Blockchain, Self-Sovereign Identity and Digital Credentials: Promise Versus Praxis in Education

Blockchain’s versatility is primarily due to its immutable and almost indestructible nature. These attributes have caught the attention of researchers and developers interested in applications and environments where the need for the integrity of identity and content are as paramount as the safe delivery and record of transactions. Self-sovereign digital identity in particular is often cited as a human right that nation states need to embrace with as much conviction as education and lifelong learning are considered to be a public good. Although the blockchain has long been identified as an opportunity for driving much-needed change in the core processes of the education sector, use cases to date have been limited in scope and execution, with blockchain advocates and education policy makers seemingly disconnected on fundamental issues such as governance, self-sovereignty, interoperability, choice of blockchain platforms and overall trust in standards and the integrity of the infrastructure. This article is primarily interested in the affordances of the technology as a public good for the education sector. It levers on the lead author’s perspective as a mediator between the blockchain and education sectors in Europe on high-profile blockchain in education projects to provide a snapshot of the challenges and workable solutions in the blockchain-enabled, European digital credentials sector.


INTRODUCTION
One of the goals of United Nations Sustainable Development 2030 agenda is "ensuring inclusive and equitable quality education and promote lifelong learning opportunities for all 1 ." With a global pandemic in the mix, capable of effectively delaying and even diluting the existing progress made in this direction, the turn to technology as the salvation of global education systems is palpable. A 2018 UNESCO report addressing the challenges in digital credentialing and recognition fittingly called out the lack of an efficient "one stop shop" universal system with the ability to collect, store, verify and connect educational credentials in a comparable manner across national contexts (Chakroun and Keevy, 2018). Following the European Commission's publication of a JRC 2 report in 2017 (Grech and Camilleri, 2017) that proposed the use of blockchain technology as a potent tool to achieve that goal, a wide array of publications and pilot programs have since gathered steam. Once exclusively circumscribed to the fintech sector, blockchain technology is now identified as a force of change in multiple realms of operation including public sector services such as healthcare, voter identity registration, asylum process management 3 and higher education. In a recent report, the American Council on Education (Lemoie and Soares, 2020) identified three key themes emerging from the intersection of blockchain technology and education: personal data agency, lifelong learning, and the power of connected ecosystems. While lifelong learning has been a recurring theme in the education sector for several years (Ates and Alsal, 2012;Volles, 2016), the concept of personal data agency as achieved via self-sovereign identities is still gaining momentum in academic and policy circles (Wang and De Filippi, 2020). Despite the technological promise of blockchain, several barriers remain that have limited the practical applications to proof of concepts and pilots so far. COVID-19 may yet be the watershed moment in the education sector that will accelerate the drive toward a system of self-sovereign, ubiquitous, affordable, and verifiable credentials powered by blockchain technology. Efforts in this domain are shifting from theory to practice, largely due to the fruition of multiple initiatives, emerging from both public and private sectors.
This article unpacks these concepts and how the "blockchain in education" ecosystem has unfolded in recent years. It focuses on the lessons learnt from case studies where the blockchain has been deployed to re-imagine digital credentials in high-profile pilots in Europe. Whether deployed as experiments or nationstate initiatives, what these pilots have in common are prescribed objectives to enhance learners' self-sovereignty and agency and improve the options for issuers looking for more cost-effective, secure, democratic and trustworthy solutions than those currently available. The article attempts to bring clarity to ongoing discussions on whether decentralized credentialing ecosystems contribute to more robust, scalable and flexible systems than centralized systems; and whether policy makers and citizens should continue to wait for the technologies to mature or look elsewhere for pragmatic technological solutions to long-standing governance issues specific to the education sector, including the interoperability and recognition of learning credentials across Europe.

DECENTRALIZATION, BLOCKCHAIN TECHNOLOGY AND THE PROMISE OF SELF-SOVEREIGN IDENTITY
Decentralization is defined as the ability of an ecosystem to shift power and control from a centralized host to a distributed network (Anderson, 2019). The World Wide Web or Web 1.0 was originally developed as a decentralized platform. Control was soon appropriated by Web 2.0 behemoths who turned it into a two-sided client-server model, with a business hosting an application and users (Soghoian, 2010;Toledano, 2013). Recent experiences of data appropriation and surveillance capitalism have left idealists yearning for a Web 3.0 underpinned by decentralized ecosystems on open platforms.
Blockchain technology 4 went mainstream in 2008 after its elusive founder/s Satoshi Nakamoto conceptualized it in a white paper and later used it to implement the cryptocurrency Bitcoin (Nakamoto, 2008). As one of the first large scale applications of decentralization, the implications of the technology go far beyond its use as the backbone of a cryptocurrency (Wu and Tran, 2018). As a distributed ledger technology with a decentralized protocol that allows the network to validate a transaction (as opposed to some central authority), the blockchain holds the same socially empowering promise of the early internet. Our often-misplaced trust in centralized platforms, databases and protocols could perhaps be addressed by a technology that is trustless by design-yet allows varying degrees of trust to be built in at the transaction and communication level of the infrastructure itself.
Technologies without a central, controlling authority also tend to be associated with a compelling social value proposition (e.g., M-Pesa). The social value proposition of the blockchain is a composite of a number of intertwined principles (Grech and Camilleri, 2017;Grech, 2018). Of these, Self-sovereignty, Identity and Trust have particular resonance in these uncertain times: selfsovereignty is frequently associated with the right of individuals to own and control their own identity online and be the final arbiter of who can access and use their data and personal information.
3 https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/2020/06/10/ Three+new+CEF+Blockchain+Use+Cases 4 In its simplest form, a blockchain is a type of distributed ledger technology (DLT) where transactions are recorded with an immutable cryptographic signature called a "hash," and then "grouped in blocks." Every new block includes a hash of the previous one, chaining them together-hence a "blockchain." Data in the block cannot be altered or removed, so every transaction exists in perpetuity while the blockchain exists. The distributed electronic ledger functionality also provides a mechanism for a community to record and exchange information. In this community, each member maintains his or her own copy of the information and all members must validate any updates collectively. The information could represent transactions, contracts, assets, identities, or practically anything else that can be described in digital form. Entries are permanent, transparent, and searchable, which makes it possible for community members to view transaction histories in their entirety. Each update is a new "block" added to the end of a "chain." A protocol manages how new edits or entries are initiated, validated, recorded, and distributed. With blockchain, cryptology replaces thirdparty intermediaries as the keeper of trust, with all blockchain participants running complex algorithms to certify the integrity of the whole. A distributed ledger is a decentralized database, distributed across several computers or nodes, managed by multiple participants, without the participation of a central authority. Each node has equal status in terms of authority, without a central authority or server managing the database, so each node can independently maintain and update the ledger and any of the nodes will verify its existence. A blockchain is a usually distributed, usually cryptographically assured chain of blocks (the technical term is Merkle tree), whereas a distributed ledger is a database that exists on (i.e., is distributed over) multiple locations (but not necessarily secured on an actual blockchain). Technically, the git version management system is a blockchain, and a RAID 1 hard drive array is a distributed ledger (Basu and Gabbay, 2021).
In a knowledge-based global economy, an ability to state, verify and prove digital identity in a seamless fashion in a hyperconnected webspace is a vital human right, "the key to survival" according to Wang and De Filippi (2020). According to a World Bank report 5 as of 2016, over 1.5 billion people around the globe have no means to prove their identity. According to UNHCR 6 , by 2018 70.8 million people had been forcibly displaced due to persecution, conflict, violence, or human rights violations. Voluntary and regular migrations for the purpose of employment and education also require a portable and dynamic identity that can be unequivocally associated with fairly earned credentials (Toth et al., 2003). The lack or loss of identity credentials inevitably subjects minority groups to a unique form of socio-economic exclusion.
The above implies an urgent need for citizens to secure complete ownership over their identities. In 2016, the United Nations launched the multi-stakeholder ID2020 Alliance 7 with the objective of ensuring universal and ethical digital identity for all within the UN's 2030 Sustainable Development Goals, satisfying the four P's: private, portable, persistent and personal. In 2019, ID2020 proposed a "Certification Mark" to those companies that channel their efforts into technologies capable of providing solutions that meet the 4P's criteria.
In practice, there is rarely any provision to create an identity without relying on a third-party provider. Should that provider cease to exist, so do all the identities of all users in that domain: this defeats all the foundational properties of a self-sovereign identity, such as existence, autonomy, ownership and access, and the principle that the user, and only the user, must have full control over their identity data in a user-controlled data management facility (Ferdous et al., 2019).
In a much-cited post in 2016 8 , cryptography pioneer Christopher Allen described self-sovereign identity as "the next step beyond user-centric identity [where] the user must be central to the administration of identity" (Allen, 2016). Compare this to a traditional identity management scenario, where a user's identity is defined from the perspective of the provider for a specific purpose and is therefore only valid within the domain of that specific provider within that purview (Wagner et al., 2018). Smolenski (2016Smolenski ( , 2020 considers self-sovereignty as an attempt to answer long-standing philosophical questions about social personhood. People have all sorts of identities conferred on them in various forms (passports, proof of employment, diplomas) and by various third parties operating as sources of authority (e.g., credentialing bodies). None of these forms can revoke the fact that individuals are the ultimate source of data about themselves: a citizen's identity pre-exists before the conferral of an identity by any third party. The Sovrin Foundation 9 , a not-for-profit global consortium working toward building and governing a network of globally acceptable self-sovereign identity, has stated that in any such network the three core tenets of individual control, security and full portability must be met.
