What is a PDA?

Personal Data Assets Introduction

Personal Data Assets (PDAs) serve as the foundational assets of Gateway, functioning as secure, encrypted containers for you to take ownership of your data. You maintain authoritative control, granting consent for data access to selected parties. Data Contributors neatly encapsulate your information in these PDAs using a user-friendly JSON format.

PDAs often contain high value sensitive data. This can range from your healthcare information to your financial history to even your genetic sequencing. Data about you is quite valuable for various stakeholders across the internet including verification of certain traits, creating Personalized AI Models, giving uncollateralized loans and 100s of other use cases. Now you get to control who can use this info about you and when they are allowed to use it.

What is the PDA Lifecycle?

Personal Lifecycle


The lifecycle of the PDA starts when the Data Contributor utilizes a data model to contribute data about (another) DID This data is usually something that the Contributor may hold about you. For example, this can be your loyalty information at North Face or transcript from the college you attended.

Once the Data Contributor sends the Data Model ID along with the user data (encrypted in transit), the validators verify against the schema before surfacing the “contribution” on the Gateway Ledger. A sample transaction of a contribution can be viewed here.

The responsibility for ensuring the accuracy of this data rests squarely on the Data Contributor. Should the information be found inaccurate, the Contributor’s credibility would diminish, leading to decreased trust from Requestors who rely on this data.

A sample mutation for issuance

mutation createPDA {
    input: {
      title: "My Personal Data Asset"
      description: "This is an example PDA showcasing filler data."
      owner: { type: GATEWAY_ID, value: "user-gateway-id" }
      dataModelId: "example-data-model-id"
      expirationDate: null
      organization: { type: GATEWAY_ID, value: "org-gateway-id" }
      claim: {
        name: "John Doe"
        age: 30
        email: "johndoe@example.com"
        interests: ["reading", "traveling", "photography"]
        isStudent: false
  ) {
    dataAsset {
      owner {
      issuer {

Updating Claim Info

To preserve the accuracy and reliability of information within the Personal Data Asset (PDA), it’s essential for the Contributor to have the authority to revise any aspect of the claim as circumstances dictate. However, these revisions must be conducted in alignment with the predefined Data Model, precluding the introduction of new fields.

This procedure ensures data consistency and firmly places the responsibility for maintaining up-to-date and accurate information on the issuer.

Updating Status

In our quest to uphold data integrity and verifiability, Gateway’s protocol incorporates a dynamic status framework for PDAS. This ensures that all parties involved—from contributors to requestors—are aware of the quality and reliability of the information they handle. Here’s how it works:

Personal Data Asset's Status

By offering this nuanced status framework, we empower issuers to reflect real-time changes that affect the validity of a PDA while also providing verifiers with an insightful tool to gauge the risk and reliability of the data they consume. This framework enhances the user experience and maintains a high level of trust and compliance across all transactions.

PDA Structure

These are the predictable components that are part of every PDA.

Personal Data Asset structure


Each PDA has a unique format to identify the PDA. This is in UUID format and can be found on the top of the PDA page. It is generated at the time of creation of the PDA.

This is found above the name of the PDA and is unique per PDA

The PDA ID is the main reference to all the Arweave hashes associated with the respective PDA.

2. Name, Description, Categories

The following makes up the header of the PDA

PDA Header

These are used to provide a general context of what the PDA is about. It is not uncommon for PDAs to have names, descriptions, and categories that match the data model, especially if they are issued in mass.

By default, if an issuer does not provide a name, description, or category, it defaults to using the data model fields. An image can also be provided if the issuer would like.

3. Issuer

This is the ID of the entity that issued the PDA. The issuer can control the credential claims and update the PDA’s status.
By default, the Display Name of the Issuer is shown, but you can click on the ID to see more info.

The ID is displayed in Display Name format. If verified, it will showcase the checkmark. Verification is limited to organizations at the moment.

4. Owner ID

This is the identifier of the Owner. It defaults to show your display name, but the Username is also available.
It is often who the claims are about.

Spotify sent Elon a PDA

5. Authenticated by

Identifies who was responsible for the issuance, in an org context, will identify an org user ID

6. Data Model ID

The data model used determines what the claims will be related to. Since every PDA is linked to a data model, the ID is stored as a reference on the PDA. This is particularly important for verifiers when they are requesting PDAs. The related data model is linked on the PDA page for you to reference and will redirect you to the explorer.

This redirects to the related data model

7. Issuance Date

This is when the PDA is issued and timestamped relative to when the transaction was initiated.

All times are UTC based.

8. Expiration date

When a creator Issues a PDA, It is possible to set an expiration date or leave it indeterminate.

9. Status

The status of the PDA is extremely important in determining its consumption. The details related to the status are explained above.

Statuses will automatically update on your PDA if the issuer changes it

10. Claims

The core of each Private Data Asset (PDA) is its claims—key pieces of user information organized by a selected data model. These claims define what the PDA represents about a user or how it relates to the user.

These are Spotify’s claims about Elon, and the structure is based on the “Top 1% Listener” Data Model.