This repository was archived by the owner on Apr 19, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathindex.html
More file actions
71 lines (71 loc) · 32.7 KB
/
index.html
File metadata and controls
71 lines (71 loc) · 32.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<!doctype html>
<html lang="en" dir="ltr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="generator" content="Docusaurus v2.0.0-beta.ff31de0ff">
<link rel="alternate" type="application/rss+xml" href="/blog/rss.xml" title="Spruce Developer Portal Blog RSS Feed">
<link rel="alternate" type="application/atom+xml" href="/blog/atom.xml" title="Spruce Developer Portal Blog Atom Feed"><title data-react-helmet="true">Getting Started with DIDKit | Spruce Developer Portal</title><meta data-react-helmet="true" property="og:title" content="Getting Started with DIDKit | Spruce Developer Portal"><meta data-react-helmet="true" property="og:url" content="https://spruceid.dev/"><meta data-react-helmet="true" name="docusaurus_locale" content="en"><meta data-react-helmet="true" name="docusaurus_tag" content="default"><link data-react-helmet="true" rel="shortcut icon" href="/assets/logo.png"><link data-react-helmet="true" rel="canonical" href="https://spruceid.dev/"><link data-react-helmet="true" rel="alternate" href="https://spruceid.dev/" hreflang="en"><link data-react-helmet="true" rel="alternate" href="https://spruceid.dev/" hreflang="x-default"><script data-react-helmet="true">function maybeInsertBanner(){window.__DOCUSAURUS_INSERT_BASEURL_BANNER&&insertBanner()}function insertBanner(){var n=document.getElementById("docusaurus-base-url-issue-banner-container");if(n){n.innerHTML='\n<div id="docusaurus-base-url-issue-banner" style="border: thick solid red; background-color: rgb(255, 230, 179); margin: 20px; padding: 20px; font-size: 20px;">\n <p style="font-weight: bold; font-size: 30px;">Your Docusaurus site did not load properly.</p>\n <p>A very common reason is a wrong site <a href="https://docusaurus.io/docs/docusaurus.config.js/#baseurl" style="font-weight: bold;">baseUrl configuration</a>.</p>\n <p>Current configured baseUrl = <span style="font-weight: bold; color: red;">/</span> (default value)</p>\n <p>We suggest trying baseUrl = <span id="docusaurus-base-url-issue-banner-suggestion-container" style="font-weight: bold; color: green;"></span></p>\n</div>\n';var e=document.getElementById("docusaurus-base-url-issue-banner-suggestion-container"),s=window.location.pathname,r="/"===s.substr(-1)?s:s+"/";e.innerHTML=r}}window.__DOCUSAURUS_INSERT_BASEURL_BANNER=!0,document.addEventListener("DOMContentLoaded",maybeInsertBanner)</script><link rel="stylesheet" href="/assets/css/styles.e956416b.css">
<link rel="preload" href="/assets/js/runtime~main.2c83ebaf.js" as="script">
<link rel="preload" href="/assets/js/main.8697a4a8.js" as="script">
</head>
<body>
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"dark")}()</script><div id="__docusaurus">
<div id="docusaurus-base-url-issue-banner-container"></div><div><a href="#main" class="skipToContent_1oUP">Skip to main content</a></div><nav class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Navigation bar toggle" class="navbar__toggle" type="button" tabindex="0"><svg aria-label="Menu" width="30" height="30" viewBox="0 0 30 30" role="img" focusable="false"><title>Menu</title><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a href="https://spruceid.com/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><img src="/assets/logo.png" alt="Spruce Site Logo" class="themedImage_1VuW themedImage--light_3UqQ navbar__logo"><img src="/assets/logo.png" alt="Spruce Site Logo" class="themedImage_1VuW themedImage--dark_hz6m navbar__logo"><strong class="navbar__title">Spruce</strong></a><a class="navbar__item navbar__link" usebaseurl="/docs/" href="/docs/">.dev Portal</a><a class="navbar__item navbar__link" usebaseurl="/didkit/" href="/docs/didkit/">DIDKit</a><a class="navbar__item navbar__link" usebaseurl="/credible/" href="/docs/credible">Credible</a><a href="https://sprucesystems.medium.com/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link" usebaseurl="/blog/">Blog</a></div><div class="navbar__items navbar__items--right"><a href="https://github.com/spruceid/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">GitHub</a><div class="react-toggle displayOnlyInLargeViewport_GrZ2 react-toggle--checked react-toggle--disabled" role="button" tabindex="-1"><div class="react-toggle-track"><div class="react-toggle-track-check"><span class="toggle_71bT">🌜</span></div><div class="react-toggle-track-x"><span class="toggle_71bT">🌞</span></div></div><div class="react-toggle-thumb"></div><input type="checkbox" checked="" class="react-toggle-screenreader-only" aria-label="Switch between dark and light mode"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div><div class="navbar-sidebar"><div class="navbar-sidebar__brand"><a href="https://spruceid.com/" target="_blank" rel="noopener noreferrer" class="navbar__brand"><img src="/assets/logo.png" alt="Spruce Site Logo" class="themedImage_1VuW themedImage--light_3UqQ navbar__logo"><img src="/assets/logo.png" alt="Spruce Site Logo" class="themedImage_1VuW themedImage--dark_hz6m navbar__logo"><strong class="navbar__title">Spruce</strong></a></div><div class="navbar-sidebar__items"><div class="menu"><ul class="menu__list"><li class="menu__list-item"><a class="menu__link" usebaseurl="/docs/" href="/docs/">.dev Portal</a></li><li class="menu__list-item"><a class="menu__link" usebaseurl="/didkit/" href="/docs/didkit/">DIDKit</a></li><li class="menu__list-item"><a class="menu__link" usebaseurl="/credible/" href="/docs/credible">Credible</a></li><li class="menu__list-item"><a href="https://sprucesystems.medium.com/" target="_blank" rel="noopener noreferrer" class="menu__link" usebaseurl="/blog/">Blog</a></li><li class="menu__list-item"><a href="https://github.com/spruceid/" target="_blank" rel="noopener noreferrer" class="menu__link">GitHub</a></li></ul></div></div></div></nav><div class="main-wrapper mdx-wrapper mdx-page"><main><div class="container container--fluid"><div class="margin-vert--lg padding-vert--lg"><div class="row"><div class="col col--8 col--offset-2"><div class="container"><h1><a aria-hidden="true" tabindex="-1" class="anchor enhancedAnchor_2LWZ" id="getting-started-with-spruce-id"></a>Getting Started with Spruce ID<a class="hash-link" href="#getting-started-with-spruce-id" title="Direct link to heading">#</a></h1><p>This website exists for two complementary purposes: </p><ol><li>To get you <em>using</em> DIDKit and other Spruce ID tooling as smoothly and quickly
as possible</li><li>To provide developer <a href="/docs/">docs</a> and <a href="/docs/glossary">references</a>
that help you understand <a href="/docs/didkit">DIDKit</a></li><li>To help you wrap your head around
<a href="/docs/primer/">Verifiable Credentials</a>, find the right <a href="/docs/did-methods">Decentralized
Identifier scheme</a> for your project, and generally just
get you from "curious🤔" to "wizard🧙♂️" as fast as we can.</li></ol><p>This page is devoted to #1 for the do-first crowd. If jumping straight into a command line sounds little scary, feel free to choose your own adventure and click around on those links above first. Then come back for ther tour! Similarly, if you already know what DIDKit is and does, and just want a reference page specific to the interface you'll be using, jump straight to that page from this
list:</p><div class="dropdown"><ul id="my-dropdown2"><li><a href="/docs/didkit-interfaces/rust">Rust</a></li><li><a href="/docs/didkit-interfaces/C">C</a></li><li><a href="/docs/didkit-interfaces/java">Java</a></li><li><a href="/docs/didkit-interfaces/python">Python</a></li><li><a href="/docs/didkit-interfaces/node">Node/JS</a></li></ul><a href="#my-dropdown2" aria-controls="my-dropdown2" role="button" data-toggle="dropdown" id="my-dropdown2-btn">Select an option...</a><a href="#my-dropdown2-btn" aria-controls="my-dropdown2" role="button" data-toggle="dropdown" class="close">Close dropdown</a></div><h2><a aria-hidden="true" tabindex="-1" class="anchor enhancedAnchor_2LWZ" id="step-0-install-didkit"></a>Step 0: install DIDKit<a class="hash-link" href="#step-0-install-didkit" title="Direct link to heading">#</a></h2><p>These examples will walk you through installing DIDKit and using it on a Linux
command-line environment-- Linux on a Mac or WSL2 on a Windows machine should
work fine (but run <code>sudo apt install build-essential</code> just in case).</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly sh"><div tabindex="0" class="prism-code language-sh codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">cargo install didkit-cli</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>If you prefer to build manually from source or via docker, instructions are in our docs.</p><h2><a aria-hidden="true" tabindex="-1" class="anchor enhancedAnchor_2LWZ" id="step-1-issue-your-first-verifiable-credential"></a>Step 1: Issue your first Verifiable Credential<a class="hash-link" href="#step-1-issue-your-first-verifiable-credential" title="Direct link to heading">#</a></h2><p>If you're not familiar with Verifiable Credentials, they're a low-level data
format designed to be Very Portable, as in: anyone can authenticate this data,