The blockchain is frequently cited by ID2020 and the Sovrin Foundation as a prime candidate for decentralized, tamper-free digital identity solutions since several characteristics of the technology comply with the key properties of self-sovereign identity. Blockchain provides a decentralized domain which is not controlled by any single entity, and where data stored in any blockchain is readily available, as "availability property" to any authorized entity or "access property" (Ferdous et al., 2019). An owner of a particular data (an identity data such as Personally Identifiable Information or PII) has full control over it and dictates how such data can be shared with other users within the blockchain domain, thereby satisfying the disclosure property. The discussion around self-sovereign identities and DIDs 10 has also become one of the key areas in generating momentum toward personal data agency (Lemoie and Soares, 2020). A Digital Identity report 11 concludes that "there is enough evidence available to predict increased adoption of DLT/ Blockchain digital identity, including schemes developed around Self-Sovereign Identity (SSI) principles" (Goode, 2019). The report predicts that by 2025, 20 percent of total digital ID will be built using DLT/Blockchain technology, increasing from 5 percent in 2020.

BLOCKCHAIN IN EDUCATION: DIGITAL CREDENTIALS COME OF AGE
In February 2020, the U.S. Department of Education's Blockchain Initiative posted a playful post with the title: "Education has a problem? Put a blockchain on it!" 12 The potentially symbiotic relationship between blockchain and education owes much to the self-sovereign affordances of the technology. Blockchain has been associated with the unbundling of higher education (Sood et al., 2020); and from a praxis perspective, with the basic building block of education, the credential. Definitions of credentials tend to be associated with power-with evidence of authority, status, rights, entitlement to privileges, or the like, usually in written form 13 . According to Gallagher (2019), the reputation of an educational institution is dependent on the market value of this credential. Pittinsky (2015) considers the credential as the only form of non-negotiable currency in the higher education 5 World Bank's 2016 ID for Development (ID4D) report. 6 UNHCR's 2018 report on global trends in forced displacement is a record high in human history. 7 https://id2020.org/digital-identity 8 In his 2016 paper, Allen identified ten principles of self-sovereignty: existence; control; access; transparency; persistency; portability; interoperability; consent, minimization and protection. Also see: https://github.com/WebOfTrustInfo/selfsovereign-identity 9 See https://sovrin.org/ 10 A DID or a Decentralized Identifier is a globally unique identifier developed specifically for decentralized systems as defined by the W3C DID specification. DIDs enable interoperable decentralized Self-Sovereign Identity management. More info: https://w3c-ccg.github.io/did-primer/ 11 The Digital Identity Report-The Global Opportunities for Verified Citizen & Consumer Digital ID: Market & Technology Analysis and Forecasts 2020-2025. Published in November 2019 12 See https://medium.com/designing-the-future-of-education-and-workforce/ education-have-a-problem-put-a-blockchain-on-it-bc2574826752 13 https://www.dictionary.com/browse/credential ecosystem; in practice, this statement applies to all forms of lifelong learning.
Within the education ecosystem, the credential is a representation of the different types of learning acquired by an individual; a composite of accredited formal, informal and nonformal learning outcomes-the set of knowledge, skills and/or competences acquired or demonstrated by an individual after completing a formal, informal and/or non-formal learning process that tends to include an issuing institution (Chakroun and Keevy, 2018;Grech, 2018). The term "credential" is also used to refer to the qualification (transcripts, diplomas, certificates, assessments, badges etc.) that a learner receives from an educational institute after fulfilling a set of pre-defined criteria (Seymour et al., 2015). Although the majority of credentials remain paper-based, electronic or digital credentials are now part of the education vernacular. This turn to digital is also associated with alternatives and the need for latent change in the modus operandi of education institutions; as if digitization is making it possible to transcend the limits of traditional credentials, and address many of the concerns raised by students and employers about education institutions (Chakroun and Keevy, 2018). Digital credentials are therefore not mere functional elements-a form of skill/qualification-but tangible proof of identity or self-sovereign identity (Stokkink et al., 2020), with the "value-added" significance of an educational credential unlocked when it can be effectively linked to the sovereign identity of an individual.
Education and identity, both termed as "undeniable human rights" by the UN need to be turned into the cornerstones of resilient, inclusive and equitable systems that ensure these rights for all. The evolution of identity models over the years has been a metamorphic process. Here lies the dilemma. According to Ferdous et al. (2019), the most commonly used identity model at present is the SILO or Isolated User Identity model wherein each service provider gives the user unique credentials to access their services, which means that each time users want to access a particular service, they need to verify their credentials. This can be seen in effect with most of the internet service providers such as Google, Facebook, Twitter etc. The Federated model is employed by private organizations such as HEIs (Higher Education Institutions) or Tax authorities and the User Centric model where a dominant service provider (such as Google) can provide access to a host of other service providers pending verification of credentials. None of these models provide the kind of functionalities that would satisfy the conditions of portability, interoperability and user data ownership rights that allow a data owner to own, control and manage their identity without any intermediary. Moreover, with the massification of higher education and increased student mobility, the demographical composition of students has changed rapidly, challenging the notion of 'the traditional student' (Mintz, 2015).
