Decentralized Credentials

Decentralized credentials are the only Web3 technology that has actually shipped in production, and you are likely ignoring them because the hype cycle demands something shinier. While crypto stumbles and the metaverse lacks legs, three massive organizations quietly deployed verifiable credentials that cut onboarding from days to seconds. The technology is already in production, and it maps perfectly to Davenport’s AI adoption framework, revealing how any new technology takes hold when the noise dies down.

The Broken Status Quo

Every organization currently issues, holds, and verifies credentials through centralized databases or expensive third parties, and the results are slow, frustrating, and dangerously vulnerable. The 2020 SolarWinds breach proved that stolen log-in credentials are a critical failure point, while employee onboarding costs an average of $4,129 and up to $40,000 for highly skilled workers. Decentralized credentials flip this broken model: the holder sits at the center of the system, controlling access instead of any central database owner. You control your own credentials via a digital wallet, sharing only what is needed so a pub verifies your age without ever seeing your address. Verifiers confirm credentials in seconds without contacting the issuer, and either side can terminate the connection at any time.

How the System Works

Four roles make up this ecosystem, but the holder is the only one who matters. Governing authorities set the rules for who can issue, hold, and verify, while issuers create and sign the digital credentials. Verifiers check that the proof is valid, but holders receive these credentials, present proofs to verifiers, and control who sees what. The technical flow is simple: the wallet creates a decentralized ID and establishes a peer-to-peer connection, the issuer signs the credential, the holder stores it locally, and the verifier pings a distributed trust registry to confirm only the issuer could have signed it. Private keys stay in the wallet, with no single point of failure.

NHS England

NHS England faced a nightmare of 1,200 independently operating hospitals, each with its own HR systems and over a million staff transfers per year. Each transfer required days of verifying diplomas, training certificates, licenses, and background checks, costing doctors in training millions of pounds in lost working time per month. In 2019, NHS England convened a center of excellence to solve this, bringing together the General Medical Council, hospitals, and technology providers. They adopted the W3C verifiable credential standard and built on the Sovrin Network, launching the COVID-19 Digital Staff Passport as a quick win in the summer of 2020. HR at the exiting hospital downloads the wallet onto the employee's phone, sends a peer-to-peer connection request, and loads credentials stating this person is an employee of this hospital with vetted credentials for X, Y, and Z. By November 2022, 105 NHS organizations had registered with an estimated 1,000+ employees onboarded, proving that technology deployment requires human effort. HR is doing the change management.

British Columbia

British Columbia faced a different version of the same problem where "online services" meant emailing copies of registrations, raising fraud and identity theft risks. The team was small, and they hit a practical problem immediately: millions of business registrations made search slow. They launched a CA$50,000 open-source competition to build an enterprise-grade wallet, and OrgBook launched in 2019 letting anyone search verifiable business registrations. They also piloted credential-based lawyer verification where the Law Society issues membership credentials and the Justice Services Branch verifies. In September 2022, BC deployed its own digital wallet as a soft launch, viewing verifiable credentials as critical government infrastructure. The smart move was starting with public-domain data — business registrations are public record, which let them sidestep the privacy minefield while proving the technology works.

Bonifii

Bonifii tackled proof of membership for 70 US-based credit unions burdened by 2-3 step authentication while scammers sent fraudulent texts. Working with three credit unions and a technology provider, they built MemberPass on the Trust Over IP Foundation and FIDO Alliance principles. The credential was kept brutally simple with just three fields: member ID number, credit union name, and membership activation date. They recruited members at branches first, then enabled phone enrollment, and by Q2 2021, seven credit unions and 22,000+ members had downloaded the wallet. By Q1 2022, ten credit unions and adopters had increased fivefold, allowing members to use MemberPass in person, at ATMs, through call centers, and online. Start with three fields.

The Adoption Pattern

The adoption pattern is identical to Davenport's AI framework, which argues you must build a center of excellence, start small, prove value fast, and then scale. Davenport suggests understanding the tech, creating a portfolio, launching pilots, and scaling up, while Lacity argues you must convene ecosystem partners, pick one credential type, pilot with a subset, and scale to the full population. The key difference is that decentralized credentials require an entire ecosystem to adopt, not just one organization, making it a fundamentally harder problem. Five adoption insights emerge from these three cases, starting with the fact that issuers are best positioned to lead adoption. When the same organization is both issuer and verifier, recruitment effort drops significantly, and you must make adoption voluntary and easy by recruiting at the point of service, not through email campaigns. Interoperability is the looming challenge because all three used Sovrin as the only network available at the time, and now 100+ competing networks exist, risking a replacement of a plethora of passwords with a plethora of wallets. Standards from W3C, Trust Over IP, and FIDO must converge, and governments may need to lead — the parallel is the US government funding the early internet.

Why Not Just Centralize

Why didn't they just centralize? At NHS, integrating and centralizing HR records from 1,200 independently operating hospitals would be technically and politically prohibitive. In British Columbia, provinces are the authoritative issuers of credentials, so a centralized solution would not be appropriate. At Bonifii, credit unions are independent, and no single entity could or should centralize identity for 70 separate institutions. Decentralization wins when centralization is politically impossible, and when independent entities won't cede control to each other, they need a peer-to-peer model.

The Parallel to Agent Observability

Decentralized credentials and agent observability share the same structure. Decentralized credentials sit between issuers and verifiers, proving this person is who they say, while agent observability sits between agents and operators, proving this agent did what it should. Each grows in value with ecosystem adoption, each requires standards to interoperate, and each goes unnoticed when working while exposing every weakness when absent. Ecosystem adoption is a fundamentally harder problem than internal adoption because Davenport assumes one organization, one budget, and one IT team where politics exist but authority is clear. Lacity requires multiple independent organizations with no single authority where everyone must see value independently. You can mandate internal adoption, but you can only make the value so obvious that opting out hurts.

The article argues governments should invest in decentralized credentials as digital infrastructure, but the assumption of well-functioning governments has limits. Many of the people who need decentralized credentials most live under governments that have collapsed or turned predatory. The EU is building the European Digital Identity Wallet, and BC is building OrgBook, but for regions with political instability, displaced populations, or failed institutions, a wallet full of verifiable credentials becomes survival infrastructure. The adoption challenge is steepest precisely where the technology's promise is most profound. For Nyantrace, the same infrastructure lesson applies: the observability layer that agents need most is the one that is hardest to build across ecosystem partners, but that is exactly what creates a durable moat.