Exchange Protocols - CHAPI, VC Api, WACI…
Background
- Figuring out Verifiable Credentials Exchange - combining Bloom, Aires Protocols, Presentation Exchange into a unified - Killer Whale Jello Salad From: IDCommons By: Kaliya Young, Orie Steele, Drummond, Kyle, et al. Type: Session notes Date: 2021-05-06
- BBS+ Credential Exchange in Hyperledger Aries From: IDCommons Type: Session notes Date: 2021-05-06
- Credentials Exchange - figuring it out - (Jello Bowl Death Match?) From: IDCommons Type: Session notes Date: 2021-05-06 Tech: DIDComm, Verifiable Credential Exchange, Aries Protocol, Bloom Protocol, Presentation Exchange
Important parts of the protocol - what format you want is in an attachment.
You can provide multiple attachments - request things in multiple formats
You have the option of responding in different formats.
Messages - that go back and forth and messages that respond with different formats.
19:18:25 From Sebastian Schmittner : Is there some working implementation out there to actually generate/work with these VCs shown currently?
19:18:58 From Troy Ronda : aries-framework-go is one of them.
19:19:24 From Karim Stekelenburg : The ACA-Py implementation will be merged in shortly
19:20:50 From Stephen Curran : PR: https://github.com/hyperledger/aries-cloudagent-python/pull/1061
19:22:02 From Sebastian Schmittner : awesome! We are doing some prototyping right now where we are using JSON-LD VCs with the americans, but, since we are also running a node in the HL Indy network of ID Union, it would be really great if we could bridge the Ocean here ;)
The ultimate goal is to get to a clear exchange protocols.
Also to have a paper similar to this one that outlines the choice landscape that is and points to a convergence point
Good Health Pass is literally right now trying to figure this out and will “pick” solutions it needs to get implementations working in the next 30-90 days and point the whole industry in one direction.
We started out with this framework of understanding
Contextualizing VC Exchange in Layers
Verifiable Credentials (VC or VCs) is one of the key standardized components of decentralized identity. The VCs Data Model, defined at the W3C, is a universal data format that lets any entity express anything about another entity. It provides a common mechanism for the interoperable implementation of digital credentials that are cryptographically secure, tamper-evident, privacy-respecting, and machine-verifiable.
There clarity emerging on standards that are interoperable with one another for the VC format.
There is less clarity on the Exchange mechanisms.
One way that has been proposed to look at the exchange options available is to see them in different layers.
CHAPI
- chapi.io launches, includes VC playground From: CCG By: Manu Sporny Type: Discussion Date: 2022-06-27
- TrustBloc - Duty Free Shop use case (CHAPI Save + WACI Share) From: TrustBloc Type: Video Date: 2021-10-12
- VC-API Diagram for today. Focus on CHAPI From: CCG Mailing List By: Joe Andrieu Type: Discussion Date: 2021-11-02
- chapi.io launches, includes VC playground From: CCG Mailing List By: Manu Sporny Type: Discussion Date: 2022-06-27
- chapi.io playground upgrades - credential selector, resident card From: CCG Mailing List By: Manu Sporny Type: Discussion Date: 2022-07-27
- Jobs For The Future VC added to chapi.io playground From: CCG Mailing List By: Manu Sporny Type: Discussion Date: 2022-07-13
TL;DR: chapi.io is a site that helps developers integrate Verifiable Credential issuance, holding, and presentation into their applications. It includes a playground that can issue arbitrary VCs to digital wallets (web and native). It also includes tutorials on how Web Developers can add CHAPI integration to their websites. All you need to try it out is a web browser.
This video demonstrates the TrustBloc platform to Issue a W3C Verifiable Credential through CHAPI and Share the Verifiable Credential/Presentation through WACI.
We’ll be discussing this on today’s call.
TL;DR: chapi.io is a site that helps developers integrate Verifiable Credential issuance, holding, and presentation into their applications. It includes a playground that can issue arbitrary VCs to digital wallets (web and native). It also includes tutorials on how Web Developers can add CHAPI integration to their websites. All you need to try it out is a web browser.
