Skip to content

jimmarino/IdentityHub

 
 

Repository files navigation

Identity Hub

This repository contains an implementation for the Decentralized Claims Protocol (DCP) specification. In short, IdentityHub contains multiple VerifiableCredentials and makes them available to authorized parties as VerifiablePresentations. It also receives VerifiableCredentials issued by an issuer and stores them. Convenience features like automatic credential renewal and re-issuance are also included. This functionality is sometimes referred to as "wallet".

IdentityHub makes heavy use of EDC components for core functionality, specifically those of the connector for extension loading, runtime bootstrap, configuration, API handling etc., while adding specific functionality using the EDC extensibility mechanism.

Here, developers find everything necessary to build and run a basic "vanilla" version of IdentityHub.

Security Warning

Older versions of IdentityHub (in particular <= 0.3.1 ) must not be used anymore, as they were intended for proof-of-concept purposes only and may contain significant security vulnerabilities (for example missing authn/authz on the API) and possibly others. Please always use the latest version of IdentityHub.

Quick start

A basic launcher configured with in-memory stores (i.e. no persistent storage) can be found here. There are two ways of running IdentityHub:

  1. As native Java process
  2. Inside a Docker image

Build the *.jar file

./gradlew :launcher:shadowJar

Start IdentityHub as Java process

Once the jar file is built, IdentityHub can be launched using this shell command:

java -Dweb.http.presentation.port=10001 \
     -Dweb.http.presentation.path="/api/presentation" \
     -Dweb.http.port=8181 \
     -Dweb.http.path="/api" \
     -Dweb.http.identity.port=8182 \
     -Dweb.http.identity.path="/api/identity" \
     -Dedc.ih.api.superuser.key="c3VwZXItdXNlcgo=c3VwZXItc2VjcmV0Cg==" \
     -jar launcher/build/libs/identity-hub.jar

this will expose the Presentation API at http://localhost:10001/api/presentation and the Identity API at http://localhost:8191/api/identity. More information about IdentityHub's APIs can be found here

Create the Docker image

docker build -t identity-hub ./launcher

Start the Identity Hub

docker run --rm --name identity-hub \
            -e "WEB_HTTP_PRESENTATION_PORT=10001" \
            -e "WEB_HTTP_PRESENTATION_PATH=/api/presentation/" \
            -e "WEB_HTTP_PATH=/api" \
            -e "WEB_HTTP_PORT=8181" \
            -e "WEB_HTTP_IDENTITY_PORT=8182" \
            -e "WEB_HTTP_IDENTITY_PATH=/api/identity" \
            -e "EDC_IH_API_SUPERUSER_KEY=c3VwZXItdXNlcgo=c3VwZXItc2VjcmV0Cg==" \
            identity-hub:latest

Architectural concepts of IdentityHub

Key architectural concepts are outlined here.

Module structure of IdentityHub

IdentityHub's module structure and key SPIs is described here.

Please note that some classes or functionalities mentioned there may not yet have been implemented, for example automatic credential renewal.

API overview of IdentityHub

IdentityHub exposes several APIs that are described in more detail here.

Future work

  • Implementation of the Credential Issuance Protocol
  • Support for VC Presentation Definition
  • Support for VC Data Model 2.0

Other documentation

Developer documentation can be found under docs/developer, where the main concepts and decisions are captured as decision records.

References

Contributing

See how to contribute for details.

About

IdentityHub

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 99.9%
  • Dockerfile 0.1%