Sample code for issuing and verifying a JSON-LD credential with Veramo. See veramo.io for an introduction to Veramo.
In this version of the example we added the steps to create and verify a JSON-LD credentials with a did:ethr.
# install dependencies
yarn install
# run src/index.ts
yarn start
# or run the tests
yarn testsrc/setup.ts shows how to create a minimalistic agent that can manage did:key identifiers in memory
and use them to issue credentials.
src/credential-flow.ts shows how to use that agent to create a DID and issue and verify a credential.
Out of the box, Veramo works
with JWT credentials and presentations, but when you use
the CredentialIssuerLD plugin from @veramo/credential-ld your agent gains the ability to work
with JSON-LD credentials and presentations.
In this sample project, the agent creates a did:key identifier (which automatically creates the corresponding signing
key), and then uses that as the issuer of a credential which it later verifies.
Creating a credential as JSON-LD should be as simple as calling agent.createVerifiableCredential() and
using proofFormat: 'lds' in the options.
const verifiableCredential = await agent.createVerifiableCredential({
credential: {
'@context': [/*add your custom context URIs here*/],
issuer: issuer.did,
credentialSubject: {
// ...
}
},
proofFormat: 'lds' // this triggers the use of LD Signatures as proof
})There are, however, extra things to consider when working with JSON-LD.
JSON-LD requires all the contexts to make sense, so you will have to make sure that all the properties you use in the
credential payload are defined in one of the entries you add to @context. The properties defined by
the VC data model are automatically covered.
The context URIs you add to your credential[@context] array have to be resolvable by the CredentialIssuerLD plugin.
This can be done by adding extra mappings URI => context definition to the contextMaps constructor param for the
plugin.
Keep in mind that the same mappings need to be available to the verifier when credentials are verified, otherwise the LD signature will not match. Typically, this is done by having issuers and verifiers agree in advance, but this is out of scope here.
In this example, the same agent acts as both issuer and verifier, so the mappings are identical.
To make it work with a did:ethr, you need to add VeramoEcdsaSecp256k1RecoverySignature2020 to your agent setup.
Alternatively, you could call didManagerAddKey to add a Ed25519 key to your did:ethr DID document, but that's
probably more complicated.
Go to veramo on github. Contributions are welcome ;)
Join our discord for discussions.