index.html

<!DOCTYPE html>
<html>
  <head>
    <title>Verifiable Presentation Request v2024</title>
    <meta http-equiv='Content-Type' content='text/html;charset=utf-8'/>
    <!--
      === NOTA BENE ===
      For the three scripts below, if your spec resides on dev.w3 you can check them
      out in the same tree and use relative links so that they'll work offline,
     -->
    <script src='https://www.w3.org/Tools/respec/respec-w3c' class='remove'></script>
    <script src="./common.js" class="remove"></script>
    <script type="text/javascript" class="remove">
      var respecConfig = {
        // specification status (e.g., WD, LCWD, NOTE, etc.). If in doubt use ED.
        specStatus: "CG-DRAFT",

        // the specification's short name, as in http://www.w3.org/TR/short-name/
        shortName: "vp-request-spec",

        // subtitle for the spec
        subtitle: "A data model for requesting presenations of verifiable credentials",

        // if you wish the publication date to be other than today, set this
        //publishDate: "",
        //crEnd: "",
        //prEnd: "",
        //implementationReportURI: "",

        // if there is a previously published draft, uncomment this and set its YYYY-MM-DD date
        // and its maturity status
        // previousPublishDate:  "1977-03-15",
        // previousMaturity:  "WD",

        // extend the bibliography entries
        doJsonLd: true,

        github: "https://github.com/w3c-ccg/vp-request-spec/",
        includePermalinks: false,

        // if there a publicly available Editor's Draft, this is the link
        edDraftURI: "https://w3c-ccg.github.io/vp-request-spec/",

        // if this is a LCWD, uncomment and set the end of its review period
        // lcEnd: "2009-08-05",

        // editors, add as many as you like
        // only "name" is required
        editors: [
          { name: "Dave Longley", url: "https://github.com/dlongley",
            company: "Digital Bazaar", companyURL: "https://digitalbazaar.com/"},
          { name: "Mike Varley",
              company: "Secure Key", companyURL: "https://securekey.com/"},
          { name: "Dmitri Zagidulin", url: "https://www.linkedin.com/in/dzagidulin/",
            company: "Digital Bazaar", companyURL: "https://digitalbazaar.com/"}
        ],
        // authors, add as many as you like.
        // This is optional, uncomment if you have authors as well as editors.
        // only "name" is required. Same format as editors.
        authors: [
          // { name: "Dave Longley", url: "https://digitalbazaar.com/",
          //   company: "Digital Bazaar", companyURL: "https://digitalbazaar.com/"},
          // { name: "Manu Sporny", url: "https://digitalbazaar.com/",
          //   company: "Digital Bazaar", companyURL: "https://digitalbazaar.com/" }
        ],
        // name of the WG
        wg:           "W3C Credentials Community Group",
        group: "credentials",

        // URI of the public WG page
        wgURI:        "https://w3c-ccg.github.io/",

        // name (with the @w3c.org) of the public mailing to which comments are due
        wgPublicList: "public-credentials",

        lint: {"no-unused-dfns": false},
        postProcess: [restrictRefs],

        xref: ["INFRA", "MIMESNIFF", "VC-DATA-MODEL-2.0"],
        otherLinks: [{
          key: "Related Specifications",
          data: [{
            value: "The Verifiable Credentials Data Model v2.0",
            href: "https://www.w3.org/TR/VC-DATA-MODEL-2.0/"
          }, {
            value: "The Edwards Digital Signature Algorithm Cryptosuites v1.0",
            href: "https://www.w3.org/TR/vc-di-eddsa/"
          }, {
            value: "The Elliptic Curve Digital Signature Algorithm Cryptosuites v1.0",
            href: "https://www.w3.org/TR/vc-di-ecdsa/"
          }, {
            value: "The BBS Digital Signature Algorithm Cryptosuites v1.0",
            href: "https://www.w3.org/TR/vc-di-bbs/"
          }]
        }],

