chore: new VerifiableCredentialDecorator model

DominikPinsel commented 8 months ago

This is the first Pull Request of multiple ones to enable the SSI library, to handle Verifiable Credentials with Json-LD signature (internal) and JWT signature (external).

I assume that there will be multiple pull requests / changes necessary. This PR would be the initial one. In the following text I would like to outline the whole concept and then create follow PRs for the different parts.

Please tell me what you think. Not only about the introduced class, but also about the proposed changes.

Concept Verifiable Credential as JWT

VerifiablePresentation and VerifiableCredental data model becomes obsolete.
- As the Verifiable Credential can only represent JSON data and the Verifiable Presentation can only contain Verifiable Credentials in JSON form these models cannot be used for JWT data. They become obsolete to be represented by another data type.
Introduction of VerifiableCredentialDecorator and VerifiablePresentationDecorator. The idea is to have models that are able to wrap ether JSON or JWT data.
Introduction of new Reader classes, that are able to parse a Verifiable Credential or Verifiable Presentation by String, decide themself whether the data is JSON or JWT and return a one of the wrapper object mentioned above.
Introduce new Verifiable Credential validation class, that takes a String or a VerifiableCredentialDecorator. This validation class is able to check JWT and JSON signatures, expiration times, issuer and signer identity-equality etc. As the validation checks multiple aspects instead of a boolean value it returns an array of found violations.
Introduce a new Verifiable Presentation validation class. Should look nearly identical than the validation class described above.
After these new components are introduced to the library the following changes would be more straightforward. Several components, like the SignedJWTFactory, need to be updated to not only support the VerifiableCredential type, but also the VerifiableCredentialDecorator data type.
I would like to mark most of the stuff that currently uses VerifiableCredential and VerifiablePresentation types as obsolete, so that they can be removed in a few months.

_{Dominik Pinsel dominik.pinsel@mercedes-benz.com, Mercedes-Benz Tech Innovation GmbH, legal info/Impressum}

borisrizov-zf commented 8 months ago

@mustafasalfiti hi, can you also participate, as you already have some insight into the JWT VC.

borisrizov-zf commented 7 months ago

I've read through your proposal and it seems that you've misinterpreted the specs. We only intend to represent the JSON-LD version of the VC in JWT, not to translate all fields to JWT. You can read more here: https://www.w3.org/TR/vc-data-model/#identifiers In the id section you'll find an example of a VC encoded as JWT.

DominikPinsel commented 2 months ago

I'm not sure anymore whether I've time in the next weeks to contribute all these changes. Therefore I would close this PR. If this is important for upcoming features please reach out and I will try to make some time.

eclipse-tractusx / SSI-agent-lib

chore: new VerifiableCredentialDecorator model #87