NGI Sargasso (Call 2) DPP-CRC project (online: https://hackmd.io/rrpChr57TlWwE3qliuzpwg) # Use Case #0 - Inital Tech Demo ### Description This initial use case demonstrates creating a digital representation of an EPD (Environmental Product Declaration) compliant with DPP (Digital Product Passport) platform. It includes the following technical components: <details><summary><strong>Private Data Store</strong> of a Concrete Producer: stores data to generate an EPD</summary> URL: https://cp-private.data-container.net ```bash # Credentials APP_KEY: 5mdPuiwt-H50Ixl2rWRKVPKQMhfdYw5LngK6RwBwZ5c APP_SECRET: EFV6OgfmFj73XmAI-4ncU41MLjOACwvIU5jtlWXpFtA ``` Github Repo: https://github.com/OwnYourData/dc-cpprivate Docker Image: https://hub.docker.com/r/oydeu/cp-private </details> <details><summary><strong>Data Intermediary</strong>: stores proof (Verifiable Presentation) for Concrete DPP</summary> URL: https://concrete.go-data.at ```bash # Credentials APP_KEY: nENk5CBuUIQy0e24bewN-WJx8w-FkPUekG9oQtx9N-4 APP_SECRET: 1oiPZTxbnQyQnl48QsRR9LlsAPFUUVTV5o4aaqZdOIg ``` Github Repo: https://github.com/OwnYourData/dc-intermediary Docker Image: https://hub.docker.com/r/oydeu/dc-intermediary </details> <details><summary><strong>EPD Calc Tool</strong>: computes EPD and accompanying Zero-Knowledge Proof</summary> URL: https://epd.ownyourdata.eu Github Repo: https://github.com/OwnYourData/zk-epd-calc Docker Image: https://hub.docker.com/r/oydeu/zk-epd-calc *Steps for manual testing:* * Create EPD: ```bash= echo '{"description":"C 25/30/B1","cement":15,"gravel":20,"water":25,"additives":30,"material":"super starker Eco++","factory":"Eggendorf"}' | \ curl -s -H "Content-Type: application/json" -d @- \ -X POST https://epd.ownyourdata.eu/create ``` * Verify EPD: ```bash= echo '{"description":"C 25/30/B1","factory":"Eggendorf","A13_gwp":165.4,"zkp":"1234abcd"}' | \ curl -s -H "Content-Type: application/json" -d @- \ -X POST https://epd.ownyourdata.eu/verify ``` </details> <details><summary><strong>Sphereon Mobile Wallet</strong>: signs Verifiable Credential with private key in wallet</summary> General information: https://sphereon.com/sphereon-products/sphereon-wallet/ Github: https://github.com/Sphereon-Opensource/mobile-wallet/tree/feat/oyd-01 </details> &nbsp; **Trust Triangle and Identities** Description of the Triangle of Trust: [Wikipedia](https://en.wikipedia.org/wiki/Verifiable_credentials#Trust_model) <details><summary><em>Concrete Producer (CP, holder)</em> enters data and signs DPP</summary> <ul> <li>uses Sphereon Mobile Wallet for signing data</li> <li>DID: <code>did:oyd:zQmaS7yYwARSEw3ZEzi5wyfiz78hiBCS9UFaxWstueXxvNU</code><br>(note: will differ based on DID in wallet)</li> <li>command: <code>echo '' | oydid create --doc-pwd cppwd --rev-pwd cprev -z 1</code></li> </ul> </details> <details><summary><em>Trusted EPD Authority (TA, issuer)</em> calculates EPD and provides ZKP</summary> <ul> <li>DID: <code>did:oyd:zQmT26WrFJhgLGsDj2gmWtimAtgvuxpaLuYv3yM9srLqZyL</code><br>(note: will differ based on DID in wallet)</li> <li>command: <code>echo '' | oydid create --doc-pwd tapwd --rev-pwd tarev -z 1</code></li> </ul> </details> <details><summary><em>Building Owner (BO, verifier)</em> verifies concrete producer's claims in DPP</summary> <ul> <li>DID: <code>did:oyd:zQmYsEgetRcnZiAjdChXZcHnUD4YDgVPquEZpAE14Xq55Hh</code></li> <li>command: <code>echo '' | oydid create --doc-pwd cspwd --rev-pwd csrev -z 1</code></li> </ul> </details> <details><summary><em>Data Intermediary (DI, public repository)</em> stores data, DIDs, VCs, VPs, DPPs</summary> <ul> <li>DID: <code>did:oyd:zQmSAxAeWkGDN1xm9eKWq547DTfdFYkgJGjpBs54Q5BqLx8</code></li> <li>command: <code>echo '' | oydid create --doc-pwd dipwd --rev-pwd direv -z 1</code></li> </ul> </details> &nbsp; **Data Models** * [`ConcreteMixture`](https://soya.ownyourdata.eu/ConcreteMixture/yaml) - private record stored locally ([edit](https://soya-form.ownyourdata.eu/?schemaDri=ConcreteMixture&data=%7B%7D) | [example](https://soya-form.ownyourdata.eu/?schemaDri=ConcreteMixture&data=%7B%22description%22%3A%22C+25%2F30%2FB1%22%2C%22cement%22%3A15%2C%22gravel%22%3A20%2C%22water%22%3A25%2C%22additives%22%3A30%2C%22material%22%3A%22super+starker+Eco%2B%2B%22%2C%22factory%22%3A%22Eggendorf%22%7D)) * [`zkEPD`](https://soya.ownyourdata.eu/zkEPD/yaml) - Zero-Knowledge Proof for an EPD ([edit](https://soya-form.ownyourdata.eu/?schemaDri=zkEPD) | [example](https://soya-form.ownyourdata.eu/?schemaDri=zkEPD&data=%7B%22description%22%3A%22C+25%2F30%2FB1%22%2C%22factory%22%3A%22Eggendorf%22%2C%22A13_gwp%22%3A165.4%2C%22zkp%22%3A%221234abcd%22%7D)) * [`ConcreteDPP`](https://soya.ownyourdata.eu/ConcreteDPP/yaml) - record with all data to generate DPP ([edit](https://soya-form.ownyourdata.eu/?schemaDri=ConcreteDPP) | [example](https://soya-form.ownyourdata.eu/?schemaDri=ConcreteDPP&data=%7B%22date%22%3A%222024-05-29%22%2C%22epd%22%3A%7B%22description%22%3A%22C+25%2F30%2FB1%22%2C%22factory%22%3A%22Eggendorf%22%2C%22A13_gwp%22%3A165.4%2C%22zkp%22%3A%221234abcd%22%7D%2C%22volume%22%3A1.5%7D)) ## Walk-Through Video recording: https://www.loom.com/share/2b307008a7d24375a8d8f8aa7ee55faa ### Sequence Diagram ```plantuml @startuml actor "Concrete\nProducer" as cp participant "Mobile\nWallet" as wallet database "Data\nIntermediary" as disp database "Private\nStore" as store collections "EPD\nCalculator" as epd actor "Building\nOwner" as owner cp -> store: enter ConcreteMixture cp --> store: trigger EPD calculation store -> epd: send ConcreteMixture epd -> store: store zkEPD cp --> store: trigger DPP creation cp o//-- store: show QR code cp --> wallet: scan QR code wallet -> store: request ConcreteDPP VC wallet -> wallet: prepare ConcreteDPP VP cp --> wallet: confirm signature wallet -> store: provide signature for ConcreteDPP VP store -> store: create DPP from EPD\nsigned by CP store -> disp: publish DPP & VP store --> cp: make DID for DPP available cp --> owner: share DID owner -> disp: request ConcreteDPP from DID owner -> epd: validate zkEPD\n(from ConcreteDPP) @enduml ``` ### Steps 1) CP logs into private data store * url: https://cp-private.data-container.net/ App Key: `5mdPuiwt-H50Ixl2rWRKVPKQMhfdYw5LngK6RwBwZ5c` App Secret: `EFV6OgfmFj73XmAI-4ncU41MLjOACwvIU5jtlWXpFtA` 2) CP creates new record for a `ConcreteMixture` * **output:** new record example link: https://cp-private.data-container.net/?itemId=95 3) CP triggers "Generate EPD" for a "ConcreteMixture" record * **input:** record of structure `ConcreteMixture`<br><br> * **output:** `zkEPD` record example link: https://cp-private.data-container.net/?itemId=96 * **output:** `ConcreteDPP` record example link: https://cp-private.data-container.net/?itemId=97 4) CP triggers "Publish DPP" for an "ConcreteDPP" record * **input:** record of structure `ConcreteDPP` * enter date+volume * click "Publish DPP" to show page with QR Code * CP scans QR Code (referencing EPD-VC) with wallet * CP clicks "show Digital Product Passport" * display page with DID<br><br> * **outptut:** updated `ConcreteDPP` record with DID and link to VP example link: https://cp-private.data-container.net/?itemId=97 * DID: [`did:oyd:zQmQht8RJD6vx7nDvqjL8fdYPrTBJvDJui5oQVbW6cYJTw3`](https://dev.uniresolver.io/#did:oyd:zQmQht8RJD6vx7nDvqjL8fdYPrTBJvDJui5oQVbW6cYJTw3) * Verifiable Presentation: <br><span style="font-size:11px">[`https://concrete.go-data.at/presentations/zQmboVisouVKVfB1PduFgsGq4LCZWAY56x3ScXxMukgFdLs`](https://concrete.go-data.at/presentations/zQmboVisouVKVfB1PduFgsGq4LCZWAY56x3ScXxMukgFdLs)</span> 5) BO verifies DPP * resolve DID and download data from service endpoint * perform the following checks: * integrity of Verifiable Presentation ```bash= curl -s https://concrete.go-data.at/presentations/zQmboVisouVKVfB1PduFgsGq4LCZWAY56x3ScXxMukgFdLs | \ oydid vp-verify ``` * proof of correct calculation of GWP (global warming potential) using ZKP (Zero-Knowledge Proof) ```bash= curl -s https://concrete.go-data.at/presentations/zQmboVisouVKVfB1PduFgsGq4LCZWAY56x3ScXxMukgFdLs| \ jq '.verifiableCredential[0].credentialSubject.epd' | \ curl -s -H "Content-Type: application/json" -d @- \ -X POST https://epd.ownyourdata.eu/verify ``` ## Learnings & Planned Improvements **Domain-specific Findings** * check input data for correct units and format --> demo to domain experts * review algorithm to calculate GWP (global warming potential) --> use demo in upcoming interviews to validate and improve algorithm * User Interface for data management is a prototype and too technical --> planned integration with Sphereon's Online Wallet & DPP Platform **Technical Findings** * increase number of testers that run use case --> provide Sphereon Wallet via APK for Android and via TestFlight for iPhone * building the customized Sphereon Wallet with `did:oyd` support is hard --> add `did:oyd` support to Veramo ([PR available](https://github.com/decentralized-identity/veramo/pull/1388)) and subsequently to Sphereon Wallet * ZKP Calculation is slow and needs better integration into the overall process --> redesign interface to invoke and retrieve result from OYD infrastructure * access to data stores through key & secret is not user-friendly --> support OID4VP to login via QR Code and Credential in mobile wallet * current DPP representation is bare minimum with only reference to VP --> research more elaborate versions from other existing DPP solutions
Last changed by  
Christoph-F
80

Read more

DPP-CRC Progress

Meetings: https://hackmd.io/raEGzz5aQC-pHxG3HMuwbQ

7/5/2024
DPP-CRC Meetings

Attendees: Christoph, Jan from 16:00Link: https://meet.jit.si/OwnYourDataTopic: setup web page with consent information for Februrary tests

7/4/2024
SOyA Open Items & Actions

[ ]

7/2/2024
WP3, D3.1 - 1st Iteration

Contact: christoph.klikovits@forschung-burgenland.at

6/30/2024
Read more from Christoph-F
Published on HackMD