DIP-263 Use User Data for public keys

# Abstract

Public keys should be treated as User Data types rather than content announcements.

We remove the Public Key Announcement and replace with a User Data type for each key type, namely `keyAgreement` and `assertionMethod`. These formats will be defined in Avro schema (a single Avro type, PublicKey), and added to the User Data section of the spec. The Public Key Announcement will be moved to "Migrated Announcements".

# Motivation

Public keys (for `keyAgreement` and `assertionMethod` key types, at least) are important for DSNP participants to be able to retrieve deterministically and quickly in order to accomplish tasks like graph encryption/decryption and credential verification.

If these are implemented as announcements (as is currently implied by the specification), the consumer must either rely on an outside content index, or an archive of state change events. The former is subject to man-in-the-middle attacks if not maintained directly by the querying party, and retrieval of the latter may be highly inefficient.

By defining these as User Data items, we guarantee that they can be accessed directly by DSNP Operations.

# Specification Pull Request

Current change pull request: #276 

# Rationale

This proposal is informed by implementation choices made by the DSNP over Frequency implementation.

# Backwards Compatibility

This is a declarative change only, so there should be no impact on current DSNP systems provided they are using a compatible storage strategy today.

# Reference Implementation and/or Tests

DSNP over Frequency is proposed as a reference implementation.

# Security Considerations

Treating keys as User Data should help avoid security challenges that might become a problem if content indexers were used:

1. Content indexers cannot be fully trusted to maintain data integrity as they sit outside the consensus system.
2. Content indexers could be subject to man-in-the-middle attacks.
3. Content indexers that are not fully in sync with the latest updates to keys could give the wrong answer to queries for a user's most recent key.

# Dependencies

None.

# References

DSNP spec:
- [Public Key Announcement](https://spec.dsnp.org/DSNP/Types/PublicKey.html)
- [User Data](https://spec.dsnp.org/DSNP/UserData.html)

# Copyright

Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DIP-263 Use User Data for public keys #263

Abstract

Motivation

Specification Pull Request

Rationale

Backwards Compatibility

Reference Implementation and/or Tests

Security Considerations

Dependencies

References

Copyright

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

DIP-263 Use User Data for public keys #263

Description

Abstract

Motivation

Specification Pull Request

Rationale

Backwards Compatibility

Reference Implementation and/or Tests

Security Considerations

Dependencies

References

Copyright

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions