Read about our recent  Projects Development Milestones and Hyperledger Global Forum 2022!➤

Skip to main content
Hyperledger Foundation
search
Menu
  • Learn
    • Case Studies
    • White Papers
    • Training & Certification
    • Training Partners
    • Webinars
    • Research
    • Blockchain Showcase
    • Wiki
  • Use
    • Distributed Ledgers
    • Domain-Specific
    • Libraries
    • Tools
    • Tutorials
    • Hyperledger Certified Service Providers
    • Vendor Directory
  • Participate
    • Collaboration Tools
    • Contribute to Coding
    • Academic Collaboration
    • Find a Meetup
    • Regional Communities
    • Speakers Bureau
    • Join a Community Group
    • Labs
  • Events
  • News
    • Blog
    • Announcements
    • Newsletter
  • About
    • Join Hyperledger
    • Members
    • Leadership
    • Charter
    • Job Board
    • Contact Us
  • Join Now
  • English
    • 简体中文
    • Português
    • Français
    • Español
    • Malayalam
    • 日本語
  • search
Close Search
Category

Hyperledger Aries

Apr 06
Love0

Call for Applications: 2022 Hyperledger Mentorship Program

By Hyperledger Blog, Hyperledger Aries, Hyperledger Besu, Hyperledger Bevel, Hyperledger Cactus, Hyperledger Fabric, Hyperledger Indy, Hyperledger Mentorship Program, Hyperledger Ursa

Want to jump start a career in blockchain development? Ready to build hands-on skills developing leading-edge open source technologies? Looking to work directly with mentors who are invested in you and your work? Then the Hyperledger Mentorship Program is for you. 

Now in its sixth year, the Hyperledger Mentorship Program provides a structured and guided learning opportunity for anyone, at any career stage, looking to get started in the open source movement. With full and part time options, fully remote work and a stipend, the projects are designed to be a pathway to becoming a contributor to the Hyperledger community that work for students, people in career transition and anyone else who wants to develop or sharpen their knowledge of cutting-edge blockchain technologies. Applications are now open.

This year, the Hyperledger Mentorship Program has grown to 30 planned part and full-time projects covering a range of technologies, challenges and technical difficulty levels and includes non-development projects such as Ecosystem Analysis and Developer Marketing. Each project is designed and proposed by active members of the Hyperledger community. Those who propose the projects serve as the mentors and work closely with their mentees on developing a project plan, setting milestones and solving problems. Mentees can expect regular evaluations and feedback. For more about the program, including the schedule and stipend details, go here.

Over the last five years, more than 70 mentees have completed Hyperledger Mentorship projects. Each of these mentees have made concrete contributions to Hyperledger projects and built important connections in the community. Some, like Bertrand Rioux, have gone on to become mentors themselves:

“I was accepted into the Hyperledger mentorship program last year after seeking a community to help advance my professional goals of developing software for climate action. I was fortunate to find a diverse group of mentors that helped me build the knowledge and skills I needed to effectively contribute to the Hyperledger open source community and to have the opportunity to develop technical expertise in a field I was actively working in. In addition to delivering a secure identity management solution for a Hyperledger Fabric Network, I started contributing my own ideas to the open source operating system for climate action. As a result, I am now taking a leadership role in the community. In addition to serving as mentor in this year’s program, I proposed a project on reducing waste emission in the oil & gas industry that was accepted.” – Bertrand Rioux, Independent Energy Consultant and Mentor for the Multiple Data Integration to Hyperledger Fabric Climate Accounting Network project

To learn more about the Hyperledger Mentorship experience and outcomes, check out these  spotlights on last year’s projects with highlights from both the mentors and mentees.

Read on for descriptions of some of the projects planned for this year:

Multiple Data Integration to Hyperledger Fabric Climate Accounting Network

The Hyperledger Labs blockchain-carbon-accounting project includes a Hyperledger Fabric network for recording the carbon and Greenhouse Gas (GHG) emissions that cause climate change.  Since there are many activities that cause such emissions, the network is designed to accept data from multiple sources of measurements.  In this project, we will demonstrate integrations from measurement sources with blockchain networks by integrating the ThoughtWorks cloud computing emissions calculator, the NREL OpenPath mobile application, and other web- and mobile-based API’s sources to turn instrumented readings into emissions measurements. It will leverage previous projects involving Hyperledger Cactus, Vault security engines, and client security for Hyperledger Fabric.

The expected outcomes of this project are

  • Successful integration of the mobile apps and API’s with Hyperledger Fabric
  • Benchmark comparison of Hyperledger Fabric and alternatives
  • Documentation and tutorials for integrating future data sources

Demonstrate Interoperability using Hyperledger Bevel and Cactus

Hyperledger Cactus support ledger Interoperability but use a local deployment for testing; Hyperledger Bevel supports production-worthy deployments. This project aims to support Cactus deployment using Bevel to demonstrate production-like usage of Hyperledger Cactus. 

The steps will be following:

  1. Deploy a Hyperledger Fabric network using Bevel on a Managed Kubernetes cluster
  2. Deploy a GoQuorum network using Bevel on a Managed Kubernetes cluster (can be the same cluster for simplicity).
  3. Make changes in Hyperledger Bevel code to deploy the Cactus connectors in both the above networks.
  4. Run Cactus test cases.

The expected outcomes of this project are

  • Successful Interoperability testing using Cactus on  production like DLT networks.
  • Update to Hyperledger Bevel code to automatically deploy the Cactus plugins.
  • Update to Documentation of Bevel and Cactus.
  • Detailed tutorials and learning materials which would benefit Bevel and Cactus communities.

