Skip to content

Commit 0d6bb74

Browse files
authored
chore: add w3id readme (#3)
* chore: add w3id readme * chore: bold text * chore: better formatting * docs: add w3id details * chore: format * chore: add links
1 parent fbfeb0e commit 0d6bb74

File tree

3 files changed

+65
-8
lines changed

3 files changed

+65
-8
lines changed

README.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,14 @@ Learn more about the power of Turborepo:
8585

8686
# MetaState Prototype
8787

88+
## Progress Tracker
89+
90+
| Project | Status |
91+
| ------------------------------ | ----------- |
92+
| [W3ID](./infrastructure/w3id/) | In Progress |
93+
| EVault Core | Planned |
94+
| Web3 Adapter | Planned |
95+
8896
## Project Structure
8997

9098
```
@@ -123,11 +131,3 @@ prototype/
123131
├─ README.md (This File)
124132
└─ turbo.json (Configures TurboRepo)
125133
```
126-
127-
## Progress Tracker
128-
129-
| Project | Status |
130-
| ------------ | ----------- |
131-
| W3ID | In Progress |
132-
| EVault Core | Planned |
133-
| Web3 Adapter | Planned |

images/w3id-relations.png

226 KB
Loading

infrastructure/w3id/README.md

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
# W3ID
2+
3+
The metastate ecosystem has the only 1 type of identifiers, W3ID (did:w3id protocol, defined below) for all types of entities, e.g..
4+
5+
![MetaState W3ID Relations](../../images/w3id-relations.png)
6+
7+
## Where is it used
8+
9+
### _Users & Groups_
10+
11+
Users and groups would have a persistent, unchanging identifier which is referred to as Web 3 Identifier
12+
In case of a person, the W3ID is the life-long anchor which connects keys and the physical essence of a person. It is represented on the diagram below
13+
(1-2 relations) personal W3ID and personal keys via eID certificate from PKI
14+
(2-3 relations) personal W3ID and body characteristics, physical passport and friends.
15+
16+
### _Mobile Devices (or Device ID)_:
17+
18+
Mobile devices would use a persistent (within the lifetime of the device) W3ID identifier within the ecosystem.
19+
eVault: An eVault would use its own unique W3ID, which is not shared with a user, but rather is used internally to sync data between clone eVaults and used internally by an eVault hosting provider.
20+
21+
### _W3 Envelope_
22+
23+
W3 Envelope would use a W3ID, which is globally unique, and this W3ID would be used in the W3ID URI scheme to retrieve a envelope.
24+
25+
## Technical Requirements and Guarantees:
26+
27+
- The identity must be globally persistent, and unique.
28+
- The identity must exist on a namespace with more range higher than 10^22
29+
- The identity must support rotation of secrets and must only be loosely bound to keys
30+
- The identity must be loosely tied to a passport in form of binding document
31+
32+
## W3ID URI Scheme
33+
34+
### W3ID URI format:
35+
36+
`w3id://<UUID in HEX>` (case insensitive, like any URI) formed by the rules of RFC4122. In particular, the number and positioning of the dashes in the string is mandatory!
37+
UUID range is 2^122 or 15 orders larger than expected amount of IDs (10^22) therefore it fits the purpose perfectly.
38+
39+
### Example:
40+
41+
`w3id://e4d909c2-5d2f-4a7d-9473-b34b6c0f1a5a`
42+
If a local ID is needed, it is added after “/”, also as UUID range e.g.:
43+
`w3id://e4d909c2-5d2f-4a7d-9473-b34b6c0f1a5a/f2a6743e-8d5b-43bc-a9f0-1c7a3b9e90d7`
44+
which means “the object `f2a6743e-8d5b-43bc-a9f0-1c7a3b9e90d7` at the eVault `e4d909c2-5d2f-4a7d-9473-b34b6c0f1a5a`,
45+
where `e4d909c2-5d2f-4a7d-9473-b34b6c0f1a5a` could be:
46+
either the exact URL of the eVault, or
47+
the URL of its “controller”, the owner, then such URL should be resolved to the current eVault which this person (or group) controls
48+
49+
## W3ID Key binding
50+
51+
The Identifier would be loosely bound to a set of keys, meaning an identifier is not derived from a set of keys making it easy to change the keys in case someone's keys gets compromised, or they turn up on the beach naked and need a new set of keys as their device is lost.
52+
53+
## W3ID Document Binding
54+
55+
The identifier would be also loosely bound to a Passport, via a binding document certified by a root CA in the prototype, where the Identifier would be connected to entropy generated by the details of the passport of an individual.
56+
57+
> Note: Passport verification is out of scope for W3ID as an identifier and is handled by the eID Wallet Applicaiton.

0 commit comments

Comments
 (0)