v0.7.0-alpha.2

Changed

• Use Bech32-encoded state controller and governor addresses #1044
• Expose iteration over verification relationship fields #1024

Added

• Expose Controller and Governor Addresses in metadata #1023

Patch

• Recommend unique credentialStatus.id in RevocationBitmap2022 #1039

v0.7.0-alpha.1

This version introduces a new DID method targeting the IOTA UTXO ledger. This method works fundamentally differently from the previous method and introduces new capabilities to interact with Layer 1 entities like native tokens, NFTs and smart contracts.

This is an early alpha release, so there may be breaking changes in upcoming versions that invalidate DIDs created with this version. The method at this point is only intended for experimentation.

Note: Identities created with the earlier versions cannot be resolved with this version of the library.

Changed

• Rename MixedResolver to Resolver in Wasm #1026
• Add length prefix to DID Document payloads #1010
• Feature-gate Resolver #1007
• Rename Stardust types to Iota #1000
• Change Stardust DID method to IOTA #982
• Add Wasm Stardust Client #975
• Generalized Resolver #970
• Change Storage to handle CoreDID #968
• Feature-gate iota-client dependency, integrate StardustDID #958
• Change Storage to store arbitrary blobs #953
• Add StardustDocumentMetadata, implement StardustDocument methods #951
• Fix stack overflow in CoreDID PartialEq impl #946
• Change Service type field to allow sets #944
• Generalise CredentialValidator, PresentationValidator to support arbitrary DID Documents #935

Added

• Add Stardust Client Extension Trait #963
• Add StardustDID #949
• State metadata serialization for the stardust DID method #947
• Stardust DID Method Proof-of-Concept #940
• Implement the Identity Agent #322

Patch

• Support case insensitive serialization of RentStructure #1012
• Update stronghold to 0.6.4 #928

v0.6.1

Full Changelog

Patch

• Update stronghold to 0.6.4 #930

v0.6.0

The main feature of this release is the addition of the RevocationBitmap2022 specification, offering efficient credential revocation on-Tangle. This is the replacement for the MerkleKeyCollection removed in v0.5.0, which offered similar functionality but fundamentally failed to scale beyond a few thousand revocations.

Other changes include encryption support using Elliptic Curve Diffie-Hellman (ECDH) and quality of life improvements for verifiable credential and presentation types in the Wasm bindings.

DID Documents created with v0.5.0 remain compatible with v0.6.0. This will be the last major release prior to changes for the Stardust update.

Changed

• Rename crates to use underscores #895
• Change remove_service to return boolean #877
• Change DIDUrl::join to borrow self #871
• Add BaseEncoding to replace encode_b58, decode_b58, encode_multibase, decode_multibase #870
• Add RevocationBitmap2022, bump MSRV to 1.60 #861
• Add Wasm Credential and Presentation field getters and constructors #815
• Add Diffie-Hellman key exchange for encryption to Account #809

Added

• Implement ECDH-ES+A256KW for Storage encryption #867
• Add Client option for retry publishing behaviour #820
• Implement Storage test suite #791

Patch

• Unpin iota-crypto version #834

Removed

• Remove unused resolution code #862

v0.4.1

Patch

• Fix compilation, enable local proof-of-work fallback #833

v0.5.0

This release introduces multiple breaking changes to the structure of IOTA DID Documents and their Tangle messages, rendering any identity created with a prior version incompatible and unresolvable. A versioning system has been introduced so any new identities should hopefully be forward compatible with any future breaking changes to the message structure.

The main feature of this release is the introduction of WebAssembly (Wasm) bindings for the high-level Account API for Javascript/Typescript in both Node.js and the browser. This includes preliminary Stronghold storage bindings but only for Node.js, as it was determined that compiling Stronghold to Wasm for the browser would not be sufficiently secure. Stronghold offers best-effort secure software storage for cryptographic keys, written in Rust. To use the Stronghold storage package install @iota/identity-stronghold-nodejs and follow the instructions of the package README.

Note that all features related to diff chain updates are now marked as deprecated. Diff chains are a useful optimisation when publishing many updates to a DID Document. However, their design may be incompatible with upcoming changes to the IOTA network and should be considered unstable.

Another major change is the removal of the MerkleKeyCollection verification method type, which provided a compact representation for issuing and revoking Verifiable Credentials with multiple cryptographic keys. The MerkleKeyCollection suffered from disadvantages which limited scalability when managing more than a few thousand keys. While these disadvantages could be mitigated somewhat, the decision was made to replace it with one or more alternatives not affected by its fundamental limitations, upcoming in the next major release.

