Decentralized Identifier or
DID is a critical component of verifiable data. A
DID is a new type of unique identifier which can be created independent of a central authority and that is designed to prove control over the DID using cryptographic proofs. In a verifiable data context, a DID can be used to verify the provenance and ownership of attested data by verifying the proof that is attached to the assertion.
Different flavors of
DIDs exist today. The flavor of a
DID or more accurately the
DID Method defines how CRUD operations for a DID of that
DID Method are executed. Each
DID Method has different tradeoffs in specific use cases. For example, a web DID can be created without a Blockchain but
DID Methods exist that have a dependency on a Blockchain. All of them are valid
DIDs but have different guaranteees.
The example below shows how a web DID for veramo.dev might look like.
DID is created, it is typically associated with a private and public key pair. The public key will be visible in the
DID Document. This allows the controller/subject of the
DID to generate proofs that are verifiable by anyone that has the corresponding
DID Document for that
DID. The process of retrieving the
DID Document from a
DID is called
DID Resolver can take
DID as input and resolve the
DID Document. This is an important concept in how data flows in verifiable data systems.
DID has a
DID Document that describes the
DID subject. In the case of
DID Document is hosted on the website in the following format. It contains essential cryptographic information and also services that the
DID has available. This is the foundation of how
DIDs can start to communicate with each other.
Explainer on what a DID method is and links to supported DID Methods page