From d3568d71cd1872c0785c47ecc832a7784908068b Mon Sep 17 00:00:00 2001
From: "Michael B. Jones" Concrete Lifecycle Example
verifiable credential in a digital wallet.
+{ // set the context, which establishes the special terms we will be using // such as 'issuer' and 'alumniOf'. @@ -951,22 +951,6 @@@@ -983,7 +967,7 @@Concrete Lifecycle Example
// name of the university "name": "Example University" } - }, - // digital proof that makes the credential tamper-evident - // see the NOTE at end of this section for more detail - "proof": { - // the type of embedded proof securing the verifiable credential - "type": "DataIntegrityProof", - // the name of the cryptographic signature suite - "cryptosuite": "eddsa-2022", - // the date the signature was created - "created": "2023-06-18T21:19:10Z", - // purpose of this proof - "proofPurpose": "assertionMethod", - // the identifier of the public key that can verify the signature - "verificationMethod": "https://university.example/issuers/565049#key-123", - // the digital signature value - "proofValue": "zQeVbY4oey5q2M3XKaxup3tmzN4DRFTLVqpLMweBrSxMY2xHX5XTYV8nQApmEcqaqA3Q1gVHMrXFkXJeV6doDwLWx" } } Concrete Lifecycle Example
verifiable presentation. The verifiable presentation is sent to the verifier and verified. -+{ "@context": [ "https://www.w3.org/ns/credentials/v2", @@ -1006,39 +990,17 @@Concrete Lifecycle Example
"id": "did:example:c276e12ec21ebfeb1f712ebc6f1", "name": "Example University" } - }, - "proof": { - "type": "DataIntegrityProof", - "cryptosuite": "eddsa-2022", - "created": "2023-06-18T21:19:10Z", - "proofPurpose": "assertionMethod", - "verificationMethod": "https://university.example/issuers/565049#key-1", - "proofValue": "zQeVbY4oey5q2M3XKaxup3tmzN4DRFTLVqpLMweBrSxMY2xHX5XTYV8nQA - pmEcqaqA3Q1gVHMrXFkXJeV6doDwLWx" } - }], - // digital signature by Pat on the presentation - // protects against replay attacks - "proof": { - "type": "DataIntegrityProof", - "cryptosuite": "eddsa-2022", - "created": "2018-09-14T21:19:10Z", - "proofPurpose": "authentication", - "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1", - // 'challenge' and 'domain' protect against replay attacks - "challenge": "1f44d55f-f161-4938-a659-f8026467f126", - "domain": "4jt78h47fh47", - "proofValue": "zqpLMweBrSxMY2xHX5XTYV8nQAJeV6doDwLWxQeVbY4oey5q2pmEcqaqA3Q1 - gVHMrXFkXM3XKaxup3tmzN4DRFTLV" - } + }] }-Implementers that are interested in understanding more about the -
proof
mechanism used above can learn more in Section and by reading the following specifications: -Data Integrity [[VC-DATA-INTEGRITY]] and the "Proofs" section of the Verifiable +The examples above are unsecured. +Implementers that are interested in understanding more about +securing Verifiable Credentials can see the specifications +Securing Verifiable Credentials using JOSE and COSE [[VC-JOSE-COSE]] and +Verifiable Credential Data Integrity [[VC-DATA-INTEGRITY]] and the "Proofs" section of the Verifiable Credential Specifications Directory [[VC-SPECS]].