Verifier - Typescript/Node.js

Verifier Demo Application

This application is built with Node.js/Typescript to demonstrate the usage of the verifier-sdk package. Please note that you will also need to have the latest didPass-Wallet application on your phone to test the demo application. you can download the latest apk here.

Also, to perform verification, you will need to already have credentials in your wallet. So, to use this demo, you must first claim credentials through the Issuer Demo.

Prerequisites

1. Node.js 14.6.0 or higher (LTS is preferred)

2. Ngrok

3. Claim credentials through the Issuer Demo

4. Windows Subsystem for Linux (WSL) (Optional, if you run this application on windows)

5. Docker (Optional, if you run this application on windows or mac)

ngrok is needed as the wallet needs to communicate with the verifier application on your local

Installation

To ensure a smooth experience with the demo, we recommend running it within a WSL (Windows Subsystem for Linux) environment or Docker container. If you are not able to use WSL to run the demo, follow Running in Docker Container.

1. Clone the demo project from Github

git clone https://github.com/GDP-ADMIN/didPass-demo.git

1. Open the verifier-demo directory

cd ./didpass-demo/verifier-demo

1. Install dependencies

npm install

1. Rename .env.example to .env

2. Initiate ngrok by following these step

3. Change the NEXT_PUBLIC_URL on .env to the ngrok forwarding url for localhost:3002 on step 4

   NEXT_PUBLIC_URL=placeholder<'your ngrok forwarding url'> #https://b46f-149-108-164-96.ngrok-free.app

4. Run verifier demo

npm run dev

1. Finally, access the verifier demo on http://localhost:3002

Setting up ngrok

1. Initiate new terminal on didpass-demo/verifier-demo repository

2. Run the following command on terminal

ngrok http 3002

Running in Docker Container

In the event, you are not able to run the demo through npm run dev, we also provide an easy way to start the application inside a Docker container. To do this, follow the following guide:

1. Make sure the Docker engine is installed and running

2. Run docker compose through the pre-defined npm command, and wait until it finishes

npm run compose:up

1. Once it is done, the container should automatically be started and exposed to port 3002

2. Finally, access the verifier demo on https://localhost:3002

Testing the Verifier Demo

1. Open http://localhost:3002

2. Click on the Start Demo button

3. Read through the Introduction sections until you reach the Start Verification page.

4. Click on the Retrieve QR Code button and wait until the QR code is generated

5. Scan the QR code using the wallet

6. In the wallet, press confirm and continue to start generating proof

7. Every few seconds, the demo will automatically check the status of the verification process

8. If the verification process is completed (until proof verification), you will be redirected to the results page

If you encounter any error while testing Verifier Demo, please refresh the page and start the demo from the beginning

Modifying the Verifier Demo

1. Adding more use cases

   • You can add or modify use cases here

   • To add a new use case, you need to add to the following places:

     • Verify Cases - name of verification use case

     • Verify Credential Type - assign which credentials to be verified

     • DVR Title - the DVR title for verification use cases

     • Verify Case Map - details of verification use cases (field, operator, and expected value)

2. Modify proof validator

   • Modify the proof metadata validator as you need, you can find it here

Code Snippets

Generate QR Code

1. Import the necessary classes from the SDK

import { Verifier, GenerateQrCodeDTO } from "@didpass/verifier-sdk";

1. Initialize Verifier instance to generate the QR code

const verifier = new Verifier();

1. Prepare the data for the QR code generation

const { dvrId, dvrTitle } = await this.getDvrIdTitle(queryId);
const sessionId = v4();

const hostUrl = process.env.NEXT_PUBLIC_URL;
const callbackPath = "/api/callback/signed-dvr";
const callbackUrl = `${hostUrl}${callbackPath}?sessionId=${sessionId}`;

const options: GenerateQrCodeDTO = {
  callbackUrl,
  dvr: {
    dvr_id: dvrId,
    dvr_title: dvrTitle,
  },
};

