didwebvh icon indicating copy to clipboard operation
didwebvh copied to clipboard
Published 4 months ago verified publisher icon decentralized-identity

How to distinguish between witness proofs and controller proofs

Open brianorwhatever opened this issue 1 year ago • 2 comments

Currently the only difference between a witness proof and a controller's proof is that the witness will likely be a did:tdw. This isn't a particularly useful way to determine which is which. I think we need a better technique.. might be one reason for #66

brianorwhatever avatar Oct 02 '24 20:10 brianorwhatever

As I was writing this — I think the answer is that the DID of the DID Controller MUST be a did:key, and MUST be in the authorized key array. Conversely, witness did’s MUST NOT be did:key, and witness DIDs MUST be in the witness list.

A bit of data sniffing, but I don’t think outrageous. The question is whether it is better or worse than using Proof Chains, given their lack of implementations?

swcurran avatar Oct 02 '24 21:10 swcurran

@brianorwhatever -- do you want to see this added to the spec? Seems it would be useful.

swcurran avatar Oct 10 '24 21:10 swcurran

For now what I am doing is checking if the verification method is a did:tdw or did:key. tdw is assumed to be a witness and key is assumed to be a controller

brianorwhatever avatar Oct 15 '24 22:10 brianorwhatever

Action: As a clarification, without changing the version. @swcurran

swcurran avatar Oct 24 '24 16:10 swcurran

Now separated into 2 files, so not an issue. Closing.

swcurran avatar Dec 11 '24 23:12 swcurran