A “DIDComm 101” presentation at the Internet Identity Workshop (IIW) in Mountain View last month inspired the creation of a new tool that enables anyone to easily send and receive DIDComm messages. Colton Wolkins, Senior Software Engineer at Indicio, explains.
Please provide a quick introduction to DIDComm and the DIDComm Demo
DIDComm is short for DID Communication, a protocol which lets people and software use Decentralized Identifiers (also known as DIDs) to communicate securely and privately over many channels including the Internet, Bluetooth, mobile push notifications, and QR codes.
The idea for the DIDComm Demo came about just before the Internet Identity Workshop (IIW) in California last month. Sam Curren (Indicio’s Senior Systems Architect, and Deputy CTO) realized that everything he was presenting at IIW using slides, we could show using a simple self-serve tool that helps people see for themselves how DIDComm works.
The DIDComm Demo allows you to connect to another person, a computer, a phone or simply another window in a different browser tab so you can see DIDComm messages traverse back and forth after the messages have been decrypted.
The reason we wrote this as a separate app was to allow people to see how DIDComm works without needing to sift through or learn a substantial stack like Hyperledger Aries Cloud Agent Python (ACA-Py).
Who is the Demo designed for?
Anyone who wants to understand how the technology works. For example, developers who want to build their own solutions on top of DIDComm can connect to the Demo from whatever they are building, to test that messages are being sent correctly.
We used a chat window approach to make it easy to understand. The tool is stripped down to the essentials, so it’s easy to see what’s going on. If you open up your browser’s network inspector, you’ll find all your messages are encrypted and your data is secure.
The DIDComm Demo is entirely open source. If anyone wants to look at code, to see how it works and learn from it, they can.
Please explain the concept of mediators in DIDComm, and their role in the DIDComm Demo
DIDComm doesn’t provide an inherent way to store messages. Also your phone’s IP address is always changing, so there’s no way to talk directly to it. Mediators are cloud-based agents that enable DIDComm messages to be stored and routed.
For example, if your travel agent sends you a DIDComm message about your flight, the mediator stores the message if your phone is offline. When the phone comes back online it talks to the mediator and says “Here I am, please send me any messages.”
Mediators tend to be hosted on the public Internet, so they have a domain name which points to the mediator’s IP address. They can either deliver messages directly to mobile devices, or collect messages from many agents at a single endpoint for future delivery.
A mediator must be accounted for when the sender encrypts a message. For example: If I am connected to you and I send you a message through your mediator, I first encrypt it so only you can decrypt it, then I encrypt it again so only your mediator can read whom to send the message to.
The DIDComm Demo is connected to a mediator. That’s what enables two people across the world to send messages to each other. At the moment, it happens to use the Indicio mediator (we don’t gain any insight into whether a message is coming from the Demo or any other application). We’re hoping to support more mediators, as other organizations bring WebSocket-capable mediators online.
DIDComm uses did:peer2 DIDs to establish a connection. The public keys are included in the DID document — one for signing, one for encryption — together with a service endpoint (a location to talk to), in this case, the Indicio Mediator’s DID. When you send a message, the Demo app resolves the mediator’s DID and finds the URL to which to relay the message.
For more information on mediators, see https://book.didcomm.org/routing/
How can someone access the DIDComm Demo?
Go to demo.didcomm.org. You’ll see a Help button there with a tutorial, plus a link to the github repo.