IDP2P is a peer-to-peer identity protocol which enables a controller to create, manage and share its own proofs as well as did documents

Overview

IDP2P

Experimental, inspired by ipfs, did:peer and keri

Background

See also (related topics):

Problem

Each did method uses own way to implement decentralized identity. Most of them are based on public source of truth like a blockchain, dlt, database or similar. Others are simple, self-describing methods and aren't depend on any ledger technology e.g. did:peer, did:key, keri. Each method has own pros-cons in terms of design-goals

IDP2P Solution

IDP2P is a peer-to-peer identity protocol which enables a controller to create, manage and share its own proofs as well as did documents. The protocol is based on libp2p, in other words, it can be considered ipfs of decentralized identity. IDP2P has following features:

  • Self-describing identity(like did:keri, did:peer, did:key)
  • Based on libp2p pub-sub protocol, so it can be stored and resolved via network
  • P2P network provides one ledger per identity
  • ID is also a topic to subsribe(it means ledger is based on subscription)
  • Only identity owner and verifiers are responsible for storing and verifying identity

Identity

example

{
    "id": "did:p2p:bagaaieratxin4o3iclo7ua3s3bbueds2uzfc5gi26mermevzb2etqliwjbla",
    "microledger": {
      "id": "bagaaieratxin4o3iclo7ua3s3bbueds2uzfc5gi26mermevzb2etqliwjbla",
      "inception": {
        "signer_key": {
          "type": "Ed25519VerificationKey2020",
          "public": "by5gtwpufy4.."
        },
        "recovery_key": {
          "type": "Ed25519VerificationKey2020",
          "digest": "bmb2cvioxfy65ej.."
        }
      },
      "events": [
        {
          "payload": {
            "previous": "bagaaieratxin4o3iclo7u..",
            "signer_publickey": "by5gtwpufy4zfnog4j..",
            "change": {
              "type": "set_document",
              "value": "bdu3gqtjc6ks52.."
            }
          },
          "proof": "bx6svqb6if5yaflgoumdff7j.."
        },
        {
          "payload": {
            "previous": "bagaaieraof7..",
            "signer_publickey": "b2wvipekepehi..",
            "change": {
              "type": "set_proof",
              "key": "bnnsxs",
              "value": "bozqwy5lf"
            }
          },
          "proof": "bwltjvobkxxq6.."
        },
        {
          "payload": {
            "previous": "bagaaiera5jmj..",
            "signer_publickey": "be7tovk6p..",
            "change": {
              "type": "recover",
              "next_signer_key": {
                "type": "Ed25519VerificationKey2020",
                "public": "b443ew4cp.."
              },
              "next_recovery_key": {
                "type": "Ed25519VerificationKey2020",
                "digest": "bcut3s.."
              }
            }
          },
          "proof": "b3yo6vlymyn.."
        }
      ]
    },
    "did_doc": {
      "id": "did:p2p:bagaaieratxin..",
      "controller": "did:p2p:bagaaieratxi..",
      "@context": [
        "https://www.w3.org/ns/did/v1",
        "https://w3id.org/security/suites/ed25519-2020/v1",
        "https://w3id.org/security/suites/x25519-2020/v1"
      ],
      "verificationMethod": [],
      "assertionMethod": ["did:p2p:bagaaieratxib#wtyb2xhyvxolbd.."],
      "authentication": ["did:p2p:bagaaieratxib#3txadadmtke6d.."],
      "keyAgreement": ["did:p2p:bagaaieratxib#cnzphk5djc3bt64.."]
    }
  }

An idp2p identity includes unique identifier, microledger and did document.