Hyperledger Fabric-Ethereum token bridging

One of the key use cases of blockchain integration is asset bridging: in essence, “locking” an asset (typically, a native coin or token) in a smart contract on its authoritative ledger and making available corresponding, newly minted (wrapped/shadow/…) assets on another. By now, bridging is supported by quite mature solutions in the cryptoworld; however, the same is not true for “consortial” distributed ledger technologies. At the same time, such functionality can be expected to become an important requirement in the not too distant future: for instance, a central bank may choose to create a high performance, Hyperledger Fabric-based Central Bank Digital Currency (CBDC) ledger with a strongly controlled set of “smart contracts,” but allow controlled “bridging out” of the currency to dedicated distributed ledgers of industrial/enterprise cooperations. 

Last year, a CBDC prototype with such functionality was created at the Dept. of Measurement and Information Systems of the Budapest University of Technology and Economics (BME), in a research project supported by the central bank of Hungary (MNB); our initial experience with a custom Hyperledger Cactus and TokenBridge based solution showed that this is a problem worth more targeted experimentation and systematic R&D.

The expected outcomes of this project are

  • Report on asset representation in Hyperledger Fabric and mapping approaches to standard Ethereum tokens
  • Report on bridging approaches and technologies and their applicability for bridging from/to Fabric
  • Requirement specification
  • Design specification
  • Prototype implementation and small demo of bridging at least ERC-20 or ERC-721 to Ethereum – and back

Client Connector for Hyperledger Besu

Develop a connector that provides both synchronous and asynchronous modes of interacting with a running Hyperledger Besu node. The connector would act as an interface between an enterprise application and the Hyperledger Besu node for data ingestions and it could provide event subscription options.

The scope of the project would also include an end-to-end test on a sample network.

The expected outcomes of this project are

  • Design and implement the connector.
  • A new Hyperledger Labs project is proposed with a documentation.

GVCR: Secure Verifiable Credential Registries (VCR) for GitHub & GitLab

As conceptualized and standardized by the W3C, the Verifiable Credentials protocol is one of the three pillars of Self-Sovereign Identity, together with the Decentralized Identifiers protocol (DIDs) and Distributed Ledger Technology (or Blockchain). The project aims to design and build a verifiable credential registry (VCR) on GitHub repository, namely GitHub-based Verifiable Credential Registry (GVCR), by leveraging existing GitHub APIs, and other open-source tools provided by other Hyperledger projects, such as Hyperledger Aries, Hyperledger Indy, and Hyperledger Ursa. The basic architecture is already built. For more details about the conceptional design and workflows, please refer to the GitHub repository GitHub-VCR.

The expected outcomes of this project are

  • A verifiable credential registry based on one or more GitHub repositories.
  • Command-Line utility to automate the process of verification of a credential.
  • Proper test cases and documentation.
  • Codebase maintained with proper read me document.

The Hyperledger Summer Mentorship Program is part of the Linux Foundation’s overall commitment to mentoring. The application process is being managed through LFX Mentorship, a platform created by the Linux Foundations to train future open source leaders. 

Check out the full list of mentorship projects and start your application today. The deadline to apply is May 10. Mentees from diverse communities are encouraged to apply. All are welcome here!

Mar 14
Love0

Interoperability in the Open Source community

By Tim Spring, Indicio Blog, Healthcare, Hyperledger Aries, Hyperledger Indy, Identity

Without interoperability, you wouldn’t be able to read this article. Websites, computers, and servers must be able to recognize and share information with each other, and shared standards and protocols allow them to do so, thereby giving us the web. On a smaller scale, companies have their own intranets, and, on the smallest scale, you might have your own private thumb drive for personal documents that can interact with whatever machines you typically work on. 

Interoperability is not a technological given or an inexorable process. It is a choice that needs to be actively made, and it can sometimes take considerable effort to make work. Think of electronic health care records and the years it has taken to make it easier for a patient to access their health data, something originally provisioned in a 2000 Privacy Rule to the Health Insurance Portability and Accountability Act (HIPAA) of 1996.

Crises, however, can accelerate the slog to technological convergence—and that’s precisely what we’ve seen as a result of the global COVID-19 pandemic. In April 2021, a data-sharing provision of the 21st Century Cures Act came into effect: Patients must be able to have direct digital access to eight categories of clinical notes in an electronic health record, notably—given the need for COVID testing—lab test results. 

Cometh the legislation, cometh the tech. Indicio and SITA had already been working on a decentralized, verifiable credential solution to integrate passenger health data with air travel in a privacy-preserving way. Built on Hyperledger Indy and Hyperledger Aries, the technology solved the problem of patient privacy by eliminating the need for a centralizing party to store patient data in order to facilitate verification. 

With the Cures Act provision, there was now no obstacle to passengers in the US accessing their COVID test data directly from a Health Information Exchange in the form of a digital credential. They could use this credential to prove their test status without having to share personal information. In situations where it was important to know which test they had taken and when, they could choose to share this information with a verifier, such as the border control or health agency of the country they were visiting.

This solution is now known as the Cardea Project. Successfully trialed in Aruba, its codebase has been donated to Linux Foundation Public Health as an open source solution for sharing health data through verifiable digital credentials. It has an active community group, led by Indicio and Shatzkin Systems, that is working on expanding its features and, critically, its interoperability.

