§ Presentation Exchange

Specification Status: Working Group Draft

Latest Draft: identity.foundation/presentation-exchange

Editors:

Daniel Buchner (Microsoft)

Brent Zundel (Evernym)

Martin Riedel (Civic Technologies)

Contributors:

Gabe Cohen (Workday)

Orie Steele (Transmute)

Wayne Chang (Spruce)

Participate:

GitHub repo

File a bug

Commit history

§ Abstract

A common activity between peers in identity systems that feature the ability to generate self-asserted and third-party issued claims is the demand and submission of proofs from a Holder to a Verifier. This flow implicitly requires the Holder and Verifier have a known mechanism to facilitate the two primary steps in a proving exchange: the way Verifiers define the proof requirements, and how Holders must encode submissions of proof to align with those requirements.

To address these needs, this Presentation Exchange specification codifies the Presentation Definition data format Verifiers can use to articulate proof requirements, as well as the Presentation Submission data format Holders can use to submit proofs in accordance with them. The specification is designed to be both claim format and transport envelope agnostic, meaning an implementer can use JSON Web Tokens (JWTs), Verifiable Credentials (VCs), JWT-VCs, or any other claim format, and convey them via Open ID Connect, DIDComm, Credential Handler API, or any other transport envelope. The goal of this flexible format and transport agnostic mechanism is to nullify the redundant handling, code, and hassle involved in presenting and satisfying logical requirements across formats and transport envelopes.

This specification does not endeavor to define transport protocols, specific endpoints, or other means for conveying the formatted objects it codifies, but encourages other specifications and projects that do define such mechanisms to utilize these data formats within their flows.

§ Status of This Document

Presentation Exchange is a draft specification under development within the Decentralized Identity Foundation (DIF), and designed to incorporate the requirements and learnings from related work of the most active industry players into a shared specification that meets the collective needs of the community. This spec is regularly updated to reflect relevant changes, and we encourage active engagement on GitHub (see above) and other mediums (e.g. DIF) where this work is being done.

§ Terminology

Decentralized Identifiers

Unique ID URI string and PKI metadata document format for describing the cryptographic keys and other fundamental PKI values linked to a unique, user-controlled, self-sovereign identifier in a target system (i.e. blockchain, distributed ledger).

Holder

The entity that submits proofs to a Verifier to satisfy the requirements described in a Presentation Definition

Verifier

The entity that defines what proofs they require from a Holder (via a Presentation Definition) in order to proceed with an interaction.

Claim

An assertion made about a given entity. Used as an umbrella term for Credential, Assertion, Attestation, etc.

Presentation Definition

Presentation Definitions are objects that articulate what proofs a Verifier requires. These help the Verifier to decide how or whether to interact with a Holder. Presentation Definitions are composed of inputs, which describe the forms and details of the proofs they require, and optional sets of selection rules, to allow Holders flexibility in cases where many different types of proofs may satisfy an input requirement.

Presentation Request

Presentation Requests are transport mechanisms for Presentation Definitions. Presentation Requests can take multiple shapes, using a variety of protocols and signature schemes not defined in this specification. They are sent by a Verifier to a Holder.

Presentation Submission

Presentation Submissions are objects embedded within target claim negotiation formats that unify the presentation of proofs to a Verifier in accordance with the requirements a Verifier specified in a Presentation Definition.

Input Descriptor

Input Descriptors are objects used to describe the information a Verifier requires of a Holder before they will proceed with an interaction.

Submission Requirement

Submission Requirements are objects that define what combinations of inputs must be submitted to comply with the requirements a Verifier has for proceeding in a flow (e.g. credential issuance, allowing entry, accepting an application).

§ Localization

To support localization, IETF BCP 47 one MAY use language tags under the locale property in both a Presentation Definition and Presentation Submission. If a Definition has a language tag, so should the corresponding Submission. A Submission may have a language tag regardless of the presence of one in the corresponding Definition.

Wrapping transports such as HTTP may choose to utlilize the locale property in conjunction with the Accept-Language header.

{
  "presentation_definition": {
    "id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "locale": "en-US",
    "input_descriptors": [{
      "id": "name_input",
      "name": "Full Legal Name",
      "purpose": "We need your full legal name.",
      "schema": [
        {
          "uri": "https://name-standards.com/name.json",
          "required": true
        }
      ]
    }]
  }
}

{
  "presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "locale": "de-DE",
    "descriptor_map": [{
      "id": "name_input",
      "path": "$.verifiableCredential[0]"
    }]
  }
}

§ Presentation Definition

Presentation Definitions are objects that articulate what proofs a Verifier requires. These help the Verifier to decide how or whether to interact with a Holder. Presentation Definitions are composed of inputs, which describe the forms and details of the proofs they require, and optional sets of selection rules, to allow Holders flexibility in cases where many different types of proofs may satisfy an input requirement.

{
  // VP, OIDC, DIDComm, or CHAPI outer wrapper
  "presentation_definition": {
    "id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "input_descriptors": [
      {
        "id": "banking_input",
        "name": "Bank Account Information",
        "purpose": "We need your bank and account information.",
        "schema": [
          {
            "uri": "https://bank-standards.com/customer.json"
          }
        ],
        "constraints": {
          "limit_disclosure": true,
          "fields": [
            {
              "path": ["$.issuer", "$.vc.issuer", "$.iss"],
              "purpose": "The claim must be from one of the specified issuers",
              "filter": {
                "type": "string",
                "pattern": "did:example:123|did:example:456"
              }
            }
          ]
        }
      },
      {
        "id": "citizenship_input",
        "name": "US Passport",
        "schema": [
          {
            "uri": "hub://did:foo:123/Collections/schema.us.gov/passport.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.credentialSubject.birth_date", "$.vc.credentialSubject.birth_date", "$.birth_date"],
              "filter": {
                "type": "string",
                "format": "date",
                "minimum": "1999-5-16"
              }
            }
          ]
        }

      }
    ]
  }
}

{
  // VP, OIDC, DIDComm, or CHAPI outer wrapper
  "presentation_definition": {
    "id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "submission_requirements": [{
      "name": "Citizenship Information",
      "rule": "pick",
      "count": 1,
      "from": "A"
    }],
    "input_descriptors": [
      {
        "id": "citizenship_input_1",
        "name": "EU Driver's License",
        "group": ["A"],
        "schema": [
          {
            "uri": "https://eu.com/claims/DriversLicense.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.issuer", "$.vc.issuer", "$.iss"],
              "purpose": "The claim must be from one of the specified issuers",
              "filter": {
                "type": "string",
                "pattern": "did:example:gov1|did:example:gov2"
              }
            },
            {
              "path": ["$.credentialSubject.dob", "$.vc.credentialSubject.dob", "$.dob"],
              "filter": {
                "type": "string",
                "format": "date",
                "maximum": "1999-6-15"
              }
            }
          ]
        }
      },
      {
        "id": "citizenship_input_2",
        "name": "US Passport",
        "group": ["A"],
        "schema": [
          {
            "uri": "hub://did:foo:123/Collections/schema.us.gov/passport.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.credentialSubject.birth_date", "$.vc.credentialSubject.birth_date", "$.birth_date"],
              "filter": {
                "type": "string",
                "format": "date",
                "maximum": "1999-5-16"
              }
            }
          ]
        }
      }
    ]
  }
}

