Enterprise SSI: a Self-Sovereign Identity framework for passwordless authentication

Abstract

This thesis presents the implementation of a complete user workflow covering invitation, registration, login, and account recovery, built around a passwordless authentication sys- tem that leverages Self-Sovereign Identity (SSI) principles. The solution enables secure user management through cryptographic wallets instead of traditional credentials, relying on advanced and industry-grade security standards to ensure a high level of trust and protection in digital identity management. The system integrates JSON Web Tokens (JWT) for verifiable and secure information exchange, EIP-712 structured data signatures to ensure transparency and user consent in signing operations, and ephemeral cryptographic challenges that enable identity verifica- tion without exposing sensitive credentials, effectively mitigating replay attacks. The architecture’s main contribution lies in its practical demonstration of how SSI con- cepts and blockchain-based authentication can be combined to create a decentralized, privacy-preserving, and resilient identity system. It highlights how passwordless work- flows can reduce friction in user onboarding and recovery processes while significantly improving security, usability, and trust in digital identity ecosystems.