by Andrei Sambra
A DID is functionally a URN, that in many cases can be resolved to one or more URLs.
Supported natively within the IETF/W3C ecosystems
Are they easy to create?
> the ones under my "control" typically involve buying a domain name
Are they decentralized?
> architecturally but also from a governance standpoint
Are they portable/persistent?
> what if I leave Qredo, can I still use that email address?
Are they (cryptographically) verifiable?
Ease of creation.
> should be "cheap" to create lots of DIDs
A persistent identifier.
> once created, it is permanently assigned to the subject
A resolvable identifier.
> can be looked up to discover metadata
A cryptographically-verifiable identifier.
> owner can prove control using cryptography
A decentralized identifier.
> no centralized registration authority is involved
DID is an identifier assigned by a DID controller to refer to a DID subject and resolve to a DID document that describes the DID subject. The DID document is an artifact of DID resolution and not a separate resource distinct from the DID subject.
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/ed25519-2020/v1"
],
"id": "did:example:12345",
"controller: "did:example:12345",
"authentication": [{
"id": "did:example:12345#z6MkecaLyHuYWkayBDLw5ihndj3T1m6zKTGqau3A51G7RBf3",
"type": "Ed25519VerificationKey2020",
"controller": "did:example:123",
"publicKeyMultibase": "zAKJP3f7BD6W4iWEQ9jwndVTCBq8ua2Utt8EEjJ6Vxsf"
}],
"service": [{
"id": "did:example:12345#vcs",
"type": "VerifiableCredentialService",
"serviceEndpoint": "https://example.com/vcs"
}]
}
The DID methods support the same basic functionally (creation, update, etc.), but they differ in how that functionality is implemented.
Over 150 methods already proposed!
* graphics from Mattr
At the most basic level, verifiable credentials, or VC in short, are tamper-proof credentials that can be verified cryptographically.
There are three essential properties of verifiable credentials:
* graphics from Mattr
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/citizenship/v1"
],
"type": [
"VerifiableCredential"
],
"credentialSubject": {
"id": "did:example:123",
"type": [
"Person"
],
"birthDate": "1988-02-17",
"photo": "data:image/png;base64,iVBORw0KGgoAAA....."
},
"issuer": "did:example:456",
"issuanceDate": "2020-04-22T10:37:22Z",
"identifier": "83627465",
"name": "Proof of legal age",
"description": "Government of Example Country",
"proof": {
"type": "Ed25519Signature2018",
"created": "2020-04-22T10:37:22Z",
"proofPurpose": "assertionMethod",
"verificationMethod": "did:example:456#key-1",
"jws": "eyJjcml0IjpbImI2NCJdLCJiNjQiOmZhbHNlLCJhbGciOiJFZERTQSJ9..BhWew0x-txcroGjgdtK-yBCqoetg9DD9SgV4245TmXJi-PmqFzux6Cwaph0r-mbqzlE17yLebjfqbRT275U1AA"
}
}
Almost “production-level,” as the library has yet to do a v1.0 release. Currently developed by Hyperledger (Ursa) and MATTR.
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/citizenship/v1",
"https://w3id.org/security/bbs/v1"
],
"id": "https://issuer.oidp.uscis.gov/credentials/83627465",
"type": ["VerifiableCredential", "PermanentResidentCard"],
"issuer": "did:example:489398593",
"identifier": "83627465",
"name": "Permanent Resident Card",
"description": "Government of Example Permanent Resident Card.",
"issuanceDate": "2019-12-03T12:19:52Z",
"expirationDate": "2029-12-03T12:19:52Z",
"credentialSubject": {
"id": "did:example:b34ca6cd37bbf23",
"type": ["PermanentResident", "Person"],
"givenName": "JOHN",
"familyName": "SMITH",
"gender": "Male",
"image": "data:image/png;base64,iVBORw0KGgokJggg==",
"residentSince": "2015-01-01",
"commuterClassification": "C1",
"birthCountry": "Bahamas",
"birthDate": "1958-07-17"
},
"proof": {
"type": "BbsBlsSignature2020",
"created": "2020-04-26T04:21:07Z",
"verificationMethod": "did:example:489398593#test",
"proofPurpose": "assertionMethod",
"proofValue": "jx2VhjyZqUT91e2Oh...xmu5YwqOxPMRsWH3H+2wSA=="
}
}
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/citizenship/v1",
"https://w3id.org/security/bbs/v1"
],
"type": ["VerifiableCredential", "PermanentResidentCard"],
"credentialSubject": {
"type": ["PermanentResident", "Person"],
"@explicit": true,
"givenName": {},
"familyName": {},
"gender": {}
}
}
A zero knowledge proof disclosing only givenName, familyName and gender can be derived from the initial VC using the following as the reveal document (using a JSON-LD frame). The reveal document is what a verifier is requesting from the prover/holder in terms of information it needs (think of it like a template with a list of attributes).
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/citizenship/v1",
"https://w3id.org/security/bbs/v1"
],
"id": "https://issuer.oidp.uscis.gov/credentials/83627465",
"type": ["PermanentResidentCard", "VerifiableCredential"],
"description": "Government of Example Permanent Resident Card.",
"identifier": "83627465",
"name": "Permanent Resident Card",
"credentialSubject": {
"id": "did:example:b34ca6cd37bbf23",
"type": ["Person", "PermanentResident"],
"givenName": "JOHN",
"familyName": "SMITH",
"gender": "Male"
},
"expirationDate": "2029-12-03T12:19:52Z",
"issuanceDate": "2019-12-03T12:19:52Z",
"issuer": "did:example:489398593",
"proof": {
"type": "BbsBlsSignatureProof2020",
"created": "2020-05-25T23:07:10Z",
"verificationMethod": "did:example:489398593#test",
"proofPurpose": "assertionMethod",
"proofValue": "ABgA/4N3qygQRJlX3gmQOlJRGbO1KTXKQUmaN02xl+FiNZUDmGfa5OoKtg0RJ4wxxA08t3Vut61G/pq4yN0byg...msTtQPYJS084355GRBur5jnzPNJ2W6Gu3ZqqQeRrVyw1gzdhVDNOE8KUm9OQ3AvCuxo8PHNrqzNvc6VA==",
"nonce": "37pdwue1a8FWLqgwCd0QJ0IJTFhp609KtxeCTWZGnfAVE+sOBDffYez+TY/bmVy+6z4="
}
}
Crypto operations*:
Size:
*In practice the speed depends on the size of the data
*92% of Mozilla’s 2019 income came from its 2017 Google ad deal.
DID data model spec:
https://www.w3.org/TR/did-core
List of supported DID methods:
https://w3c.github.io/did-spec-registries/#did-methods
Verifiable Credentials data model spec:
https://www.w3.org/TR/vc-data-model/
BBS+ Signatures spec:
https://w3c-ccg.github.io/ldp-bbs2020/