- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 14 Dec 2025 20:52:06 -0500
- To: Otto Mora <omora@privado.id>
- Cc: W3C Credentials CG <public-credentials@w3.org>
On Sat, Dec 13, 2025 at 5:19 PM Otto Mora <omora@privado.id> wrote: > There are a few things I would like to ask about from my read of the did:cel method spec I will do my best to provide satisfactory answers. :) > From the intro: > >Witness and file storage services are abundant, easy to operate at scale > > Which types of storage services do you have in mind? Because from what I have seen with things like IPFS is that you end up needing to provide your own server to make sure files are "pinned" and not lost. The best way to make sure IPFS works is by either having a server of your own or paying a service that will keep your files pinned (at which point I wonder why you would not just use a blockchain to pay for your changes to be recorded to the VDR?). The storage service is anything that can serve a file from the Web. For example, a free Github Pages location would be adequate. Something like this would do the trick: https://ottomorac.github.io/dids/did:cel:zW1ymin3LpATUgYTS7N58FLHtQ4HEjPC3ViLfgPJX6KaPMh Similarly, communities (such as the CCG) could offer DID CEL storage services. I'll note that CCG has been providing enough storage (for our meetings/videos) over the past decade to store the equivalent of 12.5M DIDs containing about 30 years+ of DID Document history each. That's why I said the storage services are abundant and easy to operate at scale. > From section 3, Witness Services: > > Unlike centralized timestamp authorities or blockchain validators, witnesses operate autonomously without controlling or storing the DIDs they attest to > > Can you explain why using blockchain nodes / validators would restrict you or control your DIDs? In the case of a public blockchain, even if, say there was a malicious blockchain node that selectively filters out certain transactions (based on some arbitrary censorship criteria) your transaction could still likely be processed by another node that does not follow that censorship criteria; a public blockchain is permissionless after all. Ah, yeah, that sentence in the spec is badly written. What I was trying to say is that 1) if a witness can see what it is witnessing, then it can reject witnessing it (I view that as a very bad outcome), 2) if a centralized timestamp service requires you to use it for all timestamps, it controls the history, and 3) if a blockchain goes away (unlikely, except for all the non-mainstream blockchains that have failed to date), it can deprive you of your DID history and your ability to update your DID. The argument is to use a witness service where it can't see what is being signed and where you don't care if they're around tomorrow (you got what you needed out of them when you contacted them, which was a witnessed timestamp on a particular hash). I wasn't trying to make a value judgement about blockchains... I was saying the only part of the blockchain that we need for this system is the blind witnessing part of it and nothing else. > From section 6.1 Witness Collusion and Compromise > > To mitigate witness collusion risks, implementers are encouraged to select witnesses operated by independent entities with diverse operational and jurisdictional characteristics > > Could you suggest what would be the economical or other type of incentives that would motivate an organization make a witness server available? The same motivations that have kept w3id.org and the CCG infrastructure operational for the last 10 years -- someone wants to see it exist and the financial burden of running the service is negligible. The cost of running a witness is the server cost (negligible) and the HSM cost (negligible). It's much less than running the CCG infrastructure, that's for sure. :) IOW, you make this stuff cheap enough and organizations can run them at costs that are a rounding error of what their typical yearly cloud operational costs are. Now, I don't want to trivialize the costs at scale (what happens when you have a billion DIDs using your witness or storage service? ... but if you have a billion people using something, money usually shows up to keep the lights on. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Monday, 15 December 2025 01:52:46 UTC