The bmannconsulting.com website
bmann.ca
1---
2tags:
3 - ATProtocol
4 - DID
5link: https://github.com/did-method-plc/did-method-plc
6description: DID PLC (Public Ledger of Credentials) is a self-authenticating DID which is strongly-consistent, recoverable, and allows for key rotation.
7---
8DID PLC is a self-authenticating [[DID]] which is strongly-consistent, recoverable, and allows for key rotation.
9
10An example DID is: `did:plc:ewvi7nxzyoun6zhxrhs64oiz`
11
12Control over a `did:plc` identity rests in a set of reconfigurable rotation keys pairs. These keys can sign update operations to mutate the identity (including key rotations), with each operation referencing a prior version of the identity state by hash. Each identity starts from an initial genesis operation, and the hash of this initial object is what defines the DID itself (that is, the DID URI identifier string). A central directory server collects and validates operations, and maintains a transparent log of operations for each DID.
13
14## Motivation
15
16[[Bluesky]] developed DID PLC when designing the [[ATProtocol]] because we were not satisfied with any of the existing DID methods. We wanted a strongly consistent, highly available, recoverable, and cryptographically secure method with fast and cheap propagation of updates.
17
18PLC stands for "Public Ledger of Credentials". We expect to evolve the system (in a backwards-compatible manner) into something less centralized - likely a permissioned DID consortium. That being said, we do intend to support `did:plc` in the current form until after any successor is deployed, with a reasonable grace period. We would also provide a migration route to allow continued use of existing `did:plc` identifiers.