        // URI of the patent status for this WG, for Rec-track documents
        // !!!! IMPORTANT !!!!
        // This is important for Rec-track documents, do not copy a patent URI from a random
        // document unless you know what you're doing. If in doubt ask your friendly neighborhood
        // Team Contact.
        wgPatentURI:  "https://www.w3.org/2004/01/pp-impl/98922/status",
        maxTocLevel: 2,
        inlineCSS: true
      };
    </script>
    <style>
code {
  color: rgb(199, 73, 0);
  font-weight: bold;
}
pre {
  overflow-x: auto;
  white-space: pre-wrap;
}
pre .highlight {
  font-weight: bold;
  color: Green;
}
pre .subject {
  font-weight: bold;
  color: RoyalBlue;
}
pre .property {
  font-weight: bold;
  color: DarkGoldenrod;
}
pre .comment {
  font-weight: bold;
  color: SteelBlue;
  -webkit-user-select: none;
  -moz-user-select: none;
  -ms-user-select: none;
  user-select: none;
}
ol.algorithm { counter-reset:numsection; list-style-type: none; }
ol.algorithm li { margin: 0.5em 0; }
ol.algorithm li:before { font-weight: bold; counter-increment: numsection; content: counters(numsection, ".") ") "; }

table.simple {
    border-collapse: collapse;
    margin: 25px 0;
    min-width: 400px;
    border: 1px solid #dddddd;
}
table.simple thead tr {
    background-color: #005a9c;
    color: #ffffff;
    text-align: left;
}
table.simple th,
table.simple td {
    padding: 12px 15px;
    vertical-align: top;
    text-align: left;
}
table.simple tbody tr {
    border-bottom: 1px solid #dddddd;
}
table.simple tbody tr:nth-of-type(even) {
    background-color: #00000008;
}
table.simple tbody tr:last-of-type {
    border-bottom: 2px solid #005a9c;
}
    </style>
  </head>
  <body>
    <section id='abstract'>
      <p>
This specification describes a declarative JSON-based query language used by
applications to perform requests from wallets and agents. The results of the
requests are always wrapped in a Verifiable Presentation.
      </p>
    </section>

    <section id='sotd'>
      <p>
This draft highlights some of the pending issues that are still to be discussed
in the community group. No decision has been taken on the outcome of these
issues including whether they are valid. Pull requests with proposed
specification text for outstanding issues are strongly encouraged.
      </p>
    </section>

    <section class="informative">
      <h2>Introduction</h2>

      <p>
When working with Verifiable Credentials, Decentralized Identifier (DID) based
Authentication, and Authorization Capabilities, a client application often needs
to request credential-related objects from a wallet or agent. This document
presents a specification that describes the format of those requests.
      </p>

      <p>
Note: This specification is unstable at present, and only reflects an effort to
get initial interop working, for incubation and implementation experience.
Additionally, the intention is to align this spec and the query format to
fit into/work with other protocols/messaging formats such as DIDComm.
      </p>

      <section class="informative">
        <h2>Overview</h2>

        <p>
To make a request for one or more objects wrapped in a Verifiable Presentation,
a client constructs a JSON request describing one or more queries that
it wishes to perform from the receiver.
        </p>

        <pre class="example nohighlight" title="A sample query">
{
  query: [{
    type: 'APopularQueryType',
    // query details ...
  }, {
    type: 'AnotherQueryType',
    // query details ...
  }],

  // Challenge that will be digitally signed in the authentication proof
  // that will be attached to the VerifiablePresentation response
  challenge, // Required
  recipients: [
    // an optional key agreement key for encrypting the response if
    // this is supported
  ],
  interact: {
    // an optional set of mechanisms that can be used to respond to the query
    "service": [{
      // a service that can be used to respond to the query where the service
      // might be an HTTP endpoint, bluetooth location, or P2P protocol
    }]
  }
}
        </pre>

      </section>

      <section id="conformance">
      </section>

      <section>
        <h2>Terminology</h2>

        <p>
This specification relies on terminology defined in [[[VC-DATA-MODEL-2.0]]].
This section defines additional terms used in this specification. A link to
these terms is included whenever they appear in this specification.
        </p>

        <dl class="termlist definitions" data-sort="ascending">
          <dt><dfn class="export">presentation request</dfn></dt>
          <dd>
A request made by a [=verifier=] for a [=presentation=] by the [=holder=].
          </dd>


      </section>
    </section>

    <section class="normative">
      <h2>Query and Response Types</h2>

      <p>
The <dfn>query type</dfn> serves as the main extension point mechanism for
requests for data in the presentation. While this document defines several
common query types, all query objects are of the following form:
      </p>

      <dl>
        <dt>query</dt>
        <dd>
A REQUIRED property that specifies the information requested by the
[=verifier=]. The value MUST be one or more [=maps=] where each [=map=] MUST
define a `type` property with an associated [=string=] value.
        </dd>
        <dt><dfn class="export">challenge</dfn></dt>
        <dd>
An OPTIONAL, unique [=string=] that is provided by a [=verifier=] to a
[=holder=] during a specific [=presentation request=]. The [=holder=] includes
the data in a [=verifiable presentation=] to the [=verifier=] to protect against
<a data-cite="?VC-DATA-MODEL-2.0#replay-attack">replay attacks</a>.
        </dd>
        <dt><dfn class="export">domain</dfn></dt>
        <dd>
An OPTIONAL [=string=] that is provided by a [=verifier=] to a [=holder=] during
a [=presentation request=]. The [=holder=] checks to ensure that the data is
associated with the domain, such as a website domain, that they are interacting
with, and if it is, includes the data in a [=verifiable presentation=]. A domain
is used to ensure that the [=holder=] limits their [=verifiable presentation=]
to a specific [=verifier=] in order to protect against
<a data-cite="?VC-DATA-MODEL-2.0#replay-attack">replay attacks</a>.
        </dd>

      </dl>

      <section>
        <h3>Query By Example</h3>

        <p>
The "query by example" credential query format is designed to enable developers
to easily request the [=claims=] that they need to perform a particular business
process from one or more [=verifiable credentials=]. The query can also
specify other information, such as one or more [=issuers=] that are trusted by
the [=verifier=].
        </p>

        <pre class="example nohighlight" title="A Query By Example query">
{
  "query": [
    {
      "type": "QueryByExample",
      "credentialQuery": [
        {
          // One or more example query entries
          "required": false, // (Optional) Defaults to 'true' if omitted
          // (Optional) Reason for requesting this credential that
          // may be shown to a user by their wallet software
          "reason": "We need you to prove your eligibility to work.",
          "example": {
            "@context": ["https://www.w3.org/2018/credentials/v1", "https://w3id.org/citizenship/v1"],
            "type": "PermanentResidentCard",
            // (Optional) You can request a specific subject id
            "credentialSubject": {
              "id": "...",
              "name": "..."
            },
            // (Optional) Specify only credentials of a particular schema
            "credentialSchema": {
              "id": "urn:foo:1234",
              "type": "SomeType"
            }
          },
          // (Optional) Specify credentials from a particular issuer only
          "trustedIssuer": [
            {
              "required": true,
              "issuer": "urn:some:required:issuer"
            }
          ]
        }
      ]
    },
    {
      // Another example query
      "type": "AnotherQueryType"
      // ...
    }
  ],
  "challenge": "3182bdea-63d9-11ea-b6de-3b7c1404d57f",
  // the domain that will be digitally signed in the authentication
  // proof that will be attached to the VerifiablePresentation
  // response, identifying the recipient
  "domain": "jobs.example.com"
}
        </pre>
      </section>

      <section>
        <h3>DID Authentication</h3>

        <p>
This section defines how a <a>verifier</a> can request that a
<a>holder</a> perform Decentralized Identifier-based Authentication
[[?DID-CORE]]. In its simplest form, the authentication protocol is comprised
of a challenge by the <a>verifier</a> and a response by a <a>holder</a>:
        </p>

        <pre class="example" title="A DID Authentication request">
{
  "query": [{
    "type": "DIDAuthentication",
    "acceptedMethods": [{"method": "example"}]
  }],
  "challenge": "99612b24-63d9-11ea-b99f-4f66f3e4f81a",
  "domain": "example.com"
}
        </pre>

        <p>
The DID Authentication request above specifies that the <a>verifier</a> would
like the <a>holder</a> to demonstrate control over a DID by generating a
digital signature over the provided challenge. The <a>holder</a> might respond
by providing the following response:
        </p>

