Decentralized Identifiers on Ethereum Blockchain
Short Answer Questions
What are decentralized identifiers (DIDs)? How are they different from traditional identity management systems?
What are the main components of the proposed decentralized identifier management system?
What is the role of the decentralized identifier ownership contract?
How does the key rotation and management contract manage user public keys?
What is the function of the decentralized identifier document parsing module? What data format does it use?
What are the main fields contained in the decentralized identifier document?
How to ensure the security of user private keys?
How do third-party service providers verify the identity of users?
What principles of the DIDs architecture does the proposed system follow?
What are the advantages of the proposed system over traditional identity management systems?
Answers
Decentralized identifiers (DIDs) are a new type of verifiable and "self-sovereign" digital identity identifiers. Unlike traditional identity management systems that rely on centralized institutions, DIDs are completely controlled by users and do not rely on any central registration agency, third-party certification service, or certificate authority.
The proposed decentralized identifier management system mainly consists of smart contracts on the Ethereum blockchain and decentralized identifier document parsing modules under the blockchain. Smart contracts also include decentralized identifier ownership contracts, key rotation and management contracts, and decentralized identifier related attribute contracts.
The decentralized identifier ownership contract stipulates the owner of the decentralized identifier by binding the Ethereum address in the decentralized identifier.
The key rotation and management contract allows users to send transactions through the Ethereum address and call the smart contract interface to realize the rotation and management of the public key associated with the decentralized identifier.
The decentralized identifier document parsing module is used to read the data recorded in the smart contract and convert it into a decentralized identifier document that can be read by a third party or other users. It uses an easy-to-read JSON data format.
The decentralized identifier document contains the version of the decentralized identifier standard specification (@context), decentralized identifier content (id), public key JSON array (publicKey), user-defined service endpoint (service), and customized special field information.
The security of the user's private key is guaranteed by the user himself. Due to the characteristics of blockchain and asymmetric encryption, as long as the user keeps his private key, the identity security can be guaranteed.
Third-party service providers can verify the authenticity of the user's digital signature under the blockchain by querying the user's public key in the decentralized identifier document, thereby determining the user's identity.
The proposed system follows the principles of decentralization, autonomy, privacy, security, evidence-based, discoverability, interoperability, portability, simplicity and scalability of the DIDs architecture.
Compared with traditional identity identifier management systems, the proposed system has higher information management security and privacy, avoids single point failures, and is more flexible and controllable.
Glossary
Glossary Decentralized Identifiers (DIDs) A new type of verifiable and "self-sovereign" digital identity identifier that is completely controlled by the user and does not rely on any centralized organization. Smart Contract A computer protocol designed to disseminate, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions without a third party, and these transactions are traceable and irreversible. Ethereum An open source public blockchain platform with smart contract functions. The decentralized identifier document parsing module is used to read the data recorded in the smart contract and convert it into a decentralized identifier document that can be read by a third party or other users. JSON is a lightweight data exchange format that is easy for humans to read and write, and is also easy for machines to parse and generate. Ethereum address is an address generated by the user's public key, used for transactions and smart contract interactions in the Ethereum network. Asymmetric encryption is a cryptographic technology that uses a pair of keys to encrypt and decrypt data, one key for encryption and the other for decryption. The public key is used to encrypt information and verify digital signatures, and can be obtained by anyone. The private key is used to decrypt information and generate digital signatures, and only the key owner can have it. Digital signature is an encrypted electronic data similar to an electronic signature, which is used to verify the integrity and authenticity of data and prevent data from being tampered with. Blockchain is a distributed database composed of multiple blocks, each of which contains multiple transaction information and is linked together through cryptographic technology to form an unalterable record chain.