1. Badge Templates
In the myDid ecosystem, badge templates are created as JSON files that depend on the type of badge. These JSON files are uploaded to IPFS, and the resulting IPFS hash is stored in a list associated with the manager’s DID. This ensures the templates are securely and immutably stored in a decentralized manner.
Badge Template Creation Process
- Create JSON File: Depending on the badge type, create a JSON file detailing the badge’s attributes.
- Upload to IPFS: Upload the JSON file to IPFS, obtaining an IPFS hash.
- Store IPFS Hash: Store the IPFS hash in a list associated with the manager’s DID for future reference.
2. Badge Issuance
To issue a badge, the template is used to create the badge format. A proof section is added to verify the distribution. Once constructed, the badge is sent as a JSON object to the user’s mobile device and is not stored anywhere else.
Badge Issuance Process
- Create Badge Format: Use the template to construct the badge.
- Add Proof: Include a proof section to verify the badge’s issuance.
- Timestamping (if activated): Calculate a hash of the badge and store it in the smart contract to certify the issuance date.
- Send to User: Send the badge JSON to the user’s mobile device. It is stored only on the user’s device and is not stored elsewhere.
3. Verifiable Presentations (VP) or Proof of Badge Possession
Since the badge is stored on the user’s mobile device, only the DID user can create a proof of possession. This is done by signing the badge (VC) and constructing a VP. The VP is a JSON object exchanged between the user and the verifier.
VP Creation Process
- Sign the Badge: The DID user signs the badge (VC).
- Construct VP: Construct a Verifiable Presentation (VP) in JSON format.
- Exchange VP: The VP is sent from the user to the verifier.
4. Verifier’s Process for Verifying VP/Proof of Badge Possession
The verifier checks the integrity of the VP to ensure it is authentic and valid. This involves multiple steps:
1 - Receive VP: The verifier receives the VP from the user.
2 - Retrieve User’s DID Document:
- Use a DID resolver to retrieve the user’s DID Document, which contains the public key.
- Retrieve User’s Public Key: Extract the public key from the user’s DID Document.
3 - Verify User’s Signature: Verify that the VP was signed by the correct DID user using the retrieved public key.
4 - Retrieve Manager’s DID Document:
- Use a DID resolver to retrieve the manager’s DID Document, which contains the public key.
- Retrieve Manager’s Public Key: Extract the public key from the manager’s DID Document.
5 - Verify Manager’s Signature: Verify that the VC was signed by the correct manager using the retrieved public key.
6 - Check Template Validity: Ensure that the template used matches one of the templates issued by the manager.
7 - Retrieve Public Profile: Optionally, retrieve and verify the public profile of the manager to ensure the credibility of the issuer.
Detailed Verification Process
1 - Receive VP: The verifier receives the VP from the user.
2 - Check User’s Proof:
- Retrieve User’s DID Document: Use a DID resolver to retrieve the user’s DID Document.
- Retrieve User’s Public Key: Extract the public key from the user’s DID Document.
- Verify User’s Signature: Use the public key to verify the user’s signature in the proof section of the VP.
3 - Check VC Proof:
- Retrieve Manager’s DID Document: Use a DID resolver to retrieve the manager’s DID Document.
- Retrieve Manager’s Public Key: Extract the public key from the manager’s DID Document.
- Verify Manager’s Signature: Use the public key to verify the manager’s signature in the proof section of the VC.
4 - Validate Template:
- Check Template: Ensure the badge template used matches one stored in the manager’s list of templates.
- Verify Public Profile: Optionally retrieve the public profile of the manager to verify the issuer’s credibility.
5. From manager profile creation to badge issuance
Here are diagrams for the different steps and processes.