Add support for recoverable public keys

[awoie]

Some DID methods like did:ethr [1] use function(publicKey), i.e. EthereumAddress, as the the public verification key (digital signature) in the DID Document instead of the public key itself. A verifier would recover the public key from a signature plus the signed message and then, test if function(publicKeyRecovered) is included in the DID Document.

In the case of did:ethr, it will be a secp256k1 key that signs the message, and the EthereumAddress will be included in the DID Document which is function(publicKey) = 0x + tail(keccak-256(publicKey), 20)

We should add support for another public key type (Secp256k1VerificationKeyRecoverable2018 in addition to Secp256k1VerificationKey2018), and encoding (EthereumAddress in addition to publicKeyPem) that supports this approach. This enables every Ethereum account to be the owner of a DID and saves a lot of transaction fees when the DID is anchored on a public Blockchain like Ethereum, or Bitcoin.

[1] https://github.com/uport-project/ethr-did-resolver/blob/develop/doc/did-method-spec.md

[peacekeeper]

Related to (or duplicate of) https://github.com/w3c-ccg/did-spec/issues/56.

Also see https://github.com/WebOfTrustInfo/rwot6-santabarbara/issues/63.

[awoie]

Yes, I agree. We can close this issue and I will follow up on the other thread.

[peacekeeper]

Note that a new Linked Data Cryptographic Suite https://github.com/w3c-dvcg/lds-ecdsa-secp256k1-2019 has been created, which can define an ethereumAddress public key property.