<style> code { white-space : pre-wrap !important; word-break: break-word; } </style> ### Machine-Readable Governance #### Theory, Code, and the Future ###### Mike Ebert and Simon Nazarenko --- ### Intro * We needed to build something and couldn't wait for a trust registry or other industry-wide system or standard * Very much a work in progress! --- ### Aren't Protocols Good Enough? * Protocols allow parties to agree on how to perform a single action * Protocols don't contain information about context, trust, or workflows --- ### Governance Framework > A governance framework (also called a trust framework in some contexts) is a set of rules that establish trust about processes (and indirectly, about outcomes) in a given context. > --Daniel Hardman https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0430-machine-readable-governance-frameworks --- ### Machine-Readable Governance > Governance frameworks... embodied in formal data structures, so it's possible to react to them with software, not just with human intelligence. > --Daniel Hardman https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0430-machine-readable-governance-frameworks ---- ### Machine-Readable Governance * Provide information about roots of trust * Organize the ecosystem by codifying rules, conventions, and standards ---- ### Machine-Readable Governance * Decouple (some) business logic from code * Provide flexibility to accommodate change and avoid having to frequently re-release or update agents ---- ### Machine-Readable Governance Example * Ecosystem for a VC trial * We needed to build some roots of trust for a specific ecosystem ---- ### Machine-Readable Governance Example We started with defining the ecosystem's assets, actions, and authorizations. ---- ### Machine-Readable Governance Here are some components of what we're building: * Governance files * Schemas * Presentation definitions --- ### Governance Files Governance files act like the glue that holds all of the machine-readable governance together ---- ### Governance Files * Allow a jurisdiction to act with sovereignty * Can be cached to improve offline operations * Can be hand edited or tool generated ---- ### Governance Files * We have written code that responds to governance when present but functions without it * Agents can utilize governance but aren't bound to it (but caveat emptor!) --- ### Governance Files: Metadata Metadata provides important context about governance, in a machine-readable format, that may not be available anywhere else ---- ### Governance Files: Metadata ```json! { "@context": ["https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0430-machine-readable-governance-frameworks/context.jsonld"], "name": "Aruba Travel Governance", "version": "0.2", // Content "format": "1.0", // Structure "id": "<uuid>", "description": "This document describes travel governance for the nation of Aruba in a machine readable way.", "last_updated": "2021-10-02", "docs_uri": "need_to_create", "data_uri": "need_to_create", "topics": [ "medical", "travel" ], "jurisdictions": [ "US>NY>New York City", "ON", "AW" ], "geos": [ "New York City", "Ontario" "Aruba" ], ``` ---- ### Governance Files: Metadata * To Do: Add network/ledger information * To Do: Add mediator information * To Do: Add recourse information? --- ### Governance Files: Schemas * Schemas and their attributes are the foundation of trusted data * Governance files should provide the schema IDs in use in the ecosystem ---- ### Governance Files: Schemas ```json! "schemas": [ { "id": "4CLG5pU5v294VdkMWxSByZ:2:Email:1.0", "name": "Validated Email", }, { "id": "4CLG5pU5v294VdkMWxSByZ:2:SMS:1.0", "name": "SMS", }, { "id": "4CLG5pU5v294VdkMWxSByZ:2:Medical_Release:1.0", "name": "Medical Release", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4", "name": "Lab Order", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "name": "Lab Result", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine:1.4", "name": "Vaccine", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "name": "Vaccine Exemption", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4", "name": "Trusted Traveler", } ``` --- ### Governance Files: Participants * Including a list of trusted participants allows agents (and users) to understand which are trusted by the publisher of the governance file * If a trusted participant misbehaves, corrective action or recourse may be described in linked documents * To Do: Add invitations ---- ### Governance Files: Participants ```json! "participants": [ { "name": "Aruba Government", "id": "did:example:government", "describe": { "label": "Aruba", "sublabel": "Aruba Government", "website": "issuinggovernmentsite.org", "email": "credential_manager@issuinggovernmentsite.org" } }, { "name": "Health Lab of Aruba", "id": "did:example:hospital", "describe": { "label": "Horacio Oduber Hospital", "sublabel": "General Horacio Oduber Hospital of Aruba", "website": "issuinglabsite.com", "email": "credential_manager@issuinglabsite.com" } }, { "name": "Hilton Casino", "id": "did:example:casino", "describe": { "label": "Hilton Resort and Casino", "sublabel": "Verifying Org", "website": "verifyingorgsite.com", "email": "verifying_manager@verifyingorgsite.com" } }, ... ], ``` --- ### Governance Files: Roles * Roles categorize participants in the ecosystem * Roles help others understand what to expect * Participants can have multiple roles if necessary ---- ### Governance Files: Roles ```json! "roles": [ "holder", "health_issuer", "travel_issuer", "health_verifier", "travel_verifier", "hospitality_verifier" ], ``` --- ### Governance Files: Permissions * Permissions link participants to roles * To Do: We could a VC so participants would need to prove they're authorized ---- ### Governance Files: Permissions ```json! "permissions": [ // Roles mapped to participants { "grant": ["health_issuer"], "when": { "any": [ {"id": "did:example:hospital"}, {"id": "did:example:lab"} ] } }, { "grant": ["travel_issuer"], "when": { "any": [ {"id": "did:example:government"} ] } }, { "grant": ["health_verifier"], "when": { "any": [ {"id": "did:example:government"} ] } }, { "grant": ["travel_verifier"], "when": { "any": [ {"id": "did:example:airport"} ] } }, { "grant": ["hospitality_verifier"], "when": { "any": [ {"id": "did:example:casino"} ] } } ], ``` --- ### Governance Files: Actions * Describe what can happen in the system * Describe how that action is supposed to happen ---- ### Governance Files: Actions ```json! "actions": [ // Actions are a name associated with a protocol (and sometimes a schema) { "name": "connect", "protocol": "https://didcomm.org/connections/1.0/", "startmessage": "invitation", "details": {} }, { "name": "issue_lab_order", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "issue_lab_result", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "issue_vaccine", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "issue_vaccine_exemption", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "issue_trusted_traveler", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4", "presentation_definition": "http://localhost:3100/api/presentation-exchange" // Development only, replace with a hashlink in production } }, { "name": "verify_identity", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": {} }, { "name": "verify_lab_order", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "verify_lab_result", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "verify_vaccine", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "verify_vaccine_exemption", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "presentation_definition": "hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD" } }, { "name": "verify_trusted_traveler", "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "details": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4", "presentation_definition": [ { "travel_verifier": "hl:zm9YZpCjPLPJ4Epc:z3TSgXTuaHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPQyLHy" }, { "hospitality_verifier": "hl:zm9YZpCjPLPJ4Epc:z3TSgXTuaHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPQyLHy" } ] } } ], ``` --- ### Presentation Definitions The DIF's spec for presentation exchange provides enough horsepower to do some amazing things https://identity.foundation/presentation-exchange/ ---- ### Presentation Definitions We link in presentation definitions using a hash link so you can verify you're using the same version of the presentation definition as when you specified it in your governance hl:zm9YZpCjPLPJ4Epc:z3TSgaEFFHxY2tsArhUreJ4ixgw9NW7DYuQ9QTPUJFDD ---- ### Presentation Definitions ```json! { "name": "Trusted Traveler Presentation Definition", "purpose": "Multi-vaccine and more...", "comment": "VP, OIDC, DIDComm, or CHAPI outer wrapper here", // Optional "presentation_definition": { "id": "32f54163-7166-48f1-93d8-ff217bdb0653", // Required "submission_requirements": [{ // Optional "name": "Trusted Traveler Health Proof", "rule": "pick", // Can be "pick" or "all" only "count": 1, // We need count only if choose to pick "from": "Health Proof Options" }], ``` ---- ### Presentation Definitions ```json! "input_descriptors": [ { "id": "health_input_3", "name": "Lab_Result", "group": [ "Health Proof Option" ], "purpose": "stuff", "schema": [ { "uri": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "required": "true" } ], ``` ---- ### Presentation Definitions ```json! "constraints": { "fields": [ { "path": [ "$.mpid" ], "filter": { "type": "string" } }, { "path": [ "$.patient_local_id" ], "filter": { "type": "string" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_given_names" ], "filter": { "type": "string" } }, { "path": [ "$.patient_date_of_birth" ], "filter": { "type": "string" } }, { "path": [ "$.patient_gender_legal" ], "filter": { "type": "string" } }, { "path": [ "$.patient_street_address" ], "filter": { "type": "string" } }, { "path": [ "$.patient_city" ], "filter": { "type": "string" } }, { "path": [ "$.patient_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.patient_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.patient_country" ], "filter": { "type": "string" } }, { "path": [ "$.patient_phone" ], "filter": { "type": "string" } }, { "path": [ "$.patient_email" ], "filter": { "type": "string" } }, { "path": [ "$.lab_observation_date_time" ], "filter": { "type": "string" } }, { "path": [ "$.lab_result" ], "filter": { "type": "string", "oneOf": [ { "const": "Negative", "dependent_fields": [ { "path": [ "$.lab_specimen_collected_date" ], "filter": { "type": "string", "minimum": "today:-:259200" } } ] }, { "const": "Positive", "dependent_fields": [ { "path": [ "$.lab_specimen_collected_date" ], "filter": { "type": "string", "maximum": "today:-:2419200" } } ] } ] } }, ... ``` --- ### Present Proof In an ideal world... present proof v. 2.1, agents that understand DIF presentation exchange ---- ### Present Proof Current code base... present proof v. 1.0, we have to generate potentially many proof requests --- ### Presentation Validation Use the presentation definition to evaluate whether a presentation meets requirements --- ### Governance: Brief Demo --- ### Future: Workflows * Scripted series of actions * Can encode using interaction documents, including error cases * Can respond to and respect protocol state machine ---- ### Future: Workflows Much credit due to Keith Smith from the Aries Working Group, we started with his presentation https://wiki.hyperledger.org/pages/viewpage.action?pageId=54658628 ---- ### Future: Actions * Event "bus" * Event emitters * Event listeners --- ### Future: Composability * "Inherit" from another governance file as a starting point * Reference certain sections from other governance --- ### Future: Discoverability * How to share governance for various jurisdictions? * Directories, ratings * Feature discovery protocol or another new protocol/message --- ### Future: Trust Registries & Machine Readable Governance * Could be a way to aggregate references to governance files * Could be used to generate the participants/permissions/etc. sections * Could help secure governance files ---- ### Future: Trust Registries & Machine Readable Governance * There are some potential problems with trust registries: * Phone home problem * Single point of failure problem ---- ### Future: Trust Registries & Machine Readable Governance * Working with governance files, we can overcome some of these problems * Distribution of governance * Caching --- ### Full Sample Governance File ```json! { "@context": [ "https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0430-machine-readable-governance-frameworks/context.jsonld" ], "name": "COVID Governance", "version": "0.1", "format": "1.0", "id": "<uuid>", "description": "This document describes COVID health and travel governance for the nation of ___ in a machine readable way.", "last_updated": "2022-03-29", "docs_uri": "need_to_create", "data_uri": "need_to_create", "topics": [ "medical, travel" ], "jurisdictions": [ "US>NY>New York City", "US>PA" ], "geos": [ "USA", ], "schemas": [ { "id": "4CLG5pU5v294VdkMWxSByu:2:Medical_Release:1.0", "name": "Medical Release", }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Order:1.4", "name": "Lab Order" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "name": "Lab Result" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "name": "Vaccine" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "name": "Vaccine Exemption" }, { "id": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4", "name": "Trusted Traveler" } ], "participants": [ { "name": "Country Government", "id": "RqeuBcho2Br1wszHpnseMf", "describe": { "label": "Country Government", "sublabel": "Government", "website": "issuinggovernmentsite.org", "email": "credential_manager@issuinggovernmentsite.org" } }, { "name": "Local Health Lab", "id": "APk7kmMyzM4VTUkFUACrky", "describe": { "label": "Health Lab", "sublabel": "Local Health Lab", "website": "issuinglabsite.com", "email": "credential_manager@issuinglabsite.com" } }, { "name": "Large Event Venue", "id": "7CyC6bkX93tcMvLQCbpTqM", "describe": { "label": "Event Venue", "sublabel": "Large Event Venue", "website": "verifyingorgsite.com", "email": "verifying_manager@verifyingorgsite.com" } } ], "roles": [ "holder", "health_issuer", "travel_issuer", "health_verifier", "travel_verifier", "hospitality_verifier" ], "permissions": [ { "grant": ["health_issuer"], "when": { "any": [ {"id": "APk7kmMyzM4VTUkFUACrky"}, ] } }, { "grant": ["travel_issuer"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["health_verifier"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["travel_verifier"], "when": { "any": [ {"id": "RqeuBcho2Br1wszHpnseMf"} ] } }, { "grant": ["hospitality_verifier"], "when": { "any": [ {"id": "7CyC6bkX93tcMvLQCbpTqM"} ] } } ], "actions": [ { "name": "connect-holder-health-issuer", "role": [ "health_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/connections/1.0/", "startmessage": "invitation" }, "next": { "success": "ask-demographics", "error": "some-kind-of-error-handler..." } }, { "name": "ask-demographics", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/questionAnswer/1.0/", "startmessage": "question", "question_answer": [ { "question": "Have you received a Medical Release credential from Health Lab before?" }, { "question_detail": "Please select an option below:" }, { "valid_responses": [ { "text": "I need a new credential" }, { "text": "I already have a credential" } ] } ] }, "next": { "success": "decision-medical-release-option", "error": "some-kind-of-error-handler..." } }, { "name": "decision-medical-release-option", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "medical_release_option", "options": [ { "values": [ "I need a new credential" ], "next": "request-identity-presentation" }, { "values": [ "I already have a credential" ], "next": "request-presentation" } ] }, "next": { "success": "default", "error": "some-kind-of-error-handler..." } }, { "name": "request-identity-presentation", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": ["request-presentation"] }, "next": { "success": "decision-country-of-origin", "error": "some-kind-of-error-handler..." } }, { "name": "request-presentation", "role": [ "health_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": ["request-presentation"] }, "next": { "success": "decision-country-of-origin", "error": "some-kind-of-error-handler..." } }, { "name": "decision-country-of-origin", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "country_of_origin", "options": [ { "values": [ ], "next": "reject-country" }, { "values": [ ], "next": "select-health-credentials" } ] }, "next": { "success": "select-health-credentials", "error": "some-kind-of-error-handler..." } }, { "name": "select-health-credentials", "role": [ "health_issuer" ], "type": "decision", "data": { "input_name": "requested_health_credential", "options": [ { "values": [ "lab_result" ], "next": "validate-lab-result" }, { "values": [ "exemption" ], "next": "validate-exemption" }, { "values": [ "vaccination" ], "next": "validate-vaccination" } ] }, "next": { "success": "lab_result", "error": "some-kind-of-error-handler..." } }, { "name": "issue-lab-result", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "issue-exemption", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Exemption:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "issue-vaccination", "role": [ "health_issuer" ], "type": "protocol", "data": { "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential" }, "next": { "success": "request-health-proof", "error": "some-kind-of-error-handler..." } }, { "name": "request-health-proof", "role": [ "travel_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "request-presentation", "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "verify-health-credential", "error": "some-kind-of-error-handler..." } }, { "name": "verify-health-credential", "role": [ "travel_issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/present-proof/1.0/", "startmessage": "request-presentation", "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "validate-health-credential", "error": "some-kind-of-error-handler..." } }, { "name": "validate-health-credential", "role": [ "travel_issuer" ], "type": "protocol", "data": { "presentation_definition": "http://localhost:3100/api/presentation-exchange" }, "next": { "success": "issue-trusted-traveler", "error": "some-kind-of-error-handler..." } }, { "name": "issue-trusted-traveler", "role": [ "travel_issuer" ], "initial": true, "type": "protocol", "data": { "protocol": "https://didcomm.org/issue-credential/1.0/", "startmessage": "offer-credential", "schema": "RuuJwd3JMffNwZ43DcJKN1:2:Trusted_Traveler:1.4" } }, { "name": "reject-country", "role": [ "travel-issuer" ], "type": "protocol", "data": { "protocol": "https://didcomm.org/basic-message/1.0/", "startmessage": "send-message", "content": "We're sorry, your country is not approved for entry by Government" } }, { "name": "submit-payment", "role": [ "point-of-sale" ], "type": "api", "data": { "api": "https://paymentmagic.com", "method": "POST", "attributes": [ "customer_name", "customer_date_of_birth", "customer_billing_address", "customer_shipping_address", "credit_card_number", "credit_card_expiration", "credit_card_security_code" ] } } ] } ``` --- ### Full Sample Presentation Definition ```json! { "name": "Trusted Traveler Presentation Definition", "purpose": "Multi-vaccine and more...", "comment": "VP, OIDC, DIDComm, or CHAPI outer wrapper here", "presentation_definition": { "id": "32f54163-7166-48f1-93d8-ff217bdb0653", "submission_requirements": [ { "name": "Trusted Traveler Health Proof", "rule": "pick", "count": 1, "from": "Health Proof Option" } ], "input_descriptors": [ { "id": "health_input_1", "name": "Vaccine_Exemption", "group": [ "Health Proof Option" ], "purpose": "stuff", "schema": [ { "uri": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccine_Exemption:1.4", "required": "true" } ], "constraints": { "fields": [ { "path": [ "$.mpid" ], "id": "12345", // Optional "purpose": "Master patient identifier of source that wrote the record to the ledger", // Optional "filter": { // Required "predicate": "required", // Optional "type": "string", // Required "pattern": "did:example:gov1|did:example:gov2" // Optional } }, { "path": [ "$.credentialSubject.patient_local_id", // Normalizing the differences in structure between JSON-LD/JWT-based Verifiable Credentials and vanilla JSON Web Tokens (JWTs) [RFC7519]. "$.vc.credentialSubject.patient_local_id", "$.patient_local_id" ], "filter": { "type": "number", "pattern": "^[0-9]{9}|^([a-zA-Z]){4}([a-zA-Z]){2}([0-9a-zA-Z]){2}([0-9a-zA-Z]{3})?$" // Optional } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_given_names" ], "filter": { "type": "string" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_date_of_birth" ], "filter": { "type": "string", "format": "date" } }, { "path": [ "$.patient_gender_legal" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.patient_street_address" ], "filter": { "type": "string" } }, { "path": [ "$.patient_city" ], "filter": { "type": "string" } }, { "path": [ "$.patient_state_province_region" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.patient_postalcode" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.patient_country" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.patient_phone" ], "filter": { "type": "number", "pattern": "" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_email" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.exemption_record_id" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_requestor" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_requestor_relationship" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_issue_date" ], "filter": { "type": "string", "format": "date" } }, { "path": [ "$.exemption_state_province_region" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.exemption_country" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.exemption_type" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_permanent" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_note" ], "filter": { "type": "boolean", "pattern": "true" } }, { "path": [ "$.exemption_from_all" ], "filter": { "type": "string" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "boolean", "pattern": "true" } }, { "path": [ "$.exemption_diseases_code" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_disease_code_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_disease_code_name" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_given_names" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_full_name" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_license_number" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_license_type" ], "filter": { "type": "string" } }, { "path": [ "$.exemption_medical_physician_license_state_province_region" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.exemption_medical_physician_license_country" ], "filter": { "type": "string", "pattern": "" } }, { "path": [ "$.exemption_expiration_date" ], "filter": { "type": "string", "format": "date", "exclusiveMinimum": "today", "required": "true" } }, { "path": [ "$.exemption_credential_issuer" ], "filter": { "type": "string" } }, { "path": [ "$.certificate_original_issuer" ], "filter": { "type": "string" } }, { "path": [ "$.certificate_original_identifier" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issuer_name" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issue_date" ], "filter": { "type": "string", "format": "date" } } ] } }, { "id": "health_input_2", "name": "Vaccination", "group": [ "Health Proof Option" ], "purpose": "stuff", "schema": [ { "uri": "RuuJwd3JMffNwZ43DcJKN1:2:Vaccination:1.4", "required": "true" } ], "constraints": { "fields": [ { "path": [ "$.mpid" ], "filter": { "type": "string" } }, { "path": [ "$.patient_local_id" ], "filter": { "type": "string" } }, { "path": [ "$.sending_facility" ], "filter": { "type": "string" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_given_names" ], "filter": { "type": "string" } }, { "path": [ "$.patient_date_of_birth" ], "filter": { "type": "string", "format": "date" } }, { "path": [ "$.patient_gender_legal" ], "filter": { "type": "string" } }, { "path": [ "$.patient_street_address" ], "filter": { "type": "string" } }, { "path": [ "$.patient_city" ], "filter": { "type": "string" } }, { "path": [ "$.patient_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.patient_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.patient_country" ], "filter": { "type": "string" } }, { "path": [ "$.patient_phone" ], "filter": { "type": "number", "pattern": "" } }, { "path": [ "$.patient_email" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_record_id" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_facility_id" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_facility_id_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_facility_name" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_country" ], "filter": { "type": "string", "pattern": "^[0-9]{9}|^([a-zA-Z]){4}([a-zA-Z]){2}([0-9a-zA-Z]){2}([0-9a-zA-Z]{3})?