Skip to main content

overview-and-context

Overview and context

KeyTypeFormToIP_FkeyPhilvid_FkeyTermtextlinkPhilvid_startlevelCat_PTELCat_IPEXCat_OOBICat_CESRCat_ACDCCat_KERICat_SAIDCat_GLEIFShortened version@dropdownShortened version static copy
1KnACDCACDCtype of data as issuance concretely defined by the authentic-chained-data-container specificationLinkLink3#REF!1#NAME?Data type defined by Authentic Chained Data Container Spec.
2KnADCADCan authentic data container conveys data that allows the authenticity of its content to be proved.LinkLink3#REF!1An authentic data container proves the authenticity of its content.
3SnAIDAIDan identifier that is self-certifying and self-sovereign.LinkLink3#REF!11A self-certifying and self-sovereign identifier.
4SnANANa namespace that is truly self-sovereign.LinkLink3#REF!1A self-sovereign namespace.
5KrAPCAPCauthentic provenance chain; evidence of data to be verfiably tracked back to its originLinkLink3#REF!Verified provenance chain; evidence of data can be tracked back to its origin.
6KrBADABADAbest available data acceptance, mechanism that provides a degree of replay attack protectionLinkLink31#REF!best data acceptance mechanism with replay attack protection.
7GnBFTBFTByzantine Fault TolleranceLinkLink3#REF!Byzantine Fault Tolerance
8KnCESRCESRcomposable event streaming representationLinkLink3#REF!1Event streaming representation
9GnCTCTcertificate transparency; internet security standard for digital certificatesLinkLink2#REF!Certificate Transparency is an internet security standard for digital certificates.
10GnDAGDAGdirected acyclic graph, mathematical construct, no cycles in itLinkLink2#REF!Directed acyclic graph is a mathematical construct without any cycles.
11KnDELDELduplicitous event logLinkLink3#REF!1Event log
12GnDHTDHTdistributed hash tableLinkLink2#REF!1distributed hash table
13SnDKMIDKMIdecentralized key management infrastructure; ensure no single third-party can compromise the integrity and security of a systemLinkLink2#REF!1decentralized key management system; prevents any single third-party from compromising system integrity and security.
14SnDPKIDPKIdecentralized public key infrastructure; ensure no single third-party can compromise the integrity and security of a systemLinkLink2#REF!Decentralized PKI; guarantee no third-party compromise system integrity and security.
15GnGPGGPGGnu Privacy Guard, a free-software replacement for Symantec's PGP cryptographic software suiteLinkLink2#REF!Gnu Privacy Guard is a free-software alternative to Symantec's PGP suite.
16GnI-OI-OInput / OutputLinkLink1#REF!Input/Output
17GnIANAIANAInternet assigned numbers authority; oversees the allocation of IP addresses to internet service providers (ISPs)LinkLink2#REF!The Internet Assigned Numbers Authority (IANA) oversees IP address allocation to ISPs.
18KrIPEXIPEXissuance and presentation exchange protocol; mechanism for the issuance and presentation of ACDCsLinkLink31#REF!1ACDC issuance and presentation protocol; mechanism for issuing and presenting ACDCs.
19GrJOSEJOSEJavascript object signing and encryption; method to securely transfer claims between partiesLinkLink3#REF!1JavaScript object signing and encryption is a secure method for transferring claims between parties.
20KnKA2CEKA2CEKERI agreement algorithm for control establishmentLinkLink3#REF!1KERI control establishment algorithm
21KnKAACEKAACEKERI agreement algorithm for control establishmentLinkLink3#REF!1KERI control establishment algorithm
22KnKELKELKey Event LogLinkLink3#REF!1Event Log
23KnKERIKERIKey Event Receipt InfrastructureLinkLink3#REF!1Receipt Infrastructure
24KnKERLKERLKey Event Receipt LogLinkLink3#REF!1Event Receipt Log
25KnKIDKIDKERI improvement docLinkLink3#REF!1Keri Improvement Document
26GnLoALoAany time a judgement is not a binary Yes or No, you have levels of assuranceLinkLink2#REF!Whenever a judgement is not simply a "Yes" or "No," there are varying levels of assurance.
27GnLoCLoCLocus of ControlLinkLink2#REF!Locus of Control refers to the extent to which individuals believe they have control over events in their lives.
28GnNFTNFTNon-fungible tokenLinkLink1#REF!Non-fungible token
29KvOOBIOOBIOut of band introductionLinkLink31#REF!Introduction
30GrP2PP2PPeer to peerLinkLink1#REF!Peer-to-peer
31GrPGPPGPPretty Good PrivacyLinkLink1#REF!Pretty Good Privacy (PGP)
32GnPKIPKIPublic Key InfrastructureLinkLink2#REF!111Public Key Infrastructure (PKI)
33KnPTELPTELis a public transaction event log that can be used to securely track state anchored to a KELLinkLink31#REF!is a secure public event log for tracking state anchored to a KEL.
34KnSADSADSelf-Adressing DataLinkLink3#REF!1Self-Addressing Data.
35KnSAIDSAIDSelf-Adressing IdentifierLinkLink3#REF!11Self-Addressing Identifier
36GnSATPSATPsecure asset transfer protocol; IETF protocol (and working group) in the making (as of mid 2022) for moving assets between blockchainsLinkLink3#REF!Secure asset transfer protocol: IETF protocol (and working group) currently being developed (mid-2022) to transfer assets between blockchains.
37SvSCIDSCIDSelf-Certifying Identifier, cryptographically binds an identifier to a public and private key pair.LinkLink3#REF!1A Self-Certifying Identifier cryptographically binds an identifier to a key pair.
38SrSSISSISelf-Sovereign IdentityLinkLink1#REF!111Self-Sovereign Identity (SSI)
39GnTCPTCPtransmission control protocol, one of the main protocols of the Internet protocol suite.LinkLink21#REF!11Transmission Control Protocol (TCP) is a key protocol in the Internet protocol suite.
40KnTELTELprovides a cryptographic proof of registry state by reference to the corresponding controlling KEL.LinkLink31#REF!11provides cryptographic proof of registry state via the corresponding controlling KEL.
41GrUIUIthe space where interactions between humans and machines occur.LinkLink1111#REF!1111The area where humans and machines interact.
42GnURLURLuniform resource locator or 'web address', is a reference to a web resource that specifies its location on a computer networkLinkLink1111#REF!1111A URL, known as a web address, is a reference to a web resource that specifies its location on a computer network.
43KnVC-TELVC-TELvirtual credential transaction event logLinkLink31#REF!Virtual credential transaction log
44GnVCVCvirtual credentialLinkLink1#REF!11Virtual credential
45GnVDSVDSverifiable data structureLinkLink3#REF!Verifiable data structure.
46Gvagencyagencya service that a representative for an identity (agent) offersLinkLink2#REF!111A service offered by an identity representative (agent).
47Kvambient-verifiabilityambient-verifiabilityVerifiable by anyone, anywhere, at anytime.LinkLink3#REF!Verifiable by anyone, anywhere, at any time.
48Gnappend-only-event-logsappend-only-event-logsis a property of computer data storage such that new data can be appended to the storage, but where existing data is immutableLinkLink2#REF!Mutable data storage allows new data to be added, but existing data cannot be changed.
49Knauthentic-chained-data-containerauthentic-chained-data-containerdata structure that proves digital data consistency and authenticity in one go test 1LinkLink3#REF!A data structure that ensures both the consistency and authenticity of digital data.
50Knauthentic-data-containerauthentic-data-containerdata structure that proves digital data consistency and authenticity in one go test 2LinkLink3#REF!A data structure that ensures both the consistency and authenticity of digital data.
51Kvauthentic-provenance-chainauthentic-provenance-chainevidence of data to be tracked back to its origin in an verifiable wayLinkLink3#REF!Evidence of data can be tracked back to its origin in a verifiable manner.
52Gaauthenticityauthenticitythe quality of having an objectively verifiable originLinkLink2#REF!The quality of having an objectively verifiable origin.
53Gnautonomic-computing-systemsautonomic-computing-systemsself-managing computing systems using algorithmic governanceLinkLink2#REF!Self-managing computing systems with algorithmic governance.
54Snautonomic-identity-systemautonomic-identity-systemidentity systems where you can verify (establishment of) the authenticity all the way back to the root-of-trustLinkLink2#REF!Identity systems can verify authenticity all the way back to the root of trust.
55Snautonomic-namespaceautonomic-namespacenamespace that is self-certifying and hence self-administrating, is truly self-sovereignLinkLink2#REF!A self-certifying and self-administrating namespace is truly self-sovereign.
56Knbest-available-data-acceptance-mechanismbest-available-data-acceptance-mechanismBADA, mechanism that provides a degree of replay attack protectionLinkLink3#REF!BADA is a mechanism that offers replay attack protection.
57Svbindingbindingthe association of data or an identifier with another identifier or a subject (a person, organization or machine)LinkLink1#REF!Associating data or an identifier with another identifier or subject (person, organization, or machine).
58Grbyzantine-agreementbyzantine-agreementis Byzantine fault tolerance of distributed computing system coming to consensus despite arbitrary behavior from a fraction of the networkLinkLink2#REF!Byzantine fault tolerance allows distributed computing systems to reach consensus despite arbitrary behavior from some network participants.
59Gnbyzantine-fault-tolerancebyzantine-fault-toleranceis a condition of a (distributed) computer system, where components may fail and there is imperfect information on whether a component has failedLinkLink2#REF!Distributed computer systems can experience failures and uncertainty regarding component statuses.
60Gncertificate-transparencycertificate-transparencyinternet security standard and framework for digital certificatesLinkLink2#REF!Internet security standard and framework for digital certificates.
61Kncesr-proof-signaturescesr-proof-signaturesAn extension to CESR that provides signature attachmentsLinkLink3#REF!NO INPUT
62Gvchain-of-custodychain-of-custodylegal chronological documentation or paper trail that records the sequence of custody of materialsLinkLink2#REF!A legal record that documents the sequence of material custody.
63Gvclaimclaimassertion of the truth of something, typically one which is disputed or in doubtLinkLink1#REF!assertion of disputed or doubtful truth.
64Kncomposable-event-streaming-representationcomposable-event-streaming-representationAlso 'CESR'. An encoding scheme of interchangeable textual and binary streaming applications of attached crypto material.LinkLink3#REF!#NAME?NO INPUT
65Gvconsensus-mechanismconsensus-mechanismHow groups of entitities come to decisions.LinkLink2#REF!NO INPUT
66Gncontent-addressable-hashcontent-addressable-hashFinding content by a hash of this content, generated by a one-way hash function applied to the content.LinkLink2#REF!NO INPUT
67Srcontrol-authoritycontrol-authorityIs 'who controls what?' and that is the primary factor in determining the basis for trust in themLinkLink2#REF!NO INPUT
68Gncontrollercontrollerthe entity that has the ability to make changes to an identity, cryptocurrency or verifiable credential.LinkLink2#REF!The entity capable of modifying an identity, cryptocurrency, or verifiable credential.
69Gvcorrelationcorrelationan identifier used to indicate that external parties have observed how wallet contents are related.LinkLink1#REF!An identifier indicating external parties have observed the relationship between wallet contents.