{
  // VP, OIDC, DIDComm, or CHAPI outer wrapper
  "presentation_definition": {
    "id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "submission_requirements": [
      {
        "name": "Banking Information",
        "purpose": "We need to know if you have an established banking history.",
        "rule": "pick",
        "count": 1,
        "from": "A"
      },
      {
        "name": "Employment Information",
        "purpose": "We need to know that you are currently employed.",
        "rule": "all",
        "from": "B"
      },
      {
        "name": "Citizenship Information",
        "rule": "pick",
        "count": 1,
        "from": "C"
      }
    ],
    "input_descriptors": [
      {
        "id": "banking_input_1",
        "name": "Bank Account Information",
        "purpose": "We need your bank and account information.",
        "group": ["A"],
        "schema": [
          {
            "uri": "https://bank-standards.com/customer.json"
          }
        ],
        "constraints": {
          "limit_disclosure": true,
          "fields": [
            {
              "path": ["$.issuer", "$.vc.issuer", "$.iss"],
              "purpose": "The claim must be from one of the specified issuers",
              "filter": {
                "type": "string",
                "pattern": "did:example:123|did:example:456"
              }
            },
            {
              "path": ["$.credentialSubject.account[*].account_number", "$.vc.credentialSubject.account[*].account_number", "$.account[*].account_number"],
              "purpose": "We need your bank account number for processing purposes",
              "filter": {
                "type": "string",
                "minLength": 10,
                "maxLength": 12
              }
            },
            {
              "path": ["$.credentialSubject.account[*].routing_number", "$.vc.credentialSubject.account[*].routing_number", "$.account[*].routing_number"],
              "purpose": "You must have an account with a German, US, or Japanese bank account",
              "filter": {
                "type": "string",
                "pattern": "^DE|^US|^JP"
              }
            }
          ]
        }
      },
      {
        "id": "banking_input_2",
        "name": "Bank Account Information",
        "purpose": "We need your bank and account information.",
        "group": ["A"],
        "schema": [
          {
            "uri": "https://bank-schemas.org/1.0.0/accounts.json"
          },
          {
            "uri": "https://bank-schemas.org/2.0.0/accounts.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.issuer", "$.vc.issuer", "$.iss"],
              "purpose": "The claim must be from one of the specified issuers",
              "filter": {
                "type": "string",
                "pattern": "did:example:123|did:example:456"
              }
            },
            { 
              "path": ["$.credentialSubject.account[*].id", "$.vc.credentialSubject.account[*].id", "$.account[*].id"],
              "purpose": "We need your bank account number for processing purposes",
              "filter": {
                "type": "string",
                "minLength": 10,
                "maxLength": 12
              }
            },
            {
              "path": ["$.credentialSubject.account[*].route", "$.vc.credentialSubject.account[*].route", "$.account[*].route"],
              "purpose": "You must have an account with a German, US, or Japanese bank account",
              "filter": {
                "type": "string",
                "pattern": "^DE|^US|^JP"
              }
            }
          ]
        }
      },
      {
        "id": "employment_input",
        "name": "Employment History",
        "purpose": "We need to know your work history.",
        "group": ["B"],
        "schema": [
          {
            "uri": "https://business-standards.org/schemas/employment-history.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.jobs[*].active"],
              "filter": {
                "type": "boolean",
                "pattern": "true"
              }
            }
          ]
        }
      },
      {
        "id": "citizenship_input_1",
        "name": "EU Driver's License",
        "group": ["C"],
        "schema": [
          {
            "uri": "https://eu.com/claims/DriversLicense.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.issuer", "$.vc.issuer", "$.iss"],
              "purpose": "The claim must be from one of the specified issuers",
              "filter": {
                "type": "string",
                "pattern": "did:example:gov1|did:example:gov2"
              }
            },
            {
              "path": ["$.credentialSubject.dob", "$.vc.credentialSubject.dob", "$.dob"],
              "filter": {
                "type": "string",
                "format": "date",
                "minimum": "1999-5-16"
              }
            }
          ]
        }
      },
      {
        "id": "citizenship_input_2",
        "name": "US Passport",
        "group": ["C"],
        "schema": [
          {
            "uri": "hub://did:foo:123/Collections/schema.us.gov/passport.json"
          }
        ],
        "constraints": {
          "fields": [
            {
              "path": ["$.credentialSubject.birth_date", "$.vc.credentialSubject.birth_date", "$.birth_date"],
              "filter": {
                "type": "string",
                "format": "date",
                "minimum": "1999-5-16"
              }
            }
          ]
        }
      }
    ]
  }
}

The following properties are for use at the top-level of the resource — all other properties that are not defined below MUST be ignored:

• id - The resource MUST contain this property uniquely identifying the resource. The property MUST be a unique identifier, such as a UUID.
• name - The resource MAY contain this property, and if present its value SHOULD be a human-friendly name that describes what the Presentation Definition pertains to.
• purpose - The resource MAY contain this property, and if present its value MUST be a string that describes the purpose for which the Presentation Definition’s inputs are being requested.
• The resource MAY include a format property, and its value MUST be an object with one or more properties matching the registered Claim Format Designations (jwt, jwt_vc, jwt_vp, etc.) to inform the Holder of the claim format configurations the Verifier can process. The value for each property included MUST be an object composed as follows:

  • The object MUST include a format-specific property (i.e. alg, proof_type) that expresses which algorithms the Verifier supports for the format, and if present, its value MUST be an array of one or more of the format-specific algorithmic identifier references, as noted in the Claim Format Designations section.

