diff --git a/cddl/README.md b/cddl/README.md new file mode 100644 index 00000000..cac1e7a2 --- /dev/null +++ b/cddl/README.md @@ -0,0 +1,6 @@ +# Decentralized Identifier Core Registries v1.0 examples + +This folder contains the Concise Data Definition Language (CDDL) data definition for the DID Spec Registeries. + +Additionally, each Property, Class and Type are broken down into separate components. + diff --git a/cddl/accept.cddl b/cddl/accept.cddl new file mode 100644 index 00000000..013d8829 --- /dev/null +++ b/cddl/accept.cddl @@ -0,0 +1,3 @@ +did-document-resolution-request = { + accept : "application/did+json" / "application/did+ld+json" / "application/did+cbor" / "application/did+dag+cbor" +} diff --git a/cddl/accept_example1.cbor b/cddl/accept_example1.cbor new file mode 100644 index 00000000..6d71d838 --- /dev/null +++ b/cddl/accept_example1.cbor @@ -0,0 +1 @@ +¡facceptwapplication/did+ld+json \ No newline at end of file diff --git a/cddl/accept_example1.json b/cddl/accept_example1.json new file mode 100644 index 00000000..4b59b024 --- /dev/null +++ b/cddl/accept_example1.json @@ -0,0 +1,3 @@ +{ + "accept": "application/did+ld+json" +} diff --git a/cddl/accept_example2.cbor b/cddl/accept_example2.cbor new file mode 100644 index 00000000..6d71d838 --- /dev/null +++ b/cddl/accept_example2.cbor @@ -0,0 +1 @@ +¡facceptwapplication/did+ld+json \ No newline at end of file diff --git a/cddl/accept_example2.json b/cddl/accept_example2.json new file mode 100644 index 00000000..98f8d0c2 --- /dev/null +++ b/cddl/accept_example2.json @@ -0,0 +1 @@ +{ "accept" : "application/did+cbor" } diff --git a/cddl/accept_example3.cbor b/cddl/accept_example3.cbor new file mode 100644 index 00000000..65e0f4ee --- /dev/null +++ b/cddl/accept_example3.cbor @@ -0,0 +1 @@ +¡faccepttapplication/did+json \ No newline at end of file diff --git a/cddl/accept_example3.json b/cddl/accept_example3.json new file mode 100644 index 00000000..c83c55b6 --- /dev/null +++ b/cddl/accept_example3.json @@ -0,0 +1 @@ +{ "accept" : "application/did+json" } diff --git a/cddl/assertionMethod.cddl b/cddl/assertionMethod.cddl new file mode 100644 index 00000000..da330d72 --- /dev/null +++ b/cddl/assertionMethod.cddl @@ -0,0 +1,139 @@ +DID-document = { + + assertionMethod : [ 1* verificationMethod ] + +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +;;; +; verificationMethod types included below for convenience +;;; + + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller: did / [1*did ] + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller: did / [1*did ] + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + \ No newline at end of file diff --git a/cddl/assertionMethod_example7.cbor b/cddl/assertionMethod_example7.cbor new file mode 100644 index 00000000..94bead7f --- /dev/null +++ b/cddl/assertionMethod_example7.cbor @@ -0,0 +1 @@ +¡oassertionMethod‚¤bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q \ No newline at end of file diff --git a/cddl/assertionMethod_example7.json b/cddl/assertionMethod_example7.json new file mode 100644 index 00000000..efdad919 --- /dev/null +++ b/cddl/assertionMethod_example7.json @@ -0,0 +1,10 @@ +{ + "assertionMethod": [{ + "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123", + "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg" + }, + "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q" + ] +} \ No newline at end of file diff --git a/cddl/authentication.cddl b/cddl/authentication.cddl new file mode 100644 index 00000000..a763f039 --- /dev/null +++ b/cddl/authentication.cddl @@ -0,0 +1,136 @@ +DID-document = { + authentication : [ 1* verificationMethod ] +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +;;; +; verificationMethod types included below for convenience +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/authentication_example8.cbor b/cddl/authentication_example8.cbor new file mode 100644 index 00000000..a09858e4 --- /dev/null +++ b/cddl/authentication_example8.cbor @@ -0,0 +1 @@ +¡nauthentication‚¤bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q \ No newline at end of file diff --git a/cddl/authentication_example8.json b/cddl/authentication_example8.json new file mode 100644 index 00000000..534d04be --- /dev/null +++ b/cddl/authentication_example8.json @@ -0,0 +1,10 @@ +{ + "authentication": [{ + "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123", + "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg" + }, + "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q" + ] +} \ No newline at end of file diff --git a/cddl/authentication_example8b.cbor b/cddl/authentication_example8b.cbor new file mode 100644 index 00000000..59375f0d --- /dev/null +++ b/cddl/authentication_example8b.cbor @@ -0,0 +1 @@ +¡nauthentication¤bidx%did:example:123456789abcdefghi#keys-1dtypexEd25519VerificationKey2018jcontrollerxdid:example:123456789abcdefghiopublicKeyBase58x,H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV \ No newline at end of file diff --git a/cddl/authentication_example8b.json b/cddl/authentication_example8b.json new file mode 100644 index 00000000..234fcb51 --- /dev/null +++ b/cddl/authentication_example8b.json @@ -0,0 +1,8 @@ +{ + "authentication": [{ + "id": "did:example:123456789abcdefghi#keys-1", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123456789abcdefghi", + "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" + } ] +} diff --git a/cddl/capabilityDelegation.cddl b/cddl/capabilityDelegation.cddl new file mode 100644 index 00000000..b6515713 --- /dev/null +++ b/cddl/capabilityDelegation.cddl @@ -0,0 +1,138 @@ +DID-document = { + capabilityDelegation : [1* verificationMethod] +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "^#.