Create an off-ledger holder DID
This tutorial offers step-by-step guidance on how to create a subject DID to be used for a holder that will receive a Verifiable Credentials.
⚠️ Before you begin...
Make sure you've correctly configured the cheqd plugin's agent settings for Veramo CLI
Background
We chose to use did:key
for the holder because the did:key
specification has a lot synergy with cheqd did method, did:cheqd
.
Using did:key
also keeps holder DIDs off-ledger. This is very important for the privacy and data protection of the holder. If holder DIDs and DIDDocs were stored on-ledger, this could constitute a risk where data written within the DIDDoc could not be removed in line with a holder's right to be forgotten.
It is also easily managable by a client agent as a full ledger backup for the writing of a DID / DID Doc is not required, thereby making it easily reproducable in a client environment.
Creating a subject did:key
DID can be achieved through both the Veramo CLI, or directly through an application that has been setup to read and write to the cheqd ledger, using the Veramo SDK for cheqd.
Instructions
1. Invoke Veramo CLI DID create function
This off-ledger DID, of type did:key
, is used for the recipient of the Verifiable Credential and Verifiable Presentation using:
2. Select the did:key
provider and KMS
did:key
provider and KMSSelect did:key
as the provider when prompted as well as a key management system (KMS) to use (default is local
).
The agent.yml
file used for the Veramo SDK for cheqd has a preloaded local key management system which is bootstrapped along with the CLI.
The KMS is stored in a local SQLite database.
3. Enter an alias for the DID
This is the nickname for your DID, which will be managed by Veramo KMS. Providing a memorable alias will help reference this for future uses, e.g., Alice off ledger DID
.
Once you have entered this, you will receive a response in a table, e.g:
Next steps
If you got the table above, your off-ledger did:key
has been created
Last updated