70Gncredentialcredentialevidence of authority, status, rights, entitlement to privileges, or the like.LinkLink1#REF!Evidence of authority, status, rights, entitlements, or similar privileges.
71Gncrypto-librariescrypto-librariesdeal with cryptography algorithms and have API function calls to each of the supported featuresLinkLink1#REF!This deals with cryptography algorithms and has API functions for each supported feature.
72Gncryptocurrencycryptocurrencya digital asset designed to work as a medium of exchange wherein individual coin ownership records are stored in a digital ledger.LinkLink1#REF!A digital asset that serves as a medium of exchange, with individual coin ownership records stored in a digital ledger.
73Gncryptographic-commitment-schemecryptographic-commitment-schemeis a cryptographic primitive that allows one to commit to a value while keeping it hidden to others; you can reveal the committed value later.LinkLink2#REF!NO INPUT
74Gncryptographic-strengthcryptographic-strengthused to describe greater resistance to attack of an encryption algorithm in comparison to some other (which is thus cryptographically weaker)LinkLink1#REF!NO INPUT
75Gncryptonymcryptonyma code word or name used to refer to another name, word, project, or personLinkLink2#REF!NO INPUT
76Sndecentralized-identitydecentralized-identityis a technology that uses cryptography to allow individuals to create and control their own digital identifiersLinkLink1#REF!NO INPUT
77Gndecentralized-key-management-infrastructuredecentralized-key-management-infrastructurean infrastructure ensure that no single third-party can compromise the integrity and security of the system as as whole.LinkLink2#REF!NO INPUT
78Sndelegated-identifierdelegated-identifierMatches the act of delagation with the appropriate digital twin.LinkLink3#REF!NO INPUT
79Gndigital-signaturedigital-signaturea mathematical scheme for verifying the authenticity of digital messages or documentsLinkLink1#REF!Mathematical scheme to verify authenticity of digital messages or documents.
80Gndirected-acyclic-graphdirected-acyclic-graphDAG, a mathematical construct, particularly graph theory, the acyclic property stems from a directed graph with no cyclesLinkLink2#REF!1A DAG, a mathematical construct in graph theory, is a directed graph with no cycles, giving it the acyclic property.
81Gndistributed-hash-tabledistributed-hash-tableany participant can retrieve the value associated with a given keyLinkLink2#REF!Any participant can get the value for a specific key.
82Kndual-text-binary-encoding-formatdual-text-binary-encoding-formatAn encoding format that allows for both text and binary encoding format, which is fully interchangeableLinkLink3#REF!1NO INPUT
83Knduplicitous-event-logduplicitous-event-logrecord of inconsistent event messages produced by a given controller or witnessLinkLink3#REF!1log of inconsistent event messages from a controller or witness
84Gnduplicityduplicityexternal inconsistency; which stems from publication of two or more versions of a (by itself consistent) key event logLinkLink3#REF!1External inconsistency occurs when multiple versions of a key event log are published, even though the log itself is consistent.
85Gvelectronic-signatureelectronic-signatureLinkLink1#REF!NO INPUT
86Gaend-verifiableend-verifiableLinkLink3#REF!1NO INPUT
87GventropyentropyLinkLink2#REF!1NO INPUT
88GaephemeralephemeralLinkLink2#REF!1NO INPUT
89Kafirst-seenfirst-seenLinkLink3#REF!1NO INPUT
90Gngnu-privacy-guardgnu-privacy-guardGPG is a free-software replacement for Symantec's PGP cryptographic software suiteLinkLink2#REF!GPG replaces Symantec's PGP software suite for free.
91KnhaberyhaberyLinkLink3#REF!NO INPUT
92Grhierarchical-asynchronous-coroutines-and-input-outputhierarchical-asynchronous-coroutines-and-input-outputLinkLink3#REF!NO INPUT
93GnidentifieridentifierSomething to uniquely identify (public) identities; pointing to something or someone else.LinkLink1#REF!Something to uniquely identify public identities, pointing to someone or something else.
94Gnidentityidentitya unique entity. Typically represented by a unique identifier.LinkLink2#REF!A distinct entity typically represented by a unique identifier.
95Kninception-eventinception-eventthe first event in KERI that establishes an identifier.LinkLink31#REF!1The initial event in KERI that establishes an identifier.
96Gvinceptioninceptionoperation creating an AID by binding it to the initial set of authoritative keypairs and any other associated information.LinkLink2#REF!Create an AID by binding it to the initial set of authoritative keypairs and any relevant information.
97Grinconsistencyinconsistencydifferent parts of a reason, idea or opinion do not agree, or it does not agree with something else.LinkLink1#REF!1When different parts of a reason, idea, or opinion do not agree, or it is in disagreement with something else.
98Knindexed-signatureindexed-signaturean index telling which public key is used when signing anything with a multi-key autonomic identifier.LinkLink3#REF!An index indicating the public key used for signing with a multi-key autonomic identifier.
99Grinternal-inconsistencyinternal-inconsistencyA status that exists within an entity where different parts of a reason, idea or opinion disagree.LinkLink2#REF!1A disagreement within an entity where different parts have conflicting reasons, ideas, or opinions.
100Gninternet-assigned-numbers-authorityinternet-assigned-numbers-authorityAlso IANA; the organization that oversees the allocation of IP addresses to internet service providers (ISPs)LinkLink3#REF!IANA oversees IP address allocation to ISPs.
101Krissuance-and-presentation-exchange-protocolissuance-and-presentation-exchange-protocolprovides a uniform mechanism for the issuance and presentation of ACDCs in a securely attributable mannerLinkLink3#REF!1provides a secure and standardized way to issue and present ACDCs.
102Grjavascript-object-signing-and-encryptionjavascript-object-signing-and-encryptionJavascript object signing and encryption; method to securely transfer claims between partiesLinkLink1#REF!JavaScript object signing and encryption is a secure method for transferring claims between parties.
103KnjudgejudgeLinkLink3#REF!NO INPUT
104Krkeri-agreement-algorithm-for-control-establishmentkeri-agreement-algorithm-for-control-establishmentLinkLink3#REF!1NO INPUT
105Knkeri-command-line-interfacekeri-command-line-interfaceLinkLink3#REF!11NO INPUT
106Knkeri-improvement-dockeri-improvement-docLinkLink3#REF!1NO INPUT
107Knkeridemliakeridemliadistributed database of Witness IP-addressesLinkLink3#REF!Database of Witness IP addresses.
108Gvkey-compromisekey-compromiseLinkLink2#REF!1NO INPUT
109Knkey-event-messagekey-event-messageLinkLink3#REF!1NO INPUT
110Knkey-event-receipt-infrastructurekey-event-receipt-infrastructureapproach to decentralized identifiers and decentralized key management that promises significant benefits for self-sovereign identity and Trust over IP infrastructureLinkLink3#REF!1An approach to decentralized identifiers and key management that offers significant benefits for self-sovereign identity and Trust over IP infrastructure.
111Knkey-event-receipt-logkey-event-receipt-logLinkLink3#REF!1NO INPUT
112Knkey-event-receiptkey-event-receiptLinkLink3#REF!1NO INPUT
113Gnkey-statekey-stateLinkLink2#REF!1NO INPUT
114Gnkey-transparencykey-transparencylookup service for generic records and a public, tamper-proof audit log of all record changesLinkLink3#REF!1lookup service for generic records and a publicly accessible, tamper-proof audit log of all record modifications
115GnkeykeyLinkLink2#REF!1NO INPUT
116Gnlevels-of-assurancelevels-of-assuranceLoA, any time a judgement is not a binary Yes or No, you have levels of assuranceLinkLink3#REF!In LoA, when a judgment isn't a simple Yes or No, there are various levels of assurance.
117GnlivenesslivenessLinkLink3#REF!NO INPUT
118Grloci-of-controlloci-of-controlLinkLink3#REF!NO INPUT
119Knmanagement-transaction-event-logmanagement-transaction-event-logLinkLink3#REF!NO INPUT
120GnmessagemessageLinkLink1#REF!NO INPUT
121GnmulticodecmulticodecLinkLink2#REF!NO INPUT
122GnnamespacenamespaceLinkLink11#REF!NO INPUT
123Knnested-cooperative-delegated-identifiersnested-cooperative-delegated-identifiersLinkLink3#REF!NO INPUT
124Knnon-establishment-eventnon-establishment-eventLinkLink3#REF!NO INPUT
125Gnnon-fungible-tokennon-fungible-tokenLinkLink2#REF!NO INPUT
126Ganon-normativenon-normativethe purpose of non-normative theories is not to give answers, but rather to describe possibilities or predict results of certain actionsLinkLink1#REF!Non-normative theories do not provide answers but describe possibilities or predict outcomes of specific actions.
127Sanon-repudiablenon-repudiablea statement's author cannot successfully dispute its authorship or the validity of an associated contract, signature or commitment.LinkLink2#REF!The author of a statement cannot dispute its authorship or the validity of an associated contract, signature, or commitment.
128Ganon-transferablenon-transferableNo capacity to transfer (the control over) a certain digital asset in an unobstructed or loss-less manner.LinkLink1#REF!No ability to transfer a digital asset without any obstruction or loss.
129Ganormativenormativea theory that tells you what you should do - what action you should takeLinkLink1#REF!A theory that explains the appropriate action to take.
130Grone-way-functionone-way-functiona one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random inputLinkLink2#REF!A one-way function is easy to compute on all inputs but difficult to reverse given the image of a random input.
131Gnpayloadpayloadthe payload of an item in KERI is a specific cryptographic building blockLinkLink1#REF!The payload of an item in KERI is a cryptographic building block.
132Gnpretty-good-privacypretty-good-privacyLinkLink1#REF!NO INPUT
133Knprimary-root-of-trustprimary-root-of-trustLinkLink2#REF!NO INPUT
134GnprimitiveprimitiveLinkLink1#REF!NO INPUT
135Gnproof-of-authorityproof-of-authorityproof that somebody or something has certain rights or permissions on dataLinkLink2#REF!proof of rights or permissions on data
136Knproof-of-authorshipproof-of-authorshipproof that somebody or something has originally created certain contentLinkLink2#REF!Evidence that someone or something has created specific content.
137Gnprovenanceprovenancehistoric documentation of cryptographic verifiable key states , data consistency and cedentialsLinkLink2#REF!Historical documentation of cryptographic key states, data consistency, and credentials.
138Gnpublic-key-infrastructurepublic-key-infrastructureset of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificatesLinkLink2#REF!Set of roles, policies, hardware, software, and procedures required for creating, managing, distributing, utilizing, storing, and revoking digital certificates.
139Knpublic-verifiable-credential-registrypublic-verifiable-credential-registrya Verifiable Data Registry that tracks the issuance/revocation state of credentialsLinkLink31#REF!A Verifiable Data Registry tracks the issuing and revoking of credentials.
140Gnrace-conditionrace-conditionthe condition where a system's substantive behavior is dependent on the sequence or timing of external uncontrollable eventsLinkLink3#REF!The condition where a system's behavior depends on external uncontrollable events' sequence or timing.
141Knreceipt-logreceipt-logordered record of all key event receipts for a given set of witnessesLinkLink3#REF!A record of key event receipts for witnesses.
