For more detailed explanations and references to core specifications, see the more comprehensive developer portal glossary.
Verifiable Credentials are document structures that consist of a few key properties:
id(a unique ID, often a UUID with the
urn:uuid:prefix or a resolvable URL containing another unique per-credential identifier)
credentialSubject, in the sense of a data subject, usually identified by a DID or other privacy-preserving indirection or pseudonym)
- one or more
proof(signature) section, specific to intended verification audience(s)
- a payload, usually structured.
- VCs also contain semantic references linked by URI, in an array at the
beginning of the object called
For a more introductory explanation and guidance on understanding the specification, see the glossary entry
Wallets are specialized pieces of software that store credentials, usually
secured access to the cryptographic keys associated with a specific identifiers.
It may store other kinds of credentials as well, such as unsigned credentials,
self-attested/self-issued credentials, or credentials with subjects whose keys
it does not control, but its primary function is signing to receive and present
its "own" credentials. DIDKit is unopinionated and easy to extend, but DIDKit
is also primary designed to work with Credible, and both are built around
ssi library. For a more introductory explanation and
specification, see the glossary
Decentralized Identifiers are stable identifiers which are bound to a controlling keypair, which is usually rotatable without changing the identifier. These stable identifiers can be used to query a verifiable data registry to get a "DID Document" containing the current controlling keypair and other information for verifying information associated with the DID. For a more introductory explanation and specification, see the DID glossary entry and the DID Document glossary entry
A set of interdependent governance, publication, and discovery mechanisms for DIDs in a given DID namespace, specified by a registered specification. Most DID methods use blockchains or other publically-readable distributed ledgers as data registries, but some, such as DID:Web, use other systems of verification, such as secure DNS resolution. For a more introductory explanation and specification, see the glossary entry
A special DID Method that generates conformant, offchain DID documents for local, private, and/or ephemeral resolution from a keypair. This can be helpful for integrating conventional PKI or signing infrastructure with DID issuance, or to allow caching or local resolution of DID documents where it is undesirable or impossible to resolve remote DIDs. For a more introductory explanation and specification, see the glossary entry
A JSON Web Key, or a "JWK" for short, is a special class of JSON objects(see glossary entry ) objects specified for containing cryptographic key or set of keys. They were specified in 2015 through the IETF.