I started a JavaScript implementation of https://wallet.storage/spec called wallet-attached-storage-server and pushed it to https://github.com/did-coop/wallet-attached-storage-server.
I'm hoping it can serve as a good reference implementation as the spec evolves.
Right now it feels kind of like a weak link of the social web is that there is often too much coupling between a given social server and some specific identity server(s). The most common thing is that they are one in the same. But what's the point of using a conformant interoperable decentralized social media server if it only lets you use its own identity system? And why should the social app developer choose the allowed identity providers and not have this chosen by the end-user?
I want to be in control of my identities on the web and be able to reuse them across the whole web if i want to. I shouldn't have to create a new account/password/email on every fediverse server...
By supporting features of digital identity wallets that run on whichever devices the end user chooses, we factor the responsibilities for identification and authentication out of any one social server OR client OR protocol.
The side effect of this is also that then you can reuse an identity across many or all of the social sites and forums you visit (not to mention offline). That's what I want, and I think a lot of people want, but so far in many ways the social web has not provided.
More importantly, a wallet enables reuse of verification methods. An example of a verification method is a cryptographic key. There could be many distinct identities that all reuse a verification method. The verification method enables its controller to make verifiable claims, e.g. to verifiably identify as one or more identities, verifiably claim to lose control over an identity, etc. Verification methods can be reused not only across identities within a context or protocol, but even across protocols.
We should embrace that the 'same thing' (e.g. your or me) will have many concurrent identifiers, and that separate identifiers will refer to the 'same thing'. There is no spoon.
If the wallet that lets you verify your identities could store, share, and receive all kinds of data would you even need a separate server just for 'social' data 🤔?