Accountable Digital Identity Association (ADIA) Protocols

Editor’s Draft,

Issue Tracking:
GitHub
Editors:

Abstract

ADIA protocols

1. ADIA Protocols

ADIA Protocols are broadly categorized into following:

1.1. ADIA Functions

1.1.1. HIDA Functions

1.1.1.1. User HIDA (ADIA-FN-001)

Request

  {
    "@type":"https://adiassociation.org/digital-address/1.0/compute-hida-users",
    "@id":"fa04e522-d78d-4b50-a3c9-4ff73e34ffb4",
    "body": {
      "firstName":"UTF8 encoded firstname of the User according to the ID document (all uppercase)",
      "lastName":"UTF8 encoded last name of the User according to the ID document (all uppercase)",
      "birthDate":"Date of birth of the User according to the ID document. Encoding MUST be full-date as specified by [[!RFC3339]]",
      "countryOfResidence":"Country of residence of the User according to the ID document. Encoding MUST be ALPHA-2 country code as specified by [[!ISO3166]]",
      "sourceType":"Type of the ID document. This is specified by ADIA Governance for each country",
      "identifier":"Government Issued National Identifier - SSN, Resident ID, Aadhaar ID, etc."
    }
  }

Response

{
  "@type":"https://adiassociation.org/digital-address/1.0/compute-hida-response",
  "@id":"44714b18-250c-498d-9f0f-fd6d207f1d8c",
  "status":"{OK | FAILED | PENDING}",
  "~thread":{
    "thid":"fa04e522-d78d-4b50-a3c9-4ff73e34ffb4",
    "message":"e.g. comment or reason of failed request"
  },
  "body": {
    "hida":"{HIDA} The Base64 encoded [[!RFC4648]] hash value resulting from the previous step.",
    "alg":"Name of the hash algorithm used (all uppercase, e.g. SHA256). Allowed hash algorithms are specified in the ADIA Governance and Certification rules."
  }
}
1.1.1.2. Entity HIDA (ADIA-FN-002)

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/compute-hida-entity",
  "@id": "1190d09d-f685-47cf-acADIA-DA-2dc1603abf71",
  "goal-code": "adia.hida.{ ard | das | issuer | service-provider }",
  "body": {
    "businessName": "UTF8 encoded business name of the Organization according to the ID document (all uppercase)",
    "countryOfIncorporation": "Country of residence of the User according to the ID document. Encoding MUST be ALPHA-2 country code as specified by [[!ISO3166]]",
    "dateOfIncorporation": "Date of dateOfIncorporation of the Organization according to the ID document. Encoding MUST be full-date as specified by [[!RFC3339]]",
    "sourceType": "Type of the ID document. This is specified by ADIA Governance for each country",
    "identifier": "Government Issued Identifier - Federal Tax ID Number/EIN, Taxpayer Identification Number (TIN), VAT Number, etc."
  }
}

Response

{
  "@type": "https://adiassociation.org/digital-address/1.0/compute-hida-response",
  "@id": "44714b18-250c-498d-9f0f-fd6d207f1d8c",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.hida.user",
  "~thread": {
    "thid": "1190d09d-f685-47cf-acADIA-DA-2dc1603abf71",
    "message": "e.g. comment or reason of failed request"
  },
  "body": {
    "hida":"The Base64 encoded [[!RFC4648]] hash value resulting from the previous step.",
    "alg":"Name of the hash algorithm used (all uppercase, e.g. SHA256). Allowed hash algorithms are specified in the ADIA Governance and Certification rules."
  }
}

1.1.2. Credential Metadata Functions

1.1.2.1. save-metadata (ADIA-FN-003)

Request

{
  "@type": "https://adiassociation.org/credential/1.0/save-metadata",
  "@id": "<uuid-save-metadata-12345>",
  "attributes": {
    "schemaId": "<unique-id-of-vc-schema>",
    "credentialId": "<unique-id-of-vc>",
    "issuerId": "{ISSUER_ID}",
    "dasUserId": "{DAS_USER_ID}",
    "issuanceDate": "ISO 8601 format",
    "expirationDate": "ISO 8601 format"    //Optional - based on the credential type.
  }
}

Response

{
  "@type": "https://adiassociation.org/credential/1.0/save-metadata-response",
  "@id": "<uuid-save-metadata-response>",
  "status": "{ OK | FAILED | PENDING }",
  "comment": "Metadata Saved/Failed",
  "~thread": {
    "thid": "<uuid-save-metadata-12345>",
    "message": "e.g. comment or reason of failed request"
  }
}
1.1.2.2. search-metadata (ADIA-FN-004)

Request

{
  "@type": "https://adiassociation.org/credential/1.0/search-metadata",
  "@id": "<uuid-search-metadata-12345>",
  "attributes": {
    "issuerId": "{ISSUER_ID}",                //Mandatory - to narrow the search on a specific Issuer
    "dasUserId": "{DAS_USER_ID}",             //Mandatory - to narrow the search on a specific User
    "schemaId": "<unique-id-of-vc-schema>",   //Optional - if available, otherwise will result in all schemas
    "credentialId": "<unique-id-of-vc>"       //Optional - if available, otherwise will result in all credential metadata
  }
}

Response

{
  "@type": "https://adiassociation.org/credential/1.0/search-metadata-response",
  "@id": "<uuid-search-metadata-response>",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "<uuid-search-metadata-12345>",
    "message": "e.g. comment or reason of failed request"
  },
  "searchResult": [{
    "schemaId": "<unique-id-of-vc-schema>",
    "credentialId": "<1-unique-id-of-vc>",
    "issuerId": "{ISSUER_ID}",
    "dasUserId": "{DAS_USER_ID}",
    "issuanceDate": "ISO 8601 format",
    "expirationDate": "ISO 8601 format"
  },
  {
    "schemaId": "<unique-id-of-vc-schema>",
    "credentialId": "<2-unique-id-of-vc>",
    "issuerId": "{ISSUER_ID}",
    "dasUserId": "{DAS_USER_ID}",
    "issuanceDate": "ISO 8601 format",
    "expirationDate": "ISO 8601 format"
  },
  {
    "schemaId": "<unique-id-of-vc-schema>",
    "credentialId": "<3-unique-id-of-vc>",
    "issuerId": "{ISSUER_ID}",
    "dasUserId": "{DAS_USER_ID}",
    "issuanceDate": "ISO 8601 format",
    "expirationDate": "ISO 8601 format"
  }]
}
1.1.2.3. remove-metadata (ADIA-FN-005)

Request

{
  "@type": "https://adiassociation.org/credential/1.0/remove-metadata",
  "@id": "<uuid-remove-metadata-12345>",
  "attributes": {
    "schemaId": "<unique-id-of-vc-schema>",
    "credentialId": "<unique-id-of-vc>",
    "issuerId": "{ISSUER_ID}",
    "dasUserId": "{DAS_USER_ID}",
    "issuanceDate": "ISO 8601 format"
  }
}

Response

{
  "@type": "https://adiassociation.org/credential/1.0/remove-metadata-response",
  "@id": "<uuid-remove-metadata-response>",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "<uuid-remove-metadata-12345>",
    "message": "e.g. comment or reason of failed request"
  }
}

1.2. Digital Address Protocol

This protocol is used during the user onboarding process to create a new & unique Digital Address for the user.

Title Description
Protocol Name & Version digital-address, 1.0
Protocol Code ADIA-DA
Motivation The Digital Address is a special ADIA identifier issued to an individual by a certified Digital Address Issuer after Know Your Customer (KYC) processes have been followed. Digital Address creation is requested by User’s Agent in the cloud or elsewhere and fulfilled by the Issuer’s Agent. Before creating the Digital Address, the Issuer Agents verifies the trust anchor uniqueness with ADIA Global Directory.

1.2.1. Implemented By

1.2.2. Sub/Co-protocols

This protocol uses following existing protocols -

1.2.3. Protocol Commands

1.2.3.1. create-digital-address (ADIA-DA-001)
This protocol creates a unique Digital Address for the user and kicks-in the enroll-entity co-protocol. This protocol supports multiple goal codes based on the entity looked up:

This protocol supports multiple goal codes based on the entity looked up:

Agents may implement additional actions based on the goal codes.

1. Digital Address for User

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/create-digital-address",
  "@id": "862be87d-2095-4cd3-87e8-23df6ad77f10",
  "goal-code": "adia.digital-address.user",
  "attributes": {
    "dasUserId": "DAS_USER_ID"
  }
}

Response

{
  "@type": "https://adiassociation.org/digital-address/1.0/create-digital-address-response",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.digital-address.user",
  "~thread": {
    "thid": "862be87d-2095-4cd3-87e8-23df6ad77f10",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "digitalAddress": "{USER_DA}",
    "dasUserId": "{DAS_USER_ID}",
    "homeDASId": "{HomeDAS_ID}"
  }
}

2. Digital Address for an Entity

Note: Use the appropriate entityType and entityId as defined in the Enum values

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/create-digital-address",
  "@id": "862be87d-2095-4cd3-87e8-23df6ad77f10",
  "goal-code": "adia.digital-address.entity",
  "attributes": {
    "entityType": "{ ISSUER | SERVICEPROVIDER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | SP_ID| DAS_ID | ARD_ID }"
  }
}

Response

{
  "@type": "https://adiassociation.org/digital-address/1.0/create-digital-address-response",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.digital-address.entity",
  "~thread": {
    "thid": "862be87d-2095-4cd3-87e8-23df6ad77f10",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "digitalAddress": " {ISSUER_DA | SP_DA| DAS_DA | ARD_DA}",
    "entityType": "{ISSUER | SERVICEPROVIDER | DAS | ARD}",
    "entityId": "{ISSUER_ID | SP_ID| DAS_ID | ARD_ID}"
  }
}
1.2.3.2. verify-user (ADIA-DA-002)

This protocol sends the User’s attributes to the original issuer of the Digital Address to verify the users. A DAS agent receives the attributes from the extracted ID document and requests this verification from the Issuer’s agent.

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/verify-user",
  "@id": "862be87d-2095-4cd3-87e8-23df6ad77f10",
  "attributes": {
    "firstName":"UTF8 encoded firstname of the User according to the ID document (all uppercase)",
    "lastName":"UTF8 encoded last name of the User according to the ID document (all uppercase)",
    "birthDate":"Date of birth of the User according to the ID document. Encoding MUST be full-date as specified by [[!RFC3339]]",
    "countryOfResidence":"Country of residence of the User according to the ID document. Encoding MUST be ALPHA-2 country code as specified by [[!ISO3166]]",
    "sourceType":"Type of the ID document. This is specified by ADIA Governance for each country",
    "identifier":"Government Issued National Identifier - SSN, Resident ID, Aadhaar ID, etc."
  }
}

Response

{
  "@type": "https://adiassociation.org/digital-address/1.0/verify-user",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "862be87d-2095-4cd3-87e8-23df6ad77f10",
    "message": "e.g. comment or reason of failed request"
  }
}
1.2.3.3. revoke-digital-address (ADIA-DA-003)

This protocol revokes/removes a Digital Address and kicks-in the remove-entity co-protocol. This protocol supports multiple goal codes based on the entity looked up:

Agents may implement additional actions based on the goal codes.

Note: Use the appropriate goal-code and entityType as defined in the Enum values

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/revoke-digital-address",
  "@id": "8a6d40d4-39f5-4a22-9f45-3fcb008e0d62",
  "goal-code": "adia.digital-address.{ ard | das| issuer| service-provider | user }",
  "attributes": {
    "digitalAddress": "{ARD_DA | DAS_DA | ISSUER_DA | SP_DA | USER_DA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/digital-address/1.0/revoke-digital-address-response",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.digital-address.{ ard | das | issuer | service-provider | user }",
  "~thread": {
    "thid": "8a6d40d4-39f5-4a22-9f45-3fcb008e0d62",
    "message": "e.g. comment or reason of failed request"
  }
}
1.2.3.4. resolve-digital-address (ADIA-DA-004)

This protocol resolves a digital address (DA) to it’s corresponding DID. The resolution returns a full DIDDoc in Json format so that the requester can request for a DID-based connection or generate an invitation to connect.

1. Resolve an Entity

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/resolve-digital-address",
  "@id": "6a2571a8-1746-4a0b-bdce-4c59c60fb4f9",
  "attributes": {
    "entityType": "{ISSUER | SERVICEPROVIDER | DAS | ARD | USER}", // Optional - only if looking for specific types
    "digitalAddress": "digital address of the user or entity"
  }
}

Note: Response may be different depending upon the entityType provided in the attributes of the request.

a. Response (User)

{
  "@type": "https://adiassociation.org/digital-address/1.0/resolve-digital-address-response",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "6a2571a8-1746-4a0b-bdce-4c59c60fb4f9",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "entityId": "DID of the entity",
    "entityType": "{USER}",
    "homeDASId": "{HomeDAS_ID}",
    "didDocJson": " {DIDDoc-ARD| DIDDoc-DAS | DIDDoc-ISSUER| DIDDoc-SP| DIDDoc-USER}"
  }
}

b. Response (Entities)

{
  "@type": "https://adiassociation.org/digital-address/1.0/resolve-digital-address-response",
  "@id": "6264d6ce-ca95-4262-9f2c-76e11eabc741",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "6a2571a8-1746-4a0b-bdce-4c59c60fb4f9",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "entityId": "DID of the entity",
    "entityType": "{ISSUER | SERVICEPROVIDER | DAS | ARD}",
    "homeDASId": "{HomeDAS_ID}",   // Applicable to Issuers and Service Providers
    "homeARDId": " {homeARD_ID}",
    "didDocJson": "{DIDDoc-ARD| DIDDoc-DAS | DIDDoc-ISSUER| DIDDoc-SP}"
  }
}
1.2.3.5. provision-agent (ADIA-DA-005)

This protocol creates a DID for the user in Cloud Agent and kicks-in the create-digital-address co-protocol.

This protocol supports multiple goal codes based on the entity looked up:

Agents may implement additional actions based on the goal codes.

Request

{
  "@type": "https://adiassociation.org/digital-address/1.0/provision-agent",
  "@id": "d4707d7c-c169-42f0-98e3-d0557d5ac746",
  "goal-code": "adia.agent.{ issuer | service-provider | user }",
  "attributes": {
    "hida": " {HIDA}",
    "entityId": "{DAS_USER_ID | ISSUER_ID | SP_ID}",
    "entityType": "{ USER | ISSUER | SERVICEPROVIDER }"
  }
}

Note: Response may be different depending upon the goal-code

a. Response (Issuer or Service Provider)

{
  "@type": "https://adiassociation.org/digital-address/1.0/provision-agent-response",
  "@id": "fab45767-2dd2-4124-b185-24821d5b8f8c",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.agent.{ ard | das | issuer | service-provider | user }",
  "~thread": {
    "thid": "d4707d7c-c169-42f0-98e3-d0557d5ac746",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "entityId": "{ISSUER_ID | SP_ID}",
    "entityType": " {ISSUER | SERVICEPROVIDER }",
    "homeDASId": " {HomeDAS_ID} ",
    "didDocJson": " {DIDDoc-ISSUER | DIDDoc-SP}"
  }
}

b. Response (User)

{
  "@type": "https://adiassociation.org/digital-address/1.0/provision-agent-response",
  "@id": "fab45767-2dd2-4124-b185-24821d5b8f8c",
  "status": "{ OK | FAILED | PENDING }",
  "goal-code": "adia.agent.{ ard | das | issuer | service-provider | user }",
  "~thread": {
    "thid": "d4707d7c-c169-42f0-98e3-d0557d5ac746",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "dasUserId": "{DAS_USER_ID}",
    "homeDASId": " {HomeDAS_ID} ",
    "didDocJson": " {DIDDoc-USER}"
  }
}

1.3. Directory Protocol

Directory protocol used to interact with global & regional directories of ADIA.

Title Description
Protocol Name & Version directory, 1.0
Protocol Code ADIA-DR
Motivation The Directory Protocol defines protocol commands and messages to interact with the Directories in ADIA ecosystem. These directories differ in their privacy preserving features. ADIA Global Directory is a non-hashed public registry of Issuers, Service Providers, DAS and ADIA Regional Directories whereas a each of the DAS and Regional Directories maintain hashed attributes of Users and do not disclose any User information.

Agents making entries or searching these directories implement specific messages instead of generic entity messages for easier processing of requests.

1.3.1. Implemented By

1.3.2. Roles

1.3.3. Sub/Co-protocols

This protocol uses following existing protocols -

1.3.4. Protocol Commands

1.3.4.1. lookup-trust-anchor (ADIA-DR-001)

This protocol message enables looking up an entity in a specific directory with its HIDA. Responses differ in the level of detail based on the type of entity.

