Open in app

Sign in

Write

Sign in

Masca supports OpenID, passing EBSI WCT

Blockchain Lab:UM
3 min readJul 22, 2023

--

We are excited to announce a significant technical milestone in our journey: the successful integration of OpenID for Verifiable Credentials (OID4VC), complemented by the passing of the EBSI Wallet conformance testing. These achievements represent our commitment to robust digital identity solutions, fostering seamless interoperability and bolstered security. In this blog post, we will delve into the specifics of our progress, shedding light on the transformative potential of these advancements and their implications for a safer digital future. Let’s dive into the details.

OpenID

OpenID for Verifiable Credentials (OID4VC)

OpenID for Verifiable Credentials (OID4VC), an outcome of the OpenID Connect Working Group, encompasses three key specifications:

  1. OpenID for Verifiable Credential Issuance (OID4VCI) lays the foundation for the issuance of verifiable credentials (VCs).
  2. OpenID for Verifiable Presentations (OID4VP) defines a mechanism that enables presentation of VCs as Verifiable Presentations (VPs).
  3. Self-Issued OpenID Provider v2 (SIOP) refines the concept of self-issued OpenID providers, enabling individuals to act as their own identity providers. It empowers users to create and manage their VCs directly, ensuring greater autonomy over their identity data.

In short, OpenID for Verifiable Credentials builds on OAuth 2.0 and OpenID Connect, two widely accepted authentication protocols, to create a secure and standard way to issue, present, and verify verifiable credentials. This initiative utilizes the base protocol’s proven security capabilities to foster enhanced data privacy, control, and user-centric identity management in various online interactions.

These specifications are already seeing adoption in various companies and initiatives like Microsoft and EBSI.

EBSI Wallet Conformance Testing (WCT)

European Blockchain Services Infrastructure (EBSI) is an initiative of the European Commission and the European Blockchain Partnership aimed at creating a blockchain-based digital infrastructure for the public sector across Europe. They offer a variety of products, one of which is the Wallet conformance testing (WCT) service. WCT provides third-party application developers working on a digital wallet with a reliable tool for evaluating their wallets’ interoperability and conformance to the specifications defined by EBSI, which are based on the OID4VC specifications. We utilized the Wallet module to evaluate Masca’s capability to manage credential requests, authentication, and presentation to verifiers on demand.

How to use it with Masca

Masca supports both credential offers, as defined in OID4VCI, and authorization requests, as described in OID4VP. The first method allows you to obtain new VCs, and the second will enable you to present them as VPs.

There are two ways to use and test OID4VC with Masca:

  1. Scan the QR code on masca.io and perform different flows (check the demo below).
  2. Integrate Masca in your application and handle OID4VC flows directly by calling Masca’s RPC methods.

Demo:

Example of integration code presenting both flows:

import { enableMasca, isSuccess, isError } from '@blockchain-lab-um/masca-connector';

// Install Masca and retrieve the API interface
const masca = await enableMasca(address);

// Check if installation was successful
if(isSuccess(masca)){
    const api = masca.data.getMascaApi();
    
    // RPC Method call to handle a credential offer
    const credentialOfferResult = api.handleCredentialOffer({
        credentialOffer // Credential offer string
    });
    
    if(isSuccess(credentialOfferResult)){
        // Recieved credentials
        const credentials = credentialOfferResult.data.credentials;
    }
    
     // RPC Method call to handle a authorization request
    const authorizationRequestResult = api.handleAuthorizationRequest({
        authorizationRequest // Authorization request string
    });
    
    // Check if any errors occured while processing the authorization request 
    if(isError(authorizationRequestResult)){
      // ...
    }
}

Issuers and verifiers

Apart from the wallet part, we are also working on and implementing issuer and verifier components that support the OpenID specifications. Both will work with multiple DID methods and support various cryptographic key types. In the future, we’ll also be working on passing WCTs for issuers and verifiers.

You can check the codebase here.

Conclusion

This blog post presents and showcases how to use OpenID in Masca, giving an alternative and new approach to the decentralized identity space. It also concludes the EBSI use case, with Masca supporting all the necessary components and passing WCT.

By Blockchain Lab:UM
Website | LinkedIn | Twitter | Discord | YouTube | GitHub | Email

Decentralized Identity
Metamask
Ebsi
European Blockchain
Openid Connect

--

--

Blockchain Lab:UM

Written by Blockchain Lab:UM

70 Followers

A multidisciplinary team of researchers, developers and consultants who develop and evaluate blockchain-based services.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams