quartzjer / did-jwk Goto Github PK
View Code? Open in Web Editor NEWDID JWK Method Spec
License: Creative Commons Zero v1.0 Universal
DID JWK Method Spec
License: Creative Commons Zero v1.0 Universal
https://github.com/OR13/did-jwk
You may find the examples here interesting: https://github.com/OR13/did-jwk/tree/main/src/cli-examples
I would assume:
But it's not clear from your example.
I need to get back something like did:jwk:encoded....#key-0
I tried to convert did keys to this format... this is what I got:
{
"keys": [
{
"id": "did:key:z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT#z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT",
"controller": "did:key:z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT",
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA"
},
"privateKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA",
"d": "TmG8GRjqakeuMwczG-d5gZahqOfP5Lbo98ml82AX2Sk"
}
}
],
"didDocument": {
"id": "did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9",
"verificationMethod": [
{
"id": "did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9",
"publicKeyJwk": {
"kid": "key-0",
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA"
}
}
],
"authentication": [
"did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9"
],
"capabilityInvocation": [
"did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9"
],
"capabilityDelegation": [
"did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9"
],
"keyAgreement": [
"did:jwk:eyJraWQiOiJrZXktMCIsImt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4Ijoia1lVeEpkeGNxb0tiZkpLalRQRW1iaWZOckRCdnVRdW9HeW5od21yNEJTQSJ9"
]
}
}
I think it might be possible to use the x5c
parameter with a mutable did method, to convert immutable did:jwk into revocable and immutable did:jwk.
JWKs are a foundational component of many identity and credentialing systems.
The did:jwk method could be extended with "longer form" identitifer schemes that address these specific use cases.
For example:
Its possible to compress a did:jwk
using content addressing... this can be accomplished without overloading did:jwk
but leveraging the naming convention used for multiple network based methods, for example:
did:jwk:ipfs:cid
-> cid -> did:jwk:encoded
This would leverage any content id based storage network to shorten the did, but at the cost of a different resolution process for jwk:ipfs
when compared to jwk
.
TODO ?
TODO ?
I'm wrapping up an update to our did:key library that allows for users to generate did:jwk instead.
Here is a dump on some examples:
{
"P-256": {
"keys": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-256",
"x": "Nw-6rVBYSZ_xE4fqpMAQW06KROCrk0U1dTXdM4vuCDk",
"y": "oMXEHZeg8jWV1JjxtGzHi3CL-bO10asAbICgvAYvfrE"
},
"privateKeyJwk": {
"kty": "EC",
"crv": "P-256",
"d": "aT2ANm0AzgqvpqDC5Fcesl3-dIiwvY9duEV7yLU2tyc",
"x": "Nw-6rVBYSZ_xE4fqpMAQW06KROCrk0U1dTXdM4vuCDk",
"y": "oMXEHZeg8jWV1JjxtGzHi3CL-bO10asAbICgvAYvfrE"
}
}
],
"didDocument": {
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-256",
"x": "Nw-6rVBYSZ_xE4fqpMAQW06KROCrk0U1dTXdM4vuCDk",
"y": "oMXEHZeg8jWV1JjxtGzHi3CL-bO10asAbICgvAYvfrE"
}
}
],
"authentication": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik53LTZyVkJZU1pfeEU0ZnFwTUFRVzA2S1JPQ3JrMFUxZFRYZE00dnVDRGsiLCJ5Ijoib01YRUhaZWc4aldWMUpqeHRHekhpM0NMLWJPMTBhc0FiSUNndkFZdmZyRSJ9#0"
]
}
},
"P-384": {
