Managing identity keys

Follow these instructions to:

1. Generate identity keys on-the-fly WITH a draft DIDDoc

2. Generate standalone identity public/private keypairs

3. Convert identity key pairs generated using Veramo agent to other key encoding formats

⚠️ Before you begin...

Make sure you've correctly configured the cheqd plugin's agent settings for Veramo CLI

Method 1: Generating identity keys on-the-fly with DIDDocs

Instead of creating identity keys standalone, you can generate them along with a DIDDoc template. This makes it far easier to handle different inputs and arguments, such as generating DID Docs with different key types.

Command (inline)

You can use the following command in your CLI to create your DIDDoc and associated identity keys:

veramo execute -m cheqdGenerateDidDoc --argsJSON '{"verificationMethod": "JsonWebKey2020", "methodSpecificIdAlgo": "uuid", "network": "testnet"}'

Command (pass as file)

You can pass the payload of the inputs and arguments as a file rather than inline using:

veramo execute -m cheqdGenerateDidDoc --argsFile path/to/exampleFile.json

You can reuse this example file:

Inputs and arguments

Within this command, you are able to choose from the following inputs below to produce different types of DIDDocs:

Expected output

Once you have submitted the command above, you should receive a DID Document draft template, including a set of identity keys, including your chosen inputs and arguments. You can find an example of this output below:

Method:  cheqdGenerateDidDoc

Arguments:  {
  "argsObj": {
    "verificationMethod": "Ed25519VerificationKey2020",
    "methodSpecificIdAlgo": "uuid",
    "network": "testnet"
  }
}

Result : {
  "didDoc": {
    "context": [],
    "id": "did:cheqd:testnet:e43f36e4-9fa6-40a4-a8f9-7f7b49eb44db",
    "controller": [
      "did:cheqd:testnet:e43f36e4-9fa6-40a4-a8f9-7f7b49eb44db"
    ],
    "authentication": [
      "did:cheqd:testnet:e43f36e4-9fa6-40a4-a8f9-7f7b49eb44db#key-1"
    ],
    "assertionMethod": [],
    "capabilityInvocation": [],
    "capabilityDelegation": [],
    "keyAgreement": [],
    "alsoKnownAs": [],
    "verificationMethod": [
      {
        "id": "did:cheqd:testnet:e43f36e4-9fa6-40a4-a8f9-7f7b49eb44db#key-1",
        "type": "Ed25519VerificationKey2020",
        "controller": "did:cheqd:testnet:e43f36e4-9fa6-40a4-a8f9-7f7b49eb44db",
        "publicKeyMultibase": "z2yJuNbhoUpRn7ypAugSLzkCc8QEw146RJ8DD3jzCZQ6A",
        "publicKeyJwk": []
      }
    ],
    "service": []
  },
  "keys": {
    "publicKeyHex": "XXXX",
    "privateKeyHex": "XXXXXXXX",
    "kid": "XXXX",
    "type": "Ed25519"
  }
}

Unexpected output

After running the above command, if you see an unexpected error, follow our DID Operations Troubleshooting Guide to fix it. A common error is:

Unexpected token v in JSON at position 1

Method 2: Standalone key creation

You can generate identity keys standalone in a plug-and-play format for future use in create DID or update DID transactions.

Command

veramo execute -m cheqdGenerateIdentityKeys

Method:  cheqdGenerateIdentityKeys

Arguments:  {
  "argsObj": {
    "args": {}
  }
}

Result : {
  "publicKeyHex": "XXXX",
  "privateKeyHex": "XXXXXXXXX",
  "kid": "XXXX",
  "type": "Ed25519"
}

Converting identity keys

If you want to use identity keys outside of Veramo CLI, you can convert keys from one format to another.

For example, if you would like to convert from hex to base64, you can use the following generic approach:

import { fromString, toString } from 'uint8arrays'

const keyPairBase64: IKeyPair = {
    publicKey: toString(fromString(keyPair.publicKeyHex, 'hex'), 'base64'),
    privateKey: toString(fromString(keyPair.privateKeyHex, 'hex'), 'base64')
}

This works with other encoding conversion libraries (i.e. multiformats).