From f7d7c9fed3a550c83e7b76da444b24245428ec71 Mon Sep 17 00:00:00 2001 From: Paul Chen Date: Tue, 16 Jan 2024 18:54:37 +0800 Subject: [PATCH 1/8] docs: write DIDs ADR --- .../adr-024-decentralized-identifiers.md | 396 ++++++++++++++++++ 1 file changed, 396 insertions(+) create mode 100644 docs/architecture/adr-024-decentralized-identifiers.md diff --git a/docs/architecture/adr-024-decentralized-identifiers.md b/docs/architecture/adr-024-decentralized-identifiers.md new file mode 100644 index 0000000000..fedd698063 --- /dev/null +++ b/docs/architecture/adr-024-decentralized-identifiers.md @@ -0,0 +1,396 @@ +# ADR 024: Decentralized Identifiers registry + +## Changelog + +- Jan 16th, 2024: First draft; + +## Status + +PROPOSED + +## Abstract + +This ADR proposes the integration of a new functionality to incorporate Decentralized Identifiers (DIDs) into Desmos. + +## Context + +Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. DIDs enable individuals to assert control over their personal information, aligning with principles of privacy, and user empowerment. Furthermore, as DIDs emerge as a universal standard, they are poised to play a pivotal role in identity authentication across various applications. Desmos serves as a decentralized social platform infrastructure, becoming DIDs registry would contribute to an improved user experience in identity management. + +## Decision + +We will implement a new module named `x/did` that allows users to create/manage their DID documents. + +In addition, the name that identifies our DID method is: `desmos`, in other word, a DID that uses this method MUST begin with following prefix: `did:desmos`. + +### Types + +#### DID document + +`DidDoc` represents the DID document which includes full context with the standard published by W3C DID core. + +The store keys of DID document inside KVStore will be as follows: + +* 0x1 | {id} | {version_id} -> ProtocolBuffer(DidDoc) + +> NOTE +> To be compatible to DID resolver queries `did:example:123?versionId={version_id}` and `did:example:123?versionTime=2016-10-17T02:41:00Z`, we SHOULD store all the versions of DID document. + +##### Protobuf definition + +```protobuf +// DidDoc represents a set of data describing DID subject. +// Documentation: https://www.w3.org/TR/did-core +message DidDoc { + // URIs used to identify the context of DID document. + // Example: [https://www.w3.org/ns/did/v1] + repeated string context = 1; + + // The unique identifier in DID syntax of DID document. + // Example: did:desmos: + string id = 2; + + // External controller in DID syntax who can manage the verification method (optional). + // Documentation: https://w3id.org/security#controller + string controller = 3; + + // The assertion that two or more DIDs or other types of UIR refer to the same DID. + // Documentation: https://www.w3.org/TR/did-core/#also-known-as + string also_known_as = 4; + + // Keys of verification methods for verifying digital signature, must have at least one associated to Desmos address. + repeated VerificationMethod verification_methods = 5; + + // Id of keys for authentication within verification methods (optional). + // Documentation: https://w3id.org/security#authenticationMethod + repeated string authentication = 6; + + // Id of keys for assertion method within verification methods (optional). + // Documentation: https://w3id.org/security#assertionMethod + repeated string assertion_method = 7; + + // Id of keys for capability invocation that can manage the DID documentation within verification methods, must have at least one associated to Desmos address. + // Documentation: https://w3id.org/security#capabilityInvocationMethod + repeated string capability_invocation = 8; + + // Id of keys for capability delegation within verification methods (optional). + // Documentation: https://w3id.org/security#keyAgreementMethod + repeated string capability_delegation = 9; + + // Id of keys for kee agreement within verification methods (optional). + // Documentation: https://w3id.org/security#keyAgreementMethod + repeated string key_agreement = 10; + + // A set of services endpoint maps (optional). + repeated Service service = 11; + + // Version ID of the current DID document for resolver queries. + // Documentation: https://www.w3.org/TR/did-core/#did-parameters + uint64 version_id = 12; + + // Timestamp of the current DID document update for resolver queries. + // Documentation: https://www.w3.org/TR/did-core/#did-parameters + google.protobuf.timestamp version_time = 13; + +} + +// VerificationMethod express the cryptographic public keys, which can be used to authenticate or authorize interaction. +// Documentation: https://www.w3.org/TR/did-core/#verification-methods +message VerificationMethod { + // Unique identifier in DID URL syntax. + // Example: did:desmos:# + string id = 1; + + // Type of the verification method. + string type = 2; + + // External controller in DID syntax who can manage the verification method (optional). + // Documentation: https://w3id.org/security#controller + string controller = 3; + + // Material