# Decentralised IDentifiers (DIDs)

## What is a DID?
A DID is a decentralized identifier. A DID is a digital ID that identifies a resource (or entity), a person, place, thing, or corporation. Just about anything can have a DID.

We can compare DIDs to social security numbers (SSN) in the United States or a driver's license in any country. Every number is unique and specific to one person. The only issue with documents is that they are insecure and vulnerable to theft.

DIDs use cryptography to keep them secure. Various cryptographic strategies are applied depending on the DID method that generates the DID. Atala PRISM uses elliptic curve cryptography.

Another significant departure from our comparison of SSNs is how they are issued and registered. SSNs are administered and registered by the US government. Anyone can generate a DID, and it requires no central authority to register it. Having no central authority generating DIDs means that the entity that creates the DID controls it (in most cases).

## Technical Break Down
This section will break down the individual components of a DID and explain each of them thoroughly.

### DID
DIDs are a string of characters that make up a globally unique identifier. They can get queried to retrieve metadata about the resource identified by the DID.

> **Note:** The term resource is interchangeable with the term entity. From here on, we use entity.

DIDs have four properties:

1. Persistent: It never changes
2. Resolvable: It can be looked up or queried
3. Cryptographically verifiable: Control can be proven with cryptography
4. Decentralized: There is no central authority to register with

### DID scheme
The DID scheme is the standardized format all DIDs use. This format is:
```did:method_name:method-specific-identifier```.

A DID is a string of characters, consisting of three parts:

* URI scheme
  * This references the URI schemes below, ```did:```
* DID method
  * This method id is specific to the platform, Atala PRISM's method is ```prism:```
* DID method-specific-identifier
  * This is the identifier generated by the specified DID method

> **Figure 1.1** *DID Scheme*

#### Long Form

The long form of the DID with PRISM exists but is *unpublished* to the blockchain.
An *unpublished* DID contain a suffix after the `method-specific-identifier` that resemble the initial state of the DID.

```did:prism:71c00ada1793895788522846cb0e821f729d5a4c7a473220155f047c93477410:Cj8KPRI7CgdtYXN0ZXIwEAFKLgoJc2VjcDI1NmsxEiEDoUwF9v2iwlgc03JugomsmP0lfcafu2hJ_piDv26zXz```
> **Figure 1.2** *PRISM DID Scheme, Long form*

#### Canonical

The canonical form of the DID with PRISM exists and is *published* on the blockchain.

```did:prism:71c00ada1793895788522846cb0e821f729d5a4c7a473220155f047c93477410```
> **Figure 1.3** *PRISM DID Scheme, Canonical form*

### DID method
A DID method is how DIDs get created, resolved, updated and deactivated. Each digital identity platform has a DID method. A registry of approved DID methods can be found [here](https://www.w3.org/TR/did-spec-registries/#did-methods).

### DID URI
A DID URI is a standard identifier for entities on the internet. These identifiers are a string of unique characters globally. For example, two people may have the same name. No URI will be the same. They may be similar but will not be identical.

Decentralized identifiers use the URI ```did:```

> **Examples of other common URI's are:**
> * http: Hypertext Transfer Protocol
> * https: Hypertext Transfer Protocol Secure
> * ftp: File Transfer Protocol
> * smb: Server Message Block
> * sms: Short Message Service

### DID URL
A DID URL is a Uniform Resource Locator (URL) that contains the DID in addition to a DID path. This address would be similar to a web address: ```did:prism:123456/path```

The main difference between the URI and URL is that the URL points to the *location* of the entity.

> **Examples of URL's**
> * http://www.iohk.io
> * https://www.atalaprism.io

### DID syntax
The DID syntax extends the DID scheme with additional definitions. All DIDs are required to conform to the ABNF rules.
> **Figure 1.4** *DID Syntax ABNF Rules*

### DID document
DIDs themselves are helpful to an extent. We can use them to reference the entity they describe. DIDs become truly useful when some datum is attached to them, a DID document. DID documents are a standardized data structure that is machine-readable. They can get looked up, and software designed to decipher the document can output in a human-readable format. This output could be in a wallet or browser.

All DIDs have *one* DID document. It contains metadata about the DID subject, which is the entity *identified by* the DID.

> **Figure 1.5** *Example of an Atala PRISM DID document*

**NEED EXAMPLE OF A PRISM DID IRL**

* id
* public keys
  * id
  * usage (master, issuing, and revocation keys)
  * ecKeyData (elliptic curve cryptography is what PRISM utilizes)

> **Note:** It is worth noting that DID documents are *not* published on the blockchain. It would be possible to look up a DID, but it would not be possible to see the DID document.

Many properties make up the DID document. There are DID Document properties, Verification Method properties, and Service properties.

> **Figure 1.6** *DID document properties*

> **Figure 1.7** *Verification Method properties*

> **Figure 1.8** *Service properties*

