Decentralized Identifier or
DID is a critical component of verifiable data. A
DID is a new type of unique
identifier which can be created independent of a central authority and that is designed to prove control over the DID
using cryptographic proofs. In a verifiable data context, a DID can be used to verify the provenance and ownership of
attested data by verifying the proof that is attached to the assertion.
Different flavors of
DIDs exist today. The flavor of a
DID or more accurately the
DID Method defines how CRUD
operations for a DID of that
DID Method are executed. Each
DID Method has different tradeoffs in specific use cases.
For example, a web DID can be created without a Blockchain but
DID Methods exist that have a dependency on a
Blockchain. All of them are valid
DIDs but have different guaranteees.
The example below shows how a web DID for veramo.dev might look like.
DID is created, it is typically associated with a private and public key pair. The public key will be visible
DID Document. This allows the controller/subject of the
DID to generate proofs that are verifiable by anyone
that has the corresponding
DID Document for that
DID. The process of retrieving the
DID Document from a
DID Resolver can take
DID as input and resolve the
DID Document. This is an important concept in how data flows
in verifiable data systems.
DID has a
DID Document that describes the
DID subject. In the case of
DID Document is hosted
on the website in the following format. It contains essential cryptographic information and also services that the
has available. This is the foundation of how
DIDs can start to communicate with each other.
Explainer on what a DID method is and links to supported DID Methods page