Request and present Verifiable Credentials

Context

This document describes the Holder Wallet Conformance test module flows and the usage of the protocol.

Wallet tests guidelines

The same-device and cross-device test flows differ only in the Credential Offering, which is either an HTTP 302 redirect for same-device tests or a QR code for cross-device tests. Tests are executed by requesting a credential and completed by receiving it. All given nonces and states must be honoured, or the test will be rejected.

Test cases use simple DID authentication with an id_token. Wallets should expect other authentication means including authentication through Verifiable Presentation exchange with Verifiable Credentials, redirects into log-in screens, or pre-registration. Some issuers might request normal OIDC authentication with log-in pages, which can be identified from the redirect content.

In the test cases, the Holder Wallet is the Relying Party controlled by the End-User. The Holder Wallet's client_id matches the End-User controlled DID.

Issuer initiated generic flows

Issuer initiated flows start with the Credential Offering proposed by Issuer. The Credential Offering is in redirect for same-device tests and in QR Code for cross-device tests. Expected Credential Offering endpoint may be given in the test scenario, while it defaults to openid-credential-offer://.

User starts each test from the Conformance Testing (Issuer Mock) web page, and accepts the Issuer Initiated Credential Offering. The selected scheme must redirect through browser registrations or through universal/app links towards the Wallet, which will then process the Credential Offering.

If the wallet trusts the credential_issuer (client_id), the second step is to discover the configuration properties by reading /.well-known/openid-credential-issuer content, which also refers to authorization_server to request the access token from. The Authorisation Server will expose /.well-known/openid-configuration for its own configuration.

The Conformance test divides the responsibility for Issuance (Issuer Mock) and Authentication (Auth Mock). Auth Mock implements the Authorisation Server capabilities, and the Issuer Mock implements the Issuance capabilities while trusting the access tokens issued by the Authorisation Server.

Non-normative example

Discovery

Please see Wallets Metadata specification for further details.

Credential Offering

Please see VCI - Credential Offering for further details.

Tests

The test specific flows can be found below. The generic use of the Conformance UI is described above and applies to all tests. The actual schema of the content can be found in the Credential Issuance Guidelines and example payloads next to the subject.

All tests are Issuer initiated. User initiated actions can be taken by reading the OpenID Provider Metadata in well-known and using the credentials_supported field to build the requested credential.

In Time

The requested credentials are CTWalletSameAuthorisedInTime for same-device and CTWalletCrossAuthorisedInTime for cross-device tests. The test will contain basic in-time issuance of the credential and DID authentication through an ID Token.

Non-normative examples

At this point, the Wallet is aware of the Credential Issuer and the Authorisation Server it is using.

The Wallet will start by requesting access for the desired credential from the Auth Mock (Authorisation Server). The client_metadata.authorization_endpoint is used for the redirect location associated with the vp_token and id_token. If client_metadata fails to provide the required information, the default configuration (openid://) will be used instead.

The Wallet is the Relying Party, thus client_id is the DID.

Authorisation Request

Auth Mock proceeds by requesting an ID Token from the Wallet to authenticate the DID without any claims. This is delivered through redirection like any other delegation for authentication.

ID Token Request

The Wallet answers the ID Token Request by providing the id_token in the redirect_uri as instructed by response_mode of direct_post. The id_token must be signed with the DID document's authentication key.

The state parameter is mandatory for the ID Token Response when it is present in the ID Token Request sent by the Authorisation Server. In such cases, the Client must ensure that the values of the state parameter are identical in both.

