I-DELTA Decentralized Identity Management
Decentralized identity management is often an important part of use case scenarios involving DLT interoperability. A DLT interoperability platform should make allowances for participants to engage in peer-to-peer interactions using decentralized identities with verifiable credentials.
In this context, agents are trusted proxies that aid users in managing their identity.
- They act on behalf of a single identity owner.
- They manage cryptographic credentials of the owner
- They interact with other components using interoperable DIDComm protocols
- They are not bound to a specific blockchain, and can be implemented without blockchains
Distributed Identity Communications (DIDComm)
DIDComm refers to the messaging communication between two parties through their respective agents. This type of this communication aims to ensure that the communication is secure, private, interoperable, transport agnostic, and extensible. The DIDComm protocol does not have to be request/response or have a specified data format format like JSON. Its primary properties are that its messaged-based and asynchronous, and in this way resembles protocols more familiar to email than to web services.
Registering Issuers and Verifiers
In order for issuers and verifiers to perform their function, they must first be registered in the Distributed Identity (DID) Ledger. IN The issue/verifier triggers a registration request with the agent, which responds with the Distributed Identity information. The issuer/verifier then registers the DID information on the DID Ledger..
In order to establish a connection, the issuer/verifier first sends a create invite request to the agent. The agent then responds with the invite information. The issuer then encodes and publishes that invite where the user can access it. After reading the encoded invite, the user accepts the invite via the agent to establish the connection.
To issue a credential, the issuer sends a credential offer to the user through the agent. The user then accepts the credentıal via the agent.
Similarly, to verify the identity of a user, the verifier requests proof of identity from the user through the agent. The user then responds with the proof using the credentials obtained from the issuer.