Author: Comfort (ArcBlock data engineer)
Since Microsoft today announced the launch of decentralized identity system, "to the center of identity" (DID) has become one of the hottest areas of the block chain concepts. Following the "decentralized Exchange", "decentralized application", "decentralization" of the war has finally spread to the identification system, but the vast majority of people for this new concept is still confused.
What DID essentially?
DID is what counted out?
What is the process of calculating DID?
DID Although there are a variety of scenarios, but the essence is actually a DID address. DID and similar conventional bit coin, square Ethernet address that: they are calculated from the address of a private key. The probability of different private key can generate the same address close to zero in the real world.
DID and distinguished in that a conventional address, the calculation of the DID added to certain information, including the type of encryption algorithm used in this DID, type of hash algorithm. These types of algorithms applied to generate the DID different steps, such as encryption algorithm is specified how the user private and public keys are computed hash algorithm is predetermined user information is calculated as the hash algorithm what time (will be explained in detail later ). DID DID owners can use this to perform various operations, including identity verification, authorization transactions. It can be said, DID will be the Internet infrastructure in the future, any act required or authorized verification can be done by DID. Now the general authorization verification behavior is by entering a password, provide valid documents, notary or through a third party to complete, while the popularity of DID will make everything can be done with private key signature in the mobile terminal, which will make people's digital life, even basic necessities under the line will be greatly facilitated.
Such a powerful DID, technical engineering to realize it is not complicated.
In fact, the process of generating the DID, and the kitchen cooking a dish very similar process. We need the following:
Kitchen: DID need to generate an external tool
Ingredients: DID calculation of basic raw materials
Cooking methods: how to mix these ingredients and kitchen utensils, concrete steps need to be performed
Next resolved in detail how to generate a DID through six steps, let DID no longer mysterious.
A set of kitchen utensils: signature algorithm, hash algorithm, DID type
The first step is the generation of the DID in creating a suitable cookware. This information will be embedded in the DID generated, such third-party verification when you know the corresponding tools should be used to verify.
Signature Algorithm: a private key and a public key algorithm to generate the user. Currently Forge SDK default signature system supports two options: secp256k1 and ed25519.
Hashing algorithm: data used to calculate the hash algorithm. Hash function somewhat like a black box, it converts the data of arbitrary length is fixed length data. For the same input, different types having different output harsher. The default hash algorithm Forge SDK is SHA3 256.
DID type: After selecting the signature algorithm and hash algorithm, the last choice is to DID role type. This specifies the type of role DID tell the authenticator this DID represent applications, personal or equipment. The following is the type of role that we currently support.
These three things are we required to generate DID kitchenware. Excellent sushi chef always can not do without a good knife, because kitchen will leave marks on the ingredients of each process; the same token, we have chosen the kitchen, will leave his own shadow in DID after generated .
Ingredients: private, public
Now we are ready the necessary pots and pans, and let's see if we need to do a dinner DID what raw materials.
The core ingredients are private. The private key is a set of data requires careful custody. Anyone who holds the keys you can regenerate your wallet, purse and used to do all sorts of things, including transfers, approval of the transaction and so on, so we must be careful to protect your key information.
It is based on public key encryption algorithm calculated from the private key, usually due to a third party or the public to verify the signature. The public key is public, so if someone knows your public key, but do not know your private key, you will not pose any threat to information security.
In general, it DID generate only public key. However, since the public key is calculated from the key, even if only the given key, the DID may be generated. In other words, any of a private or public key, you can generate a DID. However, for security reasons, we suggest that you provide general public, and protect themselves and their private information.
DID as a raw material, private / public key directly determines the content of DID, like sushi using fish, which determines the road eel sushi is sushi, salmon sushi or octopus sushi.
Cooking methods
After introducing kitchen utensils and raw materials, we look at how to prepare it DID.
Before we introduce DID cooking methods, make sure you're ready hashing algorithm, signature algorithm, DID type, and has a set of key and public key. Next, following the procedure of cooking method, one can get a DID.
step 1
Public key using a hashing algorithm to calculate a hash value hash1.
Step 2
The first 20 bytes FETCH hash1 as hash2, stand aside.
Step 3
DID added in front of type byte character hash2, to give hash3.
Step 4
Hash3 using a hashing algorithm to calculate a hash value, get hash4
Step 5
The first four bytes hash4 and hash3 combined, generate hash5.
Step 6
Using a bit credits base58 encoding method hash5 obtain DID.
Congratulations, you successfully generate its own DID!
to sum up
Now that you've experienced the whole process of DID generated a total of only six steps, than Cao Zhi seven-step poetry even less step.
While the back-end technical support is more complex, but users and developers use the process entirely feel. For example, in the ABT purse, in order to create a DID-based personal wallet only need four steps; and for developers, DID entire generation process is automatically integrated in the Forge SDK inside.
DID allows users without additional registration process, and use information directly in the DID, the whole process does not require third-party involvement. Forge SDK will calculate all user address, the address of all assets automatically optimize became DID, therefore Forge SDK applications developed naturally enjoy the advantages of the DID, the exchange will be more smoothly with each other. Forge SDK DID into the core logic of decentralized applications, push DID become one of the Internet infrastructure, applications interoperability. Under the joint action Forge SDK and the DID, the future has to block chain.