To do this, Cardea launched a hackathon for interoperability— dubbed an “Interop-a-thon”— in September 2021. The goal was to get companies using Aries agents to test those agents against a reference implementation of Cardea and each other. Over a half day, SITA, Liquid Avatar, IdRamp, GlobalID, Canadian Credentials Network, and Network Synergies all successfully interoperated. That’s the headline; the story, however, is that it took work to make this happen—it was an exercise in uncovering glitches, unexpected problems, and overcoming them. That’s what made the Interop-a-thon so valuable for all the participants—and that’s why Cardea is holding a second Interop-a-thon on March 17.

This time, in addition to  agent testing, Cardea is going to field “out-of-band” invitations (a critical change coming to Hyperledger Aries at the end of March) and a simple reference implementation of machine readable governance (a way of adding governance rules at the agent level, thereby making governance portable and available offline).

Participants see interop-a-thons as a testing ground for interoperability, and therefore a way to ensure that the products and services they are building have the capacity to scale. This is a critical step toward achieving a network of networks effect. Not surprisingly, the number of participants signed up for the next Interop-a-thon is much greater than the first.

For Cardea, there are more and bigger trials on the way. And with each solution delivered, the scope for expansion becomes greater. If we can successfully implement a system for incorporating health data in travel, what about all the other clinical notes described by the Cures Act? What’s the roadmap to creating a decentralized health record?

This is the perfect challenge for an open source community to solve. And by testing the solution through an interop-a-thon, we can figure out how to make the many function as one.

If you want to learn about interoperability first hand, I highly encourage you to watch the video of their last Interopathon here: https://www.youtube.com/watch?v=KVywPPLhG0U. For more details or to register for the  next event on the 17th of March, go here: https://docs.google.com/forms/d/e/1FAIpQLSdpQmjxnYqohk0SfleulNOJXYsi1bhVhMjeGP5MxBMxCa-9TA/viewform 

Dec 06
Love0

Hyperledger Mentorship Spotlight: Hyperledger Aries Integration to Support Fabric as Blockchain Ledger

By Hyperledger Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Mentorship Program

The Hyperledger Mentorship Program is a structured hands-on learning opportunity for new developers who may otherwise lack the opportunity to gain exposure to Hyperledger open source development and entry to the technical community. These Mentorship Spotlights highlight the work done by the Mentors and the Mentees as part of their program participation. Learn more here.

 

Mentorship Project Title

Hyperledger Fabric – Hyperledger Aries Integration to support Fabric as blockchain ledger
Description This project aims to enable Aries to interact with Fabric as a ledger, which would then enable Self Sovereign Identity applications to be built on top of Fabric.
Status COMPLETED 
Difficulty HIGH 
Additional Details Learning Objectives, Expected Outcomes and Project Results available here.

Final Project Video

Mentee

Harsh Multani

“I have been using Hyperledger technologies for the past two years. The most valuable insights that I gained from this are how a project can be planned and executed. I learnt that, if you plan, document and discuss a task clearly with your mentors and the people in the community, the time it takes to complete it is considerably lower and you don’t need to do any rework for it. This experience also improved my techniques in maintaining proper code and designing the code keeping conventions in mind. Finally, I learnt a lot about Hyperledger Fabric architecture as well as Hyperledger Indy and Docker networks.”

Mentor

Kamlesh Nagware

Snapper Future Tech

Kamlesh Nagware

“I have been part of the Hyperledger ecosystem for the last five years and seen it grow to 18 projects, including DLTs, libraries and tools for efficient blockchain development and deployment. Hyperledger Fabric is the most used DLT in enterprise applications, and decentralised identity (DID)/self-sovereign identity (SSI) applications have grown in the last three to four years. To support Fabric as a ledger for Hyperledger Aries will increase the adoption of DID/SSI in enterprises by adding the flexibility to use Fabric as a ledger for SSI/DID systems and will create more interoperability within the Hyperledger ecosystem. It is a really interesting project. I have learnt lot as a mentor and got the opportunity to contribute more to the Hyperledger ecosystem. My mentee, Harsh, did really well. He completed this project and now we are planning to propose this as a Hyperledger Lab to build out the future roadmap.”

A special thanks to the Hyperledger member companies for funding this important program. To learn more about our Hyperledger Mentorship Program and how you can participate in our next cohort, head over to our program overview page on the Hyperledger wiki.

Nov 22
Love0

Hyperledger Foundation Community Training: Accelerate your decentralized identity skills with two free Hyperledger Indy and Hyperledger Aries workshops

By Hyperledger Blog, Hyperledger Aries, Hyperledger Indy

Hyperledger Indy and Hyperledger Aries are two of the popular open source repositories that can help propel development of decentralised identity products and services. Aries is a toolbox of several blockchain-agnostic repositories that allow for trusted online peer-to-peer interactions based on decentralized identities and verifiable credentials. The project grew out of work that was happening in Indy to create technologies for managing decentralized identity. Aries was moved to graduated status by the TSC in February 2021. Indy graduated in 2019 and provides a specific blockchain purpose-built for identity. 

Seeing the growth in interest for these two projects, Hyperledger Foundation has partnered with member company Indicio and its team of deeply experienced developers and architects to develop this free, multi-course curriculum to help developers and architects gain a deeper understanding of decentralized identity, with a deep dive into Aries and Indy. Registration and preparation information can be found on this Workshops page. 

These two four-hour, beginning level hands-on workshops provide opportunities to install and run the Indy and Aries components just like you would if you were making a real Indy-based network or Aries-based application. They introduce the necessary Git repos as well as how to use the Indy Command Line Interface (Indy CLI), run the Aries toolbox and create and issue a verifiable credential. They also introduce some current projects using Aries and Indy to help you accelerate your understanding of decentralized identity and build the skills necessary to successfully make changes to the underlying code with hands-on guidance to develop your own projects.

