4 Key Digital Functionalities
Key Digital Functionalities describe the core (required) functions that this Building Block must be able to perform.
Key Digital Functionalities describe the core (required) functions that this Building Block must be able to perform.
A wallet holder who intends to receive credentials from an issuer should be able to get relevant information on how to obtain the credentials, so that, the process of credential issuance is convenient and secure.
An Issuer should be able to issue digitally verifiable credentials to a trusted Wallet.
Key considerations during credential issuance:
The Issuer should trust the wallet before sharing the credentials
The Issuer should verify the holder's details before issuing credentials
The wallet should validate the issuer's details before requesting the credentials
The wallet should validate the received credentials before storing the credentials
The status of a credential is dynamic and is governed by the issuer or the owner of the credential.
The Issuer should be able to change the status of the credentials to revoked or suspended
The Issuer should provide a privacy-preserving way to check the status so that the Verifier can check if the credential is suspended or revoked
To gain a clearer understanding of credential status management, consider the following use cases:
The wallet and the verifier should be able to verify the validity of the credentials. Validity of credentials means, that
The credential signature is verified
The credential has not expired or revoked
A trusted issuer issued the credential
The wallet should be able to present a credential to a Verifier upon receiving a request from the Verifier.
Key considerations while sharing a presentation:
The wallet should trust the verifier before sharing the credentials
The wallet should authenticate the holder before sharing the credentials
The wallet should collect the consent of the holder before sharing the presentation
The wallet should generate a fresh presentation for every request and every presentation should be bound to the transaction and the verifier.
The wallet should be able to provide a mechanism for the holder to port credentials from one device to another (when the credentials are locally stored in a device).
While doing so, the credentials need to be bound in the new device, hence, the wallet should provide a mechanism to cryptographically bind the credentials to the holder in the new device.
The wallet should maintain a comprehensive log displaying details on various actions performed on the credentials in the wallet with timestamps. Some of the key events in the wallet are,
Downloading a credential in the wallet
Sharing a credential with a verifier
Removing a credential from the wallet
The wallet should be able to identify expired and revoked credentials and promptly notify the holder to take appropriate actions.
The holder should be able to remove a credential from the wallet.
The wallet must provide a mechanism for users to submit complaints about a verifier to the respective supervisory body.
The wallet should allow the holder to request the verifier to delete the previously shared credentials.
A reference use case for the portability requirement can be accessed .