"keys": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "deBSeJA9e5bQeWRDW-xafsYoyHThnvX_EMXy1xTbDJpRXma4c9L7Jv_hgM1M9EUY",
"y": "6IlXbH73WtJAQtfOQDqeqni2Qk6IwMA0Dx6Sz1sa3x8X08aPibPsvX599jW9x4qi"
},
"privateKeyJwk": {
"kty": "EC",
"crv": "P-384",
"d": "bogrviTQUnBXY_poQU-OXxAv1guZzUPVkXxW2Tr-jxM2aCaoYmU3fxFMMKmAe8sW",
"x": "deBSeJA9e5bQeWRDW-xafsYoyHThnvX_EMXy1xTbDJpRXma4c9L7Jv_hgM1M9EUY",
"y": "6IlXbH73WtJAQtfOQDqeqni2Qk6IwMA0Dx6Sz1sa3x8X08aPibPsvX599jW9x4qi"
}
}
],
"didDocument": {
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-384",
"x": "deBSeJA9e5bQeWRDW-xafsYoyHThnvX_EMXy1xTbDJpRXma4c9L7Jv_hgM1M9EUY",
"y": "6IlXbH73WtJAQtfOQDqeqni2Qk6IwMA0Dx6Sz1sa3x8X08aPibPsvX599jW9x4qi"
}
}
],
"authentication": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMzg0IiwieCI6ImRlQlNlSkE5ZTViUWVXUkRXLXhhZnNZb3lIVGhudlhfRU1YeTF4VGJESnBSWG1hNGM5TDdKdl9oZ00xTTlFVVkiLCJ5IjoiNklsWGJINzNXdEpBUXRmT1FEcWVxbmkyUWs2SXdNQTBEeDZTejFzYTN4OFgwOGFQaWJQc3ZYNTk5alc5eDRxaSJ9#0"
]
}
},
"Ed25519": {
"keys": [
{
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "bdVY9l7EL-9za8CQCjXgk-V7th0c_vuGmuIsA75hjag"
},
"privateKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "bdVY9l7EL-9za8CQCjXgk-V7th0c_vuGmuIsA75hjag",
"d": "xCajx6hc53zYwsbwwz2qJikfX9_vPyr7Y-ilLqLCtgY"
}
}
],
"didDocument": {
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "bdVY9l7EL-9za8CQCjXgk-V7th0c_vuGmuIsA75hjag"
}
}
],
"authentication": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImJkVlk5bDdFTC05emE4Q1FDalhnay1WN3RoMGNfdnVHbXVJc0E3NWhqYWcifQ#0"
]
}
},
"X25519": {
"keys": [
{
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9",
"publicKeyJwk": {
"kty": "OKP",
"crv": "X25519",
"x": "wUaaS6DwyaP-8vS_aALDfWz6_6QOddUBAq_LV6LjAH8"
},
"privateKeyJwk": {
"kty": "OKP",
"crv": "X25519",
"x": "wUaaS6DwyaP-8vS_aALDfWz6_6QOddUBAq_LV6LjAH8",
"d": "ms8ujhrsN4wUQj7YPtaS6JQpnOh2tRvyr6nFb8slooU"
}
}
],
"didDocument": {
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9",
"publicKeyJwk": {
"kty": "OKP",
"crv": "X25519",
"x": "wUaaS6DwyaP-8vS_aALDfWz6_6QOddUBAq_LV6LjAH8"
}
}
],
"authentication": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJPS1AiLCJjcnYiOiJYMjU1MTkiLCJ4Ijoid1VhYVM2RHd5YVAtOHZTX2FBTERmV3o2XzZRT2RkVUJBcV9MVjZMakFIOCJ9#0"
]
}
},
"secp256k1": {
"keys": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ",
"publicKeyJwk": {
"kty": "EC",
"crv": "secp256k1",
"x": "TgADGlUtXxpyNjU2evDpTVBw4UMfFknVFbj9YPVbN9c",
"y": "oKUH16_lvn4A7HCN7AMLVKf3KbcHJbgysGIAWPOMc8s"
},
"privateKeyJwk": {
"kty": "EC",
"crv": "secp256k1",
"x": "TgADGlUtXxpyNjU2evDpTVBw4UMfFknVFbj9YPVbN9c",
"y": "oKUH16_lvn4A7HCN7AMLVKf3KbcHJbgysGIAWPOMc8s",
"d": "xcqFKuNvOOOg4rWxR440AY4qZ4QfNULV3CjSBF-eO30"
}
}
],
"didDocument": {
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ",
"publicKeyJwk": {
"kty": "EC",
"crv": "secp256k1",
"x": "TgADGlUtXxpyNjU2evDpTVBw4UMfFknVFbj9YPVbN9c",
"y": "oKUH16_lvn4A7HCN7AMLVKf3KbcHJbgysGIAWPOMc8s"
}
}
],
"authentication": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6InNlY3AyNTZrMSIsIngiOiJUZ0FER2xVdFh4cHlOalUyZXZEcFRWQnc0VU1mRmtuVkZiajlZUFZiTjljIiwieSI6Im9LVUgxNl9sdm40QTdIQ043QU1MVktmM0tiY0hKYmd5c0dJQVdQT01jOHMifQ#0"
]
}
}
}
Out of curiosity why not run it through the JCS algorithm first before converting it to a UTF-8 string?
I did consider this route, but decided that I wanted to keep the requirements extremely minimal.
