The Sovra Stack — how digital trust compounds across layers
A walk through Sovra's stack — the verifiable foundation, the credential primitive citizens carry, the AI assistant that answers them, and the four government modules institutions adopt today.
Identity is infrastructure, and infrastructure is layered. The most useful way to understand Sovra is to read the stack from the bottom up — because what an institution sees, what a citizen holds, and what gets shipped commercially all rest on the same verifiable foundation, and each layer above it inherits guarantees from the one beneath.
The platform already operates across 20+ governments in Latin America, has reached 8M+ citizens, and has issued 1.5M+ verified identities — numbers that exist because the architecture compounds. This week’s edition walks through the stack the way the team builds it.
The foundation — SovraChain
At the base of the stack sits SovraChain, the verifiable infrastructure built as a Based Rollup on Ethereum (Ethrex, by LambdaClass), running in Validium mode so personal data never touches a public chain — only the cryptographic proofs do. The result: cryptographic guarantees inherited from Ethereum L1, costs optimized for national scale (~$0.0002 per transaction at 1,000+ TPS), and no vendor in the middle.
Most institutions adopting Sovra and most citizens carrying their identity will never need to think about SovraChain directly. That’s the point. The foundation does the trust work so the surfaces above it can focus on what they’re actually for: service delivery, daily-life utility, and institutional integration. SovraChain is open infrastructure — built on open standards, anchored on a public chain — so the trust guarantees are inspectable, not asserted.
The credential primitive — SovraID (the API) and SovraWallet (the citizen surface)
Above SovraChain sits the credential primitive, expressed as two products that share the same underlying standards:
SovraID is the API of digital trust — the platform that issues, manages, and verifies credentials for any government or institution. Built on W3C Verifiable Credentials, ISO mDL, OpenID4VCI, and OpenID4VP, it gives an institution a reusable identity layer in hours, not months — and verification works without ever calling back to the issuer.
SovraWallet is how the citizen carries SovraID. A native iOS + Android app, with identity rooted in a passkey stored in the device’s Secure Enclave (WebAuthn / FIDO2) and a smart-contract wallet on SovraChain via EIP-7702 — so a citizen’s credentials sit on their own device, with the cryptographic proof for any presentation generated locally. Selective disclosure (SD-JWT) is built in: a person can prove what’s true (eligibility, age) without exposing the underlying data.
Across the network, this primitive has already powered 1.5M+ verified identities and the credentials issued under it are used across services, institutions, and borders — because the design choices in the credential format compound across every adopter.
The AI layer — SovraRAG
Sitting alongside the identity primitive is SovraRAG, the conversational AI agent for governments and institutions. It indexes the real institutional knowledge — PDFs, Confluence spaces, web pages, internal APIs — and answers citizens and officers with citations back to source documents. Battle-tested across 7+ production deployments, with multilingual coverage (ES/EN/PT-BR) and channel-agnostic delivery (institutional website, citizen portal, WhatsApp).
The principle: the AI doesn’t invent. If the document doesn’t say it, SovraRAG doesn’t either. For a government answering 24/7, that’s the difference between a chatbot and an institutional assistant.
The four government modules — SovraGov
The top of the stack is where the architecture meets the buyer. SovraGov is the platform that integrates four modules on the same data substrate — so a government adopts one platform and gets a coherent stack across functions that previously lived in disconnected systems:
The single citizen-facing window. Every procedure, every status update, every credential delivered to SovraWallet — through one portal, 24/7, web + mobile + WhatsApp.
The documentary backbone. Electronic case files, official communications, administrative acts, all in configurable workflows. Built on the BEAM stack (Elixir/Phoenix/PostgreSQL), the same runtime that powers Discord, WhatsApp, and Bet365 at scale.
Modern budget administration, integrated directly with the documentary system. Execution curves computed from real case files, not parallel spreadsheets.
End-to-end traceable procurement. Every step anchored on SovraChain, publicly verifiable by any citizen, without intermediaries. Tender evaluation assisted by AI, contract execution integrated with budget.
The four modules share the same identity, the same documents, and the same chain — so the integrations don’t have to be built. They’re already there.
Why this design
Three principles run through the stack:
Reuse, not re-issue. A credential issued once is verified anywhere — across institutions, across services, across time. Citizens stop being asked for the same document by every counter; institutions stop rebuilding the same trust primitive in every department.
Holder-bound, citizen-controlled. The credential lives in the citizen’s wallet, and the citizen decides what to share. Selective disclosure means trust without surveillance.
Standards-aligned, sovereign-anchored. Every layer is built on open standards — W3C Verifiable Credentials, ISO mDL, OpenID4VP, Ethereum L2 — so neither vendor lock-in nor opaque infrastructure compromises long-term adoption. Data is always the government’s property; Sovra operates as a SaaS provider, never as a custodian.
Trust once. Use it always.
The shape of the stack reflects how the team thinks about commercial reality and long-term vision at the same time. The four SovraGov modules are what ships today; SovraRAG is what answers the citizens using those modules; SovraID and SovraWallet are what citizens carry across services; SovraChain is what makes the whole thing defensible across decades.
Trust once at the credential layer. Use it always, across services, across institutions, across time.
Worth reading this week
The Identity Brief is published weekly by Sovra, the Digital Identity Stack for the Institutional World.