| title | category | type | source |
|---|---|---|---|
Uport PKI |
pki |
reference |
uPort implements a simple yet general purpose decentralized PKI system, making it easy to create and verify off-chain JWT messages.
We need a decentralized way to lookup public keys that can be used to verify off-chain JWTs. This allows us to use the power of the Ethereum blockchain to verify signed data privately transferred between parties.
The PKI is not needed for blockchain transactions themselves, as any blockchain already has a PKI-like functionality built in.
We are primarily using it with JWTs, although it could be used for signing other data formats as well.
The following overview shows the basic process for creating and verifying a trusted off-chain transaction between two parties using the uPort PKI.
We currently support 2 kinds of Identity Documents:
- DID Documents
- Legacy Identity Documents (DEPRECATED)
Any Signed Message has an iss attribute. This contains an Decentralized ID (DID).
A did-resolver is used to resolve the public key of the message.
uPort currently supports the following DID methods:
ethrbased on ERC-1056uportfor legacy uPort identitiesmuportfor an experimental did resolver using IPFS and Ethereum
Anyone implementing a new DID method can follow the instructions in the did-resolver library and it should work with uPort libraries.