IV. Frequently Asked Questions (DWN)

  1. What is a Decentralized Web Node (DWN)? A DWN is a data storage and message relay mechanism that allows entities to locate public or private permissioned data related to a specific Decentralized Identifier (DID). It facilitates the secure and decentralized exchange of messages and data between individuals, organizations, devices and other entities.
  2. How does a DWN work? A DWN operates as a mesh data storage construct, allowing an entity to operate multiple nodes that synchronize their state with each other. This allows the owning entity to secure, manage and transact its data without relying on vendor- or location-specific infrastructures, interfaces or routing mechanisms.
  3. What do I need to implement a DWN? To implement a DWN, it is necessary to have a DID and to configure the service endpoints in the DID document of the target DID. This allows the resolution of URLs relative to the DID to properly locate the URI to address the DWN of the DID owner.
  4. How are messages authenticated and authorized in a DWN? Messages in a DWN may require authorization material for processing, following the permissions specified by the DWN owner. If a message requires authorization, it must include an authorization property with a JSON Web Signature (JWS), which includes authentication and signature information.
  5. What technologies underlie a DWN? A DWN consists of layers of components such as DID authentication, access and authorization, interface definitions, interface-specific processing, object formatting and object signing/encryption, using IPLD Multiformats to ensure interoperability and logical unity for users.
  6. What is a Wallet and Credential Interaction (WACI)? WACI is a standard for interactions between a digital wallet and a trusted party that requires the exchange of information between the two.
  7. How is a WACI interaction initiated? A WACI interaction can be initiated by presenting a QR code or link to the user. The user will scan the QR code or click on the link to proceed with the interaction.
  8. What is a Challenge Token in WACI? The Challenge Token contains information about the requested wallet data and a callback URL where the data should be sent. Accessed through a challengeTokenUrl initially provided.
  9. How is the interaction authenticated and authorized? The interaction requires the creation and signing of a Response Token by the user, which acts as a way to prove ownership of their DID and pass additional data back to the relying party.
  10. What is a URL Challenge Token? It is a URL that provides the Challenge Token required for the interaction, including details about the data requested and how it should be sent.
  11. What role does token storage play in WACI? Although the Challenge Token is always returned to the relying party, it does not need to be stored at its creation, which helps mitigate replay attacks by keeping storage costs low.