Skip to main content
European CommissionEBSI European Blockchain
Get Help

Verifiable Presentation

Create and verify EBSI-compliant W3C Verifiable Presentations in JWT format.

This library extends the @transmute/json-web-signature and @transmute/vc.js libraries by applying additional validation rules. For more details, see EBSI Verifiable Credentials Playbook.

Note: this library only supports 2020-12 JSON Schemas.

Installation

Using npm:

$ npm i --save @cef-ebsi/verifiable-presentation

Using yarn:

$ yarn add @cef-ebsi/verifiable-presentation

Usage

Creating VP JWTs

Prerequisites

Create an EbsiIssuer object to sign VP JWTs:

import type { EbsiIssuer } from "@cef-ebsi/verifiable-presentation";

const signer: EbsiIssuer({
  did: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1",
  kid: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1#keys-1",
  publicKeyJwk: <JWK>,
  privateKeyJwk: <JWK>,
  alg: "ES256K",
})

In order to create a valid VP JWT, the signer MUST either be a Legal Entity (LE) registered in the DID Registry (EBSI DID method v1), or a Natural Person. For Natural Persons, the did:ebsi method v2 (legacy) and did:key method (with the codec jwk_jcs-pub) are supported.

Creating a Verifiable Credential

Specify a payload matching the EbsiVerifiablePresentation interface. Create a JWT by signing it with the previously configured issuer and a target audience using the createVerifiablePresentationJwt function:

import {
  createVerifiablePresentationJwt,
  EbsiVerifiablePresentation,
} from "@cef-ebsi/verifiable-presentation";

const vpPayload: EbsiVerifiablePresentation = {
  id: "urn:did:123456",
  "@context": ["https://www.w3.org/2018/credentials/v1"],
  type: ["VerifiablePresentation"],
  holder: "did:ebsi:zcWoBr6PUWmtEAJBKTNMuL1",
  // Note: `verifiableCredential` only accept valid VC JWTs (strings)
  verifiableCredential: [
    "eyJraWQiOiJkaWQ6ZWJzaTp6Y1dvQnI...fqtk4SjRA7Cwu-euNohIq4a_63dCKL_xqfWZ3SoBLsBBu0Q",
  ],
};

const audience = "did:ebsi:zwWmyuVKGnQ68EZg3JYZhDG";

const vpOptions = {
  // REQUIRED. EBSI URI Authority ([userinfo "@"] host [":" port])
  ebsiAuthority: "api-test.ebsi.eu",
};

const vpJwt = await createVerifiablePresentationJwt(
  vpPayload,
  signer,
  audience,
  vpOptions,
);

console.log(vpJwt);
// eyJraWQiOiJkaWQ6ZWJzaTp6eEdk...BjHQuXchyO3G6ZrpwzFAHVbmU94aIgcOBKPM1JSp33OR8Q

Verifying JWTs

Prerequisites

Pass in a VP JWT to verify and the target audience using the verifyPresentationJwt function:

import { verifyPresentationJwt } from "@cef-ebsi/verifiable-presentation";

const vpJwt =
  "eyJraWQiOiJkaWQ6ZWJzaTp6eEdk...BjHQuXchyO3G6ZrpwzFAHVbmU94aIgcOBKPM1JSp33OR8Q";
const audience = "did:ebsi:zwWmyuVKGnQ68EZg3JYZhDG";
const options = {
  // REQUIRED. EBSI URI Authority ([userinfo "@"] host [":" port])
  ebsiAuthority: "api-test.ebsi.eu",
};

const verifiedVp = await verifyPresentationJwt(vpJwt, audience, options);

console.log(verifiedVp);
/*
{
    id: "urn:did:123456",
    "@context": ["https://www.w3.org/2018/credentials/v1"],
    type: ["VerifiablePresentation"],
    holder: "did:ebsi:zxGdqT9vHpvXbNehnXbd6g7",
    verifiableCredential: [
      "eyJraWQiOiJkaWQ6ZWJzaTp6Y1dvQnI...fqtk4SjRA7Cwu-euNohIq4a_63dCKL_xqfWZ3SoBLsBBu0Q",
    ],
}
*/

Try it online

The VC & VP validator tool uses the @cef-ebsi/verifiable-presentation to verify VP JWTs.