Ceramic:A decentralized Network For Composable Data

Validated Project

This post introduces Ceramic, a new permissionless protocol for creating and accessing unstoppable documents that serve as the foundation for a connected, interoperable web without silos. Ceramic is ideal for storing information that requires guaranteed trust, cross-platform interoperability, and multi-party consumption.

Because participants can create and resolve documents for any type of information without any centralized service, Ceramic unlocks information interoperability between all platforms and services across the web.

Although Ceramic can be used to store any kind of signed information, it is well-suited as a universal routing layer for storing decentralized identifiers (DIDs) and their associated metadata, data schemas, policies for usage of web services, access control permissions, and other documents that collectively enable boundless interoperability between an ecosystem of connected wallets, applications, databases, and services. Here’s what’s possible on Ceramic:

  • Portable self-sovereign identity
  • Shared data schemas and definitions
  • Interoperable user and application data storage
  • Open web services, without new accounts or logins

For more information, jump directly to the use cases or examples sections below.

Ceramic’s global ecosystem of interoperable resources allows developers to build composable applications with unprecedented modularity, trust, and scale. As a result, Ceramic is the trusted foundation upon which a more connected, transparent, and user-centric internet is built.

1. Background

Despite the benefits of cloud services, SaaS tools, and API businesses, building a fully featured product or service is still extremely complex, fragile, and limited. Even simple apps require deploying and maintaining a backend, securing and managing user identities and data, and tying together a tangle of APIs and services. Choices made early often lock developers in to long term relationships with technology providers, which vendors exploit. Making a product’s value-add interoperate with other products and services is often difficult and unpredictable. All of this is because infrastructure, information, and access control are needlessly replicated and siloed for each individual application.

To combat these problems of duplication, fragmentation, and insecurity, the internet needs a flexible public infrastructure where participants can store verifiable information that is universally discoverable and accessible across all applications. By keeping identifiers, their associated data, and services in the public domain instead of on siloed application servers, they can be accessed by all participants across the web. In this model, participants directly define and control their resources, share (or not) these resources with others, and bring their identities and metadata across experiences.

In addition to giving users more agency and control, this model dramatically simplifies the experience for developers as well. Instead of spending effort on managing data and tying together various services, developers can focus on the value-add in their product. Each application can simply query an identity for the information and access they need. Data can be easily shared across products without compromising privacy. Experiences can be composed in real-time to a users preferences. Bilateral service signups and agreements can be done away with, replaced instead by frictionless payment channels for services.

All of this frees products and services from needing to perform non-critical functions, reconciling services and data, worrying about user trust and liability, or scrambling to attract and retain users through many points of friction. Instead, developers can simply build a product that plugs into an already existing ecosystem of users, data, and services that work seamlessly together. Over time, this will result in more targeted micro-services and micro-applications being developed, instead of the behemoths we see today.


The composable web needs a permissionless, identity-centric interoperability protocol to provide applications with all the information they need to easily discover, route to, gain access to, and interact with a user’s resources regardless of which wallet users bring, which applications created the data, or where the resources are located. This protocol must:

  1. Permissionlessly register an interoperable identity (DID);
  2. Privately control this identity with multiple private keys;
  3. Publicly associate public keys and accounts to this identity;
  4. Publicly or privately associate resources to this identity;
  5. Set permissions for resources;
  6. Perform access control to resources;
  7. Interoperably sign and/or encrypt information; and
  8. Revoke private keys, public keys, and permissions for resources.

In addition to these base requirements, a protocol aiming to unlock interoperability should also allow applications and services to:

  1. Publish metadata and definitions;
  2. Publish data schemas; and
  3. Publish policies and service agreements.

Finally, a solution aiming to make it simpler to build powerful applications must be easy for developers to use. It must fit with existing mental and development models, add no additional burdens, and scale well with new use cases and complexity.

2. Ceramic Documents

Ceramic provides a universal graph of verifiable documents. Ceramic documents are signed, append-only, tamper-proof objects stored in IPFS, encoded using IPLD, and anchored in one or more blockchains. Due to its hybrid design relying on IPFS/IPLD and various blockchains, Ceramic’s document graph is interoperable, scalable, permissionless, and low cost (variable depending on blockchain anchor service).

Ceramic documents are a flexible primitive that can be modeled to represent many things, however each document must conform to a specific doctype supported by the protocol. Doctypes specify rules that govern what is a valid update to the document such as signatures and state transitions. This allows Ceramic nodes to verify the state of a given document in a decentralized way.

Ceramic currently supports three standard doctypes: 3IDs, account-links, and tiles. Below, find some of the common ways that these doctypes are used. If your use case doesn’t fit into one of these doctypes, you can add new doctypes to the protocol by submitting an issue on the Ceramic specs repository.

Decentralized Identifiers (DIDs)

DIDs are globally unique identities used to sign documents on the Ceramic network and also interact with arbitrary off-chain services and data. More specifically, they are abstract, key-agnostic interfaces used to uniquely identify entities, interoperably sign and encrypt information, authorize authentication/access control to services, and store mappings to additional resources. Ceramic makes no assumptions about what kind of entity a DID represents, so they can be users, organizations, applications, services, devices, etc. DIDs can be controlled by one or many private keys, providing flexibility and interoperability across wallets and platforms.

3ID IdentityThe first and most widely used DID method on Ceramic is 3ID. More than 15,000 3IDs are already being used in production. Other DID methods that conform to the W3C DID spec may be added to the network as additional doctypes.

Account Links

Account links are the second doctype supported by Ceramic. Account links are verifiable public mappings that allow a DID to prove that it owns a different public cryptographic identity that is also capable of signing, such as a public key, smart contract, or other DID.


Tiles, the third doctype supported by Ceramic, are the most general form of a document and can be used to represent almost any kind of information. Tiles are a way to make verifiable statements by one or more DIDs. Tiles may act as standalone objects or they can reference other tiles. This allows for composability between various tiles, creating a relational graph of verifiable, mutable information. See below for a few examples of how tiles will be used on Ceramic.

SchemasThe first use case for tiles is creating verifiable, globally-available data schemas. Schema tiles allow a user to define a canonical schema that can be used by anyone anywhere in the world, encouraging multiple parties to converge around standard schemas. This makes schema tiles valuable in their own right. Schema tiles are also used to provide structure to information contained in other tiles. Because of this, schema tiles are the core building block for other tiles, such as those below. Schemas tiles can be thought of as templates for other tiles.

MetadataTiles are used to express additional metadata or context about Ceramic DIDs. At a minimum, DIDs need a DID Manager tile so they can be controlled by one or more private keys. Other metadata needs will vary depending on the type of entity that a DID represents and the use case.

  • DID Manager: Contains information required to allow one or many private keys to control a DID
  • Public Profile: Provide context about a DID, such as profile metadata (name, image, logo, etc)
  • Identity Link: Allow others to verify that a non-cryptographic identifier is owned by a DID, such as social links (twitter, github, etc) or DNS links
  • Resource Link: Allow others to verify that a resource is owned by the DID, such as a data link (data sources, data bases, verifiable claims, registries) or a service link (services, APIs)

PoliciesTiles are used to define more explicit, specific terms around the design of a particular service or the access control requirements and permissions needed to access it. For example, policies can define the data model for an application, terms and requirements of a service, or the permissions set by a user to access their data.

  • Collection Policy: Used to define an app’s data model (database types plus references to schema tiles)
  • Service Policy: ToS and requirements for using a resource, may include service endpoint and payment info
  • Privacy Policy: User-managed access control permissions to their resources

AgreementsTiles are used to form explicit agreements between DIDs. An example of this would be a Service Agreement, which is a multi-party agreement between a provider and purchaser of a service (i.e. data hosting).

ClaimsTiles are used to create statements about other DIDs; to achieve this they can create a Verifiable Claim tile. Verifiable claims are a flexible standard for creating signed statements or data. If the verifiable claim is accepted by the recipient, is included in the recipient’s metadata above.

3. Ceramic Use Cases

Most production systems and applications that use Ceramic will combine these simple primitives (DIDs, account links, and tiles) to enjoy the simplicity, interoperability, and scale that is only possible when identities, resources, and services are unbundled from wallet or application silos. Here are a few powerful use cases that are built on Ceramic:

Portable, Self-Sovereign Identity

Self-sovereign identity (SSI) describes a system where participants can permissionlessly create and control their digital identity using one or more private keys. Technically, SSI could be enabled by any decentralized asymmetric cryptography system where public keys (identities) are controlled by private keys (passwords) such as bitcoin or ethereum. However, this type of system would be limited to the network on which these identities are registered, as well as the single private key account. These two constraints function as silos that prevent this identity from being used interoperably in additional contexts.

