From 1a4f8548df722f7bdbd32d1bb97f20def1fd68a6 Mon Sep 17 00:00:00 2001 From: Allen Date: Wed, 26 Jan 2022 16:56:08 -0800 Subject: [PATCH 1/5] add basic aleo doc --- .../core-functions-with-aleo.md | 103 ++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 docs/didkit-examples/core-functions-with-aleo.md diff --git a/docs/didkit-examples/core-functions-with-aleo.md b/docs/didkit-examples/core-functions-with-aleo.md new file mode 100644 index 00000000..d782534b --- /dev/null +++ b/docs/didkit-examples/core-functions-with-aleo.md @@ -0,0 +1,103 @@ +--- +id: core-functions-with-aleo +title: Core Functions with Aleo +--- + +## Introduction + +DIDKit also supports the use of Aleo accounts as verifiable credentials. + +This is an example shell script using all the core functions of DIDKit-CLI: key +generation, credential/presentation issuance and verification. + +_Note 1: This script is meant to be in a DIDKit-CLI source directory. See the +complete script below for setup details._ + +_Note 2: Currently Aleo support is only available through the +`feat/aleo-sig-pkh` branch of the ssi library._ + +### Start with a keypair + +The SSI library can generate an Aleo keypair as an example: + +```bash +git clone https://github.com/spruceid/ssi +cd ssi +git checkout feat/aleo-sig-pkh +cargo run --example genaleojwk --features=aleosig > aleokey.jwk +``` + +You can also provide the details of an existing Aleo account, although you will +need to do some extra work for DIDKit to use it. + +The Aleo private JWK format used by DIDKit is non-standard. An example: + +```json +{ + "kty": "OKP", + "crv": "AleoTestnet1Key", + "x": "78_Jh_c7Fw46fX31xS9Ifdg_LeuabZ2p2aIl5fn9zw0", + "d": "f4a9dNLd0omQcg3SEajVHGqEqwFHDGD9yNc2xpzuiZ3sSJjIf5AnEYXWCQ" +} +``` + +The format is as follows: + +- kty: "OKP" +- crv: "AleoTestnet1Key" +- x: An Aleo account address derived from the private key using Aleo Testnet1 + parameters, as a Base64 value(without the "aleo" prefix that appears in its' + Base58 format) +- d: An Aleo private key converted from Base58 (where it starts with + "APrivateKey1") to Base64 value + +### Generate a DID:Key document + +This document gets wrapped around the keypair generated (or passed) in the +previous step. For more context on the DID:key method, see the +[specification](https://w3c-ccg.github.io/did-method-key/). + +```bash +key=aleokey.jwk +did=$(didkit key-to-did pkh:aleo -k $key) +``` + +### Issue the verifiable credential. + +- We ask DIDKit to issue a verifiable credential using the given keypair file. + +```bash +didkit vc-issue-credential -k $key <<-EOF +{ + "@context": ["https://www.w3.org/2018/credentials/v1"], + "type": ["VerifiableCredential"], + "issuer": "$did", + "issuanceDate": "$issued", + "credentialSubject": {} +} +EOF +``` + +### Verify a verifiable credential. + +TODO + +### Appendix: whole script without comments + +```bash +#!/bin/sh +set -ex +key=../ssi/tests/aleotestnet1-2021-11-22.json +did=$(didkit key-to-did pkh:aleo -k $key) +issued=$(date -uIsec) +didkit vc-issue-credential -k $key <<-EOF +{ + "@context": ["https://www.w3.org/2018/credentials/v1"], + "type": ["VerifiableCredential"], + "issuer": "$did", + "issuanceDate": "$issued", + "credentialSubject": {} +} +EOF +echo +``` From 484bda121b26861620dbfd89adace8aaa2e3454a Mon Sep 17 00:00:00 2001 From: Allen Date: Thu, 27 Jan 2022 12:48:55 -0800 Subject: [PATCH 2/5] finish up aleo docs --- .../core-functions-with-aleo.md | 39 +++++++++++++++---- docs/didkit-examples/index.md | 27 +++++++------ sidebars.js | 1 + 3 files changed, 47 insertions(+), 20 deletions(-) diff --git a/docs/didkit-examples/core-functions-with-aleo.md b/docs/didkit-examples/core-functions-with-aleo.md index d782534b..6901199c 100644 --- a/docs/didkit-examples/core-functions-with-aleo.md +++ b/docs/didkit-examples/core-functions-with-aleo.md @@ -14,7 +14,8 @@ _Note 1: This script is meant to be in a DIDKit-CLI source directory. See the complete script below for setup details._ _Note 2: Currently Aleo support is only available through the -`feat/aleo-sig-pkh` branch of the ssi library._ +`feat/aleo-sig-pkh` branch of the ssi library. When building the DIDKit CLI the +feature `ssi/aleosig` must also be enabled._ ### Start with a keypair @@ -46,7 +47,7 @@ The format is as follows: - kty: "OKP" - crv: "AleoTestnet1Key" - x: An Aleo account address derived from the private key using Aleo Testnet1 - parameters, as a Base64 value(without the "aleo" prefix that appears in its' + parameters, as a Base64 value (without the "aleo" prefix that appears in its' Base58 format) - d: An Aleo private key converted from Base58 (where it starts with "APrivateKey1") to Base64 value @@ -62,12 +63,14 @@ key=aleokey.jwk did=$(didkit key-to-did pkh:aleo -k $key) ``` -### Issue the verifiable credential. +### Prepare credential for issuing. -- We ask DIDKit to issue a verifiable credential using the given keypair file. +Here, we'll issue an example credential (unsigned) and save it to a file. For +more info about what these properties mean, see the Verifiable Credentials Data +Model [specification](https://w3c.github.io/vc-data-model/). ```bash -didkit vc-issue-credential -k $key <<-EOF +cat > credential-unsigned.jsonld < credential-signed.jsonld +``` + ### Verify a verifiable credential. -TODO +- We pass the newly-issued signed verifiable credential back to didkit for + verification. + +```bash +didkit vc-verify-credential < credential-signed.jsonld +``` ### Appendix: whole script without comments @@ -90,7 +108,8 @@ set -ex key=../ssi/tests/aleotestnet1-2021-11-22.json did=$(didkit key-to-did pkh:aleo -k $key) issued=$(date -uIsec) -didkit vc-issue-credential -k $key <<-EOF + +cat > credential-unsigned.jsonld < credential-signed.jsonld + +didkit vc-verify-credential < credential-signed.jsonld ``` diff --git a/docs/didkit-examples/index.md b/docs/didkit-examples/index.md index 754fae53..44f88165 100644 --- a/docs/didkit-examples/index.md +++ b/docs/didkit-examples/index.md @@ -5,20 +5,23 @@ slug: /didkit-examples/ sidebar_title: Overview --- -Coding is hard, and learning new tools is harder. For those who learn best by example, we have heavily commented some snippets and examples. +Coding is hard, and learning new tools is harder. For those who learn best by +example, we have heavily commented some snippets and examples. -|Tool|Example| -|---|---| -|DIDKit-CLI|[Core DID, VC, and VP functions (CLI)][]| -|DIDKit-CLI|[Batch generation/verification][]| -|DIDKit-HTTP|[Core DID, VC, and VP functions (HTTP)][]| -|DIDKit-Java, Authentication, Tomcat, CHAPI|[Github](https://github.com/spruceid/didkit/tree/main/examples/java-jsp#readme)| -|DIDKit-Java, Authentication, Maven, MySQL, Redis|[Github](https://github.com/spruceid/didkit/tree/main/examples/java-springboot#readme)| -|DIDKit-Node (Wasm), Blockchain Indexer|[JS Code](https://github.com/spruceid/tzprofiles/blob/main/api/service/index.js)| -|DIDKit-Node (Neon), Web Application, dApp|[JS Code](https://github.com/spruceid/tzprofiles/tree/main/dapp)| -|DIDKit-Python, [Django web framework](https://www.djangoproject.com/)|[example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python_django)| -|DIDKit-Python, [Flask web microframework](https://flask.palletsprojects.com/en/2.0.x/)|[example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python-flask/)| +| Tool | Example | +| -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | +| DIDKit-CLI | [Core DID, VC, and VP functions (CLI)][Core DID, VC, and VP functions (CLI)] | +| DIDKit-CLI | [Batch generation/verification][Batch generation/verification] | +| DIDKit-CLI | [Core functions using Aleo][Core functions using Aleo] | +| DIDKit-HTTP | [Core DID, VC, and VP functions (HTTP)][Core DID, VC, and VP functions (HTTP)] | +| DIDKit-Java, Authentication, Tomcat, CHAPI | [Github](https://github.com/spruceid/didkit/tree/main/examples/java-jsp#readme) | +| DIDKit-Java, Authentication, Maven, MySQL, Redis | [Github](https://github.com/spruceid/didkit/tree/main/examples/java-springboot#readme) | +| DIDKit-Node (Wasm), Blockchain Indexer | [JS Code](https://github.com/spruceid/tzprofiles/blob/main/api/service/index.js) | +| DIDKit-Node (Neon), Web Application, dApp | [JS Code](https://github.com/spruceid/tzprofiles/tree/main/dapp) | +| DIDKit-Python, [Django web framework](https://www.djangoproject.com/) | [example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python_django) | +| DIDKit-Python, [Flask web microframework](https://flask.palletsprojects.com/en/2.0.x/) | [example in GitHub](https://github.com/spruceid/didkit/tree/main/examples/python-flask/) | [Core DID, VC, and VP functions (CLI)]: didkit-examples/core-functions-in-bash.md +[Core functions using Aleo]: didkit-examples/core-functions-with-aleo.md [Core DID, VC, and VP functions (HTTP)]: didkit-examples/core-functions-in-curl.md [Batch generation/verification]: didkit-examples/batch-generation.md diff --git a/sidebars.js b/sidebars.js index 00c609bc..0e549776 100644 --- a/sidebars.js +++ b/sidebars.js @@ -29,6 +29,7 @@ module.exports = { 'didkit-examples/overview', 'didkit-examples/core-functions-in-bash', 'didkit-examples/core-functions-in-curl', + 'didkit-examples/core-functions-with-aleo', 'didkit/did-web', 'didkit-examples/batch-generation', 'didkit-examples/java-springboot', From df0279ad164646a1dd450059b2f8efb10ef0f925 Mon Sep 17 00:00:00 2001 From: Allen Date: Thu, 27 Jan 2022 13:37:47 -0800 Subject: [PATCH 3/5] Update docs/didkit-examples/core-functions-with-aleo.md Co-authored-by: Charles E. Lehner --- docs/didkit-examples/core-functions-with-aleo.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/didkit-examples/core-functions-with-aleo.md b/docs/didkit-examples/core-functions-with-aleo.md index 6901199c..595e707b 100644 --- a/docs/didkit-examples/core-functions-with-aleo.md +++ b/docs/didkit-examples/core-functions-with-aleo.md @@ -47,10 +47,10 @@ The format is as follows: - kty: "OKP" - crv: "AleoTestnet1Key" - x: An Aleo account address derived from the private key using Aleo Testnet1 - parameters, as a Base64 value (without the "aleo" prefix that appears in its' + parameters, as a Base64Url value (without the "aleo" prefix that appears in its Base58 format) - d: An Aleo private key converted from Base58 (where it starts with - "APrivateKey1") to Base64 value + "APrivateKey1") to Base64Url value ### Generate a DID:Key document From 36114972f02d48b98b221bb453b4056dcbba070f Mon Sep 17 00:00:00 2001 From: Allen Date: Thu, 27 Jan 2022 13:38:31 -0800 Subject: [PATCH 4/5] Update docs/didkit-examples/core-functions-with-aleo.md Co-authored-by: Charles E. Lehner --- docs/didkit-examples/core-functions-with-aleo.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/didkit-examples/core-functions-with-aleo.md b/docs/didkit-examples/core-functions-with-aleo.md index 595e707b..9ff76254 100644 --- a/docs/didkit-examples/core-functions-with-aleo.md +++ b/docs/didkit-examples/core-functions-with-aleo.md @@ -67,7 +67,7 @@ did=$(didkit key-to-did pkh:aleo -k $key) Here, we'll issue an example credential (unsigned) and save it to a file. For more info about what these properties mean, see the Verifiable Credentials Data -Model [specification](https://w3c.github.io/vc-data-model/). +Model [specification](https://www.w3.org/TR/vc-data-model/). ```bash cat > credential-unsigned.jsonld < Date: Fri, 28 Jan 2022 09:38:42 -0800 Subject: [PATCH 5/5] Update docs/didkit-examples/core-functions-with-aleo.md Co-authored-by: wyc --- docs/didkit-examples/core-functions-with-aleo.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/didkit-examples/core-functions-with-aleo.md b/docs/didkit-examples/core-functions-with-aleo.md index 9ff76254..5767f8c4 100644 --- a/docs/didkit-examples/core-functions-with-aleo.md +++ b/docs/didkit-examples/core-functions-with-aleo.md @@ -5,7 +5,7 @@ title: Core Functions with Aleo ## Introduction -DIDKit also supports the use of Aleo accounts as verifiable credentials. +DIDKit also supports the issuance and verification of Verifiable Credentials using Aleo accounts. This is an example shell script using all the core functions of DIDKit-CLI: key generation, credential/presentation issuance and verification.