Overview
To manage keys, we will be using the walt.id crypto library which enables us to create, import and export cryptographic key pairs based on various algorithms. These keys can later be used to sign and issue digital credentials (W3C, mdoc) to users via OID4VC.
The crypto lib doesn't provide storage implementations by default, however, you can use our library as is and store keys locally for testing and Proof Of Concepts (PoCs).
For production, we advise using a Secure Key Environment, which can be achieved through a prebuilt integration with common KMS providers via our upcoming Enterprise License, using a third-party provider, or constructing your own. We will offer these prebuilt integrations for the most popular KMS providers like Hashicorp Vault, AWS Key Vault, Azure Key Vault, and others soon - refer to our roadmap for timeline details. For any questions, please contact us here.
Main Features
- Key creation, import and export using JWK, Pem or raw formats.
- Sign and verify JWS and raw signatures.
Detailed overview here.
Algorithms
- ed15519
- secp256k1
- secp256r1
- rsa
Detailed overview here.