Cryptographic key management is a challenging problem for the blockchain community. To address this problem, we have developed a decentralized key management toolkit called Didery which is designed to manage decentralized identifiers (DIDs). DIDs, as a W3C specification, have the potential to eventually supplant URLs as the main identifier in Web 3.0 applications. Didery implements ideas found in the paper titled “Decentralized Autonomic Data (DAD) and the three R's of Key Management” presented at the Rebooting the Web of Trust spring 2018 conference. Didery will improve the management, security, and user experience of anyone handling the cryptographic keys associated with DIDs. The initial release of Didery provides two main services, a key pre-rotation service and a one-time pad encrypted storage service. Pre-rotation enables creation/rotation/revocation of key rotation histories for the key pairs associated with a root DID. The service may be run as a rotation history service or as a set of redundant public servers. It also provides support for one-time pad encrypted private keys for recovery that works with the associated SeedQuest 3D key recovery mnemonic. The Didery toolkit is open-source with JavaScript and Python client SDKs for interacting with Didery servers. Didery helps simplify key management.
The project is built on the open source ioflo framework and also utilizes click, and lmdb on the back end. The frontend is built with Transcrypt and mithril.js.
python 3.6
libsodium 1.0.16
Linux or macOS
git
npm
wheel
This project depends on python 3.6. You will need to install it if you haven't already.
Clone or download the source from the didery Github repo and install from source with:
$ pip3 install -e /path/to/didery
Or intall through Pypi with:
$ pip3 install didery
Install node and npm on your system. You can find instructions here. Or if you use Ubuntu run this command:
$ sudo apt install npm
Then run these commands:
$ cd /path/to/didery/src/didery/static/
$ npm install
$ npm run-script transcrypt
A common issue with running the software is that your system doesn't have libsodium 16 or greater installed. Run these commands and try again:
Mac
$ brew install libsodium
Linux
$ wget https://download.libsodium.org/libsodium/releases/libsodium-1.0.16.tar.gz
$ tar -zxvf libsodium-1.0.16.tar.gz
$ cd libsodium-1.0.16
$ ./configure
$ make && make check
$ sudo make install
To start up the server simply run the command below
$ didery
After running the command a WSGI compatible Valet server will have been spun up to listen for web requests. The default port that didery will listen on is 8080.
The cli interface for didery has a couple options that you can see below.
Usage: didery [OPTIONS]
Options:
-p, --port INTEGER RANGE Port number the server should listen on.
Default is 8080.
-V, --version Return version.
-v, --verbose [mute|terse|concise|verbose|profuse]
Verbosity level.
--path DIRECTORY Path to the database folder. Defaults to
/var/didery/db.
--help Show this message and exit.
You can manage the backend from your browser by going to:
http://localhost:8080
The CLI uses click to build its interface. Unfortunately it doesn't always work well with other tools like circus because of character encodings. For this reason there is an alternative entry point into didery that uses parseArgs for the cli. If you run into character encoding errors you can try running didery as shown below.
$ dideryd
You will first need to clone the GitHub repo if you installed using the Pypi wheel. There are two sets of unit tests included in the project. The first of which tests the didery backend and can be run using the command:
$ pytest --ignore=src/didery/static/
The second tests the didery frontend and can be run using these commands:
$ cd /path/to/didery/src/didery/static/
$ npm run-script prep-tests
$ npm test
Running these tests prior to hosting the server helps ensure that everything in your copy of didery is working properly.
You can read the REST API documentation in the wiki and the frontend documentation in the docs folder.