```abnf
{
  "@context": [
    "https://www.w3.org/ns/did/v1",
    "https://w3id.org/security/suites/ed25519-2020/v1"
  ],
  "id": "did:example:123456789abcdefghi",

  "authentication": [

    "did:example:123456789abcdefghi#keys-1",



    {
      "id": "did:example:123456789abcdefghi#keys-2",
      "type": "Ed25519VerificationKey2020",
      "controller": "did:example:123456789abcdefghi",
      "publicKeyMultibase": "zH3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
    }
  ],

}
```
> **Figure 1.9** *Example of a DID document with a verification method [W3C DID Core](https://www.w3.org/TR/did-core/#dfn-decentralized-identifiers)*

### DID subject
A DID subject is simply the entity identified by the DID and described by the DID document. Anything can be a DID subject, person, place, thing, corporation, etc.

# Verifiable Credentials

## What is a Verified Credential?
Verifiable Credentials (VCs or credentials) are digital documents modeled after the W3C Standards. VCs are digital representation of any physical document that you may carry around in a wallet today. With the introduction of technologies, like digital signatures and cryptography, it adds a layer of security and ensures the trustworthiness of the documents themselves.

To take a step beyond replacing the documents you may hold in a wallet today, like a driver's license, VCs could add a layer of information about the reputation of a business, or a programmer. They would be rated by other individuals that have a DID, and would establish a trustworthy rating system. Think of it as a trustworthy Yelp or Google Reviews.


## Technical Breakdown
### Holder
A holder can possess any number of verified credentials. The VCs can be stored in a repository like a digital wallet, i.e. Daedalus or the Atala PRISM demo app.

### Issuer
An entity asserts claims about one or more subjects (DID subject). From these claims, a verified credential is created and issued or delivered to a holder (subject).

### Verifier
An entity receives one or more VCs, for processing or verification. This process is done via a verifiable presentation that is encrypted. After a presentation, the data is determined to be trustworthy through a process of cryptographic verification. It is important to note that depending on the presentation type requested, it may not contain the verified credential itself, but may contain a snippet of the original VC.

> **Note:** It is worth noting that these roles are not specific to certain kinds of entities. Any entity can be an Issuer, Holder and Verifier simultaneously.

The diagram below describes what is commonly referred to as the **trust triangle** and shows the flow and relationships between an Issuer, Holder, and Verifier.

> **Figure 2.1** *Trust Triangle*

### Example in Practice
IO University is the issuer that will issue certifications for completing courses. The certification is the verified credential being issued. When I complete the Atala PRISM Pioneer Program, IO University (issuer) will issue a verified credential containing the details of the certificate to a student (holder).

When applying for a job at IOG, the student could present their verified credential to IOG (verifier), that they completed the Atala PRISM Pioneer Program.

> **Figure 2.2** *Diagram showing IOG issuing a credential to IO University. IO University issues credential to student for certification.*

# Merkle Trees

A Merkle trees are cryptographic data structures. They provide a compact and efficient way to verify the integrity of large data sets. Blockchain and decentralized technologies have adopted Merkle trees as a core component. The basic concept is that they can provide mathematical proof that a specific item, like a blockchain transaction, exists somewhere in the blockchain (dataset).


## Building a Merkle Tree
To create a Merkle tree, all of the input hashes get grouped into pairs with a concatenation operation. This process continues to divide hashes into pairs until it resolves to 1, this final hash is the Merkle root.

> Figure 1.1 Diagram of a Merkle Tree

The result is not to store the entire set of input data but to store a proof of their presence in a format small enough to be stored and transferred between computers.


## Searching a Merkle Tree
A computer or node, can quickly verify a specific data item exists in the Merkle tree. The node only needs to prove the following:
* leaf hash, this is the hash of the data item
* Merkle root hash
* Hashes along the root path, which is the path from leaf to the root that includes sibling hashes

Merkle trees allow validation of specific data elements without having to validate the entire dataset. This ensures integrity amongst the data and can be used in consensus algorithms to determine if a node is lying about transactions to other nodes. The main benefits and usage of Merkle trees are:
* Storage optimization
* Computation speed

Integrity and tamper-proofing is the hash being resistant to an attack seeking a specific hash value. We can verify a data element belongs in the hash by computing the resulting hash for each subsequent level down to the Merkle root. It is not possible to locate inputs that were used to generate a specific hash. Hashing is a unidirectional function, meaning it is not feasible to retrieve the original inputs from a hash.