Please describe your proposed solution.

What is a DIDComm mediator?

For many, this is a new concept. So, before delving into the specifics, let's briefly discuss what a DIDComm is. DIDComm v2 is a messaging protocol that facilitates the secure transfer of messages from one wallet (or agent) to another. The specification for DIDComm v2 is about a year old and is rapidly becoming the standard for message encoding in the world of digital identity. Atala PRISM v2 implemented DIDComm in the spring of this year, using the protocol to send Verifiable Credentials from one wallet to another. Interestingly, DIDComm is just a base protocol, and the exchange of credentials is just one of its many potential use cases. Others could include text messaging or even file transfer. We have already implemented several of these protocols, and we will delve into more detail about them later. But first, let's answer the question: what exactly is a mediator?

To simplify it a bit, we can compare a DIDComm Mediator to an email server. To send an email from one client to another, you need at least one email server. For most people, this is a 'free' service (we all know what this implies). It means that someone is hosting an email server for you, and you connect to that service regularly to check for new messages. A DIDComm Mediator isn't much different. It is a hosted service to which you connect to receive your messages, such as your credentials. However, instead of using an email client, we connect with our identity wallet, which communicates using DIDComm instead of IMAP, POP3, and SMTP. Also, we use Decentralized Identifiers (DIDs) instead of email addresses. Therefore, if you want to send a message to someone else's wallet, you need the other party's DID. Resolving the DID into a DID-Document gives you the 'Endpoint' of the other party, to which you can send a message. This endpoint could be, for example, <https://mediator.blocktrust.dev/>, our current Mediator implementation. This ultimately means that everyone needs their own mediator if they use their own wallet, like our identity wallet at <https://blocktrust.dev/IdentityWallet>. There is a small exception to this rule: If you use a hosted cloud wallet, you might not strictly need one. However, using a hosted cloud wallet is akin to using Gmail. All your data, including your cryptographic keys, reside with a single provider. But really, who wants that?

The state of development

Given that DIDComm and DIDComm Mediators are relatively new concepts, there aren't many available implementations currently. The majority are indeed within the Cardano Ecosystem. It began with a project from RootsID, followed by our Blocktrust Mediator, and, as of a few weeks ago, the PRISM team is also developing a Mediator. So, why should a Mediator be funded when there are currently three implementations? The answer is simple: <u>all of them are in a proof-of-concept state</u>. Our team recently demonstrated the interoperability between our wallet, our mediator, a PRISM PoC app for chatting, and the RootsId wallet at the Internet Identity Workshop (IIW) in April this year. While these basic scenarios involving three different participants mostly worked, it's now time for the next step:

Moving into production.

A solution that functions most of the time isn't sufficient for a large user base consisting of hundreds, thousands, and hopefully even more users in the near future. The code needs refining to cover not only the happy path, ideal scenarios when everything works but also to provide useful assistance when things go wrong, such as when a message is incorrectly formatted.

Moreover, none of the current mediators feature a UI that allows users to view how many messages are stored for them or their tenants, or to determine how much space these messages occupy on disk. Currently, there is also no convenient method for backing up messages or transferring them to another mediator. While we often take these features for granted in email servers, existing DIDComm Mediators aren't there yet.

We'd also like to enable WebSocket connections to a Mediator, negating the need to constantly check for new messages.

Additionally, creating an open-access Mediator (i.e. using it without without any restrictions) isn't a viable solution for a production application. The ability to create and manage different tenants (i.e., users), allocate space and resources to them all through a UI and an API is essential. This will allow the construction of service offerings around a mediator, contributing to a maturing and competitive ecosystem.

Finally, all these developments need to be reviewed and undertaken in an open-source manner. You can view the code of our current implementation here: <https://github.com/bsandmann/blocktrust.Mediator>

The ultimate goal of this proposal is to create a mediator that someone could simply set up on their own server or in the cloud. Current implementations are still too complex to quickly and efficiently launch.

How does your proposed solution address the challenge and what benefits will this bring to the Cardano ecosystem?

A production-ready Mediator that is easy to set up is an important step towards a mature ecosystem.

Is is an required part of infrastructure for digital identity.

