From c43aa7ef3775b7cc85d27d56971960ea5bbd08eb Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Mon, 27 Nov 2023 11:54:47 -0600 Subject: [PATCH 1/3] add example files --- w3c-verifiable-credentials/README.md | 18 ++++++ .../artifacts/credential.json | 20 ++++++ .../artifacts/presentation.json | 25 ++++++++ w3c-verifiable-credentials/script.sh | 62 +++++++++++++++++++ 4 files changed, 125 insertions(+) create mode 100644 w3c-verifiable-credentials/README.md create mode 100644 w3c-verifiable-credentials/artifacts/credential.json create mode 100644 w3c-verifiable-credentials/artifacts/presentation.json create mode 100755 w3c-verifiable-credentials/script.sh diff --git a/w3c-verifiable-credentials/README.md b/w3c-verifiable-credentials/README.md new file mode 100644 index 0000000..b21214e --- /dev/null +++ b/w3c-verifiable-credentials/README.md @@ -0,0 +1,18 @@ + +## W3C Verifiable Credentials + +You will need a CLI that can produce and consume SCITT transparent statements. +This one supports RFC9162 and json, and is 🚧 EXPERIMENTAL 🚧. + +```sh +npm i -g @transmute/cli +``` + +### Make a Transparent W3C Verifiable Credential + +Signs the jsonld, registeres it with a test ledger, adds a receipt to the signature, producing a transparent w3c verifiable credential. + +```sh +./script.sh +``` + diff --git a/w3c-verifiable-credentials/artifacts/credential.json b/w3c-verifiable-credentials/artifacts/credential.json new file mode 100644 index 0000000..d456af2 --- /dev/null +++ b/w3c-verifiable-credentials/artifacts/credential.json @@ -0,0 +1,20 @@ +{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "id": "http://university.example/credentials/1872", + "type": [ + "VerifiableCredential", + "ExampleAlumniCredential" + ], + "issuer": "https://university.example/issuers/565049", + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "alumniOf": { + "id": "did:example:c276e12ec21ebfeb1f712ebc6f1", + "name": "Example University" + } + } +} \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/presentation.json b/w3c-verifiable-credentials/artifacts/presentation.json new file mode 100644 index 0000000..6e26988 --- /dev/null +++ b/w3c-verifiable-credentials/artifacts/presentation.json @@ -0,0 +1,25 @@ +{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "type": "VerifiablePresentation", + + "verifiableCredential": [{ + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "id": "http://university.example/credentials/1872", + "type": ["VerifiableCredential", "ExampleAlumniCredential"], + "issuer": "https://university.example/issuers/565049", + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "alumniOf": { + "id": "did:example:c276e12ec21ebfeb1f712ebc6f1", + "name": "Example University" + } + } + }] +} \ No newline at end of file diff --git a/w3c-verifiable-credentials/script.sh b/w3c-verifiable-credentials/script.sh new file mode 100755 index 0000000..c3623d5 --- /dev/null +++ b/w3c-verifiable-credentials/script.sh @@ -0,0 +1,62 @@ + + +transmute scitt key generate \ +--alg -35 \ +--output private-key.cbor + +transmute scitt key export \ +--input private-key.cbor \ +--output public-key.cbor + +transmute scitt key diagnose \ +--input public-key.cbor \ +--output artifacts/credential.json.issuer.public-key.cbor.md + +transmute scitt statement