1. Generate QR code using the verifier-sdk

const qrCode = this.verifier.generateQrCode(options);

Here's the full code:

import { Verifier, GenerateQrCodeDTO } from "@didpass/verifier-sdk";
 
function generateQrCode(queryId: string) {
 const verifier = new Verifier();
 
 const { dvrId, dvrTitle } = await this.getDvrIdTitle(queryId);
  const sessionId = v4();
  
  const hostUrl = process.env.NEXT_PUBLIC_URL;
  const callbackPath = "/api/callback/signed-dvr";
  const callbackUrl = `${hostUrl}${callbackPath}?sessionId=${sessionId}`;
  
  const options: GenerateQrCodeDTO = {
    callbackUrl,
    dvr: {
      dvr_id: dvrId,
      dvr_title: dvrTitle,
    },
  };
  
  const qrCode = this.verifier.generateQrCode(options);
  
  return qrCode;
}

Create Signed DVR

1. Import the necessary classes from the SDK

import { Verifier, KeysetEndpoint, KeysetEndpointWrapped  } from "@didpass/verifier-sdk";
import { SignedDvrResponse } from '@didpass/verifier-sdk/lib/types/signedDvrResponse';
import { ZkPassClient } from '@didpass/zkpass-client-ts';

1. Initialize Verifier and ZkPassClient instance to sign DVR

const verifier = new Verifier();
const zkPassClient = new ZkPassClient();

1. Verify SIWE message and signature using SDK

verifier.verifySiwe(siweDto);

1. Retrieve private key to sign data, url containing jwks and kid from environment variables

const privateKey = process.env.VERIFIER_PRIVATE_KEY_PEM;
const jkuIssuer = process.env.KEYSET_ENDPOINT_JKU_ISSUER;
const kidIssuer = process.env.KEYSET_ENDPOINT_KID_ISSUER || "k-1";
const jkuVerifier = process.env.KEYSET_ENDPOINT_JKU_VERIFIER;
const kidVerifier = process.env.KEYSET_ENDPOINT_KID_VERIFIER || "k-1";
const verifierDid = process.env.VERIFIER_IDENTIFIER || "";

1. Prepare DVR to sign

const query = await this.constructFullQuery(queryId);

const user_data_verifying_key: KeysetEndpointWrapped = {
  KeysetEndpoint: {
    jku: jkuIssuer,
    kid: kidIssuer,
  },
};
const verifyingKeyJKWS: VerifyingKeyJWKS = {
  jku: jkuVerifier,
  kid: kidVerifier,
};
              
const { queryEngineVersion, queryMethodVersion } = await zkPassClient.getQueryEngineVersionInfo();

const user_data_url = "https://example.com/user_data";
const dvr = new DataVerificationRequest(
  dvrTitle,
  dvrId,
  queryEngineVersion,
  queryMethodVersion,
  query,
  user_data_url,
  user_data_verifying_key
);

1. Sign DVR through the verifier-sdk

const dvrDto: DVRDTO = {
  keyInPem: privateKey,
  dvr,
  verifyingKeyJKWS,
};

const hostUrl = process.env.NEXT_PUBLIC_URL || "http://localhost:3002";
const callbackPath = "/api/callback/verify-proof";
const callbackUrl = `${hostUrl}${callbackPath}?sessionId=${sessionId}`;

const signedDVRToken = await this.verifier.signDvrToken(
  dvrDto,
  siweDto,
  callbackUrl,
  verifierDid
);

