diff --git a/docs/docusaurus/credentialdefinition/create.md b/docs/docusaurus/credentialdefinition/create.md new file mode 100644 index 0000000000..2e766a6aa9 --- /dev/null +++ b/docs/docusaurus/credentialdefinition/create.md @@ -0,0 +1,145 @@ +# Create the Credential Definition + +The PRISM platform v2.0 exposes REST API for creation, fetching, and searching the [credential definition](/docs/concepts/glossary#credential-definition) records. + +The OpenAPI specification and ReDoc documentation describe the endpoint. + +In this document, you can find step-by-step instructions for creating the credential definition. + +## Step-by-step guide + +The following guide demonstrates how to create a birth certificate credential definition. + +### 1. Define the Credential Definition for the Verifiable Credential + +Assume you are aiming to define a credential for birth certificates. This credential definition has specific properties and ties to a schema in the PRISM platform. + +Here's a sample content of the credential definition: + +```json +{ + "name": "Birth Certificate location", + "description": "Birth certificate Anoncred Credential Definition", + "version": "1.0.0", + "tag": "Licence", + "author": "{{ISSUER_DID_SHORT}}", + "schemaId": "http://host.docker.internal:8080/prism-agent/schema-registry/schemas/{{SCHEMA_ID}}", + "signatureType": "CL", + "supportRevocation": true +} +``` + +### 2. Create the Credential Definition Record + +1. Use your preferred REST API client, such as Postman or Insomnia, or utilize a client stub that's generated based on the OpenAPI specification. + +2. In your API client, initiate a new POST request to the `/credential-definition-registry/definitions/` endpoint. + +Please note: The `author` field value should align with the short form of a PRISM DID previously created by the same agent. It's okay if this DID is unpublished. You can refer to the [Create DID](../dids/create.md) documentation for more comprehensive details on crafting a PRISM DID. + +3. Construct the request body using the following JSON object: + +```json +{ + "name": "Birth Certificate location", + "description": "Birth certificate Anoncred Credential Definition", + "version": "1.0.0", + "tag": "Licence", + "author": "{{ISSUER_DID_SHORT}}", + "schemaId": "http://host.docker.internal:8080/prism-agent/schema-registry/schemas/{{SCHEMA_ID}}", + "signatureType": "CL", + "supportRevocation": true +} +``` + +4. Transmit the POST Request to Create the New Credential Definition + +Once you've crafted your POST request, send it. Upon success, the server should respond with a GUID that uniquely identifies the new credential definition. + +For ease of reference, here's a `curl` example: + +```shell +curl -X 'POST' \ + 'http://localhost:8080/credential-definition-registry/definitions/' \ + -H 'accept: application/json' \ + -H "apikey: $API_KEY" \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "Birth Certificate location", + "description": "Birth certificate Anoncred Credential Definition", + "version": "1.0.0", + "tag": "Licence", + "author": "{{ISSUER_DID_SHORT}}", + "schemaId": "http://host.docker.internal:8080/prism-agent/schema-registry/schemas/{{SCHEMA_ID}}", + "signatureType": "CL", + "supportRevocation": true +} +``` + +A potential response could be: + +```json +{ + "guid": "3f86a73f-5b78-39c7-af77-0c16123fa9c2", + "id": "f2bfbf78-8bd6-4cc6-8b39-b3a25e01e8ea", + "longId": "did:prism:agent/f2bfbf78-8bd6-4cc6-8b39-b3a25e01e8ea?version=1.0.0", + "name": "Birth Certificate location", + "version": "1.0.0", + "description": "Birth certificate Anoncred Credential Definition", + "tag": "Licence", + "author": "did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff", + "authored": "2023-03-14T14:41:46.713943Z", + "schemaId": "http://host.docker.internal:8080/prism-agent/schema-registry/schemas/{{SCHEMA_ID}}", + "signatureType": "CL", + "supportRevocation": true, + "kind": "CredentialDefinition", + "self": "/credential-definition-registry/definitions/3f86a73f-5b78-39c7-af77-0c16123fa9c2" +} +``` + +### 3. Retrieve the Created Credential Definition + +To obtain details of the newly created