and if they understand who it was that "issued" (i.e. minted) that unique,
signed, data object, they can trust it as much as they trust the issuer. More
info in the <a href="/docs/primer">primer</a>.</p><p>So what do you need to get started with VCs? Basically just DIDKit and a dream!
The first ingredient is DIDKit, the second is a signing key, which DIDKit can
generate for you once it's installed. From the DIDKit root directory:</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly sh"><div tabindex="0" class="prism-code language-sh codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">didkit generate-ed25519-key > issuer_key.jwk</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>Or, if you want to BYO a private key you already have (Ed25519 for now, to keep
the examples simple), you can just copy it into the folder like so:</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly sh"><div tabindex="0" class="prism-code language-sh codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">cp /path/to/privkey.jwk issuer_key.jwk</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>Once this key is on hand, you have to structure some data to be the payload of
this VC you want to issue. For simplicity, let's throw this into a JSON file to
be signed over in the next step. Don't worry too much about the meaning or
function of any specific property if this is your first Verifiable Credential--
all things in time. You're not signing away your soul, don't worry-- these are the basic ingredients of a verified credential.</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly bash"><div tabindex="0" class="prism-code language-bash codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token function" style="color:rgb(130, 170, 255)">cat</span><span class="token plain"> </span><span class="token operator" style="color:rgb(137, 221, 255)">></span><span class="token plain"> payload.json </span><span class="token operator" style="color:rgb(137, 221, 255)"><<</span><span class="token string" style="color:rgb(195, 232, 141)">EOF</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)">{</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "@context": "https://www.w3.org/2018/credentials/v1",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "id": "urn:uuid:</span><span class="token string variable" style="color:rgb(191, 199, 213)">`</span><span class="token string variable" style="color:rgb(191, 199, 213)">uuidgen</span><span class="token string variable" style="color:rgb(191, 199, 213)">`</span><span class="token string" style="color:rgb(195, 232, 141)">",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "type": ["VerifiableCredential"],</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "issuer": "did:web:issuance.yournamehere.com",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "issuanceDate": "</span><span class="token string variable" style="color:rgb(191, 199, 213)">`</span><span class="token string variable function" style="color:rgb(130, 170, 255)">date</span><span class="token string variable" style="color:rgb(191, 199, 213)"> --utc +%FT%TZ</span><span class="token string variable" style="color:rgb(191, 199, 213)">`</span><span class="token string" style="color:rgb(195, 232, 141)">",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "credentialSubject": {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> "id": "did:example:0x1234someguywetalkinabout"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)">}</span></div><div class="token-line" style="color:#bfc7d5"><span class="token string" style="color:rgb(195, 232, 141)">EOF</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>Now you're ready to mint the thing by signing it with that private key, which has to be passed in two different ways: as a key, and as a "verification method" (a transformation of the key which we'll explain later).</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly sh"><div tabindex="0" class="prism-code language-sh codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">verification_method=$(didkit key-to-verification-method -k issuer_key.jwk)</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">didkit vc-issue-credential -k issuer_key.jwk -v "$verification_method" -p assertionMethod <payload.json >credential-signed.jsonld</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">cat credential-signed.jsonld</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>And that's it! Wherever this signed blob ends up, it can be handled by standard
JSON tooling, and VC tooling can identity it as trustworthy information, or at
least as trustworthy as 'yournamehere.com' was at the time in 'issuanceDate'.
Notice that the 'issuer' field identified you by a website, and a "did:web:"
prefix. We'll explain this one in the next step.</p><h2><a aria-hidden="true" tabindex="-1" class="anchor enhancedAnchor_2LWZ" id="step-2-verifying-a-real-vc"></a>Step 2: Verifying a real VC<a class="hash-link" href="#step-2-verifying-a-real-vc" title="Direct link to heading">#</a></h2><p>Let's take a real-life VC issued by our testing faucet and drop it into your DIDKit root directory as an example.</p><details><summary>Click here for an example VC</summary><div><div><i>Note: to get a fresher version of this credential issued to a real-world DID, you might want to install the Credible mobile wallet on a mobile device, whether from <a href="https://github.com/spruceid/credible" target="_blank" rel="noopener noreferrer">source code</a>, from <a href="https://testflight.apple.com/join/CPZON8Ho" target="_blank" rel="noopener noreferrer">Apple Test Flight</a>, or from <a href="https://play.google.com/store/apps/details?id=com.spruceid.app.credible&hl=de&gl=US" target="_blank" rel="noopener noreferrer">the Google Play store</a>. Once you have Credible installed, it will automatically generate an off-chain did-tz (it will resemble <code>did:tz:tz1aTuW7578MTt3ZtWYCjX65nUXkzE1CMcAf</code>), and when you navigate to <a href="https://demo.spruceid.com" target="_blank" rel="noopener noreferrer">our demo faucet</a></i>, you can get a VC issued to you containing your unique, decentralized identifier.</div><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly"><div tabindex="0" class="prism-code language-undefined codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">{</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "@context": [</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "https://www.w3.org/2018/credentials/v1",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "https://schema.org/"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ],</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "id": "urn:uuid:baef4793-ab07-4c17-a175-ec114b18245e",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "type": "VerifiableCredential",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "credentialSubject": {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "id": "did:tz:tz1aTuW7578MTt3ZtWYCjX65nUXkzE1CMcAf"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "issuer": "did:web:demo.spruceid.com:2021:vc-faucet",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "issuanceDate": "2021-09-13T09:19:41Z",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "proof": {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "type": "Ed25519Signature2018",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "proofPurpose": "assertionMethod",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "verificationMethod": "did:web:demo.spruceid.com:2021:vc-faucet#key-1",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "created": "2021-09-13T09:19:41.374Z",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "jws": "eyJhbGciOiJFZERTQSIsImNyaXQiOlsiYjY0Il0sImI2NCI6ZmFsc2V9..uwSzKxDeXk4nCd6EH6H-7GwaXNwgdoEBPNsrCbbcmJV9hJRrwZPJakXaK6c4uFkFoICGUikTBifmEdV_7BOCCg"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> },</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "expirationDate": "2021-10-13T09:19:41Z"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">}</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div></div><br>(You can cut and paste it into a <code>sample.vc</code> file using a text editor or a bash command for simplicity's sake, or download it <a href="/assets/example_vc.json">here</a>).