Class DidJwk

The DidJwk class provides an implementation of the did:jwk DID method.

Features:

  • DID Creation: Create new did:jwk DIDs.
  • DID Key Management: Instantiate a DID object from an existing verification method key set or or a key in a Key Management System (KMS). If supported by the KMS, a DID's key can be exported to a portable DID format.
  • DID Resolution: Resolve a did:jwk to its corresponding DID Document.
  • Signature Operations: Sign and verify messages using keys associated with a DID.

Remarks

The did:jwk DID method uses a single JSON Web Key (JWK) to generate a DID and does not rely on any external system such as a blockchain or centralized database. This characteristic makes it suitable for use cases where a assertions about a DID Subject can be self-verifiable by third parties.

The DID URI is formed by Base64URL-encoding the JWK and prefixing with did:jwk:. The DID Document of a did:jwk DID contains a single verification method, which is the JWK used to generate the DID. The verification method is identified by the key ID #0.

See

DID JWK Specification

Example

// DID Creation
const did = await DidJwk.create();

// DID Creation with a KMS
const keyManager = new LocalKeyManager();
const did = await DidJwk.create({ keyManager });

// DID Resolution
const resolutionResult = await DidJwk.resolve({ did: did.uri });

// Signature Operations
const signer = await did.getSigner();
const signature = await signer.sign({ data: new TextEncoder().encode('Message') });
const isValid = await signer.verify({ data: new TextEncoder().encode('Message'), signature });

// Key Management

// Instantiate a DID object from an existing key in a KMS
const did = await DidJwk.fromKeyManager({
 didUri: 'did:jwk:eyJrIjoiT0tQIiwidCI6IkV1c2UyNTYifQ',
 keyManager
});

// Instantiate a DID object from an existing verification method key
const did = await DidJwk.fromKeys({
  verificationMethods: [{
    publicKeyJwk: {
      kty: 'OKP',
      crv: 'Ed25519',
      x: 'cHs7YMLQ3gCWjkacMURBsnEJBcEsvlsE5DfnsfTNDP4'
    },
    privateKeyJwk: {
      kty: 'OKP',
      crv: 'Ed25519',
      x: 'cHs7YMLQ3gCWjkacMURBsnEJBcEsvlsE5DfnsfTNDP4',
      d: 'bdcGE4KzEaekOwoa-ee3gAm1a991WvNj_Eq3WKyqTnE'
    }
  }]
});

// Convert a DID object to a portable format
const portableDid = await DidJwk.toKeys({ did });

// Reconstruct a DID object from a portable format
const did = await DidJwk.fromKeys(portableDid);

Hierarchy (view full)

Constructors

constructor

Properties

methodName

Methods

create getSigningMethod import resolve

Constructors

constructor

Properties

Static methodName

methodName: string = 'jwk'

Name of the DID method, as defined in the DID JWK specification.

Methods

Static create

  • create<TKms>(params?): Promise<BearerDid>

  • Creates a new DID using the did:jwk method formed from a newly generated key.

    Type Parameters

    Parameters

    • params: {
          keyManager?: TKms;
          options?: DidJwkCreateOptions<TKms>;
      } = {}

      The parameters for the create operation.

      • Optional keyManager?: TKms

        Optionally specify a Key Management System (KMS) used to generate keys and sign data.

      • Optional options?: DidJwkCreateOptions<TKms>

        Optional parameters that can be specified when creating a new DID.

    Returns Promise<BearerDid>

    A Promise resolving to a BearerDid object representing the new DID.

    Remarks

    The DID URI is formed by Base64URL-encoding the JWK and prefixing with did:jwk:.

    Notes:

    • If no options are given, by default a new Ed25519 key will be generated.
    • The algorithm and verificationMethods options are mutually exclusive. If both are given, an error will be thrown.

    Example

    // DID Creation
    const did = await DidJwk.create();

    // DID Creation with a KMS
    const keyManager = new LocalKeyManager();
    const did = await DidJwk.create({ keyManager });

Static getSigningMethod

  • getSigningMethod(params): Promise<DidVerificationMethod>

  • Given the W3C DID Document of a did:jwk DID, return the verification method that will be used for signing messages and credentials. If given, the methodId parameter is used to select the verification method. If not given, the first verification method in the DID Document is used.

    Note that for DID JWK, only one verification method can exist so specifying methodId could be considered redundant or unnecessary. The option is provided for consistency with other DID method implementations.

    Parameters

    • params: {
          didDocument: DidDocument;
          methodId?: string;
      }

      The parameters for the getSigningMethod operation.

      • didDocument: DidDocument

        DID Document to get the verification method from.

      • Optional methodId?: string

        ID of the verification method to use for signing.

    Returns Promise<DidVerificationMethod>

    Verification method to use for signing.

Static import

Static resolve

Settings

Member Visibility

Theme

On This Page

constructormethodNamecreategetSigningMethodimportresolve