In late March 2019, the VON team created AgentBook to demonstrate the interoperability of independently created agents. These agents were able to successfully establish DID-based communication channels. Now, with IIWBook, we’ve added a (literal) new layer by extending the core of AgentBook with the ability to exchange verifiable credentials. Even more exciting, through collaboration with StreetCred and Spark New Zealand, we have a mobile agent (or two!).
This IIWBook demo is one of the first examples of a full verifiable credential-based exchange where participants will be able to establish digital trust. This will be accomplished via two verifiable credential issuing services and the ability of participants to connect to each other, agent-to-agent, and request proofs based on the credentials they have received from these issuing services.
The following is a guide to get started with the IIWBook demo. Grab your IOS device (sorry Android users…soon!) and let’s get started!
The goal of this demo is to show how Hyperledger Indy-based compatible agents can be used to:
- set up agent-to-agent communication
- verify and issue credentials
- send proofs
- establish connections between agents
Credentials contain a set of claims that refer to a qualification, achievement, personal quality, or aspect of an entity that can be used to establish trust online in countless contexts—including identity. Using a mobile agent called Streetcred: Identity Agent (Streetcred), you will collect credentials (in particular, your email and IIW attendance record) and then use these credentials to verify connections with others at the conference.
This demo steps you through the process of obtaining two credentials—that’s pretty cool in itself. However, keep in mind that by obtaining verifiable credentials and establishing connections with your peers at the conference, you are demonstrating the power of self-sovereign identity. Your credentials prove things about you so others know for certain they are talking to you! Conversely, when you connect to others and they prove who they are, you can be certain they are who they say they are. That is powerful.
The following illustration shows the process involved in obtaining verifiable credentials from the two services (Email Verification Services and IIWBook) built for this demo. The two services are typical enterprise-style applications but in addition, they each have their own agent and a public DID, which enables them to issue verifiable credentials.
- On an IOS device, join the Streetcred agent Beta program: https://testflight.apple.com/join/CX48LTno
- Get an email address verifiable credential: https://email-verification.vonx.io
- Get an IIW attendee verifiable credential: https://iiwbook.vonx.io
- Use Streetcred to connect with other compatible agents, and after connecting, request verification claims. Refer to these instructions.
Installing Streetcred and Creating Your Agent
To get started, you’ll need a compatible agent. For these instructions, you’ll need to get the beta Streetcred mobile agent for IOS. It’s possible that other agents could be used for this demonstration, but we’ll only cover Streetcred here.
Go to the following URL and download/install the Streetcred app onto your IOS phone or tablet from Apple’s beta testing service: https://testflight.apple.com/join/CX48LTno
NOTE: Streetcred currently works with IOS devices only.
NOTE: Testflight is Apple’s Beta testing mechanism. If you don’t have it, you’ll be prompted to download it first.
The first time you run Streetcred you will be asked to setup a few things to get started.
Click Create My Agent and follow the prompts.
Here’s what the various tabs in Streetcred are for:
Getting Your Email Credential
With Streetcred up and running, the next thing you’ll do is get your email verifiable credential.
To do this:
In a browser, go to the following URL, read the instructions, input your email address and click Submit.
You will receive an email from
firstname.lastname@example.org an embedded one-time use link back to the Email Verification Service.
- Click on the link provided in the email. This does two things:
- Opens up a page on the Email Verification site with an invitation (in various forms) to connect to the Email Verification Service’s agent.
- Proves to the Email Verification Service that the current user controls the email address to which the message was sent.
NOTE: The latter point is important—this is the basis for the verifiable credential that the service will issue to the agent that connects to it via the invitation.
The following window is displayed:
- Use one of the invitations:
- If the invitation is on your IOS device, click the link to open Streetcred.
- If the invitation is on a desktop device, use your Streetcred app to scan the QR code.
- If you are using some other agent, copy the invitation and paste as appropriate into that agent.
In the Streetcred app the following window is displayed:
Click Accept to complete the connection.
You will receive a notification—the Email Verification Service has sent you an offer for a verifiable credential!
Click Accept Offer.
- Click the Credentials icon to see your email credential. It might take a few moments to arrive.
Whoohoo!! You have your first verifiable credential and you can prove ownership of your email address whenever it’s needed.
Getting Your IIW Attendance Credential
You have been issued one credential—let’s use it to get another. This credential is only for attendees of IIW 28, so you’ll have to provide a verified email address that will be checked against the IIW 28 attendee list. Meet both of these requirements and you’ll get your IIW attendee credential.
In a browser, go to IIWBook: https://iiwbook.vonx.io.
Click Connect to IIWBook.
As you did with the Email Verification Service, scan the QR code, click the link, or copy the invitation.
In Streetcred, click Accept.
You will receive a new notification. Before you can be issued your attendance credential, you must present proof of your email credential.
Click Present Proof.
Now there’s a wait. To respect the consent you provided in signing up for IIW, a staff member authorized to see the attendee list will manually verify your attendance at IIW based on your email address. Once that human step is complete, you will be issued an IIW attendance credential that includes your name—or not, if you are not registered using that email address.
If you are issued an IIW attendee verifiable credential, you will get a notification in Streetcred with the credential offer— just like when you received your verified email credential.
Connecting to Peers
Now that you have both of your foundational credentials (email and IIW attendance), you can establish nearby connections with others at the conference and use those credentials to prove claims about yourself—as well as verify the claims of others.
Nearby devices will be displayed.
- Select the device to which you want to connect and click Invite.
- The person you invite will be asked to confirm that they want to connect.
NOTE: The Nearby feature may or may not work—beta and all. If it doesn’t work, follow these steps (we’ve got you covered!)
If Nearby doesn’t work:
- Click Connections.
- Click +.
Click Create Invitation.
Have your contact scan the QR code provided or send it to them using messaging or email.
Click Connect to accept.
NOTE: You are connected but not verified.
You have a new connection, but do you really know who it is? To be sure, you should verify the connection by asking for verifiable claims.
- Click on Verifications under the name of the person with whom you are connecting.
- Click on the pencil icon (top right).
- Select the information you would like to request from this connection (for example, Name and Email).
- Click Request Presentation.
Once your connection has presented proof of the claims you requested, the claims will be listed under the verifications for that contact.
If the claims you get back aren’t what you expect, you should delete the connection.
IWWBook was coordinated by the VON team of the Government of British Columbia. The following GitHub repositories were created/used as the basis of the IIWBook demo:
- The Streetcred Mobile Identity Agent is based on the open source Agent-Framework project
- The Email Verification Service and IIWBook are instances of the agent part of the open source Indy Catalyst project.
- The repos for the services are:
- The DIDComm message family protocols implemented by the different agents to implement IIWBook include: