DTC Workflows - HackMD

# DTC Workflows ## DTC Anoncred Issuance Workflow 1. User installs Mobile App 2. User uses Mobile App to scan passport using OCR and NFC 3. Mobile App encodes passport data into an ICAO DTC credential stored on the phone 4. Mobile App establishes connection with DTC Issuer Agent 5. Mobile App sends ICAO DTC to DTC Issuer Agent via self-attested presentation 6. DTC Issuer Agent requests check of validity of ICAO DTC from ICAO DTC PKD service 7. ICAO DTC PKD service responds with validity result 8. DTC Issuer Agent offers a DTC Anoncred credential to the Mobile App 9. Mobile App presents the offer to the User 10. User accepts the credential offer on the Mobile App ```plantuml skinparam backgroundColor #fff skinparam handwritten false skinparam BoxPadding 10 skinparam ParticipantPadding 10 skinparam NoteFontSize 24 skinparam NoteBorderColor #f80 skinparam NoteBackgroundColor #fea skinparam sequenceArrowThickness 1 skinparam sequence { BoxFontSize 36 BoxBorderColor #555 BoxBackgroundColor #fbfbfb ActorFontColor #333 ActorFontSize 24 ActorFontName Arial ActorBorderColor #555 ActorBackgroundColor #ccc ParticipantFontName Arial ParticipantFontSize 24 ParticipantFontColor #333 ParticipantBorderColor #555 ParticipantBackgroundColor #eee LifeLineBorderColor #ccc LifeLineBackgroundColor #000 ArrowFontSize 24 ArrowColor #f80 DividerFontSize 24 } actor User participant "Mobile App" as Mobile participant "DTC Issuer Agent" as Issuer participant "ICAO DTC PKD" as ICAO == Registration == User -> Mobile: Install Mobile -> Mobile: Scan Passport Mobile -> Mobile: Encode ICAO DTC note over Mobile: ICAO DTC stored on Mobile App Mobile -> Issuer: Connect Mobile -> Issuer: Send ICAO DTC note over Issuer: ICAO DTC stored on\nDTC Issuer Agent\n(temporarily) note over Issuer: Passport attributes\nstored on\nDTC Issuer Agent Issuer -> ICAO: ICAO DTC validity request note over ICAO: Does ICAO store\nany information? ICAO -> Issuer: ICAO DTC validity result Issuer -> Mobile: Offer DTC Anoncred credential Mobile -> User: Display DTC\nAnoncred credential offer User -> Mobile: User accepts credential note over Mobile: DTC Anoncred credential\nstored on Mobile App ``` ## ED Card Workflow 1. User opens ED Card Website in a browser 2. ED Card Website requests and invitation URL from the Government Enterprise Agent 3. ED Card Website requests a verification of the DTC Anoncred 4. ED Card Website uses API to poll the Government Enterprise Agent for the verification result 5. Government Enterprise Agent returns an invitation URL 6. ED Card Website displays a QR code in the browser 7. User scans the QR code with the Mobile App 8. Mobile App connects to the Government Enterprise Agent 9. Government Enterprise Agent requests DTC Anoncred credential from the Mobile App 10. Mobile App presents request to User 11. User consents to share the DTC Anoncred credential 12. Mobile App sends the DTC Anoncred credential to the Government Enterprise Agent 13. Government Enterprise Agent parses details of DTC Anoncred credential 14. Government Enterprise Agent sends user demographic data to the ED Card Website (in response to one of the polling requests in #4) 15. ED Card Website collects user trip details, insurance, payment, etc. and stores collected user data (including user demographic data) in ED Card Database and Radex system 16. ED Card Website instructs Government Enterprise Agent to issue a Trusted Traveler credential to the User 17. Government Enterprise Agent offers a Trusted Traveler credential to the Mobile App 18. Mobile App presents the offer to the User 19. User accepts the credential offer on the Mobile App ```plantuml skinparam backgroundColor #fff skinparam handwritten false skinparam BoxPadding 10 skinparam