The Sidetree Protocol is a layer-2 state management protocol for Decentralized Identifiers (DIDs) that aggregates thousands of individual DID operations—create, update, recover, or deactivate—into a single batched transaction anchored to a public ledger. By decoupling the bulk of data storage from the consensus layer, Sidetree achieves high throughput and low cost without compromising the immutability guarantees provided by the underlying blockchain or anchoring system.
Glossary
Sidetree Protocol

What is Sidetree Protocol?
A layer-2 protocol for scalable, blockchain-agnostic Decentralized Identifier management that batches DID operations into anchored files on a public ledger.
Sidetree operates by compressing batches of DID operations into a deterministic Content Addressable Storage (CAS) file structure, typically using InterPlanetary File System (IPFS) or a similar decentralized storage layer. A single cryptographic hash of this aggregated batch file is then recorded on the base ledger, enabling independent nodes to replicate and verify the entire state of the DID network without requiring the ledger itself to process or store individual identity transactions.
Key Features of Sidetree
Sidetree is a layer-2 protocol for scalable, blockchain-agnostic Decentralized Identifier (DID) management. It batches DID operations into anchored files on a public ledger, enabling high-throughput identity systems without overwhelming the base chain.
Layer-2 Anchoring
Sidetree does not write every DID operation to the base ledger. Instead, it batches thousands of operations into a single content-addressable file (via IPFS or a similar CAS), then anchors only the file's hash to the blockchain. This compresses transaction volume by orders of magnitude, making DID management economically viable at global scale.
Blockchain Agnosticism
The protocol abstracts the underlying ledger through a minimal interface requiring only deterministic ordering and immutability. Sidetree has been implemented on Bitcoin (ION), Ethereum (Element), and permissioned ledgers. This agnosticism allows organizations to choose their trust anchor—public censorship-resistance or private consortium governance—without changing the identity layer.
Deterministic DID Resolution
Any Sidetree node observing the same anchored files will compute the identical DID Document state. The protocol uses a strict set of rules to process batched operations:
- Create: Generate a new DID with initial keys and endpoints.
- Update: Rotate keys or modify service endpoints.
- Recover: Regain control after key compromise using a recovery commitment.
- Deactivate: Terminate the DID permanently. This determinism eliminates consensus disputes over identity state.
Decentralized PKI Management
Sidetree enables fully self-sovereign key rotation without intermediaries. Each DID Document specifies public keys for authentication, assertion, and key agreement. The protocol supports pre-rotation commitments: when updating keys, the controller must reveal a hash of the next key, preventing a compromised current key from hijacking future state. This cryptographic chaining provides forward security.
Content-Addressable Storage
Operation batches are stored as IPFS CIDs or similar content-addressable identifiers. This decouples data availability from the anchoring ledger. Nodes fetch batch files from decentralized storage, verify the hash matches the anchor, then apply operations locally. The approach ensures data integrity while keeping blockchains lean—only a 32-byte hash is written on-chain per batch.
Observable & Verifiable State
All Sidetree operations are publicly auditable. Anyone running a node can replay the entire history of anchored batches and independently verify the current state of any DID. This transparency supports regulatory compliance and trust without relying on a central authority. The protocol's core processing logic is specified as a deterministic state machine, enabling independent implementations to interoperate seamlessly.
Frequently Asked Questions
Technical answers to the most common architectural and operational questions about the Sidetree Protocol's layer-2 anchoring, batching, and resolution mechanics.
The Sidetree Protocol is a layer-2 decentralized identifier (DID) management protocol that batches multiple DID operations into a single on-chain transaction to achieve massive scalability while maintaining blockchain-level immutability. It works by aggregating create, update, recover, and deactivate operations off-chain into a compressed batch file, anchoring only a content-addressed hash of that batch to a public ledger like Bitcoin or Ethereum. The protocol defines a deterministic Content Addressable Storage (CAS) pattern using IPFS or a local content-addressable store, where each DID operation references previous operations through hash-linked chains. A Sidetree node processes these anchored batches by fetching the associated files, validating the cryptographic proofs within each operation, and constructing a local index of all valid DIDs. This architecture decouples the frequency of DID operations from the underlying blockchain's transaction throughput, enabling tens of thousands of operations per second while the base ledger only records a single anchoring transaction per batch interval.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Core concepts and protocols that interact with or depend on the Sidetree Protocol for scalable decentralized identity infrastructure.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us