search

Key Series Revocation

A client can revoke any existing key series in a DID with did_revoke operation by specifying the ID of the revoked key series. Similar to did_add, this operation requires another active key series to sign and verify its HTTP request.

circle-info

A private-public key pair is always required to sign and verify a request. Hence, every DID must always have at least one active key series.

circle-exclamation

A key series cannot be used to revoke itself.

hashtag
did_revoke

DELETE https://test-network.finema.co/did/<did_address>/key/<key_id>

hashtag
Request Body

Name
Type
Description

operation

string

The method's name that is "did_revoke".

did_address

string

The DID address.

current_key

string

The current public key in the series. It is used to verify the request's signature.

next_key_hash

string

The SHA-256 hash of the next public key in the series.

key_id

string

The ID of the revoked key series.

nonce

number

The request nonce.

{
    "operation": "did_revoke",
    "did_address": "did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5",
    "key_id": "f975e5f2e4a06fced2d65bd59e12c33c901814555b026264b8377ace79cee60a"
}

hashtag
Example Message and Request

The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request

PreviousKey Series AdditionNextResetter Registration

Last updated