@web5/credentials
v1.1.3
Published
Verifiable Credentials
Downloads
729
Readme
@web5/credentials
The @web5/credentials
package provides the following functionality:
- creation, signing, verification, and general processing of Verifiable Credentials (VCs).
- Presentation Exchange evaluation
Table of Contents
VerifiableCredential
VC Features
- Create Verifiable Credentials with flexible data types.
- Sign credentials using decentralized identifiers (DIDs).
- Verify the integrity and authenticity of VCs encoded as JSON Web Tokens (JWTs).
- Parse JWT representations of VCs into VerifiableCredential instances.
VC Usage
Along with the credentials package you will need command and dids for most of the Verifiable Credentials operations
npm install @web5/common
npm install @web5/dids
npm install @web5/credentials
Then to import:
import { VerifiableCredential, VerifiablePresentation, PresentationExchange } from '@web5/credentials';
Creating a Verifiable Credential
Create a new VerifiableCredential
with the following parameters:
type
: Type of the credential.issuer
: Issuer URI.subject
: Subject URI.data
: Credential data.issuanceDate?
(Optional) The Issuance Date. Defaults to current date if not specified.expirationDate?
: (Optional) Expiration Date.credentialStatus?
: Optional. The credential status lookup information to see if credential is revoked.credentialSchema?
: (Optional) The credential schema of the credential.evidence?
: (Optional) Evidence can be included by an issuer to provide the verifier with additional supporting information in a verifiable credential.
class StreetCredibility {
constructor(localRespect, legit) {
this.localRespect = localRespect;
this.legit = legit;
}
}
const vc: VerifiableCredential = await VerifiableCredential.create({
type: "StreetCred",
issuer: "did:example:issuer",
subject: "did:example:subject",
data: new StreetCredibility("high", true)
});
Signing a Verifiable Credential
Sign a VerifiableCredential
with a DID:
did
: The did that is signing the VC.
First create a Did
object as follows:
import { DidJwk } from '@web5/dids';
const issuer: BearerDid = await DidJwk.create();
Then sign the VC using the did
object
const vcJwt: string = await vc.sign({ did: issuer });
Verifying a Verifiable Credential
Verify the integrity and authenticity of a Verifiable Credential
vcJwt
: The VC in JWT format as a String.
try {
await VerifiableCredential.verify({ vcJwt: signedVcJwt })
console.log("VC Verification successful!")
} catch (e: Error) {
console.log("VC Verification failed: ${e.message}")
}
Parsing a JWT into a Verifiable Credential
Parse a JWT into a VerifiableCredential
instance
vcJwt
: The VC JWT as a String.
const vc: VerifiableCredential = VerifiableCredential.parseJwt({ vcJwt: signedVcJwt })
Creating a Status List Credential
Create a new StatusListCredential
with the following parameters:
statusListCredentialId
: The id used for the resolvable path to the status list credential [String].issuer
: The issuer URI of the status list credential, as a [String].statusPurpose
: The status purpose of the status list cred, eg: revocation, as a [StatusPurpose].credentialsToDisable
: The credentials to be marked as revoked/suspended (status bit set to 1) in the status list.
const statusListCredential: VerifiableCredential = StatusListCredential.create({
statusListCredentialId : 'https://statuslistcred.com/123',
issuer : "did:example:issuer",
statusPurpose : 'revocation',
credentialsToDisable : [credWithCredStatus]
});
To associate the status list credential with a revocable credential have the statusListCredential
parameter match up to the statusListCredentialId
parameter. Here is a full example:
const credentialStatus: StatusList2021Entry = {
id : 'cred-with-status-id',
type : 'StatusList2021Entry',
statusPurpose : 'revocation',
statusListIndex : '94567',
statusListCredential : 'https://statuslistcred.com/123',
};
const credWithCredStatus: VerifiableCredential = await VerifiableCredential.create({
type : 'StreetCred',
issuer : issuerDid.uri,
subject : subjectDid.uri,
data : new StreetCredibility('high', true),
credentialStatus : credentialStatus
});
// Create a status list credential with and revoke the credWithCredStatus
const statusListCredential: VerifiableCredential = StatusListCredential.create({
statusListCredentialId : 'https://statuslistcred.com/123',
issuer : "did:example:issuer",
statusPurpose : 'revocation',
credentialsToDisable : [credWithCredStatus]
});
VerifiablePresentation
VP Features
- Create Verifiable Presentation with flexible data types.