ID Token Response

POST into https://api-conformance.ebsi.eu/conformance/v3/auth-mock/direct_post
Content-Type: application/x-www-form-urlencoded
id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9.eyJpc3MiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJzdWIiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJhdWQiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2F1dGgtbW9jayIsImV4cCI6MTU4OTY5OTM2MCwiaWF0IjoxNTg5Njk5MjYwLCJub25jZSI6Im4tMFM2X1d6QTJNaiJ9.fqsihsEeR_reLU_InXQ9KonLllLbMkKUhL9GpPF7kSH6AGy4zdkV8BkBlLGRRs0Zds_gq5Ok5Grr8dVL1XhtgA

JWT Header:
{
  typ: 'JWT',
  alg: 'ES256',
  kid: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r'
}
JWT Payload:
{
  iss: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  sub: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  aud: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock',
  exp: 1589699360,
  iat: 1589699260,
  nonce: 'n-0S6_WzA2Mj'
}

The Authorisation Server evaluates the ID Token response and the original authorisation request to assert if access should be granted. Upon successful authentication, the direct_post endpoint will return a redirect in the requested redirect_uri with a code.

Authorisation Response

The Wallet (Relying Party) proceeds with the code flow by calling the Token Endpoint with the required details and providing a code_verifier corresponding to the initial Authorisation Request code_challenge. The details for the code_verifier, code_challenge and code_challenge_method can be found from Verifiable Credential Issuance - Authorisation Request and from RFC 7636.

Token Request

The Access Token is delivered as a response payload from a successful Token Endpoint initiation. c_nonce (Challenge Nonce) must be stored until a new one is given.

Token Response

At this point, the Wallet has successfully obtained a valid Access Token, which can be used to gain access to the Credential's Issuer.

The Relying Party proceeds by requesting issuance of the Verifiable Credential from the Issuer Mock. The requested Credential must match the granted access. The DID document's authentication key must be used for signing the JWT proof, where the DID must also match the one used for authentication.

Credential Request

POST into https://api-conformance.ebsi.eu/conformance/v3/issuer-mock/credentials
Content-Type: application/json
Authorization: BEARER eyJhbGciOiJSUzI1NiIsInR5cCI6Ikp..sHQ

{
  types: [ 'VerifiableCredential', 'VerifiableAttestation', 'CTWalletSameAuthorisedInTime' ],
  format: 'jwt_vc',
  proof: {
    proof_type: 'jwt',
    jwt: 'eyJ0eXAiOiJvcGVuaWQ0dmNpLXByb29mK2p3dCIsImFsZyI6IkVTMjU2Iiwia2lkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyI3oyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIifQ.eyJpc3MiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJhdWQiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2lzc3Vlci1tb2NrIiwiaWF0IjoxNTg5Njk5NTYyLCJleHAiOjE1ODk2OTk5NjIsIm5vbmNlIjoiUEFQUGYzaDlsZXhUdjNXWUhaeDhhalRlIn0.Fj_iSrwRE1_JouNfDVhaRuxIk6ze5k99cbdtI1zXK76Z1Yw-6ss5Nzuj8mashLEiHgFdBzC7F2lZpRUcewwEsQ'
  }
}

JWT Header:
{
  typ: 'openid4vci-proof+jwt',
  alg: 'ES256',
  kid: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r'
}
JWT Payload:
{
  iss: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  aud: 'https://api-conformance.ebsi.eu/conformance/v3/issuer-mock',
  iat: 1589699562,
  exp: 1589699962,
  nonce: 'PAPPf3h9lexTv3WYHZx8ajTe'
}

After the successful request, the response payload will contain the requested credential.

Credential Response

Deferred

This test is similar to the in-time flow, but the Credential Response will initiate a Deferred flow, which ends with a successful Credential Response. The Issuer Mock will have a 5-second delay before accepting the deferred flow to finish. The credentials used are CTWalletSameAuthorisedDeferred and CTWalletCrossAuthorisedDeferred.

Non-normative examples

The used requests and responses are semantically the same as those in the in-time flow. The last Credential Response is also semantically the same as the in-time Credential Response.

The deferred flow is informed by returning an acceptance_token, which can then be used in the deferred endpoint.