        <pre class="example" title="A DID Authentication response">
{
  "@context": ["https://www.w3.org/ns/credentials/v2"],
  "type": "VerifiablePresentation",
  "holder": "did:example:12345",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "eddsa-rdfc-2022",
    "verificationMethod": "did:example:12345#key-1",
    "challenge": "99612b24-63d9-11ea-b99f-4f66f3e4f81a",
    "domain": "example.com",
    "created": "2024-02-25T14:58:42Z",
    "proofPurpose": "authentication",
    "proofValue": "z3FXQjecWufY46...UAUL5n2Brbx"
  }
}
        </pre>

        <p class="issue">
The DID Authentication examples shown in this document use a new proof type
called `DataIntegrityProof` which is currently under development in the
<a href="https://www.w3.org/2017/vc/WG/">W3C Verifiable Credentials Working
Group</a>.
        </p>

        <section>
          <h3>The DID Authentication Query Format</h3>

          <p>
The DID Authentication query format enables a <a>verifier</a> to request that
a <a>holder</a> authenticate in specific ways. A DID Authentication query MUST
be of the following form:
          </p>
          <table class="simple">
            <tr>
              <th>Property</th>
              <th>Description</th>
            </tr>
            <tr>
              <td>type</td>
              <td>
a REQUIRED string value that MUST be set to <code>DIDAuthentication</code>.
              </td>
            </tr>
            <tr>
              <td>acceptedMethods</td>
              <td>
An optional array of objects that expresses the <a>verifier</a> would accept
any DID Method listed. Each object in the array MUST contain a property called
`method` with a value that is a DID Method name, and MAY contain other
properties that are specific to the DID Method. Valid example values
include: <code>[{"method": "key"}]</code> and
<code>[{"method": "key"}, {"method": "web"}]</code>.
              </td>
            </tr>
            <tr>
              <td>acceptedCryptosuites</td>
              <td>
An optional array of objects that conveys the cryptography suites that MUST be
used by the <a>holder</a> to generate a cryptographic proof. Each object in the
array MUST contain a property called `cryptosuite` with a value that is a
cryptosuite name, and MAY contain other properties that are specific to the
cryptosuite. Valid example values include:
<code>[{"cryptosuite": "eddsa-rdfc-2022"}]</code> and
<code>[{"cryptosuite": "ecdsa-rdfc-2019"}, {"cryptosuite": "bbs-2023"}]</code>.
              </td>
            </tr>
          </table>

          <p>
The following example demonstrates that the <a>verifier</a> would like the
<a>holder</a> to use the DID Web method and a data integrity ECDSA
cryptography suite to authenticate over the established communication channel,
such as the Credential Handler API (CHAPI):
          </p>

          <pre class="example"
            title="A DID Authentication request using did:web and ecdsa-rdfc-2019">
{
  "query": [{
    "type": "DIDAuthentication",
    "acceptedMethods": [{"method": "key"}],
    "acceptedCryptosuites": [{"cryptosuite": "ecdsa-rdfc-2019"}]
  }],
  "challenge": "99612b24-63d9-11ea-b99f-4f66f3e4f81a",
  "domain": "example.com"
}
          </pre>

          <p>
The next example demonstrates that the <a>verifier</a> would like the
<a>holder</a> to use either the DID Key or DID Web method, and the standard
EdDSA data integrity cryptography suite, and optionally also include a
cryptographic proof that they are capable of performing a data integrity BBS
proof, and authenticate over a different communication channel, in this case
using a Verifiable Credential API HTTP endpoint:
          </p>

          <pre class="example" title="A complex DID Authentication request">
{
  "query": [{
    "type": "DIDAuthentication",
    "acceptedMethods": [{"method": "key"}, {"method": "web"}],
    "acceptedCryptosuites": [{"cryptosuite": "ecdsa-rdfc-2019"}]
  }, {
    "type": "DIDAuthentication",
    "required": false,
    "acceptedMethods": [{"method": "key"}, {"method": "web"}],
    "acceptedCryptosuites": [{"cryptosuite": "bbs-2023"}]
  }],
  "challenge": "zLEwtBYgQVNR4tyeo",
  "domain": "didauth.example",
  "interact": {
    "service": [{
      "type": "UnmediatedHttpPresentationService2021",
      "serviceEndpoint": "https://didauth.example/exchanges/zYRo25k7G2UVWkrNt"
    }]
  }
}
          </pre>

