing information about you. This creates problems:
- Single points of failure: Breaches can leak millions of records.
- Censorship risk: Accounts can be deleted or suspended arbitrarily.
- Poor interoperability: Credentials don’t easily move across services.
- Surveillance: Central parties track usage, reducing privacy.
Decentralized identity seeks to fix this by using cryptography + open protocols so you can carry your digital identity between platforms while retaining control.
-
Self-sovereignty
Users control their identifiers, keys, and data directly.
-
Verifiable cryptography
Proofs (e.g., signatures, zero-knowledge proofs) replace trust in central authorities.
-
Portability
Identities are not locked into one app or provider.
-
Minimal disclosure
Share only what’s necessary — e.g., “I’m over 18” instead of handing over a passport.
-
Censorship resistance
Names, credentials, and reputation can’t be easily seized or revoked.
- Definition: A DID is a globally unique identifier anchored in a decentralized system (e.g., blockchain, distributed ledger, or peer-to-peer network).
- Format:
did:method:identifier (example: did:example:123456abcdef).
- Standards: Managed by the W3C DID Core specification.
- How it works:
- A DID resolves to a DID Document that contains public keys, authentication methods, and service endpoints.
- Users prove control by signing with the associated private keys.
- Use cases:
- Verifiable credentials (KYC, diplomas, professional licenses).
- Passwordless authentication.
- Portable social identity across platforms.
Pros: Strong standards, broad ecosystem (Microsoft ION, Sovrin, etc.).
Cons: Still early; complexity can limit adoption.
- Definition: ENS maps long, unreadable Ethereum addresses to human-readable names like
alice.eth.
- How it works:
- Built as smart contracts on Ethereum.
- Names are NFTs (ERC-721 tokens) that you can buy, sell, or transfer.
- Each ENS name can resolve to multiple records:
- Ethereum address
- Other crypto addresses (BTC, LTC, etc.)
- Content hashes (for IPFS/Arweave sites)
- Text records (Twitter handle, avatar, etc.)
- Use cases:
- Easier crypto payments.
- Identity in Web3 apps (login with ENS).
- Decentralized websites.
Pros: Large adoption in Ethereum/Web3, user-friendly.
Cons: Ethereum-dependent, gas costs, requires ongoing renewal fees.
- Definition: LNURL is a set of standards for simplifying interactions with Bitcoin’s Lightning Network using URLs.
- How it works:
- Encodes Lightning payment requests, withdrawals, and authentication flows in a URL (often wrapped as a QR code).
- Wallets and services can process LNURLs to automate common flows.
- Identity component:
- LNURL-auth lets users authenticate with websites and apps using their Lightning wallet.
- The wallet signs a challenge with the user’s keys, proving control of their Lightning identity.
- This creates a portable, pseudonymous identity tied to a Lightning node.
- Use cases:
- Login without passwords.
- Payments, tipping, and rewards linked to a Lightning identity.
Pros: Lightweight, wallet-native, censorship-resistant login.
Cons: Ecosystem still small; not interoperable with non-Lightning DIDs.
| Feature |
DID (W3C) |
ENS (.eth) |
LNURL-auth |
| Standardization |
W3C spec |
Ethereum smart contracts |
Lightning BOLTs + LNURL spec |
| Human-readable names |
Optional |
✅ Yes (alice.eth) |
❌ No (cryptographic pubkeys) |
| Interoperability |
Cross-platform |
Ethereum/Web3-focused |
Bitcoin Lightning-focused |
| Identity strength |
Formal, verifiable |
User-friendly naming |
Pseudonymous auth |
| Adoption |
Emerging |
Growing, mainstream |
Niche, LN-only |
- Cross-chain identifiers – bridging ENS-style names across Ethereum, Bitcoin, Monero, etc.
- ZK credentials – zero-knowledge proofs will allow selective disclosure of attributes (e.g., proving “I’m a DAO member” without revealing wallet contents).
- Social recovery – community/trusted contacts can help restore lost identities.
- Integration with Web2 – DID-backed logins may eventually replace email/password combos.
--
TODO: Add referenced to existing articles here