DidRoom is an open-source multiplatform and multifunctional Identity DID/SSI wallet, compliant with the W3C-DID, W3C-VC standards and eIDAS 2.0 (based on the EUDI-ARF specifications).
DidRoom also has advanced cryptographic and blockchain functions, including signatures, multi-signatures and blockchain interoperability (for Ethereum, Bitcoin, Hyperledger Fabric)
https://didroom.com
Selected features
DIDroom offers wide interoperoperability and modularity:
- Supports broad rage of standards:
- SD-JWT, mDOC: supports the eIDAS 2.0 (EUDI-ARF)
- WC-DID, WC-VC: supports the industrial standards W3C-DID and W3-VC.
- OpenID4VCI and OpenID4VP: supports the protocols used by the EUDIW developers
- Zero knowledge proof: supports issue and verifications of zero knowledge proof credentials using the BBS+ and Coconut cryptographic flows.
- Microservice based issuing and verification: the admin dashboard allows you to plug external microservices for issuance and verification including the Authorization Server, Credential Issuer and Relying party. The external service can be based on Zenswarm, so each service has its own DID/Identity and its issuance/verification flows are programmable in Zencode, or be based on a 3rd party’s technology.
- Trusted Execution Environment (TEE): the mobile applications (holder wallet and verifier app) support TEE for Android and and Secure Enclave for iOS, as required by the EUDI-ARF specs.
- Granular ACL: the the admin dashboard enables the admin to assign multiple roles to different users, allowing them to setup issueing and verification services with different capabilities
- Android/iOS easy to mantain mobile app: the mobile app, used both for holder and verifier roles, is based on Capacitor, uses minimal platform specific code (e.g. for Trusted Execution Environment).
- Blockchain interoperability: using Zenroom’s interop capabilities, DIDroom can perform signatures and verification on EVM blockchains.
Architecture
The DIDroom’s architecture is heavily oriented towards microservices and focused on interoperability. The components used are:
- Credential issueing and verification: performed by independent microservices, each having its own identity (W3C-DID and OpenID4VCI, OpenID4VP) based on Zenswarm
- Authorization server
- Credential issuer
- Relying party
- Web based solution: based on Signroom and Starters, implemented in Go and Typescript, containing
- Web-based GUI to setup organizations, users, issueing and verification flows
- Admin-dashboard (Pocketbase), offers infrastructure and microservices setup, functionalities and appearance adjustment
- Database: GDPR compliante, uses LiteFS for scalability and redundance
- Mobile applications (Wallet and Verifier): built on CapacitorJS, support Truststed Execution Environment (TEE) Android an iOS, rely on Zenroom and its stack for cryptography and core business logic, Support SD-JWT and mDOC.
- Holder Wallet: can request, store and present an SD-JWT (PID, QEEA or EEA)
- Verifier app: manages a verification flow
Technology
DidRoom is based on a stack of open-source components and middlewares implemented by the Dyne.org Foundation during several H2020 and EC-funded research projects. The relevant
components of the Zenroom ecosystem are:
- The cryptographic virtual machine Zenroom: a multi-platform virtual machine for
cryptography (signatures, hashes, multisignature, zero knowledge proof, quantum proof cryptography) blockchain interoperability (Ethereum, Hyperledger Fabric and Sawtooth, Bitcoin, Planetmint), that supports W3C-DID and W3C.VC natively – https://zenroom.org/.
- Dyne.org’s W3C-DID implementation: a federated 4-levels W3C-DID service, supporting multiple storage mechanisms (filesystem, databases, blockchains, Git, IPFS) with a builtin explorer. Repo:
https://dyne.github.io/W3C-DID, DID explorer: https://explorer.did.dyne.org/.
- Zenswarm: blockchain oracle technology built for blockchain interoperability and offchain cryptography, with a built-in off-chain consensus algorithm, using Zenroom at its core and developed within the EBSI PCP, see homepage and repo.
- Signroom: Open source, modular, easy to extend, web-based service, leveraging Zenroom’s cryptographic capabilities, allowing users sign documents and objects, using W3C-DID identities.
- Microservices: Open source, collection of microservices to implement credential issuance and verification flows, compatible with OpenID4VCI and OpenID4VP flows, leveraging Zenroom’s cryptographic capabilities, programmable in Zencode.
- Modularity: the mobile applications are based on CapacitorJS, support TEE/Secure Enclave and use Zenroom (transcompiled to WASM and packaged into NPM), which insures minimal maintenance of the core component across all the Android and iOS releases. The GUI components are modular, easy for white-labeling and can be explored on our Storybook.
The architecture of the solution from the Github repo:
Repo and dashboard
Tech specs: https://github.com/ForkbombEu/didroom
Dashboard: https://didroom.com