The intent is for the owner to maintain these DIDs in their serialized form as the default/simplest use-case. They MAY decide to store in some other form and canonicalize, but that isn't required by the method.
https://www.w3.org/TR/did-core/#dfn-publickeyjwk
The publicKeyJwk property is OPTIONAL. If present, the value MUST be a map representing a JSON Web Key that conforms to [RFC7517]. The map MUST NOT contain "d", or any other members of the private information class as described in Registration Template.
It is RECOMMENDED that verification methods that use JWKs [RFC7517] to represent their public keys use the value of kid as their fragment identifier. It is RECOMMENDED that JWK kid values are set to the public key fingerprint [RFC7638]. See the first key in Example 13 for an example of a public key with a compound key identifier.
Many folks who use JWK will already have an identifier for the JWK, more examples (possibly pulled from Amazon, Google, Azure KMS JWKs) would help provide better interop.
one hack around did methods like this has been "resolver middleware", or... modifying a did document to contain values other than what the method author intended (for example adding service endpoints or @context
or other json values to an existing did document.
It is possible to make did:jwk
look like a did web by exploiting the ability to encode arbitrary JSON in the encoded JWK.
For example:
const jwk = {
kid,
'@context': options.didDocument['@context'],
service: options.didDocument.service,
...publicKeyJwk,
};
const did = `did:jwk:${base64url.encode(JSON.stringify(jwk))}`;
This will then yield a did document that contains nested data which can be pulled up the correct level by "post resolution middleware"....
example:
{
"keys": [
{
"id": "did:key:z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT#z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT",
"controller": "did:key:z6MkpFJxUgQgYKK68fmokaCWwpRYoWdG3LzZR6dLFXvdJvAT",
"type": "JsonWebKey2020",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA"
},
"privateKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA",
"d": "TmG8GRjqakeuMwczG-d5gZahqOfP5Lbo98ml82AX2Sk"
}
}
],
"didDocument": {
// note that a resolver could inject this value
"@context": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ",
"verificationMethod": [
{
"id": "did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ",
"publicKeyJwk": {
"kid": "key-0",
// note that a resolver could remove this value
"@context": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/jws-2020/v1"
],
// note that a resolver could remove this value
"service": [
{
"id": "#agent",
"serviceEndpoint": "https://api.example.com"
}
],
"kty": "OKP",
"crv": "Ed25519",
"x": "kYUxJdxcqoKbfJKjTPEmbifNrDBvuQuoGynhwmr4BSA"
}
}
],
"authentication": [
"did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ"
],
"capabilityInvocation": [
"did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ"
],
"capabilityDelegation": [
"did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ"
],
"keyAgreement": [
"did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ"
],
// note that a resolver could inject this value
"service": [
{
"id": "did:jwk:eyJraWQiOiJrZXktMCIsIkBjb250ZXh0IjpbImh0dHBzOi8vd3d3LnczLm9yZy9ucy9kaWQvdjEiLCJodHRwczovL3czaWQub3JnL3NlY3VyaXR5L3N1aXRlcy9qd3MtMjAyMC92MSJdLCJzZXJ2aWNlIjpbeyJpZCI6IiNhZ2VudCIsInNlcnZpY2VFbmRwb2ludCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tIn1dLCJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6ImtZVXhKZHhjcW9LYmZKS2pUUEVtYmlmTnJEQnZ1UXVvR3luaHdtcjRCU0EifQ#agent",
"serviceEndpoint": "https://api.example.com"
}
]
}
}
I love the simplicity of being able to express a key as a DID. I think this is a great bridge between the two worlds, that has a lot of use cases.
One possible issue I'm seeing is that a same key pair can lead to different DIDs, depending on variations such as the order of keys in the JWT, for example. Maybe there are additional inventive ways to come up with such variations.
I know that in normal situations this won't be a problem, because you'll usually decode the key back from the DID and check some signature related to it. However, there might be a few situations where you start from the key and can produce different DIDs depending on encoding, so non-uniqueness would become an issue.
Do we consider this could be a problem? We can just accept that characteristic and keep things simple, or we can try and add uniqueness, with the risk of making the algorithm more complex.
Assuming this is meant to return application/json
or application/did+json
by default.
I would be nice to be able to use did:jwk but get back CWKs when resolving as application/did+cbor
I didn't find a description of either of these points in the did:key spec, have I been using an old one?
I think you're right. But that doesn't mean you can't cover them in your spec? :)
In the did:key
spec at least there are some complete examples, but in the did:jwk
spec it's really not clear what the value of verificationMethod.id
would be.
Originally posted by @peacekeeper in w3c/did-spec-registries#432 (comment)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.