$" } }, { "path": [ "$.vaccine_administration_date" ], "filter": { "type": "string", "exclusiveMaximum": "today:-:1209600" } }, { "path": [ "$.vaccine_dose_number" ], "filter": { "type": "number" } }, { "path": [ "$.vaccine_series_complete" ], "filter": { "const": "true", "type": "boolean", "pattern": "true" } }, { "path": [ "$.vaccine_lot_number" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_code" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_code_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_code_name" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_manufacturer_code" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_manufacturer_code_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_manufacturer_code_name" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_disease_target_code" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_disease_target_code_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_disease_target_name" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_provider_id" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_provider_id_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_administration_provider_fullname" ], "filter": { "type": "string" } }, { "path": [ "$.vaccine_education_reference_material" ], "filter": { "type": "string" } }, { "path": [ "$.certificate_original_issuer" ], "filter": { "type": "string" } }, { "path": [ "$.certificate_original_identifier" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issuer_name" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issue_date" ], "filter": { "type": "string", "format": "date" } } ] } }, { "id": "health_input_3", "name": "Lab_Result", "group": [ "Health Proof Option", ], "purpose": "stuff", "schema": [ { "uri": "RuuJwd3JMffNwZ43DcJKN1:2:Lab_Result:1.4", "required": "true" } ], "constraints": { "fields": [ { "path": [ "$.mpid" ], "filter": { "type": "string" } }, { "path": [ "$.patient_local_id" ], "filter": { "type": "string" } }, { "path": [ "$.patient_surnames" ], "filter": { "type": "string" } }, { "path": [ "$.patient_given_names" ], "filter": { "type": "string" } }, { "path": [ "$.patient_date_of_birth" ], "filter": { "type": "string" } }, { "path": [ "$.patient_gender_legal" ], "filter": { "type": "string" } }, { "path": [ "$.patient_street_address" ], "filter": { "type": "string" } }, { "path": [ "$.patient_city" ], "filter": { "type": "string" } }, { "path": [ "$.patient_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.patient_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.patient_country" ], "filter": { "type": "string" } }, { "path": [ "$.patient_phone" ], "filter": { "type": "string" } }, { "path": [ "$.patient_email" ], "filter": { "type": "string" } }, { "path": [ "$.lab_observation_date_time" ], "filter": { "type": "string" } }, { "path": [ "$.lab_result" ], "filter": { "type": "string", "oneOf": [ { "const": "Negative", "dependent_fields": [ { "path": [ "$.lab_specimen_collected_date" ], "filter": { "type": "string", "minimum": "today:-:259200" } } ] }, { "const": "Positive", "dependent_fields": [ { "path": [ "$.lab_specimen_collected_date" ], "filter": { "type": "string", "maximum": "today:-:2419200" } } ] } ] } }, { "path": [ "$.lab_specimen_type" ], "filter": { "type": "string" } }, { "path": [ "$.lab_result_status" ], "filter": { "type": "string" } }, { "path": [ "$.lab_coding_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.lab_code" ], "filter": { "type": "string" } }, { "path": [ "$.lab_description" ], "filter": { "type": "string" } }, { "path": [ "$.lab_order_id" ], "filter": { "type": "string" } }, { "path": [ "$.lab_normality" ], "filter": { "type": "string" } }, { "path": [ "$.lab_comment" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_id" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_id_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_name" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.ordering_facility_country" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_id" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_id_qualifier" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_name" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_state_province_region" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_postalcode" ], "filter": { "type": "string" } }, { "path": [ "$.performing_laboratory_country" ], "filter": { "type": "string" } }, { "path": [ "$.lab_performed_by" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issuer_name" ], "filter": { "type": "string" } }, { "path": [ "$.credential_issue_date" ], "filter": { "type": "string" } } ] } } ] } } ``` --- ### Thank You! mike@indicio.tech simon@indicio.tech