    {
      "presentation_definition": {
        "format": {
          "jwt": {
            "alg": ["EdDSA", "ES256K", "ES384"]
          },
          "jwt_vc": {
            "alg": ["ES256K", "ES384"]
          },
          "jwt_vp": {
            "alg": ["EdDSA", "ES256K"]
          },
          "ldp_vc": {
            "proof_type": [
              "JsonWebSignature2020",
              "Ed25519Signature2018",
              "EcdsaSecp256k1Signature2019",
              "RsaSignature2018"
            ]
          },
          "ldp_vp": {
            "proof_type": ["Ed25519Signature2018"]
          },
          "ldp": {
            "proof_type": ["RsaSignature2018"]
          }
        }
      }
    }
    

• submission_requirements - The resource MAY contain this property, and if present, its value MUST conform to the Submission Requirement Format. If not present, all inputs listed in the input_descriptors array are required for submission. The description for the format of this property is in the Submission Requirement section below.
• input_descriptors - The resource MUST contain this property, and its value MUST be an array of Input Descriptor objects. If no submission_requirements is present, all inputs listed in the input_descriptors array are required for submission. The composition of values under this property are described in the Input Descriptors section below.

§ Submission Requirements

Presentation Definitions MAY include Submission Requirements, which are objects that define what combinations of inputs must be submitted to comply with the requirements a Verifier has for proceeding in a flow (e.g. claim issuance, allowing entry, accepting an application). Submission Requirements introduce a set of rule types and mapping instructions a User Agent can ingest to present requirement optionality to the user, and subsequently submit inputs in a way that maps back to the rules the verifying party has asserted (via a Proof Submission object). The following section defines the format for Submission Requirement objects, and the selection syntax verifying parties can use to specify which combinations of inputs are acceptable.

If present, all members of the submission_requirements array MUST be satisfied, and all input_descriptors MUST be grouped. Any unused input_descriptors that remain after satisfying all submission_requirements MUST be ignored.

  "submission_requirements": [
    {
      "name": "Banking Information",
      "purpose": "We need to know if you have an established banking history.",
      "rule": "pick",
      "count": 1,
      "from": "A"
    },
    {
      "name": "Employment Information",
      "purpose": "We need to know that you are currently employed.",
      "rule": "all",
      "from": "B"
    },
    {
      "name": "Citizenship Information",
      "rule": "pick",
      "count": 1,
      "from_nested": [
        {
          "name": "United States Citizenship Proofs",
          "purpose": "We need you to prove you are a US citizen.",
          "rule": "all",
          "from": "C"
        },
        {
          "name": "European Union Citizenship Proofs",
          "purpose": "We need you to prove you are a citizen of a EU country.",
          "rule": "all",
          "from": "D"
        }
      ]
    }
  ]

§ Submission Requirement Objects

Submission Requirement Objects describe combinations of inputs that must be submitted via a Presentation Submission to satisfy Verifier demands. Submission Requirement Objects are JSON objects constructed as follows:

1. The object MUST contain a rule property, and its value MUST be a string matching one of the Submission Requirement Rules values listed in the section below.
2. The object MUST contain either a from or from_nested property. If both properties are present, the implementation MUST produce an error. The values of the from and from_nested properties are defined as follows:
   • from - the value of the from property must be a group string matching one of the group strings specified for one or more Input Descriptor objects.
   • from_nested - an array of nested Submission Requirement Objects.
3. The object MAY contain a name property, and if present, its value MUST be a string which MAY be used by a consuming User Agent to display the general name of the requirement set to a user.
4. The object MAY contain a purpose property and, if present, its value MUST be a string that describes the purpose for which the specified requirement is being asserted.
5. The object MAY contain additional properties as required by Submission Requirement Rules, such as count, min, and max for the "pick" rule.

§ Submission Requirement Rules

Submission Requirement Rules {id=“requirement-rules”} are used within Submission Requirement Objects to describe the specific combinatorial rule that must be applied to submit a particular subset of required inputs. Rules are selected by populating the rule property with the corresponding string. An implementation MUST support the following standard types:

§ all rule

• The object must contain a rule property, and its value MUST be the string "all".
• The object MUST contain either a from or from_nested property, which behave as follows when used in an all rule:
  • from - when used within an all rule, every Input Descriptor matching the group string of the from value must be submitted to the Verifier.
  • from_nested - when used within an all rule, all the Submission Requirement Objects specified in the from_nested array must be satisfied by the inputs submitted in a subsequent Presentation Submission.

  "submission_requirements": [
    {
      "name": "Submission of educational transcripts",
      "purpose": "We need all your educational transcripts to process your application",
      "rule": "all",
      "from": "A"
    }
  ]

§ pick rule

• The Submission Requirement object’s rule property MUST contain the string value "pick".
• The Submission Requirement object MAY contain a count property, and if present, its value MUST be an integer greater than zero.
• The Submission Requirement object MAY contain a min property, and if present, its value MUST be an integer greater than or equal to zero.
• The Submission Requirement object MAY contain a max property, and if present, its value MUST be an integer greater than zero, and, if also present, greater than the value of the min property.
• The Submission Requirement object MUST contain either a from property or a from_nested property, and of whichever are present, all inputs from the from group string specified or Submission Requirements in the from_nested array MUST be submitted or satisfied.

If the from property contains a group string, it directs the consumer of the Presentation Definition to submit all members of the matching group string. In the following example, the from property contains a group string to require a single member of group "B":

  "submission_requirements": [
    {
      "name": "Citizenship Proof",
      "purpose": "We need to confirm you are a citizen of one of the following countries",
      "rule": "pick",
      "count": 1,
      "from": "B"
    }
  ]

  "submission_requirements": [
    {
      "name": "Citizenship Proof",
      "purpose": "We need to confirm you are a citizen of one of the following countries",
      "rule": "pick",
      "min": 2,
      "max": 4,
      "from": "B"
    }
  ]

If the from property contains an array of nested Submission Requirement objects, it directs the consumer of the Presentation Definition to submit members such that the number of satisfied Submission Requirement objects is exactly count. In the following example, the from property contains an array of nested Submission Requirement objects to require either all members from group "A" or two members from group "B":

  "submission_requirements": [
    {
      "name": "Confirm banking relationship or employment and residence proofs",
      "purpose": "Submit your bank statement or proofs of employment and residence to process your loan",
      "rule": "pick",
      "count": 1,
      "from_nested": [
        { "rule": "all", "from": "A" },
        { "rule": "pick", "count": 2, "from": "B" }
      ]
    }
  ]

§ JSON Schema

The following JSON Schema Draft 7 definition summarizes many of the format-related rules above:

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
    "submission_requirements": {
      "type": "object",
      "oneOf": [
        {
          "properties": {
            "name": { "type": "string" },
            "purpose": { "type": "string" },
            "rule": {
              "type": "string",
              "enum": ["all", "pick"]
            },
            "count": { "type": "integer", "minimum": 1 },
            "from": { "type": "string" }
          },
          "required": ["rule", "from"],
          "additionalProperties": false
        },
        {
          "properties": {
            "name": { "type": "string" },
            "purpose": { "type": "string" },
            "rule": {
              "type": "string",
              "enum": ["all", "pick"]
            },
            "count": { "type": "integer", "minimum": 1 },
            "from_nested": {
              "type": "array",
              "minItems": 1,
              "items": {
                "$ref": "#/definitions/submission_requirements"
              }
            }
          },
          "required": ["rule", "from_nested"],
          "additionalProperties": false
        }
      ]
    }
  },
  "type": "object",
  "properties": {
    "submission_requirements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/submission_requirements"
      }
    }
  },
  "required": ["submission_requirements"],
  "additionalProperties": false
}

§ Property Values and Evaluation

The following property value and evaluation guidelines summarize many of the processing-related rules above:

1. The rule property value may be either "all" or "pick", and the implementation MUST produce an error if an unknown rule value is present.
2. The Submission Requirement MUST contain a from property or a from_nested property, not both, and if present their values must be a string or an array, respectively. If any of these conditions are not met, the implementation MUST produce an error.
3. To determine whether a Submission Requirement is satisfied, used the following algorithm:
   • If the rule is "all", then the Submission Requirement MUST contain a from property or a from_nested property, and of whichever are present, all inputs from the from group string specified or Submission Requirements in the from_nested array MUST be submitted or satisfied, respectively.
   • If the rule is "pick", then the Submission Requirement MUST contain a from property or a from_nested property, and of whichever are present, they must be evaluated as follows:
     • if a count property is present, the number of inputs submitted, or nested Submission Requirements satisfied, MUST be exactly equal to the value of count property.
     • if a min property is present, the number of inputs submitted, or nested Submission Requirements satisfied, MUST be equal to or greater than the value of the min property.
     • if a max property is present, the number of inputs submitted, or nested Submission Requirements satisfied, MUST be equal to or less than the value of the max property.

§ Input Descriptors

Input Descriptors are objects used to describe the information a Verifier requires of a Holder before they will proceed with an interaction. If no submission_requirements objects are present, all input_descriptor objects MUST be satisfied.

Input Descriptor Objects contain a schema URI that links to the schema of the required input data, constraints on data values, and an explanation why a certain item or set of data is being requested:

"input_descriptors": [
  {
    "id": "banking_input_1",
    "name": "Bank Account Information",
    "purpose": "We need your bank and account information.",
    "group": ["A"],
    "schema": [
      {
        "uri": "https://bank-schemas.org/1.0.0/accounts.json"
      },
      {
        "uri": "https://bank-schemas.org/2.0.0/accounts.json"
      }
    ],
    "constraints": {
      "fields": [
        {
          "path": ["$.issuer", "$.vc.issuer", "$.iss"],
          "purpose": "The claim must be from one of the specified issuers",
          "filter": {
            "type": "string",
            "pattern": "did:example:123|did:example:456"
          }
        },
        { 
          "path": ["$.credentialSubject.account[*].id", "$.vc.credentialSubject.account[*].id", "$.account[*].id"],
          "purpose": "We need your bank account number for processing purposes",
          "filter": {
            "type": "string",
            "minLength": 10,
            "maxLength": 12
          }
        },
        {
          "path": ["$.credentialSubject.account[*].route", "$.vc.credentialSubject.account[*].route", "$.account[*].route"],
          "purpose": "You must have an account with a German, US, or Japanese bank account",
          "filter": {
            "type": "string",
            "pattern": "^DE|^US|^JP"
          }
        }
      ]
    }
  }
]

{
  "id": "employment_input_xyz_gov",
  "group": ["B"],
  "schema": [
    {
      "uri": ["https://login.idp.com/xyz.gov/.well-known/openid-configuration"],
      "name": "Verify XYZ Government Employment",
      "purpose": "We need to know if you currently work at an agency in the XYZ government",
      "metadata": {
        "client_id": "40be4fb5-7f3a-470b-aa37-66ed43821bd7",
        "redirect_uri": "https://tokens.xyz.gov/verify"
      }
    }
  ],
  "constraints": {
    "fields": [
      {
        "path": ["$.status"],
        "filter": {
          "type": "string",
          "pattern": "active"
        }
      }
    ]
  }
}

§ Input Descriptor Objects

Input Descriptors are objects that describe what type of input data/claim, or sub-fields thereof, is required for submission to the Verifier. Input Descriptor Objects are composed as follows:

• The object MUST contain an id property. The value of the id property MUST be a unique identifying string that does not conflict with the id of another Input Descriptor in the same Presentation Definition object.
• The object MAY contain a group property, and if present, its value MUST match one of the grouping strings listed in the from values of a Submission Requirement Rule Object.
• The object MAY contain a name property, and if present its value SHOULD be a human-friendly name that describes what the target schema represents.
• The object MAY contain a purpose property, and if present its value MUST be a string that describes the purpose for which the claim’s data is being requested.
• The object MAY contain a metadata property, and if present its value MUST be an object with metadata properties that describe any information specific to the acquisition, formulation, or details of the claim in question.
• The object MUST contain a schema property, and its value MUST be an array composed of objects as follows:
  • The object MUST contain a uri property, and its value MUST be an string consisting of a valid URI string for the acceptable claim schemas. Multiple array objects may be present for multiple schemas. A common use of multiple entries in the schema array is when multiple versions of a claim schema exist and there is a desire to express support for more than one version. This field allowing multiple URIs is not intended to be used as a mechanism for including references to fundamentally different schemas, and SHOULD NOT be used by the implementer this way.
  • The object MAY contain a boolean required property, and if present and true it signifies that the given schema object is required to fulfill the given Submission Requirement.
• The object MAY contain a constraints property, and its value MUST be an object composed as follows:

  • The object MAY contain a limit_disclosure property, and if present its value MUST be a boolean value. Setting the property to true indicates that the processing entity SHOULD NOT submit any fields beyond those listed in the fields array (if present). Setting the property to false, or omitting the property, indicates the processing entity MAY submit a response that contains more than the data described in the fields array.

  • The object MAY contain a statuses property, and if present, its value MUST be an object that includes one or more of the following status properties: active, suspended, revoked. These statuses are defined as follows:

    • active - a credential that is not revoked, expired, suspended, or in any type of deactivated state.
    • suspended - a credential is suspended if the Issuer has published an explicit signal that the credential is in an inactive state and should not currently be relied upon, but may become active again in the future.
    • revoked - a credential is revoked if the Issuer has published an explicit signal that the credential in question should not be relied upon going forward as an accurate reflection of the Issuer’s statements about the Subject within the scope of the credential.

