Open source and open standards have been two pillars of self-sovereign identity since the beginning. Only by breaking down barriers to both development and production can we ensure that SSI works for everyone, everywhere. Openness is also at the core of how Evernym operates, and our motivation for launching Sovrin, subsequently donating Hyperledger Indy to the world, and more recently, open-sourcing our own products. In this webinar, we covered: - The importance of open source software, and why it's needed for self-sovereign identity - The open source tools available today, from Hyperledger Indy and Aries to Evernym's Verity - What Evernym's open-sourcing of Verity means for developers - Getting started with either open source or our free Sandbox plan

1. @evernym | www.evernym.com | November 2020
Open Source
& What It Means For
Self-Sovereign Identity

2. MODERATOR
Andy Tobin
Managing Director, Europe
PRESENTER
Richard Esplin
Director of Product
PRESENTER
James Monaghan
VP Product

3. On the agenda
Introduction
Open source culture
What this means for you
What this means for Evernym products
Getting started with open source and SSI
Q&A
Green Room: Networking and continued Q&A

4. Join us in two weeks for
our next product webinar
Tuesday, Dec 1 | 8am PT (same time block as this webinar)
We’ll cover:
• An overview of Connect.Me and our
Mobile SDK
• What's new in our Mobile SDK's General
Availability release and Connect.Me 1.4
• A sneak peek at our 2021 roadmap
Register at www.evernym.com/webinars

5. If you have questions….
Please write them in the Zoom Q&A, and we’ll
cover them after the presentation.
Please note, this webinar is being recorded

6. Open Source
Culture

7. FLOSS
Free / Libre Software
• Free as in Speech / Freedom.
• Sharing is a moral duty.
• Copyleft: hack copyright to enforce sharing.
Open Source
• Open is better engineering.
• With many eyes, all bugs are shallow.
• Scratch your own itch.
• Don’t reinvent the wheel.
• Collaboration is fun.

8. Open culture
● Maker movement
● Art and media
● Legal access
● Scientific data access
● Scientific hardware
● Bio-hacking

9. Open development
• Focus on building community.
• Communicate transparently.
• Products should be easy to adopt and
easy to contribute to.
• Public: source code, architecture,
documentation, tooling, roadmaps.
• Private: customer data.
TODO Group OSS
Code of Conduct
● Be friendly and patient.
● Be welcoming.
● Be considerate.
● Be respectful.
● Be careful in the words that
we choose.
● Try to understand why we
disagree.

10. The four freedoms
0. Run the program for any purpose.
1. Study how the program works.
2. Redistribute the program.
3. Improve the program, and
redistribute the improvements.

11. Open source
and SSI
The goals of Open Source and the mission
of Self-Sovereign Identity reinforce one
another.
● Decentralization
● User control
● Transparency in systems and algorithms
● Systems that are long lived and broadly
adopted
● Transportable information
● User rights

12. Related webinars
• SSI Meetup: Self Sovereign Identity and Open Source Software
• https://ssimeetup.org/self-sovereign-identity-ssi-open-source-richard-espli
n-webinar-16/
• Evernym: Open Source Product Strategy
• https://www.youtube.com/watch?v=Z43uDfEsVuk

13. What this means for you

14. Evernym works with lots of “you’s”
• Hyperledger Indy/Aries/Ursa
• Sovrin Foundation
• Trust over IP Foundation
• Verity users
• Mobile wallet users
• Evernym customers
• Evernym contributors
• Implementation partners
• Wider SSI community
○ DIF, IIW, RWOT
• Standards bodies
○ W3C
• Governments
• NGOs
• Cryptocurrency and blockchain
Secondary communitiesPrimary communities

15. Customer benefits
Customers are guaranteed:
● Vendor independence
● Vendor risk mitigation
● An improved negotiating position
● Compliance with policy
● An ancillary social benefit
And are likely to receive:
● A focus on support
● Faster adoption
● Increased security
● Innovation
● Transparency
● Interoperability

16. End user benefits
End users also benefit:
● Increased control over their
technology
● Can investigate and experiment
● Greater confidence in privacy and
security
● Faster adoption of SSI best practices
● Greater interoperability
● Greater data portability

17. Impactful decisions
The license1
2
3
The governance model
Standards

18. The license1
• Gift
• Apache
• Sharing with Rules
• GPL
• In-Between
• LGPL
• Time based
○ BSL
• All rights except . . .
○ CCL, SSPL
• Mixed open and closed
○ Elastic License
Source AvailableOpen Source
Bruce Perens, 2009

19. The license: Open business models1
Pure Play Source Available
Everything is open
source
Revenue comes
tangentially: support,
hosting, training
Source is available.
Development is public.
License is proprietary.
Open Core
Parts are open, parts
are closed.
Revenue comes from
upsell to proprietary
features.

20. The governance model2
No formal
governance
Vendor-
controlled
Most of GitHub
Be prepared to take
over.
Mongo, Elastic, JBoss
Focused on customer
needs, risk of lock-in.
Formal
community
Apache,
Hyperledger, Debian
Healthy project, hard
to influence.

