Crate prople_did_core

source ·
Expand description

§prople/did/core

DID (Decentralized Identity) is a new kind of identifier that focus on decentralized digital identity. A DID can be refer to

  • Thing
  • Person
  • Organization
  • Data
  • Model
  • etc…

From the standard W3C :

The Decentralized Identifiers (DIDs) defined in this specification are a new type of globally unique identifier. They are designed to enable individuals and organizations to generate their own identifiers using systems they trust. These new identifiers enable entities to prove control over them by authenticating using cryptographic proofs such as digital signatures.

Source: https://www.w3.org/TR/did-core/


The decentralized identity is one of primary objectives from Prople. There is no username, email or password used to identify an user in Prople. Any credential will be own and controlled by user.

Each of user will have their own DID with this format:

did:prople:<base58btc_encoded_data>

Example:

did:prople:z2xrsP3ExuJQMydq7hPg2d9ti3BKNoRSXE2b634vcdh9LKKujaBWLsPHoRgKcRCJ1ck7N5YcoU8ZmPwVqp5Hfnayj

This DID will be own by user without any centralized entity has an access to it. This DID will refer to its DID Document :

{
  "@context": [
    "https://www.w3.org/ns/did/v1",
    "https://w3id.org/security/suites/ed25519-2020/v1",
    "https://w3id.org/security/suites/x25519-2020/v1"
  ],
  "id": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx",
  "authentication": [
    {
      "id": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx#key-auth-verification",
      "controller": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx",
      "type": "Ed25519VerificationKey2020",
      "publicKeyMultibase": "z24i8PX1tyYgmQbtfhxjxd5pz1HXu71zPexgZ8B69fBeX9foF286HUBZeZsYStZB9ze4chmaRk9GAWQQLkKKgMvqD"
    },
    {
      "id": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx#key-auth-aggrement",
      "controller": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx",
      "type": "X25519KeyAgreementKey2020",
      "publicKeyMultibase": "5378a8ae40b6d651fbb584870d9e1c0bc9de644cc416d827b31d93d701d2cd1b"
    }
  ],
  "assertionMethod": [
    {
      "id": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx#key-assertion-verification",
      "controller": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx",
      "type": "Ed25519VerificationKey2020",
      "publicKeyMultibase": "z25sf5SoAavJnpeNucvj4mxKBzYpXpM2SHd9SM14T49omXn8sh72Jyv5yq8MVxHWPY4uz1VQFBAMK445RGL6NvkrP"
    },
    {
      "id": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx#key-assertion-aggrement",
      "controller": "did:prople:z27EjbBVuun5D3vL1JYWaGa2q5E6twLdVG7xqvJBKhsCyJmbuGgA822La1pDUiHbi8qz4CpBUss3R7Tpg2i4rXvdx",
      "type": "X25519KeyAgreementKey2020",
      "publicKeyMultibase": "513de55519a46dff69c76dd60a009975c999e02c0531ecca853f2e1a6724c848"
    }
  ]
}

In DID user will have their own VC (Verifiable Credentail) and VP (Verifiable Presentation). The VC will be generated by an issuer and will send to the holder.

The holder itself will generate VP based on given VC. One VP may contains multiple VC. A VP can be used by a person as user personal for each of given VC (or group of VC).

The verifier will be used the VP from a holder, and should be able to verifiy its data structure / format through it’s proof . The proof itself, generated and should be able to verified using cryptographic technique (EdDSA in Prople).

Prople users, will have their own DID including their VC and VP in their agent’s storage.

Example of secured VC :

{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "id": "http://example.gov/credentials/3732",
  "type": ["VerifiableCredential", "ExampleDegreeCredential"],
  "issuer": "https://university.example",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "ExampleBachelorDegree",
      "name": "Bachelor of Science and Arts"
    }
  },
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "eddsa-rdfc-2022",
    "created": "2021-11-13T18:19:39Z",
    "verificationMethod": "https://university.example/issuers/14#key-1",
    "proofPurpose": "assertionMethod",
    "proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz"
  }
}

Example of unsecured (without proof) VP :

{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": "VerifiablePresentation", 
  "verifiableCredential": [{
    "@context": [
      "https://www.w3.org/ns/credentials/v2",
      "https://www.w3.org/ns/credentials/examples/v2"
    ],
    "id": "http://university.example/credentials/1872",
    "type": ["VerifiableCredential", "ExampleAlumniCredential"],
    "issuer": "https://university.example/issuers/565049",
    "validFrom": "2010-01-01T19:23:24Z",
    "credentialSubject": {
      "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
      "alumniOf": {
        "id": "did:example:c276e12ec21ebfeb1f712ebc6f1",
        "name": "Example University"
      }
    }
  }]
}

§Installation

[dependencies]
prople-did-core = {version = "0.4.9"}

Modules§

  • account is main module used to generate an Account
  • context module used to store multiple context types
  • did module used to generated the DID Syntax based on generated [IdentityPayload] data
  • doc module take responsibility to generate the DID Documents
  • identity is a module used to generate an entity types::Identity
  • keys is a module used to hold and store all generated DID Data, encrypt it and save it through `secure::KeySecureBuilder
  • types contains all of public base types used on this crate
  • verifiable is module designed to generate a VC (Verifiable Credential) and also VP (Verifiable Presentation)