Skip to content
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

npm npm Join the chat at Twitter Follow

Ethr-DID Library

DID Specification | ERC-1056 | Getting Started

FAQ and helpdesk support

This library conforms to ERC-1056 and is intended to use Ethereum addresses as fully self-managed Decentralized Identifiers (DIDs), it allows you to easily create and manage keys for these identities. It also lets you sign standards compliant JSON Web Tokens (JWT) that can be consumed using the DID-JWT library.

This library can be used to create a new ethr-did identity. It allows ethr-did identities to be represented as an object that can perform actions such as updating its did-document, signing messages, and verifying messages from other dids.

Use this if you are looking for the easiest way to start using ethr-did identities, and want high-level abstractions to access its entire range of capabilities. It encapsulates all the functionality of ethr-did-resolver and ethr-did-registry.

A DID is an Identifier that allows you to lookup a DID document that can be used to authenticate you and messages created by you.

Ethr-DID provides a scalable identity method for Ethereum addresses that gives any Ethereum address the ability to collect on-chain and off-chain data. Because Ethr-DID allows any Ethereum key pair to become an identity, it is more scalable and privacy-preserving than smart contract based identity methods, like our previous Proxy Contract.

This particular DID method relies on the Ethr-Did-Registry. The Ethr-DID-Registry is a smart contract that facilitates public key resolution for off-chain (and on-chain) authentication. It also facilitates key rotation, delegate assignment and revocation to allow 3rd party signers on a key's behalf, as well as setting and revoking off-chain attribute data. These interactions and events are used in aggregate to form a DID's DID document using the Ethr-Did-Resolver.

An example of a DID document resolved using the Ethr-Did-Resolver:

  '@context': '',
  id: 'did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a',
  publicKey: [{
       id: 'did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a#owner',
       type: 'Secp256k1VerificationKey2018',
       owner: 'did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a',
       ethereumAddress: '0xb9c5714089478a327f09197987f16f9e5d936e8a'}],
  authentication: [{
       type: 'Secp256k1SignatureAuthentication2018',
       publicKey: 'did:ethr:0xb9c5714089478a327f09197987f16f9e5d936e8a#owner'}]

On-chain refers to something that is resolved with a transaction on a blockchain, while off-chain can refer to anything from temporary payment channels to IPFS.

It supports the proposed Decentralized Identifiers spec from the W3C Credentials Community Group.

DID Method

A "DID method" is a specific implementation of a DID scheme that is identified by a method name. In this case, the method name is ethr, and the method identifier is an Ethereum address.

To encode a DID for an Ethereum address, simply prepend did:ethr:

For example:



import EthrDID from 'ethr-did'

// Assume web3 object is configured either manually or injected using metamask

const ethrDid = new EthrDID({address: '0x...', privateKey: '...', provider})
key description required
address Ethereum address representing Identity yes
registry registry address (defaults to 0xdca7ef03e98e0dc2b855be647c39abe984fcf21b) no
provider web3 provider no
web3 preconfigured web3 object no
rpcUrl JSON-RPC endpoint url no
signer Signing function either signer or privateKey
privateKey Hex encoded private key yes*

Note An instance created using only an address can only be used to encapsulate an external ethr-did (one where there is no access to the private key). This instance will not have the ability to sign anything, but it can be used for a subset of actions:

  • provide its own address (ethrDid.address)
  • provide the full DID string (ethrDid.did)
  • lookup its owner await ethrDid.lookupOwner()
  • verify a JWT await ethrDid.verifyJwt(jwt)