No, you're combining the notion of a DID and a Verifiable Credential. A DID by itself proves / attests nothing. A DID is not KYC. Lots of misunderstanding here.
Saylor is trying to create a trust anchor. But since anyone can create their own DID:BTC without Microstrategy's approval (lots of spam), the anchor must be Microstrategy's KYC platform.
Microstrategy will have select DID:BTCs they have approved and probably KYCed to receive the Orange check. This means, Orange check verifiers must not only check the DID Document but verify if the DID itself was signed by Microstrategy's master key.
Like nostr:nprofile1qythwumn8ghj7un9d3shjtnwdaehgu3wvfskuep0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgawaehxw309ahx7um5wghx6at5d9h8jampd3kx2apwvdhk6tcqyqzvj9w6alhrsvtl5u6ygjkwuwg2sf5lukqskgjpuhnd6dpal0kvjr7awa6 would say: ORANGE CHECKS ARE JUST BLUE CHECKS FROM A DIFFERENT COMPANY.
Discussion
That's what I am saying. Microstrategy has to sign the DID to attest for it. Anyone can create DIDs.
The anchor is the DID itself, no? Attestations relating to KYC should come in the form of a Verifiable Credential that are controlled / issued to that DID (hopefully) as opposed to a simple signed message by a DID relating to some other entity.
The DID anchors all signed packages by the key defined inside of it. But the DID doesn't create "Trust". Spammers can have DIDs that anchor all of their messages that you can verify. But the "Trust" only comes when you verify the did (or a VC, like you said) from an entity that you already Trust.
A Trust "Anchor" is then the master entity whose all trust derives from. Sure, you can have many Trust Anchors, but the Orange Check is specifically marked as Microstrategy's anchor keys.
There is no way to have only one Orange Check for multiple Trust Anchors, since their trust-verifying methods can be completely different from one another. And if they are all the same, then it is almost as if there are all derived from an invisible Trust Anchor. A Trust Cartel if you want.
Yes, agree, ty. The goal (and current gap in this space, IMHO), is around your last point and deriving an open trust model / framework that would enable others to make similar (if not the same) "verified" attestations about other DIDs.
I personally think this is a novel concept (putting the entire DID Doc on-chain), and I'm confused why people are shitting on it. Many are quick to espouse anti-kyc blah blah (and they're not wrong), but at the same time identity is broken and we need to find a way forward. DIDs and VCs are the obvious answer, and will return consent and sovereignty to individuals when it comes to the storage and utilization of their PII.