0040 XLS-40d: Decentralized Identity on XRPL #100
Replies: 16 comments 21 replies
-
A few thoughts:
|
Beta Was this translation helpful? Give feedback.
-
Great work. |
Beta Was this translation helpful? Give feedback.
-
Why not directly store the owner's public key and the controller's public key in the DIDToken object? In the current design, if I want to verify a user's DID, I need to call the resolver to get the URI first, then use the URI to retrieve the public key. This would introduce additional costs and delays. |
Beta Was this translation helpful? Give feedback.
-
There are many Decentralized Identity patent applications. Since this proposal is the composure of years of work / knowledge, the XRPL Foundation needs to submit any prior art, including this proposal, along with any notes, communications, exhibits, or any other form of publicly available information that existed prior to the filing date of any decentralized identity pending patent applications. Prior art serves to establish the state of existing knowledge and technology in a given field, which is crucial in determining whether an invention is novel and non-obvious, which is required in obtaining a patent. In essence, a party cannot be granted a patent if their claims incorporate elements of domain knowledge (this proposal) that predate any patent or patent application. Here are a few patent applications the Foundation needs to consider submitting prior art for: https://patents.google.com/patent/US20210272106A1 |
Beta Was this translation helpful? Give feedback.
-
Has anyone read CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, |
Beta Was this translation helpful? Give feedback.
-
The URI field much like the URI field on NFT's today should be a required field. |
Beta Was this translation helpful? Give feedback.
-
Awesome job! |
Beta Was this translation helpful? Give feedback.
-
The other issue here is this suffers the same lookup issue as to who the owner is like the current NFT standard. Requiring extra tooling for indexes that live off the XRPL. It would be desirable to look up the owner of the DiD via the ledger it's self proving the DiD identifier. |
Beta Was this translation helpful? Give feedback.
-
How did the specification regarding Account Roles go away? |
Beta Was this translation helpful? Give feedback.
-
Hello, I have a few questions.
On a broader note in the XRPL architecture, I know that ephemeral and masterPublic keys are used in the manifests. Are users provided any way to rotate their keys for account management?
The DIDID appears to be tightly bound to the Account ID, hence it appears that multiple identities is not feasible for a single account. |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
Yes, but it would preserve the Data field in all the previous ledgers, I'm
concerned that goes against the spirit of privacy laws.
Regards,
Keshava
…On Fri, Aug 18, 2023 at 6:03 AM Mayukha Vadari ***@***.***> wrote:
The Data field is not un-deleteable, that field can also be deleted.
—
Reply to this email directly, view it on GitHub
<https://urldefense.com/v3/__https://github.com/XRPLF/XRPL-Standards/discussions/100*discussioncomment-6761378__;Iw!!PZTMFYE!7eRN9eSY5wmMLTO1c8i5_XZWjCBCmg2hlqPPYH39Zi7VtMeVN49VfZXQSPd-kPNkn_zv0frXxATtDAk5bHb_AGWXgQ$>,
or unsubscribe
<https://urldefense.com/v3/__https://github.com/notifications/unsubscribe-auth/AFB4TNK6JWPNDJPUNXA2TZTXV5RZTANCNFSM6AAAAAAWNVYYHQ__;!!PZTMFYE!7eRN9eSY5wmMLTO1c8i5_XZWjCBCmg2hlqPPYH39Zi7VtMeVN49VfZXQSPd-kPNkn_zv0frXxATtDAk5bHYID-HRtw$>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Hey @aanchal4 this is excellent, thanks for putting it together. I started playing around with designing a DID method for XRPL a few years ago but limited my design to not requiring any new ledger objects. This is much cleaner and I think could be incredibly powerful. I think it would be really useful to document some use cases for this where the account owner is an individual but also where the account owner is a business. E.g. Consider the case of key rotation raised in an earlier comment. A business could publish a DID Document that contains all their public keys used for attestation, authorization etc and then bind that to their account on XRPL using a key that is mostly kept in cold storage. The private signing and auth keys can be stored in an HSM or similar and used for day-to-day operations like signing API requests or issuing verifiable claims. Another interesting thought is considering this as a way for individuals to effectively be their own Certificate Authority where their master key on XRPL is the root of their own PKI. |
Beta Was this translation helpful? Give feedback.
-
note: as of today, this spec needs some updates |
Beta Was this translation helpful? Give feedback.
-
Refer to PR #136 |
Beta Was this translation helpful? Give feedback.
-
@aanchal4 Hello, any update about the possibility to have a driver for the universal resolver ? |
Beta Was this translation helpful? Give feedback.
-
Updated spec: XLS-40 Decentralized Identity
Implementation: rippled#4636
An older version of the spec follows.
1. Abstract
Self-sovereign identity, defined as a lifetime portable digital identity that does not depend on any centralized authority, requires a new class of identifier that fulfills the following four requirements: persistence, global resolvability, cryptographic verifiability, and decentralization. World Wide Web Consortium (W3C) standardized Decentralized Identifiers (DIDs) are a new type of identifier that enable verifiable, self-sovereign digital identity and are designed to be compatible with any distributed ledger or network. In the context of digital identities, W3C's standards for DIDs and Verifiable Credentials (VCs) are rapidly gaining traction, especially in blockchain-related domains. In this document we propose to implement native support for W3C DIDs on XRP Ledger.
To this end, we specify the following on XRPL:
DID method
that describes:CRUD operations
on XRP ledger DIDsThis specification conforms to the requirements specified in the DID v1.0 specification currently recommended by the W3C Credentials Community Group.
2. Principles & Goals
2.1. Principles
This proposal chooses to recommend W3C DID identity standard to satisfy the following first principles:
Decentralized: Requires no central issuing agency and functions effectively in Decentralized Finance.
Persistent and Portable: Inherently persistent and long-lived, not requiring the continued operation of any underlying organization and portable between different applications.
Cryptographically Verifiable: Based on cryptographic proofs rather than out-of-band trust.
Universally Resolvable and Interoperable: Open to any solution that recognizes the common W3C DID standards and requires no one specific software vendor implementation.
2.2. Goals & Non-Goals
This document aims to define DID identifier format for XRP ledger conformant to W3C DID standards that can be created and owned by any XRPL account holder, and specify definitions for DID methods to create, read, update and delete DID (data) that can be implemented by any service, wallet, or application.
This proposal is NOT intended as a competing decentralized identity standard; it aims to leverage existing (and emerging) decentralized identity standard proposed by W3C.
The proposal is motivated to enable individual users to create, and manage their decentralized identifiers while having complete control over the private keys and contents of the identity object.
3. New On-Ledger Objects and Transactions
We propose one new ledger object and two new transaction types.
Create
the new ledger objectDID
withURI
, and/orData
fields, thus adding the required reserve towards the account that initiated the transaction.Update
the mutableURI
andData
fields of theDID
object.DID
object, thus reducing the reserve requirement towards the account that created the object.4. XRPL Decentralized Identifier (DID) Specification
In this section we specify the implementation details of W3C DID standard that are specific to XRP Ledger.
4.1. The
DID
ObjectWe propose a new ledger object called
DID
that holds references to or data associated with a single DID. TheDID
object is created and updated using theDIDSet
transaction and is deleted using theDIDDelete
transaction.4.1.1. Object Fields
DID
object may have the following required and optional fields.LedgerEntryType
string
UINT16
Identifies the type of ledger object. The proposal recommends the value
0x0049
as the reserved entry type.URI
string
BLOB
Specifies a Universal Resource Identifier, a.k.a. URI that points to the corresponding DID document. This field could be an HTTP(S) URL or IPFS URI. The
URI
field is NOT checked for validity, but the field is limited to a maximum length of 256 bytes. This is a mutable field.Data
string
BLOB
Data
specifies the arbitrary data associated with this object. TheData
field is NOT checked for validity, but the field is limited to a maximum length of 256 bytes. e.g.URI
field, orThis is a mutable field.
