Yesterday, I watched a friend apply for a government service. He sat in front of a screen, entered his ID number, waited. The system queried a database. The database responded. The service proceeded. Total time: forty seconds.
It worked. But I noticed something. Every interaction followed the same pattern. He entered his ID. The system asked permission to check. Permission granted. Query sent. Response received. Repeat.
I started counting. In one day, his identity was queried seven times across four different agencies. Seven times a central database was touched. Seven times a bottleneck could form. Seven times a record of his activity was logged in a system he cannot see.
This is the hidden cost of identity infrastructure built on queries. It works. It is familiar. But it carries structural vulnerabilities that most people never notice until something breaks.
When a database goes down for maintenance, no one can verify anything. When a system is compromised, every query becomes a leak. When services scale from hundreds to millions of daily interactions the central database becomes the bottleneck that throttles the entire digital economy.
SIGN replaces the query model with something different: verifiable credentials that carry authority without requiring real-time contact with the issuer.
"New ID System reusable verification without central 'query my identity' APIs".
This is not a technical footnote. It is a fundamental shift in how sovereign identity infrastructure is designed.
Here is how it works. A government issues a credential to a citizen. The credential is digitally signed with a cryptography by the authority that issues it. A citizen can hold the credential on their phone, in their wallet, or anywhere else they decide. If for example a service requires to verify some details like age residency eligibility, then the citizen will show the credential. The service verifies the cryptographic signature. No query back to the government database. No central system to bottleneck or surveil. The credential proves itself.
I examined the difference. In the query model, the service asks permission to check. In the SIGN model, the citizen presents proof. The power dynamic shifts. The citizen becomes actively involved, not only checked against a database.
In the Middle East, where governments are digitizing services at a rapid pace, this distinction is important. The region has invested heavily in putting services online. But most of those services still rely on query-based identity verification. The infrastructure beneath them was designed for a time when digital services were few and users were few. Today, millions of residents interact with dozens of agencies daily. The query model is straining.
SIGN's identity layer is built for this scale. W3C Verifiable Credentials and the Decentralized Identifiers. Selective disclosure prove age without revealing birth date. Privacy-preserving proofs. Revocation mechanisms. Offline presentation patterns like QR and NFC for areas where connectivity is not guaranteed.
I observed that these are not abstract specifications. They are operational necessities for a nation where a resident might need to prove eligibility for a housing program, verify credentials for a business license, and confirm identity for a healthcare appointment all in the same morning. Each interaction today triggers a query. Each query adds latency. Each query creates a record.
SIGN eliminates the queries. The credential is issued once. It is used many times. The government retains full control over issuance and revocation. But the verification happens locally, instantly, without touching central systems.
Consider a practical scenario. A small business owner in Dubai applies for a license. Today, the free zone queries multiple databases to verify her legal status, residency, and business history. Days. With SIGN, she holds a verifiable credential from the relevant authority. She presents it. The free zone verifies the signature. Seconds. No queries. No delays. No central systems touched.
This is the mechanism: credentials that travel, queries that do not.
I believe this is where the Middle East's digital transformation must go next. The first phase was putting services online. The second phase must be re-architecting how identity moves across those services. A query-based model works for hundreds of services. It cracks at thousands. It fails at millions under national concurrency.
SIGN gives sovereign nations the identity infrastructure that does not query. It issues. It verifies. It travels. The citizen holds it. The government controls it. The query disappears.
And the next time my friend applies for a service, he will not wait forty seconds for a database to respond. He will present a credential that proves itself. That is digital sovereignty built for people, not for databases.