ion
ion copied to clipboard
decentralized-identity
Using ION on other blockchain implementation
I am thinking about using the ION.js and other stuff on other blockchain network like fabric-hyperledger.
which means maybe we need to build a IPFS cluster and mongodb cluster ourselves. I am reading the sorce-code trying to find the part of this, but I did not find it.
So, I was wondering how to setup such a experimental environment. Is there any advices
I mean, the architecture of sidetree suggest that the blockchain network is replaceable. is there any possibility that I run locally with IPFS and mongodb without bitcoin.
Or I can build a locally single-instance using ion-tools and mongodb. When I am reading ion-tools and ion-sdk, if someone is trying to create a new DID, I did not see any code to put these DID imformation into database/mongodb
https://github.com/transmute-industries/sidetree.js
^ Has code for Sidetree on Ethereum and Amazon QLDB (basically a ledger abstraction).
The storage interface can also be replaced...
we created did:photon using Amazon QLDB and Amazon S3 to compare performance issues with IPFS and public ledgers like bitcoin and ethereum.
is there any possibility that I run locally with IPFS and mongodb without bitcoin
As @OR13 referenced, there are other Sidetree implementations that use a different blockchain and/or different storage layer than ION. ION specifically chose bitcoin as its blockchain layer. If you are looking to plug-in your own implementation of blockchain layer using the reference Sidetree core implementation, you can do so by implementing the blockchain REST API as defined in the reference implementation design doc, feel free to open discussions/issues directly in the sidetree repo if that's the case, as they would be Sidetree questions, not ION specific.
Or I can build a locally single-instance using ion-tools and mongodb. When I am reading ion-tools and ion-sdk, if someone is trying to create a new DID, I did not see any code to put these DID imformation into database/mongodb
You can follow the install guide or Docker instructions to setup an ION node on your local machine. ion-tools and ion-sdk are not intended to run node, they are client SDK, they do not interact with database/mongodb of an ION node directly, they craft ION requests to be sent to an ION node of your choosing.
Microsoft runs a public ION node for ION DID resolution (as well write with some proof-of-work requirements), here is an example resolution request.
Hello there,so if I just want to build a single sidetree node without blockchain and ipfs. This node will implement the workflow of sidetree protocal, like what to do when CRUD instructions comes. And add a mongoDB without ipfs behind the sidetree node.
is it viable just using ion-tools. I will try to implement the rest things like interact with mongoDB. Or the ion-tools is just a client-sdk for a client to connect with ion node/server. it will be only used just when a sidetree node with bitcoin-network and ipfs-network exists.
So far as I understand sidetree protocal, it contains sveral separated clucsters and every cluster can be run separatedly. which means if I run a single sidetree node, it can still CRUD DIDs, But when they trying to interact with bitcoin-net work and ipfs, it raises errors. Now I want to make the sidetree node not to interact with bitcoin-network and ipfs. When CRUD DIDs, it interact mongoDB straightly. Each component is pluggable. If I want to achieve this goals, which part of the code or markdown should I learn.
We have a "test sidetree" method that uses in memory for both storage and ledger interfaces. Sounds like you may want to start with something like that, then replace the in memory interfaces with whatever long term storage or ledger you plan to use.
On Fri, Jun 10, 2022, 5:14 AM SpencerChou @.***> wrote:
So far as I understand sidetree protocal, it contains sveral separated clucsters and every cluster can be run separatedly. which means if I run a single sidetree node, it can still CRUD DIDs, But when they trying to interact with bitcoin-net work and ipfs, it raises errors. Now I want to make the sidetree node not to interact with bitcoin-network and ipfs. When CRUD DIDs, it interact mongoDB straightly. Each component is pluggable. If I want to achieve this goals, which part of the code or markdown should I learn.
— Reply to this email directly, view it on GitHub https://github.com/decentralized-identity/ion/issues/274#issuecomment-1152205771, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB7JLMDK5HEPSLSV673OKLLVOMIQ5ANCNFSM5YKCIHCQ . You are receiving this because you were mentioned.Message ID: @.***>
Now I want to make the sidetree node not to interact with bitcoin-network and ipfs. When CRUD DIDs, it interact mongoDB straightly. Each component is pluggable. If I want to achieve this goals, which part of the code or markdown should I learn.
@SpencerChou I wrote documentation for something similar, which is how to set up a local-only Ion Node using Regtest.
Alternatively you could use something like did:elem which is also based on the sidetree protocol and uses ETH. I found it a lot easier to set up a local node and test using a local-only Element Node using ganache.
Now I want to make the sidetree node not to interact with bitcoin-network and ipfs. When CRUD DIDs, it interact mongoDB straightly. Each component is pluggable. If I want to achieve this goals, which part of the code or markdown should I learn.
@SpencerChou I wrote documentation for something similar, which is how to set up a local-only Ion Node using Regtest.
Alternatively you could use something like
did:elemwhich is also based on the sidetree protocol and uses ETH. I found it a lot easier to set up a local node and test using a local-only Element Node using ganache.
Thanks very much, this helps a lot!! it will be better if there is a way to build two-node blockchain-network using docker.
After reading a lot docs, I didn't see any example to show how a third-party app to use sidetree to verify one's DID, all examples are about CRUD. So how does the sidetree node and a user-client to confirm an identity? what;s the content client send to the sidetree node?
all examples are about CRUD. So how does the sidetree node and a user-client to confirm an identity?
With CRUD :)
Specifically I make a public and a private key. When I create a DID specifically what i'm doing is publishing the public key. I send a create operation, and my DID is did:elem:123. I can then sign a Verifiable Credential with my private key, and say the issuer for this credential is did:elem:123.
I can then send that credential to someone, and they say "hey, this credential was signed by did:elem:123 is that really true?" They can then do a resolve operation for did:elem:123 to get my public key to validate the signature. So that's how I can establish that I have the identity of did:elem:123 by showing that I have control of the private key, and the CRUD operations enable that interaction.
all examples are about CRUD. So how does the sidetree node and a user-client to confirm an identity?
With CRUD :)
Specifically I make a public and a private key. When I create a DID specifically what i'm doing is publishing the public key. I send a create operation, and my DID is
did:elem:123. I can then sign a Verifiable Credential with my private key, and say the issuer for this credential isdid:elem:123.I can then send that credential to someone, and they say "hey, this credential was signed by
did:elem:123is that really true?" They can then do a resolve operation fordid:elem:123to get my public key to validate the signature. So that's how I can establish that I have the identity ofdid:elem:123by showing that I have control of the private key, and the CRUD operations enable that interaction.
So, in ion application practice. the VC is the payload of the SignJWS method? the third-party app will receive the jws(or jws and the unsingned payload/VC?) and then using resolve method to get your public-key with the DID_uri. 1)And then using verifyJWS to verify the whether the content is the thrid-party app needs? 2)Or decode the jws and compare the decoded content with the payload . If the same, then you are authencated.
Which understanding is correct? Or both incorrect
A JWS is not a Verifiable Credential, but specific shapes of JWTs (which build on top of JWS) are.
In sidetree JWS are used to sign the updated that are signed by the DID Controller.
Adding those updates up yields the latest DID Document.
The Ledger protects their order
The Storage protects and makes available the update content.
As I mentioned above, the payload part is the VC? the payload should be structured JWT? And the signed with privatekey and send to the third-party app both your DID , JWT(unsigned), and JWS. And the app using your public key to decode JWS and compare it to JWT?
In sidetree JWS are used to sign the updated that are signed by the DID Controller.
I still not get it how a user and app to confirm identity using sidetree, specifically using ion-tools.
Adding @dangodb who is the author of ion-tools
the payload part is the VC? the payload should be structured JWT?
I believe VC is out of context of ion-tools so we should talk about it separately. The payload here is anything you want to sign over. As your screenshot shows, it can be as simple as a string, JWT is not a requirement.
And the signed with privatekey and send to the third-party app both your DID , JWT(unsigned), and JWS. And the app using your public key to decode JWS and compare it to JWT?
Mostly correct, except:
- the "JWT(unsigned)" part, as in, the payload doesn't have to be a JWT, also JWT is by definition signed, there is no such a thing as unsigned JWT.
- the app grabs your public key from ION by resolving your DID, then use the public key to verify the signature. If signature is valid, it proves that you've signed over the payload, whatever format/content the payload is beyond the point of the discussion.
@SpencerChou, also to answer your earlier question:
Now I want to make the sidetree node not to interact with bitcoin-network and ipfs. When CRUD DIDs, it interact mongoDB straightly. Each component is pluggable. If I want to achieve this goals, which part of the code or markdown should I learn.
If you were to do this using reference Sidetree Core implementation, in addition to replace the blockchain layer as already mentioned, you also need to replace the storage layer, ie. CAS (Content Addressable Storage) layer. The way to do so is to implement the ICas interface using mongo (it's literally just two methods) then pass it through the Sidetree Core constructor on instantiation like what ION has done.
I will encourage again to ask generic Sidetree questions like this one directly in the Sidetree repo because not all Sidetree experts monitor this ION repo!
I ask some questions in sidetree repo. Can someone give me advice and answer, please