0.0.1 • Published 3 years ago

@jchartrand/sign-and-verify-base v0.0.1

Weekly downloads
-
License
MIT
Repository
github
Last release
3 years ago

sign-and-verify-core

Signing and verification of Verifiable Credentials and Verifiable Presentations using a provided unlocked DID Document.

Usage

Install the npm package:

npm i sign-and-verify-core
OR
yarn add sign-and-verify-core

create an issuer:

import getDefaultIssuer from sign-and-verify-core;
const { sign, requestDemoCredential, verify, signPresentation, createAndSignPresentation, verifyPresentation } = getDefaultIssuer(unlockedDIDDocument)

const sampleCredential = {
  "@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"id":"http://example.gov/credentials/3732","type":["VerifiableCredential","UniversityDegreeCredential"],"issuer":"did:web:digitalcredentials.github.io","issuanceDate":"2020-03-10T04:24:12.164Z","credentialSubject":{"id":"did:example:abcdef","degree":{"type":"BachelorDegree","name":"Bachelor of Science and Arts"}}}' 
  
  

// sign

const result = sign(sampleCredential, options)

const result = verify(signedCredential)
// signPresentation

Reference: vc-http-api /issue/credentials

Verify Presentation

For verifiers to verify (check the proof) of a Verifiable Presentation (VP).

Current DCC implementations also use this endpoint for a special case of VP verification, to implement a lightweight version of DID auth. The learner's wallet generates a VP proving control over the DID (it's a VP without a VC), and the issuer checks the proof.

Additional implementation details are Overview of Credential Request Flow

General Format

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"verifiablePresentation": <Verifiable Presentation> \
            "options": <Verification Options>' \
    <sign-and-verify-service>/verify/presentations

Example

Request:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"type":["VerifiablePresentation"],"id":"456","holder":"did:web:digitalcredentials.github.io","proof":{"type":"JsonWebSignature2020","created":"2020-11-12T22:00:33.393Z","challenge":"123","jws":"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA","proofPurpose":"authentication","verificationMethod":"did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"}}' \
  http://127.0.0.1:5000/verify/presentations

Reference: vc-http-api /verify/presentations

Generate proof of control

non-standard

This is used by the learner's wallet (as a library) to generate proof of control over a DID. This is a special case of /prove/presentations (which this also implements), but customizes for this use case.

General Format

curl --header "Content-Type: application/json" \
  --request POST \
  --data '<PROOF OPTIONS>' \
    <sign-and-verify-service>/generate/controlproof

PROOF_OPTIONS look like this:

{
  "presentationId": "<optional; provided by the wallet>",
  "holder": "<did proving control over>",
  "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs",
  "challenge": "<challenge provided by issuer and passed through from wallet; should match>"
}

--data '{"presentationId": "456", "holder": "did:web:digitalcredentials.github.io", "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs", "challenge": "123"}' http://127.0.0.1:5000/generate/controlproof

Response:

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.w3.org/2018/credentials/examples/v1",
    "https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"
  ],
  "type": [
    "VerifiablePresentation"
  ],
  "id": "456",
  "holder": "did:web:digitalcredentials.github.io",
  "proof": {
    "type": "JsonWebSignature2020",
    "created": "2020-11-12T22:00:33.393Z",
    "challenge": "123",
    "jws": "eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA",
    "proofPurpose": "authentication",
    "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"
  }
}

Verify Credential

--data '{"verifiableCredential": \ "options": ' \ /verify/credentials

{"@context":["https://www.w3.org/2018/credentials/v1","https://www.w3.org/2018/credentials/examples/v1","https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"],"id":"http://example.gov/credentials/3732","type":["VerifiableCredential","UniversityDegreeCredential"],"issuer":"did:web:digitalcredentials.github.io","issuanceDate":"2020-03-10T04:24:12.164Z","credentialSubject":{"id":"did:example:abcdef","degree":{"type":"BachelorDegree","name":"Bachelor of Science and Arts"}},"proof":{"type":"JsonWebSignature2020","created":"2020-11-12T23:56:27.928Z","jws":"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..2DppQ4Euf9PUX6NrFPyJwHKPmeAqNWAC6UH8kiFNbsoiinebPpwdortHe-bLzDOQ_W7MQD5nqOnNN8JIVGarAA","proofPurpose":"assertionMethod","verificationMethod":"did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"}}

Request a Demo Credential

With proof of control of DID. <REQUEST_PAYLOAD> is a Verifiable Presentation proving control of the did. See details below.

Example

curl --header "Content-Type: application/json" \
  --request POST \
  --data <REQUEST_PAYLOAD> \
  http://127.0.0.1:5000/request/democredential

Without proof of control of DID

Example

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"holder": "did:example:me"}' \
  http://127.0.0.1:5000/request/democredential/nodidproof
Verifiable Presentation (formatted):

Formatted for clarity and security-context normalized. This payload is passed through from subject (REQUEST_PAYLOAD):

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.w3.org/2018/credentials/examples/v1",
    "https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"
  ],
  "type": [
    "VerifiablePresentation"
  ],
  "id": "456",
  "holder": "did:web:digitalcredentials.github.io",
  "proof": {
    "type": "JsonWebSignature2020",
    "created": "2020-11-12T22:00:33.393Z",
    "challenge": "123",
    "jws": "eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..nuQE1vdLcf0YJSI_ojCdOpkQ53Amf4admAfA1eds9ONz9iskp5NBHqoz_YpzyRPxRvj4zblDDAhR524Dn4BtBA",
    "proofPurpose": "authentication",
    "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs"
  }
}
Options (formatted):

Formatted for clarity.

{
  "verificationMethod": "did:web:digitalcredentials.github.io#96K4BSIWAkhcclKssb8yTWMQSz4QzPWBy-JsAFlwoIs",
  "challenge": "123"
}

References

This assumes familiarity with the basics of the W3C Verifiable Credentials Data Model. Two key concepts are:

Development

To make changes to the package:

Install

npm run install

Build

npm run build

Test

npm run test

Publish to NPM

npm ????
npm publish
@transmute/json-web-key-2020@transmute/json-web-signature-2020josejsonldjsonld-signaturesuuidvc-js
0.0.1

3 years ago