Key DID Accounts¶
The Key DID Method is an account which can be used to authenticate to Ceramic to perform transactions on streams.
What is a Key account?¶
The Key DID Method is the most simple DID method. It simply encodes a public key in the DID string, and when resolved converts this public key into a DID Document. Key DID is on the W3C's official DID method registry and is fully compliant with decentralized identity standards. Carefully read the considerations below before deciding to use the Key DID Method in your project.
- One key only: The DID Document for a Key DID is explicitly tied to a single crypto key. It can not support multiple keys in the DID document nor can it support key rotation, which means only one key can ever control the DID and it can never be changed in case it is compromised.
- For advanced users: For the reasons above, the Key DID Method is only suitable for advanced users who will only want to ever use one keypair to control their DID, and who have strong key security practices - such as a developer - and so generally will not be appropriate for identities for non-technical end users.
For the full specification, see Key DID Method specification →.
The DID string for the Key DID Method simply encodes the public key. Example Key DID identifier:
Key DID offers an immutable DID document that is statically generated from any cryptographic key pair. The DID document is not actually stored anywhere since it can always be regenerated from the key pair.
Building with Key DID¶
To use Key DIDs for user accounts in your project, install one of the Key DID Providers below: