Generalized Verification API in Veramo Core #375
Labels
Epic
This groups together several related issues. Fix those first!
incomplete
Issue is not well defined. Please ask for clarification before starting to work on it!
planned-feature
don't close this just for being stale
work-in-progress
Milestone
Comments
|
Figure out if there should be a Verifiable Presentation vs Verifiable Credential separation of interfaces. (in addition to a universal layer). |
mirceanis
added
planned-feature
|
I would like to reinforce the importance of this issue hoping it can be prioritized. |
|
It is easier to start with a more granular approach to verification instead of cramming everything into a thin top-level API. @rado0x54 you mentioned the requirement of adding verification Modules.
I think maybe this approach is a bit too broad. I imagine much "smaller" checks, like: A collection of checks forms a policy and then there can be a simple relationship between the policy requirement and a particular verification success or failure. In some situations, it may be useful to give details as to why a credential or presentation fails verification, and having granular checks allows UIs to be built that can provide these details in app-specific ways. |
|
Specific verification for LD-based credential and presentation was implemented in #273. Open for this ticket would be:
|
rado0x54
added
the
Epic
|
@rado0x54 pls add tasks for this epic. |
mirceanis
pushed a commit
that referenced
this issue
Aug 18, 2022
5 tasks
mirceanis
added a commit
that referenced
this issue
Sep 6, 2022
* feat(credential-w3c): align verification API between formats fixes #935 fixes #954 fixes #375 * test: add test cases for VC/VP verification policies * feat(credential-w3c): add extra options to VC/VP issuance and verification * fix: forward the `fetchRemoteContext` parameter to the document loader fixes #989
Merged
mirceanis
added a commit
that referenced
this issue
Sep 22, 2022
* chore(deps): update dependency openapi-types to v9.3.1 * fix(deps): update all non-major dependencies * fix(deps): update dependency express-handlebars to v6 * chore(deps): update devdeps * fix(deps): update dependency typeorm to v0.2.41 * fix(deps): update dependency did-jwt to v5.12.0 * JSON-LD Signature Support (#525) * feat(utils): add `@veramo/utils` package * feat(core): add common type definitions for credentials and presentations * feat(credential-ld) add `@veramo/credential-ld` packages * feat(credential-ld): added EcdsaSecp256k1RecoverySignature2020 and Ed25519Signature2018 credential signature and verification. * feat(credential-ld): added presentation creation and verification. * fix(credential-w3c): delegate `lds` proof types to `@veramo/credential-ld` if available. * fix(data-store): fixed save operation for LD credentials * feat(did-provider-key): fixed did:key dependencies, supporting only ed25519 x25519 and secp256k1 for now. * feat(credential-ld): included credential context from transmute library * refactor(credential-ld): simplify `CredentialIssuerLD` plugin initialization API * feat(credential-ld): proper mapping from local database keys to DID document verificationMethods * feat(cli): update default config to use `CredentialIssuerLD` module * feat(credential-w3c): autoselect presentation audience if it's a managed DID, for verification * feat(cli): add CLI methods to verify credentials and presentations Co-authored-by: Simonas Karuzas <simonas@not.cat> Co-authored-by: Mircea Nistor <mirceanis@gmail.com> fixes #273 fixes #756 relates to #586 relates to #588 * fix(credential-ld): include LDDefaultContexts in npm bundle * fix(credential-ld): include credential context and fix context loader Map * fix(deps): update dependency did-jwt-vc to v2.1.8 * chore(deps): update devdeps * feat(credential-ld): add option to fetch remote contexts This pattern is not recommended, but useful sometimes for debugging. This is a foot-gun. * docs: link to social (#764) * docs: update badges * fix(deps): update builders-and-testers * fix(remote-server): api-key-auth (#772) fixes #771 * fix(remote-server): web-did-doc-router options (#777) * fix(deps): update builders-and-testers * docs: rewrite readme and fix links fixes #785 * chore(deps): update dependency openapi-types to v10 * fix(deps): update dependency openapi-types to v10 * fix: fix inquirer prompt for subject DID during SDR fixes #790 * fix(deps): update builders-and-testers * fix(deps): update builders-and-testers * fix(deps): update dependency @ethersproject/random to v5.5.1 * fix(did-resolver): use interface `Resolvable` instead of the `Resolver` class and