DID Resolution

DID Resolution retrieves a DID Document from a decentralized identifier (DID). This fundamental operation enables verifiable data exchange by providing access to cryptographic material needed for verification.

Resolution bridges identifiers to their verification material. When verifying a digital signature or credential, you need access to the public keys associated with the signer’s DID.

A resolver takes a DID as input:

did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK

And returns a standardized DID document containing verification material:

{
    "@context": ["https://www.w3.org/ns/did/v1", "https://w3id.org/security/suites/jws-2020/v1"],
    "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
    "verificationMethod": [
        {
            "id": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
            "type": "JsonWebKey2020",
            "controller": "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK",
            "publicKeyJwk": {
                "crv": "Ed25519",
                "kty": "OKP",
                "x": "Lm_M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY"
            }
        }
    ],
    "authentication": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "assertionMethod": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "capabilityInvocation": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ],
    "capabilityDelegation": [
        "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK#z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK"
    ]
}

Resolution Standards

DID Resolution is standardized through the W3C DID Resolution specification, defining:

Resolution process
Resolution result format
Error handling and metadata
Conformant resolver behavior

This standardization ensures interoperability across implementations.

The Resolution Process

The resolution process:

Parse the DID to extract method name and identifier
Invoke method-specific resolver to retrieve the document
Process the document according to method specification
Return a resolution result containing document and metadata

Understanding DID Methods

DID methods are the mechanisms that define how DIDs are created, resolved, updated, and deactivated within specific systems. Each method has its own approach to storing and retrieving identity information.

Types of DID Methods

Method Type	Examples	Characteristics	Best For
Blockchain-based	`did:ethr`, `did:ion`	Anchored on distributed ledgers	Public, tamper-evident identities
Web-based	`did:web`	Uses existing web infrastructure	Organizations with established web presence
Self-certifying	`did:key`, `did:jwk`	Derived directly from cryptographic material	Simple, portable identities
Network-based	`did:cheqd`, `did:ebsi`	Specialized identity networks	Compliance with specific ecosystems

DID method choice impacts resolution performance (speed and resource requirements), availability (dependency on external networks), security properties (different guarantees), and storage location (on-chain, off-chain, or derived).

DID Documents Explained

A DID document is the primary resolution output containing: the identifier (the DID itself), verification methods (public keys for cryptographic operations), authentication methods (keys for authentication), service endpoints (contact URLs), and other properties (additional metadata).

Example DID Document

{
    "id": "did:web:example.com",
    "verificationMethod": [
        {
            "id": "did:web:example.com#key-1",
            "type": "JsonWebKey2020",
            "controller": "did:web:example.com",
            "publicKeyJwk": {
                "kty": "EC",
                "crv": "P-256",
                "x": "example_x_value",
                "y": "example_y_value"
            }
        }
    ],
    "authentication": ["did:web:example.com#key-1"],
    "service": [
        {
            "id": "did:web:example.com#messaging",
            "type": "MessagingService",
            "serviceEndpoint": "https://example.com/messages/8377464"
        }
    ]
}

Resolution Metadata

Resolution results include metadata providing context: content type (document format), method metadata (method-specific information), resolution metadata (process details), and error details (issue information).

Challenges in DID Resolution

Implementing DID Resolution involves addressing:

Performance (slow resolution times)
Availability (network downtime)
Caching (balancing freshness with performance)
Method diversity (complexity of supporting multiple methods)
Security (ensuring secure retrieval)

Summary

DID Resolution bridges decentralized identifiers to their verification material. By retrieving DID documents from various identity systems using standardized protocols, resolution enables verification operations that build trust in decentralized ecosystems.