</details><br>You will notice that this VC looks much like the one you issued in the previous step, but with a "proof" section attached with contains the issuer's signature and metadata for verifying it. Verifying this signature is as simple as another single-line DIDKit call:<div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly bash"><div tabindex="0" class="prism-code language-bash codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">didkit vc-verify-credential -p assertionMethod </span><span class="token operator" style="color:rgb(137, 221, 255)"><</span><span class="token plain">example.vc </span><span class="token operator" style="color:rgb(137, 221, 255)">></span><span class="token plain">result.json</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>That will spit out a verbose response as a JSON file listing the checks passed, warnings, and errors. If everything is set up properly, you should see this when you <code>nano result.json</code>:</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly json"><div tabindex="0" class="prism-code language-json codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token punctuation" style="color:rgb(199, 146, 234)">{</span><span class="token property">"checks"</span><span class="token operator" style="color:rgb(137, 221, 255)">:</span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><span class="token string" style="color:rgb(195, 232, 141)">"proof"</span><span class="token punctuation" style="color:rgb(199, 146, 234)">]</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token property">"warnings"</span><span class="token operator" style="color:rgb(137, 221, 255)">:</span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><span class="token punctuation" style="color:rgb(199, 146, 234)">]</span><span class="token punctuation" style="color:rgb(199, 146, 234)">,</span><span class="token property">"errors"</span><span class="token operator" style="color:rgb(137, 221, 255)">:</span><span class="token punctuation" style="color:rgb(199, 146, 234)">[</span><span class="token punctuation" style="color:rgb(199, 146, 234)">]</span><span class="token punctuation" style="color:rgb(199, 146, 234)">}</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><p>You might be asking yourself, though, how did DIDKit get from <code>"issuer": "did:web:demo.spruceid.com:2021:vc-faucet"</code> to having the public key (and knowing the <em>type</em> of the public key) to be able to verify the signature in the proof? This is the magic of DIDs!</p><details><summary>Detailed explanation of the ✨Magic of Step 1.5✨</summary><h3>The [often implicit!] resolution step</h3><p>Let's take the simple example VC above, issued by <code>did:web:demo.spruceid.com:2021:vc-faucet</code>, i.e. our <a href="https://demo.spruceid.com/" target="_blank" rel="noopener noreferrer">VC faucet</a>). Information about this issuer
has to be "resolved" in much the same way that a web address (like
demo.spruceid.com) needs to be resolved to an IP address to establish a browser
connection. There are many ways of resolving DIDs, but let's stick to DID-web
for now, as it is the easiest for young wizards to understand.</p><p>A "did-web"
is a DID which publishes its "DID Document" (a data file containing
identity information and public keys) in a standardized location at the website
it identifies. <a href="https://demo.spruceid.com/2021/vc-faucet/did.json" target="_blank" rel="noopener noreferrer"><a href="https://demo.spruceid.com/2021/vc-faucet/did.json" target="_blank" rel="noopener noreferrer">https://demo.spruceid.com/2021/vc-faucet/did.json</a></a>
is, as a web-savvy user might expect, a JSON file that publishes resolution
information about the DID <code>did:web:demo.spruceid.com:2021:vc-faucet</code>.
