did:key

did:key is the simplest DID method: the DID is the public key, encoded as a multibase-multicodec string. Resolution is purely algorithmic — given a did:key identifier, you can derive the DID document directly without any HTTP call or ledger lookup.

The appeal is self-contained trust: did:key identifiers never go stale, don't depend on domain ownership or ledger availability, and can't be revoked at the DID level (though the keys themselves can still be marked compromised out-of-band). The constraint is that key rotation means a new DID — the identifier and the key are the same thing.

did:key is common in wallet-to-wallet flows where the DID represents a one-shot cryptographic identity for a specific interaction. LearnCoin uses did:web for the issuer side (where domain-ownership trust is the appropriate model); did:key is more likely to appear on the recipient/holder side if LearnCoin ships a wallet surface in the future.