-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(docs): Add general docs & code docs & CI
- Loading branch information
Showing
37 changed files
with
1,222 additions
and
129 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| name: Generate Dokka Documentation HTML | ||
|
|
||
| defaults: | ||
| run: | ||
| shell: bash | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
|
|
||
| concurrency: | ||
| group: ${{ github.head_ref }}${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| env: | ||
| JAVA_VERSION: 11 | ||
| NODEJS_VERSION: 16.17.0 | ||
| ATALA_GITHUB_ACTOR: ${{ secrets.ATALA_GITHUB_ACTOR }} | ||
| ATALA_GITHUB_TOKEN: ${{ secrets.ATALA_GITHUB_TOKEN }} | ||
|
|
||
| jobs: | ||
|
|
||
| build: | ||
| strategy: | ||
| matrix: | ||
| include: | ||
| - os: ubuntu-latest | ||
| os-type: linux | ||
| fail-fast: false | ||
| runs-on: ${{ matrix.os }} | ||
| steps: | ||
| - name: Checkout the repo | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Validate Gradle Wrapper | ||
| uses: gradle/wrapper-validation-action@v1 | ||
|
|
||
| - name: Cache gradle | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: | | ||
| ~/.gradle/caches | ||
| ~/.gradle/wrapper | ||
| ~/.konan | ||
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-gradle- | ||
| - name: Install Java ${{ env.JAVA_VERSION }} | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: ${{ env.JAVA_VERSION }} | ||
| distribution: 'zulu' | ||
|
|
||
| - name: Install NodeJS ${{ env.NODEJS_VERSION }} | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: ${{ env.NODEJS_VERSION }} | ||
|
|
||
| - name: Build | ||
| run: | | ||
| ./gradlew build | ||
| - name: Upload the build report | ||
| if: always() | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| path: "**/build/reports/" | ||
| name: report-${{ matrix.os-type }} | ||
|
|
||
| - name: Dokka Documentation Generation | ||
| run: | | ||
| ./gradlew :atala-prism-sdk:dokkaHtml | ||
| - name: Upload Documentation | ||
| if: always() | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| path: "**/build/dokka/" | ||
| name: Docs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| # Package io.iohk.atala.prism.walletsdk.apollo | ||
|
|
||
| Apollo is a suite of cryptographic primitives designed to ensure the integrity, authenticity, and confidentiality of stored and processed data. These primitives provide a provably secure way to protect sensitive information, and they can be used in a wide range of applications. | ||
|
|
||
| ## Cryptographic Primitives for Data Security | ||
|
|
||
| ### Hashing | ||
|
|
||
| One of the basic building blocks of cryptography is the cryptographic hash, which ensures data integrity. Hashing is frequently used to build more complex schemes, such as Merkle trees or digital signatures. Hashes can be used independently to ensure the integrity of large chunks of data or as a fundamental commitment scheme. | ||
|
|
||
| ### Digital Signatures | ||
|
|
||
| Digital signatures are the equivalent of handwritten signatures in the digital world. Owners of private signing keys create signatures, and anyone can check their validity with the corresponding public verification key. Most credentials carry a signature by their issuer. Digital signatures are used to ensure the authenticity and integrity of data. | ||
|
|
||
| ### Symmetric Encryption | ||
|
|
||
| Symmetric encryption allows parties to exchange information while maintaining its secrecy. Given a symmetric key shared between parties, they can communicate securely. Symmetric encryption is an essential component for building secure communication channels. | ||
|
|
||
| ### Public-Key Encryption | ||
|
|
||
| Public-key encryption uses a public encryption key to encrypt data so that only the owner of the corresponding private key can decrypt it. Public-key encryption is mainly used to encrypt symmetric keys or other (short) cryptographic values because of the high computational costs. | ||
|
|
||
| ### Accumulators | ||
|
|
||
| Cryptographic accumulators allow for the accumulation of multiple values into one. Merkle trees are the most common type of accumulator used in the cryptocurrency domain. Accumulators make it possible to check (and prove) whether a given value has been accumulated. | ||
|
|
||
| ### MAC | ||
|
|
||
| Message Authentication Codes are a type of symmetric equivalent of digital signatures. If two users share a symmetric key, they can use MAC algorithms to ensure the authenticity of their exchange messages. The main difference between MACs and digital signatures is that MACs do not provide non-repudiation. | ||
|
|
||
| ### Key Exchange | ||
|
|
||
| Key exchange protocols enable two or more parties to securely negotiate a symmetric key, even if they only know each other’s public keys. Key exchange protocols are used to establish secure communication channels. | ||