of the public key in the verification method. + // Documentation: https://www.w3.org/TR/did-core/#verification-material + oneof verification_material { + // JSON web key format public key in JSON. + string public_key_jwk = 4; + + // Base58 encoded public key. + string public_key_multibase = 5; + }; +} + +// Service represents the ways of communicating with DID subjects or associated entities. +// Documentation: https://www.w3.org/TR/did-core/#services +message Service { + // Unique identifier for the service. + // Example: did:desmos:# + string id = 1; + + // Type of the service. + string type = 2; + + // Endpoints of service. + repeated string service_endpoint = 3; +} +``` + +#### DidMetadata + +`DidMetadata` represents the metadata to show the latest status of DID document. + +The store keys of `DIDMetadata` for KVStore will be: + +* 0x2 | {id} -> ProtocolBuffer(DidMetadata) + +##### Protobuf definition + +```protobuf +// DidMetadata represents metadata of the DID document. +// Documentation: https://www.w3.org/TR/did-core/#did-document-metadata +message DidMetadata { + // The unique identifier in DID syntax of DID document. + string id = 1; + + // Timestamp of the DID document creation. + google.protobuf.Timestamp created = 2; + + // Timestamp of the last DID document update. + google.protobuf.Timestamp updated = 3; + + // Flag that indicates DID document is deactivated or not. + bool deactivated = 4; + + // Last version id of the DID document. + uint64 version_id = 5; +} +``` + +### `Msg` Service + +We will allow the following operations to be performed: + +- Create a new DID document +- Update an existing DID document +- Deactivate DID document +- Edit verification inside DID document + +> NOTE +> When updating DID document, sender's public key MUST be its controller or one of keys inside capability invocation field. + +#### Protobuf definition + +```protobuf +service Msg{ + // CreateDidDoc allows to create a newly DID document. + rpc CreateDidDoc(MsgCreateDidDoc) returns(MsgCreateDidDocResponse); + + // UpdateDidDoc allows to update an existing DID document. + rpc UpdateDidDoc(MsgUpdateDidDoc) returns(MsgUpdateDidDocResponse); + + // DeactivateDidDoc allows to deactivate DID document. + rpc DeactivateDidDoc(MsgsDeactivateDidDoc) returns(MsgsDeactivateDidDocResponse); + + // EditVerificationMethod allows to edit an existing verification method inside DID document. + rpc EditVerificationMethod(MsgEditVerificationMethod) returns(MsgEditVerificationMethodResponse); +} + +// MsgCreateDidDoc represents the message to be used to create a new DID document. +message MsgCreateDidDoc { + // URIs used to identify the context of DID document to be set. + repeated string context = 1; + + // ID of the newly DID document to be set. + string id = 2; + + // ID of the newly DID document controller to be set. + string controller = 3; + + // DIDs or URIs referring to the newly DID document to be set. + string also_known_as = 4; + + // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos address. + repeated VerificationMethod verification_methods = 5; + + // Verification method for authentication to be set. + repeated string authentication = 6; + + // Verification method for assertion method to be set. + repeated string assertion_method = 7; + + // Verification method for capability invocation to be set, must have at least one associated to Desmos address. + repeated string capability_invocation = 8; + + // Verification method for capability delegation to be set. + repeated string capability_delegation = 9; + + // Verification method for key agreement to be set. + repeated string key_agreement = 10; + + // Endpoints of services to be set. + repeated Service service = 11; + + // Address of the message sender. + string sender = 12; +} + +// MsgCreateDidDocResponse defines the Msg/CreateDidDoc response type. +message MsgCreateDidDocResponse { + // The metadata of the DID document. + DidMetadata metadata = 1; +} + +// MsgUpdateDidDoc represents the message to be used to update an existing DID document. +message MsgUpdateDidDoc { + // ID of the DID document to update. + string id = 1; + + // URIs used to identify the context of DID document to be set. + repeated string context = 2; + + // ID of the controller to be set. + string controller = 3; + + // DIDs or URIs referring to the newly DID document to be set. + string also_known_as = 4; + + // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos address. + repeated VerificationMethod verification_methods = 5; + + // Verification method for authentication to be set. + repeated string authentication = 6; + + // Verification method for assertion method to be set. + repeated string assertion_method = 7; + + // Verification method for capability invocation to be set, must have at least one associated to Desmos address. + repeated string capability_invocation = 8; + + // Verification method for capability delegation to be set. + repeated string capability_delegation = 9; + + // Verification method for key agreement to be set. + repeated string key_agreement = 