Add Claim to Self-Sovereign Identity (SSI)

A claim is a qualification, achievement, quality, or piece of information about an entity’s background such as a name, government ID, payment provider, home address, or university degree. Such a claim describes a quality or qualities, property or properties of an entity which establish its existence and uniqueness. If a claim has been attested by a third party it becomes a verifiable claim.

Claims can be added via our web based wallet, our server based wallet, web services API but also via our websocket API.

To be able to add a claim to an identity please note that you need to have the permissions/rights (also called role) to add such a claim.

Add Claim via WebSocket

We created a helper function in our JSON Namespace called CreateAddClaim to create the JSON package to be sent to the server.

The function requires the following parameter:

ssiaddress: Self-Sovereign Identity Address to add claim to.

myaddress: Blockchain address used to add claim. Make sure the server hosted key is unlocked. For example with the function EncryptedPasswordJSONToken.

claimtype: Type of claim (uint256) being added. For example 1 for email, 2 for full name, 3 for residence and 4 for biometric, etc.

When using a dot notation for the ClaimType number (like OIDs) a claim becomes an entry in the Capabilities Matrix. For example number 1.1, 1.4.5, 2.1343.1, etc.

schemestr: The scheme with which this claim should be verified or how it should be processed. Its a uint256 for different schemes. It can mean different key types e.g. 1 = ECDSA, 2 = RSA, etc. It could also mean contract verification, where the data will be call data, and the issuer a contract address to call.

dataHEX: The hash of the claim data, sitting in another location, a bit-mask, call data, or actual data based on the claim scheme. If not in HEX already function will convert data to HEX.

signatureHEX: Signature which is the proof that the claim issuer issued a claim of topic for this identity. It MUST be a signed message of the following structure: keccak256(address identityHolder_address, uint256 _ ClaimType, bytes Data).

uri: The location of the claim, this can be HTTP links, swarm hashes, IPFS hashes, and such.

issuer: The issuers identity contract address, or the address used to sign the above signature. If an identity contract, it should hold the key with which the above message was signed, if the key is not present anymore, the claim SHOULD be treated as invalid. The issuer can also be a contract address itself, at which the claim can be verified using the call data.

password: This is an optional parameter which will cause automatically the server hosted key to be unlocked. Also if signatureHEX is not specified then it will be calculated.

The output will look like:

{“@type”:”specs/commands”,”@command”:”addclaim”,”thid”:”75e631ed-edce-4b33-9983-fc244ec10743″,”myaddress”:”0xb5cae8fb7f6ec058d071cb9802d02305ac430a9d”,”ssiaddress”:”0x1dca60dc4f40f3c05cb33dcdf48eae9cc9efd116″,”claimtype”:”102″,”datahex”:”73696D706C6573746F72616765″,”scheme”:”1″,”signaturehex”:”0xe0e17c9fab2560edb879ea5e37b4dbb850bb1550b0e25286228e6907a180aa186a2cfff4b39e2ee69f3be1e8f6621889d17a899d1ed32ab7d1f2ba5fde4e3eae1c”,”issuer”:”0xb5cae8fb7f6ec058d071cb9802d02305ac430a9d”}

Once you send the above data to the server you will receive a base64 encoded string like:

eyJhbGciOiJFUzI1NiIsIngiOiJJdVpSeWFHcVBCVnZ6bk9RSlR6eTlkTUlxZ0QxdVU3QVIzVXlDS3ViUWVNIiwieSI6Ik9PV2F0Y01aUE5KT3NMWEN5NHFSMkNEZ3IxM29kR3RyMkdRbHRyZkNFNVUifQ.eyJTZXNzaW9uSUQiOiIzYmUyOTJhMi1hYjUzLTQ1MTktYjk5ZC1iZTIzZTFjZTAxMGUiLCJ0cmFuc2FjdGlvbiI6IjB4N2QyNGFmZDEzZTU1ZmMxNTNkOWVmMWY3MTUwMzY0MzE0NDEzNWIxMzNiODMxOTU4ZWFmYWJlYTQwYmUxZDEyZiJ9.uPzl38CAjOXZvS3nI-YxFcmx_J8PyS8n67IzbWX_0KinoPPc4wPUwLxC2jqKIp5sGJ1I4ON_ZfCOCbM7WFf2iw

If you decode this string you get:

{“alg”:”ES256″,”x”:”IuZRyaGqPBVvznOQJTzy9dMIqgD1uU7AR3UyCKubQeM”,”y”:”OOWatcMZPNJOsLXCy4qR2CDgr13odGtr2GQltrfCE5U”} {“SessionID”:”3be292a2-ab53-4519-b99d-be23e1ce010e”,”transaction”:”0x7d24afd13e55fc153d9ef1f71503643144135b133b831958eafabea40be1d12f”} {“signature”:”uPzl38CAjOXZvS3nI-YxFcmx_J8PyS8n67IzbWX_0KinoPPc4wPUwLxC2jqKIp5sGJ1I4ON_ZfCOCbM7WFf2iw”}

CreateGetClaims

The helper API CreateGetClaims creates the JSON required to query for claims of an identity. It returns a JSON like:

{“@type”:”specs/commands”,”@command”:”claims”,”thid”:”1d343bb8-643b-4866-bebf-488fefd47be0″,”ssiaddress”:”0x1dca60dc4f40f3c05cb33dcdf48eae9cc9efd116″,”claimtype”:”102″}

If you send this JSON via Web Socket to the node you get:

eyJhbGciOiJFUzI1NiIsIngiOiJJdVpSeWFHcVBCVnZ6bk9RSlR6eTlkTUlxZ0QxdVU3QVIzVXlDS3ViUWVNIiwieSI6Ik9PV2F0Y01aUE5KT3NMWEN5NHFSMkNEZ3IxM29kR3RyMkdRbHRyZkNFNVUifQ.eyJTZXNzaW9uSUQiOiIzZjljMzk4Yy00MzlkLTQ2NDEtODM0MC1mOWE3MTA0ZDQ4MDgiLCJhZGRyZXNzY2xhaW1zIjp7InNzaWFkZHJlc3MiOiIweDFkY2E2MGRjNGY0MGYzYzA1Y2IzM2RjZGY0OGVhZTljYzllZmQxMTYiLCJjbGFpbXR5cGUiOiIxMDIiLCJjbGFpbXMiOlt7ImNsYWltaWQiOiIweDQwOTNmOTc0OWYwODZlMWExYzNkYjM1NmM0NTQ1ZmZlYTFiNGRlMTJjZmUwZTZjNWVhODBiZWExZTFkNmI3MWUiLCJpc3N1ZXIiOiIweGI1Y2FlOGZiN2Y2ZWMwNThkMDcxY2I5ODAyZDAyMzA1YWM0MzBhOWQiLCJzY2hlbWUiOiIxIiwiZGF0YWhleCI6IjB4NzM2OTZkNzA2YzY1NzM3NDZmNzI2MTY3NjUiLCJzaWduYXR1cmVIRVgiOiIweGUwZTE3YzlmYWIyNTYwZWRiODc5ZWE1ZTM3YjRkYmI4NTBiYjE1NTBiMGUyNTI4NjIyOGU2OTA3YTE4MGFhMTg2YTJjZmZmNGIzOWUyZWU2OWYzYmUxZThmNjYyMTg4OWQxN2E4OTlkMWVkMzJhYjdkMWYyYmE1ZmRlNGUzZWFlMWMiLCJzaWduZXIiOiIweGI1Y0FlOEZiN2Y2RWMwNThEMDcxQ2I5ODAyZDAyMzA1QWM0MzBhOUQifV19fQ.hwFVp18F0qbO_nIvFzNQr6eUpttDynb0h0BVh0nLn7d1c0xQOHqxmkepjxJ08y1XnfjkibmqUTaeOzlIgi9t0Q

Or decoded:

{“alg”:”ES256″,”x”:”IuZRyaGqPBVvznOQJTzy9dMIqgD1uU7AR3UyCKubQeM”,”y”:”OOWatcMZPNJOsLXCy4qR2CDgr13odGtr2GQltrfCE5U”} {“SessionID”:”3f9c398c-439d-4641-8340-f9a7104d4808″,”addressclaims”:{“ssiaddress”:”0x1dca60dc4f40f3c05cb33dcdf48eae9cc9efd116″,”claimtype”:”102″,”claims”:[{“claimid”:”0x4093f9749f086e1a1c3db356c4545ffea1b4de12cfe0e6c5ea80bea1e1d6b71e”,”issuer”:”0xb5cae8fb7f6ec058d071cb9802d02305ac430a9d”,”scheme”:”1″,”datahex”:”0x73696d706c6573746f72616765″,”signatureHEX”:”0xe0e17c9fab2560edb879ea5e37b4dbb850bb1550b0e25286228e6907a180aa186a2cfff4b39e2ee69f3be1e8f6621889d17a899d1ed32ab7d1f2ba5fde4e3eae1c”,”signer”:”0xb5cAe8Fb7f6Ec058D071Cb9802d02305Ac430a9D”}]}} {“signature”:”hwFVp18F0qbO_nIvFzNQr6eUpttDynb0h0BVh0nLn7d1c0xQOHqxmkepjxJ08y1XnfjkibmqUTaeOzlIgi9t0Q”}