Truly Decentralized Identity
Supports GDPR Compliance
KERI is inherently supportive of GDPR (global data protection rights) compliance. KERI provides non-intertwined identifier trust bases which means that a given identifier’s data may be erased and truly forgotten.
Self-Certifying Identifiers
KERI has a decentralized secure root-of-trust based on cryptographic self-certifying identifiers. It uses hash chained data structures called Key Event Logs that enable ambient cryptographic verifiability. In other words, any log may be verified anywhere at anytime by anybody. It has separable control over shared data which means each person or entity truly controls their own identifiers.
Scalability
KERI is designed for high performance and scalability. It is compatible with data intensive event streaming and event sourcing applications.
Key Management Infrastructure
One useful way of describing KERI is that it is a decentralized key management infrastructure based on key change events that supports both attestable key events and consensus based verification of key events. KERI solves the hard problem of key management, that is key rotation.
Open Apache2
Best of all KERI is open Apache2. It is a project working toward IETF standardization.
Best Practices
KERI uses best practices for key management which include a novel key rotation scheme called pre-rotation. This simplifies key management infrastructure. Pre-rotation is also post-quantum secure. KERI supports enterprise scalability features such as delegated identifiers that support hierarchical key management infrastructure.
Security
KERI‘s design recognizes that It’s much easier to secure one’s own keys well than to secure everyone else’s internet computing infrastructure well.