Add missing DID specs and limitations

[youngjoon-lee]

Missing DID specs

• @context
• Check authentication before seeking a public key from the publicKey list.
• Support the embedded public key in the authentication: link
• The publicKey must have the controller. (which identifies the controller of the corresponding private key)
  • Differ from DID Controller. This is the Key Controller.
    • DID controller is optional (for Authorization and Delegation).
  • This is for Authentication (For DID subject/controller to prove itself).
• DID Resolution --> Issue Support DID resolution metadata #47
  • did-resolution-input-metadata is REQUIRED, but the structure MAY be empty.
  • did-resolution-metadata is REQUIRED, but the structure MUST NOT be empty.
  • did-document-metadata: If the resolution is successful, this MUST be a metadata structure.
    - Add the created/updated (These are not MUST, but SHOULD).
• Support the assertionMethod verification relationship (for Verifiable Credential). --> Issue Support the assertionMethod for Verifiable Credentials  #48

Custom limitations (against Buffer-overflow attacks)

• Each entry in the @context should be an URL with max 2048-bytes length: link --> Instead of this strategy, I defined an enum for possible contexts: Add DID @context and Extend authentication #44
• The max number of list entries is 10 (eg. entries in @context, publicKey, authentication, ...). --> Add missing DID specs and limitations #43 (comment)
• The max length of the KeyID suffix is 128-bytes (did#suffix).
• Unknown fields which aren't defined in our spec shouldn't be acceptable (It has probably been done).
• TBD

[youngjoon-lee]

@cl9200
Regarding to the max size limitation, the Tendermint already has the limitation fortunately.

• max_tx_bytes: 1MB (https://docs.tendermint.com/master/tendermint-core/configuration.html#options)
• RPC MaxBodySize: 1MB (https://github.com/tendermint/tendermint/blob/0ed8dba99189e3dfd960a8945192c6146c47dc9d/rpc/jsonrpc/server/http_server.go#L43)

When I tested with 2MB tx message, I got:

$ panaceacli tx did update-did ...

ERROR: broadcast_tx_sync: response error: RPC error -32600 - Invalid Request: error reading request body: http: request body too large

So, I think we don't need to define the max length of lists (such as publicKey, authentication). Also, it doesn't help preventing huge memory consumptions, because we can check the length of lists only after unmarshalling messages.

But, it's worth to define the max length of the KeyID suffix as 128bytes, because the value is used for the keystore filename. (The max length of linux filenames is usually 256bytes). I'll open a PR for this.

Please leave a comment if you have other ideas.