DID documents for nodes
Nodes can publish public keys so applications can check node signatures. Nodes can sign verifications for users, node lists and app information. Nodes can include information about themselves if they wish.
Each node can maintain a list of other nodes it trusts. This way applications (including the BrightID reference app) can find other nodes to communicate with.
Apps (identified by DIDs) can upload and maintain their own information. Nodes can certify that they believe this information to be correct and maintain their own app lists linking to app information for other apps (including the BrightID reference app) to refer to.
Users can upload and maintain some of their profile information (name, photo, other information they want to share with BrightID connections and apps) as 3Box or IDX profiles. The user would be asked if they want to share their profile with an app when it’s linked.
Private profile data
Private profile data that is shared peer-to-peer in BrightID, but not meant to be widely viewable would be stored encrypted.
Encrypted contact lists
Connection data currently being stored by our backup server can be moved to Ceramic. Links to profiles would be stored encrypted to prevent plain-view traversal.
Accessing encrypted data
The methods for viewing encrypted profile data and contact lists will be governed by methods stored with the DID documents / IDX.
Social graph traversal
Can connections between profiles in IDX be selectively exposed for graph analysis? We would need to have ways to anonymize the traversal, such as blind find.