142Gnreceiptreceiptevent message or reference with one or more witness signaturesLinkLink3#REF!event message with witness signatures
143Knregistrarregistraridentifiers that serve as backers for each transaction event log under its provenanceLinkLink3#REF!Identifiers back each transaction event log to establish its provenance.
144Gnroot-of-trustroot-of-trusttrust in end-verifiable digital signatures from asymmetric key cryptography, replaces human basis-of-trustLinkLink2#REF!End-verifiable digital signatures from asymmetric key cryptography replace human basis-of-trust.
145Kvrotationrotationthe operation of revoking and replacing the set of authoritative key pairs for an AIDLinkLink2#REF!revoking and replacing authoritative key pairs for an AID
146Krsecondary-root-of-trustsecondary-root-of-trusta root-of-trust that, for its secure attribution, depends on another primary root-of-trustLinkLink3#REF!A root-of-trust depends on a primary root-of-trust for secure attribution.
147Srsecure-asset-transfer-protocolsecure-asset-transfer-protocolan IETF protocol for moving assets between blockchainsLinkLink3#REF!An IETF protocol for transferring assets across blockchains.
148Svsecure-attributionsecure-attributionis 'whodunit?!' in cyberspaceLinkLink3#REF!Whodunit in cyberspace!
149Gnseedseeda pseudorandomly generated number, often expressed in representation of a series of wordsLinkLink1#REF!A randomly generated number, usually expressed as a series of words.
150Srself-addressing-dataself-addressing-dataan encryption program that provides cryptographic privacy and authentication for data communicationLinkLink3#REF!An encryption program that ensures data communication's cryptographic privacy and authentication.
151Srself-certifying-identifierself-certifying-identifiercryptographically binds an identifier to a public and private key pairLinkLink3#REF!Cryptographically binds an identifier to a key pair.
152Kaself-framingself-framingA textual encoding that includes type, size, and value is self-framing; and thus parseable without needing any additional delimiting characters.LinkLink3#REF!A self-framing textual encoding includes type, size, and value, making it parseable without any extra delimiting characters.
153Snself-sovereign-identityself-sovereign-identityLinkLink2#REF!NO INPUT
154Gnsigned-digestsigned-digestLinkLink2#REF!NO INPUT
155Gnspanning-layerspanning-layerLinkLink3#REF!NO INPUT
156Krtext-binary-concatenation-composabilitytext-binary-concatenation-composabilityWhen any set of self-framing concatenated primitives expressed in either the text domain or binary domain may be converted as a group to the other domain and back again without loss.LinkLink3#REF!When a group of self-framing concatenated primitives can be converted from one domain (text or binary) to the other and vice versa without any loss.
157Kntransaction-event-logtransaction-event-logThe set of transactions that determine registry state form a log called a Transaction Event Log (TEL) and is cryptographically linked to corresponding controlling KEL.LinkLink3#REF!The transactions that determine the registry state form a log called Transaction Event Log (TEL) and are cryptographically linked to the corresponding controlling KEL.
158Grtransmission-control-protocoltransmission-control-protocolTCP is one of the main protocols of the Internet protocol suiteLinkLink1#REF!TCP is a key protocol in the Internet protocol suite.
159Srtrust-domaintrust-domainA trust domain is the ecosystem of interactions that rely on a trust basis. A trust basis binds controllers, identifiers, and key-pairs.LinkLink1#REF!A trust domain is an ecosystem of interactions relying on trust. It binds controllers, identifiers, and key pairs.
160Gvvalidatorvalidatorthe capability to determine whether or not (verified) data is valid to be used for some specific purpose(s).LinkLink21#REF!the ability to verify data's validity for a specific purpose.
161Grveracityveracitythe quest for the truthLinkLink2#REF!The Truth Quest
162Gnverifiable-data-structureverifiable-data-structurea verifiable data structure is a data structure that incorporates cryptographic techniques to ensure the integrity and authenticity of its contentsLinkLink3#REF!A verifiable data structure is a structure that uses cryptographic techniques to guarantee the integrity and authenticity of its contents.
163Gaverifiableverifiableable to cryptographically verify a certain data structure on its consistency and its authenticity.LinkLink2#REF!Capable of cryptographically verifying a specific data structure for consistency and authenticity.
164Gnverifierverifierthe entity that (cryptogrpahically) verifies data received from peers (check structure, signatures, dates)LinkLink2#REF!The entity verifies received data from peers by checking its structure, signatures, and dates using cryptography.
165Gnversionversionis a class of systems responsible for managing changes to computer programs, documents, large web sites, or other collections of informationLinkLink1#REF!Version: Version control is responsible for managing changes to computer programs, documents, web sites, or other collections of information.
166Knvirtual-credential-transaction-event-logvirtual-credential-transaction-event-logwill track the issued or revoked state of each virtual credential (VC)LinkLink3#REF!NO INPUT
167Grweb-of-trustweb-of-trustIn cryptography, a web of trust is a concept to establish the authenticity of the binding between a public key and its owner.LinkLink2#REF!NO INPUT
168Knwell-known-witnesseswell-known witnessesPredictable witness identifier creation by using known salts to initialize their key stores. For testing purposes only!LinkLink3#REF!NO INPUT
171GnreporeporepoSoftware repositoryLinkLink2#REF!Software Repo
173GncoroutinescoroutinescoroutinesComputer programs that can be suspended and resumed at will.LinkLink1#REF!Suspend and resume computer programs at will.
174Grinput-outputI/Oinput-outputInput / outputLinkLink1#REF!Input/Output
175GnhiohiohioHierarchical asynchronous coroutines and I/O in PythonLinkLink3#REF!Hierarchical async coroutines and I/O in Python.
178GncloneclonecloneA copy of a system that is - and works exactly as the originalLinkLink2#REF!A replica system that is functioning exactly like the original.
179GnbranchbranchbranchA duplicate of an object under version control for further separate modificationLinkLink2#REF!A duplicate object under version control for separate modifications.
180KnkliklikliKERI command line interfaceLinkLink3#REF!Keri CLI
183Snverifiable-credentialverifiable credentialsverifiable-credentialthe digital variant of our daily live's credentials (ike passport, driver's license), but in a machine-verifiable wayLinkLink1#REF!The digital version of our daily life credentials, such as passports and driver's licenses, but in a machine-verifiable format.
185Gnsub-shellsub shellsub-shella child shell started up from - and contained in another parent shellLinkLink1#REF!A child shell started from and contained within a parent shell.
186Snagentagentagenta representative for an identityLinkLink2#REF!identity representative
187Gncloud-agentcloud agentcloud-agentis software installed on the cloud server instances for security, monitoring, and analysisLinkLink2#REF!The software is installed on cloud server instances for security, monitoring, and analysis.
190Gnuser-interfaceU/Iuser-interfaceA user interface (UI) is the space where interactions between humans and machines occur.LinkLink1#REF!A user interface (UI) is where humans and machines interact.
191Grmultisigmulti-sigmultisigA digital signature scheme which allows a group of users to sign a single piece of digital data.LinkLink1#REF!A digital signature scheme enables a group of users to sign a single piece of digital data.
192Gnidentifier-systemidentifieridentifier-systemSomething to uniquely identify (public) identities, pointing to something or someone else.LinkLink2#REF!A unique identifier for public identities, referring to something or someone else.
193GnwalletwalletwalletA wallet is a collection of data stores, made up of a keystore, local and remote key event log database and credential database.LinkLink3#REF!A wallet includes a keystore, local and remote key event log database, and a credential database.
195KnwitnesswitnesseswitnessEntity that may receive, verify, and store key events for an identifierLinkLink3#REF!Entity that receives, verifies, and stores key events for an identifier.
196KnwatcherwatcherswatcherGuarantee that KERI logs are immutableLinkLink3#REF!Ensure KERI logs are immutable.
197Gvkey-managementkey managementkey-managementManagement of cryptographic keys in a crypto-system.LinkLink3#REF!Managing cryptographic keys in a crypto-system.
199Snsingle-signature-identifiersingle sig identifiersingle-signature-identifierAn identifier that is controlled by a one-of-one signing keypairLinkLink2#REF!An identifier controlled by a unique signing keypair.
200Gnkeystorekey storekeystoreA keystore in KERI is the encrypted data store that hold the private keys for a collection of AIDs.LinkLink3#REF!A keystore in KERI is an encrypted data store that holds the private keys for a collection of AIDs.
201Srkey-eventkey eventskey-eventEvents happening to controlling keys of an identifier recorded in a Key Event Log (KEL).LinkLink21#REF!Events happening to control keys of an identifier are recorded in a Key Event Log (KEL).
202Srinteraction-eventinteraction eventinteraction-eventAnchors external data to the key-state as established by the most recent prior establishment eventLinkLink3#REF!Anchoring external data to the key-state established by the most recent establishment event.
203Srrotation-eventrotation eventrotation-eventChanges the key-state which includes a change to the set of authoritative keypairs for an AIDLinkLink3#REF!Changes the key-state, including a change to the set of authoritative keypairs for an AID.
204Gnsigning-thresholdsigning thresholdssigning-thresholdMinimum number of valid signatures to satisfy the requirement for successful validationLinkLink3#REF!Minimum number of valid signatures for successful validation requirement.
205Knkey-event-logKELkey-event-logKey Event Log is the native KERI verifiable data structureLinkLink31#REF!Key Event Log is the KERI's native verifiable data structure.
206Gvverify-signatureverify signaturesverify-signatureApplying an algorithm that either accepts or rejects the message's claim to authenticity; when you can succesfully verify a signatureLinkLink2#REF!Applying an algorithm to verify the authenticity of a message by accepting or rejecting its claim when a signature can be successfully verified.
207Grpeer-to-peerpeer-to-peer communicationspeer-to-peerPeers are equally privileged, equipotent participants in a networkLinkLink2#REF!Peers are equally privileged and equipotent participants in a network.
209GnsaltsaltssaltRandom data that is used as an additional input to a cryptographic one-way functionLinkLink3#REF!Random data used as an additional input for a cryptographic one-way function.
210KvdelegationdelegationdelegationDelegation can be defined as “the act of empowering to act for another”LinkLink3#REF!Delegation is the act of empowering someone to act on behalf of another.
211Krmulti-sig-delegationmulti-sig delegationmulti-sig-delegationdelegated identifiers under multi-signature controlLinkLink3#REF!Multi-signature control for delegated identifiers.
213Sntransferable-identifiertransferabletransferable-identifierControl over identifier can be transferred by rotating keysLinkLink3#REF!Keys can transfer control over identifiers by rotating them.
215Gnconfiguration-filesconfiguration fileconfiguration-filesFile used to configure the parameters and initial settings for some computer programsLinkLink1#REF!This file configures parameters and initial settings for computer programs.
219Grtransfer_Protocolpost and puttransfer_ProtocolHTTP request methods to indicate the desired action to be performed on the identified resourceLinkLink2#REF!HTTP request methods indicate the desired action on the identified resource.
221GnpasscodepasscodepasscodeSecret data, typically a string of characters, usually used to confirm a user's identityLinkLink2#REF!Secret data, often a string of characters, commonly utilized for user identity verification.