      "statuses": {
        "active": {
          "directive": "required"  // other values: "allowed", "disallowed"
        },
        "suspended": {...},
        "revoked": {...}
      } 
    

    The values of all status properties are objects, composed as follows:

    • Status objects MUST include a directive property, and its value MUST be one of the following strings:
      • required: the credential MUST be of the specified status.
      • allowed: the credential MAY be of the specified status.
      • disallowed: the credential MUST NOT be of the specified status.

  • The object MAY contain a subject_is_issuer property, and if present its value MUST be one of the following strings:

    • required - This indicates that the processing entity MUST submit a response that has been self-attested, i.e., the claim used in the presentation has been ‘issued’ by the subject of the claim.
    • preferred - This indicates that it is RECOMMENDED that the processing entity submit a response that has been self-attested, i.e., the claim used in the presentation has been ‘issued’ by the subject of the claim.

    The subject_is_issuer property could be used by a Verifier to require that certain inputs be self_attested. For example, a college application presentation definition might contain an Input Descriptor object for an essay submission. In this case, the Verifier would be able to require that the essay be provided by the one submits the application.

  • The object MAY contain an is_holder property, and if present its value MUST be an array of objects composed as follows:

    • The object MUST contain a field_id property. The value of this property MUST be an array of strings, with each string matching the string value from a Input Descriptor Field Entry object’s id property. This identifies the attribute whose subject is of concern to the verifier.
    • The object MUST contain a directive property. The value of this property MUST be one of the following strings:
      • required - This indicates that the processing entity MUST include proof that the subject of each attribute identified by a value in the field_id array is the same as the entity submitting the response.
      • preferred - This indicates that it is RECOMMENDED that the processing entity include proof that the subject of each attribute identified by a value in the field_id array is the same as the entity submitting the response.

    The is_holder property would be used by a Verifier to require that certain inputs be provided by a certain subject. For example, an identity verification presentation definition might contain an Input Descriptor object for a birthdate from a birth certificate. In this case, the Verifier would be able to require that the holder of the birth certificate claim is the same as the subject of the birthdate attribute. This is especially useful in cases where a claim may have multiple subjects.

    For more information about techniques used to prove binding to a holder, please see Holder Binding.

  • The object MAY contain a same_subject property, and if present its value MUST be an array of objects composed as follows:

    • The object MUST contain a field_id property. The value of this property MUST be an array of strings, with each string matching the string value from a Input Descriptor Field Entry object’s id property. This identifies the attributes whose subject is of concern to the verifier. It is important to note that the attributes MAY be identified in an Input Descriptor Field Entry of a different Input Descriptor object.
    • The object MUST contain a directive property. The value of this property MUST be one of the following strings:
      • required - This indicates that the processing entity MUST include proof that the subject of each attribute identified by a value in the field_id array is the same as the subject of the attributes identified by the other values in the field_id array.
      • preferred - This indicates that it is RECOMMENDED that the processing entity include proof that the subject of each attribute identified by a value in the field_id array is the same as the subject of the attributes identified by the other values in the field_id array.

    The same_subject property would be used by a Verifier to require that certain provided inputs be about the same subject. For example, a presentation definition might contain an Input Descriptor object which calls for a street address from a driver license claim and another Input Descriptor object which calls for a name from a birth certificate claim. The Verifier would be able to require that the subject of the street address attribute claim is the same as the subject of the name attribute.

  • The object MAY contain a fields property, and its value MUST be an array of Input Descriptor Field Entry objects, each being composed as follows:

    • The object MUST contain a path property, and its value MUST be an array of one or more JSONPath string expressions, as defined in the JSONPath Syntax Definition section, that select a target value from the input. The array MUST be evaluated from 0-index forward, and the first expressions to return a value will be used for the rest of the entry’s evaluation. The ability to declare multiple expressions this way allows the Verifier to account for format differences - for example: normalizing the differences in structure between JSON-LD/JWT-based Verifiable Credentials and vanilla JSON Web Tokens (JWTs) [RFC7797].

    • The object MAY contain an id property, and if present its value MUST be a string that is unique from any other field object’s id property.

    • The object MAY contain a purpose property, and if present its value MUST be a string that describes the purpose for which the field is being requested.

    • The object MAY contain a filter property, and if present its value MUST be JSON Schema descriptor used to filter against the values returned from evaluation of the JSONPath string expressions in the path array.

    • The object MAY contain a predicate property. If the predicate property is present, the filter property MUST also be present. The inclusion of the predicate property indicates that the processing entity returns a boolean, rather than a value returned from evaluation of the JSONPath string expressions in the path array. The boolean returned is the result of using the filter property’s JSON Schema descriptors against the evaluated value. The value of predicate MUST be one of the following strings:

      • required - This indicates that the returned value MUST be the boolean result of applying the value of the filter property to the result of evaluating the path property.
      • preferred - This indicates that the returned value SHOULD be the boolean result of applying the value of the filter property to the result of evaluating the path property.

      If the predicate property is present, the set of JSON Schema descriptors which comprise the value of the filter property MUST be restricted according to the desired predicate operation, as follows:

      • To express the following range proofs, use the JSON Schema numeric range properties:
        • greater-than - Use the exclusiveMinimum descriptor. For example, to request a proof that an attribute is greater than 10000:

          {
            "type": "number",
            "exclusiveMinimum": 10000,
          }
          

        • less-than - Use the exclusiveMaximum descriptor. For example, to request a proof that an attribute is less than 85:

          {
            "type": "number",
            "exclusiveMaximum": 85,
          }
          

        • greater-than or equal-to - Use the minimum descriptor. For example, to request a proof that an attribute is greater than or equal to 18:

          {
            "type": "number",
            "minimum": 18,
          }
          

        • less-than or equal-to - Use the maximum descriptor. For example, to request a proof that an attribute is less than or equal to 65536:

          {
            "type": "number",
            "maximum": 65536,
          }
          

      • to express the following equality proofs, use the JSON Schema const descriptor:
        • equal-to - Use the const descriptor. For example to request proof that an attribute has the value “Chad”:

          {
            "const": "Chad"
          }
          

        • not equal-to - Use the const descriptor with the not operator. For example, to request proof that an attribute does not have the value “Karen”:

          {
            "not": {
              "const": "Karen"
            }
          }
          

      • to express set-membership proofs, use the JSON Schema enum descriptor:
        • in-set - Use the enum descriptor. For example, to request proof that an attribute is contained in the set of rainbow colors:

          {
            "type": "string",
            "enum": ["red", "yellow", "blue"]
          }
          

        • not-in-set - Use the enum descriptor with the not operator. For example, to request proof that an attribute is not contained in the set of primary colors:

          {
            "not": { 
              "enum": ["red", "yellow", "blue"] 
            }
          }
          

      At this time, additional predicate operations are not supported.

