This project provides automated scripts for deploying and starting the Microservice architecture of the Interoperable ACS based on Self-Sovereign Identities. The system consists of the following components:
- DIF Universal Resolver - A driver-based architecture developed by the Decentralized Identity Foundation (DIF) for resolving multiple types of Decentralized Identifiers (DIDs).
- Indy-DID-Driver - A local fork of Indy-DID-Resolver provided by IDunion.
- Uport-DID-Driver - Driver for the uPort DID methods (Ethr-DIDs) to be used in the Universal Resolver architecture.
- DID Communication API - Inbox HTTP API for secure communication using DIDComm Messaging Protocol and Peer-DIDs.
- VC JWT Verifier - Verification of JSON-LD Verifiable Credentials expressed as JSON Web Tokens (JWTs)
- Access Decision Point - The core component of the ACS implementing multiple microservices - definition and management of the Access Control Logic (based on required Verifiable Credentials), creation of Verifiable Presentation Requests and verification of Verifiable Presentations, exchange of credentials and API for communication with the DID Communication API
To use the Access Control System, an SSI-Client implementation with some specific functionality is required. An implementation of an example SSI-Client is provided.
Currently, the system supports two DID Methods - Ethr-DIDs on any Ethereum network (we have mainly used the Ropsten Testnetwork) and Indy-DIDs on a locally-deployed VON Network.
The example SSI-Client implementation also contains a local wallet (in the form of a simple JSON file) which contains multiple DIDs (with their respective private keys) and Verifiable Credentials. To use these DIDs, the deployment of a local VON Network and registration of the DIDs is required.
Deploy and start a local VON Network as explained here.
Register the DIDs using the following Seeds:
- /VbVPd0VcoBRah/eM6ZhiHbXeAx5I0U2
- wrOg38cR4Fn+hmYg6kVBxf8oTLenPHY+
- MBbR8gNyW5zchfvGfh4mvd71FnWdH02d
- f28ScnGNTQcrVZAKbbj2w3NVPDjgtjEp
- ATkOdnmB22BxtyGp1DhY47ANhCLCh69I
- Deploy a local VON Network and registed the used DIDs.
- Swap the content of the von-genesis-file with the genesis transactions of your own VON Network
- Edit the configuration file to configure the services if needed.
- Edit the Access Control File to configure the authorization rules if needed.
- Fetch all microservices by running:
./scripts/get_services.sh - Configure the VON Network of the Indy-DID-Driver:
./scripts/set_von_network.sh - Start the ACS:
./scripts/start.sh - Send requests to the ACS using the automated scripts provided by the example SSI-Client implementation
The project was created as a prototype used for evaluating purposes and might not be actively supported in the future.