IBM’s Trusted Identity team has just released its first public-facing proof-of-concept on top of a promising open-source project, Hyperledger Indy. Our PoC demonstrates a simple use case for verifiable credentials. The demo shows how a self-sovereign identity (SSI) can obtain credentials from an issuer and supply these credentials to a verifier in response to a proof request, thus providing a verifiable proof. Though just a small example of how verifiable credentials are exchanged in a Hyperledger Indy environment, it’s a great way to learn and start planning your own solution using verifiable credentials.
Don’t rush to build
Looking to build something like this yourself? I’m afraid you’ve bitten off a lot. The Indy bootstrapping process, to put it bluntly, is pretty bad. Even connecting a client to a sandbox Indy network to play around requires installing a CLI to generate a “pool ledger” on the local file system that you can import into your client using the SDK. The path from nothing to querying a single node (not one someone else is already hosting) for the status of the ledger is a long one. There’s no
curl http://peer1:4321/transactions/0 here.
So unless you want to get bogged down trying to bootstrap a pool of nodes or create something useful on top of Indy’s SDK, you’re going to need to partner with someone who has already developed a working sandbox with some simple app. We partnered with the Government for the Province of British Columbia, as they were already doing some pretty innovative work around verifiable organizations on top of Indy. They offered to let us use their early demo code as a place to start.
The demo that the British Columbia government shared with us consists of three main components: Von Network, Org Book, and Permitify. We had everything we needed. The demo represented a real-world business use case that was running on Indy, and it was actually creating entries on the ledger and verifying credentials, not just mocking them up. It also had open-source components for future projects;
von-connector is, in my opinion, just about the same code that anyone using the Python Indy SDK would end up writing themselves.
The Hyperledger Indy getting-started tutorial walks you through the process of using verifiable credentials. The scenario is described better in our repository, but it’s essentially a story about a recent college graduate acquiring the necessary credentials to apply for a loan. The Indy tutorial uses the Indy CLI, but we thought the scenario would be easier to grasp if we converted the CLI operations into a set of user-friendly web pages where users could click buttons to acquire these credentials and really “see” the scenario come to life. We decided the fastest path to accomplishing this mission would be to transform the British Columbia government’s demo in two ways:
- We adapted Org Book into a sort of user portal for the Alice persona from the Indy tutorial by reworking the styling on the pages and creating a “recipe” based on the Indy tutorial.
- We rebranded the Permitify issuers as issuers from the tutorial: Faber College, Acme Corp., and Thrift Bank.
I’d recommend following those steps if you’d like to build you own demo off of ours. The “recipe” in Org Book is really just a list of the Permitify issuers that Org Book will guide the user through. On the Permitify side, there is a directory of template config files that, when paired with the right html and css files, will generate the containers for the issuers you’ll want for your use case. Again, give the repository README a close read for more details.
Overall, things went smoothly for us, and we had a short runway to produce the demo. After all, most of our work was just rebranding, with minimal changes needed at the Indy layer. Dependencies did slide around on us a few times, which meant debugging builds that were suddenly and mysteriously broken. We also discovered that the demo code was not built to support more than one call to the sandbox node pool at a time, which was a problem because we were planning to post a public instance of the demo to show our clients.
Thankfully, we got past all those barriers without too much trouble, and the demo turned out to be a success for us. It’s not elegant; early PoCs rarely are. It’s a start, though, and it gives us something to talk to while we work on bigger, better projects behind the scenes. I hope it helps you do the same.