222Gvkey-stretchingstretched into an encryption keykey-stretchingmake a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resourcesLinkLink3#REF!Enhance the security of a potentially weak key, such as a password or passphrase, against brute-force attacks by increasing available resources.
224Knnon-transferable-identitifernon-transferable identifiernon-transferable-identitiferControlling keys over this identifier cannot be rotated and therefore this identifier is non-transferable to other controlLinkLink3#REF!Keys cannot be rotated for this identifier, making it non-transferable for control elsewhere.
226Knthreshold-signature-schemewitness thresholdthreshold-signature-schemeThe minimum number of valid witness signatures requiredLinkLink3#REF!Minimum required witness signatures.
227Kvpre-rotationpre-rotationpre-rotationcommitment to next rotated key set in previous rotation or inception eventLinkLink3#REF!commitment to the next key set rotated in the previous rotation or inception event.
228KnprefixprefixesprefixA prefix that is composed of a basic Base-64 (URL safe) derivation code pre-pended to Base-64 encoding of a basic public digital signing keyLinkLink3#REF!The prefix is a combination of a Base-64 derivation code and the Base-64 encoding of a public digital signing key.
229Gnbase64base64base64A group of binary-to-text encoding schemes that represent binary dataLinkLink3#REF!Binary-to-text encoding schemes represent binary data.
230Kaqualifiedqualifiedqualifiedwhen qualified, a cryptographic primitive includes a prepended derivation codeLinkLink3#REF!When qualified, a cryptographic primitive includes a derived code prepended.
231Knderivation-codederivation codederivation-codeA special character that encodes the derivation process, pre-pended to the identifierLinkLink3#REF!A special character that encodes the derivation process, added to the identifier.
232Gnblake3Blake3 hashblake3BLAKE3 is a relatively young (2020) cryptographic hash function based on Bao and BLAKE2.LinkLink3#REF!BLAKE3 is a new cryptographic hash function, released in 2020, that builds upon Bao and BLAKE2.
233Gndata-anchoranchor data intodata-anchorData anchors are digests of digital data, that uniquely identify this dataLinkLink3#REF!Data anchors are digital data digests that uniquely identify the data.
234Snautonomic-identifierAIDautonomic-identifierAn identifier that is self-certifying and self-sovereignLinkLink3#REF!A self-certifying and self-sovereign identifier.
236GndigestdigestdigestVerifiable cryptographic commitment. It's a collision resistant hash of contentLinkLink21#REF!Verifiable cryptographic commitment is a collision-resistant content hash.
237Krissuance-eventissuance eventissuance-eventThe inception event of a verifiable credentialLinkLink3#REF!The inception event of a verifiable credential.
238Knpublic-transaction-event-logpublic transaction event logpublic-transaction-event-logIs a hash linked data structure of transactions that can be used to track stateLinkLink3#REF!A hash linked data structure is used to track state in transactions.
239GnRustRustprogramming languageLinkLink3#REF!Programming Language
240Krestablishment-eventestablishmentestablishment-eventAn event that establishes control authorityLinkLink3#REF!A control authority event
241Gnmemory-Mapped_Databaselmdb databasesmemory-Mapped_DatabaseLightning Memory-Mapped DatabaseLinkLink3#REF!Lightning Memory-Mapped DB
242Krindexed-signatureindexed signaturesindexed-signatureUsed when signing anything with a multi-key autonomic identifier, a verifier knows which of the multiple public keys was usedLinkLink3#REF!When signing with a multi-key autonomic identifier, a verifier can determine which specific public key was used.
245Knself-addressing-identifierself-addressing identifiersself-addressing-identifierAn identifier that is deterministically generated from and embedded in the content it identifies, making it and its data mutually tamper-evidentLinkLink3#REF!An identifier is deterministically generated from and embedded in the content it identifies, making it and its data tamper-evident.
247Knledger-backerledger backerledger-backerA witness in KERI that is ledger-registeredLinkLink3#REF!A registered witness in KERI.
248Knwitnesswitness backerwitnessA native KERI witness whose control authority is established in a KELLinkLink3#REF!A KERI witness, native to KEL, has established control authority.
249Knverifiable-legal-entity-identifiervLEIverifiable-legal-entity-identifierDigital verifiable credentials issued by (delegates) of GLEIF to prove that information about a legel entity is verifiably authenticLinkLink3#REF!Digital verifiable credentials issued by GLEIF delegates to verify the authenticity of information about a legal entity.
250Snssi-systemSSI systemssi-systemSSI Infrastructure consisting of the technological components that are deployed all over the worldLinkLink1#REF!SSI Infrastructure consists of technological components deployed worldwide.
252Kvtransfer-off-ledgertransfer off a ledgertransfer-off-ledgerThe act of transferring control authority over an identifier from a ledger (or blockchain) to the native verifiable KERI data structure KELLinkLink3#REF!Transferring control authority of an identifier from a ledger or blockchain to the KEL data structure in KERI.
255Gnservice-endpointservice endpointsservice-endpointA web service endpoint which is a URL at which clients of specific service can get access to the service.LinkLink2#REF!A web service endpoint is a URL where clients can access a specific service.
256Gnuniform-resource-locatorURLsuniform-resource-locatorA reference to a web resource that specifies its location on a computer network and a mechanism for retrieving itLinkLink1#REF!A web resource reference that specifies its location on a computer network and a retrieval mechanism.
257Gnip-addressip-addressip-addressA numerical label such as '192.0.2.1' that is connected to a computer network that uses the Internet Protocol for communicationLinkLink1#REF!A numerical label, like '192.0.2.1', connected to a computer network using the Internet Protocol for communication.
258Gntcp-endpointTCP endpointtcp-endpointThis is a service endpoint of the web transmission control protocolLinkLink2#REF!This is a web transmission control protocol endpoint.
259KninquisitorinquisitorinquisitorSomeone (in a validating role) that launches an inquiry at some KERI witnessLinkLink3#REF!A person (in a validating role) who questions a KERI witness.
260Gvreplay-attackreplay-attackintercept and then fraudulently delays or resend a message to misdirect the receiver into doing what the attacker wantsLinkLink3#REF!Intercepting a message and fraudulently delaying or resending it to misdirect the receiver into complying with the attacker's desires.
261GnXBRLXBRLextensible business reporting language, standard for digital business reportingLinkLink1Extensible Business Reporting Language (XBRL), a digital standard for business reporting.
262Gnextensible-business-reporting-languageextensible-business-reporting-languageXBRL, standard for digital business reportingLinkLink1XBRL is the standard for digital business reporting.
263Knlocked-statelocked statelocked-statedefault state of an encrypted KERI data store with a passcodeLinkLink3#REF!The default state of an encrypted KERI data store with a passcode.
265Krout-of-band-introductiondata OOBIsout-of-band-introductiondata out-of-band introductionsLinkLink3#REF!Data out-of-band intros
266Krout-of-band-introductioncredential schema OOBIsout-of-band-introductioncredential schema out-of-band introductionsLinkLink3#REF!Credentials schema introductions outside of the main channel.
267Knkeepkeepkeepis KERI's and ACDC's depreciated crypto wallet, a task orientated application for managing AIDs in ecosystems, e.g. the vLEI EcosystemLinkLink3#REF!This is a deprecated crypto wallet by KERI and ACDC. It is a task-oriented app for managing AIDs in ecosystems such as the vLEI Ecosystem.
268Grzero-trustzero trustzero-trusta Zero Trust approach trusts no oneLinkLink2#REF!In a Zero Trust approach, no one is trusted.
270Krrevocation-eventrevocation eventsrevocation-eventAn event that revokes control authority over an identifierLinkLink2#REF!An event revoking control authority over an identifier.
272Knescrow-stateescrow statesescrow-stateThe current state of all the temporary storage locations (what events are waiting for what other information) that KERI protocol needs to keep track of, due to its fully asynchronous nature.LinkLink3#REF!The current state of all temporary storage locations that the KERI protocol needs to keep track of, due to its fully asynchronous nature (events waiting for other information).
273Krserver-sent-eventserver-sent eventsserver-sent-eventMailbox notifications, a streaming service for the agent U/I, to get notifications from the KERI system itselfLinkLink3#REF!Mailbox notifications is a streaming service for the agent U/I, providing notifications directly from the KERI system.
274Gnsealsealcryptographic proof in a secondary root-of-trust that is anchored in a primary-root-of-trustLinkLink21#REF!cryptographic proof in a secondary root-of-trust anchored in a primary root-of-trust
275Saauthoritativeauthoritative(control over) an identifier is 'authoritative' because it can be considered accurate, renowned, honourable and / or respectedLinkLink31#REF!An identifier has control and is considered authoritative when it is accurate, renowned, honorable, and respected.
276KnQVIQVIqualified vlei issuer, contracting party qualified by GLEIFLinkLink2#REF!1Qualified vlei issuer, contracting party qualified by GLEIF.
277Knqualified-vlei-issuerqualified-vlei-issuerQVI, contracting party qualified by GLEIFLinkLink2#REF!1QVI, a contracting party qualified by GLEIF.
278Knghost-credentialghost-credentiala valid credential within in a 90 days grace periodLinkLink2#REF!1a valid credential within a 90-day grace period
279Knredundant-credentialredundant-credentialmultiple -, independently valid credentials issued by the same issuerLinkLink2#REF!1Multiple independently valid credentials issued by the same issuer.
280Krengagement-context-roleengagement-context-roleA person that represents the Legal Entity in a context role and is issued an ECR vLEI Credential.LinkLink2#REF!1A person represents the Legal Entity in a role and is issued an ECR vLEI Credential.
281KrECRECRA person that represents the Legal Entity in a context role and is issued an ECR vLEI Credential.LinkLink2#REF!1A person represents the Legal Entity in a role and is issued an ECR vLEI Credential.
282Kngleif-authorized-representativegleif authorized representativeA GLEIF representative authorized to perform verification needed to issue the QVI vLEI Credential.LinkLink2#REF!1A GLEIF representative authorized to verify and issue the QVI vLEI Credential.
283KnGARGARA GLEIF representative authorized to perform verification needed to issue the QVI vLEI Credential.LinkLink2#REF!1A GLEIF representative authorized to verify and issue the QVI vLEI Credential.
284GnGLEIFGLEIFGlobal Legal Entity Identifier FoundationLinkLink1#REF!1Global LEI Foundation.
285KnDARDARA representative of a Legal Entity authorized by the Legal Entity to act officially on behalf of the Legal Entity.LinkLink2#REF!1A representative authorized by a Legal Entity to act on its behalf officially.
286Kndesignated-authorized-representativedesignated-authorized-representativeA representative of a Legal Entity authorized by the Legal Entity to act officially on behalf of the Legal Entity.LinkLink2#REF!1A representative authorized by a Legal Entity to act on its behalf officially.
287KnAVRAVRauthorized vlei representativeLinkLink2#REF!1Authorized Vlei representative.
288Knauthorized-vlei-representativeauthorized-vlei-representativea representative of a Legal Entity that's authorized to request issuance and revocation of credentialsLinkLink2#REF!1a representative of a legal entity authorized to request issuance and revocation of credentials
289GnLEILEILegal Entity InstituteLinkLink2#REF!1Legal Entity Institute.
290Gnlegal-entitylegal-entityunique parties that are legally or financially responsible for financial transactions or have the legal right to enter into legal contractsLinkLink2#REF!1#NAME?parties legally or financially responsible for transactions or with the legal right to enter contracts
291KrOOROORofficial organizational role, a person holding a vLEI credential person and representing the Legal EntityLinkLink2#REF!1official organizational role, a person holding a vLEI credential and representing the Legal Entity
292Krofficial-organizational-roleofficial-organizational-roleOOR, a person holding a vLEI credential person and representing the Legal EntityLinkLink2#REF!1OOR, a person holding a vLEI credential and representing the Legal Entity
293Knqvi-authorized-representativeqvi-authorized-representativeQAR, conducts QVI operations with GLEIF and Legal EntitiesLinkLink2#REF!1QAR conducts QVI operations in collaboration with GLEIF and Legal Entities.
294KnQARQARqvi authorized representative, conducts QVI operations with GLEIF and Legal EntitiesLinkLink2#REF!1Authorized representative conducts QVI operations with GLEIF and legal entities.
295Knvlei-ecosystem-governance-frameworkvlei-ecosystem-governance-frameworka document that defines the information security, privacy, availability, confidentiality and processing integrity policies that applyLinkLink2#REF!1This document defines the policies for information security, privacy, availability, confidentiality, and processing integrity.
296Kvsolicited-issuancesolicited-issuanceissuance of Legal Entity vLEI / OOR / ECR Credentials upon receipt by the QARLinkLink2#REF!1issuing vLEI/OOR/ECR Credentials upon QAR's receipt.
297Kvunsolicited-issuanceunsolicited-issuanceissuance of a Legal Entity vLEI Credential upon notice by a QAR to its AVR(s)LinkLink2#REF!1QAR notifies AVR(s) to issue a vLEI Credential to Legal Entity.
298Gngovernance-frameworkgovernance-frameworka set of rules how to apply technologyLinkLink2#REF!1A set of rules on how to apply technology.
299KnGLEISGLEISGlobal Legal Entity Identifier SystemLinkLink2#REF!1Global LEI System
300Knvlei-credentialvlei-credentialverifiable Legal Entity IdentifierLinkLink2#REF!1Verifiable LEI
301Krlegal-entity-engagement-context-role-vlei-credential-governance-frameworklegal-entity-engagement-context-role-vlei-credential-governance-frameworkA document that details the requirements for vLEI Role Credentials issued to representatives of a Legal Entity in functional - or other context of engagement.LinkLink2#REF!1NO INPUT
302Knvlei-role-credentialvlei-role-credentialA vLEI credential that attests a role.LinkLink2#REF!1NO INPUT
303Knlegal-entity-official-organizational-role-vlei-credential-governance-frameworklegal-entity-official-organizational-role-vlei-credential-governance-frameworkA document that details the requirements for vLEI Role Credentials issued to official representatives of a Legal Entity.LinkLink2#REF!1NO INPUT
304Knlegal-entity-vlei-credential-governance-frameworklegal-entity-vlei-credential-governance-frameworkA document that details the requirements for vLEI Credential issued by a Qualified vLEI Issuer to a Legal EntityLinkLink2#REF!1NO INPUT
305Knqualified-vlei-issuer-vlei-credential-governance-frameworkqualified-vlei-issuer-vlei-credential-governance-frameworkA document that details the requirements to enable this Credential to be issued by GLEIF to Qualified vLEI IssuersLinkLink2#REF!1NO INPUT
306SnDIDDIDDecentralized IdentifierLinkLink2#REF!DID
307Sndecentralized-identifierdecentralized-identifierDecentralized identifiers (DIDs) enable verifiable, decentralized digital identity, refering to a person, organization, thing, data model, abstract entity, etc.LinkLink1#REF!NO INPUT
308Kvpartial-pre-rotationpartial-pre-rotationchange of control but partially keep some keys unexposed while exposing others as needed.LinkLink3#REF!1Change control but partially keep certain keys undisclosed while exposing others as required.
309Kvpartial-rotationpartial-rotationchange of control but partially keep some keys unexposed while exposing others as needed.LinkLink3#REF!1Change control but partially keep certain keys undisclosed while exposing others as required.
310Kvcustodial-rotationcustodial-rotationchange of control that is split between two key setsLinkLink3#REF!1Change of control split between two key sets.
311Kvreserve-rotationreserve-rotationpreparatory key pairs being held in reserve and not exposedLinkLink3#REF!1Preparation key pairs reserved and not exposed.
312Kncustodial-agentcustodial-agenta custodian who has been granted signing authority and usually also being the host of the running agent software.LinkLink3#REF!1A custodian typically granted signing authority and also acts as the host for the running agent software.
313Srsigning-authoritysigning-authoritythe authority to sign on behalf of the controller of an identifierLinkLink3#REF!1the authority to sign for the controller of an identifier
314Srrotation-authorityrotation-authoritythe (exclusive) right to change control over an identifierLinkLink3#REF!1The exclusive right to change control of an identifier.
315Gntrans-contextual-valuetrans-contextual-valuevalue that is transferrable between contextsLinkLink1#REF!1Transferable value across contexts.
316Grsource-of-truthsource-of-trutha trusted data source that gives a complete picture of the truth about a data object.LinkLink1#REF!1a reliable data source providing a comprehensive view of the truth about a data object.
317Gvauthorizationauthorizationspecifying access rights or privileges to resourcesLinkLink11#REF!11specifying access rights to resources
318Grapplication-programming-interfaceapplication-programming-interfacea way for two or more computer programs to communicate with each other.LinkLink1#REF!11A method for multiple computer programs to communicate with each other.
319GnAPIAPIan application Programming Interface, a way for two or more computer programs to communicate with each other.LinkLink1#REF!11An API is a way for computer programs to communicate with each other.
320Gnkey-pairkey-paira public key and its corresponding private key.LinkLink11#REF!11a public key and its corresponding private key.
321Gnownerownera role that exercizes its legal, rightful or natural title to control something.LinkLink1#REF!1111A role that exercises its legal, rightful, or natural authority to control something.
322Grownershipownershipa relationship between two, one of these (the owner) is entitled to enjoy, dispose of, and control the other sovereignly.LinkLink1#REF!1111In a relationship between two individuals, one (the owner) has the entitlement to enjoy, dispose of, and control the other entirely.
323Gnself-sovereigntyself-sovereigntythe characteristic of every party that it is autonomous in managing and operating its own knowledgeLinkLink1#REF!111Every party is autonomous in managing and operating its own knowledge.
324Krpresentation-exchangepresentation-exchangean exchange that provides disclosure of one or more ACDCs between a Discloser and a Disclosee.LinkLink31#REF!an exchange that discloses one or more ACDCs between a Discloser and a Disclosee.
325Gndiscloserdiscloseran ACDC in a disclosure is disclosed by the Discloser.LinkLink11#REF!The Discloser discloses an ACDC in a disclosure.
326Gndiscloseediscloseean ACDC in a disclosure is disclosed to the Disclosee.LinkLink11#REF!An ACDC in a disclosure is revealed to the Disclosee.
327Gnissuerissueran ACDC is issued by the Issuer. The Issuer identifier (AID) appears in the top level of the ACDC.LinkLink11#REF!An ACDC is issued by the Issuer and contains the Issuer identifier (AID) in the top level.
328Gnissueeissueean ACDC is optionally issued to the Issuee.LinkLink11#REF!An ACDC can be optionally issued to the recipient.
329Krissuance-exchangeissuance-exchangea special case of a presentation exchange where the Discloser is the Issuer of the origin (Primary) ACDCLinkLink31#REF!This is a special case of a presentation exchange where the Discloser is the Issuer of the origin (Primary) ACDC.
330Krchain-link-confidentialitychain-link-confidentialitychains together a sequence of Disclosees. Each Disclosee in the sequence in turn is the Discloser to the next Disclosee.LinkLink31#REF!This text chains a sequence of Disclosees, where each Disclosee becomes the Discloser to the next.
331Kvgraduated-disclosuregraduated-disclosuredisclosure performed by a presentation exchange that has cross-variant Issuer commitment verifiability as an essential property.LinkLink31#REF!Disclosure is performed by a presentation exchange with cross-variant Issuer commitment verifiability as an essential property.
332Kntop-level-sectiontop-level-sectionare the fields of an ACDC compact variant.LinkLink21#REF!These fields are part of an ACDC compact variant.
333Krcompact-variantcompact-variantan Issuer commitment via a signature to any variant of ACDCLinkLink31#REF!an Issuer signs a commitment to any variant of ACDC.
334Kvcontractually-protected-disclosurecontractually-protected-disclosurethe most elaborate form of disclosure by an IPEX. Contractually protected disclosure includes both chain-link confidential and contingent disclosure.LinkLink31#REF!The most detailed form of disclosure by an IPEX includes contractually protected disclosure, which encompasses both chain-link confidential and contingent disclosure.
335Gnricardian-contractricardian-contracta method of recording a document as a contract at law, and linking it securely to other systemsLinkLink21#REF!A way to record a document as a secure contract and link it to other systems.
336Kvcontingent-disclosurecontingent-disclosureLinkLink31#REF!NO INPUT
337Gveclipse-attackeclipse-attackan eclipse attack is a P2P network-based attack, an attacker tries to isolate a node from the rest of the networkLinkLink2#REF!1An eclipse attack is a P2P network attack where the attacker attempts to isolate a node from the network.
338Knpromiscuous-modepromiscuous-modethe indiscriminate mode a watcher (network) runs in.LinkLink3#REF!The mode of a watcher in a network.
339Gnprotocolprotocola code of correct conduct, in our case specifically communication protocols, cryptographic protocols, and decentralized network protocolsLinkLink1111#REF!11Our code of conduct includes communication, cryptographic, and decentralized network protocols.
340Gnpseudo-random-numberpseudo-random-numbera value that is statistically random, but it is (repeatedly) derived from a known starting pointLinkLink1A randomly derived value from a known starting point.
341Gvvalidatevalidatea decision to accept an outcomeLinkLink1deciding to accept an outcome
342Svverifyverifythe act, by or on behalf of a party, of determining whether that data is authentic, not expired, and conforms to other specifications.LinkLink2
343Snpersistent-identifierpersistent-identifierControl over this type of long-living identifier can be transferred by rotating keys.LinkLink2Keys can rotate to transfer control of long-living identifiers.
344Krinterleaved-serializationsinterleaved-serializationsSerializations of different types interleaved in an overarching formatLinkLink2Different types of serializations are interleaved in an overarching format.
345Srcollective-signaturecollective-signatureMultisignature scheme for a single resulting pubic keyLinkLink2Multisignature scheme for a single public key.
346Gngraph-fragmentgraph-fragmentan ACDC is a verifiable data structure and part of a graph consisting of a node fragment and edge fragmentsLinkLink2ACDC is a verifiable data structure that forms part of a graph, including a node fragment and edge fragments.
347Grpersistent-datastructurepersistent-datastructurean append only verifiable data structure. Hence, making them immutable means distributable and concurrency-friendly. What we sign may not change.LinkLink2An append-only, verifiable data structure makes them immutable, which enables distribution and concurrency. What we sign cannot be changed.