|
|
||
| Using the Apollo suite of cryptographic primitives, developers can build secure and provably secure applications that protect sensitive data from unauthorized access, tampering, or theft. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| # Module AtalaPrismSDK | ||
|
|
||
| Atala PRISM KMP SDK is a library and documentation that helps developers build KMM/JVM/Android SSI (self-sovereign identity) applications with Atala PRISM. This documentation will explain how to use the SDK in your project, how to prepare your development environment if you wish to contribute, and some fundamental considerations around the project. | ||
|
|
||
| ## What is Atala PRISM? | ||
|
|
||
| Atala PRISM is a self-sovereign identity (SSI) platform and service suite for verifiable data and digital identity. Built on Cardano, it offers the core infrastructure for issuing DIDs and verifiable credentials alongside tools and frameworks to help expand your ecosystem. | ||
|
|
||
| ## Technical Considerations | ||
|
|
||
| The architecture of the SDK results from a careful evaluation of different software development methodologies and patterns. We chose a modular, clean architecture based on interface/protocol-oriented programming, domain-oriented programming principles, and dependency injection for several reasons that we will explain in this document. | ||
|
|
||
| ### Overview | ||
|
|
||
| #### Modular Clean Architecture | ||
|
|
||
| Modular clean architecture is a software development methodology that emphasizes separating concerns and the creation of independent modules that can be easily tested and maintained. This approach promotes using small, reusable components that can be combined differently to create larger systems. The SDK architecture uses this approach to ensure that each module can be developed and tested independently, reducing the risk of bugs and improving the overall quality of the code. | ||
|
|
||
| #### Interface/Protocol-Oriented Programming | ||
|
|
||
| Protocol-oriented programming is a programming paradigm that focuses on the behaviour of objects rather than their structure. This approach promotes the use of protocols to define the behaviour of objects, allowing for more flexible and extensible code. The SDK architecture uses this approach to ensure the different modules can work together seamlessly, regardless of the underlying implementation details. | ||
|
|
||
| #### Domain-Oriented Programming | ||
|
|
||
| Domain-oriented programming is a programming paradigm that focuses on a system's domain-specific requirements rather than the implementation's technical details. This approach promotes the use of domain-specific models and concepts, which can simplify the development process and improve the maintainability of the code. The SDK architecture uses this approach to ensure that the different modules are designed around the specific needs of decentralized identity management, making it easier for developers to build decentralized applications that are secure and scalable. | ||
|
|
||
| #### Dependency Injection | ||
|
|
||
| Dependency injection is a programming pattern that promotes loose coupling between different system components. This approach encourages the use of interfaces and dependency injection containers to ensure that each element can be developed and tested independently without relying on the implementation details of other components. The SDK architecture uses this approach to ensure that each module can be developed and tested separately, making it easier for developers to add new functionality to the system without affecting the existing code. | ||
|
|
||
| ## Building Blocks | ||
|
|
||
| The building blocks are the core components of Atala PRISM, and they are designed to work together seamlessly to provide a comprehensive identity management solution. | ||
|
|
||
| ### Overview | ||
|
|
||
| Each building block serves a specific purpose, providing a solid foundation for building decentralized identity applications. | ||
|
|
||
| Let's take a closer look at each building block: | ||
|
|
||
| - **Apollo**: Apollo is a building block that provides a suite of cryptographic operations. This includes secure hash algorithms, digital signatures, and encryption, all essential for creating a safe and tamper-proof identity system. Apollo ensures that all data within the Atala PRISM system is securely encrypted and digitally signed, making it resistant to tampering and unauthorized access. | ||
| - **Castor**: Castor is a building block that provides a suite of decentralized identifier (DID) operations in a user-controlled manner. DIDs are a vital component of decentralized identity, as they provide a way to uniquely identify individuals and entities in a decentralized manner. Castor allows users to create, manage, and control their DIDs and associated cryptographic keys. | ||