About the courses

Build Your Identity Solution Using Hyperledger Aries
Thursday, January 20, 2022
8 AM to noon Pacific

Register for free

The first in the Hyperledger Foundation Community Workshop series, Intro to Decentralized Identity is a four hour online course to introduce the core concepts and principles of decentralized identity. As you progress, you’ll learn how to use a Hyperledger Indy-based network, be introduced to the Indy CLI, and install and run the Aries toolbox to create, issue, and verify a verifiable credential.

Topics also include:

  • Decentralized identity concepts and principles
  • The verifiable credential data model
  • Decentralized identity ecosystem
  • Introduction to network tools indyscan and SelfServe
  • Intro to Indy CLI and how to use the CLI to access a network
  • What Aries is
  • Install and run Aries Toolbox
  • Create connections and issue a credential
  • How to verify credential

Hyperledger Indy Technical Deep Dive
February 3, 2022
8:00 AM to noon Pacific

Register for free

The second in the series is a four-hour course that advances your skills related to Hyperledger Indy node code and the Indy SDK. It also covers the commonly used cryptography libraries contained in Hyperledger Ursa, the Plenum ledger and how to interact with and change the repositories and code.

Topics also include:

  • Install and build with Indy SDK
  • Introduction to libindy, indycli etc
  • Indy VDR (replacement for Indy-SDK)
  • Making changes to Indy node code
  • Build and IndyTest the changes locally
  • How to get involved in the community further with chats, helplines, and meetings

Both courses do have several must-have prerequisites, including the installation of docker, installation of Indy-CLI, installation of rust, and the download of important repositories. This can be done independently, or you will have the opportunity to connect with instructors during pre-course office hours on a dedicated helpline. 

These new courses are the first community workshops offered by the Hyperledger Foundation for free in an effort to expand the use, contributions, and maintainer community of Hyperledger Indy and Aries. Recordings of the courses will be made available at the conclusion of the instructor-led events.

Registration for the free course is limited to 100. Registration links and further information about the prerequisites and course materials can be found at https://wiki.hyperledger.org/display/events/Workshops.

Nov 03
Love0

The Pathway to Becoming a Hyperledger Maintainer

By Timo Glastra, Co-Founder & Software Engineer at Animo and Hyperledger Aries Maintainer Blog, Hyperledger Aries

When I first came across Hyperledger Aries, I was still a student at the University of Applied Sciences in Utrecht. I had never contributed to open source, and only minimally understood how the process of contributing and maintaining even functioned. Now, only two years later, my company (Animo) specializes in building SSI solutions using Hyperledger Aries and other SSI technologies, and I am one of the core contributors to a lot of the open source libraries built on top of it.

In this blogpost I’m going to share what it’s like to be a maintainer for the Hyperledger Aries project. You’ll learn how you can start contributing and maybe even set yourself on a path to becoming a maintainer.

The ecosystem

Hyperledger Aries provides standards and protocols focused on holding and exchanging verifiable credentials, but it is much more than that. Hyperledger Aries provides the foundation for peer-to-peer interactions, exchange of verifiable credentials and secure messaging. It provides standards through the so-called Aries RFCs and has open source implementations in Go, JavaScript, Python, Rust and .NET.

Aries uses DIDComm for a secure messaging protocol, but DIDComm is a lot more than just a way to exchange credentials. Once you start getting a sense of the enormous potential of DIDComm, it’s difficult not to get excited. Aries provides you with an agent that helps you manage your digital interactions, just like your browser helps you interact with the web.

At Animo, we’re leveraging Aries at the core of almost all of our projects. We contribute to several open source frameworks, develop applications on top of these frameworks and build end-to-end solutions using verifiable credentials. For example, we recently started a pilot with the Centre for Emergency Control Room Innovation that leverages DIDComm for secure communication and exchange of location between the emergency call centre staff and a qualified volunteer. Although we are involved with several Aries frameworks, we have a particular expertise in (and fondness for) Aries Framework JavaScript (AFJ).

We use AFJ for most of our projects. We’ve contributed a lot to it because, simply put, we saw the potential of the framework and someone needed to do the work to get it there. Being a maintainer of a project means more than just contributing code.It means you’re responsible for the overall direction and vision of the project. Maintainers concern themselves with the roadmap, the place of the project within the ecosystem and coordination of working group efforts and calls. On a more operational level, there’s also a lot of reviewing pull requests, addressing github issues, answering questions on Rocket.Chat and writing documentation. If this sounds time consuming, that’s because it is. But putting in the effort is essential to creating long lasting, structurally sound code that can be freely used by anyone to build amazing things.

Contributing to a project hosted by Hyperledger, specifically, means you get a lot of the needed infrastructure other projects might not have. There is a wiki for meeting notes, a Zoom account for our meetings, GitHub repos, unlimited CI minutes, a chat platform, and assistance from the Hyperledger staff when needed.

Becoming a maintainer

I can recommend that every developer be involved with open source, and every company invest in open source software. Open source software provides the foundation for almost all software in the world, and is essential for a world where self-sovereign identity becomes a standard.

Besides, working on open source software can be a really good learning experience. You get to work with some of the greatest minds of the industry on the future of digital identity. Maintaining and contributing to Hyperledger, and open source in general, has been really valuable for me. There is something magical about how open source works, and how we can work together towards a shared goal, even if you’re halfway across the world.

