NEW
Report & API Now Live! Data insights report and open data API endpoints live as of September 23, 2025

Description

Description
Source

Indy DID Method is a decentralized identifier specification designed for privacy-preserving self-sovereign identity on Hyperledger Indy networks. The method comes in two implementations: the original Indy Node implementation and the newer Indy Besu implementation that leverages Hyperledger Besu blockchain technology.

The method enables creation and management of decentralized identifiers specifically for verifiable credentials use cases. Key features include:

  • Network-specific namespaces allowing DIDs to be uniquely resolved across multiple Indy networks
  • Self-certifying identifiers derived from public keys for enhanced security
  • Privacy-preserving design that prevents storage of personal data on-chain
  • Permissioned ledger model with defined roles like Trustees and Stewards
  • State proofs for validated reads from a single node

For the original implementation, DIDs are stored as NYM transactions containing:

  • The DID identifier
  • An Ed25519 verification key
  • Optional DID Document content
  • Version information

For the Indy Besu implementation, DIDs are stored as complete W3C DID Documents using:

  • Secp256k1 keys for blockchain transactions
  • Ethereum-style addresses as identifiers
  • Smart contract-based registry

Technical details:

  1. DID Structure:
  • Format: did:indy:<network>:<identifier> or did:indy:besu:<network>:<ethereum-address>
  • Network identifies specific Indy instance (e.g., sovrin, idunion)
  • Identifier is either base58-encoded or Ethereum address
  1. Key Operations:
  • Create: Write new NYM/DID Document with verification key
  • Read: Resolve DID to DID Document with state proof
  • Update: Modify verification key or DID Document content
  • Deactivate: Set verification key to null
  1. Security Features:
  • Multi-signature support for governance
  • State proofs for validated reads
  • Role-based access control
  • Transport layer security via CurveZMQ/devp2p
  1. Privacy Considerations:
  • No personal data stored on-chain
  • Public read access but permissioned writes
  • Correlation possible through public DIDs
  • Surveillance resistance through single-node reads

Projects compatible with, endorsing or using this DID Method

Compatible DLT Instances

DLT Instance
Operator
Source

Entities maintaining or authoring this DID Method

Persons associated with this DID Method

If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page