Supported Protocols and Formats
This page documents which cryptographic algorithms, key types and SSI formats and protocols are supported. Various protocols have a draft status and success on using them may vary.
Cryptographic Algorithms
The following cryptographic signing algorithms are supported:
ECDSA with the NIST P-256, P-384 and P-512 curves.
EdDSA with Ed25519 curves.
RSASSA-PSS RSA with keys of at least 2048 bits.
The following encryption algorithms are supported:
RSA-OAEP-SHA256 (min. 2048 bits)
ECDH-ES+A256KW
AES-GCM-256
DID methods
The following DID methods are supported:
did:nuts
(creating and resolving)did:web
(creating and resolving)did:key
(resolving)did:jwk
(resolving)
Credentials
W3C Verifiable Credentials v1 and Presentations are supported (issuing and verifying) in JSON-LD and JWT format.
The following protocols are being implemented (work in progress):
OpenID4VP verifier and SIOPv2 relying party for requesting a presentation from a wallet.
OpenID4VCI issuer for issuing a credential to a wallet.
OpenID4VCI wallet for receiving a credential from an issuer.
DIIP Compliance
We strive to be complient with the DIIP components as specified by the Dutch Blockchain Coalition. The following components are supported:
OpenID for Verifiable Credential Issuance ✓ (wallet only)
OpenID for Verifiable Presentations ✓
SIOP V2 (Not relevant for organisation wallet agents)
DIF Presentation Exchange ✓
W3C Verifiable Credential JWT ✓
DID methods:
did:web
anddid:jwk
✓Signature types
ES256
✓Revocation method: StatusList 2021 ✓