The document provides biographies for Scott Perry and Drummond Reed, who are experts on blockchain and digital trust. Scott Perry has extensive experience auditing public key infrastructure and blockchain networks. Drummond Reed has 20 years of experience in internet identity and has held leadership roles in standards bodies and blockchain foundations. The document then covers topics related to defining trust, attributes of trust, risks to digital trust, and the components and governance of blockchain trust frameworks.

2. Scott Perry CPA, CISA
Principal – Scott S. Perry CPA, PLLC
Audit Expertise
CISA since 1992
Owner of one of seven US WebTrust Firms
Auditor/Advisor of DigiCert – one of the
largest CAs
WebTrust Auditor of the US GSA and DoD
Big 4 Background – 25 + years in industry
PKI Audit SME
Blockchain Expertise
Member, Sovrin Governance Working Group
Author, Sovrin Trust Assurance Framework
Task Force Member – Payments and Compliance
Board of Advisors - CU Ledger
Governance Advisor – Corda and Corda Foundation
Advisor - Evernym

3. Drummond Reed
Chief Trust Officer - Evernym
Expertise
20 Years in Internet Identity
14 Years (all 29 instances) of Internet
Identity Workshop
15 Years in Internet Identity Standards
W3C
OASIS
IETF
OpenID Foundation
Hats
Chief Trust Office, Evernym
Trustee, Sovrin Foundation
Chair Sovrin Governance Framework
Working Group
Principal Investigator, U.S. DHS DID and
DKMS Projects
Co-Editor, W3C DID Spec

4. Topics
The Definition of Trust
Attributes of Digital Trust
Unique Attributes of Blockchain Trust
Novel Applications for Blockchains
Components of the Blockchain Trust Stack
Q&A

5. Definition of Trust
Miriam Webster:
“Assured reliance on the character, ability, strength or truth of
something or someone”
Associated Terms
HOPE, CREDIT, CARE, CUSTODY, BELIEVE, DEPEND
My Definition:
Predicted level of confidence in an attribute’s occurrence

6. Attributes of Trust
• Context
• Perception of Risk
• Calculated Vulnerability
• Benefit Value
• Established Reputation or Track Record
• Demonstrated Competence
• Foundational Optimism
• Underlying Motivation

7. Risks to Digital Trust
Human Frailty
Systems Development Life Cycle
Hardware Failures
Network Failures
Bad Actors
Criminal
Espionage
Corporate Competitiveness

8. AICPA Digital Trust Principles
Security
Availability
Confidentiality
Privacy
Processing Integrity

9. Trust Criteria
Procedures
&
Operations
Information
Technology
Criteria Accreditation Body
TRUST
F
R
A
M
E
W
O
R
K
Vendor
Attest
Standards
Attest
Criteria
Audit Accreditation
Body
Auditor
Accredits
Applies
Provides Evidence
Asserts Compliance
Creates
Attest
Guidance
C
r
e
a
t
e
s
U
p
d
a
t
e
s
Evaluates
Relies Upon
Issues TrustMark/Seal
Oversees
Referential Trust Model
Users

10. What is a Blockchain?
• Database
• Records Cryptographically Linked
• Redundant Copies Replicated among Stewards /
Nodes
• Consensus Protocol – Who gets to write a new
record
• Ability to execute automated processes using
Smart Contracts
• Can interoperate with Digital Currency

11. Digital Trust Attributes of Blockchain
Networks
Immutability
Non-repudiation
Zero-Knowledge Proof
Redundancy
Availability

12. The Hyperledger Greenhouse

13. Bruce Schneier Comments on Trust
2018 Hyperledger Conference
“Blockchain shifts trust in people and institutions to
trust in technology”

14. Bruce Schneier Comments on Trust
February 2019 Blog
(https://www.schneier.com/blog/archives/2019/02/blockchain_and_.html)
• What blockchain does is shift some of the trust in people and
institutions to trust in technology. You need to trust the
cryptography, the protocols, the software, the computers and the
network. And you need to trust them absolutely, because they're
often single points of failure.
• Blockchain doesn't eliminate the need to trust human institutions.
There will always be a big gap that can't be addressed by
technology alone. People still need to be in charge, and there is
always a need for governance outside the system.