{
    "id": "did:p2p:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH",
    "microledger": {},
    "did_doc": {}
}

id is the unique identifier of identity. It uses id generation like did:peer. ID should be generated following way:

  • Generate an inception block
  • Get json string of the block
  • Convert it to bytes
  • Get SHA-256 digest of bytes
  • Encode it with multibase and multicodec(like ipfs)

sample id: did:p2p:bagaaieratxin4o3iclo7ua3s3bbueds2uzfc5gi26mermevzb2etqliwjbla

microledger represents backing storage of identity and it includes id, inception and events for identity

  {
    "id": "bagaaieratxin4o3iclo7ua3s3bbueds2uzfc5gi26mermevzb2etqliwjbla",
    "inception": {},
    "events": []
  }

did_doc is described in DIDs Spec. Only latest document is stored in identity.

{
    "id": "did:p2p:bagaaieratxin..",
    "controller": "did:p2p:bagaaieratxi..",
    "@context": [
        "https://www.w3.org/ns/did/v1",
        "https://w3id.org/security/suites/ed25519-2020/v1",
        "https://w3id.org/security/suites/x25519-2020/v1"
    ],
    "verificationMethod": [...],
    "assertionMethod": ["did:p2p:bagaaieratxib#wtyb2xhyvxolbd.."],
    "authentication": ["did:p2p:bagaaieratxib#3txadadmtke6d.."],
    "keyAgreement": ["did:p2p:bagaaieratxib#cnzphk5djc3bt64.."]
}

Microledger Details

id is same with identifier except did:p2p: prefix.

inception includes signer public key and recovery public key digest

{
  "signer_key": {
    "type": "Ed25519VerificationKey2020",
    "public": "by5gtwpufy4.."
  },
  "recovery_key": {
    "type": "Ed25519VerificationKey2020",
    "digest": "bmb2cvioxfy65ej.."
  }
}

events is array of identity changes and each event is linked to the previous one. First event is linked inception block.

w:1000

", "signer_publickey": "by5gtwpufy4zfnog4j..", "change": { "type": "set_document" } }, "proof": "bx6svqb6if5yaflgoumdff7j.." }">
{
    "payload": {
      "previous": "
   
    "
   ,
      "signer_publickey": "by5gtwpufy4zfnog4j..",
      "change": {
        "type": "set_document"
      }
    },
    "proof": "bx6svqb6if5yaflgoumdff7j.."
}

There are three event types.

  • set_document: proof of did document change, requires value property which is hash of did document.
  • set_proof: any proof about identity, requires key and value properties.
  • recover recovery proof of identity requires next_signer_key and next_recovery_key properties.

Consensus Mechanism

When an identity event has occured, change is published over idp2p network, all subscribers verifies new did change and updates its own ledger if incoming change is suitable.

There are two pub-sub commands:

  • get: when a peer want to subscribe to identity, it publishs a get command with id over the network.
  • post: when a peer received a get command or an identity change occured, it posts identity information to subscribers in order to reach a consensus

w:1000

Getting Started(rust demo)

Generate a peer

  • cargo run

Create identity

  • cmd: create-id

  • ex: create-id ademcaglin

Subscribe to identity

  • cmd: get
  • ex: get did:p2p:bagaaieraam4...

Resolve identity

  • cmd: resolve
  • ex: resolve did:p2p:bagaaieraam4...

Create new doc

  • cmd: create-doc
  • ex: create-doc ademcaglin

Recover

  • cmd: recover
  • ex: recover ademcaglin

Demo

w:1000

Contributions

The idp2p protocol and rust implementation in is a work in progress.

Contributions are most welcome

License

Apache License 2.0

You might also like...
A skyline mod that enables manual choosing of desired input latency in Smash Ultimate, compatible with every online mode.

Latency Slider (Definitive Edition) This is a fork of - and an improvement upon - the original "Arena Latency Slider". Unfortunately, upon SSBU updati

A minimalistic encryption protocol for rust async streams/packets, based on noise protocol and snow.

Snowstorm A minimalistic encryption protocol for rust async streams / packets, based on noise protocol and snow. Quickstart Snowstorm allows you to se

This Intelligent Transportation Systems (ITS) MQTT client based on the JSon ETSI specification transcription provides a ready to connect project for the mobility

This Intelligent Transportation Systems (ITS) MQTT client based on the JSon ETSI specification transcription provides a ready to connect project for the mobility (connected and autonomous vehicles, road side units, vulnerable road users,...). Let's connect your device or application to our Intelligent Transport Systems (ITS) platform!

