-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement DID's #6168
Comments
I like the idea but I think it would need to be spec'ed in an ADR |
Yeah, I like the idea. We thought of doing something similar for Regen Network, and to make things a bit easier made our bech32 prefix Would love to see a more fleshed out ADR. How would people feel about I would note that just inserting the |
Could we avoid Java-ish |
Nice Idea, we totally back it up. |
Sweet, thanks for everyone's feedback. I'll start working on trying to get an ADR up for this, but it may take me some time as I have just come across DIDs and will need some spare time to wrap my head around the scope of everything. If anyone has a concrete idea of what they would like to see for this, feel free to jump ahead of me on the ADR. It seems to me there are few possible sides to this:
and a more controversial topic of discussion of migrating cosmos addrs to be DIDs |
You can't if the fields are public. |
we already migrated cosmos address to be DIDs. I hope I don't miss anything above my head, but, since our implementation is open sourced, I would warmly suggest you to not reinventing the wheel. On the other end, since this (Self Sovereign Identity) is not a merely technical topic (identity verification, trust model reward for issuer and verifier of VCs, etc) you could also give back feedback to our work (started 1 year and a half ago), resulting in a contribution that could scale. |
Of course @egidiocasati! I just wish there was a module registry (or maybe there is?) for cosmos so others aren't inclined to develop their own DID module. I'm very glad to see a fully fleshed out DID module since I think this is something better maintained by the community than SDK core devs (A good contribution to I do think there is benefit to having DID interfaces in the SDK types, but I will surely keep your id module implementation in mind when I get the time to spec it out |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
This seems relevant: https://payid.org/ |
The ixo blockchain has an It is currently modelled after Sovrin DIDs where the identifier is derived from an Ed25519 verification key. The ixo blockchain takes things a step further and uses the DIDs as sender/receiver/etc identifiers (in place of addresses) in its custom module messages. The underlying addresses being effected are derived from the Ed25519 keys stored in the referenced DIDs. |
Has anyone looked into collectively owned DIDs? The use case I'm thinking of is when a community needs to have a single entity operate a server on their behalf via a well known URL in the network (other parties rely on this URL being persistent). But if the operator becomes malicious, the community has no option, but to start a new community (because they don't control the server connected to the URL). I'd like to give the community a DID that resolves to a DID document on the cosmos hub (or some fairly secure blockchain) that is controlled by proposals passed by this community. So instead of the network relying on the URL, they use the DID which resolves to the latest URL of the community. This sounds feasible to me and collectively owned DIDs sounds like a nice way to decentralize ownership |
We (AiB) are planning to do work on this. More news will come soon! |
An identifier in the DID standard is not represented solely by |
I'm going to try to spend the next month or so writing up an ADR for this. Based on my current mental model, I think I would end up writing two ADRs, one would be aimed to be implemented in gaia as a DID registry. I don't think the SDK should host DID registry modules since the value proposition lies with hubs and not zones using this module. The other would be an IBC module housed in the SDK which would act as a on chain resolving/certification mechanism. A DID controller comes to chain A with some action it wants to take and potential proof of their control over the DID. This DID exists on chain B. Chain A uses its IBC module connected to chain B to send a packet request for certification of this DID along with the provided proof. Chain B replies with an acknowledgement either succeeding or failing, indicating whether the entity is actually the DID controller, it can also optionally supply DID subject information. This allows chain A to take action in reference to the DID while also supporting all the arbitrary authentication mechanisms chain B (or any connected chain) supports for registered DIDs I still need to dive deeper though, so take my current words with a grain of salt |
@colin-axner awesome that you're working on this! Can we find a time to chat about this live as the key management work regen has been working on may be related? I haven't thought too deeply about how this would be implemented, but it's likely we want to think of DID methods related to the group module. Also doing DID authentication over IBC would be great 👍 /cc @robert-zaremba |
Yes definitely, this would be great! I think inter module communication will likely have a role here as well in order to allow for flexible verification relationships and verification methods |
We're currently researching best practices for a DID module and would love to be apart of the chat! 🙏 |
Discussion should be continued here |
I'm glad that Cosmos team is working on this idea. I've implemented my own DID method on my blockchain (powered by cosmos-sdk). It is being used in production in my company. |
We restarted a work for the DID in the Cosmos ecosystem: the Interchain Identifiers. It's based on Cosmos Cash /x/did |
closing this as it would not need to live in the cosmos-sdk |
Summary
Add DID as an SDK type
Problem Definition
Any application that wants to integrate identity verification is going to look at using DID's since they are simple and useful. Since the purpose of DID's is to be interoperable, I think it makes sense to add it to SDK types instead of having third party developers each implement their own DIDs interfaces. It is light weight, simple, and should have low engineering debt (if any)
Proposal
A DID has 3 parts:
DID: "did:cosmos:5sy29r37gfxvxz21rh4r0ktpuc46pzjrmz29g45"
A
ValidateDID
function should be added to ensure a DID meets the generic naming requirements and callsMethodName.ValidateBasic()
andMethodSpecificID.ValidateBasic()
I am not suggesting usage in any SDK modules.
For Admin Use
The text was updated successfully, but these errors were encountered: