Follow these instructions to create a new DID from Credo Agent and publish the associated DID Document on cheqd ledger.

⚠️ Before you begin...

Make sure you've correctly configured the Credo agent with cheqd.

Create DID

Parameters​

1. method*: cheqd

2. secret

3. options*

4. didDocument

Option 1​

Provide a DID Document payload according to the w3c did core specification in the request body. This is possible when the keys corresponding to the verification methods provided in the DID Document are already created in the wallet

// create a key pair
const key = await agent.wallet.createKey({
  keyType: KeyType.Ed25519,
})

// encode public key according to the verification method
const ed25519PublicKeyBase58 = key.publicKeyBase58

// Create a DID
await agent.dids.create<CheqdDidCreateOptions>({
  method: 'cheqd',
  secret: {},
  options: {},
  didDocument: new DidDocument({
    id: 'did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d',
    controller: ['did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d'],
    verificationMethod: [
      {
        id: 'did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d#key-1',
        type: 'Ed25519VerificationKey2018',
        controller: 'did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d',
        publicKeyBase58: ed25519PublicKeyBase58,
      },
    ],
    authentication: ['did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d#key-1'],
  }),
})

Option 2​

If a DID Document is not passed to the registrar, it requires the secret parameter with a verificationMethod to construct the DID Document.

await agent.dids.create({
  method: 'cheqd',
  // the secret contains a the verification method type and id
  secret: {
    verificationMethod: {
      id: 'key-1',
      type: 'Ed25519VerificationKey2020',
    },
  },
  // an optional methodSpecificIdAlgo parameter
  options: {
    network: 'testnet',
    methodSpecificIdAlgo: 'uuid',
  },
})

Follow these instructions to deactivate a did:cheqd DID from Credo Agent

Deactivate DID

A DID can be deactivated, it can still be resolved

1. did*

2. options

Follow these instructions to update a did:cheqd DID from Credo Agent.

Update DID

To update a DID Document, fetch the body of the DID Document you want to change from the DID Resolver, make the relevant updates and pass it as the parameter

Parameters​

1. did*

2. didDocument*: The updated DID Document

3. options

4. secret

await agent.dids.update({
  did: 'did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411',
  // Updates DID Document with an additional verification method if provided
  secret: {
    verificationMethod: {
      id: 'key-2',
      type: 'JsonWebKey2020',
    },
  },
  didDocument: {
    id: 'did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411',
    controller: ['did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411'],
    verificationMethod: [
      {
        id: 'did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411#key-1',
        type: 'Ed25519VerificationKey2020',
        controller: 'did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411',
        publicKeyMultibase: 'z6MknkzLUEP5cxqqsaysNMWoh8NJRb3YsowTCj2D6yhwyEdj',
      },
    ],
    authentication: ['did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411#key-1'],
    // updates did document with a service block
    service: [
      new DidDocumentService({
        id: 'did:cheqd:testnet:b84817b8-43ee-4483-98c5-f03760816411#rand',
        type: 'rand',
        serviceEndpoint: 'https://rand.in',
      }),
    ],
  },
})

A Decentralized Identifier "DID" is a globally unique identifier that does not require a centralized registration authority because it is registered with distributed ledger technology or other form of decentralized network.

Get started

Alternatives

Below are a list of alternatives for creating cheqd DIDs.

To issue Verifiable Credentials, the issuer will have to first create a Schema and then a Credential Definition.

⚠️ Before you begin...

Make sure you've correctly configured the Credo agent with cheqd.

Import a DID (optional)

In order to register a schema and credential definition, a DID must be added to the agent first. This can be done by calling agent.dids.create(), but this does require an endorser DID to be present as the submitterDid. This is optional, if you have created a DID from the agent before as described here.

const seed = TypedArrayEncoder.fromString(`<seed>`) // Secret seed. Should be kept secure in production!
const cheqdDid = 'did:cheqd:testnet:d37eba59-513d-42d3-8f9f-d1df0548b675' // Cheqd DID to be imported

await agent.dids.import({
  did: cheqdDid,
  overwrite: true,
  privateKeys: [
    {
      privateKey: seed,
      keyType: KeyType.Ed25519,
    },
  ],
})

Register a Schema

When you have a registered (or imported) a DID on the network and in your wallet, you can register a schema. Registering a schema requires four fields: issuerId, name, version and attrNames. It is important to note that the issuerId must be the same as a DID in your wallet.

const schemaResult = await agent.modules.anoncreds.registerSchema({
  schema: {
    attrNames: ['name', 'degree', 'date'],
    issuerId: '<did>',
    name: 'Example Schema to register',
    version: '1.0.0',
  },
  options: {},
})

if (schemaResult.schemaState.state === 'failed') {
  throw new Error(`Error creating schema: ${schemaResult.schemaState.reason}`)
}

Parameters

It is possible to present Verifiable Credentials, signed by a cheqd DID, in a few clicks or lines of code. This process enables secure and trustworthy sharing of verifiable credentials within the Credo framework and cheqd ecosystem.

Step 1: Create a Connection with Holder

Use any supported method to create a connection with the Holder. Automated out-of-band protocol is recommended. You can follow the same steps as described in Issue a Verifiable Credential.

Step 2: Send Proof Request

After connection is established, the Verifier can send a proof request to the Holder.

await this.agent.modules.proofs.requestProof({
  protocolVersion: 'v2',
  connectionId: connectionRecord.id,
  proofFormats: {
    anoncreds: {
      name: 'proof-request',
      version: '1.0',
      requested_attributes: {
        name: {
          name: 'name',
          restrictions: [
            {
              cred_def_id: this.credentialDefinition?.credentialDefinitionId,
            },
          ],
        },
      },
    },
  },
})

Step 3: Holder sends Presentation Proof

Holder can get the stored credentials from own wallet and format a proof to send to the Verifier.

When we want to send a proof, we have to listen to incoming proof requests and handle accordingly. In this example we do not have any user interaction, but is likely that your application would have a user-interface which would display the request.

this.agent.events.on(ProofEventTypes.ProofStateChanged
  async ({ payload }: ProofStateChangedEvent) => {
    if (payload.proofRecord.state === ProofState.RequestReceived) {
      const requestedCredentials = await this.agent.modules.proofs.selectCredentialsForRequest({
        proofRecordId: payload.proofRecord.id,
      })
      await this.agent.modules.proofs.acceptRequest({
        proofRecordId: proofRecord.id,
        proofFormats: requestedCredentials.proofFormats,
      })
    }
})

Next Steps

For more tutorials and examples, visit Credo Docs.

Get started

Alternatives

Below are a list of alternatives for using Credentials with cheqd support. Each offers a different set of protocols and underlying technical capabilities.

Step 1: Create a Connection with Holder

1a: Issuer Creates Connection Invite

The Issuer agent will create a new connection invite for the Holder. This is needed to securely communicate between the Issuer and the Holder agents.

1b: Holder receives invitation

The above request will have an invitation in the response. Holder will have to copy that invitation and pass URL as invitationUrl in the following code:

Step 2: Prepare and Send Credential Offer

Generate a credential offer and send to the holder, informing them about the available credential and its attributes.

Step 3: Holder accepts credential offer

When we want to accept a credential, we have to listen to incoming credentials and handle accordingly. In this example we do not have any user interaction, but is likely that your application would have a user-interface which would display the credential. When receiving a credential offer you can get the values from credentialExchangeRecord.credentialAttributes.

Register a Credential Definition

After registering a schema, a credential definition can be registered based on the schema. The credential definition, amongst more things, binds the schema to a specific issuer. Schemas can be reused between issuers, but a credential definition is specific to an issuer. In a credential definition revocation can also be specified. This section will not go in-depth about revocation.

const credentialDefinitionResult = await agent.modules.anoncreds.registerCredentialDefinition({
  credentialDefinition: {
    tag: 'default',
    issuerId: '<did>',
    schemaId: schemaResult.schemaState.schemaId,
  },
  options: {
    supportRevocation: false,
  },
})

if (credentialDefinitionResult.credentialDefinitionState.state === 'failed') {
  throw new Error(
    `Error creating credential definition: ${credentialDefinitionResult.credentialDefinitionState.reason}`
  )
}

The request body must contain the credential_definition object with the Issuer DID and the Schema ID created in the previous steps.

