Decentrl
  • What is Decentrl?
  • Identity
  • Mediator
    • Registration
    • Messaging
    • Group DID method
  • Registry
Powered by GitBook
On this page
  • The DID Document
  • Alias (optional)
  • Service
  • Verification methods

Identity

PreviousWhat is Decentrl?NextMediator

Last updated 2 years ago

Each participant (even mediators, registries, and namespaces) in the Decentrl network is identified by a . A DID is a unique identifier, that can be resolved to a public that contains identities and public info such as public encryption keys, services (more on that later), and alias.

Because DIDs are decentralized identifiers, their underlying DID documents can be hosted anywhere, and therefore different types DIDs need different DID resolvers in order to fetch the identity's public DID document. The Decentrl network is based on the web did method that is defined .

While the Decentrl network was based on DID web method, it does not mean it is limited only to that method. Any method could potentially be used if the clients implemented other method resolvers.

Example of what a Decentrl DID looks like:

did:web:registry.decentrl.network:identity:95ef7d16-e5d2-434d-9f3b-4a413690cec2

This DID resolves to .

The DID Document

The DID document is the main part of the Decentrl network, as all network participants use each other's documents to know how to communicate with each other. The document is constructed out of the following parts:

Alias (optional)

An optional property that defines what you wish to be called. This property is useful for clients to provide a nice readable name instead of DID identifier.

Service

A property that defines ways to communicate with the DID. Decentrl has predefined a few different service types that will enable you to communicate using Decentrl protocol.

DecentrlMediator Used by mediators to define how other network participants can connect to them and which features they have available. The default communication channel between mediators and identities is over websockets and using encrypted payloads. The routingKeys define which keys should be used for encrypted communication.

{
  "id": "did:web:mediator.decentrl.network#mediator",
  "type": "DecentrlMediator",
  "serviceEndpoint": {
    "uri": "wss://mediator.decentrl.network",
    "routingKeys": ["did:web:mediator.decentrl.network#key-ECDH-1"],
    "features": ["TWO_WAY_PRIVATE", "ONE_WAY_PUBLIC"]
  }
}

DecentrlMediatorRegister Used by mediators to define an endpoint on which identities can register.

{
  "id": "did:web:mediator.decentrl.network#mediator",
  "type": "DecentrlMediatorRegister",
  "serviceEndpoint": {
    "uri": "https://mediator.decentrl.network/register",
    "routingKeys": ["did:web:mediator.decentrl.network#key-ECDH-1"]
  }
}

DecentrlMediatorClient Used by identities to define on which mediators they have registered.

{
  "id": "did:web:registry.decentrl.network:identity:95ef7d16-e5d2-434d-9f3b-4a413690cec2#mediator-client",
  "type": "DecentrlMediatorClient",
  "serviceEndpoint": "did:web:mediator.decentrl.network",
  "registeredFeautres": ["TWO_WAY_PRIVATE", "ONE_WAY_PUBLIC"]
}

DecentrlRegistry Used by registries to define an endpoint through which identity can register.

{
  "id": "did:web:registry.decentrl.network#registry",
  "type": "DecentrlRegistry",
  "serviceEndpoint": {
    "uri": "https://registry.decentrl.network/",
    "routingKeys": ["did:web:registry.decentrl.network#key-ECDH-1"]
  }
}

DecentrlNamespace Used by namespaces to define an endpoint through which identity can register.

[TBD]

Verification methods

Verification methods property defines public keys that can be used to enable E2E encrypted communication with an identity. By default, Decentrl network supports EC P-256 keys in JWK format to enable E2EE communication.

Example of a public key defined under verification methods

{
  "id": "did:web:mediator.decentrl.network#key-ECDH-1",
  "type": "JsonWebKey2020",
  "publicKeyJwk": {
    "kty": "EC",
    "x": "2c1Y1YkTnNFvUp2bVSP-OFZRYL6TsTU-LEUoyu2wP8o",
    "y": "HR2_EIXu6ZZL-GJCvAyxVKGie8KWp50dyBvQ4xCQ700",
    "crv": "P-256",
    "kid": "82abd98e-31ee-4769-a40b-08a3dc8e4fe6"
  },
  "controller": "did:web:mediator.decentrl.network"
}

Each identity participant in the Decentrl network should have at least two sets of keys available. An encryption key pair and signing key pair. The encryption public key should be referenced under the keyAgreement property and the signing public key should be referenced under the authentication property.

DID
DID document
here
this DID document
DIDComm