Spruce Developer Update #9
At Spruce, we’re building the most secure and convenient way for developers to share authentic data. Here’s the latest from our development efforts:
Tezos Profiles & Kepler
Tezos Profiles (TZP) is an in-development web application that helps users regain control of their digital identity for use across platforms. It allows users to create portable verified profiles by demonstrating control over their public social media accounts, and by associating self-attested basic profile information. These verified profiles are then linked to Tezos accounts, allowing any platform to resolve and establish trusted information to mitigate identity fraud.
Tezos Profiles uses Kepler. Kepler provides an IPFS-like storage system bucketed by “orbits”. An orbit is a logical store of content with access permissions and replication that is bounded by an authorization model defined by the orbit commander. Over the past month at Spruce we’ve implemented a Kepler MVP with initial support for the Tezos ecosystem, along with a TypeScript Client which integrates with the Beacon Wallet tool suite to provide decentralized storage for Tezos DApp users and developers.
We’re currently in the final phases of testing to enable users to access two credential workflows:
- Basic profile: self-attested information that contains a name, description, website, and logo.
- Twitter account: users tweet a signature message that can be verified using a CloudFlare worker to associate their Twitter account to their Tezos account.
After receiving credentials, users then are able to take the following actions:
- Upload their credentials to a Kepler Orbit specific to that user and under their control. It can then be replicated to Kepler hosts authorized by the user to hold those credentials.
- Deploy their own smart contract which references the content stored in the Tezos Profile, and contains content hashes to prevent any tampering. A reference, hash, and content type are all the information stored on-chain, which allows deletion of claims to still be privacy-preserving.
We’ve also developed a TypeScript SDK to manage Tezos Profiles directly, along with more general tools for the management of the base smart contract if a user wishes to repurpose the content-validation features for other applications.
DIDKit is a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).
- Published DIDKit to PyPi, now available through pip install.
- Published didkit, didkit-cli and didkit-http to crates.io.
- Published DIDKit WASM to npm
- Published ssi-contexts v0.1.0, ssi v0.2.1, did-method-key v0.1.1.
- Implemented Verification Method using Tezos Signed Messages.
- Updated to use RustCrypto implementation of secp256k1 (K-256).
- Demoed at Internet Identity Workshop (IIW).
Credible is a credential wallet for the verification, storage, and presentation of Verifiable Credentials using Decentralized Identifiers. We’ve recently updated our dependencies, fixed a number of SafeArea issues on all pages, fixed both our Android and iOS CI, and lastly fixed Credible’s iOS build files.