- Sign presentations using decentralized identifiers (DIDs).
- Verify the integrity and authenticity of VPs encoded as JSON Web Tokens (JWTs).
- Parse JWT representations of VPs into VerifiablePresentation instances.
VP Usage
Creating a Verifiable Presentation
Create a new VerifiablePresentation with the following parameters:
holder
: The holder URI of the presentation, as a string..vcJwts
: The JWTs of the credentials to be included in the presentation.type
: Optional type of the presentation, can be a string or an array of strings.additionalData
: Optional additional data to be included in the presentation.
const vp: VerifiablePresentation = await VerifiablePresentation.create({
type: 'PresentationSubmission',
holder: 'did:ex:holder',
vcJwts: vcJwts,
additionalData: { 'arbitrary': 'data' }
});
Signing a Verifiable Presentation
Sign a VerifiablePresentation
with a DID:
did
: The did that is signing the VP
Sign the VP using the did
object
const vpJwt: string = await vp.sign({ did: issuer });
Verifying a Verifiable Presentation
Verify the integrity and authenticity of a Verifiable Presentation
vpJwt
: The VP in JWT format as a String.
try {
await VerifiablePresentation.verify({ vpJwt: signedVpJwt })
console.log("VP Verification successful!")
} catch (e: Error) {
console.log("VP Verification failed: ${e.message}")
}
Parsing a JWT into a Verifiable Presentation
Parse a JWT into a VerifiablePresentation
instance
vpJwt
: The VP JWT as a String.
const parsedVp: VerifiablePresentation = VerifiablePresentation.parseJwt({ vcJwt: signedVcJwt })
PresentationExchange
PresentationExchange
is designed to facilitate the creation of a Verifiable Presentation by providing tools to select and validate Verifiable Credentials against defined criteria.
PEX Features
- Select credentials that satisfy a given presentation definition.
- Validate if a Verifiable Credential JWT satisfies a Presentation Definition.
- Validate input descriptors within Presentation Definitions.
PEX Usage
Selecting Credentials
Select Verifiable Credentials that meet the criteria of a given presentation definition.
vcJwts
: The list of Verifiable Credentials to select from.presentationDefinition
The Presentation Definition to match against.
This returns a list of the vcJwts that are acceptable in the presentation definition.
const selectedCredentialsJwts: string[] = PresentationExchange.selectCredentials({
vcJwts: signedVcJwts,
presentationDefinition: presentationDefinition
})
Satisfying a Presentation Definition
Validate if a Verifiable Credential JWT satisfies the given presentation definition. Will return an error if the evaluation results in warnings or errors.
vcJwts
: The list of Verifiable Credentials to select from.presentationDefinition
The Presentation Definition to match against.
try {
PresentationExchange.satisfiesPresentationDefinition({ vcJwts: signedVcJwts, presentationDefinition: presentationDefinition })
console.log("vcJwts satisfies Presentation Definition!")
} catch (e: Error) {
console.log("Verification failed: ${e.message}")
}
Create Presentation From Credentials
Creates a presentation from a list of Verifiable Credentials that satisfy a given presentation definition. This function initializes the Presentation Exchange (PEX) process, validates the presentation definition, evaluates the credentials against the definition, and finally constructs the presentation result if the evaluation is successful.
vcJwts
: The list of Verifiable Credentials to select from.presentationDefinition
The Presentation Definition to match against.
const presentationResult: PresentationResult = PresentationExchange.createPresentationFromCredentials({ vcJwts: signedVcJwts, presentationDefinition: presentationDefinition })
Validate Definition
This method validates whether an object is usable as a presentation definition or not.
presentationDefinition
The Presentation Definition to validate
const valid: Validated = PresentationExchange.validateDefinition({ presentationDefinition })
Validate Submission
This method validates whether an object is usable as a presentation submission or not.
presentationSubmission
The Presentation Submission to validate
const valid: Validated = PresentationExchange.validateSubmission({ presentationSubmission })
Validate Presentation
Evaluates a presentation against a presentation definition.
presentationDefinition
The Presentation Definition to validatepresentation
The Presentation
const evaluationResults: EvaluationResults = PresentationExchange.evaluatePresentation({ presentationDefinition, presentation })