This is an example showing how to program a basic Trusted Anchor software.
Main objective of this example is to issue a Verifiable claim to an user, declaring his full name and citizenship based on European Qualified electronic signature (QES).
QES is compliant with EU Regulation No 910/2014 (eIDAS Regulation), which means that it is created with qualified certificate. Qualified certificate contains the name and address of the holder and therefore by creating QES on document with TA challenge embedded, one is proving his identity (full name and country from the qualified certificate).
Because this is only an example, the signing process is solely in the hands of the user (no signing applet/plugin is provided). User can use any viable means to create valid eIDAS conformant PADES signature. One of the possible way, how to create such a signature is to use http://dss.nowina.lu/signature .
Working copy of this TA is deployed to http://ontdetective.org.
-
User will first submit a Request for Verifiable claim based on OEP-2 https://github.com/ontio/OEPs/blob/master/OEP-2/OEP-2.1.mediawiki
-
Trusted anchor will generate a challenge pdf to the user for signing (the pdf contains signed JWT challenge)
-
User will sign this pdf with his Qualified certificate (e.g.: estonian/slovak eID, ...)
-
User will upload signed pdf to Trusted anchor
-
Trusted anchor will issue and attest a Verifiable claim if received
This TA example consist of two parts:
- TypeScript TA part responsible for integration to Ontology network
- Java Server responsible for PDF generation and validation (so https://github.com/esig/dss can be used for validation against European Trusted list)
For faster building process and development experience install Yarn
npm install --global yarn
Java server is build with maven
git clone 'https://github.com/backslash47/ontology-ta-qes.git'
yarn build
yarn start
mvn package
java -jar target/bundle.jar
- TypeScript - Used language
- Node.js - JavaScript runtime for building and ingest
- Ontology TypeScript SDK - The framework used
- Spring Boot - The framework used
- Matus Zamborsky - Initial work - Backslash47
This project is licensed under the LGPL License - see the LICENSE.md file for details
Many thanks to the whole Ontology team, who done a great job bringing Ontology to life.