With this model:
- Privacy: nothing in the commitment reveals real attributes or keys.
- Upgradability: new fields can be added by bumping
version and putting them in the hash.
- Auditability: the
prev_commitment chain allows full history verification.
- Recovery: key rotation and recovery are encoded as new states; verifiers just follow the chain.
- Minimal trust surface: apps only depend on:
- the latest
identity_commitment
- a proof that ties some statement to this commitment.