📚
Creating a DID with cheqd Cosmos CLI
The purpose of this document is to describe how a DID (and associated DIDDoc) can be created using the
cheqd-node Cosmos CLI.NOTE: The procedures below are only recommended for development purposes!Usingcheqd-nodeCosmos CLI for real-world production usage is not recommended, since the identity keys are passed in raw form to the CLI. This is fine in development/testing usage, but is not recommend for mainnet.Developers are encouraged to use production-grade CLI tools such as Veramo SDK for cheqd or look at our developer guide on how to integrate custom applications.
- 1.Access to a
cheqd-nodeCosmos CLI binary. You can either get this from our Github releases, or download thecheqd-cliDocker container image. - 2.
- 3.Tokens to pay for identity transactions, since all ledger transactions are metered.
- 1.
- 2.
For the remainder of this tutorial, it's assumed that the DID + DIDDoc is being created on testnet. These commands can easily be modified for mainnet.
First, we'll need to generate a verification key:
cheqd-noded debug ed25519 random >> keys.txt
The result should look like the following:
$ cat keys.txt
{"pub_key_base_64":"MnrTheU+vCrN3W+WMvcpBXYBG6D1HrN5usL1zS6W7/k=","pub_key_multibase_58":"",\
"priv_key_base_64":"FxaJOy4HFoC2Enu1SizKtU0L+hmBRBAEpC+B4TopfQoyetOF5T68Ks3db5Yy9ykFdgEboPUes3m6wvXNLpbv+Q=="}
Note: Keep this key safe! It is used to create the DIDDoc, and to update it in the future. Normally, you should be careful when
cat-ing such keys as it reveals the private key as well.Encode the identity key's public key to
public_key_multibase, as this will be later required in the verification_method section:cheqd-noded debug encoding base64-multibase58 <pub_key_base_64>
For example:
$ cheqd-noded debug encoding base64-multibase58 MnrTheU+vCrN3W+WMvcpBXYBG6D1HrN5usL1zS6W7/k=
z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe3Nmod35uua9TE
To create a
unique-id for our DID, we can use first 32 symbols of multibase58 representation of our public key.For example, we can truncate previous output as:
printf '%.32s\n' `cheqd-noded debug encoding base64-multibase58 <pub_key_base_64>`
The result for our example will be
z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe, so let's use it as our unique-id in our DIDDoc.Copy-paste the template below into your terminal into a blank file (e.g., using
nano). We will add additional required information into the blank fields <xxxxx> in the next steps.$ nano diddoc.json
{
"id": "did:cheqd:<namespace>:<unique-id>",
"verification_method": [
{
"id": "did:cheqd:<namespace>:<unique-id>#<key-alias>",
"type": "Ed25519VerificationKey2020",
"controller": "did:cheqd:<namespace>:<unique-id>",
"public_key_multibase": "<verification-public-key-multibase>"
}
],
"authentication": [
"did:cheqd:<namespace>:<unique-id>#<auth-key-alias>"
],
"service": [{
"id":"did:cheqd:<namespace>:<unique-id>#<service-key>",
"type": "LinkedDomains",
"service_endpoint": "<URI-to-object>"
}]
}
<namespace>: Can betestnetormainnet. For this example, we can usetestnet.<unique-id>: Unique identifier, created in step #3<key-alias>: A key alias for the verification method identifier, e.g.,#key1<verification-public-key-multibase>: Result of step #2 above<auth-key-alias>: Alias of authentication key. Can be a reference to an existing verification method.<service-key>: Alias for service property. This is an optional section but useful to understand the power of DIDDocs.<URI-to-object>: A valid URI that can act as a service endpoint.
For example, the populated DIDDoc file might look like:
{
"id": "did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe",
"verification_method": [
{
"id": "did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe#key1",
"type": "Ed25519VerificationKey2020",
"controller": "did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe",
"public_key_multibase": "z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe3Nmod35uua9TE"
}
],
"authentication": [
"did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe#key1"
],
"service": [{
"id":"did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe#linked-domain",
"type": "LinkedDomains",
"service_endpoint": "https://bar.example.com"
}]
}
We recommend you save this DIDDoc file (e.g., in a file called
diddoc.json) for the following steps.Now that we have our DIDDoc prepared, we can send a create DID request to the ledger:
cheqd-noded tx cheqd create-did "$(cat diddoc.json)" "did:cheqd:testnet:zJ5EDiiiKWDyo79n#key1" "FxaJOy4HFoC2Enu1SizKtU0L+hmBRBAEp+B4TopfQoyetOF5T68Ks3db5Yy9ykFdgEboPUes3m6wvXNLpbv+Q==" --from <alias-to-cosmos-key> --node https://rpc.testnet.cheqd.network:443 --chain-id cheqd-testnet-4 --fees 5000000ncheq
Where:
"did:cheqd:testnet:zJ5EDiiiKWDyo79n#key1"is theidofverification_methodsectionFxaJOy4HFoC2Enu1SizKtU0L+hmBRBAEp+B4TopfQoyetOF5T68Ks3db5Yy9ykFdgEboPUes3m6wvXNLpbv+Q==is the private key (priv_key_base_64in Step #1) for signing the DIDDoc--from: Should be an alias of a cheqd/Cosmos key, which will be used to pay for the ledger transaction.
After you execute the command, you will receive
"code": 0" if the DID was successfully written to the ledger.Otherwise, the
raw_logs field in the response can help figure out why something went wrong. For example:"code":1201,"data":"","raw_log":"failed to execute message; message index: 0: id:cheqd:testnet:fcbarcelona: DID Doc not found"
Finally, to check that the DID was successfully written we can use the following query:
cheqd-noded query cheqd did "<identifier-of-your-DIDDoc>" --node https://rpc.testnet.cheqd.network:443
where:
<identifier-of-your-DIDDoc>: Fully-qualified DID with<unique-id>
For example:
cheqd-noded query cheqd did "did:cheqd:testnet:z4Q41kvWsd1JAuPFBff8Dti7P6fLbPZe" --node https://rpc.testnet.cheqd.network:443
Congratulations! You've created, hopefully, the first of many DIDs on cheqd!