        </section>

        <section>
          <h3>The DID Authentication Response Format</h3>

          <p>
The DID Authentication response format enables a <a>holder</a> to
provide the information requested by the <a>verifier</a>. A DID Authentication
response MUST be a <a>verifiable presentation</a> of the following form:
          </p>
          <table class="simple">
            <tr>
              <th>Property</th>
              <th>Description</th>
            </tr>
            <tr>
              <td>type</td>
              <td>
a REQUIRED string value that MUST be set to <code>VerifiablePresentation</code>.
              </td>
            </tr>
            <tr>
              <td>holder</td>
              <td>
a REQUIRED string value that MUST be set to a specific DID that is of the
type that was requested in the DID Authentication query.
              </td>
            </tr>
            <tr>
              <td>proof</td>
              <td>
a REQUIRED value that MUST be one or more specific digital proof types that
were requested in the DID Authentication query. Each proof object MUST
include the `domain` and `challenge` values that were provided in the DID
Authentication query. <a>Holder</a> implementations MUST ensure that the `domain` specified
by the <a>verifier</a> matches the domain used for the current channel of
communication.
              </td>
            </tr>
        </table>

        <p class="advisement">
It is vital that a <a>holder</a> implementation check the `domain` provided by the
`verifier` against the domain used for the current channel of communication. If
this is not done, a dishonest <a>verifier</a> could then replay the message
to a domain that is not their own. For example, a dishonest <a>verifier</a>
operating from the `evil.example` domain could retrieve a challenge from your
bank, specify a domain value of `yourbank.example`, and then replay
your response to your bank to get access to your financial accounts. This
attack is mitigated as long as implementations ensure that the appropriate
domain is used when generating the <a>verifiable presentation</a>.
        </p>

        <p>
The example below demonstrates a simple DID Authentication response.
        </p>

        <pre class="example"
          title="A DID Authentication response using did:key">
{
  "@context": ["https://www.w3.org/ns/credentials/v2"],
  "type": "VerifiablePresentation",
  "holder": "did:example:12345",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "eddsa-rdfc-2022",
    "verificationMethod": "did:example:12345#key-1",
    "challenge": "99612b24-63d9-11ea-b99f-4f66f3e4f81a",
    "domain": "example.com",
    "created": "2024-02-25T14:58:42Z",
    "proofPurpose": "authentication",
    "proofValue": "z3FXQjecWufY46...UAUL5n2Brbx"
  }
}
        </pre>
      </section>

      <section>
        <h3>Authorization Capability Request</h3>

        <p>
This query type would be included in a request to ask for Authorization
Capabilities or "zcaps" in the Verifiable Presentation.
        </p>

        <pre class="example nohighlight" title="A zCap Request query">
{
  query: [{
    type: 'ZcapQuery',
    capabilityQuery: [{
      referenceId: `a-memorable-name`,
      allowedAction: ['read', 'write'],
      invoker: 'did:key:1234',
      delegator: 'did:key:1234'
      invocationTarget: {
        type: 'urn:edv:documents'
      }
    }, {
      referenceId: `another-memorable-name`,
      allowedAction: 'sign',
      invoker: 'did:key:1234',
      delegator: 'did:key:1234',
      invocationTarget: {
        type: 'Ed25519VerificationKey2018',
        proofPurpose: 'assertionMethod'
      }
    }],
    challenge: '111112b24-63d9-11ea-b99f-4f66f3e4f81a'
  }]
}
        </pre>
      </section>
    </section>
    <section>
      <h3>Logical Operations in Queries</h3>

      <p>
In Verifiable Presentation Requests, the structuring and retrieval of
information rely on the use of logical operations. "AND" and "OR" operations
play crucial roles in defining the path to desired data.
      </p>