Note:
URI
orData
field MUST be present to create and update theDID
object.URI
andData
fields MUST be absent to delete theDID
object.4.1.2. The
DID
Object ID FormatDID
object may contain data associated with the XRPL account's identity. This requires theDID
to be:We compute the
DID
object ID, a.k.a.,DIDID
as theSHA-512Half
of the following values, concatenated in order:DID
space key (0x0049
)4.1.3. Reserve Requirements
TBD
4.2. XRP Ledger DID Method Specification
In this section, we describe the DID method specification that conforms to the requirements specified in the DID specification currently published by the W3C Credentials Community Group. For more information about DIDs and DID method specifications, refer to the DID Primer.
4.2.1. XRP Ledger DID Scheme
The DID format as defined by W3C is as follows:
We propose the following format for DIDs on XRPL:
The components specific to the XRPL network are the following:
method-name
: The"xrpl"
namestring specifies that this is a DID for XRP Ledger.A DID that uses this method MUST begin with the following prefix:
did:xrpl
. Per the DID specification, this string MUST be in lowercase. The remainder of the DID, after the prefix, is specified below.method-specific-idstring
is formed bynetwork-id
andxrpl-specific-idstring
network-id
:network-id
is a chain ID which is an identifier of XRP ledger networks. It specifies the underlying network instance where theDID
is stored. Per XLS-37d specification, in XRPL Protocol Chains the Network ID should match the chosen peer port.xrpl-specific-idstring
is generated as described in the next section.4.2.2. XRPL-specific-idstring Generation Method
XRPL DID MUST be unique within the XRPL network.
xrpl-specific-idstring
is theAccountID
or the hex ofmaster public key
of theDID
object's account. See this for more details on XRPL public keys.Example:
A valid DID for an XRPL network may be
or
The above DIDs are case-insensitive and will resolve to the same
DID
object.5. CRUD Operations
In this section we outline the following four CRUD operations for
did:xrpl
method.Create
Read
Update
Delete
5.1. DIDSet Transaction
The proposal introduces a new transaction type:
DIDSet
that can be used to:Create
a newDID
object,Update
the existingDID
object.5.1.1 Example
DIDSet
JSONCreate
If the
DID
object associated with theAccount
does not exist,URI
andData
fields are not present in the transaction, then transaction fails.DIDSet
transaction creates a newDID
object with the following object ID:SHA-512Half
of the following values, concatenated in order:DID
space key (0x0049
)Account
, i.e. rHb9CJAWyB4rj91VRWn96DkukG4bwdtyThDID associated with this object is:
or
Implicit DID document
Some minimalistic use cases might only need signatures and simple authorization tokens, but don't need support for multiple keys or devices, complex organizational hierarchies and other advanced rights management features.
To lower the entry level, we do not always require registering a
DID
by publishing a reference to or the DID Document on the ledger. If there's no explicitly registeredDID
found on the ledger then an implicit document is used instead as a default. Any update on this implicit document requires registering theDID
object and applied changes on the ledger to be valid.For example, the implicit DID Document of
did:xrpl:1:0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020
enables only a single key 0330E7FC9D56BB25D6893BA3F317AE5BCF33B3291BD63DB32654A313222F7FD020 to authorize changes on the DID document or sign credentials in the name of the DID.Update
If the
DID
object associated with theAccount
exists,URI
andData
fields are not present, then transaction fails.DIDSet
transaction updates this object.5.1.2. Transaction-specific fields
TransactionType
string
UINT16
Indicates the new transaction type
DIDSet
. The integer value is 40.Account
string
AccountID
Indicates the account which initiates the
DIDSet
transaction. This account MUST be a funded account on ledger.Fee
number
Amount
Indicates the fee that the account submitting this transaction is willing to pay.
URI
string
BLOB
Indicates the
URI
field for this object.Data
string
BLOB
Indicates the
Data
field for this object.SigningPubKey
string
BLOB
Indicates the public key used to create this signature.
5.2. Read
The initial step in utilizing a DID for any application involves resolving the DID to access the underlying DID Document. This resolution process unveils the cryptographic material and service endpoints linked to the specific DID.
In the case of XRPL DID, the
read
operation facilitates the resolution to the associatedDID
object. Upon successful resolution, applications can retrieve and utilize the relevantURI
and/orData
fields contained within theDID
object:Given the input DID for an account, follow these steps:
Retrieve the xrpl-specific-idstring of the DID.
