Standards and Protocols used by Paradym
Paradym is built on open standards and protocols. For a truly interoperable internet, open standards and protocols are essential.
💡
When using Paradym and the Paradym Wallet, the standards and protocols on this page are supported out of the box and no additional configuration is required on your end. If you're building a custom holder wallet that needs to interact with Paradym, see the Integrating with a Holder Wallet page for more information.
Just like there are different credential formats, there are different protocols for exchanging verifiable credentials. Choosing a protocol acan be dependent on the required functionality or the required interoperability/support you want to achieve.
Paradym offers two combinations:
- The Paradym API and dashboard support SD-JWT verifiable credentials over OpenID4VC
- The Paradym workflow builder supports AnonCreds verifiable credentials over DIDComm
SD-JWT VCs / OpenID4VC
| Description | |
|---|---|
| OpenID for Verifiable Credential Issuance | OpenID for Verifiable Credential Issuance - Draft 11 (opens in a new tab) is used for issuance of verifiable credentials from Paradym and a Holder Wallet. A wallet interacting with Paradym needs to support at least the Pre-Authorized Code Flow (opens in a new tab) with the jwt proof type (opens in a new tab). Either did:jwk or did:jwk are supported as subject identifiers in jwt proof. |
| OpenID for Verifiable Presentations | OpenID for Verifiable Presentations - Implementers Draft 2 (Draft 18) (opens in a new tab) is used for verification of verifiable credentials in Paradym from a Holder Wallet. |
| SD-JWT-based Verifiable Credential (SD-JWT VC) | SD-JWT Verifiable Credentials - Draft 1 (opens in a new tab) is used as the credential format using OpenID for Verifiable Credentials. SD-JWT Verifiable Credentials provide support for selective disclosure of attributes, increasing end-user privacy. |
| Decentralized Identifiers | Decentralized Identifiers (opens in a new tab) are cryptographically verifiable identifiers not bound to a centralized registry. For issuance of SD-JWT Verifiable Credentials did:web DIDs are used. For subject binding in SD-JWT Verifiable Credentials either did:key or did:jwk DIDs are supported. |
| Token Status List | Token Status List - Draft 2 (opens in a new tab). |
AnonCreds / DIDComm
| Description | |
|---|---|
| Hyperledger Aries | Hyperledger Aries is leveraged for a secure and encrypted communication channel between Paradym and a Holder Wallet. The standards used within Hyperledger Aries also defines protocols to issue verifiable credentials from an issuer to a holder, and request presentations from a holder as a verifier. |
| Hyperledger AnonCreds | Hyperledger AnonCreds (opens in a new tab) provides support for zero-knowledge proofs verifiable credentials. Paradym supports issuance and verification of AnonCreds credentials |
| Decentralized Identifiers | Decentralized Identifiers (opens in a new tab) are cryptographically verifiable identifiers not bound to a centralized registry. For issuance of AnonCreds credenials did:cheqd DIDs are used. |
| Cheqd | cheqd (opens in a new tab) is a blockchain network, built in the Cosmos ecosystem for Self-Sovereign Identity. |