Privado ID Issuer Node

Streamline the Verifiable Credentials issuance process with the user-friendly API and UI of the Issuer Node within the Privado ID ecosystem. The on-premise (self-hosted) Issuer Node, seamlessly integrated with a robust suite of tools including the mobile Wallet, Schema Builder, and Credential Marketplace, guarantees a frictionless experience for effortlessly issuing and verifying credentials.

Features:

• Create Issuer Identities.
• Issue VCs.
• Revoke VCs.
• Fetch VCs.
• Transit Issuer's state.
• Create Issuer-User connections.
• Issuer's UI.

---

Table of Contents

• Privado ID Issuer Node
  • Table of Contents
  • Quick Start Installation
    • Prerequisites
    • Install and run Issuer Node API and UI
    • Running only Issuer Node API
  • KMS Providers Configuration
  • Quick Start Demo
  • Documentation
  • Tools
  • License

Quick Start Installation

Note

The provided installation guide is non-production ready. For production deployments please refer to Standalone Mode Guide.

There is no compatibility with Windows environments at this time. While using WSL should be ok, it's not officially supported.

Prerequisites

• Unix-based operating system (e.g. Debian, Arch, Mac OS)
• Docker Engine 1.27+
• Makefile toolchain GNU Make 3.81
• Publicly accessible URL - The issuer node API must be publicly reachable. Please make sure you properly configure your proxy or use a tool like Localtunnel for testing purposes.
• Polygon Amoy or Main RPC - You can get one in any of the providers of this list
  • Chainstack
  • Ankr
  • QuickNode
  • Alchemy
  • Infura

Install and run Issuer Node API and UI

Note

This Quick Installation Guide is prepared for Polygon Amoy (Testnet) both for the state contract and issuer dids.

In this section we will see how to install the issuer node api and the UI along with the necessary infrastructure in the most basic way, without too much customization.

1. Copy the config sample file:

cp .env-issuer.sample .env-issuer

2. Fill the .env-issuer config file with the proper variables:

.env-issuer

ISSUER_SERVER_URL=<PUBLICLY_ACCESSIBLE_URL_POINTING_TO_ISSUER_SERVER_PORT>
ISSUER_API_AUTH_USER=user-issuer
ISSUER_API_AUTH_PASSWORD=password-issuer

3. Create a file with the networks' configuration. You can copy and modify the provided sample file:

cp resolvers_settings_sample.yaml resolvers_settings.yaml

then modify the file with the proper values. The most important fields to run the issuer node are RPC (networkURL) fields. In this file you can define customizations for each type of blockchain and network. For this example, we only need to define the RPCs. that will use.

4. Copy .env-ui sample file and fill the needed env variables:

cp .env-ui.sample .env-ui

The default UI has basic authentication configured, you must establish the credentials by modifying the value of the following variables

.env-ui

ISSUER_UI_AUTH_USERNAME=user-ui
ISSUER_UI_AUTH_PASSWORD=password-ui

If you want to disable UI authentication, you must change the value of the following variable to true:

ISSUER_UI_INSECURE=true

5. Run API, UI and infrastructure (Postgres, Vault and Redis)

To do a build and start both the API and the UI in a single step, you can use the following command:

make run-all

then visit

• http://localhost:8088/ to access the UI
• http://localhost:3001/ to access the API.

6. Import your private Key: Write the private key in Vault. This step is needed in order to be able to transit the issuer's state. To perform that action the given account has to be funded. For Amoy network you can request some testing Matic here

make private_key=<private-key> import-private-key-to-kms

Running only Issuer Node API

If you want to run only the API, you can follow the steps below. You have to have the .env-issuer file filled with the proper values and the resolver_settings.yaml file with the proper RPCs. Then run:

make run

---

Troubleshooting:

In order to stop all the containers, run the following command:

[!NOTE] This will not delete the data in the vault and the database.

make stop-all

To stop only the API and UI container, run:

make stop

If you want to delete all the data in the vault and the database, run:

make clean-volumes

If for some reason you only need to restart the UI, run:

make run-ui

To restart the api after changes (pull code with changes):

make build && make run

KMS Providers Configuration

Consider that if you have the issuer node running, after changing the configuration you must restart it. In all options the .env-issuer file is necessary.

Running issuer node with local storage file instead of Vault

The issuer node can be configured to use a local storage, that is, a local file, as kms provider. This alternative can be useful in development or testing environments. To do it:

Setup environment variables in .env-issuer file:

ISSUER_KMS_BJJ_PROVIDER=localstorage
ISSUER_KMS_ETH_PROVIDER=localstorage

To import the private key necessary to transition onchain states, the command is the same as explained before.

Quick Start Demo

This Quick Start Demo will walk you through the process of issuing and verifying your first credential.

Documentation

• Issuer Node resources
• Privado ID core concepts

Tools

Warning

Demo Issuer and Verifier Demo are for testing purposes only.

• Schema Builder - Create your custom schemas to issue VC.
• Demo Issuer UI - Test our Issuer Node UI.
• Verifier Demo - Verify your VCs.
• Polygon ID Android Mobile App
• Polygon ID IOS Mobile App
• Marketplace - Explore credentials submitted by trusted issuers.

License

See LICENSE.