npm
Sign UpSign In

evrc-verifier
TypeScript icon, indicating that this package has built-in type declarations

1.0.2 • Public • Published

EveryCRED Logo

EveryCRED Verifier JS 🔒

Version: 1.0.2 📑

EveryCRED Verifier JS is a custom verifier designed to verify EveryCRED credentials according to the W3C credentials standard.

Installation

You can install the library using npm:

npm install everycred-verifier-js

Verifier Steps 📋

The EveryCRED Verifier JS follows the following steps to validate credentials:

  1. Validators ✅: Check the authenticity and integrity of the credential.

    • Authenticity checks 🔐: Verify the authenticity of the credential.
    • Integrity Checks 🔐: Check the integrity of the credential.
    • Issuer check 🛂: Validate the issuer of the credential.
    • Data Validation 🧮: Perform validation on the credential data.
    • Checksum Match (Hash Comparison) 🔃: Compare hashes to ensure the integrity of the credential.
      • Blockchain Hash Fetch 🔗: Fetch the blockchain hash of the credential.
      • Generate Credential Hash 🔢: Generate a hash of the credential.
      • Checksum Integrity ✔️: Compare the generated hash with the blockchain hash.

  2. Status Check 🚦: Perform checks related to the status of the credential.

    • Credential Revocation check 🚫: Check if the credential has been revoked.
    • Credential Expiration check ⏰: Verify if the credential has expired.

Package Verification Steps 📦

The verifier performs detailed verification steps on the package:

  1. Validator ✅: Check the validity of the credential fields.

    • type ✔️: Verify if the "type" field exists and supports the "VerifiableCredential" type.
    • @context ✔️: Check the existence and validity of the "@context" field.
    • ID (Identifier) ✔️: Verify the existence of the "id" field.
    • credentialSubject ✔️: Check the existence of the "credentialSubject" field and validate its information.
    • Issuer ✔️: Verify the existence and validity of the "issuer" field.
      • Fetch Issuer profile information from the issuer link.
      • Check the validity of the "@context" field in the Issuer profile.
      • Validate the Issuer profile type against the supported types.
      • Check if the "id" matches the issuer link fetched from the credential.
      • Verify the existence of the Issuer's name and email.
      • Check if the revocation list exists.
      • Check the existence and format of the public key.
      • Fetch the Revocation List from the issuer profile.
    • ValidUntil (Optional) ✔️: Check the existence and format of the "validUntil" field.
    • Proof ✔️: Check the existence and validity of the "proof" field.
      • Validate the fields within the proof.
      • Verify the support for the current proof type ("MerkleProof2019").
    • DisplayHtml (Optional) ✔️: Check the existence of the "displayHtml" field.
    • IssuanceDate ✔️: Check the existence of the "issuanceDate" field.

  2. Checksum Match (Hash Comparison) 🔃: Compare hashes to ensure the integrity of the credential.

    • Note: For the first version, only "MerkleProof2019" is supported.

    • Decode "proofValue" and extract signature details.

      • There are two algorithms to decode the "proofValue":
        • First, using MerkleProof2019 algorithm. This will be used for the previously issued credentials.
        • Second using Advanced Encryption Standard(AES) algorithm. This will be used for the new credentials.
          • Below is the details for decoding the data for AES algorithm:
            • AES_128_IV and AES_128_KEY will be used to decode the proofValue. You can find this data in the proof field.
            • You'll have to pass the AES encryption KEY and IV parsed into the UTF-8 format to ensure it's in the correct encoding for decryption.
            • The decryption mode used for encryption is Cipher Block Chaining (CBC), which is a common mode for AES encryption.

    • Validate the existence of the "anchors" keyword with valid data.

    • Ensure that the following key fields exist in your credentials:

      • "path"
      • "merkleRoot"
      • "targetHash"
      • "anchors"

    • Separate the transaction ID and blink value.

    • Apply chain condition and call the corresponding API:

      • EthereumMainnet
      • EthereumRopsten
      • EthereumSepolia
      • PolygonMainnet
      • PolygonTestnet

    • Handle API responses:

      • Success: Retrieve the data and get the hash of the credentials from the transaction data.
      • Error: Return the error from the API or indicate transaction lookup errors or transaction not found errors.

  3. Status Check 🚦:

    • Revocation 🚫: Check if the "revocationList" exists in the credential and fetch the revocation list details.
      • Validate the "@context" field in the revocation list.
      • Check the validity of the revocation list type against the supported types.
      • Verify the "id" key against the revocation link fetched from the credential.
      • Check if the issuer list exists and match the issuer link from the issuer profile.
      • Verify the existence of "revokedAssertions".
      • Find the credential ID in the revocation list and return a message if revoked.
      • If the ID matches, retrieve the revocation message and indicate that the credential is revoked with the given message.
      • If not matched, consider the credential valid and not revoked.
    • Expiration (ValidUntil) (Optional) 📅: Validate today's date with the "validUntil" date if it exists.

Package Notes 📝

Version 1.0.2 of the EveryCRED Verifier JS to verify EveryCRED credentials according to the W3C credentials standard.

Readme

Keywords

Package Sidebar

Install

npm i evrc-verifier

Weekly Downloads

1

Version

1.0.2

License

ISC

Unpacked Size

374 kB

Total Files

29

Last publish

Collaborators

  • vc-dhruv
Try on RunKit
Report malware