A verifier application to enable the Digital Age Verification process involving the BC Person credential. This application is designed so that it can also be used for other use cases involving different presentation request template.
See here for more background and architectural info.
Running lcrb-dav will standup an aca-py
service with it's associated storage, controller
service with it's FastAPI backend, vanilla JavaScript frontend relying on Jinja2 template and polling GET
endpoints, and Mongo database.
The Digital Age Verification service was built as a usable prototype to validate the age verification use-case and provide implementers with an example to be used as reference when implementing age verification. The project has been retired as it is not going to be actively maintained, but still serves its purpose of demonstrating the technical stack and potential integration patterns.
Each developer must apply for an Ngrok token here. Then place the token into the .env-dev file within the docker directory.
NGROK_AUTHTOKEN=<your token here>
If you want to run the project in production mode, follow the instructions here.
To run the project in local development mode, open a shell in the docker folder and run the following commands:
./manage build
: this command will build the controller image. This step is required the first time the project is run, and when dependencies in change in the requirements file(s)../manage start
: this will start the project.env
file) execute ./manage rm
.A list of all available commands is visible by executing ./manage -h
.
The project is set-up to run without needing any external dependencies by default, using a standalone agent in read-only that will target the ledgers specified in ledgers.yaml.
Before starting up lcrv-dav, a couple of things need to be considered:
/docker/dav-controller/proof_config.yaml
. This specifies the proof request template which will be used to generate the actual requests and corresponding QR codes. As seen with example yaml config below, it is possible to specify multiple proof request templates:
age-verification-bc-person-credential
and age-verification-bc-person-credential-more-info
are the proof config identifiers.proof-request
specifies the template for the proof request generation.$now
[current datetime as integer] and $threshold_date_19
[19 yr back birthdate as integer] are currently supported for this.request_attributes
and request_predicates
are autogenerated and updated.ui-revealed-attribs
specifies which attribs need to be revealed in the UIdisplay-text
specifies the header text to shown in the UI
age-verification-bc-person-credential:
proof-request:
name: age-verification
version: "1.0"
requested_attributes:
- names:
- picture
restrictions:
- schema_name: Person
non_revoked:
from: $now
to: $now
requested_predicates:
- name: birthdate_dateint
p_type: <=
p_value: $threshold_date_19
restrictions:
- schema_name: Person
non_revoked:
from: $now
to: $now
ui-revealed-attribs:
- picture
display-text: Scanning this QR code will verify age and identity.
age-verification-bc-person-credential-more-info:
proof-request:
name: age-verification-more-info
version: "1.0"
requested_attributes:
- names:
- picture
- given_names
- family_name
- country
restrictions:
- schema_name: Person
non_revoked:
from: $now
to: $now
requested_predicates:
- name: birthdate_dateint
p_type: <=
p_value: $threshold_date_19
restrictions:
- schema_name: Person
non_revoked:
from: $now
to: $now
ui-revealed-attribs:
- picture
- given_names
- family_name
- country
display-text: Scanning this QR code will verify age and reveal name, country and picture.
## proof configuration selection
export DAV_PROOF_CONFIG_ID="age-verification-bc-person-credential"
http://localhost:5000/
.
Scan the QR code with BC Wallet application and proceed with the on screen instruction to complete the present-proof exchange and verify yourself.
If needed, you can obtain a Person Credential from the BC Wallet Showcase by completing the lawyer demo.Several functions in lcrb-dav can be tweaked by using the following environment variables.
Variable | Type | What it does | NOTES |
---|---|---|---|
USE_OOB_PRESENT_PROOF | bool | if True, the present-proof request will be provided as a an out of band invitation with a present-proof request inside. If False, the present-proof request will be use the service-decorator | TRUE: BC Wallet supports our OOB Message with a minor glitch, BiFold, Lissi, Trinsic, and Estatus all read the QR code as 'Invalid' FALSE: Works with |
LOG_WITH_JSON | bool | If True, logging output should printed as JSON if False it will be pretty printed. | Default behavior will print as JSON. |
LOG_TIMESTAMP_FORMAT | string | determines the timestamp formatting used in logs | Default is "iso" |
LOG_LEVEL | "DEBUG", "INFO", "WARNING", or "ERROR" | sets the minimum log level that will be printed to standard out | Defaults to DEBUG |
DAV_PROOF_CONFIG_ID | "age-verification-bc-person-credential" | sets the proof template config to be used | Defaults to "age-verification-bc-person-credential" |