🛠️
Technical Documentation
  • Introduction
    • About Empeiria
  • Empe Blockchain
    • Overview
    • Chain Architecture
      • Auth
      • Authz
      • Bank
      • Distribution
      • Governance
      • Staking
      • IBC
      • DidDoc
      • Vesting
      • Minter
  • EVDI
    • EVDI Architecture
    • Self-Sovereign Identity
      • Technical Foundations
      • Roles in the SSI framework
      • Protocols and Standards
  • User Guide
    • Empe DID Wallet
      • Intro
      • Download and first launch
      • Create or import did
      • Main screen overview
      • How to claim credential from issuer
      • How to use credential with verifier
      • Settings and other options
    • Keplr Wallet and Blockchain Operations
      • How to Connect Keplr Wallet
    • Ping Pub operation
    • Staking Tokens Guide
    • Voting on Governance Proposals Guide
    • Sending Tokens Guide
  • Developer Guide
    • Tutorial: Credential Issuance & Verification
      • Overview
      • Understanding Key Concepts
      • Project Setup
      • Deploying the Issuer
      • Uploading the Credential Schema
      • Issuing Credentials
      • Frontend for Credential Issuance
      • Testing Credential Issuance
      • Deploying the Verifier
      • Setting Up the Verification Flow
      • Creating a Verification Endpoint
      • Creating a Protected Dashboard
      • Testing the Verification Flow
      • Summary & Next Steps
    • One-click deployment
      • Introduction
      • Registration
      • Login
      • Creating an Issuer
      • Issuer Data Description
      • Creating a Verifier
      • Verifier Data Description
    • Verifier
      • Terminology and Concepts
      • Architecture Overview
      • Core Responsibilities
      • Query Language
      • Frontend Integration
      • Client Configuration
      • Security Considerations
      • Error Handling and Troubleshooting
      • Future Enhancements
      • References and Standards
      • FAQ
    • Issuer
      • Terminology and Concepts
      • Architecture Overview
      • Core Responsibilities
      • DID Document Management
      • Schemas Management
      • Issuing Credentials
      • Interacting with Wallets
      • Security Considerations
      • Error Handling and Troubleshooting
      • Future Enhancements
      • References and Standards
      • FAQ
    • Wallet SDK (Coming soon)
    • Introduction to cosmwasm
  • Validator Guide
    • Important links
    • Validators Guide
      • New validator
      • Hardware requirements
      • Required software installation
      • Go installation
      • Install prebuild binary
      • Install binary from source code (option B)
      • Configure a node
      • Cosmovisor setup
      • Sync with state-sync
      • Full state sync from archive snapshot
      • Latest snapshot
      • Run a Validator
      • Migration to v0.2.2
      • Migration to v0.3.0
    • FAQ
  • Appendix
    • Glossary
Powered by GitBook
On this page
  1. Developer Guide
  2. Tutorial: Credential Issuance & Verification

Setting Up the Verification Flow

What We Are Doing:

  • Configuring the Verifier in our Express app.

  • Defining a verification flow named "kyc" that checks:

    • The credential type is "KYC Verifiable Credential".

    • The subject`s age is at least 18.

Why: We want only users who hold a valid KYC credential proving they are over 18 to access a protected resource.

Steps: In src/index.ts, before app.use("/", router):

import { VerifiablePresentation } from '@empe/identity';
import { VerifierConfiguration, VerifierClient } from "@empe/verifier-client";
import jwt from "jsonwebtoken";

const VERIFIER_SERVICE_URL = process.env.VERIFIER_SERVICE_URL!;
const VERIFIER_CLIENT_SECRET = process.env.VERIFIER_CLIENT_SECRET!;
const JWT_SECRET = "your-jwt-secret";

const verifierConfiguration: VerifierConfiguration = {
  baseUrl: BASE_URL,
  verifierServiceUrl: VERIFIER_SERVICE_URL,
  clientSecret: VERIFIER_CLIENT_SECRET,
  verificationFlows: [
    {
      name: "kyc",
      vpQuery: [
        {
          fields: [
            {
              path: ["$.type"],
              filter: {
                type: "array",
                contains: { const: "KYC Verifiable Credential" }
              }
            },
            {
              path: ["$.credentialSubject.age"],
              filter: {
                type: "number",
                minimum: 18
              }
            }
          ]
        }
      ],
      handleVerificationResult: (data) => {
        if (data.verification_status === 'verified') {
          const { vp } = data;
          const vpJSON = VerifiablePresentation.fromJSON(vp);
          const holder = vpJSON.holder().toString();

          // Generate a JWT token granting access
          const accessToken = jwt.sign({ sub: holder, vp: data.vp }, JWT_SECRET);
          return {
            access_token: accessToken,
            verification_status: data.verification_status,
            redirect_url: "/dashboard"
          };
        }
        return data;
      }
    }
  ]
};

const verifierClient = new VerifierClient(app, verifierConfiguration);
verifierClient.initialize();

Now our app can request a verification QR code and handle verification results.

PreviousDeploying the VerifierNextCreating a Verification Endpoint

Last updated 3 months ago