credential definition, send a GET request to the `/credential-definition-registry/definitions/{guid}` endpoint. Replace `{guid}` with the unique GUID returned from the previous creation step. + +To exemplify this process, use the following `curl` command: + +```shell +curl -X 'GET' \ + 'http://localhost:8080/credential-definition-registry/definitions/3f86a73f-5b78-39c7-af77-0c16123fa9c2' \ + -H 'accept: application/json' \ + -H "apikey: $API_KEY" +``` + +You should receive a response containing the JSON object representing the credential definition you've just established: + +```json +{ + "guid": "3f86a73f-5b78-39c7-af77-0c16123fa9c2", + "id": "f2bfbf78-8bd6-4cc6-8b39-b3a25e01e8ea", + "longId": "did:prism:agent/f2bfbf78-8bd6-4cc6-8b39-b3a25e01e8ea?version=1.0.0", + "name": "Birth Certificate location", + "version": "1.0.0", + "description": "Birth certificate Anoncred Credential Definition", + "tag": "Licence", + "author": "did:prism:4a5b5cf0a513e83b598bbea25cd6196746747f361a73ef77068268bc9bd732ff", + "authored": "2023-03-14T14:41:46.713943Z", + "schemaId": "http://host.docker.internal:8080/prism-agent/schema-registry/schemas/{{SCHEMA_ID}}", + "signatureType": "CL", + "supportRevocation": true, + "kind": "CredentialDefinition", + "self": "/credential-definition-registry/definitions/3f86a73f-5b78-39c7-af77-0c16123fa9c2" +} +``` + +Remember, in the PRISM platform, the combination of author, id, and version uniquely identifies each credential definition. Thus, using the same agent DID as the author, you cannot establish another credential definition with identical id and version values. + +### 4. Update the Credential Definition + +To update or upgrade an existing credential definition, follow the steps outlined below: + +1. Begin with the first step and make necessary modifications to the Credential Definition. +2. Update the `version` value to reflect the changes made. This is important to ensure that each version of the credential definition remains distinct. +3. Create a new credential definition entry with the updated version and schema. + +Note: When you make changes to an existing credential definition, it's essential to version the new entry accurately. This ensures clarity and avoids potential conflicts or misunderstandings among different versions of the same definition. + diff --git a/docs/docusaurus/credentialdefinition/credential-definition.md b/docs/docusaurus/credentialdefinition/credential-definition.md new file mode 100644 index 0000000000..add79d43de --- /dev/null +++ b/docs/docusaurus/credentialdefinition/credential-definition.md @@ -0,0 +1,127 @@ +# Anoncred Credential Definition Guide + +## Abstract + +This document details the structure, supported formats, and technical intricacies of Anoncred Credential Definitions within the Atala PRISM Platform. + +## 1. Introduction + +An Anoncred Credential Definition serves as a standardized format for any given Anoncred Verifiable Credential. By embedding essential attributes unique to each type of credential, it lays the groundwork for diverse categories of verifiable credentials. Integrating this definition on a public blockchain ensures its availability and verifiability for all stakeholders. + +The PRISM Platform endorses the Anoncred Credential Definition, conforming to the [Hyperledger AnonCreds specification](https://hyperledger.github.io/anoncreds-spec/#term:schemas). + +## 2. Anoncred Credential Definition Attributes + +### name (String) + +A descriptive and readable name indicating the type or category of the credential. + +**Example:** +```json +{ +"name": "{{CREDENTIAL_NAME}}" +} +``` + +--- + +### description (String) + +A succinct descriptor providing an overview of the credential definition's purpose or category. + +**Example:** +```json +{ +"description": "{{CREDENTIAL_DESCRIPTION}}" +} +``` + +--- + +### version (String) + +Specifies the version of the credential definition, using the [SemVer](https://semver.org/) protocol. + +**Example:** +```json +{ +"version": "{{VERSION_NUMBER}}" +} +``` + +--- + +### tag (String) + +A unique identifier or tag associated with the credential definition. + +**Example:** +```json +{ +"tag": "{{TAG_IDENTIFIER}}" +} +``` + +--- + +### author (DID) + +The decentralized identifier (DID) of the entity that created the credential definition. + +**Example:** +```json +{ +"author": "{{ISSUER_DID_SHORT}}" +} +``` + +--- + +### schemaId (URI) + +A distinct reference to retrieve the schema from the PRISM Schema Registry. + +**Example:** +```json +{ +"schemaId": "{{SCHEMA_REGISTRY_URI}}" +} +``` + +--- + +### signatureType (String) + +Indicates the type of signature applied to the credential definition. + +**Example:** +```json +{ +"signatureType": "{{SIGNATURE_TYPE}}" +} +``` + +--- + +### supportRevocation (Boolean) + +Specifies if the credential definition incorporates revocation capabilities. + +**Example:** +```json +{ +"supportRevocation": "{{BOOLEAN_VALUE}}" +} +``` + +--- + +## Conclusion + +The Anoncred Credential Definition is a versatile tool that offers a standardized approach for an array of verifiable credentials. By ensuring its correct incorporation within the Atala PRISM Platform, the issuance and validation processes of various credentials can be streamlined and made more efficient. + +## References + +- [Hyperledger AnonCreds specification](https://hyperledger.github.io/anoncreds-spec/#term:schemas) + +**Note:** Throughout the implementation phase within the PRISM platform, it's crucial to replace placeholders (such as `{{CREDENTIAL_NAME}}`, `{{VERSION_NUMBER}}`, and others) with their real, intended values. diff --git a/docs/docusaurus/credentialdefinition/delete.md b/docs/docusaurus/credentialdefinition/delete.md new file mode 100644 index 0000000000..4b6ef0637a --- /dev/null +++ b/docs/docusaurus/credentialdefinition/delete.md @@ -0,0 +1,14 @@ +# Delete the Credential Definition + +Unfortunately, once published (especially in the [Verifiable Data Registry (VDR)](/docs/concepts/glossary#verifiable-data-registry), deleting the credential definition becomes unfeasible. + +In the PRISM Platform v2.0, credential definitions aren't published to the VDR. This functionality will be incorporated in subsequent versions of the platform. Hence, the platform currently doesn't provide a REST API for deletion. + +If you need to `delete` the credential definition, it's advisable to contact the database administrator or directly remove it from the Postgres instance using its `guid`. + +For example: + +```sql +DELETE +FROM credential_definition +WHERE guid = '3f86a73f-5b78-39c7-af77-0c16123fa9c2' diff --git a/docs/docusaurus/schemas/credential-schema.md b/docs/docusaurus/schemas/credential-schema.md index dd6e55aa01..a45196c4f5 100644 --- a/docs/docusaurus/schemas/credential-schema.md +++ b/docs/docusaurus/schemas/credential-schema.md @@ -16,7 +16,7 @@ semantic interoperability of the Credential. The PRISM Platform supports the following specifications of the credential schemas: - [Verifiable Credentials JSON Schema 2022](https://w3c-ccg.github.io/vc-json-schemas/) -- [AnonCreds Schema](https://hyperledger.github.io/anoncreds-spec/#term:schemas) - planned +- [AnonCreds Schema](https://hyperledger.github.io/anoncreds-spec/#term:schemas) The signed credential schema allows doing following verifications: @@ -27,6 +27,7 @@ The author can use credential schema to issue the following types of verifiable - JSON Verifiable Credential - JSON-LD Verifiable Credential +- Anoncred Verifiable Credential - all types above but encoded as JWT Limitations and constraints of the PRISM Platform v2.0: @@ -74,7 +75,8 @@ Resource identifier of the given credential schema composed from the author's [D It is a type of the supported JSON Schema of the credential schema. It describes the JSON Schema of the Credential Schema described in this document. -In the current implementation, this field must always be the value in the following example: + +**JWT Credential Schema Example:** ```json { @@ -82,6 +84,14 @@ In the current implementation, this field must always be the value in the follow } ``` +**AnonCred Credential Schema Example:** + +```json +{ + "type" : "AnoncredSchemaV1" +} +``` + --- ### name (String) @@ -200,6 +210,25 @@ JSON Schema must be composed according to