Changed

• Add Wasm Proof, rename Signature structs to Proof #776
• Replace MethodSecret with MethodContent enum #764
• Change document metadata created, updated to be optional #753
• Refactor Storage Signature #738
• Add X25519 key and verification method support #735
• Refactor KeyLocation #729
• Move DID Document proof outside metadata #728
• Combine resolve_method functions #709
• Add separate identity-iota-core, identity-account-storage crates #693
• Change IotaDocument::verify_document from a static function to a method #675
• Make Wasm support dependent on target_arch rather than feature #666
• Refactor CoreDocument, VerificationMethod, Service to use generic DID #655
• Remove unused Account milestone option #645
• Change document controller type to OneOrSet #638
• Rename MethodQuery to DIDUrlQuery, move OrderedSet, KeyComparable #634
• Change also_known_as type to OrderedSet #632
• Move verification functionality from DocumentVerifier to CoreDocument #606
• Fix dependent diff updates being rejected #605
• Change Account::state visibility to pub(crate) #604
• Overhaul CredentialValidator, add PresentationValidator #599
• Remove JSON string escaping in diff messages #598
• Replace ClientMap with new Resolver #594
• Replace ClientMap with Client in Account #582
• Add signature created, expires, challenge, domain, purpose #548
• Refactor document metadata #540
• Replace chrono with time #529
• Enable access to the low-level API from the Account #522
• Update to rsa 0.5 in libjose #517
• Rename DocumentDiff to DiffMessage #511
• Deterministic ordering of competing messages #506
• Check for existence & duplication of methods in CoreDocument #504
• Move dropsave from Account to Stronghold #500
• Add ExplorerUrl to replace Network explorer methods #496
• Update ServiceEndpoint to support sets and maps #485
• Enable deep equality in OrderedSet #481
• Add message compression and versioning #466
• Update document signing key constraints and methods #458
• Refactor the Account: internal state, one identity #453

Added

• Expose Ed25519, X25519 length constants #772
• Generify Account::client over Rc, Arc #707
• Update Stronghold #691
• Add Duration for Timestamp arithmetic #684
• Add Client fallback to local PoW option #682
• Set controller, alsoKnownAs fields from Account #658
• Implement FromIterator for OneOrMany #602
• Add account synchronization method #544
• Filter out DiffMessages updating signing methods #519
• Add publish with retry method #455

Patch

• Fix panic when parsing an IotaDID with more than 2 method id segments #758
• Update iota.rs to include timeout bugfix #712
• Support verification methods with the same fragment #623
• Fix diff properties (de)serialization #611
• Enable local proof-of-work fallback #579
• Add identity-diff derive feature gate #516
• Improve client error messages #512
• Make create_signature and sign async for RemoteEd25519 #491
• Fix credential validation failing for documents with diff updates #490
• Upgrade to the Rust 2021 edition #449

Deprecated

• Deprecate diff chain features #759

Removed

• Remove AccountStorage #774
• Remove MerkleKeyCollection #755
• Remove Storage::set_password #733
• Remove publicKeyJwk #732
• Remove DIDLease account feature #664

v0.5.0-dev.6

Note that all features related to diff chain updates are now marked as deprecated. Diff chains are a useful optimisation when publishing many updates to a DID Document. However, their design may be incompatible with upcoming changes to the IOTA network and should be considered unstable. Another major change is the removal of the MerkleKeyCollection verification method type, which provided a compact representation for issuing and revoking Verifiable Credentials with multiple cryptographic keys. The MerkleKeyCollection suffered from disadvantages which limited scalability when managing more than a few thousand keys. While these disadvantages could be mitigated somewhat, the decision was made to replace it with one or more alternatives not affected by its fundamental limitations, upcoming in the next major release.

Changed

• Refactor Storage Signature #738
• Add X25519 key and verification method support #735
• Combine resolve_method functions #709

Patch

• Fix panic when parsing an IotaDID with more than 2 method id segments #758

Deprecated

• Deprecate diff chain features #759

Removed

• Remove MerkleKeyCollection #755
• Remove Storage::set_password #733

v0.5.0-dev.5

This release introduces a breaking change to the proof field of DID Documents created by versions v0.5.0-dev.1 through v0.5.0-dev.4, making all prior documents incompatible. The main feature of this release is the introduction of WebAssembly (Wasm) bindings for the high-level Account API for Javascript/Typescript in both Node.js and the browser. This includes Stronghold storage support but only for Node.js, as it was determined that compiling Stronghold to Wasm for private key storage in the browser would not be sufficiently secure.

Changed

• Move DID Document proof outside metadata #728
• Add separate identity-iota-core, identity-account-storage crates #693
• Change IotaDocument::verify_document from a static function to a method #675
• Make Wasm support dependent on target_arch rather than feature #666
• Refactor CoreDocument, VerificationMethod, Service to use generic DID #655
• Overhaul CredentialValidator, add PresentationValidator #599
• Replace ClientMap with new Resolver #594

Added

• Generify Account::client over Rc, Arc #707
• Update Stronghold #691
• Add Duration for Timestamp arithmetic #684
• Add Client fallback to local PoW option #682
• Set controller, alsoKnownAs fields from Account #658

Patch

• Update iota.rs to include timeout bugfix #712

Removed

• Remove publicKeyJwk #732
• Remove DIDLease account feature #664

v0.5.0-dev.4

Changed

• Remove unused Account milestone option #645
• Change document controller type to OneOrSet #638
• Rename MethodQuery to DIDUrlQuery, move OrderedSet, KeyComparable #634
• Change also_known_as type to OrderedSet #632

Patch

• Support verification methods with the same fragment #623

v0.5.0-dev.3

This release introduces a breaking change for diff updates created by versions v0.5.0-dev.1 and v0.5.0-dev.2 (previous diff updates from <=v0.4.0 are already incompatible due to breaking changes to the document and message structure in v0.5.0-dev.1). To migrate, please publish an integration update containing all diff changes to prevent unexpected changes to resolved DID Documents.

Changed

• Move verification functionality from DocumentVerifier to CoreDocument #606
• Fix dependent diff updates being rejected #605
• Change Account::state visibility to pub(crate) #604
• Remove JSON string escaping in diff messages #598

Added

• Implement FromIterator for OneOrMany #602

Patch

• Fix diff properties (de)serialization #611