§ Input Evaluation

A consumer of a Presentation Definition must filter inputs they hold (signed claims, raw data, etc.) to determine whether they possess the inputs required to fulfill the demands of the Verifying party. A consumer of a Presentation Definition SHOULD use the following process to validate whether or not its candidate inputs meet the requirements it describes:

For each Input Descriptor in the input_descriptors array of a Presentation Definition, a User Agent should compare each candidate input (JWT, Verifiable Credential, etc.) it holds to determine whether there is a match. Evaluate each candidate input as follows:

1. The schema of the candidate input must match one of the Input Descriptor schema object uri values exactly. If the scheme is a hashlink or a similar value that points to immutable content, this means the content of the schema, not just the URI from which it is downloaded, must also match. If one of the values is an exact match, proceed, if there are no exact matches, skip to the next candidate input.
2. If the constraints property of the Input Descriptor is present, and it contains a fields property with one or more Input Descriptor Field Entries, evaluate each against the candidate input as follows:
   1. Iterate the Input Descriptor path array of JSONPath string expressions from 0-index, executing each expression against the candidate input. Cease iteration at the first expression that returns a matching Field Query Result and use the result for the rest of the field’s evaluation. If no result is returned for any of the expressions, skip to the next candidate input.
   2. If the filter property of the field entry is present, validate the Field Query Result from the step above against the JSON Schema descriptor value.
   3. If the predicate property of the field entry is present, a boolean value should be returned rather than the value of the Field Query Result. Calculate this boolean value by evaluating the Field Query Result against the JSON Schema descriptor value of the filter property.
   4. If the result is valid, proceed iterating the rest of the fields entries.
3. If all of the previous validation steps are successful, mark the candidate input as a match for use in a Presentation Submission, and if present at the top level of the Input Descriptor, keep a relative reference to the group values the input is designated for.
4. If the constraints property of the Input Descriptor is present and it contains a limit_disclosure property set to the boolean value true, ensure that any subsequent submission of data in relation to the candidate input is limited to the entries specified in the fields property. If the fields property is not present, or contains zero Input Descriptor Field Entries, submission SHOULD NOT include any claim data from the claim. (for example: a Verifier may simply want to know a Holder has a valid, signed claims of a particular type, without disclosing any of the data it contains).
5. If the constraints property of the Input Descriptor is present, and it contains a subject_is_issuer property set to the value required, ensure that any submission of data in relation to the candidate input is fulfilled using a self_attested claim.
6. If the constraints property of the Input Descriptor is present, and it contains an is_holder property, ensure that for each object in the array, any submission of data in relation to the candidate input is fulfilled by the subject of the attributes so identified by the strings in the field_id array.
7. If the constraints property of the Input Descriptor is present, and it contains a same_subject property, ensure that for each object in the array, all of the attributes so identified by the strings in the field_id array are about the same subject.

§ Expired and Revoked Data

Certain types of claims have concepts of expiration and revocation. Expiration is mechanism normally used to communicate a time bound up until which a claim is valid. Revocation is a mechanism normally used to give an issuer control over the status of a claim after issuance. Different claim specifications handle these concepts in different ways.

Presentation Definitions have a need to specify whether expired, revoked, or claims of other statuses can be accepted. For claims that have simple status properties Input Descriptor Filters JSON Schema can be used to write specify acceptable criteria.

The first example demonstrates expiry using the VC Data Model’s expirationDate property. The second demonstrates revocation, or more generally, credential status using the VC Data Model’s credentialStatus property. Using the syntax provided in the example a Verifier will have all requisite information to resolve the status of a claim.

{
  "id": "drivers_license_information",
  "name": "Verify Valid License",
  "purpose": "We need to know you have a license valid through December.",
  "metadata": {
    "client_id": "4fb540be-3a7f-0b47-bb37-3821bd766ed4",
    "redirect_uri": "https://yourwatchful.gov/verify"
  },
  "schema": [
    {
      "uri": "https://yourwatchful.gov/drivers-license-schema.json",
      "required": true
    }
  ],
  "constraints": {
    "fields": [
      {
        "path": ["$.expirationDate"],
        "filter": {
          "type": "string",
          "format": "date-time",
          "min": "2020-12-31T23:59:59.000Z"
        }
      }
    ]
  }
}

{
  "id": "drivers_license_information",
  "name": "Verify Valid License",
  "purpose": "We need to know that your license has not been revoked.",
  "metadata": {
    "client_id": "4fb540be-3a7f-0b47-bb37-3821bd766ed4",
    "redirect_uri": "https://yourwatchful.gov/verify"
  },
  "schema": [
    {
      "uri": "https://yourwatchful.gov/drivers-license-schema.json"
    }
  ],
  "constraints": {
    "fields": [
      {
        "path": ["$.credentialStatus"]
      }
    ]
  }
}

