KERI Verificable Credential API

keri.vc.protocoling

keri.vc.handling module

class keri.vc.protocoling.IpexHandler(resource, hby, notifier)[source]

Processor of exn IPEX messages.

__init__(resource, hby, notifier)[source]

Initialize instance

Parameters:

  • resource (str) – route of messages for this handler

  • hby (Habery) – local identifier environment

  • notifier (Notifier) – outbound notifications

handle(serder, attachments=None)[source]

Do route specific processsing of IPEX protocol exn messages

Parameters:

  • serder (Serder) – Serder of the IPEX protocol exn message

  • attachments (list) – list of tuples of pather, CESR SAD path attachments to the exn event

response(serder)[source]

Return the IPEX exn message sent as a response to the provided serder, if any

Parameters:

serder (Serder) – IPEX exn message to check for a response

Returns:

verify(serder, attachments=None)[source]

Do route specific processsing of IPEX protocol exn messages

Parameters:

  • serder (Serder) – Serder of the IPEX protocol exn message

  • attachments (list) – list of tuples of pather, CESR SAD path attachments to the exn event

Returns:

True means the exn passed behaviour specific verification for IPEX protocol messages

Return type:

bool

class keri.vc.protocoling.Ipexage(apply, offer, agree, grant, admit, spurn)
admit

Alias for field number 4

agree

Alias for field number 2

apply

Alias for field number 0

grant

Alias for field number 3

offer

Alias for field number 1

spurn

Alias for field number 5

keri.vc.protocoling.ipexAdmitExn(hab, message, grant, dt=None, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Admit a disclosure

Parameters:

  • hab (Hab) – identifier environment for issuer of credential

  • message (str) – Human readable message regarding the admission

  • grant (Serder) – IPEX grant exn message serder

  • dt (str) – timestamp

  • version (Versionage) – KERI protocol default version if psvrsn is None

  • pvrsn (Versionage) – KERI protocol version

  • gvrsn (Versionage) –

    CESR Genus version for attachment group codes or nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

    if serder.gvrsn else serder.pvrsn

  • framed (bool) –

    True means may assume each message plus its attachments

    is isolated as frame when parsing so do not need attachment group when messagizing

    False means may not assume eash message plus its attachments

    is isolated as frame when parsing so do need attachment group when messagizing

  • nested (bool) –

    True means messagize for non-top level

    This forces non-native serializion to be embedded in non-native group code

    False means messagize for top level of stream.

    This allows bare non-native serialization of message

  • genusify (bool) –

    True means prepend genus version code from gvrsn before

    serder to override default stream genus version

    False means do nothing

Returns:

credential issuance exn peer to peer message bytes: attachments for exn message

Return type:

Serder

keri.vc.protocoling.ipexAgreeExn(hab, message, offer, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Agree an offer

Parameters:

  • hab (Hab) – identifier environment for issuer of credential

  • message (str) – Human readable message regarding the credential agreement

  • offer (Serder) – IPEX exn offer message that this offer is response to.

  • version (Versionage) – KERI protocol default version if psvrsn is None

  • pvrsn (Versionage) – KERI protocol version

  • gvrsn (Versionage) –

    CESR Genus version for attachment group codes or nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

    if serder.gvrsn else serder.pvrsn

  • framed (bool) –

    True means may assume each message plus its attachments

    is isolated as frame when parsing so do not need attachment group when messagizing

    False means may not assume eash message plus its attachments

    is isolated as frame when parsing so do need attachment group when messagizing

  • nested (bool) –

    True means messagize for non-top level

    This forces non-native serializion to be embedded in non-native group code

    False means messagize for top level of stream.

