Privado - Interaction with service

# Privado - Interaction with service Toni's flow: 1. The exchange does a proof request for an specific user: - challenge (to ensure the ZKP includes this value) - user reference - callback url (to get notified when the proof is ready) 2. The user will be notified by system that the exchange want do a proof with his/her data. The user can give consent or not 3. [Approved] Privado Network will ask Identity system to generate a proof that includes the challenge 4. [Approved] The Proof will be generated - Toni, which proof will be generated? kyc or kycBySignatures? - Ideally the full ZKP should be generated, but it the proof is not ready, then whe should return the signed one. We may add a field to the response to say with kind of signature we are returning. - We need save this new proof? - I really don't know, this is a decision we have to take, maybe talking with Silvia. - When we can use the new proof? - What do you mean by new proof? 5. [Approved] Privado Network will call `callback url` to send the proof to exchange 6. [Approved] The exchange will be able to validate the proof by calling a Privado Network endpoint (that will wrap the Identity System validation endpoin t) 7. [Denied] Will call thje `callback url` to notify that the user does not give consent to share his/her proof. Everything can be saved on database ## Questions ### Question to Silvia and Rafal It’s not a problem there so many proofs to an user? It’s not necessary know the proof generated on onboarding? We need save the new proof generated? ### Challenge - Nowadays, the system is using the hardcoded challenge `1234567`. The way to generate proof is the same if the challenge change? Yes - We need provide some endpoint to save this challenge to endpoint, think about the VASP onboarding process? ### Missing - What has to be done between point 3 and 5? generate new proof? Yes ## Private endpoints ### GET /v1/interactions/?token=token&vasp_id=vasp_id return a list of done interactions of an user ### POST /v1/users/consent/?token=token ```json= { "consent": "yes|no" } ``` Give the consent to share a proof of owner token (user). This endpoint will going to dispatch or not the creation of new proof [3 and 4 points]. To do that, the user should be logged in the wallet (?). - [ ] Do we have a page to user consent the use of his/her data? - [ ] Not yet - [ ] Maybe we need create a token with a big OTT - [ ] The expiration of this token must be decided. ## Public endpoints ### POST /v1/proof/request/ ProofRequest GivenConsent NotGivenConsent ProofShared body: ```json= { "userReference": "", "challenge": 12345, "callback": "url" } ``` This endpoint will going to dispatch the email to the user asking for give consent - [ ] Define email template ### POST /v1/proof/verify/ body: ```json= { "proof": "" } ``` ###### tags: `privado`