This is the most recent implementation report for the Verifiable Credentials Data Model specification.

Comments regarding this document are welcome. Please file issues directly on GitHub, or send them to public-vc-comments@w3.org (subscribe, archives).

Introduction

The purpose of this document is to demonstrate that there are at least two interoperable implementations of processors that are capable of generating output that is conformant to the Verifiable Credentials Data Model.

Testing Methodology

The testing framework for the Verifiable Credentials Data Model executes the following process for every conformance statement in the Verifiable Credentials Data Model:

  1. Take an input file template that exercises the feature and feed it to a developer provided Verifiable Credentials Data Model generator.
  2. If the input is valid, generate a Verifiable Credential that is conformant to the data model.
  3. The test suite then ensures that the generated Verifiable Credential is conformant to the feature being tested.

Conformance Testing Results

Key

The results of the conformance testing are shown below:

Basic Documents

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
@context MUST be one or more URIs 8
@context MUST be one or more URIs (negative) 5
@context first value MUST be https://www.w3.org/2018/credentials/v1 8
@context first value MUST be https://www.w3.org/2018/credentials/v1 (negative) 7
@context subsequent items can be objects that express context information 7
`id` properties MUST be a single URI 8
`id` properties MUST be a single URI (negative) 7
`type` properties MUST be one or more URIs 8
`type` properties MUST be one or more URIs (negative) 6
`type` properties for Credential MUST be `VerifiableCredential` plus specific type 8
`type` properties for Credential MUST be `VerifiableCredential` plus specific type (negative) 7
`credentialSubject` property MUST be present 8
`credentialSubject` property MUST be present, may be a set of objects 7
`credentialSubject` property MUST be present (negative - credentialSubject missing) 9
`issuer` property MUST be present 8
`issuer` property MUST be present (negative - missing issuer) 9
`issuer` property MUST be a single URI 8
`issuer` property MUST be a single URI (negative - not URI) 7
`issuer` property MUST be a single URI (negative - Array) 7
`issuanceDate` property MUST be present 8
`issuanceDate` property MUST be present (negative - missing issuanceDate) 9
`issuanceDate` property MUST be an RFC3339 datetime 8
`issuanceDate` property MUST be an RFC3339 datetime (negative - RFC3339) 7
`issuanceDate` property MUST be an RFC3339 datetime (negative - Array) 7
`expirationDate` property MUST be an RFC3339 datetime 8
`expirationDate` property MUST be an RFC3339 datetime (negative - RFC3339) 7
`expirationDate` property MUST be an RFC3339 datetime (negative - Array) 7
Presentations MUST be of type `VerifiablePresentation` 7
Presentations MUST include `verifiableCredential` and `proof` 7
Presentations MUST include `verifiableCredential` and `proof` (negative - missing `verifiableCredential`) 9
Presentations MUST include `verifiableCredential` and `proof` (negative - missing `proof`) 9

Credential Status (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`credentialStatus` property MUST include `id` and `type` 7 no support
`credentialStatus` property MUST include `id` and `type` (negative - missing `id`) 6 no support
`credentialStatus` property MUST include `id` and `type` (negative - missing `type`) 6 no support

Linked Data Proofs (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`proof` property MUST be present 8
`proof` property MUST include specific method using the type property 8
`proof` property MUST include type property (negative - missing proof type) 6

Credential Schema (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`credentialSchema` MUST provide one or more data schemas 8
each object within `credentialSchema`... MUST specify a `type` property with a valid value 8
each object within `credentialSchema`... MUST specify an `id` property 8
each object within `credentialSchema`... value of `id` MUST be a URI identifying a schema file 8

Refresh Service (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`refreshService` MUST provide one or more refresh services 6 no support no support
each object within `refreshService`... MUST specify a `type` property with a valid value 6 no support no support
each object within `refreshService`... MUST specify an `id` property 6 no support no support
each object within `refreshService`... value of `id` MUST be a URL identifying a service endpoint 6 no support no support

Terms of Use (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`termsOfUse` MUST provide one or more ToU objects 6 no support no support
each object within `termsOfUse`... MUST specify a `type` property with a valid value 6 no support no support

Evidence (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
`evidence` MUST provide one or more evidence objects 6 no support no support
each object within `evidence`... MUST specify a `type` property with a valid value 6 no support no support

