From a92c53d8d2bf8918f0fed013d50075cf89911f1c Mon Sep 17 00:00:00 2001 From: Bastien Lopez Date: Thu, 10 Oct 2024 14:01:06 +0200 Subject: [PATCH] update few pages --- docs/wallet-provider-backend/ssi-data.md | 127 +++++++++++++++++++++- docs/wallet-provider-backend/support.md | 29 +++-- docs/wallet/developer-mode.md | 35 +++++- docs/wallet/getting_started.md | 48 +++++++++ docs/wallet/overview.md | 3 - docs/wallet/setup_wallet.md | 10 +- docs/wallet/technical_features.md | 96 +---------------- docs/wallet/wallet-metadata.md | 129 +++++++++++++++-------- docs/welcome.md | 2 + sidebars.ts | 15 ++- 10 files changed, 320 insertions(+), 174 deletions(-) create mode 100644 docs/wallet/getting_started.md delete mode 100644 docs/wallet/overview.md diff --git a/docs/wallet-provider-backend/ssi-data.md b/docs/wallet-provider-backend/ssi-data.md index 745b7e9..692891a 100644 --- a/docs/wallet-provider-backend/ssi-data.md +++ b/docs/wallet-provider-backend/ssi-data.md @@ -1,3 +1,126 @@ -# SSI Data +# SSI parameters -Manage and store Self-Sovereign Identity (SSI) data securely within the wallet provider backend. +This section allows an advanced user (admin) to specify the SSI profile of the wallets. + +## Choose an SSI Profile or configure your own + +This option allows admin to select a predefined ecosystem profiles or to define his own profiles through the tuning of parameters. Here is below the main features of the predefined profiles: + + +| Profiles | VC format | OIDC4VCI | DID | Key | +| :---------- | ------------------------ | ---------- | :-------- | ------- | +| Default | ldp_vc | 11 | did:key | EdDSA | +| EBSI V3.x | jwt_vc | 11 | did:key | P-256 | +| EBSI V4.0 | jwt_vc_json, sd-jwt vc | 13 | did:key | P-256 | +| DIIP V2.1 | jwt_vc_json | 13 | did:jwk | P-256 | +| DIIP V3.0 | sd-jwt vc | 13 | did:jwk | P-256 | + +If admin chooses to define its own SSI profile, he must select set the following options: + +## Wallet identifier + +it can be any one of the DID methods of the list ([did:key](https://w3c-ccg.github.io/did-method-key/), [did:jwk](https://github.com/quartzjer/did-jwk/blob/main/spec.md)) associated to one of the types of keys available (EdDSA, P-256 or seck256k1). For EBSI the did:key method is specific, see specification [here](https://hub.ebsi.eu/vc-framework/did/natural-person). + +* cnf, +* did:key with EdDSA key, +* did:key with EBSI encoding and P-256 key, +* did:key with secp256k1 key, +* did:key with P-256 key, +* did:jwk with P-256 key + +In case of the EUDI Architecture Reference Framework - ARF, choose the `cnf` option as the wallet identifier. + +### OID4VCI Client Type + +The client type affects how the wallet authenticates and interacts with the authorization server during credential issuance. + +* **did:** Decentralized Identifier, typically used for secure, decentralized identity interactions, +* **urn:ietf:params:oauth:** Used when the subject is identified via a JWK thumbprint, +* **confidential:** For confidential clients that require secure and private interaction with the authorization server. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `**urn:ietf:params:oauth` option. + +### Cryptographic Holder Binding + +* **Yes (default):** Keeps cryptographic binding enabled, ensuring that credentials are cryptographically tied to the holder, providing higher security, +* **No:** Disables cryptographic binding, allowing credentials to be bound without cryptographic proofs for claim binding for instance. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `Yes` option. + +Learn more about crypto binding [here](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-claims-based-binding-of-the). + +### Scope parameters + +Scope parameters define the specific scope of the credential inside the authorization request request. If scope is not used, wallet will use an authorization details object. + +Enabling scope parameters provides more granular control over the credential issuance process. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `scope` option. + +Learn more about scope [here](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-using-scope-parameter-to-re). + +### Client Authentication Method + +Select one authentication method among the following ones: + +* **None:** No authentication required. +* **Client ID:** Identifies the client with a unique ID, +* **Client Secret Basic:** Sends ID and secret in the HTTP header, +* **Client Secret Post:** Sends ID and secret in the request body, +* **Wallet Attestation:** Proves authenticity via attestation, + +In case of the EUDI Architecture Reference Framework - ARF, choose the `wallet attestation` option. + +Learn more about authentication method [here](https://www.rfc-editor.org/rfc/rfc6749#section-2.3). + +### Choosing a VC Format + +Select the VC format: + +* **ldp_vc:** W3C verifiable credentials using Linked Data Proofs. +* **jwt_vc:** EBSI compatible credentials in JWT format. +* **jwt_vc_json:** Structured JSON format with JWT flexibility. +* **jwt_vc_json-ld:** Linked data support with JWT. +* **vc+sd-jwt:** Selective disclosure for privacy in JWTs. +* **auto:** Auto-selects the format depending on issuer metadata. + +**auto** means the wallet displays all formats. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `vc+sd-jwt` option. + +Learn more about VC format [here](https://www.w3.org/TR/vc-data-model/). + +### OIDC4VCI Proof Type + +The proof type determines how the wallet proves its key ownership when presenting credentials. + +* **jwt:** Uses JWT to prove key ownership. +* **ldp_vp:** Verifiable Presentation with linkedin data proof. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `jwt` option. + +Learn more about proof type [here](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-proof-types). + +### Proof of Possession Headers + +This setting determines what data to include in the header of the JWT proof type. + +* **kid:** Key ID, used to identify the key in the proof of possession. +* **jwk:** JSON Web Key, representing the key in a structured format for proof of possession. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `jwk` option. + +### Push Authorization Request (PAR) + +PAR is an advanced feature that enhances security during the authorization process by ensuring the integrity of the request. + +* **Yes:** Push authorization requests to the server, +* **No:** Uses traditional redirect for authorization requests. + +In case of the EUDI Architecture Reference Framework - ARF, choose the `Yes` option. + +Learn more about PAR [here](https://datatracker.ietf.org/doc/html/rfc9126). + +### Status List Cache + +The Status List cache duration controls how long the wallet stores status lists used to verify credentials (e.g., revoked or valid). Adjusting this duration can balance performance with up-to-date information. diff --git a/docs/wallet-provider-backend/support.md b/docs/wallet-provider-backend/support.md index d935254..8bba840 100644 --- a/docs/wallet-provider-backend/support.md +++ b/docs/wallet-provider-backend/support.md @@ -1,38 +1,33 @@ # Support -Access the support resources available for managing and troubleshooting the wallet provider backend. +## Chat and Notification for Talao and Altme Wallets users with Matrix -# Chat and Notification Setup for Talao and Altme Wallets +[Matrix.org](https://matrix.org/) is an open-source, decentralized, end-to-end encrypted messaging protocol. Unlike centralized services such as WhatsApp, Slack, or Telegram, Matrix ensures privacy and avoids using private, centralized services. Currently, there are over 1,000 Matrix servers. Talao operates its own server, dedicated to the authentication of its wallets -Matrix.org is an open-source, decentralized, end-to-end encrypted messaging protocol. Unlike centralized services such as WhatsApp, Slack, or Telegram, Matrix ensures privacy and avoids using private, centralized services. Currently, there are over 1,000 Matrix servers. Talao operates its own server, dedicated to the authentication of its wallets. +For more information about Matrix, you can visit: -To create chat and notification accounts, follow these steps: +- [Matrix Clients](https://matrix.org/ecosystem/clients/) +- [Matrix Servers](https://servers.joinmatrix.org/) -## Step 1: Installing a Web or Smartphone Client Application +There are many Matrix client applications available. You can find a list [here](https://matrix.org/ecosystem/clients/). -There are many Matrix client applications available. You can find a list [here](https://matrix.org/ecosystem/clients/). We recommend using the Element client, which is one of the most popular options. Element is available on iOS and Android smartphones, as well as on various web platforms like Windows and Linux. You can download it from this [Element page](https://matrix.org/ecosystem/clients/element/). +We recommend using the [Element Client](https://matrix.org/ecosystem/clients/element/), which is one of the most popular options. Element is available on