For identities to be truly flexible and portable across platforms and keys, which makes them more useful in practice, we need an additional identity abstraction that lives at a layer above blockchain accounts. This is the value of DIDs. On Ceramic, DIDs function as the global public identity and they can be controlled by any number of private keys from any blockchain or cryptographic system. DIDs provide a single interface that owners can use to identify themselves, interoperably sign messages, encrypt data, and authorize/access control to off-chain services that is agnostic to which blockchain a user is on. DIDs are the antidote to private key and network lock-in.

SSI is often meant to include much more than direct control of an identifier. Most times, this identifier needs more context so others can interact with it, such as profile details. Ceramic tiles allow DID owners to permissionlessly add public metadata and additional information or resources to their SSI, making for a flexible and dynamic SSI solution.

Interoperable Data Ecosystems

For powerful interoperable experiences, data portability across applications is required. This requires a few core functionalities. First, we need to have a universal way for users to identify themselves across platforms, so that we can know which data is theirs. This is handled by SSI/DIDs (see above). Second, we need to know where this data lives in order to request it. Third, we need to be able to access this data, with users’ permission. Last, we need to know the schema of the data so we can consume it in our application without manual processing.

Ceramic makes this simple for all parties. By storing mappings to data resources in a user’s DID, Ceramic provides a way for applications (and other data consumers) to efficiently discover where information lives, whether on a specific server or a public network. Also by allowing Ceramic DIDs to define access control policies for their data resources via tiles, Ceramic provides an identity-centric way for users to provide consumers access to their information regardless of where it lives. Instead of access control happening on the server, it happens directly on the user. Finally, Ceramic allows applications to define schemas for any data being saved so that data consumers can know a priori the shape of the data that will be returned, even if it is encrypted.

Together these capabilities allow users to frictionlessly control and share their data across various application and server silos, while also allowing developers to make use of a richer, higher quality dataset than ever — without storing any of it.

Open Web Services

The last piece of the interoperability puzzle is providing more open access to web services. All service providers on Ceramic (i.e. data hosting, indexing, anchoring, payments, or other arbitrary web/API services) can service requests from all other identities, with no need for bilateral, one-off accounts. Service providers can remove the requirement of creating an account and using an API key to access their service. Rather than through an API key living on an application’s backend, services can be accessed whenever a user, application, or other service meets certain pre-defined conditions. This allows service providers to remove all friction from accessing their services and to grow their customer base on a per-use (or other predefined) basis.

For example, a service provider that is hosting user data that needs to be accessed by many different parties can now serve all of them without each of them needing an account with the service. Using Ceramic, the data hosting service can define their service and create a service policy that includes the requirements a consumer must meet in order to access their service. When a user (or application) chooses to use this service to host their data in a database that is access controlled by a DID, the user (or app) then adds this resource to their DID. When other consumers want to request this information they need to request access permissions from the user, and once approved, then fulfill the requirements of the hosting service (such as payments or other) before the data will be returned.

Although Ceramic provides the information required for services to accept per-use payments from all parties, the Ceramic protocol itself does not handle payments. Because these transactions will likely be small micropayments, Ceramic is extremely complementary to emerging permissionless cryptographic micropayment networks such as Connext Network on EVM blockchains and Lightning Network on Bitcoin. In the most permissionless version of these systems, service providers and end users would run payment nodes and transact. In more practical versions, these responsibilities can be delegated to a third-payment payment processor. This model would also allow applications to pay for services on behalf of their users. We think this make the most sense in the near term.

Although this example depicts a data hosting service, Ceramic service policies can be used for almost any type of service.

Example: 3Box

To make everything more concrete, let’s dive into how 3Box relies on Ceramic to enable an interoperable, user-controlled data management system. 3Box is a framework that allows developers to store user and application data on a network of open data hosting services access controlled by users instead of on siloed application servers. Users are always in control of their data and can choose to permission it out to other applications, making it shareable across platforms and applications. To achieve this 3Box relies on self-sovereign identityinteroperable data, and open web services.

For self-sovereign identity and to enable user-managed access control, 3Box uses Ceramic’s 3ID DID method which allows users to control their identity, information, and services using all of their existing private wallet keys. To enable interoperable data and shared access web services, 3Box relies on the following set of tiles which are created by the various participants that play a role in the system including applications, services, and users:

  • Schema(s): Describes a data schema used in a particular database. Allows developers to define their data schemas, or use existing ones.
  • Collection Policy: Describes a collection of databases linked to Schema tiles. Allows applications to define their databases and the data models they use so others can easily consume the data.
  • Service Policy: Describes simple functions that take an input and produce an output. In this case, it’s used for hosting of databases in the Collection Policy. Allows service providers to define their service or API and the requirements to access it.
  • Privacy Policy: Describes user-managed access control rights to databases in the Collection Policy. Allows users to set permissions and control their privacy while sharing data across apps.

This collection of functionalities allows App A to store data for User B on a hosting service in databases that are access controlled by User B’s 3ID. User B can now go to App C and give them permission to access their data from App A. To receive the data from the hosting service, App C must meet the requirements defined by the hosting service’s service policy which may include payment information.

4. Ceramic Ecosystem

By now you understand that Ceramic enables the emergence of a diverse, interoperable ecosystem of user-controlled wallets, data stores, and infrastructure services that allow developers to build lightweight, composable, collaborative applications. Here’s how you can participate.

Wallets and Authentication Systems

Integrate Platform-Agnostic, Self-Sovereign Identity: Give your wallet’s users the ability manage their data and other off-chain services using a DID instead of a particular private key. DIDs are an abstraction from individual key pair and contract accounts that eliminate private key lock-in. DIDs are used for interoperable data signing, encryption, and service authorization with all the wallet keys your users already have.


Integrate a Unified, User-Managed Access Control System: Make your database’s access control system compatible with Ceramic DIDs so users can manage their information stored across all databases with a single identity and allow different applications to access their information. Ceramic will first support IPFS-based peer-to-peer databases OrbitDB and Textile.


Offer Open, Shared Access Services: Offer Ceramic-compatible services and list your infrastructure on the Ceramic network to allow others to discover and interact with your service even if they’re not your direct customers.


Build Composable, User-Centric Applications: Build your app using Ceramic’s ecosystem of connected, interoperable services. Store your user and application data in Ceramic-enabled databases with infrastructure providers that support Ceramic service agreements. Also use Ceramic to discover available data sources to populate your application.

5. Ceramic Ecosystem Alliance

The Ceramic Ecosystem Alliance is a collaborative group of organizations, communities, and individuals actively contributing to the research and development of the Ceramic protocol, integrating Ceramic standards into their products, or building services on the Ceramic network. 


All Comments

Recommended for you

  • Hong Kong and Macao police jointly arrested 4 people this week in connection with the JPEX case and seized or frozen 24 million Hong Kong dollars in assets.

    With regards to the JPEX virtual asset trading platform case, the Hong Kong police have received 2,417 reports, involving a total amount of over HKD 1.5 billion. Assistant Commissioner of Police, Chung Yung-min, stated that the Hong Kong police carried out a joint operation with the Macau Judiciary Police from Tuesday to Thursday this week, arresting four people and seizing or freezing HKD 24 million in assets, including casino accounts and a large amount of cash. She also said that the police are actively tracing the whereabouts of virtual assets, have identified other targets, but some have left Hong Kong. The police will work with international cooperation to arrest those involved. She pointed out that the JPEX fraud network is very large and complex, and the investigation is still in its early stages. Those involved still insist that it is a legitimate investment platform. She hopes that the public will be more cautious when making any decisions regarding JPEX. Chief Superintendent of the Cyber Security and Technology Crime Bureau, Cheng Lai-ki, said that the criminal group has destroyed many documents, making it difficult for the police to track the fraudulent funds and investigate. However, she emphasized that the police will continue to communicate with overseas trading platforms to trace the whereabouts of virtual assets. A total of HKD 5 million worth of encrypted currency assets have been frozen temporarily. 

  • Valkyrie Ethereum Futures ETF Receives U.S. SEC Approval

    The US SEC has approved Valkyrie to convert its existing Bitcoin futures ETF to a Bitcoin and Ethereum futures ETF. The new fund will be renamed "Valkyrie Bitcoin and Ethereum Strategy ETF" and will take effect on October 3, with the code still being BTF.

  • AlphaSense Raises $150M in Series E Funding Round Led by BOND and Alphabet's CapitalG

    AlphaSense, a B2B AI platform focused on business intelligence and search, has completed a successful Series E funding round, raising $150 million. The round was led by BOND and included investments from Alphabet's CapitalG, Goldman Sachs, and Viking Global. AlphaSense's valuation has grown from $1.7 billion to $2.5 billion since its Series D funding round in June 2023. The platform uses machine learning to provide deep insights into business and finance analytics, offering "insights-as-a-service." The latest investment will allow AlphaSense to continue leading the generative AI revolution in the B2B sector.

