Enhancement: Decentralized Identifiers (DIDs) for true self-sovereign identity #106
Description
Background
Tribelike currently uses email-based authentication with WebAuthn. While this works, it still ties user identity to email addresses. Decentralized Identifiers (DIDs) could provide true self-sovereign identity that works across platforms.
How This Idea Came About
While documenting the authentication architecture, I noticed an interesting contradiction: Tribelike is fully P2P with no central authority, yet users still identify themselves with email addresses - which depend on centralized email providers. This feels like the last piece of centralization in an otherwise decentralized system. DIDs are the W3C standard for decentralized identity and would allow users to truly own their identity without depending on any external service.
Proposal
Implement DID-based authentication as an alternative to email-based login, allowing users to own their identity independently of any email provider or platform.
Implementation Approach
-
DID Methods
- Support
did:keyfor simplicity - Consider
did:webfor discoverability - Future:
did:ionfor permanence
- Support
-
Authentication Flow
// Generate DID from keypair const did = await generateDID(publicKey) // Store in Gun with proof gun.get('identities').get(did).put({ publicKey, proof: signature, profile: gun.get(`profile/${did}`) })
-
Migration Path
- Keep email auth as option
- Link DIDs to existing accounts
- Gradual transition
Benefits
- True ownership of identity
- Cross-platform identity portability
- No dependency on email providers
- Enhanced privacy
- Interoperability with other DID systems
Integration Points
- Verifiable Credentials for profiles
- Cross-platform reputation
- Decentralized social graph
- Identity recovery mechanisms
Considerations
- Key management UX
- Recovery mechanisms
- DID resolution methods
- Backwards compatibility