Skip to content
Vidos Logo Vidos

Submission Requirements

Submission Requirements enable verifiers to express complex logical combinations of required credentials within a Presentation Definition. They specify how holders must combine credentials to satisfy verification requirements, moving beyond simple “all required” scenarios to support real-world verification flexibility.

Why use submission requirements?

Section titled “Why use submission requirements?”

Without Submission Requirements, verifiers can only require all input descriptors defined in a Presentation Definition. This rigid approach lacks the flexibility needed for scenarios where:

  • Users have different acceptable credentials (passport OR driver’s license)
  • Verification requires credential combinations (identity proof AND address proof)
  • Complex logic is needed (identity AND (employment proof OR income proof))

Submission Requirements provide standardized expressions of logical combinations, making verification processes flexible and user-friendly while maintaining security and compliance.

How submission requirements work

Section titled “How submission requirements work”

Submission Requirements use groups and rules to express logic:

  1. Input descriptors are assigned to named groups
  2. Rules define requirements about these groups (“all” or “pick”)
  3. Rules combine and nest to create complex logic
  4. Holders provide credentials satisfying the requirements

Rule types

Section titled “Rule types”

The “all” rule

Section titled “The “all” rule”

Requires all input descriptors from a group:

{
    "rule": "all",
    "from": "A"
}

The “pick” rule

Section titled “The “pick” rule”

Specifies how many inputs from a group are required:

{
    "rule": "pick",
    "count": 1,
    "from": "B"
}

Options:

  • count: Exact number required
  • min: Minimum required
  • max: Maximum allowed

Grouping input descriptors

Section titled “Grouping input descriptors”

To use Submission Requirements, input descriptors must be assigned to named groups:

{
    "id": "banking_credential",
    "name": "Bank Statement",
    "group": ["A"],
    "constraints": {
        /* ... */
    }
}

Groups are identified by string identifiers. Descriptors can belong to multiple groups, enabling flexible logical expressions. When Submission Requirements reference a group, they apply to all input descriptors assigned to that group.

Combining rules

Section titled “Combining rules”

Multiple requirements

Section titled “Multiple requirements”

Multiple requirements at the same level create “AND” logic:

"submission_requirements": [
  { "rule": "all", "from": "A" },
  { "rule": "pick", "count": 1, "from": "B" }
]

Requires all from group A AND one from group B.

Nested requirements

Section titled “Nested requirements”

Nest requirements using from_nested for “OR” logic:

{
    "rule": "pick",
    "count": 1,
    "from_nested": [
        { "rule": "all", "from": "A" },
        { "rule": "pick", "count": 2, "from": "B" }
    ]
}

Requires either all from A OR two from B.

Example: identity verification

Section titled “Example: identity verification”

Verify identity with either government ID or credential combination:

{
    "submission_requirements": [
        {
            "rule": "pick",
            "count": 1,
            "from_nested": [
                { "rule": "all", "from": "government_id" },
                {
                    "rule": "all",
                    "from_nested": [
                        { "rule": "all", "from": "basic_identity" },
                        { "rule": "all", "from": "address_proof" }
                    ]
                }
            ]
        }
    ],
    "input_descriptors": [
        {
            "id": "passport",
            "group": ["government_id"],
            "constraints": {
                /* ... */
            }
        },
        {
            "id": "birth_certificate",
            "group": ["basic_identity"],
            "constraints": {
                /* ... */
            }
        },
        {
            "id": "utility_bill",
            "group": ["address_proof"],
            "constraints": {
                /* ... */
            }
        }
    ]
}

Accepts either government ID OR (birth certificate AND utility bill).

Role in Vidos

Section titled “Role in Vidos”

In the Vidos ecosystem, Submission Requirements integrate with the verification workflow through the Validator service. When a Presentation Submission is received, the Validator evaluates whether the presented credentials satisfy the logical combinations specified in the Submission Requirements. This enables flexible verification policies that can accommodate different credential combinations while maintaining consistent security standards.

Summary

Section titled “Summary”

Submission Requirements enable complex credential verification logic through:

  • Flexible “all” and “pick” rules
  • Grouping of related input descriptors
  • Nested combinations for complex scenarios
  • Standardized logical expressions

They provide the flexibility needed for real-world verification while maintaining clear, processable requirements.

Further resources

Section titled “Further resources”