21. The governance model2
Community governance Corporate governance
● Multiple copyright holders
● Anyone can merge
● Community consensus process
Pros:
● Broad adoption
Cons:
● Hard to achieve alignment
● Susceptible to “tragedy of the
commons” (lack of polish)
● Single copyright holder (CLA)
● Restricted merge rights
● Corporate vision
Pros:
● Customer focus
Cons:
● Often narrows use cases
● If you disagree, you have to
fork

22. Standards3
1. W3C DID Spec
https://w3c-ccg.github.io/did-spec/
2. W3C Verifiable Credentials
https://w3c.github.io/vc-data-model/
3. Agent to agent / DID Communications
https://trustoverip.org/blog/2020/10/19/trust-over-ip-foundation
-introduces-a-new-tool-for-interoperable-digital-trust/

23. What this means for
Evernym products

24. Evernym’s licensing goals
• Grow the ecosystem in which we sell.
• Drive adoption of best practices and
standards.
• Foster innovation by leveraging community
projects.
• Encourage 3rd party contributions to our
products.
• Gain brand recognition and community
marketing.
• Grow customer goodwill and loyalty.
• Be an on-ramp to paid offerings.
• Scale our business.

25. Evernym’s product
valueEvernym’s products combine the value of
• an open network of interoperable
credentials,
• and community-governed,
vendor-independent tools,
With
• easy to adopt solutions with advanced
capabilities designed around customer
needs,
• and support from the world’s experts in SSI.

26. We commit to:

27. We commit to:
1. Keeping customers free from vendor lock-in

28. We commit to:
1. Keeping customers free from vendor lock-in
2. Supporting open protocols and interoperability

29. We commit to:
1. Keeping customers free from vendor lock-in
2. Supporting open protocols and interoperability
3. Licensing the source code for all of our generally available products under a
permissive license within three years.

30. We commit to:
1. Keeping customers free from vendor lock-in
2. Supporting open protocols and interoperability
3. Licensing the source code for all of our generally available products under a
permissive license within three years.
Exceptions:
● Integrations with proprietary products.
● Infrastructure code.
● License enforcement code.
● Fixes to old code bases.

31. Additional commitments around
open development
• Collaborate with the broader community on foundational technologies.
• Be transparent about our policies and practices.
• Follow open development principles by hosting public source code, CI / CD, issue
tracking, documentation, and engaging with our user and developer communities.
• Exceptions will apply to proprietary integrations, customer data, niche use
cases, and security.

32. Licensing
Apache 2.0 License
• “Gift” style license, that allows reuse of
any kind.
• Used where we want broad adoption.
• Indy and Aries: Governed by the
community
• Verity SDK: Governed by Evernym

33. Licensing
Evernym Business Source License (EvBSL)
• Allows free usage of our commercial
products
• Code is publicly available and usable for any
purpose, within the following restrictions:
• No production use beyond 500 MAUs.
• Nor to provide commercial services to 3rd
parties.
• Non-production usage is always permitted.
• After 36 months from public access, each
commit will convert to the Apache 2.0
license.

34. Breakdown per product
Artifact Open License Governance Model
Verity (Server + Agency) Evernym BSL or Commercial Evernym
Verity SDK Apache 2.0 or Commercial Evernym
Connect.Me Evernym BSL or Commercial Evernym
Mobile SDK Evernym BSL or Commercial Evernym
Ev LibVCX Evernym BSL or Commercial Evernym
Indy, Aries, Ursa Apache 2.0 Community

35. Next steps in this
journey
DONE
• Verity SDK
• Verity
• MySQL Storage Plugin (part of EvLibVCX)
ON DECK
• Mobile SDK
• Connect.Me
• EvLibVCX

36. Improved contribution processes
• “Open source scaffolding” in each repo.
• Readme, License, Contributing, Security
• Improved distribution of support artifacts.
• Public CI / CD.
• Easy Contributor License Agreements.
• Public pull requests.
• Public issue tracker.

37. With special thanks to eSSIF-LAB
This effort is part of a project that has
received funding from the European
Union’s horizon 2020 research and
innovation program under grant
agreement No 871932 delivered
through our participation in the
eSSIF-LAB, which aims to advance the
broad adoption of self-sovereign
identity for the benefit of all.

38. Getting Started

39. Open Source vs SaaS
• Public repos.
• Self supported.
• You provide hosting.
• Great for learning the
internals.
• SaaS Verity.
• Evernym supported.
• Evernym hosts.
• Great for getting stuff
done.
Usage as
SaaS
Usage as Open Source /
Source Available

40. Next steps for you
• Review the documentation.
• Play with the Verity Sandbox.
• Check out the source code.
• PRs are welcome.
www.evernym.com/developers

41. Thanks for tuning in.
To register for upcoming webinars and ‘green room’ chats,
visit www.evernym.com/webinars/.
Connect with us via Twitter or Email
@evernym
info@evernym.com