Digital Identity
Version 1.0.0
English / 中文
Introduction
A description of an Ontology Digital ID can be found in our ONT ID Protocol and Trust Framework document.
Digital ID management
Identity data structure
ontid The unique ID for this identity
label The name given to the identity by the user
lock ndicates whether the account is locked by the client user - Locked identities should not be updated by the client
controls An array of identity control Data
extra Extra information stored by client developer - value can be null
Example Identity data structure
public class Identity {
public String label = "";
public String ontid = "";
public boolean isDefault = false;
public boolean lock = false;
public List<Control> controls = new ArrayList<Control>();
}
Control data structure
algorithm Name of the encryption algorithm used
parameters Encryption parameters
curve Elliptic curve used
id The control identifier
key NEP-2 private key
salt Private key decryption salt
hash Hash algorithm for derived privateKey
Example Control data structure
public class Control {
public String algorithm = "ECDSA";
public Map parameters = new HashMap() ;
public String id = "";
public String key = "";
public String salt = "";
public String hash = "sha256";
@JSONField(name = "enc-alg")
public String encAlg = "aes-256-gcm";
public String address = "";
}
Registering a digital identity
Digital identity creation refers to the generation of an Ontology digital identity with an appropriate identity data structure which would then be written to a wallet file.
Java SDK method to register a digital identity
Identity identity = ontSdk.getWalletMgr().createIdentity("password");
//any identity, once created is stored in memory only. A write api should be invoked to write to a wallet file.
ontSdk.getWalletMgr().writeWallet();
Registering a blockchain-based digital identity
Only after successfully registering a digital identity with the blockchain can the identity be truly used.
There are two ways to register your identity with the chain:
- Registrant specifies the account address for payment of transaction fees.
Identity identity = ontSdk.getWalletMgr().createIdentity(password);
ontSdk.nativevm().ontId().sendRegister(identity,password,payer,payerpwd,gaslimit,gasprice);
- Send the constructed transaction to the server and let the server sign the transaction fee account.
Identity identity = ontSdk.getWalletMgr().createIdentity(password);
Transaction tx = ontSdk.nativevm().ontId().makeRegister(identity.ontid,password,salt,payerAcc.address,ontSdk.DEFAULT_GAS_LIMIT,0);
ontSdk.signTx(tx,identity.ontid,password,salt);
ontSdk.getConnect().sendRawTransaction(tx);
Upon successful registration, the corresponding DDO of the ONT ID will be stored on the Ontology blockchain. Detailed information about DDO can be found in ONT ID identity protocol and smart contract implementation
Identity management
Import identity
Users who have already created a digital identity may import it into a wallet file via the SDK.
Note: It is advised to check if an identity already exists on the blockchain before you import one. If DDO does not exist, it means that no such identity has been registered on the blockchain. Then you may need to use ontSdk.getOntIdTx().sendRegister(identity,"passwordtest") for registration.
Example to import digital identity
Identity identity = ontSdk.getWalletMgr().importIdentity(encriptPrivateKey,password,salt,address);
//write to wallet
ontSdk.getWalletMgr().writeWallet();
Parameter Descriptions:
encriptPrivateKey: Encrypted private key
password: Password used to encrypt the private key
salt: Private key decryption salt
address: Account address
Remove identity
Example to remove digital identity
ontSdk.getWalletMgr().getWallet().removeIdentity(ontid);
//write to wallet
ontSdk.getWalletMgr().writeWallet();
Set default identity
Example to set default digital identity
ontSdk.getWalletMgr().getWallet().setDefaultIdentity(index);
ontSdk.getWalletMgr().getWallet().setDefaultIdentity(ontid);
Query blockchain based digital identity
The DDO of a blockchain based digital identity can be queried by using the ONT ID.