DID is the key element that enables entities (natural persons, legal entities, or things) to interact with services provided by other entities. One entity may have more than one DID, and it will be the owner who will choose with which specific DID he/she wants to interact with other entities (avoiding profiling). A DID by itself says nothing about its owner since it is just an identifier; it is not an identity.
Once an entity has a DID, different data in the form of verifiable credentials provided by third parties can be linked to it. Some of those verifiable credentials-Verifiable IDs (VID)may describe the DID owner's identity attributes (national identifier, name, surname, etc.); while others-Verifiable Attestations (VA) -may be just data issued to DID owner (accredited education, university membership, etc.). Plastic credit cards, library cards, driving licenses, national ID, passports, or any other membership cards are daily physical examples of Verifiable Credentials (VCs). Holders are able to share existing selected claims from their wallets to third parties (in the form of Verifiable Presentations or VPs). The decentralized native features of the blockchain, without a single point of control, can nevertheless provide an authoritative source of data that different parties may trust. The blockchain can therefore be used to both register and resolve DIDs and public keys that, in turn, allow digital wallets and their owners to communicate and exchange verifiable credentials in a secure way. Registering DIDs will enable natural persons or legal entities to utilize VCs and VPs.
The blockchain infrastructure is ideal for a digital credential ecosystem that supports the issuance, security, storage and verification of learning credentials over time, and across different professional, cultural and geographical contexts (Smolenski, 2016;Grech and Camilleri, 2017;Chakroun and Keevy, 2018). In a truly self-sovereign ecosystem, recipients should be able to control every aspect of their credentials: where they are stored, with whom they are shared, and how they are identified as individuals in the credential. Since personal data and identity is to be shared online, they should own, manage and have the option to choose to share all or parts of their digital credential records in return for access to services they want-without the need of constant recourse to a third-party intermediary to validate or correlate such data or identity to other data 14 . The ability to provide "a single secure record of educational attainment, accessible and distributed across many institutions" is particularly compelling (Sharples and Domingue, 2016), although Grech and Camilleri (2017) assert that the benefits of blockchain in education are best addressed through open implementations of the technology, which utilize opensource software and open standards for data and implement selfsovereign data solutions.
In 2021, praxis in the blockchain and education sector is about pilots in credentials and infrastructure 15 . Blockcerts 16 was the first open standard specifically developed to create, issue, view and 14 The advantages of a blockchain credentials system over a traditional, centralized, proprietary system include: the co-ownership of records by issuers and recipients; vendor-independent verification; the ability to issue to multiple blockchains; portability; privacy; interoperability; ease of use and scalability (Grech, 2018 Qualichain is a flagship KMI project supported by the European Commission to understand the intersection of blockchain technology with semantics and data analytics performing a dual function of storing and issuing credentials as well as providing a set of more advanced services, including career counseling, intelligent profiling, and competency management (Kontzinos et al., 2020). The university-led Digital Credentials Consortium (DCC) aims "to create a trusted, distributed, and shared infrastructure that becomes the standard for issuing, storing, displaying, and verifying digital academic credentials; [and its] focus is the design of the standard and development of a transparent governance model that keeps the learner's rights at the center" (Digital Credentials Consortium, 2020).
There are a handful of state-funded digital credential initiatives (such as Diplome 18 ) as well as private collaborative initiatives (such as Sony Global Education 19 , ODEM 20 , IBM's Learning Credential Network 21 ) that range between being in nascent stages to piloting stages. The majority of blockchain based pilots are taking place seem to be centered around small nation states such as Estonia (eEstonia), Malta (Nationwide Blockcerts) and Switzerland (Blockstack) (Campbell et al., 2018). The European Commission (EC) is investing in the development of techno-legal frameworks suitable for selfsovereign identity between member states. The Connecting Europe Facility (CEF) program is funding a set of generic and reusable digital service infrastructures (DSIs) also known as building blocks 22 . A CEF building block is a collection of reusable specifications, software and services structured in a service offering that serve general concerns of digital (public) services across EU borders and sectors. Europass 2.0, the related European Digital Credentials Infrastructure (EDCI) 23 and eiDAS 24 fall in the scope of creating a space in the higher ed ecosphere where learners may secure, own and share their digital identity credentials in a trusted, distributed, and shared infrastructure.
Probably the most ambitious blockchain infrastructure initiative in Europe is the European Blockchain Services Infrastructure 25 (EBSI) project. Launched in 2019 by the EC together with governments from member states and the European Court of Auditors (having come together as part of the European Blockchain Partnership), EBSI is being built for cross-border government services. The longer-term roadmap is to make EBSI interoperable with other government and commercial blockchain platforms. At face value, EBSI represents an attempt by policy makers to engage with the technology and learn how to regulate it through the simple expedient of using it themselves 26 .
EBSI is a public permissioned blockchain, which means that only reputable entities will be able to write to the chain, but everyone will be able to read/verify. Thus, for public permissioned blockchains a governance model will be required (see Self-Sovereign Identity and the Interoperability of Digital Credentials on the Blockchain section). EBSI includes a "Diploma Use Case" as one of the four foundation use cases, with cryptographic proofs of digital diplomas stored in a blockchain network. The Use Case is based on the European Self-Sovereign Identity Framework (ESSIF), a pure SSI framework extended and adapted to European values and regulatory frameworks -in practical terms, the eIDas trust framework and the GDPR directive. Under this new SSI paradigm, digital credentials will be issued directly to citizens for storage in wallets that citizens own and control. In the process, recipients secure full control of their identities and data. No personal data will be stored on chain, other than the attestation of the issuance or any other relevant digital credential status changes. Any third party with whom the citizen has shared any credential, will be able to verify both, provenance (for the holder and issuer) and status (valid, revoked, suspended, expired) for the issued digital credential.
The combination of ESSIF principles and mechanisms with ESSIF ensures both consent and privacy by design. It will always be the owner (holder) of the digital credential who will: start 17 Detailed information on Hyland's official website: https://www. hylandcredentials.com/ 18 http://www.cimea.it/en/diplome-in-breve.aspx 19 https://www.sonyged.com/ 20 https://odem.io/odem-trust-network/ 21 https://www.ledgerinsights.com/education-orgs-ibm-blockchain-credentials/ 22 See https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/CEF+Digital+Home 23 https://ec.europa.eu/futurium/en/europass/europass-digital-credentialsinfrastructure 24 https://ec.europa.eu/digital-single-market/en/trust-services-and-eid 25 How the EU is using blockchain to build a citizen-centric European Internet. Access at: https://www.ledgerinsights.com/how-the-eu-is-using-blockchain-tobuild-a-citizen-centric-european-internet/ 26 Provisioned as a service (a set of services), EBSI is made up of two main layers: the Core Infrastructure layer and the Use Case Application layer. The Core Infrastructure layers include the Infrastructure (compute, storage and network systems), the Chain and Storage layer (initially provisioned with two concrete blockchain implementations-Hyperledger Fabric and Hyperledger Besu-and data storage capabilities) and the Core Services and Interfaces layer (providing interfaces for on-chain and off-chain services). The Use Case Applications layer provides the business domain contents for specific use cases. interactions with third party services; accept data (in form of verifiable attestations); or share data (in the form of verifiable presentations). Levering on the design architecture of EBSI, Figure 1 illustrates the main components and flows when self-sovereign identity principles are applied in a blockchain scenario. Smit (2020) believes that the most significant benefit of SSI is interoperability, which she states has two different dimensions-a philosophical and a technological dimension. In practice, within an education context, there are four distinct dimensions that need to be managed if interoperability is to be achieved to prescribed standards:

SELF-SOVEREIGN IDENTITY AND THE INTEROPERABILITY OF DIGITAL CREDENTIALS ON THE BLOCKCHAIN
1. Technical dimension: Verifiable credentials enable information to be packaged, issued or shared in a standardized format. The following de facto and formal standards should be considered to ensure true interoperability: W3C-VC, W3C-VC-EDU, W3C-DID, W3C-JSON-LD Wallet, DIF and the corresponding IEEE and ISO working groups.
2. Legal dimension: The two main aspects for consideration are identity and data. For example, in Europe, the eIDas trust framework should be considered to facilitate identity and cross-border validity. In the case of data, GDPR regulation, educational jurisdiction rules and national legislation have to be navigated.
3. Semantic dimension: Standardization extends beyond technological interaction and the transmission of data. Interoperability has to do with the seamless receipt of the data package, its opening, and a common understanding of how the fields that make up the data can be read. Both the sender and the receiver need to be using the same semantic model. This is a challenge since there are different (perhaps too many) semantic models to describe a student's learning pathway (for instance PESC or EMREX/ELMO). There is a need for a clearly defined, common model for the accreditation of learning achievements to ensure the portability of both the identity and the record of a student throughout her life. This may well represent an opportunity to differentiate between describing the learning route and the accreditation of the learning achievements obtained during the route. There is a need for a common schema that may describe the accreditation of learning outcomes. This must in turn be capable of: describing any kind of learning (formal, informal, non-formal); recognizing accredited and non-accredited credentials (including microcredentials); and supporting different learning contexts (from higher education and technical and vocational education and training or TVET to modular learning). In Europe, the Europass Learning Model (ELM) 27 is the data model able to accredit any type of learning outcome achievement, and a correspondence between ELM and ELMO has been provided. The following de facto and formal standards should be considered to ensure true interoperability: W3C-VC-EDU, and the corresponding IEEE, ISO working groups.
4. Governance dimension: This may be further tabulated as follows: 1) Overall governance dimension: Aspects like the purpose, ownership and responsibilities, decision flows, 27 The EC also refers to ELM as "the Europass EDCI Data Model." Frontiers in Blockchain | www.frontiersin.org March 2021 | Volume 4 | Article 616779 6 accountability, communication roles and responsibilities, exit conditions, accommodation for existing solutions, technology standards to be applied, or the type of blockchain deployed etc. (see below). 2) Technical governance dimension: Once there is a decision on the type of blockchain model to be deployed, there will be technical governance aspects to be considered which are conditional on overall governance. For instance: aspects related to the concrete implementation of the blockchain (e.g., Hyperledger Fabric or Hyperledger Besu, etc.); the consensus protocol to be fixed; the minimum nodes required; the level of data segmentation and encryption between nodes; etc. 3) Educational governance dimension: roles adopted by legal entities will enable the educational governance for accredited education (see below).
The governance of digital credentials is also dependent on two critical set of decisions related to the type of blockchain deployed, and accreditation taxonomies: Decisions on type of blockchain to use: This is a critical aspect to define for the governance of digital credentials on the blockchain, and very much indicative of the way governance is managed, or perceived to be managed, in specific socio-economic contexts. The type of blockchain selected for digital credentials has much to do with the trust that decisionmakers vest in the type of blockchain being used. The choice of blockchain will be made from the following types: 1) A public blockchain (so anyone who is connected to the internet can join and become a part of it), 2) A private blockchain (so a restrictive blockchain that operates in a closed network), 3) A permission-based blockchain (so some accreditation/ authorization mechanism to enable roles should exist) 4) A permission-less blockchain (so anyone is able to write/ update) 5) A hybrid blockchain (combination of private and public blockchain than can also be permissioned or permission-less) 28 .
Decisions on accreditation taxonomies: 1) Accredited education: in situations where permission attributes need to be issued (such as in the case where a higher education institution issues a degree title to a student). A clear business governance model must be defined, along with the related type of blockchain that is chosen to suit the best business model/requirements.
2) Non-accredited education: in situations where there is no need for permission attributes to be issued (such as in the case of the HR department of a company issuing certificates for completion of an internal professional training course for employees) The issuing of accredited educational credentials requires clear governance rules for a set of variables. These are likely to include decisions on: 1) An entity that is qualified to host nodes (that is, who hosts mining and verifying nodes). 2) An entity that can authorize legal entities to become Trusted Issuers. To become a Trusted Issuer a legal entity will require authorization from another accreditive source (usually a national quality accreditation agency) that will "accredit" the requesting legal entity to issue certain types of verifiable credentials; and the "accreditive source entity" will be a Trusted Accreditation Organization (TAO). In this context, "accreditation" simply means "to make authoritative, creditable, or reputable".

3) An entity qualified to be a Trusted Issuer (TI): A Trusted
Issuer is a legal entity that is accredited to issue certain types of verifiable credentials (such as a Higher Education institution accredited to issue qualifications as defined in the level 7 from the European Qualification Framework). 4) Supporting rules for definition of identity and levels of assurance for entities (natural persons and legal entities). 5) Data schemes to ensure semantic and technical interoperability. The blockchain will provide the source of trust containing at least the following trusted registries to enable business domain governance: -DIDs registry: contains DIDs and public keys; -Trusted Accreditation Organization registry: details of the trusted accreditation organization and the "authorisations" it may accredit; -Trusted Schema Registry: Data schemes; -Trusted Issuer Registry: Trusted Issuers details and accreditations; -Revocation & Endorsement Registry: verifiable credentials status (valid, revoked, suspended, expired).
In principle, by addressing all of the four interoperability dimensions and the related issues highlighted in this section, the blockchain solution should be able to support the accreditation of any kind of learning. However, following this process alone will not necessarily fast-track the adoption of digital credentials.