| - **Pollux**: Pollux is a building block that provides a suite of credential operations in a privacy-preserving manner. Credentials are a way to prove claims about an individual or entity, and they are an essential part of decentralized identity. Pollux allows users to create, manage, and share credentials in a privacy-preserving way to ensure that sensitive information is not revealed. | ||
| - **Mercury**: Mercury is a building block that provides a set of secure, standards-based communications protocols that are transport-agnostic and interoperable. Mercury allows different Atala PRISM components to communicate securely using HTTP, WebSocket, and MQTT protocols. | ||
| - **Pluto**: Pluto is a building block that provides an interface for storage operations in a portable, storage-agnostic manner. Pluto allows data to be stored and retrieved in a way independent of the underlying storage technology, allowing Atala PRISM to work with various storage solutions. | ||
|
|
||
| Together, these building blocks provide a solid foundation for building decentralized identity applications that are secure, privacy-preserving, and interoperable. Using Atala PRISM, developers can focus on creating innovative identity solutions without worrying about the underlying infrastructure. | ||
|
|
||
| ### Prism Agent | ||
|
|
||
| Prism Agent is a comprehensive library that combines all the Prism platform's building blocks - Apollo, Castor, Pluto, Mercury, and Pollux - to provide a seamless experience for developers working with decentralized identifiers (DIDs) on the Prism platform. | ||
|
|
||
| ## Documentation | ||
|
|
||
| #### General information and articles | ||
|
|
||
| - [Getting Started](https://docs.atalaprism.io/docs/getting-started) | ||
| - [What is identity?](https://docs.atalaprism.io/docs/concepts/what-is-identity) | ||
| - [Digital wallets](https://docs.atalaprism.io/docs/concepts/digital-wallets) | ||
| - [Atala PRISM Overview](https://docs.atalaprism.io/docs/atala-prism/overview) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Package io.iohk.atala.prism.walletsdk.castor | ||
|
|
||
| Castor is a powerful and flexible library for working with DIDs. Whether you are building a decentralised application or a more traditional system requiring secure and private identity management, Castor provides the tools and features you need to easily create, manage, and resolve DIDs. | ||
|
|
||
| ## A Decentralised Identifier (DID) Library | ||
|
|
||
| Castor is a powerful and versatile library that provides a suite of decentralised identifier (DID) operations. It enables developers to create, manage, and resolve standards-based DID in a user-controlled manner. Castor is designed to be flexible and easy to integrate into various decentralised applications and systems. | ||
|
|
||
| Decentralised Identifiers (DIDs) are new identifier that allows individuals and organisations to create and manage their own digital identity. DIDs provide a secure, decentralised, and privacy-preserving way to authenticate and verify identity without relying on centralised authorities or intermediaries. Castor allows developers to leverage the power of DIDs by providing a simple and efficient way to create, manage, and resolve them. | ||
|
|
||
| Castor supports creating and resolving two types of DIDs out of the box: prism and peer. | ||
|
|
||
| With Castor, developers can create and manage DIDs, generate and manage their associated public and private keys, and resolve DIDs to retrieve related data. Castor also provides a range of advanced features, such as support for multiple key types and encryption methods and a flexible API for customising and extending its functionality. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Package io.iohk.atala.prism.walletsdk.mercury | ||
|
|
||
| Mercury is a powerful and flexible library for working with decentralized identifiers and secure communications protocols. Whether you are a developer looking to build a secure and private messaging app or a more complex decentralized system requiring trusted peer-to-peer connections, Mercury provides the tools and features you need to establish, manage, and secure your communications easily. | ||
|
|
||
| ## A Secure Communications Protocol SDK for DIDs | ||
|
|
||
| Mercury is a comprehensive library that provides a set of secure, standards-based communications protocols for establishing and managing trusted, peer-to-peer connections and interactions between decentralized identifiers (DIDs). Mercury is designed to be transport-agnostic and interoperable. It can be used across a wide range of communication channels and platforms. | ||