iOS and Android smartphones, as well as on various web platforms like Windows and Linux. You can download it from this [Element page](https://matrix.org/ecosystem/clients/element/). -## Step 2: Creating an Account for Chat +To configure Talao Chat and Notification with Element, follow the 3 steps below: + +### Step 1: Creating an Account for Chat Once you install the Element client, create an account on a public server, such as [matrix.org](https://matrix.org), or any other public server. You can view a list of available servers [here](https://servers.joinmatrix.org/). After completing this step, you will have a chat address in the format `@my_name:matrix.org`, assuming you use the matrix.org server. -## Step 3: Creating a Public Room for Notifications +### Step 2: Creating a Public Room for Notifications In Element, select the option to create a public room, and enter a name for your room. If you use the matrix.org server, you will receive a room address in the format `#my_room:matrix.org`. Please ensure that the room is set to "public," not "private." -## Step 4: Entering Information on the Wallet Provider Backend +### Step 3: Entering Information on the Wallet Provider Backend In the wallet provider backend, go to the **Support** page and enter your chat and notification addresses in forms **7.2** and **7.5**. Save the configuration. ## Using Chat and Notifications -If you already have a wallet, update your configuration to enable chat and notifications. - - **For Chat**: You will receive an invitation in your Element client app from each wallet using your configuration. Accept the invitation, and you can privately and anonymously communicate with the wallet user in a private room. All messages are end-to-end encrypted, and you can exchange both text and images. - - **For Notifications**: Any messages you post in your notification room will be sent to all wallets. Note that users cannot reply to these messages. - -For more information, you can visit: -- [Matrix Clients](https://matrix.org/ecosystem/clients/) -- [Matrix Servers](https://servers.joinmatrix.org/) -- [Element Client](https://matrix.org/ecosystem/clients/element/) diff --git a/docs/wallet/developer-mode.md b/docs/wallet/developer-mode.md index 3c05c35..72f3939 100644 --- a/docs/wallet/developer-mode.md +++ b/docs/wallet/developer-mode.md @@ -1,3 +1,36 @@ # Developer Mode -Learn about the developer mode of the Talao wallet for advanced testing and customization. +The developer mode allow any technical users to get internal information about the wallet data and logic. It modifies the display of verifiable credentials and it provides data of the wallet calls and responses. + +The developer mode can be removed from the settings menu of the wallet through the Wallet Provider Backend. + +Below are all the wallet features which are enhanced or modified in the developer mode. + +## Display of verifiable credentials + +Verifiable credentials are displayed in their original form as json-ld or jwt. For jwt users have an access to the header and payload of the credentials. For sd-jwt vc, jwt are displayed with all disclosures decoded. + +## Display of the wallet instance attestation + +If the wallet is used with the wallet provider backend the developer mode gives access to the wallet instance attestation which is displayed on the main screen of the wallet. + +## Verifiable credentials status and validity + +In case of signature failure or invalid status, the reasons of the problems are provided in details. + +## Protocol flow + +After scanning an OIDC4VC QR code a popup proposes to users to: + +* display the QR code data and the OpeinID issuer metadata, +* download this information as a text file, +* skip to bypass. + +Within the OIDC4VCI flow, the wallet proposes to display or download the data received from: + +- the token endpoint, +- the credential endpoint. + +## Display of errors + +In case of an error response from issuers or verifiers, users have an access to the `error_description` data returned. diff --git a/docs/wallet/getting_started.md b/docs/wallet/getting_started.md new file mode 100644 index 0000000..8df990a --- /dev/null +++ b/docs/wallet/getting_started.md @@ -0,0 +1,48 @@ +# Getting Started + +Download the Talao or Altme wallet from the Apple store or Google Play Store. + +The links to download the wallets are: + +* [Altme Google store](https://play.google.com/store/apps/details?id=co.altme.alt.me.altme&hl=en-US&pli=1) +* [Altme Apple store](https://apps.apple.com/fr/app/altme-wallet/id1633216869) +* [Talao Google store](https://play.google.com/store/apps/details?id=co.talao.wallet&hl=fr) +* [Talao Apple store](https://apps.apple.com/fr/app/talao-wallet/id1582183266?platform=iphone) + +Setup the PIN code if it is the first install. + +## Get a proof of email + +Let's get a proof of an email address: + +1. Open the wallet app, +2. From main screen clic on **DISCOVER** in the bottom bar, +3. Clic on **Proof of email**, clic on **GET THIS CARD**, +4. Follow the process, enter your email, enter the secret code received by email, +5. Choose the wallet installed Altme or Talao, +6. **Allow** access to domain talao.io, +7. **Select** the credential you consent to collect, +8. Clic on **MY WALLET** in the bottom bar + +You have now your first verifiable credential, if you clic on the "card" you will get an access to the data of the credential. This credential has been issued by an issuer managed by Talao. The set of data has been signed by Talao after checking the value of the code. It is a proof of the ownership of an email address as a verifiable credential signed by Talao. + +## Get a proof of age (over 18) + +Let's get a proof of age with an instant pictrure: + +1. From main screen clic on **DISCOVER** in the bottom bar, +2. clic on **Proof of over 18**, clic on **GET THIS CARD**, +3. clic on **Quick photo of you (1 min)** +4. follow the process, +5. clic on **MY WALLET** in the bottom bar + +You have now a proof of age. The age verification has been provided by our partner [Yoti thanks to an AI](https://www.yoti.com/business/age-verification/). This credential has been issued by an issuer managed by Talao. It is a proof of age as a verifiable credntial signed by Talao. + +## Present a proof age + +Let's now present this proof of age to the age verification tool setup by our partner [Werify](https://werify.eu/): + +1. Clic [here]([https://staging.werify.eu/#/werify_point_kiosk/attempt+ideology+glamorous+varsity+spelling](https://staging.werify.eu/#/werify_point_kiosk/attempt+ideology+glamorous+varsity+spelling)), +2. scan the QR code with the wallet scanner. + +You have used your credential to prove your age. This tools is a verifier managed by Werify. diff --git a/docs/wallet/overview.md b/docs/wallet/overview.md deleted file mode 100644 index a10f7ba..0000000 --- a/docs/wallet/overview.md +++ /dev/null @@ -1,3 +0,0 @@ -# Wallet Overview - -This section provides an overview of the Talao wallet, its features, and how it can be used. diff --git a/docs/wallet/setup_wallet.md b/docs/wallet/setup_wallet.md index d205b54..d802583 100644 --- a/docs/wallet/setup_wallet.md +++ b/docs/wallet/setup_wallet.md @@ -1,4 +1,4 @@ -# Wallet the setup +# Wallet setup The wallets Talao and Altme can be directly downloaded from the Google or Apple stores but they can also be installed and configured in different ways for extended services. @@ -33,14 +33,14 @@ In this case users must first download the wallet from the store then scan the Q * standard users : they have a login/password and they are managed through the wallet provider backend. They can be suspended or even revoked if needed. They also have a personal access to the wallet provider backend to manage their own account, * guest: they have no login/password, it is a public access to your onboard unknown users -**It is the best solution to deploy your wallet to employees or to a limited and known group of people.** +**It is the best solution to deploy your wallet to a group of known people.** ### Download and configure the wallet in one step with an installation link In this case the link allowed your users to install the wallet to their device with a specific configuration defined in the wallet provider backend. The installation link is in the form of: -* https://app.talao.co/install?password=guest&login=guest@identinet&wallet-provider=https://wallet-provider.talao.co or -* https://app.altme.io/install?password=guest&login=guest@identinet&wallet-provider=https://wallet-provider.talao.co +* `https://app.talao.co/install?password=guest&login=guest@identinet&wallet-provider=https://wallet-provider.talao.co `or +* `https://app.altme.io/install?password=guest&login=guest@identinet&wallet-provider=https://wallet-provider.talao.co`` The installation link is only available for guests. @@ -51,7 +51,7 @@ The installation link is only available for guests. Like any other smartphone app, user must initialize their wallet first. 2 options are proposed: * import an account : users have previously saved their private keys through a passphrase in this app or in another wallet. they can recover their private keys, -* create an account: for new users +* create an account: for new users. They will be then asked to choose their mean of authentication as a PIN code, a biometric or both to get a more secure 2 factors authentication. If a PIN code is chosen, confirmation will be requested. diff --git a/docs/wallet/technical_features.md b/docs/wallet/technical_features.md index be954cd..adfa649 100644 --- a/docs/wallet/technical_features.md +++ b/docs/wallet/technical_features.md @@ -1,95 +1 @@ -# FAQ for Talao Wallet - -
- Can I request a demo to see your wallet solutions in action? - - Absolutely. [Reach out to us](https://qhf0siml406.typeform.com/to/PdULRDIV?typeform-source=talao.io) to schedule a demo, and we'll provide you with an in-depth look at how our wallet solutions can elevate your project. -
- -
- How do I know if your wallet solutions are the right fit for my project? - - Our team of experts is here to assist you in assessing your project's requirements and goals. [Contact us](https://qhf0siml406.typeform.com/to/PdULRDIV?typeform-source=talao.io), and we'll guide you through how our solutions can align with your needs. -
- -
- How to choose between Talao's Wallet as a Service solution and a white-label? - - When deciding between Talao's Wallet as a Service (WaaS) and our white-label solution, consider the following factors: - - - **Multi-usage Needs:** If your wallet needs to support a variety of use cases, our WaaS solution is ideal for its versatility and flexibility. - - **Project Type (PoC or Production):** For production projects, our white-label solution offers a dedicated and simplified user experience, ensuring a tailored interface for your specific needs. - - **Budget and Specific Requirements:** Your choice will depend on your project's budget and unique requirements. Evaluate whether your project is in the production phase or a proof of concept to determine the best fit. -
- -
- What tech does Talao wallets support? - - - **VC/VP formats:** JSON-LD, JWT, SD-JWT, JSON-LD ZKP - - **Protocols:** OIDC4VCI (Pre-authorized code flow, User PIN, Authorization code flow, Deferred endpoint), OIDC4VP, SIOPV2 (Last draft), Presentation definition, Presentation submission - - **Supported DID methods:** did:key, did:jwk, did:web, did:ion, did:hedera, did:tz, did:pkh, did:ebsi, did:polygonid, PolygonId Iden3 protocol, DIF Presentation Exchange v2.0 - - **OIDC4VC profiles:** EBSI-V3, DIIP, OWF, GAIA-X - - **Compatible issuers and verifiers:** Walt.id, Sphereon, Authlete, SICPA, Netecetera, Meeco (soon more) - - 👉 [Read more about our tech stack](https://talao.io/blog/building-future-proof-digital-identity-wallets-with-talaos-technology-stack/) -
- -
- How does the ARF framework relate to the EUDI Wallet? - - The ARF (Architecture Reference Framework) provides the technical guidelines and standards for the development and interoperability of the EUDI Wallet. It ensures that the wallet adheres to the highest security and privacy standards. -
- -
- Altme Wallet Features - - 1. Same features as Talao wallet - 2. Available on [Apple Store](https://apps.apple.com/us/app/talao-wallet/id1582183266#?platform=iphone) and [Google Store](https://play.google.com/store/apps/details?id=co.talao.wallet) - 3. Blockchain support: Tezos, Ethereum, Polygon, Fantom, BNB - 4. Send/receive crypto, token, NFT - 5. Buy crypto through wert.io exchange - - 👉 Visit Altme's landing page: [https://altme.io](https://altme.io) -
- -
- Talao Wallet Features - - 1. Available on [Google Store](https://play.google.com/store/apps/details?id=co.talao.wallet) and [Apple Store](https://apps.apple.com/us/app/talao-wallet/id1582183266#?platform=iphone) - - 2. **Protocol OIDC4VC:** - - OIDC4VCI Draft 11 and 13 - - OIDC4VP Draft 20 - - SIOPV2 Draft 12 - - VC Format: `ldp_vc`, `vc_jwt_json`, `sd-jwt` - - 3. **OIDC4VCI:** - - Flow: Authorization code flow, pre-authorized code flow with Tx - - Supported endpoints: credential, deferred, PAR, wallet attestation (Assertion), PKCE, scope and authorization details - - Client authentication methods: none, client secret basic, client secret post, jwt - - Identifier: JWK, JWK Thumprint, did:key, did:jwk, did:pkh - - Proof type: jwt, ldp_vp - - 4. **OIDC4VP:** - - client_id_scheme: did, verifier, X509 - - request object and request_uri - - Direct_post and direct_post.jwt - - PEX 2.0 partial - - 