veramolabs / did-eth Goto Github PK
View Code? Open in Web Editor NEWevolution of did:ethr
License: Apache License 2.0
evolution of did:ethr
License: Apache License 2.0
We should offer a web3 dApp like ENS does which can be used to anchor stuff and change everything on my wallet's dids.
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates are currently rate-limited. Click on a checkbox below to force their creation now.
@types/jest
, babel-jest
, jest
)@typescript-eslint/eslint-plugin
, @typescript-eslint/parser
)These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
@semantic-release/changelog
, semantic-release
)@babel/core
, @babel/preset-env
, @babel/preset-typescript
)These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
chai
, @types/chai
)packages/did-eth-library/package.json
@ethersproject/abstract-signer ^5.7.0
@ethersproject/base64 ^5.7.0
@ethersproject/basex ^5.7.0
@ethersproject/bytes ^5.7.0
@ethersproject/providers ^5.7.1
@ethersproject/signing-key ^5.7.0
@ethersproject/strings ^5.7.0
@ethersproject/transactions ^5.7.0
@ethersproject/wallet ^5.7.0
did-jwt ^6.9.0
did-resolver ^4.0.1
ethr-did-resolver ^8.0.0
@babel/core 7.19.6
@babel/preset-env 7.19.4
@babel/preset-typescript 7.18.6
@ethersproject/contracts 5.7.0
@semantic-release/changelog 6.0.1
@semantic-release/git 10.0.1
@types/jest 29.2.1
@typescript-eslint/eslint-plugin 5.42.0
@typescript-eslint/parser 5.42.0
eslint 8.26.0
eslint-config-prettier 8.5.0
eslint-plugin-jest 27.1.3
eslint-plugin-prettier 4.2.1
ganache 7.5.0
jest 29.2.2
microbundle 0.15.1
prettier 2.7.1
semantic-release 19.0.5
typescript 4.8.4
packages/did-eth-registry/package.json
@babel/core 7.18.6
@babel/preset-env 7.18.6
@babel/preset-typescript 7.18.6
@nomiclabs/hardhat-ethers ^2.0.6
@nomiclabs/hardhat-etherscan ^3.1.0
@nomiclabs/hardhat-waffle ^2.0.3
@semantic-release/changelog 6.0.1
@semantic-release/git 10.0.1
@typechain/ethers-v5 ^10.1.0
@typechain/hardhat ^6.1.2
@types/chai ^4.3.1
@types/chai-as-promised ^7.1.5
@types/mocha ^9.1.1
@types/node ^18.0.3
@typescript-eslint/eslint-plugin ^5.30.5
@typescript-eslint/parser ^5.30.5
babel-jest 28.1.2
chai ^4.3.6
chai-as-promised ^7.1.1
dotenv ^16.0.1
eslint ^8.19.0
eslint-config-prettier ^8.5.0
eslint-config-standard ^17.0.0
eslint-plugin-import ^2.26.0
eslint-plugin-n ^15.2.4
eslint-plugin-node ^11.1.0
eslint-plugin-prettier ^4.2.1
eslint-plugin-promise ^6.0.0
ethereum-waffle ^3.4.4
ethereumjs-tx ^2.1.2
ethereumjs-util ^7.1.5
ethers ^5.6.9
hardhat ^2.9.9
hardhat-gas-reporter ^1.0.8
ls ^0.2.1
prettier ^2.7.1
prettier-plugin-solidity ^1.0.0-beta.13
semantic-release 19.0.3
solhint ^3.3.7
solidity-coverage ^0.7.21
ts-node ^10.8.2
typechain ^8.1.0
typescript ^4.7.4
uint8arrays ^3.0.0
packages/did-eth-resolver/package.json
@ethersproject/abi ^5.6.3
@ethersproject/abstract-signer ^5.6.2
@ethersproject/address ^5.6.1
@ethersproject/basex ^5.6.1
@ethersproject/bignumber ^5.6.2
@ethersproject/bytes ^5.6.1
@ethersproject/contracts ^5.6.2
@ethersproject/keccak256 ^5.6.1
@ethersproject/providers ^5.6.8
@ethersproject/signing-key ^5.6.2
@ethersproject/transactions ^5.6.2
did-resolver ^4.0.1
@babel/core 7.20.2
@babel/preset-env 7.20.2
@babel/preset-typescript 7.18.6
@ethersproject/strings 5.7.0
@semantic-release/changelog 6.0.1
@semantic-release/git 10.0.1
@types/jest 29.2.2
@typescript-eslint/eslint-plugin 5.42.0
@typescript-eslint/parser 5.42.0
babel-jest 29.2.2
eslint 8.27.0
eslint-config-prettier 8.5.0
eslint-plugin-jest 27.1.4
eslint-plugin-prettier 4.2.1
ganache 7.5.0
jest 29.2.2
microbundle 0.15.1
prettier 2.7.1
semantic-release 19.0.5
typescript 4.8.4
The existing DID:Ethr Method Specific Identifier specification is here
In order to support a multichain world I suggest the following for the DID:Eth identifier syntax:
We do not support a "default" scheme if a CAIP-10 address is not properly specified (DID:Ethr supported a default to Ethereum mainnet).
We do not support other address types not supported by CAIP10
Feedback appreciated.
Contract methods that update the DID document should also have a flag (or a variant) that also stores the attributes in contract storage, besides emitting the event.
This would be useful for partial on-chain resolution.
We also need to be mindful of revocation of attributes as these would have to also revoke the potentially stored data, regardless of the flag.
We should move away from the proprietary way of doing meta transactions in 'did:ethr' by using a public standard.
EIP-712 would allow a good human readable way of doing that. I see value in doing that human readability especially if we consider a dApp to manage your DID in the future (think ens dApp) with the extended feature of letting some entity do a direct FIAT conversion feature by leveraging meta transactions ("let our payment wallet handle your transaction and pay us 5$"). Then a user could finally really see what their wallet is signing to cross check it instead of blindly signing a hash string.
Is there some alternative to EIP-712?
The identity "owner" concept used by the DIDRegistry contract doesn't match the "controller" concept from DID core spec. We have to make this distinction more clear in the spec as it has caused confusion in the past.
To support the "controller" property, the DID Attributes should be used.
As discussed in the channel we would like to perhaps provide an option for users to separate the keys from the identifiers. This would be relevant to both Polygon ID and Hedera as we natively provide the ability to separate the keys from the identifiers. It would also allow for future key rotation features.
This would not be something v1 of did-eth it would probably be more for a v2, just want to put it on the roadmap for the future.
@Reccetech please feel free to add comments.
A standardized contract interface will enable an implementation of proxy upgradability.
A contract interface provides the following benefits:
Provide a Dockerfile which may be used for containerized development across all platforms and architectures. Key benefits will include:
Consistency: Development containers ensure that everyone on the team is using the same environment, reducing "works on my machine" issues.
Isolation: Containers provide isolation from the host system, preventing conflicts between different software versions.
Reproducibility: Containers can be versioned, making it easy to replicate the exact development environment in different stages of the project.
Portability: Development containers can be shared and run on different machines, making it easier to onboard new team members or work across multiple devices.
Dependency Management: Containers encapsulate dependencies, eliminating the need to install and manage them directly on the host system.
Requirements
UUPS is the best approach for introducing contract upgradability. UUPS offers several key benefits:
Don’t want to crowd the other issue with Diamonds talk.
https://eips.ethereum.org/EIPS/eip-2535
What I mean by Diamonds magic is that it’s possible to let anyone add a resolver module to the contract. You call a function in the contract with EVM byte code for the resolver logic, which is then registered with an identifier from a hash of the byte code.
Using the hash is important as the identifier will be the same across all deployments for the same resolver logic.
You can then use the hash identifier when interacting with your DIDs.
What remains is how to tie the resolver to a string like “did:eth”. This can be gated by governance.
It would then become possible to upgrade the did method while the previous version(s) remain available. You add a new resolver module, and point the method string at the new one.
There are a lot of details I’ve left out. Security and gas implications are the big questions.
Then did:keri isn’t a competitor, but can be used within our contract.
Originally posted by @Hmac512 in #2 (comment)
We should have a central place for building & deploying our smart contracts to minimize errors due to a variable environment (local machine). I've used Truffle in the past, but I heard hardhat is the better option. Deployments to mainnet or other non-dev networks should then be secured by our governance framework. I know this can be achieved by using Gnosis Safe as a provider in Truffle. Does this work with hardhat also?
Does anyone have experience how other DAOs solve this problem?
Solidity based testing is an important innovation in contract development.
Solidity based testing with EVM emulation promotes:
All the "Signed" methods take V, R, S params, but it might be wiser to replace them with a more opaque bytes
param for the signature, as that would open up the possibility of using more than just secp256k1 signatures
This would also be a prerequisite for #48
Continuous integration will help us develop to a standard while preventing commonplace errors
Requirements:
The compelling reasons to adopt CI:
Frequent Integration: CI promotes frequent integration, making this process smoother and less error-prone.
Fast Feedback: Whenever developers push code, the CI system runs automated tests. If there's a problem, developers get immediate feedback and can fix the issue while the context is still fresh in their minds.
Higher Quality Code: With CI, there's an emphasis on writing automated tests. This encourages better code quality and ensures that existing functionalities are not broken by new changes.
Reduced Manual Testing: Automated tests in CI mean less time is spent on repetitive manual tests, freeing up time for other tasks and reducing human-induced errors.
Consistency: CI processes ensure that the same steps are followed for every code integration, guaranteeing that code is consistently built and tested.
Documentation: The CI system automatically documents each build process (which changes were integrated, test results, etc.), providing a clear history of the project.
Early Bug Detection: Catching bugs early in the development process is generally more cost-effective than fixing them later in production.
Efficient Collaboration: In large teams or distributed teams, CI ensures that code from different developers is consistently integrated and tested, reducing the chances of conflicting changes.
Delivery Speed: Since integration issues are found and fixed continuously, the software is always in a releasable state. This can lead to faster delivery cycles.
Environment Replication: CI systems can be configured to replicate the production environment. This ensures that the software is being built and tested in an environment similar to where it'll be deployed.
Enhanced Developer Confidence: Knowing that changes are automatically tested upon push boosts developer confidence. They can be more assured that their changes won't unintentionally break the application.
Cost Savings: Although setting up CI requires some upfront investment, it can lead to significant savings in the long run by reducing the time spent on manual testing, bug fixes, and troubleshooting.
Integration with Other Tools: Modern CI systems can be integrated with various tools for code quality checking, performance testing, deployment, etc., providing a streamlined end-to-end process.
Scaling: As your team grows, the CI process can handle the increased load without much change, ensuring consistent integration even with more developers and more frequent code pushes.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.