Add did:trail method entry

[chrishooooo-netizen]

DID Method Registration

As a DID method registrant, I have ensured that my DID method registration complies with the following statements:

• The DID Method specification defines the DID Method Syntax.
• The DID Method specification defines the Create, Read, Update, and Deactivate DID Method Operations.
• The DID Method specification contains a Security Considerations section.
• The DID Method specification contains a Privacy Considerations section.
• The JSON file I am submitting has passed all automated validation tests below.
• The JSON file contains a contactEmail address [OPTIONAL].
• The JSON file contains a verifiableDataRegistry entry [OPTIONAL].

[chrishooooo-netizen]

Thanks for catching that, @davidlehn! The domain trailprotocol.org is now registered and live with the specification, whitepaper, and project details.

I've updated the contactWebsite URL in this PR accordingly. The spec has also been updated to v1.1.0-draft based on initial community feedback, and a working reference implementation (@trailprotocol/core) is now available in the repository.

Let me know if there's anything else needed for the submission.

[chrishooooo-netizen]

TRAIL Protocol Update — v1.1.1-draft (2026-03-04)

Following the v1.1.0-draft update earlier today, we have addressed 10 additional issues identified during a comprehensive internal cryptographic and protocol review. All changes are committed to the trail-did-method repository.

Changes Summary

Cryptographic correctness:

• Replaced non-standard eddsa-2022 cryptosuite identifier with the W3C-registered eddsa-jcs-2023
• Implemented RFC 8785 (JSON Canonicalization Scheme) for deterministic signing — replacing a custom canonicalization function
• Increased content-addressable hash suffix from 32-bit to 48-bit (8 → 12 hex characters) for stronger collision resistance

ABNF grammar fix:

• Separated ABNF production rules for org/agent mode (slug + hash) vs. self mode (multibase public key) — the previous grammar incorrectly implied all modes use the same identifier structure

Documentation improvements:

• Created actual JSON-LD @context file at trailprotocol.org/ns/did/v1 (previously referenced but non-existent)
• Aligned spec §10 code examples with the actual @trailprotocol/core API
• Documented Tier 0 (self-signed) revocation limitations explicitly
• Added §7.3.6 Trust Score Limitations (self-attestation boundaries for D3/D4 dimensions)
• Documented key rotation semantics and self-mode implications
• Added Appendix C with 4 reproducible test vectors (key material, DID construction, slug normalization, JCS canonicalization)

Reference implementation:

• New jcs.ts module (RFC 8785 compliant, zero dependencies)
• 34 tests passing (9 new JCS-specific tests)

All changes strengthen W3C DID Core 1.0 conformance. The specification, examples, and reference implementation remain consistent.

Spec: spec/did-method-trail-v1.md

[chrishooooo-netizen]

🔄 Spec Update: v1.1.0-draft — Crypto Agility, Key Rotation, Versioning

We've pushed a significant update to the did:trail specification and reference implementation:

New in v1.1.0-draft

Spec Changes (4 new sections):

• §8.2 Crypto Agility — SUPPORTED_CRYPTOSUITES registry with migration path for future algorithm transitions. DID Documents declare supported suites via trail:supportedCryptosuites.
• §8.8 Key Rotation Protocol — Formal key rotation for org/agent DIDs. Previous keys retained for historical verification. Self-mode DIDs cannot rotate (key = identifier).
• §8.9 Specification Versioning — trail:specVersion property in DID Documents. Follows Semantic Versioning 2.0.0.
• §8.10 Revocation Roadmap — Planned W3C StatusList2021 integration for credential revocation.

Reference Implementation (@trailprotocol/core):

• createProof() now accepts explicit cryptosuite parameter (default: eddsa-jcs-2023)
• rotateKey() function for org/agent DID key rotation
• isSupportedCryptosuite() runtime validation
• SPEC_VERSION constant (1.1.0)
• 49 tests across 12 suites, all passing (was 34 tests in previous update)

Changelog items #10-#13 added to spec (on top of the 9 fixes from the previous update).

📂 Full diff: trailprotocol/trail-did-method@c9efb20...76496e2

[chrishooooo-netizen]

Security Fix + Spec Enhancements (2026-03-04)

🔒 BREAKING: Hash suffix increased from 48-bit to 64-bit

The trail-hash ABNF production has been changed from 12HEXDIG to 16HEXDIG. The previous 48-bit truncation had a birthday bound of only ~16.7M identifiers — insufficient for a globally-scoped DID method. The new 64-bit suffix provides collision resistance to approximately 4.3 billion identifiers (birthday bound: 2^32).

trail-hash = 16HEXDIG   ; was: 12HEXDIG

This change affects all org and agent mode identifiers. self mode (multibase public key) is unaffected.

New: Technical differentiation matrix (§1.3)

Added did:ebsi to the DID method comparison table and a new 10-criterion technical differentiation matrix covering: ledger type, resolution latency, AI-agent specificity, EU AI Act alignment, self-signed mode, key rotation, governance model, cost, GDPR compliance, and crypto agility — across did:trail, did:web, did:ion, and did:ebsi.

New: Protocol Roadmap (§8.11)

Added formal roadmap section documenting planned features for v1.2.0 (npm publish, CI/CD, credential revocation, Universal Resolver driver) and v2.0.0 (Registry Server, Trust Score Engine, multiple reference implementations, post-quantum migration).

Reference Implementation

• All 49 tests passing across 12 suites
• computeTrailHash() now returns 16-char hex (64-bit)
• Parser updated to expect 16-char hash suffix

📂 Full diff: trailprotocol/trail-did-method@76496e2...824653c

[chrishooooo-netizen]

Hi @OR13 @msporny @rhiaro — just a friendly ping on this PR.

Since the initial submission, we've made solid progress on the did:trail ecosystem:

• Universal Resolver driver is live: PR #546 is open against the DIF Universal Resolver, with the driver image published at
• Test DID resolves correctly: did:trail:self:zEFoeeXsQtCAK9itr35Hf8W2HF5tAPTrKUKK1nC3RnUx4 returns a valid W3C DID Resolution Result
• DIF membership: TRAIL Protocol / TrailSign AI GmbH has signed the DIF Contributor Agreement (confirmed by Grace Rachmany)

We'd be grateful for a review when you have a moment. Happy to address any feedback.

[gatemezing]

You need to change the status in the JSON file to "registered"

[chrishooooo-netizen]

You need to change the status in the JSON file to "registered"

Thanks @gatemezing - updated methods/trail.json:

• status changed from "provisional" to "registered" per your review

Commit: cd4f0e7

Thank you for this useful hint!