RootsID
Demo
Aviary Tech Demo
DIDCommv2-Intro
Original from: Sam Curren and Daniel Hardman — August 2022 — https://bit.ly/3TtzWgA
Alex Andrei- Roots ID - JFF Plugfest 2, Nov 2022
Definition
https://identity.foundation/didcomm-messaging/spec/
Credit: Daniel Hardman
Definition
A framework for safe , structured interactions built atop DIDs .
-Daniel Hardman
No analogy is perfect, but…
DIDComm Messaging
WACI
Digital Cash Pay
Protocol N
DID METHODS/DKMS
…
DIDComm
OpenAPI
CHAPI
DIDAuth
OpenStreetMap
REST+TLS+DNS/CA...
…
Swagger
client-server, web only, request-response, pairwise, each authN and URL namespacing is unique, siloed* — wonderful tools and community
peer-to-peer or client-server, any transport, any interaction pattern, pairwise or n-wise, consistent authN and namespacing, unsiloed — immature tools and community
DIDComm Messaging tells you how to…
✓ Use your DID to sign and encrypt messages for one or more other DIDs, each with multiple devices having different keys
✓ Declare and use a DID endpoint with standard semantics
✓ Route a message through untrusted intermediaries, with high privacy
✓ Verify the sender of a message
✓ Use standard message headers, and declare custom ones
✓ Declare/handle the schema of a message
✓ Attach data to messages by value or by reference
✓ Sequence messages into a coherent thread, even with unreliable delivery
✓ Detect and report errors
✓ Discover features of other parties
✓ Build protocols out of these primitives
Credit: Daniel Hardman
DIDComm
v2
JWS
RFC 7515
JWE
RFC 7516
JWK
RFC 7517
JWM
RFC draft
ECDH-1PU
RFC draft
JWA (ECDH-ES)
RFC 7518
encryption
plaintext
+ headers
signatures
keys
key agreement
authcrypt
anoncrypt
800-56A
Credit: Daniel Hardman
How to create a DIDCOMM message
message = Message(
custom_headers = [{"return_route": "all"}],
pthid = prev_msg["id"],
type = "https://didcomm.org/issue-credential/3.0/request-credential",
frm = ALICE_DID,
to = [BOB_DID],
body = {"goal_code": "issue-credential"},
attachments = [Attachment(
id=str(uuid.uuid4()),
media_type= "application/json",
format= "dif/credential-manifest/manifest@v1.0",
data=AttachmentDataJson(json=cred_req_data)
)])
pack_result = await pack_encrypted(message=message,frm=ALICE_DID,to=BOB_DID,DIDResolver)
//{"protected": "eyJ0eXAiOi...19",
// "recipients": [{
// "header": {"kid": "did:example:recipient#key-agreement-key-1"},
// "encrypted_key": "J1Fs9JaD...PalQWWLg"}],
// "iv": "u5kIzo0m_d2PjI4m",
// ...
DIDComm Messaging doesn't tell you how to…
✗ Create or use wallets
✗ Work with credentials
✗ Associate a DID with a human (or other) identity (authN more than a DID)
✗ Bind a remote party to a biometric
✗ Move messages over a transport
✗ Choose DID methods or key types or blockchains
✗ Properly maintain relationships
✗ Decide whether a particular combination of behaviors will satisfy your level-of-assurance goals
✗ Synchronize state across multiple agents
DIDComm V2 Protocols
Implementations (v2 only; all open source)
Javascript / Typescript/React Native
Go
Rust
Python
Java
WASM
Swift
pip install didcomm
npm install didcomm
gradle: implementation 'org.didcommx:didcomm:0.3.0'
[dependencies]
didcomm = "0.3"
Swift
JVM
The Road to DIDComm Credential Issuance
Decide on an interop profile [WACI DIDComm]
[ aviary.one ]
But first…
[ aviary.one ]
Invitation
[ aviary.one ]
Propose
[ aviary.one ]
Offer
[ aviary.one ]
Request
[ aviary.one ]
Issue
[ aviary.one ]
Ack
[ aviary.one ]
[ aviary.one ]