issue \ +--iss urn:example:123 \ +--sub urn:example:456 \ +--issuer-key private-key.cbor \ +--statement artifacts/credential.json \ +--signed-statement artifacts/credential.json.cbor + +transmute scitt statement issue \ +--iss urn:example:123 \ +--sub urn:example:456 \ +--issuer-key private-key.cbor \ +--statement artifacts/presentation.json \ +--signed-statement artifacts/presentation.json.cbor + +transmute scitt statement verify \ +--issuer-key public-key.cbor \ +--statement artifacts/credential.json \ +--signed-statement artifacts/credential.json.cbor \ + +transmute scitt ledger receipt issue \ +--iss urn:example:789 \ +--sub urn:example:abc \ +--issuer-key private-key.cbor \ +--signed-statement artifacts/credential.json.cbor \ +--transparent-statement artifacts/credential.json.cbor \ +--ledger artifacts/ledger.json + +transmute scitt ledger receipt issue \ +--iss urn:example:789 \ +--sub urn:example:abc \ +--issuer-key private-key.cbor \ +--signed-statement artifacts/presentation.json.cbor \ +--transparent-statement artifacts/presentation.json.cbor \ +--ledger artifacts/ledger.json + +transmute scitt transparent statement verify \ +--issuer-key public-key.cbor \ +--transparency-service-key public-key.cbor \ +--statement artifacts/credential.json \ +--transparent-statement artifacts/credential.json.cbor + +transmute scitt statement diagnose \ +--input artifacts/credential.json.cbor \ +--output artifacts/credential.json.cbor.with-transparency.md + +transmute scitt statement diagnose \ +--input artifacts/presentation.json.cbor \ +--output artifacts/presentation.json.cbor.with-transparency.md \ No newline at end of file From 729c3be02deb1d760ffbd5017ef8e0161d7dba81 Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Mon, 27 Nov 2023 11:55:54 -0600 Subject: [PATCH 2/3] add examples --- w3c-verifiable-credentials/.gitignore | 1 + .../artifacts/credential.json.cbor | Bin 0 -> 395 bytes .../credential.json.cbor.with-transparency.md | 65 ++++++++++++++++++ .../credential.json.issuer.public-key.cbor.md | 10 +++ .../artifacts/ledger.json | 8 +++ .../artifacts/presentation.json | 36 +++++----- .../artifacts/presentation.json.cbor | Bin 0 -> 430 bytes ...resentation.json.cbor.with-transparency.md | 65 ++++++++++++++++++ w3c-verifiable-credentials/public-key.cbor | Bin 0 -> 145 bytes 9 files changed, 169 insertions(+), 16 deletions(-) create mode 100644 w3c-verifiable-credentials/.gitignore create mode 100644 w3c-verifiable-credentials/artifacts/credential.json.cbor create mode 100644 w3c-verifiable-credentials/artifacts/credential.json.cbor.with-transparency.md create mode 100644 w3c-verifiable-credentials/artifacts/credential.json.issuer.public-key.cbor.md create mode 100644 w3c-verifiable-credentials/artifacts/ledger.json create mode 100644 w3c-verifiable-credentials/artifacts/presentation.json.cbor create mode 100644 w3c-verifiable-credentials/artifacts/presentation.json.cbor.with-transparency.md create mode 100644 w3c-verifiable-credentials/public-key.cbor diff --git a/w3c-verifiable-credentials/.gitignore b/w3c-verifiable-credentials/.gitignore new file mode 100644 index 0000000..f54ec7c --- /dev/null +++ b/w3c-verifiable-credentials/.gitignore @@ -0,0 +1 @@ +private-key.cbor \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/credential.json.cbor b/w3c-verifiable-credentials/artifacts/credential.json.cbor new file mode 100644 index 0000000000000000000000000000000000000000..2a1cc3a5275d67e0e8d4c343b95cf21e71da956d GIT binary patch literal 395 zcmccA5)r$E(L#y2AhDnzCo?