Skip to main content

Examples

Installation

go install github.com/triveria-com/twt

Wallet configuration and initialization

Wallet has to be initialized before it can be used. In order to initialize & configure a wallet, the following command is used:

twt confWallet -f ./example_wallet_config.yaml

where -f flag is used to specify a wallet config file (if present). Example wallet config can be seen below:

credentialIssuers:
  - credentialFormat: jwt_vc
    credentialIssuer: CtWalletSame
    credentialType:
      - VerifiableCredential
      - VerifiableAttestation
      - CTWalletSamePreAuthorised

The config consists of list of credential issuers used for the specific formats and types of credentials. These issuers are parts of logic that process a VC before issuing it. Currently supported issuers are:

  • CtWalletSame used for issueing credentials in EBSI conformance test
  • IssuanceQueue used for issuing credentials present in the wallet's issuance queue

DID

The DID of the wallet can be retrieved with the following command:

twt did

Credential operations

Credential creation

New credentials can be created using the following command:

twt credential create -f ./example_cred.json

where -f flag is used to specify the file in which the credential is stored. The credential must have a specified schema and mus be valid according to it.

Credential retrieval

Already existing credential can be retrieved using this command:

twt credential get --id urn:test_id

where id flag is used to specify the id of the credential to be retrieved.

Adding credential to issuance queue

If the wallet has a configured issuanceQueue credential issuer for the credential type to be issued, this command can be used to add it to the issuance queue:

twt issuer credAdd --id urn:test_id

where id flag is used to specify the id of the credential to be added to the issuance queue. This command will return an error if there is no credential issuer configured for the type of credential urn:test_id or if the configured issuer type is not equal to issuanceQueue.

Interactions

Holder

Holder wallets can either accept credential offers from issuers or initiate them. Holder wallet supports accepting credentials via the following flows:

  • Pre-authorised
  • In-time authorised
  • Deferred

Pre-authorised flow

In order to accept a pre-authorised offer, the following command is used:

twt holder offer accept --url openid-credential-offer://example_offer --pin 1234

where the url flag specifies the offer url, the scheme of which must be either https of openid-credential-offer. The pin flag specifies the pin code that is received from the credential issuer.

As a result of this interaction, a credential will be received. The command will output the id of the received credential.

In-time authorised flow

In order to accept an in-time authorized offer, this command is used:

twt holder offer accept --url openid-credential-offer://example_offer

where the url flag specifies the offer url, the scheme of which must be either https of openid-credential-offer.

As a result of this interaction, a credential will be received. The command will output the id of the received credential.

Deferred flow

The command used to accept a deferred offer is the same as in the previous flow. The difference here is in the output, because in a deferred flow, the holder won't receive a credential instantly after accepting it.

Because of this, the output provides a deferred transaction id, which can be used to check the transaction status with the following command:

twt credential deferredStatus --id deferres:example_id

where the id flag is used to specify the deferred transaction id.

Holder-initiated flow

VC exchange can also be initiated by the holder. In order to initiate the exchange, the holder must firstly check the credential types supported by the issuer. This is done with the following command:

twt issuer types --url https://issuer.example.com

where the url flag is used to specify the issuer from which the holder wants to request the credential. This command will return the issuer's metadata containing the supported credential types. Example response of this command can be seen below:

[
    {
        "format": "jwt_vc",
        "type": [
            "VerifiableCredential",
            "VerifiableAttestation",
            "CTWalletSamePreAuthorised"
        ]
    }
]

After checking the supported credential types, the holder initiated offer can be created with this command:

twt holder offer create --type intime --credentialType ExampleType --issuerUrl https://issuer.example.com

where the type flag is used to specify the type of flow which will be used (supported flows: in-time and deferred), the credentialType flag is used to specify the credential types which the issuer is requesting and the issuerUrl flag is used to specify the url of the issuer.

The command outputs a credential offer URL which can be accepted in the same way as in issuer initiated flows.

Issuer

Triveria wallet only supports issuer initiated credential issuance flows. In order to issue credentials, the wallet must have correctly configured credential issuers.

Triveria wallet supports all 3 types of credential issuance flows.

Pre-authorised flow

In order to create a pre-authorised offer, the following command is used:

twt issuer offer init --type preauth --credentialTypes ExampleType --holder did:123456

where the type flag is used to specify the offer type (right now preauth), the credentialTypes flag is used to specify the type of the credential that will be issued and holder flag is used to spoecify the did of the holder for whom the offer will be authorised.

The command outputs following values:

{
  "issuer_url": "https://wallet.dev.triveria.io/api/v1/issuer/test_wallet",
  "offer": "openid-credential-offer://example_offer",
  "pin": "1234",
  "preauth_code": "test_code"
}

where the offer key value is the credential offer url which can be used to accept the credential offer and the pin key value is the pin code used to authorise the holder upon accepting the offer.

In-time authorised flow

In order to create a pre-authorised offer, the following command is used:

twt issuer offer init --type intime --credentialTypes ExampleType

where the type flag is used to specify the offer type (right now intime) and the credentialTypes flag is used to specify the type of the credential that will be issued and

The command outputs following values:

{
  "issuer_url": "https://wallet.dev.triveria.io/api/v1/issuer/test_wallet",
  "offer": "openid-credential-offer://example_offer",
  "state": "example_state"
}

where the offer key value is the credential offer url which can be used to accept the credential offer.

Deferred flow

In order to create a deferred offer, the following command is used:

twt issuer offer init --type deferred --credentialTypes ExampleType

where the type flag is used to specify the offer type (right now deferred) and the credentialTypes flag is used to specify the type of the credential that will be issued.

The command output is the same as in the case of in-time authorised flow.