Frequently Asked Questions
This page contains frequently asked questions regarding the Identity Library and Self Sovereign Identity in general.
What programming languages are supported by the IOTA Identity framework?
We currently provide a Rust library and a JavaScript library for both the browser and Node.js via WebAssembly (Wasm) bindings. See the "Programming Languages" section for more information.
Do I need to have IOTA tokens to start building with IOTA Identity?
At the moment you don't need IOTA tokens to create and manage identities, although we are exploring opportunities to utilize the token in the future.
How do I prove control over my DID?
Control over an identity is ultimately tied to the control over cryptographic key material (something you have).
How do I store my private keys?
Theoretically you can store the keys however you like. We provide a secure default using IOTA Stronghold where possible, which is a secure software implementation for isolating digital secrets with encrypted storage. For even better guarantees you could look into hardware based key storage.
Do I need a Permanode to use IOTA Identity?
You can get started without one but currently you do require access to a Permanode (a node which stores the entire history of the Tangle) to reliably resolve identities in production. The trustworthiness of this node is very important, since a malicious node could respond with outdated identities, so ideally you should run one yourself or ensure the party supplying the node is trustworthy.
Can I use IOTA Identity on Android or iOS?
We currently do not supply dedicated bindings for Kotlin or Swift. There has been some success running the Wasm bindings on mobile, however.
Can I use IOTA Identity on embedded devices?
We currently do not supply dedicated bindings catering to embedded devices with restricted capabilities. You can try to compile the Rust library for your target platform or use a gateway in front of the devices to handle IOTA Identity interactions.
What should I do if my private key is compromised?
If you still have control over your identity, rotate the key material ASAP! If an attacker has locked you out of your identity, there is not much you can do. Notify contacts that your identity has been compromised and start fresh with a new one. It is for this reason that we suggest using different keys for day-to-day signing and authentication operations, and instead store private keys capable of performing updates to your DID Document securely and separately.
Are verifiable credentials stored on the Tangle?
Verifiable credentials, particularly those with personal identifiable information, are supposed to be stored securely off-Tangle on user devices or systems. As a user, you are in charge of storing your credentials securely and sharing them with other parties on a need-to-know basis.
Do I need to hide my DID? Will people be able to identify me by my DID?
A DID Document should not contain any information linking back to you as a person. However, there is the chance of entities correlating information about you from your DID if used across multiple issuers and verifiers. To minimize this risk, it is advisable to use different DIDs for different use-cases.