Skip to main content

Verifiable Presentation

Create and verify EBSI-compliant W3C Verifiable Presentations in JWT format with the @cef-ebsi/verifiable-presentation library.

This library extends the @transmute/json-web-signature and @transmute/vc.js libraries by applying additional validation rules. For more details, see EBSI Verifiable Credentials Playbook for Early Adopters.

info

The following documentation is related to the version v2 of the @cef-ebsi/verifiable-presentation library. It is meant to be used with the latest EBSI APIs.

If you use the legacy EBSI APIs, check the documentation about the v1 of the library.

Installing

Using npm:

$ npm i --save @cef-ebsi/verifiable-presentation

Using yarn:

$ yarn add @cef-ebsi/verifiable-presentation

Usage

Creating VP JWTs

Prerequisites

Create an EbsiIssuer object to sign VP JWTs:

import type { EbsiIssuer } from "@cef-ebsi/verifiable-presentation";

const signer: EbsiIssuer({
did: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1",
kid: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1#keys-1",
publicKeyJwk: <JWK>,
privateKeyJwk: <JWK>,
alg: "ES256K",
})

In order to create a valid VP JWT, the signer MUST either be a Legal Entity (LE) registered in the DID Registry (EBSI DID method v1), or a Natural Person (NP, EBSI DID method v2).

Creating a Verifiable Credential

Specify a payload matching the EbsiVerifiablePresentation interface. Create a JWT by signing it with the previously configured issuer and a target audience using the createVerifiablePresentationJwt function:

import {
createVerifiablePresentationJwt,
EbsiVerifiablePresentation,
} from "@cef-ebsi/verifiable-presentation";

const vpPayload: EbsiVerifiablePresentation = {
id: "urn:did:123456",
"@context": ["https://www.w3.org/2018/credentials/v1"],
type: ["VerifiablePresentation"],
holder: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1",
// Note: `verifiableCredential` only accept valid VC JWTs (strings)
verifiableCredential: [
"eyJraWQiOiJkaWQ6ZWJzaTp6Y1dvQnI...fqtk4SjRA7Cwu-euNohIq4a_63dCKL_xqfWZ3SoBLsBBu0Q",
],
};

const audience = "did:ebsi:zwWmyuVKGnQ68EZg3JYZhDG";

const vpOptions = {
// EBSI URI Authority ([userinfo "@"] host [":" port])
ebsiAuthority: "api.preprod.ebsi.eu",
};

const vpJwt = await createVerifiablePresentationJwt(
vpPayload,
signer,
audience,
vpOptions
);

console.log(vpJwt);
// eyJraWQiOiJkaWQ6ZWJzaTp6eEdk...BjHQuXchyO3G6ZrpwzFAHVbmU94aIgcOBKPM1JSp33OR8Q

Verifying JWTs

Prerequisites

Pass in a VP JWT to verify and the target audience using the verifyPresentationJwt function:

import { verifyPresentationJwt } from "@cef-ebsi/verifiable-presentation";

const vpJwt =
"eyJraWQiOiJkaWQ6ZWJzaTp6eEdk...BjHQuXchyO3G6ZrpwzFAHVbmU94aIgcOBKPM1JSp33OR8Q";
const audience = "did:ebsi:zwWmyuVKGnQ68EZg3JYZhDG";
const options = {
// EBSI URI Authority ([userinfo "@"] host [":" port])
ebsiAuthority: "api.test.intebsi.xyz",
};

const verifiedVp = await verifyPresentationJwt(vpJwt, audience, options);

console.log(verifiedVp);
/*
{
id: "urn:did:123456",
"@context": ["https://www.w3.org/2018/credentials/v1"],
type: ["VerifiablePresentation"],
holder: "did:ebsi:zxGdqT9vHpvXbNehnXbd6g7",
verifiableCredential: [
"eyJraWQiOiJkaWQ6ZWJzaTp6Y1dvQnI...fqtk4SjRA7Cwu-euNohIq4a_63dCKL_xqfWZ3SoBLsBBu0Q",
],
}
*/

Try it online

The VC & VP validator tool uses the @cef-ebsi/verifiable-presentation to verify VP JWTs.