It aligns with other advancements in the ecosystem, such as the release of PRISM v2, the initial releases of Wallets (like RootsId Wallet, or the blocktrust identity wallet), and many other small building blocks.

A production-ready Mediator with support for setting up tenants could also potentially serve as a new service offering, thus creating a revenue stream for people or organizations (for example, StakePool Operators) that already host infrastructure for the ecosystem.

How do you intend to measure the success of your project?

Since this is an open-source project, we expect to measure success by the number of forks and downloads, as well as by the number of people hosting this mediator and offering it as a service to others and to wallets.

Please describe your plans to share the outputs and results of your project?

Blocktrust will keep the Cardano community informed about our progress by providing updates as we achieve each of our milestones on a monthly basis. We'll communicate through Catalyst progress reports, our dedicated Discord channel (<https://discord.gg/6UXrUY2HUk>), and videos that showcase the latest advancements and interoperability scenarios with different wallet vendors.

Occasionally, we might engage with the community in real-time during the Catalyst After Town Hall sessions to demonstrate the interaction between the Mediator and various wallets. These sessions will allow us to present our progress and gather immediate feedback. The already did that on several occasions in the past.

All the code will be open-source. We already have a GitHub repository for this project, which you can access here: <https://github.com/bsandmann/blocktrust.Mediator>. All project outputs can be found there.

Additionally, we'll continue to provide a hosted version of the mediator. You can find the current version at <https://mediator.blocktrust.dev/>.

What is your capability to deliver your project with high levels of trust and accountability?

Blocktrust has been an active participant in the Cardano ecosystem since early 2022, developing Self-Sovereign Identity (SSI) solutions using Atala PRISM from the start.

Over the past year and a half, we have not only built a proof-of-concept of our Mediator, but also a wide range of projects and libraries based on PRISM. Many of these are open-source, and all provide value. Some notable ones include:

• Identity Wallet for the Browser (<https://blocktrust.dev/identitywallet>)
• Analytics Platform (https://analytics.blocktrust.dev)
• Credential Builder (https://credentialbuilder.blocktrust.dev)
• A collection of open-source libraries for use with PRISM, which can be found here: <https://github.com/bsandmann>

Several of these projects, such as the wallet and the analytics platform, have been funded via Catalyst and are either nearing completion or awaiting the final report. Other projects have been completed due to ongoing interest in the ecosystem.

Looking at our reports or our blog, you'll see that we're consistently sharing videos, posts, new projects, and code. We plan to not only continue doing that but also to scale up our efforts by hiring at least one additional developer.

What are the main goals for the project and how will you validate if your approach is feasible?

The main goal is to provide a production-ready, open-source implementation of a DIDComm Mediator, complete with a user interface, WebSocket support, and the capability to handle multiple tenants, among other features.

To further simplify the process, we will offer a hosted instance of this Mediator, which will be free to use for at least one year to help grow the ecosystem.

The impact of this proposal can be measured using two metrics: interaction with the GitHub repository, as soon as a production-ready implementation is available, and the number of projects setting up their own Mediator Service for others to use, along with their integration into wallets.

Please provide a detailed breakdown of your project’s milestones and each of the main tasks or activities to reach the milestone plus the expected timeline for the delivery.

Milestone 1: Implement missing pieces of the protocols (1 month)

Planned Finishes: 2023-11-01

Acceptance Criteria: Progress report, providing the repository

Cost: 31,000 ada

Milestone 2: Implement Websocket connection to instant delivery (1 month)

Planned Finishes: 2023-12-01

Acceptance Criteria: Progress report, Interaction with the DIF user-group

Cost: 31,000 ada

Milestone 3: Adding an User-Interface (1 month)

Planned Finishes: 2024-01-01

Acceptance Criteria: Progress report, Video showing the UI for users

Cost: 31,000 ada

Milestone 4: Ressource allocation (1 month)

Planned Finishes: 2024-02-01

Acceptance Criteria: Progress report, Video showing the UI for admins

Cost: 31,000 ada

Milestone 5: Finalization, Hosting and Documentation (1 month)

Planned Finishes: 2024-03-01

Acceptance Criteria: Progress report, Video showing the complete project and providing documentation

Cost: 36,000 ada

Please describe the deliverables, outputs and intended outcomes of each milestone.

