Identity & Onboarding Changelog - v7.4 to v8.0
This page covers changes to the Identity pallet and the group pallet instance formerly known as CddServiceProviders. It is part of the v7.4 → v8.0 changelog. For the conceptual model (why DID-only onboarding, what a DID registrar is), see Identity Onboarding and Roles — this page only covers the pallet-level call/event/error/storage changes.
Audience: anyone registering identities, verifying onboarding status, or managing DID registrars directly against the chain.
Overview
Chain v8 completes a rename that runs through the whole pallet: CDD service providers become DID registrars. This is not a cosmetic rename — v7.4 already allowed accounts to hold POLYX and stake without a DID (see the Balances & Transfers changelog), and v8 extends that by adding a way to obtain a DID itself without going through a CDD-attesting authority: self_register_did. The CDD-attesting flow (cdd_register_did, cdd_register_did_with_cdd) still exists for identities that need a CustomerDueDiligence claim attached — it is not removed.
Child identities are also removed in v8.
Breaking changes
1. CddServiceProviders renamed to DidRegistrars
The underlying pallet is unchanged — it's the same pallet_group instance, with identical calls (set_active_members_limit, disable_member, add_member, remove_member, swap_member, reset_members, abdicate_membership). Only the runtime name changes: calls, events, and errors that were routed through CddServiceProviders are now routed through DidRegistrars. Anything that references the pallet by name string breaks.
Identity::Config::CddServiceProviders is also renamed to Identity::Config::DidRegistrars, and Identity::Config::CddHandler is renamed to Identity::Config::TxFeeHandler.
2. accept_primary_key and rotate_primary_key_to_secondary drop the CDD authorization argument
// v7.4
accept_primary_key(rotation_auth_id: u64, optional_cdd_auth_id: Option<u64>)
rotate_primary_key_to_secondary(auth_id: u64, optional_cdd_auth_id: Option<u64>)
// v8.0
accept_primary_key(rotation_auth_id: u64)
rotate_primary_key_to_secondary(auth_id: u64)
3. Removed calls, with no replacement
invalidate_cdd_claimschange_cdd_requirement_for_mk_rotationcreate_child_identitycreate_child_identitiesunlink_child_identity
Both the IdentityApi Runtime API and its JSON-RPC wrappers lose the corresponding methods in step with this shift: IdentityApi::is_identity_has_valid_cdd/identity_isIdentityHasValidCdd and IdentityApi::valid_cdd_claims/identity_validCDDClaims are all gone in v8 — see Runtime APIs & RPC.
4. Renamed errors
| v7.4 | v8.0 |
|---|---|
UnAuthorizedCddProvider | UnAuthorizedDidRegistrar |
InvalidAuthorizationFromCddProvider | InvalidAuthorizationFromDidRegistrar |
NotCddProviderAttestation | NotDidRegistrarAttestation |
TargetHasNoCdd | TargetDidInactive |
UnauthorizedCallerDidMissingCdd | UnauthorizedCallerDidInactive |
5. Removed errors
IsChildIdentity, NoParentIdentity, NotParentOrChildIdentity (child identities), and AccountBasedPortfoliosCannotHaveCustodians (superseded by the AssetHolder model — see Native Asset Holdings).
6. Removed events
CddRequirementForPrimaryKeyUpdated(paired with the removedchange_cdd_requirement_for_mk_rotationcall)CddClaimsInvalidated(paired with the removedinvalidate_cdd_claimscall)ChildDidCreated,ChildDidUnlinked(child identities)AssetDidRegistered(legacy ticker-to-DID linkage)
7. Removed storage
CddAuthForPrimaryKeyRotation, CurrentPayer, ChildDid, ParentDid.
New features
register_did and self_register_did
register_did(target_account: AccountId)
self_register_did()
register_did is callable only by an active DID registrar, and registers a DID for target_account with no secondary keys and no CDD claim. self_register_did is fully permissionless — any account not already linked to an identity can call it to create its own DID, again with no CDD claim. Per the pallet source: "This allows users to self onboard without needing to go through a DID registrar (formerly CDD provider). No CDD claim is added — DID existence is sufficient for onboarding."
What did not change
cdd_register_didandcdd_register_did_with_cdd— the CDD-attesting registration flow that also adds aClaim::CustomerDueDiligenceclaim — are unchanged and still require the caller to be a DID registrar.gc_add_cdd_claim/gc_revoke_cdd_claim(governance-council-administered CDD claims) are unchanged.- The
CustomerDueDiligenceclaim variant itself still exists in theClaimenum — CDD as a concept is not removed, only the requirement that basic onboarding go through it. pallets/group(the crate backingDidRegistrars) has no functional changes.
Migration checklist
- Update any code that references the
CddServiceProviderspallet by name toDidRegistrars. - Drop the
optional_cdd_auth_idargument fromaccept_primary_keyandrotate_primary_key_to_secondarycalls. - Stop calling
invalidate_cdd_claims,change_cdd_requirement_for_mk_rotation,create_child_identity,create_child_identities, orunlink_child_identity— none exist on v8. - Update error handling for the CDD→DID-registrar error renames (#4 above), and remove handling for the child-identity errors.
- If you need a lightweight, no-CDD-claim path to onboard new identities, use
self_register_did(permissionless) orregister_did(DID-registrar-gated) instead of building a claim-issuing flow. - If you rely on
Identity::Config::CddServiceProvidersor::CddHandlerin custom runtime code, update to::DidRegistrars/::TxFeeHandler.
For the complete literal list of every added/removed/modified call, event, error, storage item, and constant on Identity, see the Full Pallet API Reference. For the IdentityApi Runtime API and JSON-RPC method removals, see Runtime APIs & RPC.