+$" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + + + +;;; +; verificationMethod types +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + \ No newline at end of file diff --git a/cddl/capabilityDelegation_example9.cbor b/cddl/capabilityDelegation_example9.cbor new file mode 100644 index 00000000..9e4bd966 --- /dev/null +++ b/cddl/capabilityDelegation_example9.cbor @@ -0,0 +1 @@ +¡tcapabilityDelegation‚¤bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q \ No newline at end of file diff --git a/cddl/capabilityDelegation_example9.json b/cddl/capabilityDelegation_example9.json new file mode 100644 index 00000000..70044eca --- /dev/null +++ b/cddl/capabilityDelegation_example9.json @@ -0,0 +1,10 @@ +{ + "capabilityDelegation": [{ + "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123", + "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg" + }, + "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q" + ] +} \ No newline at end of file diff --git a/cddl/capabilityInvocation.cddl b/cddl/capabilityInvocation.cddl new file mode 100644 index 00000000..ba4a67eb --- /dev/null +++ b/cddl/capabilityInvocation.cddl @@ -0,0 +1,139 @@ +DID-document = { + + capabilityInvocation : [1* verificationMethod] + +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + + +;;; +; verificationMethod types included below for convenience +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/capabilityInvocation_example10.cbor b/cddl/capabilityInvocation_example10.cbor new file mode 100644 index 00000000..a7e21347 --- /dev/null +++ b/cddl/capabilityInvocation_example10.cbor @@ -0,0 +1 @@ +¡tcapabilityInvocation‚¤bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q \ No newline at end of file diff --git a/cddl/capabilityInvocation_example10.json b/cddl/capabilityInvocation_example10.json new file mode 100644 index 00000000..e2dc1de3 --- /dev/null +++ b/cddl/capabilityInvocation_example10.json @@ -0,0 +1,10 @@ +{ + "capabilityInvocation": [{ + "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123", + "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg" + }, + "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q" + ] +} \ No newline at end of file diff --git a/cddl/contentType.cbor b/cddl/contentType.cbor new file mode 100644 index 00000000..e355c532 --- /dev/null +++ b/cddl/contentType.cbor @@ -0,0 +1 @@ +¡lcontent-typewapplication/did+ld+json \ No newline at end of file diff --git a/cddl/contentType.cddl b/cddl/contentType.cddl new file mode 100644 index 00000000..be45d5d8 --- /dev/null +++ b/cddl/contentType.cddl @@ -0,0 +1,3 @@ +did-document-resolution-response = { + "content-type": "application/did+json" / "application/did+ld+json" / "application/did+cbor" / "application/did+dag+cbor" +} \ No newline at end of file diff --git a/cddl/contentType.json b/cddl/contentType.json new file mode 100644 index 00000000..86cf6555 --- /dev/null +++ b/cddl/contentType.json @@ -0,0 +1 @@ +{ "content-type" : "application/did+ld+json" } diff --git a/cddl/context.cddl b/cddl/context.cddl new file mode 100644 index 00000000..3f6d6a0f --- /dev/null +++ b/cddl/context.cddl @@ -0,0 +1,3 @@ +DID-document = { + @context : "https://www.w3.org/ns/did/v1" / [ 32("https://www.w3.org/ns/did/v1"), 1 *uri ] / [ "https://www.w3.org/ns/did/v1", 1* ~uri ] +} diff --git a/cddl/context_example1.cbor b/cddl/context_example1.cbor new file mode 100644 index 00000000..9760b0f3 --- /dev/null +++ b/cddl/context_example1.cbor @@ -0,0 +1 @@ +¡h@context‚xhttps://www.w3.org/ns/did/v1xhttps://w3id.org/security/v1 \ No newline at end of file diff --git a/cddl/context_example1.json b/cddl/context_example1.json new file mode 100644 index 00000000..c63f14ac --- /dev/null +++ b/cddl/context_example1.json @@ -0,0 +1 @@ +{"@context" : "https://www.w3.org/ns/did/v1"} diff --git a/cddl/context_example2.cbor b/cddl/context_example2.cbor new file mode 100644 index 00000000..9760b0f3 --- /dev/null +++ b/cddl/context_example2.cbor @@ -0,0 +1 @@ +¡h@context‚xhttps://www.w3.org/ns/did/v1xhttps://w3id.org/security/v1 \ No newline at end of file diff --git a/cddl/context_example2.json b/cddl/context_example2.json new file mode 100644 index 00000000..1d02f2aa --- /dev/null +++ b/cddl/context_example2.json @@ -0,0 +1 @@ +{"@context" : [ "https://www.w3.org/ns/did/v1" , "https://w3id.org/security/v1" ] } diff --git a/cddl/context_example3.cbor b/cddl/context_example3.cbor new file mode 100644 index 00000000..7fcb27ca --- /dev/null +++ b/cddl/context_example3.cbor @@ -0,0 +1 @@ +¡h@contextƒxhttps://www.w3.org/ns/did/v1xhttps://w3id.org/security/v1vhttps://example.com/v2 \ No newline at end of file diff --git a/cddl/context_example3.json b/cddl/context_example3.json new file mode 100644 index 00000000..0ed6b0a3 --- /dev/null +++ b/cddl/context_example3.json @@ -0,0 +1 @@ +{"@context" : [ "https://www.w3.org/ns/did/v1" , "https://w3id.org/security/v1", "https://example.com/v2" ] } diff --git a/cddl/controller.cddl b/cddl/controller.cddl new file mode 100644 index 00000000..87c69ecd --- /dev/null +++ b/cddl/controller.cddl @@ -0,0 +1,7 @@ +DID-document = { + controller : did / [1*did] +} + + + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" diff --git a/cddl/controller_example3.cbor b/cddl/controller_example3.cbor new file mode 100644 index 00000000..e44e6a34 --- /dev/null +++ b/cddl/controller_example3.cbor @@ -0,0 +1 @@ +¡jcontrollerodid:example:123 \ No newline at end of file diff --git a/cddl/controller_example3.json b/cddl/controller_example3.json new file mode 100644 index 00000000..075adca9 --- /dev/null +++ b/cddl/controller_example3.json @@ -0,0 +1,3 @@ +{ + "controller": "did:example:123" +} diff --git a/cddl/controller_example4.json b/cddl/controller_example4.json new file mode 100644 index 00000000..7e60dde4 --- /dev/null +++ b/cddl/controller_example4.json @@ -0,0 +1,3 @@ +{ + "controller": [ "did:example:123" , "did:example:456" ] +} diff --git a/cddl/created.cddl b/cddl/created.cddl new file mode 100644 index 00000000..629c465a --- /dev/null +++ b/cddl/created.cddl @@ -0,0 +1,3 @@ +did-document-metadata = { + created : text .regexp "\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}Z" +} diff --git a/cddl/created2.cbor b/cddl/created2.cbor new file mode 100644 index 00000000..f135cece --- /dev/null +++ b/cddl/created2.cbor @@ -0,0 +1 @@ +¡gcreatedt2020-10-08T17:00:00Z \ No newline at end of file diff --git a/cddl/created2.json b/cddl/created2.json new file mode 100644 index 00000000..f2892b53 --- /dev/null +++ b/cddl/created2.json @@ -0,0 +1,3 @@ +{ + "created": "2020-10-08T17:00:00Z" +} \ No newline at end of file diff --git a/cddl/created_example1.cbor b/cddl/created_example1.cbor new file mode 100644 index 00000000..81fbedab --- /dev/null +++ b/cddl/created_example1.cbor @@ -0,0 +1 @@ +¡gcreatedt2002-10-10T17:00:00Z \ No newline at end of file diff --git a/cddl/created_example1.json b/cddl/created_example1.json new file mode 100644 index 00000000..181c8117 --- /dev/null +++ b/cddl/created_example1.json @@ -0,0 +1,3 @@ +{ + "created": "2002-10-10T17:00:00Z" +} diff --git a/cddl/datetime.cddl b/cddl/datetime.cddl new file mode 100644 index 00000000..ce251eb3 --- /dev/null +++ b/cddl/datetime.cddl @@ -0,0 +1,3 @@ +datetime = { + created : ~tdate ; this could also be better represented with; text .regexp "\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}Z" +} \ No newline at end of file diff --git a/cddl/did-document-simple.cddl b/cddl/did-document-simple.cddl new file mode 100644 index 00000000..909ca17f --- /dev/null +++ b/cddl/did-document-simple.cddl @@ -0,0 +1,186 @@ +did-document = { + ? "@context" : "https://www.w3.org/ns/did/v1" / ["https://www.w3.org/ns/did/v1", 1*~uri ] + id : did + controller : did / [1*did] + verificationMethod : [ 1* verificationMethod ] ; A public key can be used as a verification method. + ? service : [1* serviceEndpoint ] ; The optional service parameter describes one or more service endpoints. + } + + +;; DID syntax according to did-core specification, see: https://www.w3.org/TR/did-core/#did-syntax. method-name must be registered and match method-name below +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + + +;; DID url syntax including path, query and fragment +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +;; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +;; this is the list of all registered DID methods including `example` for testing +;; did methods are limited to method-name = 1*method-char +; method-name = +; "abt" / "btcr" / "stack" / "erc725" / "example" / "ipid" / +; "life" / "sov" / "uport" / "ethr" / "v1" / "com" / "dom" / +; "ont" / "vvo" / "aergo" / "icon" / "is" / "iwt" / "ockam" / +; "ala" / "op" / "jlinc" / "ion" / "jolo" / "bryk" / "peer" / +; "selfkey" / "meta" / "tys" / "git" / "tangle" / "emtrust" / +; "ttm" / "wlk" / "pistis" / "holo" / "web" / "io" / "vaultie" / +; "moac" / "omn" / "work" / "vid" / "ccp" / "jnctn" / "evan" / +; "elastos" / "kilt" / "elem" / "github" / "bid" / "ptn" / "echo" / +; "trustbloc" / "san" / "gatc" / "factom" / "signor" / "hedera" / +; "sirius" / "dock" / "twit" / "near" / "vaa" / "bba" / "morpheus" / +; "etho" / "bnb" / "celo" / "klay" / "trx" / "grg" / "schema" / "key" + + +;;; +; use +;;; +verificationMethodUseTypes = [ ?"authentication" / ? "assertionMethod" / "keyAgreement" / "capabilityDelegation" / "capabilityInvocation" / "encryption" + + +;;; +; verificationMethod types +;;; + + +publicKey = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyPem" : text ; this could be improved +} + + +publicKeyJwk = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyJwk" : publicKeyEC / publicKeyoct / publicKeyed25519 / publicKeyRSA +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyHex" : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyGpg" : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyBase58" : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + "id" : did-url + "type" : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "ethereumAddress" : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + +publicKeyPem = { + "id" : did-url + "type" : VerificationMethodTypes + "use" : [ 1* verificationMethodUseTypes ] + "controller" : did + "publicKeyPem" : text ; this could be improved +} + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + "crv" : "P-256" / "P-384" / "P-521" + "kty" : "EC" + "x" : text + "y" : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyoct = { + "kty" : "oct" + ? "kid" : text ; this should be the sha256 fingerprint + "alg" : "HS256" / "HS384" / "HS512" + "k" : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + "kty" : "OKP" + "crv" : "Ed25519" + "x" : text .size 32 + "use" : "sig" / "enc" + ? "kid" : text ; should be sha256 fingerprint +} + + + +;;; RSA key type +publicKeyRSA = { + "alg" : "RSA" + "mod" : text ; + "exp" : text ; + ? "kid" : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + + + +serviceEndpoint = { + ? "@content" : ~uri + "id" : did-url + "type" : text + ? "description" : text + "serviceEndpoint" : ~uri +} \ No newline at end of file diff --git a/cddl/did-document.cddl b/cddl/did-document.cddl new file mode 100644 index 00000000..af42f75c --- /dev/null +++ b/cddl/did-document.cddl @@ -0,0 +1,181 @@ +did-document = { + ; representation-specific properties for JSON-LD + ? @context : "https://www.w3.org/ns/did/v1" / ["https://www.w3.org/ns/did/v1", 1*~uri ] ; This MUST be present in JSON-LD. + + ; representation-independent properties + id : did + controller : did / [1*did] + ? verificationMethod : [ 1* verificationMethod ] ; A public key can be used as a verification method. + ? publicKey : [ 1* verificationMethod ] ; A public key can be used as a verification method. + ? authentication : [ 1* verificationMethod ] ; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. + ? assertionMethod : [1* verificationMethod] ; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. + ? keyAgreement : [1* verificationMethod] ; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. + ? capabilityDelegation : [1* verificationMethod] ; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. + ? capabilityInvocation : [1* verificationMethod] ; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. + ? service : [1* serviceEndpoint ] ; The optional service parameter describes one or more service endpoints. + } + + +;; DID syntax according to did-core specification, see: https://www.w3.org/TR/did-core/#did-syntax. method-name must be registered and match method-name below +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + + +;; DID url syntax including path, query and fragment +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +;; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +; this is the list of all registered DID methods including `example` for testing +; did methods are limited to method-name = 1*method-char +; method-name = +; "abt" / "btcr" / "stack" / "erc725" / "example" / "ipid" / +; "life" / "sov" / "uport" / "ethr" / "v1" / "com" / "dom" / +; "ont" / "vvo" / "aergo" / "icon" / "is" / "iwt" / "ockam" / +; "ala" / "op" / "jlinc" / "ion" / "jolo" / "bryk" / "peer" / +; "selfkey" / "meta" / "tys" / "git" / "tangle" / "emtrust" / +; "ttm" / "wlk" / "pistis" / "holo" / "web" / "io" / "vaultie" / +; "moac" / "omn" / "work" / "vid" / "ccp" / "jnctn" / "evan" / +; "elastos" / "kilt" / "elem" / "github" / "bid" / "ptn" / "echo" / +; "trustbloc" / "san" / "gatc" / "factom" / "signor" / "hedera" / +; "sirius" / "dock" / "twit" / "near" / "vaa" / "bba" / "morpheus" / +; "etho" / "bnb" / "celo" / "klay" / "trx" / "grg" / "schema" / "key" + + + +;;; +; verificationMethod