Identity Protocol
Elastos implements W3C Decentralized Identifiers (DIDs) anchored on the EID chain (Chain ID 22). DIDs use the P-256 curve — the same as the main chain, not Ethereum's secp256k1. This page covers the DID method specification, document format, on-chain storage, and resolution.
DID Method
| Property | Value |
|---|---|
| Method | did:elastos |
| Spec version | v0.2 |
| Anchoring chain | EID (Chain ID 22) |
| Curve | P-256 (secp256r1) |
| Case sensitive | Yes |
| Example | did:elastos:icJ4z2DULrHEzYSvjKNJpKyhqFDxvYV7pN |
Address Derivation
- Generate P-256 key pair from HD path
m/44'/0'/0'/0/<index> - Build redeem script:
0x21 || compressed_pubkey || 0xAC - Hash: SHA-256 then RIPEMD-160 (20 bytes)
- Prepend version byte
0x67(DID prefix) - Append checksum (first 4 bytes of double-SHA-256)
- Base58 encode — address always starts with
i - DID =
did:elastos:i<address>
warning
The DID address uses P-256, not secp256k1. Standard Ethereum/Bitcoin key derivation cannot produce valid Elastos DID keys.
DID Document
{
"@context": ["https://www.w3.org/ns/did/v1"],
"id": "did:elastos:icJ4z2DULrHEzYSvjKNJpKyhqFDxvYV7pN",
"publicKey": [{
"id": "did:elastos:icJ4z2DULrHEzYSvjKNJpKyhqFDxvYV7pN#primary",
"type": "ECDSAsecp256r1",
"controller": "did:elastos:icJ4z2DULrHEzYSvjKNJpKyhqFDxvYV7pN",
"publicKeyBase58": "<base58-P256-pubkey>"
}],
"authentication": ["did:elastos:icJ4z2DULrHEzYSvjKNJpKyhqFDxvYV7pN#primary"],
"verifiableCredential": [],
"service": [{
"id": "#hivevault",
"type": "HiveVault",
"serviceEndpoint": "https://your-hive-node.example.com"
}],
"expires": "2027-01-01T00:00:00Z"
}
On-Chain Format
DID operations are submitted as EVM transactions on EID targeting precompile 0x16. Each operation contains:
| Component | Description |
|---|---|
| Header | Operation type (create, update, deactivate), spec version, previous tx hash (for updates) |
| Payload | Base64-encoded DID document JSON |
| Proof | P-256 signature over header + payload, with verification method reference |
Resolution Algorithm
- Query EID node via
did_resolveDIDJSON-RPC - Retrieve all transactions for the DID from the chain
- Validate each transaction's P-256 signature
- Replay operations chronologically:
create— initial documentupdate— apply changes (must be signed by controller)deactivate— mark DID as deactivated
- Return final document + status (valid / deactivated / not-found)
- Cache result locally (configurable TTL)
Verifiable Credentials
Credentials follow the W3C Verifiable Credentials specification:
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"type": ["VerifiableCredential", "KYCCredential"],
"issuer": "did:elastos:issuerDID",
"credentialSubject": {
"id": "did:elastos:holderDID",
"name": "John Doe"
},
"proof": {
"type": "ECDSAsecp256r1",
"verificationMethod": "did:elastos:issuerDID#primary",
"signature": "<base64-signature>"
}
}
Credential types (from Elastos.DID.Contexts): ApplicationProfileCredential, InternetAccountCredential, SocialCredential, WalletCredential.
SDK Support
| Language | Repository | Key Classes |
|---|---|---|
| TypeScript | Elastos.DID.JS.SDK | DIDStore, RootIdentity, DID, DIDDocument, VerifiableCredential |
| Java | Elastos.DID.Java.SDK | Same hierarchy, bitcoinj for HD derivation |
| C | Elastos.DID.Native.SDK | Core implementation, libsodium |
| Swift | Elastos.DID.Swift.SDK | iOS/macOS bindings |