-
Notifications
You must be signed in to change notification settings - Fork 24
Backup and recovery standards
This section will hold the backup and recovery standards defined for Alastria ID wallets
- Backup and recovery version: 1.0
- Last revision: October 2022
Alastria ID needs a backup and recovery that is standard between different Alastria ID compatible wallets. This enables the user the possibility to move his identity from one wallet provider to another easily.
The backup will focus on the users:
- Credentials
- Presentations
- Keystores and associated DID’s
All other internal variables, network information, etc. will be out of scope. This page details the backup & restore standard proposed to be used with Alastria ID version 2.X
NOTE: Backups made with wallets compatible with version 2.X WILL NOT be compatible with Alastria EPIC
The backup will consist of a container that is encrypted with a password known to the user. This password could be a password that is prompted before making the backup, or it could be tied to the user’s already stablished wallet password. The file format for this container is yet to be discussed.
Inside this container there will be the following folder and file structure:
- \alastria\
- \keystores\
- \credentials\
- \presentations\
- \dids\
- checksum_base.json
- version.json
- <wallet_provider_folder> OPTIONAL
It is a file at the root of the container that has information tied to the wallet that made the backup, its version, and information about compatibility with Alastria ID. The file is a JSON that has the following proposed structure:
{ "recovery_version": 1, "alastria_version": 2, "wallet_identifier": "Wallet MIIO", "wallet_version": "2.0" }
The alastria folder contains all the different folders and files pertaining to the users Alastria identity (credentials, presentation and keystores/DIDs).
It is a file that has a checksum of all the different files inside the \alastria folder that enables the wallet recovering the backup to check the integrity of all the files inside the \alastria directory
The proposed JSON structure of this file is:
{ "checksum_base":[ { "file":"\keystores\keystore_index.json", "alg":"SHA256", "checksum": "0F348A8390DC" }, { "file":"\keystores\keystore1.json", "alg":"SHA256", "checksum": "3B548C8390AB" } ] }
This folder will contain all the users keystores tied to his identities and DID's. It will contain one file that acts as a keystore index:
This file will reference all the keystores matching them with the user's DIDs, and meta information about the different uses and purposes of the keystores, and if it is used by the user or has been revoked. The proposed JSON structure is:
{ "keystores":[ { "filename":"keystore_name1.json", "type":"Alastria", "did":"did:...", "use":"main", "active":true, "revoked":false }, { "filename":"keystore_name2.json", "type":"Alastria", "did":"did:...", "use":"main", "active":true, "revoked":false } ] }
The keystore files being referenced here will be placed at this level.
This folder contains the dids.json file that contains the user DIDs.
This file contains an array of the different Alastria DIDs the user possesses. The proposed JSON structure is:
{ "dids":[ { "did":"did:ala:....", "active":true, "revoked":false }, { "did":"did:ala:....", "active":true, "revoked":false } ] }
This folder contains all the user's credentials inside credentials.json
It consists of an array of all the different credentials tied to the user DID's. The proposed JSON structure is:
{ "credentials":[ { "did":"did:ala:....", "jwt":"…" }, { "did":"did:ala:....", "jwt":"…" } ] }
Like the credential folder, it contains all the presentation the user has done.
The file has an array of the presentations tied to each DID. The proposed JSON structure is:
{ “presentations":[ {
"did":"did:ala:....", "jwt":"…"}, { "did":"did:ala:....", "jwt":"…" } ] }
This backup methods adds the possibility for each wallet provider to create their own custom recovery method inside this folder. Each wallet provider can use this folder to include other configuration options or to make a customized backup and recovery for their own wallet. With this folder if the backup and recovery is made with the same wallet provider, the user does not also recover their identity, credentials, and presentation but their own wallet configuration.
Note: This folder is optional and if present, will be ignored by other wallet providers.