Skip to content

Prometheus Protocol Wiki: Developer Guides

Jump to bottom
Josephis K Wade edited this page Jul 14, 2025 · 1 revision

Prometheus Protocol Wiki: Developer Guides This section provides practical, task-oriented guides for implementing common features using the Prometheus SDK. Each guide includes code examples and architectural best practices.

2.1 Creating & Managing DIDs A Decentralized Identifier (DID) is the root of a user's sovereign identity. This guide covers the complete lifecycle of a DID.

Creating a New Identity

This is the first step for any user. The agent.did.create() method handles the complex cryptography, returning a DID object.

const didObject = await agent.did.create(); // didObject contains -> { id: "did:empower1:...", document: {...}, keys: {...} }

Resolving a DID Document

To interact with another user, you must first "resolve" their DID to retrieve their public DID Document. This document contains the public keys needed for secure communication.

const didString = "did:empower1:1234abcd..."; const didDocument = await agent.did.resolve(didString);

Updating a DID Document

A user might need to update their DID Document to rotate keys or add a new service endpoint. This creates a new version of the document on the underlying ledger.

// The user must provide their DID object (containing private keys) // and the new document information. const updatedDid = await agent.did.update(myDidObject, { service: [{ id: '#new-service', type: 'NewServiceEndpoint', serviceEndpoint: 'https://new.service.com/endpoint' }] });

2.2 Issuing & Verifying Credentials Verifiable Credentials (VCs) are the building blocks of digital trust.

Issuing a Credential

An "Issuer" (e.g., a university, an employer) can issue a credential to a user's DID. The issuer signs the credential with their own DID.

const credentialPayload = { '@context': ['https://www.w3.org/2018/credentials/v1'], type: ['VerifiableCredential', 'UniversityDegree'], issuer: issuerDid.id, issuanceDate: new Date().toISOString(), credentialSubject: { id: recipientDid.id, degree: { type: 'Bachelor of Science', major: 'Computer Science' } } };

const signedVc = await agent.credentials.issue(issuerDid, credentialPayload);

Verifying a Credential

A "Verifier" (e.g., a potential employer) can request a credential from a user and then verify its authenticity.

// User presents the signedVc they received. const isValid = await agent.credentials.verify(signedVc); // isValid will be true if the signature is valid and the credential has not been tampered with.

2.3 Implementing User Consent The protocol mandates that all data access is explicitly approved by the user.

Requesting Consent

Your application must generate a secure, auditable request for data access.

const consentRequest = { permission: 'Read public profile data', purpose: 'To personalize your user experience.', expires: new Date(Date.now() + 86400 * 1000).toISOString() // 24-hour permission };

// This would typically be sent to the user's agent/wallet to be approved. const signedRequest = agent.consent.request(consentRequest);

Verifying Consent

Once the user approves the request with their wallet, they return a signed consent object. Your application must verify it before proceeding.

// user returns signedConsent from their wallet const isConsentValid = await agent.consent.verify(signedConsent);

if (isConsentValid) { // Proceed with data access. }

2.4 Architecting Social Recovery (SSS) Shamir's Secret Sharing (SSS) is the protocol's recommended method for secure key recovery.

Splitting a Key into Shards

This should be done during the initial identity setup.

// The masterKey would be retrieved securely from the user's DID object. const shards = await agent.crypto.sss.split(masterKey, { shares: 5, threshold: 3 }); // Returns an array of 5 unique, encrypted shards.

Distributing and Recombining Shards

The user's application must provide a secure UI for them to distribute these shards (e.g., via QR code to another device, encrypted message to a trusted friend). To recover, the user must gather the required threshold of shards.

const collectedShards = [shard1, shard3, shard5]; const recoveredKey = await agent.crypto.sss.recombine(collectedShards);

2.5 Ensuring Data Integrity Use the SDK's cryptographic functions to create tamper-evident logs.

Chaining Data Records

Each new log entry should include the hash of the previous entry.

import { hash } from '@empower1/prometheus-sdk/crypto';

let previousHash = '0'.repeat(64); // Genesis hash const log = [];

function addLogEntry(data) { const entry = { timestamp: Date.now(), data: data, previousHash: previousHash }; const currentHash = hash(JSON.stringify(entry)); log.push({ ...entry, hash: currentHash }); previousHash = currentHash; }

This simple chaining mechanism ensures that if any past entry is altered, the entire chain of hashes from that point forward will be invalidated.

Clone this wiki locally