Messaging
Sending messages using Sovrin API can be achieved using a JSON Web Message (JWM) format. Read more about this approach here.
Messages sent to holders based on the subject DID can be read by the Sovrin Wallet app to perform various actions:
-
Offer a credential using OpenID Credential Provisioning or OIDC bridge.
-
Notify a change of revocation status.
-
Start verify using a callback url.
-
Send a credential directly.
In order to send a message, you will require the subject DID of the recipient, one way of capturing these is to use the DID Auth approach.
All messages sent via Sovrin API require the message payload to be encrypted, thus ensuring messages held at rest cannot be inspected by Sovrin or any party (such as a legal enforcing entity) that requests access to those messages. This is to keep the total privacy of end-users in-mind. End-to-end encryption is a default level privacy that we uphold on the Sovrin API platform.
Sovrin Wallet
End users of the Sovrin Wallet mobile app are able to opt-in to notifications, this will create an inbox on a dedicated wallet backend.
As DID's are created in the wallet they are registered against the inbox so messages can be routed to the mobile app using a push notification service. Push notifications are delivered to the wallet as encrypted payloads and therefore cannot be read until the wallet is unlocked.
Platform to platform message communications will be available soon using Sovrin API and other interoperable services.