Every DID is associated with at least one key series. Apart from registering a new DID, every other type of request is associated with a DID address (
"did_address") and one of the DID's key series. The client specifies the attribute
"operation"according to the name of the request method. The current public key (
"current_key") in the series and the SHA-256 hash of the next public key (
"next_key_hash") is part of the request message whereas the current private key is used to sign the Base64 encoded request message.
To register for a new DID, a client must specify a new key series when she registers for a new DID address with
did_registeroperation. The client generates the first and second public-private key pairs in the new key series. In the request message, the client then specifies the first public key (
"current_key") and the SHA-256 hash of the second public key (
"next_key_hash"). The request message is then encoded in Base64 and signed by the first private key.
"current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWquJ9+BEBDQTA/xRmx5uAHOgKMue\nw1QoAGk+2mLVWGvFBW5D3BMPYOFtGM/tvubVjwY3tr9iRI+erSQUmFIvRg==\n-----END PUBLIC KEY-----",
The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request