# Veramo Demo - March 2021 # CLI Agent Setup ### Note Some of the mentioned domain configurations for ngrok are owned by a Consensys Account and would need to be updated accordingly. ### Outline This demo flows describe the setup and configuration of three veramo instances and issue, request and presentation flow of a Verifiable Credential with an "employer" claim. ## ALICE Setup (Holder / Self-Issuer) ``` mkdir alice cd alice veramo config create nano agent.yml ``` * uncomment ngrok setup `subdomain: alice-demo` `region: us` ``` veramo server ``` ## BOB Setup (Requesting Information) ``` mkdir bob cd bob veramo config create nano agent.yml ``` * change port to 3333 * uncomment and change ngrok setup `subdomain: bob-demo` `region: us` ``` veramo server ``` ## Charlie Setup (Remote Agent - Holder / Self-Issuer) - Add Heroku Instance (Hosted Agent): (Deployment Instructions in Appendix) `https://rado0x54-veramo.herokuapp.com/open-api.json` ``` mkdir charlie cd charlie veramo config create nano agent.yml ``` * replace config with: ``` version: 1.0 agent: $require: '@veramo/core#Agent' $args: - schemaValidation: false plugins: - $require: '@veramo/remote-client#AgentRestClient' $args: - url: https://rado0x54-veramo.herokuapp.com/agent headers: Authorization: Bearer 86b296461f1fd8092b482e5a08b759e0af5d20d8b40799dc2dcda318b3fe7e85 enabledMethods: - keyManagerGetKeyManagementSystems - keyManagerCreate - keyManagerGet - keyManagerDelete - keyManagerImport - keyManagerEncryptJWE - keyManagerDecryptJWE - keyManagerSignJWT - keyManagerSignEthTX - didManagerGetProviders - didManagerFind - didManagerGet - didManagerCreate - didManagerGetOrCreate - didManagerImport - didManagerDelete - didManagerAddKey - didManagerRemoveKey - didManagerAddService - didManagerRemoveService - resolveDid - dataStoreSaveMessage - dataStoreSaveVerifiableCredential - dataStoreSaveVerifiablePresentation - dataStoreORMGetIdentifiers - dataStoreORMGetIdentifiersCount - dataStoreORMGetMessages - dataStoreORMGetMessagesCount - dataStoreORMGetVerifiableCredentialsByClaims - dataStoreORMGetVerifiableCredentialsByClaimsCount - dataStoreORMGetVerifiableCredentials - dataStoreORMGetVerifiableCredentialsCount - dataStoreORMGetVerifiablePresentations - dataStoreORMGetVerifiablePresentationsCount - handleMessage - sendMessageDIDCommAlpha1 - createVerifiablePresentation - createVerifiableCredential - createSelectiveDisclosureRequest - getVerifiableCredentialsForSdr - validatePresentationAgainstSdr ``` # Cloud Agent Setup - Demo one-click Veramo deployment # DID Identifiers ``` % veramo did -h Usage: veramo did [options] [command] Decentralized identifiers Options: -h, --help display help for command Commands: providers list available identifier providers list list managed identifiers create create an identifier delete create an identifier add-service add a service endpoint to did document remove-service remove a service endpoint from did document add-key create and add a public key to did document remove-key remove a key from did document export export an identifier import import an identifier resolve <didUrl> Resolve DID Document help [command] display help for command ``` ## Resolve various DID with any Veramo cli ``` veramo did resolve did:web:rado0x54-veramo.herokuapp.com veramo did resolve did:web:rado0x54-veramo.herokuapp.com:test veramo did resolve did:ethr:0x861ecf3069ca6b4b39ee641822bcb1c0e81d96b1 veramo did resolve did:web:alice-demo.ngrok.io ``` ## Add other identifiers to Alice 1. Add did:ethr ``` veramo did create ? Select identifier provider did:ethr ? Select key management system local ? Enter alias new_ethr ``` 2. Add did:web (sub-identifier) ``` veramo did create ? Select identifier provider did:web ? Select key management system local ? Enter alias alice-demo.ngrok.io:sub-id ``` 3. Add Service to did:web ``` veramo did add-service ? Select DID did:web:alice-demo.ngrok.io:sub-id ? Service type SecureDataStore ? Endpoint https://test.de/store ? ID store123 ``` 4. Add Key to did:web ``` % veramo did add-key ? Select DID did:web:alice-demo.ngrok.io:sub-id ? Select key management system local ? Type Ed25519 Success: { success: true } ``` # Credential Flow ## 3 Alice (or Charlie) create (self-signed) Credential ``` % veramo credential ? Issuer DID did:web:rado0x54-veramo.herokuapp.com rado0x54-veramo.herokuapp.c om ? Subject DID did:web:alice-demo.ngrok.io ? Credential Type (VerifiableCredential,Profile) mriedel@MR-MBP15 charlie % veramo credential ? Issuer DID did:web:rado0x54-veramo.herokuapp.com rado0x54-veramo.herokuapp.c om ? Subject DID did:web:alice-demo.ngrok.io ? Credential Type VerifiableCredential,Profile ? Claim Type name ? Claim Value Alice ? Is the credential revocable? No ``` Claim type = `name` Claim value = `Alice` ``` veramo credential ``` Claim type = `lastName` Claim value = `Doe` ``` veramo credential ``` Credential Type = `VerifiableCredential,EmploymentCredential` Claim type = `employer` Claim value = `American Express` ``` veramo credential ``` Claim type = `employer` Claim value = `Coca Cola (Board)` ## 4 BOB Send SDR (to Alice or to Charlie) ``` cd bob veramo sdr create ``` Claim type = `employer` Claim type = `lastName` Use `did:web:alice-demo.ngrok.io` as subject DID. Show message received at Alice: ``` Received message sdr 81... ``` ## 5 Alice/Charlie SDR Response ``` cd alice veramo sdr respond ``` ## 6 ALICE Data explorer ``` cd alice veramo explore ``` Or add Alice to `Agent Explorer` (http://localhost:5000) ## 7 BOB Data explorer ``` cd bob veramo explore ``` Or add Bob to `Agent Explorer` (http://localhost:5000) ## 7 Charlie Data explorer ``` cd charlie veramo explore ``` Or add Charlie to `Agent Explorer` (http://localhost:5000) # Remote Agent ## Show Heroku deployment template ## Connect remote instance to local CI config # Include Instances in Agent Explorer Instance Local deployment at http://localhost:5000 - Add Alice (Dev Agent): `https://alice-demo.ngrok.io/open-api.json ` - Add Bob (Dev Agent): `https://bob-demo.ngrok.io/open-api.json ` - Add Heroku Instance (Hosted Agent): `https://rado0x54-veramo.herokuapp.com/open-api.json` API_KEY: `86b296461f1fd8092b482e5a08b759e0af5d20d8b40799dc2dcda318b3fe7e85`