In late March 2019, the VON team created AgentBook to demonstrate the interoperability of independently created agents. These agents were able to successfully establish DID-based communication channels. Now, with IIWBook, we’ve added a (literal) new layer by extending the core of AgentBook with the ability to exchange verifiable credentials. Even more exciting, through collaboration with Streetcred.id and Spark New Zealand, we have a mobile agent (or two!).
This IIWBook demo is one of the first examples of a full verifiable credential-based exchange where participants will be able to establish digital trust. This will be accomplished via two verifiable credential issuing services and the ability of participants to connect to each other, agent-to-agent, and request proofs based on the credentials they have received from these issuing services.
The following is a guide to get started with the IIWBook demo. Grab your phone and let’s get started!
The goal of this demo is to show how Hyperledger Indy-based compatible agents can be used to:
- set up agent-to-agent communication
- verify and issue credentials
- send proofs
Credentials contain a set of claims that refer to a qualification, achievement, personal quality, or aspect of an entity that can be used to establish trust online in countless contexts—including identity. Using a mobile agent called Streetcred: Identity Agent (for Apple or Android), you can collect credentials (in particular, your email and IIW attendance record).
This demo steps you through the process of obtaining two credentials—that’s pretty cool in itself. However, keep in mind that by obtaining verifiable credentials and establishing connections with your peers at the conference, you are demonstrating the power of self-sovereign identity. Your credentials prove things about you so others know for certain they are talking to you! Conversely, when you connect to others and they prove who they are, you can be certain they are who they say they are. That is powerful.
The following illustration shows the process involved in obtaining verifiable credentials from the two services (Email Verification Services and IIWBook) built for this demo. The two services are typical enterprise-style applications but in addition, they each have their own agent and a public DID, which enables them to issue verifiable credentials.
- On your mobile device, install the Streetcred Identity Agent app from the Apple App Store or Google Play Store.
- Initialize the Streetcred app and then configure it to use the “BCovrin Test” instead of the default “Sovrin” from the app “Settings” screen.
- Get an email address verifiable credential: https://email-verification.vonx.io
- Get an IIW attendee verifiable credential: https://iiwbook.vonx.io
Installing Streetcred and Creating Your Agent
To get started, you’ll need a compatible agent. For these instructions, you’ll need to get the Streetcred mobile agent. It’s possible that other agents could be used for this demonstration, but we’ll only cover Streetcred here.
NOTE: The images of the Streetcred app are from an older version, so won’t look exactly the same as what you’ll see on your phone.
The first time you run Streetcred you will be asked to setup a few things to get started.
Click Create My Agent and follow the prompts.
For this demo, the Streetcred app must use the BC Government’s
BCovrin TestHyperledger Indy network instance. To set the network, to go to the Streetcred Home tab and tap the “hamburger icon” (tree horizontal lines, top right) to go to the app’s settings screen. On the settings screen, edit the
Networksetting and select from the list of networks “BCovrin Test”.
Getting Your Email Credential
With Streetcred up and running, the next thing you’ll do is get your email verifiable credential.
To do this:
In a browser, go to the following URL, read the instructions, input your email address and click Submit.
You will receive an email from
firstname.lastname@example.org an embedded one-time use link back to the Email Verification Service.
Click on the link provided in the email. This does two things:
- Opens up a page on the Email Verification site with an invitation (in various forms) to connect to the Email Verification Service’s agent.
- Proves to the Email Verification Service that the current user controls the email address to which the message was sent.
NOTE: The latter point is important—this is the basis for the verifiable credential that the service will issue to the agent that connects to it via the invitation.
The following window is displayed:
- Use one of the invitations:
- If the invitation is on your mobile device, click the link to open the Streetcred app.
- If the invitation is on a desktop device, use your Streetcred app to scan the QR code.
- If you are using some other agent, copy the invitation and paste as appropriate into that agent.
In the Streetcred app the following window is displayed:
Click Accept to complete the connection.
You will receive a notification—the Email Verification Service has sent you an offer for a verifiable credential, and the website will update to show your progress.
Click Accept Offer.
- Click the Credentials icon to see your email credential. It might take a few moments to arrive.
Whoohoo!! You have your first verifiable credential and you can prove ownership of your email address whenever it’s needed.
Getting Your IIW Attendance Credential
You have been issued one credential—let’s use it to get another. This credential is only for attendees of IIW 28, so you’ll have to provide a verified email address that will be checked against the IIW 28 attendee list. Meet both of these requirements and you’ll get your IIW attendee credential.
In a browser, go to IIWBook: https://iiwbook.vonx.io.
Click Connect to IIWBook.
As you did with the Email Verification Service, scan the QR code, click the link, or copy the invitation.
In Streetcred, click Accept.
You will receive a new notification and the browser screen will update to show your progress. Before you can be issued your attendance credential, you must present proof of your email credential.
Click Present Proof.
Now there’s a wait. To respect the consent you provided in signing up for IIW, a staff member authorized to see the attendee list will manually verify your attendance at IIW based on your email address. Once that human step is complete, you will be issued an IIW attendance credential that includes your name—or not, if you are not registered using that email address.
If you are issued an IIW attendee verifiable credential, you will get a notification in Streetcred with the credential offer— just like when you received your verified email credential.
There you go! You have been issued a credential, had it verified and based on that verification, been offered another credential.
IWWBook was coordinated by the VON team of the Government of British Columbia. The following GitHub repositories were created/used as the basis of the IIWBook demo:
- The Streetcred Identity Agent is based on the open source aries-framework-dotnet project
- The Email Verification Service and IIWBook are instances of the open source Aries Cloud Agent - Python project.
- The repos for the services are:
- The DIDComm message family protocols implemented by the different agents to implement IIWBook include: