The identity industry has a graveyard full of respectable ideas.

Microsoft Passport tried to centralise internet login and personal data around Microsoft at the turn of the century. Backlash made the concentration legible. CardSpace later offered a more thoughtful identity selector across providers, but the simpler experience of federated login won. Mozilla Persona tried browser-centred email identity and could not solve relying-party adoption. Block’s Web5 assembled decentralised identifiers and data nodes under a powerful brand, then was wound down in 2024.

These projects differ technically and politically. Their shared problem was not simply bad cryptography.

Identity is a two-sided habit

A login system needs people to possess and understand it. It also needs services to accept it. Each side waits for the other. The incumbent—password reset, email link, Google button—already exists on both sides, however inelegant it may be.

That makes integration friction a governance force. A service chooses the identity option with libraries, support, fraud tooling and familiar recovery. Users choose the one already configured on their phone. Privacy gains arrive later and are hard to feel. Login failure arrives now.

The technically best architecture can therefore lose to the system with the shortest support queue.

The useful question for a new wallet

Do not ask only whether the design improves control. Ask which repeated behaviour it makes easier on day one:

  • What does a user accomplish faster?
  • Why will a relying party integrate it before everyone has it?
  • Who pays for recovery and fraud?
  • Which old system can disappear?
  • What happens when one major platform refuses?

Identity projects often pitch a new constitutional order while shipping a new login ceremony. The graveyard suggests reversing the order: earn one ordinary habit, then let the architecture prove what it protects.

Further reading