Implements verifiable credentials for issuing, presentation, and validation across various applications, supporting W3C and ISO standards, ARIES protocols, OpenID, and customizable cryptographic operations.
VC-K is a comprehensive Kotlin Multiplatform library for implementing digital identity solutions, with full support for modern credential standards and protocols. It enables developers to build wallet applications, verifier systems, and issuer services using a single, consistent API across multiple platforms.
Designed with developers in mind, VCK provides a flexible, modular architecture that simplifies the implementation of complex identity workflows while maintaining compatibility with the broader digital identity ecosystem, including the EU Digital Identity Wallet (EUDI Wallet).
Notable features to fully support Kotlin multiplatform are:
ZlibService
Some parts for increased multiplatform support have been extracted into separate repositories:
The main entry point for applications is an instance of HolderAgent, VerifierAgent or IssuerAgent, according to the nomenclature from the W3C VC Data Model.
Many classes define several constructor parameters, some of them with default values, to enable a simple form of dependency injection. Implementers are advised to specify the parameter names of arguments passed to increase readability and prepare for future extensions.
VC-K implements multiple credential formats to ensure maximum interoperability:
When using the plain JWT representation, the single credential itself is an instance of CredentialSubject. For ISO mDoc claims see IssuerSignedItems and related classes like Document and MobileSecurityObject. For SD-JWT claims see SelectiveDisclosureItem and SdJwtSigned.
Other libraries implementing credential schemes may call LibraryInitializer.registerExtensionLibrary() to register with this library. See our implementation of the EU PID credential and our implementation of the Mobile Driving Licence for examples. We also maintain a comprehensive list of all credentials powered by this library.
VC-K provides full implementations of the OpenID protocol family for credential issuance and presentation:
OpenID4VCI (OpenID for Verifiable Credential Issuance): Standards-compliant credential issuance flows (OpenID for VCI), including:
WalletService and CredentialIssuer
OpenID4VP (OpenID for Verifiable Presentations): Complete holder and verifier implementation (OpenID for VP), supporting:
direct_post and direct_post.jwt
OpenId4VpVerifier and OpenId4VpHolder
VC-K is designed to be fully compatible with the EU Digital Identity Wallet (EUDI Wallet) ecosystem:
VC-K demonstrated very high interoperability with various implementations across the digital identity ecosystem. The library has been successfully tested and validated at Interop Events for Potential, showcasing compatibility with:
VC-K uses a modular structure to separate concerns. Hence, depending on the use cases you want to cover, you will need different artifacts:
| Artefact | Info |
|---|---|
vck |
VC-K base functionality. Contains business logic for creating, issuing, presenting, and verifying credentials. |
vck-openid |
OpenID protocol implementation, including OpenID4VCI. Contains client and server authentication business logic and the actual issuing protocol. |
vck-openid-ktor |
Contains ktor-based OpenID4VCI client and OpenID4VP wallet implementations. |
dif-data-classes |
DIF Presentation Exchange v1.0.0 data classes. Does not depend on any other vck artefact and can hence be used independently of VC-K! |
openid-data-classes |
OpenID data classes. Only depends on dif-data-classes and csc-data-classes and can hence be used independently of VC-K! |
csc-data-classes |
CSC data classes. Does not depend on any other vck artefact and can hence be used independently of VC-K! |
Simply declare the desired dependency to get going. This will usually be one of:
implementation("at.asitplus.wallet:vck:$version")implementation("at.asitplus.wallet:vck-openid:$version")Everything else (serialization, crypto through Signum, …) will be taken care of.
Therefore, do not manually add serialization dependencies! In case you are using this project in a codebase with dependencies on kotlinx-serialization, please use the vck-versionCatalog artefact to keep versions in sync.
If you
As discovered in #226, using the deprecated io.spring.dependency-management will cause issues.
The actual credentials are provided as discrete artefacts and are maintained separately over here. It is fine to add credentials and VC-K to as project dependencies, e. g., to use a version of VC-K that is more recent than the one a certain credentials depends on.
External contributions are greatly appreciated! Be sure to observe the contribution guidelines (see CONTRIBUTING.md). In particular, external contributions to this project are subject to the A-SIT Plus Contributor License Agreement (see also CONTRIBUTING.md).
 |
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 959072. |
|---|
|
Co‑Funded by the European Union |
This project has received funding from the European Union’s Digital Europe Programme (DIGITAL), Project 101102655 — POTENTIAL. |
|---|
The Apache License does not apply to the logos, (including the A-SIT logo) and the project/module name(s), as these are the sole property of A-SIT/A-SIT Plus GmbH and may not be used in derivative works without explicit permission!
