Glossary

Decentralized Identifier (DID)

Hard

A decentralized identifier, or DID, refers to an ID that can be issued by an autonomous, independent, and decentralized platform that acts as a proof of ownership of digital identity.

What Is a Decentralized Identifier (DID)?

Decentralized IDs are a new-age trust framework of universally unique identifiers (UUID) that are cryptographically verifiable and don’t need a centralized registration authority. They can be used to identify persons, abstract entities, organizations, data models and Internet of Things (IoT) devices.

The foundation of DID is to give back control of identity to internet users and empower them to generate unique identifiers using the systems they trust. By enabling authentication of these identifiers with cryptographic proofs such as digital signatures, both individuals and organizations can benefit from seamless, secure and private data exchange leveraging blockchain’s distributed ledger technology (DLT).

In today’s digital world, we need to provide critical information to access apps, websites, services and devices. The existing technology of universally unique identifiers (UUID) and uniform resource names (URN) requires a centralized registration authority and isn’t equipped to verify ownership of the identifier cryptographically. As a result, we’re often subject to privacy loss, data theft and other related problems. 

But with the DID framework, users can store several accepted identifiers such as government-issued certificates, educational and tax certificates, and other personally identifiable information (PII) in a secured and private digital wallet. Rather than relying on a central authority to manage the user’s identity, a blockchain-based distributed ledger serves as the source of all identifiers stored in the wallet. The identification information is not stored on the ledger but in a user-managed wallet. It enables people to share different parts of their identity with various services as they see fit.

Unlike the centralized framework, users can present only the required information to any entity (website, app, etc.). These entities can verify that the proofs are true via a blockchain-based ledger. For instance, you’re trying to register for a new online service, and it needs you to prove that you’re over 18 years. Using the decentralized framework, you’ll be able to control what information is shared from your digital wallet with the online service. You can present proof that you’re over 18 without revealing your actual date of birth. 

The DID Framework

The core DID draft, initially published by w3c, clarifies that a Decentralized Identifier is a simple text string. It consists of three parts:
  1. The DID URI scheme identifier, stored on-chain.
  2. The DID method identifier.
  3. The DID method-specific identifier.
DIDs are part of a global key-value database wherein compatible blockchains such as Ethereum host the DID Documents (e.g., public keys, service endpoints and authentication protocols). DIDs act as keys and DID Documents as values to describe specific data models to bootstrap cryptographically verifiable interactions with the identified entity in the decentralized ecosystem.

Most notably, a DID Document includes a public key for authentication. The owner of a DID Document may establish ownership by using the private key associated with it.

Author:

Donald Bullers has over ten years of leadership experience in technology and software development, spanning from being the vice president of a leading digital agency to founding Tuum Technologies.

Donald is among the early adopters of blockchain technology, a driven, self-motivated individual, and a confident leader. He has a keen interest in cloud computing, Web 3.0 and digital identities. He leverages his vast knowledge and expertise to help software teams build products for the decentralized ecosystem using Elastos, Web 3.0 technology.

Connect with Donald directly on Twitter.