Milestones and completed deliverables:

Milestone 1: Implement missing pieces of the protocols (1 month)

• Explanation about what protocols have to be added / modified / hardened
• Implementation of the missing protocol features
• Creation of a interoperability test-suite for the supported protocols

Milestone 2: Implement Websocket connection to instant delivery (1 month)

• Adding WebSocket (SignalR) support for the live-delivery feature of the Pickup protocol (<https://didcomm.org/pickup/3.0/>)
• PoC integration of the Websocket connection also in the blocktrust identity wallet to showcase and test the feature

Milestone 3: Adding an User-Interface (1 month)

• Build a WebApp for the Mediator, so that a user can sign-in into his mediator (using the registered PeerDID and the PRISM onboard and authenticate feature).
• Interface to see the messages (still encrypted at this point), manage the connected PeerDIDs, see the used ressources and statistics for the messages

Milestone 4: Ressource allocation (1 month)

• Build a separate WebApp for Admins (as well as a API endpoints) to manage tenants (create, read, update, delete) for the integration with other management software (e.g. for handling payment and pricing tiers).
• Provide statistics for each tenant and the possibility to change the ressouce allocation for each tenant.

Milestone 5: Finalization, Hosting and Documentation (1 month)

• Provide a full documentation, so that everybody can setup up ones own Mediator instead of using hosted services
• Provide Docker images to be easily used for deployment in Azure / AWS or custom infrastructure

Please provide a detailed budget breakdown of the proposed work and resources.

Developer cost breakdown: 30 hr/week with 70 USD = 8,400 USD per month = 42,000 USD

Hosting costs for Milestone 1 to 5 while developing: with 100 USD per month = 500 USD

Operation for the rest of the year in production mode: 7 x 300 USD = 2,100 USD

Total: 44,600 USD =<u> 160,000 ADA </u>(~0.28 USD/ADA exchange rate)

Project team: (architecture, design, software development, testing, DevOps, community, project management, documentation):

• Björn Sandmann (Lead developer)
• Ed Eykholt (Development support)
• New Team Member (Development support)

The total workload is estimated at about 30 hr/week. Divided over three developers this leave plenty of room, to also push forward other blocktrust projects, community work, marketing and the ongoing technial support and maintainace of our digitial identity infrastructure.

Who is in the project team and what are their roles?

Björn Sandmann

10+ years of full-stack development with the .net Stack. Focused on identity and privacy solutions. PRISM Pioneer, Atala ASTRO, Plutus Pioneer, already funded proposals. Implemented all technical core functionality of products like the blocktrust analytics platform, the credential builder or the blocktrust identity wallet.

LinkedIn: <https://www.linkedin.com/in/codedata/>

Github: <https://github.com/bsandmann>

Role: Lead developer

Ed Eykholt

20+ years of software product and engineering team leadership. C# developer. Focused on blockchain and identity projects and products since 2015. Atala ASTRO. Working on PRISM related projects with blocktrust over a year.

LinkedIn: <https://www.linkedin.com/in/edeykholt/>

Github: <https://github.com/edeykholt>

Role: Development, UX-Design and Documentation

New Team Member

Blocktrust might hire or contract with an experienced full-stack C# developer to augment Ed and Björn's contributions. The project can still be successful without this additional person.

How does the cost of the project represent value for money for the Cardano ecosystem?

This project represents an investment that promises significant value to the Cardano ecosystem by eliminating the barriers currently hindering the widespread adoption of Self-Sovereign Identity (SSI).

It will help diversify the array of different mediators available and assist projects in hosting their messages independently, rather than relying solely on hosted services, or at the very least, enable them to evaluate different vendors.

Our deep understanding of and experience with the PRISM ecosystem, built over 1.5 years, ensure that we have a solid grasp of what is needed, and that we are capable of execution. Since we have already constructed a functioning, albeit basic, implementation of a mediator, we understand precisely what we are doing and can accurately estimate the required work.

We computed the effort in hours, and multiplied this by a below-market rate of US$70 per hour (applicable in both Germany and the USA) for our team's expertise. We then divided this by a recent Ada price of US$0.28/Ada. By doing this, the team is assuming downside risk if the price of Ada falls from that point.