Last updated
Last updated
This Verida extension allows private off-chain data to be securely used within smart contracts in a cryptographically trusted manner.
This enables use cases such as:
A credit rating agency signing a credit score linked to a Verida identity (DID). The identity controller (end user) submits this credit score to a smart contract to access an under-collateralized loan.
A trusted entity signing a proof that a DID controls a social media account (ie: Facebook). The end user submits this social media ownership proof to a smart contract to mint a Soulbound token to a blockchain wallet the identity controls.
A trusted entity completes KYC verification of an end user and signs a message indicating the end-user has passed KYC to generate a "KYC proof" associated with the user's DID. The end user submits this KYC proof to a smart contract in order to access a decentralized exchange that requires users to be KYC'd.
A trusted DID (trustedDid
) signs off-chain data and sends it to the user
The user generates a smart contract request and signs it
The smart contract verifies the smart contract request and verifies the signed off-chain data can be trusted
The smart contract uses the trusted data within the smart contract
We will walk through an end-to-end example of submitting a request to a smart contract that is verified to have originated from a Verida DID.
When a record is saved into a Verida datastore
or database
, the full JSON record is automatically signed by the protocol. The record is signed by a "signing key" that is controlled by the Verida DID that is saving the data. It's possible for other DID's to also sign this data, producing multiple signatures.
It's also possible to sign any data, for example:
We will submit a message ("hello world") to a smart contract that originates from a Verida DID and is protected from replay attacks:
We assume the smart contract supports nonce(didAddress)
method for fetching the next nonce
for a given DID (this will be defined later).
We assume there is a method getAddressFromDid(did: string)
that converts did:vda
:polamoy:0x...
to 0x...
.
Your smart contract will require @verida/vda-verification-contract
.
Let's define the basic smart contract that will define the verifyStringRequest()
method:
NOTE: VDAVerificationContract.sol
supports nonce()
method and the verifyRequest()
always checks the signed nonce is the next value.
Let's improve on the above example by also including signed data that can then be verified and used on-chain.
In this example, let's assume a credit rating agency has a Verida DID and generates a signed proof that a user has a credit rating of 9:
At this point, the customerCreditRatingProof
and creditScore
would be sent back to the customer for them to store off-chain, typically in their Verida Wallet. The customer could privately send the proof to a third party (via the Verida network or any other communication channel) or submit it to a smart contract.
We will now submit customerCreditRatingProof
to a smart contract that trusts creditCompanyDid
and will verify they can trust the credit rating data.
Lets assume the customer is now logged into the No Deposit Loans
dApp run by Onchain Loan Company
that trusts Credit Rating Company
. The customer will generate a verified request to the smart contract that includes the necessary data for the smart contract to verify their credit score on-chain.
Let's update the basic smart contract with a new submitCreditScore()
method:
In the above example we hardcoded an array of addresses (trustedCreditCompanies
) with a single trusted DID.
VDAVerificationContract.sol
provides an easier way to manage this from your smart contracts.
There are methods that can be executed by the smart contract owner:
addTrustedSigner(address didAddress)
removeTrustedSigner(address didAddress)
This maintains an internal list of trusted DID addresses. In the above example, this might be a list of 8 credit rating company DID's that are trusted by the smart contract.
You can use this inbuilt list stored in the smart contract, by calling verifyData()
instead of verifyDataWithSigners()
:
One of the huge benefits of the Verida DID's not being linked to any particular blockchain, means this implementation can be replicated across any chain that supports keccak256
hashing and ed25519
signatures (basically every blockchain).
All that's required to support a new chain is to port the VDAVerificationContract.sol
to the new chain and use it within smart contracts on that chain.
This also means that user's can have their data verified once and then use it across multiple smart contracts across multiple blockchains without having to re-verify their data.