      <section>
        <h3>Top-Level Queries ("AND" Operation)</h3>

        <p>
At the top-most level of the request structure, different types of queries are
expected to be processed as "AND" operations. Each query is a unique condition
that needs to be met to fulfill the request. This means, each query listed in
the top-level array is an independent requirement.
        </p>

        <p>
In this example, there are two queries: `APopularQueryType` and
`AnotherQueryType`. The "AND" operation here indicates that both these conditions
need to be met in order to fulfill the request.
        </p>

        <pre class="example" title="Multiple credentials requested at once using top-level queries">
{
  "query": [
    // "and"
    {
      "type": 'APopularQueryType',
      // query details ...
    },
    // "and"
    {
      "type": 'AnotherQueryType',
      // query details ...
    }
  ]
}
        </pre>
      </section>

      <section>
        <h3>Nested Queries ("OR" Operation)</h3>

        <p>
Within a specific query type, an "OR" operation can be defined. This operation
indicates that one or more of the nested conditions needs to be met. When
all credentialQuery objects are optional, they are interpreted as "OR"
operations within their context. This enables flexible and forgiving data
retrieval where optional conditions can refine the results when possible, but
their absence will not halt the process.
        </p>

        <p>
In this `QueryByExample` type, we have a `credentialQuery` array where all
queries are optional. The "OR" operation suggests that fulfilling any one of the
listed conditions within `credentialQuery` will enhance the results, but is not
a requirement for the request to be valid or fulfilled. If none of the optional
`credentialQuery` conditions are met, the request will still proceed with the
other conditions outside the `credentialQuery` scope, which are interpreted with
an "AND" operation.
        </p>

        <pre class="example" title="">
{
  "query": [
    // "and"
    {
      "type": "QueryByExample",
      "credentialQuery": [
        // "or"
        {
          "required": false,
          ...
        },
        // "or"
        {
          "required": false,
          ...
        },
      ]
    },
    // "and"
    { ... }
  ]
}
        </pre>
      </section>
    </section>
  </section>

    <section class="normative">
      <h2>Interaction Types</h2>

      <p>
The <dfn>interaction type</dfn> serves as the main extension point mechanism for
ways of responding to a query.
      </p>

      <section>
        <h3>Mediated Presentation</h3>

        <p>
A mediated presentation service requires the use of an out-of-band
interface, for example, a person using a Web browser.
        </p>

        <pre class="example nohighlight" title="A mediated presentation service that uses a Web browser">
...
"interact": {
  "service": [{
    "type": "MediatedBrowserPresentationService2021",
    "serviceEndpoint": "https://degree.example/fill-out-forms?session=123456"
  }]
}
...
        </pre>
      </section>

      <section>
        <h3>OIDC Credential Provider</h3>

        <p>
A mediated presentation service that utilizes the Open ID Connect Credential
Provider interaction mechanism.
        </p>

        <pre class="example nohighlight" title="A mediated presentation service that uses the OpenID Connect Credential Provider protocol">
...
"interact": {
  "service": [{
    "type": "OpenIdConnectCredentialProviderService2021",
    "serviceEndpoint": "https://degree.example/authorize?response_type=code&scope=openid%20openid_credential&client_id=s6BhdRkqt3&state=af0ifjsldkj&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&credential_format=w3cvc-jsonld"
  }]
}
...
        </pre>
      </section>

      <section>
        <h3>DIDCommv2 Presentation</h3>

        <p>
A mediated presentation service that utilizes the DIDCommv2 interaction
mechanism.
        </p>

        <pre class="example nohighlight" title="A mediated presentation service that uses the DIDComm v2 Messaging protocol">
...
"interact": {
  "service": [{
    "id": "did:example:123456789abcdefghi#didcomm-1",
    "type": "DIDCommMessaging",
    "serviceEndpoint": {
      "uri": "http://example.com/path",
      "accept": [
        "didcomm/v2",
        "didcomm/aip2;env=rfc587"
      ],
      "routingKeys": ["did:example:somemediator#somekey"]
    }
  }]
}
...
        </pre>
      </section>

      <section>
        <h3>Unmediated Presentation</h3>

        <p>
An unmediated presentation service requires no out-of-band interfaces,
enabling fully-automated presentation processing.
        </p>

        <pre class="example nohighlight" title="An unmediated presentation service that utilizes HTTP">
...
"interact": {
  "service": [{
    "type": "UnmediatedHttpPresentationService2021",
    "serviceEndpoint": "https://degree.example/active-flows/123456"
  }]
}
...
        </pre>
      </section>

    </section>

    <section class="normative">
      <h2>Usage Scenarios</h2>

      <p>
This request query format is intended to be used in a variety of protocols and
usage scenarios.
      </p>

      <section class="informative">
        <h3>Browser - Credential Handler API (CHAPI)</h3>

        <p>
The <a href="https://w3c-ccg.github.io/credential-handler-api/">Credential
Handler API (CHAPI)</a> specification enables in-browser Javascript applications
to communicate with wallet providers for the purpose of issuing Verifiable
Credentials and requesting Verifiable Presentations. Interested implementers are
encouraged to look at the <a
href="https://github.com/digitalbazaar/credential-handler-polyfill">Credential
Handler Polyfill</a> repository for further discussion and examples.
        </p>

        <p>
        CHAPI is an extension of the
        <a href="https://www.w3.org/TR/credential-management-1/">Credential
        Management API</a>, and includes the following:

        <ul>
          <li><code>navigator.credentials.get(request)</code></li>
          <li><code>navigator.credentials.store(request)</code></li>
        </ul>
        </p>

        <p>
A VerifiablePresentation is used to both store or present VerifiableCredentials.
When storing a VerifiableCredential, the VerifiablePresentation does not need to
be signed.
        </p>

        <section class="informative">
          <h4>WebCredential</h4>

          <p>
CHAPI provides a single derived class, the <code>WebCredential</code> that forms
the basis for any sort of credential data that is provided over the Web, i.e.,
via a "Credential Handler" that a origin has registered in the user's browser
when the user visited that origin's website. Note that CHAPI provides an
optional <code>recommendedHandlerOrigins</code> feature for any credential
storage request to allow a Relying Party (aka issuer) to suggest one or more
digital wallets to help the user store the credential. This is particularly
helpful if the user has no wallet yet. The listed origins must have a
`manifest.json` file with a valid `credential_handler` entry in order to
be used by CHAPI.
          </p>

          <pre class="example nohighlight" title="Creating a WebCredential instance.">
// optionally include `recommendedHandlerOrigins` so the user can choose an
// applicable wallet if they don't have one yet:
const options = {
  recommendedHandlerOrigins: [
    'https://wallet.example'
  ]
};
const webCredential = new WebCredential('VerifiablePresentation', {
  '@context': 'https://www.w3.org/2018/credentials/v1',
  ...presentation,
  options
});
          </pre>
        </section>

        <section class="informative">
          <h4>Requesting and Storing Credentials</h4>

          <p>
Using CHAPI, a web application can <code>get()</code> and <code>store()</code>
credentials without knowing anything about the user's wallet. This is
intentional; for privacy reasons, the client app must not be able to query any
information (without user consent) about which wallets or credential handlers a
user may have installed (otherwise, fingerprinting and other attacks would be
possible).
          </p>

          <h4>get()</h4>

          <p>
A web app (a Relying Party or verifier) can request a credential using
<code>credentials.get()</code> during a user gesture event, for example when
the user pushes a button on a page that requires identity attributes or
authentication. Note that CHAPI provides an optional
<code>recommendedHandlerOrigins</code> feature for any credential
request (not specific or restricted to VPR) to allow a Relying Party
(aka verifier) to suggest one or more digital wallets to help the user
complete the request. This is particularly helpful if the user has no
wallet yet. The listed origins must have a
`manifest.json` file with a valid `credential_handler` entry in order to
be used by CHAPI.
          </p>

