- Getting started
- Background
- eIDAS 2.0
- Interoperability and conformance
- Supported standards
- Support
- License
The Procivis One Core is a robust solution capable of powering every element of the digital identity credential lifecycle, flexibly handling a broad array of different protocols and trust models, ensuring compatibility with different digital identity regulations, and can be installed and operated almost anywhere, ensuring seamless integration through a powerful API.
Procivis One is built to connect your organization to the SSI ecosystem, become compatible with regulations such as eIDAS 2.0, and be extensible as new regulations and requirements emerge.
See the key features and complete solution architecture.
The fastest way to get started with Procivis One is to join our Trial Environment. Here you are given control of an organization on our server solution, the Procivis One Desk, and can quickly begin issuing and verifying credentials.
See our documentation:
You can build the project with cargo build as well as build certain target using cargo-make. Cargo-make will include dev.env file in the runtime. This makes env config convenient and create an opportunity to document used variables in one place.
Install cargo-make
cargo install cargo-make
Build REST server
makers build
Run REST server
makers run
We can use Makefile.toml
to add and fine tune build/run targets later in the project.
To run only the unit tests
cargo test --lib
# or
makers unit-tests
To run integration-tests
cargo test --test integration_tests
# or
makers integration-tests
To run integration-tests with MariaDB
makers dbstart
ONE_app__databaseUrl="mysql://root:Qpq5nDb5MKD6v9bt8dPD@localhost/core" makers integration-tests
You can start a separate instance of a service that will play wallet role. This instance is accessible on port 3001.
makers runwallet
Using cargo-watch
, the code can be automatically recompiled when changes are made.
Setup
cargo install cargo-watch
Run the REST server
makers runw
Run compiled application (Local env)
./target/debug/core-server --config config/config-procivis-base.yml --config config/config-local.yml
- Run MariaDB for local developing
docker compose -f docker/db.yml up -d
or
makers dbstart
- Stop MariaDB for local developing
docker compose -f docker/db.yml down
or
makers dbstop
- Drop MariaDB for local developing - removes everything
makers dbdrop
- Print MariaDB logs
docker compose -f docker/db.yml logs -f
- Build project
docker build -t one-core -f docker/Dockerfile .
- Run project on Windows or Mac
docker run --init -p 3000:3000 -it --rm \
-e RUST_BACKTRACE=full \
-e ONE_app__databaseUrl=mysql://core:[email protected]/core \
one-core --config config/config-procivis-base.yml --config config/config-local.yml
- Run project on Linux
docker run --init -p 3000:3000 -it --rm \
-e RUST_BACKTRACE=full \
-e ONE_app__databaseUrl=mysql://core:[email protected]/core \
one-core --config config/config-procivis-base.yml --config config/config-local.yml
- Run shell in the container
docker run -it --rm --entrypoint="" one-core bash
Source:
-
Install cyclonedx-cli
sudo curl -L https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.25.0/cyclonedx-linux-x64 -o /usr/local/bin/cyclonedx-cli
sudo chmod +x /usr/local/bin/cyclonedx-cli
- Install cyclonedx
cargo install cargo-cyclonedx
- Generate JSON format
cargo cyclonedx -f json
- Prepare env
export DEPENDENCY_TRACK_BASE_URL=https://dtrack.dev.one-trust-solution.com
export DEPENDENCY_TRACK_API_KEY="<api_key>"
export DEPENDENCY_TRACK_PROJECT_NAME="ONE-Core"
export D_TRACK_PATH=${DEPENDENCY_TRACK_BASE_URL}/api/v1/bom
export SBOM_FILE_PATH="apps/core-server/bom.json"
export APP_VERSION="local-test-1"
- Upload JSON BOM file
file_content=$(base64 -i merged_sbom.json)
curl -v -X PUT \
-H "Content-Type: application/json" \
-H "X-API-Key: ${DEPENDENCY_TRACK_API_KEY}" \
--data @- ${D_TRACK_PATH} <<EOF
{
"projectName": "${DEPENDENCY_TRACK_PROJECT_NAME}",
"projectVersion": "${APP_VERSION}",
"autoCreate": true,
"bom": "${file_content}"
}
EOF
- Merge all SBOM files to one
FILES="apps/core-server/bom.json apps/migration/bom.json lib/one-core/bom.json lib/shared-types/bom.json lib/sql-data-provider/bom.json platforms/uniffi/bom.json platforms/uniffi-bindgen/bom.json"
cyclonedx-cli merge --input-files ${FILES} --input-format=json --output-format=json > merged_sbom.json
cargo llvm-cov --no-clean --workspace --release --ignore-filename-regex=".*test.*\.rs$|tests/.*\.rs$"
- Cobertura
cargo llvm-cov report --release --cobertura --output-path cobertura.xml
- Lcov
cargo llvm-cov report --release --lcov --output-path lcov.info
- Using Sea-ORM CLI
makers generate_migration description_of_new_migration
Decentralized digital identities and credentials is an approach to identity that relocates digital credentials from the possession and control of centralized authorities to the digital wallet of the credentials holder. This architecture eliminates the need for the user to "phone home" to use their credentials as well as the verifier to communicate to the issuer via back-channels, keeping the wallet holder's interactions private between only those parties directly involved in each interaction. This model of digital identity is often referred to as Self-Sovereign Identity, or SSI.
Whether you want to:
- issue into an EUDI Wallet
- provide an EUDI Wallet
- offer services to an EUDI Wallet holder
Procivis One provides production grade open source components to get certified and connect your organization to the eIDAS 2.0 ecosystem.
Use the Procivis One Core for Issuer or Verifier solutions. For an EUDI Wallet, use the One Core React Native SDK for embedding into an existing app, or use the Procivis One Wallet with adaptations to fit your needs.
Procivis One is built using open standards and tested to ensure interoperability with different software vendors and across different international regulatory ecosystems.
- W3C standards
- The W3C offers several test suites for standards conformance. See the latest test results for Procivis One at canivc.com.
- ISO/IEC 18013-5 mDL
- Procivis One's implementation of the ISO mDL standard is compatible with the OpenWallet Foundation's verifier: Procivis One can successfully issue mDL credentials to a Procivis One Wallet, and these credentials can successfully be verified by the OpenWallet Foundation's verifier. See the OpenWallet Foundation libraries.
- eIDAS 2.0; EUDI Wallet
We continue to look for more opportunities for interoperability testing as the standards and regulations mature and harden.
- W3C Verifiable Credentials Data Model 2.0 in the following variations:
Securing mechanism | Supported representations | Supported proof/signature types |
---|---|---|
W3C Data Integrity Proofs (embedded) | JSON-LD in Compacted Document Form | |
W3C VC-JOSE-COSE (enveloping) |
* CRYSTALS-DILITHIUM is a post-quantum resistant signature scheme, selected by NIST for Post-Quantum Cryptography Standardization. Support for the recently published FIPS-204 is planned for the near future.
-
Backwards compatibility: Procivis One supports verification of proofs which use VCDM 1.1.
-
Additional VC formats: Procivis One supports verification of VCs embedded in optical barcodes. See Verifiable Credentials Barcode v0.7.
Standard | Supported representations | Supported proof/signature types |
---|---|---|
IETF SD-JWT VC | SD-JWT |
* CRYSTALS-DILITHIUM is a post-quantum resistant signature scheme, selected by NIST for Post-Quantum Cryptography Standardization. Support for the recently published FIPS-204 is planned for the near future.
- OpenID for Verifiable Credentials
- OID4VCI; ID-1
- OID4VP; ID-2
- OID4VP over BLE; optimized version of Draft 00
- OID4VP over MQTT; proprietary adaptation of "OID4VP over BLE" via MQTT channel
- ISO/IEC 18013
- Secure Enclave (iOS) and Android Keystore (TEE or Strongbox)
- Azure Key Vault (HSM)
- Internal encrypted database
- Bitstring Status List v1.0
- Linked Validity Verifiable Credentials (LVVC)
- Token Status List - Draft 03
See our supported technology page for more details.
Need support or have feedback? Contact us.
Some rights reserved. This library is published under the Apache License Version 2.0.
© Procivis AG, https://www.procivis.ch.