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "definitions": {
    "schema": {
      "type": "object",
      "properties": {
        "uri": { "type": "string" },
        "required": { "type": "boolean" }
      },
      "required": ["uri"],
      "additionalProperties": false
    },
    "filter": {
      "type": "object",
      "properties": {
        "type": { "type": "string" },
        "format": { "type": "string" },
        "pattern": { "type": "string" },
        "minimum": { "type": ["number", "string"] },
        "minLength": { "type": "integer" },
        "maxLength": { "type": "integer" },
        "exclusiveMinimum": { "type": ["number", "string"] },
        "exclusiveMaximum": { "type": ["number", "string"] },
        "maximum": { "type": ["number", "string"] },
        "const": { "type": ["number", "string"] },
        "enum": { 
          "type": "array",
          "items": { "type": ["number", "string"] }
        },
        "not": {
          "type": "object",
          "minProperties": 1
        }
      },
      "required": ["type"],
      "additionalProperties": false
    },
    "format": {
      "type": "object",
      "patternProperties": {
        "^jwt$|^jwt_vc$|^jwt_vp$": {
          "type": "object",
          "properties": {
            "alg": {
              "type": "array",
              "minItems": 1,
              "items": { "type": "string" }
            }
          },
          "required": ["alg"],
          "additionalProperties": false
        },
        "^ldp_vc$|^ldp_vp$|^ldp$": {
          "type": "object",
          "properties": {
            "proof_type": {
              "type": "array",
              "minItems": 1,
              "items": { "type": "string" }
            }
          },
          "required": ["proof_type"],
          "additionalProperties": false
        }, 
        "additionalProperties": false  
      },
      "additionalProperties": false
    },
    "submission_requirements": {
      "type": "object",
      "oneOf": [
        {
          "properties": {
            "name": { "type": "string" },
            "purpose": { "type": "string" },
            "rule": {
              "type": "string",
              "enum": ["all", "pick"]
            },
            "count": { "type": "integer", "minimum": 1 },
            "min": { "type": "integer", "minimum": 0 },
            "max": { "type": "integer", "minimum": 0 },
            "from": { "type": "string" }
          },
          "required": ["rule", "from"],
          "additionalProperties": false
        },
        {
          "properties": {
            "name": { "type": "string" },
            "purpose": { "type": "string" },
            "rule": {
              "type": "string",
              "enum": ["all", "pick"]
            },
            "count": { "type": "integer", "minimum": 1 },
            "min": { "type": "integer", "minimum": 0 },
            "max": { "type": "integer", "minimum": 0 },
            "from_nested": {
              "type": "array",
              "minItems": 1,
              "items": {
                "$ref": "#/definitions/submission_requirements"
              }
            }
          },
          "required": ["rule", "from_nested"],
          "additionalProperties": false
        }
      ]
    },
    "input_descriptors": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "name": { "type": "string" },
        "purpose": { "type": "string" },
        "metadata": { "type": "object" },
        "group": {
          "type": "array",
          "items": { "type": "string" }
        },
        "schema": {
          "type": "array",
          "items": { "$ref": "#/definitions/schema" }
        },
        "constraints": {
          "type": "object",
          "properties": {
            "limit_disclosure": { "type": "boolean" },
            "statuses": {
              "type": "object",
              "properties": {
                "active": {
                  "type": "object",
                  "properties": {
                    "directive": {
                      "type": "string",
                      "enum": ["required", "allowed", "disallowed"]
                    }
                  }
                },
                "suspended": {
                  "type": "object",
                  "properties": {
                    "directive": {
                      "type": "string",
                      "enum": ["required", "allowed", "disallowed"]
                    }
                  }
                },
                "revoked": {
                  "type": "object",
                  "properties": {
                    "directive": {
                      "type": "string",
                      "enum": ["required", "allowed", "disallowed"]
                    }
                  }
                }
              }
            },
            "fields": {
              "type": "array",
              "items": { "$ref": "#/definitions/field" }
            },
            "subject_is_issuer": {
              "type": "string",
              "enum": ["required", "preferred"]
            },
            "is_holder": {
              "type": "array",
              "items": {
                "type": "object",
                "properties":  {
                  "field_id": {
                    "type": "array",
                    "items": { "type": "string" }
                  },
                  "directive": {
                    "type": "string",
                    "enum": ["required", "preferred"]
                  }
                },
                "required": ["field_id", "directive"],
                "additionalProperties": false
              }
            },
            "same_subject": {
              "type":  "array",
              "items": {
                "type": "object",
                "properties":  {
                  "field_id": {
                    "type": "array",
                    "items": { "type": "string" }
                  },
                  "directive": {
                    "type": "string",
                    "enum": ["required", "preferred"]
                  }
                },
                "required": ["field_id", "directive"],
                "additionalProperties": false
              }
            }
          },
          "additionalProperties": false
        }
      },
      "required": ["id", "schema"],
      "additionalProperties": false
    },
    "field": {
      "type": "object",
      "oneOf": [
        {
          "properties": {
            "id": { "type": "string" },
            "path": {
              "type": "array",
              "items": { "type": "string" }
            },
            "purpose": { "type": "string" },
            "filter": { "$ref": "#/definitions/filter" }
          },
          "required": ["path"],
          "additionalProperties": false
        },
        {
          "properties": {
            "id": { "type": "string" },
            "path": {
              "type": "array",
              "items": { "type": "string" }
            },
            "purpose": { "type": "string" },
            "filter": { "$ref": "#/definitions/filter" },
            "predicate": { 
              "type": "string",
              "enum": ["required", "preferred"]
            }
          },
          "required": ["path", "filter", "predicate"],
          "additionalProperties": false
        }
      ]
    }
  },
  "type": "object",
  "properties": {
    "presentation_definition": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "name": { "type": "string" },
        "purpose": { "type": "string" },
        "locale": { "type": "string" },
        "format": { "$ref": "#/definitions/format"},
        "submission_requirements": {
          "type": "array",
          "items": {
            "$ref": "#/definitions/submission_requirements"
          }
        },
        "input_descriptors": {
          "type": "array",
          "items": { "$ref": "#/definitions/input_descriptors" }
        }
      },
      "required": ["id", "input_descriptors"],
      "additionalProperties": false
    }
  }
}

{
  "presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "descriptor_map": [
      { 
        "id": "banking_input_2",
        "format": "jwt_vp",
        "path": "$.outerClaim[0]",
        "path_nested": {
            "id": "banking_input_2",
            "format": "ldp_vc",
            "path": "$.innerClaim[1]",
            "path_nested": {
                "id": "banking_input_2",
                "format": "jwt_vc",
                "path": "$.mostInnerClaim[2]"
            }
        }
    }
  ]
}

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Presentation Submission",
  "type": "object",
  "properties": {
    "presentation_submission": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "definition_id": { "type": "string" },
        "locale": { "type": "string" },
        "descriptor_map": {
          "type": "array",
          "items": { "$ref": "#/definitions/descriptor" }
        }
      },
      "required": ["id", "definition_id", "descriptor_map"],
      "additionalProperties": false
    }
  },
  "definitions": {
    "descriptor": {
      "type": "object",
      "properties": {
        "id": { "type": "string" },
        "path": { "type": "string" },
        "path_nested": { 
          "type": "object",
            "$ref": "#/definitions/descriptor"
        },
        "format": { 
          "type": "string",
          "enum": ["jwt", "jwt_vc", "jwt_vp", "ldp", "ldp_vc", "ldp_vp"]
        }
      },
      "required": ["id", "path", "format"],
      "additionalProperties": false
    }
  },
  "required": ["presentation_submission"],
  "additionalProperties": false
}

{
  "store": {
    "book": [ 
      {
        "category": "reference",
        "author": "Nigel Rees",
        "title": "Sayings of the Century",
        "price": 8.95
      }, {
        "category": "fiction",
        "author": "Evelyn Waugh",
        "title": "Sword of Honour",
        "price": 12.99
      }, {
        "category": "fiction",
        "author": "Herman Melville",
        "title": "Moby Dick",
        "isbn": "0-553-21311-3",
        "price": 8.99
      }, {
        "category": "fiction",
        "author": "J. R. R. Tolkien",
        "title": "The Lord of the Rings",
        "isbn": "0-395-19395-8",
        "price": 22.99
      }
    ],
    "bicycle": {
      "color": "red",
      "price": 19.95
    }
  }
}

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://identity.foundation/presentation-exchange/submission/v1"
  ],
  "type": [
    "VerifiablePresentation",
    "PresentationSubmission"
  ],
  "presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "descriptor_map": [
      {
        "id": "banking_input_2",
        "format": "jwt_vc",
        "path": "$.verifiableCredential[0]"
      },
      {
        "id": "employment_input",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[1]"
      },
      {
        "id": "citizenship_input_1",
        "format": "ldp_vc",
        "path": "$.verifiableCredential[2]"
      }
    ]
  },
  "verifiableCredential": [
    { // DECODED JWT PAYLOAD, ASSUME THIS WILL BE A BIG UGLY OBJECT
      "vc": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://eu.com/claims/DriversLicense",
        "type": ["EUDriversLicense"],
        "issuer": "did:example:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "accounts": [
            {
              "id": "1234567890",
              "route": "DE-9876543210"
            },
            {
              "id": "2457913570",
              "route": "DE-0753197542"
            }
          ]
        }
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://business-standards.org/schemas/employment-history.json",
      "type": ["VerifiableCredential", "GenericEmploymentCredential"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "active": true
      },
      "proof": {
        "type": "EcdsaSecp256k1VerificationKey2019",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    },
    {
      "@context": "https://www.w3.org/2018/credentials/v1",
      "id": "https://eu.com/claims/DriversLicense",
      "type": ["EUDriversLicense"],
      "issuer": "did:foo:123",
      "issuanceDate": "2010-01-01T19:73:24Z",
      "credentialSubject": {
        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
        "license": {
          "number": "34DGE352",
          "dob": "07/13/80"
        }
      },
      "proof": {
        "type": "RsaSignature2018",
        "created": "2017-06-18T21:19:10Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "https://example.edu/issuers/keys/1",
        "jws": "..."
      }
    }
  ],
  "proof": {
    "type": "RsaSignature2018",
    "created": "2018-09-14T21:19:10Z",
    "proofPurpose": "authentication",
    "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1",
    "challenge": "1f44d55f-f161-4938-a659-f8026467f126",
    "domain": "4jt78h47fh47",
    "jws": "..."
  }
}

{
  "iss": "https://self-issued.me",
  "sub": "248289761001",
  "preferred_username": "superman445",
  "presentation_submission": {
    "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
    "definition_id": "32f54163-7166-48f1-93d8-ff217bdb0653",
    "descriptor_map": [
      {
        "id": "banking_input_2",
        "format": "jwt",
        "path": "$._claim_sources.banking_input_2.JWT"
      },
      {
        "id": "employment_input",
        "format": "jwt_vc",
        "path": "$._claim_sources.employment_input.VC_JWT"
      },
      {
        "id": "citizenship_input_1",
        "format": "ldp_vc",
        "path": "$._claim_sources.citizenship_input_1.VC"
      }
    ]
  },
  "_claim_names": {
    "verified_claims": [
      "banking_input_2",
      "employment_input",
      "citizenship_input_1"
    ]
  },
  "_claim_sources": {
    "banking_input_2": {
      "JWT": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwcz
      ovL3NlcnZlci5vdGhlcm9wLmNvbSIsInN1YiI6ImU4MTQ4NjAzLTg5MzQtNDI0N
      S04MjViLWMxMDhiOGI2Yjk0NSIsInZlcmlmaWVkX2NsYWltcyI6eyJ2ZXJpZmlj
      YXRpb24iOnsidHJ1c3RfZnJhbWV3b3JrIjoiaWFsX2V4YW1wbGVfZ29sZCJ9LCJ
      jbGFpbXMiOnsiZ2l2ZW5fbmFtZSI6Ik1heCIsImZhbWlseV9uYW1lIjoiTWVpZX
      IiLCJiaXJ0aGRhdGUiOiIxOTU2LTAxLTI4In19fQ.FArlPUtUVn95HCExePlWJQ
      6ctVfVpQyeSbe3xkH9MH1QJjnk5GVbBW0qe1b7R3lE-8iVv__0mhRTUI5lcFhLj
      oGjDS8zgWSarVsEEjwBK7WD3r9cEw6ZAhfEkhHL9eqAaED2rhhDbHD5dZWXkJCu
      XIcn65g6rryiBanxlXK0ZmcK4fD9HV9MFduk0LRG_p4yocMaFvVkqawat5NV9QQ
      3ij7UBr3G7A4FojcKEkoJKScdGoozir8m5XD83Sn45_79nCcgWSnCX2QTukL8Ny
      wIItu_K48cjHiAGXXSzydDm_ccGCe0sY-Ai2-iFFuQo2PtfuK2SqPPmAZJxEFrF
      oLY4g"
    },
    "employment_input": {
      "VC": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://business-standards.org/schemas/employment-history.json",
        "type": ["VerifiableCredential", "GenericEmploymentCredential"],
        "issuer": "did:foo:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "active": true
        },
        "proof": {
          "type": "EcdsaSecp256k1VerificationKey2019",
          "created": "2017-06-18T21:19:10Z",
          "proofPurpose": "assertionMethod",
          "verificationMethod": "https://example.edu/issuers/keys/1",
          "jws": "..."
        }
      }
    },
    "citizenship_input_1": {
      "VC": {
        "@context": "https://www.w3.org/2018/credentials/v1",
        "id": "https://eu.com/claims/DriversLicense",
        "type": ["EUDriversLicense"],
        "issuer": "did:foo:123",
        "issuanceDate": "2010-01-01T19:73:24Z",
        "credentialSubject": {
          "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
          "license": {
            "number": "34DGE352",
            "dob": "07/13/80"
          }
        },
        "proof": {
          "type": "EcdsaSecp256k1VerificationKey2019",
          "created": "2017-06-18T21:19:10Z",
          "proofPurpose": "assertionMethod",
          "verificationMethod": "https://example.edu/issuers/keys/1",
          "jws": "..."
        }
      }
    }
  }
}

{
  "type": "web",
  "dataType": "VerifiablePresentation",
  "data": {
    // Presentation Submission goes here
  }
}

{
    "@type": "https://didcomm.org/present-proof/%VER/presentation",
    "@id": "f1ca8245-ab2d-4d9c-8d7d-94bf310314ef",
    "comment": "some comment",
    "formats" : [{
        "attach_id" : "2a3f1c4c-623c-44e6-b159-179048c51260",
        "format" : "dif/presentation-exchange/[email protected]"
    }],
    "presentations~attach": [{
        "@id": "2a3f1c4c-623c-44e6-b159-179048c51260",
        "mime-type": "application/ld+json",
        "data": {
            "json": {
              // Presentation Submission goes here
            }
        }
    }]
}