What is a Decentralized Web Node (DWN)? A DWN is a data storage and message relay mechanism that allows entities to locate public or permissioned private data related to a specific Decentralized Identifier (DID). It facilitates secure and decentralized exchange of messages and data among people, organizations, devices, and other entities.
How does a DWN work? A DWN operates as a mesh data storage construction, allowing an entity to operate multiple nodes that synchronize their state among each other. This enables the owning entity to secure, manage, and transact with its data without relying on specific provider or location infrastructures, interfaces, or routing mechanisms.
What do I need to implement a DWN? To implement a DWN, a DID is required, and the service endpoints in the target DID’s DID document must be configured. This enables the resolution of URLs relative to the DID to properly locate the URI to address the DWNs of the DID owner.
How are messages authenticated and authorized in a DWN? Messages in a DWN may require authorization material for processing, following the permissions specified by the DWN owner. If a message requires authorization, it must include an authorization property with a JSON Web Signature (JWS), containing authentication and signature information.
What technologies underlie a DWN? A DWN comprises layers of components such as DID authentication, access and authorization, interface definitions, interface-specific processing, object format, and object signing/encryption, utilizing IPLD Multiformats to ensure interoperability and logical unity for users.
What is a Wallet and Credential Interaction (WACI)? WACI is a standard for interactions between a digital wallet and a trusted party requiring the exchange of information between the two.
How is a WACI interaction initiated? A WACI interaction can be initiated by presenting a QR code or a link to the user. The user will scan the QR code or click on the link to proceed with the interaction.
What is a Challenge Token in WACI? The Challenge Token contains information about the requested data from the wallet and a callback URL where the data should be sent. It is accessed through a challengeTokenUrl provided initially.
How is the interaction authenticated and authorized? The interaction requires the creation and signing of a Response Token by the user, acting as a way to prove ownership of their DID and pass additional data back to the trusted party.
What is a Challenge Token URL? It is a URL that provides the necessary Challenge Token for the interaction, including details about the requested data and how they should be sent.
What role does token storage play in WACI? While the Challenge Token is always returned to the trusted party, it does not need to be stored upon creation, helping to mitigate replay attacks while keeping storage costs low.