  • web3 startup IYK raises $16.8 million in seed funding, led by A16z Crypto

    Web3 startup IYK has raised $16.8 million in seed funding, with A16z Crypto leading the way and other investors including 1kx, Collabcurrency, Lattice Capital, and gmoney. According to its website, IYK is a participant in the a16z Crypto Startup School, which is an accelerator program from the venture capital giant that typically invests $500,000 in participating startups in exchange for 7% equity. IYK says that it has recruited over 100 creators from industries such as fashion, music, and art since its founding in 2021. To attract more brands and creators, it is launching a self-service platform to help create digital physical experiences.

  • Oracle project Supra completed over US$24 million in financing, with participation from Animoca Brands and Coinbase Ventures.

    On September 28th, Supra, a provider of oracle and VRF services, announced that it had completed a funding round of over $24 million. Investors in this round include Animoca Brands, BCW, Coinbase Ventures, FiveT Fintech (formerly Avaloq Ventures), Galaxy Interactive, Hashed, HashKey, Huobi Ventures, No Limit Holdings, Prosus Ventures,, Republic Crypto, Shima Capital, Signum Capital, SMO Capital, Sound Ventures, Sublime Ventures, UOB Venture Management (Dahua Bank), and Valor Equity Partners.

  • Hong Kong police arrested three people again in connection with the JPEX case, bringing the total number of arrests to 15

    Hong Kong police arrested three more people related to the JPEX case, including one director and one employee of the overseas exchange Lupin, and one popular analyst from a foreign currency exchange shop. The total number of arrests is now 15. The police have received a total of 2,392 reports, involving a total amount of nearly 1.5 billion yuan, and have frozen 77 million yuan in assets. 

  • The EU will collect data proving that cryptocurrency PoW mechanisms "seriously" harm the environment and plans to develop sustainability standards

    On September 28th, the European Commission released a tender contract worth 800,000 euros (approximately $842,000) aimed at mitigating the "significant harm" that cryptocurrency poses to the environment. The research, which will end on November 10th, will establish standards that will be incorporated into potential future EU policies to curb the impact of cryptocurrency on climate change and develop new energy efficiency labels for blockchain. The European Commission stated in the tender document that "there is evidence that crypto-assets can cause significant damage to the climate and the environment," which could undermine the EU's greenhouse gas reduction targets, indicating that new sustainable development standards may be adopted in the future. EU legislators are concerned about the energy-intensive PoW consensus mechanism that supports blockchain such as Bitcoin. The EU's research will be completed within a year and will study green issues related to the use of water, waste, natural resources, and energy by cryptocurrencies. (CoinDesk)

  • Brazil’s cryptocurrency trading volume in July was US$3.7 billion, with USDT trading accounting for 81.6%

    According to data from the Federal Tax Authority, cryptocurrency transactions in Brazil reached 18.8 billion Brazilian real (approximately 3.7 billion US dollars) in July, a decrease of 11.4% compared to the previous month. The three highest transaction volumes were stablecoins, with USDT accounting for 15.3 billion Brazilian real, or 81.6% of the total transaction volume, followed by USDC (838 million Brazilian real) and Brazilian real stablecoin BRZ (641 million Brazilian real). 

  • Bitcoin price to $30K in October, says analyst as BTC price climbs 2%

    BTC price strength returns ahead of Wall Street trading, with $27,000 in Bitcoin bulls’ crosshairs.

  • The National Blockchain Industry Industry-Education Integration Community was established in Xiongan New Area

    National Blockchain Industry Production-Education Integration Community Establishment Conference was held in Xiong'an New Area on September 27. The National Blockchain Industry Production-Education Integration Community is jointly formed by Xiong'an Guochuang Center Technology Co., Ltd., Southwest University of Finance and Economics, Hebei Software Vocational and Technical College, and other units under the guidance of the Vocational and Adult Education Department of the Ministry of Education, the Education and Examination Center of the Ministry of Industry and Information Technology, and the China Association of Small and Medium Enterprises, together with relevant industry associations, enterprises, undergraduate colleges, vocational colleges, scientific research institutes and other units. The establishment of the National Blockchain Industry Production-Education Integration Community aims to gather high-quality production-education resources and establish a new type of production-education integration organization to support the development of the blockchain industry, promote industrial development and talent cultivation, effectively promote the deep integration of industry and education, improve the quality of talent cultivation, better meet the development needs of the blockchain industry, and effectively promote economic and social development.