Truly Decentralized Identity
Supports GDPR Compliance
KERI is inherently supportive of GDPR (global data protection rights) compliance. KERI provides non-intertwined identifier trust bases which means that a given identifier’s data may be erased and truly forgotten.
KERI has a decentralized secure root-of-trust based on cryptographic self-certifying identifiers. It uses hash chained data structures called Key Event Logs that enable ambient cryptographic verifiability. In other words, any log may be verified anywhere at anytime by anybody. It has separable control over shared data which means each entity is truly self-sovereign over their identifiers.
KERI is designed for high performance and scalability. It is compatible with data intensive event streaming and event sourcing applications.
Key Management Infrastructure
One useful way of describing KERI is that it is a decentralized key management infrastructure based on key change events that supports both attestable key events and consensus based verification of key events.
Best of all KERI is open Apache2. It is a project hosted by the Decentralized Identity Foundation which operates under the umbrella of the Linux Foundation.
KERI uses best practices for key management which include a novel key rotation scheme called pre-rotation. This simplifies key management infrastructure. Pre-rotation is also post-quantum secure. KERI supports enterprise scalability features such as delegated identifiers that support hierarchical key management infrastructure.
KERI‘s design recognizes that It’s much easier to secure one’s own keys well than to secure everyone else’s internet computing infrastructure well.