&*Br`uxKdU%Dk0nAuyk6*Z--qSw<_v-sH%@%nno)aw z*<8I_|6cHxT1pyU4dGqHm|t3yXO&u!m|KvOYGr6-%!DFfVrsU~lF_Fz;=rYr2tSZL zM3`!k$B1sQxrHUF!HG%93oY(0RA_W*W@Kpi7Lkyq^EQ6s>3jQjO3pcSCyepZG_eC| zthc)AKQM+}I4Ea(Zk_j>%j-6pUeRtmmgC(rUq8}v?Y}K|q&L0X^TVdpBz9x|mM>pD zIQ7c@+m}sw@V@CkN6buZ$t~ZP%xhqLm7Q->4zz-^T&F&=_1^lFZ~BY^-oM3TjGrZn z_1@*mZ~4S>bf+duhgXDsRH#s!-OYLO%eHmIt#CVh=+@mxA<>j;lDXHvZ!T#T`J?(Z fRbZ~9j`g(ko3-m^D@(oI9=u5H|9AHozv6rV)%LJ5 literal 0 HcmV?d00001 diff --git a/w3c-verifiable-credentials/artifacts/credential.json.cbor.with-transparency.md b/w3c-verifiable-credentials/artifacts/credential.json.cbor.with-transparency.md new file mode 100644 index 0000000..c89e4e8 --- /dev/null +++ b/w3c-verifiable-credentials/artifacts/credential.json.cbor.with-transparency.md @@ -0,0 +1,65 @@ +~~~~ cbor-diag +18( / COSE Sign 1 / + [ + h'a4013822...3a343536', / Protected / + { / Unprotected / + -333: [ / Receipts (1) / + h'd284584e...6b6f3c77' / Receipt 1 / + ] + }, + nil, / Detached payload / + h'09772c7f...5c4e736f' / Signature / + ] +) +~~~~ + +~~~~ cbor-diag +{ / Protected / + 1: -35, / Algorithm / + 3: application/json, / Content type / + 4: h'177f12cb...1933d554', / Key identifier / + 13: { / CWT Claims / + 1: urn:example:123, / Issuer / + 2: urn:example:456, / Subject / + }, +} +~~~~ + +~~~~ cbor-diag +18( / COSE Sign 1 / + [ + h'a4013822...3a616263', / Protected / + { / Unprotected / + -222: { / Proofs / + -1: [ / Inclusion proofs (1) / + h'83010080', / Inclusion proof 1 / + ] + }, + }, + nil, / Detached payload / + h'662ced5f...6b6f3c77' / Signature / + ] +) +~~~~ + +~~~~ cbor-diag +{ / Protected / + 1: -35, / Algorithm / + 4: h'177f12cb...1933d554', / Key identifier / + -111: 1, / Verifiable Data Structure / + 13: { / CWT Claims / + 1: urn:example:789, / Issuer / + 2: urn:example:abc, / Subject / + }, +} +~~~~ + +~~~~ cbor-diag +[ / Inclusion proof 1 / + 1, / Tree size / + 0, / Leaf index / + [ / Inclusion hashes (0) / + + ] +] +~~~~ \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/credential.json.issuer.public-key.cbor.md b/w3c-verifiable-credentials/artifacts/credential.json.issuer.public-key.cbor.md new file mode 100644 index 0000000..f65661e --- /dev/null +++ b/w3c-verifiable-credentials/artifacts/credential.json.issuer.public-key.cbor.md @@ -0,0 +1,10 @@ +~~~~ cbor-diag +{ / COSE Key / + 1: 2, / Type / + 2: h'177f12cb...1933d554', / Identifier / + 3: -35, / Algorithm / + -1: 2, / Curve / + -2: h'0fbe22a0...3a009118', / x public key component / + -3: h'c9ab6a83...18ca36e2', / y public key component / +} +~~~~ \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/ledger.json b/w3c-verifiable-credentials/artifacts/ledger.json new file mode 100644 index 0000000..421f50b --- /dev/null +++ b/w3c-verifiable-credentials/artifacts/ledger.json @@ -0,0 +1,8 @@ +{ + "name": "scitt-ledger", + "version": "0.0.0", + "leaves": [ + "48f2fe25a4970bd8d7256b6ff52a1f73c2eabced75fbe6ffb9e6c953c6a6b322", + "98ed4cedcbfc8bfda210162d8eaf77d51f8f5f560d9ef840cbc3828debcb12c9" + ] +} \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/presentation.json