# Sovereign Digital Identity Passport (SDIP) ## Overview SDIP is the global cryptographic identity passport for Sovereign Central Banks, private banks, individuals, institutions, and smart contracts. It is issued by the DBIS Sovereign Identity Fabric (SIF) and extends the GBIG system from Volume V. ## Passport Structure ```typescript SDIP = { entity_type: SCB | Bank | Person | Contract, sovereign_issuer: SCB, root_cert: HSM_SIGNATURE, pq_signature: DILITHIUM_SIGNATURE, expiry: YYYY-MM-DD, revocation_status: ACTIVE/REVOKED, attributes: {...} } ``` ## Trust Levels - **TL0**: Anonymous/Unverified - **TL1**: Verified KYC/Bank - **TL2**: Sovereign Verified - **TL3**: SCB/High Authority - **TL4**: DBIS Governance-Level Access ## Lifecycle 1. Identity verification 2. Key generation inside PQ-HSM 3. Passport issuance 4. Continuous trust scoring 5. Expiration/renewal 6. Revocation ## API Endpoints ### Issue Passport ```http POST /api/v1/sdip/issue ``` ### Verify Passport ```http GET /api/v1/sdip/verify/:passportId ``` ### Get Passport ```http GET /api/v1/sdip/:passportId ``` ### Get Passports by Entity ```http GET /api/v1/sdip/entity/:entityId ``` ### Calculate Trust Score ```http GET /api/v1/sdip/:passportId/trust-score ``` ### Renew Passport ```http POST /api/v1/sdip/:passportId/renew ``` ### Revoke Passport ```http POST /api/v1/sdip/:passportId/revoke ``` ### Get Expiring Passports ```http GET /api/v1/sdip/expiring?daysAhead=30 ``` ## Usage Example ```typescript import { sdipService } from '@/core/identity/sdip'; // Issue passport const passport = await sdipService.issuePassport({ entityType: 'SCB', entityId: 'entity-id', sovereignIssuer: 'OMNL', trustLevel: 'TL3', validityYears: 1, }); // Verify passport const verification = await sdipService.verifyPassport(passport.passportId); // Calculate trust score const trustScore = await sdipService.calculateTrustScore(passport.passportId); ``` ## Database Models - `SovereignDigitalIdentityPassport`: Passport records with PQ signatures - `SDIPRevocation`: Revocation records