10; + + // Endpoints of services to be set. + repeated Service service = 11; + + // Address of the DID document editor. + string sender = 12; +} + +// MsgUpdateDidDocResponse defines the Msg/UpdateDidDoc response type. +message MsgUpdateDidDocResponse { + // The updated metadata of the DID document. + DidMetadata metadata = 1; +} + +// MsgDeactivateDidDoc represents the message to be used to deactivate a DID document. +message MsgDeactivateDidDoc { + // ID of the DID document to deactivate. + string id = 1; + + // Address of the DID document editor. + string sender = 2; +} + +// MsgDeactivateDidDocResponse defines the Msg/DeactivateDidDoc response type. +message MsgDeactivateDidDocResponse { + // The updated metadata of the DID document. + DidMetadata metadata = 1; +} + +// MsgEditVerificationMethod represents the message to be used to edit an existing verification inside DID document. +message MsgEditVerificationMethod { + // Identifier of verification method to edit. + string id = 1; + + // Key type to be set. + string type = 2; + + // ID of controller to be set. + string controller = 3; + + // Material of public key to be set. + oneof verification_material { + // JSON web key format public key in JSON. + string public_key_jwk = 4; + + // Base58 encoded public key. + string public_key_multibase = 5; + }; + + // Address of the DID document editor. + string sender = 6; +} + +// MsgEditVerificationMethodResponse defines the Msg/EditVerificationMethod response type. +message MsgEditVerificationMethodResponse { + // The updated metadata of the DID document. + DidMetadata metadata = 1; +} +``` + +### `Query` service + +```protobuf +service Query{ + // DidDoc queries for a single DID document with the specified version. + rpc DidDoc(QueryDidDocRequest) returns(QueryDidDocResponse) { + option (google.http.get) = "/desmos/did/v1/did/{id}"; + }; + + // DidMetadata queries for the metadata of the DID document with its ID. + rpc DidMetadata(QueryDidMetadataRequest) returns(DidMetadataResponse) { + option (google.http.get) = "/desmos/did/v1/did/{id}/metadata"; + }; +} + +// QueryDidDocRequest is the request type for the Query/DidDoc RPC method +message QueryDidDocRequest { + string id = 1; + + // Version ID of DID document to query, returns latest version if version is not provided or equals to 0. + uint64 version = 2; +} + +// QueryDidDocResponse is the response type for the Query/DidDoc RPC method +message QueryDidDocResponse { + DidDoc did_doc = 1; +} + +// QueryDidMetadataRequest is the request type for the Query/DidMetadata RPC method +message QueryDidMetadataRequest { + string id = 1; +} + +// QueryDidMetadataResponse is the response type for the Query/DidMetadata RPC method +message QueryDidMetadataResponse { + DidMetadata metadata = 1; +} +``` + +## Consequences + +### Backwards Compatibility + +The solution outlined above is fully backward compatible since we are just adding a new module. + +### Positive + +- Improve the experience of identity management inside Desmos ecosystem. + +### Negative + +- Having DID implementation increases the complexity and storage usage of Desmos core. + +### Neutral + +(none known) + +## Further Discussions + +To fully compatible to DID universal resolver, we SHOULD implement resolver driver for Desmos in the future. + +## References + +- [W3C Decentralized Identifiers (DIDs) v1.0](https://www.w3.org/TR/did-core/) +- [DID universal resolver](https://github.com/decentralized-identity/universal-resolver) \ No newline at end of file From 97909573b68bf418b73d777e37ab22c97ce13b84 Mon Sep 17 00:00:00 2001 From: Paul Chen Date: Tue, 16 Jan 2024 18:57:43 +0800 Subject: [PATCH 2/8] doc: improve docs --- ...=> adr-024-decentralized-identifiers-registry.md} | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename docs/architecture/{adr-024-decentralized-identifiers.md => adr-024-decentralized-identifiers-registry.md} (97%) diff --git a/docs/architecture/adr-024-decentralized-identifiers.md b/docs/architecture/adr-024-decentralized-identifiers-registry.md similarity index 97% rename from docs/architecture/adr-024-decentralized-identifiers.md rename to docs/architecture/adr-024-decentralized-identifiers-registry.md index fedd698063..248367f4c2 100644 --- a/docs/architecture/adr-024-decentralized-identifiers.md +++ b/docs/architecture/adr-024-decentralized-identifiers-registry.md @@ -57,7 +57,7 @@ message DidDoc { // Documentation: https://www.w3.org/TR/did-core/#also-known-as string also_known_as = 4; - // Keys of verification methods for verifying digital signature, must have at least one associated to Desmos address. + // Keys of verification methods for verifying digital signature, must have at least one associated to Desmos account. repeated VerificationMethod verification_methods = 5; // Id of keys for authentication within verification methods (optional). @@ -68,7 +68,7 @@ message DidDoc { // Documentation: https://w3id.org/security#assertionMethod repeated string assertion_method = 7; - // Id of keys for capability invocation that can manage the DID documentation within verification