DID Issuance

Our solution leverages AnonCreds, a credential format within Hyperledger Indy, for DID issuance. AnonCreds provide a privacy-preserving approach where users control what information they reveal about their DID. Here's the DID issuance process:

  1. User Creates DID Document: The user generates a cryptographic key pair and creates a DID Document containing their public key and other optional information (e.g., name, avatar).

  2. DID Registrar (Optional): An optional DID registrar service can be used to register the DID Document on a public ledger. This can improve discoverability but is not strictly necessary for DID functionality.

  3. DID Resolution: When a Verifier needs to interact with a user, they can resolve the DID Document by querying the DID itself or a DID resolver service. The DID Document contains the user's public key, which allows for secure communication and verification.

Optional: HRoT for DID Resolution

Hyperledger Indy uses a pseudonym called a DID Representation (DID Rep) for interactions on the blockchain. This DID Rep protects user privacy. Optionally, a technique called Hierarchical Identity Resolution with HRoT can be implemented to link the DID Rep back to the original DID for specific use cases requiring DID discovery.

User DID Management

Users have complete control over their DIDs within this solution:

  • DID Creation: Users can easily create DIDs through the user interface.

  • DID Storage: DIDs are securely stored within the user's mobile wallet or dedicated DID management application.

  • DID Backup & Recovery: Users can implement backup and recovery mechanisms for their DIDs to ensure continued access in case of device loss.

  • DID Rotation (Optional): For enhanced privacy, users can choose to rotate their DIDs periodically, creating a new DID while maintaining control over their existing credentials.

Advantages of DIDs with AnonCreds:

  • User-Centric Identity: Users control their DID and decide what information to share.

  • Privacy-Preserving Interactions: AnonCreds enable users to reveal only specific attributes during credential presentation.

  • Security: The DID's cryptographic foundation ensures secure communication and tamper-proof credentials.

By leveraging DIDs with AnonCreds, our SSI solution empowers users to participate in a secure and self-sovereign identity ecosystem.

PreviousWhat is a DID?NextDID Document

Last updated