The Tyron DID Protocol defines 3 pairs of DID-Keys generated by the KEY_ALGORITHM:
- did_contract_owner: The user's Zilliqa account is the sole owner of their DIDC, and the subject and controller of their Dececentralized Identifier. The contract_owner is the hex-encoded address corresponding to this key.
- did_update_keys: To execute a DID-Update operation, the updated DID-Document must get signed by these keys, which the DIDC verifies with IsRightSignature procedure.
- did_recovery_keys: To execute a DID-Recover or DID-Deactivate operation, the user MUST possess the private did_recovery_key that corresponds to the public did_recovery_key stored in the DIDC. The DIDC executes the IsRightSignature procedure for verification.
The update & recovery keys MUST only get utilized once, which the DIDC verifies with the IsValidKey procedure.
The corresponding private keys MUST always be in control of their user.
Empowered by Scilla, the DID-Smart-Contract produces the Tyron Hash by applying the HASH_ALGORITHM on the Decentralized Identifier. The Tyron Hash must be signed to deactivate the DID.
The Tyron DID Protocol implements several parameters defined by the Sidetree Protocol (a layer-2 solution on top of the Bitcoin network):
The transaction number is a monotonically increasing number. Its order is deterministic and assigned to every transaction according to its position in the ledger time.
Every Tyron DID has a corresponding DID-Smart-Contract that keeps track of the DID-State and assigns a transaction number to every consecutive transaction modifying the DID-State.
The ledger time is the blockchain clock variable, used as a deterministic chronological reference.
A DID-Suffix is the unique identifier string in a Decentralized Identifier, the last part of the DID after the final colon.
The HASH_ALGORITH is the algorithm to generate hashes of protocol-related values. The default parameter is SHA256.
Data encoding scheme
The DATA_ENCODING_SCHEME is the encoding for various data structures such as JSON and strings, which MUST have its output in ASCII format. The default parameter is hex (hexadecimal, base16).
The KEY_ALGORITHM is the asymmetric public key algorithm. The default parameter is secp256k1.
Operation key pair
Generates a cryptographic key pair to operate with, using the KEY_ALGORITHM. It returns the public key as a PublicKeyModel and the private key as a hex-encoded secp256k1 key.
The SIGNATURE_ALGORITHM is the asymmetric public key signature algorithm. The default parameter is Schnorr.
The DID-Smart-Contract can verify that all Schnorr signatures correspond to the DID-Keys defined above, by executing the IsRightSignature procedure.
A DID-State patch is the Sidetree format to describe the mutations of the DID's metadata state. Its data structure corresponds with the Patch model, which MUST include a Patch action and the document to be patched.