The latest developments by the IOTA Foundation's Object Management Group to develop standards that drive interoperability and industry uptake of DLT-based solutions.
The most recent quarterly meeting of the Object Management Group (OMG) was in mid-June. In this update, we bring you the latest on the various standards-related activities that the IOTA Foundation is engaged in, as well as broader DLT-related activities at the OMG. The OMG approved two date extensions: for the RFI on disposable self-sovereign identities and for the Linked Encrypted Transaction Streams RFP, for which the IOTA Foundation is submitting a response. Items discussed this quarter include these two items along with an update of the overall IOTA Protocol standards proposal (based on IOTA 2.0 Coordicide), RFIs for smart contracts and digital currency, and overall reference architecture and governance matters.
Following the most recent Quarterly Meeting of the Object Management Group (OMG) in June, it is time for another update on the status of our standardization activities at the IOTA Foundation.
At the OMG meeting, a number of deadline dates were extended, new ideas and insights on distributed ledger and blockchain generally were discussed, and the IOTA Foundation was able to update the OMG on the current state of our work on the IOTA Protocol and on IOTA Streams. We gained valuable feedback from the OMG community on these activities, along with offers of assistance.
In addition to the OMG, we also continue to engage with other standards bodies including The Institute of Electrical and Electronics Engineers Standards Association (IEEE), TangleEE, Trust over IP Foundation, and the World Wide Web Consortium (W3C). At W3C we have successfully submitted a new Decentralized Identifier (DID) Method for IOTA to the W3C DID Repository.
A recurring theme at this quarter's OMG meeting was governance for distributed ledgers. This is reflected in the OMG's Distributed Immutable Data Objects (DIDO) Reference Architecture, as well as being the focus of a number of activities in the IEEE and the Industrial Internet Consortium (IIC).
The IOTA Protocol
The IOTA Foundation will be submitting the protocol for the IOTA Tangle to the OMG as a Request for Comments (RFC) later in 2021. This submission will be based on the Coordicide work carried out by IOTA Research, also known as IOTA 2.0. This will be submitted at the point when no further breaking changes are anticipated for the IOTA 2.0 protocol.
The IOTA Protocol RFC covers all of the knowledge that is required to successfully create an IOTA Node implementation.
Since we last spoke with the OMG, the current research specifications have been made available to the public in their current draft form. These can be seen on GitHub.
At the OMG we gave an overview of these latest specifications and our plans for packaging these into a formal RFC document. We received valuable feedback on this, including a detailed discussion on the potential use of the OMG Data Distribution Service (DDS) standard both for the IOTA Protocol and in the LETS Request For Proposals (RFP) submission (see below).
We also had a detailed discussion on how a future IOTA Protocol would support nodes that are running different transport protocols. This may not affect the initial IOTA 2.0 RFC submission but future iterations of the protocol that are designed to support multiple protocols for nodes on the same network will need to address these questions.
The IOTA Foundation is preparing a submission in response to the OMG's Request for Proposals (RFP) for Linked Encrypted Transaction Streams, the LETS RFP. This response embodies the IOTA Streams framework and the Data Description and Modification Language (DDML) that forms part of that framework.
The deadline dates for responding to the LETS RFP have been extended by one quarter. This gives us more time to complete our formal submission. As a result, we were able to present an initial draft and overview of our LETS submission and get some valuable feedback from OMG experts on this. We are structuring our response in such a way that different ways of providing linked encrypted messages (including the SKALY Freighter protocol) can assert conformance to the relevant parts of the proposed specification.
IOTA Streams defines an overall framework from which developers can define a local protocol for streams-based messaging. This means that the detailed protocol that is used by an actual application (such as the IOTA Channels application) is not fully defined in the standard. Instead, the proposed standard sets out how to define such a protocol. This is unusual for a standard and will require careful review and vetting by the OMG, in order to ensure that the standard as written is complete and implementable, these being requirements for any standard. The pay-off is in the level of flexibility that developers will have in designing messaging solutions to sit on top of the Tangle or on other distributed ledger technologies (DLT), and on non-DLT transport layers.
We have divided the LETS specification into separate logical and conceptual components to support the different ways this standard can be used. The part based on IOTA Streams specifically uses a 'sponge' construction. We went over the details of this with the relevant OMG task force.
The proposed LETS specification (RFP response) describes how the LETS solution can be described in architectural terms, as a Layer 2 protocol on top of a transport layer, where that transport layer may be the Tangle, another blockchain or DLT, or a separate kind of protocol layer altogether, such as TCP/IP. The OMG meeting discussed how the OMG's DDS standard fits into this architectural picture. DDS covers different concerns to Streams itself (and therefore LETS), so that for example an application may use DDS but not LETS, LETS but not DDS, or both.
