dbis_core/docs/volume-vi/sdip.md

Sovereign Digital Identity Passport (SDIP)

Overview

SDIP is the global cryptographic identity passport for Sovereign Central Banks, private banks, individuals, institutions, and smart contracts. It is issued by the DBIS Sovereign Identity Fabric (SIF) and extends the GBIG system from Volume V.

Passport Structure

SDIP = {
  entity_type: SCB | Bank | Person | Contract,
  sovereign_issuer: SCB,
  root_cert: HSM_SIGNATURE,
  pq_signature: DILITHIUM_SIGNATURE,
  expiry: YYYY-MM-DD,
  revocation_status: ACTIVE/REVOKED,
  attributes: {...}
}

Trust Levels

• TL0: Anonymous/Unverified
• TL1: Verified KYC/Bank
• TL2: Sovereign Verified
• TL3: SCB/High Authority
• TL4: DBIS Governance-Level Access

Lifecycle

1. Identity verification
2. Key generation inside PQ-HSM
3. Passport issuance
4. Continuous trust scoring
5. Expiration/renewal
6. Revocation

API Endpoints

Issue Passport

POST /api/v1/sdip/issue

Verify Passport

GET /api/v1/sdip/verify/:passportId

Get Passport

GET /api/v1/sdip/:passportId

Get Passports by Entity

GET /api/v1/sdip/entity/:entityId

Calculate Trust Score

GET /api/v1/sdip/:passportId/trust-score

Renew Passport

POST /api/v1/sdip/:passportId/renew

Revoke Passport

POST /api/v1/sdip/:passportId/revoke

Get Expiring Passports

GET /api/v1/sdip/expiring?daysAhead=30

Usage Example

import { sdipService } from '@/core/identity/sdip';

// Issue passport
const passport = await sdipService.issuePassport({
  entityType: 'SCB',
  entityId: 'entity-id',
  sovereignIssuer: 'OMNL',
  trustLevel: 'TL3',
  validityYears: 1,
});

// Verify passport
const verification = await sdipService.verifyPassport(passport.passportId);

// Calculate trust score
const trustScore = await sdipService.calculateTrustScore(passport.passportId);

Database Models

• SovereignDigitalIdentityPassport: Passport records with PQ signatures
• SDIPRevocation: Revocation records