15. Novel Uses for Blockchains
• Provenance
• Diamonds
• Title
• Assets
• Supply Chain
• Stored Value
• Cryptographic Token
• Stored Value – Mileage Points, Timeshare Exchange
• Transaction Record
• Financial Exchange
• Books of Record
• Self Sovereign Identity
• Verifiable Credentials

16. SSI in a nutshell
16

17. The Self-Sovereign Identity (SSI) Model
Blockchain
Connection
Digital Wallet
w/ Private Keys
& Credentials
Digital Wallet
w/ Private Keys
& Credentials
Your Agent Peer Agent
Public Key Public KeyDIDDID
Solves the decentralized PKI (public key infrastructure) problem for
verifying digital signatures on digital credentials

18. The Verifiable Credential Trust Triangle

19. Holder/
Prover
Issuer Verifier
Verifiable
Credential
Proof
Trust
Blockchain
Public KeyDID
Write Read
Sign
✗No integration needed!
Verify
The Verifiable Credential Trust Triangle

20. Displays Audit Accreditor
Credential
Policies &
Procedures
Information
Technology
Governance Authority
TRUST
F
R
A
M
E
W
O
R
K
Trust Anchor
Accreditor
Standards
Attest
Criteria
Audit
Accreditor
Auditor
Accredits
Applies
Provides Evidence
Asserts Compliance
Creates
Attest
Guidance
Evaluates
Relies Upon
Issues Auditor Credential
Oversees
Level 3
Criteria
Level 2 Criteria
Level 1 Criteria
Credential Registry
Issues Trust Anchor and
Credential Registry Credentials
Displays Auditor
Credential
Displays Trust Anchor Credential
Accredits
Issues Audit Accreditor
Credential
Creates
Updates
Issues Credentials
Complianc
e Reports
AssertsCompliance
Applies
Referential Trust Model
Blockchain Referential Trust Model

21. Layer One:
DID Registries
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credentia
l
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
Trust
Anchor
Insurer
Governance
Authority
Auditor Auditor
Accreditor
Credential
Registry
Hardware
Developer
Software
Developer
Agency
Transaction
Author
Transaction
Endorser
Steward
DID
Method
DID Registry
DID
Method
DID Registry
DID
Method
DID Registry
Trust over IP Technology Stack Trust over IP Governance Stack
Network Governance Frameworks
Provider Governance Frameworks
Credential Governance Frameworks
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
Metasystem Governance Frameworks
Proof
Trust Over IP Stack

22. Blockchain Trust Layers
Governance
User
Data
Ledger
System
Centric
Human
Centric

23. Ledger Management Layer
Steward/Node Agreements
Consensus Protocol
Role of Validators and Observers
Blockchain Code
Compute Power
Network Availability
Fork Management

24. Data Management Layer
Read Access
Write Access
Tombstones
Smart Contracts
Token Management

25. User Management Layer
Permissioned / Permissionless Systems
Trusted Roles
Administrators
Users
IAM Systems
Enrollment
Provisioning

26. Network Governance Layer
Risk Assessment / Management
Trust Criteria
Policies
Procedures
Trust Principles
Voting Protocol
Audit / Accreditation
Warranty / Insurance
Legal / Regulatory

27. History Repeating Itself?
Age of the Internet
• Internet Service Providers
• America Online
• CompuServe
• EarthLink
• Communication Innovators
• Modem
• DSL/Satellite/Cable
• Browsers
• World Wide Web
• Mosaic
• Netscape Navigator
• Communications Protocol
• TCP/IP
Age of The Blockchain
• Blockchain Networks
• Sovrin
• Corda
• BitCoin
• Communication Innovators
• 5G
• Fiber Optics
• SmartPhone
• Digital Wallets
• Phone Apps
• Smart Contracts
• Communications Protocol
• Trust Over IP

28. Blockchain Training Courses
on sight…
Exam and certification fees will be included in the training price.
www.pecb.com/events

29. THANK YOU
?
scott@scottperrycpa.com https://www.linkedin.com/in/scott-perry-1b7a254/
Drummond.reed@Evernym.com https://www.linkedin.com/in/drummondreed/