I can imagine that sounds a bit intimidating. Luckily, you don’t have to start out this way. You can start the way we all do, by quietly listening to working group calls until you find something you want to participate in. Once you decide you’d like to become a contributor or a maintainer, you’ll find that communities will be happy to help you get started.

Here are some of my personal tips to get involved with a Hyperledger project. I’ve used the AFJ community as an example throughout.

  1. Attend working group calls – Working group calls are the perfect place to introduce yourself and show your ambition to contribute to the project. This is also the place to stay up to date on the current and planned work of the project. (AFJ Meetings)
  2. Get familiar with the codebase – Even though it can be daunting and hard to make sense of a project at first, it is important to get familiar with the project. You should make it as easy as possible for maintainers to review your initial PR and get it merged! (AFJ Repository)
  3. Answer questions on Rocket.Chat – Help other people get started with the project and answer their questions! You learn a lot by finding answers to other people’s questions. And also don’t hesitate to ask questions yourself. There are a lot of people with very specific domain knowledge eager to answer your questions. (Aries Channel, AFJ Channel)
  4. Look at open issues – Knowing what to work on can be complex when getting familiar with a new project. Github issues often describe missing features or bugs, which can be a great way to find the first item to work on. In AFJ, we currently have more than 70 open issues,  all waiting for someone to pick them up. (AFJ Open Issues)
  5. Read about the topic – Read about the topics that underpin the project. For SSI, I recommend reading the Self Sovereign Identity book. If you’re ready to get a bit more in-depth, I recommend to start reading the Aries RFCs. These are fundamental for contributing to any Aries project.

My best advice is to experience it yourself. Even the smallest pull request is valuable to a project and can give you the confidence to keep going. And, before you know it, you’re the maintainer of a project yourself.

If you have any questions, or if you’d like to make contributing to open source software your job, you can reach me at timo@animo.id. We’re always looking for motivated and ambitious people to join our team and are always happy to help new contributors get started.

Apr 21
Love0

Why Distributed Ledger Technology (DLT) for Identity?

By Stephen Curran, Hyperledger Aries Maintainer, Cloud Compass Computing Inc. Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa, Identity

As we continue our pandemic journey that is 2021, more and more people are getting vaccinated against COVID-19. Once vaccinated, people are (finally!) able to do more “in the real world.” However, in some cases such as international travel, there is a need to prove that you have been vaccinated before you can participate. In the past, that proof has been accomplished in the form of the paper World Health Organization Carte Jaune/Yellow Card. But in our 21st century pandemic, a handwritten paper document is not particularly trusted. It’s just too easy to buy or make your own. The sudden, urgent need to be able to prove health information in a safe, privacy-preserving and secure way has brought the spotlight on the concept of verifiable credentials and, for Hyperledger, on the three identity-focused projects in the community, Indy (a distributed ledger for identity), Aries (data exchange protocols and implementations of agents for people, organizations and things), and Ursa (a cryptographic library underlying Indy and Aries).

While people understand that paper credentials are insufficient and that a trusted digital solution is needed, they don’t understand why verifiable credentials, or more generally, identity, works extremely well with distributed ledger technology (DLT)—a distributed database spread across multiple nodes, of which blockchain is an example. To be clear from the start, it is not to put the credentials on a public ledger so everyone can see them! We’ll reiterate that a lot in this post. No private data ever goes on the blockchain!!!

To understand why DLT is useful for identity, we need to go back to the basics—paper credentials, how that model has worked for 1000s of years, and how the use of DLTs with verifiable credentials allows us to transition the great parts—security and privacy—of that model to the digital age.


Since as far back as 450BC, people have used paper credentials to enable trusted identity. Legend has it that King Artixerxes of the Persian Empire signed and gave Nehemiah a paper “safe transit” authorization that he used in travels across the empire. People have been using such documents ever since. In technical terms, a credential is an attestation of qualification, competence, or authority issued to an entity (e.g., an individual or organization) by a third party with a relevant or de facto authority or assumed competence to do so. Examples of credentials issued to people include a driver’s license, a passport, an academic degree, proof-of-vaccination and so on. Credentials are also issued to companies, such as business registrations, building permits, and even health inspection certifications.

Image

Examples of Paper Credentials
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

A typical paper credential, say a driver’s license, is issued by a government authority (an issuer) after you prove to them who you are (usually in person using your passport or birth certificate) and that you are qualified to drive. You then hold this credential (usually in your wallet) and can use it elsewhere whenever you want—for example, to rent a car, to open a bank account or in a bar to show that you are old enough to drink. When you do that, you’re proving (or presenting) the credential to the verifier. The verifier inspects the physical document to decide if it is valid for the business purpose at hand. Note that in verifying the paper credential, the verifier does not call the issuer of the document. The transaction is only between the holder and the verifier. Further, it is the holder’s choice whether they want to share the piece of paper. If they want, they can keep it to themselves.

 

The Paper Credential Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0

Verification in the paper credential model (ideally) proves:

  1. Who issued the credential. 
  2. That the credential was issued to the entity presenting it.
  3. That the claims have not been altered.

The caveat “ideally” is included because of the real possibility of forgery in the use of paper credentials. Back to our “proof-of-vaccination” problem.

