did:self

A method for Decentralized Identifiers that does not require a secure registry (e.g., a blockchain or a Web server) and allows private key rotation.

About

Decentralized Identifiers (DIDs) are a W3C recommendation that enables verifiable, decentralized digital identity. DIDs are investigated for providing self-sovereign digital identities, for improving supply chain security, or even as a Web5 enabler. Current W3C recommendations act as a framework, which is implemented by many DID methods. Existing DID methods either require a form a trusted registry (such as a blockchain or a secure Web server) where auxillary information is stored, or they do not support private key rotation. did:self is the first DID method that removes the need for a trusted registry allowing at the same time advanced operations such as: private key rotation, DID co-ownership, and DID delegation.

Use cases

IoT group communication
IoT group communication

Using did:self IoT devices belonging to the same group (e.g., all temperature sensors of a building) can be configured with the same DID identifier. This way group membership can be easily proved. At the same time, each IoT device can have its own private key that can be trivially rotated. This protects the group from private key breaches.

Data identification
Data identification

A did:self identifier can be used for identifying content items or service endpoints. did:self allows secure delegation of content/service to 3rd party providers (e.g., a CDN). At the same time, did:self enables self-verifiable content items, i.e., the authenticity of an item can be verified without support from a Trusted Third Party.

Data identification
Device handover

A did:self identifier can be used with multiple user devices. At the same time, a user can limit the validity period of keys used in less secure devices. For example, users can configure their mobile phones to use their did:self identifier only for the duration of a business trip.

Learn more

specifications

Specifications

Read did:self specifications. Learn how to construct and protect a did:self identifier.

View it on GitHub
specifications

Develop

Get started with our Python implementation of did:self. Create, manage, and verify did:self identifiers.

View it on GitHub