348Grcollisioncollisiona circumstance where two or more identifiers in a given namespace or a given scope cannot be unambiguously resolvedLinkLink1A situation where two or more identifiers in a namespace or scope cannot be resolved unambiguously.
349Gnschema-namespace-registryschema-namespace-registrya centrally managed schema registry where corporations or individuals reserve schemas within a specific namespace in order to have an interoperable schema that is labeled with a corporation-specific or individual-specific namespaceLinkLink2A centrally managed schema registry allows corporations or individuals to reserve interoperable schemas within a specific namespace. These labeled schemas are assigned a corporation-specific or individual-specific namespace.
350Gnschema-registryschema-registryregistry for credential schemas based on namespacesLinkLink2Registry for schemas based on namespaces.
351Gndomain-namedomain-nameis a string that identifies a realm of administrative autonomy on the internetLinkLink1A string that identifies an internet administrative realm.
352Gndomaindomaingeneral term for (an identifier of) an autonomous spaceLinkLink1General term for an autonomous space identifier.
353Gnregistryregistryan official digital record book, usually refering to one means to a specific instance, within a multi-tenant registry.LinkLink1An official digital record book typically refers to a specific instance within a multi-tenant registry.
354GrcomposabilitycomposabilityWhen any set of self-framing concatenated primitives expressed in either the text domain or binary domain may be converted as a group to the other domain and back again without loss.LinkLink2When a group of self-framing concatenated primitives can be converted from one domain (text or binary) to the other and vice versa without any loss.
356GainteroperableinteroperableInteroperability is a characteristic of a product or system to work with other products or systems.LinkLink1Interoperability is the ability of a product or system to work with others.
357GrinteroperabilityinteroperabilityInteroperability is a characteristic of a product or system to work with other products or systems.LinkLink1Interoperability is the ability of a product or system to work with others.
358Gncryptographic-primitivecryptographic-primitiveWell-established, low-level cryptographic algorithm that is frequently used to build cryptographic protocols for computer security systems; e.g. one-way hash functions and encryption functions.LinkLink1A well-known cryptographic algorithm commonly used in computer security systems for creating cryptographic protocols such as one-way hash functions and encryption functions.
359Gvconcatenationconcatenationthe operation of joining character strings end-to-end. E.g. 'snow' and 'ball' becomes 'snowball'LinkLink1The process of combining character strings to create a single string. For example, 'snow' and 'ball' combine to form 'snowball'.
360Gvmultiplexingmultiplexingis a method by which multiple analog or digital signals are combined into one signal over a shared medium. The aim is to share a scarce resource.LinkLink2Signal combining is a method to merge multiple analog or digital signals into a single shared signal. It aims to efficiently distribute limited resources.
361Gvpipeliningpipelininga set of data processing elements connected in series, where the output of one element is the input of the next one.LinkLink2A series of connected data processing elements, where the output of one element becomes the input for the next.
362Kngroup-framing-codegroup-framing-codecodes that can be specified to support groups of primitives. Grouping enables pipelining.LinkLink3Codes can be specified to support primitive groups, enabling pipelining.
363Krhierarchical-compositionhierarchical-compositionencoding protocol that is composable in a hierarchy and enables pipelining of complex streams in either text or compact binaryLinkLink3Composable and hierarchical encoding protocol enables pipelining of complex streams in text or binary formats.
364Knframe-codeframe-codecodes that can be specified to support groups of primitives. Grouping enables pipelining.LinkLink3Codes can be specified to support primitive groups, enabling pipelining.
365Kncount-codecount-codecodes that can be specified to support groups of primitives. Grouping enables pipelining.LinkLink3Codes can be specified to support primitive groups, enabling pipelining.
366Kngroup-codegroup-codecodes that can be specified to support groups of primitives. Grouping enables pipelining.LinkLink3Codes can be specified to support primitive groups, enabling pipelining.
367Satransferabletransferablecapable of loss-less transfer of control over identifiers, private keys, etc.LinkLink1Capable of lossless transfer of control for identifiers, private keys, etc.
368Gvpost-padpost-padthe action and / or result of extending a string with trailing pad characters to align to a certain length in bits or bytes.LinkLink3Extending a string with pad characters to align it to a specific length in bits or bytes is the act or outcome.
369Gvpre-padpre-padthe action and / or result of prepending a string with leading pad characters to align to a certain length in bits or bytes.LinkLink3Prepending a string with leading pad characters is the act of aligning it to a specific length in bits or bytes.
370Kvnaive-conversionnaive-conversiona text to binary conversion or vice versa that doesn't anticipate on either composability and / or on the concatenation capability of the result of such an operation.LinkLink3A text to binary conversion that does not consider composability or concatenation capabilities of the output.
371Gnpadpadis a character used to fill empty spaceLinkLink2Is a character used to fill empty space.
372Gnlead-byteslead-bytespre-conversion added characters in a pre-padded way, used to fill empty spaceLinkLink2Pre-conversion characters were added to fill empty space in a pre-padded manner.
373Gncode-tablecode-tablea code table is the Internet's most comprehensive yet simple resource for browsing and searching for various codes.LinkLink1A code table is the Internet's most comprehensive and user-friendly resource for browsing and searching various codes.
374Kncode-table-selectorcode-table-selectorthe first character in the text code of CESR stream that determines which code table to use.LinkLink3The first character in the text code of CESR stream determines the code table to use.
375Knsallysallya vLEI Audit Reporting Agent that receives presentations of credentials and notices of revocation.LinkLink3A vLEI Audit Reporting Agent that receives credential presentations and revocation notices.
376Knsignifysignifyis a web client (key) event signing - and key pair creation app that minimizes the use of KERI on the client.LinkLink3This is a web client app for event signing and key pair creation. It reduces the need for using KERI on the client.
377Gnescrowescrowa third party temporarily holds money or property until a particular condition has been met. The verb refers to handling out of order events in KERI.LinkLink1A third party temporarily holds funds or assets until a specific condition is met. The verb refers to managing out-of-sequence events in KERI.
378Knkeri-suite-search-enginekeri-suite-search-enginethe Docusaurus self-education site of Web-of-Trust GitHub repo with Typesense search facilitiesLinkLink1The Docusaurus self-education site for the Web-of-Trust GitHub repo now includes Typesense search capabilities.
379Knfield-mapfield-mapa traditional key:value pair renamed to avoid confusing with the cryptographic use of the term 'key'LinkLink3A traditional key:value pair is renamed to avoid confusion with the cryptographic meaning of the term 'key'.
380KrCLCCLCchain-link confidential, a disclosure mechnism of credentialsLinkLink3Chain-link confidential is a mechanism for disclosing credentials.
381Kvcold-start-stream-parsingcold-start-stream-parsingAfter a reboot a stream processor looks for framing information to know how to parse groups of elements in the stream.LinkLink3After a reboot, a stream processor searches for framing information to determine how to parse element groups in the stream.
382Kafully-compactfully-compactthe intermediate variant of a ACDC credential -> signed and its proofs anchored in key event logs.LinkLink3The intermediate ACDC credential variant is signed and its proofs are anchored in key event logs.
383Kamost-compactmost-compactthe most brief least disclosing version of an ACDC based credential.LinkLink3The shortest and least revealing ACDC credential version.
384Kafully-expandedfully-expandedthe most extensive most disclosing and most user-friendly version of an ACDC based credential.LinkLink3the most comprehensive, revealing, and user-friendly ACDC-based credential.
385GvRUNRUNread, update, nullify -> the new peer-to-peer end-verifiable monotonic update policyLinkLink1Read, update, nullify - the new P2P EV monotonic update policy.
386GvCRUDCRUDcreate, read, update, delete -> the traditional client-server database update policyLinkLink1The traditional client-server database update policy includes CRUD (Create, Read, Update, Delete) operations.
387Gnauthentic-webauthentic-weba mental model in which the whole internet is considered as a one giant verifiable data structureLinkLink1The internet is viewed as one giant, verifiable data structure.
388Kvrun-off-the-crudrun-off-the-cruda decentralised controlling peer does not create records in the traditional sense of a serverLinkLink3A decentralized controlling peer does not create traditional server records.
389Gnintegrityintegritythe information is whole, complete, sound, in good order and unimpaired (not necessarily correct)LinkLink1The information is complete, accurate, organized, and intact (not necessarily correct).
390Gnverified-integrityverified-integritya proof of unambiguous assessment whether the information is/continues to be whole, sound and unimpairedLinkLink2A proof of clear assessment of whether the information remains intact, reliable, and undamaged.
391Gvcomplementary-integrity-verificationcomplementary-integrity-verificationa mechanism that can verify integrity independent of needing access to a previous instance or reference version of the information for comparisonLinkLink3a mechanism that can independently verify integrity without needing access to a previous instance or reference version for comparison.
392Knprior-next-thresholdprior-next-thresholdLinkLink3NO INPUT
393Kncurrent-signing-thresholdcurrent-signing-thresholdLinkLink2NO INPUT
394Kndual-indexed-codesdual-indexed-codesa context-specific coding scheme, for the common use case of thresholded multi-signature schemes in CESRLinkLink3A specific coding scheme for thresholded multi-signature schemes in CESR.
395KnkeripykeripyPython implementation of KERILinkLink2Python implementation of KERI
396Knkeri-oxkeri-oxRUST implementation of KERILinkLink2RUST KERI Implementation
397Snpiipiipersonally identifiable informationLinkLink1PII
398Srcontextual-linkabilitycontextual-linkabilitywhen data capture points provide enough context to be able to use statistical correlation to link existing data sets describing a person to that same person's disclosed attributesLinkLink3When data capture points give enough context to use statistical correlation in linking existing data sets describing a person to that person's disclosed attributes.
399Krblinded-revocation-registryblinded-revocation-registrya transaction event log hidden or blinded; the only way a verifier can observe the state is when the AID controller discloses it at presentation timeLinkLink3A hidden or blinded transaction event log; the verifier can only observe the state when the AID controller discloses it during presentation.
400Gvrainbow-table-attackrainbow-table-attacka password cracking method that uses a special table (a “rainbow table”) to crack the password hashes in a databaseLinkLink1The method uses a special table, known as a "rainbow table," to crack password hashes in a database.
401KrSKWASKWASimple KERI for Web AuthLinkLink3Simple KERI for Web Authentication.
402Knsimple-keri-for-web-authsimple-keri-for-web-authA KERI implementation that sacrifices performance or other non-security feature for usability.LinkLink3A KERI implementation sacrificing performance or other non-security features for usability.
403KrKRAMKRAMKERI Request Authentication Method for replay protectionLinkLink3Keri requests an authentication method for replay protection.
404Krkeri-request-authentication-methodkeri-request-authentication-methodKERI Request Authentication Method for replay protectionLinkLink3Keri requests an authentication method for replay protection.
405Knjurorjurorperforms duplicity detection on events and event receiptsLinkLink3performs duplicate detection on events and event receipts
406Knjuryjuryset of entities or components acting as jurorsLinkLink3A group of entities or components that act as jurors.
407Knopcodeopcodeprovide stream processing instructions that are more general and flexibleLinkLink3Provide more general and flexible stream processing instructions.