update dependencies * fix(deps): update dependency dotenv to v12 * chore(deps): update dependency ts-jest to v27.1.3 * chore: upgrade ethr-did-resolver * chore(deps): update devdeps * chore(deps): update dependency semantic-release to v19 * fix(deps): update dependency dotenv to v14 * chore(deps): update devdeps * fix(deps): update dependency commander to v9 * fix(key-manager): add missing uuid dependency (#807) * chore(deps): fix lockfile * test: add headless browser testing (#809) * version added, test:browser script added. * github workflows updated * fix(deps): pin dependencies * fix(deps): update did-libraries * chore(deps): pin dependencies * fix(deps): pin dependency typescript to 4.5.5 * fix(deps): update dependency dotenv to v16 * chore(deps): update devdeps * fix(deps): update all non-major dependencies * fix(deps): update dependency inquirer-autocomplete-prompt to v2 * chore(deps): update devdeps * fix(deps): update all non-major dependencies * chore(deps): update actions/setup-node action to v3 * fix(deps): update all non-major dependencies * chore(deps): update devdeps * feat(date-store-json): add JSON object storage implementation (#819) * feat(data-store-json): add JSON backed storage option * feat(data-store-json): add private-key-store * feat(data-store-json): use the same JSON object backend for all the data stores * feat(data-store-json): simplify JSON store APIs convert integration test to use a plain file as the backend for the JSON storage. * test(browser): use data-store-json in browser tests and unlock more test scenarios * test(browser): link local packages during browser tests * feat(core): define IDataStoreORM interface at the `@veramo/core` level * docs(core): add some inline documentation for the `IDataStoreORM` plugin interface. * docs(data-store-json): add some inline documentation for types defined in data-store-json * chore: commit updated schemas * chore(deps): pin dependencies * fix(deps): pin dependencies * chore(deps): update actions/checkout action to v3 * fix(deps): update builders-and-testers * feat: add key type definitions: 'Bls12381G1Key2020' and 'Bls12381G2Key2020' (#839) * Add key types: 'Bls12381G1Key2020' and 'Bls12381G2Key2020' Co-authored-by: Ilie Circiumaru <ici@zurich.ibm.com> * fix(deps): update dependency typescript to v4.6.3 * chore(deps): update devdeps * feat(utils): add 2 utility functions for inspecting ethr dids (#842) * feat(utils): Add 2 utility functions for inspecting ethr dids * chore: regenerate plugin schemas (#843) * chore: Regenerate did-comm plugin schema (#844) Co-authored-by: Nick Reynolds * fix(deps): update did-libraries * fix(deps): update builders-and-testers * chore(deps): update actions/cache action to v3 * chore(deps): update dependency ts-json-schema-generator to v1 * fix(deps): update dependency @types/react-dom to v18 * fix(deps): update dependency ts-json-schema-generator to v1 * fix(deps): update dependency web-did-resolver to v2.0.15 * chore(deps): update devdeps * fix(deps): update builders-and-testers * fix(data-store-json): structuredClone * fix(core): plugin schema * chore(deps): update devdeps * fix(deps): update builders-and-testers * fix(deps): update dependency web-did-resolver to v2.0.16 * chore(deps): update node.js to v18 * chore(deps): update devdeps * fix(deps): update dependency typescript to v4.6.4 * fix(deps): update dependency openapi-types to v11 * fix(deps): update dependency yaml to v2 * chore(deps): update devdeps * fix(deps): update dependency @microsoft/api-extractor to v7.23.1 * feat(credential-status): add credential status check plugin for Veramo (#874) * feat: add credential status plugin * chore: fixes according the feedback * chore: bump 'credential-status' dependency version * chore: update plugin's schema * fix(deps): update dependency @types/react to v18 * chore(deps): update devdeps * fix(data-store-json): structuredClone (#885) Fixes #857 * feat(did-provider-ethr): Using meta account * fix(credential-w3c): forward domain and challenge args to createVerifiablePresentationJwt (#887) * feat: create DIDComm JWE with multiple recipients (#888) * fix(deps): update dependency @ungap/structured-clone to v1 * fix(deps): update react monorepo to v18 * fix(credential-ld): remove fs dependency for JSON LD default contexts (#868) * remove fs dependency for JSON LD default contexts * add contexts/*.json files in the build output fixes #837 * feat: add partial match for dids and aliases in did discovery provider for data store * fix (deps) : update dependency typeorm to v0.3.6 (#901) Co-authored-by: ludovic duranteau <ludovic.duranteau@signaturelnd.com> * feat(cli): add choices when selecting credential Subject in CLI (#898) * Add choices when selecting credential Subject in CLI * Change from list input type to autocomplete * Remove validation when choosing subject DID * fix(deps): update all non-major dependencies * chore(deps): update devdeps * feat: update did-discover-provider to search by DID likeness in addition to name * chore: fix didDiscovery error test * chore(build): rename jest config file (#908) * fix(credential-status): simplify credential-status scripts * chore: rebuild lockfile * fix(cli): fix typo in command description (#913) * fix(credential-ld): fix EcdsaSecp256k1RecoverySignature2020 suite context (#909) * feat(data-store-json): BrowserLocalStorageStore (#914) * feat: CredentialIssuerEIP712 (#899) * fix(credential-eip712): update plugin schema (#915) * feat(credential-ld): add support for browser environments (#916) * fix(credential-ld): use @digitalcredentials instead of @digitalbazaar packages for better browser compatibility * test: add test-utils package and move `fake-did-provider` there * fix(credential-ld): bump @transmute and did-resolver dependencies * fix(credential-ld): include default `@contexts` in build * test(browser): use `stream-browserify` to enable `did:key` (from the @transmute implementation) * test(browser): enable all integration test suites in the browser test * fix(data-store-json): enable `dom` lib in `tsconfig.json` * test(browser): move browser sample app to packages/ to simplify package linking * chore(deps): update all non-major dependencies * chore(deps): update devdeps * fix(cli): update default CLI config to account for renamed class (#919) BREAKING CHANGE: ProfileDiscoveryProvider has been renamed to DataStoreDiscoveryProvider in #597. Please update your config accordingly * fix: update and fix inline documentation of all exported types (#921) * fix(build): use correct cross-package imports * chore(build): split build scripts for better granularity * docs(data-store-json): fix and augment inline documentation for public exports * docs(key-manager): add missing inline docs to exported classes * docs(kms-local): update inline docs for public classes * docs(message-handler): fix JSDoc links and update plugin documentation * docs(remote-server): fix inline docs * docs(url-handler): add description to UrlMessageHandler * docs(core): update and fix inline docs for @veramo/core exports * docs(selective-disclosure): update inline docs for @veramo/selective-disclosure exports * docs(credential-w3c): update inline docs for @veramo/credential-w3c exports * docs(data-store): fix and augment inline documentation for `@veramo/data-store` exports * docs(did-discovery): update and fix inline docs for @veramo/did-discovery exports * docs(did-comm): update and fix inline docs for @veramo/did-comm exports * docs(credential-eip712): update and fix inline docs for @veramo/credential-eip712 exports * fix(credential-status): update and fix type definitions and inline docs * docs(credential-ld): update and fix inline docs * fix(deps): bump api-extractor tools * docs(did-manager): update inline docs * docs(did-provider-key): add some inline docs * docs(did-resolver): update inline docs * docs(remote-client): add inline documentation for exports * fix(build): update lockfile and autogen tests * fix(deps): update did-libraries * fix(deps): use did-jwt v6 and ethr-did-resolver v6 (#925) * fix(deps): bump did-jwt to v6 and all related deps to latest closes #923 closes #848 * chore(deps): use ganache instead of ganache-cli This speeds up testing * fix(docs): fix relevant errors and warnings in TSDoc to enable proper docs generation on `@next` branch * fix(deps): update builders-and-testers (#930) * chore(ci): adjust renovate bot schedule to reduce CI spam * chore(ci): disable automatic pinning of dependencies * chore(deps): update dependency ganache to v7.3.0 * chore(deps): update devdeps (major) (#881) * chore(deps): update devdeps * fix(build): adjust browser-tests for jest v28 * force `jsonld` to resolve to `@digitalbazaar/jsonld` * run browser tests with `NODE_OPTIONS=--experimental-vm-modules` * explicitly install some jest packages Co-authored-by: Mircea Nistor <mirceanis@gmail.com> * * fix(deps): pin resolution of @types/eslint to unblock build with conflicting versions (#928) * chore(deps): update all non-major dependencies * fix(deps): pin resolution of @types/eslint to unblock build with conflicting versions Co-authored-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: Mircea Nistor <mirceanis@gmail.com> * feat(kms-web3): add a KMS implementation