Version: draft 0.1
This is a draft document. The purpose of this document is to propose a w3c did compliant DID method tailored for energy sector related use cases. This draft outlines a DID method specifically designed to address the unique challenges and requirements of energy-related use cases, such as Decentralised Energy Resources (DER) integrations, smart grid management, electic mobility and traceability of environmental attributes. By leveraging the principles of decentralization, privacy, and interoperability, this method aims to enhance trust and efficiency within the energy ecosystem.
Energy ID DID - will be an implementation of the iden3 protocol. The iden3 protocol is compatible with any Ethereum Virtual Machine (EVM) based blockchains.
The Energy DID method will be identified by the energy scheme.
energy-did = "did:" energy ":" energy-did-method-specific-idstring
energy-did-method-specific-idstring = blockchain-network ":" unique-identifier
blockchain-network = "ewc" / "eth" / "pol"
unique-identifier = 42*43 BASE58
The unique-identifier also depends on the type of identity selected by the user.
This type of energy id allows using Ethereum accounts to authenticate, prove claims and perform on chain operations.
The unique-identifier for this type of identity is derived in the following way:
unique-identifier = idType + zeroPadding + ethAddress + checksum
where:
- idType - identifier of DID method and blockchain network & subnetwork, 2 bytes
- zeroPadding - 7 zero bytes
- ethAddress - Ethereum address of controlling Ethereum account, 20 bytes
- checksum - control checksum, 2 bytes
Example:
<add example>
These are also called as Regular identity as iden3 protocol spec. This identity is created from three merkle trees(Genesis State is a hash of Identity SMT Roots). This identity is primarily controlled by Baby JubJub keys. At least one BJJ public key must be added into Claims Tree during the identity creation.
genesisState = Hash(ClaimsTreeRoot || RevocationsTreeRoot || RootsTreeRoot)
unique-identifier = idType + genesisStateCut + checksum
where:
- idType - identifier of DID method and blockchain network & subnetwork, 2 bytes
- genesisStateCut - first 27 bytes of genesisState, 27 bytes
- checksum - control checksum, 2 bytes
A valid Energy DID:
On EnergyWeb mainnet - did:energy:ewc:<identity-type-specific-identifier>
On Ethereum mainnet - did:energy:eth:<identity-type-specific-identifier>
On Polygon mainnet - did:energy:pol:<identity-type-specific-identifier>
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://schema.iden3.io/core/jsonld/auth.jsonld"
],
"id": "did:energy:<network>:<identifier>",
"authentication": [],
"verificationMethod":[],
"assertionMethod":[],
"keyAgreement":[],
"capabilityInvocation":[],
"capabilityDelegation":[],
"service":[],
"publicKey":[]
}The energy did method uses additional JSON-LD types.
The JSON-LD vocabulary is stored in:
https://schema.iden3.io/core/jsonld/auth.jsonld
Context contains AuthBJJCredential(Operational key) and Iden3StateInfo2023 types.
https://schema.iden3.io/core/jsonld/iden3proofs.jsonld
Context contains Iden3SparseMerkleTreeProof and BJJSignature2021 proofs types used with energy id.
To protect privacy, PII should never be exposed or referenced within did:energy DID documents. Any sensitive information must remain securely off-chain to prevent unauthorized access or disclosure.
References and historical changes within DID Documents are stored on the blockchain. It is important for identity owners to recognize that on-chain data is publicly accessible unless it is hashed or encrypted, and should take appropriate precautions.
The did:energy method adheres to the privacy principles outlined in the W3C DID Specification, ensuring that privacy is maintained throughout the lifecycle of the DID.
- The Privacy Considerations section of the DID Implementation Guide: https://w3c.github.io/did-imp-guide/#privacy-considerations.
- The Privacy Considerations section of the Decentralized Identifiers (DIDs) (DID-CORE) specification: https://www.w3.org/TR/did-core/#privacy-considerations.
- The Privacy Considerations section of the DID Implementation Guide: https://w3c.github.io/did-imp-guide/#privacy-considerations.
- The Privacy Considerations section of the Decentralized Identifiers (DIDs) (DID-CORE) specification: https://www.w3.org/TR/did-core/#privacy-considerations.
It is crucial to keep private keys secure and protected. In the event that a private key is compromised, the did:energy method supports key rotation, allowing for the replacement of the compromised key with a new one, ensuring continued security of the DID.
To prevent eavesdropping attacks, it is essential to use secure communication channels, such as those secured with TLS or equivalent protocols. Since our DID method employs a message-based communication protocol that does not have native encryption, securing the transmission of sensitive information is critical to maintaining confidentiality.
The did:energy method safeguards against data forgery and falsification by implementing Digital Signatures, Merkle Tree Proofs, and Zero Knowledge Proofs (ZKPs). These cryptographic techniques ensure that only the rightful identity owner can issue and present credentials, protecting the integrity and authenticity of the data within the DID system.
Decentralized Identifiers (DIDs)
Verifiable Credentials Data Model