Decentralized Identifiers (DIDs) are usually thought of as being bound to a particular ledger and blockchain, such as SecureKey’s first DID Method implementation, did:trustbloc which is dependent on HyperLedger Fabric. But what if they weren’t?
Introducing a ledger agnostic solution – did:orb
In response to ledger-locked DID method challenges, such as who is running and maintaining the DID ledger, SecureKey developed a ledger agnostic solution called did:orb that decouples DIDs from ledgers while maintaining trust and security. SecureKey is leveraging standard and open-source peer-to-peer protocols like ActivityPub, data structures like verifiable credentials content-addressed storage like IPFS, and distributed trust services like the Google Trillian project to build a peer-to-peer trust network.
What is an Orb and how does it work?
Orb is a network of interconnected nodes that enable trusted lookups of information. An Orb node uses other network participants to discover and distribute document changes, and to also act as witnesses to timing when needed. Nodes also support dynamic service discoverability, meaning a node can decide to work within an Orb network and discover other Orb services in that network. Orb enables a network of networks, each providing trusted registeries of verifiable data.
Nodes make up a distributed DID network. They can communicate using a common standard and open-source peer-to-peer protocols while ensuring the current state is consistent, reliable, and trusted by the other network participants. This also means that nodes can run on different software stacks. DIDs are now portable between node implementations because once established in one Orb network, they can be used, replicated, verified, and trusted in others.
What are the benefits of this Decentralized Identifier solution?
By allowing Orb networks to scale as required, technology risks associated with picking a DID method are drastically reduced. Some of the benefits of this model are:
- Applications dynamically join and discover Orb networks for broad interoperability.
- Decentralized Identifiers can move between networks, preserving associated identities and credentials the DID may control.
- Access control and trust policies are dynamic per Orb, supporting private, semi-private, and open networks. If a node becomes unreliable, it can be removed from other Orb nodes without drastically impacting the reliability of the entire network.
did:orb leverages the Sidetree protocol to encode and process document changes, as does other Sidetree-based methods such as did:ion and did:photon.
For more information, please see the Sidetree article detailing the protocol and the first generation of Sidetree Systems.
For more information on how Orb helps increase interoperability between verifiable credential networks, please visit SecureKey’s TrustBloc page.
About Troy Ronda
Troy Ronda, Chief Scientist at SecureKey Technologies, has over 12 years of software development and project management experience advancing initiatives that leverage technologies such as decentralized identity, identity and data exchange, proximity technology, secure elements and mobile solutions.
In his current role, Troy guides the open development team and leads technical strategy for the decentralized identity and authentication platform. Troy is passionate about leveraging decentralized technology and standards to solve business and trust problems as well as creating solutions based on Hyperledger projects and furthering discussions in the digital identity community.
Troy holds a M.Sc. in Computer Science from the University of Toronto. He’s an active contributor in the Hyperledger community who serves as a member of the Technical Steering Committee and co-chair of the Decentralized Identity Foundation Sidetree Working Group.