SovereignID.io enables portable, verifiable identity with Decentralized Identifiers (DID), Verifiable Credentials, Zero-Knowledge Proof via AnonCreds, DIDComm v2 secure messaging and cryptographic revocation. Credentials are issued once, held by the owner, and verified anywhere without exposing raw personal data.
In simple terms: instead of every company keeping copies of your documents, a trusted issuer gives you a digital credential. You keep it in your wallet and decide what to prove. A bank, government agency or company can verify the proof instantly without seeing everything about you.
The holder controls the credential. Banks, agencies and enterprises receive a cryptographic answer, not a copy of documents. This changes identity from a repeated cost center into a reusable trust asset.
Traditional KYC can cost R$80–150 per customer and take days. With a portable identity credential, a verified customer proves identity, risk level and income bracket in minutes, without resending documents to every institution.
One verified credential can support Open Finance onboarding, credit pre-qualification, procurement access and public services.
Verifiers receive proof transcripts and predicates, not salary, CPF, address, full score or document images.
Credentials are verified offline against ledger material, reducing calls to fragile source APIs during peaks and audits.
Cryptographic signatures, revocation registries and non-replayable proofs replace PDFs, screenshots and manual certification checks.
The architecture proves eligibility while collecting the minimum necessary information, reducing breach surface and compliance exposure.
SovereignID.io operates below authentication portals and enterprise IAM systems as a cryptographic trust layer. It does not store personal data. Issuers publish schemas and public verification material on-ledger; holders keep credentials in their own wallets; verifiers receive only the proof they asked for.
Predicates such as “income bracket is eligible” or “license is active” are proven mathematically, without revealing salary, address or full documents.
One credential can be reused across agencies, banks, councils and enterprises, replacing repetitive KYC, manual checks and fragile API dependencies.
Every trust operation is independently verifiable through DID, schema, credential definition, revocation registry and immutable proof transcript.
A proprietary ledger architecture inspired by Hyperledger Indy, combining open DID/VC standards with commercial SLAs, sovereign deployment options and regulatory customization.
Sovereign identity is not a login screen. It is a chain of cryptographic primitives that lets a person prove facts about themselves while keeping control of the underlying credential.
A decentralized identifier controlled by a cryptographic key, not by a central database row. It gives each person, issuer or verifier an addressable identity anchor.
The credential format used to issue and verify privacy-preserving proofs, including selective disclosure and zero-knowledge predicates.
The global data model for signed digital credentials. It makes credentials interoperable across institutions, wallets and verification services.
Secure peer-to-peer messaging between wallets, issuers and verifiers. It replaces email/PDF exchange with encrypted identity workflows.
Cryptographic signature and proof primitives used to bind DIDs, issuers and ledger transactions to verifiable keys.
The math that lets a wallet prove conditions such as “income is above X” without revealing the income value itself.
Revocation mechanism that proves a credential is still valid without exposing which credential is being checked.
Deployment model for governments and regulated enterprises that need sovereign control over nodes, keys, regions and operations.
A steward endorses issuer DIDs on-ledger. Private keys remain in the issuer HSM or wallet infrastructure.
Issuers publish schema vocabulary and ZKP public material, allowing verification without calling the issuer.
Holder receives a signed credential through DIDComm and stores it locally. The issuer never controls the wallet.
Verifier requests attributes and predicates; holder returns a proof transcript with selective disclosure and replay protection.
Accumulator-based revocation proves the credential is not revoked without correlating holder activity.
The verification outcome is auditable without collecting the underlying personal data.
Each vertical targets an expensive verification problem where cryptographic credentials reduce fraud, API load and personal-data exposure.
Passwordless access for HR and internal portals using DIDComm proof requests, including contractors and temporary credentials.
CRAS verifies “eligible / not eligible” without seeing salary, CPF or address. Eligibility predicates run on verifiable credentials.
Professional qualification verified in seconds, offline, without calling a professional council API during bid peaks.
Employment relationship, role, CBO, lotação and income bracket credentials for transfers, loans and public processes.
Identity verified once can be reused across Open Finance participants with ZKP over risk, PEP and KYC level.
Credit pre-qualification through income-bracket predicates. No raw salary, no document copies.
Borrowers prove “score ≥ 700” without exposing the score or its components, preventing cross-lender tracking.
CAR and EUDR compliance proof without exposing geolocation, supporting exporters, banks and ESG auditors.
Minimal medical credentials available offline by QR, with selective disclosure for sensitive conditions.
Diplomas and professional certifications verified in under five seconds without calling the issuing institution.
The current public demo environment runs on a GCP VM with a real Hyperledger Indy ledger, ACA-Py agents, FastAPI backend and 11 Gov.br-style portals.
Unified wallet and service hub for the sovereign identity PoCs.
Swagger API, health checks and ledger genesis/status endpoints.
e-Folha, HR management and web wallet demonstration.
Professional license, council issuance and procurement verification.
Citizen benefit proof and CRAS verifier with zero raw income data.
Employment, role, lotação and income-bracket credentials.
All demo links open in HTTPS. The public environment is intended for executive validation, technical demos and stakeholder workshops.
Government provides volume and regulatory urgency; financial services provide transaction value; councils, health, education and agribusiness provide repeatable vertical expansion.
12M+ public servants and 214M Gov.br accounts create a natural identity network.
Portable KYC and income proofs reduce onboarding cost and fraud in credit workflows.
42 Brazilian professional councils can become trust anchors and VC issuers.
CAR, EUDR, traceability and credit workflows need verifiable compliance without overexposure.
Commercial packaging combines SaaS APIs, SDK licensing, managed ledger nodes, implementation projects and revenue share on high-value verification events.
Issue, verify, revoke, ZKP proof, DID resolver, schema registry and webhook/SSE APIs. Pay-per-use plus monthly plans.
Mobile SDKs, web components, wallet SDK, DIDComm agents and enterprise developer tooling.
Managed ledger nodes, steward endorsement, revocation registries and tails infrastructure with enterprise SLAs.
Government, councils, finance, agriculture, health and education solutions delivered as repeatable accelerators.
GCP, AWS, Azure, OCI, Kubernetes, on-premises and sovereign deployment options.
Target NRR around 120%, gross margin around 74% by year 3 and enterprise LTV/CAC above 10x.
Talk to us about government pilots, council trust anchors, financial KYC portability, sovereign deployments and investment participation.
