Verification flow
We are following very close the work of the OpenID Foundation on the OpenID4VP communication protocol. Since at the time of writing, OpenID4VP is still a draft, we implemented the custom verification flow DIDroom4VP.
Basics
The DIDroom4VP flow involves these main components:
- Wallet: DIDroom Wallet
- Verifier: DIDroom Verifier
- Relying_Party: a microservices contained in DIDroom Microservices
- W3C DID Service: powered by a service running the W3C did:dyne method, also see the DID explorer
We worked on separating the role of the Relying_Party (a trusted microservice) with the role of the Verifier (a mobile app being managed by a human).
All the data communication happen directly (REST and response), except the communication between the Relying_Party and the Verifier at the end, which uses Firebase.
We also use a microservice acting as a bridge between the Relying_Party and Firebase, which we ommitted in the diagram.