Design Decisions (implicit DDO, Satoshi Audit Trail)

[kimdhamilton]

BTCR DID Method spec and libraries/samples will need to be updated

See #4 for type reference

• Decision 1: per Satoshi audit trail should be part of DID resolution metadata #9, Satoshi audit trail is not part of the DID document; instead it is DID resolver metadata.
  • this metadata should only be returned for implicit DDOs
• Decision 2: OP_RETURN clarification
  • OP_RETURN points to a URL that returns a JSON object (or array of JSON objects)
  • It's possible that none of these objects are a continuation DDO (id'd by type ContinuationService; see Need a Canonical BTCR 'Implicit' DID Document #4 )
• Decision 2a: There are 2 cases that may lead to implicit DDOs
  • Case 1: TX no OP_RETURN (no change here)
    • Verification/Auth key is signing key
    • Resolver must create/return Satoshi audit trail as resolver metadata
  • Case 2: TX with OP_RETURN and is URL. But the URL returns no JSON object with type ContinuationService
    • Same as Case 1 + Verification/Auth key is signing key of every object at that location
• Decision 4: if JSON object returned from OP_RETURN has type CredentialRepositoryService:BTCR (see Need a Canonical BTCR 'Implicit' DID Document #4) then that is a VC repo
  • these must be signed by implicit DDO key
• Decision 5: Resolver Failfast behavior
  • can't replace key-1 (must exist and be the same)

[kimdhamilton]

Regarding Decision 4, the DID resolver only cares about json objects that are continuation DID documents (typed by ContinuationService above).

What is the software component that's resolving VC repos, e.g. typed by CredentialRepositoryService:BTCR above?

It seems we'll need to be explicit about which software component is responsible for which part. I.e. Universal Resolver only responsible for returning DID Document and its own metadata, but not claims. TBD other component is doing that.