The Trusted Issuers Registry (TIR) is a generic decentralised registry that maintains information about trusted issuers, including public data, accreditations and other relevant details. This information is stored in the smart contract as Attribute Envelopes (similar to Verifiable Credentials), which can be issued by Trusted Issuers or self-issued. Validation of generic Envelopes (like Verifiable Credentials) occurs outside the EBSI Platform. Issuers can define proxies used during credential verification to check if credentials are still valid or have been revoked. The verification flow is detailed in the Credential Status Framework.
To register a DID with the TIR, a Legal Entity (LE) must first generate a DID and DID document, and then request a VerifiableAuthorisationToOnboard Verifiable Credential (VC) from the Issuer. After presenting the VerifiableAuthorisationToOnboard VC, the LE receives an access token, which allows it to register its DID in the DID registry. To become a Truster Issuer, the LE must also request a VerifiableAccreditationToAttest VC and register it into the TIR. Upon presenting this VC, the LE receives an access token that permits it to insert its DID into the TIR.
The TIR service consists of a smart contract (TIR SC) and API (TIR API). The TIR SC is an Ethereum smart contract deployed on the EBSI ledger. All public smart contract methods are accessible via APIs. Two types of APIs are provided: JSON-RPC for write operations and REST for the read operations. The TIR API enables the management and verification of Trusted Issuers' information and accreditations. Note that the accreditation of Trusted Issuers domain-specific and falls outside the EBSI scope.
For more information see:
- CLI Tool page: Test the capabilities using the EBSI CLI tool
Authentication
- HTTP: Bearer Auth
| Security Scheme Type: | http |
|---|---|
| HTTP Authorization Scheme: | bearer |
| Bearer format: | JWT |