types +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + + + +serviceEndpoint = { + ? "@content" : ~uri + id : did-url + type : text + ? description : text + serviceEndpoint : ~uri +} \ No newline at end of file diff --git a/cddl/did-url.cddl b/cddl/did-url.cddl new file mode 100644 index 00000000..53feac59 --- /dev/null +++ b/cddl/did-url.cddl @@ -0,0 +1,4 @@ +; +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)?" + + diff --git a/cddl/did-url_example1.cbor b/cddl/did-url_example1.cbor new file mode 100644 index 00000000..f45a0aa2 --- /dev/null +++ b/cddl/did-url_example1.cbor @@ -0,0 +1 @@ +x†did:example:123?service=files&relative-ref=%2Fmyresume%2Fdoc%3Fversion%3Dlatest%23intro&foo=bar&version-time=2016-10-17T02:41:00Z#id-1 \ No newline at end of file diff --git a/cddl/did-url_example1.json b/cddl/did-url_example1.json new file mode 100644 index 00000000..29836259 --- /dev/null +++ b/cddl/did-url_example1.json @@ -0,0 +1,4 @@ +"did:example:123?service=files&relative-ref=%2Fmyresume%2Fdoc%3Fversion%3Dlatest%23intro&foo=bar&version-time=2016-10-17T02:41:00Z#id-1" + + + diff --git a/cddl/did.cddl b/cddl/did.cddl new file mode 100644 index 00000000..2bd1389e --- /dev/null +++ b/cddl/did.cddl @@ -0,0 +1 @@ +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" \ No newline at end of file diff --git a/cddl/did_example1.cbor b/cddl/did_example1.cbor new file mode 100644 index 00000000..a33aae64 --- /dev/null +++ b/cddl/did_example1.cbor @@ -0,0 +1 @@ +rdid:example:abc123 \ No newline at end of file diff --git a/cddl/did_example1.json b/cddl/did_example1.json new file mode 100644 index 00000000..b7e79349 --- /dev/null +++ b/cddl/did_example1.json @@ -0,0 +1 @@ +"did:example:abc123" diff --git a/cddl/did_example2.cbor b/cddl/did_example2.cbor new file mode 100644 index 00000000..e99034fe --- /dev/null +++ b/cddl/did_example2.cbor @@ -0,0 +1 @@ +x%did:example:lajlajfaifjelfjlieahflahf \ No newline at end of file diff --git a/cddl/did_example2.json b/cddl/did_example2.json new file mode 100644 index 00000000..f642ff2a --- /dev/null +++ b/cddl/did_example2.json @@ -0,0 +1 @@ +"did:example:lajlajfaifjelfjlieahflahf" diff --git a/cddl/error.cddl b/cddl/error.cddl new file mode 100644 index 00000000..0bacfcba --- /dev/null +++ b/cddl/error.cddl @@ -0,0 +1,3 @@ +did-document-resolution-response = { + error : text ; metadata property response codes not yet determined +} \ No newline at end of file diff --git a/cddl/error_example1.json b/cddl/error_example1.json new file mode 100644 index 00000000..ca527afa --- /dev/null +++ b/cddl/error_example1.json @@ -0,0 +1,3 @@ +{ + "error": "not-found" +} diff --git a/cddl/ethereumAddress.cddl b/cddl/ethereumAddress.cddl new file mode 100644 index 00000000..29ed2052 --- /dev/null +++ b/cddl/ethereumAddress.cddl @@ -0,0 +1,14 @@ +verificationMethod = { + id : did-url + controller : did / [1* did] + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + + diff --git a/cddl/ethereumAddress_example12.cbor b/cddl/ethereumAddress_example12.cbor new file mode 100644 index 00000000..c41fee25 --- /dev/null +++ b/cddl/ethereumAddress_example12.cbor @@ -0,0 +1 @@ +¤bidtdid:example:123#vm-3dtypex EcdsaSecp256k1RecoveryMethod2020jcontrollerodid:example:123oethereumAddressx*0xF3beAC30C498D9E26865F34fCAa57dBB935b0D74 \ No newline at end of file diff --git a/cddl/ethereumAddress_example12.json b/cddl/ethereumAddress_example12.json new file mode 100644 index 00000000..83ccb1f3 --- /dev/null +++ b/cddl/ethereumAddress_example12.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123#vm-3", + "controller": "did:example:123", + "type": "EcdsaSecp256k1RecoveryMethod2020", + "ethereumAddress": "0xF3beAC30C498D9E26865F34fCAa57dBB935b0D74" + } \ No newline at end of file diff --git a/cddl/hl_query_parameter.cddl b/cddl/hl_query_parameter.cddl new file mode 100644 index 00000000..0a842218 --- /dev/null +++ b/cddl/hl_query_parameter.cddl @@ -0,0 +1,2 @@ +;; captured by hl_query_parameter group +hl_query_parameter = text .regexp "did\\:[A-Za-z0-9]+\\:[A-Za-z0-9\\.\\-\\:\\_]+\\/?(?[A-Za-z0-9\\/]+)?\\?|\\&(?hl\\=[A-Za-z0-9]+)\\&?[A-Za-z0-9]+\\#[A-Za-z0-9\\-\\_]+" diff --git a/cddl/hl_query_parameter_example1.cbor b/cddl/hl_query_parameter_example1.cbor new file mode 100644 index 00000000..94e379a2 --- /dev/null +++ b/cddl/hl_query_parameter_example1.cbor @@ -0,0 +1 @@ +xBdid:example:123?hl=zQmWvQxTqbG2Z9HPJgG57jjwR154cKhbtJenbyYTWkjgF3e \ No newline at end of file diff --git a/cddl/hl_query_parameter_example1.json b/cddl/hl_query_parameter_example1.json new file mode 100644 index 00000000..0db70ac0 --- /dev/null +++ b/cddl/hl_query_parameter_example1.json @@ -0,0 +1 @@ +"did:example:123?hl=zQmWvQxTqbG2Z9HPJgG57jjwR154cKhbtJenbyYTWkjgF3e" \ No newline at end of file diff --git a/cddl/hl_query_parameter_example2.cbor b/cddl/hl_query_parameter_example2.cbor new file mode 100644 index 00000000..b0fc5abc --- /dev/null +++ b/cddl/hl_query_parameter_example2.cbor @@ -0,0 +1 @@ +xjdid:example:123/example/path?bar=foo&hl=zQmWvQxTqbG2Z9HPJgG57jjwR154cKhbtJenbyYTWkjgF3e&foo=bar#key-id=123 \ No newline at end of file diff --git a/cddl/hl_query_parameter_example2.json b/cddl/hl_query_parameter_example2.json new file mode 100644 index 00000000..12d2c082 --- /dev/null +++ b/cddl/hl_query_parameter_example2.json @@ -0,0 +1 @@ +"did:example:123/example/path?bar=foo&hl=zQmWvQxTqbG2Z9HPJgG57jjwR154cKhbtJenbyYTWkjgF3e&foo=bar#key-id=123" \ No newline at end of file diff --git a/cddl/id.cddl b/cddl/id.cddl new file mode 100644 index 00000000..c9f1dc0b --- /dev/null +++ b/cddl/id.cddl @@ -0,0 +1,6 @@ +DID-document = { + "id" : did +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + diff --git a/cddl/id_example2.cbor b/cddl/id_example2.cbor new file mode 100644 index 00000000..e08cd4ba --- /dev/null +++ b/cddl/id_example2.cbor @@ -0,0 +1 @@ +¡bidodid:ipid:abc123 \ No newline at end of file diff --git a/cddl/id_example2.json b/cddl/id_example2.json new file mode 100644 index 00000000..2bff7c96 --- /dev/null +++ b/cddl/id_example2.json @@ -0,0 +1 @@ +{ "id" : "did:ipid:abc123" } diff --git a/cddl/keyAgreement.cddl b/cddl/keyAgreement.cddl new file mode 100644 index 00000000..f7eff835 --- /dev/null +++ b/cddl/keyAgreement.cddl @@ -0,0 +1,136 @@ +DID-document = { + keyAgreement : [ 1* verificationMethod ] +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +;; The associated value MUST be an ordered set of one or more verification methods. Each verification method MAY be embedded or referenced. +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + +;;; +; verificationMethod types +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/keyAgreement_example11.cbor b/cddl/keyAgreement_example11.cbor new file mode 100644 index 00000000..722ce2ae --- /dev/null +++ b/cddl/keyAgreement_example11.cbor @@ -0,0 +1 @@ +¡lkeyAgreement¤bidx>did:example:123#zC9ByQ8aJs8vrNXyDhPHHNNMSHPcaSgNpjjsBYpMMjsTdSdtypexX25519KeyAgreementKey2019jcontrollerodid:example:123opublicKeyBase58x,9hFgmPVfmBZwRvFEyniQDBkz9LmV7gDEqytWyGZLmDXE \ No newline at end of file diff --git a/cddl/keyAgreement_example11.json b/cddl/keyAgreement_example11.json new file mode 100644 index 00000000..34e50088 --- /dev/null +++ b/cddl/keyAgreement_example11.json @@ -0,0 +1,10 @@ +{ + "keyAgreement": [ + { + "id": "did:example:123#zC9ByQ8aJs8vrNXyDhPHHNNMSHPcaSgNpjjsBYpMMjsTdS", + "type": "X25519KeyAgreementKey2019", + "controller": "did:example:123", + "publicKeyBase58": "9hFgmPVfmBZwRvFEyniQDBkz9LmV7gDEqytWyGZLmDXE" + } + ] +} \ No newline at end of file diff --git a/cddl/method-name.cddl b/cddl/method-name.cddl new file mode 100644 index 00000000..79a3cbb9 --- /dev/null +++ b/cddl/method-name.cddl @@ -0,0 +1,12 @@ +method-name = + "abt" / "btcr" / "stack" / "erc725" / "example" / "ipid" / + "life" / "sov" / "uport" / "ethr" / "v1" / "com" / "dom" / + "ont" / "vvo" / "aergo" / "icon" / "is" / "iwt" / "ockam" / + "ala" / "op" / "jlinc" / "ion" / "jolo" / "bryk" / "peer" / + "selfkey" / "meta" / "tys" / "git" / "tangle" / "emtrust" / + "ttm" / "wlk" / "pistis" / "holo" / "web" / "io" / "vaultie" / + "moac" / "omn" / "work" / "vid" / "ccp" / "jnctn" / "evan" / + "elastos" / "kilt" / "elem" / "github" / "bid" / "ptn" / "echo" / + "trustbloc" / "san" / "gatc" / "factom" / "signor" / "hedera" / + "sirius" / "dock" / "twit" / "near" / "vaa" / "bba" / "morpheus" / + "etho" / "bnb" / "celo" / "klay" / "trx" / "grg" / "schema" / "key" diff --git a/cddl/publicKey.cddl b/cddl/publicKey.cddl new file mode 100644 index 00000000..30a41d6e --- /dev/null +++ b/cddl/publicKey.cddl @@ -0,0 +1,136 @@ +DID-document = { + publicKey : [ 1* verificationMethod ] +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +;;; +; verificationMethod types +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/publicKeyBase58.cddl b/cddl/publicKeyBase58.cddl new file mode 100644 index 00000000..a6795dc8 --- /dev/null +++ b/cddl/publicKeyBase58.cddl @@ -0,0 +1,26 @@ +verificationMethod = { + id : did-url + type : VerificationMethodTypes + controller : did / [ 1* did ] + publicKeyBase58 : text .regexp "[123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]+" ; only allows for base58 representations, so no 0, O, I, l +} + + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)" + + + +; current list of all registered Verification Method types +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/publicKeyBase58_example.cbor b/cddl/publicKeyBase58_example.cbor new file mode 100644 index 00000000..9ca18c57 --- /dev/null +++ b/cddl/publicKeyBase58_example.cbor @@ -0,0 +1 @@ +¤bidx%did:example:123456789abcdefghi#keys-1dtypexEd25519VerificationKey2018jcontrollerxdid:example:123456789abcdefghiopublicKeyBase58x,H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV \ No newline at end of file diff --git a/cddl/publicKeyBase58_example.json b/cddl/publicKeyBase58_example.json new file mode 100644 index 00000000..ca51efed --- /dev/null +++ b/cddl/publicKeyBase58_example.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123456789abcdefghi#keys-1", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123456789abcdefghi", + "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" + } diff --git a/cddl/publicKeyGpg.cddl b/cddl/publicKeyGpg.cddl new file mode 100644 index 00000000..e301a5a5 --- /dev/null +++ b/cddl/publicKeyGpg.cddl @@ -0,0 +1,26 @@ +verificationMethod = { + id : did-url + type : VerificationMethodTypes + controller : did / [ 1* did ] + publicKeyGpg : text .regexp "-----BEGIN PGP PUBLIC KEY BLOCK-----.*-----END PGP PUBLIC KEY BLOCK-----" ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)" + + + +; current list of all registered Verification Method types +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/publicKeyGpg_example18.cbor b/cddl/publicKeyGpg_example18.cbor new file mode 100644 index 00000000..584f5f72 --- /dev/null +++ b/cddl/publicKeyGpg_example18.cbor @@ -0,0 +1 @@ +¤bidx8did:example:123#989ed1057a294c8a3665add842e784c4d08de1e2dtypevGpgVerificationKey2020jcontrollerodid:example:123lpublicKeyGpgxÒ-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: OpenPGP.js v4.9.0\nComment: https://openpgpjs.org\nxjMEXkm5LRYJKwYBBAHaRw8BAQdASmfrjYr7vrjwHNiBsdcImK397Vc3t4BLE8rnNv6Dw===wSoi\n-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/cddl/publicKeyGpg_example18.json b/cddl/publicKeyGpg_example18.json new file mode 100644 index 00000000..21a16fa2 --- /dev/null +++ b/cddl/publicKeyGpg_example18.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123#989ed1057a294c8a3665add842e784c4d08de1e2", + "type": "GpgVerificationKey2020", + "controller": "did:example:123", + "publicKeyGpg": "-----BEGIN PGP PUBLIC KEY BLOCK-----\\nVersion: OpenPGP.js v4.9.0\\nComment: https://openpgpjs.org\\nxjMEXkm5LRYJKwYBBAHaRw8BAQdASmfrjYr7vrjwHNiBsdcImK397Vc3t4BLE8rnNv6Dw===wSoi\\n-----END PGP PUBLIC KEY BLOCK-----" + } diff --git a/cddl/publicKeyHex.cddl b/cddl/publicKeyHex.cddl new file mode 100644 index 00000000..bdbb5c70 --- /dev/null +++ b/cddl/publicKeyHex.cddl @@ -0,0 +1,25 @@ +verificationMethod = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + \ No newline at end of file diff --git a/cddl/publicKeyHex_example13.cbor b/cddl/publicKeyHex_example13.cbor new file mode 100644 index 00000000..7394d1b7 --- /dev/null +++ b/cddl/publicKeyHex_example13.cbor @@ -0,0 +1 @@ +¤bidtdid:example:123#vm-2dtypex EcdsaSecp256k1RecoveryMethod2020jcontrollerodid:example:123lpublicKeyHexxB027560af3387d375e3342a6968179ef3c6d04f5d33b2b611cf326d4708badd7770 \ No newline at end of file diff --git a/cddl/publicKeyHex_example13.json b/cddl/publicKeyHex_example13.json new file mode 100644 index 00000000..1b9f9314 --- /dev/null +++ b/cddl/publicKeyHex_example13.