DECENTRALIZED RESILIENT MODELS FOR EDUCATION? TOO EARLY TO CELEBRATE
The impact of the COVID-19 pandemic on the education sector has been devastating. By April 2020, 94% of learners in 200 countries were adversely affected (United Nations, 2020), with 28 Blockchains will become increasingly nuanced. For instance, Corda is an open source blockchain project, designed for business, with one key differentiator: it does not periodically batch up transactions needing confirmation into a block and confirm them in one go. Instead, Corda confirms each transaction in real-time. There is therefore no need to wait for other transactions to come along or a "block interval." Transactions are confirmed immediately. This means that the transaction is not dependent on any others, increasing both privacy and scalability. So, Corda is both a blockchain and not a blockchain. the UN Secretary General deeming school closures "a generational catastrophe" (Farzan and O'Grady, 2020). In countries with already fragile education systems, there are fears that discontinuation might lead to a permanent removal of education services 29 . The pandemic has also exacerbated a latent crisis within education institutions, suddenly exposing precarious business models and resistance to change. Years of debate about the merits of online and blended learning models and OER (Open Educational Resources) vanished in the wake of the crisis, with universities shifting overnight to emergency, remote online teaching (Baker, 2020;Grech, 2020;Mitchell, 2020). The pandemic has triggered an overall digital transformation and rapid, large-scale change in most higher education institutions. Yet almost 10 years since the technology's inception, with the exception of fintech, there is no industry where blockchain has secured a foothold. Blockchain credentials have not gone mainstream; the blockchain university as envisaged in the Woolf University white paper is stillborn (Gerard, 2019) 30 . The revolution has not quite happened (Baraniuk, 2020). We may tabulate a few reasons 31 for this state of play in the education sector, based on first-hand experience 32 : Lack of large use case studies: According to Sindi (2019), research on the diffusion of blockchain innovation has not progressed enough due to a lack of use cases within the higher education community. It is not an accident that the "nation-state" initiatives have been piloted by small states with a legacy of trialing emerging technologies, and with ready access to policy makers, ensuring speed in decision-making and political will to cut through "red tape". Gartner observed that most blockchain applications seemed to be stuck in the experimentation mode at the end of 2019 33 . A peer review study published by the Center for Evidence Based Blockchain concluded that "almost half of the blockchain firms show no explicit evidence of the problem to be solved. Approximately one-third fail to cite a comparison and intervention analysis, and less than 2 per cent demonstrate evidence of outcomes backed by filtered (critically appraised, peer reviewed) information" (Naqvi and Hussain, 2020).
Interoperability is rarely just about technology: The real obstacles to the implementation of emerging technologies such as the blockchain "for the public good" lie in the socio-technical integration of rules-based, autonomously operating DLT systems in complex social environments. This is not just about whether end users become data controllers (Van der Bergh, 2018), but often whether a project can deliver the same value across borders and nation state jurisdictions. Technologists tend to develop solutions in ideological silos, with little understanding of the barriers systemic to socio-political environments or the need to secure the buy-in of policy barriers to overcome such barriers. Taking EBSI as a technologically-driven project and idealistically meant to be taken up by EU member states as a public good: for EBSI blockchain credentials to become the EU-standard for education credentials, interoperability authentication and mechanisms need to be determined at the outset with existing EU member state projects and quality assurance and accreditation institutions. That implies seamless technology and member state policy interoperability on issues such as education accreditation and quality assurance and portability of formal and non-formal credentials. The pandemic has led to more nation-state insularity, as opposed to solidarity. Digitally secure educational credentials to facilitate international student mobility are not necessarily on the agenda of nation states.
Self-sovereign identity does not entail individuals certifying their own identity. As long as societies are structured in nonanarchical political systems with well-defined government structures that guarantee and enforce laws while allowing for the establishment of public and private trust frameworks, public administrations will still have the final sovereignty of the identification of citizens. The best self-sovereignty that technology can propose to individuals is not in the issuance, but in the management of their identity (Allende López, 2020).
Resistance from central governance: The inherent resistance to change demonstrated by mainstream institutions is symptomatic of an overall governance and structural issue associated with the hegemonic brick and mortar model of the university (Caruth and Caruth, 2013;Dans, 2020). Fear of decentralization is rife, both at nation state level and particularly in a higher education sector: the blockchain for many higher education institutions implies a threat to "central governance," business models and a loss of power vested in legacy systems and in the HR or Registry departments. When digital credentials have been registered on blockchains, they are not being claimed or used very often: hiring managers and registrars have yet to trust or understand how to evaluate them (Lemoie and Soares, 2020). The same resistance may be found in central governments: it is not to every nation state's liking to trust the trustless public blockchain, open standards et al. The much-lauded Estonian blockchain model is a centralized, militarized version of the technology, not some variant based on open standards and a public blockchain. The analogy of trusted, centralized paper credentials vs. mis-trusted, decentralized, permissionless, digitized counterparts will unfortunately continue to resonate with policy-and decisionmakers, until there is a tipping point whereby the interoperability issue described above is 'resolved' by some higher authority-say through prescriptive regulation from bodies such as the European 29 A recent article from the Economist has cited cases where following lockdowns and quarantine, young girls are consistently being forced into marriage or withdrawn altogether, placing them at risk of never returning to school, available at https://www.economist.com/international/2020/07/18/schoolclosures-in-poor-countries-could-be-devastating 30 Woolf envisaged a business model whereby academics worldwide can create and manage a borderless, geographically-agnostic, collaborative university with crosscultural curricula using some variant of blockchain tokens and smart contracts. 31 Although we refer specifically to the higher education sector in this paper, most of the reasons we cite could apply to an overall resistance to the adoption of the blockchain in almost any education sector. 32 The lead author was the architect of the nation state Blockcerts pilot in Malta, and currently a partner in a Horizon 2020 project looking at the impact of emerging technologies on digital education, and a consultant to the European Commission on the EBSI project. 33 https://www.gartner.com/en/newsroom/press-releases/2019-10-08-gartner-2019hype-cycle-shows-most-blockchain-technologies-are-still-five-to-10-years-awayfrom-transformational-impact Commission or national governments. In our view, the success or otherwise of EBSI in the European education credentials sector is critically dependent on the buy-in of a core set of policy-makers and national quality assurance stakeholders in EU member states, particularly those prepared to explore the implementation of high-profile EBSI pilots, as opposed to the actual technical interoperability of the EBSI infrastructure.
