Milestone 7

What's New

We've got good news and bad news. The bad news is that we encountered a failure in the twfido API service while integrating the revocation feature, and it remains down. The good news is that I've created a mock twfido to bypass this issue and successfully integrate the revocation feature! With this, we now have revocation functionality for both Ethereum accounts and Semaphore identities. This means we've achieved all the functionalities we initially set out to accomplish.

What's Next

According to our grant plan, I will transition to a consulting role to assist our partner
@AwespireTech in showcasing how this identity system can be utilized to demonstrate the applications of Decentralized Identifiers. I'll also dedicate personal time to improve documentation and pay down some of the technical debt accrued from rapid development.

Demo Video

As always, we've got a demo video to show off our progress. Check out the demonstration below:

tw-did-revocation-720p.mp4

Milestone 6

What's New

This Milestone completes almost the last piece of the puzzle. We've transitioned from using mock data to implementing a real signing mechanism; all Credentials are now backed by actual data. Specifically, users can now download Verifiable Credentials for both Ethereum and Semaphore upon completing the registration process. The existing interface for Verifiers, previously populated with mock data, now allows selection of these real Credentials.

It's worth noting that credential selection on issuer website is not ideal, as we aim for a verification process that doesn't require the issuer's involvement. We hope to have the opportunity to store our issued Verifiable Credentials in another W3C DIDs-compatible wallet software in the future.

What's Next

The final piece left is the Revocation mechanism, which we expect to complete in about a week. This will mark the completion of all our initial objectives. Of course, bug fixes and performance improvements will follow.

Demo Video

As always, we've included a demo video. It covers everything from the registration process to verification of Verifiable Credentials on a third-party website.

tw-did-select-credentials.mp4

Milestone 5.5

Quick Overview

The main focus of this Milestone is the integration of our new visual design. Special thanks to @AwespireTech's @fjwntut for implementing the new visual design's React UI components! Most features are now operational, although there may be some bugs. We plan to address these minor issues once all functionalities are fully integrated.

Upcoming Work

The next step is to switch the "select credentials" feature from mock data to actual data. This means that we will need to set up an Ethereum account to act as an issuer for signing, as well as add some new APIs and modify the logic to use real data. The final "revocation" feature will be completed in the milestone after next. Once these functionalities are in place, the core features will be largely complete.

Demo Video

Lastly, we're excited to share a demonstration video. This video showcases the new visual design integrated into the twfido mobile app, including the login process, Sign-in With Ethereum (SIWE), and the generation of semaphore identity 🎉

tw-did-visual-ui.mp4

Milestone 5

Quick Overview

This milestone mainly focuses on the integration with TwFido as we've now received the API key from government. We've implemented a TwFidoApiClient that works in both Node.js and browser environments. Additionally, a new Passport strategy (passport-twfido) has been developed to easily plug TwFido into our existing Passport.js framework. Two login methods via TwFido have also been integrated: push notifications and QR code scanning.

Detailed Updates

• TwFidoApiClient: Created a new API client that can run on Node.js and browser environments for TwFido integration.
• passport-twfido: Built a new strategy based on passport-local, enabling TwFido integration through Passport.js.
• Login Methods:
  • Added support for login via TwFido push notifications.
  • Added support for login via QR code scanning through TwFido app.

Upcoming Work

We have three main tasks ahead: updating the visual design, transitioning the credential selection from mock data to real data, and implementing revocation. Our visual design has been completed, and engineers from our partner AwespireTech have implemented the UI components. To facilitate smoother integration, our next update will focus on the Visual Design enhancements.

Demo Video

For this demo, we've used a MacBook camera to capture the mobile screen due to the necessity of including mobile views. While the result may not be ideal, it should be enough in highlighting the differences between the two user authentication mechanisms.

Login via push notification

tw-did-notification-login-1080p.mp4

Login via qrcode

tw-did-qrcode-login-1080p.mp4

Milestone 4

Quick Overview

In this release, we've mainly focused on implementing the registration flow. A new project server has been added, powered by Nest.js and Passport. Features like registration, login, and Sign-in with Ethereum (SIWE) following the EIP-4361 standard are now available. JWT is utilized for login validation. In collaboration with the Semaphore team, we use explicit messages as input and generate Semaphore identity through personal_sign. Lastly, all data are stored using MongoDB.

Detailed Updates

• Implemented registration and login using Nest.js and Passport.
• Introduced Sign-in with Ethereum (SIWE) conforming to EIP-4361.
• JWT for login state validation.
• Decision to use personal_sign for generating Semaphore identity after discussions with Semaphore team.
• Data storage accomplished through MongoDB.

Upcoming Work

• Current "select credentials" still rely on mock data; will be updated with real information.
• Integration with a key for issuing credentials within the system is in progress.
• Waiting for government-supplied TW-FIDO API integration keys (anticipated to require extensive communication).
• Implementation of "revocation" feature is in the pipeline.

Demo Video

For a clearer understanding of the new features, this video will walk you through the process from registration to SIWE, as well as generating a Semaphore identity. All these interactions now require JWT for user verification, and all data are saved into the database.

We hope this video serves as a helpful guide to better acquaint you with the latest functionalities.

tw-did-register.mp4

Milestone 3.5

Quick Summary

we've completed the integration of Semaphore with W3C Verifiable Credentials (VCs)! This release allows users to generate an Identity in the browser and then use it to verify their membership in a specific Semaphore group. While the process involves some server interaction, the verifier and issuer won't know the identity of the credential holder.

Key Achievements

• Semaphore and Verifiable Credentials: The newly implemented functionality lets users prove they are part of a Semaphore group in the form of a Verifiable Credential.
• Minimal Server Interaction: During the proof and verification process, only group public information is retrieved from the server, maintaining user privacy.

Challenges Faced

The journey wasn't smooth; the main issue was insufficient examples from Veramo, requiring us to read source code alongside coding. Some packages are Node.js exclusive, making it incompatible for browser environments, which ate up significant development time. However, we've managed to pull it off!

Call for Review (Soon!)

We'd like to invite everyone to review our work for potential improvements. Given that our current codebase is rather large and not very review-friendly, we plan to release a simplified example focusing solely on the Veramo and Semaphore integration in a few days. Until then, I'll be taking a few days off until Monday 🏖️

semaphore-did-demo.mp4

Milestone 3

Quick Summary

We finished the last milestone ahead of schedule, granting us an extra week for this one. However, this time we faced several challenges that hindered our progress. We've completed the verification process and examples for Ethereum-based credentials, but unfortunately, the Semaphore part remains incomplete.

Key Achievements

• Ethereum Verification Sample: This allows our partners to proceed with verification-related tasks without any obstacles from our end.
• Integration with Veramo: The Veramo project is still in its early stages, so much of the integration was done through reading the source code. Despite the challenges, we've successfully integrated it.
• Cypress Test Setup: We used Cypress to outline our goals and eventually confirm that we've met them, providing valuable experience for future acceptance testing.

What We Missed

We didn't complete the Semaphore verification example as initially planned. The primary reason for this is that we underestimated the difficulties we would encounter during development, such as the lack of sufficient examples from Veramo. We chose popular development tools but failed to account for the time needed for learning and debugging. Nevertheless, the challenges we faced provided a valuable learning experience for smoother developments in the future.

Preview of the Project

Below is a video showing the current state of the project. I know -- it looks like just an EIP712 signature, but it's actually a signature format compliant with W3C DID and Verifiable Credential/Presentation standards. Although the current results are simple, they will become more formal as we start integrating TW FidO and implementing visual design 😎

sample-verifier.mp4

Milestone 2

Milestone 2 Quick Summary 🚀

1. Framework: Adopted nx for monorepo setup.
   • libs: Reserved for future shared libraries.
   • apps: Currently hosts sample; will include frontend & API backend.
2. Spec & Testing:
   • Used Cucumber for "Executable Specs".
   • For E2E testing, we're using cypress.
3. Requirements: Check document.
4. GitHub Actions Status:
   • Red = Pending tasks.
   • They will turn green once acceptance tests pass. Status here.