├── .github └── workflows │ └── render-specs.yml ├── .gitignore ├── .vscode └── settings.json ├── LICENSE ├── README.md ├── docs ├── README.md ├── _config.yml ├── agenda.md ├── companion_guide.md └── index.md ├── package-lock.json ├── package.json ├── schemas └── json-schemas │ ├── authorization-payloads │ ├── base-authorization-payload.json │ └── records-write-authorization-payload.json │ ├── definitions.json │ ├── events │ └── events-get.json │ ├── general-jws.json │ ├── hooks │ └── hooks-write.json │ ├── interface-methods │ ├── messages-get.json │ ├── protocol-definition.json │ ├── protocol-rule-set.json │ ├── protocols-configure.json │ ├── protocols-query.json │ ├── records-delete.json │ ├── records-query.json │ ├── records-read.json │ ├── records-write.json │ └── snapshots-create.json │ ├── jwk-verification-method.json │ ├── jwk │ ├── general-jwk.json │ └── public-jwk.json │ ├── messages │ └── messages-get.json │ ├── permissions │ ├── definitions.json │ ├── permissions-grant.json │ └── permissions-request.json │ ├── protocol-definition.json │ ├── protocol-rule-set.json │ ├── protocols │ ├── protocols-configure.json │ └── protocols-query.json │ └── records │ ├── records-delete.json │ ├── records-query.json │ ├── records-read.json │ └── records-write.json ├── spec ├── 0.0.1-predraft │ ├── images │ │ └── topology.svg │ ├── index.html │ └── spec.md ├── images │ └── topology.svg ├── index.html └── spec.md └── specs.json /.github/workflows/render-specs.yml: -------------------------------------------------------------------------------- 1 | 2 | name: render-specs 3 | 4 | on: 5 | push: 6 | branches: 7 | - main 8 | 9 | jobs: 10 | build-and-deploy-spec: 11 | runs-on: ubuntu-latest 12 | steps: 13 | - name: Checkout 🛎️ 14 | uses: actions/checkout@v2 # If you're using actions/checkout@v2 you must set persist-credentials to false in most cases for the deployment to work correctly. 15 | with: 16 | persist-credentials: false 17 | 18 | - name: Install and Build 🔧 # This example project is built using npm and outputs the result to the 'build' folder. Replace with the commands required to build your project, or remove this step entirely if your site is pre-built. 19 | run: | 20 | npm install 21 | node -e "require('spec-up')({ nowatch: true })" 22 | rm -rf node_modules 23 | 24 | - name: Deploy 25 | uses: peaceiris/actions-gh-pages@v3.7.3 26 | with: 27 | github_token: ${{ secrets.GITHUB_TOKEN }} 28 | publish_dir: ./ 29 | allow_empty_commit: true 30 | force_orphan: true -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .cache 2 | node_modules 3 | */**/node_modules 4 | packages/implementation/db_??* 5 | packages/implementation/did-ion??* -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "liveServer.settings.port": 5502 3 | } -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Decentralized Web Node 2 | 3 | ### Specification 4 | 5 | Latest Draft: https://identity.foundation/decentralized-web-node/spec/ 6 | 7 | ### Companion Guide 8 | 9 | Latest Draft: [https://identity.foundation/decentralized-web-node/guide/](https://identity.foundation/decentralized-web-node/guide/v0.0.1/) 10 | 11 | ### Implementations 12 | 13 | | Implementer | Language | Repo | Environments | 14 | | ----- | ----- | ------ | ----- | 15 | | TBD | TypeScript | [TBD54566975/dwn-sdk-js](https://github.com/TBD54566975/dwn-sdk-js) | Server, Web | 16 | -------------------------------------------------------------------------------- /docs/README.md: -------------------------------------------------------------------------------- 1 | This directory is used to serve github pages. 2 | -------------------------------------------------------------------------------- /docs/_config.yml: -------------------------------------------------------------------------------- 1 | title: Identity Hub 2 | description: GitHub Documentation 3 | url: "https://identity.foundation/identity-hub" 4 | 5 | github: 6 | private: false 7 | license: 8 | name: Apache-2.0 9 | source: 10 | branch: "main" 11 | path: "/docs" 12 | repository_url: "https://github.com/decentralized-identity/identity-hub" 13 | 14 | plugins: 15 | - jekyll-feed 16 | - jekyll-seo-tag 17 | - jekyll-sitemap 18 | -------------------------------------------------------------------------------- /docs/agenda.md: -------------------------------------------------------------------------------- 1 | # DWN Bi-Weekly Calls Notes 2 | 3 | ## Summary 4 | 5 | Bi-weekly DIF call notes on DWN specifications. 6 | 7 | - [Github](https://github.com/decentralized-identity/decentralized-web-node) 8 | - [Wiki](https://identity.foundation/decentralized-web-node/spec/) 9 | 10 | **Editors** 11 | 12 | - Dan Buchner @csuwildcat 13 | - Tobias Looker (Mattr) 14 | 15 | **Contributors** 16 | 17 | - Henry Tsai (Microsoft) 18 | - XinAn Xu (Microsoft) 19 | - Moe Jangda (Block) 20 | 21 | **Co-Chairs** 22 | 23 | - Andor Kesselman @andorsk email: andor@benri.io 24 | - Liran Cohen @lirancohen 25 | 26 | ## DIF Meeting May 29, 2024 27 | 28 | - [Recording]() 29 | - Andor Kesselman 30 | - Alan Karp 31 | - Liran Cohen 32 | - Dan Buchner 33 | - 34 | 35 | | Item | Segment | Time | Owner | Description | 36 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 37 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 38 | | Agenda | Companion Guide Updates | 10 min | @andorsk | | 39 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 40 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 41 | | Slack Updates | Discussion Alignment | 10 min | @andorsk | | 42 | | Tags to Records | Discussion Alignment | 10 min | @liran | | 43 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 44 | | Calls To Action | Closing | 5 min | @andorsk | | 45 | 46 | ### Notes: 47 | 48 | - Merged https://github.com/decentralized-identity/decentralized-web-node/pull/298 in. 49 | - Discussed monthly cadence. Decided to keep it bi-weekly. 50 | - Discussed propogation and versioning. 51 | 52 | ### Action Items: 53 | 54 | - [ ] Discuss versioning next call. 55 | 56 | ## DIF Meeting March 20, 2024 57 | 58 | - [Recording]() 59 | - Andor Kesselman 60 | - Alan Karp 61 | - Liran Cohen 62 | - Dan Buchner 63 | - Henry Tsai 64 | - Brent Shambaugh 65 | 66 | | Item | Segment | Time | Owner | Description | 67 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 68 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 69 | | Agenda | Companion Guide Updates | 10 min | @andorsk | | 70 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 71 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 72 | | Slack Updates | Discussion Alignment | 10 min | @andorsk | | 73 | | Tags to Records | Discussion Alignment | 10 min | @liran | | 74 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 75 | | Calls To Action | Closing | 5 min | @andorsk | | 76 | 77 | ### Notes: 78 | 79 | - Dan: 80 | - Change perms to be in-built permission layer. 81 | - $tags: 82 | - [ create, update, delete, co-update, co-delete ] 83 | - Need to put a 84 | - remove query 85 | - Dan: https://github.com/decentralized-identity/decentralized-web-node/issues/292 86 | - https://hackmd.io/EWMImZ_8QTiz31fIOxlULw 87 | - Henry : Concerned that this is a workaround. Increases size and requires decoding. Possibly use tags. 88 | 89 | ### Action Items: 90 | - Dan: Permission Protocol https://github.com/decentralized-identity/decentralized-web-node/issues/292 91 | - Liran: Protocol Examples, Service Endpoint Section: @liran 92 | - Protocol Language: @andorsk 93 | 94 | ## DIF Meeting March 6, 2024 95 | 96 | - [Recording]() 97 | - Andor Kesselman 98 | - Liran Cohen 99 | - Dan Buchner 100 | - Alan Karp 101 | - Lubna Dajani 102 | - Andrew Piscione 103 | 104 | | Item | Segment | Time | Owner | Description | 105 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 106 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 107 | | Agenda | Companion Guide Updates | 10 min | @andorsk | IIW Updates: | 108 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 109 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 110 | | Slack Updates | Discussion Alignment | 10 min | @andorsk | | 111 | | Tags to Records | Discussion Alignment | 10 min | @liran | | 112 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 113 | | Calls To Action | Closing | 5 min | @andorsk | | 114 | 115 | ### Notes: 116 | 117 | 118 | ### Action Items 119 | 120 | - @andorsk PR : https://github.com/decentralized-identity/decentralized-web-node/pull/288. Reviewed. 121 | - Dan to add in protocol language to 288 122 | - Discussion : 123 | - Improved Examples and Motivations in Intro of Document, with a focus on protocols being the key diffentiator. 124 | - @andorsk : motivations 125 | - @liran : simple protocol that highlights the ability to create roles and share data. 126 | - @alankarp: will review. 127 | 128 | ### Decisions 129 | 130 | - Move dwn-sdk-js notifications to a separate channel. (reach out to Dan before implementing ) 131 | 132 | ### Action Items 133 | 134 | ## DIF Meeting January 24, 2023 135 | 136 | - [Recording]() 137 | - Andor Kesselman 138 | - Alan Karp 139 | - Liran Cohen 140 | 141 | | Item | Segment | Time | Owner | Description | 142 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 143 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 144 | | Agenda | Companion Guide Updates | 10 min | @andorsk | | 145 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 146 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 147 | | Slack Updates | Discussion Alignment | 10 min | @andorsk | | 148 | | Tags to Records | Discussion Alignment | 10 min | @liran | | 149 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 150 | | Calls To Action | Closing | 5 min | @andorsk | | 151 | 152 | ### Notes: 153 | 154 | - Discussion: 155 | 156 | ### Action Items 157 | 158 | - Roadmap: 159 | - Status: 160 | - TODO: Spec alignment. 161 | - Subscription: PR 162 | - Merged event subscribed. Event subscribe coming. 163 | - Meet interop for MVP on spec. Not on sdk. 164 | - Test Suite : 165 | - Compliance test suites. 166 | - Conformance Tests 167 | - Finding a good balance in general 168 | - dwn-sdk will have interfaces 169 | - Test Vectors 170 | - Avoid feature bloat. Document that specifies a minimum conformant system. 171 | - Transport 172 | - Needs to address. 173 | - Roadmap: 174 | - How do we get more engagement with the spec work? 175 | - Less opinions on how it should work. 176 | - Deadlines: 177 | - Hard to contribute to the spec when it's not aligned. 178 | - spec alignment blocking. 179 | - MVP walkthrough. 180 | - commit needs to go 181 | - sync updated 182 | - feature detection 183 | - transport documentation. 184 | - Alan: 185 | - is interoperating important? 186 | - more stuff needs to be in the spec than if that was not the case 187 | - Subscription: 188 | - Drop connection and then it won't renew and then reconnect drops it. 189 | - If someone creates a bunch of subscriptions that won't emit messages. DDOS. 190 | - Wrap up MVP spec. 191 | 192 | ### Decisions 193 | 194 | - Move dwn-sdk-js notifications to a separate channel. (reach out to Dan before implementing ) 195 | 196 | ## DIF Meeting November 15, 2023 197 | 198 | - [Recording](https://us02web.zoom.us/rec/share/T7s-ufLj9OWL3cTTsOw_O-o8RgbFxjF0kWRP0o-YtTaBg28ZKrsjXt5zJwDrTLL5.axBhIjnneo7tbPWu) 199 | - Andor Kesselman 200 | - Alan Karp 201 | - Liran Cohen 202 | - Drummond Reed 203 | 204 | | Item | Segment | Time | Owner | Description | 205 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 206 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 207 | | Agenda | Companion Guide Updates | 10 min | @andorsk | IIW Updates: | 208 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 209 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 210 | | Slack Updates | Discussion Alignment | 10 min | @andorsk | | 211 | | Tags to Records | Discussion Alignment | 10 min | @liran | | 212 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 213 | | Calls To Action | Closing | 5 min | @andorsk | | 214 | 215 | ### Notes: 216 | 217 | - Discussion: 218 | - Slack updates flooding discussions. 219 | - Liran: 220 | - Have it somewhere, but different place. 221 | - Move to separate channel. 222 | - Office hours on discord. 223 | - Add tags to records. 224 | - Index something by protocol path. 225 | - Full search of data is not really obtainable in a way in which we want. 226 | - @Alan: likes it 227 | - Tags: 228 | - What problem are they solving? 229 | - Use Case: Chat Application. Within app, within the data, you have a hashtag. Data portion. 230 | - Client: can tag hashtags 231 | - Go get met all the hashtags. 232 | - Andor: why not record as protocol? 233 | - How does it fit into protocols? 234 | - andor: 235 | - Protocols: further consideration. defined there? 236 | - Basic datastore. 237 | - Liran: Tweets: 238 | - You have a tweet under a protocol path. Allowed tweets. 239 | - A hashtag per. Record for each hashtag. Tweets. RecordsID. Message. 240 | - symbolic link in protocol. Some of that with protocol paths. 241 | - A have a #awesome life 242 | - Use case #1: #awesome <- all other tagged #awesome. 243 | -> bucket of #awesome 244 | /records/tags/#awesome 245 | /record/tags/ 246 | - Use case #2: Search for tag #awesome. 247 | - search metadata 248 | - andor: 249 | - question: what is the right pattern to enable the use case and preserve as much of the privacy/security/interoperability intent of a PDS (DWN)? 250 | - tags: include into the DWN. 251 | - Lazy search indexing. 252 | - Alan : Search is not relevant to Tags: 253 | - Liran: tags: ability to index data. 254 | - Help queries 255 | - Search different 256 | - Useful 257 | - Like to think about downsides more. 258 | - NOSTR similar 259 | 260 | ### Action Items 261 | - @andorsk to finish addressing https://github.com/decentralized-identity/decentralized-web-node/pull/257 262 | - Stawman for tags or a position. 263 | 264 | ### Decisions 265 | 266 | - Move dwn-sdk-js notifications to a separate channel. (reach out to Dan before implementing ) 267 | 268 | ## DIF Meeting November 1, 2023 269 | 270 | - [Recording](https://us02web.zoom.us/rec/share/QjmY5jWW-oxvrb9yXpmUNJKgw2tim_m7Q_BRBPmtkfvd22gs2D2DDWigW8vMw45w.119ygJMQfc9o7p4V) 271 | - Andor Kesselman 272 | - Alan Karp 273 | - Liarn 274 | - Dan 275 | 276 | 277 | | Item | Segment | Time | Owner | Description | 278 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 279 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 280 | | Agenda | Companion Guide Updates | 10 min | @andorsk | IIW Updates: | 281 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 282 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 283 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 284 | | Calls To Action | Closing | 5 min | @andorsk | | 285 | 286 | ### Notes: 287 | 288 | - Discussion: 289 | - Alan Karp: 290 | - Confused Deputy problem. 291 | - Dan: Implicit 292 | - Alan: Security risk 293 | - Example: 294 | - Alan: Only had read permission to Foo 295 | - Dan: RW permission to foo 296 | - Vulnerability: 297 | - Alan: You may want to say 298 | - Alan: when you do an invocation, use a capability 299 | - Can prove valid capability by evidence. 300 | - Dan: Always first fetch object that was there. 301 | - Cannot just interact with a protocol. 302 | - Alan: 303 | - Role cert: Delegate a specific permission to myself 304 | - Alan: 10 objects to a collection 305 | - Delegate to myself 306 | - Dan: What is that look like? 307 | - Anyone? 308 | - What is invocation of capability: 309 | - Assign role certificate 310 | - Block everyone inband 311 | - Role held by verifier. 312 | - Wrap around capability for object foo. 313 | - Without having certificate yourself, by proving your role. 314 | - Dan: what are the bytes. 315 | - Signing something that proves control of the did 316 | - Proof of delegation is valid. 317 | - Verifier: look at role and possible permissions 318 | - Alan: Vulenerability: on lookup 319 | - Invocation Today: 320 | - Prove some role 321 | - Separate cert: which object and permission 322 | - Andor: How to move forward? 323 | - Normative change: Verification changes 324 | - Role is proof of delegation 325 | - Capability creates a role. 326 | - When evaluating capabilities, force invoker but with specific action 327 | - Good explanation: https://w3c-ccg.github.io/zcap-spec/ 328 | - Delegate to a program on behalf. 329 | 330 | - Action Item: 331 | - [ ] Discuss on whether to add extra step to capabilities not roles. 