Introducing Veramo

In our last post we briefly presented Veramo and how it evolved from the challenges faced with uPort’s libraries. In this next series of articles we will give Veramo a proper introduction and answer some of the basics: why it exists and what it does, followed by articles describing the architecture in more detail, and how to build applications using Veramo. While our name may have changed, the original vision of allowing individuals and organizations to own their own data and maintain privacy, has not.

The Self Sovereign Identity (SSI) space has been moving fast by establishing standards for decentralized identifiers (DIDs) and verifiable credentials (VCs) which simply did not exist when uPort set out five years ago. What began as a niche has caught wider attention. In Apple’s WWDC last week their Verifiable Health records appear to be using W3C VCs under the hood. The European Commission recently proposed a new electronic identity regulation that aims to make identity wallets mandatory for various public and private sector service providers. This progress validates our theory that the task of managing DIDs and VCs is important work.

Enter Veramo

Veramo is built with several goals in mind. First, we aim to simplify creating and managing identifiers and issuing and receiving credentials through straightforward APIs which run across backend, frontend, and mobile. We aim to provide the ability to do this in a spec compliant way with interoperability in mind. The framework should also be flexible enough to allow for many configuration options (multiple environments, hybrid deployment models, data storage, key management, etc.) and also to accommodate future advances in the space. With Veramo, we took feedback to heart and combined these features into a single framework over the outwardly confusing set of uPort libraries: uport-connect, uport-credentials, uport-transports, and uport-mobile.

The Veramo Agent

The entry point to managing identifiers, credentials, messages, keys and more is the Veramo Agent. The Agent provides a common interface for core and custom plugins to operate and orchestrates them through an event system. An Agent can be run as a CLI, backend service, within a mobile app, or in the browser and we have tutorials for each on veramo.io/docs. Agents can also work remotely, so you can have multiple agents with specific capabilities that work together to provide tailored functionality as one.

The Veramo Agent takes care of low-level details so you can focus on building your app. Once instantiated, it exposes methods for creating and managing identifiers through the did-manager plugin. Out-of-the-box support is available for ethr-did (Ethereum address), web-did (DNS domain), and did-key (simple public/private key pair).

For credentials, the credentials-w3c plugin combined with the messaging plugin handle issuing, receiving, signing, and sending W3C VCs from one DID to another. The data-storage and key-manager plugins handle storing the identifiers, credentials, messages and the keys for signing and encryption.

Running an agent will depend on your use-case and environment. To get started, take a look at our documentation and tutorials on veramo.io. The CLI tool is the quickest way to see how it works, and we also have tutorials for Node, React, and React-Native. Hit us up at hello@veramo.io or GitHub Discussions with feedback or questions.

Coming soon: Part 2 will go deeper on architecture details and Part 3 will show how to build applications using Veramo.