zkMe Dochub
GitHubTwitterDiscord
  • zkMe Network
  • Learn about zkMe Network
    • Introduction
    • Try a Demo
    • High Level Architectural Overview
      • High Level User Stories
      • zkMe Protocol Components
        • zkMe zkVault
        • zkMe DID Method
        • zkMe Credential Suites
        • zkMe Self-Sovereign Identity
    • Vision, Mission & Design Philosophy
    • Value Propositions & Use Cases
  • Verify with zkMe Protocol
    • Integration Checklist
      • zkMe Dashboard Setup
      • zkMe Supported Chains Overview
      • zkMe Protocol Smart Contract
    • Integration Guide
      • JavaScript SDK
        • zkKYC - Compliance Suite
        • MeID - Anti-Sybil Suite
        • Me - Profiling Suite
      • zkMe API
        • zkKYC - Compliance Suite
          • Verify zkKYC Status
          • Get KYT Results
      • Platform Integration
        • QuestN Integration
      • Smart Contract Verification
        • Compliance Suite
      • Customize Widget UI
    • zkKYC - Compliance Suite
      • zkMe zkKYC Levels
      • Regulatory Frameworks
        • EU - MiCA/TFR Regulations
        • US - Crypto Regulations
        • UK - Crypto Regulations
      • zkKYC Credentials
        • Proof-of-Citizenship (zkPoC)
        • Proof-of-Location (zkPoL)
        • Proof-of-Accredited-Investor (zkPoAI)
        • AML Check (AMLMe)
        • Know Your Transaction (KYT)
          • KYT Supported Scope
        • Know Your Business (KYB)
    • MeID - Anti-Sybil Suite
      • CKKS Homomorphic Encryption
      • DID Creation
      • MeID Credentials
        • MeID
    • Me - Profiling Suite
      • MeScores Credentials
        • zkCredit Score
        • zkSocial Network
        • zkDAO Management
        • zkGaming Status
    • zkMe Roadmap
  • Explore More
    • zkMe Bug Bounty Program
    • zkMe Brand Kit
    • zkMe Identity Hub
    • FAQ
    • Glossary
    • Link
      • GitHub
      • X / Twitter
      • Medium
      • YouTube
      • LinkedIn
      • Discord
      • Blog
    • Privacy Policy
Powered by GitBook
On this page
  • zkMe DID Method
  • Preface
  • Abstract
  • Target System
  • DID Method Specific Identifier
  • DID On-Chain
  • Transaction Fee
  • DID Operations
  • Register
  • Update
  • Delete
  • Resolve
  • Security Considerations
  • Privacy
  • Reference Implementation
  1. Learn about zkMe Network
  2. High Level Architectural Overview
  3. zkMe Protocol Components

zkMe DID Method

PreviouszkMe zkVaultNextzkMe Credential Suites

Last updated 1 month ago

zkMe DID Method

The zkMe DID method library uses Ethereum addresses as fully functional DID's or Decentralized identifiers. Third-party users can use this to create zkMe DID identities. It allows the controller to perform actions like resolve, update, and delete by encapsulating the zkMe DID registry and zkMe DID resolver. The DID identifier allows the controller to resolve the DID document for usage in different scenarios.

Preface

The zkme-did method specification is in compliance with the specified by the W3C Credentials Community Group. For a more detailed understanding of DID and other DID method specifications, please refer to resource.

Abstract

The zkMe DID method allows any Ethereum key pair account to become a valid identity. For registration of the DID Document, a smart contract has been deployed on Zetachain testnet (more are coming) address specified at (zkMe GitHub).

Target System

The zkme-did-registry contract currently is deployed on

  • ZetaChain Athens-3 Testnet

DID Method Specific Identifier

For the zkMe DID representation, the MSI (Method Specific Identifier) is an Ethereum address, which can also be called a Hex-encoded secp256k1 compressed public key.

The DID URI for zkMe specific DID method is: 'zkme'. A DID URI on Zetachain testnet will entail a prefix of order "did:zkme:testnet".

