From wallet's point of view above interactions can be grouped into 2 sections to accommodate user consent in between.
Step 1: Wallet accepting invitation from issuer, initiating credential issuance flow by sending propose credential message and receiving offer credential message from issuer. The offer credential message might include credential manifest, unsigned VC and optional presentation definition.
Step 2: Wallet displaying incoming credential to user using credential manifest and unsigned VC. Wallet can optionally show query result from presentation definition if sent by issuer.
Step 3: Once user gives consent, wallet can proceed with rest of the steps from issue credential protocol to conclude credential issuance interaction.
Proposed Interfaces in universal wallet: TBD
wallet to accept out-of-band invitation and initiate the issuance interaction (step#1 mentioned above).
// accept the invitation, send propose credential message, wait and return response including threadID, credential manifest, unsigned vc and optional parameters(domain, challenge, presentation definition).
let offer = await wallet.proposeCredential(invitation, from, timeout)
// Args
// invitation: out-of-band invitation
// from: optional in case of DIDComm V1 and a wallet can choose a specific DID to send the message in case of DIDComm V2
// timeout: optional timeout duration to wait for offer credential message from issuer.
wallet sends request credential message to issuer and waits for protocol to be completed (step#3 mentioned above).
// sends credential application message to issuer, waits for credential fulfillment message and optionally sends acknowledgment. Response of this call contains credential fullfilment sent by issuer.
let fulfillment = await wallet.requestCredential(thID, presentation, ack, timeout)
// Args
// thID: thread ID of the intercation.
// presentation: presentation to be submitted from wallet to issuer. Typically contains DIDAuth response or credentials if issuer has asked for presentation submissions.
// ack: optional argument to wait for protocol status to be done before returning.
// timeout: optional timeout duration to wait for offer credential message from issuer.
Example of issuance flow:
// accept invitation and initiate issuance interaction.
let offer = await wallet.proposeCredential(invitation, from, timeout)
const {thID, manifest, vc, domain, challenge, presentationDefinition} = offer
let query
if (presentationDefinition) {
query = {
type: "PresentationExchange",
credentialQuery: presentationDefinition
}
} else if (domain || challenge) {
query = {
type: "DIDAuth"
}
}
const presentation = await wallet.query([query], {domain, challenge})
/*
display incoming VC using manifest and unsigned VC to wallet user and get consent from user.
*/
// add proof to presentation (existing interface)
let vp = await wallet.prove(presentation, proofOptions)
// send request credential message and wait for ack.
let fullfilment = await wallet.requestCredential(thID, presentation, true, someTimeout)
Based on recent progress in Wallet And Credential Interactions spec, I would like to propose few interfaces in universal wallet to support WACI issuance flow.
According to wallet and credential Interactions for issuance, flow between prover(wallet) & issuer looks like this,
From wallet's point of view above interactions can be grouped into 2 sections to accommodate user consent in between.
Proposed Interfaces in universal wallet: TBD
wallet to accept out-of-band invitation and initiate the issuance interaction (step#1 mentioned above).
wallet sends request credential message to issuer and waits for protocol to be completed (step#3 mentioned above).
Example of issuance flow: