npm
Sign UpSign In

@viitorcloudtechnologies/everycred-verifier-js
TypeScript icon, indicating that this package has built-in type declarations

1.0.17 • Public • Published

EveryCRED Logo

EveryCRED Verifier JS 🔒

Version: 1.0.17 📑

EveryCRED Verifier JS is a custom verifier designed to verify EveryCRED credentials according to the W3C credentials standard.

Installation

You can install the library using npm:

npm i @viitorcloudtechnologies/everycred-verifier-js

Verifier Steps 📋

The EveryCRED Verifier JS follows the following steps to validate credentials:

  1. Validators ✅: Check the authenticity and integrity of the credential.

    • Authenticity checks 🔐: Verify the authenticity of the credential.
    • Integrity Checks 🔐: Check the integrity of the credential.
    • Issuer check 🛂: Validate the issuer of the credential.
    • Data Validation 🧮: Perform validation on the credential data.
    • Checksum Match (Hash Comparison) 🔃: Compare hashes to ensure the integrity of the credential.
      • Blockchain Hash Fetch 🔗: Fetch the blockchain hash of the credential.
      • Generate Credential Hash 🔢: Generate a hash of the credential.
      • Checksum Integrity ✔️: Compare the generated hash with the blockchain hash.

  2. Status Check 🚦: Perform checks related to the status of the credential.

    • Credential Revocation check 🚫: Check if the credential has been revoked.
    • Credential Expiration check ⏰: Verify if the credential has expired.

Package Verification Steps 📦

The verifier performs detailed verification steps on the package:

  1. Validator ✅: Check the validity of the credential fields.

    • type ✔️: Verify if the "type" field exists and supports the "VerifiableCredential" type.
    • @context ✔️: Check the existence and validity of the "@context" field.
    • ID (Identifier) ✔️: Verify the existence of the "id" field.
    • credentialSubject ✔️: Check the existence of the "credentialSubject" field and validate its information.
    • Issuer ✔️: Verify the existence and validity of the "issuer" field.
      • Fetch Issuer profile information from the issuer link.
      • Check the validity of the "@context" field in the Issuer profile.
      • Validate the Issuer profile type against the supported types.
      • Check if the "id" matches the issuer link fetched from the credential.
      • Verify the existence of the Issuer's name and email.
      • Check if the revocation list exists.
      • Check the existence and format of the public key.
      • Fetch the Revocation List from the issuer profile.
    • ValidUntil (Optional) ✔️: Check the existence and format of the "validUntil" field.
    • Proof ✔️: Check the existence and validity of the "proof" field.
      • Validate the fields within the proof.
      • Verify the support for the current proof type ("MerkleProof2019").
    • IssuanceDate ✔️: Check the existence of the "issuanceDate" field.

  2. Checksum Match (Hash Comparison) 🔃: Compare hashes to ensure the integrity of the credential.

    • Note: For the first version, only "MerkleProof2019" is supported.

    • Decode "proofValue" and extract signature details.

      • We use MerkleProof2019 algorithm to decode the "proofValue" and extract the signature details. This will be used for the previously issued credentials.
      • We use ED25519 algorithm to decode the "proofValue" and extract the signature details. This will be used for the newly issued credentials.

    • Validate the existence of the "anchors" keyword with valid data.

    • Ensure that the following key fields exist in your credentials:

      • "path"
      • "merkleRoot"
      • "targetHash"
      • "anchors"

    • Separate the transaction ID and blink value.

    • Apply chain condition and call the corresponding API:

      • EthereumMainnet
      • EthereumSepolia
      • PolygonMainnet
      • PolygonTestnet
      • PolygonAmoy

    • Handle API responses:

      • Success: Retrieve the data and get the hash of the credentials from the transaction data.
      • Error: Return the error from the API or indicate transaction lookup errors or transaction not found errors.

  3. Status Check 🚦:

    • Revocation 🚫: Check if the "revocationList" exists in the credential and fetch the revocation list details.
      • Validate the "@context" field in the revocation list.
      • Check the validity of the revocation list type against the supported types.
      • Verify the "id" key against the revocation link fetched from the credential.
      • Check if the issuer list exists and match the issuer link from the issuer profile.
      • Verify the existence of "revokedAssertions".
      • Find the credential ID in the revocation list and return a message if revoked.
      • If the ID matches, retrieve the revocation message and indicate that the credential is revoked with the given message.
      • If not matched, consider the credential valid and not revoked.
    • Expiration (ValidFrom & ValidUntil) 📅: Validate today's date with the "validFrom" & "validUntil" dates.

Package Notes 📝

Version 1.0.17 of the EveryCRED Verifier JS to verify EveryCRED credentials according to the W3C credentials standard.

Readme

Keywords

Package Sidebar

Install

npm i @viitorcloudtechnologies/everycred-verifier-js

Weekly Downloads

83

Version

1.0.17

License

ISC

Unpacked Size

2.93 MB

Total Files

33

Last publish

Collaborators

  • vraj_patel
  • vc-pratik-padia
  • vc-anand-kothari
  • megha.parmar
  • vc-dhruv
  • vcian
Try on RunKit
Report malware