Simple CLI to manage your systemd clash.service and config subscriptions on Linux.
Simple CLI to manage your systemd clash.service and config subscriptions on Linux.

clashrup Simple CLI to manage your systemd clash.service and config subscriptions on Linux. Setup, update, apply overrides, and manage via systemctl.

BitTorrent peer ID registry/parser/(soon) encoder for Rust

BitTorrent peer ID registry/parser/(soon) encoder By convention, BitTorrent clients identify themselves and their versions in peer IDs they send to tr

wireguard tool to manage / generate configuration. Maintain one yaml configuration file to quickly build wireguard network.

wgx wireguard tool to manage / generate configuration. Maintain one yaml configuration file to quickly build wireguard network. Usage wgx --h USAGE:

An app which reads data from a serial port and serves it on a TCP port.

serial-to-tcp An app which reads data from a serial port and serves it on a TCP port. How to use Clone this repo and build the app as outlined below (

Reverse proxy for HTTP microservices and STDIO. Openfass watchdog which can run webassembly with wasmer-gpu written in rust.

The of-watchdog implements an HTTP server listening on port 8080, and acts as a reverse proxy for running functions and microservices. It can be used independently, or as the entrypoint for a container with OpenFaaS.

Releases(v0)
Owner
null
Easy-to-use wrapper for WebRTC DataChannels peer-to-peer connections written in Rust and compiling to WASM.

Easy-to-use wrapper for WebRTC DataChannels peer-to-peer connections written in Rust and compiling to WASM.

null 58 Dec 11, 2022
Painless peer-to-peer WebRTC networking for rust wasm

Matchbox Painless peer-to-peer WebRTC networking for rust wasm applications. The goal of the Matchbox project is to enable udp-like, unordered, unreli

Johan Klokkhammer Helsing 363 Jan 5, 2023
Simple Peer-to-Peer Exchange

Near Cetificate Devoloper - Demo Simple Peer-to-Peer Exchange On NEAR How it works? See how p2p exchange work here. Exploring The Code The contract co

null 3 Dec 20, 2021
Peer-to-peer overlay routing

Rust_Pinecone This is a port of the peer-to-peer overlay routing mechanism Pinecone and aims to be interoperable with it, although it isn't yet becaus

null 3 Aug 2, 2022
Mateversum is a peer-to-peer WebXR metaverse project.

Mateversum ?? Mateversum (pronounced: MAH-tay-ver-sum) is a peer-to-peer WebXR metaverse project. The idea is that you'd be able to connect to a netwo

Ashley 23 Dec 21, 2022
Quick Peer-To-Peer UDP file transfer

qft QFT is a small application for Quick (and really reliable) Peer-To-Peer UDP file transfer. If a friend sent you here... ...look at the "Releases"

Daniel H. 99 Jan 7, 2023
Core library for Lightning Network peer-to-peer nostr platform

Mostro server This document explains how Mostro works. Overview Due to the growing need to be able to operate with Bitcoin without giving up personal

Mostro 16 Jan 4, 2023
Easily share data between terminal windows!

abra A tool that makes data sharing between terminal windows easy. abra can be used for displaying info about the current working directory, for split

Denis Isidoro 23 Oct 2, 2022
Multiplex server for rust-analyzer, allows multiple LSP clients (editor windows) to share a single rust-analyzer instance per cargo workspace

ra-multiplex   Multiplex server for rust-analyzer, allows multiple LSP clients (editor windows) to share a single rust-analyzer instance per cargo wor

max 95 Dec 29, 2022
The goal of this challenge is to create an isometric, decorated scene in which the character can move around the objects in the room.

The goal of this challenge is to create an isometric, decorated scene in which the character can move around the objects in the room.

Ivan Reshetnikov 0 Feb 4, 2022