b/w3c-verifiable-credentials/artifacts/presentation.json index 6e26988..dbf75b8 100644 --- a/w3c-verifiable-credentials/artifacts/presentation.json +++ b/w3c-verifiable-credentials/artifacts/presentation.json @@ -4,22 +4,26 @@ "https://www.w3.org/ns/credentials/examples/v2" ], "type": "VerifiablePresentation", - - "verifiableCredential": [{ - "@context": [ - "https://www.w3.org/ns/credentials/v2", - "https://www.w3.org/ns/credentials/examples/v2" - ], - "id": "http://university.example/credentials/1872", - "type": ["VerifiableCredential", "ExampleAlumniCredential"], - "issuer": "https://university.example/issuers/565049", - "validFrom": "2010-01-01T19:23:24Z", - "credentialSubject": { - "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", - "alumniOf": { - "id": "did:example:c276e12ec21ebfeb1f712ebc6f1", - "name": "Example University" + "verifiableCredential": [ + { + "@context": [ + "https://www.w3.org/ns/credentials/v2", + "https://www.w3.org/ns/credentials/examples/v2" + ], + "id": "http://university.example/credentials/1872", + "type": [ + "VerifiableCredential", + "ExampleAlumniCredential" + ], + "issuer": "https://university.example/issuers/565049", + "validFrom": "2010-01-01T19:23:24Z", + "credentialSubject": { + "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", + "alumniOf": { + "id": "did:example:c276e12ec21ebfeb1f712ebc6f1", + "name": "Example University" + } } } - }] + ] } \ No newline at end of file diff --git a/w3c-verifiable-credentials/artifacts/presentation.json.cbor b/w3c-verifiable-credentials/artifacts/presentation.json.cbor new file mode 100644 index 0000000000000000000000000000000000000000..fc0457ecd097acd92e2ccbd3ee6e9f75c40c677e GIT binary patch literal 430 zcmccA5)r$E(L#y2AhDnzCo?&*Br`uxKdU%Dk0nAuyk6*Z--qSw<_v-sH%@%nno)aw z*<8I_|6cHxT1pyU4dGqHm|t3yXO&u!m|KvOYGr6-%!DFfVrsU~lF_Fz;_;=H2tSZL zM3`!k$B1sQxrHUF!HG%93oY(0RA`J)Yi43>j8O3S^iOrkbnYA1RkQQIYRMNLdbQ_m z>F;O%cRo8Ad~DffrEd`lQSWW0ACG%Cu|hsfC5&&XZ2!tX`A4r!{Kq;?fmw1p!}Dp$ zZBnaxJN7Hs@(JWK&ePUlcparVXO{AO&y16H?A0|dv@(*)7QS51_4A#i;=Yb&E_}v6 zeexJsXZXIk?UQhEG0=+46N1Wxe>Z0=iCivm)Ym!1+;q(hy~dW4Gxpo%YjPA$UzQf! zC4Thgd4@JisTyAk$=7SM4l{e|o-kFN5xwEWlxWpeV~fj~fn&>9%y!YZZdS$$3$%L7$R6O$*XFEUOKh`^(Jc(eF3ARO{xmWU~_gy<2VBdDhn7t%c&^&^v%NE zZN$Ke7|J%{AOZt8A_7<-7k?7Vj_{`kHvkbh*vRy?XnohFoi5t`=nZu_88g*Xuj@gK literal 0 HcmV?d00001 From 1d2ba30aea34cf12547a10ed53561e7f9373cf58 Mon Sep 17 00:00:00 2001 From: Orie Steele Date: Thu, 30 Nov 2023 11:39:04 -0600 Subject: [PATCH 3/3] Update w3c-verifiable-credentials/README.md Co-authored-by: A.J. Stein Signed-off-by: Orie Steele --- w3c-verifiable-credentials/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/w3c-verifiable-credentials/README.md b/w3c-verifiable-credentials/README.md index b21214e..e7dd444 100644 --- a/w3c-verifiable-credentials/README.md +++ b/w3c-verifiable-credentials/README.md @@ -10,7 +10,7 @@ npm i -g @transmute/cli ### Make a Transparent W3C Verifiable Credential -Signs the jsonld, registeres it with a test ledger, adds a receipt to the signature, producing a transparent w3c verifiable credential. +Signs the jsonld, registers it with a test ledger, adds a receipt to the signature, producing a transparent w3c verifiable credential. ```sh ./script.sh