At Spruce, we’re building out our initial libraries and components to power the future of digital identity. Here’s the latest from our development efforts:
Verifiable Credential Library
As part of our efforts, we are developing a library to provide functionality around Verifiable Credentials (VC) in Rust. We chose Rust for its speed, predictable performance, and safety. One other consideration for Rust was for embedded and IoT devices in the future as they harness credentials and use them in the performance of discrete tasks.
We are happy to report that our VC library passes all tests required by the W3C Verifiable Claims Working Group test suite to be considered a conforming implementation. Once released, we will propose that our library is included in the W3C CCG implementations list with all public results of our conformance testing, and instructions on how to run them locally. At the moment we are implementing JSON-LD support in Rust to fully express semantic data models past the operations required to pass the test suite. We are also working on improving support for LD-Proofs and the use of ZKPs.
We are currently awaiting a preliminary security review. After that check passes and with proper contributor guidelines, we will publicly release the repository.
Tezos DID Method
Our work with the Tezos ecosystem requires a Tezos-based DID method to allow Tezos accounts to use verifiable credentials using a trustless model and within the same execution context. As a refresher, a decentralized identifier (DID) relies on DID documents to establish authentication, and operations on DID documents themselves, including creation, resolution, updating, and deactivation, as described by a DID method. We are therefore currently in the early stages of developing a DID method based on Tezos, incorporating TZIPs such as TZIP-16 and eventually producing TZIPs from our work.
Public ledger-based DIDs are rife with privacy concerns, and we are taking the following approaches with our DID method specification:
- Encouraging off-chain interactions where possible by (1) not requiring a public transaction prior to DID resolution and usage, and (2) considering the interplay with privacy-preserving DID methods such as did:peer, which should actually serve the brunt of interactions to prevent unnecessary information exposure.
- Limiting the scope towards providing only authentication via keypairs thereby ameliorating many concerns by the community around service endpoints. We are considering the incorporation of the KERI protocol to keep things straightforward.
- Working closely with engineers from the Tezos ecosystem to provide implementations in Lorentz and/or LIGO for the DID document management smart contracts. There is a chance we’ll have a full spec if we can keep the contracts tight enough, and also minimize gas costs in the process.
With respect to our reusable product components, we are currently in the early design stages for our credential wallet, issuer tool, and ecosystem steward platform. We are completing user journeys and technical requirements based on customer feedback.
Follow us on Twitter
Follow us on LinkedIn