Example to query blockhain for digital identity
//get DDO by entering ONT ID
String ddo = ontSdk.nativevm().ontId().sendGetDDO(ontid);
//return in DDO format
{
"Attributes": [{
"Type": "String",
"Value": "value1",
"Key": "key1"
}],
"OntId": "did:ont:TA5UqF8iPqecMdBzTdzzANVeY8HW1krrgy",
"Recovery": "TA6AhqudP1dcLknEXmFinHPugDdudDnMJZ",
"Owners": [{
"Type": "ECDSA",
"Curve": "P256",
"Value": "12020346f8c238c9e4deaf6110e8f5967cf973f53b778ed183f4a6e7571acd51ddf80e",
"PubKeyId": "did:ont:TA5UqF8iPqecMdBzTdzzANVeY8HW1krrgy#keys-1"
}, {
"Type": "ECDSA",
"Curve": "P256",
"Value": "1202022fabd733d7d7d7009125bfde3cb0afe274769c78fd653079ecd5954ae9f52644",
"PubKeyId": "did:ont:TA5UqF8iPqecMdBzTdzzANVeY8HW1krrgy#keys-2"
}]
}
Ontid attributes
Update blockchain-based DDO attribute
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | password | String | Publisher’s address | Required, password to decrypt private key |
| ontid | String | Name of asset | Required, ID | |
| salt | byte[] | Required | ||
| attributes | Attribute[] | Attribute array | Required | |
| payerAcct | Account | Payment transaction account | Required | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | 64-bit string |
Example to update an ontid attribute by specifying payer address for transaction fees
String sendAddAttributes(String ontid, String password,byte[] salt, Attribute[] attributes,Account payerAcct,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().sendAddAttributes(ontid,password,salt,attributes,payer,gaslimit,0);
ontSdk.signTx(tx,identity.ontid.replace(Common.didont,""),password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to update an ontid attribute by specifying that the node should sign
Transaction makeAddAttributes(String ontid, String password,byte[] salt, Attribute[] attributes,String payer,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeAddAttributes(ontid,password,salt,attributes,payer,gaslimit,0);
ontSdk.signTx(tx,identity.ontid.replace(Common.didont,""),password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Remove blockchain-based DDO attribute
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | password | String | Publisher’s address | Required, password to decrypt private key |
| ontid | String | Name of asset | Required, ID | |
| salt | byte[] | required | ||
| path | String | Path | Required | |
| payerAcct | Account | Payment transaction account | Required,payer | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | transaction hash | 64-bit string |
Example to remove an ontid attribute by specifying payer address for transaction fees
String sendRemoveAttribute(String ontid,String password,salt,String path,Account payerAcct,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().sendRemoveAttribute(ontid,password,salt,path,payer,gaslimit,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to remove an ontid attribute by specifying that the node should sign
Transaction makeRemoveAttribute(String ontid,String password,byte[] salt,String path,String payer,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeRemoveAttribute(ontid,password,salt,path,payer,gaslimit,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Ontid publicKey
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | password | String | Identity password | Required |
| salt | byte[] | Required | ||
| ontid | String | Identity ID | Required, identity ID | |
| newpubkey | String | Public key | Required, new pubkey | |
| payerAcct | Account | Payer account | Required, payer | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
Add/update an ontid publicKey
Example to add/update an ointid publicKey by specifying payer address for transaction fees
String sendAddPubKey(String ontid, String password,byte[] salt, String newpubkey,Account payerAcct,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().sendAddPubKey(ontid,password,salt,newpubkey,payer,gas,0);
ontSdk.signTx(tx,identity.ontid.replace(Common.didont,""),password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to add/update an ointid publicKey by specifying that the node should sign
Transaction makeAddPubKey(String ontid,String password,String newpubkey,String payer,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeAddPubKey(ontid,password,salt,newpubkey,payer,gas,0);
ontSdk.signTx(tx,identity.ontid.replace(Common.didont,""),password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to add/update an ointid publicKey using a recovery address
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | ontid | String | Identity ID | Required,identity ID |
| recoveryAddr | String | Recovery address | Required | |
| password | String | Recovery password | Required | |
| salt | byte[] | Required | ||
| newpubkey | String | Public key | Required, new pubkey | |
| payerAcct | Account | Payer | Required, payer | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
String sendAddPubKey(String ontid,String recoveryAddr, String password,byte[] salt, String newpubkey,Account payerAcct,long gaslimit,long gasprice)
Example to add/update an ointid publicKey using a recovery address without salt
Transaction makeAddPubKey(String ontid,String recoveryAddr,String password,String newpubkey,String payer,long gaslimit,long gasprice)
Parameter descriptions - please refer to recovery method above
Remove publicKey
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | password | String | Identity password | rRquired |
| salt | byte[] | Required | ||
| ontid | String | Identity ID | Required,identity ID | |
| removePubkey | String | Public key | Required, removePubkey | |
| payerAcct | Account | Payer account | Required,payer | |
| gaslimit | long | gaslimit | Required | |
| gasprice | long | gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
Example to remove an ointid publicKey by specifying payer address for transaction fees
String sendRemovePubKey(String ontid, String password,byte[] salt, String removePubkey,Account payerAcct,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().sendRemovePubKey(ontid,password,salt,removePubkey,payer,gas,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to remove an ointid publicKey by specifying that the node should sign
String makeRemovePubKey(String ontid, String recoveryAddr,String password,salt, String removePubkey,String payer,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeRemovePubKey(ontid,password,salt,removePubkey,payer,gas,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to remove an ointid publicKey using a recovery address
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | ontid | String | Identity ID | Required, identity ID |
| password | String | Identity password | Required | |
| salt | byte[] | Required | ||
| recoveryAddr | String | Recovery password | Required | |
| removePubkey | String | Public key | Required. remove pubkey | |
| payerAcct | Account | Payer | Required, payer | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
String sendRemovePubKey(String ontid, String recoveryAddr,String password,salt, String removePubkey,Account payerAcct,long gaslimit,long gasprice)
Example to remove an ointid publicKey using a recovery address without salt
Transaction makeRemovePubKey(String ontid,String recoveryAddr, String password,salt, String removePubkey,String payer,long gaslimit,long gasprice)
Parameter descriptions - please refer to recovery method above
Ontid recovery
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | password | String | Identity password | Required |
| ontid | String | Identity ID | Required, identity ID | |
| password | String | Identity password | Required | |
| salt | byte[] | Identity salt | Required | |
| recoveryAddr | String | Recovery address | Required, recovery | |
| payerAcct | Account | Payer | Required, payer | |
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
Add recovery address
Example to add a recovery address to an ointid by specifying payer address for transaction fees
String sendAddRecovery(String ontid, String password,byte[] salt, String recoveryAddr,Account payerAcct,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().sendAddRecovery(ontid,password,salt,recovery,payer,gas,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Example to add a recovery address to an ointid by specifying that the node should sign
Transaction makeAddRecovery(String ontid, String password,salt, String recoveryAddr,String payer,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeAddRecovery(ontid,password,salt,recovery,payer,gas,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);
Change recovery address
| Param | Field | Type | Description | Remarks |
|---|---|---|---|---|
| Input param | ontid | String | Identity ID | required,identity ID |
| newRecovery | String | New recovery address | Required,newRecovery | |
| oldRecovery | String | Old recovery address | Required,oldRecovery | |
| password | String | Old recovery password | Required | |
| salt | byte[] | Required | ||
| gaslimit | long | Gas limit | Required | |
| gasprice | long | Gas price | Required | |
| Output param | txhash | String | Transaction hash | Transaction hash |
Example to change the recovery address
String sendChangeRecovery(String ontid, String newRecovery, String oldRecovery, String password,salt,long gaslimit,long gasprice)
Transaction tx = ontSdk.nativevm().ontId().makeAddRecovery(ontid,newrecoveryaddress,oldrecoveryaddress,password,salt,gas,0);
ontSdk.signTx(tx,identity.ontid,password);
ontSdk.getConnectMgr().sendRawTransaction(tx);