We are building the Personal Data Store on XRI and XDI technology:

  • XRI (eXtensible Resource Identifier) is a syntax and resolution technology for personal and organizational identifiers. They come in pairs of I-Names and I-Numbers, where an I-Name is a human readable, fully portable identifier for your Personal Data Store account, and the corresponding I-Number is a non-reassignable identifier “behind the scenes” that protects your Personal Data Store like a Swiss bank account number.
  • XDI (XRI Data Interchange) is a data model as well as a protocol for sharing, linking, importing and synchronizing data between your Personal Data Store and organizations and individuals on the Internet. XDI is based on a semantic model with built-in features such as global addressability, group management and access control in the form of so-called Link Contracts.

The following sections explain desirable key features of a Personal Data Store ecosystem with regard to our “Three Visions”, and how XRI and XDI technology is used to provide those features.


A strong concept of identity is essential for building an ecosystem of Personal Data Store providers. Without secure identities for all involved parties, there can be no Personal Data Store accounts, no data sharing, and no interaction between individuals and organizations.

We use I-Names for establishing identity. They uniquely identify you and point to your Personal Data Store as well as to other services related to your identity. I-Names provide the following features:

  • I-Names are globally unique, secure, delegable identifiers with a well-defined resolution/discovery mechanism.
  • I-Names are fully portable, i.e. you may want to switch to a different Personal Data Store provider, and your I-Name and I-Number (as well as their associated data and Link Contracts) will stay with you.
  • Unlike domain names, e-mails and usernames, I-Names were specifically designed to represent and protect YOUR IDENTITY on the Internet, rather than any particular technical service.

I-Names look like this: =alice, =pds*bob, @example.corp.

I-Names can take the form of a URI (e.g., in order to be compatible with URI-based technologies and protocols.

Public Key Infrastructure

With every I-Name comes a private/public key pair that can be used for signing and verifying arbitrary pieces of information - from private messages sent between individuals to Link Contracts established with organizations.

This creates accountability, security and trust in a distributed system of Personal Data Store providers, individuals and organizations.


For many - especially social - applications it is desirable to have a personal profile associated with one’s identity. A profile can contain anything about you, e.g. name, address, a picture, phone number, history, interests and much more. Some aspects of your profile may be permanent (e.g. date of birth), while others may be temporary and changing very quickly (e.g. current mood).

Technically, your profile is simply a part of your Personal Data Store, which means it is completely under your control and subject to your terms. Your profile can consist of several Personas, since we naturally present ourselves in different ways, depending on the context we find ourselves in, and depending on who we are presenting ourselves to.

Typically, a profile can be exposed on a web page (called a “profile page”), which may or may not be publicly accessible, depending on one’s access control (privacy) settings. Your “profile page” makes use of open standards such as FOAF, hCard and Portable Contacts, in order to be compatible with external applications.


Relationships define who you are sharing data with, and what applications you use for doing that. In any relationship, your Personal Data Store always remains at the core of an architecture that is structurally designed to act on your behalf.

Roughly speaking, there are two kinds of relationships:

  • Individual Relationships (fulfilling the “Federation Social Web” vision): These relationships can take a rich variety of forms. In their simplest version, this means becoming a “friend” of someone. These relationships can be distributed, i.e. your friends do not necessarily have to use the same Personal Data Store provider (or even the same underlying technology) as you. Relationships are also possible with entire groups of individuals.
  • Organizational Relationships (fulfilling the “Vendor Relationship Management” vision): These are relationships between you and organizations, companies, vendors and web sites. Various sub-types of relationships can be distinguished:
    • Snapshot Read Operations: This means that you provide a one-time “snapshot” of data to a requesting party. Example: You are ordering pizza at a web site and want them to retrieve a shipping address and/or credit card information from your Personal Data Store, instead of typing it in manually. Technologies for achieving such scenarios include OpenID, InfoCards, SAML and OAuth.
    • Snapshot Write Operations: Sometimes companies, organizations, vendors or web sites may have data about you that they wish to put into your Personal Data Store. This can be done by allowing a one-time “write” (or “import”) operation. The amount of data in such an operation can range from small pieces of information generated by your recent online activities, to whole accounts and records a party wants to “give back to you”.
    • Ongoing Relationships: This gives a party ongoing access to your Personal Data Store to perform various operations (usually “read” operation, but “read/write” is also possible). Example: You want your telecom service provider to have ongoing access to your home address, so that they can send you their bills. Such relationships can be suspended or terminated at any time.


In human relationships, it is natural to develop various groups (such as family, close friends, colleagues, etc).

In XDI, groups are first-class objects, which means that just like individual Personal Data Store accounts, they are fully portable and decentralized, and they can have their own data, access control and applications associated with them.

Link Contracts

Link Contracts are the basic access control mechanism of XDI, and their existence is a precondition for establishing relationships. Link Contracts live side-by-side with the actual data in a Personal Data Store, which means that 1. they are fully portable just like the data itself, and 2. they are enforced at the lowest possible architectural level, which provides for maximal security. Any relationship and any application can only access data under and rules and terms of established Link Contracts.

  • Link Contracts support different ways of authentication.
  • Link Contracts can include legal, human-readable text.
  • Link Contracts can be signed by all parties.

Data Portability

Since your Personal Data Store belongs to you, you should also have the option of switching providers.

In technical terms, your Personal Data Store is simply a single XDI graph document, which means that it can easily be exported into a file. This file can then be imported by another Personal Data Store provider, without having to make any changes to the data itself.

To complete a transition between Personal Data Store providers, your I-Name (which is an abstract identifier not bound to any particular technical service) is reconfigured to point to your new provider.

Some example XDI Data

Here is a quick taste of XRI and XDI technology.

You can find more examples (e.g. XDI patterns for specific applications) on our wiki.

XDI data in “X3 Standard” format:

[=!1111.aaaa.bbbb.cccc<-- =alice -->[$is[=(]
[=(]][+street["100 Main St"]][+city["Seattle"]][+zip

XDI data in “X3J” format:

	"=!1111.aaaa.bbbb.cccc": {
		"+street": "100 Main St",
		"+city": "Seattle",
		"+zip": "98101",
		"+country": "USA"

Example XRI addressing a part of your XDI Data: