How to we replace or recover the did if we lost the key or forgot the mnemonic phrase?
thomas-tran opened this issue · 6 comments
if your recovery key or mnemonic used to generate it are lost, you cannot recover.
@OR13 Here is an use case and I would need your suggestion
A government agency issue the did for citizen. There are two key generated, one is for general purpose, authentication and signing. This key will be sent to the citizen. Another key is for recovery which will be kept by the government agency. Those keys added to the did document model in order to generate the create operation and later anchor in sidetree.
If the the citizen lost the key e.g. for signing and authentication. Can the government agency used the recovery key to recover and replace the new signing and authentication key for the citizen? If yes, does the citizen did will be changed?
I went though the test folder in the repo but I could not find any test case for it. Would you point me to the right direction? How to do it using the code?
Thanks
Thomas.
In the case that the citizen relies on the government to control the recovery key or a mnemonic that generates it, the government can recover the DID for the citizen.... this would not change the DID, but it might impact the citizen's ability to use it, for example, a malicious government could rotate all citizen keys to ones that ONLY they controlled.
recovery keys are a bit like root, if you don't control root on your system, you don't really control your system.... many folks live their whole life without realizing that root accounts exist, particularly in cases where they trust a system admin to manage their user account.
here are the test vectors associated with recovery operations:
https://github.com/decentralized-identity/sidetree/blob/master/tests/vectors/generated.json#L158
They are tested here:
https://github.com/decentralized-identity/sidetree/blob/master/tests/core/Resolver.spec.ts#L5
I would recommend not trusting anyone to manage your recovery keys for you, they will have the ability to deactivate you at any time.
You are absolutely right that we could not trust anyone for the recovery key. However, in the real world, people tend to forget thing e.g. the 18 year old boys got his citizen identity and may forgot the private key. How can he recovery his identity which required to use in many public services? At the moment, you just need to go to the government agency to provide proof like passport or thumbnail and they can issue you the new identification card. On the other hand, how can you do it with the decentralize identity.
an agency can always assign a new identifier.
there are other schemes where you use secret sharing to split a recovery, etc...
but end of the day, whoever controls the recovery key control the identifier.
There are other scenarios where the citizen generate they DID get documents issued to it vs a government generating it and then transferring partial or full control.
in general custodial or recoverable identifiers are more appropriate for scenarios where user experience and trust in or reliance on "others" is more important than censorship resistance.
Thanks