JWT (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
A verifiable credential ... vc MUST be present in a JWT verifiable credential. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... If no explicit rule is specified, properties are encoded in the same way as with a standardverifiable credential, and are added to the vc property of the JWT. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... if typ is present, it MUST be set to JWT. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... alg MUST be used for RSA and ECDSA-based digital signatures. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... If no JWS is present, a proof property MUST be provided. 2 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... If only the proof attribute is used, the alg header MUST be set to none. 2 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... exp MUST represent expirationDate, encoded as a UNIX timestamp (NumericDate). 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... exp MUST represent expirationDate, encoded as a UNIX timestamp (NumericDate) -- negative, no exp expected. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... iss MUST represent the issuer property. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... nbf MUST represent issuanceDate, encoded as a UNIX timestamp (NumericDate). 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... jti MUST represent the id property of the verifiable credential, or verifiable presentation. 2 no support no support no support no support untested untested no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... jti MUST represent the id property of the verifiable credential, or verifiable presentation -- negative, no jti expected 2 no support no support no support no support untested untested no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... sub MUST represent the id property contained in the verifiable credential subject. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... aud MUST represent the subject of the consumer of the verifiable presentation. 2 no support no support no support no support untested untested no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... Additional claims MUST be added to the credentialSubject property of the JWT. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... Add the content from the vc property to the new JSON object. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... To transform the JWT specific headers and claims, the following MUST be done: If exp is present, the UNIX timestamp MUST be converted to an [RFC3339] date-time, and MUST be used to set the value of the expirationDate property of credentialSubject of the new JSON object. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... To transform the JWT specific headers and claims, the following MUST be done: If iss is present, the value MUST be used to set the issuer property of the new JSON object. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... To transform the JWT specific headers and claims, the following MUST be done: If nbf is present, the UNIX timestamp MUST be converted to an [RFC3339] date-time, and MUST be used to set the value of the issuanceDate property of the new JSON object. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... To transform the JWT specific headers and claims, the following MUST be done: If sub is present, the value MUST be used to set the value of the id property of credentialSubject of the new JSON object. 4 no support no support no support no support no support
To decode a JWT to a standard verifiable credential, the following transformation MUST be performed... To transform the JWT specific headers and claims, the following MUST be done: If jti is present, the value MUST be used to set the value of the id property of the new JSON object. 4 no support no support no support no support no support
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... jti MUST represent the id property of the verifiable credential. 2 untested untested untested untested untested untested untested
A verifiable credential ... To encode a verifiable credential as a JWT, specific properties introduced by thisspecification MUST be either 1) encoded as standard JOSE header parameters, 2) encoded as registered JWT claim names, or 3) contained in the JWS signature part... jti MUST represent the id property of the verifiable credential -- negative, no jti expected 2 untested untested untested untested untested untested untested
A verifiable presentation ... vp MUST be present in a JWT verifiable presentation 2 untested untested untested untested untested untested untested
A verifiable presentation ... aud MUST represent the subject of the consumer of the verifiable presentation 2 untested untested untested untested untested untested untested
A verifiable presentation ... jti MUST represent the id property of [...] the verifiable presentation 2 untested untested untested untested untested untested untested
A verifiable presentation ... jti MUST represent the id property of [...] the verifiable presentation -- negative, no jti expected 2 untested untested untested untested untested untested untested
A verifiable presentation ... iss MUST represent [...] the holder property of a verifiable presentation 2 untested untested untested untested untested untested untested
A verifiable presentation ... iss MUST represent [...] the holder property of a verifiable presentation. -- negative, no jti expected 2 untested untested untested untested untested untested untested

Zero-Knowledge Proofs (optional)

Test# Impl BrightLinkCredlyDanubeTechEvernymGuillaume-DaumasSovrin-Ken_EbertToulouse-KentuPortvc.js
A verifiable credential... MUST contain a credentialSchema 2 no support no support no support no support no support
A verifiable credential... MUST contain a credentialSchema (negative - credentialSchema missing) 4 no support no support no support no support no support
A verifiable credential... MUST contain a proof 2 no support no support no support no support no support
A verifiable credential... MUST contain a proof (negative - missing) 4 no support no support no support no support no support
A verifiable credential... Each credentialSchema... MUST specify a type 2 no support no support no support no support no support
A verifiable credential... Each credentialSchema... MUST specify a type (negative - type missing) 4 no support no support no support no support no support
A verifiable credential... Each credentialSchema... MUST specify an `id` property 2 no support no support no support no support no support
A verifiable credential... Each credentialSchema... MUST specify an `id` property (negative - `id` missing) 4 no support no support no support no support no support
A verifiable credential... Each credentialSchema... value of `id` MUST be a URI identifying a schema file 2 no support no support no support no support no support
A verifiable credential... Each proof... MUST include specific method using the type property 2 no support no support no support no support no support
A verifiable credential... Each proof... proof MUST include type property (negative - missing proof type) 4 no support no support no support no support no support
A verifiable presentation... MUST be of type `VerifiablePresentation` 2 no support no support no support no support no support
A verifiable presentation... MUST include `verifiableCredential` 2 no support no support no support no support no support
A verifiable presentation... MUST include `verifiableCredential` (negative - missing `verifiableCredential`) 4 no support no support no support no support no support
A verifiable presentation... MUST include `proof` 2 no support no support no support no support no support
A verifiable presentation... MUST include `proof` (negative - missing `proof`) 4 no support no support no support no support no support
A verifiable presentation... Each verifiable credential... MUST have a `credentialSchema` member 2 no support no support no support no support no support
A verifiable presentation... Each verifiable credential... MUST contain a credentialSchema (negative - credentialSchema missing) 4 no support no support no support no support no support