Skip to content

3.md

Latest commit

 

History

History
77 lines (54 loc) · 3.01 KB

3.md

File metadata and controls

77 lines (54 loc) · 3.01 KB

Managing Credentials

The following examples use myDid as an example of an instantiated IdentityAccount

Credentials management is two-fold with SSIMON, for credentials that you issue to others and for credentials that are issued to you, for the credentials that you receive, i.e. are the holder for, all the methods can be found in myDid.credentials.store, wherein you can find all the CRUD methods for managing your own credentials. Operations for Credentials which you issue are found directly in myDid.credentials

Issuer Operations

Creating and Issuing a Credential

A credential to be issued can be created as below, issuance of the credential to a user is OOB for this library and is handled by @tanglelabs/oid4vc

async function issueCredential() {
  const credential = await myDid.credentials.create({
    // did of the recipient of the credential
    recipientDid: "did:asdf:asdfasdfasdfasdf",

    // unique identifier to give to the credential
    id: "https://tanglelabs.io/credentials/123",

    // Body of the credential, can be a custom object
    body: {
      name: "Alice",
      gpa: 4.9,
      graduationYear: 2023,
    },

    // index of the key to sign with, if confused set to 0
    keyIndex: 0,

    // Type of the Credential as an array
    type: ["UniversityCredential"],
  });
}

Verifying a Credential

SSIMON leverages DVID (Domain Verified Identity) which ties a domain to a DID, essentially we add a second check to ensure that the domain which claims to be issuing the credential has actually issued the credential or not, therefore our result for verification looks like this

{
    DVID: true,
    vc: true
}

essentially DVID is true when the domain has a valid DVID record and is tied to the DID issuing the credential, and the vc is true when the signature on the credential is valid

to verify a credential you can use the verify method

async function verifyCredential(credential: Record<string, any> | string) {
  const result = await myDid.credentials.verify(credential);

  if (!result.DVID || !result.vc) throw new Error("VC not valid");
}

Holder Operations

Your IdentityAccount always comes with a store where you can store your credentials, which you can access under myDid.credentials.store

the store gives you the following methods

Method Purpose
myDid.credentials.store.create(rawCredential) store a new credential
myDid.credentials.store.findOne(filter) find one credential
myDid.credentials.store.findMany(filter) find many credentials
myDid.credentials.store.findOneAndUpdate(filter, newBody) find one credential and update
myDid.credentials.store.findOneAndDelete(filter) find one credential and delete