Experiments in Interoperability with the DID Actor API
As open source community leaders, Transmute is committed to fostering an environment where cutting edge problem sets and ideas are vetted and improved by expert peers. In that spirit, Transmute routinely publishes articles directly from our staff, who are experts across technology and industry. These articles are self-chosen topics an employee feels passionate about, and give you an inside look at the limitless creativity and skill the Transmute team applies to our work.
We Built a Demo Application for the DID Actor API
As part of our work to support the W3C CCG VC API, we built a demo application with some interesting experimental features to support testing the use of “did:key” with both linked data proof and JSON web token-based verifiable credentials.
The W3C CCG VC APIs are a set of RESTful API definitions conforming with the OpenAPI 3.0 Specification (formerly known as Swagger) for the roles of Issuer, Verifier, and Holder as described in the Verifiable Credential Data Model specification. These APIs provide a standard set of interfaces by which interoperability may be tested and verified by various parties who leverage Verifiable Credentials (VCs).
https://github.com/transmute-industries/api.did.actor
We’ve used this project to test a number of things, and we wanted to share the experiments we found successful and some of the ones that didn’t work out so well.
DID Actor API Results
One of the original motivations for the demo was to be able to test interoperability with https://github.com/digitalbazaar libraries for linked data proof based verifiable credentials and “did:key”.
Unfortunately, due to some quirks with Vercel and Next.js and webpack we were only able to test interop locally.
However, we still found it very useful to be able to create an API facade between our implementations where one small line of code could switch out the implementation used to produce and consumer verifiable credentials.
This is particularly useful when debugging JSON-LD Canonicalization or Document Loader issues, which can arise from differences in implementation of Linked Data Proofs.
Another feature we have been testing is mnemonic and hd path support for key generation. For example, given a mnemonic, key type and hd path, there will be a corresponding public private key pair. In the case of Ethereum and Bitcoin, these keys can be used to derive addresses that support crypto currencies.
We have explored using these patterns to support issuing and verifying verifiable credentials.
In particular, using JsonWebSignature2020 to issue Linked Data Proofs and using VC-JWT to issue compact JWT based verifiable credentials from the same “did:key”. This proves that the key representations support both established and emerging cryptographic suites.
Finally, we have used the demo to communicate to implementers of the VC API one way to conform to the interoperability test suites, and we have added Postman integration tests that demonstrate interoperability.
Orie Steele, Transmute’s CTO and Co-Founder, has managed security concerns for startups and publicly traded companies, building secure web applications in Finance, Energy, and Healthcare.
Connect with Orie on LinkedIn, Twitter, and GitHub
About Transmute: Building on the security and freedom that Web3 promised, Transmute provides all the benefits of decentralization to enterprise teams seeking a cost effective, interoperable, planet-forward experience provided by experts in technology and industry.
Transmute was founded in 2017, graduated from TechStars Austin in 2018, and is based in sunny Austin, Texas. Learn more about us at: http://www.transmute.industries