1. User TA Lookup

Request

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-user-ta",
  "@id": "30e67f18-25b7-474b-aebf-7ab721a719ee",
  "attributes": {
    "hida": "{HIDA}",
    "issuerId": "{ISSUER_ID}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-user-ta-response",
  "@id": "ad60dd33-7a89-4c8e-91e2-e24f27681910",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "30e67f18-25b7-474b-aebf-7ab721a719ee",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "taUserIssuer": "{TA_USER_ISSUER}",
    "homeDASId": "{HomeDAS_ID}"
  }
}

2. ARD TA Lookup Request

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-ard-ta",
  "@id": "30e67f18-25b7-474b-aebf-7ab721a719ee",
  "attributes": {
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-ard-ta-response",
  "@id": "ad60dd33-7a89-4c8e-91e2-e24f27681910",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "30e67f18-25b7-474b-aebf-7ab721a719ee",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "taARDAGD": "{TA_ARD_AGD}"
  }
}

3. DAS TA Lookup Request

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-das-ta",
  "@id": "30e67f18-25b7-474b-aebf-7ab721a719ee",
  "attributes": {
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-das-ta-response",
  "@id": "ad60dd33-7a89-4c8e-91e2-e24f27681910",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "30e67f18-25b7-474b-aebf-7ab721a719ee",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "taDASARD": "{TA_DAS_ARD}",
    "homeARDId": "{homeARD_ID}"
  }
}

4. Issuers TA Lookup Request

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-issuer-ta",
  "@id": "30e67f18-25b7-474b-aebf-7ab721a719ee",
  "attributes": {
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-issuer-ta-response",
  "@id": "ad60dd33-7a89-4c8e-91e2-e24f27681910",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "30e67f18-25b7-474b-aebf-7ab721a719ee",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "taIssuerDAS": "{TA_ISSUER_DAS}",
    "homeDASId": "{HomeDAS_ID}"
  }
}

5. Service Provider TA Lookup Request

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-sp-ta",
  "@id": "30e67f18-25b7-474b-aebf-7ab721a719ee",
  "attributes": {
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/lookup-sp-ta-response",
  "@id": "ad60dd33-7a89-4c8e-91e2-e24f27681910",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "30e67f18-25b7-474b-aebf-7ab721a719ee",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "taServiceProviderDAS": "{TA_SP_DAS}",
    "homeDASId": "{HomeDAS_ID}"
  }
}
1.3.4.2. enroll-entity (ADIA-DR-002)

This protocol message enables a responsible entity to register/ enroll a sub-entity in the ecosystem. In ADIA,

1. Enroll a User

Request

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-user",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "dasUserId": "{DAS_USER_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "taUserIssuer": "{TA_USER_ISSUER}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-user-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

2. Enroll a Regional Directory

Request

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "ARD",
    "ardId": "{ ARD_ID }",
    "taARDAGD": "{TA_ARD_AGD}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

3. Enroll a DAS

Request

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "DAS",
    "dasId": "{DAS_ID}",
    "homeARDId": "{homeARD_ID}",
    "taDASARD": "{TA_DAS_ARD}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

4. Enroll an Issuer

Request

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "ISSUER",
    "issuerId": "{ISSUER_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "taIssuerDAS": "{TA_ISSUER_DAS}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

4. Enroll an Service Provider

Request

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "SERVICEPROVIDER",
    "serviceProviderId": "{SP_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "taServiceProviderDAS": "{TA_SP_DAS}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/enroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}
1.3.4.3. disenroll-entity (ADIA-DR-003)

This protocol message enables a responsible entity to deregister/ disenroll a sub-entity in the ecosystem. In ADIA,

Agents may implement additional actions based on the goal codes.

1. Disenroll a User

Request

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-user",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "dasUserId": "{DAS_USER_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-user-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

2. DisEnroll a Regional Directory

Request

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "ARD",
    "ardId": "{ ARD_ID }",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

3. DisEnroll a DAS

Request

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "DAS",
    "dasId": "{DAS_ID}",
    "homeARDId": "{homeARD_ID}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

4. DisEnroll an Issuer

Request

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "ISSUER",
    "issuerId": "{ISSUER_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}

4. DisEnroll an Service Provider

Request

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "SERVICEPROVIDER",
    "serviceProviderId": "{SP_ID}",
    "homeDASId": "{HomeDAS_ID}",
    "hida": "{HIDA}"
  }
}

Response

{
  "@type": "https://adiassociation.org/directory/1.0/disenroll-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
    "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
    "message": "e.g. comment or reason of failed request"
  }
}
1.3.4.4. search-entity (ADIA-DR-004)

A generic entity search across the system for an entity or User with a known Digital Address or a DID. Searching for entities may result in single or multi-match results depending on the query criteria. Single matched results are represented in the body of the response. Multi-matched results are returned as a list of objects.

Agents in a DAS, ARD or AGD may implement additional strategies for routing and caching minimum entity information to prevent frequent searches across the ecosystem.

1. Search an Entity

Note: Parameters used for searching result in an "AND" operation. Avoid queries that may result in broad recursive searches.

Request

{
  "@type": "https://adiassociation.org/directory/1.0/search-entity",
  "@id": "79054b64-f520-4e10-817d-476085cbe3ac",
  "attributes": {
    "entityType": "{ ISSUER | SERVICEPROVIDER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | SP_ID| DAS_ID | ARD_ID }",
    "digitalAddress": "{ISSUER_DA | SP_DA| DAS_DA | ARD_DA}", // optional
    "name": "Name of the entity",                             // optional
    "status": "{ACTIVE | INACTIVE }"                          // optional
  }
}

Response (Exact Match)

{
  "@type": "https://adiassociation.org/directory/1.0/search-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
      "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
      "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "entityType": "{ ISSUER | SERVICEPROVIDER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | SP_ID| DAS_ID | ARD_ID }",
    "digitalAddress": "{ISSUER_DA | SP_DA| DAS_DA | ARD_DA}",
    "name": "Name of the entity",
    "homeDASId": "{HomeDAS_ID}",    // For Issuers, SPs and users
    "homeDASDA": "{DAS_DA}",        // For Issuers, SPs and users
    "homeDASName": "Name of DAS",   // For Issuers, SPs and users
    "homeARDId": "{HomeARD_ID}",    // For DAS
    "homeARDDA": "{ARD_DA}",        // For DAS
    "homeARDName": "Name of the ARD", // For DAS
    "status": "{ACTIVE | INACTIVE }",
    "createdDate": "ISO 8601 Date format"
  }
}

