New version available!
We have released IOTA Identity v0.2: https://github.com/iotaledger/identity.rs/tree/v0.2.0
This release has breaking changes with no backward compatibility.
The following is an incomplete changelog for the major changes:
- Relocated NPM hosted WASM bindings to @iota/identity-wasm
- Increased scalability of IOTA Identity
- Allow publishing of collections of public keys
- Added 100% GDPR compliant VC Revocation
- Renamed IOTA Identity crate objects to drop the IOTA prefix
- Improved WASM interface to be easier to use
This update went beyond the DID and Verifiable Credentials (VCs) standards and introduced IOTA Identity unique features
We have introduced Authentication DID Messages that form an "Auth Chain" and Differentiation DID Messages that form "Diff Chains". Auth Messages contain full DID Documents as before and have no restrictions. The Diff Messages are published to another Address and contain only the differences between 2 DID Documents. They are not restricted in rotating the signing key. A set of Diff Messages can be combined into a single Auth message, removing the need to query them in the future allowing thousands of DID updates without significantly increasing verification time.
Besides acting as a decentralized PKI, IOTA is utilized to act as a revocation registry for VCs. Other DID implementations post hashes to the DLT of the revoked VCs. This may not be GDPR compliant. IOTA Identity revokes VCs by deactivating the public key from the DID Document. This requires every public key to be used only once. To prevent DID Documents from having to list thousands of public keys, they can be published via a Merkle Tree. When a key is deactivated, the DID Document will be updated with a bit-flip to indicate which index of the Merkle tree is deactivated. VCs now have a signature that also contains the Issuer public key used for signing and the required hashes for Proof-of-Inclusion in the Issuer Merkle tree.
by Jelle Millenaar from Discord #tech-announcements