332 | 333 | ## DIF Meeting October 18, 2023 334 | 335 | - [Recording](https://us02web.zoom.us/rec/share/Cff9d6GG1mefl4MGr9NPMDwxXn13siPfjXksh0yNcTFsa1HgIXEBDK39wO2Gsb4x.ly3q-TOKVWP9rdd9) 336 | - Andor Kesselman 337 | - Alan Karp 338 | 339 | Meeting agenda today is light. TBD team may not be available today and there has been no work happening since last two weeks. 340 | 341 | Request for more contributions. 342 | 343 | | Item | Segment | Time | Owner | Description | 344 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 345 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 346 | | Agenda | Companion Guide Updates | 10 min | @andorsk | IIW Updates: | 347 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 348 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 349 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 350 | | Calls To Action | Closing | 5 min | @andorsk | | 351 | 352 | ### Notes: 353 | 354 | Alan at IIW: 355 | - Lots of conversation about authorization 356 | - OPA 357 | - Different UI's for expressing policy 358 | 359 | Action Item: Add a few issues related to high priority changes. 360 | 361 | ## DIF Meeting October 4, 2023 362 | 363 | - [Recording](https://us02web.zoom.us/rec/share/gAo9DMy_qj6DAwQAqDoXNQ4ZgR0x3WBuJ41I35oXiDoJR2QDdMGOei5LfLi5qgm-.V0spqrHtEtuuNovh) 364 | - Andor Kesselman 365 | - Liran Cohen 366 | - Ajay Jadhav 367 | 368 | 369 | | Item | Segment | Time | Owner | Description | 370 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 371 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 372 | | Agenda | Companion Guide Updates | 10 min | @andorsk | | 373 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 374 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 375 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 376 | | Calls To Action | Closing | 5 min | @andorsk | | 377 | 378 | Action Item: Add a few issues related to high priority changes. 379 | 380 | ## DIF Meeting September 30, 2023 381 | 382 | - [Recording](https://us02web.zoom.us/rec/share/rmPIko5Nor-SSz2tHpMhKN9L76U_PRhFBUmeAFNzkJjMGp2lcrUSZBHvqXyKa-5O.GPM3lkx5W8JHPW9D) 383 | - Andor Kesselman 384 | - Liran Cohen 385 | - Alan Karp 386 | - Henry Tsai 387 | - 388 | 389 | | Item | Segment | Time | Owner | Description | 390 | |-----------------------|-------------------------|--------|----------|----------------------------------------------| 391 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 392 | | Agenda | Companion Guide Updates | 10 min | @andorsk | | 393 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 394 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 395 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 396 | | Calls To Action | Closing | 5 min | @andorsk | | 397 | 398 | ## DIF Meeting September 16, 2023 399 | 400 | - [Recording](https://us02web.zoom.us/rec/share/rmPIko5Nor-SSz2tHpMhKN9L76U_PRhFBUmeAFNzkJjMGp2lcrUSZBHvqXyKa-5O.GPM3lkx5W8JHPW9D) 401 | - Andor Kesselman 402 | - Liran Cohen 403 | - Alan Karp 404 | 405 | | Item | Segment | Time | Owner | Description | 406 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 407 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 408 | | Agenda | Companion Guide Updates | 10 min | @andorsk || 409 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 410 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 411 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 412 | | Calls To Action | Closing | 5 min | @andorsk | | 413 | 414 | ## DIF Meeting Aug 23, 2023 415 | 416 | - [Recording]() 417 | - Andor Kesselman 418 | - Liran Cohen 419 | - Alan Karp 420 | 421 | | Item | Segment | Time | Owner | Description | 422 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 423 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 424 | | Agenda | Companion Guide Updates | 10 min | @andorsk || 425 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 426 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 427 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 428 | | Calls To Action | Closing | 5 min | @andorsk | | 429 | ### Issues Diccussed: 430 | 431 | 432 | 433 | ## DIF Meeting Aug 9, 2023 434 | 435 | - [Recording]() 436 | - Andor Kesselman 437 | - Liran Cohen 438 | - Dan Buchner 439 | - Alan Karp 440 | 441 | | Item | Segment | Time | Owner | Description | 442 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 443 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 444 | | Agenda | Companion Guide Updates | 10 min | @andorsk || 445 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 446 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | | 447 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 448 | | Calls To Action | Closing | 5 min | @andorsk | | 449 | ### Issues Diccussed: 450 | 451 | 452 | 453 | 454 | ## DIF Meeting July 26, 2023 455 | 456 | [Recording](https://us02web.zoom.us/rec/share/Ru-733Ay07GGp4ezra82DFgj8Z9lOP_5Esv5yC6JWUBABxnLL954lHU0GgQMsgk.UypvAnC55W7ai0ML) 457 | 458 | - Andor Kesselman 459 | - Liran Cohen 460 | - Moises Jaramillo 461 | - Alan Karp 462 | - Dan Bucher 463 | 464 | | Item | Segment | Time | Owner | Description | 465 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 466 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 467 | | Agenda | Companion Guide Updates | 10 min | @andorsk || 468 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 469 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Review PR 250, 252, and 253 | 470 | | Issue Alignment | Issue Alignment | 10 min | @liran | | 471 | | Calls To Action | Closing | 5 min | @andorsk | | 472 | ### Issues Diccussed: 473 | 474 | 475 | ## DIF Meeting July 12, 2023 476 | 477 | * [Recording](https://us02web.zoom.us/rec/share/abvaO-V7lvTT0NZhcb6PFdQKVbc3O41S4GfgxkLDz92SkDFccvhB2qDElGA5SdfJ.wpr79nv0ANt2j-d4) 478 | 479 | - Ian Preston 480 | - Dan Buchner 481 | - Andor Kesselman 482 | - Alan Karp 483 | - Liran Cohen 484 | 485 | 486 | | Item | Segment | Time | Owner | Description | 487 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 488 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 489 | | Agenda | Companion Guide Updates | 10 min | @andorsk || 490 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 491 | | [Peergos Discussion]() | Updates | 10 min | @ian | | 492 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 493 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 494 | | Calls To Action | Closing | 5 min | @andorsk | | 495 | ### Issues Diccussed: 496 | 497 | ### Notes: 498 | 499 | - Peergos Discussion: 500 | - 2013: 501 | - Before IPFS 502 | - Identity/Fine Grained Access Control/Encryption 503 | - Global Access Control File System 504 | - Grant: Read|Write access to individual files or folders 505 | - Conventional login (username + password). Key derivation is from there. 506 | - Hide metadata 507 | - Server can't tell if blob is directory of file 508 | - Technical Difficult: 509 | - Don't want to depend on DNS 510 | - 2018: Decided HTTP over P2P Streams 511 | - Peergos Implementation: 512 | - Peergos 513 | - Question: Alan 514 | - Correlation Inference? 515 | - Don't consider server based timing attacks are not in scope. 516 | - Liran: Identity Portion: 517 | - Node identity 518 | - User identity <- least happy with PKI global append only log signed statements of username. Add people by username over UX. Considering removing PKI entirely. 519 | - Question: Capability based. 520 | - Everthing split into writing subspaces. 521 | - KP Control 522 | - W/e Changes you write are atomic. 523 | - Sandbox application. 524 | - Not sure if it makes sense in Peergos 525 | - Dan: 526 | - How can apps expose public information in public way? Champs. Maps to encrypted blobs.Keep capability of Champ in sync with real data. Look up and do traversal. Web interface. Can publish a website. Can view in any gateway. 527 | - Henry: 528 | - Were there challenges around encryption, e.g. 529 | 1. Sharing keys to friends/external participants 530 | 2. Key rolling 531 | - Cryptree 532 | - Voila <- 2008 533 | - Care alot about being post quantum. 534 | - Grant a read capability is basically sharing a key. 535 | - Expensive: Revoke write access, rotate all the keys. 536 | - Sharing capabilities: each person has an inbox. Public encryption key. People write to that to share capabilities. 537 | - How many? 538 | - 10 Self Hosters 539 | 540 | ### Issues Discussed: 541 | 542 | - [Requiring fine-grained capabilities #142 543 | ](https://github.com/decentralized-identity/decentralized-web-node/issues/142) To revisit after Spec alignment. Milestone 1. 544 | - [Revocation Subtleties #138 545 | ](https://github.com/decentralized-identity/decentralized-web-node/issues/138) - To revisit after spec alignment. Milestone 1. 546 | 547 | 548 | ## DIF Meeting June 28, 2023 549 | 550 | * [Recording]() 551 | 552 | - Alan Karp 553 | - Liran Cohen 554 | - Andor Kesselman 555 | - Henry Tsai 556 | - Drummond Reed 557 | 558 | | Item | Segment | Time | Owner | Description | 559 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 560 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 561 | | Agenda | Companion Guide Updates | 10 min | @andorsk | [Update peergos description in companion_guide #231](https://github.com/decentralized-identity/decentralized-web-node/pull/231) | 562 | | Peergos Discussion with Ian? | Companion Guide Updates | 5 min | | | 563 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 564 | | Agenda | Spec PR Review | 10 min | | | 565 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 566 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 567 | | Calls To Action | Closing | 5 min | @andorsk | | 568 | 569 | ### Issues Discussed: 570 | 571 | - [Requiring fine-grained capabilities #142 572 | ](https://github.com/decentralized-identity/decentralized-web-node/issues/142) To revisit after Spec alignment. Milestone 1. 573 | - [Revocation Subtleties #138 574 | ](https://github.com/decentralized-identity/decentralized-web-node/issues/138) - To revisit after spec alignment. Milestone 1. 575 | 576 | ## DIF Meeting June 14, 2023 577 | 578 | * [Recording](https://us02web.zoom.us/rec/share/Vjsy2TkDWy8TxBeBsXCp5ebw6tH2cFwm6OEVoKpK8tzXng6oxI0oC9MPHjm830xS.Z-fnRwAFjPBx2BP7) 579 | 580 | 581 | | Item | Segment | Time | Owner | Description | 582 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 583 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 584 | | Agenda | Companion Guide Updates | 10 min | @andorsk | [Update peergos description in companion_guide #231](https://github.com/decentralized-identity/decentralized-web-node/pull/231) | 585 | | Peergos Discussion | Companion Guide Updates | 10 min | | | 586 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | | 587 | | Agenda | Spec PR Review | 10 min | | | 588 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 589 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 590 | | Calls To Action | Closing | 5 min | @andorsk | | 591 | 592 | ### Issues Discussed: 593 | 594 | - https://github.com/decentralized-identity/decentralized-web-node/pull/228 : Dan to Look at 595 | - https://github.com/decentralized-identity/decentralized-web-node/issues/234 : Andor 596 | - https://github.com/decentralized-identity/decentralized-web-node/pull/231 : Going to see if we can get Ian to comment on this. @andorsk to draft a response. 597 | - https://github.com/decentralized-identity/decentralized-web-node/pull/233 598 | - Skipping Service Endpoint Section For Next Call 599 | Andor: add something about scalability in abstract 600 | TODO: Check status on spec 601 | - Section 8 and 9 will be re-written in the near future. 602 | - Alignment Issues: https://github.com/decentralized-identity/decentralized-web-node/issues?q=is%3Aissue+is%3Aopen+label%3A%22attr%3A+alignment-effort%22 603 | 604 | ## DIF Meeting May 31, 2023 605 | 606 | * [Recording](https://us02web.zoom.us/rec/share/UYcdp_7UO1ebQ4uFc84AnasAhSmW9Laxs1s2kVRgs48PLywyV12NqoyF800nHEV7.d0hxy8WiCovW8c_j) 607 | 608 | 609 | | Item | Segment | Time | Owner | Description | 610 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 611 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 612 | | Agenda | Companion Guide Updates | 10 min | @andorsk/Moises | [added dwn and peergos to the comparison guide #229](https://github.com/decentralized-identity/decentralized-web-node/pull/229)
[Local, Remote, and Relay Nodes. #225](https://github.com/decentralized-identity/decentralized-web-node/pull/225) | 613 | | [Ecosystem Updates]() | Updates | 10 min | @andorsk | protocols.preview.benri.io | 614 | | Agenda | Spec PR Review | 10 min | @csuwildcat | [update the Service Endpoint section of the spec #228](https://github.com/decentralized-identity/decentralized-web-node/pull/228)
[added JSON schemas for DWN specification #209](https://github.com/decentralized-identity/decentralized-web-node/pull/209) | 615 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 616 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 617 | | Calls To Action | Closing | 5 min | @andorsk | | 618 | 619 | ### Issues Discussed: 620 | 621 | - [Authorization layer should limit the amount of data permitted to be stored by a application #96](https://github.com/decentralized-identity/decentralized-web-node/issues/96) 622 | - [Add use cases link #83](https://github.com/decentralized-identity/decentralized-web-node/issues/83) 623 | - [Test Suite Design #213](https://github.com/decentralized-identity/decentralized-web-node/issues/213) 624 | - [Revocation Subtleties #138](https://github.com/decentralized-identity/decentralized-web-node/issues/138) 625 | - [Requiring fine-grained capabilities #142](https://github.com/decentralized-identity/decentralized-web-node/issues/142) 626 | - [as a developer, I can follow docs to run the reference implmentation, so I can test it out and then contribute improvements or passing test-suites #144](https://github.com/decentralized-identity/decentralized-web-node/issues/144) 627 | - [Support both folder based and schema based object storage #190](https://github.com/decentralized-identity/decentralized-web-node/issues/190) 628 | 629 | ## DIF Meeting May 17, 2023 630 | 631 | * [Recording](https://us02web.zoom.us/rec/share/BURjRNnQ2po6lULH-MCit-GrK-i7DIKa3z9Tdqn0TF9j3Usjj52ho2P6Ft5rxaI9.Emf4aY__Zwrbm79H) 632 | 633 | ### Attendees 634 | 635 | - Andor Kesselman @andorsk 636 | - Liran Cohen @lirancohen 637 | - Alan Karp 638 | - Ajay Jadhav 639 | - Kirill mee.foundation.developer 640 | - Drummond Reed 641 | 642 | ### Agenda 643 | 644 | | Item | Segment | Time | Owner | Description | 645 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 646 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 647 | | Agenda | Companion Guide Updates | 10 min | @andorsk/Moises | [added dwn and peergos to the comparison guide #229](https://github.com/decentralized-identity/decentralized-web-node/pull/229)
[Local, Remote, and Relay Nodes. #225](https://github.com/decentralized-identity/decentralized-web-node/pull/225) | 648 | | [TBD Updates]() | Updates | 10 min | @csuwildcat | | 649 | | Agenda | Spec PR Review | 10 min | @csuwildcat | [update the Service Endpoint section of the spec #228](https://github.com/decentralized-identity/decentralized-web-node/pull/228)
[added JSON schemas for DWN specification #209](https://github.com/decentralized-identity/decentralized-web-node/pull/209) | 650 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 651 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 652 | | Calls To Action | Closing | 5 min | @andorsk | | 653 | 654 | 655 | ## DIF Meeting May 3, 2023 656 | 657 | * [Recording](https://us02web.zoom.us/rec/share/hGruCrcoOs9FaNuryuQlCLTFIOONSNC98-BTCqg1uypG5kD9NY0lT4CQFRlxTO34.gBW6RZlFYRb_Nbf0) 658 | 659 | ### Attendees 660 | 661 | - Andor Kesselman @andorsk 662 | - Liran Cohen @liran 663 | - Dan Buchner @csuwildcat 664 | - @Moises Jaramillo 665 | - Paul Trevithick 666 | - Drummond Reed 667 | 668 | ### Agenda 669 | 670 | | Item | Segment | Time | Owner | Description | 671 | | ----------------------------------------- | ----------------------- | ------ | --------------- | ------------------------------------------------------------------------------- | 672 | | Intro | Intro | 5 min | @liran | Quick Intro. New Members. DIF IPR agreement. | 673 | | Agenda | Companion Guide Updates | 10 min | @andorsk/Moises | Merge https://github.com/decentralized-identity/decentralized-web-node/pull/226 | 674 | | [TBD Updates]() | Updates | 10 min | @csuwildcat | encryption support
sync this week. in testing.
biggest outstanding thing is permissions | 675 | | IIW Updates and Ecosystem Chat | Discussion | 20 min | @andorsk @liran @csuwildcat | 676 | | Permission Discussion | Discussion | 10 min | @csuwildcat | || 677 | | Spec Alignment | Spec Alignment | 10 min | @andorsk | Alignment | 678 | | Issue Alignment | Issue Alignment | 10 min | @liran | Alignment | 679 | | Calls To Action | Closing | 5 min | @andorsk | | 680 | 681 | ### Notes 682 | 683 | - Merged Companion Guide Updates - Comparison Matrix from Moises 684 | - Merged agenda 685 | - Permission Discussion: 686 | - DM Opens Start 687 | - What happens if you have your DM's open, you accrue some DM's and you want to turn that section off. 688 | - Discussion on sync and latency 689 | - Proposal: End of the week 690 | - Aligned: asap to align spec. 691 | - Flag section 692 | - Party at Bitcoin Conf: 693 | - 18th 6PM Miami time. 694 | 695 | ## DIF Meeting March 22, 2023 696 | 697 | Again this week we are overbooked with content. That's because we have a lot of cleanup to do! 698 | 699 | ### Attendees 700 | 701 | - Andor Kesselman @andorsk 702 | - Liran Cohen 703 | - Dan Buchner @csuwildcat 704 | 705 | ## DIF Meeting March 22, 2023 706 | * [Recording](https://us02web.zoom.us/rec/share/SW5VZtYayd21HDKOQcGcPJJRsSvvwzHCcrxfJXm55iK94QoZ4who5cnCdW47pYC9.vCyjDuKgDCLCXoxw) 707 | 708 | Again this week we are overbooked with content. That's because we have a lot of cleanup to do! 709 | 710 | ### Attendees 711 | 712 | - Andor Kesselman @andorsk 713 | - Liran Cohen 714 | - Dan Buchner @csuwildcat 715 | 716 | ### Agenda 717 | 718 | | Item | Segment | Time | Owner | Description | 719 | | ----- | ------- | ----- | -------- | -------------------------------------------- | 720 | | Intro | Intro | 5 min | @andorsk | Quick Intro. New Members. DIF IPR agreement. | 721 | | Spec Updates | Updates | 5 min | @liran |[Interface & Method Props](https://github.com/decentralized-identity/decentralized-web-node/commit/e964c28a3712b3873e041e614c2c5fb9c5878855) | 722 | | Companion Guide Updates | Updates | 5 min | @andorsk | - Tall Ted Comments on [#216](https://github.com/decentralized-identity/decentralized-web-node/pull/216) | 723 | | [TBD Updates]() | Updates | 10 min | @csuwildcat | - Close on the web5 sdk front. Will make working with the DWN much easier.
- Dan working on encryption prototype ETA couple weeks.
- Moe : Sync next week start.
- https://github.com/TBD54566975/web5-js
NOTE: alpha
https://codesandbox.io/p/sandbox/trusting-mountain-u91fjr?file=%2Fsrc%2Findex.mjs&selection=%5B%7B%22endColumn%22%3A40%2C%22endLineNumber%22%3A121%2C%22startColumn%22%3A40%2C%22startLineNumber%22%3A121%7D%5D | 724 | | PR Review | Maintenence | 5 min | @andorsk | - [#217](https://github.com/decentralized-identity/decentralized-web-node/pull/217)
- [#216](https://github.com/decentralized-identity/decentralized-web-node/pull/216)
- [#215](https://github.com/decentralized-identity/decentralized-web-node/pull/215) | 725 | | Milestones and Dates | Discussions | 10 min | @andorsk | [#214](https://github.com/decentralized-identity/decentralized-web-node/issues/214)| 726 | | TBD Alignment Updates | Discussions | 10 min | @csuwildcat | | 727 | | Add Technology Comparison Matrix to Companion Guide #212 | Discussions | 10 min | @moisesja | [#212](https://github.com/decentralized-identity/decentralized-web-node/issues/212) 728 | | Companion Guide Security Section | Discussions | 10 min | @andorsk | [#218](https://github.com/decentralized-identity/decentralized-web-node/issues/218) 729 | | Label Review and Tagging | Maintenence | 20 min | @liran |Go through each open issue and figure out strategy to close them| 730 | | Calls To Action | Closing | 5 min | @andorsk | | 731 | 732 | ### Notes 733 | 734 | - PR Review: Suggestion by @lirancohen: Bring up in meetings and give time until next meeting to approve/merge. 735 | - [Potential Encryption Scheme from Block](https://codesandbox.io/p/sandbox/trusting-mountain-u91fjr?file=%2Fsrc%2Findex.mjs&selection=%5B%7B%22endColumn%22%3A15%2C%22endLineNumber%22%3A121%2C%22startColumn%22%3A15%2C%22startLineNumber%22%3A121%7D%5D) 736 | - Mid-April Jukebox App - Play music from DWN Nodes.Trying to bend the model of how it differs from NOSTR. 737 | - Dan: April 5 : Austin Texas TBD building docs. Open to meeting and getting some contributions. 738 | - [Milestone 1: August](https://github.com/decentralized-identity/decentralized-web-node/milestone/1) 739 | 740 | Suggestion For Next Meeting: 741 | 742 | - Get consensus for get together next meeting @ Austin. 743 | 744 | 745 | #### Action Items 746 | - [ ] Find a cryptographer to look at the encryption scheme for DWN. @lirancohen will ask around. @andorsk as well. 747 | - [ ] Call next week : Spec walkthrough. Henry to run through the spec and update it to the current state of the sdk. 748 | 749 | ## DIF Meeting March 8, 2023 750 | 751 | * [Recording](https://us02web.zoom.us/rec/share/SzX33iVda2e-fHTA59kBo1HcxOdC_jKEpPK2AbudkJd6rSs1VyB_jcmukmgGPCI3.UXhKc_QMpnSSUqDV) 752 | 753 | ### Attendees 754 | 755 | - Andor Kesselman @andorsk 756 | - Dan Buchner @csuwildcat 757 | - Kaliya 758 | - Clare Nelson (DIF) 759 | - Liran Cohen 760 | - Moises Jaramillo 761 | - Paul Trevithick 762 | - Reuben 763 | - Steve 764 | - Sergey Kucherenko 765 | - Kirill Khalitov 766 | 767 | ### Agenda 768 | 769 | Note: We are over-booked today in terms of content! Currently at 105 minutes, we 770 | will have to figure out ways to shave or push off some of these conversations. 771 | 772 | | Item | Segment | Time | Owner | Description | 773 | | ------------------------------------------------------------------------------------------------------ | ----------- | ------- | ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 774 | | Co-Chair Updates. Nominate Liran as Co-Chair. | Intro | 5 min | @andorsk @liran | Kaliya to follow up | 775 | | Spec Updates | Updates | 5 min | @andorsk | No updates to the specs | 776 | | Companion Guide Updates | Updates | 10 min | @andorsk @moises | - [Questions on AMA](https://github.com/decentralized-identity/decentralized-web-node/pull/216)
- [Comparision Matrix (Moises)](https://github.com/decentralized-identity/decentralized-web-node/issues/212)
: List of comparables, SOLID PODS, KERI, | 777 | | [TBD Updates]() | Updates | 10 min | @csuwildcat | - MessageStore Refactoring
- Add participants actor to Protocol rules #242
| 778 | | [Issue 210](https://github.com/decentralized-identity/decentralized-web-node/issues/210) | Maintenance | 5 min | @csuwildcat | | 779 | | [Issue 208](https://github.com/decentralized-identity/decentralized-web-node/issues/208) | Maintenance | 5 min | @csuwildcat | | 780 | | [Issue 207](https://github.com/decentralized-identity/decentralized-web-node/issues/207) | Maintenance | 5 min | @andorsk | | 781 | | Tagging and Milestones | Discussion | 10 min | @andorsk | | 782 | | Specification Updates Discussion | Discussion | 5 min | @andorsk | Alignment on DWN-SDK vs. spec. TODO: Code spec review. @andor to set an issue. | 783 | | [Milestones and Dates](https://github.com/decentralized-identity/decentralized-web-node/issues/214) | Discussion | 20 min. | @andorsk | Better clarity on milestones and dates | 784 | | [Schema PR](https://github.com/decentralized-identity/decentralized-web-node/pull/209) | Discussion | 10 min. | @andorsk | Schemas for objects in DWN | 785 | | [Test Suite Conversation](https://github.com/decentralized-identity/decentralized-web-node/issues/213) | Discussion | 10 min. | @andorsk | Questions around test suite | 786 | | Encryption Brainstorming | Discussion | 10 min | @csuwildcat | | 787 | | Calls To Action | Closing | 5 min | @andorsk | | 788 | 789 | ### Notes 790 | 791 | * Expanded Query Support: 792 | * Making the use of DWNs easier. 793 | * https://github.com/TBD54566975/web5-js 794 | * Rollup of everything. DID Support. Not instantiation. 795 | * Easier to interface 796 | * Q: SDK up to date with the spec? A: Yes, but sync spec text to add 797 | @Clare: to look onto documentation on how to milestone this. 798 | * Encryption Discussion: 799 | * Dan: Cryptree 800 | * Drummond: ToIP TSP interested in how all these components interlock. Question about EDV encryption. 801 | * Q: There is a diagram at the very top of the standard draft and it mentions that each DWN is also a relay server. Do you consider any modifications where the relay server is not self-hosted but is an external service? @andorsk to add onto the companion guide with an answer. 802 | Paul: To help expand on the use case section. 803 | - Andor Q: Protocol repository at DIF? Liran: not sure. Drummond: nomenclature issue. Protocol as a term is hard term in the larger ecosystem. Must distinguish between Protocol. Paul: Agrees. Discusses **meta-protocol**. Dan: agrees with putting in the repo. Clare: **IPR to consider** 804 | ```mermaid 805 | graph TD 806 | MetaProtocol[Meta Protocol] 807 | BaseProtocol[Base Protocol] 808 | MetaProtocol --> BaseProtocol 809 | ``` 810 | 811 | 812 | ## DIF Meeting February 22, 2023 813 | * [Recording](https://us02web.zoom.us/rec/share/IL6w4JnvQUJC_qgXYmfPphrTHs2zWmVeGAo2RjuQ4-rTH7yRLpIeAwNS3SDBklYX.1UpamO7QSnkdx-8f) 814 | ### Attendees 815 | 816 | - Andor Kesselman @andorsk 817 | - Dan Buchner @csuwildcat 818 | - kaliya 819 | - Liran Cohen 820 | - Ajay Jadhav 821 | - Drummond Reed @talltree 822 | - Sergey Kucherenko 823 | - Clare Nelson 824 | - Paul Trevithick 825 | 826 | ### Agenda 827 | 828 | | Item | Time | Owner | Description | 829 | | ------------------------------------ | ------ | -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 830 | | **Co-Chair Intro and Co-Chair Call** | 5 min | @andorsk | Intro, meeting notes, and discuss [efforts to find a co-chair](https://hackmd.io/@andorsk/H16_4_w6j/edit) | 831 | | **Office Hours Announcement** | 5 min | @csuwildcat | Mention DWN office hours happening on the TBD discord channel | 832 | | **New Issues/PRs** | 15 min | @andorsk @csuwildcat | Discuss the following issues:
[#208](https://github.com/decentralized-identity/decentralized-web-node/issues)
[#207](https://github.com/decentralized-identity/decentralized-web-node/issues/207) | 833 | | **TBD Updates** | 15 min | @csuwildcat | Any updates from Dan/TBD related to new work/open repos.
