A Decentralized Web Node (DWN) functions as a mesh of personal data stores, allowing an identity owner to manage encrypted data across multiple locations without relying on a specific centralized provider. It serves as the persistent storage layer for Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) , enabling true data portability.
Glossary
Decentralized Web Node (DWN)

What is a Decentralized Web Node (DWN)?
A Decentralized Web Node (DWN) is an open specification for a personal data and relay node that enables an entity to securely store, discover, and share data within a decentralized network, eliminating vendor lock-in.
By utilizing a universal message interface, a DWN decouples data storage from application logic, allowing any application to request read or write access to a node. This architecture ensures that an entity retains absolute control over its sovereign identity data, replicating and syncing information across a network of nodes without being tethered to a single platform's infrastructure.
Core Characteristics of a DWN
A Decentralized Web Node is a specification for a mesh of personal data stores and relay nodes that enables entities to securely store, discover, and share data without vendor lock-in. The following characteristics define its architectural resilience.
Universal Interface
A DWN exposes a standardized REST API for all data operations, abstracting the underlying storage mechanism. This allows any identity to interact with any node regardless of the vendor.
- CRUD operations for records
- Query mechanism for semantic discovery
- Subscription protocol for real-time sync
Thread-Based Data Model
Data is organized into decentralized threads, which are logical partitions of records owned by a DID. Each thread is an independent, encrypted data stream.
- Records are immutable append-only entries
- Threads group records by context (e.g., chat, photos)
- Permissions are scoped per-thread using capability-based authorization
Relay & Replication Mesh
DWNs form a mesh network where nodes can act as relays for offline identities. Data is replicated across multiple nodes to ensure high availability.
- Sync protocol resolves conflicts using CRDTs
- Relay nodes store encrypted data for mobile devices
- No central coordinator required for replication
Capability-Based Security
Access control is enforced through cryptographic capabilities rather than access control lists. A DID grants a permission by signing a delegation object.
- Invocation to execute a specific action
- Delegation to grant permissions to another DID
- Revocation by publishing a revocation record
Protocol-Driven Interaction
DWNs use protocol definitions to standardize how applications interact with data. A protocol defines the schema, roles, and actions for a specific use case.
- Role definitions (author, recipient, verifier)
- Action contracts (send, read, delete)
- Schema enforcement for structured data exchange
Vendor-Agnostic Portability
Since the DWN specification is open and identity is rooted in portable DIDs, users can migrate their encrypted data between any compliant node provider.
- Zero switching cost between providers
- End-to-end encryption ensures provider cannot read data
- Self-sovereign identity decouples storage from authentication
Frequently Asked Questions
Clear, technical answers to the most common questions about the Decentralized Web Node specification, its architecture, and its role in sovereign identity infrastructure.
A Decentralized Web Node is a personal data storage and relay node specification that enables an entity to securely store, discover, and share data in a decentralized network without vendor lock-in. It functions as a mesh of interconnected nodes owned by a single entity, where each node acts as a personal server. The system works by using a Decentralized Identifier (DID) to cryptographically anchor the owner's identity, while the node itself processes standardized JSON-based messages to create, read, update, and delete records. Unlike traditional cloud storage, a DWN can be hosted anywhere—on a home server, a mobile device, or edge infrastructure—and multiple nodes synchronize data seamlessly, ensuring the owner retains absolute control over their storage topology and access grants.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
A Decentralized Web Node (DWN) operates within a broader stack of decentralized identity and data management protocols. These related terms define the cryptographic and architectural components that enable DWNs to function as sovereign personal data stores.
Decentralized Identifier (DID)
The globally unique, persistent identifier used to address a specific DWN and its owner. Unlike a URL tied to a vendor, a DID is resolved through a DID Document to discover the node's service endpoints and public keys, establishing the cryptographic root of trust without a centralized registrar.
Identity Hub
A semantic synonym for a DWN in many implementations. An Identity Hub acts as a personal data store that allows an identity owner to securely manage, encrypt, and replicate their Verifiable Credentials across multiple nodes. It provides the semantic replication layer ensuring data availability even if a specific edge node goes offline.
DIDComm Messaging
The secure, asynchronous, peer-to-peer messaging protocol used for communication between DWN controllers. DIDComm leverages end-to-end encryption based on decentralized keys, enabling private data relay and exchange between nodes without relying on a centralized message broker or vendor-specific API.
Verifiable Credential (VC)
The primary data payload stored and managed within a DWN. A VC is a tamper-evident, cryptographically verifiable digital credential conforming to W3C standards. DWNs provide the storage and relay infrastructure for holders to manage these credentials and execute selective disclosure to verifiers.
Verifiable Data Registry
The system that mediates the creation, verification, and revocation of identifiers and credential schemas. While a DWN stores the actual data, it relies on a Verifiable Data Registry (such as a distributed ledger) to anchor DID Documents and Revocation Registries, ensuring the global state is consistent and auditable.
Sidetree Protocol
A layer-2 protocol for scalable, blockchain-agnostic DID management that batches operations into anchored files. Sidetree enables DWNs to manage millions of identifiers efficiently by anchoring only compressed batches to a public ledger, dramatically reducing the cost and throughput limitations of direct on-chain storage.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us