A "did-web" tells you exactly where to go to "resolve" that DID into a DID
document: you just tack <code>/.well-known/did.json</code> to the end of a root
domain, or just <code>/did.json</code> for a qualified domain, and fetch that
JSON blob. Other DID methods have more complex resolution mechanisms, but take
the same input (a DID string) which, if succesfully resolved, outputs the same
kind of DID document, give or take a few optional properties specific to each
DID method.</p><p>The most basic and useful thing that a DID Document contains is a series of
"verification methods", i.e., public keys used for specific purposes and which
can be referenced by specific relative references. These are used to check the
signature on a VC, among other purposes. See, for example, this DID document
from the demo app we use to test DIDKit and wallets:</p><details><summary><h3>Behold! A real-world DID Document!</h3></summary><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly"><div tabindex="0" class="prism-code language-undefined codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">{</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "@context": [</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "https://www.w3.org/ns/did/v1",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "@id": "https://w3id.org/security#publicKeyJwk",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "@type": "@json"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ],</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "id": "did:web:demo.spruceid.com:2021:vc-faucet",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "verificationMethod": [</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "id": "did:web:demo.spruceid.com:2021:vc-faucet#key-1",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "type": "Ed25519VerificationKey2018",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "controller": "did:web:demo.spruceid.com:2021:vc-faucet",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "publicKeyJwk": {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "kty": "OKP",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "crv": "Ed25519",</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "x": "ZMKSD7bKSOg_4IQhZUd-2VCoBTCrEB8L2tql4oRNDUg"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ],</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "authentication": [</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "did:web:demo.spruceid.com:2021:vc-faucet#key-1"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ],</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "assertionMethod": [</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> "did:web:demo.spruceid.com:2021:vc-faucet#key-1"</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ]</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">}</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div><br>*Note: this DID Document has an Ed25519 key as its "key-1" (default key) that is the designated key for <code>`authentication`</code> and<code>`assertionMethod`</code> purposes. The latter alias signals to wallets that this is the key used to sign assertions about the world-- assertions that this public key makes verifiable.*</details><p>While on the issuer side, a verification method can be deterministically derived
from the private key, a verifier downstream does not have that option, which is
why DID Documents exist in the first place: to publish annotated key material
that can be used to verify signatures out there in the world. Having resolved
the issuer's DID, you now have the subset of its contents needed to verify a
credential: the "verification method" for checking the signatures on a VC.</p><p>This might sound like a lot of work described step by step, but don't worry--
DID resolution happens automatically once everything is up and running, as you
already saw above. If you needed to do only the solution step for some reason,
you could fetch a DID Document with a single DIDKit command as well, in any
context with web access:</p><div class="codeBlockContainer_K1bP"><div class="codeBlockContent_hGly"><div tabindex="0" class="prism-code language-undefined codeBlock_23N8 thin-scrollbar"><div class="codeBlockLines_39YC" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain" style="display:inline-block">
</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">didkit did-dereference did:web:demo.spruceid.com:2021:vc-faucet</span></div></div></div><button type="button" aria-label="Copy code to clipboard" class="copyButton_Ue-o">Copy</button></div></div></details></div></div></div></div></div></main></div><footer class="footer footer--dark"><div class="container"><div class="row footer__links"><div class="col footer__col"><ul class="footer__items"><li class="footer__item"><a href="https://spruceid.com" target="_blank" rel="noopener noreferrer" class="footer__link-item">SpruceID.com</a></li></ul></div><div class="col footer__col"><ul class="footer__items"><li class="footer__item"><a href="https://twitter.com/sprucesystems" target="_blank" rel="noopener noreferrer" class="footer__link-item">Twitter</a></li></ul></div><div class="col footer__col"><ul class="footer__items"><li class="footer__item"><a href="https://www.linkedin.com/company/sprucesystemsinc/" target="_blank" rel="noopener noreferrer" class="footer__link-item">LinkedIn</a></li></ul></div><div class="col footer__col"><ul class="footer__items"><li class="footer__item"><a href="https://github.com/spruceid/" target="_blank" rel="noopener noreferrer" class="footer__link-item">GitHub</a></li></ul></div></div><div class="footer__bottom text--center"><div class="footer__copyright">Copyright © 2021 Spruce Systems. Built with Docusaurus.</div></div></div></footer></div>
<script src="/assets/js/runtime~main.2c83ebaf.js"></script>
<script src="/assets/js/main.8697a4a8.js"></script>
</body>
</html>