VC-K is a comprehensive Kotlin Multiplatform library for implementing digital identity solutions, with full support for modern credential standards and protocols. It enables developers to build wallet applications, verifier systems, and issuer services using a single, consistent API across multiple platforms.
Designed with developers in mind, VCK provides a flexible, modular architecture that simplifies the implementation of complex identity workflows while maintaining compatibility with the broader digital identity ecosystem, including the EU Digital Identity Wallet (EUDI Wallet).
Notable features to fully support Kotlin multiplatform are:
ZlibService
Some parts for increased multiplatform support have been extracted into separate repositories:
The main entry point for applications is an instance of HolderAgent, VerifierAgent or IssuerAgent, according to the nomenclature from the W3C VC Data Model.
Many classes define several constructor parameters, some of them with default values, to enable a simple form of dependency injection. Implementers are advised to specify the parameter names of arguments passed to increase readability and prepare for future extensions.
VC-K implements multiple credential formats to ensure maximum interoperability:
When using the plain JWT representation, the single credential itself is an instance of CredentialSubject. For ISO mDoc claims see IssuerSignedItems and related classes like Document and MobileSecurityObject. For SD-JWT claims see SelectiveDisclosureItem and SdJwtSigned.
Other libraries implementing credential schemes may call LibraryInitializer.registerExtensionLibrary() to register with this library. See our implementation of the EU PID credential and our implementation of the Mobile Driving Licence for examples. We also maintain a comprehensive list of all credentials powered by this library.
VC-K provides full implementations of the OpenID protocol family for credential issuance and presentation:
OpenID4VCI (OpenID for Verifiable Credential Issuance): Standards-compliant credential issuance flows (OpenID for VCI), including:
WalletService and CredentialIssuer
OpenID4VP (OpenID for Verifiable Presentations): Complete holder and verifier implementation (OpenID for VP), supporting:
direct_post and direct_post.jwt
OpenId4VpVerifier and OpenId4VpHolder
VC-K is designed to be fully compatible with the EU Digital Identity Wallet (EUDI Wallet) ecosystem:
VC-K demonstrated very high interoperability with various implementations across the digital identity ecosystem. The library has been successfully tested and validated at Interop Events for Potential, showcasing compatibility with:
VC-K uses a modular structure to separate concerns. Hence, depending on the use cases you want to cover, you will need different artifacts:
| Artefact | Info |
|---|---|
vck |
VC-K base functionality. Contains business logic for creating, issuing, presenting, and verifying credentials. |
vck-openid |
OpenID protocol implementation, including OpenID4VCI. Contains client and server authentication business logic and the actual issuing protocol. |
vck-openid-ktor |
Contains ktor-based OpenID4VCI client and OpenID4VP wallet implementations. |
dif-data-classes |
DIF Presentation Exchange v1.0.0 data classes. Does not depend on any other vck artefact and can hence be used independently of VC-K! |
openid-data-classes |
OpenID data classes. Only depends on dif-data-classes and csc-data-classes and can hence be used independently of VC-K! |
csc-data-classes |
CSC data classes. Does not depend on any other vck artefact and can hence be used independently of VC-K! |
Simply declare the desired dependency to get going. This will usually be one of:
implementation("at.asitplus.wallet:vck:$version")implementation("at.asitplus.wallet:vck-openid:$version")Everything else (serialization, crypto through Signum, …) will be taken care of.
Therefore, do not manually add serialization dependencies! In case you are using this project in a codebase with dependencies on kotlinx-serialization, please use the vck-versionCatalog artefact to keep versions in sync.
If you
As discovered in #226, using the deprecated io.spring.dependency-management will cause issues.
The actual credentials are provided as discrete artefacts and are maintained separately over here. It is fine to add credentials and VC-K to as project dependencies, e. g., to use a version of VC-K that is more recent than the one a certain credentials depends on.
External contributions are greatly appreciated! Be sure to observe the contribution guidelines (see CONTRIBUTING.md). In particular, external contributions to this project are subject to the A-SIT Plus Contributor License Agreement (see also CONTRIBUTING.md).
|
|
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 959072. |
|---|
|
Co‑Funded by the European Union |
This project has received funding from the European Union’s Digital Europe Programme (DIGITAL), Project 101102655 — POTENTIAL. |
|---|
The Apache License does not apply to the logos, (including the A-SIT logo) and the project/module name(s), as these are the sole property of A-SIT/A-SIT Plus GmbH and may not be used in derivative works without explicit permission!