Let’s see how the good parts of the paper credential model are retained in the verifiable credentials model. With verifiable credentials:

  • An authority decides you are eligible to receive a credential and issues you one.
  • You hold your credential in your (digital) wallet—it does not go on the distributed ledger!
  • At some point, a verifier asks you to prove the claims from one or more credentials.
  • If you decide to share your data with the verifier, you provide a verifiable presentation to the verifier, proving the same three things as with the paper credentials.
  • Plus: You may be able to prove one more thing—that the issued credentials have not been revoked.

As we’ll see, verifiable credentials and presentations are not simple documents that anyone can create. They are cryptographically constructed so that a presentation of the claims within a credential proves four attributes:

Who issued the credential–their identifier is part of the credential and they signed the credential. 

  • Who holds the credential–there is a cryptographic binding to the prover.
  • The claims have not been altered–they were signed at the time of issuance.
  • The credential has not been revoked.

Unlike a paper credential, those four attributes are evaluated not based on the judgment and expertise of the person looking at the credential, but rather by machine using cryptographic algorithms that are extremely difficult to forge. Like the paper credential, the verifier does not go back to the issuer to ask about the credential being presented. Only the prover and verifier, the participants in the interaction, need to know about the presentation. So where do the prover and verifier get the information they need for their transaction? We’re just getting to that…


The Verifiable Credentials Model
By Peter Stokyo, peter.stoyko@elanica.com, Licensed under CC By 4.0 

Compared to the paper credentials model, verifiable credentials are far more secure. When the cryptographic verification succeeds, the verifier can be certain of the validity of the data—those four attributes stemming from verifying the presentation. They are left only with the same question that paper credentials have—do I trust the issuer enough

So where does the DLT fit in?

Three of the four things that the verifier has to prove (listed above) involves published data from the issuer that has to be available in some trusted, public distributed place, a place that is not controlled by a central authority (hmm…sounds like a DLT!). In Indy and Aries, data published to a DLT is used to verify the credential without having to check with the issuer. In particular:

  • The verifier has to know who issued the credential based on an identifier and cryptographic signature. From the presentation, it gets an identifier for the issuer, looks it up on a DLT to get a public key associated with the issuer to verify the signature in the presentation. Thus, the identity of the issuer is known.
  • The verifier has to verify that the claims data has not been altered by verifying a cryptographic signature across the data. Based on an identifier for the type of credential, the verifier gets from a DLT a set of public keys and verifies the signatures. Thus, the verifier knows no one has tampered with the claims data.
  • The issuer periodically updates a revocation registry on a DLT indicating the credentials that have been revoked. If the holder’s credential is revoked, they are unable to create a proof of non-revocation (yes, that’s a double negative…). If the holder can generate that proof, the verifier can check it. Thus, the verifier knows the credential has not been revoked.

The fourth attribute (the binding of the credential to the holder) in Indy is done using some privacy-preserving cryptographic magic (called a Zero Knowledge Proof) that prevents having a unique identifier for the holder or credential being given to the verifier. Thus, no PII is needed for sharing trusted data.

So why DLT? First, we can get the good parts of paper credentials—private transactions between holders and verifiers and no callback to the issuer. Second, the issuer gets a trusted, open and transparent way to publish the cryptographic material needed for those private holder-verifier transactions. Third, there is no need to have a “Trusted Third Party” participating in the interactions.

And did I mention, no private data goes on the DLT!!! 

Hyperledger Indy, Aries and Ursa are enabling this approach to “self-sovereign identity” in a big way,  bringing about a new layer of trust on the Internet that will let us preserve our privacy and give us control over our identity and data—where it belongs. There is a lot to learn. If you’re curious, a great place to start is this Linux Foundation edX course.

Cover image by Nick Youngson CC BY-SA 3.0 Alpha Stock Images

Feb 26
Love0

Hyperledger Aries Graduates To Active Status; Joins Indy As “Production Ready” Hyperledger Projects for Decentralized Identity

By Sam Curren, Hyperledger Indy contributor, Indicio.tech and Stephen Curran, Aries Cloud Agent Python Maintainer, Cloud Compass Computing Inc. Blog, Hyperledger Aries

The Hyperledger Technical Steering Committee (TSC) has approved Hyperledger Aries as the latest of Hyperledger’s projects to graduate from incubation to active status.

Hyperledger Aries provides reusable, interoperable tool kits designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials. The Aries project grew out of the need for protocols, open source tools and interoperability test suites that leverage networks enabling verifiable credentials, such as those supported by Hyperledger Indy.

This major milestone shows that Hyperledger’s technical leadership recognizes the maturity of the Aries community and project. The TSC applies rigorous standards to active projects including code quality, security best practices, open source governance, and a diverse pool of contributors. Becoming an active Hyperledger project is a sign that Aries has grown in both community and code and is a big step forward for the decentralized digital identity community.

“This approval is further evidence that Hyperledger Aries is a breakout success for the Hyperledger community,” said Brian Behlendorf, General Manager for Blockchain, Healthcare and Identity at the Linux Foundation. “Convergence on common libraries for the exchange of credentials will help speed the development of urgently-needed solutions and systems, ranging from education to finance to the fight against the pandemic. Aries is key to that convergence.” 

The TSC’s endorsement of Hyperledger Aries as out of incubation and into active project status is particularly important as the world grapples with finding trusted ways for people to prove their COVID-19 vaccination or test results. Aries’ maturity and protocol-driven approach to issuing verifiable credentials and presenting verified proofs has meant that Aries is a part of every technical discussion in that domain, and a core component of many of the technical stacks being deployed.

