Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Signing of EPCIS events for tracability and immutability within COPPA and beyond

License

NotificationsYou must be signed in to change notification settings

COPPA-CCP/epcis-signing

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

94 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Testsnpm

Header Image

EPCIS Signing

Signing of EPCIS event for tracability and immutability within in COPPA and beyond

General Idea

Signing data on the EPCIS level allows trusted and collaborative data exchange among arbitrary parties. This becomes particulary important when use case crucial data needs to be shared over many participants, e.g. in case of a circular economy, where every stakeholder is dependent on a trustable data flow from its predecessor.
In order to allow this in a secure and trustful manner, we aim to leverage the self-sovereign identity ecosystem as a public key infrastructure and the adjacentverifiable credentials for signing data. For more information read themotivational article on this topic.

Advantages

  • Immutability - allows trustless data exchange over an arbitrary amount of stakeholders

  • Traceability - each information can be tracked back to its producer and makes it authentic

  • Trust - identifying each stakeholder and its adjacent data and thereby forms the foundation for an independent trust framework

→ Basis for collaborative data platforms

Security Considerations

Anonymity

Ideas

Selective Disclosure

Allowing data to flow between arbitrary parties will result in the need disclose only the necessary bits of information within the data to others which is needed. Therefore a a selective disclosure mechanism within the signing process should be envisioned from the start.

Ideas

Verifiable Credential Data Model

W3C Verifiable Credentials

This data model is based upon theW3C VC Data Model

Options

EPCISDocumentCredential

verifiableCredential.credentialSubject is a EPCISDocument

  • credentialSubject.id = EPCISDocument.id
{"@context": ["https://www.w3.org/2018/credentials/v1","https://ssi.eecc.de/api/registry/context/epciscredentials","https://w3id.org/security/suites/ed25519-2020/v1"  ],"id":"https://ssi.eecc.de/api/registry/vc/f2c39be7-2bbf-4a97-a3af-b6d5a2a74909","type": ["VerifiableCredential","EPCISDocumentCredential"  ],"issuer": {"id":"did:web:ssi.eecc.de","image":"https://id.eecc.de/assets/img/logo_big.png","name":"EECC"  },"issuanceDate":"2023-02-13T10:26:07Z","credentialSubject": {"@context": ["https://ref.gs1.org/standards/epcis/2.0.0/epcis-context.jsonld"    ],// subject id is the EPCIS document id"id":"https://id.eecc.de/epcis/document/12345","type":"EPCISDocument","schemaVersion":"2.0",// semantic question if this should match the issuance date"creationDate":"2023-02-07T11:05:00.0Z","epcisBody": {"eventList": [        {"type":"ObjectEvent","eventTime":"2023-02-07T11:04:03.15Z","eventTimeZoneOffset":"+01:00","epcList": ["https://id.eecc.de/01/04012345999990/21/XYZ-1234"          ],"action":"OBSERVE","bizStep":"repairing","disposition":"conformant","readPoint": {"id":"https://id.eecc.de/414/4012345000115"          }        }      ]    }  },"proof": {"type":"Ed25519Signature2020","created":"2023-02-13T10:26:07Z","verificationMethod":"did:web:ssi.eecc.de#z6MkoHWsmSZnHisAxnVdokYHnXaVqWFZ4H33FnNg13zyymxd","proofPurpose":"assertionMethod","proofValue":"z43q6v4ejP9uAZkX8tjjWeH3W6raHKRH2fXRLuN51YMprpTwE8331EaL5jfRcNQNV9bLxVVEpT8gfMsU2iA2A5bMh"  }}

EPCISEventCredential

verifiableCredential.credentialSubject is a EPCISEvent

  • credentialSubject.id = EPCISEvent.id
{"@context": ["https://www.w3.org/2018/credentials/v1","https://ssi.eecc.de/api/registry/context/epciscredentials","https://w3id.org/security/suites/ed25519-2020/v1"  ],"id":"https://ssi.eecc.de/api/registry/vc/1f8ffded-3a7a-41db-86ea-225949a25023","type": ["VerifiableCredential","EPCISEventCredential"  ],"issuer": {"id":"did:web:ssi.eecc.de","image":"https://id.eecc.de/assets/img/logo_big.png","name":"EECC"  },"issuanceDate":"2023-02-13T10:35:32Z","credentialSubject": {"@context": ["https://ref.gs1.org/standards/epcis/2.0.0/epcis-context.jsonld"    ],// event id equals subject id"id":"https://id.eecc.de/epcis/event/12345","type":"ObjectEvent","eventTime":"2023-02-07T11:04:03.15Z","eventTimeZoneOffset":"+01:00","epcList": ["https://id.eecc.de/01/04012345999990/21/XYZ-1234"    ],"action":"OBSERVE","bizStep":"repairing","disposition":"conformant","readPoint": {"id":"https://id.eecc.de/414/4012345000115"    }  },"proof": {"type":"Ed25519Signature2020","created":"2023-02-13T10:35:32Z","verificationMethod":"did:web:ssi.eecc.de#z6MkoHWsmSZnHisAxnVdokYHnXaVqWFZ4H33FnNg13zyymxd","proofPurpose":"assertionMethod","proofValue":"zkdjpZBbPa81HCD4GpCLgwSRJ75MPZFDzZdvUdLBkhFNkDEdVcXB12Q14GrmSqS82WoifY75MUMG8TuXpPMN1Frb"  }}

SD-JWT

tbd.

Examples

Sign EPCIS Event

Install the npm package

npm i epcis-signing

Generate a key pair and sign a demo event

import{EPCISEvent,VerifiableCredential,sign}from'epcis-signing';//@ts-ignoreimport{Ed25519VerificationKey2020}from'@digitalbazaar/ed25519-verification-key-2020';constepcisEvent:EPCISEvent={"@context":["https://ref.gs1.org/standards/epcis/2.0.0/epcis-context.jsonld"],"type":"ObjectEvent","eventID":'urn:uuid:12345',"eventTime":"2023-02-07T11:04:03.15Z","eventTimeZoneOffset":"+01:00","epcList":["https://id.eecc.de/01/04012345999990/21/XYZ-1234"],"action":"OBSERVE","bizStep":"repairing","disposition":"conformant","readPoint":{"id":"https://id.eecc.de/414/4012345000115"}}asyncfunctiongetKeyPair():Promise<Ed25519VerificationKey2020>{// generate the keyPair from seedletkeyPair=awaitEd25519VerificationKey2020.generate();// name the keyPair in order to make it resolvablekeyPair.id='did:key:'+keyPair.publicKeyMultibase+'#'+keyPair.publicKeyMultibase;keyPair.controller='did:key:'+keyPair.publicKeyMultibase;returnkeyPair;}asyncfunctionsignEvent():Promise<VerifiableCredential>{constkeyPair:Ed25519VerificationKey2020=awaitgetKeyPair();returnawaitsign(epcisEvent,keyPair,'https://test.com/vc/12345')}signEvent().then((signedCred:VerifiableCredential)=>{console.log(signedCred)});

Wrap and Unwrap EPCIS Event in Credential

import{EPCISEvent,unwrapEpcisFromCredential,wrapEpcisInCredential}from'epcis-signing';constepcisEvent:EPCISEvent={"@context":["https://ref.gs1.org/standards/epcis/2.0.0/epcis-context.jsonld"],"type":"ObjectEvent","eventID":'urn:uuid:12345',"eventTime":"2023-02-07T11:04:03.15Z","eventTimeZoneOffset":"+01:00","epcList":["https://id.eecc.de/01/04012345999990/21/XYZ-1234"],"action":"OBSERVE","bizStep":"repairing","disposition":"conformant","readPoint":{"id":"https://id.eecc.de/414/4012345000115"}}constwrappedEvent=wrapEpcisInCredential('did:web:ssi.eecc.de',epcisEvent);constunwrappedEvent=unwrapEpcisFromCredential(wrappedEvent);

Verify Signed Events

For verifiaction of EPCIS credentials you can use the EECC VC Verifier as aWeb App orAPI.

[8]ページ先頭
©2009-2025 Movatter.jp