**SDK Updates**
- DWN Aggregator
Bump to [0.0.22](https://github.com/TBD54566975/dwn-sdk-js/commit/576fda4858423b6ea80209997865d7470c811525)
- [#231 introduced DataStore as a peer interface to MessageStore #233](<[asdf](https://github.com/TBD54566975/dwn-sdk-js/commit/576fda4858423b6ea80209997865d7470c811525)>)
**Tool Updates**
- DWN Aggregator
- Music App? | 834 | | **Open PR: Discussion #206** | 15 min | @andorsk | [#206](https://github.com/decentralized-identity/decentralized-web-node/pull/206). Discuss overview and Q&A section. | 835 | | **Calls to Action** | 5 min | @andorsk | Note calls to action | 836 | 837 | ### Notes 838 | 839 | Question from Paul: why store in electron? Dan: can store keys 1:1 way 840 | 841 | ### Calls to Action 842 | 843 | - [ ] Co-chair @kaliya posted a list 844 | - [ ] Note your questions in Github! Highly upvoted questions will make their way over to companion guide. 845 | - [ ] Alex offerred to spin up a possible video to help people get started. 846 | - [ ] Suggestion: Guest blog on DIF. Introduction and call to action. 847 | - [ ] @andorsk to merge PR 206 in. 848 | -------------------------------------------------------------------------------- /docs/companion_guide.md: -------------------------------------------------------------------------------- 1 | # Decentralized Web Node Companion Guide 2 | 3 | ======== 4 | 5 | **Status:** Draft 6 | 7 | **Latest Draft:** 8 | [identity.foundation/decentralized-web-node/guide](https://identity.foundation/decentralized-web-node/guide) 9 | 10 | 11 | **Chairs** 12 | - [Andor Kesselman](https://www.linkedin.com/in/andorsk/) 13 | - [Liran Cohen](https://www.linkedin.com/in/itsliran/) 14 | 15 | **Editors:** 16 | - [Daniel Buchner](https://www.linkedin.com/in/dbuchner/) (Block) 17 | 18 | **Contributors:** 19 | - [Moises Jaramillo](https://www.linkedin.com/in/moisesjaramillo/) 20 | - [Shobhit Srivastava](https://www.linkedin.com/in/sinisterlight/) 21 | 22 | **Participate:** 23 | - [GitHub repo](https://github.com/decentralized-identity/decentralized-web-node) 24 | - [File a bug](https://github.com/decentralized-identity/decentralized-web-node/issues) 25 | - [Commit history](https://github.com/decentralized-identity/decentralized-web-node/commits/main/docs/companion_guide.md) 26 | 27 | ------------------------------------ 28 | 29 | **Note: This document is a WORKING DOCUMENT and IN PROGRESS.** 30 | 31 | 33 | 34 | **Table of Contents** 35 | 36 | - [Decentralized Web Node Companion Guide 37 | (DWN)](#decentralized-web-node-companion-guide-dwn) 38 | - [Overview ](#overview-chatgpt) 39 | - [What Are Decentralized Web Nodes? 40 | ](#what-are-decentralized-web-nodes-chatgpt) 41 | - [Target Audience ](#target-audience-chatgpt) 42 | - [Scope ](#scope-chatgpt) 43 | - [Disclaimer](#disclaimer) 44 | - [Terminology ](#terminology-chatgpt) 45 | - [Technology Comparision](#technology-comparision) 46 | - [Architecture and Components 47 | ](#architecture-and-components-chatgpt) 48 | - [Node Discovery and Peer-to-Peer Networking 49 | ](#node-discovery-and-peer-to-peer-networking-chatgpt) 50 | - [Data Sharing and Interoperability 51 | ](#data-sharing-and-interoperability-chatgpt) 52 | - [Security and Privacy ](#security-and-privacy-chatgpt) 53 | - [Testing and Debugging ](#testing-and-debugging-chatgpt) 54 | - [Deployment and Operations ](#deployment-and-operations-chatgpt) 55 | - - [Local, Remote Nodes, and Relays](#local-remote-nodes-and-relays) 56 | - [Example Deployment (Simple)](#example-deployment-simple) 57 | - [Example Deployment (Complex)](#example-deployment-complex) 58 | - [Miscellaneous](#miscellaneous) 59 | - [Example Use Cases](#example-use-cases) 60 | - [Real World Applications](#real-world-applications) 61 | - [DWN Adoption](#dwn-adoption) 62 | - [Ecosystem interplay](#ecosystem-interplay) 63 | - [Limitations and Other 64 | Considerations](#limitations-and-other-considerations) 65 | - [Q&A](#qa) 66 | - [Reference Implementations](#reference-implementations) 67 | 68 | 69 | 70 | ## Overview 71 | 72 | The Decentralized Web Node (DWN) companion guide is a non-normative guide that 73 | provides an overview of the functional requirements and design processes for 74 | implementing the DWN specification developed by the Decentralized Identity 75 | Foundation (DIF). This guide is intended to be used by developers, architects, 76 | and solution providers who are interested in building decentralized web 77 | applications and services that conform to the DWN specification. 78 | 79 | This companion guide is not a [formal 80 | specification](https://identity.foundation/decentralized-web-node/spec/), but 81 | rather a practical resource that provides guidance on implementing the DWN 82 | specification in a way that promotes best practices and ensures interoperability 83 | with other decentralized web nodes. The guide covers a range of topics, 84 | including functional requirements, design considerations, and best practices for 85 | building and deploying decentralized web nodes. 86 | 87 | The contents of this companion guide include: 88 | 89 | - An overview of the DWN specification, including its purpose, scope, and key 90 | features. 91 | - Functional requirements for implementing the DWN specification, including node 92 | discovery, peer-to-peer networking, and data sharing protocols. 93 | - Design considerations for building decentralized web nodes that conform to the 94 | DWN specification, including the use of decentralized storage systems like 95 | IPFS, and cryptographic protocols for secure data sharing and verification. 96 | - Best practices for building and deploying decentralized web nodes, including 97 | strategies for testing, debugging, and monitoring. 98 | 99 | This companion guide is intended to supplement the [formal DWN 100 | specification](https://identity.foundation/decentralized-web-node/spec/) 101 | developed by the DIF. By providing practical guidance on implementing the 102 | specification, this guide can help developers, architects, and solution 103 | providers to build decentralized web applications and services that promote 104 | greater privacy, security, and user control over their data. 105 | 106 | Overall, the Decentralized Web Node companion guide is a valuable resource for 107 | anyone who is interested in building decentralized web nodes that conform to the 108 | DWN specification. 109 | 110 | **STATUS:** PRE-DRAFT / IN PROGRESS 111 | 112 | ### What Are Decentralized Web Nodes? 113 | 114 | The DWN specification is a set of standards for building and deploying 115 | decentralized web nodes, which are the building blocks of a decentralized web 116 | infrastructure. 117 | 118 | The DWN specification defines a set of protocols and APIs that enable 119 | decentralized web nodes to communicate and work together in a secure and 120 | interoperable way. This includes standards for data sharing, node discovery, and 121 | peer-to-peer networking. 122 | 123 | The DWN specification is designed to enable developers to build decentralized 124 | web applications and services that can operate independently of centralized 125 | infrastructure. This can help to improve the privacy, security, and resilience 126 | of the web, while also promoting greater user control over their data. 127 | 128 | The functional advantages of DWN's are that they are very good at scaling 129 | decentralized web apps. They enable multi-party data transactions with minimal 130 | overhead. 131 | 132 | Overall, the DWN specification is an important part of the DIF's work to promote 133 | the development of decentralized web technologies and standards. By providing a 134 | clear set of guidelines and best practices for building and deploying 135 | decentralized web nodes, the DWN specification can help to accelerate the 136 | adoption of a more decentralized and open web. 137 | 138 | ## Target Audience 139 | 140 | This target audience for this document are those that have a strong technical 141 | background and experience in building web applications, as well as a good 142 | understanding of decentralized systems and protocols. They may also have 143 | experience with blockchain technologies, distributed computing, and peer-to-peer 144 | networking. 145 | 146 | Developers who intend to implement the DWN specification will need to have a 147 | good understanding of the protocols and APIs defined in the specification, as 148 | well as the underlying technologies that support it. This may include 149 | familiarity with decentralized storage systems like IPFS, as well as 150 | cryptographic protocols for secure data sharing and verification. This guide is 151 | intended to provide descriptive and functional color around some of the more 152 | formal specifications provided by the core specs. 153 | 154 | Architects and solution providers will also need to have a good understanding of 155 | the broader decentralized web ecosystem, including emerging standards and best 156 | practices. This can help to inform the design of decentralized web applications 157 | and services that are secure, scalable, and interoperable. 158 | 159 | Overall, the target audience for the DWN companion guide is a technical 160 | community that is committed to building a more decentralized and open web. By 161 | leveraging the DWN specification, developers, architects, and solution providers 162 | can help to accelerate the adoption of decentralized web technologies, and 163 | promote greater privacy, security, and user control over their data. 164 | 165 | ## Scope 166 | 167 | This non-normative guide is intended to provide an overview of the functional 168 | requirements and design processes for implementing the Decentralized Web Node 169 | (DWN) specification developed by the Decentralized Identity Foundation (DIF). 170 | This guide is intended to be used by developers, architects, and solution 171 | providers who are interested in building decentralized web applications and 172 | services that conform to the DWN specification. 173 | 174 | The guide covers the following topics: 175 | 176 | - An overview of the DWN specification, including its purpose, scope, and key 177 | features. 178 | - Functional requirements for implementing the DWN specification, including node 179 | discovery, peer-to-peer networking, and data sharing protocols. 180 | - Design considerations for building decentralized web nodes that conform to the 181 | DWN specification, including the use of decentralized storage systems like 182 | IPFS, and cryptographic protocols for secure data sharing and verification. 183 | - Bestpractices for building and deploying decentralized web nodes, including 184 | strategies for testing, debugging, and monitoring. 185 | 186 | This guide is intended to be a non-normative companion to the formal DWN 187 | specification developed by the DIF. While it is not a formal specification, this 188 | guide is intended to provide practical guidance for implementing the DWN 189 | specification in a way that promotes best practices and ensures interoperability 190 | with other decentralized web nodes. 191 | 192 | Overall, the scope of this non-normative guide is to provide developers, 193 | architects, and solution providers with a clear and practical overview of the 194 | functional requirements and design processes for implementing the DWN 195 | specification developed by the DIF. 196 | 197 | ## Disclaimer 198 | 199 | This Decentralized Web Node (DWN) companion guide is a non-normative resource 200 | that is intended to provide practical guidance on implementing the DWN 201 | specification developed by the Decentralized Identity Foundation (DIF). This 202 | guide is not a formal specification, and as such, it is not intended to replace 203 | or supersede the DWN specification. 204 | 205 | The contents of this guide are based on the opinions and experiences of the 206 | authors, and are not necessarily endorsed by the DIF or any other organization. 207 | The guide is intended to be opinionated in the sense that it represents a 208 | particular perspective on how best to implement the DWN specification, based on 209 | the authors' experiences and insights. 210 | 211 | Readers are encouraged to use their own judgment and discretion when 212 | implementing the DWN specification, and to consider a range of approaches and 213 | best practices. This companion guide is not intended to be prescriptive or 214 | comprehensive, and readers are encouraged to consult other resources and experts 215 | in the field to inform their decisions. 216 | 217 | Overall, this companion guide is intended to provide a helpful resource for 218 | those interested in implementing the DWN specification, but it should be 219 | understood that the opinions and recommendations expressed in this guide are not 220 | the only or definitive way to approach decentralized web node design and 221 | implementation 222 | 223 | ## Terminology 224 | 225 | The Terminology section of the Decentralized Web Node (DWN) companion guide is 226 | intended to provide a comprehensive and accessible reference for the key terms 227 | and concepts related to the DWN specification. This section aims to define 228 | important technical terms and concepts in a clear and concise manner, and to 229 | provide examples and illustrations where appropriate. The Terminology section is 230 | designed to be a useful resource for developers, architects, and solution 231 | providers who are new to the world of decentralized web technologies, as well as 232 | for those who are more experienced and looking for a refresher or clarification 233 | on certain terms and concepts. 234 | 235 | - **IPFS** :: A protocol, hypermedia and file sharing peer-to-peer network for 236 | storing and sharing data in a distributed file system. 237 | - **DWN** :: A data storage and message relay mechanism entities can use to 238 | locate public or private permissioned data related to a given Decentralized 239 | Identifier (DID). 240 | - **DID** :: Decentralized identifiers (DIDs) are a type of globally unique 241 | identifier that enables an entity to be identified in a manner that is 242 | verifiable, persistent (as long as the DID controller desires), and does not 243 | require the use of a centralized registry. 244 | - **[DAG 245 | CBOR](https://github.com/ipld/specs/blob/master/block-layer/codecs/dag-cbor.md)** 246 | :: DAG-CBOR is a codec that implements the IPLD Data Model as a subset of 247 | CBOR, plus some additional constraints for hash consistent representations. 248 | - **Requests Objects** :: Request Objects are JSON object envelopes used to pass 249 | messages to Decentralized Web Nodes. 250 | - **Collection** :: An interface of Decentralized Web Nodes provides a mechanism 251 | to store data relative to shared schemas. 252 | - **Protocol** :: Protocols introduces a mechanism for declaratively encoding an 253 | app or service’s underlying protocol rules, including segmentation of records, 254 | relationships between records, data-level requirements, and constraints on how 255 | participants interact with a protocol 256 | - **Hook** :: Web Hooks are one-way pushes of data to subscribed entities. 257 | - **[IANA Media 258 | Type](https://www.iana.org/assignments/media-types/media-types.xhtml)** :: A 259 | two-part identifier for file formats and format contents transmitted on the 260 | Internet aka MIME type. 261 | - **JSON Web Signature ( JWS )** :: Content secured with digital signatures or 262 | Message Authentication Codes (MACs) using JSON-based data structures 263 | - **Content Identifier (CID)** :: A label used to point to material in IPFS 264 | - **Message** :: All Decentralized Web Node messaging is transacted via Messages 265 | JSON objects. These objects contain message execution parameters, 266 | authorization material, authorization signatures, and signing/encryption 267 | information 268 | 269 | ## Technology Comparision 270 | 271 | There has been so much rapid development of Decentralized Storage technologies 272 | that it’s important to highlight the common aspects, and the differences with 273 | the goal of matching their unique features with the Use Case at hand. 274 | 275 | We will use the term “Personal and Application Data Storage” to denote the 276 | compared technologies whether they are a stack, libraries, protocols, or 277 | frameworks. 278 | 279 | This is by no means a comprehensive comparison, and we did not test these 280 | technologies at scale. 281 | 282 | ### Technologies that are not Personal Data Stores 283 | 284 | 285 | #### **DIDComm** — https://didcomm.org/ 286 | 287 | A DID-based, secured, transport-agnostic, peer-to-peer communications protocol. 288 | It lays the foundation to build domain/vertical/application specific protocols. 289 | 290 | #### **KERI** — https://keri.one/ 291 | 292 | Enables the portability of Self-Sovereign Identities by eliminating the need 293 | for a ledger to establish a root of trust. 294 | 295 | #### **Nostr** — https://nostr.com/ 296 | 297 | Nostr has gained some popularity as an open protocol that offers a censorship-resistant 298 | alternative to Twitter. It relies on relay servers that accept and store posts. 299 | A client or Dapp signs messages with the user’s private key and posts messages 300 | to as many relay servers as possible in order to keep the user’s content from 301 | being banned. 302 | Relay servers do not communicate with each other; thus the responsibility of 303 | replication is delegated to the Client application. 304 | Users are identified by their public key. That is, every post that is signed 305 | can be cryptographically verified. 306 | 307 | ### Decentralized Storages that are not intrinsically Personal Data Stores 308 | 309 | #### **ChainSafe Storage** — https://storage.chainsafe.io/ 310 | 311 | ChainSafe is an end-to-end, file-encrypting storage application. It persists 312 | symmetric-encrypted information on the IPFS/FileCoin network. 313 | It is meant to transition traditional Web 2.0 integrations with AWS S3 buckets 314 | to Web 3.0. 315 | 316 | #### **Fleek** — https://docs.fleek.co/ 317 | 318 | Fleek is a multi-purpose set of technologies that allow Dapp Developers to host 319 | web applications on IPFS/FileCoin. It also provides general IPFS/FileCoin 320 | storage management. It is geared toward builders rather than individuals. 321 | Fleek offers Space and Space Daemon which are intended for building Privacy preserving 322 | Dapps. It is currently in Alpha. 323 | 324 | #### **Protocol Labs IPFS, FileCoin, FVM** — https://fvm.filecoin.io/ 325 | 326 | IPFS is without a doubt the most successful storage protocol that decouples 327 | data from well-known servers, cloud storage, or any type of centralized storage. 328 | This is accomplished using Content Addressing (CID) and the segmenting of data 329 | in Direct Acyclic Graphs. In IPFS, the location of the data is its CID. 330 | FileCoin runs on top of IPFS and offers an incentive-based model for cold 331 | storage so that any entity that wants to profit from offering hardware 332 | resources may easily do so. 333 | 334 | The biggest drawback with IPFS/FileCoin is that once a rogue party has a hold 335 | of CIDs, the corresponding data is fully accessible. This paradigm forces 336 | client processes to encrypt data prior to storing it. Until now… 337 | 338 | Protocol Labs has now released the FileCoin Virtual Machine (FVM) network, an 339 | Ethereum-compatible VM. This means that Solidity developers can also develop in 340 | the new FVM. 341 | 342 | This technology offers the basic L1 plumbing that unleashes the potential for a 343 | new open data economy. In essence, this works as a decentralized operating system 344 | that orchestrates how data is persisted, retrieved, and governed. 345 | One of the basic features is the ability to bring computation to decentralized 346 | data. This means that L2 Compute Networks can encrypt and decrypt sensitive 347 | information, act as a gatekeeper, and offer the same features as the various 348 | Personal Data Stores discussed herein. 349 | 350 | It is worth mentioning that FVM uses WebAssembly as the bytecode for Smart 351 | Contracts. This means that any program that can be compiled into WebAssembly 352 | can be used for on-chain development. 353 | 354 | One of the most powerful features of these FVM smart contracts is the 355 | ability to define rules for data to obey, most importantly region and location 356 | for the storage of that data. This is important in order to remain 357 | compliant with regulations such as GDPR; e.g., data about EU citizens must remain 358 | within the borders of the European Community. 359 | 360 | FVM Consensus is achieved using their Interplanetary Consensus, and it is 361 | estimated that FVM will be able to handle transactions in the realm of one 362 | billion transactions per second (tps). 363 | 364 | ### Personal Data Stores 365 | 366 | | Solid Storage | https://solidproject.org/ | 367 | | -------------- | ---------------------------------------------------------- | 368 | | Description | A Solid Storage is a decentralised data store which affords agents controlled access to web resources. Applications conforming to the Solid Protocol can read or write (linked) data from one or more storages controlled by users or groups. | 369 | | Specification | The [Solid Protocol](https://solidproject.org/ED/protocol) is an open specification incubated by the [W3C Solid CG](https://www.w3.org/groups/cg/solid/), alongside other [technical reports](https://solidproject.org/TR/) focusing on authentication, authorization, notifications, data models, and application interoperability. | 370 | | Deployment | Solid servers and storage can be managed by organizations or self-hosted using any conforming implementation. Implemented in various programming languages such as Node.js, PHP, Rust, and Java. | 371 | | Identity | Agents are globally identified by a [WebID](https://www.w3.org/2005/Incubator/webid/spec/identity/), and described in a WebID Profile Document. The WebID comes in the form of an HTTP URI, and it allows the linking of many agents in a web of trust using vocabularies such as [Friend of a Friend](http://xmlns.com/foaf/0.1/). | 372 | | Authentication | [Solid-OIDC](https://solid.github.io/solid-oidc/) is one of the authentication mechanisms used in Solid, allowing users to authenticate themselves, where a server can act as an identity provider. | 373 | | Authorization | [Web Access Control](https://solid.github.io/web-access-control-spec/) (WAC) is one of the authorization mechanisms used in Solid providing a way for Linked Data systems to set authorization conditions on HTTP resources using the Access Control List (ACL) model. Authorizations are described using the [ACL ontology](http://www.w3.org/ns/auth/acl) to express and determine access privileges of a requested resource. | 374 | | Transport | HTTP/1.1 Methods such as `GET`, `HEAD`, `OPTIONS`, `PUT`, `POST`, `PATCH`, and `DELETE`. | 375 | | Schema / Data Representation | The Solid Protocol uses concrete RDF syntaxes and the N3 notation for data representation and discovery. Any kind of data and schema can be hosted in a Solid storage as with a typical HTTP server. Application and domain-specific data models and shapes are also used. | 376 | | Query Capabilities | Solid servers can provide querying capabilities using standard query languages such as [SPARQL](http://www.w3.org/TR/sparql11-overview/). | 377 | | License | [W3C Community Contributor License Agreement (CLA)](https://www.w3.org/community/about/agreements/cla/). All code snippets are in the public domain, [CC0](https://creativecommons.org/public-domain/cc0/). | 378 | 379 | 380 | | Ceramic and ComposeDB | https://ceramic.network/ | 381 | | ---------------------------- | -------------------------------------------- | 382 | | Description | Ceramic is a decentralized data network. Its foundations are laid on top of the Ceramic Event Driven Protocol. The infrastructure to build Personal Data Stores is offered by the Ceramic ComposeDB. ComposeDB replaces IDX and DID Data Store. | 383 | | Specification | Open Specification curated by Ceramic.Network | 384 | | Deployment | A ComposeDB instance is installed as part of Ceramic Node deployment. It can only be hosted in a Cloud environment. | 385 | | Identity | Decentralized Identifiers (DIDs) | 386 | | Authentication | Web3 Wallets and DID. | 387 | | Authorization | Object Capabilities | 388 | | Transport | GraphQL API over HTTP/1.1 | 389 | | Schema / Data Representation | API models are defined as GraphQL Schemas. The underlying data store uses graph nodes: Accounts and Documents. Relations are expressed as Edges. | 390 | | Query Capabilities | Partial GraphQL Queries. As of this writing, a query cannot be made against any data attributes. | 391 | | License | 392 | | [MIT](https://github.com/ceramicnetwork/js-ceramic/blob/develop/LICENSE-MIT) 393 | | and [Apache](https://github.com/ceramicnetwork/js-ceramic/blob/develop/LICENSE-APACHE) | 394 | 395 | 396 | | Atomic Data and Atomic Server | https://docs.atomicdata.dev/ | 397 | | ----------------------------- | ------------------------------------------- | 398 | | Description | Atomic offers a specification and a server to build JSON-LD for building privacy preserving applications. | 399 | | Specification | Open-Source Specification. The Atomic Server implementation in Rust is also open sourced. | 400 | | Deployment | It can be deployed in a Cloud environment or User-Hosted | 401 | | Identity | PKI | 402 | | Authentication | Json-AD Authentication Resource | 403 | | Authorization | Atomic Hierarchy Model | 404 | | Transport | WebSockets, HTTP 1/1 | 405 | | Schema / Data Representation | JSON-AD (JSON-Atomic Data). A variation of JSON-LD which supports the definition of schemas to provide type-safety. | 406 | | Query Capabilities | Atomic Paths, SPARQL | 407 | | License | [MIT](https://github.com/atomicdata-dev/atomic-server/blob/develop/LICENSE)| 408 | 409 | 410 | | Encrypted Data Vaults | https://identity.foundation/edv-spec/ | 411 | | --------------------- | --------------------------------------------------- | 412 | | Description | A specification with the goal of ensuring the privacy of an entity’s data by encrypting the data at rest | 413 | | Specification | Open-Source Specification incubated by DIF | 414 | | Deployment | [Pending] | 415 | | Identity | Support for various Identity models, DIDs being one such. | 416 | | Authentication | [Pending] | 417 | | Authorization | Authorization Capabilities | 418 | | Transport | HTTP 1/1, gRPC, Bluetooth | 419 | | Schema / Data Representation | [Pending] | 420 | | Query Capabilities | The goal is to provide Indexing and Querying capabilities. The working group is in the process of how deciding how this will be done. | 421 | | License | [Apache 2.0](https://github.com/decentralized-identity/edv-spec/blob/main/LICENSE.md)| 422 | 423 | 424 | | MyDex Personal Data Store | https://dev.mydex.org/connection-api/personal-data-store.html | 425 | | ------------------------- | ----------------------------------------------- | 426 | | Description | The MyDex Personal Data Store is a secure data vault residing in the cloud and hosted by MyDex Community Interest Company. An individual’s data is encrypted at rest using the individual’s key. MyDex does not have access to any key for decryption. | 427 | | Specification | Proprietary Specification | 428 | | Deployment | Offered as a SaaS solution | 429 | | Identity | MyDexID derived from PKI | 430 | | Authentication | SAML and OIDC | 431 | | Authorization | Proprietary Data Sharing Agreement | 432 | | Transport | REST over HTTP/1.1 | 433 | | Schema / Data Representation | JSON Formatted | 434 | | Query Capabilities | [Not found in documentation] | 435 | 436 | 437 | | The Hub of All Things | https://www.hubofallthings.com/ | 438 | | --------------------- | --------------------------------------------------- | 439 | | Description | The Hub of All Things is a service provided by DataSwift who developed the HAT Microserver, a personal web server and its accompanying PostgresQL database. A Hat Microserver segments data in namespaces, such that data from various verticals/domains/apps can live under the same instance. | 440 | | Specification | Proprietary Specification. HAT Microserver implementation in Scala is open sourced. | 441 | | Deployment | Offered as a SaaS solution | 442 | | Identity | HAT Universal ID | 443 | | Authentication | DataSwift One SSO | 444 | | Authorization | HAT Microserver Instructions Contract (HMIC) | 445 | | Transport | REST over HTTP 1.1 | 446 | | Schema / Data Representation | JSON Formatted | 447 | | Query Capabilities | [Not found in documentation] | 448 | 449 | 450 | | Peergos | https://https://peergos.org/ | 451 | | -------------- | ---------------------------------------------------------- | 452 | | Description | Peergos is a decentralised protocol and open-source platform for storage, social media and applications | 453 | | Specification | Open source [specification and implementations](https://book.peergos.org/architecture/spec.html) | 454 | | Deployment | Self Hosted or as a SaaS Multi-Tenant Service | 455 | | Identity | [PKI](https://book.peergos.org/security/pki.html) + [random keypairs](https://book.peergos.org/security/login.html) | 456 | | Authentication | Self-authenticated (signed and content addressed) & [S3 V4 Signatures for block level access control](https://book.peergos.org/security/bats.html)| 457 | | Authorization | [Cryptree](https://book.peergos.org/security/cryptree.html) based encryption and [Block access controls](https://book.peergos.org/security/bats.html) | 458 | | Transport | Transport agnostic. Apps have a local [HTTP RESTful API](https://book.peergos.org/features/apps.html) served from a ServiceWorker| 459 | | Schema / Data Representation | [DAG CBOR Encoded IPLD Objects and Raw Objects](https://book.peergos.org/security/bats.html). JSON Schema for app configuration. | 460 | | Query Capabilities | Peergos offers a RESTFul API with various capabilities described [here](https://book.peergos.org/features/apps.html). A few endpoints are directly specified. | 461 | | License | [GNU Affero General Public License v3.0](https://github.com/Peergos/Peergos/blob/master/Licence.txt)| 462 | 463 | 464 | | Decentralized Web Nodes | https://identity.foundation/decentralized-web-node/spec/ | 465 | | -------------- | ---------------------------------------------------------- | 466 | | Description | Decentralized Web Nodes are a mesh-like datastore construction that enable an entity to operate multiple nodes that sync to the same state across one another, enabling the owning entity to secure, manage, and transact their data with others without reliance on location or provider-specific infrastructure, interfaces, or routing mechanisms. | 467 | | Specification | [Open-Source Specification incubated by DIF](https://identity.foundation/decentralized-web-node/spec/) | 468 | | Deployment | Self Hosted or as a SaaS Multi-Tenant Service | 469 | | Identity | Decentralized Identifiers | 470 | | Authentication | DWN Aware Wallets / DID based | 471 | | Authorization | Permissions employ a capabilities-based architecture that allows for DID-based authorization and delegation of authorized capabilities to others. Derived key encryption with cryptree like encryption scheme. | 472 | | Transport | Transport Agnostic. Currently mostly implemented with HTTP. | 473 | | Schema / Data Representation | [Messages committed as IPLD DAG CBOR Encoded Object](https://identity.foundation/decentralized-web-node/spec/#signed-encrypted-data) with attached JSON Schema| 474 | | Query Capabilities | Protocols, Hooks, Records, Permissions | 475 | | License | | 476 | 477 | 478 | | WebNative Filesystem | https://github.com/wnfs-wg/spec | 479 | | -------------- | ---------------------------------------------------------- | 480 | | Description | The Web Native File System (WNFS) is a distributed file system. It is versioned, logged, programmable, has strong-yet-flexible security, and is fully controlled by the end user. Service providers can validate writes without reading the contents of the file system, and minimal metadata is leaked. | 481 | | Specification | [Open-Source Specification](https://github.com/wnfs-wg/spec) | 482 | | Deployment | Self Hosted or as a SaaS Multi-Tenant Service | 483 | | Identity | Decentralized Identifiers | 484 | | Authentication | Web3 Wallets and DIDs | 485 | | Authorization | Object Capabilities via UCANs | 486 | | Transport | IPFS | 487 | | Schema / Data Representation | Files | 488 | | Query Capabilities | Filesystem Like | 489 | | License | Apache 2.0 and MIT | 490 | 491 | 492 | ## Architecture and Components 493 | 494 | This section provides an overview of the high-level architecture of a DWN, 495 | including the different components that make up a typical DWN, such as the 496 | network layer, data storage layer, identity and access control layer, and the 497 | application layer. The section could also provide guidance on how to design and 498 | implement each of these components to conform to the DWN specification. 499 | 500 | ## Node Discovery and Peer-to-Peer Networking 501 | 502 | This section provides detailed guidance on how to implement the node discovery 503 | and peer-to-peer networking protocols that are required for a DWN to function 504 | properly. This section could cover topics such as how to bootstrap a new node 505 | onto the network, how to maintain a list of known nodes, how to discover and 506 | connect to new peers, and how to propagate data across the network. 507 | 508 | ## Data Sharing and Interoperability 509 | 510 | This section provides guidance on how to design and implement data sharing 511 | protocols that conform to the DWN specification, including the use of 512 | decentralized storage systems like IPFS and the InterPlanetary Linked Data 513 | (IPLD) format. This section could also cover strategies for promoting 514 | interoperability between different decentralized web nodes and data sharing 515 | protocols, such as the use of standardized data formats and metadata. 516 | 517 | ## Security and Privacy 518 | 519 | This section provides guidance on how to design and implement security and 520 | privacy features that conform to the DWN specification, including the use of 521 | cryptographic protocols like Public Key Infrastructure (PKI) and Self-Sovereign 522 | Identity (SSI) for secure data sharing and verification. This section could also 523 | cover best practices for securing DWN infrastructure and protecting user data 524 | against common attacks and threats. 525 | 526 | ## Testing and Debugging 527 | 528 | This section provides guidance on how to test and debug a DWN implementation, 529 | including strategies for testing individual components and the network as a 530 | whole, as well as tools and techniques for troubleshooting issues that may arise 531 | during development or deployment. 532 | 533 | ## Deployment and Operations 534 | 535 | This section provides guidance on how to deploy and operate a DWN implementation 536 | in a production environment, including best practices for scaling and managing a 537 | distributed network, as well as tools and techniques for monitoring and managing 538 | network performance and reliability. This section could also cover strategies 539 | for maintaining backward compatibility and promoting interoperability with other 540 | decentralized web nodes and protocols. 541 | 542 | ### Local Nodes, Remote Nodes, and Relays 543 | 544 | This section clarifies the role of a remote node, a local node, and a relay, with 545 | respect to a deployment. It is important to note that they are actually all the _same_ 546 | thing, in that each is actually a DWN with no feature differences across these deployment types, 547 | but in practice a local node may be used slightly differently than a remote node. 548 | 549 | This section clarifies the difference in use between local and remote nodes, and what it means for a 550 | DWN to be a "relay". 551 | 552 | - **Local Node:** This could be a person's phone, computer, or other device that is 553 | not expected to always be connected to the internet. For example, if Bob is 554 | traveling in the mountains, his phone may be out of range, and so not be a 555 | reliable device for services to connect to at scale. 556 | - **Remote Node:** Remote nodes are meant to be highly available and always 557 | reachable from other services. If Bob takes a trip to the mountains and Jane 558 | sends Bob a message, Jane would send the message to Bob's remote DWN, which 559 | is always available, rather than directly to his local DWN (his phone), which is out of 560 | range. This allows Bob to still interact with Jane and receive her 561 | message, despite not being connected to the internet. 562 | - **Relay:** A relay is a way for a remote node to forward information it receives to a 563 | local node, or to another remote node. When Jane sends a message to Bob's remote 564 | DWN, Bob's remote DWN "relays" the message to Bob's local DWN, which allows 565 | Bob to interact with his DWN locally. 566 | 567 | ### Example Deployment (Simple) 568 | 569 | In this simple example, each actor has a remote (i.e a server) and local node 570 | (i.e a phone). As an example, you have a chat app with a remote and local node. 571 | Alice wants to send a message to Bob in this case, and Bob will reply with a 572 | message back. 573 | 574 | ![DWN Simple 575 | Connection](https://identity.foundation/decentralized-web-node/spec/images/topology.svg) 576 | 577 | **Steps** 578 | 579 | 0. Bob shares DID to Alice (via a QR code or some other transport) 580 | 1. Alice Resolve's Bob's DID 581 | 2. Alice sends a message to Bob's node discovered via a Service Endpoint in the 582 | DID Document 583 | 3. Bob's Node relays the Alice's message from the remote note to the local node. 584 | 4. Bob resolves Alice's DID and finds the service endpoints 585 | 5. Bob's local node ACTs on the message, sending a message back to Alice's Node 586 | 6. Alice's remote node receives the message and relays it locally. 587 | 588 | ### Example Deployment (Complex) 589 | 590 | ## Miscellaneous 591 | 592 | ### Example Use Cases 593 | 594 | ### Real World Applications 595 | 596 | ### DWN Adoption 597 | 598 | ### Ecosystem interplay 599 | 600 | ### Limitations and Other Considerations 601 | 602 | ### Q&A 603 | 604 | #### General Questions 605 | 606 | - **How do you pronounce DWNs?**: We've heard a few ways to say it: 607 | 608 | - As dawn : _dɔːn_ 609 | - D Web Node : _diː wɛb nəʊd_ 610 | - D W N : _diː ˈdʌbᵊljuː ɛn_ 611 | 612 | - **How are DWNs different than SOLID Pods?** See the [Technology 613 | Comparision](#technology-comparision) section for a detailed understanding of 614 | how DWNs compare to different technology. 615 | 616 | - **For the base case, how many DWNs should I expect a particular person to 617 | have?** As a general rule, a person can be expected to have a few DWNs. Possibly 618 | more than 1 but less than 10. There may be cases which require more than 10. 619 | 620 | #### Security Questions 621 | 622 | - **Are there Data Privacy Considerations like GDPR? And how are they taken care 623 | of in this kind of paradigm?** The full GDPR rights for individuals are: the 624 | right to be informed, the right of access, the right to rectification, the 625 | right to erasure, the right to restrict processing, the right to data 626 | portability, the right to object and also rights around automated decision 627 | making and profiling. Since DWN's are a personal data store where you control 628 | your data, they are basically GDPR by default. See the [Security and 629 | Privacy](#security-and-privacy-chatgpt) section for additional information. 630 | 631 | - **What is the best way to ensure that recipients of PII access via DWN are not 632 | persistently storing the information using their own digital agent?** This 633 | question is very dependent on the use case. It is up to the responsibility of 634 | the DWN app/user to decide what data to give to whom. For sensitive data such 635 | as PII, it would generally be recommended to give as little information as 636 | possible and only when required. You can use Zero Knowledge Proofs (ZKP), if 637 | you need to prove something over a DWN without sharing the actual data. 638 | 639 | #### Specification Questions 640 | 641 | - **How flexible/dynamic are the protocol control rules?** The Protocols 642 | interface provides a way to define how another DWN may interact with your DWN. 643 | This is different to RBAC controls that you would traditionally see in a 644 | centralized control system. You can learn more about the protocols interface 645 | [here](https://identity.foundation/decentralized-web-node/spec/#protocols). 646 | Protocols introduces a mechanism for declaratively encoding an app or 647 | service’s underlying protocol rules, including segmentation of records, 648 | relationships between records, data-level requirements, and constraints on how 649 | participants interact with a protocol. 650 | 651 | #### Technical Questions 652 | 653 | - **If I replicate DWNs for a service, how many DID's should be assigned?** A 654 | single DID may point to multiple DWNs. There is a preference toward the first 655 | service endpoint in the [resolution 656 | array](https://identity.foundation/decentralized-web-node/spec/#resolution) 657 | - **What happens when there is asymmetry of resources across DWNs w.r.t sync?** 658 | Although it is currently not supported, there eventually will be selective 659 | sync that can allow you to filter certain things to sync across DWNs. 660 | - **How does latency impact sync?** All DWNs are built on a CRDT, so they will 661 | eventually resolve without conflict, however you can expect that latency may 662 | impact the speed of the resolution. Therefore, it's recommended to pick the 663 | most highly available node for sending data across. 664 | - **How does the CRDT system work?** There are 2 levels of CRDT. The base layer, 665 | object level CRDT, and the second layer, which is the data CRDT. These are 666 | managed with commit strategies. See [here] for more information. 667 | TODO: Spec does not discuss CRDT. 668 | - **Does a DWN run in the cloud, local, or both?** At the very least, they will 669 | probably run locally, and there is a high likelihood that they will also run 670 | in the cloud. The remote data will be available in case it needs to be very 671 | available. Imagine for example you go on a hiking trip and you are out of 672 | network. The DWN in the cloud would facilitate interactions that you would not 673 | be able to do via your phone which is out of service. 674 | - **Do we write into an IPFS vs. IPLD Node?** DWN use IPLD as an encoding 675 | format, but it's not required to throw out to the IPFS layer. 676 | - **What is IPLD?**IPLD is the data model of the content-addressable web. It 677 | allows us to treat all hash-linked data structures as subsets of a unified 678 | information space, unifying all data models that link data with hashes as 679 | instances of IPLD. 680 | - **What if you want to use a DWN and don't want data on IPFS?** Not all DWNs 681 | require IPFS. 682 | - **What are the main types of data store?** There are two types of datastores. 683 | There's a `message store` that is intended to store metadata about the data 684 | you're trying to store. Then there is a `datastore`, which actually has the 685 | data you want to store. 686 | - **Does DWN allow or foresee applications that need cross user/company 687 | synchronisation (e.g., DeFi applications that pose double-spend risks or 688 | supply chain applications including international participants to be synced)?** 689 | Eventually, yes, DWNs maybe able to facilitate those interactions. 690 | - **Would a DWN support the notion of a computational enclave that allows to 691 | securely execute someone else’s code to access the DWN’s data, e.g., a 692 | federated ML model that then the user can control what it sends back out to 693 | the sender of the model?** You will be able to define access to a subset of 694 | resources within a DWN based upon derived key permissions using Protocols. 695 | This will give users the ability to access encrypted data on a DWN for only a 696 | subset of a DWN, using a derived key. There is also a vision of DWNs being 697 | able to work using homomorphic entryption, however this is an area of research now. 698 | 699 | ### Reference Implementations 700 | 701 | - [TBD's JS SDK](https://github.com/TBD54566975/dwn-sdk-js) : Javascript sdk 702 | - [TBD's Web 5 703 | Implementation](https://github.com/TBD54566975/incubating-web5-labs) 704 | -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | # [Identity Hub](https://identity.foundation/identity-hub/) 2 | 3 | This specification describes identity hub's and their associated apis 4 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "root", 3 | "private": true, 4 | "scripts": { 5 | "render": "node -e \"require('spec-up')({ nowatch: true })\"", 6 | "edit": "node -e \"require('spec-up')()\"" 7 | }, 8 | "devDependencies": { 9 | "spec-up": "0.10.5" 10 | } 11 | } -------------------------------------------------------------------------------- /schemas/json-schemas/authorization-payloads/base-authorization-payload.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/authorization-payloads/base-authorization-payload.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptorCid" 8 | ], 9 | "properties": { 10 | "descriptorCid": { 11 | "type": "string" 12 | }, 13 | "permissionsGrantId": { 14 | "type": "string" 15 | } 16 | } 17 | } -------------------------------------------------------------------------------- /schemas/json-schemas/authorization-payloads/records-write-authorization-payload.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/authorization-payloads/records-write-authorization-payload.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptorCid", 8 | "recordId" 9 | ], 10 | "properties": { 11 | "descriptorCid": { 12 | "type": "string" 13 | }, 14 | "recordId": { 15 | "type": "string" 16 | }, 17 | "contextId": { 18 | "type": "string" 19 | }, 20 | "attestationCid": { 21 | "type": "string" 22 | }, 23 | "encryptionCid": { 24 | "type": "string" 25 | } 26 | } 27 | } -------------------------------------------------------------------------------- /schemas/json-schemas/definitions.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/defs.json", 4 | "type": "object", 5 | "definitions": { 6 | "base64url": { 7 | "type": "string", 8 | "pattern": "^[A-Za-z0-9_-]+$" 9 | }, 10 | "uuid": { 11 | "type": "string", 12 | "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$" 13 | }, 14 | "did": { 15 | "type": "string", 16 | "pattern": "^did:([a-z0-9]+):((?:(?:[a-zA-Z0-9._-]|(?:%[0-9a-fA-F]{2}))*:)*((?:[a-zA-Z0-9._-]|(?:%[0-9a-fA-F]{2}))+))((;[a-zA-Z0-9_.:%-]+=[a-zA-Z0-9_.:%-]*)*)(\/[^#?]*)?([?][^#]*)?(#.*)?$" 17 | }, 18 | "date-time": { 19 | "type": "string", 20 | "pattern": "^\\d{4}-[0-1]\\d-[0-3]\\dT(?:[0-2]\\d:[0-5]\\d:[0-5]\\d|23:59:60)\\.\\d{6}Z$" 21 | } 22 | } 23 | } -------------------------------------------------------------------------------- /schemas/json-schemas/events/events-get.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/events-get.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Events" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Get" 32 | ], 33 | "type": "string" 34 | }, 35 | "messageTimestamp": { 36 | "type": "string" 37 | }, 38 | "watermark": { 39 | "type": "string" 40 | } 41 | } 42 | } 43 | } 44 | } -------------------------------------------------------------------------------- /schemas/json-schemas/general-jws.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/general-jws.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "properties": { 7 | "payload": { 8 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 9 | }, 10 | "signatures": { 11 | "type": "array", 12 | "minItems": 1, 13 | "items": { 14 | "type": "object", 15 | "properties": { 16 | "protected": { 17 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 18 | }, 19 | "signature": { 20 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 21 | } 22 | } 23 | } 24 | } 25 | } 26 | } -------------------------------------------------------------------------------- /schemas/json-schemas/hooks/hooks-write.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/hooks-write.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp", 21 | "uri", 22 | "filter" 23 | ], 24 | "properties": { 25 | "interface": { 26 | "enum": [ 27 | "Hooks" 28 | ], 29 | "type": "string" 30 | }, 31 | "method": { 32 | "enum": [ 33 | "Write" 34 | ], 35 | "type": "string" 36 | }, 37 | "messageTimestamp": { 38 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 39 | }, 40 | "schema": { 41 | "type": "string" 42 | }, 43 | "filter": { 44 | "type": "object", 45 | "minProperties": 1, 46 | "additionalProperties": false, 47 | "properties": { 48 | "method": { 49 | "type": "string" 50 | } 51 | } 52 | } 53 | } 54 | } 55 | } 56 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/messages-get.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/messages-get.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Messages" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Get" 32 | ], 33 | "type": "string" 34 | }, 35 | "messageTimestamp": { 36 | "type": "string" 37 | }, 38 | "messageCids": { 39 | "type": "array", 40 | "items": { 41 | "type": "string" 42 | }, 43 | "minItems": 1 44 | } 45 | } 46 | } 47 | } 48 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/protocol-definition.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/protocol-definition.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "protocol", 8 | "published", 9 | "types", 10 | "structure" 11 | ], 12 | "properties": { 13 | "protocol": { 14 | "type": "string" 15 | }, 16 | "published": { 17 | "type": "boolean" 18 | }, 19 | "types": { 20 | "type": "object", 21 | "patternProperties": { 22 | ".*": { 23 | "type": "object", 24 | "additionalProperties": false, 25 | "properties": { 26 | "schema": { 27 | "type": "string" 28 | }, 29 | "dataFormats": { 30 | "type": "array", 31 | "minItems": 1, 32 | "items": { 33 | "type": "string" 34 | } 35 | } 36 | } 37 | } 38 | } 39 | }, 40 | "structure": { 41 | "type": "object", 42 | "patternProperties": { 43 | ".*": { 44 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json" 45 | } 46 | } 47 | } 48 | } 49 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/protocol-rule-set.