This is a Credential Provider Server that can generate, sign, validate, update, and revoke credentials. The credentials follow the standard Verifiable Credentials (VC) by the W3C. Credentials can be used to contain information about anything. Also, they can be signed by the issuer, and refer to a subject. Therefore, if the issuer is trusted by a third party, this third party can trust information about the subject by verifying the validity of the credential, whithout having to ask the issuer.
When the previous is leveraged, and the subject is in control of their credentials, we can build identity models that fall into the category of self-sovereign identity (SSI). LACChain is developing a techno-legal framework for SSI.
The Credential Provider Server signs a credential using its own keys, which it is configurable. It manages its own repository of credentials, which by default is a smart contract that is deployed when server inits. The Credentials are verifiable against the smart contract deployed in the blockchain by default, but you can configure and choose your proof and revocation list service.
The Hashing Service and the Credential Service are being used for the notarizing tool named LACChain Notarizer, that you can use to register and verify the hash any file in the LACChain Blockchain Network for free. For any questions about the tool, you can also read the LACChain Notarizer FAQ.
- Go 1.12+ installation or later
- GOPATH environment variable is set correctly
- docker version 17.03 or later
- cmd/credential-provider-server contains the main for the credential-provider-server command.
- lib contains most of the code.
- blockchain contains smart contracts, ABIs, connections to Ethereum
- business contains business logic that will be consume by APIs
- models contains data models of requests and responses of APIs
- swagger contains documentation about APIs in Swagger and SwaggerUI to visualize this documentation
- util contains util functions about files and ethereum address
$ git clone https://github.com/lacchain/credential-server
$ export GO111MODULE=on
$ cd CredentialMother/cmd/credential-provider-server
$ go build
$ credential-provider-server init [-x PASSWORD]
[PASSWORD] is your keystore password that will be created
$ credential-provider-server start --port=8000 --tlscertificate server.crt --tlskey server.key [-x PASSWORD]
where --port is a listen port http
You can try in localhost:8000/swagger-ui/
- Clone this repository
$ git clone https://github.com/lacchain/credential-server
- Create a local directory that saves application data
$ mkdir /CredentialData
- Copy the YAML configuration file and swaggerui from repository to your local directory created above:
$ cp repo/CredentialServer/credential-provider-server-config.yaml /CredentialData/
$ cp -r repo/CredentialServer/swagger/swaggerui /CredentialData/
-
Now set your parameters into the file credential-provider-server-config.yaml
-
Create a directory that will store the keystore which save the private key
$ mkdir -p /CredentialData/keystore
-
After that, save your keystore into this directory
-
Finally pull the docker image and run the container, setting your node identity and the folder location that will be the volume
$ docker pull ccamaleon5/credentialserver:1.0.0
$ docker run -dit -v {CredentialServer_DIR}:/CredentialProvider -p 8000:8000 -p 8001:8001 aparejaa/credentialserver:1.0.0 credential-provider-server init [-x PASSWORD]
$ docker run -dit -v {CredentialServer_DIR}:/CredentialProvider -p 8000:8000 -p 8001:8001 aparejaa/credentialserver:1.0.0
- The container will create KeyStore in your local volume
You can try in localhost:8000/swagger-ui/
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.