This document is an attempt to detail the initialization steps required for a Signify client to create an Agent Worker against a KERIA service and create their first managed AID.
This is the AID generated by the Signify Client from the user's passcode. All Signify client must generate this AID in the same manner to enable portability between clients. To do this, the following procedure is used.
- Prepend the 128 bit random salt derivation code ('0A') plus the blank qualified base 64 character ('A') to the provided 21 character passcode
- Stretch the passcode derivation using Argon2 to generate an Ed25519 private key from the provided "tier" and paths of
signify:controller00andsignify:controller01for the signing key and rotation key respectively. - Use the qualified base64 of the signing public key and the qualified base64 of the Blake3 digest of the rotation public key in the inception event.
Using this Python code with the SignifyPy client:
passcode = b'0123456789abcdefghijk'
client = SignifyClient(passcode=passcode, tier=Tiers.low)
assert client.controller == "ELI7pg979AdhmvrjDeam2eAO2SR5niCgnjAJXJHtJose"the client AID will be ELI7pg979AdhmvrjDeam2eAO2SR5niCgnjAJXJHtJose and the inception event will be:
{
"v": "KERI10JSON00012b_",
"t": "icp",
"d": "ELI7pg979AdhmvrjDeam2eAO2SR5niCgnjAJXJHtJose",
"i": "ELI7pg979AdhmvrjDeam2eAO2SR5niCgnjAJXJHtJose",
"s": "0",
"kt": "1",
"k": [
"DAbWjobbaLqRB94KiAutAHb_qzPpOHm3LURA_ksxetVc"
],
"nt": "1",
"n": [
"EIFG_uqfr1yN560LoHYHfvPAhxQ5sN6xZZT_E3h7d2tL"
],
"bt": "0",
"b": [],
"c": [],
"a": []
}with a signature of:
AACJwsJ0mvb4VgxD87H4jIsiT1QtlzznUy9zrX3lGdd48jjQRTv8FxlJ8ClDsGtkvK4Eekg5p-oPYiPvK_1eTXEG
This is AID created in the KERIA service that is a delegated AID using the Client AID as the delegator.
This is an AID created through the Admin Interface by a user using the Signify Client for purposes external to the Signify protocol. This would be a "normal" AID.