Response (Multi-Match)

{
  "@type": "https://adiassociation.org/directory/1.0/search-entity-response",
  "@id": "9cc1108b-2445-4a48-b66f-2f6a1b414a50",
  "goal-code": "adia.search-entity.ard",
  "status": "{OK | FAILED | PENDING}",
  "~thread": {
      "thid": "79054b64-f520-4e10-817d-476085cbe3ac",
      "message": "e.g. comment or reason of failed request"
  },
  "results": [
    {
      "entityType": "{ ISSUER | SERVICEPROVIDER | DAS | ARD }",
      "entityId": "{ ISSUER_ID | SP_ID| DAS_ID | ARD_ID }",
      "digitalAddress": "{ISSUER_DA | SP_DA| DAS_DA | ARD_DA}",
      "name": "Name of the entity",
      "homeDASId": "{HomeDAS_ID}",    // For Issuers, SPs and users
      "homeDASDA": "{DAS_DA}",        // For Issuers, SPs and users
      "homeDASName": "Name of DAS",   // For Issuers, SPs and users
      "homeARDId": "{HomeARD_ID}",    // For DAS
      "homeARDDA": "{ARD_DA}",        // For DAS
      "homeARDName": "Name of the ARD", // For DAS
      "status": "{ACTIVE | INACTIVE }",
      "createdDate": "ISO 8601 Date format"
    },
    {
      "entityType": "{ ISSUER | SERVICEPROVIDER | DAS | ARD }",
      "entityId": "{ ISSUER_ID | SP_ID| DAS_ID | ARD_ID }",
      "digitalAddress": "{ISSUER_DA | SP_DA| DAS_DA | ARD_DA}",
      "name": "Name of the entity",
      "homeDASId": "{HomeDAS_ID}",    // For Issuers, SPs and users
      "homeDASDA": "{DAS_DA}",        // For Issuers, SPs and users
      "homeDASName": "Name of DAS",   // For Issuers, SPs and users
      "homeARDId": "{HomeARD_ID}",    // For DAS
      "homeARDDA": "{ARD_DA}",        // For DAS
      "homeARDName": "Name of the ARD", // For DAS
      "status": "{ACTIVE | INACTIVE }",
      "createdDate": "ISO 8601 Date format"
    }
  ]
}

1.4. Credential Schema Protocol

Formalizes messages used to publish Credential Schemas, and further operations on it such as update, search and archival.

Title Description
Protocol Name & Version credential-schema, 1.0
Motivation Need a standard way to manage publishing and other activities of Verifiable Credential Schemas in the ADIA Ecosystem. There are other operations related to access control on the Schemas, which may be baked into this protocol, as and when needed.

1.4.1. Implemented By

1.4.2. Roles

1.4.3. Protocol Commands

1.4.3.1. publish (ADIA-CS-001)

Request

{
  "@type": "https://adiassociation.org/credential-schema/1.0/publish",
  "@id": "<uuid-public-schema-12345>",
  "attributes": {
    "entityType": "{ ISSUER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "digitalAddress": "{ENTITY_DA}",
    "schemaDetails": {
      "name": "Person",
      "description": "<description of schema>",
      "version": "1.0",
      "schemaAttributes": [{
        "id": 1,
        "name": "First Name",
        "title": "FName",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 0
      },
      {
        "id": 2,
        "name": "Last Name",
        "title": "LName",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 1
      }]
    }
  }
}

Response

{
  "@type": "https://adiassociation.org/credential-schema/1.0/publish-response",
  "@id": "<uuid-public-cred-response>",
  "status": "{ OK | FAILED | PENDING }",
  "comment": "Schema Published",
  "~thread": {
    "thid": "<uuid-public-schema-12345>",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "schemaId": "abcd123456",
    "published": true,
    "publishedBy": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "publishedDate": "ISO 8601 format",
    "schemaLedgerId": "<Ledger id of the schema from DLT>",
  }
}
1.4.3.2. update (ADIA-CS-002)

Request

{
  "@type": "https://adiassociation.org/credential-schema/1.0/update",
  "@id": "<uuid-update-schema-12345>",
  "attributes": {
    "entityType": "{ ISSUER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "digitalAddress": "{ENTITY_DA}",
    "schemaDetails": {
      "schemaId": "abcd123456",
      "description": "<description of schema>",
      "version": "1.1",
      "schemaAttributes": [{
        "id": 3,
        "name": "Email ID",
        "title": "Email",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 3
      }]
    }
  }
}

Response

{
  "@type": "https://adiassociation.org/credential-schema/1.0/update-response",
  "@id": "<uuid-update-schema-response>",
  "status": "{ OK | FAILED | PENDING }",
  "comment": "Schema updated",
  "~thread": {
    "thid": "<uuid-update-schema-12345>",
    "message": "e.g. comment or reason of failed request"
  },
  "result": {
    "schemaId": "abcd123456",
    "published": true,
    "publishedBy": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "publishedDate": "ISO 8601 format",
    "schemaLedgerId": "<Ledger id of the schema from DLT>",
  }
}
1.4.3.3. search (ADIA-CS-003)

Request

{
  "@type": "https://adiassociation.org/credential-schema/1.0/search",
  "@id": "<uuid-search-schema-12345>",
  "attributes": {
    "entityType": "{ ISSUER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "digitalAddress": "{ENTITY_DA}",
    "schemaDetails": {
      "name": "Person",
      "description": "<description of schema>",
      "version": "1.0"
    }
  }
}

Response

{
  "@type": "https://adiassociation.org/credential-schema/1.0/search-response",
  "@id": "<uuid-search-schema-response>",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "<uuid-search-schema-12345>",
    "message": "e.g. comment or reason of failed request"
  },
  "searchResult": [{
    "name": "Person",
    "description": "<description of schema>",
    "version": "1.0",
    "schemaAttributes": [{
        "id": 1,
        "name": "First Name",
        "title": "FName",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 0
      },
      {
        "id": 2,
        "name": "Last Name",
        "title": "LName",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 1
      }]
    },
    {
    "name": "Customer",
    "description": "<description of schema>",
    "version": "2.0",
    "schemaAttributes": [{
        "id": 1,
        "name": "Customer Name",
        "title": "CName",
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 0
      },
      {
        "id": 2,
        "name": "Customer Email",
        "title": "Email"
        "datatype": "string",
        "description": "<some description>",
        "orderValue": 1
      }]
    }]
}
1.4.3.4. archive (ADIA-CS-004)

Request

{
  "@type": "https://adiassociation.org/credential-schema/1.0/archive",
  "@id": "<uuid-archive-schema-12345>",
  "attributes": {
    "entityType": "{ ISSUER | DAS | ARD }",
    "entityId": "{ ISSUER_ID | DAS_ID | ARD_ID }",
    "digitalAddress": "{ENTITY_DA}",
    "schemaId": "abcd123456"
  }
}

Response

{
  "@type": "https://adiassociation.org/credential-schema/1.0/archive-response",
  "@id": "<uuid-archive-cred-response>",
  "status": "{ OK | FAILED | PENDING }",
  "comment": "Schema abcd123456 Archived",
  "~thread": {
    "thid": "uuid-archive-schema-12345",
    "message": "e.g. comment or reason of failed request"
  }
}

1.5. Credential Protocol

Defines the ADIA-specific protocol extensions to the Aries issue-credential (v1.0) protocol RFC. These companion protocols are used during issuance, revocation & expiration of the Verifiable Credentials.

Title Description
Credential credential, 1.0
Motivation In addition to the Aries 1.0/issue-credential protocol, there are several ADIA-specific operations related to the VC that are required to be supported in the ADIA Spec. E.g. Save VC metadata. This extention protocol defines those ADIA-specific operations.

1.5.1. Implemented By

1.5.2. Roles

1.5.3. Sub/Co-protocols

This protocol uses following standard Aries protocol messages defined in Aries-RFC 0036-issue-credential

1.5.4. States

States for Issuer

States for User (Cloud Agent)

1.5.5. Protocol Commands

1.5.5.1. request-signature (ADIA-CR-001)

Request - From Issuer to Cloud Agent

{
  "@type": "https://adiassociation.org/credential/1.0/request-signature",
  "@id": "<uuid-request-signature-12345>",
  "comment": "some comment",
  "attributes": {
    "credentials~attach": [{            // Bas64 encoded credential issued
      "@id": "libindy-cred-0",
      "mime-type": "application/json",
      "data": {
        "base64": "eyJzY2hlbWFfaWQiOiJkaWQ6ZHR4Ono...(clipped)...hIZG85V2JBYUVhcmlFTTI4In0="
      }
    }]
  }
}

Description of fields:

Response - ACK from Cloud Agent

{
  "@type": "https://didcomm.org/credential/1.0/request-signature-ack",
  "@id": "<uuid-request-signature-ack-12345>",
  "status": "OK",
  "~thread": {
    "thid": "<uuid-request-signature-12345>",
    "signature_request_received": true
  }
}
1.5.5.2. send-signed-vc (ADIA-CR-002)

Request - From Cloud Agent to Issuer

{
  "@type": "https://adiassociation.org/credential/1.0/send-signed-vc",
  "@id": "<uuid-send-signed-vc-12345>",
  "attributes": {
    "credentials~attach": [{
      "@id": "libindy-cred-0",
      "mime-type": "application/json",
      "data": {
          "base64": "eyJzY2hlbWFfaWQiOiJkaWQ6ZHR4Ono...(clipped)...hIZG85V2JBYUVhcmlFTTI4In0="
      },
      "signature": "59aTycBb22Tc48daQd8U149ePebKXX3BfXAWV1aj7g2wfqpjWhBymn8WiHfkfjbCaKMscSplitjyMupNn19Oxup3V"
    }]
  }
}

Response - ACK from Issuer Agent

{
  "@type": "https://adiassociation.org/credential/1.0/send-signed-vc-ack",
  "@id": "<uuid-send-signed-vc-ack>",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "<uuid-send-signed-vc-12345>",
    "message": "e.g. comment or reason of failed request"
    "signed_vc_received": true,
  }
}
1.5.5.3. revoke-vc (ADIA-CR-003)

Note: For the purpose of Auditing, credential metadata records are immutable and any changes or update is a new metadata audit-trail record appended with a last update time.

Request

{
  "@type": "https://adiassociation.org/credential/1.0/revoke-vc",
  "@id": "<uuid-revoke-vc-12345>",
  "attributes": {
    "schema_id": "did:key:z6MkpD8tURngJVkoiU9fXQWVRC1LPGJ67pWUTQkBfnPZnVRw:Verified Person:1.5",
    "credential_id": "rngJVkoiU9fXQWVRC1LPGJ67pWUTQkBfnPZnVR",
    "dasUserId": "{DAS_USER_ID}"
  }
}

Response

{
  "@type": "https://adiassociation.org/credential/1.0/revoke-vc-notification-ack",
  "@id": "<uuid-revoke-vc-notification-ack-12345>",
  "status": "{ OK | FAILED | PENDING }",
  "~thread": {
    "thid": "<uuid-revoke-vc-12345>",
    "message": "e.g. comment or reason of failed request"
  }
}
1.5.5.4. expire-vc (ADIA-CR-004)

Note: For the purpose of Auditing, credential metadata records are immutable and any changes or update is a new metadata audit-trail record appended with a last update time.

Request

{
  "@type": "https://adiassociation.org/credential/1.0/expire-vc",
  "@id": "<uuid-expire-vc-12345>",
  "comment": "VC expired, please remove from VC Store",
  "attributes": {
    "schema_id": "did:key:z6MkpD8tURngJVkoiU9fXQWVRC1LPGJ67pWUTQkBfnPZnVRw:Verified Person:1.5",
    "credential_id": "rngJVkoiU9fXQWVRC1LPGJ67pWUTQkBfnPZnVR",
    "dasUserId": "{DAS_USER_ID}",
    "expirationDate": "ISO 8601 format"
  }
}

Response

{
  "@type": "https://adiassociation.org/credential/1.0/expire-vc-notification-ack",
  "@id": "<uuid-expire-vc-notification-ack-12345>",
  "status": "{ OK | FAILED | PENDING }",
  "comment": "VC Removed",
  "~thread": {
    "thid": "<uuid-expire-vc-12345>",
    "message": "e.g. comment or reason of failed request"
  }
}

1.5.6. Standard Protocol Commands

Following standard messages are used as defined in the Aries RFC 0036: Issue Credential Protocol 1.0.

1.5.6.1. propose-credential (Aries-RFC-0036-1)
{
  "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/issue-credential/1.0/propose-credential",
  "@id": "<uuid-of-propose-message>",
  "comment": "some comment",
  "credential_proposal": "<json-ld object of the credential proposal>",
  "schema_id": "Schema ID string",
  "cred_def_id": "Credential Definition ID string"
}
1.5.6.2. offer-credential (Aries-RFC-0036-2)
{
  "@id": "c34b2ba6-e111-4486-b726-7c432472732f",
  "@type": "https://didcomm.org/issue-credential/1.0/offer-credential",
  "connection_id": "06c5bd5a-db8d-4377-8d36-710ca3bfcdb2",
  "comment": "some comment",
  "credential_preview": {    // preview object of the credential attributes being issued
    "@id": null,
    "@type": "https://didcomm.org/issue-credential/1.0/credential-preview",
    "attributes": [{
      "name": "firstName",
      "mime-type": "application/json",
      "value": "Edward"
    }, {
      "name": "lastName",
      "mime-type": "application/json",
      "value": "Cullen"
    }, {
      "name": "yearOfBirth",
      "mime-type": "application/json",
      "value": "1994"
    }, {
      "name": "diagnosisMethods",
      "mime-type": "application/json",
      "value": "Mouth Swab"
    }, {
      "name": "diagnosisFacility",
      "mime-type": "application/json",
      "value": "cvsNY"
    }]
  },
  "offers~attach": [{
    "@id": "libindy-cred-offer-0",
    "mime-type": "application/json",
    "data": {
      // Base64 encoding of the credential offer - It contains schema details
      "base64": "eyJzY2hlbWFfaWQiOiJkaWQ6ZHR4Ono2TWtoV1...(clipped)...YW19uIC0gKlIjo9uIC0gKiTm9uZSJ9"
    }
  }]
}
1.5.6.3. request-credential (Aries-RFC-0036-3)
{
  "@id": "c34b2ba6-e111-4486-b726-7c432472732f",
  "@type": "https://didcomm.org/issue-credential/1.0/request-credential",
  "~thread": {
    "thid": "c34b2ba6-e111-4486-b726-7c432472732f",
    "sender_order": 0,
    "received_orders": {}
  },
  "comment": "some comment",
  "requests~attach": [{                // Credential Request by Recipient against the offer sent by Sender
    "@id": "libindy-cred-request-0",
    "mime-type": "application/json",
    "data": {
      "base64": "eyJDcmVkZW50aWFsUmVxSnNvbiI6eyJwcm92ZXJfZGlkIjoi...(clipped)...9uIC0gKG5vdCBrbm93biB0byBpc3N1ZXIpIn0="
    }
  }]
}
1.5.6.4. issue-credential (Aries-RFC-0036-4)
{
  "@id": "49f40b8e-5be6-4837-ba65-63a805d90046",
  "@type": "https://didcomm.org/issue-credential/1.0/issue-credential",
  "~thread": {
    "thid": "c34b2ba6-e111-4486-b726-7c432472732f",
    "sender_order": 0,
    "received_orders": {}
  },
  "comment": "some comment",
  "credentials~attach": [{
    "@id": "libindy-cred-0",
    "mime-type": "application/json",
    "data": {
      // Bas64 encoded credential issued by Sender
      "base64": "eyJzY2hlbWFfaWQiOiJkaWQ6ZHR4Ono2...(clipped)...Wnp2MWhIZG85V2JBYUVhcmlFTTI4In0="
    }
  }]
}

1.6. Verification Protocol

Defines ADIA-specific protocol extensions which are basically a companion to the Aries 1.0/present-proof protocol RFC. It also describes steps for Proof Presentation by a User to the Service Provider.

Title Description
Protocol Name & Version verification, 1.0
Motivation In addition to the Aries present-proof (v1.0) protocol, there are several ADIA-specific operations that are required to be supported in the ADIA Ecosystem during the Proof Presentation. E.g. Lookup VC metadata, Retrieve VC from Issuer’s VC Store. This extention protocol defines those ADIA-specific Verification operations.

1.6.1. Implemented By

1.6.2. Roles

1.6.3. Sub/Co-protocols

This protocol uses following standard Aries protocol messages defined in Aries-RFC 0037-present-proof

1.6.4. States

States for Service Provider

States for User (Cloud Agent)

States for Issuer

1.6.5. Protocol Commands

Request
{
  "@type": "https://adiassociation.org/verification/1.0/request-consent",
  "@id": "<uuid-request-consent-12345>",
  "comment": "some comment",
  "adia": {
    "attributes": {
      "schemaId": "<unique-identifier-of-the-vc-schema>",
      "credentialId": "<unique-identifier-of-the-vc>",
      "issuerId": "{ISSUER_ID}",
      "requestedAttributes": "{ALL | ARRAY_OF_SPECIFIC_ATTRBUTES}"
    }
  }
}

Response - ACK

{
    "@type": "https://adiassociation.org/verification/1.0/request-consent-ack",
    "@id": "<uuid-request-consent-ack-12345>",
    "status": "{ OK | FAILED | PENDING }",
    "~thread": {
      "thid": "<uuid-request-consent-12345>",
      "message": "e.g. comment or reason of failed request"
    }
}

Request - From DAA to Cloud Agent

{
    "@type": "https://adiassociation.org/verification/1.0/submit-consent",
    "@id": "<uuid-submit-consent-12345>",
    "adia": {
      "attributes": {
        "consent": "{ APPROVE | REJECT }"
      }
    },
    "comment": "some comment",
    "~thread": {
      "thid": "<uuid-request-consent-response-12345>",      //Thread of the previous message where consent was requested.
      "message": "e.g. comment or reason of failed request"
    }
}
1.6.5.3. request-vc (ADIA-VP-003)

Request

{
  "@type": "https://adiassociation.org/verification/1.0/request-vc",
  "@id": "<uuid-request-vc-12345>",
  "adia": {
    "attributes": {
      "schemaId": "<unique-identifier-of-the-vc-schema>",
      "credentialId": "<unique-identifier-of-the-vc>",
      "userId": "{DAS_USER_ID}"
    }
  }
}
Response - ACK
{
    "@type": "https://adiassociation.org/verification/1.0/request-vc-ack",
    "@id": "<uuid-request-vc-ack-12345>",
    "status": "{ OK | FAILED | PENDING }",
    "~thread": {
      "thid": "uuid-request-vc-12345",
      "message": "e.g. comment or reason of failed request"
    }
}

Response - with the original VC

{
  "@type": "https://adiassociation.org/verification/1.0/request-vc-response",
  "@id": "<uuid-request-vc-response-12345>",
  "adia": {
    "attributes": {
      "credentialsAttach": [{            // The original VC retrieved from the VC Store
          "@id": "libindy-cred-0",
          "mime-type": "application/json",
          "data": {
              "base64": "eyJzY2hlbWFfaWQiOiJkaWQ6ZHR4Ono...(clipped)...hIZG85V2JBYUVhcmlFTTI4In0="
          },
          "signature": "59nTycBn22T648daQW8U149eP9bKXX3BoXAWV1aj7R2wfqpjWYBymn8WTHfkfDbCaMscSpitjyRAupon19Nxui3V"
        }]
    }
  },
  "~thread": {
    "thid": "uuid-request-vc-12345",
    "message": "e.g. comment or reason of failed request"
  }
}
1.6.5.4. verify-vc-claims (ADIA-VP-004)

1.6.6. Standard Protocol Commands

Following standard messages are used as defined in the Aries RFC 0037: Present Proof Protocol 1.0.

1.6.6.1. propose-presentation (Aries-RFC-0037-1)
{
  "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/propose-presentation",
  "@id": "<uuid-propose-presentation>",
  "comment": "some comment",
  "presentation_proposal": "<json-ld object of the proposed presentation>"
}
1.6.6.2. request-presentation (Aries-RFC-0037-2)
{
  "@id": "04f37b27-07dd-4bfe-b3d0-8a21777f91ea",
  "@type": "https://didcomm.org/present-proof/1.0/request-presentation",
  "comment": "some comment",
  "request_presentations~attach": [{
    "@id": "request-presentation-0",
    "mime-type": "application/json",
    "data": {
      "base64": "eyJuYW1lIjoidmVyaWZ5RGlhZ25vc2lzUmVjb3JkI ... (clipped) ... pEaWFnbm9zaXNSZWNvcmRDdnM6MS4wIn1dfX19"
      }
  }],
  "~thread": {
    "thid": "04f37b27-07dd-4bfe-b3d0-8a21777f91ea",
    "sender_order": 0,
    "received_orders": {}
  }
}
{
  "name": "verifyDiagnosisRecord",
  "version": "3.0",
  "nonce": "1234",
  "requested_attributes": {
    "attribute": {
      "names": [
        "firstName",
        "diagnosisMethods"
      ],
      "restrictions": [
        {
          "schema_id": "did:dtx:z6MknKF7ddVhLKtpob4g1Qw22wF2cHAyyEtfaXQMnHRBaEms:DiagnosisRecordCvs:1.0"
        }
      ]
    }
  },
  "requested_predicates": {
    "predicate": {
      "p_type": "<",
      "p_value": "2000",
      "name": "yearOfBirth",
      "restrictions": [
        {
          "schema_id": "did:dtx:z6MknKF7ddVhLKtpob4g1Qw22wF2cHAyyEtfaXQMnHRBaEms:DiagnosisRecordCvs:1.0"
        }
      ]
    }
  }
}
1.6.6.3. presentation (Aries-RFC-0037-3)
{
  "@id": "7158a81a-66ff-493d-9470-3b40d887ffdc",
  "@type": "https://didcomm.org/present-proof/1.0/presentation",
  "presentations~attach": [
    {
      "@id": "libindy-presentation-0",
      "mime-type": "application/json",
      "data": {
        "base64": "eyJwcm9vZiI6eyJwcm9vZnMiOnsiYXR0cmlidXRlIjp7In ... (clipped) ... ZzOjEuMDpEaWFnbm9zaXNSZWNvcmRDVlMifV19"
      }
    }
  ],
  "~thread": {
    "thid": "04f37b27-07dd-4bfe-b3d0-8a21777f91ea",
    "sender_order": 0,
    "received_orders": {}
  }
}

2. Enumerations

2.1. Entity Names

2.2. Goal Codes

2.2.1. HIDA

2.2.2. Digital Address

2.2.3. Provisioning Agent

2.3. Acknowledgments

2.3.1. Contributors

2.3.2. Reviewers

If a credit is missing from the credit list below, please log a ticket at GitHub to be recognized in future updates.