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123#vm-2", + "controller": "did:example:123", + "type": "EcdsaSecp256k1RecoveryMethod2020", + "publicKeyHex": "027560af3387d375e3342a6968179ef3c6d04f5d33b2b611cf326d4708badd7770" + } \ No newline at end of file diff --git a/cddl/publicKeyJwk.cddl b/cddl/publicKeyJwk.cddl new file mode 100644 index 00000000..76b4e2e7 --- /dev/null +++ b/cddl/publicKeyJwk.cddl @@ -0,0 +1,73 @@ +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did / [ 1* did ] + publicKeyJwk : publicKeyEC / publicKeyoct / publicKeyed25519 / publicKeyRSA + +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyoct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + + + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + \ No newline at end of file diff --git a/cddl/publicKeyJwk_example14.cbor b/cddl/publicKeyJwk_example14.cbor new file mode 100644 index 00000000..20bba58f --- /dev/null +++ b/cddl/publicKeyJwk_example14.cbor @@ -0,0 +1 @@ +¤bidx;did:example:123#_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkwdtypenJsonWebKey2020jcontrollerodid:example:123lpublicKeyJwk¥axx+38M1FDts7Oea7urmseiugGW7tWc3mLpJh6rKe7xINZ8ayx+nDQW6XZ7b_u2Sy9slofYLlG03sOEoug3I0aAPQ0exs4ccrveP-256ckidx+_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkwcktybEC \ No newline at end of file diff --git a/cddl/publicKeyJwk_example14.json b/cddl/publicKeyJwk_example14.json new file mode 100644 index 00000000..fdee50ae --- /dev/null +++ b/cddl/publicKeyJwk_example14.json @@ -0,0 +1,12 @@ +{ + "id": "did:example:123#_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkw", + "type": "JsonWebKey2020", + "controller": "did:example:123", + "publicKeyJwk": { + "crv": "P-256", + "x": "38M1FDts7Oea7urmseiugGW7tWc3mLpJh6rKe7xINZ8", + "y": "nDQW6XZ7b_u2Sy9slofYLlG03sOEoug3I0aAPQ0exs4", + "kty": "EC", + "kid": "_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkw" + } +} diff --git a/cddl/publicKeyJwk_example14b.cbor b/cddl/publicKeyJwk_example14b.cbor new file mode 100644 index 00000000..1c7b0b55 --- /dev/null +++ b/cddl/publicKeyJwk_example14b.cbor @@ -0,0 +1 @@ +¤bidtdid:r2:YPRm/k3e3#vwydtypex!EcdsaSecp256k1VerificationKey2019jcontrollerkdid:MuGg:4JlpublicKeyJwk¤axnpleurapophysisayhscaleletccrveP-256cktybEC \ No newline at end of file diff --git a/cddl/publicKeyJwk_example14b.json b/cddl/publicKeyJwk_example14b.json new file mode 100644 index 00000000..b53299ac --- /dev/null +++ b/cddl/publicKeyJwk_example14b.json @@ -0,0 +1 @@ +{"id": "did:r2:YPRm/k3e3#vwy", "type": "EcdsaSecp256k1VerificationKey2019", "controller": "did:MuGg:4J", "publicKeyJwk": {"crv": "P-256", "kty": "EC", "x": "pleurapophysis", "y": "scalelet"}} diff --git a/cddl/publicKeyMultiformat.cddl b/cddl/publicKeyMultiformat.cddl new file mode 100644 index 00000000..9c8496b5 --- /dev/null +++ b/cddl/publicKeyMultiformat.cddl @@ -0,0 +1,36 @@ +publicKeyMultiformat = { + id: did-url + type: VerificationMethodTypes + controller: did / [1*did ] + publicKeyMulticodec : #6.42(bstr) / linkedCID / inlineCID + } + +linkedCID = { + "/" : text ; ideally this should be more constrained and builds on CIDs type +} + +inlineCID = text ; ideally this should be more constrained and builds on CIDs type + + +;; DID syntax according to did-core specification, see: https://www.w3.org/TR/did-core/#did-syntax. method-name must be registered and match method-name below +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + + +;; DID url syntax including path, query and fragment +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + + diff --git a/cddl/publicKeyMultiformat_example1.cbor b/cddl/publicKeyMultiformat_example1.cbor new file mode 100644 index 00000000..ea75c720 Binary files /dev/null and b/cddl/publicKeyMultiformat_example1.cbor differ diff --git a/cddl/publicKeyMultiformat_example1.json b/cddl/publicKeyMultiformat_example1.json new file mode 100644 index 00000000..c5c6ef6c --- /dev/null +++ b/cddl/publicKeyMultiformat_example1.json @@ -0,0 +1,8 @@ +{ + "id": "did:example:123456789abcdefghi#keys-1", + "type":"Ed25519VerificationKey2018", + "controller": "did:key:z6Mkf5rGMoatrSj1f4CyvuHBeXJELe9RPdzo2PKGNCKVtZxP", + "publicKeyMulticodec": { + "/" : "bafyreidykglsfhoixmivffc5uwhcgshx4j465xwqntbmu43nb2dzqwfvae" + } +} \ No newline at end of file diff --git a/cddl/publicKeyMultiformat_example2.cbor b/cddl/publicKeyMultiformat_example2.cbor new file mode 100644 index 00000000..4d242709 --- /dev/null +++ b/cddl/publicKeyMultiformat_example2.cbor @@ -0,0 +1 @@ +¤bidx%did:example:123456789abcdefghi#keys-1dtypexEd25519VerificationKey2018jcontrollerx8did:key:z6Mkf5rGMoatrSj1f4CyvuHBeXJELe9RPdzo2PKGNCKVtZxPspublicKeyMulticodecx;bafyreidykglsfhoixmivffc5uwhcgshx4j465xwqntbmu43nb2dzqwfvae \ No newline at end of file diff --git a/cddl/publicKeyMultiformat_example2.json b/cddl/publicKeyMultiformat_example2.json new file mode 100644 index 00000000..7c10736d --- /dev/null +++ b/cddl/publicKeyMultiformat_example2.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123456789abcdefghi#keys-1", + "type":"Ed25519VerificationKey2018", + "controller": "did:key:z6Mkf5rGMoatrSj1f4CyvuHBeXJELe9RPdzo2PKGNCKVtZxP", + "publicKeyMulticodec": "bafyreidykglsfhoixmivffc5uwhcgshx4j465xwqntbmu43nb2dzqwfvae" +} \ No newline at end of file diff --git a/cddl/publicKeyPem.cddl b/cddl/publicKeyPem.cddl new file mode 100644 index 00000000..e2b46540 --- /dev/null +++ b/cddl/publicKeyPem.cddl @@ -0,0 +1,24 @@ +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text .regexp "-----BEGIN PUBLIC KEY-----\\n.