Verification Implementation

[ChakshuGautam]

Hey everyone, was reading through this doc - https://www.w3.org/TR/vc-data-model/ and wanted to check on the parameter verificationMethod and how this is implemented in SunbirdRC (Github permalink to file would do). I was interested in decoupling the verification part just to improve my understanding of spec.

[pramodkvarma]

@dileepbapat how did we implement this in DIVOC? Did we provide public key URL? Anything else we provided?

@ChakshuGautam what do you mean by "decoupling"? I am curious.

[pramodkvarma]

Verification is outside Sunbird-RC. I think Sunbird-RC may have some reference code that can be used by verifying apps. Other than that Sunbird-RC is primarily issuer side framework when it comes to VCs.

[ChakshuGautam]

Got it. Even the reference implementation is really good and can become a standalone repository for verifying apps.

[ChakshuGautam]

Also, @pramodkvarma @dileepbapat @coolbung the concept of verifiable data registry
(https://www.w3.org/TR/vc-data-model/#dfn-verifiable-data-registries). Wanted to check how much of an overlap is there with Sunbird-RC? Any key difference?

[ChakshuGautam]

I am trying to use the W3C document to understand what Sunbird-RC is and what is it is not. Please let me know if I should use something else as an anchor for understanding this.

[pramodkvarma]

Sunbird-RC is a low code framework to instantiate such registries. Yes, Sunbird-RC can be used to create a "verifiable data registry" as a repository for VC storage and verification. It comes with default credential lifecycle APIs aa well.

But note that Sunbird-RC can be used for any kind of electronic verifiable registry (of people, entities, and things) beyond using it as credential registry. For example it can be used to easily create a company registry or a teacher registry or an blood donor registry or anything similar.

[dileepbapat]

In DIVOC verificationMethod is country specific did resolver (in the absence of trust network), we are using convention based URL to actually fetch the public key.

From sunbird-rc perspective it is customizable with credential template, Any IRI (did-method, https url) can be used. Under schema configure credentialTemplate is the one that can customize w3vc format.

[ChakshuGautam]

Hey @dileepbapat can you share with me a VC (JSON) and point me to an implementation (inside/outside of sunbird-rc) for a verifier that I can use for this. Thanks.

[dileepbapat]

you can refer https://github.com/egovernments/DIVOC/blob/main/backend/certificate_signer_library/tests/signer.test.js

[ChakshuGautam]

Thanks. This helps.

[ChakshuGautam]

The implementation here - https://github.com/egovernments/DIVOC/tree/main/backend/certificate_signer_library, are you planning to extract this out as a standalone library just as an implementation to W3C spec?

[pramodkvarma]

It is a good idea to ensure generic elements of DIVOC are in Sunbird-RC for wider scope and reuse. @dileepbapat

[dileepbapat]

👍 api / service layer is already there in sunbirdrc - https://github.com/Sunbird-RC/sunbird-rc-core/tree/main/services/certificate-signer. Library is reused we can move the code.

[pramodkvarma]

Super! Please do. Thanks.

[coolbung]

@ChakshuGautam this will be a good reference -
https://github.com/digitalbazaar/vc-js#issuing-a-verifiable-credential

It talks about a documentLoader which can be used to resolve a DID to the public key. Couldn't find documentLoader part of the VC spec, but it's a useful concept.