408Knversion-codeversion-codetells you which set of tables to load and it tells the table state.LinkLink3NO INPUT
409Knstrip-parameterstrip-parametertells us what part of the CESR stream will be parsed by which codeLinkLink3This text shows which code will parse each part of the CESR stream.
410Knparsideparsideparser library for Composable Event Streaming Representation (CESR)LinkLink3CESR parser library
411Knversion-stringversion-stringa workaround to make JSON, CBOR and MGPK self-framing in CESRLinkLink3A workaround to make JSON, CBOR, and MGPK self-framing in CESR.
412Kncesridecesridecryptographic primitives for use with Composable Event Streaming Representation (CESR)LinkLink3Cryptographic primitives for CESR.
413Knsniffersnifferthe sniffer is part of Parside and detects if the CESR stream contains CESR binary, CESR Text, JSON, CBOR, MGPKLinkLink3The sniffer, which is part of Parside, detects CESR binary, CESR Text, JSON, CBOR, and MGPK in the CESR stream.
414GnPRNGPRNGPseudorandom Number GeneratorLinkLink2Pseudorandom Number Generator
415GnCSPRNGCSPRNGCryptographically Secure Pseudorandom Number GeneratorLinkLink2Cryptographically Secure PRNG
416GnFFIFFIForeign Function InterfaceLinkLink2Foreign Function Interface (FFI)
417Gnforeign-function-interfaceforeign-function-interfaceIs a mechanism by which a program written in one programming language that can call routines or make use of services written or compiled in another oneLinkLink2It is a way for a program in one programming language to call routines or utilize services from another language.
418GnHDKHDKhierchical deterministic keyLinkLink1Hierarchical deterministic key.
419GnHSMHSMhardware security moduleLinkLink1Hardware security module
420Kvpartial-disclosurepartial-disclosurean ACDC attribute section that can disclosed (a nested branch in a tree), you can either decide to disclose or notLinkLink3ACDC attribute section can be disclosed, like a nested branch in a tree. You have the option to disclose or not.
421Kvselective-disclosureselective-disclosureselective disclosure is a list of field maps, that you can choose to blind and publish, however all are disclosured.LinkLink3Selective disclosure is a list of field maps that you can choose to blind and publish. However, all of them are disclosed.
422Kvfull-disclosurefull-disclosurea disclosure of data in all its detailsLinkLink1data disclosure
423Krthreshold-of-accountable-duplicitythreshold-of-accountable-duplicityController provides itself with any degree of protection by giving a minimum number of confirming witnesses sufficient given a certain accountability.LinkLink3The controller protects itself by having a few confirming witnesses to ensure accountability.
424KnTOADTOADthreshold of accountable duplicity; provided by controller concerning witnessesLinkLink3Accountable duplicity threshold provided by controller for witnesses.
425KnkeridekerideRust library for Key Event Receipt InfrastructureLinkLink3Rust lib for Key Event Receipt
426KnKERIAKERIAKERI agent in the cloudLinkLink3KERI cloud agent
427KrSignifideSignifidesigning at the edgeLinkLink3Signing on the edge.
428KnkiwikiwiUI tooling for working with KERILinkLink3UI tooling for KERI
429Gnhardware-security-modulehardware-security-modulea physical computing device that safeguards and manages secrets (most importantly digital keys)LinkLink1A device that safeguards and manages secrets, specifically digital keys.
430Gnhierchical-deterministic-keyshierchical-deterministic-keysa type of deterministic bitcoin wallet derived from a known seed, that allow for the creation of child keys from the parent keyLinkLink1A deterministic bitcoin wallet can be created from a known seed, allowing for the generation of child keys from the parent key.
431KrSKRAPSKRAPSignify/KERIA Request Authentication ProtocolLinkLink3Signify/KERIA Authentication Protocol Request
432Krsignify-keria-request-authentication-protocolsignify-keria-request-authentication-protocolThe KERIA service will expose 3 separate HTTP endpoints on 3 separate network interfacesLinkLink3The KERIA service will have 3 HTTP endpoints on 3 network interfaces.
433Sndead-attackdead-attackan attack on an establishment event that occurs after the Key-state for that event has become staleLinkLinkNO INPUT
434KvprefixingprefixingprefixingLinkLink3Prefixing
435Kvpathingpathingenables sending portions of a credentialLinkLink3enables sending parts of a credential
436KvparsingparsingparsingLinkLink3Parsing
437Krbespoke-credentialbespoke-credentialIt's a custom issuance of the presentation of other ACDCs, it serves as an on-the-fly contract with the issuee; it's a self-referencing and self-contained contractLinkLink3It is a customized presentation of other ACDCs. It serves as a contract with the issuee on-the-fly. It is a self-referencing and self-contained contract.
438KnKERIMaskKERIMaskA wallet similar to MetaMask that will connect to KERIA servers in order for a person to control AIDs from their browser.LinkLink3A MetaMask-like wallet to connect to KERIA servers, enabling browser-based control of AIDs.
439KnKERISSEKERISSEKERI Suite Search EngineLinkLink1KERI Search Engine
440Knkeri-suitekeri-suiteis the set of inter-related developments (KERI, ACDC, OOBI, CESR, IPEX, etc) under the Web-of -Trust user on GithubLinkLink1This is a collection of interconnected developments (KERI, ACDC, OOBI, CESR, IPEX, etc.) used by the Web-of-Trust user on Github.
441KnndigsndigsDigests of keys, used to prove control over keys or to hide keysLinkLink3Key digests are used to prove control over keys or conceal them.
442Knverferverfera primitive that represents a public keyLinkLink3A public key primitive.
443Kndigerdigera primitive that represents a digestLinkLink3A primitive representing a digest.
444Kncigarcigaran unindexed signatureLinkLink3an unindexed signature.
445Knsigersigeran indexed signature used within KERI when there are multiple current keys to an identifierLinkLink3An indexed signature is used in KERI when there are multiple current keys for an identifier.
446Knsignersignera primitive that represents a private keyLinkLink3A primitive representing a private key.
447Knsaltersaltera primitive that represents a seed that has the ability to generate new SignersLinkLink3A seed that can generate new Signers.
448GnLLMLLMLarge Language ModelLinkLink2Language Model
449Gnlarge-language-modellarge-language-modelIs a language model consisting of a neural network with many parametersLinkLink2The language model is a neural network with numerous parameters.
450KnixnixnField name for Interaction Event; its content contains a hash pointerLinkLink3Interaction Event Field: Contains a hash pointer.
451KnrotrotField name for Rotation Event; its content contains a hash pointerLinkLink3Field name: Rotation Event Content: Contains a hash pointer
452GnJSONJSONJavaScript Object NotationLinkLink1JavaScript Object Notation
453Kvicpicpincept, inceptionLinkLink3inception
454Kvvcpvcpvdr incept, verifiable data registry inceptionLinkLink3VDR, Verifiable Data Registry, inception
455Kvbisbisbacked vc issue, registry-backed transaction event log credential issuanceLinkLink3VC issuance, registry-backed transaction log for credential issuance.
456Gnconcise-binary-object-representationconcise-binary-object-representationIt is a binary data serialization format loosely based on JSONLinkLink3It's a binary data serialization format loosely based on JSON.
457Kvbrvbrvbacked vc revoke, registry-backed transaction event log credential revocationLinkLink3Revoked VC, registry-backed transaction event log for credential revocation.
458Kvvrtvrtvdr rotate, verifiable data registry rotationLinkLink3VDR Rotate: Verifiable Data Registry Rotation.
459Krsecure-private-authentic-confidentialitysecure-private-authentic-confidentialityLinkLink3NO INPUT
460KrSPACSPACsecure private authentic confidentialityLinkLink3Secured, private, authentic, confidential.
461Krdead-dropdead-dropa presenter controls the disclosure so you can't re-identify the dataLinkLink3The presenter controls the disclosure, preventing data re-identification.
462Knampleampleminimum required number of participants in an event to have a supermajority in the consensus agreement algorithm (KAACE) in KERILinkLink3The minimum number of participants needed for a supermajority in the consensus agreement algorithm (KAACE) in KERI.
463GrsupermajoritysupermajoritySufficient majority immune to certain kinds of attacks or faultsLinkLink3Sufficient majority immune to certain attacks or faults.
464GnCBORCBORconcise binary object representationLinkLink2Concise binary object rep
465Kntholdertholdert-holder object that supports fractionally-weighted thresholdsLinkLink3T-holder object supporting fractional-weighted thresholds
466KnbexterbexterA class (programming code) in CESR that preserves its integrity in a round-trip conversion even though it offers variable length textLinkLink3A class in CESR that maintains its integrity in a round-trip conversion despite variable length text.
467Krmoobimoobito share a bunch of different end-points (oobis) all at onceLinkLink3to share multiple end-points (oobis) simultaneously
468Gnts-nodets-nodenpm package that lets you run typescript from a shellLinkLink3npm package for running TypeScript from a shell.
469Kninterceptorinterceptora keria class that allows to push events happening inside the cloud agent to other backend processesLinkLink3A Keria class enables pushing cloud agent events to other backend processes.
470Knsalty-nonce-blinding-factorsalty-nonce-blinding-factorSelectively share a secret and hide information with this secretLinkLink3NO INPUT
471Knilkilkshort for message typeLinkLink3Short for message type.
472Kvdipdipdelcept, delegated inceptionLinkLink3Delcept, Delegated Inception.
473Kvdrtdrtdeltate, delegated rotationLinkLink3Deltate: delegated rotation.
474KnrctrctreceiptLinkLink3Receipt.
475Knksnksnsate, key state noticeLinkLink3State key notice
476KvqryqryqueryLinkLink3Query.
477KvrpyrpyreplyLinkLink3Reply.
478KvexnexnexchangeLinkLink3Exchange.
479Kvexpexpexpose, sealed data expositionLinkLink3Data exposure.
480Kvississvc issue, verifiable credential issuanceLinkLink3VC issuance: verifiable credential issuance.
481Kvrevrevvc revoke, verifiable credential revocationLinkLink3VC revocation, or verifiable credential revocation.
482Knvdrvdrverifiable data registryLinkLink3Verifiable data registry.
483KrKATEKATEKate = KERI at the EdgeLinkLink3Kate at the Edge = KERI
484KvspurnspurnRejectLinkLink3Reject.
485Gvdnddnddo not delegateLinkLink3Don't delegate.
486GvrevocationrevocationThe act of recall or annulment. It is the cancelling of an act, the recalling of a grant or privilege.LinkLink2Recall or annulment is the act of canceling or recalling an act, grant, or privilege.
487Gnverifiable-data-registryverifiable-data-registrya Verifiable Data Structure that actually holds contentLinkLink3A verifiable data structure that holds content securely.
488GnVDRVDRVerifiable Data Registry, a Verifiable Data Structure that actually holds contentLinkLink3Verifiable Data Registry, a structure that holds content and is verifiable.
489GrE2EE2Eend-to-endLinkLink1End-to-end.
490Grend-to-endend-to-endInter-host communication and data flow transformations, considered in motion and at restLinkLink1Inter-host communication and data flow transformations, both in motion and at rest.
