Check provides the following 4 core services:

• ☑️ Verification Service: Verifies the authenticity of a web shop or any other web site by discovering the Decentralized Identifier and retrieving publicly linked Verifiable Credentials. Verifiable credentials allow any third party to determine the authenticity of the personal or legal identity that stands behind the visited web site.
• 🔍 Verification Service Interface: Visualizes the data from the Verification Service and provides an interactive query interface.
• ✨ Embedded Verification Inferace: Visualizes the data from the Verification Service as an trust mark that is embedded inside a web shop.
• 🔁 Verifiable Data Service: Verifies the authenticity of ecommerce customers by receiving Verifiable Credentials from customer wallets and providing the verified data to the web shop.

• 🔍 Verification Service Interface
• ✨🔁 Demo Shop: A demo web shop with a verifiable identity.
• ✨🔁 Evil Demo Shop: An evil demo web shop tries to claim the identity of Demo Shop by referencing its identity.
  • Technical explanation: Shop has it's own DID but the Well-Known DID Configuration has been copied straight from the Demo Shop.
• ✨🔁 Evil2 Demo Shop: A second evil demo web shop tries to claim the identity of Demo Shop by copying its the credentials.
  • Technical explanation: Shop has it's own DID and the Well-Known DID Configuration has been self-issued by that DID. Also the Linked Verifiable Presentation has been self-issued by that DID, however the included credentials have been copied from the Demo Shop.
• ✨🔁 Evil3 Demo Shop: A third evil demo web shop tries to claim the identity of Demo Shop by referencing its identity in a similar but different way than the first Evil Demo Shop.
  • Technical explanation: Shop has it's own DID and the Well-Known DID Configuration has been self-issued. However, the credentialSubject.id points to the Demo Shop's DID.

• ☑️ Verification Service
• 🔁 Verifiable Data Service - Demo Shop
• 🔁 Verifiable Data Service - Evil Demo Shop
• 🔁 Verifiable Data Service - Evil2 Demo Shop
• 🔁 Verifiable Data Service - Evil3 Demo Shop

1. Ensure services that bind IPv6 addresses are also bound to IPv4 addresses. sysctl net.ipv6.bindv6only must return net.ipv6.bindv6only = 0.
   • Add net.ipv6.bindv6only = 0 to /etc/sysctl.conf if a different value is returned.
2. Clone this repository, including submodules: git clone --recurse-submodules https://github.com/identinet/check.git
3. Install all depedencies
   • On Nix/NixOS: direnv installs all dependencies automatically via: direnv allow directory and the service directories view direnv allow
4. Integrate direnv with your shell and grant it access to the root directory of the repository and all serivce directories
   • INFO: If you don't use Nix/NixOS, you'll receive get an error that use flake doesn't work. Direnv will still load the necessary environment variables. To silence the error, you can safely remove the line starting with use flake in the .envrc files.
5. Install a develpoment CA and register it in your browser via mkcert
6. (Optional) Request a cloudflare tunnel configuration so that services like the Verifiable Data Service can be developed locally while being accessible from the Internet and communicate with mobile wallets.
   • Store the configuration in the root of the repository at .cloudflared/tunnel.json.
   • Set the tunnel user in file .env.local:

TUNNEL_USER=<your_username>

• (CI) Nix
• (CI) Skopeo
• (CI) git-cliff
• (CI) Github CLI
• Caddy reverse proxy
• Deno
• Docker
• Just task runnner
• Nodejs 22
• Nushell
• Rust toolchain
• direnv environment loader
• mkcert development CA

1. Start caddy reverse proxy: just dev
2. (Optional) Start cloudflare tunnel: just tunnel
3. Start services, e.g. cd ./services/demo-shop; just dev
4. Access services (At the start, caddy prints all available URLs)

This project has received funding from the European Union's Horizon 2020 research and innovation program within the framework of the TRUSTCHAIN Project funded under grant agreement 101093274.