Overview
The browser turns itself into the foundation to help your web apps/extensions make self-custody, providing new dedicated credential store and APIs. Therefore, you can easily build self-custody apps using two APIs, window.ssi and browser.ssi.
Browser will not provide so-called “wallet” because store and setting don’t/shouldn’t have the ability to communicate to external.
SSI Store Service
It is the internal dedicated store for credentials such like secret key and authorization data, which is protected with isolated process model and encryption. Furthermore, it is the actual entity that executes the tasks related to credentials such like sign/decrypt. Separation of concerns provides a consistent service interface regardless of where the actual data resides (e.g., on the file system, on a Secure Element (SE), or on separate hardware). Accessed via internal privileged services in browser.ssi, window.ssi, and browser setting.
browser.ssi
It is the core API (if chrome, it would be named chrome.ssi), which bridges the tasks related to credentials such like sign/decrypt between internal module and user land. It also provides setting states while paying attention to privacy and security, basically which are what user can choose whether to make open. General web extensions can use it in their scripts.
window.ssi
It is the most accessible API that is widely published on the web, which bridges the tasks related to credentials such like sign/decrypt between internal module and user land. General web extensions and general web apps can use it anywhere.
Browser setting
It is the user interface to the SSI Store Service, providing key generation and API configuration in the privileged process that differs from general web apps.