Decentralized IDentity

Rubix Network supports a lightweight and secure Decentralized Identity (DID) mechanism built using the BIP39 standard. This implementation allows users and systems to generate cryptographic identities that are:

• Self-owned and recoverable
• Verifiable through cryptographic proofs
• Tamper-proof with on-chain claim registration
• Privacy-preserving, with optional selective disclosure

This guide covers the concepts behind DID, its significance, and how to create, register, and recover a BIP39-based DID on the Rubix Network.

A Decentralized Identifier (DID) is a cryptographic, globally unique identifier that enables the creation of self-sovereign identities. Unlike centralized identities tied to usernames or email addresses, a DID:

• Is generated by the user (not issued)
• Eliminates third-party trust dependencies
• Enables verifiable claims without disclosing sensitive data

Rubix supports multiple DID types, but the recommended and default approach is BIP39-based DID (Type 4). It offers:

• 24-word mnemonic-based identity recovery
• Secure key pair generation using secp256k1 elliptic curve
• Compatibility with Hierarchical Deterministic Wallet (HD Wallet) specs
• No external Certificate Authorities (CA) required

Verifiable claims allow identity holders to present cryptographically signed statements (e.g., “User1 graduated from XYZ University”) without relying on centralized servers.

• Claims are 100% on-chain
• Can be selectively disclosed and verified
• Tamper-proof and immutable
• Aligned with W3C Verifiable Credentials and Linked Data Signatures

Ensure your Rubix node is up and running on a port (e.g., 20000):

./rubixgoplatform startnode -port <port_number>

Open a new terminal tab in the same build directory and run:

./rubixgoplatform createdid -didType 4 -port <port_number>

Example:

./rubixgoplatform createdid -didType 4 -port <port_number>

This command:

• Generates a 24-word mnemonic (mnemonic.txt)
• Derives a secure key pair
• Outputs a unique DID identifier

After DID creation, navigate to the folder:

cd <path_to_node>/Rubix/TestNetDID/<did_generated>

Copy and store the mnemonic.txt file in a secure offline location.
This file is essential for identity recovery.

Once the DID is created, register it on the Rubix network:

./rubixgoplatform registerdid -did <your_did> -port <port_number>

Example:

./rubixgoplatform registerdid -did bafybmicfvpln2j5yfjeokmafjsefz7ykibvtsg2swxmnr6nhvflj6qvo34 -port <port_number>

To recover a lost DID using the mnemonic:

./rubixgoplatform createdid -didType 4 -mnemonicKeyFile /path/to/mnemonic.txt -port <port_number>

This regenerates the same DID and key pair.

Rubix DID implementation is aligned with:

• W3C Verifiable Credentials
• W3C Linked Data Signatures
• IMS Open Badges
• GDPR & CCPA regulations

The BIP39-based DID on Rubix is a privacy-first, developer-friendly, and production-ready identity primitive. It aligns with the principles of self-sovereignty, transparency, and decentralization empowering developers to build trust into the very fabric of their applications.

Ready to integrate decentralized identity into your app?
Start with ./rubixgoplatform createdid -didType 4 -port <port_number> today.