Use the Sovrin Compact Credential Verifier SDK
Overview
We’ve transformed our credential verification capabilities to support the wider platform by making it work on your own mobile experience or integrating them into other types of your applications. Utilising the SDK will significantly reduce your development time while ensuring you are leveraging safe and reliable code libraries.
Interested in learning more about how you might use the Sovrin Compact Credential Verifier SDK? Get in touch with us today.
Capabilities
We wanted to make our Verifier SDK as easy to use and as flexible as possible. This allows you to start building your own verifier App or adding these core pieces of functionality to your own apps.
Capabilities include:
-
Build your own compact credential verification solution into existing applications
-
Validate compact and semantic compact credentials' authenticity
-
Offline verification of your trusted credentials
-
Refresh cached revocation lists and trusted issuers
Key Benefits
Build using the same tools as the Sovrin Verifier App
The Sovrin Verifier SDK allows you to take advantage of the credential verification capabilities and use them to build your own mobile verifier experiences without needing to start from scratch. You can also use the SDK to integrate credential verification functionalities into other types of applications while maintaining a consistent brand and user experience. This means you can leverage the security, privacy and trust benefits of digital identity and verifiable credentials, while significantly reducing your development time and maintaining a consistent user experience.
Ongoing support for evolving standards
Sovrin is actively engaged in the communities that define the fast-evolving standards for digital trust and verifiable data. Our investment in updating our SDK to support these standards means that you can rely on our expertise in this space to keep your application relevant and compliant.
Using the same codebase for iOS and Android
We’ve built the Sovrin Compact Credentials Verifier SDK in React Native, which means you can create both iOS and Android apps using the same codebase. React Native is ideally suited to developing complex hybrid apps – given its advanced features and ability to provide a natural user experience. In fact, React Native took the 6th spot in the Stack Overflow Developer Survey 2021, with 14.51% of all respondent votes.
Limitations
The SDK has the following limitations:
-
The SDK is implemented with an initial focus on developers who want to build React Native apps.
-
The SDK provides a set of operations only, there are no UI elements provided by the SDK.
-
Users will be given access to the NPMJS modules that contain obfuscated and minified packages.
How to get access to Sovrin Compact Credential SDK
To gain access to the Sovrin Verifier SDK, please follow these steps:
-
Request or download the Sovrin SDK Trial Licence Agreement and the Sovrin Customer Agreement and review these terms carefully.
-
Sign and return the Sovrin SDK Trial Licence Agreement to us.
-
Create an account at NPMJS - Node package manager for JavaScript.
-
Ensure multi-factor authentication (MFA) is configured on NPMJS Account.
-
Create a personal access token here.
-
Supply the NPMJS (Node package manager for JavaScript) account name back to Sovrin.
-
Sovrin will process the request and provision access to the Sovrin Verifier SDK if approved.
Please reach out to us in case you need any assistance. Get in touch.
How it works
Verifier
Creating a new verifier
import { InitOptions } from "@wearesovrin/verifier-sdk-react-native";
const initOptions: InitOptions = {
issuerCacheTtl: 60000,
revocationListCacheTtl: 60000,
trustedIssuers: ["did:web:organization.com"], // defaults to trust any issuer
assertExpiry: true, // defaults to true
assertNotBefore: true, // defaults to true
checkRevocation: true, // defaults to true
};
const verifier = await init(initOptions);
Verifying a credential
// Verify a credential payload as encoded & signed string
const verifyResult = await verifier.verify({ payload });
if (verifyResult.isErr()) {
// Handle error from verifyResult.error
return;
}
const { verified } = verifyResult.value;
Cache
The following allows you to get the expiry date of the cached revocation lists and trusted issuers, and refresh the icache.
Getting expiry date of the cache
const expiry = await verifier.getCacheExpiry();
Refreshing the items in the cache
const refreshCacheResult = await verifierSdk.refreshCache();
if (refreshCacheResult.isErr()) {
/**
* The error contains the cache expiry date
* This date may have changed after partial refresh
*/
console.log(refreshCacheResult.error.expiryDate);
// Handle error from refreshCacheResult.error
return;
}
// New expiry date of the cache
const { expiryDate } = refreshCacheResult.value;
Error handling
Functions that are expected to have an error path return a Neverthrow Result type that represents either success (Ok) or failure (Err). Although this pattern is more verbose, it encourages the handling of possible errors and reserves throwing exceptions for truly exceptional situations.
import { open } from "@wearesovrin/verifier-sdk-react-native";
const openVerifierResult = await open();
if (openVerifierResult.isErr()) {
// Handle error from openVerifierResult.error
return;
}
const verifier = openVerifierResult.value;
Unwrap
A utility function is provided for convenience if you decide not to handle your errors as results. This function will simply throw an error if the function passed in returns a Result,where Result.isErr() is true.
import { unwrap } from "@wearesovrin/verifier-sdk-react-native";
try {
const verifier = unwrap(await open());
} catch (error) {
// Handle thrown error
}
Known issues
- Build error:
"ld: symbol(s) not found for architecture x86_64"
This error can arise when using flipper and react-native-bignumber together. Disabling flipper is the only solution at the moment. See here for more details.
- Build error:
"Plugin with id 'maven' not found."
Currently, react-native-securerandom is not compatible with Gradle 7+ (see issue) and will not build for Android without downgrading Gradle to 6.9 or below.
Get in touch if you wish to find out more about using the Sovrin Compact Credentials Verifier SDK in production.