methods, must have at least one associated to Desmos address. + // Id of keys for capability invocation that can manage the DID documentation within verification methods, must have at least one associated to Desmos account. // Documentation: https://w3id.org/security#capabilityInvocationMethod repeated string capability_invocation = 8; @@ -207,7 +207,7 @@ message MsgCreateDidDoc { // DIDs or URIs referring to the newly DID document to be set. string also_known_as = 4; - // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos address. + // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos account. repeated VerificationMethod verification_methods = 5; // Verification method for authentication to be set. @@ -216,7 +216,7 @@ message MsgCreateDidDoc { // Verification method for assertion method to be set. repeated string assertion_method = 7; - // Verification method for capability invocation to be set, must have at least one associated to Desmos address. + // Verification method for capability invocation to be set, must have at least one associated to Desmos account. repeated string capability_invocation = 8; // Verification method for capability delegation to be set. @@ -252,7 +252,7 @@ message MsgUpdateDidDoc { // DIDs or URIs referring to the newly DID document to be set. string also_known_as = 4; - // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos address. + // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos account. repeated VerificationMethod verification_methods = 5; // Verification method for authentication to be set. @@ -261,7 +261,7 @@ message MsgUpdateDidDoc { // Verification method for assertion method to be set. repeated string assertion_method = 7; - // Verification method for capability invocation to be set, must have at least one associated to Desmos address. + // Verification method for capability invocation to be set, must have at least one associated to Desmos account. repeated string capability_invocation = 8; // Verification method for capability delegation to be set. From 3a68428cb156ea40998431a8da3d9738f0d7735d Mon Sep 17 00:00:00 2001 From: Paul Chen Date: Wed, 24 Jan 2024 17:17:04 +0800 Subject: [PATCH 3/8] docs: update ADR 024 to DID resolver from DID registry --- ...-024-decentralized-identifiers-registry.md | 396 ------------------ ...-024-decentralized-identifiers-resolver.md | 143 +++++++ 2 files changed, 143 insertions(+), 396 deletions(-) delete mode 100644 docs/architecture/adr-024-decentralized-identifiers-registry.md create mode 100644 docs/architecture/adr-024-decentralized-identifiers-resolver.md diff --git a/docs/architecture/adr-024-decentralized-identifiers-registry.md b/docs/architecture/adr-024-decentralized-identifiers-registry.md deleted file mode 100644 index 248367f4c2..0000000000 --- a/docs/architecture/adr-024-decentralized-identifiers-registry.md +++ /dev/null @@ -1,396 +0,0 @@ -# ADR 024: Decentralized Identifiers registry - -## Changelog - -- Jan 16th, 2024: First draft; - -## Status - -PROPOSED - -## Abstract - -This ADR proposes the integration of a new functionality to incorporate Decentralized Identifiers (DIDs) into Desmos. - -## Context - -Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. DIDs enable individuals to assert control over their personal information, aligning with principles of privacy, and user empowerment. Furthermore, as DIDs emerge as a universal standard, they are poised to play a pivotal role in identity authentication across various applications. Desmos serves as a decentralized social platform infrastructure, becoming DIDs registry would contribute to an improved user experience in identity management. - -## Decision - -We will implement a new module named `x/did` that allows users to create/manage their DID documents. - -In addition, the name that identifies our DID method is: `desmos`, in other word, a DID that uses this method MUST begin with following prefix: `did:desmos`. - -### Types - -#### DID document - -`DidDoc` represents the DID document which includes full context with the standard published by W3C DID core. - -The store keys of DID document inside KVStore will be as follows: - -* 0x1 | {id} | {version_id} -> ProtocolBuffer(DidDoc) - -> NOTE -> To be compatible to DID resolver queries `did:example:123?versionId={version_id}` and `did:example:123?versionTime=2016-10-17T02:41:00Z`, we SHOULD store all the versions of DID document. - -##### Protobuf definition - -```protobuf -// DidDoc represents a set of data describing DID subject. -// Documentation: https://www.w3.org/TR/did-core -message DidDoc { - // URIs used to identify the context of DID document. - // Example: [https://www.w3.org/ns/did/v1] - repeated string context = 1; - - // The unique identifier in DID syntax of DID document. - // Example: did:desmos: - string id = 2; - - // External controller in DID syntax who can manage the verification method (optional). - // Documentation: https://w3id.org/security#controller - string controller = 3; - - // The assertion that two or more DIDs or other types of UIR refer to the same