ParticipantPadding 10 skinparam NoteFontSize 24 skinparam NoteBorderColor #f80 skinparam NoteBackgroundColor #fea skinparam sequenceArrowThickness 1 skinparam sequence { BoxFontSize 36 BoxBorderColor #555 BoxBackgroundColor #fbfbfb ActorFontColor #333 ActorFontSize 24 ActorFontName Arial ActorBorderColor #555 ActorBackgroundColor #ccc ParticipantFontName Arial ParticipantFontSize 24 ParticipantFontColor #333 ParticipantBorderColor #555 ParticipantBackgroundColor #eee LifeLineBorderColor #ccc LifeLineBackgroundColor #000 ArrowFontSize 24 ArrowColor #f80 DividerFontSize 24 } actor User participant "Mobile App" as Mobile participant "ED Card Website" as Website participant "Government Enterprise Agent" as Government User -> Website: Open in a browser Website -> Government: Request invitation URL Website -> Government: Request verification of DTC Website -> Government: Poll for verification results Government -> Website: Return invitation URL Website -> Website: Display QR code Mobile -> Website: Scan QR code Mobile -> Government: Connect Government -> Mobile: Request DTC\nAnoncred credential Mobile -> User: Request sharing of DTC\nAnoncred credential User -> Mobile: Authorize sharing of DTC\nAnoncred credential Mobile -> Government: Present DTC\nAnoncred credential Government -> Government: Interpret DTC\nAnoncred credential note over Government: DTC Anoncred\npresentation stored\n on Government Enterprise\nAgent (optional) Government -> Website: Send passport details Website -> Website: Collect and store user details note over Website: User passport, travel,\ninsurance details stored\non ED Card Website\nand in Radex system Website -> Government: Request to issue\nTrusted Traveler\ncredential to User Government -> Mobile: Offer Trusted\nTraveler credential Mobile -> User: Display Trusted Traveler\ncredential offer User -> Mobile: User accepts credential note over Mobile: Trusted Traveler credential\nstored on Mobile App ``` ## Trusted Traveler Verification Workflow 1. Verifier displays an invitation URL as a QR code 2. User scans QR code with Mobile App 3. Mobile App connects to Verifier Agent 4. Verifier Agent requests Trusted Traveler credential 5. User consents to share the Trusted Traveler credential 6. Mobile App sends the Trusted Traveler credential to the Verifier Agent 7. Verifier Agent interprets the presentation 8. Both Mobile App and Verifier Agent display the verification result ```plantuml skinparam backgroundColor #fff skinparam handwritten false skinparam BoxPadding 10 skinparam ParticipantPadding 10 skinparam NoteFontSize 24 skinparam NoteBorderColor #f80 skinparam NoteBackgroundColor #fea skinparam sequenceArrowThickness 1 skinparam sequence { BoxFontSize 36 BoxBorderColor #555 BoxBackgroundColor #fbfbfb ActorFontColor #333 ActorFontSize 24 ActorFontName Arial ActorBorderColor #555 ActorBackgroundColor #ccc ParticipantFontName Arial ParticipantFontSize 24 ParticipantFontColor #333 ParticipantBorderColor #555 ParticipantBackgroundColor #eee LifeLineBorderColor #ccc LifeLineBackgroundColor #000 ArrowFontSize 24 ArrowColor #f80 DividerFontSize 24 } actor User participant "Mobile App" as Mobile participant "Verifier Agent" as Verifier Verifier -> Verifier: Display QR code Mobile -> Verifier: Scan QR code Mobile -> Verifier: Connect Verifier -> Mobile: Request Trusted\nTraveler credential Mobile -> User: Request sharing of Trusted\nTraveler credential User -> Mobile: Authorize sharing of Trusted\nTraveler credential Mobile -> Verifier: Present Trusted\nTraveler credential Verifier -> Verifier: Interpret Trusted\nTraveler credential Verifier -> Mobile: Both agents display verification result note over Verifier: Trusted Traveler\npresentation stored\n on Verifier\nAgent (optional) ```