As a verifiable credential data controller, I want to share the credential from my mobile wallet to another party so I can help them read the data in the credential.
A key goal for the Wallet Attached Storage (i.e. WAS) protocol is to enable users of digital wallets to share credentials in the wallet by storing it in a space that is not the wallet itself, then sharing a link to the data in that space.
A specific example of this use case is verifiable resume sharing. Assume a user has used a resume author tool to build a resume describing their work history, then signed it as a Verifiable Credential (VC), then added it to their wallet. Later, they want to share this resume with a potential employer at a job fair. They should be able to do so using their mobile wallet and a conformant Wallet Attached Storage server. For more on Verifiable Credentials, see the Appendix.
We seek to socialize this user story widely as a core user story for the Wallet Attached Storage protocol.
Plan of conversation:
If you want to be a part of the conversation, please publish feedback and link to Wallet Attached Storage.
This section describes how to confirm that an implementation has satisfied the user story.
Given
When
PUT /space/:space HTTP/1.1
Authorization: Signature …
{
"link": "/space/:space/links"
}
/space/:space/vc to /space/:space/acl/space/:space/vc like
PUT /space/:space/vc HTTP/1.1
Content-Type: application/json
Authorization: Signature …
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"id": "http://example.gov/credentials/3732",
"type": ["VerifiableCredential", "ExampleDegreeCredential"],
"issuer": "did:example:6fb1f712ebe12c27cc26eebfe11",
"validFrom": "2010-01-01T19:23:24Z",
"credentialSubject": {
"id": "https://subject.example/subject/3921",
"degree": {
"type": "ExampleBachelorDegree",
"name": "Bachelor of Science and Arts"
}
},
"proof": {
"proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz"
}
}
/space/:space/vc without authorization and follows redirectsThen
/space/:space/vc earlier/space/:space/vc to /space/:space/aclPUT /space/:space/links HTTP/1.1
Content-Type: application/linkset+json
Authorization: Signature …
{
"linkset": [
{
"anchor": "/space/:space/vc",
"acl": [
{
"href": "/space/:space/acl"
}
]
}
]
}
PUT /space/:space/acl HTTP/1.1
Content-Type: application/json
Authorization: Signature …
{
"type": "PublicCanRead"
}
GET /space/:space/vc HTTP/1.1
Accept: application/json
wallet-attached-storage-server is implementing support for PublicCanRead ACLs in https://github.com/did-coop/wallet-attached-storage-server/pull/17.
@wallet.storage/wasup/examples/acl-PublicCanRead.sh is a sh script that uses wasup to share some data publicly.
Verifiable Credentials Data Model defines a Verifiable Credential (VC) as a tamper-evident credential that can be cryptographically verified.
Example 15 shows a Verifiable Credential as application/json with a proof property.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://www.w3.org/ns/credentials/examples/v2"
],
"id": "http://example.gov/credentials/3732",
"type": ["VerifiableCredential", "ExampleDegreeCredential"],
"issuer": "did:example:6fb1f712ebe12c27cc26eebfe11",
"validFrom": "2010-01-01T19:23:24Z",
"credentialSubject": {
"id": "https://subject.example/subject/3921",
"degree": {
"type": "ExampleBachelorDegree",
"name": "Bachelor of Science and Arts"
}
},
"proof": {
"type": "DataIntegrityProof",
"cryptosuite": "eddsa-rdfc-2022",
"created": "2021-11-13T18:19:39Z",
"verificationMethod": "https://university.example/issuers/14#key-1",
"proofPurpose": "assertionMethod",
"proofValue": "z58DAdFfa9SkqZMVPxAQp...jQCrfFPP2oumHKtz"
}
}