PyVckit

PyVckit is a library for:

• sign verifiable credentials
• verify verifiable credentials
• generate verifiable presentations
• verify verifiable submissions

This library is strongly inspired by SpruceId didkit and aims to maintain compatibility with it.

For now the supported cryptography is only EdDSA with a signature Ed25519Signature2018.

Install

For now the installation is from the repository:

    python -m venv env
    source env/bin/activate
    git clone https://gitea.pangea.org/ereuse/pyvckit.git
    cd pyvckit
    pip install -r requirements.txt
    pip install -e .

Cli

The mode of use under the command line would be the following:

generate a key pair:

    python did.py -n keys > keypair.json

generate a did identifier:

did key

  python did.py -n did -k keypair.json

did web

  python did.py -n did -k keypair.json -u https://localhost/user1/dids/

generate an example signed credential:

An example of a credential is generated, which is the one that appears in the credential_tmpl template in the file templates.py

    python sign_vc.py -k keypair.json > credential_signed.json

verify a signed credential:

    python verify_vc.py credential_signed.json

generate a verifiable presentation:

    python sign_vp.py -k keypair.json -c credential_signed.json > presentation_signed.json

verify a verifiable presentation:

    python verify_vp.py presentation_signed.json

creation of did document:

This command will create a json document and a url path where to place this document. The did must be a web did. This document is an example and in production it must be adapted to contain the revoked verifiable credentials.

  python did.py -k keypair.json -g did:web:localhost:did-registry:z6MkiNc8xqJLcG7QR1wzD9HPs5oPQEaWNcVf92QsbppNiB7C

Use as a library

In the tests you can find examples of use. Now I will explain the usual cases

generate a key pair:

    from pyvckit.did import generate_keys
    key = generate_keys()

generate a did identifier:

did key

    from pyvckit.did import generate_keys, generate_did
    key = generate_keys()
    did = generate_did(key)

did web

    from pyvckit.did import generate_keys, generate_did
    key = generate_keys()
    url = "https://localhost/user1/dids/"
    did = generate_did(key, url)

generate a signed credential:

Assuming credential is a valid credential. credential is a string variable

    from pyvckit.did import generate_keys, generate_did, get_signing_key
    from pyvckit.sign_vc import sign

    key = generate_keys()
    did = generate_did(key)
    signing_key = get_signing_key(key)
    vc = sign(credential, signing_key, did)

verify a signed credential:

Assuming vc is a properly signed verifiable credential

    import json
    from pyvckit.verify import verify_vc

    verified = verify_vc(json.dumps(vc))

generate a verifiable presentation:

    from pyvckit.did import generate_keys, generate_did, get_signing_key
    from pyvckit.sign_vp import sign_vp

    holder_key = generate_keys()
    holder_did = generate_did(holder_key)
    holder_signing_key = get_signing_key(holder_key)
    vp = sign_vp(holder_signing_key, holder_did, vc_string)

verify a verifiable presentation:

    from pyvckit.verify_vp import verify_vp
    verified = verify_vp(json.dumps(vp))

creation of did document:

This command will create a json document and a url path where to place this document. The did must be a web did. This document is an example and in production it must be adapted to contain the revoked verifiable credentials.

    from pyvckit.did import generate_keys, generate_did, gen_did_document

    key = generate_keys()
    url = "https://localhost/did-registry"
    did = generate_did(key, url)
    definitive_url, document = gen_did_document(did, key)