it’s tempting to treat digital identity like a clean design decision. pick one model, build it, and call it solved. but real countries don’t get that luxury. nobody is starting from a blank page. there’s always legacy underneath: civil registries, scattered agency databases, banking KYC layers, border systems. so “building identity” is mostly negotiating with what already exists.
that’s why the one-model dream keeps losing.
centralized identity looks great at the start: one pipeline, one authority, fast integrations. but the structure quietly encourages oversharing. a verifier asks for a simple proof and ends up receiving a full profile, not because someone is evil, but because the system is wired that way. once broad access exists, exposure tends to creep.
federated identity tries to avoid that by keeping data inside agencies. but then governance becomes the choke point: who can query what, how consent is handled, what happens when systems disagree. the exchange layer grows, the rules get complicated, and over time it can still drift toward broad visibility—just through a different route.
wallet-based identity is the cleanest for privacy: users hold credentials and share minimal proofs. but it adds heavy operational issues like recovery, revocation, and verifier onboarding. without strong coordination, the ecosystem slides back into old habits because it’s easier.
so in practice, countries mix all three. they centralize where authority matters, federate where interoperability matters, and use wallets where privacy and control matter. the real challenge isn’t selecting a model. it’s keeping trust intact when these models interact.
that’s where SIGN fits, at least conceptually. it’s not trying to replace national systems with one new architecture. it’s trying to standardize the trust layer underneath them: who can issue credentials, how verifiers get authorized, how revocation stays consistent, and how audits work without forcing raw data exposure. the goal is proofs that travel across systems while sensitive data stays put.
this matters because identity systems usually don’t collapse during onboarding demos. they collapse at the edges: when two institutions must trust each other without shared infrastructure, when auditors ask for evidence months later, when policies change faster than systems update, or when too much data was exposed upfront and leaks.
a “trust fabric” approach helps because it separates verification from data access. verifiers receive structured proofs instead of full records. revocation status can be shared instead of siloed. audits can be supported with inspectable evidence instead of surveillance.
so the practical frame is: centralized gives authority, federated gives interoperability, wallets give privacy. SIGN aims to keep them interoperable without inheriting each other’s worst failure modes. and if that gets embedded into national workflows—issuance, verification, audit—it becomes invisible infrastructure that’s hard to replace. not flashy, but foundational.
