There are several security and privacy considerations that implementers would want to take into consideration when implementing this specification.
ZK DID Method prevents forgery and falsification through Arweave and Digital Signature. With Arweave, all DID Documents are stored permanently. With digital signature, only the controller of the DID Document is capable of managing the DID Document.
Eavesdropping attacks are not applicable since all exchanged data is public and does not include any personal information about the user.
As described in the Supported Cryptography section, currently EcdsaSecp256k1VerificationKey2019, Ed25519 and X25519KeyAgreementKey2019 are supported. This can be easily extended by using other multicodec encoded keys.
Since the key material is part of the identifier, and there is no support for key rotation at present, if the key is compromised then the identifier becomes unusable and unrecoverable.
The syntax and construction of a ZK DID and its associated DID Document helps to ensure that no Personally Identifiable Information (PII) or other personal data is exposed by these constructs.
Further, Implementers are strongly encouraged to review the [Security Considerations section](https://w3c.github.io/did-imp-guide/#security-considerations.) and the Privacy Considerations section of the DID Implementation Guide.
In addition, consult the Security Considerations section and the Privacy Considerations section of the Decentralized Identifiers (DIDs) (DID-CORE) specification