5. **Signature Suite:** - - Jose: ES256, ES256K, EdDSA - - Linked Data Proof: Ed25519Signature2018, RsaSignature2018 - - 6. **Other Features:** - - Bitstring status list 1.0 and IETF token status list - - OIDC4VC Embedded profile: HAIP, EBSI-V3 (compliant wallet), DIIP V2.1, DIIP V3.0 - - Talao DID resolver for issuer/verifier: `did:web`, `did:ethr`, `did:ebsi`, `did:dht` - - Wallet user authentication: PIN and biometric - - User chat through Matrix.org - - Developer mode - - Embedded issuer marketplace - - Compliant with: Waltid, Sphereon, Sicpa, Authlete tools - - Open source code - - Wallet as a Service with SLA - - 👉 Learn more: [https://talao.io/talao-wallet](https://talao.io/talao-wallet) -
\ No newline at end of file +# Technical Features \ No newline at end of file diff --git a/docs/wallet/wallet-metadata.md b/docs/wallet/wallet-metadata.md index 4212bf1..6faef18 100644 --- a/docs/wallet/wallet-metadata.md +++ b/docs/wallet/wallet-metadata.md @@ -1,32 +1,50 @@ -# Wallet Metadata Configuration +# Wallet Metadata -Metadata in the context of digital wallets like Talao and Altme describe the specific configurations that define the wallet’s compatibility, supported formats, cryptographic algorithms, and available features. They are crucial for setting up and integrating wallets for credential issuance and verification. +Metadata in the context of digital wallets like Talao and Altme describes the specific configurations that define the wallet’s compatibility, supported formats, cryptographic algorithms, and available features. They are crucial for setting up and integrating wallets for credential issuance and verification.. -## Why is Metadata Important? +### Issuance : Wallet acts as a client -Metadata ensures standardization in interactions between different systems, guaranteeing optimal compatibility and security. It specifies supported data formats, signature algorithms, user authentication types, and more. This allows communication systems (such as issuers and verifiers) to operate with consistent and secure configurations. +Wallet endpoints start either with https://app.talao.co/xxxx for Talao wallet or with https://app.altme.io/xxx for Altme wallet. -### Example Metadata for an Issuer +Below metadata is for Altme wallet: -The following metadata is used to configure an issuer in the Talao or Altme wallet thanks to wallet_metadata_for_issuer.json: - -```json +``` { "vp_formats_supported": { "jwt_vp": { - "alg": ["ES256", "ES256K", "EdDSA"] + "alg": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "jwt_vc": { - "alg": ["ES256", "ES256K", "EdDSA"] + "alg": [ + "ES256", + "ES256K",* + "EdDSA" + ] }, "jwt_vp_json": { - "alg": ["ES256", "ES256K", "EdDSA"] + "alg": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "jwt_vc_json": { - "alg": ["ES256", "ES256K", "EdDSA"] + "alg": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "vc+sd-jwt": { - "alg": ["ES256", "ES256K", "EdDSA"] + "alg": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "ldp_vp": { "proof_type": [ @@ -45,11 +63,21 @@ The following metadata is used to configure an issuer in the Talao or Altme wall ] } }, - "grant_types": ["authorization code", "pre-authorized_code"], - "redirect_uris": ["https://app.altme.io/app/download/callback"], - "subject_syntax_types_supported": ["did:key", "did:jwk"], - "subject_syntax_types_discriminations": ["did:key:jwk_jcs-pub", "did:ebsi:v1"], - "response_types_supported": ["vp_token", "id_token"], + "grant_types": [ + "authorization code", + "pre-authorized_code" + ], + "redirect_uris": [ + "https://app.altme.io/app/download/callback" + ], + "subject_syntax_types_supported": [ + "did:key", + "did:jwk" + ], + "subject_syntax_types_discriminations": [ + "did:key:jwk_jcs-pub", + "did:ebsi:v1" + ], "token_endpoint_auth_method_supported": [ "none", "client_id", @@ -57,41 +85,52 @@ The following metadata is used to configure an issuer in the Talao or Altme wall "client_secret_basic", "client_secret_jwt" ], - "credential_offer_endpoint_supported": [ + "credential_offer_endpoint": [ "openid-credential-offer://", "haip://" ], - "contacts": ["contact@talao.io"] + "client_name": "Altme wallet", + "contacts": [ + "contact@talao.io" + ] } ``` -#### Explanation: -- **Supported Presentation Formats (vp_formats_supported):** Defines the supported formats for Verifiable Presentations (JWT, LDP). -- **Cryptographic Algorithms (alg):** Specifies the cryptographic algorithms used for signing data (ES256, ES256K, EdDSA). -- **Subject Types (subject_syntax_types_supported):** Indicates the supported types of identifiers, such as `did:key` and `did:jwk`. -- **Authentication Methods (token_endpoint_auth_method_supported):** Lists the supported methods for authenticating requests to the token endpoint. +### Verification: wallet acts as an Authorization Server -### Example Metadata for a Verifier +Wallet endpoints start either with https://app.talao.co/xxxx for Talao wallet or with https://app.altme.io/xxx for Altme wallet. -The following metadata is used to configure a verifier in the wallet thanks to wallet_metadata_for_verifiers.json: +Below metadata is for Altme wallet: -```json +``` { - "wallet_name": "talao_wallet", - "key_type": "software", - "user_authentication": "system_biometry", + "client_name": "Altme_wallet", "authorization_endpoint": "https://app.altme.io/app/download/authorize", - "grant_types_supported": ["authorization_code", "pre-authorized_code"], - "response_types_supported": ["vp_token", "id_token"], + "response_types_supported": [ + "vp_token", + "id_token" + ], "vp_formats_supported": { "jwt_vc_json": { - "alg_values_supported": ["ES256", "ES256K", "EdDSA"] + "alg_values_supported": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "jwt_vp_json": { - "alg_values_supported": ["ES256", "ES256K", "EdDSA"] + "alg_values_supported": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "vc+sd-jwt": { - "alg_values_supported": ["ES256", "ES256K", "EdDSA"] + "alg_values_supported": [ + "ES256", + "ES256K", + "EdDSA" + ] }, "ldp_vp": { "proof_type": [ @@ -116,17 +155,15 @@ The following metadata is used to configure a verifier in the wallet thanks to w "x509_san_dns", "verifier_attestation" ], - "request_object_signing_alg_values_supported": ["ES256", "ES256K"], + "request_object_signing_alg_values_supported": [ + "ES256", + "ES256K", + "EdDSA" + ], "presentation_definition_uri_supported": true, - "contacts": ["contact@talao.io"] + "contacts": [ + "contact@talao.io" + ] } ``` -#### Explanation: -- **Wallet Name (wallet_name):** The name of the configured wallet (`talao_wallet`). -- **User Authentication (user_authentication):** Specifies the user authentication method, here using system biometrics. -- **Supported Presentation Formats (vp_formats_supported):** The types of supported Verifiable Presentation formats. -- **Supported Algorithms (alg_values_supported):** The cryptographic algorithms supported for signing presentation objects. - -These metadata configurations enable wallets and credential exchange systems to function smoothly and securely. -``` diff --git a/docs/welcome.md b/docs/welcome.md index e049654..b1d18c1 100644 --- a/docs/welcome.md +++ b/docs/welcome.md @@ -36,4 +36,6 @@ We also use specifications of ecosystems or technical profiles as: ## Notice +Talao and Altme wallets are **advanced SSI wallets**. They support different ecosystems, different VC formats, different protocol versions. They are useful tools for issuer and verifier developers. At first glance these wallets may seem complex but on the other hand their customization parameters allow to simplify their appearance for all use cases of production projects. + The Altme and Talao wallets are available in open source code on the [Talao github repository](https://github.com/TalaoDAO/AltMe), the wallet provider backend is offered in the form of a license agreement. The Talao and Altme wallets are autonomous and do not require access to the backend, however the latter is useful for a complex configuration of the wallet or for the deployment of projects in companies. diff --git a/sidebars.ts b/sidebars.ts index 09e25f3..21e17bb 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -17,20 +17,25 @@ const sidebars: SidebarsConfig = { type: 'category', label: 'Wallet', items: [ - 'wallet/overview', 'wallet/setup_wallet', + 'wallet/getting_started', 'wallet/main-wallet-screens', { type: 'category', label: 'Settings Menu', items: [ - 'wallet/settings-menu/about-and-activity-log', + 'wallet/settings-menu/wallet-profiles', + 'wallet/settings-menu/wallet-security', + // wallet settings + // blockchain settings + 'wallet/settings-menu/self-sovereign-identity', 'wallet/settings-menu/developer-mode', 'wallet/settings-menu/help-center', + 'wallet/settings-menu/about-and-activity-log', 'wallet/settings-menu/reset-wallet', - 'wallet/settings-menu/self-sovereign-identity', - 'wallet/settings-menu/wallet-profiles', - 'wallet/settings-menu/wallet-security', + + + ], }, 'wallet/altme-and-blockchain-support',