To enable revocation, the options must contain the revocation flag, and the size of the revocation registry. Also, ensure that a Tails Server is configured for the issuer.

Parameters

"DID-Linked Resources" are identified with a did:cheqd Decentralized Identifier with a Universally Unique Identifier (UUID) that acts as a permanently-accessible link to fetch the resources from the cheqd ledger. We refer to this as the "resource ID". Through the "resource ID" or a set of DID URL query parameters, applications are able to persistently access a digital resource on the cheqd network.

Create Resource​

Using the createResource cheqd api agents are able to create custom DID-Linked Resources, including:

• Trust Registries

• Status Lists

• Logos associated with DIDs

• Governance files

Parameters​

1. did*

2. name*

3. resourceType*

4. id*

5. data* : Text, Base64 string or an object

6. alsoKnownAs

7. version

await agent.modules.cheqd.createResource('did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d', {
  name: 'resourceName',
  resourceType: 'resourceType',
  id: '6de33634-6439-4e46-aa3f-bfe03606b000',
  version: '1.0',
  data: {
    name: 'name',
    age: 18,
  },
})

Resolve Resource​

The resolveResource function in the cheqd API allows agents to resolve DID-Linked Resources in two ways:

• By resourceId

• By resourceName and resourceType

Additionally, both conventions support the following query parameters:

• To fetch a specific resource version: resourceUrl?version=<versionId>

• To fetch the closest resource version for a given time: resourceUrl?resourceVersionTime=<epoch time>

Using resourceId​

await agent.modules.cheqd.resolveResource(
  'did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d/resources/6de33634-6439-4e46-aa3f-bfe03606b000'
)

Using resourceName and resourceType​

await agent.modules.cheqd.resolveResource(
  'did:cheqd:testnet:92874297-d824-40ea-8ae5-364a1ec9237d?resourceName=resourceName&resourceType=resourceType'
)

Get started

Credo is a framework written in TypeScript for building SSI Agents and services that aims to be compliant and interoperable with the standards defined in the European Architecture and Reference Framework.

The Aries Framework JavaScript project has recently been rebranded to "Credo" and was moved from the Hyperledger Foundation to the Open Wallet Foundation.

In the recent months, Credo has heavily been expanding into a more modular and "less specific" framework. The integration with cheqd is a prime example of this, being the first true showcase of anchoring AnonCreds on non-Indy ledgers. Supporting more credential formats, ledgers and DID methods is crucial and essential to the continual development of Credo. cheqd is now fully supported in Credo and can be used for the issuance of Verifiable Credentials as well as the creation of Credential Schemas and Credential Definitions.

AnonCreds using cheqd are facilitated using the cheqd AnonCreds Object Method.

Architecture

Get started

Supported Credential types

Aries Framework JavaScript supports the following Credential formats:

Watch our demo video

Pre-requisites

• Node.js - v16 or v18

• yarn or npm

• Node.js or React Native project.

For more details, check Credo Getting Started guide.

Installing Cheqd

When using cheqd method with Credo, there are a few extra dependencies that need to be installed. We need to install the @credo-ts/cheqd package, which implements the needed interfaces for the agent.

React Native​

To enable react-native support we need to follow the steps below:

In the package.json file add the below code snippet, which replaces the cosmjs dependencies with the cosmjs-rn packages.

Using NPM overrides or Yarn resolutions we can point the cosmjs packages to cosmjs-rn.