We received some valuable feedback on the architectural views in the LETS specification. At least one OMG member firm is keen to help us with this submission, working alongside the IOTA Foundation on these documents. This will help to improve our submission and smooth the journey towards final certification of the LETS standard.
On Self-sovereign identity (SSI), IOTA maintains an Identity offering that conforms with the W3C Decentralized Identifiers (DID) standard for self-sovereign identity. To support this, we have submitted a new DID Method for IOTA to the W3C DID Repository.
In brief, an SSI is an arrangement whereby individuals can present something with which to formally identify themselves, along with additional credential information for services or other rights, without having to show personal information to whoever they are identifying themselves to. This is done by having a trusted third party who does see the individual's information, and who then issues the identification material (for example as a QR code or other unique code) that can be checked by whatever entities the individual needs to identify themselves to.
The use of DID itself by IOTA Identity requires no further standardization activity at the OMG. The OMG has been looking into a proposal for Disposable SSIs that extends this. Disposable SSIs are identities maintained as described for SSI, but which are disposed of as soon as a given user context no longer applies, for example for a particular journey or medical treatment. IOTA is exploring this approach as part of our ongoing collaborations in healthcare and elsewhere.
As described in previous updates, the OMG has released an RFI about this idea. The aim of this RFI is to determine whether or not there is something that would benefit from the OMG issuing a standard (via the issue of an RFP), and whether there is a business interest and potential implementation of such a standard. For example, it could turn out that this was just a different way of using the existing standards.
The IOTA Foundation submitted a response to this RFI and we spent some time at the OMG meeting looking at that response. The IOTA response identified a number of interesting features, including how to formally define the context since any disposable usage is not about simply throwing the identifier away, but about the context that holds while that SSI remains active. Tied to this, the IOTA response also talked about the notion of personas and about the way that the Disposable SSI would mean that people can decide to use different trusted third parties as the issuers of SSIs for use in different contexts.
Another intriguing possibility is the use of the Tangle or other DLT network itself as the trusted third party so that there would be no reliance by the individual on any specific organizations or entities as the issuers of their SSIs. We received a detailed presentation from the TWINDS Foundation, describing this kind of contextual SSI solution using the DLT as the third party, with detailed considerations of verifiability, privacy, disposability, and new ways of thinking about identity itself.
We had a lively and far-reaching discussion around this, addressing the question of whether there is something that could be standardized over and above the W3C DID standard. The conclusion was that there were at least two or three distinct matters that could form the scope of future standards. These include how to formally define context (including layers of context), definition of user personas for different interactions, statefulness of SSIs in the context of these usage scenarios, disposal verifiability, and so on.
We also touched on broader social and legal questions that are addressed by this new approach. While these considerations do not feed directly into standards proposals, they give a strong indication of the social significance of support for standards for this usage and potential real-world uptake for disposable SSI-based solutions.
The OMG voted to extend the deadline for responses to the Disposable SSI RFI until mid-September (just before the next quarterly meeting). This will allow for formal responses to the RFI from TWINDS and from others we talked about, such as the REFLOW initiative (read more here).
It is also possible for anyone else to respond to this RFI, including others within the IOTA Foundation and our wider community, and people can respond to an RFI as many times as they like. There is no OMG membership requirement for responding to an RFI. We would encourage anyone who can to respond to this RFI.
In the September Quarterly Meeting, we will look at all the responses and set about creating one or more RFPs to define key standardizable features of this kind of solution.
In the longer term, the OMG is looking at other aspects of DLT that can be standardized, including for example oracles, exchange/currency considerations, smart contracts, and so on.
The first of these we are focusing on is smart contracts. The IOTA Foundation has an offering that makes a good point of reference for defining smart contract standards. Given the innovative nature of IOTA and the Tangle, IOTA Smart Contracts also have features that may not be needed in other smart contracts, including some interesting approaches to interoperability. Interoperability has been a recurring theme (and pain point) for many OMG member firms that deal with complex supply chains, including aerospace and retail.
The OMG will start by issuing an RFI with a view to determining, from any responses we receive, whether there is something that (a) needs to be standardized and (b) is not already covered in other existing standards, in this case including standards defined in the Ethereum ERC ecosystem.
Work on the OMG Smart Contracts RFI is quite far along, but we were not ready to formally issue it at this meeting. As with many RFIs, we first try to figure out what we should already know that does not require industry responses, and from that we draw up a list of things we should ask from industry and end-users, to determine whether there is a need for any standards and if so, what these would cover. If there is, we would then issue an RFP – possibly as early as December, assuming we are able to issue the RFI in September.
