Explanations
How to guides
Tutorials
Reference
Home
Dashboard
Explanations
How to guides
Tutorials
Reference
Home
Dashboard

DID Resolution

DID Resolution is the process of retrieving a DID Document from a decentralized identifier (DID). This fundamental operation enables verifiable data exchange in decentralized identity systems by providing access to the cryptographic material needed for verification operations.

What is DID Resolution?

DID Resolution acts as a bridge between identifiers and their verification material. When you need to verify a digital signature or credential, you first need access to the public keys associated with the signer's DID. Resolution provides this critical connection.

For example, if you receive a credential signed by did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK, resolution translates this identifier into a DID document containing the public key information needed to verify the signature.

A resolver takes a DID as input:

did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK

And returns a standardized DID document containing verification material:

{
    "@context": ["https://www.w3.org/ns/did/v1", "https://w3id.org/security/suites/jws-2020/v1"],
    "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
    "verificationMethod": [
        {
            "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
            "type": "JsonWebKey2020",
            "controller": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
            "publicKeyJwk": {
                "crv": "Ed25519",
                "kty": "OKP",
                "x": "Lm_M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY"
            }
        }
    ],
    "authentication": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "assertionMethod": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "capabilityInvocation": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "capabilityDelegation": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ]
}

Resolution Standards

DID Resolution is standardized through the W3C DID Resolution specification, which defines:

  • The resolution process and its inputs/outputs
  • The format of resolution results
  • Error handling and metadata
  • The behavior expected from conformant resolvers

This standardization ensures interoperability across different implementations and identity ecosystems.

The Resolution Process

The resolution process follows these key steps:

  1. Parse the DID to extract the method name and method-specific identifier
  2. Invoke the method-specific resolver to retrieve the DID document
  3. Process the retrieved document according to the method's specification
  4. Return a resolution result containing the DID document and metadata

This process is handled by a resolver, which may be a local library, a network service, or a combination of both.

Understanding DID Methods

DID methods are the mechanisms that define how DIDs are created, resolved, updated, and deactivated within specific systems. Each method has its own approach to storing and retrieving identity information.

Types of DID Methods

Method TypeExamplesCharacteristicsBest For
Blockchain-baseddid:ethr, did:ionAnchored on distributed ledgersPublic, tamper-evident identities
Web-baseddid:webUses existing web infrastructureOrganizations with established web presence
Self-certifyingdid:key, did:jwkDerived directly from cryptographic materialSimple, portable identities
Network-baseddid:cheqd, did:ebsiSpecialized identity networksCompliance with specific ecosystems

How Method Selection Affects Resolution

Your choice of DID method impacts several aspects of resolution:

  • Performance: Methods vary in resolution speed and resource requirements
  • Availability: Some methods depend on external networks or infrastructure
  • Security properties: Methods offer different security and trust guarantees
  • Storage location: Identity data may be stored on-chain, off-chain, or derived

Understanding these trade-offs helps you select methods appropriate for your specific requirements.

DID Documents Explained

A DID document is the primary output of resolution and contains information about a decentralized identifier:

Core Components

  • Identifier: The DID itself, serving as the document's subject
  • Verification methods: Public keys used for cryptographic operations
  • Authentication methods: Keys designated for authentication purposes
  • Service endpoints: URLs where the identity can be contacted
  • Other properties: Additional metadata about the identity

Example DID Document

{
    "id": "did:web:example.com",
    "verificationMethod": [
        {
            "id": "did:web:example.com#key-1",
            "type": "JsonWebKey2020",
            "controller": "did:web:example.com",
            "publicKeyJwk": {
                "kty": "EC",
                "crv": "P-256",
                "x": "example_x_value",
                "y": "example_y_value"
            }
        }
    ],
    "authentication": ["did:web:example.com#key-1"],
    "service": [
        {
            "id": "did:web:example.com#messaging",
            "type": "MessagingService",
            "serviceEndpoint": "https://example.com/messages/8377464"
        }
    ]
}

Working with DID Documents

To effectively use a DID document:

  1. Check the document ID to confirm it matches the requested DID
  2. Look for verification methods appropriate for your operation (e.g., authentication, signing)
  3. Use the public key material for cryptographic verification
  4. Reference service endpoints if you need to interact with the identity

This standardized structure makes it possible to work with identity information from diverse sources in a consistent way.

Resolution Metadata

Beyond the DID document itself, resolution results include metadata that provides context:

  • Content type: Format of the returned document
  • Method metadata: Method-specific information about the resolution
  • Resolution metadata: Details about the resolution process itself
  • Error details: Information about any issues encountered

This metadata helps applications interpret the resolution result and handle any special conditions or errors.

Challenges in DID Resolution

Implementing DID Resolution involves addressing several challenges:

  • Performance: Some methods have slow resolution times
  • Availability: Network-dependent methods may have downtime
  • Caching: Balancing freshness with performance
  • Method diversity: Supporting multiple methods increases complexity
  • Security: Ensuring secure retrieval of DID documents

Vidos Resolver addresses these challenges to provide reliable, secure resolution services.

Summary

DID Resolution is the foundational process that bridges decentralized identifiers to their verification material. By retrieving DID documents from various identity systems using standardized protocols, resolution enables the verification operations that build trust in decentralized ecosystems. Understanding this process and its components helps you make informed decisions about identity methods and verification workflows in your applications.

ON THIS PAGE