Decentralized Identifiers (DIDs)

&

Verifiable Credentials

by Andrei Sambra

A DID is a self-sovereign identity - a lifetime, portable, and verifiable digital identity, that does not depend on any centralized authority.

Identifiers - URIs, URLs, and URNs

  • URLs - locate resources
  • URIs  - identify people, concepts, things, etc.
  • URNs - persistent names that do not change, no matter their location

A DID is functionally a URN, that in many cases can be resolved to one or more URLs.

Why is it important for DIDs to be URIs?

Supported natively within the IETF/W3C ecosystems

  • tools, libraries support already available (especially in the browsers)
  • existing specifications already apply to DIDs:
    • <a href="did:example:123">John</a> is valid HTML and can be deep linked into applications

Problems with current identifiers

  • andrei.sambra@qredo.com
  • https://deiu.me
  • https://github.com/deiu
  • @andreisambra
  • @deiu:matrix.org
  • +33 6 85 42 ...

Are they easy to create?

  > the ones under my "control" typically involve buying a domain name

Are they decentralized?

  > architecturally but also from a governance standpoint

Are they portable/persistent?

  > what if I leave Qredo, can I still use that email address?

Are they (cryptographically) verifiable?

Core properties of DIDs

Ease of creation.

    > should be "cheap" to create lots of DIDs

A persistent identifier.

    > once created, it is permanently assigned to the subject

A resolvable identifier.

    > can be looked up to discover metadata

A cryptographically-verifiable identifier.

    > owner can prove control using cryptography

A decentralized identifier.

    > no centralized registration authority is involved

DIDs, DID documents, DID subjects

DID is an identifier assigned by a DID controller to refer to a DID subject and resolve to a DID document that describes the DID subject. The DID document is an artifact of DID resolution and not a separate resource distinct from the DID subject.

DIDs, DID documents, DID subjects

DID documents

  • Contain one or more public keys that can be used to authenticated the DID subject during an interaction.
  • Contain one or more services associated with the DID subject that can be used for different types of interactions.
  • May contain additional metadata, such as timestamps, digital signatures, or cryptographic proofs, or metadata related to delegation or authorization.
  • Serialized to JSON, JSON-LD, CBOR, and others to come soon.

Example of a DID document (JSON-LD)

  {
    "@context": [
      "https://www.w3.org/ns/did/v1",
      "https://w3id.org/security/suites/ed25519-2020/v1"
    ],
    "id": "did:example:12345",
    "controller: "did:example:12345",
    "authentication": [{
        "id": "did:example:12345#z6MkecaLyHuYWkayBDLw5ihndj3T1m6zKTGqau3A51G7RBf3",
        "type": "Ed25519VerificationKey2020",
        "controller": "did:example:123",
        "publicKeyMultibase": "zAKJP3f7BD6W4iWEQ9jwndVTCBq8ua2Utt8EEjJ6Vxsf"
    }],
    "service": [{
        "id": "did:example:12345#vcs",
        "type": "VerifiableCredentialService",
        "serviceEndpoint": "https://example.com/vcs"
    }]
}

DID methods

The DID methods support the same basic functionally (creation, update, etc.), but they differ in how that functionality is implemented.

Over 150 methods already proposed!

Ledger based methods

  • did:btcr:xyv2-xzpq-q9wa-p7t
    • built "on top" of the Bitcoin blockchain
    • the method specific identifier is generated from the blockchain tr position
  • did:eth:0xF3beAC30C498D9E26865F34fCAa57dBB935b0D74
    • built "on top" of the Ethereum blockchain
    • the method specific identifier is generated from the corresponding Ethereum address
  • did:sov:mnjka2gh493qbgyqlkjs1op
    • based on a dedicated ledger (Sovrin)
    • the method specific identifier is generated from either an UUID or a public key

Non-ledger based methods

  • did:web:example.com
    • built "on top" of the Web
    • the method specific identifier is generated from Web URIs
  • did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH
    • does not require a DID document (generated on the fly)
    • the method specific identifier is generated from an encoded public key
  • did:peer:1z6MkpTHR8VNsBxYAA...jSwuBV8xRoAnwWsdvktH
    • based on (private) relationships between peers
    • the method specific identifier is generated from the identifiers of the parties involved (i.e. A <> B)

Verifiable Credentials

* graphics from Mattr

At the most basic level, verifiable credentials, or VC in short, are tamper-proof credentials that can be verified cryptographically.

 

There are three essential properties of verifiable credentials:

  • They are machine verifiable
  • They are secure and tamper-proof
  • They have been issued by a competent/trusted authority                    

Verifiable Credentials - in practice

* graphics from Mattr

Verifiable Credentials - example

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://w3id.org/citizenship/v1"
  ],
  "type": [
    "VerifiableCredential"
  ],
  "credentialSubject": {
    "id": "did:example:123",
    "type": [
      "Person"
    ],
    "birthDate": "1988-02-17",
"photo": "data:image/png;base64,iVBORw0KGgoAAA....." }, "issuer": "did:example:456", "issuanceDate": "2020-04-22T10:37:22Z", "identifier": "83627465", "name": "Proof of legal age", "description": "Government of Example Country", "proof": { "type": "Ed25519Signature2018", "created": "2020-04-22T10:37:22Z", "proofPurpose": "assertionMethod", "verificationMethod": "did:example:456#key-1", "jws": "eyJjcml0IjpbImI2NCJdLCJiNjQiOmZhbHNlLCJhbGciOiJFZERTQSJ9..BhWew0x-txcroGjgdtK-yBCqoetg9DD9SgV4245TmXJi-PmqFzux6Cwaph0r-mbqzlE17yLebjfqbRT275U1AA" } }

Verifiable Credentials - use cases

Verifiable Credentials - privacy through ZKPs

  • Privacy-preserving VCs with the help of BBS+ LD-Proofs.
    • What BBS+ LD-Proofs reveal is a proof of knowledge of the original signature alongside any of the messages you would like to reveal that were signed when producing the signature.
  • Benefits of BBS+ LD-Proofs:
    • selective disclosure (n of m properties of a claim)
    • non-linkability of VC signatures and credential holders
  • Based on BLS12-381 curve
  • BBS+ Signatures spec currently in progress at W3C.

Almost “production-level,” as the library has yet to do a v1.0 release. Currently developed by Hyperledger (Ursa) and MATTR.

Example of ZKP VCs using BBS+ (initial VC)

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://w3id.org/citizenship/v1",
    "https://w3id.org/security/bbs/v1"
  ],
  "id": "https://issuer.oidp.uscis.gov/credentials/83627465",
  "type": ["VerifiableCredential", "PermanentResidentCard"],
  "issuer": "did:example:489398593",
  "identifier": "83627465",
  "name": "Permanent Resident Card",
  "description": "Government of Example Permanent Resident Card.",
  "issuanceDate": "2019-12-03T12:19:52Z",
  "expirationDate": "2029-12-03T12:19:52Z",
  "credentialSubject": {
    "id": "did:example:b34ca6cd37bbf23",
    "type": ["PermanentResident", "Person"],
    "givenName": "JOHN",
    "familyName": "SMITH",
    "gender": "Male",
    "image": "data:image/png;base64,iVBORw0KGgokJggg==",
    "residentSince": "2015-01-01",
    "commuterClassification": "C1",
    "birthCountry": "Bahamas",
    "birthDate": "1958-07-17"
  },
  "proof": {
    "type": "BbsBlsSignature2020",
    "created": "2020-04-26T04:21:07Z",
    "verificationMethod": "did:example:489398593#test",
    "proofPurpose": "assertionMethod",
    "proofValue": "jx2VhjyZqUT91e2Oh...xmu5YwqOxPMRsWH3H+2wSA=="
  }
}