{
  "overrides": {
    "@cosmjs/amino": "npm:@cosmjs-rn/amino@^0.27.1",
    "@cosmjs/encoding": "npm:@cosmjs-rn/encoding@^0.27.1",
    "@cosmjs/math": "npm:@cosmjs-rn/math@^0.27.1",
    "@cosmjs/stargate": "npm:@cosmjs-rn/stargate@^0.27.1",
    "@cosmjs/tendermint-rpc": "npm:@cosmjs-rn/tendermint-rpc@^0.27.1",
    "@cosmjs/utils": "npm:@cosmjs-rn/utils@^0.27.1",
    "@cosmjs/proto-signing": "npm:@cosmjs-rn/proto-signing@^0.27.1",
    "@cosmjs/crypto": "npm:@cosmjs-rn/crypto@^0.27.1"
  }
}

{
  "resolutions": {
    "@cosmjs/amino": "npm:@cosmjs-rn/amino@^0.27.1",
    "@cosmjs/encoding": "npm:@cosmjs-rn/encoding@^0.27.1",
    "@cosmjs/math": "npm:@cosmjs-rn/math@^0.27.1",
    "@cosmjs/stargate": "npm:@cosmjs-rn/stargate@^0.27.1",
    "@cosmjs/tendermint-rpc": "npm:@cosmjs-rn/tendermint-rpc@^0.27.1",
    "@cosmjs/utils": "npm:@cosmjs-rn/utils@^0.27.1",
    "@cosmjs/proto-signing": "npm:@cosmjs-rn/proto-signing@^0.27.1",
    "@cosmjs/crypto": "npm:@cosmjs-rn/crypto@^0.27.1"
  }
}

After that, we need to add a buffer polyfill

yarn add buffer

Then, create a shim.js file with the below code snippet

import { Buffer } from 'buffer'
global.Buffer = Buffer

import shim.js file into your file where the App is imported.

Adding cheqd to the Agent​

After installing the dependencies, we can register the cheqd module on the agent by adding the below code snippet to the agent constructor.

import { Agent, DidsModule, KeyType, DidDocument } from '@credo-ts/core'
import { agentDependencies } from '@credo-ts/node'
import { AskarModule } from '@credo-ts/askar'
import { askar } from '@openwallet-foundation/askar-nodejs'
import {
  ConnectionsModule,
  V2ProofProtocol,
  V2CredentialProtocol,
  ProofsModule,
  AutoAcceptProof,
  AutoAcceptCredential,
  CredentialsModule,
  HttpOutboundTransport,
  getDefaultDidcommModules,
} from '@credo-ts/didcomm'
import {
  CheqdAnonCredsRegistry,
  CheqdDidRegistrar,
  CheqdDidResolver,
  CheqdModule,
  CheqdModuleConfig,
} from '@credo-ts/cheqd'
import { AnonCredsModule } from '@credo-ts/anoncreds'
import { anoncreds } from '@hyperledger/anoncreds-nodejs'

const agent = new Agent({
  config,
  dependencies: agentDependencies,
  modules: {
    dids: new DidsModule({
      registrars: [new CheqdDidRegistrar()],
      resolvers: [new CheqdDidResolver()],
    }),

    // AnonCreds
    anoncreds: new AnonCredsModule({
      registries: [new CheqdAnonCredsRegistry()],
      anoncreds,
    }),

    // Add cheqd module
    cheqd: new CheqdModule(
      new CheqdModuleConfig({
        networks: [
          {
            network: '<mainnet or testnet>',
            cosmosPayerSeed: '<cosmos payer seed or mnemonic>',
          },
        ],
      })
    ),
    // Indy VDR can optionally be used with Askar as wallet and storage implementation
    askar: new AskarModule({
      askar,
    }),
    connections: new ConnectionsModule({
      autoAcceptConnections: true,
    }),
    credentials: new CredentialsModule({
      autoAcceptCredentials: AutoAcceptCredential.ContentApproved,
      credentialProtocols: [
        new V2CredentialProtocol({
          credentialFormats: [new LegacyIndyCredentialFormatService(), new AnonCredsCredentialFormatService()],
        }),
      ],
    }),
  },
})

The cosmosPayerSeed can be a 32-bit seed value or mnemonic. It can be managed using the Keplr wallet, which is available as a mobile app or browser extension for Chrome and Safari. Keplr enables users to create accounts, exchange tokens, etc. To setup Keplr wallet for cheqd follow this tutorial.

Next steps

Now that your Credo agent is successfully set up to work with cheqd, try following our tutorials for creating a new DID or issuing Verifiable Credentials.