Interviewer: Steven Milstein\ Interviewee: Phil Feairheller

Subtitles, Links table, Brief explanations: Henk van Cann

This footage is the topic of this file.


Terms are words used by Phil Feairheller, I provided a link to more explanation, mainly to the ACDC glossary. The point in the video where Phil mentions the term for the first time is called vidstart, the level of understanding at which this term might need explanation, and finally a brief explanation in field text of the term in the first column.

Scroll table to the right

To get to the links and other columns of the table you might need to scroll the table all the way to the right.


Since KERI and ACDC education start off at the level of SSI-expert, a beginner is not a layman, but somebody with a good common understanding of IT and digital identity.

  • 1=beginner digital identity expert
  • 3=advanced self-sovereign identity expert
  • 7=SSI experts
Just my 2 cents:
Don't try KERI and ACDC on your family, friends and other innocent bystanders.
IIWInternet Identity Workshop twice in a year un-conference since 2005https://internetidentityworkshop.com
KERIKey Event Receipt Infrastructure
repoSoftware repository
KERIpyPython implementation of KERI
repoSoftware repository
coroutinesComputer programs that can be suspended and resumed at will.
I/OInput / output
HIOHierarchical asynchronous coroutines and I/O in Python
Sam SmithSamuel M. Smith PhD, Inventor and lead developer of KERI
pythonProgramming Languagehttps://www.python.org
cloneA copy of a system that is - and works exactly as the original
branchA duplicate of an object under version control for further separate modification
kliKERI command line interface
KubernetesKubernetes is an open source platform for managing software containershttps://kubernetes.io
kubectlKubernetes command line interface
verifiable credentialsThe digital variant of our daily live's credentials (ike passport, driver's license), but in a machine-verifiable way
Docker containersDocker takes away repetitive, mundane configuration tasks and is used for application developmenthttps://www.docker.com
sub shella child shell started up from - and contained in another parent shell
agentA representative for an identity
cloud agentCloud agent is software that is installed on the cloud server instances for security, monitoring, and analysis
Py installerPython installer bundles a Python application and all its dependencies into a single package
ElectronA Python interface for Apache Electron command line interface
U/IA user interface (UI) is the space where interactions between humans and machines occur.
multi-sigA digital signature scheme which allows a group of users to sign a single piece of digital data.
identifierSomething to uniquely identify (public) identities; pointing to something or someone else.
walletA wallet is a collection of data stores; made up of a keystore, local and remote key event log database and credential database.
wallet commandsThe section of kli where verifiable credentials can be listed
witnessesEntity that may receive, verify, and store key events for an identifier
watchersGuarantee that KERI logs are immutable
key managementManagement of cryptographic keys in a crypto-system.
initInitialization, a command in the kli
single sig identifierAn identifier that is controlled by a one-of-one signing keypair
key storeA keystore in KERI is the encrypted data store that hold the private keys for a collection of AIDs.
key eventsEvents happening to controlling keys of an identifier recorded in a Key Event Log (KEL).
interaction eventAnchors external data to the key-state as established by the most recent prior establishment event
rotation eventChanges the key-state which includes a change to the set of authoritative keypairs for an AID
signing thresholdsMinimum number of valid signatures to satisfy the requirement for successful validation
KELKey Event Log is the native KERI verifiable data structure
verify signaturesApplying an algorithm that either accepts or rejects the message's claim to authenticity
peer-to-peer communicationsPeers are equally privileged, equipotent participants in a network
bootstrap commandStart an empty agent or to run a single agent against one that's already been started
saltsRandom data that is used as an additional input to a cryptographic one-way function
delegationDelegation can be defined as “the act of empowering to act for another”
multi-sig delegationdelegated identifiers under multi-signature control
JSONJavaScript Object Notation
transferableControl over identifier can be transferred by rotating keys
portsA number assigned to uniquely identify a connection endpoint and to direct data to a specific service.
configuration fileFile used to configure the parameters and initial settings for some computer programs
RESTREpresentational State Transfer (REST) is a software architectural style that developers apply to web APIs
