A Decentralized Identifier (DID) is a globally unique, persistent identifier that does not require a centralized registration authority and is cryptographically verifiable. It is a new type of Uniform Resource Identifier (URI) that enables a verifiable, self-sovereign digital identity, decoupled from centralized registries, identity providers, and certificate authorities.
Glossary
Decentralized Identifier (DID)

What is a Decentralized Identifier (DID)?
A foundational W3C standard for persistent, globally unique identifiers that are cryptographically verifiable and require no centralized issuing authority.
A DID resolves to a DID Document, a JSON-LD file containing the public keys, authentication protocols, and service endpoints necessary to initiate trusted interactions with the identified subject. This architecture forms the core of the W3C Verifiable Credentials ecosystem, enabling the subject to prove control without an intermediary.
Core Properties of DIDs
Decentralized Identifiers are not merely addresses; they are a new identity layer for the internet defined by a specific set of immutable architectural properties. These properties ensure that DIDs are globally unique, cryptographically verifiable, and resistant to censorship, forming the foundational trust layer for verifiable credentials and data provenance.
Cryptographic Verification
Control over a DID is asserted cryptographically, not through a password reset email. Every DID document contains verification methods (public keys) that enable the DID subject to prove ownership.
- Possession-Based Control: The entity controlling the private key controls the identifier.
- Key Rotation: Public keys can be rotated without changing the persistent DID, enabling security recovery.
- Digital Signatures: Any assertion (like a Verifiable Credential) can be signed and verified against the DID document's keys.
Persistence
A DID is designed to be a persistent identifier that does not require a continued relationship with the original registrar. Once created and anchored to a Verifiable Data Registry, the identifier is permanent.
- Long-Lived Identifiers: Ideal for lifelong credentials like academic degrees or professional certifications.
- No Renewal Fees: Unlike domain names, there is no recurring lease to maintain ownership.
- Immutable Record: The initial creation event is permanently recorded on the underlying ledger.
Platform Independence
DIDs are abstracted from the underlying systems that host them. The DID method (the part after the colon in did:example:123) defines the specific syntax and operations, but the core data model remains consistent.
- Method Agnosticism: The ecosystem supports hundreds of methods (
did:web,did:key,did:ethr) without breaking interoperability. - Cross-Ledger Portability: A DID can theoretically be migrated across different networks if the method supports it.
- Universal Syntax: All DIDs follow the generic URI scheme
did:method-name:method-specific-id.
Self-Sovereignty
DIDs empower the DID subject (person, organization, or device) with ultimate autonomy over their digital identity. The subject can create, update, and deactivate their own identifier without asking a third party for permission.
- User-Controlled Data: The subject decides which claims to share and with whom via Verifiable Presentations.
- Minimal Disclosure: Zero-Knowledge Proofs can be used with DIDs to prove statements without revealing the raw underlying data.
- Direct Ownership: The identifier is a digital asset owned directly by the subject, not a rented account from a platform.
Frequently Asked Questions
Clear, technical answers to the most common questions about the architecture, resolution, and security model of W3C Decentralized Identifiers.
A Decentralized Identifier (DID) is a globally unique, persistent identifier that does not require a centralized registration authority and is cryptographically verifiable. It functions as a Uniform Resource Identifier (URI) that associates a DID subject with a DID document containing cryptographic material, service endpoints, and verification methods. The core mechanism relies on three components: the DID scheme (did:), a DID method (e.g., did:web, did:ethr, did:key), and a method-specific identifier. When resolved through a DID resolver, the identifier returns its associated DID document from a verifiable data registry—which can be a distributed ledger, blockchain, or decentralized file system. This architecture enables self-sovereign identity, where the controller of the DID can rotate keys, update service endpoints, and prove control without relying on a certificate authority or identity provider.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
A Decentralized Identifier (DID) does not operate in isolation. It is a core primitive within a broader stack of standards and technologies that enable verifiable, self-sovereign digital trust. The following concepts form the essential technical context for understanding how DIDs are created, resolved, and utilized in production systems.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us