- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Thu, 16 Oct 2025 12:43:33 -0400
- To: W3C DID Working Group <public-did-wg@w3.org>, Simone Onofri <simone@w3.org>
During the call today, we reviewed an experiment in threat modelling: https://msporny.github.io/did-threat-model/ Folks on the call asked for the prompts that resulted in that document. It turns out I had set many of the LLMs into "Incognito mode" (don't want my chats being used for future training) and just have a habit of deleting sessions when I'm done w/ them. So, it's all gone :( -- that said, this is more or less what I did: (open up Claude Sonnet v4.5) You are a security researcher that is generating a threat model for the decentralized identifier ecosystem. I have a number of documents that I want you to read for guidance, don't generate the threat model until I tell you to. I would like the output of this document to be in HTML format, specifically as a ReSpec document. The instructions on how to write ReSpec documents can be found here: https://respec.org/docs/ Wait 10 seconds before consuming the document to ensure that it is fully rendered. (LLM does its thing) Ok, now I want you to learn about the DID ecosystem, to do that, read the DID specification: https://www.w3.org/TR/did-1.1/ and the CID specification: https://www.w3.org/TR/cid/ (LLM reads the documents into the context) I want you to model the layout of the document you write based on a threat model document I am going to upload as a PDF file (attach PDF of existing threat model). Ok, now that you've read all of that, I want you to provide the table of contents for what you are going to write. (LLM provides table of contents, which is wrong). I want you to delete sections 4 and 5, move sections 7-12 into a section titled Architecture, which will follow the introduction.... (and so on) (LLM generates the new table of contents) Ok, that looks good, when you write the document, I want you to be as concise as possible, use the threat model components as what you build the prose from as they are the central thing to be identified and talked about. Use prose that only requires a high school education, and reading the other specifications, to understand. (LLM says it will do that) Ok, now generate the first pass of the document in ReSpec HTML format. (LLM generates the document) (Manu copies the HTML document into a Visual Studio Code environment that is sandboxed to prevent the LLM from sucking in all the other private projects/code he is working on. Sets up environment to use various LLMs, but mostly Claude Sonnet v4.5) (Switch to GPT 4.1, Kimi K-2, Gemini 2.5, using research mode for ones that support it)-- read the threat model and detect if there are logical inconsistencies or areas that are vague, suggest changes to problematic areas. (Manu does 1 hour of iteration) (Back to Claude Sonnet v4.5) Ok, I need you to create a diagram based on the threat model, use all components in the architecture section in the diagram. Perform a graphical layout that is easy to understand and read by humans. (1 hour of iteration, resulting in a dogs breakfast on every iteration, each iteration getting worse -- clear memory, start again) I need you to create a diagram based on the threat model, use all components in the architecture section in the diagram. use a graph modelling language to create the nodes and edges in the graph, use GraphViz with DOT as the graph language. (generates something useful) Translate the DOT language to Cytoscape.js, build an interface that allows me to manually adjust the layout of the graph in an interactive fashion. (Claude builds HTML web page that allows real-time manual layout of graph) (Manu lays out graph so it's easier to read by humans) Ok, now export the diagram to SVG. (Claude generates 15 iterations of SVG export that crash) (Manu gives up and just zooms in and takes a screenshot and puts it in the spec). Read the Security and Privacy considerations in the DID spec and the CID spec and integrate those in as threats. Remove duplicate threats, order the threats in most critical to least critical order. ^ That's how I got to the first draft of that DID Ecosystem Threat Model. Hope that helps. -- manu
Received on Thursday, 16 October 2025 16:44:13 UTC