Here's the full code:

import { Verifier, KeysetEndpoint, KeysetEndpointWrapped  } from "@didpass/verifier-sdk";
import { SignedDvrResponse } from '@didpass/verifier-sdk/lib/types/signedDvrResponse';
import { ZkPassClient } from '@didpass/zkpass-client-ts';

async function createSignedDvr(
  sessionId: string,
  siweDto: SIWEDTO,
  dvrId: string, 
  dvrTitle: string, 
  queryId: string
): Promise<SignedDvrResponse> {
    const verifier = new Verifier();
    const zkPassClient = new ZkPassClient();
    
    verifier.verifySiwe(siweDto);
    
    const privateKey = process.env.VERIFIER_PRIVATE_KEY_PEM;
    const jkuIssuer = process.env.KEYSET_ENDPOINT_JKU_ISSUER;
    const kidIssuer = process.env.KEYSET_ENDPOINT_KID_ISSUER || "k-1";
    const jkuVerifier = process.env.KEYSET_ENDPOINT_JKU_VERIFIER;
    const kidVerifier = process.env.KEYSET_ENDPOINT_KID_VERIFIER || "k-1";
    const verifierDid = process.env.VERIFIER_IDENTIFIER || "";
    
    const query = await this.constructFullQuery(queryId);

    const user_data_verifying_key: KeysetEndpointWrapped = {
      KeysetEndpoint: {
        jku: jkuIssuer,
        kid: kidIssuer,
      },
    };
    const verifyingKeyJKWS: VerifyingKeyJWKS = {
      jku: jkuVerifier,
      kid: kidVerifier,
    };
                  
    const { queryEngineVersion, queryMethodVersion } = await zkPassClient.getQueryEngineVersionInfo();
    
    const user_data_url = "https://example.com/user_data";
    const dvr = new DataVerificationRequest(
      dvrTitle,
      dvrId,
      queryEngineVersion,
      queryMethodVersion,
      query,
      user_data_url,
      user_data_verifying_key
    );
    
    const dvrDto: DVRDTO = {
      keyInPem: privateKey,
      dvr,
      verifyingKeyJKWS,
    };
    
    const hostUrl = process.env.NEXT_PUBLIC_URL || "http://localhost:3002";
    const callbackPath = "/api/callback/verify-proof";
    const callbackUrl = `${hostUrl}${callbackPath}?sessionId=${sessionId}`;
    
    const signedDVRToken = await this.verifier.signDvrToken(
      dvrDto,
      siweDto,
      callbackUrl,
      verifierDid
    );
    
    return signedDVRToken;
}

Verify Proof

1. Import the necessary classes from the SDK

import { Verifier, PublicKey, ZkPassProofMetadataValidator } from "@didpass/verifier-sdk";

1. Initialize Verifier instance to verify the proof

const verifier = new Verifier();

1. Prepare metdata validator for proof verification

export class MetadataValidator implements ZkPassProofMetadataValidator {
    async validate(
        dvrTitle: string,
        dvrId: string,
        dvrDigest: string,
        userDataVerifyingKey: PublicKey,
        dvrVerifyingKey: PublicKey,
        zkpassProofTtl: number
    ): Promise<void> {
        // validate DVR metadata here (dvrTitle, verifyingKeyJWKS, etc.)
    }
}

1. Verify the proof using the verifier-sdk

const verifyZkpassProofOutput = await this.verifier.verifyProof(zkpassProofToken, MetadataValidator);

Here's the full code:

import { Verifier, PublicKey, ZkPassProofMetadataValidator } from "@didpass/verifier-sdk";

export class MetadataValidator implements ZkPassProofMetadataValidator {
    async validate(
        dvrTitle: string,
        dvrId: string,
        dvrDigest: string,
        userDataVerifyingKey: PublicKey,
        dvrVerifyingKey: PublicKey,
        zkpassProofTtl: number
    ): Promise<void> {
        // implement validate DVR metadata here (dvrTitle, verifyingKeyJWKS, etc.)
    }
}

async function verifyProof(zkpassProofToken: string): Promise<boolean> {
    const verifier = new Verifier();
    
    const verifyZkpassProofOutput = await verifier.verifyProof(zkpassProofToken, MetadataValidator);
    
    return verifyZkpassProofOutput; 
}