Skip to content

compare · 5 neighbors

Where Quidnug fits in the identity + trust landscape.

Honest side-by-side comparisons with every adjacent protocol we get asked about. Each link goes to a full write-up, including where the other tool wins and when we'd recommend it.

Relational trustGuardian recoveryDomain scopingNo universal scoreSelf-hostedNo on-chain cost
Quidnug yes yes yes yes yes yes
Public chain partial partial no no partial no
DID + VC no partial partial partial yes yes
Sigstore no no no yes partial yes
PGP WoT yes no no yes yes yes
OAuth / OIDC no partial no no no yes

Each cell is shorthand. Follow the per-comparison links for the actual argument, including where the other tool wins.

Ethereum / Cosmos / Solana / Polkadot

vs Public blockchains

"Blockchain identity" projects on Ethereum (and Cosmos, Solana, Polkadot) solve overlapping problems to Quidnug. Here's the honest comparison.

Read comparison →
W3C DID / VC ecosystem

vs DID + Verifiable Credentials

W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) are the standards-track answer to "decentralized identity." They're excellent at what they do. Quidnug overlaps in some areas and is complementary in others.

Read comparison →
keyless artifact signing

vs Sigstore

Sigstore is the "sign every artifact, no long-lived keys" movement in the software-supply-chain space. cosign is the CLI. Fulcio is the certificate authority. Rekor is the transparency log. They're excellent, and Quidnug integrates with…

Read comparison →
OpenPGP WoT

vs PGP web-of-trust

PGP's Web of Trust (WoT) is the original decentralized trust-graph design, dating to 1991. It never reached mass adoption outside a small crypto / security community. Quidnug can be thought of as a modern rebuild of the WoT concept with…

Read comparison →
centralized federated identity

vs OAuth + OIDC

OAuth 2.0 is the ubiquitous "delegate access to a resource" flow. OIDC layers identity on top ("here is the user who authorized this access"). They're excellent for what they do. Quidnug and OIDC solve different problems, and in fact **t…

Read comparison →

Our posture

Quidnug isn't positioned against any of these. Sigstore does artifact signing better than we ever will. OAuth/OIDC is the right answer for any app that needs centralized federated login. Public blockchains are the right answer when global consensus is a product requirement, not a bug.

Quidnug is the right answer when "who trusts whom?" is a first-class question in your data model and existing tools either flatten that into a universal score or force you to self-manage every key with no recovery story. For that shape of problem, these five alternatives each miss a different piece.