    This allows bare non-native serialization of message

  • genusify (bool) –

    True means prepend genus version code from gvrsn before

    serder to override default stream genus version

    False means do nothing

Returns:

credential issuance exn peer to peer message bytes: attachments for exn message

Return type:

Serder

keri.vc.protocoling.ipexApplyExn(hab, recp, message, schema, attrs, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Apply for an ACDC

Parameters::

hab(Hab): identifier environment for issuer of credential recp (str): qb64 AID of recipient message(str): Human readable message regarding the credential application schema (any): schema or its SAID attrs (any): attribute field label list version (Versionage): KERI protocol default version if psvrsn is None pvrsn (Versionage): KERI protocol version gvrsn (Versionage): CESR Genus version for attachment group codes or

nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

if serder.gvrsn else serder.pvrsn

framed (bool): True means may assume each message plus its attachments

is isolated as frame when parsing so do not need attachment group when messagizing

False means may not assume eash message plus its attachments

is isolated as frame when parsing so do need attachment group when messagizing

nested (bool): True means messagize for non-top level

This forces non-native serializion to be embedded in non-native group code

False means messagize for top level of stream.

This allows bare non-native serialization of message

genusify (bool): True means prepend genus version code from gvrsn before

serder to override default stream genus version

False means do nothing

Returns::

Serder: credential issuance exn peer to peer message bytes: attachments for exn message

keri.vc.protocoling.ipexGrantExn(hab, recp, message, acdc, iss=None, anc=None, agree=None, dt=None, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Disclose an ACDC

Parameters:

  • hab (Hab) – identifier environment for issuer of credential

  • recp (str)

  • message (str) – Human readable message regarding the credential disclosure

  • acdc (bytes) – CESR stream of serialized ACDC with attachments

  • iss (bytes) – serialized TEL issuance event

  • anc (bytes) – serialized anchoring event in the KEL, either ixn or rot

  • agree (Serder) – optional IPEX exn agree message that this grant is response to.

  • dt (str) – Iso8601 formatted date string to use for this request

  • version (Versionage) – KERI protocol default version if psvrsn is None

  • pvrsn (Versionage) – KERI protocol version

  • gvrsn (Versionage) –

    CESR Genus version for attachment group codes or nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

    if serder.gvrsn else serder.pvrsn

  • framed (bool) –

    True means may assume each message plus its attachments

    is isolated as frame when parsing so do not need attachment group when messagizing

    False means may not assume eash message plus its attachments

    is isolated as frame when parsing so do need attachment group when messagizing

  • nested (bool) –

    True means messagize for non-top level

    This forces non-native serializion to be embedded in non-native group code

    False means messagize for top level of stream.

    This allows bare non-native serialization of message

  • genusify (bool) –

    True means prepend genus version code from gvrsn before

    serder to override default stream genus version

    False means do nothing

Returns:

credential issuance exn peer to peer message bytes: attachments for exn message

Return type:

Serder

keri.vc.protocoling.ipexOfferExn(hab, message, acdc, apply=None, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Offer a metadata ACDC

Parameters:

  • hab (Hab) – identifier environment for issuer of credential

  • message (str) – Human readable message regarding the credential offer

  • acdc (any) – metadata ACDC or its SAID

  • apply (Serder) – optional IPEX exn apply message that this offer is response to.

  • version (Versionage) – KERI protocol default version if psvrsn is None

  • pvrsn (Versionage) – KERI protocol version

  • gvrsn (Versionage) –

    CESR Genus version for attachment group codes or nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

    if serder.gvrsn else serder.pvrsn

  • framed (bool) –

    True means may assume each message plus its attachments

    is isolated as frame when parsing so do not need attachment group when messagizing

    False means may not assume eash message plus its attachments

    is isolated as frame when parsing so do need attachment group when messagizing

  • nested (bool) –

    True means messagize for non-top level

    This forces non-native serializion to be embedded in non-native group code

    False means messagize for top level of stream.

    This allows bare non-native serialization of message

  • genusify (bool) –

    True means prepend genus version code from gvrsn before

    serder to override default stream genus version

    False means do nothing

Returns:

credential issuance exn peer to peer message bytes: attachments for exn message

Return type:

Serder

keri.vc.protocoling.ipexSpurnExn(hab, message, spurned, version=(1, 0), pvrsn=None, gvrsn=(1, 0), framed=True, nested=False, genusify=False)[source]

Reject an application, offer or agreement

Parameters:

  • hab (Hab) – identifier environment for issuer of credential

  • message (str) – Human readable message regarding the admission

  • spurned (Serder) – apply, offer, agree or grant received

  • version (Versionage) – KERI protocol default version if psvrsn is None

  • pvrsn (Versionage) – KERI protocol version

  • gvrsn (Versionage) –

    CESR Genus version for attachment group codes or nesting group code (useful when serder.gvrsn < 2) gvrsn = max(svrsn, gvrsn) where svrsn = serder.gvrsn

    if serder.gvrsn else serder.pvrsn

  • framed (bool) –

    True means may assume each message plus its attachments

    is isolated as frame when parsing so do not need attachment group when messagizing

    False means may not assume eash message plus its attachments

    is isolated as frame when parsing so do need attachment group when messagizing

  • nested (bool) –

    True means messagize for non-top level

    This forces non-native serializion to be embedded in non-native group code

    False means messagize for top level of stream.

    This allows bare non-native serialization of message

  • genusify (bool) –

    True means prepend genus version code from gvrsn before

    serder to override default stream genus version

    False means do nothing

Returns:

credential issuance exn peer to peer message bytes: attachments for exn message

Return type:

Serder

keri.vc.protocoling.loadHandlers(hby, exc, notifier)[source]

Load handlers for the IPEX protocol

Parameters:

  • hby (Habery) – Database and keystore for environment

  • exc (Exchanger) – Peer-to-peer message router

  • notifier (Notifier) – outbound notifications

keri.vc.proving

keri.vc.proving module

keri.vc.proving.credential(schema: str, issuer: str, data: dict, recipient: str | None = None, private: bool = False, private_credential_nonce: str | None = None, private_subject_nonce: str | None = None, status: str = None, source: dict | list = None, rules: dict | list = None, version: Versionage(major=1, minor=0) = (1, 0), kind: Kindage(json='JSON', mgpk='MGPK', cbor='CBOR', cesr='CESR') = 'JSON')[source]

Utility function to create an ACDC. Creates dict SAD for credential from parameters and Saidifyies it before creation.

Parameters:

  • schema (str) – SAID of schema for this credential

  • issuer (str) – qb64 identifier prefix of the issuer

  • data (dict) – of the values being assigned to the subject of this credential

  • recipient (Optional[str]) – qb64 identifier prefix of the recipient

  • private (bool) – apply nonce used for privacy preserving ACDC

  • private_credential_nonce (Optional[str]) – nonce used for privacy vc

  • private_subject_nonce (Optional[str]) – nonce used for subject

  • status (str) – qb64 said of the credential registry

  • source (Union[dict, list]) – of source credentials to which this credential is chained

  • rules (Union[dict, list]) – ACDC rules section for credential

  • version (Version) – version instance

  • kind (Kinds) – serialization kind

Returns:

credential instance

Return type:

SerderACDC

keri.vc.walleting

keri.vc.walleting module

class keri.vc.walleting.WalletDoer(hby, verifier, **kwa)[source]

DoDoer for process escrows and cues associated with a wallet

__init__(hby, verifier, **kwa)[source]

Waller doer processes the verifier cues and escrows for an Enterprise Wallet

Parameters:

  • hab (Habitat) – is the local environment associate with this wallet

  • verifier (Verifier) – is the verifier that processes and stores credentials

escrowDo(tymth, tock=0.0, **kwa)[source]

Processes the escrows for group icp, rot and ixn request messages.

Parameters:

  • tymth (function) – injected function wrapper closure returned by .tymen() of Tymist instance. Calling tymth() returns associated Tymist .tyme.

  • tock (float) – injected initial tock value

Usage:

add result of doify on this method to doers list

Returns:

doifiable Doist compatible generator method

Return type:

Doist

verifierDo(tymth, tock=0.0)[source]

Process cues from Verifier coroutine

Parameters:

  • tymth (function) – injected function wrapper closure returned by .tymen() of Tymist instance. Calling tymth() returns associated Tymist .tyme.

  • tock (float) – injected initial tock value