Standards and Protocols used by Paradym
Paradym is built on open standards and protocols. For a truly interoperable internet, open standards and protocols are essential.
When using Paradym and the Paradym Wallet, the standards and protocols on this page are supported out of the box and no additional configuration is required on your end. If you’re building a custom holder wallet that needs to interact with Paradym, see the Integrating with a Holder Wallet page for more information.
Just like there are different credential formats, there are different protocols for exchanging verifiable credentials. Choosing a protocol can be dependent on the required functionality or the required interoperability/support you want to achieve.
The Paradym API and dashboard support SD-JWT verifiable credentials over OpenID4VC and AnonCreds verifiable credentials over DIDComm
SD-JWT VCs / mDoc / OpenID4VC
| Description | |
|---|---|
| OpenID for Verifiable Credential Issuance | OpenID for Verifiable Credential Issuance 1.0 (or drafts 11 through 14 for legacy projects) are supported for issuance of verifiable credentials from Paradym to a Holder Wallet. A wallet interacting with Paradym needs to support at least the Pre-Authorized Code Flow with the jwt proof type. Either did:jwk or did:key are supported as subject identifiers for credentials issued with a DID in jwt proof. For credentials issued with an X509 certificate JWKs are supported as subject in jwt proof. |
| OpenID for Verifiable Presentations | OpenID for Verifiable Presentations 1.0 (or draft 21 for legacy projects) is used for verification of verifiable credentials in Paradym from a Holder Wallet. |
| SD-JWT-based Verifiable Credential (SD-JWT VC) | SD-JWT Verifiable Credentials - Draft 13 is used. SD-JWT Verifiable Credentials provide support for selective disclosure of attributes, increasing end-user privacy. |
| ISO 18013-5 mDoc | ISO 18013-5 . mDoc credentials provide support for selective disclosure of attributes, and global adoption. Integration of mDoc with OpenID4VP is based on ISO 18013-7 . |
| Decentralized Identifiers | Decentralized Identifiers are cryptographically verifiable identifiers not bound to a centralized registry. For issuance of SD-JWT Verifiable Credentials either an X509 certificate is used, or a DID with method did:web, did:cheqd:testnet or did:cheqd:mainnet is used. For subject binding in SD-JWT Verifiable Credentials either a JWK is supported, or a DID with method did:key or did:jwk is supported. |
| Token Status List | Token Status List - Draft 13 . |
| OpenID4VC High Assurance Interoperability Profile (HAIP) | Hight Assurance Interoperability Profile 1.0 is supported, except for the iss value in the Authorization Response, which is currently not used. |
AnonCreds / DIDComm
| Description | |
|---|---|
| Hyperledger Aries | Hyperledger Aries is leveraged for a secure and encrypted communication channel between Paradym and a Holder Wallet. The standards used within Hyperledger Aries also defines protocols to issue verifiable credentials from an issuer to a holder, and request presentations from a holder as a verifier. |
| Hyperledger AnonCreds | Hyperledger AnonCreds provides support for zero-knowledge proofs verifiable credentials. Paradym supports issuance and verification of AnonCreds credentials |
| Decentralized Identifiers | Decentralized Identifiers are cryptographically verifiable identifiers not bound to a centralized registry. For issuance of AnonCreds credenials did:web, did:cheqd:testnet or did:cheqd:mainnet DIDs are used. |
| Cheqd | cheqd is a blockchain network, built in the Cosmos ecosystem for Self-Sovereign Identity. |