Resolve an IOTA Identity
DID resolution is the process of fetching and decoding a DID Document corresponding to a given DID. The IOTA Identity framework supports resolving DID Documents that are stored on an IOTA network and enables users to plug in handlers for additional methods.
This is similar to, but not to be confused with, the W3C DID Resolution specification, which defines function signatures for resolution in the context of web or REST APIs, whereas the IOTA Identity framework provides strongly-typed resolution for a better developer experience.
This functionality is primarily provided by the Resolver, which can:
- Resolve IOTA DID Documents.
- Resolve DID Documents from multiple DID methods.
- Resolve the DID Documents referenced in a verifiable presentation or credential.
Resolving an IOTA DID
The following examples demonstrate how to resolve an IOTA DID Document from its DID.
Resolver
Once you have configured a Resolver with a Client, it will resolve
IOTA DID Documents according to the read procedure defined in the IOTA DID Method Specification.
It fetches the Identity from the network specified in the DID (see DID Format),
then extracts and validates the DID Document from it.
- Rust
use examples::create_did_document;
use examples::get_client_and_create_account;
use examples::get_memstorage;
use identity_iota::iota::IotaDocument;
use identity_iota::prelude::Resolver;
/// Demonstrates how to resolve an existing DID
#[tokio::main]
async fn main() -> anyhow::Result<()> {
// create new client to interact with chain and get funded account with keys
let storage = get_memstorage()?;
let identity_client = get_client_and_create_account(&storage).await?;
// create new DID document and publish it
let (document, _) = create_did_document(&identity_client, &storage).await?;
let did = document.id().clone();
// We will be using a `Resolver` to resolve the DID Document.
let mut resolver = Resolver::<IotaDocument>::new();
// We need to register a handler that can resolve IOTA DIDs.
// This convenience method only requires us to provide a client.
resolver.attach_kinesis_iota_handler((*identity_client).clone());
let resolver_document: IotaDocument = resolver.resolve(&did).await.unwrap();
// Client and Resolver resolve to the same document.
assert_eq!(client_document, resolver_document);
Ok(())
}
Client
You can also use the Client directly to resolve individual DIDs from its configured network.
- Rust
use examples::create_did_document;
use examples::get_client_and_create_account;
use examples::get_memstorage;
use identity_iota::iota::IotaDocument;
#[tokio::main]
async fn main() -> anyhow::Result<()>{
let storage = get_memstorage()?;
let identity_client = get_client_and_create_account(&storage).await?;
// create new DID document and publish it
let (document, _) = create_did_document(&identity_client, &storage).await?;
let did = document.id().clone();
// We can resolve a `IotaDID` to bytes via client.
// Resolve the associated `Identity Object` and extract the DID document from it.
let client_document: IotaDocument = identity_client.resolve_did(&did).await?;
println!("Client resolved DID Document: {client_document:#}");
}
Advanced Resolver Configuration
You can configure the Resolver to support many use cases by attaching custom resolution handlers.
This enables the Resolver to resolve multiple DID methods, as well as customizing how
a particular DID method (such as the IOTA method) gets resolved.
This feature is mainly intended to be used together with the Resolver's convenience methods for handling verifiable presentations and credentials.
Resolving Multiple DID Methods
- Rust
loading...
Resolution for Verifiable Presentations
When validating verifiable presentations, you need to resolve the DID Documents of the verifiable credential issuers and presentation holder to verify their signatures.
Resolving the necessary DID Documents is
performed automatically when verifying presentations via the Resolver
When direct access to these DID Documents is desired, the Resolver also provides standalone methods to:
- Resolve a presentation holder's DID Document.
- Resolve the DID Documents of the issuers of the credentials in a verifiable presentation.
- Resolve the issuer's DID Document for a given verifiable credential.