Architecture Overview

The Verifier’s architecture is designed for flexibility, modularity, and scalability. It integrates with the broader EVDI ecosystem while remaining independently deployable.

Key Components:

1. Verifier Service:

   • A standalone microservice that interfaces with Empe DID Wallets and the EMPE Blockchain.

   • Implements OIDC4VP-compatible endpoints for requesting and validating Verifiable Presentations.

   • Handles credential validation logic, nonce and state generation, and callback processing.

2. Client-Side Verifier Library:

   • JavaScript-based integration for front-end applications.

   • Displays QR codes and manages SSE connections for real-time verification status updates.

   • Enables user-friendly flows, guiding end-users through credential presentation.

3. Server-Side Verifier Library:

   • Runs on the relying party’s backend, communicating with the Verifier Service.

   • Manages authorization requests, callback handling, and secure session management.

   • Issues JWT tokens or triggers application logic upon successful verification.

4. Empe DID Wallet:

   • A user’s personal wallet application that stores and manages DIDs and VCs.

   • Scans QR codes from relying parties to initiate verification flows.

   • Submits VPs to the Verifier Service upon request.

5. EMPE Blockchain:

   • The trust anchor for resolving DIDs and validating issuer identities.

   • Ensures cryptographic trust and eliminates reliance on centralized authorities.

This layered architecture ensures clear separation of concerns, allowing each component to evolve independently while maintaining compliance with open standards.