          <pre class="example nohighlight" title="Example get() request.">
const credentialQuery = {
  web: {
    VerifiablePresentation: {
      query: {
        type: 'QueryByExample',
        credentialQuery: {
          // an optional reason for requesting this credential that
          // may be shown to a user by their wallet software
          reason: 'We need you to prove your eligibility to work.',
          example: {
            '@context': [
              'https://www.w3.org/2018/credentials/v1',
              'https://w3id.org/citizenship/v1'
            ],
            type: 'PermanentResidentCard'
          }
        }
      },
      // a 128-bit randomly generated value encoded as a string (use a UUID);
      // it will be digitally signed in the authentication proof
      // that will be attached to the VerifiablePresentation response
      challenge: '3182bdea-63d9-11ea-b6de-3b7c1404d57f',
      // the domain that must be digitally signed in the authentication
      // proof that will be attached to the VerifiablePresentation
      // response, identifying the recipient
      domain: 'jobs.example.com'
    },
    // optionally include credential handler origins to recommend to
    // the user if they have no wallet or may want to choose one
    // the RP recommends; this is an optional CHAPI feature, it is not
    // specific to VPR
    recommendedHandlerOrigins: [
      'https://wallet.example'
    ]
  }
};
const webCredential = await navigator.credentials.get(credentialQuery);

if(!webCredential) {
  console.log('no presentation received');
}

// Response:

null // if the user cancels

// or a WebCredential with these attributes/values:
{
  "type": "web",
  "dataType": "VerifiablePresentation",
  "data": {
    // Verifiable Presentation goes here, containing the credentials
    // that the user agreed to share
  }
}

const {data: presentation} = webCredential;
// send `presentation` to server for forwarding to verifier API
          </pre>

          <pre class="example nohighlight" title="Example interact request.">
// requesting DID Authentication that can be performed at the given `interact`
// service endpoint; the endpoint may respond to the DID Authentication
// response with another VPR or a VP with credentials
const credentialQuery = {
  web: {
    VerifiablePresentation: {
      query: {
        "type": "DIDAuthentication",
        "acceptedMethods": [{"method": "example"}]
      },
      challenge: '3182bdea-63d9-11ea-b6de-3b7c1404d57f',
      domain: 'jobs.example.com',
      interact: {
        service: [{
          type: "UnmediatedPresentationService2021",
          serviceEndpoint: "https://example.edu/exchangers/z238348134/exchanges/z872347234"
        }]
      }
    },
    // optionally include credential handler origins to recommend to
    // the user if they have no wallet or may want to choose one
    // the RP recommends; this is an optional CHAPI feature, it is not
    // specific to VPR
    recommendedHandlerOrigins: [
      'https://wallet.example'
    ]
  }
};
const webCredential = await navigator.credentials.get(credentialQuery);

if(!webCredential) {
  console.log('user canceled');
}

// Response:

null // if the user cancels

// or a WebCredential with these attributes/values:
{
  "type": "web",
  // wallet responded to the request out-of-band
  "dataType": "OutOfBand",
  "data": null
}
          </pre>

          <h4>store()</h4>

          <p>
A web app (for example, a credential issuer such as a university or institution)
can ask to store a credential during a user gesture event, for example when the
user pushes a button to receive a credential.
          </p>

          <pre class="example nohighlight" title="Example store() request.">
const result = await navigator.credentials.store(webCredential);
if(!result) {
  console.log('store credential operation canceled');
}

// Response:

null // if the user cancels

// or a WebCredential with these attributes/values:
{
  "type": "web",
  "dataType": "VerifiablePresentation",
  "data": {
    // Verifiable Presentation goes here, optionally containing the
    // credentials that the user agreed to store (can be an empty
    // presentation or `null`, but this does not indicate cancelation)
  }
}
          </pre>

        </section>
      </section>
    </section>

    <section class="informative">
      <h2>Security and Privacy Considerations</h2>

      <p>
There are a number of security and privacy considerations that implementers
will want to take into consideration when implementing this specification.
      </p>

      <section class="informative">
        <h3>Consideration</h3>

        <p>
TBD
        </p>
      </section>
    </section>

  <section class="appendix informative">
    <h2>Acknowledgements</h2>

    <p>
The Working Group would like to thank the following individuals for reviewing
and providing feedback on the specification (in alphabetical order):
    </p>

    <p>
TBD...
    </p>
  </section>
  </body>
</html>