ZKP VCs using BBS+ - reveal document

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://w3id.org/citizenship/v1",
    "https://w3id.org/security/bbs/v1"
  ],
  "type": ["VerifiableCredential", "PermanentResidentCard"],
  "credentialSubject": {
    "type": ["PermanentResident", "Person"],
    "@explicit": true,
    "givenName": {},
    "familyName": {},
    "gender": {}
  }
}

A zero knowledge proof disclosing only givenName, familyName and gender can be derived from the initial VC using the following as the reveal document (using a JSON-LD frame). The reveal document is what a verifier is requesting from the prover/holder in terms of information it needs (think of it like a template with a list of attributes).

ZKP VCs using BBS+ - derived proof

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://w3id.org/citizenship/v1",
    "https://w3id.org/security/bbs/v1"
  ],
  "id": "https://issuer.oidp.uscis.gov/credentials/83627465",
  "type": ["PermanentResidentCard", "VerifiableCredential"],
  "description": "Government of Example Permanent Resident Card.",
  "identifier": "83627465",
  "name": "Permanent Resident Card",
  "credentialSubject": {
    "id": "did:example:b34ca6cd37bbf23",
    "type": ["Person", "PermanentResident"],
    "givenName": "JOHN",
    "familyName": "SMITH",
    "gender": "Male"
  },
  "expirationDate": "2029-12-03T12:19:52Z",
  "issuanceDate": "2019-12-03T12:19:52Z",
  "issuer": "did:example:489398593",
  "proof": {
    "type": "BbsBlsSignatureProof2020",
    "created": "2020-05-25T23:07:10Z",
    "verificationMethod": "did:example:489398593#test",
    "proofPurpose": "assertionMethod",
    "proofValue": "ABgA/4N3qygQRJlX3gmQOlJRGbO1KTXKQUmaN02xl+FiNZUDmGfa5OoKtg0RJ4wxxA08t3Vut61G/pq4yN0byg...msTtQPYJS084355GRBur5jnzPNJ2W6Gu3ZqqQeRrVyw1gzdhVDNOE8KUm9OQ3AvCuxo8PHNrqzNvc6VA==",
    "nonce": "37pdwue1a8FWLqgwCd0QJ0IJTFhp609KtxeCTWZGnfAVE+sOBDffYez+TY/bmVy+6z4="
  }
}

ZKP VCs using BBS+ - Performance

Crypto operations*:

  • Key generation - 1ms
  • Signing - 2.50ms / 10 messages
  • Verifying - 5.20 ms / 10 messages
  • Proof generation - 10.50ms / 10 messages                  

Size:

  • Public Keys: 96 bytes
  • Signatures: 112 bytes                                                       

*In practice the speed depends on the size of the data

Things to consider

  • Adoption rate (both DID and VC specifications are now W3C Recommendations -- i.e. W3C standards)
  • Interoperability (i.e. the "decentralised" angle)
  • Neither spec covers protocols, only the data model. What happens when DID document data needs to be updated (for a blockchain implementation)?
  • Google, Apple, and Mozilla* lodged formal objections to W3C approval of the DID 1.0 specification:
    • Lack of proven interoperability
    • Encourages divergence rather than convergence
    • Centralized methods allowed
    • Proof-of-work methods are harmful for sustainability

*92% of Mozilla’s 2019 income came from its 2017 Google ad deal.

Are DIDs a good fit for us?

Links

DID data model spec:

    https://www.w3.org/TR/did-core

 

List of supported DID methods:

    https://w3c.github.io/did-spec-registries/#did-methods

 

Verifiable Credentials data model spec:

    https://www.w3.org/TR/vc-data-model/

 

BBS+ Signatures spec:

    https://w3c-ccg.github.io/ldp-bbs2020/

Decentralized Identifiers (DIDs)

By Andrei

Decentralized Identifiers (DIDs)

  • 1,175