I keep coming back to the idea behind SIGN and how it shifts things from storing identity to proving it. On paper, it feels cleaner—less data moving around, more control in the moment. But when you sit with it, it starts to feel less like a technical change and more like a change in how trust itself works.
If identity is no longer something sitting in a system, but something you prove when needed, then who decides what counts as a valid proof? And more importantly, who gets to define those rules in the first place? That part feels easy to overlook, but it matters a lot.
There’s also this quiet trade-off that’s hard to ignore. Giving people control over their credentials sounds empowering, but it also means carrying more responsibility. Losing access isn’t just inconvenient anymore—it can actually cut you off from parts of your own identity.
The idea makes sense, but it doesn’t feel simple. And maybe that’s the point.