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "properties": { 7 | "$actions": { 8 | "type": "array", 9 | "minItems": 1, 10 | "items": { 11 | "type": "object", 12 | "anyOf": [ 13 | { 14 | "required": [ 15 | "who", 16 | "can" 17 | ], 18 | "additionalProperties": false, 19 | "properties": { 20 | "who": { 21 | "type": "string", 22 | "enum": [ 23 | "anyone" 24 | ] 25 | }, 26 | "can": { 27 | "type": "string", 28 | "enum": [ 29 | "read", 30 | "write" 31 | ] 32 | } 33 | } 34 | }, 35 | { 36 | "required": [ 37 | "who", 38 | "of", 39 | "can" 40 | ], 41 | "additionalProperties": false, 42 | "properties": { 43 | "who": { 44 | "type": "string", 45 | "enum": [ 46 | "author", 47 | "recipient" 48 | ] 49 | }, 50 | "of": { 51 | "type": "string" 52 | }, 53 | "can": { 54 | "type": "string", 55 | "enum": [ 56 | "read", 57 | "write" 58 | ] 59 | } 60 | } 61 | } 62 | ] 63 | } 64 | } 65 | }, 66 | "patternProperties": { 67 | "^[^$].*": { 68 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json" 69 | } 70 | } 71 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/protocols-configure.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/protocols-configure.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp", 21 | "definition" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Protocols" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Configure" 33 | ], 34 | "type": "string" 35 | }, 36 | "messageTimestamp": { 37 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 38 | }, 39 | "definition": { 40 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-definition.json" 41 | } 42 | } 43 | } 44 | } 45 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/protocols-query.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/protocols-query.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptor" 8 | ], 9 | "properties": { 10 | "authorization": { 11 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 12 | }, 13 | "descriptor": { 14 | "type": "object", 15 | "additionalProperties": false, 16 | "required": [ 17 | "interface", 18 | "method", 19 | "messageTimestamp" 20 | ], 21 | "properties": { 22 | "interface": { 23 | "enum": [ 24 | "Protocols" 25 | ], 26 | "type": "string" 27 | }, 28 | "method": { 29 | "enum": [ 30 | "Query" 31 | ], 32 | "type": "string" 33 | }, 34 | "messageTimestamp": { 35 | "type": "string" 36 | }, 37 | "filter": { 38 | "type": "object", 39 | "minProperties": 1, 40 | "additionalProperties": false, 41 | "properties": { 42 | "protocol": { 43 | "type": "string" 44 | }, 45 | "recipient": { 46 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 47 | } 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/records-delete.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-delete.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp", 21 | "recordId" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Records" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Delete" 33 | ], 34 | "type": "string" 35 | }, 36 | "messageTimestamp": { 37 | "type": "string" 38 | }, 39 | "recordId": { 40 | "type": "string" 41 | } 42 | } 43 | } 44 | } 45 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/records-query.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-query.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptor" 8 | ], 9 | "properties": { 10 | "authorization": { 11 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 12 | }, 13 | "descriptor": { 14 | "type": "object", 15 | "additionalProperties": false, 16 | "required": [ 17 | "interface", 18 | "method", 19 | "messageTimestamp", 20 | "filter" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Records" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Query" 32 | ], 33 | "type": "string" 34 | }, 35 | "messageTimestamp": { 36 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 37 | }, 38 | "filter": { 39 | "type": "object", 40 | "minProperties": 1, 41 | "additionalProperties": false, 42 | "properties": { 43 | "protocol": { 44 | "type": "string" 45 | }, 46 | "attester": { 47 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 48 | }, 49 | "recipient": { 50 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 51 | }, 52 | "contextId": { 53 | "type": "string" 54 | }, 55 | "schema": { 56 | "type": "string" 57 | }, 58 | "recordId": { 59 | "type": "string" 60 | }, 61 | "parentId": { 62 | "type": "string" 63 | }, 64 | "dataFormat": { 65 | "type": "string" 66 | }, 67 | "dateCreated": { 68 | "type": "object", 69 | "minProperties": 1, 70 | "additionalProperties": false, 71 | "properties": { 72 | "from": { 73 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 74 | }, 75 | "to": { 76 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 77 | } 78 | } 79 | } 80 | } 81 | }, 82 | "dateSort": { 83 | "enum": [ 84 | "createdAscending", 85 | "createdDescending", 86 | "publishedAscending", 87 | "publishedDescending" 88 | ], 89 | "type": "string" 90 | } 91 | } 92 | } 93 | } 94 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/records-read.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-read.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptor" 8 | ], 9 | "properties": { 10 | "authorization": { 11 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 12 | }, 13 | "descriptor": { 14 | "type": "object", 15 | "additionalProperties": false, 16 | "required": [ 17 | "interface", 18 | "method", 19 | "messageTimestamp", 20 | "recordId" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Records" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Read" 32 | ], 33 | "type": "string" 34 | }, 35 | "messageTimestamp": { 36 | "type": "string" 37 | }, 38 | "recordId": { 39 | "type": "string" 40 | } 41 | } 42 | } 43 | } 44 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/records-write.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-write.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor", 9 | "recordId" 10 | ], 11 | "properties": { 12 | "recordId": { 13 | "type": "string" 14 | }, 15 | "contextId": { 16 | "type": "string" 17 | }, 18 | "attestation": { 19 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 20 | }, 21 | "authorization": { 22 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 23 | }, 24 | "encryption": { 25 | "type": "object", 26 | "properties": { 27 | "algorithm": { 28 | "type": "string", 29 | "enum": [ 30 | "A256CTR" 31 | ] 32 | }, 33 | "initializationVector": { 34 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 35 | }, 36 | "keyEncryption": { 37 | "type": "array", 38 | "minItems": 1, 39 | "items": { 40 | "type": "object", 41 | "properties": { 42 | "rootKeyId": { 43 | "type": "string" 44 | }, 45 | "derivationScheme": { 46 | "type": "string", 47 | "enum": [ 48 | "dataFormats", 49 | "protocols", 50 | "schemas" 51 | ] 52 | }, 53 | "algorithm": { 54 | "type": "string", 55 | "enum": [ 56 | "ECIES-ES256K" 57 | ] 58 | }, 59 | "encryptedKey": { 60 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 61 | }, 62 | "initializationVector": { 63 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 64 | }, 65 | "ephemeralPublicKey": { 66 | "$ref": "https://identity.foundation/dwn/json-schemas/public-jwk.json" 67 | }, 68 | "messageAuthenticationCode": { 69 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 70 | } 71 | }, 72 | "additionalProperties": false, 73 | "required": [ 74 | "rootKeyId", 75 | "derivationScheme", 76 | "algorithm", 77 | "encryptedKey", 78 | "initializationVector", 79 | "ephemeralPublicKey", 80 | "messageAuthenticationCode" 81 | ] 82 | } 83 | } 84 | }, 85 | "additionalProperties": false, 86 | "required": [ 87 | "algorithm", 88 | "initializationVector", 89 | "keyEncryption" 90 | ] 91 | }, 92 | "descriptor": { 93 | "type": "object", 94 | "properties": { 95 | "interface": { 96 | "enum": [ 97 | "Records" 98 | ], 99 | "type": "string" 100 | }, 101 | "method": { 102 | "enum": [ 103 | "Write" 104 | ], 105 | "type": "string" 106 | }, 107 | "recipient": { 108 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 109 | }, 110 | "protocol": { 111 | "type": "string" 112 | }, 113 | "protocolPath": { 114 | "type": "string", 115 | "pattern": "^[a-zA-Z]+(\/[a-zA-Z]+)*$" 116 | }, 117 | "schema": { 118 | "type": "string" 119 | }, 120 | "parentId": { 121 | "type": "string" 122 | }, 123 | "dataCid": { 124 | "type": "string" 125 | }, 126 | "dataSize": { 127 | "type": "number" 128 | }, 129 | "dateCreated": { 130 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 131 | }, 132 | "messageTimestamp": { 133 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 134 | }, 135 | "published": { 136 | "type": "boolean" 137 | }, 138 | "datePublished": { 139 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 140 | }, 141 | "dataFormat": { 142 | "type": "string" 143 | } 144 | }, 145 | "additionalProperties": false, 146 | "required": [ 147 | "interface", 148 | "method", 149 | "dataCid", 150 | "dataSize", 151 | "dateCreated", 152 | "messageTimestamp", 153 | "dataFormat" 154 | ], 155 | "dependencies": { 156 | "parentId": [ 157 | "protocol" 158 | ] 159 | }, 160 | "allOf": [ 161 | { 162 | "$comment": "rule defining `published` and `datePublished` relationship", 163 | "anyOf": [ 164 | { 165 | "properties": { 166 | "published": { 167 | "type": "boolean", 168 | "enum": [ 169 | true 170 | ] 171 | } 172 | }, 173 | "required": [ 174 | "published", 175 | "datePublished" 176 | ] 177 | }, 178 | { 179 | "properties": { 180 | "published": { 181 | "type": "boolean", 182 | "enum": [ 183 | false 184 | ] 185 | } 186 | }, 187 | "not": { 188 | "required": [ 189 | "datePublished" 190 | ] 191 | } 192 | }, 193 | { 194 | "allOf": [ 195 | { 196 | "not": { 197 | "required": [ 198 | "published" 199 | ] 200 | } 201 | }, 202 | { 203 | "not": { 204 | "required": [ 205 | "datePublished" 206 | ] 207 | } 208 | } 209 | ] 210 | } 211 | ] 212 | } 213 | ] 214 | } 215 | }, 216 | "$comment": "rule defining `protocol` and `contextId` relationship", 217 | "anyOf": [ 218 | { 219 | "properties": { 220 | "descriptor": { 221 | "type": "object", 222 | "required": [ 223 | "protocol", 224 | "protocolPath", 225 | "schema" 226 | ] 227 | } 228 | }, 229 | "required": [ 230 | "contextId" 231 | ] 232 | }, 233 | { 234 | "allOf": [ 235 | { 236 | "not": { 237 | "required": [ 238 | "contextId" 239 | ] 240 | } 241 | }, 242 | { 243 | "properties": { 244 | "descriptor": { 245 | "type": "object", 246 | "not": { 247 | "required": [ 248 | "protocol" 249 | ] 250 | } 251 | } 252 | } 253 | }, 254 | { 255 | "properties": { 256 | "descriptor": { 257 | "type": "object", 258 | "not": { 259 | "required": [ 260 | "protocolPath" 261 | ] 262 | } 263 | } 264 | } 265 | } 266 | ] 267 | } 268 | ] 269 | } -------------------------------------------------------------------------------- /schemas/json-schemas/interface-methods/snapshots-create.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/snapshots-create.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "messageTimestamp", 21 | "definitionCid" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Snapshots" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Create" 33 | ], 34 | "type": "string" 35 | }, 36 | "messageTimestamp": { 37 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 38 | }, 39 | "definitionCid": { 40 | "type": "string" 41 | } 42 | } 43 | } 44 | } 45 | } -------------------------------------------------------------------------------- /schemas/json-schemas/jwk-verification-method.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/jwk-verification-method.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "id", 8 | "type", 9 | "controller", 10 | "publicKeyJwk" 11 | ], 12 | "properties": { 13 | "id": { 14 | "type": "string" 15 | }, 16 | "type": { 17 | "const": "JsonWebKey2020" 18 | }, 19 | "controller": { 20 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 21 | }, 22 | "publicKeyJwk": { 23 | "$ref": "https://identity.foundation/dwn/json-schemas/public-jwk.json" 24 | } 25 | } 26 | } -------------------------------------------------------------------------------- /schemas/json-schemas/jwk/general-jwk.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/general-jwk.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "required": ["kty"], 6 | "properties": { 7 | "alg": { 8 | "type": "string" 9 | }, 10 | "kid": { 11 | "type": "string" 12 | }, 13 | "kty": { 14 | "enum": ["EC", "RSA", "oct", "OKP"] 15 | }, 16 | "crv": { 17 | "type": "string" 18 | }, 19 | "use": { 20 | "type": "string" 21 | }, 22 | "key_ops": { 23 | "type": "string" 24 | }, 25 | "x5u": { 26 | "type": "string" 27 | }, 28 | "x5c": { 29 | "type": "string" 30 | }, 31 | "x5t": { 32 | "type": "string" 33 | }, 34 | "x5t#S256": { 35 | "type": "string" 36 | } 37 | }, 38 | "oneOf": [ 39 | { 40 | "properties": { 41 | "kty": { 42 | "const": "EC" 43 | }, 44 | "crv": { 45 | "type": "string" 46 | }, 47 | "x": { 48 | "type": "string" 49 | }, 50 | "y": { 51 | "type": "string" 52 | }, 53 | "d": { 54 | "type": "string" 55 | } 56 | }, 57 | "required": ["crv", "x"] 58 | }, 59 | { 60 | "properties": { 61 | "kty": { 62 | "const": "OKP" 63 | }, 64 | "crv": { 65 | "type": "string" 66 | }, 67 | "x": { 68 | "type": "string" 69 | }, 70 | "d": { 71 | "type": "string" 72 | } 73 | }, 74 | "required": ["crv", "x"] 75 | }, 76 | { 77 | "properties": { 78 | "kty": { 79 | "const": "RSA" 80 | }, 81 | "n": { 82 | "type": "string" 83 | }, 84 | "e": { 85 | "type": "string" 86 | }, 87 | "d": { 88 | "type": "string" 89 | }, 90 | "p": { 91 | "type": "string" 92 | }, 93 | "q": { 94 | "type": "string" 95 | }, 96 | "dp": { 97 | "type": "string" 98 | }, 99 | "dq": { 100 | "type": "string" 101 | }, 102 | "qi": { 103 | "type": "string" 104 | }, 105 | "oth": { 106 | "type": "object" 107 | } 108 | }, 109 | "required": ["n", "e"] 110 | }, 111 | { 112 | "properties": { 113 | "kty": { 114 | "const": "oct" 115 | }, 116 | "k": { 117 | "type": "string" 118 | } 119 | }, 120 | "required": ["k"] 121 | } 122 | ] 123 | } 124 | -------------------------------------------------------------------------------- /schemas/json-schemas/jwk/public-jwk.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/public-jwk.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jwk.json", 5 | "not": { 6 | "anyOf": [ 7 | { 8 | "type": "object", 9 | "properties": { 10 | "kty": { 11 | "const": "EC" 12 | } 13 | }, 14 | "anyOf": [{ "required": ["d"] }] 15 | }, 16 | { 17 | "type": "object", 18 | "properties": { 19 | "kty": { 20 | "const": "OKP" 21 | } 22 | }, 23 | "anyOf": [{ "required": ["d"] }] 24 | }, 25 | { 26 | "type": "object", 27 | "properties": { 28 | "kty": { 29 | "const": "RSA" 30 | }, 31 | "d": {}, 32 | "p": {}, 33 | "q": {}, 34 | "dp": {}, 35 | "dq": {}, 36 | "qi": {}, 37 | "oth": { "type": "object" } 38 | }, 39 | "anyOf": [ 40 | { "required": ["d"] }, 41 | { "required": ["p"] }, 42 | { "required": ["q"] }, 43 | { "required": ["dp"] }, 44 | { "required": ["dq"] }, 45 | { "required": ["qi"] }, 46 | { "required": ["oth"] } 47 | ] 48 | } 49 | ] 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /schemas/json-schemas/messages/messages-get.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/messages-get.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method" 20 | ], 21 | "properties": { 22 | "interface": { 23 | "enum": [ 24 | "Messages" 25 | ], 26 | "type": "string" 27 | }, 28 | "method": { 29 | "enum": [ 30 | "Get" 31 | ], 32 | "type": "string" 33 | }, 34 | "messageCids": { 35 | "type": "array", 36 | "items": { 37 | "type": "string" 38 | }, 39 | "minItems": 1 40 | } 41 | } 42 | } 43 | } 44 | } -------------------------------------------------------------------------------- /schemas/json-schemas/permissions/definitions.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/permissions/defs.json", 4 | "type": "object", 5 | "definitions": { 6 | "conditions": { 7 | "type": "object", 8 | "additionalProperties": false, 9 | "properties": { 10 | "attestation": { 11 | "enum": [ 12 | "optional", 13 | "required" 14 | ], 15 | "type": "string" 16 | }, 17 | "delegation": { 18 | "type": "boolean" 19 | }, 20 | "encryption": { 21 | "enum": [ 22 | "optional", 23 | "required" 24 | ], 25 | "type": "string" 26 | }, 27 | "publication": { 28 | "type": "boolean" 29 | }, 30 | "sharedAccess": { 31 | "type": "boolean" 32 | } 33 | } 34 | }, 35 | "grantedTo": { 36 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 37 | }, 38 | "grantedBy": { 39 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 40 | }, 41 | "scope": { 42 | "properties": { 43 | "method": { 44 | "type": "string" 45 | }, 46 | "objectId": { 47 | "type": "string" 48 | }, 49 | "schema": { 50 | "type": "string" 51 | } 52 | }, 53 | "type": "object", 54 | "additionalProperties": false 55 | } 56 | } 57 | } -------------------------------------------------------------------------------- /schemas/json-schemas/permissions/permissions-grant.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/permissions-grant.json", 4 | "type": "object", 5 | "required": [ 6 | "authorization", 7 | "descriptor" 8 | ], 9 | "additionalProperties": false, 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "delegationChain": { 15 | "description": "the parent grant", 16 | "$ref": "#" 17 | }, 18 | "descriptor": { 19 | "type": "object", 20 | "additionalProperties": false, 21 | "required": [ 22 | "interface", 23 | "method", 24 | "dateCreated" 25 | ], 26 | "properties": { 27 | "dateCreated": { 28 | "type": "string" 29 | }, 30 | "conditions": { 31 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/conditions" 32 | }, 33 | "delegatedFrom": { 34 | "description": "CID of the parent grant", 35 | "type": "string" 36 | }, 37 | "description": { 38 | "type": "string" 39 | }, 40 | "grantedTo": { 41 | "description": "DID of the grantee", 42 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/grantedTo" 43 | }, 44 | "grantedBy": { 45 | "description": "DID of the grantor", 46 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/grantedBy" 47 | }, 48 | "interface": { 49 | "enum": [ 50 | "Permissions" 51 | ], 52 | "type": "string" 53 | }, 54 | "method": { 55 | "enum": [ 56 | "Grant" 57 | ], 58 | "type": "string" 59 | }, 60 | "scope": { 61 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/scope" 62 | }, 63 | "objectId": { 64 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/uuid" 65 | } 66 | } 67 | } 68 | } 69 | } -------------------------------------------------------------------------------- /schemas/json-schemas/permissions/permissions-request.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/permissions-request.json", 4 | "additionalProperties": false, 5 | "type": "object", 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "dateCreated" 21 | ], 22 | "properties": { 23 | "dateCreated": { 24 | "type": "string" 25 | }, 26 | "conditions": { 27 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/conditions" 28 | }, 29 | "description": { 30 | "type": "string" 31 | }, 32 | "grantedTo": { 33 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/grantedTo" 34 | }, 35 | "grantedBy": { 36 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/grantedBy" 37 | }, 38 | "interface": { 39 | "enum": [ 40 | "Permissions" 41 | ], 42 | "type": "string" 43 | }, 44 | "method": { 45 | "enum": [ 46 | "Request" 47 | ], 48 | "type": "string" 49 | }, 50 | "scope": { 51 | "$ref": "https://identity.foundation/dwn/json-schemas/permissions/defs.json#/definitions/scope" 52 | }, 53 | "objectId": { 54 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/uuid" 55 | } 56 | } 57 | } 58 | } 59 | } -------------------------------------------------------------------------------- /schemas/json-schemas/protocol-definition.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/protocol-definition.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "types", 8 | "structure" 9 | ], 10 | "properties": { 11 | "protocol": { 12 | "type": "string" 13 | }, 14 | "types": { 15 | "type": "object", 16 | "patternProperties": { 17 | ".*": { 18 | "type": "object", 19 | "additionalProperties": false, 20 | "properties": { 21 | "schema": { 22 | "type": "string" 23 | }, 24 | "dataFormats": { 25 | "type": "array", 26 | "minItems": 1, 27 | "items": { 28 | "type": "string" 29 | } 30 | } 31 | } 32 | } 33 | } 34 | }, 35 | "structure": { 36 | "type": "object", 37 | "patternProperties": { 38 | ".*": { 39 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json" 40 | } 41 | } 42 | } 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /schemas/json-schemas/protocol-rule-set.json: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json", 3 | "$schema": "http://json-schema.org/draft-07/schema#", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "properties": { 7 | "$actions": { 8 | "type": "array", 9 | "minItems": 1, 10 | "items": { 11 | "type": "object", 12 | "anyOf": [ 13 | { 14 | "required": [ 15 | "who", 16 | "can" 17 | ], 18 | "additionalProperties": false, 19 | "properties": { 20 | "who": { 21 | "type": "string", 22 | "enum": [ 23 | "anyone" 24 | ] 25 | }, 26 | "can": { 27 | "type": "string", 28 | "enum": [ 29 | "read", 30 | "write" 31 | ] 32 | } 33 | } 34 | }, 35 | { 36 | "required": [ 37 | "who", 38 | "of", 39 | "can" 40 | ], 41 | "additionalProperties": false, 42 | "properties": { 43 | "who": { 44 | "type": "string", 45 | "enum": [ 46 | "author", 47 | "recipient" 48 | ] 49 | }, 50 | "of": { 51 | "type": "string" 52 | }, 53 | "can": { 54 | "type": "string", 55 | "enum": [ 56 | "read", 57 | "write" 58 | ] 59 | } 60 | } 61 | } 62 | ] 63 | } 64 | } 65 | }, 66 | "patternProperties": { 67 | "^[^$].*": { 68 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-rule-set.json" 69 | } 70 | } 71 | } -------------------------------------------------------------------------------- /schemas/json-schemas/protocols/protocols-configure.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/protocols-configure.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "dateCreated", 21 | "definition" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Protocols" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Configure" 33 | ], 34 | "type": "string" 35 | }, 36 | "dateCreated": { 37 | "type": "string" 38 | }, 39 | "definition": { 40 | "$ref": "https://identity.foundation/dwn/json-schemas/protocol-definition.json" 41 | } 42 | } 43 | } 44 | } 45 | } -------------------------------------------------------------------------------- /schemas/json-schemas/protocols/protocols-query.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/protocols-query.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "dateCreated" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Protocols" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Query" 32 | ], 33 | "type": "string" 34 | }, 35 | "dateCreated": { 36 | "type": "string" 37 | }, 38 | "filter": { 39 | "type": "object", 40 | "minProperties": 1, 41 | "additionalProperties": false, 42 | "properties": { 43 | "protocol": { 44 | "type": "string" 45 | }, 46 | "recipient": { 47 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | } -------------------------------------------------------------------------------- /schemas/json-schemas/records/records-delete.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-delete.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "dateModified", 21 | "recordId" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Records" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Delete" 33 | ], 34 | "type": "string" 35 | }, 36 | "dateModified": { 37 | "type": "string" 38 | }, 39 | "recordId": { 40 | "type": "string" 41 | } 42 | } 43 | } 44 | } 45 | } -------------------------------------------------------------------------------- /schemas/json-schemas/records/records-query.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-query.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor" 9 | ], 10 | "properties": { 11 | "authorization": { 12 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 13 | }, 14 | "descriptor": { 15 | "type": "object", 16 | "additionalProperties": false, 17 | "required": [ 18 | "interface", 19 | "method", 20 | "dateCreated", 21 | "filter" 22 | ], 23 | "properties": { 24 | "interface": { 25 | "enum": [ 26 | "Records" 27 | ], 28 | "type": "string" 29 | }, 30 | "method": { 31 | "enum": [ 32 | "Query" 33 | ], 34 | "type": "string" 35 | }, 36 | "dateCreated": { 37 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 38 | }, 39 | "filter": { 40 | "type": "object", 41 | "minProperties": 1, 42 | "additionalProperties": false, 43 | "properties": { 44 | "protocol": { 45 | "type": "string" 46 | }, 47 | "attester": { 48 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 49 | }, 50 | "recipient": { 51 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 52 | }, 53 | "contextId": { 54 | "type": "string" 55 | }, 56 | "schema": { 57 | "type": "string" 58 | }, 59 | "recordId": { 60 | "type": "string" 61 | }, 62 | "parentId": { 63 | "type": "string" 64 | }, 65 | "dataFormat": { 66 | "type": "string" 67 | }, 68 | "dateCreated": { 69 | "type": "object", 70 | "minProperties": 1, 71 | "additionalProperties": false, 72 | "properties": { 73 | "from": { 74 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 75 | }, 76 | "to": { 77 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 78 | } 79 | } 80 | } 81 | } 82 | }, 83 | "dateSort": { 84 | "enum": [ 85 | "createdAscending", 86 | "createdDescending", 87 | "publishedAscending", 88 | "publishedDescending" 89 | ], 90 | "type": "string" 91 | } 92 | } 93 | } 94 | } 95 | } -------------------------------------------------------------------------------- /schemas/json-schemas/records/records-read.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-read.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "descriptor" 8 | ], 9 | "properties": { 10 | "authorization": { 11 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 12 | }, 13 | "descriptor": { 14 | "type": "object", 15 | "additionalProperties": false, 16 | "required": [ 17 | "interface", 18 | "method", 19 | "date", 20 | "recordId" 21 | ], 22 | "properties": { 23 | "interface": { 24 | "enum": [ 25 | "Records" 26 | ], 27 | "type": "string" 28 | }, 29 | "method": { 30 | "enum": [ 31 | "Read" 32 | ], 33 | "type": "string" 34 | }, 35 | "date": { 36 | "type": "string" 37 | }, 38 | "recordId": { 39 | "type": "string" 40 | } 41 | } 42 | } 43 | } 44 | } -------------------------------------------------------------------------------- /schemas/json-schemas/records/records-write.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "http://json-schema.org/draft-07/schema#", 3 | "$id": "https://identity.foundation/dwn/json-schemas/records-write.json", 4 | "type": "object", 5 | "additionalProperties": false, 6 | "required": [ 7 | "authorization", 8 | "descriptor", 9 | "recordId" 10 | ], 11 | "properties": { 12 | "recordId": { 13 | "type": "string" 14 | }, 15 | "contextId": { 16 | "type": "string" 17 | }, 18 | "attestation": { 19 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 20 | }, 21 | "authorization": { 22 | "$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json" 23 | }, 24 | "encryption": { 25 | "type": "object", 26 | "properties": { 27 | "algorithm": { 28 | "type": "string", 29 | "enum": [ 30 | "A256CTR" 31 | ] 32 | }, 33 | "initializationVector": { 34 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 35 | }, 36 | "keyEncryption": { 37 | "type": "array", 38 | "minItems": 1, 39 | "items": { 40 | "type": "object", 41 | "properties": { 42 | "derivationScheme": { 43 | "type": "string", 44 | "enum": [ 45 | "dataFormats", 46 | "protocols", 47 | "schemas" 48 | ] 49 | }, 50 | "algorithm": { 51 | "type": "string", 52 | "enum": [ 53 | "ECIES-ES256K" 54 | ] 55 | }, 56 | "encryptedKey": { 57 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 58 | }, 59 | "initializationVector": { 60 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 61 | }, 62 | "ephemeralPublicKey": { 63 | "$ref": "https://identity.foundation/dwn/json-schemas/public-jwk.json" 64 | }, 65 | "messageAuthenticationCode": { 66 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/base64url" 67 | } 68 | }, 69 | "additionalProperties": false, 70 | "required": [ 71 | "derivationScheme", 72 | "algorithm", 73 | "encryptedKey", 74 | "initializationVector", 75 | "ephemeralPublicKey", 76 | "messageAuthenticationCode" 77 | ] 78 | } 79 | } 80 | }, 81 | "additionalProperties": false, 82 | "required": [ 83 | "algorithm", 84 | "initializationVector", 85 | "keyEncryption" 86 | ] 87 | }, 88 | "descriptor": { 89 | "type": "object", 90 | "properties": { 91 | "interface": { 92 | "enum": [ 93 | "Records" 94 | ], 95 | "type": "string" 96 | }, 97 | "method": { 98 | "enum": [ 99 | "Write" 100 | ], 101 | "type": "string" 102 | }, 103 | "recipient": { 104 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/did" 105 | }, 106 | "protocol": { 107 | "type": "string" 108 | }, 109 | "protocolPath": { 110 | "type": "string", 111 | "pattern": "^[a-zA-Z]+(\/[a-zA-Z]+)*$" 112 | }, 113 | "schema": { 114 | "type": "string" 115 | }, 116 | "parentId": { 117 | "type": "string" 118 | }, 119 | "dataCid": { 120 | "type": "string" 121 | }, 122 | "dataSize": { 123 | "type": "number" 124 | }, 125 | "dateCreated": { 126 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 127 | }, 128 | "dateModified": { 129 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 130 | }, 131 | "published": { 132 | "type": "boolean" 133 | }, 134 | "datePublished": { 135 | "$ref": "https://identity.foundation/dwn/json-schemas/defs.json#/definitions/date-time" 136 | }, 137 | "dataFormat": { 138 | "type": "string" 139 | } 140 | }, 141 | "additionalProperties": false, 142 | "required": [ 143 | "interface", 144 | "method", 145 | "dataCid", 146 | "dataSize", 147 | "dateCreated", 148 | "dateModified", 149 | "dataFormat" 150 | ], 151 | "allOf": [ 152 | { 153 | "$comment": "rule defining `published` and `datePublished` relationship", 154 | "anyOf": [ 155 | { 156 | "properties": { 157 | "published": { 158 | "type": "boolean", 159 | "enum": [ 160 | true 161 | ] 162 | } 163 | }, 164 | "required": [ 165 | "published", 166 | "datePublished" 167 | ] 168 | }, 169 | { 170 | "properties": { 171 | "published": { 172 | "type": "boolean", 173 | "enum": [ 174 | false 175 | ] 176 | } 177 | }, 178 | "not": { 179 | "required": [ 180 | "datePublished" 181 | ] 182 | } 183 | }, 184 | { 185 | "allOf": [ 186 | { 187 | "not": { 188 | "required": [ 189 | "published" 190 | ] 191 | } 192 | }, 193 | { 194 | "not": { 195 | "required": [ 196 | "datePublished" 197 | ] 198 | } 199 | } 200 | ] 201 | } 202 | ] 203 | } 204 | ] 205 | } 206 | }, 207 | "$comment": "rule defining `protocol` and `contextId` relationship", 208 | "anyOf": [ 209 | { 210 | "properties": { 211 | "descriptor": { 212 | "type": "object", 213 | "required": [ 214 | "protocol", 215 | "protocolPath", 216 | "schema" 217 | ] 218 | } 219 | }, 220 | "required": [ 221 | "contextId" 222 | ] 223 | }, 224 | { 225 | "allOf": [ 226 | { 227 | "not": { 228 | "required": [ 229 | "contextId" 230 | ] 231 | } 232 | }, 233 | { 234 | "properties": { 235 | "descriptor": { 236 | "type": "object", 237 | "not": { 238 | "required": [ 239 | "protocol" 240 | ] 241 | } 242 | } 243 | } 244 | }, 245 | { 246 | "properties": { 247 | "descriptor": { 248 | "type": "object", 249 | "not": { 250 | "required": [ 251 | "protocolPath" 252 | ] 253 | } 254 | } 255 | } 256 | } 257 | ] 258 | } 259 | ] 260 | } -------------------------------------------------------------------------------- /specs.json: -------------------------------------------------------------------------------- 1 | { 2 | "specs": [ 3 | { 4 | "title": "DIF Decentralized Web Node", 5 | "spec_directory": "./spec", 6 | "output_path": "./spec/0.0.1-predraft", 7 | "logo": "https://rawcdn.githack.com/decentralized-identity/decentralized-identity.github.io/a3ca39717e440302d1fd99a796e7f00e1c42eb2d/images/logo-flat.svg", 8 | "logo_link": "https://identity.foundation", 9 | "source": { 10 | "host": "github", 11 | "account": "decentralized-identity", 12 | "repo": "decentralized-web-node" 13 | } 14 | }, 15 | { 16 | "title": "DIF Decentralized Web Node", 17 | "spec_directory": "./spec", 18 | "output_path": "./spec", 19 | "logo": "https://rawcdn.githack.com/decentralized-identity/decentralized-identity.github.io/a3ca39717e440302d1fd99a796e7f00e1c42eb2d/images/logo-flat.svg", 20 | "logo_link": "https://identity.foundation", 21 | "source": { 22 | "host": "github", 23 | "account": "decentralized-identity", 24 | "repo": "decentralized-web-node" 25 | } 26 | }, 27 | { 28 | "title": "DIF Decentralized Web Node", 29 | "spec_directory": "./spec", 30 | "output_path": "./", 31 | "logo": "https://rawcdn.githack.com/decentralized-identity/decentralized-identity.github.io/a3ca39717e440302d1fd99a796e7f00e1c42eb2d/images/logo-flat.svg", 32 | "logo_link": "https://identity.foundation", 33 | "source": { 34 | "host": "github", 35 | "account": "decentralized-identity", 36 | "repo": "decentralized-web-node" 37 | } 38 | }, 39 | { 40 | "title": "Decentralized Web Node Companion Guide", 41 | "spec_directory": "./docs", 42 | "output_path": "./guide/v0.0.1", 43 | "markdown_paths": ["companion_guide.md"], 44 | "logo": "https://rawcdn.githack.com/decentralized-identity/decentralized-identity.github.io/a3ca39717e440302d1fd99a796e7f00e1c42eb2d/images/logo-flat.svg", 45 | "logo_link": "https://identity.foundation", 46 | "source": { 47 | "host": "github", 48 | "account": "decentralized-identity", 49 | "repo": "decentralized-web-node" 50 | } 51 | }, 52 | { 53 | "title": "Decentralized Web Node Companion Guide", 54 | "spec_directory": "./docs", 55 | "output_path": "./guide", 56 | "markdown_paths": ["companion_guide.md"], 57 | "logo": "https://rawcdn.githack.com/decentralized-identity/decentralized-identity.github.io/a3ca39717e440302d1fd99a796e7f00e1c42eb2d/images/logo-flat.svg", 58 | "logo_link": "https://identity.foundation", 59 | "source": { 60 | "host": "github", 61 | "account": "decentralized-identity", 62 | "repo": "decentralized-web-node" 63 | } 64 | } 65 | ] 66 | } 67 | --------------------------------------------------------------------------------