DID. - // Documentation: https://www.w3.org/TR/did-core/#also-known-as - string also_known_as = 4; - - // Keys of verification methods for verifying digital signature, must have at least one associated to Desmos account. - repeated VerificationMethod verification_methods = 5; - - // Id of keys for authentication within verification methods (optional). - // Documentation: https://w3id.org/security#authenticationMethod - repeated string authentication = 6; - - // Id of keys for assertion method within verification methods (optional). - // Documentation: https://w3id.org/security#assertionMethod - repeated string assertion_method = 7; - - // Id of keys for capability invocation that can manage the DID documentation within verification methods, must have at least one associated to Desmos account. - // Documentation: https://w3id.org/security#capabilityInvocationMethod - repeated string capability_invocation = 8; - - // Id of keys for capability delegation within verification methods (optional). - // Documentation: https://w3id.org/security#keyAgreementMethod - repeated string capability_delegation = 9; - - // Id of keys for kee agreement within verification methods (optional). - // Documentation: https://w3id.org/security#keyAgreementMethod - repeated string key_agreement = 10; - - // A set of services endpoint maps (optional). - repeated Service service = 11; - - // Version ID of the current DID document for resolver queries. - // Documentation: https://www.w3.org/TR/did-core/#did-parameters - uint64 version_id = 12; - - // Timestamp of the current DID document update for resolver queries. - // Documentation: https://www.w3.org/TR/did-core/#did-parameters - google.protobuf.timestamp version_time = 13; - -} - -// VerificationMethod express the cryptographic public keys, which can be used to authenticate or authorize interaction. -// Documentation: https://www.w3.org/TR/did-core/#verification-methods -message VerificationMethod { - // Unique identifier in DID URL syntax. - // Example: did:desmos:# - string id = 1; - - // Type of the verification method. - string type = 2; - - // External controller in DID syntax who can manage the verification method (optional). - // Documentation: https://w3id.org/security#controller - string controller = 3; - - // Material of the public key in the verification method. - // Documentation: https://www.w3.org/TR/did-core/#verification-material - oneof verification_material { - // JSON web key format public key in JSON. - string public_key_jwk = 4; - - // Base58 encoded public key. - string public_key_multibase = 5; - }; -} - -// Service represents the ways of communicating with DID subjects or associated entities. -// Documentation: https://www.w3.org/TR/did-core/#services -message Service { - // Unique identifier for the service. - // Example: did:desmos:# - string id = 1; - - // Type of the service. - string type = 2; - - // Endpoints of service. - repeated string service_endpoint = 3; -} -``` - -#### DidMetadata - -`DidMetadata` represents the metadata to show the latest status of DID document. - -The store keys of `DIDMetadata` for KVStore will be: - -* 0x2 | {id} -> ProtocolBuffer(DidMetadata) - -##### Protobuf definition - -```protobuf -// DidMetadata represents metadata of the DID document. -// Documentation: https://www.w3.org/TR/did-core/#did-document-metadata -message DidMetadata { - // The unique identifier in DID syntax of DID document. - string id = 1; - - // Timestamp of the DID document creation. - google.protobuf.Timestamp created = 2; - - // Timestamp of the last DID document update. - google.protobuf.Timestamp updated = 3; - - // Flag that indicates DID document is deactivated or not. - bool deactivated = 4; - - // Last version id of the DID document. - uint64 version_id = 5; -} -``` - -### `Msg` Service - -We will allow the following operations to be performed: - -- Create a new DID document -- Update an existing DID document -- Deactivate DID document -- Edit verification inside DID document - -> NOTE -> When updating DID document, sender's public key MUST be its controller or one of keys inside capability invocation field. - -#### Protobuf definition - -```protobuf -service Msg{ - // CreateDidDoc allows to create a newly DID document. - rpc CreateDidDoc(MsgCreateDidDoc) returns(MsgCreateDidDocResponse); - - // UpdateDidDoc allows to update an existing DID document. - rpc UpdateDidDoc(MsgUpdateDidDoc) returns(MsgUpdateDidDocResponse); - - // DeactivateDidDoc allows to deactivate DID document. - rpc DeactivateDidDoc(MsgsDeactivateDidDoc) returns(MsgsDeactivateDidDocResponse); - - // EditVerificationMethod allows to edit an existing verification method inside DID document. - rpc EditVerificationMethod(MsgEditVerificationMethod) returns(MsgEditVerificationMethodResponse); -} - -// MsgCreateDidDoc represents the message to be used to create a new DID document. -message MsgCreateDidDoc { - // URIs used to identify the context of DID document to be set. - repeated string context = 1; - - // ID of the newly DID document to be set. - string id = 2; - - // ID of the