search

impierce / ssi-agent

An eIDAS 2.0-compliant Self Sovereign Identity Agent that connects European Identity Wallets to your IT systems
https://www.impierce.com
Apache License 2.0
14 stars 3 forks source link

Implement OpenID4VP #22

Open JelleMillenaar opened 9 months ago

JelleMillenaar commented 9 months ago

Description

Add OpenID4VP standard to the Agent for requesting and verifying credentials. Similarly to OpenID4VCI implementation, the agent must have a method to generating an auth_request that can be displayed as a QR-code on the "front-end" (of the implementer). This should be exposed by the REST API. The Presentation Definition should probably be pre-registered in the settings with an identifier, which is then used in the API call to trigger the correct data request. Feel free to make a better design if you have it ;)

The Validation of received Verifiable Presentations need to allow either of two solutions depending on the chosen policy (defined beforehand in the settings):

  1. Internal Validation: Which is a strict validation (signature must be valid, not expired etc...), including a simple pre-defined trust list. 2: External Validation: Sends an event with the VP information for it to be validated externally to the Agent. The Event must be responded to with the results of the External Validation.

At the end of the process, another Event should be sent out with the conclusions of the exchange. This includes the data and the validation results.

Feel free to add missing information or ideas to this issue.

Motivation

Increase SSI functionality with Validation.

Resources

No response

To-do List

JelleMillenaar commented 8 months ago

Additional context based on internal discussions: Presentation Sequence