DDO Specification
Specification of decentralized identifiers for assets in Ocean Protocol using the DDO standard.
Last updated
Specification of decentralized identifiers for assets in Ocean Protocol using the DDO standard.
Last updated
Copyright 2024 Ocean Protocol Foundation Ltd.
The below diagram shows the high-level DDO schema depicting the content of each data structure and the relations between them.
Please note that some data structures apply only on certain types of services or assets.
A DDO in Ocean has these required attributes:
@context
Array of string
Contexts used for validation.
id
string
Computed as sha256(address of ERC721 contract + chainId)
.
version
string
chainId
number
Stores the chainId of the network the DDO was published to.
nftAddress
string
NFT contract linked to this asset
metadata
Stores an object describing the asset.
services
Stores an array of services defining access to the asset.
credentials
Describes the credentials needed to access a dataset in addition to the services
definition.
This object holds information describing the actual asset.
created
ISO date/time string
Contains the date of the creation of the dataset content in ISO 8601 format preferably with timezone designators, e.g. 2000-10-31T01:30:00Z
.
updated
ISO date/time string
Contains the date of last update of the dataset content in ISO 8601 format preferably with timezone designators, e.g. 2000-10-31T01:30:00Z
.
description
*
string
Details of what the resource is. For a dataset, this attribute explains what the data represents and what it can be used for.
copyrightHolder
string
The party holding the legal copyright. Empty by default.
name
*
string
Descriptive name or title of the asset.
type
*
string
Asset type. Includes "dataset"
(e.g. csv file), "algorithm"
(e.g. Python script). Each type needs a different subset of metadata attributes.
author
*
string
Name of the entity generating this data (e.g. Tfl, Disney Corp, etc.).
license
*
string
Short name referencing the license of the asset (e.g. Public Domain, CC-0, CC-BY, No License Specified, etc. ). If it's not specified, the following value will be added: "No License Specified".
links
Array of string
Mapping of URL strings for data samples, or links to find out more information. Links may be to either a URL or another asset.
contentLanguage
string
tags
Array of string
Array of keywords or tags used to describe this content. Empty by default.
categories
Array of string
Array of categories associated to the asset. Note: recommended to use tags
instead of this.
additionalInformation
Object
Stores additional information, this is customizable by publisher
algorithm
**
Information about asset of type
algorithm
* Required
** Required for algorithms only
Services define the access for an asset, and each service is represented by its respective datatoken.
An asset should have at least one service to be actually accessible and can have as many services which make sense for a specific use case.
id
*
string
Unique ID
type
*
string
Type of service access
, compute
, wss
etc.
name
string
Service friendly name
description
string
Service description
datatokenAddress
*
string
Datatoken
serviceEndpoint
*
string
Provider URL (schema + host)
files
*
Encrypted file.
timeout
*
number
Describing how long the service can be used after consumption is initiated. A timeout of 0
represents no time limit. Expressed in seconds.
compute
**
If service is of type
compute
, holds information about the compute-related privacy settings & resources.
consumerParameters
An object the defines required consumer input before consuming the asset
additionalInformation
Object
Stores additional information, this is customizable by publisher
* Required
** Required for compute assets only
The files
field is returned as a string
which holds the encrypted file URLs.
By default, a consumer can access a resource if they have 1 datatoken. Credentials allow the publisher to optionally specify more fine-grained permissions.
Consider a medical data use case, where only a credentialed EU researcher can legally access a given dataset. Ocean supports this as follows: a consumer can only access the resource if they have 1 datatoken and one of the specified "allow"
credentials.
This is like going to an R-rated movie, where you can only get in if you show both your movie ticket (datatoken) and some identification showing you're old enough (credential).
Only credentials that can be proven are supported. This includes Ethereum public addresses and in the future W3C Verifiable Credentials and more.
Ocean also supports deny
credentials: if a consumer has any of these credentials, they can not access the resource.
Here's an example object with both allow
and deny
entries:
In order to ensure the integrity of the DDO, a checksum is computed for each DDO:
The checksum hash is used when publishing/updating metadata using the setMetaData
function in the ERC721 contract, and is stored in the event generated by the ERC721 contract.
Aquarius should always verify the checksum after data is decrypted via a Provider API call.
Each asset has a state, which is held by the NFT contract. The possible states are:
0
Active
Yes
Yes
Yes
1
End-of-life
Yes
No
No
2
Deprecated (by another asset)
No
No
No
3
Revoked by publisher
No
No
No
4
Ordering is temporary disabled
Yes
No
Yes
5
Asset unlisted.
No
Yes
Yes
States details:
Active: Assets in the "Active" state are fully functional and available for discovery in Ocean Market, and other components. Users can search for, view, and interact with these assets. Ordering is allowed, which means users can place orders to purchase or access the asset's services.
End-of-life: Assets in the "End-of-life" state remain discoverable but cannot be ordered. This state indicates that the assets are usually deprecated or outdated, and they are no longer actively promoted or maintained.
Deprecated (by another asset): This state indicates that another asset has deprecated the current asset. Deprecated assets are not discoverable, and ordering is not allowed. Similar to the "End-of-life" state, deprecated assets are not listed under the owner's profile.
Revoked by publisher: When an asset is revoked by its publisher, it means that the publisher has explicitly revoked access or ownership rights to the asset. Revoked assets are not discoverable, and ordering is not allowed.
Ordering is temporarily disabled: Assets in this state are still discoverable, but ordering functionality is temporarily disabled. Users can view the asset and gather information, but they cannot place orders at that moment. However, these assets are still listed under the owner's profile.
Asset unlisted: Assets in the "Asset unlisted" state are not discoverable. However, users can still place orders for these assets, making them accessible. Unlisted assets are listed under the owner's profile, allowing users to view and access them.
The following fields are added by Aquarius in its DDO response for convenience reasons, where an asset returned by Aquarius inherits the DDO fields stored on-chain.
These additional fields are never stored on-chain and are never taken into consideration when hashing the DDO.
The nft
object contains information about the ERC721 NFT contract which represents the intellectual property of the publisher.
address
string
Contract address of the deployed ERC721 NFT contract.
name
string
Name of NFT set in contract.
symbol
string
Symbol of NFT set in contract.
owner
string
ETH account address of the NFT owner.
state
number
created
ISO date/time string
Contains the date of NFT creation.
tokenURI
string
tokenURI
The datatokens
array contains information about the ERC20 datatokens attached to asset services.
address
string
Contract address of the deployed ERC20 contract.
name
string
Name of NFT set in contract.
symbol
string
Symbol of NFT set in contract.
serviceId
string
ID of the service the datatoken is attached to.
The event
section contains information about the last transaction that created or updated the DDO.
Contains information about an asset's purgatory status defined in list-purgatory
. Marketplace interfaces are encouraged to prevent certain user actions like adding liquidity on assets in purgatory.
state
boolean
If true
, asset is in purgatory.
reason
string
If asset is in purgatory, contains the reason for being there as defined in list-purgatory
.
The stats
section contains different statistics fields.
orders
number
How often an asset was ordered, meaning how often it was either downloaded or used as part of a compute job.
For algorithms and datasets that are used for compute to data, there are additional fields and objects within the DDO structure that you need to consider. These include:
compute
attributes
publisherTrustedAlgorithms
consumerParameters
Details for each of these are explained on the Compute Options page.
The below diagram shows the detailed DDO schema depicting the content of each data structure and the relations between them.
Please note that some data structures apply only on certain types of services or assets.
Version information in notation referring to this DDO spec version, like 4.1.0
.
The language of the content. Use one of the language codes from the
State of the asset reflecting the NFT contract value. See