didery Documentation¶
Cryptographic key management is a challenging problem for the blockchain community. To address this problem, we have developed a decentralized key management toolkit called Didery which is designed to manage decentralized identifiers (DIDs). DIDs, as a W3C specification, have the potential to eventually supplant URLs as the main identifier in Web 3.0 applications. Didery implements ideas found in the paper titled “Decentralized Autonomic Data (DAD) and the three R’s of Key Management” presented at the Rebooting the Web of Trust spring 2018 conference. Didery will improve the management, security, and user experience of anyone handling the cryptographic keys associated with DIDs. The initial release of Didery provides two main services, a key pre-rotation service and a one-time pad encrypted storage service. Pre-rotation enables creation/rotation/revocation of key rotation histories for the key pairs associated with a root DID. The service may be run as a rotation history service or as a set of redundant public servers. It also provides support for one-time pad encrypted private keys for recovery that works with the associated SeedQuest 3D key recovery mnemonic. The Didery toolkit is open-source with JavaScript and Python client SDKs for interacting with Didery servers. Didery helps simplify key management.
The project is built on the open source ioflo framework and also utilizes click, and lmdb on the back end. The frontend is built with Transcrypt and mithril.js.
- Getting Started
- API
- Public API
- Signature Header
- Signature Schemes
- Key Revocation
- Replay Attack Prevention
- Errors
- Key Rotation History
- Add Rotation History (POST)
- Rotation Event (PUT)
- Get Rotation History (GET)
- Get All Rotation Histories (GET)
- Delete Rotation History (DELETE)
- OTP Encrypted Private Key Store
- Add OTP Encrypted Key (POST)
- Update OTP Encrypted Key (PUT)
- Get Encrypted Key (GET)
- Get All Encrypted Keys (GET)
- Delete OTP Encrypted Key (DELETE)
- Management API
- Public API
- Frontend
- Decentralized Autonomic Data (DAD) and the three R’s of Key Management