Version: draft 0.1
This is a draft document. The purpose of this document is to propose a w3c did compliant DID method tailored for energy sector related use cases. This draft outlines a DID method specifically designed to address the unique challenges and requirements of energy-related use cases, such as Decentralised Energy Resources (DER) integrations, smart grid management, electic mobility and traceability of environmental attributes. By leveraging the principles of decentralization, privacy, and interoperability, this method aims to enhance trust and efficiency within the energy ecosystem.
did:energy
Method SpecificationEnergy ID DID - will be an implementation of the iden3 protocol. The iden3 protocol is compatible with any Ethereum Virtual Machine (EVM) based blockchains.
The Energy DID method will be identified by the energy
scheme.
energy-did = "did:" energy ":" energy-did-method-specific-idstring
energy-did-method-specific-idstring = blockchain-network ":" unique-identifier
blockchain-network = "ewc" / "eth" / "pol"
unique-identifier = 42*43 BASE58
The unique-identifier
also depends on the type of identity selected by the user.
This type of energy id allows using Ethereum accounts to authenticate, prove claims and perform on chain operations.
The unique-identifier
for this type of identity is derived in the following way:
unique-identifier = idType + zeroPadding + ethAddress + checksum
where:
Example:
<add example>
These are also called as Regular identity as iden3 protocol spec. This identity is created from three merkle trees(Genesis State is a hash of Identity SMT Roots). This identity is primarily controlled by Baby JubJub keys. At least one BJJ public key must be added into Claims Tree during the identity creation.
genesisState = Hash(ClaimsTreeRoot || RevocationsTreeRoot || RootsTreeRoot)
unique-identifier = idType + genesisStateCut + checksum
where:
A valid Energy DID:
On EnergyWeb mainnet - did:energy:ewc:<identity-type-specific-identifier>
On Ethereum mainnet - did:energy:eth:<identity-type-specific-identifier>
On Polygon mainnet - did:energy:pol:<identity-type-specific-identifier>
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://schema.iden3.io/core/jsonld/auth.jsonld"
],
"id": "did:energy:<network>:<identifier>",
"authentication": [],
"verificationMethod":[],
"assertionMethod":[],
"keyAgreement":[],
"capabilityInvocation":[],
"capabilityDelegation":[],
"service":[],
"publicKey":[]
}
The energy did method uses additional JSON-LD types.
The JSON-LD vocabulary is stored in:
https://schema.iden3.io/core/jsonld/auth.jsonld
Context contains AuthBJJCredential
(Operational key) and Iden3StateInfo2023
types.
https://schema.iden3.io/core/jsonld/iden3proofs.jsonld
Context contains Iden3SparseMerkleTreeProof
and BJJSignature2021
proofs types used with energy id.
To protect privacy, PII should never be exposed or referenced within did:energy DID documents. Any sensitive information must remain securely off-chain to prevent unauthorized access or disclosure.
References and historical changes within DID Documents are stored on the blockchain. It is important for identity owners to recognize that on-chain data is publicly accessible unless it is hashed or encrypted, and should take appropriate precautions.
The did:energy method adheres to the privacy principles outlined in the W3C DID Specification, ensuring that privacy is maintained throughout the lifecycle of the DID.
It is crucial to keep private keys secure and protected. In the event that a private key is compromised, the did:energy method supports key rotation, allowing for the replacement of the compromised key with a new one, ensuring continued security of the DID.
To prevent eavesdropping attacks, it is essential to use secure communication channels, such as those secured with TLS or equivalent protocols. Since our DID method employs a message-based communication protocol that does not have native encryption, securing the transmission of sensitive information is critical to maintaining confidentiality.
The did:energy method safeguards against data forgery and falsification by implementing Digital Signatures, Merkle Tree Proofs, and Zero Knowledge Proofs (ZKPs). These cryptographic techniques ensure that only the rightful identity owner can issue and present credentials, protecting the integrity and authenticity of the data within the DID system.
Decentralized Identifiers (DIDs)
Verifiable Credentials Data Model