A decentralized identifier is a new type of globally unique identifier which are fully under the control of the DID subject with cryptographically verifiable ownership. DID’s resolve to DID Documents in similar ways as uniform resource names (URNs) except they do not require a central registration authority, identity provider, or certificate authority.
DIDs follow the same basic pattern as the URN specification. The key difference is that with DIDs the namespace component identifies a DID method, and a DID method specification specifies the format of the method specific identifier:
The Sovrin DID method namestring is sov. The identifier is the base58 encoding of a 128-bit number using the BitCoin/IPFS alphabet. For example, a Sovrin DID can generated by base58-encoding the first half of an Ed25519 verification key.
DID infrastructure can be thought of as a global key-value database in which the database is all DID-compatible blockchains, distributed ledgers, or decentralized networks. In this virtual database, the key is a DID, and the value is a DID document. The purpose of the DID document is to describe the public keys and service endpoints necessary to bootstrap cryptographically-verifiable interactions with the identified entity.
A DID and DID document are created, resolved, and managed on a system using a specific DID Method. DID methods define how DIDs work within a specific environment. All DID method specs must define the format and generation of the method-specific identifier.
DIDs written to the Sovrin ledger will follow the requirements defined in the Sovrin DID method spec.
Public (Global) DIDs are created and updated in Sovrin using a NYM transaction.
Code reference to NYM transaction.