If the xrpl-specific-idstring represents a public key:
Retrieve the contents of the corresponding
DID
object in its raw format using the XRPL'saccount_objects
command. Use theaccount
field to specify the Account ID to retrieve all objects owned by that account, includingDID
object in the raw ledger format. Or optionally use thetype
field to filter the results byledger_entry
type, i.e.DID
to retrieve the contents of just theDID
object.Example
Given the DID did:xrpl:1:rf1BiGeXwwQoi8Z2ueFYTEXSwuJYfV2Jpn, do the following:
rf1BiGeXwwQoi8Z2ueFYTEXSwuJYfV2Jpn
account_objects
method request to retrieve the contents ofDID
object:A sample response to the above query might look like this:
Upon receiving this response, an IPFS address (CAS) can be retrieved from the
URI
field. This address can then be resolved to retrieve the corresponding DID Document.📓 It is recommended that the applications implementing this method extend it to enable DID document fetching from the retrieved URI.
5.3. DIDDelete Transaction
XRP ledger
DID
object owner or controller MAY want to delete the object. For this, we introduce a new transaction type calledDIDDelete
. A successful transaction will remove the ledger object and reduce the reserve requirement of the owner account.5.3.1. Example
DIDDelete
JSONA successful
DIDDelete
transaction deletes theDID
object corresponding to theAccount
5.3.2. Transaction-Specific Fields
TransactionType
string
UINT16
Indicates the new transaction type
DIDDelete
. The integer value is 41.Account
string
AccountID
Indicates the account that initiated the transaction.
Fee
string
Amount
Indicates the fee that the account is willing to pay for this transaction.
SigningPubKey
string
BLOB
Indicates the public key used to create this signature.
6. Privacy and Security Considerations
There are several security and privacy considerations that implementers would want to take into consideration when implementing this specification.
6.1. Key Management
The entity which controls the private key associated with the
DID
object, i.e. the XRPLAccount
also effectively controls the reference to the DID Document which the DID resolves to. Thus great care should be taken to ensure that the private key is kept private. Methods for ensuring key privacy are outside the scope of this document.6.2. DID Document Public Profile
The DID document or other data associated with the XRPL DID's
URI
and.orData
fields can contain any content, though it is recommended that it conforms to the W3C DID Document and Verifiable Credentials (VC) specification. As anchored DIDs on XRPL can be resolved by anyone, care should be taken to only update to resolve DID Documents which DO NOT expose any sensitive personal information, or information which one may not wish to be public. DID documents should be limited to verification methods and service endpoints, and should not store any personal information.6.3. IPFS and Canonicity
IPFS allows anyone to store content publicly on the nodes in a distributed network. A common misconception is that anyone can edit content, however the content-addressability of IPFS means that this new edited content will have a different address to the original. While any entity can copy a DID Document anchored with an XRPL account's
URI
, they cannot change the document that a DID resolves to via the XRPLaccount_objects
resolution unless they control the private key which created the correspondingDID
object.For more, see § 10. Privacy Considerations in did-core.
7. Reference Implementations
TBD
8. Appendices
Appendix 1. DID Document
A DID is associated with a DID document. A DID document contains the necessary information to cryptographically verify the identity of the DID subject. W3C defines the core properties in a DID document, that describe relationships between the DID subject and the value of the property. For example, a DID document could contain cryptographic public keys such that the DID subject can use it to authenticate itself and proves its association with the DID. Usually, a DID document can be serialized to JSON representation or JSON-LD representation (see [DIDs v1.0]).
Applications may choose one of the following for the DID document associated with a DID:
URI
field ofDID
object to the DID document stored in one or more parts on other decentralized storage networks such as IPFS or STORJ.Data
field of theDID
object.While not normative, a sample XRPL DID Document MAY look like:
W3C defines the core properties in a DID document, that describe relationships between the DID subject and the value of the property.
Appendix 2. Universal Resolver
A Universal Resolver is an identifier resolver that works with any decentralized identifier system, including W3C DIDs. Refer here. A driver for XRPL DID method resolution will be added to universal resolver configurations to make it publicly accessible.
Beta Was this translation helpful? Give feedback.
All reactions