APIsApplication Programming Interface
CURLCommand-line tool (curl) for transferring data using various network protocols.
post and putHTTP request methods to indicate the desired action to be performed on the identified resource
SwaggerOpenAPI (former Swagger) is important to KERI, CESR and ACDC. It's open sourced and has many ready-usable extensions in JSON available.
passcodeSecret data, typically a string of characters, usually used to confirm a user's identity
stretched into an encryption keymake a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources
flagMany command line programs can be set to various mode by using a flag; e.g. -v or --verbose for verbose mode
non-transferable identifierControlling keys over this identifier cannot be rotated and therefore this identifier is non-transferable to other control
toadField in KERI data structure for describing the witness thresshold
witness thresholdThe minimum number of valid witness signatures required
pre-rotationcommitment to next rotated key set in previous rotation or inception event
prefixesA prefix that is composed of a basic Base-64 (URL safe) derivation code pre-pended to Base-64 encoding of a basic public digital signing key
Base64A group of binary-to-text encoding schemes that represent binary data
qualifiedwhen qualified, a cryptographic primitive includes a prepended derivation code
derivation codeA special character that encodes the derivation process, pre-pended to the identifier
Blake3 hashBLAKE3 is a relatively young (2020) cryptographic hash function based on Bao and BLAKE2.
anchor data intoData anchors are digests of digital data, that uniquely identify this data
AIDAn identifier that is self-certifying and self-sovereign
sequence numberIncremental number in a log
digestVerifiable cryptographic commitment. It's a collision resistant hash of content
issuance eventThe inception event of a verifiable credential
public transaction event logIs a hash linked data structure of transactions that can be used to track state
verifiableWhen you can succesfully verify a signature
establishmentAn event that establishes control authority
lmdb databasesLightning Memory-Mapped Database
indexed signaturesUsed when signing anything with a multi-key autonomic identifier; a verifier knows which of the multiple public keys was used
hexHexadecimal notation
verboseAn option available in many computer operating systems and programming languages that provides additional details as to what the computer is doing
self-addressing identifiersAn identifier that is deterministically generated from and embedded in the content it identifies, making it and its data mutually tamper-evident
backerBackers include both regular KERI witnesses and ledger-registered backers
ledger backerA witness in KERI that is ledger-registered
witness backerA native KERI witness whose control authority is established in a KEL
vLEIDigital verifiable credentials issued by (delegates) of GLEIF to prove that information about a legel entity is verifiably authentic
SSI systemSSI Infrastructure consisting of the technological components that are deployed all over the world
Indy networkHyperledger Indy network is an SSI system based on a private blockchain
transfer off a ledgerThe act of transferring control authority over an identifier from a ledger (or blockchain) to the native verifiable KERI data structure KEL
EthereumEthereum is the community-run technology powering the cryptocurrency ether (ETH) and thousands of decentralized applications
AriesHyperledger Aries provides an interoperable tool kit for creating, transmitting and storing verifiable digital credentials
service endpointsA web service endpoint which is a URL at which clients of specific service can get access to the service.
URLsA reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
IP-addressA numerical label such as '' that is connected to a computer network that uses the Internet Protocol for communication
TCP endpointThis is a service endpoint of the web transmission control protocol
dip: tag
icp: tag
di: tag
locked statedefault state of an encrypted KERI data store with a passcode
onepasspassword manager
data OOBIsdata out-of-band ntroductions
credential schema OOBIscredential schema out-of-band ntroductions
KeepIs KERI's and ACDC's crypto wallet: A task orientated application for managing AIDs in ecosystems, e.g. the vLEI Ecosystem
zero trusta Zero Trust approach trusts no one
credential registriesIs a functional component that has the capability to register and advertise the information about Credential Types that their respective Governing Parties have decided to disclose
revocation eventsAn event that revokes control authority over an identifier
two-factor authIs an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence
escrow states
server-sent eventsMailbox notifications; a streaming service for the agent U/I, to get notifications from the KERI system itself