491Kvduplicity-detectionduplicity-detectionA mechanism to detect duplicity in cryptographically secured event logLinkLink2Detecting duplicity in cryptographically secured event log
492Grdouble-spend-proofdouble-spend-proofTotal global ordering of transactions so that you can't spend value twiceLinkLink2Global ordering prevents double spending.
493GvMFAMFAmulti-factor authenticationLinkLink1Multi-factor authentication.
494Gvmulti-factor-authenticationmulti-factor-authenticationAuthentication by combining multiple security factors, e.g. what you know, what you have and what you are.LinkLink1Authentication by combining multiple security factors, such as knowledge, possession, and identity.
495Grthreshold-structure-securitythreshold-structure-securityAllows for weaker key management or execution environment infrastructure individually, but achieves greater overall security by multiplying the number of attack surfacesLinkLink3Allows for weaker management or execution environment, but improves overall security by increasing attack surfaces.
496GnTEETEEtrusted-execution-environment; protected hardware/software/firmware security systemLinkLink2trusted execution environment: secure hardware/software/firmware system
497Gntrusted-execution-environmenttrusted-execution-environmentProtected hardware/software/firmware security systemLinkLink2Protected hardware and software security system
498Grsecurity-overlay-properties-trillemasecurity-overlay-properties-trillemaan identifier system has some degree of any combination of the three properties authenticity, privacy and confidentiality, but not all three completelyLinkLink3An identifier system possesses some combination of the three properties: authenticity, privacy, and confidentiality, but never all three to their fullest extent.
499Srautonomic-trust-basisautonomic-trust-basisto form this we use an AID as the root-of-trustLinkLink3To create this, we utilize an AID as the root of trust.
500Snautonomic-identifierautonomic-identifierself-managing self-certifying identifierLinkLink2self-managing, self-certifying identifier.
501Snlegitimized-human-meaningful-identifierlegitimized-human-meaningful-identifieridentifier authorised through its autonomic identifier coupletLinkLink2Authorized identifier through an autonomous identifier couplet.
502SnLIDLIDLegitimized (or authorised) human meaningful identifierLinkLink2Human meaningful ID
503Snsecuritysecurityin identifier systems it means secure from exploit or compromiseLinkLink1In identifier systems, it refers to being secure against exploits or compromises.
504Sasecuresecurein identifier systems it means secure from exploit or compromiseLinkLink1In identifier systems, it refers to being secure against exploits or compromises.
505Krunivalentunivalenthaving a unique and non-ambiguous identifier for each entity or resourceLinkLink2Each entity or resource should have a unique and unambiguous identifier.
506Krmulti-valentmulti-valentA situation in which a delegator may have multiple delegates thereby enabling elastic horizontal scalability.LinkLink2NO INPUT
507Srsecurity-cost-performance-architecture-trade-offsecurity-cost-performance-architecture-trade-offLinkLink3NO INPUT
508Krcooperative-delegationcooperative-delegationA type of delegation that needs both a delegator and a delegate to be establishedLinkLink3NO INPUT
509GnTPMTPMtrusted platform module; a device that enhances the security and privacy by providing hardware-based cryptographic functionsLinkLink3Trusted Platform Module (TPM) is a device that enhances security and privacy through hardware-based cryptographic functions.
510Gntrusted-platform-moduletrusted-platform-moduleA device that enhances the security and privacy by providing hardware-based cryptographic functionsLinkLink3A device that enhances security and privacy using hardware-based cryptographic functions.
511KrbivalentbivalentTwo independent key management infrastructures with no movement of private keys between the two.LinkLink2NO INPUT
512Snkeri‐event‐streamkeri‐event‐streamA stream of verifiable KERI data, consisting of the key event log and other data such as a transaction event logLinkLink3A verifiable stream of KERI data, including the key event log and other transaction event logs.
513Snstale-keystale-keyA stale key is an outdated or expired encryption key that should no longer be used for securing dataLinkLink2A stale key is an outdated or expired encryption key that shouldn't be used for securing data anymore.
514Snstale-eventstale-eventAn outdated or irrelevant (key) event involving an expired encryption key that may compromise securityLinkLink2An obsolete or irrelevant event related to an expired encryption key that could jeopardize security.
515GrprivacyprivacyPrivacy is the ability of an individual or group to seclude themselves or information about themselvesLinkLink1Privacy is the ability for individuals or groups to hide themselves or their personal information.
516Gnconfidentialityconfidentialitya set of rules or a promise that limits the access or places restrictions on certain types of informationLinkLink1Rules or promises that limit access or place restrictions on certain information.
517KnRIDRIDRoot autonomic identifierLinkLink3Root identifier
518Knroot-autonomic-identifierroot-autonomic-identifierAn entity may provide the root-of-trust for some ecosystem (with delegations) via its root autonomic identier (AID).LinkLink3An entity can offer the root-of-trust for an ecosystem through its root autonomic identifier (AID) and delegations.
519KaprovenancedprovenancedThe act of verifying authenticity or quality of documented history or origin of somethingLinkLink2Verifying the authenticity or origin of something.
520Krnon-interactive-authentication-designnon-interactive-authentication-designNon-interactive Authentication DesignLinkLink3Non-interactive Authentication Design, shortened and with grammar corrected
521Krinteractive-authentication-designinteractive-authentication-designsecure authentication through an interactive mechanism that requires a set of requests and responses or challenge responses with challenge response repliesLinkLink3Secure authentication is achieved through an interactive mechanism that involves requesting and responding with challenge responses.
522SrESSRESSREncrypt Sender, Sign the ReceiverLinkLink2Encrypt sender, sign receiver.
523SnVIDVIDVerifiable IdentifierLinkLink2Verifiable ID
524Srencrypt‐sender‐sign‐receiverencrypt‐sender‐sign‐receiverEncrypt Sender, Sign the ReceiverLinkLink2Encrypt sender, sign receiver.
525Snverifiable-identifierverifiable-identifierCryptographically verifiable authentic identifierLinkLink2Cryptographically verifiable identifier
526Sntrust-spanning-protocoltrust-spanning-protocolProtocol using VIDs that signs every single message on the internet.LinkLink2Protocol using VIDs that signs every internet message.
527SnTSPTSPTrust spanning protocol, using VIDs that signs every single message on the internet.LinkLink2TrustSpan protocol, utilizing VIDs to sign every internet message.
528Svprivacy-washingprivacy-washingDe-identification so that it provides a personal data safe harbour and could be legally acceptable forwardedLinkLink1De-identification provides a safe harbor for personal data and can be legally acceptable when forwarded.
529SnDKRDKRDid:keri resolverLinkLink2Did Keri resolve?
530SnreputationreputationConsistent behaviour over time on the basis of which anyone else makes near-future decisionsLinkLink1Consistent behavior over time on which others base near-future decisions.
531Srdiscoverydiscoverya discovery mechanism helps to locate and verify digital identities without relying on a central authorityLinkLink1A discovery mechanism allows locating and validating digital identities without relying on a central authority.
532Srbroken-object-level-authorizationbroken-object-level-authorizationor BOLA, refers to security flaws where users can access data they shouldn'tLinkLink3BOLA stands for security flaws allowing unauthorized data access.
533SnBOLABOLABroken Object Level AuthorizationLinkLink3Broken Object-Level Authorization
534Kvread-update-nullifyread-update-nullifyor "RUN"; Read, update, nullify are actions you can take on data, no create or deleteLinkLink3"RUN": Read, update, and nullify are actions for data manipulation, without the ability to create or delete.
535KvRUNRUNread-update-nullify, actions you can take on data, no create or delete.LinkLink3Read, update, and nullify data - these are the actions you can take. No creating or deleting is allowed.
536Krdirect-modedirect-mode(one-to-one) trust mode in KERI, in which the identity controller establishes control via verified signatures of the controlling key-pair.LinkLink3KREI employs a one-to-one trust mode where the identity controller gains control through verified signatures of the controlling key-pair.
537Krindirect-modeindirect-mode(one-to-many) trust mode in KERI, which extends the direct trust basis with witnessed key event receipt logs (KERL) for validating events.LinkLink3In KERI, there is a trust mode called one-to-many that adds witnessed key event receipt logs (KERL) to validate events.
538Krend-roleend-roleAn end role is an authorization for one AID to serve in a role for another AID.LinkLink3An end role authorizes one AID to serve in another AID's role.
539KnhabhabA Hab is a keystore for one identifier.LinkLink3A Hab is a store for one identifier.
540Sridentity-assuranceidentity-assuranceThe heavy-lifting to be done to establish reputational trust, KERI is for attributional trustLinkLink3Establishing reputational trust requires significant effort, while KERI is aimed at achieving attributional trust.
541Srattributional-trustattributional-trustYou can't have reputation without attributional trust, KERI offers cryptographic root-of-trustLinkLink2
542Srreputational-trustreputational-trustidentity-assurance by a trusted partyLinkLink2
543GnADRADRArchitectural Decision RecordsLinkLink2
544Gnarchitectural-decision-recordarchitectural-decision-recordjustified software design choice that addresses an architectural requirementLinkLink2
545GnMIME-typeMIME-typeAlso 'media type'; a standard way to indicate the nature and format of a file, like 'image/jpeg' for JPEG images, used on the internet.LinkLink1
546Gnmedia-typemedia-typeAlso 'MIME type'; a standard way to indicate the nature and format of a file, like 'image/jpeg' for JPEG images, used on the internet.LinkLink1
547Knlisted-identifierlisted-identifiera list in an ACDC of authorised did:webs identifier + methodLinkLink3
548Srdesignated-aliasesdesignated-aliasesAn AID controller can designate aliases which are AID controlled identifiers such as a did:keri, did:webs, etcLinkLink2
549KasniffablesniffableA stream is sniffable as soon as it starts with a CESR group code or field mapLinkLink3
550KnreconciliationreconciliationReconciliation is the process in which you decide to accept a fork of the KEL or not.LinkLink2
551Snpartypartyan entity who participates or is concerned in an action, proceeding, plan, etc.LinkLink1
553SnverificationverficationAn action an agent (of a principal) performs to determine the authenticity of a claim or other digital object using a cryptographic key.LinkLink2
554KnkeverkeverKever is a key event verifierLinkLink3
555Snkerifickerifickerific is a front plugin or extension for Chrome and Brave, that matches words in text on the web that offers buttons to various SSI glossaries and definitions.LinkLink1
556Kraccess-controlled-interactionaccess-controlled-interactionAccess controlled actions like submitting a reportLinkLink3
557Krregistration-interactionregistration-interactionSetup/Registration interaction, new AID and authorization to establish access controlLinkLink3
559KnxipxipA message that allows a transaction set to become duplicity evidentLinkLink2
560KnKAPIKAPIKERI APILinkLink1
561Saself-authenticatingself-authenticatingself-certifyingLink
562Knconfiguration-traitsconfiguration-traitsA list of specially defined strings representing a configuration of a KELLinkLink3
563Kaabandoned-identifierabandoned-identifierAn AID is abandoned when there is no further possibility to register any next key event in a KELLink
564KnstreamerstreamerA convenience class for supporting stream parsing, including nested CESR streamsLink
565GncanonicalizationcanonicalizationA process for converting data that has more than one possible representation into a "standard" formLink