# DPP-CRC Components early architecture notes and collaboration with Sphereon ## Collaboration Milestones ### Mobile Wallet - [x] `did:oyd` support - [x] Workflow for signing - https://hackmd.io/qbCLwH8zTPGr-RduDsNNgQ?view - [ ] JSON-LD support for signed credential - *This Is in the code base. It looks for the original format of the VC. So if that is properly in JSON-LD, the response should also be in JSON-LD* - [x] Christoph: build with JSON-LD and use VC Data Model v1.1 - [ ] Niels: requires some internal updates after SPRIND work (goal: early September) - [x] example for OID4VP flow (for login) - *Are you looking for how to setup a RP? We have examples for those. Like in https://github.com/Sphereon-Opensource/OID4VC-demo/tree/develop/packages/oid4vci-demo-frontend for instance the Visma Yuki example https://rp.vismayuki.demo.sphereon.com/ which takes the PE definitions from the cloud wallet agent, which can be managed there as well* - [x] Niels: credentials for Visma Yuki example / web wallet nice to have: - [ ] guidance for Veramo `did:oyd` PR - https://github.com/decentralized-identity/veramo/pull/1388 ### Web Wallet Deployment - [ ] local setup of web wallet (wallet-agent-full) - https://github.com/Sphereon-Opensource/web-wallet - *Docker compose files for both the wallet agent and frontend are in that repository. We will work on some more documentation for the configuration options/env vars next week.* - [ ] Niels: update to address current build problem in `wallet-agent-full` - [ ] configuration for Sargasso Use Case (https://hackmd.io/rrpChr57TlWwE3qliuzpwg) - Contacts (stakeholders) - *Contacts agent functions and Full REST API are available in the agent. * - *Agent: https://github.com/Sphereon-Opensource/SSI-SDK/blob/5ccea55e4d00ac850c14f5cfe694b2f033056206/packages/contact-manager/src/types/IContactManager.ts#L25, * - *REST: https://github.com/Sphereon-Opensource/SSI-SDK/blob/develop/packages/contact-manager-rest-api/src/api-functions.ts* - Assets (records with concrete mixtures and EPD calculation; DPP?) - *Do you need a REST API for these as well? We will be working on the Assets next week with current version of the wallet* - Credentials (verifiable credentials, DPP?) - *W3C VC REST API to issue credential is available, including a REST client and simple postman collection* - *Doc: https://github.com/Sphereon-Opensource/web-wallet/blob/develop/docs/VC-API.md* - *OpenAPI: https://github.com/Sphereon-Opensource/web-wallet/blob/develop/docs/openapi/SPHEREON_VC_API.yaml* - *Postman: https://github.com/Sphereon-Opensource/web-wallet/blob/develop/docs/postman/VC%20API.postman_collection.json* - *REST API: https://github.com/Sphereon-Opensource/SSI-SDK/blob/develop/packages/w3c-vc-api/src/api-functions.ts* - *Issuer REST client: https://github.com/Sphereon-Opensource/SSI-SDK/blob/5ccea55e4d00ac850c14f5cfe694b2f033056206/packages/w3c-vc-api-issuer-rest-client/src/types/IVcApiIssuerClient.ts#L5* - *Verifier REST client: https://github.com/Sphereon-Opensource/SSI-SDK/blob/5ccea55e4d00ac850c14f5cfe694b2f033056206/packages/w3c-vc-api-verifier-rest-client/src/types/IVcApiVerifierClient.ts#L4* - Documents (supporting evidence) <- nice to have - *Currently Documents are not hooked up to VC issuance yet. The Document upload screen is in the issuance screen of the web wallet, but it does nothing at present. We have no resources available before Sept to make that work* - [ ] simple way to create records (manually, with SQL script) - *We have some examples that can be called with a script in the package.json for initialization of demo data. These in the end call SQL statements either directly or they call into agent functions that perform these. You can find examples at https://github.com/Sphereon-Opensource/web-wallet/tree/develop/packages/agent/src/database/demo-data. There are also migration files which allow you to import data only once for instance for upgrades, so you get to a consistent state. That is being used internally in all our agents. An example of that is at: https://github.com/Sphereon-Opensource/web-wallet/blob/develop/packages/agent/src/database/migrations/postgres/1700163641000-CreateWebWallet.ts* - [ ] deployment to Kubernetes - *Should be possible since we have the Docker files and Docker compose files* ### Web Wallet Integration - [ ] full CRUD operations for all record types to integrate with Semantic Container *- Is the below a hard requirement, as the current cloud wallet isn’t fully tenant aware yet. Most of the code is prepared for it, but right now a wallet is single tenant only* - [ ] tenant support - [ ] integrated user management - [ ] user signs on behalf of organisation (link between mobile and online wallet) ***- That is not yet evailable, as it needs integration of SIOPv2/OID4VP into OID4VCI*** nice to have: - [ ] discuss integrating ZKPs into VCs ## Data Intermediary will be developed by OwnYourData main functions: * service catalogue for services to be used with the API and the user management from the intermediary examples: * end-to-end encryption * data cleaning * aggregation * zero-knowledge proofs <- to be developed by Thomas & Martin * user management * initial login with external ID (e.g. ID Austria) * create organisation * link to tenant in Sphereon * create users below organisation * integrate with user management from Sphereon * Users (Stakeholders from construction industry) have accounts organised in hierarchies with DIDs * browse data, create requests to access data * upload data * data repository developed in ONTOCHAIN * collections (like Github repos) * access handled through Data Agreements Verifiable Credentials signed between * data source and data intermediary (D2A) * data user and data intermediary (D3A) * datasets (within collections) ## DPP Web Platform & Online Wallet by Sphereon paid development by Sphereon and to be integrated with Data Intermediary * user management: tenants have parties with identifiers (email, DID, ...) * a party can perform an action with an identifier * *Requirement: have a well documented REST-API to trigger creating and reading actions* * create Verifiable Credential for different payloads (PDF, JSON, ...) * Web UI to manage credentials for a tenant (list, group, filter, ...) * *Requirement: support for deploing Sphereon online wallet and DPP platform on OwnYourData infrastructure* * connect parties with their Sphereon Wallet on the mobile with the online Sphereon Wallet * *Requirement: a user signs on behalf of the organisation based on "connection" from mobile wallet to online wallet* * verify a set of credentials (a verification at a milestone to check if all identities and credentials are valid at a certain point in time and document as new credential) * *Requirement: provide API endpoint to perform single or bulk operations* * future: integrate Zero-Knowledge Proofs * *Requirement: this will be an experimental feature and probably we will only discuss with you our approach to include this in VC*