SSI POC - HackMD

# SSI POC The POC consists of several step that are captured below. ## Research **Jolocom** is the preferred choice for credential management. Read on [verifiable credentials](https://www.w3.org/TR/vc-data-model/#what-is-a-verifiable-credential). Steps: 1. Clone the [demo](https://github.com/jolocom/interactions-demo) provided by Jolocom 2. Install the mobile application - [Android](https://play.google.com/store/apps/details?id=com.jolocomwallet&hl=en_US&gl=US) | [iOS](https://apps.apple.com/us/app/jolocom-smartwallet/id1223869062) | [Android Staging](https://jolocom.io/wp-content/uploads/smartwallet/smartwallet-staging-1.11.1.apk)\* 4. On windows need to add inbound rule for the 9000 port. \* Android staging is used when we want to connect to a wallet in our local network without - no certificate needed. ### Sharing credential with the Alkemio system Followed the dependency chain in the **service_agent** (the backend in the demo): 1. The credential share method is named *credShareRequest* 2. Internally it depends on: * [Jolocom Web Service](https://github.com/jolocom/web-service-base/blob/6713145a33fcf9c974d9b984b8facfb755b97915/src/index.ts#L79) * [Jolocom Hapi Web Service](https://github.com/jolocom/hapi-jolocom/blob/master/src/index.ts) * [Jolocom Service Client](https://github.com/jolocom/web-service-client/blob/master/src/index.ts) * [Jolocom Lib](https://github.com/jolocom/jolocom-lib/blob/352bd114d2a3f859a111b589ef3e278d2dd892c4/ts/interactionTokens/credentialRequest.ts#L141) 3. The share request is captured in https://miro.com/app/board/o9J_lqoQANg=/ 4. Constraints are serializable objects 5. In wallet manager *beginCredentialRequestInteraction* + *completeCredentialRequestInteraction* ### Offering credential from the Alkemio system Followed the dependency chain in the **service_agent** (the backend in the demo): 1. The credential share method is named *offerCred* 2. The offer request is captured in https://miro.com/app/board/o9J_lqoQANg=/ 3. In wallet manager *beginCredentialOfferInteraction* + *completeCredentialOfferInteraction* ## The flow Changes across the wallet-manager, server and client had to be applied. In order to run the flow as-is: 1. Stop the wallet-manager container that starts with the services quickstart 2. Install the staging application **OR** Run an android emulator 3. Open the port that the server is available on (inbound rule). 4. Start the server with local network IP address: ![](https://i.imgur.com/uSNN4Md.png) 6. Navigate to the user profile page and perform the desired operation. When using the iOS / Android production jolocom wallets: 1. Setup dev SSL - we need to run the server & wallet managers on https ## What is next 1. Integrate verified credential usage in the authorization policy 2. Standalone Trust registry - The registry is responsible for managing verified issuers, creating & setting constraints on credential claims based on their type 2. Alkemio Internal Credential Offer Interaction - Credential offer flow, but the credential is offered to an Alkemio cloud-hosted wallet 3. Create an Alkemio Platform agent - Credentials need to be created by trusted issuers and Alkemio might become one at some point, thus the need for a platform wide wallet/agent that should be created 4. Using did:jun - There are different methods of storing decentralized identities - in jolocom **did:jun** is the local equivalent (stored in our db only) of **did:jolo** which is stored in a decentralized storage and publicly visible. 5. Authentication using Alkemio Credential - Extend oathkeeper to process the Alkemio verifiable credential 6. [Open badges](https://openbadges.org/)