bb-wallet
1.0.0-rc
1.0.0-rc
  • Wallet Building Block
  • 1 Version History
    • Release Notes v1.0.0-rc
  • 2 Description
  • 3 Terminology
  • 4 Key Digital Functionalities
  • 5 Cross-Cutting Requirements
  • 6 Functional Requirements
  • 7 Data Structures
  • 8 Service APIs
  • 9 Internal Workflows
  • 10 Other Resources
  • Use Cases
    • Functional Use Cases
    • Sectorial Use Cases
Powered by GitBook
On this page
  • 4.1. Credential Discovery
  • 4.2. Credential Issuance
  • 4.3. Credential Status Management
  • 4.4. Credential Validity
  • 4.5. Presenting a Credential
  • 4.6. Other features
  • 4.6.1. Portability
  • 4.6.2. Transaction logs
  • 4.6.3. Handling revoked and expired credentials
  • 4.6.4. Removing a credential from the wallet
  • 4.6.5. Complaint Submission to Supervisory Body
  • 4.6.6. Data Deletion Request

4 Key Digital Functionalities

Key Digital Functionalities describe the core (required) functions that this Building Block must be able to perform.

Previous3 TerminologyNext5 Cross-Cutting Requirements

4.1. Credential Discovery

A wallet holder who intends to receive credentials from an issuer should be able to get relevant information on how to obtain the credentials, so that, the process of credential issuance is convenient and secure.

4.2. Credential Issuance

An Issuer should be able to issue digitally verifiable credentials to a trusted Wallet.

Key considerations during credential issuance:

  • The Issuer should trust the wallet before sharing the credentials

  • The Issuer should verify the holder's details before issuing credentials

  • The wallet should validate the issuer's details before requesting the credentials

  • The wallet should validate the received credentials before storing the credentials

4.3. Credential Status Management

The status of a credential is dynamic and is governed by the issuer or the owner of the credential.

  • The Issuer should be able to change the status of the credentials to revoked or suspended

  • The Issuer should provide a privacy-preserving way to check the status so that the Verifier can check if the credential is suspended or revoked

To gain a clearer understanding of credential status management, consider the following use cases:

4.4. Credential Validity

The wallet and the verifier should be able to verify the validity of the credentials. Validity of credentials means, that

  • The credential signature is verified

  • The credential has not expired or revoked

  • A trusted issuer issued the credential

4.5. Presenting a Credential

The wallet should be able to present a credential to a Verifier upon receiving a request from the Verifier.

Key considerations while sharing a presentation:

  • The wallet should trust the verifier before sharing the credentials

  • The wallet should authenticate the holder before sharing the credentials

  • The wallet should collect the consent of the holder before sharing the presentation

  • The wallet should generate a fresh presentation for every request and every presentation should be bound to the transaction and the verifier.

4.6. Other features

4.6.1. Portability

The wallet should be able to provide a mechanism for the holder to port credentials from one device to another (when the credentials are locally stored in a device).

While doing so, the credentials need to be bound in the new device, hence, the wallet should provide a mechanism to cryptographically bind the credentials to the holder in the new device.

4.6.2. Transaction logs

The wallet should maintain a comprehensive log displaying details on various actions performed on the credentials in the wallet with timestamps. Some of the key events in the wallet are,

  • Downloading a credential in the wallet

  • Sharing a credential with a verifier

  • Removing a credential from the wallet

4.6.3. Handling revoked and expired credentials

The wallet should be able to identify expired and revoked credentials and promptly notify the holder to take appropriate actions.

4.6.4. Removing a credential from the wallet

The holder should be able to remove a credential from the wallet.

4.6.5. Complaint Submission to Supervisory Body

The wallet must provide a mechanism for users to submit complaints about a verifier to the respective supervisory body.

4.6.6. Data Deletion Request

The wallet should allow the holder to request the verifier to delete the previously shared credentials.

A reference use case for the portability requirement can be accessed .

Suspension and Reactivation of Credentials
Revocation of Credentials
here