#DIF Presentation Exchange

Presentation Exchange is a specification developed by the Decentralized Identity Foundation (DIF) that standardizes how verifiers request verified data from holders and how holders respond with proofs that satisfy those requirements. It solves a critical interoperability challenge in the verifiable credentials ecosystem by creating a common language for credential exchange.

#Understanding Presentation Exchange

Verifiable credentials unlock the ability to share trusted data across different systems and organizations. However, without standardization, each verifier would need to create custom protocols for requesting specific information from holders. Presentation Exchange addresses this by providing:

1. A standard format for requesting credential data (Presentation Definition)
2. A standard format for responding with credential proofs (Presentation Submission)
3. A way to express complex combinations of requirements (Submission Requirements)
4. Tools for precisely identifying required fields within credentials (Input Descriptors)

This standardization creates a consistent experience for users across different wallets and verifier services while reducing implementation complexity for developers.

#Key Components

Presentation Exchange consists of four main components that work together to enable secure, privacy-preserving credential exchange:

#Presentation Definition

Presentation Definition is the request format that specifies exactly what proofs a verifier needs from a holder. It's a JSON object that defines:

• Required credential types and fields
• Acceptable formats and cryptographic algorithms
• Optional constraints on values or data sources
• Logical combinations of requirements

{
    "id": "example-definition",
    "input_descriptors": [
        {
            "id": "id_credential",
            "name": "Government ID",
            "purpose": "Verify your identity",
            "constraints": {
                "fields": [
                    {
                        "path": ["$.type"],
                        "filter": {
                            "type": "array",
                            "contains": { "type": "string", "pattern": "IDCredential" }
                        }
                    }
                ]
            }
        }
    ]
}

#Presentation Submission

Presentation Submission is the response format that maps provided credentials to the requirements in a Presentation Definition. It enables holders to clearly indicate how their submitted credentials satisfy the verifier's request.

{
    "id": "example-submission",
    "definition_id": "example-definition",
    "descriptor_map": [
        {
            "id": "id_credential",
            "format": "jwt_vc",
            "path": "$.verifiableCredential[0]"
        }
    ]
}

#Input Descriptors

Input Descriptors define specific credential requirements within a Presentation Definition. Each descriptor identifies a particular credential or data element the verifier needs, along with constraints on acceptable values.

Input Descriptors use JSONPath expressions to precisely target fields within credentials, enabling selective disclosure of only the required information.

#Submission Requirements

Submission Requirements provide logical operators for combining Input Descriptors, allowing verifiers to express complex combinations of credentials that will satisfy their requirements.

For example, a verifier might specify that they need either:

• A government ID credential, OR
• Both a university ID credential AND a proof of address

#Benefits of Presentation Exchange

The Presentation Exchange specification offers several key advantages:

1. Format Agnosticism: Works with different credential formats including Verifiable Credentials, JWT, and more

2. Protocol Independence: Can be used with various transport protocols like OpenID Connect, DIDComm, or CHAPI

3. Selective Disclosure: Enables privacy by requesting only specific fields rather than entire credentials

4. Credential Flexibility: Allows holders to choose which credentials to submit when multiple options would satisfy requirements

5. Developer Efficiency: Reduces the need for custom protocols and facilitates interoperability between different systems

#The Credential Exchange Flow

A typical credential exchange using Presentation Exchange follows this process:

1. Request Creation: The verifier creates a Presentation Definition specifying required credentials
2. Delivery: The definition is sent to the holder using a transport protocol
3. Interpretation: The holder's wallet processes the definition to understand what's being requested
4. Selection: The holder selects credentials that satisfy the requirements
5. Response Creation: The holder creates a Presentation Submission mapping credentials to requirements
6. Verification: The verifier validates that the submission satisfies the original definition

#Integration with Vidos

In the Vidos platform, Presentation Exchange serves as a foundational standard in several key services:

#Authorizer Service

The Authorizer service uses Presentation Definitions to specify what credentials a user must present for authorization. When a relying party requests verification, the Authorizer:

1. Generates an appropriate Presentation Definition based on configured policies
2. Delivers this definition to the user's wallet through OpenID4VP or other protocols
3. Receives and processes the corresponding Presentation Submission

#Verifier Service

The Verifier service uses Presentation Exchange to validate that submitted credentials satisfy requirements. It:

1. Processes incoming Presentation Submissions
2. Validates them against the original Presentation Definition
3. Performs cryptographic verification of the credentials
4. Applies additional verification rules as specified in policies

#Validator Service

The Validator service uses Presentation Exchange as part of its validation framework:

1. Checks that Presentation Submissions map correctly to their Definitions
2. Validates that required fields and constraints are satisfied
3. Processes any Submission Requirements to ensure logical combinations are met

#Interoperability and Standards

Presentation Exchange works seamlessly with other identity standards and protocols:

• OpenID for Verifiable Presentations (OpenID4VP): Presentation Exchange is a core component of the OpenID4VP specification, defining how credential requirements are expressed.

• Verifiable Credentials Data Model: Presentation Exchange supports the W3C Verifiable Credentials data model, enabling standardized credential requests.

• Decentralized Identifiers (DIDs): Presentation Exchange works with DID-based authentication systems by enabling requests for credentials linked to specific DIDs.

• DIDComm Messaging: Presentation Exchange definitions and submissions can be transported using DIDComm protocols.

#Implementation Considerations

When implementing Presentation Exchange within the Vidos ecosystem, consider:

1. Support multiple credential formats: Implement support for different credential formats to maximize compatibility with various wallet implementations.

2. Balance privacy and usability: Request only the specific fields necessary for your use case to preserve user privacy.

3. Provide clear purpose statements: Always include purpose statements in your Presentation Definitions so users understand why information is being requested.

4. Handle alternative credentials: Design your Presentation Definitions to accept alternative credentials that provide equivalent information when possible.

5. Maintain schema registries: Maintain access to credential schemas to facilitate validation of submitted credentials.

#Summary

DIF Presentation Exchange provides a standardized framework for requesting and presenting verifiable credentials. By separating the request format (Presentation Definition) from the response format (Presentation Submission), it enables interoperable credential exchange across different systems and protocols.

In the Vidos ecosystem, Presentation Exchange forms a critical foundation for standardized, secure, and privacy-preserving verification workflows. By implementing this specification, Vidos ensures compatibility with the broader verifiable credentials ecosystem while providing a consistent experience for both users and developers.

#Further Resources

• DIF Presentation Exchange Specification
• DIF Presentation Exchange GitHub Repository
• OpenID for Verifiable Presentations