newly DID document controller to be set. - string controller = 3; - - // DIDs or URIs referring to the newly DID document to be set. - string also_known_as = 4; - - // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos account. - repeated VerificationMethod verification_methods = 5; - - // Verification method for authentication to be set. - repeated string authentication = 6; - - // Verification method for assertion method to be set. - repeated string assertion_method = 7; - - // Verification method for capability invocation to be set, must have at least one associated to Desmos account. - repeated string capability_invocation = 8; - - // Verification method for capability delegation to be set. - repeated string capability_delegation = 9; - - // Verification method for key agreement to be set. - repeated string key_agreement = 10; - - // Endpoints of services to be set. - repeated Service service = 11; - - // Address of the message sender. - string sender = 12; -} - -// MsgCreateDidDocResponse defines the Msg/CreateDidDoc response type. -message MsgCreateDidDocResponse { - // The metadata of the DID document. - DidMetadata metadata = 1; -} - -// MsgUpdateDidDoc represents the message to be used to update an existing DID document. -message MsgUpdateDidDoc { - // ID of the DID document to update. - string id = 1; - - // URIs used to identify the context of DID document to be set. - repeated string context = 2; - - // ID of the controller to be set. - string controller = 3; - - // DIDs or URIs referring to the newly DID document to be set. - string also_known_as = 4; - - // Keys of the newly DID document for verifying digital signature, must have at least one associated to Desmos account. - repeated VerificationMethod verification_methods = 5; - - // Verification method for authentication to be set. - repeated string authentication = 6; - - // Verification method for assertion method to be set. - repeated string assertion_method = 7; - - // Verification method for capability invocation to be set, must have at least one associated to Desmos account. - repeated string capability_invocation = 8; - - // Verification method for capability delegation to be set. - repeated string capability_delegation = 9; - - // Verification method for key agreement to be set. - repeated string key_agreement = 10; - - // Endpoints of services to be set. - repeated Service service = 11; - - // Address of the DID document editor. - string sender = 12; -} - -// MsgUpdateDidDocResponse defines the Msg/UpdateDidDoc response type. -message MsgUpdateDidDocResponse { - // The updated metadata of the DID document. - DidMetadata metadata = 1; -} - -// MsgDeactivateDidDoc represents the message to be used to deactivate a DID document. -message MsgDeactivateDidDoc { - // ID of the DID document to deactivate. - string id = 1; - - // Address of the DID document editor. - string sender = 2; -} - -// MsgDeactivateDidDocResponse defines the Msg/DeactivateDidDoc response type. -message MsgDeactivateDidDocResponse { - // The updated metadata of the DID document. - DidMetadata metadata = 1; -} - -// MsgEditVerificationMethod represents the message to be used to edit an existing verification inside DID document. -message MsgEditVerificationMethod { - // Identifier of verification method to edit. - string id = 1; - - // Key type to be set. - string type = 2; - - // ID of controller to be set. - string controller = 3; - - // Material of public key to be set. - oneof verification_material { - // JSON web key format public key in JSON. - string public_key_jwk = 4; - - // Base58 encoded public key. - string public_key_multibase = 5; - }; - - // Address of the DID document editor. - string sender = 6; -} - -// MsgEditVerificationMethodResponse defines the Msg/EditVerificationMethod response type. -message MsgEditVerificationMethodResponse { - // The updated metadata of the DID document. - DidMetadata metadata = 1; -} -``` - -### `Query` service - -```protobuf -service Query{ - // DidDoc queries for a single DID document with the specified version. - rpc DidDoc(QueryDidDocRequest) returns(QueryDidDocResponse) { - option (google.http.get) = "/desmos/did/v1/did/{id}"; - }; - - // DidMetadata queries for the metadata of the DID document with its ID. - rpc DidMetadata(QueryDidMetadataRequest) returns(DidMetadataResponse) { - option (google.http.get) = "/desmos/did/v1/did/{id}/metadata"; - }; -} - -// QueryDidDocRequest is the request type for the Query/DidDoc RPC method -message QueryDidDocRequest { - string id = 1; - - // Version ID of DID document to query, returns latest version if version is not provided or equals to 0. - uint64 version = 2; -} - -// QueryDidDocResponse is the response type for the Query/DidDoc RPC method -message QueryDidDocResponse { - DidDoc did_doc = 1; -} - -// QueryDidMetadataRequest is the request type for the Query/DidMetadata RPC method -message QueryDidMetadataRequest { - string id = 1; -} - -// QueryDidMetadataResponse is the response type for the Query/DidMetadata RPC method -message QueryDidMetadataResponse { - DidMetadata metadata = 1; -} -``` - -## Consequences - -### Backwards Compatibility - -The solution outlined above is fully backward compatible since we are just adding a new module. - -### Positive - -- Improve the experience of identity management inside Desmos ecosystem. - -### Negative - -- Having DID implementation increases the complexity and storage usage of Desmos core. - -### Neutral - -(none known) - -## Further Discussions - -To fully compatible to DID universal resolver, we SHOULD implement resolver driver for Desmos in the future. - -## References - -- [W3C Decentralized Identifiers (DIDs) v1.0](https://www.w3.org/TR/did-core/) -- [DID universal resolver](https://github.com/decentralized-identity/universal-resolver) \ No newline at end of file diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md new file mode 100644 index 0000000000..2207239d6b --- /dev/null +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -0,0 +1,143 @@ +# ADR 024: Decentralized Identifiers resolver + +## Changelog + +- Jan 16th, 2024: First draft; +- Jan 23th, 2024: First review; + +## Status + +PROPOSED + +## Abstract + +This ADR proposes the integration of a new functionality to incorporate Decentralized Identifiers (DIDs) into Desmos by resolving Desmos Profile into DID document. + +## Context + +Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. Via verifiable credential, DID enables individuals to assert control over their personal information, aligning with principles of privacy, and user empowerment. Furthermore, as DIDs emerge as a universal standard, they are poised to play a pivotal role in identity authentication across various applications. Desmos serves as a decentralized social platform infrastructure, DID would contribute to an improved user experience in identity management. + +## Decision + +We will implement a query method `DidDoc` to resolve Desmos Profile into DID document. In addition, A DID that uses this method MUST begin with the following prefix: `did:desmos`. + +The example of the resolver's response would be like as follows: + +```json +{ + "context": [ + "https://www.w3.org/ns/did/v1", + "https://w3id.org/security/suites/secp256k1-2019/v1" + ], + "id": "did:desmos:", + "alsoKnownAs": [ + "dtag:", // Desmos Dtag + "application::", // application link + "blockchain::", // chain link + ], + "verificationMethod": [ + { + "id": "did:desmos:#DESMOS-KEY-1", + "type": "EcdsaSecp256k1VerificationKey2019", + "publicKeyMultibase": "" + } + ], + "authentication": [ + "did:desmos:#DESMOS-KEY-1" + ], + "assertionMethod": [ + "did:desmos:#DESMOS-KEY-1" + ], +} +``` + +### `Query` service + +```protobuf +service Query{ + // DidDoc queries for a single DID document. + rpc DidDoc(QueryDidDocRequest) returns(QueryDidDocResponse) { + option (google.http.get) = "/desmos/profiles/v3/did/{id}"; + }; +} + +// QueryDidDocRequest is the request type for the Query/DidDoc RPC method +message QueryDidDocRequest { + string id = 1; +} + +// QueryDidDocResponse is the response type for the Query/DidDoc RPC method +message QueryDidDocResponse { + // URIs used to identify the context of DID document. + // Default: ["https://www.w3.org/ns/did/v1", "https://w3id.org/security/suites/secp256k1-2019/v1"] + repeated string context = 1; + + // The unique identifier in DID syntax of DID document. + // Example: did:desmos: + string id = 2; + + // The assertion that resources refer to the DID. + // In Desmos, it shows chain links and application links linked to profile. + // Documentation: https://www.w3.org/TR/did-core/#also-known-as + string also_known_as = 3; + + // Keys of verification methods for verifying digital signature. + // In Desmos, it must be the public key(s) that associated to the profile owner. + repeated VerificationMethod verification_methods = 4; + + // Id of keys for authentication within verification methods. + // Documentation: https://www.w3.org/TR/did-core/#authentication + repeated string authentication = 5; + + // Id of keys for assertion method within verification methods. + // Documentation: https://www.w3.org/TR/did-core/#assertion + repeated string assertion_method = 6; +} + +// VerificationMethod represents the cryptographic public keys, which can be used to authenticate interaction. +// Documentation: https://www.w3.org/TR/did-core/#verification-methods +message VerificationMethod { + // Unique identifier in DID URL syntax. + // Example: did:desmos:#DESMOS-KEY-1 + string id = 1; + + // Type of the verification method. + // Example: "EcdsaSecp256k1VerificationKey2019" + string type = 2; + + // Hex-encoded of the public key in the multibase format. + // Documentation: https://w3c-ccg.github.io/multibase + string public_key_multibase = 3; +} +``` + +### Limitation + +Due to the necessity of public key(s) being directly controlled by the profile owner, any profile owner lacking public keys, such as those associated with a contract, cannot be resolved into a DID. + +## Consequences + +### Backwards Compatibility + +The solution outlined above is fully backward compatible since we are just adding a