Open clehner opened 3 years ago
I think this sounds great. BTW there is also nothing wrong with having multiple drivers that implement the same DID method. Maybe DIDKit's support for did:key
and did:web
is better than the existing UR drivers for those methods; in that case people can configure their UR instance to use whichever driver they prefer for any given DID method!
@peacekeeper great. It appears that DIDKit's support for did:key:zQ3s
(Secp256k1) and did:key:zru
(P-256) would be novel. But these are not currently enabled in our Docker image... I am opening another issue about that. Edit: fixed in #140
Adding the driver, for did:tz
and some did:key
prefixes, is happening here: https://github.com/decentralized-identity/universal-resolver/pull/222.
Enabling more DID resolvers from DIDKit can be done by updating the regex for the didkit driver's entry in config.json
.
For development purposes, the other drivers can be disabled, to reduce resource use, by removing them from docker-compose.yml
. To update config.json
without having to rebuild the uni-resolver-web
image each time, a volumes
entry can be added to use the local config.json
. The resulting docker-compose.yml
is as follows:
Thanks @sbihel for helping with Docker/docker-compose
.
Universal Resolver driver using DIDKit (didkit-http), enabling did:tz
and some did:key
prefixes, is merged in https://github.com/decentralized-identity/universal-resolver/pull/224. Keeping this issue open though, to track enabling more of DIDKit's DID methods in the Universal Resolver config. i.e. did:onion
(may blocked by https://github.com/spruceid/didkit/issues/137), did:pkh
and did:webkey
(I think UR prefers methods be added to the DID Specification Registries first)
did:pkh
using DIDKit in Universal Resolver was added in https://github.com/decentralized-identity/universal-resolver/pull/231;
did:key
RSA in https://github.com/decentralized-identity/universal-resolver/pull/277.
did:ion
was added to DIDKit in #255, but Universal Resolver already has a did:ion
driver.
DIDKit's regex in Universal Resolver is currently this: ^did:(?:tz:|pkh:|web:|key:(?:z6Mk|zQ3s|zDna|z.{200,})).+$
https://github.com/decentralized-identity/universal-resolver/blob/6425f8b3b1d2523bf14c922ca575a2253920e62c/config.json#L180
webkey
remains a DID method that could be added. It needs a specification: https://github.com/spruceid/ssi/issues/205.
onion
could also be added if we figure out where to put Tor and how to access it from DIDKit container (#137).
@clehner thanks for the update. I think adding support for onion
would be great. You could make the address of the Tor node configurable with an environment variable, and leave it up to a particular deployment to configure it correctly so that the container can reach Tor.
We could add a driver for Universal Resolver, like this: https://github.com/decentralized-identity/universal-resolver/pull/100/files It looks like there is already a Universal Resolver driver using
ghcr.io
, so I think we could use our existing Docker imageghcr.io/spruceid/didkit-http
. DIDKit's HTTP interface already supports the DID Resolution HTTP(S) binding which is what Universal Resolver uses for the interface to drivers.Universal Resolver already has drivers for
did:key
,did:web
, anddid:ethr
. DID Methods that we could add in our driver aredid:tz
,did:pkh
,did:sol
, anddid:onion
. Additional work may be needed to enabledid:onion
since it depends on an external network, Tor: #137