A Decentralized Identifier (DID) is a globally unique, persistent identifier that does not require a centralized registration authority and is generated and registered using cryptographic systems like distributed ledgers. It is a new type of URI defined by the W3C standard, enabling a verifiable, self-sovereign digital identity that the subject controls independently of any organization.
Glossary
Decentralized Identifier

What is a Decentralized Identifier?
A foundational component of self-sovereign identity, enabling verifiable, user-controlled digital identities without reliance on centralized registries.
The core mechanism involves a DID document, a JSON-LD file stored on a verifiable data registry (e.g., a blockchain) that contains the public keys, authentication protocols, and service endpoints associated with the identifier. This architecture allows the DID subject to prove control over the identifier through cryptographic proofs without an intermediary, establishing a root of trust for verifiable credentials and decentralized reputation systems.
Core Properties of DIDs
Decentralized Identifiers (DIDs) are a new type of globally unique identifier that enables verifiable, self-sovereign digital identity. Unlike traditional identifiers (email addresses, usernames) that depend on centralized registrars, DIDs give entities permanent control over their cryptographic keys and associated metadata.
Cryptographic Verification
Every DID is intrinsically linked to asymmetric cryptography, enabling the DID controller to prove ownership and sign verifiable credentials without an intermediary.
- Public/private key pairs: The DID Document lists public keys that verifiers use to authenticate signatures from the controller.
- Authentication proofs: A challenge-response protocol proves control of the private key without revealing it.
- Key rotation: Controllers can update cryptographic material in the DID Document while retaining the same identifier, enabling security upgrades without identity loss.
DID Document and Service Endpoints
Resolving a DID returns a DID Document—a JSON-LD file that describes the subject and its capabilities. This document is the operational core of the DID architecture.
- Verification methods: Lists public keys and their intended purposes (authentication, assertion, key agreement).
- Service endpoints: Declares URLs where agents can interact with the DID subject (e.g., credential repositories, messaging inboxes).
- Example endpoint:
{ "id": "#vcs", "type": "VerifiableCredentialService", "serviceEndpoint": "https://agent.example.com/vc" }
DID Methods and Syntax
DIDs follow a standardized URI syntax: did:<method>:<method-specific-identifier>. The method defines how the DID is created, resolved, and managed on a specific verifiable data registry.
- Method specification: Each method (e.g.,
did:web,did:key,did:indy) has its own rules for CRUD operations. - Interoperability: A universal resolver can process any DID method, returning a standard DID Document.
- Common methods:
did:key: Self-contained, generated directly from a public key.did:web: Resolved via HTTPS from a domain's.well-knownendpoint.did:ethr: Anchored on Ethereum, using smart contracts for management.
Self-Sovereignty and Portability
DIDs are the foundational layer of self-sovereign identity (SSI), where individuals and organizations control their identity data independently of any administrative authority.
- No vendor lock-in: The DID controller can migrate their identifier across different service providers without losing their identity or reputation.
- Reputation portability: Trust scores, verifiable credentials, and interaction histories remain bound to the DID, not a platform.
- Privacy-preserving: Controllers can generate multiple pairwise DIDs for different relationships, preventing correlation across contexts.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Frequently Asked Questions
Clear, technically precise answers to the most common questions about the architecture, resolution, and security of Decentralized Identifiers (DIDs).
A Decentralized Identifier (DID) is a globally unique, persistent identifier that does not require a centralized registration authority and is formatted as a URI conforming to the W3C DID Core specification. A DID functions by associating a DID subject (the entity identified) with a DID document, a JSON-LD file stored on a Verifiable Data Registry (VDR) such as a distributed ledger. The DID document contains cryptographic material—primarily public keys—and service endpoints that enable secure, authenticated interactions. The resolution process involves a DID resolver that accepts a DID as input, fetches the corresponding DID document from the VDR, and returns it to the caller, allowing any party to verify digital signatures and establish a trust relationship without an intermediary. The generic DID syntax is did:method:method-specific-identifier, where the method defines the underlying VDR (e.g., did:ethr for Ethereum, did:web for web domains).
Related Terms
Decentralized Identifiers (DIDs) form the foundational identity layer for algorithmic trust systems. These related concepts define how DIDs are secured, resolved, and used to build verifiable reputation networks without centralized authorities.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us