Iota Digital Student Id
Digital Student ID Demo
Newest efforts in Digital Identity and Self Sovereign Identity (SSI) leave the hope that digital governing may come true.
Organizations such as the IOTA Foundation are creating decentralized frameworks that make this possible. IOTA has the unique concept of the Tangle which makes SSI possible today.
To showcase a possible scenario where SSI would greatly benefit everyday life, this project aims to prototype a Digital Student ID for the use on a university website.
Contents
1. Verifiable StudentCredential
1.1. How it works
Some high-level explanation
The following steps expect that DIDs for both, the university and the Student, already exist on the Tangle. If you want to learn more about DID creation, see the Keeper documentation.
1.1.1. Registration | Matriculation
The process of enrollment via the StudentCredential.
%%---
%%title: Registration | Matriculation
%%---
sequenceDiagram
participant S as Student
participant U as University
participant T as Tangle
S ->> U: Hi University, I am did:iota:example:123<br>and I'd like to enroll myself.
Note over U: The uni needs to know <br> whether the Student has control <br> of did:iota:example:123. <br> So it sends a challenge <br> to the Student.
U ->> S: Authenticate yourself, please.
Note over S: The Student<br>signs the challenge <br> with their private <br> key and sends it back.
S --x U: Sure.
U ->> T: I need document with ID <br> did:iota:example:123
T --x U: Sure.
Note over U: The uni decrypts the signed <br> challenge with the Student's public key. <br> If it matches with the original challenge, <br> the Student has proven ownership of their DID.
U ->> S: I need your personal data.
Note over S: Now, the Student <br> can decide <br> whether to send <br> their data or not.
S --x U: Sure.
Note over U: With the Student's personal data, <br> the uni needs to verify its validity.
Note over U: If the data is valid, the uni creates <br> and signs a StudentCredential. <br> The uni also disposes all information <br> about the Student as everything is <br> contained within the StudentCredential.
U --x S: Here's your signed Student ID.
Note over S: With the StudentCredential <br> at hand, they are now able to <br> verify their status as a <br> student of University.
1.1.2. Login | Authentication
The process of authentication via the StudentCredential.
%%---
%%title: Login | Authentication
%%---
sequenceDiagram
participant S as Student
participant U as University
participant T as Tangle
S ->> U: Hi University, I am did:iota:example:123 <br> and I want to use your website.
Note over U: As with the registration, <br> the uni needs to know <br> whether the Student is <br> who they claim to be.
U --x S: Sure thing. <br> But first we need your matriculation status. <br> And please sign this challenge.
Note over S: The Student creates a <br> Verifiable Presentation <br> of their StudentCredential, <br> includes the challenge, <br>signs and sends it.
S ->> U: Here's proof of my matriculation.
U ->> T: I need document with ID <br> did:iota:example:123
T --x U: Sure.
Note over U: The uni is now able to <br> verify the Student's <br> matriculation status by verifying <br> the Presentation and the Credential.
Note over U: If the validation is successful, <br> the Student currently is enrolled.
U --x S: You may proceed.
1.2. Credential Contents
The StudentCredential makes several assertions about its holder.
For now it will contain a students personal information, which in a fully working ecosystem will not be necessary nor desirable. This will be done via official government issuers. But as such infrastructure does not exist yet, the design decision was to include personal information in the StudentCredential just for convenience.
Personal information
- Full name
- Address
- Picture of the student
Study information
- Name of the university
- Current semester
- Matriculation number
- Name of the study subject
- Degree (Bachelor | Master)
2. Design
2.1. System Architecture
The overall architecture of this framework.
%%---
%%title: System Architecture
%%---
flowchart
subgraph University
UniversityKeeper(Keeper)
IssuanceService(Issuance Service)
end
subgraph Student
StudentKeeper(Keeper)
Browser(Browser)
end
StudentKeeper-.->Tangle
UniversityKeeper-.->Tangle
Browser-->IssuanceService
Browser--->StudentKeeper
IssuanceService-->UniversityKeeper
2.2. User Navigation
The simple user navigation in the web app.
%%---
%%title: User Navigation
%%---
stateDiagram-v2
[*] --> Login/Registration
state Login/Registration {
direction LR
state fork_state <<fork>>
state join_state <<join>>
[*] --> fork_state
fork_state --> EnterUsername
fork_state --> EnterPassword
join_state --> [*]
EnterUsername --> join_state
EnterPassword --> join_state
}
Login/Registration --> ActionSelect
state ActionSelect {
direction LR
state if_state <<choice>>
[*] --> if_state
if_state --> ...
... --> [*]
if_state --> [*]
if_state --> Cafeteria
Cafeteria --> [*]
state Cafeteria {
direction LR
[*] --> SelectMeal
SelectMeal --> Pay
Pay --> [*]
}
}
ActionSelect --> [*]
3. Setting up your local environment
3.1. Quick Start Guide
If you don't already have node.js installed on your system, download and install it from here.
Next, after cloning/downloading the repository, open 3 different terminal sessions and and navigate to the following paths in one terminal each:
/university/keeper/gisa-did
Now go ahead and execute the following command in each of the terminals:
npm install
Finally, in the /university and /keeper teminals, execute
npm run dev
while in the /gisa-did terminal, execute
npm start
On localhost:4200 you should now have the fully functional web app running with the backend servers running as well.
3.2. Set up node.js using nodeenv
You can always go ahead and install node.js globally on your system from here.
The following steps will only guide you through the process of creating a virtual environment for node.js using nodeenv.
3.2.1. Create a virtual node environment
IMPORTANT This will require Python version 3 or greater and
pipinstalled on your system.
First, open a shell inside the repo's root directory, then install the node.js environment manager nodeenv using pip.
pip install nodeenv
Now create an environment called .node.
For this environment, we will use node.js version 18.12.1.
Your command line will need elevated privileges for this to work.
nodeenv .node --node=18.12.1
Good to know: Node.js versions that are known not to work:
| Version | Incompatibility |
18.8.0 |
some problems with @iota/identity-wasm@0.6.0 |
