Credential Verification¶

Verification Requests¶

Think of a verification request like asking someone for their ID.

You want to confirm a specific credential of theirs, say, their email address. You send a request to the issuer of the credential (the one who "issued their ID"). The issuer can either give a thumbs-up (approve) or thumbs-down (reject).

How to Send a Verification Request¶

This is akin to saying, "Hey, can you confirm this is Bob's email address? It's bob@test.com."

GolangJavaAndroidiOS

content, err := message.NewCredentialVerificationRequest().
    Type([]string{"VerifiableCredential", "EmailCredential"}).
    Parameter("email", "bob@test.com").
    Expires(time.Now().Add(time.Hour * 24)).
    Finish()
if err != nil {
    // handle error
}

err = selfAccount.MessageSend(address, content)
if err != nil {
    // handle error
}

val request = CredentialVerificationRequestBuilder()
    .type(arrayOf("VerifiableCredential", "EmailCredential"))
    .parameter("email", "bob@test.com")
    .expires(Timestamp.now() + 3600 * 24)
    .finish()

val sendStatus = account.messageSend(address, request)
println("send verification request status:${sendStatus.code()} - requestId:${request.id().toHexString()}")

// On the Android SDK, the email verification process is integrated into the SDK. 
// Simply open it and complete the flow.
account.openEmailVerificationFlow { isSuccess, error ->
    if (isSuccess) {
        coroutineScope.launch(Dispatchers.Main) {
            Toast.makeText(applicationContext, "Email verification successfully", Toast.LENGTH_LONG).show()
        }
    }
}

let emailDTO = DataObject.Builder()
    .withData("bob@test.com".data(using: .utf8))
    .withMineType("text/plain")
    .build()
let codeDTO = DataObject.Builder()
    .withData("123456".data(using: .utf8))
    .withMineType("text/plain")
    .build()

let proofs = [
    Constants.SUBJECT_EMAIL: emailDTO,
    Constants.SUBJECT_SECURITY_CODE: codeDTO,
]

let verificationRequest = VerificationRequest.Builder()
        .withTypes([CredentialType.Email])
        .withEvidence(proofs)
        .build()

// send the request
Task(priority: .background, operation: {
    let messageId = try await account.send(toAddress: toAddress, message: verificationRequest))
})

How to Receive a Verification Response¶

GolangJavaAndroidiOS

case message.TypeCredentialVerificationResponse:
    response, err := message.DecodeCredentialVerificationResponse(msg)
    if err != nil {
        // handle error
    }

    // Check the status
    log.Info("Response received with status", "status", response.Status())

    // Validate each credential
    for _, c := range response.Credentials() {
        err = c.Validate()
        if err != nil {
            // handle error
            continue
        }

        claims, err := c.CredentialSubjectClaims()
        if err != nil {
            // handle error
            continue
        }

        // Access specific claims
        println(claims["email"])
    }

ContentType.CREDENTIAL_VERIFICATION_RESPONSE -> {
    val response = CredentialVerificationResponse.decode(content)
    println("Response received with status: ${response.status().name}")

    // Validate each credential
    response.credentials().forEach { credential ->
        try {
            credential.validate()
            val claims = credential.credentialSubjectClaims()

            // Access specific claims
            println("Email: ${claims["email"]}")
        } catch (ex: Exception) {
            println("Failed to validate credential: ${ex.message}")
        }
    }
}

1	`// The response is processed internally within the SDK, and credentials are automatically stored.`

func onMessage(message: any self_ios_sdk.Message) {
    print("onMessage: \(message)")
    switch message {
    case is VerificationRequest:
        let verificationRequest = message as! VerificationRequest
        print("Received verification request message: \(message.id())")

    default:
        print("TODO: Handle For other response: \(message)")
        break;
    }
}