new query method. + +### Positive + +- Enable the usage of Desmos in applications that support DID. + +### Negative + +(none known) + +### Neutral + +(none known) + +## Further Discussions + +To be compatible to DID universal resolver, we SHOULD implement resolver driver for Desmos in the future. + +## References + +- [W3C Decentralized Identifiers (DIDs) v1.0](https://www.w3.org/TR/did-core/) +- [DID universal resolver](https://github.com/decentralized-identity/universal-resolver) \ No newline at end of file From 46e158838c97245b44fa36b4f3c27a4b2e1b16ce Mon Sep 17 00:00:00 2001 From: Riccardo Date: Fri, 2 Feb 2024 09:45:02 +0100 Subject: [PATCH 4/8] chore: accept ADR --- docs/architecture/adr-024-decentralized-identifiers-resolver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md index 2207239d6b..f448b39c96 100644 --- a/docs/architecture/adr-024-decentralized-identifiers-resolver.md +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -7,7 +7,7 @@ ## Status -PROPOSED +ACCEPTED Not Implemented ## Abstract From 04a0c99ac18aade95dc19e6affd53272e08e565a Mon Sep 17 00:00:00 2001 From: Riccardo Date: Fri, 2 Feb 2024 09:52:56 +0100 Subject: [PATCH 5/8] Update docs/architecture/adr-024-decentralized-identifiers-resolver.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- docs/architecture/adr-024-decentralized-identifiers-resolver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md index f448b39c96..dd567ea077 100644 --- a/docs/architecture/adr-024-decentralized-identifiers-resolver.md +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -11,7 +11,7 @@ ACCEPTED Not Implemented ## Abstract -This ADR proposes the integration of a new functionality to incorporate Decentralized Identifiers (DIDs) into Desmos by resolving Desmos Profile into DID document. +This ADR proposes the integration of a new functionality into Desmos to resolve Desmos Profiles into DID documents, incorporating Decentralized Identifiers (DIDs) for enhanced digital identity verification. ## Context From 2000f3a24d94aba65a942acb0370a82887e952c3 Mon Sep 17 00:00:00 2001 From: Riccardo Date: Fri, 2 Feb 2024 09:53:17 +0100 Subject: [PATCH 6/8] Update docs/architecture/adr-024-decentralized-identifiers-resolver.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- docs/architecture/adr-024-decentralized-identifiers-resolver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md index dd567ea077..3438d5ba53 100644 --- a/docs/architecture/adr-024-decentralized-identifiers-resolver.md +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -19,7 +19,7 @@ Decentralized identifiers (DIDs) are a new type of identifier that enables verif ## Decision -We will implement a query method `DidDoc` to resolve Desmos Profile into DID document. In addition, A DID that uses this method MUST begin with the following prefix: `did:desmos`. +We will implement a query method `DidDoc` within the Desmos Profiles module to resolve Desmos Profiles into DID documents. In addition, A DID that uses this method MUST begin with the following prefix: `did:desmos`. The example of the resolver's response would be like as follows: From fb268eb13e16662fcaeaaba20cf3b4733bec123e Mon Sep 17 00:00:00 2001 From: Riccardo Date: Fri, 2 Feb 2024 09:53:44 +0100 Subject: [PATCH 7/8] Update docs/architecture/adr-024-decentralized-identifiers-resolver.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .../adr-024-decentralized-identifiers-resolver.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md index 3438d5ba53..65613b17ad 100644 --- a/docs/architecture/adr-024-decentralized-identifiers-resolver.md +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -31,9 +31,9 @@ The example of the resolver's response would be like as follows: ], "id": "did:desmos:", "alsoKnownAs": [ - "dtag:", // Desmos Dtag - "application::", // application link - "blockchain::", // chain link + "dtag:", /* Desmos Dtag */ + "application::", /* application link */ + "blockchain::", /* chain link */ ], "verificationMethod": [ { From b8063d46ee6b7edf20047971e1eb0e20a426aa99 Mon Sep 17 00:00:00 2001 From: Riccardo Date: Fri, 2 Feb 2024 09:54:15 +0100 Subject: [PATCH 8/8] Update docs/architecture/adr-024-decentralized-identifiers-resolver.md Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- docs/architecture/adr-024-decentralized-identifiers-resolver.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/architecture/adr-024-decentralized-identifiers-resolver.md b/docs/architecture/adr-024-decentralized-identifiers-resolver.md index 65613b17ad..3ebdae7507 100644 --- a/docs/architecture/adr-024-decentralized-identifiers-resolver.md +++ b/docs/architecture/adr-024-decentralized-identifiers-resolver.md @@ -114,6 +114,7 @@ message VerificationMethod { ### Limitation Due to the necessity of public key(s) being directly controlled by the profile owner, any profile owner lacking public keys, such as those associated with a contract, cannot be resolved into a DID. +Future versions may explore alternative methods to accommodate profiles without direct public key control, enhancing inclusivity. ## Consequences