|
|
||
| DIDCommV2 is a secure, privacy-preserving messaging protocol that securely and efficiently exchanges information between DIDs. Mercury supports a range of DIDCommV2 operations, including pack encrypted and unpack, which enables users to securely transmit and receive messages across the network. | ||
|
|
||
| With Mercury, developers can easily establish and manage trusted, peer-to-peer connections between DIDs, allowing for secure and private communication across various platforms and use cases. Mercury provides the tools and features you need to get the job done, whether you are building a messaging app, a decentralized social network, or any other application that requires secure and private communications. | ||
|
|
||
| Mercury also provides a range of advanced features, including support for message threading, priority levels, and message expiration and support for a range of transport protocols, including HTTP. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| # Package io.iohk.atala.prism.walletsdk.pluto | ||
|
|
||
| Pluto is a powerful and flexible data storage interface library for working with decentralized identifiers. Whether you are building a decentralized application that requires secure and private data storage or working with a more traditional system that requires reliable and redundant storage for your DID-related data, Pluto provides the tools and features you need to do the job with ease. | ||
|
|
||
| ## A Secure DID Data Storage Interface Library | ||
|
|
||
| Pluto is a versatile and secure data storage interface library that provides developers with an easy way to store, manage, and recover verifiable data linked to decentralized identifiers (DIDs). Pluto is designed to be storage-agnostic. It can be used with many storage systems, from traditional databases to decentralized storage networks. | ||
|
|
||
| Pluto supports a range of storage operations, including DID storage (including DIDPair), private key secure storage, DIDComm message storage, and mediator storage. This allows developers to easily store and manage a wide range of DID-related data, from basic identity information to more complex message and mediation records. | ||
|
|
||
| The default implementation of Pluto includes a secure and robust storage backend that uses Core Data and Keychain to secure sensitive items. This means that developers can easily leverage the robust security features of these frameworks without having to write complex code to manage the storage of sensitive data. | ||
|
|
||
| With Pluto, developers can easily store and manage verifiable data linked to DIDs securely and privately. Pluto provides a range of advanced security features, including support for private key storage and encryption and support for multiple storage backends for added redundancy and resilience. | ||
|
|
||
| Pluto also supports a range of DID-related data types, including DIDPairs, which store the public and private keys associated with a DID, and DIDComm messages, which store the encrypted messages sent and received between DIDs. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # Package io.iohk.atala.prism.walletsdk.pollux | ||
|
|
||
| A credential contains a set of claims about the subject of the credential. Those claims are made by a single authority called the credential issuer. The entity (person, organization) to whom the credential is issued, i.e., the one who keeps it in their digital wallet, is called the credential holder. Apart from claims, the credential contains the subject identifier (DID) to whom the credential is issued. | ||
|
|
||
| - **Verifiable Credential**: a digital credential that can be cryptographically signed and verified. | ||
| - **Issuer**: The entity that issues VCs to holders | ||
| - **Holder**: The entity that is currently holding the VC | ||
| - **Subject**: An entity to which the credential is issued. Often the holder will be the subject of the credential. | ||
| - **Verifier**: An entity that receives and verifies the credential validity and credential ownership of the holder if necessary | ||
| - **Wallet**: a hardware/software that enables an issuer to manage credentials (create them, issue, revoke), a holder to receive and store credentials, and a verifier to verify them. A single wallet application can support all the functions. | ||
|
|
||
| There can be wallets for issuers, holders, and verifiers, accessible via mobile/ web apps, browser extensions, or desktop applications. The wallet can enable the functionality of all parties (Issuer, verifier, holder) or be intended to be used by only one party. One entity (person, organization) can be an issuer, verifier, or holder in different scenarios if their wallet supports all these functionalities. |
Oops, something went wrong.