Key components of an Aries solution are:

  • Agent Frameworks: In the digital world, humans, organizations and things need a way to store, manage and exchange verifiable data, including the crypto that decentralized identity demands. Agents do this work in a decentralized environment, and Aries Frameworks make it easy for anyone to build agents tied to specific business needs.
  • DID communications (DIDComm): Agent-like things have to interact with one another to get work done. How they talk in general is DIDComm. DIDComm was born in the Aries project, and work on the next version continues within a working group at the Decentralized Identity Foundation.
  • Protocols: The Aries protocols run on top of DIDComm and enable peer-to-peer application-level interactions among agents, and shows how they should be designed and documented. The Aries community has developed an approach called Aries Interop Profiles (AIP) that formalizes specific sets of protocols that any agent-maker must use to be interoperable across the community, and a test harness that verifies interoperability across disparate implementations using the protocols that make up an AIP.

A Wallet is a common term for a mobile agent used by a person. Wallets are the important link that enables people to manage their connections, credentials, and other aspects of involvement in the decentralized identity ecosystem. This important area of work has just recently received another boost with the community organization of work around creating an open source mobile agent using the Aries Framework Javascript and React Native.

Aries also has close community ties with the Trust Over IP (ToIP) project, which is also housed at the Linux Foundation. Both projects are working on the issuing, holding, and presenting of cryptographically-verifiable digital credentials without the necessity of intermediaries. While Aries is focused on the tools required for verifiable credential exchange, the Trust over IP Foundation is a project working to define a complete architecture, or stack, that combines both cryptographic trust and human trust relating to decentralized identity.

The TSC commended the Aries project during the meeting for the project’s highly diverse contributors. Achieving a high number of organizations contributing to a project at Hyperledger is often a challenge. Congratulations are due to those participating in and supporting the Aries Project.

What to learn more about Identity and Hyperledger Aries?

Hyperledger offers free introductory training courses in partnership with The Linux Foundation and edX.org including:

Introduction to Hyperledger Sovereign Identity Blockchain Solutions: Indy, Aries & Ursa

Becoming a Hyperledger Aries Developer

Do you want to get involved in Hyperledger Aries?If you’d like to support Aries, join our community and contribute! Your contributions will help to fix digital identity for everyone. You can participate in the discussions or help write the code powering Aries. Together, we will build a better platform for digital identity.

Feb 12
Love0

Working Together on What “Good” Looks Like

By Brian Behlendorf Blog, Healthcare, Hyperledger Aries, Hyperledger Indy

On Tuesday, the Good Health Pass Collaborative (GHPC) launched. This initiative is intended to define, in the context of test results and vaccination records for opening up borders for travel and commerce, a high bar for implementations of identity and credentialing systems to meet with regards to privacy, ethics and portability. They will also work with the implementers of such systems to converge towards common standards and governance.       

A set of Linux Foundation organizations – TrustOverIP, Hyperledger, Linux Foundation Public Health, and its Covid Credentials Initiative – have engaged as supporting organizations and were part of the announcement. We did this based on very encouraging signs during formation discussions that GHPC would not only help bring many of the organizations emerging into the self-sovereign identity space into alignment on platforms and standards we have long championed, but would also give us an external reference point for our position on the importance of privacy in the design and implementation of such systems.

Hyperledger has been home to the pioneering digital identity ledger Indy and agent toolkit Aries, which form the basis of so many production privacy-preserving digital identity systems and, now, are serving as the basis for many of these emerging health pass solutions. The TrustOverIP Foundation led the formal recognition of the need and role for governance organizations in the digital identity landscape – showing how we can get both optionality and interoperability when we weave global identity and credentialing systems together in a decentralized way. 

The Covid Credentials Initiative, starting way back in March 2020, recognized the potential for credentials of all sorts in the fight against this and future pandemics, and have pulled together an amazing community of technologists and entrepreneurs working together on this. Now, as part of Linux Foundation Public Health, we are working to bring together a set of software projects that can implement credential systems and help accelerate adoption of these globally, centered on the needs of public health authorities.

On Thursday’s GHPC webinar, Charlie Walton from Mastercard said GHPC is “in the business of describing what good looks like.” We will be working with GHPC to bring our own communities’ views of not just what good looks like, but how we’re already working together to standardize and implement this work. Furthermore we’ll see if our processes can directly support GHPC’s efforts to harmonize this domain.

We recognize there are quite a few of these initiatives now, reflecting just how broadly this issue is felt across society. We can play – we must play – a key role in channeling all this market activity and good-faith sharing of expertise into applications directly in people’s hands, so we can get back to travel and re-opening workplaces and schools in a safe and equitable way. Our key levers to move the world are open source software and open public engagement, and we will double-down on those tools to have a unique and substantive impact.

Look for more on this soon within our communities. We’re incredibly excited to be a part of this global effort.

Feb 02
Love1

Once Again, Forbes “Blockchain 50” Shows Enterprise Blockchain’s Footprint and Impact, with Hyperledger Technologies Leading The Pack

By Hyperledger Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Grid, Hyperledger Indy, Hyperledger Sawtooth

Declaring that blockchain has “gone mainstream,” Forbes today released its 2021 “Blockchain 50,” featuring companies that have at least $1 billion in revenues or are valued at $1 billion or more and “lead in employing distributed ledger technology.” And, once again, half of the companies on the list are using Hyperledger technology. 

Twenty five companies on the list name at least one Hyperledger technology as part of their solution platform. Hyperledger Fabric, specifically, is cited as a platform by 24 of the companies, topping the list as the most widely used technology. Hyperledger Aries, Indy, Grid and Sawtooth are all also deployed by companies on this list. 