backed by a web3 provider (#924) closes #688 * chore(deps): fix lockfile * fix(kms-web3): use ethers _signTypedData (#939) fixes #938 * fix(deps): Update dependency web-did-resolver to v2.0.19 * fix(deps): update dependency openapi-types to v12 * fix(deps): replace @transmute/lds-ecdsa-secp256k1-recovery2020 with fork (#953) The fork uses `@digitalcredentials` variants of the JSON-LD libraries and upgrades some other dependencies to more maintained variants closes #952 * fix(deps): Bump `did-jwt`, `did-jwt-vc` as direct package deps (#955) * chore(ci): add PR template (#958) * chore(ci): move the PR template file * chore(ci): simplify the PR template * chore(ci): clarify the PR template * fix(deps): Update dependency @digitalcredentials/vc to v4 * fix(deps): Update dependency ethr-did-resolver to v6.0.2 (#964) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(credential-status): check credential status for all credential types (#949) fixes #934 * fix(did-provider-key) : fix typo in error message for `addKey` (#967) * feat(did-provider-ethr): use multiple networks per EthrDIDProvider (#969) * feat(did-manager): allow DID providers to match multiple prefixes * feat(did-provider-ethr): support multi-network config for EthrDIDProvider fixes #968 fixes #893 * feat(kms-web3): add ability to list provider accounts as keys (#965) fixes #933 * feat(data-store): use DataSource instead of Connection (#970) fixes #947 * feat(cli): in explore, allow copy to clipboard the text of identifier or credential or presentation (#902) * feat(cli): in explore, allow user to copy to clipboard the text of identifier or credential or presentation * feat(cli): add command to output selected credential or presentation * feat(did-manager): add`didManagerUpdate` method for full DID document updates (#974) fixes #971 this is also related to #960 and #948 * chore(core): update plugin schema * fix: deprecate the `save` parameter (#975) closes #966 * chore: create authors.md (#972) This page contains a list of the awesome humans behind Veramo * docs: update Twitter badge * feat: define an interface for credential status manager (#956) partially fixes #937 relates to #981 * feat(credential-status): rename plugin interfaces and methods fixes #981 * feat(credential-status): expect revoked boolean property from StatusMethods docs: fix inline docs broken references docs(kms-web3): add docs to kms-web3 * feat(did-resolver): simplify DIDResolverPlugin constructor (#986) fixes #976 * feat: add support for serviceEndpoint property as defined in latest DID Spec (#988) BREAKING CHANGE: the `did-resolver` and connected libraries change the data-type for `ServiceEndpoint` to `Service` and the previous semantic has changed. Services can have multiple endpoints, not just a single string. * feat(credential-w3c): add override policies to verifyPresentation (#990) relates to #375 relates to #954 * fix(deps): Update dependency did-jwt-vc to v3 * chore(deps): update postgres docker tag to v14 * feat(credential-w3c): align verification API between formats (#996) * feat(credential-w3c): align verification API between formats fixes #935 fixes #954 fixes #375 * test: add test cases for VC/VP verification policies * feat(credential-w3c): add extra options to VC/VP issuance and verification * fix: forward the `fetchRemoteContext` parameter to the document loader fixes #989 * feat(credential-w3c): add ICredentialPlugin interface in core package (#1001) closes #941 The `ICredentialIssuer` interface was moved to the core package, but is reexported by the `credential-w3c` package for compatibility.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As an Integrator of Veramo I would like to be able to use a single generalized Verification API that automatically verifies a various set of input data according to a given policy input.
Acceptance Criteria:
agent.verify({ payload: {...}, policy: {...} }))a) Schema / Data format. It needs to verify that the given payload matches the referenced Schema or Context
b) Signature Verification. Verify that a Issuer Signature matches the given Credential and Issuer.
c) Credential Status: Verify that the Credential Status of the VC is still valid:
a) Override certain assumption: Policy may allow to accept revoked credentials or self-signed Signatures.
b) Tighten Validation conditions: Further restrict conditions of credential verification (e.g. similar to passing a PE), e.g. where certain values are expected. (Credential issued by specific issuer A)
c) Trust Frameworks
d) ... TBD
a)
b)
c)
d)
The text was updated successfully, but these errors were encountered: