Components
Last updated
Was this helpful?
Last updated
Was this helpful?
Inji Wallet utilizes multiple libraries to provide a seamless experience.
These libraries are accessible as NPM modules, allowing seamless integration with other mobile wallets.
The libraries are as follows:
Tuvali - Sharing via BLE SDK
Face Match SDK
Secure Keystore SDK
PixelPass SDK
VCI-client SDK
OpenID4VP - Online Sharing SDK
BLE Verifier SDK
Telemetry SDK(coming soon)
The transfer of downloaded Verifiable Credential from the Wallet to Verifier is facilitated by a React Native library named Tuvali.
Tuvali enables offline VC transfer between mobile devices via Bluetooth Low Energy (BLE). The below table represents the supported roles for Android and iOS devices.
Android
Android
Yes
iOS
Android
Yes
Android
iOS
No
iOS
iOS
No
Tuvali is actively developed and maintained by MOSIP.
It does not support iOS for initiating the BLE exchanges, hence preventing two iOS devices from transferring VC.
The face matcher SDK internally implements native functionalities for Android and iOS, utilizing Tensorflow and Google ML Kit to identify faces.
This SDK internally employs a tflite model, which must be created by the integrating party. The model, trained using resident faces, is stored on the MOSIP file server. Inji Wallet currently utilizes the face matcher SDK (soon to be replaced by the NPM module) for offline face authentication.
The SDK is employed in two scenarios:
During Offline VC Sharing: Residents can perform selfie authentication before sharing the VC with the relying party. The app opens the camera, allowing residents to take a selfie, which is then validated against the VC image to verify the resident's presence. During Online Login: Residents can scan the QR code from the relying party portal and opt to log in using Inji Wallet for services. In this process, residents undergo selfie authentication against the VC to confirm their presence.
Upon the initial launch of Inji Wallet, the model is downloaded in the background and stored in the cache. Refer here to check the API specifications for the face matcher model.
The secure-keystore library is designed for creating and storing key pairs in the hardware keystore of devices. The library supports encryption, decryption, HMAC calculation, and signing with aliases created during key pair generation.
This library is available for both Android and iOS platforms:
For Android: Refer to the secure-keystore Kotlin library.
For iOS: Refer to the secure-keystore-iOS Swift library.
Inji Wallet integrates with the secure-keystore library to ensure secure key management. To optimize the key size during credential download requests, Inji Wallet uses RSA-2048, ECR1, ECK1, ED25519 keys.
To check all the APIs supported by this module, refer here.
The PixelPass library offers a powerful solution for creating and decoding QR codes for Verifiable Credentials (VCs). It is designed to optimize the size of the data encoded within a QR code, making it easier to store and share credential information. The library achieves this by utilizing advanced compression and encoding techniques, ensuring smaller QR codes that maintain the integrity and security of the data.
PixelPass uses zlib compression with a level 9 setting, which significantly reduces the data size before encoding. It then applies base45 encoding to further compress the data into a QR code-friendly format. Additionally, the library can decode any QR code data previously encoded using its own compression and encoding algorithms, ensuring seamless interoperability.
Additionally, for a JSON data, the library employs CBOR encoding and decoding to minimize the size even further. When a JSON Mapper similar to Claim 169 is provided, PixelPass maps the data, applies CBOR encoding/decoding, and compresses the data, achieving maximum size reduction. Developed and maintained by MOSIP, PixelPass is continually updated to provide reliable and efficient QR code generation and decoding capabilities.
Note:
Refer to the PixelPass repository
To understand about the installation and the API documentation, refer here.
For a hands-on experience of Generate a VC, Generate QR Code for the VC and Verify the same using Inji Verify, please click here.
To check the NPM module, click here.
Maven snapshots are available here
VCI-Client library carries out the credential request from the consumer application (mobile wallet or web) and redirects the issuance/issuer. The library creates a request with the credential format, jwtproof of the wallet, issuer metadata and the access token received for authorization and provides VC as the response back to the consumer application for storage.
Note:
This OpenID4VP library enables consumer applications (mobile wallet) to share users Verifiable Credentials with Verifiers who request them online. It adheres to the OpenID4VP specification which outlines the standards for requesting and presenting Verifiable Credentials.
Receives the Verifier's Authorization Request sent by the consumer application (mobile wallet).
Authenticates the Verifier using the received client_id and validates the whole Request to check if the required details are present or not and then returns the Authorization Request to the consumer application if all the validations are successful.
Receives the list of Verifiable Credentials from the consumer application which are selected by the consumer application end-user based on the credentials requested as part of Verifier Authorization request.
Constructs the vp_token without proof section and sends it back to the consumer application for generating Json Web Signature (JWS).
Receives the generated signature along with the other details and generates vp_token with proof section & presentation_submission.
Sends a POST request with generated vp_token and presentation_submission to the received Verifier's response_uri endpoint.
Note:
The BLE Verifier is the module built for verifiers for receiving VC via BLE. This is a wrapper built on Tuvali with simplified APIs.
To know more about API and how to integrate, refer here.
Note:
To check the NPM module, click here.
The telemetry module is derived from the sunbird telemetry module. It is responsible for generating events that can provide valuable analytics.
Note: The publication of this project is currently a work in progress and has not been released yet. Stay tuned for further announcements!
To know more about each of these, refer Integration Guides.
