sidetree icon indicating copy to clipboard operation
sidetree copied to clipboard

Published 20 hours ago verified publisher icon decentralized-identity

Add precise language on DID unique suffix generation and test vector

Open thehenrytsai opened this issue 5 years ago • 12 comments

Example test vectors can be found at: https://tools.ietf.org/html/rfc3394

Suffix = ASCII(Base64URL(Multihash(SHA256, UTF8(Suffix JSON data))))

thehenrytsai avatar Apr 10 '20 18:04 thehenrytsai

Related note:

https://identity.foundation/sidetree/docs/spec/#did-suffix-composition refers to the

Create operation’s Suffix Data Object

but this object isn't defined in that section. (Rather, you can implicitly see an example in: https://identity.foundation/sidetree/spec/#anchor-file under Create).

troyronda avatar Apr 13 '20 18:04 troyronda

Another note: multi-hash isn't mentioned in the spec.

troyronda avatar Apr 14 '20 20:04 troyronda

WIP:

DID Methods based on the Sidetree protocol all share the same identifier format. The unique identifier string is a hash of a set of initialization values the controller generates when they create a Sidetree-based DID. This composite hash of initial state values enables Sidetree DIDs to be self-certifying, meaning the person or entity who generates a Sidetree-based DID knows their unique identifier immediately, and it is cryptographic secured for instant use (for more on instant use capabilities of Sidetree DIDs see the Long-Form Sidetree Format section below).

The process below MUST be used to correctly generate a Sidetree-based DID identifier string:

  1. From the values generated during the Create operation process, assemble an Anchor File Create Entry object, composed as follows:

    {
  "delta_hash": DELTA_HASH,
  "recovery_key": JWK_OBJECT,
  "recovery_commitment": COMMITMENT_HASH
}
    • The object MUST contain a delta_hash property, and its value MUST be a hash of the Create Operation Delta Object.
    • The object MUST contain a recovery_key property, and its value MUST be the Initial Recovery Public Key.
    • The object MUST contain a recovery_commitment property, and its value MUST be the Initial Recovery Commitment

csuwildcat avatar Apr 14 '20 20:04 csuwildcat

suggested change:

HTTP POST http://example.com/operations { body } -H { accept: application/json }

body : { type: 'create', suffix_data: base64url ( { "delta_hash": DELTA_HASH, "recovery_key": JWK_OBJECT, "recovery_commitment": COMMITMENT_HASH }) delta: base64url({ "patches": PATCH_ARRAY, "update_commitment": COMMITMENT_HASH }) }

Suffix = ASCII ( Base64URL ( Multihash ( SHA256 ( suffix_data ) ) )

Long Form = (suffix_data).(delta)

OR13 avatar Apr 14 '20 20:04 OR13

Recommend a note that JSON Canonicalization MAY be performed: https://github.com/decentralized-identity/sidetree/issues/564

troyronda avatar Apr 15 '20 13:04 troyronda

@csuwildcat @thehenrytsai to define what happens in the spec language.

Assuming this is documented, we can have test vectors.

OR13 avatar May 12 '20 20:05 OR13

Blocked pending reference implementation catchup...

OR13 avatar May 26 '20 20:05 OR13

Henry, are the vectors the same as in the spec here?: https://identity.foundation/sidetree/spec/#long-form-did-uris

csuwildcat avatar Dec 09 '20 18:12 csuwildcat

@thehenrytsai are the vectors present in the spec, as linked above, true and correct for what is implemented?

csuwildcat avatar Jan 13 '21 03:01 csuwildcat

ACTION: Dan will update examples

csuwildcat avatar Jan 19 '21 21:01 csuwildcat

ACTION: Copy reference implementation test vectors into spec. @thehenrytsai @csuwildcat

troyronda avatar Feb 16 '21 21:02 troyronda

Copying the resolution output test vectors into the Spec has been done.

troyronda avatar Feb 23 '21 23:02 troyronda