Once the RFI is complete we expect the IOTA Foundation to submit a response, and depending on what RFPs the OMG comes up with (if any) we would also expect the IOTA Foundation to be able to submit a potential response to a smart contracts-related RFP, either alone or alongside other OMG member firms who may have an interest in this.
This does not stop the IOTA Foundation from also submitting proposals into the Ethereum ERC RFC system or elsewhere as well, for features where that would be more appropriate.
Over in the Finance domain at the OMG, we have been working on an RFI for digital currency. The aim of this is to understand the digital currency space generally, either to provide definitions and detailed knowledge to the OMG's working group on Central Bank Digital Currency or, if applicable, to consider issuing requests for potential standards in that space.
As a term, ’digital currency’ defines all types of currency that may be considered as digital, whether or not these relate to cryptocurrency, and whether or not they are issued by central banks. We assume that central bank digital currencies may or may not be crypto-based and this RFI aims to explore all these variables and alternatives.
As with the smart contracts RFI, we are still at the point of figuring out what we know in order to determine what to ask of people in industry, and who to ask. This RFI is in draft form and was not ready to issue in the June quarterly meeting, but we are hoping to be able to put it out in the September meeting cycle.
Vocabulary and concepts
One outcome of the RFI discussions, both on smart contracts and on digital currency, was the realization that there is a need for some kind of knowledge resource in these areas. This includes but goes beyond cryptocurrency and distributed ledger solutions. What we really need is something like a formal vocabulary, but going beyond simply the meanings of words and digging into the meaningful concepts themselves. As many of our readers know, several words have refined or even different meanings in blockchain and DLT than they do in broader usage (for instance the 'ledger' in DLT goes beyond the definition of ledgers in general ledger accounting). Conversely, there are a lot of interesting concepts that are defined in the financial industry, such as pools of liquidity, that have a specific application in the crypto economy.
The OMG is working to articulate not only shared vocabularies, but 'conceptologies' (not a real word!) across the OMG, including areas of overlap between blockchain, finance, and government domains. We call the formal definition of concepts in this way an 'ontology', and these ontologies can be linked logically, mapped to by different words in different usage contexts, and referenced to data to address integration and application development problems.
As part of last year's RFI work on interoperability, we identified the need for formally defining the concepts around DLTs. The people responsible for the DIDO Reference Architecture have been working on a DIDO Command Line Interface (DIDO CLI) initiative, which has the by-product of formally defining most of the concepts describing a digital ledger ecosystem. Detailed presentation and discussion of this took place at the quarterly meeting and we anticipate integrating this work into the ongoing terminology and ontology work described above.
A recurring theme in many of these discussions has been DLT ecosystems governance. Standards perform a key role in governance, and many general standards have a role in DLT governance (for example ISO 9000). There are also many DLT-specific governance challenges, in particular how to ensure quality and consistency in a fully decentralized DLT.
The OMG's Distributed Immutable Data Objects Reference Architecture (DIDO RA) covers many of these concerns and includes a list of applicable standards for governance. This RA was revised and reissued at the June quarterly meeting and is available to OMG members, including anyone at the IOTA Foundation.
Much of the recent focus in the standards world has been on gathering knowledge and refining our knowledge in order to identify where there are things that may be standardized in ways that benefit the DLT world as a whole. This includes explorations at the OMG, IEEE, IIC, and elsewhere on architectural views, formal concept definitions, and DLT governance considerations. Formal standards are a core part of governance and will be vital for interoperability, which will then enable further industry uptake of DLT-based solutions in supply chains, the Internet of Things, and so on.
Understanding these architectural and definitional issues will also improve the standards themselves, as we saw with discussions across the OMG community on our current draft for the IOTA Protocol and for the LETS RFP response for messaging. Any standard needs to be complete and implementable, and needs to make use of and reference to other standards wherever possible, never re-inventing in one standard something that is already covered in another.
The IOTA Foundation fully embraces standardization and the broader focus on quality and governance that this brings. Our internal document controls are being continuously improved, as can be seen from the recently released research specifications. We have developed an innovative approach to governance that supports maximum flexibility in the early exploration stages of each IOTA initiative while introducing detailed change management and formal written specifications at the point where each offering is mature enough to be put forward for standardization.
The OMG has extended the deadlines for Disposable Self-sovereign Identity RFI responses and for submission of a response to the LETS RFP. This puts the IOTA Foundation in a strong position as we submit our proposed specifications and enables us to influence the standardization of different aspects of the overall DLT ecosystem going forward.