Core Concepts

Welcome to TrustWeave’s core concepts! This section introduces the fundamental building blocks of decentralized identity and trust systems.

New to TrustWeave? Start with the Mental Model guide to understand how TrustWeave works at a conceptual level before diving into specific concepts.

What You’ll Learn

  • Decentralized Identifiers (DIDs) - How to create and manage decentralized identities
  • Verifiable Credentials (VCs) - How to issue, store, and verify credentials
  • Wallets - How to manage credentials and identities
  • Blockchain Anchoring - How to anchor data to blockchains
  • Smart Contracts - How to create and execute executable agreements
  • Key Management - How to manage cryptographic keys securely

Table of Contents

  1. Decentralized Identifiers (DIDs) - Understanding DIDs and DID Documents
  2. Verifiable Credentials - Understanding VCs and their lifecycle
  3. Wallets - Understanding credential and identity wallets
  4. Blockchain Anchoring - Understanding data anchoring
  5. Smart Contracts - Understanding executable agreements with verifiable credentials
  6. Blockchain-Anchored Revocation - Understanding revocation with blockchain anchoring
  7. Key Management - Understanding key management systems
  8. Algorithm Compatibility Table - Algorithm support in DIDs, VCs, AWS KMS, and Azure Key Vault
  9. JSON Canonicalization - Understanding data integrity
  10. Credential Exchange Protocols - Protocol abstraction layer for credential exchange (DIDComm, OIDC4VCI, CHAPI)

Quick Overview

Decentralized Identifiers (DIDs)

A DID is a self-sovereign identifier that you control. Unlike traditional identifiers (like email addresses), DIDs are:

  • Decentralized: No central authority controls them
  • Persistent: They don’t change when you switch providers
  • Cryptographically verifiable: You can prove ownership with cryptographic keys

Example: did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK

Verifiable Credentials (VCs)

A Verifiable Credential is a tamper-evident credential that follows the W3C VC Data Model. VCs contain:

  • Claims: The actual data (e.g., “name: Alice”, “age: 30”)
  • Proof: Cryptographic proof of who issued it
  • Metadata: Issuer, issuance date, expiration, etc.

Example: A university diploma, driver’s license, or professional certification.

Wallets

A Wallet is a secure container for managing your credentials and identities. TrustWeave wallets support:

  • Credential Storage: Store and organize verifiable credentials
  • Organization: Collections, tags, and metadata
  • Lifecycle Management: Archive and refresh credentials
  • Presentation Creation: Create verifiable presentations
  • Identity Management: Manage DIDs and keys (optional)

Blockchain Anchoring

Blockchain Anchoring provides tamper-proof timestamps and integrity verification by storing data references on blockchains. This enables:

  • Provenance: Prove when data was created
  • Integrity: Detect if data has been tampered with
  • Immutability: Create permanent records

Smart Contracts

Smart Contracts are executable agreements between parties that combine:

  • Verifiable Identity: Parties identified by DIDs
  • Cryptographic Proof: Contract terms wrapped in Verifiable Credentials
  • Immutable Audit Trail: Blockchain anchoring for tamper-proof records
  • Pluggable Execution: Parametric, conditional, scheduled, event-driven, or manual execution

Example: Parametric insurance contracts that automatically pay out based on EO data triggers.

Key Management

Key Management involves securely generating, storing, and using cryptographic keys for:

  • Signing: Creating proofs for credentials
  • Verification: Verifying proofs from others
  • Encryption: Protecting sensitive data

See the Algorithm Compatibility Table for a comprehensive comparison of algorithm support across DIDs, VCs, AWS KMS, and Azure Key Vault.

Next Steps

New to TrustWeave?

Ready to learn concepts?

Want hands-on practice?

Table of contents