DID looks like on Zetachain testnet

did:zkme:testnet:0x2acE1D0d919293D10Ef7611bC768F5386d908fc2

DID looks like on Zetachain mainnet

did:zkme:0x2acE1D0d919293D10Ef7611bC768F5386d908fc2

DID On-Chain

Every DID on the chain has the same structure, defined as:

struct zkMeDID {
        address controller;
        uint created;
        uint updated;
        string doc;
}

Where,

  • controller: the address of the person who creates and manages the DID.

  • created: holds the timestamp of the block when DID was created.

  • updated: initially holds the timestamp of when the DID was created, but is updated if the controller updates the DID on the chain.

  • doc: holds the entire DID document in the form of a string.

Transaction Fee

To register a DID on the Zetachain platform, a small fee in the form of gas will be required. This gas fee is paid in Zetachain's native token, the AZETA token.

Transactions involving Create, Update, and Delete operations will require a transaction fee.

DID Operations

To create a zkMe DID, the user is required to either hold a public key or an Ethereum wallet.

Next, the user will initiate a call to the registerDID function with the generated DID URI and other parameters such as contract address and RPC URL (for chain identification). The function will create a corresponding DID Document in the format below and log it on the chain.

{
        "@context": "https://w3id.org/did/v1",
        "id": "did:zkme:testnet:0x2acE1D0d919293D10Ef7611bC768F5386d908fc2",
        "verificationMethod": [{
                "id": "did:zkme:testnet:0x2acE1D0d919293D10Ef7611bC768F5386d908fc2",
                "type": "EcdsaSecp256k1VerificationKey2019",
                "controller": "did:zkme:testnet:0x2acE1D0d919293D10Ef7611bC768F5386d908fc2",
                "publicKeyBase58": "7Lnm1frErwLwwZB1x2XbweLauYJpAZBjGxAXk55u248DEGGKF62apu9QuekaE3d7jMUUeHjk2F4sSYqKF3oeQ6b3ZLuMb"
        }]
}

Register

Registration of a DID is performed by logging the transaction on the zkme-did-registry smart contract by invoking:

import { registerDID } from "zkme-did-registrar";
const txHash = await registerDID(did, publicKey, signerOrProvier, url?, contractAddress?);

The function returns a txhash and DID uri on successful execution.

Update

The DID controller can request the update functionality if they wish to edit the DID document stored on the ledger by invoking:

import { updateDidDoc } from "zkme-did-registrar";
const txHash = await updateDidDoc(did, didDoc, signerOrProvider, url?, contractAddress?);

Delete

The owner of a DID document has the authority to control the instance of the document on the chain. To maintain true ownership, the network allows the user to delete their instance of the DID document from the blockchain at any time. It's important to note that only the owner or controller of the DID document will have permission to delete the instance.

To remove the instance of DID from the ledger, use as follows

import { deleteDidDoc } from "zkme-did-registrar";
const txHash = await deleteDidDoc(did, signerOrProvider, url?, contractAddress?);

Resolve

To resolve a DID, you need to fetch the DID document registered on the chain. When you query the resolver with a DID, it returns the associated DID document. The resolver sends out a query to fetch the registered DID document from the chain. This document can then be used for signing or verification purposes.


Security Considerations

To improve security, all transactions to register, update, or delete a DID on Zetachain are signed using key pairs generated by the secp256k1 algorithm. If there are any vulnerabilities in this algorithm, they could also be reflected in the zkMe DID method protocol. Additionally, to further enhance security, the zkMe DID method implementation only stores the DID document on the blockchain with valid timestamps.

Privacy

In terms of privacy, a DID is pseudonymous. However, the user needs to note that since the DID zkMe is registered on a decentralized chain, it can not be fully revoked. Additionally, once a DID document is registered, only the owner of the DID can update or revoke it as a privacy measure.

Reference Implementation

Users who wish to have a DID on ZetaChain are expected to use the reference implementation of and to register and resolve zkMe-based DIDs on the chain.

DID requirements
this
registry-contract
zkme-did-registrar
zkme-did-resolver