The anchor is the DID itself, no? Attestations relating to KYC should come in the form of a Verifiable Credential that are controlled / issued to that DID (hopefully) as opposed to a simple signed message by a DID relating to some other entity.
That's what I am saying. Microstrategy has to sign the DID to attest for it. Anyone can create DIDs.
Discussion
The DID anchors all signed packages by the key defined inside of it. But the DID doesn't create "Trust". Spammers can have DIDs that anchor all of their messages that you can verify. But the "Trust" only comes when you verify the did (or a VC, like you said) from an entity that you already Trust.
A Trust "Anchor" is then the master entity whose all trust derives from. Sure, you can have many Trust Anchors, but the Orange Check is specifically marked as Microstrategy's anchor keys.
There is no way to have only one Orange Check for multiple Trust Anchors, since their trust-verifying methods can be completely different from one another. And if they are all the same, then it is almost as if there are all derived from an invisible Trust Anchor. A Trust Cartel if you want.
Yes, agree, ty. The goal (and current gap in this space, IMHO), is around your last point and deriving an open trust model / framework that would enable others to make similar (if not the same) "verified" attestations about other DIDs.
I personally think this is a novel concept (putting the entire DID Doc on-chain), and I'm confused why people are shitting on it. Many are quick to espouse anti-kyc blah blah (and they're not wrong), but at the same time identity is broken and we need to find a way forward. DIDs and VCs are the obvious answer, and will return consent and sovereignty to individuals when it comes to the storage and utilization of their PII.