Did Document Orbit Manifests

[chunningham]

This PR simplifies the Orbit Manifest model by rearranging the URI scheme and following the DID model more closely.

• It reimplements orbit::OrbitMetadata as orbit::Manifest, which is derived directly from a DID Doc via From<Document>.
• Following the DID model, OrbitMedata::controllers has been split in to Manifest::invokers and Manifest::delegators.
• Orbit IDs and resource paths have changed from a scheme://path model (e.g. kepler://<orbit-id-CID>/s3/my_image.jpg) to an extensible pseudo-DID-url scheme (e.g. did:ens:alice.eth#orbit-1 -> kepler:ens:alice.eth://orbit-1:s3/my_image.jpg) implemented as resource::OrbitId and resource::ResourceId.
• Because of the use of DIDs over CIDs, parameters have been removed from Action::Create.
• The Allowlist, used for orbit creation without a signature, has been updated to return the OrbitId instead of a set of controllers.

The URIs are prefixed with kepler: to disambiguate from actual DIDs, as DID methods can define their own pathing semantics and restrictions.

[cobward]

Mostly looks good to me, just a couple of style questions.

[cobward]

URI: peer:12D3KooWSJT2PD5c1rEAD959q9kChGcWUnkkUzku28uY5pqegkuW

Just wondering if we want the kepler URL in here too? i.e. https://kepler.spruceid.xyz/peer/<peer-id> or maybe kepler://spruceid.xyz/peer/<peer-id>. Would be more meaningful for the user

[chunningham]

yeah we probably do, as it must be a URI (hence the peer: bolted on the front). I wanted to use a DID for it, but there isn't afaik a DID method for PeerIDs the same way there is for blockchain accounts (did:pkh) or JWKs (did:key).

[cobward]

When I was looking at the URI spec it wasn't clear to me if the scheme needs to be registered for it to be a valid URI. Do you know?

[chunningham]

technically, a scheme needs to be registered with IANA for the URI to be considered globally unique (in the sense that, someone writing another app should not use it unintentionally)