The credential selector is an icon-based selector for all the credentials that the chapi.io playground currently supports issuing. You can now click on an image of the credential you’d like to issue. […] We have added a permanent resident card from the fictitious Government of Utopia to the list of credentials that can be issued. This credential uses the Citizenship Vocabulary […] You can try both of these new features out in the playground
TL;DR: In an attempt to support the current Jobs for the Future Plugfest, an Open Badge v3.0 example for an Academic Achievement has been added to the chapi.io playground. You can now see what a JFF badge issuance and transfer to a Holder wallet looks like in CHAPI (on mobile and web, on any device that can run a web browser). Images of the flow are attached.
VC Api
- Verifiable Credentials API v0.3 From: CCG Type: Specification Date: 2023-04-20
- Test Interoperability Report for Verifiable Credentials API Issuer From: CCG Type: Report Date: 2023-05-28
- VC API Verifier Interoperability Report 1.0 From: CCG Type: Report Date: 2023-05-28
- Ed25519Signature 2020 Interoperability Report 1.0 From: CCG Type: Report Date: 2023-05-28
- Status List 2021 Interoperability Report 1.0 From: CCG Type: Report Date: 2023-05-28
- 13E/ VC-HTTP-API discussion -FAQ, vs other APIs, etc- From: IDCommons By: Dmitri Zagidulin Type: Session notes Date: 2023-05-21 Event: IIW
- VC HTTP API Special Topic Call From: CCG Type: Minutes Date: 2021-04-22
- VC HTTP API Proposals Under Consideration
- Use Cases Document
- Scope of VC HTTP API
- VC HTTP API Specification Structure
The W3C Credentials Community Group Verifiable Credential APIs are a set of RESTful API definitions conforming with the OpenAPI 3.0 Specification that support Verifiable Credential Lifecycle Management such as Issuing, Holding/Presentation/Exchange, and Verification for the roles of Issuer, Holder, and Verifier as described in the Verifiable Credential Data Model specification.
This is a test suite to demonstrate interoperability of issuers using the VC HTTP API.
This test suite demonstrates the interoperability of verifiers using the VC HTTP API.
The purpose of this test suite is to demonstrate a path to interoperability for the Ed25519 Signature 2020. The technologies explored in this test suite are experimental. This document contains the most recent interoperability report for Ed25519 Signature 2020.
The purpose of this test suite is to demonstrate a path to interoperability for StatusList2021 .
We are going to go through the API and address the challenges… currently only have a YAML file and missing a lot of other documentation. We are going to address these issues with the goal of concrete proposals the community can provide feedback on.
WACI
- Wallet And Credential Interactions From: DIF Related: Bloom Type: Specification Date: 2022-03-16
- Bloom donates WACI to the Decentralized Identity Foundation (DIF) From: Bloom Type: Post Date: 2021-06-21 Event: IIW32
- Wallet And Credential Interactions for DIDComm From: DIF Type: Specification Date: 2023-01-16
There are interactions between a wallet and relying party that require passing information between the two. WACI provides a standard for these interactions.
WACI was introduced at the annual IIW32 Workshop with a very warm response. Its goal is to specify how interactions between a wallet and Relying Party (RP) such as an issuer or a verifier happen. At its core, WACI is a handshake of JWTs, where the RP signs a JWT that is given to the wallet, and the wallet signs another JWT containing the initial token as a “challenge” claim. This allows the wallet to prove ownership of its DID.
The easiest way to see the benefit of WACI is to offer a way to log into an application without a password with Verified Credential (VC) based authentication that cannot be faked.
This document describes an interoperability profile which incorporates elements from a number of existing specifications and protocols, without assuming or requiring an implementer to understand all of them. It inherits its overall structure from the current pre-draft of WACI, but makes use of elements from the DIDComm v2.0 messaging protocol, along with Aries Present Proof message formats and DIF Presentation Exchange data objects. This version of the specification also restricts itself to Verifiable Credentials that make use of the JsonWebSignature2020 signature suite and Ed25519Signature2018 signature suite.
