What does your offer credential contain?

[vongohren]

What we need to work out here are commonalities and where do we need to adjust according to the spec of JFF. Meaning that we find a shared JSON structure inside the attachement or where do we put the layer

[vongohren]

{
  "id": "632d37e3188cc241743e7b8e",
  "to": [
    "did:key:z6Mknr8VZzAwecsS2Bugncp47dbHuSzhjGz4khcvm5KCSUCR"
  ],
  "typ": "application/didcomm-plain+json",
  "type": "https://didcomm.org/issue-credential/2.0/offer-credential",
  "from": "did:key:z6MkkgfrEB9gSvpJui6yLmqHhcuuLjto9QXKCSa4WtHai4KR",
  "thid": "70142c08-3780-4cdc-a92c-925523c3912b",
  "attachments": [
    {
      "@id": "2d011a70-b72e-42d5-82bd-d7a268f17346",
      "mime-type": "application/json",
      "data": {
        "json": {
          "challenge": "c3172dcf-32ed-489b-bca9-ab01a7f2d7ef",
          "domain": "diwala.io/AccountCredential",
          "credential_manifest": {
            "id": "diwala-account-credential",
            "version": "0.0.1",
            "issuer": {
              "id": "did:key:z6MkkgfrEB9gSvpJui6yLmqHhcuuLjto9QXKCSa4WtHai4KR",
              "name": "Diwala"
            },
            "output_descriptors": [
              {
                "id": "just-a-description",
                "schema": "http://diwala.io/schemas/0.0.1/diwala-account-credential.json",
                "name": "Diwala Account Credential",
                "description": "This credential is used for learning purposes so that you know how credentials work"
              }
            ]
          }
        }
      }
    }
  ]
}

[brianorwhatever]

{
  "type": "https://didcomm.org/issue-credential/3.0/offer-credential",
  "id": "d0020042f777b87a41d10a224a735e74c0a8eaf127725786b6b20c893f147c81",
  "thid": "d00100bdf7f4b473232b49bc2a11dbda0ff10d418ba571205b252aa14dd294e1",
  "from": "did:web:aviary.id",
  "to": [
    "did:peer:2.Ez6LSpSrLxbAhg2SHwKk7kwpsH7DM7QjFS5iK6qP87eViohud.Vz6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V.SeyJ0IjoiZG0iLCJzIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9lbmRwb2ludDEiLCJyIjpbImRpZDpleGFtcGxlOnNvbWVtZWRpYXRvciNzb21la2V5MSJdLCJhIjpbImRpZGNvbW0vdjIiLCJkaWRjb21tL2FpcDI7ZW52PXJmYzU4NyJdfQ"
  ],
  "body": {

  },
  "attachments": [
    {
      "id": "d000005316af70f19435f50a02f35caf607eccc5e6b4f8e5550e2bca9e33cb41",
      "media_type": "application/json",
      "format": "dif/credential-manifest/manifest@v1.0",
      "data": {
        "json": {
          "options": {
            "challenge": "c13abd0fe67fcd1f3513e32b1ed5ad7c721e598ea0d1b9334ffecaa8e1a2fce6",
            "domain": "aviary.vc"
          },
          "credential_manifest": {
            "id": "c001006f847f39073113b0ed862ff88c3c49669b4bbf5a30fcbec9f62d35cf98",
            "version": "0.1.0",
            "issuer": {
              "id": "did:web:aviary.id",
              "name": "Aviary Tech"
            },
            "format": {
              "ldp_vc": {
                "proof_type": [
                  "Ed25519Signature2018",
                  "JsonWebSignature2020"
                ]
              }
            },
            "output_descriptors": [
              {
                "id": "c00200131bb229a058775ebe3134286b577210e7a90d2b44d29d2f603b744bdd",
                "schema": "https://purl.imsglobal.org/spec/ob/v3p0/vocab.html#OpenBadgeCredential"
              }
            ],
            "presentation_definition": {
              "id": "c00400f85e0aae79eb62b099a4aab4eb54cc99df6ca444b83a6fb04c580c3380",
              "input_descriptors": [
                {
                  "id": "c0070016b96e89a02934d4a35b81c0890dd49cb6bc2cb1db32bcf705f5be7b98",
                  "name": "DID Authentication",
                  "purpose": "We need to verify you control this DID.",
                  "constraints": {
                    "fields": [
                      {
                        "path": [
                          "$.proof.challenge"
                        ],
                        "filter": {
                          "type": "string",
                          "const": "c13abd0fe67fcd1f3513e32b1ed5ad7c721e598ea0d1b9334ffecaa8e1a2fce6"
                        }
                      }
                    ]
                  }
                }
              ]
            }
          }
        }
      }
    },
    {
      "id": "d00000ac36c945bf833a8d3f125cb3ee2fe75fbc489a43a38cb358baf342e7f1",
      "media_type": "application/json",
      "format": "dif/credential-manifest/fulfillment@v1.0",
      "data": {
        "json": {
          "@context": [
            "https://www.w3.org/2018/credentials/v1",
            "https://identity.foundation/credential-manifest/fulfillment/v1"
          ],
          "type": [
            "VerifiablePresentation",
            "CredentialFulfillment"
          ],
          "fulfillment": {
            "id": "c005002084078c09825a2e71ac66d37a05c808604181fd76886040fcc9a6f1d1",
            "manifest_id": "c001006f847f39073113b0ed862ff88c3c49669b4bbf5a30fcbec9f62d35cf98",
            "descriptor_map": [
              {
                "id": "16762842a53579c48363ab639cc8846a5a1cfaa057211b1739e3ec29870494a6",
                "format": "ldp_vc",
                "path": "$.verifiableCredential[0]"
              }
            ]
          },
          "verifiableCredential": [
            {
              "@context": [
                "https://www.w3.org/2018/credentials/v1",
                "https://purl.imsglobal.org/spec/ob/v3p0/context.json"
              ],
              "id": "urn:uuid:a63a60be-f4af-491c-87fc-2c8fd3007a58",
              "type": [
                "VerifiableCredential",
                "OpenBadgeCredential"
              ],
              "name": "JFF x vc-edu PlugFest 2 Interoperability",
              "issuer": {
                "type": [
                  "Profile"
                ],
                "id": "did:key:z6MktiSzqF9kqwdU8VkdBKx56EYzXfpgnNPUAGznpicNiWfn",
                "name": "Jobs for the Future (JFF)",
                "url": "https://www.jff.org/",
                "image": "https://w3c-ccg.github.io/vc-ed/plugfest-1-2022/images/JFF_LogoLockup.png"
              },
              "issuanceDate": "2022-11-14T00:00:00Z",
              "credentialSubject": {
                "type": [
                  "AchievementSubject"
                ],
                "achievement": {
                  "id": "urn:uuid:bd6d9316-f7ae-4073-a1e5-2f7f5bd22922",
                  "type": [
                    "Achievement"
                  ],
                  "name": "JFF x vc-edu PlugFest 2 Interoperability",
                  "description": "This credential solution supports the use of OBv3 and w3c Verifiable Credentials and is interoperable with at least two other solutions.  This was demonstrated successfully during JFF x vc-edu PlugFest 2.",
                  "criteria": {
                    "narrative": "Solutions providers earned this badge by demonstrating interoperability between multiple providers based on the OBv3 candidate final standard, with some additional required fields. Credential issuers earning this badge successfully issued a credential into at least two wallets.  Wallet implementers earning this badge successfully displayed credentials issued by at least two different credential issuers."
                  },
                  "image": {
                    "id": "https://w3c-ccg.github.io/vc-ed/plugfest-2-2022/images/JFF-VC-EDU-PLUGFEST2-badge-image.png",
                    "type": "Image"
                  }
                }
              }
            }
          ]
        }
      }
    }
  ]
}

[vongohren]

@brianorwhatever cool cool thanks for sharing! I see we have a lot of work on aligning where we go on this. I assume this falls back to the specific profile one follow and that DIDCom has alot of options of where it can go.

Want to elaborate on what each message does so what we can get an understanding of its values :D

[brianorwhatever]

Yep - keep in mind this is my planned approach, i am still working on implementation so am not set in stone on any of this. I pulled this from the WACI profile while trying to understand how credential manifest works. some adjustments for our use case as well.

first attachment (d000005316af70f19435f50a02f35caf607eccc5e6b4f8e5550e2bca9e33cb41):

• This is a credential manifest object with the following properties:
  • issuer: describes the issuer
  • format: describes the proof types the issuer is offering
  • output_descriptors: describes the schema (https://purl.imsglobal.org/spec/ob/v3p0/vocab.html#OpenBadgeCredential) of the VC the issuer is offering
  • presentation_definition: describes the presentation the issuer wants to see before it will issue a VC. In this case a simple DID Authentication (see #4)

second attachment (d00000ac36c945bf833a8d3f125cb3ee2fe75fbc489a43a38cb358baf342e7f1):

• This is credential fulfillment object which, now that I look at it with fresh eyes, appears to be out of alignment with CM and should be reworked into a Credential Response object. But the general idea is that the issuer is describing in detail the credential it is offering up.
  • fulfillment.manifest_id: correlates with the previously mentioned credential manifest object
  • fulfillment.descriptor_map: describes where to find the offered credential
  • verifiableCredential: example of the credential being offered (pulled from the JFF example)
• This whole thing is wrapped in a VerifiablePresentation which I notice now is missing it's proof, which would include the challenge and domain from the DID Authentication request above.

So - Credential Manifest looks like it still has moving pieces which are not in alignment with above. It looks like it will do what we want for this but I still need to study it a bit more. I wonder if I should drop it..

[brianorwhatever]

Note: I removed the credentialSubject.id from the offered credential as that is what the holder will fill in during their 'request-credential` message

[brianorwhatever]

Note: I updated the presentation definition to only have a challenge and no domain. I'm getting confused in PE so this will make it simpler

[vongohren]

Currently working on some actionsteps forward to agree: https://docs.google.com/spreadsheets/d/1ntGKxERXOAlazV8QcwcqShUG_5g0IN9jtVYPw5GTR-Y/edit?disco=AAAAiaGzyd8

But we want to do credential manifest, and that does involve multiple attachments. So to understand this better its time to freshen up the credential manifest spec

[vongohren]

Did we get any further with the community on alignment here? I asked in the DID com group today, a bit late, but started a bit.

Aslong as we say, we want to support credential manifest, we might have to as credentila manifest group for thoughst around the exchange attachments? Who will that be?

[brianorwhatever]

We have decided to drop the "fulfillment" side of the CM object in the offer message. The minimum message which still allows for DID Auth is below

{
  "type": "https://didcomm.org/issue-credential/3.0/offer-credential",
  "id": "d0020042f777b87a41d10a224a735e74c0a8eaf127725786b6b20c893f147c81",
  "thid": "d00100bdf7f4b473232b49bc2a11dbda0ff10d418ba571205b252aa14dd294e1",
  "from": "did:web:aviary.id",
  "to": [
    "did:peer:2.Ez6LSpSrLxbAhg2SHwKk7kwpsH7DM7QjFS5iK6qP87eViohud.Vz6MkqRYqQiSgvZQdnBytw86Qbs2ZWUkGv22od935YF4s8M7V.SeyJ0IjoiZG0iLCJzIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9lbmRwb2ludDEiLCJyIjpbImRpZDpleGFtcGxlOnNvbWVtZWRpYXRvciNzb21la2V5MSJdLCJhIjpbImRpZGNvbW0vdjIiLCJkaWRjb21tL2FpcDI7ZW52PXJmYzU4NyJdfQ"
  ],
  "body": {