*\\n-----END PUBLIC KEY-----\\n?" ; this could be improved +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" + diff --git a/cddl/publicKeyPem_example.cbor b/cddl/publicKeyPem_example.cbor new file mode 100644 index 00000000..f8ee2087 --- /dev/null +++ b/cddl/publicKeyPem_example.cbor @@ -0,0 +1,3 @@ +¤bidtdid:example:123#vm-2dtypevRsaVerificationKey2018jcontrollerodid:example:123lpublicKeyPemxD-----BEGIN PUBLIC KEY----- +MIIBG0BAOClDQAB +-----END PUBLIC KEY----- diff --git a/cddl/publicKeyPem_example.json b/cddl/publicKeyPem_example.json new file mode 100644 index 00000000..cef5a3e2 --- /dev/null +++ b/cddl/publicKeyPem_example.json @@ -0,0 +1,6 @@ +{ + "id": "did:example:123#vm-2", + "controller": "did:example:123", + "type": "RsaVerificationKey2018", + "publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIIBG0BAOClDQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/cddl/publicKey_example1.cbor b/cddl/publicKey_example1.cbor new file mode 100644 index 00000000..7b6f35d0 --- /dev/null +++ b/cddl/publicKey_example1.cbor @@ -0,0 +1 @@ +¡ipublicKey„x%did:example:123456789abcdefghi#keys-1¤bidx$did:example:123456789abcdefghi#key-1dtypex#SchnorrSecp256k1VerificationKey2019jcontrollerx did:example:123456789abcdefghijkopublicKeyBase58x,H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV¤bidxdid:example:123456789abcdefghidtypexEd25519VerificationKey2018jcontrollerxdid:example:123456789abcdefghilpublicKeyJwk£akx yRnYf2JWv3QFnKwYlgv1ztrxiP43AL0fcalgeHS256cktycoct¤bidxdid:example:123456789abcdefghidtypex EcdsaSecp256k1RecoveryMethod2020jcontrollerxdid:example:123456789abcdefghioethereumAddressx*0x0137639710732B2B30bD70dDb89c35e794038062 \ No newline at end of file diff --git a/cddl/publicKey_example1.json b/cddl/publicKey_example1.json new file mode 100644 index 00000000..494790a5 --- /dev/null +++ b/cddl/publicKey_example1.json @@ -0,0 +1,26 @@ +{"publicKey": [ + "did:example:123456789abcdefghi#keys-1", + { + "id": "did:example:123456789abcdefghi#key-1", + "type": "SchnorrSecp256k1VerificationKey2019", + "controller": "did:example:123456789abcdefghijk", + "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" + }, + { + "id": "did:example:123456789abcdefghi", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123456789abcdefghi", + "publicKeyJwk": { + "kty": "oct", + "alg": "HS256", + "k": "yRnYf2JWv3QFnKwYlgv1ztrxiP43AL0f" + } + }, + { + "id" : "did:example:123456789abcdefghi" , + "type": "EcdsaSecp256k1RecoveryMethod2020", + "controller" : "did:example:123456789abcdefghi", + "ethereumAddress" : "0x0137639710732B2B30bD70dDb89c35e794038062" + } + ] +} \ No newline at end of file diff --git a/cddl/service.cddl b/cddl/service.cddl new file mode 100644 index 00000000..e3810ebd --- /dev/null +++ b/cddl/service.cddl @@ -0,0 +1,25 @@ +did-document = { + service : [1* serviceEndpoint ] + +} + +serviceEndpoint = { + ; representation-specific properties for JSON-LD + ? "@content" : ~uri ; this is an active area of debate if this belongs here + + ; representation-independent properties + id : did-url + type : text + ? description : text + serviceEndpoint : ~uri / uri +} + + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-\\_]+)" + + + + + + + diff --git a/cddl/serviceEndpoint.cddl b/cddl/serviceEndpoint.cddl new file mode 100644 index 00000000..8b8b3ac2 --- /dev/null +++ b/cddl/serviceEndpoint.cddl @@ -0,0 +1 @@ +serviceEndpoint = ~uri / uri diff --git a/cddl/serviceEndpoint_example1.cbor b/cddl/serviceEndpoint_example1.cbor new file mode 100644 index 00000000..67400796 --- /dev/null +++ b/cddl/serviceEndpoint_example1.cbor @@ -0,0 +1 @@ +x.https://repository.example.com/service/8377464 \ No newline at end of file diff --git a/cddl/serviceEndpoint_example1.json b/cddl/serviceEndpoint_example1.json new file mode 100644 index 00000000..64e74007 --- /dev/null +++ b/cddl/serviceEndpoint_example1.json @@ -0,0 +1 @@ +"https://repository.example.com/service/8377464" diff --git a/cddl/service_example1.cbor b/cddl/service_example1.cbor new file mode 100644 index 00000000..a7e4e9d4 --- /dev/null +++ b/cddl/service_example1.cbor @@ -0,0 +1 @@ +¡gservice¤bidx"did:example:123456789abcdefghi#vcsdtypexVerifiableCredentialServicekdescriptionx$This is an example service endpoint!oserviceEndpointwhttps://example.com/vc/ \ No newline at end of file diff --git a/cddl/service_example1.json b/cddl/service_example1.json new file mode 100644 index 00000000..afabbd94 --- /dev/null +++ b/cddl/service_example1.json @@ -0,0 +1,9 @@ +{ + "service" : [ { + "id":"did:example:123456789abcdefghi#vcs", + "type": "VerifiableCredentialService", + "description" : "This is an example service endpoint!", + "serviceEndpoint": "https://example.com/vc/" + }] + + } diff --git a/cddl/updated.cbor b/cddl/updated.cbor new file mode 100644 index 00000000..d3f37e52 --- /dev/null +++ b/cddl/updated.cbor @@ -0,0 +1 @@ +¡gupdatedt2002-10-10T17:00:00Z \ No newline at end of file diff --git a/cddl/updated.cddl b/cddl/updated.cddl new file mode 100644 index 00000000..239580c5 --- /dev/null +++ b/cddl/updated.cddl @@ -0,0 +1,3 @@ +did-document-metadata = { + updated : text .regexp "\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}Z" +} diff --git a/cddl/updated.json b/cddl/updated.json new file mode 100644 index 00000000..adfd8278 --- /dev/null +++ b/cddl/updated.json @@ -0,0 +1,3 @@ +{ + "updated": "2002-10-10T17:00:00Z" +} diff --git a/cddl/uri.cddl b/cddl/uri.cddl new file mode 100644 index 00000000..729de18b --- /dev/null +++ b/cddl/uri.cddl @@ -0,0 +1,3 @@ +example_uri = { + "hello" : uri / ~uri +} \ No newline at end of file diff --git a/cddl/uri_example1.cbor b/cddl/uri_example1.cbor new file mode 100644 index 00000000..d4b7a810 --- /dev/null +++ b/cddl/uri_example1.cbor @@ -0,0 +1 @@ +¡ehellorhttp://example.com \ No newline at end of file diff --git a/cddl/uri_example1.json b/cddl/uri_example1.json new file mode 100644 index 00000000..c928285f --- /dev/null +++ b/cddl/uri_example1.json @@ -0,0 +1,3 @@ +{ + "hello" : "http://example.com" +} \ No newline at end of file diff --git a/cddl/uri_example2.cbor b/cddl/uri_example2.cbor new file mode 100644 index 00000000..8211b06f --- /dev/null +++ b/cddl/uri_example2.cbor @@ -0,0 +1 @@ +¡ehelloØ rhttp://example.com \ No newline at end of file diff --git a/cddl/uri_example2.hex b/cddl/uri_example2.hex new file mode 100644 index 00000000..09176789 --- /dev/null +++ b/cddl/uri_example2.hex @@ -0,0 +1 @@ +A16568656C6C6FD82072687474703A2F2F6578616D706C652E636F6D diff --git a/cddl/verificationMethod.cddl b/cddl/verificationMethod.cddl new file mode 100644 index 00000000..6d23f783 --- /dev/null +++ b/cddl/verificationMethod.cddl @@ -0,0 +1,135 @@ +DID-document = { + verificationMethod : [ 1* verificationMethod ] +} + +did = text .regexp "did\\:(?[A-Za-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)" + +did-url = text .regexp "did\\:(?[a-z0-9]+)\\:(?[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?[A-Za-z0-9\\/]+)\\??(?[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?[A-Za-z0-9\\-]+)?" + +;; base URI value is the DID that is associated with the DID subject +relative-did-url = text .regexp "#.+" ; fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1` + +verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey + + +;;; +; verificationMethod types +;;; + +publicKeyJwk = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA + +} + + +;;; public key Hex is a type of verification method with public key encoded as base16 +publicKeyHex = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyHex : text .regexp "[a-zA-F0-9]+" ; only allows for hexadecimal representations +} + + +publicKeyGpg = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyGpg : text ; This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK +} + +;;; public key Hex is a type of verification method with the public key encoded as base58 +publicKeyBase58 = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyBase58 : text .regexp "[a-zA-Z0-9]+" ; only allows for base58 representations +} + + +;;; ethereeum address is a type of verification method with ethereum address as public key information +ethereumAddress = { + id : did-url + type : "EcdsaSecp256k1RecoveryMethod2020" ; this is the only type known for ethereum address + controller : did + ethereumAddress : text .regexp "0x[a-zA-F0-9]{40,40}" ; only allows for hexadecimal representations +} + + + +;;; +; below is a partial list of properties of various well-known JWK public key types. +; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion +; additional constraints are necessary to finalize the data definition all all JWK types +; below is a partial list of properties of various well-known JWK public key types. +;;;; + + +;;; +publicKeyEC = { + crv : "P-256" / "P-384" / "P-521" + kty : "EC" + x : text + y : text + ? "kid" : text ; should be sha256 fingerprint +} + + +;;; Octet sequence key for representing secret keys +publicKeyOct = { + kty : "oct" + ? kid : text ; this should be the sha256 fingerprint + alg : "HS256" / "HS384" / "HS512" + k : text .size 32 ; for shared secret +} + + +;; Octet key pair key like ed25519 +publicKeyed25519 = { + kty : "OKP" + crv : "Ed25519" + x : text .size 32 + use : "sig" / "enc" + ? kid : text ; should be sha256 fingerprint +} + +publicKey = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved + +} + +publicKeyPem = { + id : did-url + type : VerificationMethodTypes + controller : did + publicKeyPem : text ; this could be improved +} + +;;; RSA key type +publicKeyRSA = { + alg : "RSA" + mod : text ; + exp : text ; + ? kid : text ; should be sha256 fingerprint +} + + +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + \ No newline at end of file diff --git a/cddl/verificationMethodTypes.cddl b/cddl/verificationMethodTypes.cddl new file mode 100644 index 00000000..b6945871 --- /dev/null +++ b/cddl/verificationMethodTypes.cddl @@ -0,0 +1,13 @@ +; current list of all registered Verification Method classes +; These are classes not a properties - in other words, use them for the value of type in a verification method object. +VerificationMethodTypes = + "JsonWebKey2020" / + "Ed25519VerificationKey2018" / + "EcdsaSecp256k1VerificationKey2019" / + "SchnorrSecp256k1VerificationKey2019" / + "Ed25519VerificationKey2018" / + "GpgVerificationKey2020" / + "RsaVerificationKey2018" / + "X25519KeyAgreementKey2019" / + "EcdsaSecp256k1RecoveryMethod2020" + diff --git a/cddl/verificationMethod_example.cbor b/cddl/verificationMethod_example.cbor new file mode 100644 index 00000000..1899fa33 --- /dev/null +++ b/cddl/verificationMethod_example.cbor @@ -0,0 +1 @@ +¡rverificationMethod„x%did:example:123456789abcdefghi#keys-1¤bidx$did:example:123456789abcdefghi#key-1dtypex#SchnorrSecp256k1VerificationKey2019jcontrollerx did:example:123456789abcdefghijkopublicKeyBase58x,H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV¤bidxdid:example:123456789abcdefghidtypexEd25519VerificationKey2018jcontrollerxdid:example:123456789abcdefghilpublicKeyJwk£akx yRnYf2JWv3QFnKwYlgv1ztrxiP43AL0fcalgeHS256cktycoct¤bidxdid:example:123456789abcdefghidtypex EcdsaSecp256k1RecoveryMethod2020jcontrollerxdid:example:123456789abcdefghioethereumAddressx*0x0137639710732B2B30bD70dDb89c35e794038062 \ No newline at end of file diff --git a/cddl/verificationMethod_example.json b/cddl/verificationMethod_example.json new file mode 100644 index 00000000..f5bcd283 --- /dev/null +++ b/cddl/verificationMethod_example.json @@ -0,0 +1,26 @@ +{"verificationMethod": [ + "did:example:123456789abcdefghi#keys-1", + { + "id": "did:example:123456789abcdefghi#key-1", + "type": "SchnorrSecp256k1VerificationKey2019", + "controller": "did:example:123456789abcdefghijk", + "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" + }, + { + "id": "did:example:123456789abcdefghi", + "type": "Ed25519VerificationKey2018", + "controller": "did:example:123456789abcdefghi", + "publicKeyJwk": { + "kty": "oct", + "alg": "HS256", + "k": "yRnYf2JWv3QFnKwYlgv1ztrxiP43AL0f" + } + }, + { + "id" : "did:example:123456789abcdefghi" , + "type": "EcdsaSecp256k1RecoveryMethod2020", + "controller" : "did:example:123456789abcdefghi", + "ethereumAddress" : "0x0137639710732B2B30bD70dDb89c35e794038062" + } + ] +} \ No newline at end of file diff --git a/cddl/version-time.cddl b/cddl/version-time.cddl new file mode 100644 index 00000000..e694810a --- /dev/null +++ b/cddl/version-time.cddl @@ -0,0 +1 @@ +version-time = text .regexp "^version-time=(?\\d{4}\\-\\d{2}\\-\\d{2}T\\d{2}\\:\\d{2}\\:\\d{2}Z)$" \ No newline at end of file diff --git a/cddl/version-time_example1.cbor b/cddl/version-time_example1.cbor new file mode 100644 index 00000000..2deb41b0 --- /dev/null +++ b/cddl/version-time_example1.cbor @@ -0,0 +1 @@ +x!version-time=2016-10-17T02:41:00Z \ No newline at end of file diff --git a/cddl/version-time_example1.json b/cddl/version-time_example1.json new file mode 100644 index 00000000..fa64961f --- /dev/null +++ b/cddl/version-time_example1.json @@ -0,0 +1 @@ +"version-time=2016-10-17T02:41:00Z" \ No newline at end of file diff --git a/index.html b/index.html index dabdff31..e8e880d6 100644 --- a/index.html +++ b/index.html @@ -75,7 +75,8 @@ company: "Digital Bazaar", companyURL: "https://digitalbazaar.com/", w3cid: 41758 - }] + } + ] };