FaviDiD is a Brand New way to Decentralized Identify you. using some cryptography Math you
can identify yourself using a Private Key to sign your Requests and a Public Key for the service to verify it is
from you.
to use FaviDiD you can use This Specification to insure interoperability. If you do not Like
where this is going please fork.
danger! Deprecated! as of . reason: vague and underspecific.
Table Of Contents
Table Of Contents
Status of this document
this document written on
and
is Semantic version0.0.1.
this document is self-published independently.
link to examples, for now, there are none that fully implement this specification. should be an
<ul> of links.
Definitions
Planet
A Server Implementing is called a Planet.
Edge
A Client Implementing is called an Edge. an edge is a client that interacts with the planet. could be a
browser extension, the bowser, or an app.
The Protocol
The Protocol as set forth in This Specification
The Specification
The Specification is this htmlpage.
/Favicond_/
The Base Path of the protocol interactions. the underscore is a MUST. this path is directly after the
domain.
REQUIRE
RFC2119's REQUIRED
Edge-Defined
Planet-Defined
A feature whose specific behavior is determined by the host environment rather than this specification.
While this document may provide constraints, the Planet or Edge is free to define the exact behavior within
those bounds.
Global Rules
All interactions MUST follow these global rules. If these rules are violated, the Edge MUST abort the interaction
and notify the user.
Applications MUST NOT connect to HTTP, Applications MAY try to change HTTP to HTTPS.
when a 404 or 500 is encountered Edges MUST read the Content-Type Header, if it states text/html the Edge SHOULD ignore the body and
state the feature isnt supported to the user.
Key Generation
use the Ed25519 and create a Private-Key and a
Public-Key, store them securely.
Decentralized id
To create a Decentralized id, MUST follow these steps
$Result is string did:favidid:.
set $Result to the concatenation of $Result and ed25519:.
set $publicKey to the encoded bytes of $publicKey using base58 (Bitcoin alphabet, no
padding).
$Result is $Result concatenated with $publicKey.
Return $Result.
Authentication
For Planets
Signing Up
As A Planet you need to have some endpoints open for standardized connection. This Specification does not make
any REQUIREments about how you store your data, just that the data is delivered in these Formats.
When an Edge wants to sign up for your planet. you (reference to Your Planet) MUST
Generate a Nonce and keep it for 30 Seconds. how you create the Nonce is Planet-Defined but MUST be within the base58 alphabet.
REQUIRE the user to give you their FaviDiD
(it is only their Public-Key, it is ok)
the Edge MUST sign the Nonce in a JWT described below.
You MUST check if the Nonce in their JWT Matches exactly as you gave it and that 30 seconds MUST NOT have
passed.
if the Nonce matches create the user account, if it fails to match and that 30 seconds MUST NOT have
passed, then fail the creation
For Edges
Signing Up
As An Edge you need to accept the Planet Nonces and sign them with that Private-Key of the user.
When You Receive a Planet Nonce from The User. you MUST create a JWT with the header being
(whitespace is Edge-Defined)