Core Functions with Aleo
Introduction
DIDKit also supports the issuance and verification of Verifiable Credentials using Aleo accounts.
This is an example using all the core functions of DIDKit-CLI: key generation, credential/presentation issuance, and verification.
Aleo signature functionality requires the didkit/aleo
feature.
Start with a keypair
The SSI library can generate an Aleo keypair as an example:
You can also provide the details of an existing Aleo account, although you will need to do some extra work for DIDKit to use it.
The Aleo private JWK format used by DIDKit is non-standard. An example:
The format is as follows:
kty
: TheOKP
key typecrv
: TheAleoTestnet1Key
curvex
: An Aleo account address derived from the private key using Aleo Testnet1 parameters, as a Base64Url value (without the "aleo" prefix that appears in its Base58 formatjsssssssssd
: An Aleo private key converted from Base58 (where it starts with "APrivateKey1") to Base64Url value
Generate a DID:Key document
This document gets wrapped around the keypair generated (or passed) in the previous step. For more context on the DID:key method, see the specification.
Prepare credential for issuing.
Here, we'll issue an example credential (unsigned) and save it to a file. For more info about what these properties mean, see the Verifiable Credentials Data Model specification.
Issue the verifiable credential.
We ask DIDKit to issue a verifiable credential using the given keypair file, passing the unsigned credential on standard input.
Verify a verifiable credential.
We pass the newly-issued signed verifiable credential back to didkit for verification.
Last updated