Message Format
- Presentation Exchange From: DIF Type: Specification Date: 2023-03-31
- Credential Manifest From: DIF Type: Specification Date: 2023-05-04
A common activity between peers in identity systems that feature the ability to generate self-asserted and third-party issued Claims is the demand and submission of proofs from a Holder to a Verifier. This flow implicitly requires the Holder and Verifier have a mechanism to facilitate the two primary steps in a proving exchange: a way for Verifiers to describe proof requirements, and for Holders to describe submissions of proof which align with those requirements.
For User Agents (e.g. wallets) and other service that wish to engage with Issuers to acquire credentials, there must exist a mechanism for negotiating (via services and interfaces that are out of scope) what inputs are required from a Subject to process a request for credential(s) issuance. The Credential Manifest is a common data format for describing the inputs a Subject must provide to an Issuer for subsequent evaluation and issuance of the credential(s) indicated in the Credential Manifest, i.e. for a Subject to become a Holder.
Assorted
- Negotiate Proof From: Hyperledger Type: Docs Date: 2018
- Aries RFC 0023: DID Exchange Protocol 1.0 From: Hyperledger Type: Rfc Date: 2021-04-15
- Dynamic Data Sharing Hub: A target component for criteria searches on distributed structured data From: IDCommons By: Paul Knowles Type: Session notes Date: 2021-05-07 Event: IIW
- #6 - The Importance of Data Inputs and Semantics for SSI with Paul Knowles from Human Colossus Foundation From: SSI Orbit Type: Episode Date: 2023-05-17
- Dynamic Data Sharing Hub - DDSH - Patient Recruitment Use Case From: Human Colossus Foundation Type: Presentation Date: 2023-05-18
After an issuer has completed the “Save Schema and Cred Def” and “Issue Credential” how-tos, you have all the context for a credential holder and a relying party (verifier) to generate a zero-knowledge proof based on the credential.
This RFC describes the protocol to exchange DIDs between agents when establishing a DID based relationship.
Aries agent developers want to create agents that are able to establish relationships with each other and exchange secure information using keys and endpoints in DID Documents. For this to happen there must be a clear protocol to exchange DIDs.
Dynamic Data Economy is a roadmap towards fair, decentralized and authentic data economy. Many times people are referring to blockchain technology as a revolution within digital space. But often they actually mean something more profound: the promise of Decentralisation brought by blockchain. A Dynamic Data Economy brings decentralization outside the technology realm into digital solutions for any economic actors. It does so by decentralizing all layers of the ecosystem:
In terms of decentralized data initiatives, Paul is the innovation lead behind the Master Mouse Model (MMM), a conceptual model for a Dynamic Data Economy (DDE) – a safe and secure data sharing economy. He is also the inventor of the Overlays Capture Architecture (OCA) and the main spearhead behind the Blinding Identity Taxonomy (BIT), both of which facilitate a unified data language so that harmonized data can be utilized by dynamic data sharing hubs for improved data science, statistics, analytics and other meaningful services.
Purpose-based Service Providers
• A company’s “why” is a collective sense of purpose that reflects the company’s merit, trustworthiness, and authenticity. It is the feeling the company wants their customers to experience when they engage with proprietary products and services – the identity that their customers want to align with.
• Establishing authentic communication channels in a peer-to-peer networking environment provides the basis to initiate transaction flows for consented data capture and data sharing between an organisation and the data subject (or a delegate/guardian acting on behalf of the data subject).
• The initial point of new data entry into a decentralised data ecosystem.
Insight Based Service Providers
• The value of data insights is not only to learn and enable validated decision-making, but also to make everybody in the company’s ecosystem ‘move’ in the same direction. As today’s world is volatile, uncertain, complex and ambiguous, insights need to be generated continuously rather than once in a while.
• Data insights gained from analysing sets of information that pertain to a given topic (or situation) enables businesses to make better-informed decisions, reducing the risk that comes with trial-and-error testing methods. Semantic harmonisation enables criteria searches on structured data from multiple sources, providing the basis to initiate a transaction flow for consented data access between the requesting party and the data governance authority (acting on behalf of consenting data subjects).
• Searching for existing data in a decentralised data ecosystem.