The Problem With the New Online Identity Model (and What It Needs)

14Eh...h7Lv
28 Jul 2025
66


Across Europe, the transition to digital identity is already mandated. In March 2024, the European Parliament passed Regulation (EU) 2024/1183, requiring all member states to provide citizens with a Digital Identity Wallet by 2026. That means, an interoperable architecture that works across borders, industries, and services - from public administration to telecom and financial services.

The most important thing to note here is that the regulation is not optional. Large companies operating in regulated sectors (banks, utilities, telecoms) will be legally required to accept this wallet for strong authentication by 2027. (EU Regulation - CELEX 32024R1183)

Initially, this seemed like the long-awaited answer to fragmented logins and identity duplication. But then we couldn’t ignore the elephant in the room: these wallets are still fundamentally centralized systems. They depend on government-issued credentials and traditional OpenID infrastructure. For all the talk about user control, the architecture remains based on trusted third parties.

That’s exactly the issue that Web3 has been trying to address with decentralized identifiers (DIDs), self-sovereign credentials, and cryptographic ownership. But as of now, Web2 identity systems and Web3 identity protocols operate in parallel, unable to talk to each other.

What this further implies is that your blockchain-based credentials mean nothing to your bank, and your official national eID is useless in decentralized ecosystems. This is both a major usability and interoperability problem.

Developing Real Bridges


A privacy-centric bridge can mitigate fragmentation by aggregating different identities and improving user experience.

But there is hope and some real progress underway. The OpenID Foundation, the group behind login standards used by Google, Microsoft, and countless public services, has been working on OpenID for Verifiable Credentials (OpenID4VC). These are extensions of existing authentication protocols designed to support W3C Verifiable Credentials and Decentralized Identifiers (DIDs).

In 2023 and 2024, the foundation ran multiple interoperability trials - most notably during the OpenID4VC SIOPv2 & OIDC4VP Interop event. Participants included private wallet providers, national government prototypes, and public services. The results showed successful issuance and verification of decentralized credentials across different platforms. (OpenID Foundation Interop Results)

Meanwhile, academic researchers like Felix Biedermann and team published peer-reviewed findings on bridging OpenID Connect with SD-JWT and DIDs. Their 2025 paper points out a method to create selective disclosure credentials, combining cryptographic privacy with practical authentication—a necessary step for any real-world DID integration. (arXiv preprint – "A Privacy-Preserving Bridge between OIDC and DIDs")

At the EU level, the POTENTIAL Consortium has also been running large-scale pilot programs to test Digital Identity Wallets across multiple countries. These pilots have focused on use cases such as mobile driving licences, SIM card registration, and cross-border diploma verification. (European Commission – POTENTIAL Pilot Project)

So Why Isn’t This Working for People?


The reality is, every party is building their own version of identity - on their own terms. National wallets serve governments. Web3 wallets serve privacy-focused users and dApps. Corporate ID frameworks serve platforms and advertisers.

But none of these systems are designed to give users full control across contexts. If you own a national wallet, you don’t control the issuance process. If you own a Web3 wallet, you lack legal recognition. Beyond the technology involved and required this is actually a matter of political trust, institutional inertia, and usability gaps.

The Practical Advantage of STR.Domains


So, basically, what’s missing is a cryptographic identity layer that works across both worlds. Something that gives the user control, but still integrates with legacy infrastructure.

STR.Domains, developed within the SourceLess ecosystem, is one such solution. It creates a self-custodied, portable digital identifier that:

  • Can be tied to on-chain reputation and credentials
  • Connects to both DID-based services and OpenID Connect systems
  • Is not issued by a government or platform, but by the user themselves
  • Can serve as the root identity for AI agents, cross-border services, and future authentication models


In plain terms: you register your identity once, own the keys, and decide how and where to present it - whether logging into a national digital service, verifying your qualifications to an employer, or delegating access to an autonomous AI agent.

The technical protocols exist, the legal frameworks are forming and the crisis is already visible. The only thing missing is a working implementation that respects the user.

Wrapping up…


Ultimately, digital identity is about power.

The first thing to realize here is that in the world being built around us, one of interoperable wallets, AI-driven agents, and borderless data flows, who controls your ID defines who controls your access.

The second thing to realize is that we need a digital identity that moves with us, speaks to all systems, and can't be revoked by anyone but ourselves.

That’s what STR.Domains is designed for - a connective tissue the current systems lack.

Learn more about the SourceLess ecosystem and the technologies built around STR.Domains - a self-owned digital identity at the core of the new web
sourceless.net

BULB: The Future of Social Media in Web3

Learn more
Enjoy this blog? Subscribe to SourceLess

0 Comments