Solidus Auth
Solidus Auth vs Clerk
Clerk wins on developer experience outright — concede it in the first paragraph. Solidus's argument is narrower: standards compliance and credential portability Clerk structurally doesn't have, not a better sign-up form.
Solidus is a public testnet: no mainnet, no token, no external audit, and no paying customer. Every claim below is checkable; none of them are a substitute for the certifications an incumbent already holds.
What Clerk does better
- Drop-in UI components (SignUp, SignIn, UserButton) and 10+ framework SDKs — the brief calls the DX moat real: 'developers who have adopted Clerk components are sticky.' Solidus ships zero UI kit.
- Session management, MFA, org management, and billing integrations built in — the full-stack layer, not just login.
- SOC2, HIPAA BAA, and a 99.99% enterprise SLA, plus real customer logos (Upstash, Inngest, Browserbase). Solidus holds no certification and has no customers.
- A generous free tier (50K MRUs, no credit card) and an aesthetic the brief itself rates 8/10 — polished and intentional.
Where Solidus is different
- Zero W3C compliance: the brief states Clerk has 'zero decentralization, zero portability, zero standards compliance (no W3C DID/VC)' — Solidus ships OID4VP + Solid-OIDC on a W3C-registered DID method.
- Clerk holds all user PII centrally — the brief calls it 'a honeypot data store' and flags a breach or EU DPA action as 'an existential event.' Solidus's architecture keeps PII out of its own infrastructure — a design claim, not an audited guarantee.
- No cross-app portability: Clerk users are 'trapped per-application' per the brief; a did:solidus credential is portable across apps in principle.
Side by side
| Feature | Solidus | Clerk |
|---|---|---|
| What it actually is | Testnet-anchored OID4VP verifier + Solid-OIDC/DPoP provider | Full-stack auth-as-a-service — UI components, sessions, MFA, org + billing management |
| Pricing at scale | $0.001/verification protocol cost, no MAU floor | $0.02/MAU at scale (free tier: 50K MRUs) |
| Where the user's identity lives | With the user — a W3C VC they hold | Centrally, in Clerk's identity store |
| Drop-in UI components / SDK breadth | None shipped | SignUp/SignIn/UserButton, zero-config, 10+ framework SDKsClerk wins |
| Certifications / SLA | None — unaudited, testnet-grade | SOC2, HIPAA BAA, 99.99% enterprise SLAClerk wins |
| W3C DID / VC standards | OID4VP + Solid-OIDC on did:solidus (W3C-registered) | None — brief: 'no W3C DID/VC' |
| Cross-app credential portability | did:solidus — W3C-registered, portable in principle | Per-app; brief: users 'trapped per-application' |
| Self-serve signup for the differentiating feature | Plain OIDC: yes. Credential verifier: admin-gated, no self-serve signup | Yes, fully self-serveClerk wins |
Check it yourself
npm i @solidus-network/auth @solidus-network/bbs — the BBS+ unlinkability demo ships in the tarball. UNAUDITED; audit targeted H2 2026 via NLnet NGI Zero.