Used to check for browser translation.
用于检测浏览器翻译。
ブラウザの翻訳を検出する

Work with Verifiable Credentials

wangqi
2024-01-06 02:59
· edited

@arcblock/vc includes several utility functions to issue and verify verifiable credentials and their presentations.

Add Library to project#

Add @arcblock/vc to your project before creating or verifying any verifiable credential.

npm install @arcblock/vc -S
# yarn add @arcblock/vc

Issue Verifiable Credential#

Create a verifiable credential, the result can be sent and stored in DID Wallet.

Usage: create(params), the param should be like:

Param

Type

Description

params.type

string

The type of credential, can be an array

params.subject

object

The content of credential

params.issuer

object

The issuer name and wallet

params.issuanceDate

Date

Default to now

params.expirationDate

Date

Default to null, never expire

params.endpoint

String

Status endpoint url

params.endpointScope

String

Endpoint scope, either be public or private

Basic Credential#

Example:

const { create } = require("@arcblock/vc");
const { fromRandom, fromSecretKey, fromAddress } = require("@ocap/wallet");

// the verifiable credential issuer,
// in real word applications, you should replace fromRandom with fromSecretKey
// const issuer = fromSecretKey(process.env.VC_ISSUER_SK);
const issuer = fromRandom();

// the verifiable credential holder
// in real word applications, you should replace fromRandom with fromAddress
// const holder = fromAddress(process.env.ENV_HOLDER);
const holder = fromRandom();

const vc = create({
type: "CourseCertificate",
issuer: {
name: "Online Course Platform",
wallet: issuer,
},
subject: {
// the only required field in subject, the id of the holder
id: holder.address,
// other fields can be customized
completed: {
course: "Developer Training Program",
},
},
});

console.log(vc);

Simple Verifiable Credential

Add Credential Display#

const vc = create({
type: "CourseCertificate",
issuer: {
name: "Online Course Platform",
wallet: issuer,
},
subject: {
id: holder.address,
completed: {
course: "Developer Training Program",
},
display: {
content: "https://www.example.com/api/vc/display",
type: "url",
},
},
});

console.log(vc);

Verifiable Credential With Display

Add Credential Endpoint#

const vc = create({
type: "CourseCertificate",
issuer: {
name: "Online Course Platform",
wallet: issuer,
},
subject: {
id: holder.address,
completed: {
course: "Developer Training Program",
},
},
endpoint: "https://www.example.com/api/vc/status",
});

console.log(vc);

Verifiable Credential With Endpoint

Verify Verifiable Credential#

Verify that the verifiable credential is valid:

  • The credential is signed by a whitelist of issuers
  • The credential is owned by the holder
  • The credential has valid signature by the issuer
  • The credential is not expired

Usage: verify(vc, ownerDid, trustedIssuers)

Param

Type

Description

vc

object

the verifiable credential object

ownerDid

string

the holder/owner did

trustedIssuers

Array

the list of issuer did

Example:

const { verify } = require("@arcblock/vc");
const { fromSecretKey, fromAddress } = require("@ocap/wallet");

// the verifiable credential issuer,
const issuer = fromSecretKey(process.env.VC_ISSUER_SK);

// the verifiable credential holder
const holder = fromAddress(process.env.ENV_HOLDER);

// verify the credential just created or received from user
const isValid = verify({
vc,
ownerDid: holder.address,
trustedIssuers: issuer.address,
});

Verify Credential Presentation#

When your application requested and received a verifiable credential from the user, you must verify it before trust and use it.

  • The verifiable credential presentation is a special credential signed by the credential holder who claims to own the credential.
  • Usually a random challenge is generated and sent to user when requesting the presentation

The basic verification process:

  • Ensure the presentation is signed by the verifiable credential holder
  • Ensure the presentation contains the challenge
  • Ensure the verifiable credential has a valid signature by the issuer
  • Ensure the verifiable credential is not expired

Usage: verifyPresentation(presentation, trustedIssuers, challenge)

Param

Type

Description

presentation

object

the presentation object

trustedIssuers

Array

list of issuer did

challenge

string

Random byte you want

Example:

const presentation = {
verifiableCredential: [
'{"@context":"https://schema.arcblock.io/v0.1/context.jsonld","credentialSubject":{"emailDigest":"rDh76MCmM1tEPS8Qd1xGThFJfskGP2PSO8aNqv58IhQ","id":"z1QUxXyLNRWv18ubUdcuu7iPTQdWzRy294C","method":"SHA3"},"id":"z2iUJs3vdJnE1CkaYDPAm1EEWVbNPpcEm6QhL","issuanceDate":"2020-03-30T09:56:31.175Z","issuer":{"id":"zNKrLtPXN5ur9qMkwKWMYNzGi4D6XjWqTEjQ","name":"ArcBlock.KYC.Email","pk":"zDLTrgAHr33NyKx9eD9PFUqySHjGnXpHL7upNvCySx1s4"},"proof":{"created":"2020-03-30T09:56:31.180Z","jws":"EtT4SMpmPK5AhGBstJNnymJ9lwQVC2cI-1N5O3o3iGT8gVB0lfg9oGlCGpwsuK1Zn1lLiNEYBD7eKFjwcA0rCw","proofPurpose":"assertionMethod","type":"Ed25519Signature"},"type":"EmailVerificationCredential"}',
],
type: "Ed25519Signature",
proof: {
type: "Ed25519Signature",
proofPurpose: "assertionMethod",
pk: "zJ5bH7Jy27jSDf3AE3ntoRwNBhPRX6RXaSwTUh272jwK5",
jws: "ua-2kBFcn8rwNcd1BkckETnjQTW8nA5EcJ8PcXWirqB51SV9RaHvUChyFFUz_DLL_T-xlwcaQPaW0_q9Hkx3BQ",
created: "2020-03-31T11:48:02Z",
},
challenge: "257A2EC62ED802304F65624C73A53CAA",
"@context": ["https://schema.arcblock.io/v0.1/context.jsonld"],
};
const result = verifyPresentation({
presentation,
trustedIssuers: ["zNKrLtPXN5ur9qMkwKWMYNzGi4D6XjWqTEjQ"],
challenge: "257A2EC62ED802304F65624C73A53CAA",
});
console.log(result);



Sticker