The annual list, now in its third year, reflects the growing global impact of blockchain technology with 25 members from the U.S., 13 from Europe and a record 12 from Africa, Asia, the Middle East and Latin America. All in all, there were 21 companies that were new to the list, and 15 of them, including ones from Australia (BHP), India (Tech Mahindra) and Africa (Sappi), use Hyperledger-based platforms. 

Of the 12 companies that have made the list every year, six (Ant Group, Cargill, DTCC, IBM, ING and Walmart) use Hyperledger technologies.

More than just a basic list of companies and technologies, the Forbes Blockchain 50 provides a snapshot of the market-changing deployments these blockchain leaders have deployed. Accompanying stories add even more analysis and context. 

This annual look at the market is a good reflection point for the traction our technologies have in the current market but also a guidepost to what needs to come next. The increasing global adoption of blockchain – public, private, hybrid – and coming shifts in currency adoption and payments as well as uptake in markets as diverse as mining, telecom, pharma and shipping all point to the growing reach of distributed ledger technology. And, in the face of such challenges as the pandemic, climate change and income equality, it is important to put the focus on what we can accomplish building on blockchain as a cornerstone. 

Jan 20
Love0

Kiva Protocol, Built on Hyperledger Indy, Ursa and Aries, Powers Africa’s First Decentralized National ID system

By Hyperledger Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa, Member Case Study

For the 1.7 billion unbanked adults around the world, access to financial services is extremely limited. Without even a basic savings account, economic opportunity is often limited to informal offerings such as local shopkeepers who extend credit to their customers, microfinance institutions that work to serve the last mile, and community savings and credit associations that are setup by individuals living in the same village.

In the unbanked world, individuals borrow a few hundred to a few thousand dollars at a time, paying back over a relatively short time frame of 12-18 months. But despite excellent credit records, they are unable to receive even similar credit facilities at local banks. This is because the data from their informal transactions is essentially invisible: the banks either do not trust the data sources, or are otherwise unable to verify the provenance of the data.

While this is the state of the world today, it does not have to be our future. Kiva, a US-based nonprofit organization focused on financial inclusion, has built Kiva Protocol to bridge the data disconnect and help enable universal financial access. In 2019, Sierra Leone, a West African nation of about 7 million, launched the National Digital Identity Platform (NDIP) that used Kiva Protocol to enable fast, cheap, and secure identity verification for its citizens.

Kiva Protocol is built using Hyperledger Indy, Aries, and Ursa, and as implemented in Sierra Leone, allows citizens to perform electronic Know Your Customer (eKYC) verifications in about 11 seconds, using just their national ID number and a fingerprint. With this verification, it is possible for the nation’s unbanked to open a savings account and move into the formally banked population.

To find the right platform, Kiva assessed more than 20 software stacks, both centralized and decentralized. Blockchain and decentralized ledger technologies quickly emerged as good solutions for the developing world as they enable data provenance at the protocol level and stakeholders can act relatively independently to enable their various activities in the formal and informal sectors.

After deep consideration, Kiva decided to use Hyperledger’s stack for identity: Indy, Aries, Ursa. While all three projects are closely related, each has a distinct mandate:

  • Hyperledger Indy is a distributed ledger purpose-built for decentralized ID with transferable, private, and secure credentials;
  • Hyperledger Aries is infrastructure that supports interactions between peers and between blockchains and other DLTs; and
  • Hyperledger Ursa is a modular, flexible library that enables developers to share time-tested and secure cryptography.

In August 2019, Kiva launched the beta of Kiva Protocol with a public event opened by the president of Sierra Leone. Since that launch, global regulators have made significant progress in terms of how they are considering digital identity and eKYC verifications. There is a growing global movement towards user-owned and -controlled data, better privacy, and more universal access. 

As of today, Kiva is focusing on building additional ecosystem applications and services to make it easier for all stakeholders to access and use Kiva Protocol. Much of this is being contributed upstream into the Hyperledger Indy and Aires projects, with the remaining components hosted in Kiva’s repository.

Hyperledger teamed up with Kiva on a detailed case study covering the challenges of the unbanked, requirements for a solution that delivers fast, cheap and secure ID exchange, and plans for expanding Kiva Protocols’ use to other countries and other applications. 

Read the full case study here.

1 2 Next

Copyright © 2022 The Linux Foundation®. All rights reserved. Hyperledger Foundation, Hyperledger, and the other Hyperledger Foundation trademarks are trademarks of The Linux Foundation. For a list of Hyperledger Foundation trademarks, please see our Trademark Usage page. Linux is a registered trademark of Linus Torvalds. Privacy Policy and Terms of Use.

Close Menu
  • Learn
    • Case Studies
    • White Papers
    • Training & Certification
    • Training Partners
    • Webinars
    • Research
    • Blockchain Showcase
    • Wiki
  • Use
    • Distributed Ledgers
    • Domain-Specific
    • Libraries
    • Tools
    • Tutorials
    • Hyperledger Certified Service Providers
    • Vendor Directory
  • Participate
    • Collaboration Tools
    • Contribute to Coding
    • Academic Collaboration
    • Find a Meetup
    • Regional Communities
    • Speakers Bureau
    • Join a Community Group
    • Labs
  • Events
  • News
    • Blog
    • Announcements
    • Newsletter
  • About
    • Join Hyperledger
    • Members
    • Leadership
    • Charter
    • Job Board
    • Contact Us
  • Join Now
  • English
    • 简体中文
    • Português
    • Français
    • Español
    • Malayalam
    • 日本語