Lifelong learning is still at odds with the hegemony of universities. The discourse about the blockchain's "potential" to disrupt education systems worldwide has been a feature of academia since 2016. Beyond the "low-hanging fruit" of verifiable, tamper-proof education credentials, most studies concur on the opportunity for decentralized systems to facilitate the interoperability of education worldwide, and the mobility, self-sovereignty and lifelong learning aspirations of citizens. Yet many universities cling to the paper credentials as symbols of centralized power. In Malta, for instance, the University of Malta continues to resist joining the nation-state Blockcerts initiative, despite its launch in 2017, citing administration challenges. On the basis of use case studies, there is more enthusiasm for blockchain credentials from the TVET sector and from professional and non-formal institutions (including those exploring micro-credentials) than orthodox higher education institutions.
Open standards are at odds with business returns. Many blockchain credentials initiatives masquerade as "open" but need to be closed for their promotors to secure a return on their investment. Commercial blockchain credential solutions have been developed on the Blockcerts open standard, and then closed to ensure lock-in with the end user. Trust in open standards have frequently been associated with mistrust in the security of the public bitcoin standard. Governments continue to wait for others to take up the baton of blockchain self-sovereignty.

CONCLUSION
The analogy that the blockchain is a hammer looking for a nail continues to resonate, even if the education sector seems to be an obvious nail (Herd, 2019;Singer 2020). Gartner's prediction in 2019 that blockchain technology-oriented solutions could create more than $176 billion worth of business value by 2025 and $3.1 trillion by 2030 seems optimistic in 2021. Blockchains may be presented as the verification of identity across adversarial networks, but the promise of a global, interoperable identity ecosystem is dependent not just on trust in decentralized infrastructure, but on the willingness of nation states to collaborate for the common good. Despite the best intentions of centrally-driven digital identity projects such as EBSI and eiDAS 34 , cross-border interoperability needs buy-in from third parties, including standards bodies and policy makers in member states, and within different entities within the Commission itself.
Covid-19 has led to a huge range of human activities migrating online, and far more smoothly than anticipated; 35 for the education sector, the pandemic represents an organic crisis which may drive latent change in the education sector (Heitz et al., 2020). The move to technology-enabled education appears to be as inevitable as more discerning learners questioning the return on their investment in orthodox higher education. The credential will not disappear as long as citizens need to demonstrate identity and skills sets to others. If skills, as opposed to degrees, will really shape the future of work, there may be greater possibilities of the labor market attributing value to digital repositories and mutual recognition of blockchain credentials than traditional bricks and mortar universities trying to cling to outdated business models.
According to Lemoie and Soares (2020), blockchain technology can be applied to advance social equity through personal data agency, lifelong learning, and the power of connected ecosystems. Optimists such as John Domingue at the KMI believe the time has arrived for blockchain to underpin a new resilient decentralized model for lifelong learning where all of the diverse educational experiences available to modern students are tracked, verified and stored as immutable records (Hayward, 2020) 36 . Students will have a self-sovereign student identity where all of their educational certifications are completely owned, controlled, and managed by them, without the need to invoke the support of an intermediary. In troubled times like today with severely contracted economic activity leading to large scale job losses 37 , blockchain-backed educational credentials could ultimately create access to job opportunities which would otherwise go unacknowledged. It might be possible to directly impact an individual's ability to find employment; for example, recruitment sites could match vacancies to candidates based on a broader range of experiences as reflected in their student experience collected from a multitude of resources (Kalla et al., 2020;Marbouh et al., 2020).
Technology history indicates that an organic crisis frequently leads to significant innovation and social change. The burst of the Internet bubble and the emergence of social media platforms is a pertinent analogy. Technology and a pandemic are a whole new ball game, and the blockchain can hardly be considered to be a placebo for the ongoing challenges of the global education sector. A return to that most mundane of applications, a "better, selfsovereign education record" (Griffin, 2020) may be a by-product of these troubled times. To regenerate the blockchain project requires much work in the three inter-related areas of regulation, interoperability and human trust frameworks. The technology affordances of the blockchain alone will not suffice.

AACRAO, American Association of Collegiate Registrars and Admissions
Officers.