DID Document
Since our DID method is a single, public key, the DID document itself may be reconstructed from a public key at any time. This layer exists purely for compatibility purposes. This is the W3C did:key specification.
DID documents of this type always follow this exact format:
{
"@context": "https://w3id.org/did/v1",
"id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
"publicKey": [{
"id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey",
"type": "Ed25519VerificationKey2018",
"controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
"publicKeyBase58": "B12NYF8RrR3h41TDCTJojY59usg3mbtbjnFs7Eud1Y6u"
}],
"authentication": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
],
"assertionMethod": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
],
"capabilityDelegation": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
],
"capabilityInvocation": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
],
"keyAgreement": [{
"id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#kakey",
"type": "X25519KeyAgreementKey2019",
"controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
"publicKeyBase58": "JhNWeSVLMYccCk7iopQW4guaSJTojqpMEELgSLhKwRr"
}]
}
The
@context key states which version of the spec this DID conforms to.For example:
'https://w3id.org/did/v1'The
id is the concatenation of the method did:key: with the public key.For example
'did:nacl:Md8JiMIwsapml_FtQ2ngnGftNP5UmVCAUuhnLyAsPxI'
The
publicKey array MUST:- Contain EXACTLY one key record
- The public keys MUST be identical
- MUST use the index
#pubkey - MUST have the type
ED25519SignatureVerification2018 - Be encoded in base64 (for transmission and consistency)
"publicKey": [{
"id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey",
"type": "Ed25519VerificationKey2018",
"controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
"publicKeyBase58": "B12NYF8RrR3h41TDCTJojY59usg3mbtbjnFs7Eud1Y6u"
}]
This contains a lot of redundant information, but is required to be compatible with other DID services
Unlike many other DID methods, a Fission Identity MUST contain exactly one key. Fission treats identity as pseudonymous at best and thus relegates access control to the realm of verifiable claims.
There is a need for non updateable DID's for use in IOT and other applications, where lack of network, size of code base and other such concerns are paramount to adoption. These concerns need to be addressed while not lowering the overall security guarantees.
Our motivation is focused primarily on universality. Rather than updating a document over time, the DID is minimal, immutable, and may be reconstructed from a key pair at any time.
The
authentication array MUST:- Contain EXACTLY one key record
- The key MUST be identical to
#pubkey
"authentication": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
]
The
assertionMethod array must contain EXACTLY the public key referenced in publicKey.id"assertionMethod": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
]
The
capabilityDelegation array must contain EXACTLY the public key referenced in publicKey.id"capabilityDelegation": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
]
The
capabilityInvocation array must contain EXACTLY the public key referenced in publicKey.id"capabilityInvocation": [
"did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#pubkey"
]
The
keyAgreement array MUST- Include EXACTLY one key record
- The
idMUST match the public key, but indexed with#kakey - The
typeMUST set toX25519KeyAgreementKey2019 - The
controllerMUST exactly match the public key - Include a base58-encoded public key
"keyAgreement": [{
"id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH#kakey",
"type": "X25519KeyAgreementKey2019",
"controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
"publicKeyBase58": "JhNWeSVLMYccCk7iopQW4guaSJTojqpMEELgSLhKwRr"
}]
Last modified 1yr ago