Skip to content

Verifier Architecture

This article provides an overview of the verifier component, detailing its internal structure, its relations to other components of the system, and the steps involved in a verification workflow.

The Parts of the Verifier Component

The verifier component validates the cryptographic signatures of the issuer and the wallet, both of which are included in a verifiable presentation. The verifier component consists of your application, usually a website or a mobile application, which must be configured to work with Partisia's Credential Verification Service (CVS).

The application is the initial point of contact for a credential holder. It triggers the holder to open their wallet and it kickstarts the verification process through an API call to the CVS. To receive the verification results from the CVS the application must expose an endpoint where the CVS can send POST requests.

The CVS automatically generates the request URIs which trigger the initiation of a credential presentation, it handles most interactions with the wallet for you, and verifies the cryptographic signatures of credentials and presentations.

The wallet is a personal application used by the holder to manage verifiable credentials. It provides secure storage for credentials, enables consent when required, generates verifiable presentations and submits them to the CVS using a request uri provided by the application.

verifier diagram

Verification Flow

  1. The credential holder (e.g., a student) starts the interaction with your application, which may be a website or mobile app.
  2. The application prompts the holder to open their wallet, for example by displaying a QR code which must be scanned with the user's wallet.
  3. After the holder approves the interaction, your application makes an API call to the credential verification service (CVS) to initiate the verification process.
  4. The CVS creates a verification session in the storage, where all the information about this specific verification process will be stored.
  5. The CVS begins the presentation protocol, which prompts the wallet to generate a verifiable presentation of specific claims (e.g., the holder’s student status) within a credential.
  6. The CVS runs the verification protocol on the submitted presentation. The CVS ensures the validity of the cryptographic signatures of the wallet and the issuer. It does so by reading the corresponding public keys from the registry.
  7. The CVS pushes the result of the verification protocol (i.e., the verified data) to your application through a POST request.

Note

To ensure successful delivery of the verification results to the application, the communication channel between the application and the CVS must be properly configured.

Partisia All Rights Reserved © 2023