  },
  "attachments": [
    {
      "id": "d000005316af70f19435f50a02f35caf607eccc5e6b4f8e5550e2bca9e33cb41",
      "media_type": "application/json",
      "format": "dif/credential-manifest/manifest@v1.0",
      "data": {
        "json": {
          "options": {
            "challenge": "c13abd0fe67fcd1f3513e32b1ed5ad7c721e598ea0d1b9334ffecaa8e1a2fce6"
          },
          "credential_manifest": {
            "id": "c001006f847f39073113b0ed862ff88c3c49669b4bbf5a30fcbec9f62d35cf98",
            "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/",
            "issuer": {
              "id": "did:web:aviary.id",
              "name": "Aviary Tech"
            },
            "format": {
              "ldp_vc": {
                "proof_type": [
                  "Ed25519Signature2018"
                ]
              }
            },
            "output_descriptors": [
              {
                "id": "c00200131bb229a058775ebe3134286b577210e7a90d2b44d29d2f603b744bdd",
                "schema": "https://purl.imsglobal.org/spec/ob/v3p0/vocab.html#OpenBadgeCredential"
              }
            ],
            "presentation_definition": {
              "id": "c00400f85e0aae79eb62b099a4aab4eb54cc99df6ca444b83a6fb04c580c3380",
              "input_descriptors": [
                {
                  "id": "c0070016b96e89a02934d4a35b81c0890dd49cb6bc2cb1db32bcf705f5be7b98",
                  "name": "DID Authentication",
                  "purpose": "We need to verify you control this DID.",
                  "constraints": {
                    "fields": [
                      {
                        "path": [
                          "$.proof.challenge"
                        ],
                        "filter": {
                          "type": "string",
                          "const": "c13abd0fe67fcd1f3513e32b1ed5ad7c721e598ea0d1b9334ffecaa8e1a2fce6"
                        }
                      }
                    ]
                  }
                }
              ]
            }
          }
        }
      }
    }
  ]
}

[brianorwhatever]

what I implemented below

{
    "id": "a678d7562a6f1d3d3a46d9da3c9cfede6f27bee0442da833e4e4c29cf7d4f1ee",
    "typ": "application/didcomm-plain+json",
    "type": "https://didcomm.org/issue-credential/3.0/offer-credential",
    "body": {},
    "from": "did:web:verifiable.ink",
    "to": [
        "did:peer:2.Vz6MknQLpgecyvcdpXSAmiAeMVxLYyFuggVEoNxuXEt5oScMn.Ez6LSo5h8SnuaqSkxkN9fWFM2GQMXcnQkp8C94ttA5GwLRHW1.SeyJpZCI6IiNkaWRjb21tIiwidCI6ImRtIiwicyI6Imh0dHBzOi8vcG9ydGN1bGxpcy4xa2VlcC5jb20vZGlkY29tbSIsInIiOlsiZGlkOndlYjpwb3J0Y3VsbGlzLjFrZWVwLmNvbSJdfQ"
    ],
    "thid": "28eec678f1b860daddc7d775fcfcf15d7310ea692e62e8b6f4518d4c0f35bdb0",
    "attachments": [
        {
            "data": {
                "json": {
                    "credential_manifest": {
                        "format": {
                            "ldp_vc": {
                                "proof_type": [
                                    "JsonWebSignature2020"
                                ]
                            }
                        },
                        "id": "b82273315d664fcd72c901f2a80c4fe35f4c78a5b90af670ca2efc19af5d2510",
                        "issuer": {
                            "id": "did:web:verifiable.ink",
                            "name": "Verifiable Ink"
                        },
                        "output_descriptors": [
                            {
                                "schema": "https://purl.imsglobal.org/spec/ob/v3p0/context.json#OpenBadgeCredential"
                            }
                        ],
                        "presentation_definition": {
                            "id": "adb9348af72cc15d36ebfdcfe10001b7a85bf9e606483bae7dcb0b50dbeb070b",
                            "input_descriptors": [
                                {
                                    "constraints": {
                                        "fields": [
                                            {
                                                "filter": {
                                                    "const": "6980f6339e8baed1fd1f315ed88523f6a181eb5a29236f1667a23a1ca83821ae",
                                                    "type": "string"
                                                },
                                                "path": [
                                                    "$.proof.challenge"
                                                ]
                                            }
                                        ]
                                    },
                                    "id": "5b703aa8277807b01c4e821b183e875bd37fef3bfa3ed9f8de47b86ef3beed2d",
                                    "name": "DID Authentication",
                                    "purpose": "We need to verify you control this DID."
                                }
                            ]
                        },
                        "spec_version": "https://identity.foundation/credential-manifest/spec/v1.0.0/"
                    },
                    "options": {
                        "challenge": "6980f6339e8baed1fd1f315ed88523f6a181eb5a29236f1667a23a1ca83821ae"
                    }
                }
            },
            "id": "82cc93be4d9461c3069b71efdd8a2e27206e7ef14ab6896a8348b15a1497eab1",
            "media_type": "application/json",
            "format": "dif/credential-manifest/manifest@v1.0"
        }
    ]
}