Credential Response with acceptance_token

Below is an example request of a deferred credential endpoint containing the Acceptance Token. The returned payload is the Credential Response, which may contain a new or same acceptance_token, or the credential itself. The deferred flow will continue until the request is rejected or a credential has been issued.

Deferred Credential Request

Pre-authorised

In Time

The pre-authorised and in-time flow bypasses the authorisation process and requires a PIN code for added security, the PIN code is shown in the Conformance UI. Two types of credentials are used: CTWalletSamePreAuthorisedInTime for same-device transactions and CTWalletCrossPreAuthorisedInTime for cross-device transactions.

Non-normative examples

All other payloads are semantically the same as the in-time flow.

Token Request - Pre-authorised

Deferred

The pre-authorised an deferred flow bypasses the authorisation process and requires a PIN code for added security, the PIN code is shown in the Conformance UI. Two types of credentials are used: CTWalletSamePreAuthorisedDeferred for same-device transactions and CTWalletCrossPreAuthorisedDeferred for cross-device transactions.

Non-normative examples

All other payloads are semantically the same as the deferred flow.

Token Request - Pre-authorised

CT Qualification Credentials with VP Exchange

This test evaluates the Wallet's capability to handle Verifiable Presentation through dynamic conversation. The Wallet is requested to give all Verifiable Credentials from previous test cases. If successfully provided, the Auth Mock will issue an access token, which can be used to get CT Qualification Credentials.

The below examples are for Holder Wallet cases, which start by requesting a CTWalletQualificationCredential. The requested credentials are CTWalletSameAuthorisedInTime, CTWalletCrossAuthorisedInTime, CTWalletSameAuthorisedDeferred, CTWalletCrossAuthorisedDeferred, CTWalletSamePreAuthorisedInTime, CTWalletCrossPreAuthorisedInTime, CTWalletSamePreAuthorisedDeferred and CTWalletCrossPreAuthorisedDeferred.

Non-normative examples

The Authorisation Request and Response, Token Request and Responses, Credential Request and Response are all semantically the same as the in-time flow. The direct_post must be executed against the given redirect_uri.

The call below is from the Authorisation Server to the Wallet, and it initiates the vp_token exchange. The redirect scheme is registered with the initial Authorisation Request's client_metadata.authorization_endpoint.

VP Token Request

HTTP 302 Location: openid://
?client_id=https%3A%2F%2Fapi-conformance.ebsi.eu%2Fconformance%2Fv4%2Fauth-mock
&response_type=vp_token
&scope=openid
&redirect_uri=https%3A%2F%2Fapi-conformance.ebsi.eu%2Fconformance%2Fv4%2Fauth-mock%2Fdirect_post
&request=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImM0S3JlcEpYem1CTVctcW8ybnREQ3drVGdMbTJDYl81ZWFiemtsalRoXzAifQ.eyJpc3MiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2F1dGgtbW9jayIsImF1ZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImV4cCI6MTU4OTY5OTE2MiwicmVzcG9uc2VfdHlwZSI6InZwX3Rva2VuIiwicmVzcG9uc2VfbW9kZSI6ImRpcmVjdF9wb3N0IiwiY2xpZW50X2lkIjoiaHR0cHM6Ly9hcGktY29uZm9ybWFuY2UuZWJzaS5ldS9jb25mb3JtYW5jZS92My9hdXRoLW1vY2siLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2F1dGgtbW9jay9kaXJlY3RfcG9zdCIsInNjb3BlIjoib3BlbmlkIiwibm9uY2UiOiJGZ2tlRXJmOTFrZmwiLCJwcmVzZW50YXRpb25fZGVmaW5pdGlvbl91cmkiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2F1dGgtbW9jay9kZWZpbml0aW9ucy94eXoifQ.Limf4M5u93opn0M2GXIbWrc0J07PJJjwEOgddDtkikkcXJDLXEUhcBict5jGg58jNg0rA5p8UEgsaJBzr1MzOg

JWT Header:
{
  typ: 'JWT',
  alg: 'ES256',
  kid: 'c4KrepJXzmBMW-qo2ntDCwkTgLm2Cb_5eabzkljTh_0'
}
JWT Payload:
{
  iss: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock',
  aud: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  exp: 1589699162,
  response_type: 'vp_token',
  response_mode: 'direct_post',
  client_id: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock',
  redirect_uri: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock/direct_post',
  scope: 'openid',
  nonce: 'FgkeErf91kfl',
  presentation_definition_uri: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock/definitions/xyz'
}

The call below is from the Wallet to the Authorisation Server as instructed by the redirect_uri endpoint.

The state parameter is mandatory for the VP Token Response when it is present in the VP Token Request sent by the Authorisation Server. In such cases, the Client must ensure that the values of the state parameter are identical in both.

VP Token Response

HTTP POST into: https://api-conformance.ebsi.eu/conformance/v3/auth-mock/direct_post

vp_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9.eyJpc3MiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIiLCJhdWQiOiJodHRwczovL2FwaS1jb25mb3JtYW5jZS5lYnNpLmV1L2NvbmZvcm1hbmNlL3YzL2F1dGgtbW9jayIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsIm5vbmNlIjoiRmdrZUVyZjkxa2ZsIiwianRpIjoidXJuOnV1aWQ6MDcwNjA2MWEtZTJjYS00NjE0LTlkZTctOWMxNDUxOTM1ZjAyIiwidnAiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDowNzA2MDYxYS1lMmNhLTQ2MTQtOWRlNy05YzE0NTE5MzVmMDIiLCJ0eXBlIjpbIlZlcmlmaWFibGVQcmVzZW50YXRpb24iXSwiaG9sZGVyIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIiwidmVyaWZpYWJsZUNyZWRlbnRpYWwiOlsiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOaUlzSW10cFpDSTZJbVJwWkRwbFluTnBPbnAyU0ZkWU16VTVRVE5EZG1aS2JrTlpZVUZwUVdSbEkwWXdjalZQZVhSZmJHRm9kblo2TmsxWGJGbHpNMjFqV1U1TFdtbHBVV1JWWm5GMk9IUnphRWhPT1hjaWZRLmV5SnBjM01pT2lKa2FXUTZaV0p6YVRwNmRraFhXRE0xT1VFelEzWm1TbTVEV1dGQmFVRmtaU0lzSW5OMVlpSTZJbVJwWkRwclpYazZlakprYlhwRU9ERmpaMUI0T0ZacmFUZEtZblYxVFcxR1dYSlhVR2RaYjNsMGVXdFZXak5sZVhGb2RERnFPVXRpYzBWWmRtUnlhbmhOYWxFMGRIQnVhbVU1UWtSQ1ZIcDFUa1JRTTJ0dWJqWnhURnBGY25wa05HSktOV2R2TWtORGFHOVFhbVExUjBGSU0zcHdSa3BRTldaMWQxTnJOalpWTlZCeE5rVm9SalJ1UzI1SWVrUnVlbTVGVURobVdEazVibHBIWjNkaVFXZ3hiemRIYWpGWU5USlVaR2htTjFVMFMxUnJOalo0YzBFMWNpSXNJbWxoZENJNk1UVTRPVFk1T1RJMk1Dd2libUptSWpveE5UZzVOams1TWpZd0xDSmxlSEFpT2pFMU9EazJPVGt5TmpBc0ltcDBhU0k2SW5WeWJqcDFkV2xrWWpZNU1UWmpNVEF0T0dJMk5DMDBOREk0TFRoaVpqVXRZMlJtTkRnek9ETXpNVEJqSWl3aWRtTWlPbnNpUUdOdmJuUmxlSFFpT2xzaWFIUjBjSE02THk5M2QzY3Vkek11YjNKbkx6SXdNVGd2WTNKbFpHVnVkR2xoYkhNdmRqRWlYU3dpYVdRaU9pSjFjbTQ2ZFhWcFpEcGlOamt4Tm1NeE1DMDRZalkwTFRRME1qZ3RPR0ptTlMxalpHWTBPRE00TXpNeE1HTWlMQ0owZVhCbElqcGJJbFpsY21sbWFXRmliR1ZEY21Wa1pXNTBhV0ZzSWl3aVZtVnlhV1pwWVdKc1pVRjBkR1Z6ZEdGMGFXOXVJaXdpUTFSWFlXeHNaWFJUWVcxbFNXNVVhVzFsSWwwc0ltbHpjM1ZsY2lJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSWl3aWFYTnpkV0Z1WTJWRVlYUmxJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSjJZV3hwWkVaeWIyMGlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0luWmhiR2xrVlc1MGFXd2lPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltVjRjR2x5WVhScGIyNUVZWFJsSWpvaU1qQXlNQzB3TlMweE4xUXdOem93TnpvME1Gb2lMQ0pwYzNOMVpXUWlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltTnlaV1JsYm5ScFlXeFRkV0pxWldOMElqcDdJbWxrSWpvaVpHbGtPbXRsZVRwNk1tUnRla1E0TVdOblVIZzRWbXRwTjBwaWRYVk5iVVpaY2xkUVoxbHZlWFI1YTFWYU0yVjVjV2gwTVdvNVMySnpSVmwyWkhKcWVFMXFVVFIwY0c1cVpUbENSRUpVZW5WT1JGQXphMjV1Tm5GTVdrVnllbVEwWWtvMVoyOHlRME5vYjFCcVpEVkhRVWd6ZW5CR1NsQTFablYzVTJzMk5sVTFVSEUyUldoR05HNUxia2g2Ukc1NmJrVlFPR1pZT1RsdVdrZG5kMkpCYURGdk4wZHFNVmcxTWxSa2FHWTNWVFJMVkdzMk5uaHpRVFZ5SW4wc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJGd2FTMXdhV3h2ZEM1bFluTnBMbVYxTDNSeWRYTjBaV1F0YzJOb1pXMWhjeTF5WldkcGMzUnllUzkyTWk5elkyaGxiV0Z6THpCNE1qTXdNemxsTmpNMU5tVmhObUkzTUROalpUWTNNbVUzWTJaaFl6QmlOREkzTmpWaU1UVXdaall6WkdZM09HVXlZbVF4T0dGbE56ZzFOemczWmpaaE1pSXNJblI1Y0dVaU9pSkdkV3hzU25OdmJsTmphR1Z0WVZaaGJHbGtZWFJ2Y2pJd01qRWlmWDE5LkVseFdRQXdqSkpaWVgwXzFyZXdyU0I4UkJYTW1nam9XVHNfVmVoY1VJZUMtTk5mTUptd1kxUEJ2VTBoLVVsTDBGMHVBVG5naXpqY3dlMkhmczh4emt3IiwiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOaUlzSW10cFpDSTZJbVJwWkRwbFluTnBPbnAyU0ZkWU16VTVRVE5EZG1aS2JrTlpZVUZwUVdSbEkwWXdjalZQZVhSZmJHRm9kblo2TmsxWGJGbHpNMjFqV1U1TFdtbHBVV1JWWm5GMk9IUnphRWhPT1hjaWZRLmV5SnBjM01pT2lKa2FXUTZaV0p6YVRwNmRraFhXRE0xT1VFelEzWm1TbTVEV1dGQmFVRmtaU0lzSW5OMVlpSTZJbVJwWkRwclpYazZlakprYlhwRU9ERmpaMUI0T0ZacmFUZEtZblYxVFcxR1dYSlhVR2RaYjNsMGVXdFZXak5sZVhGb2RERnFPVXRpYzBWWmRtUnlhbmhOYWxFMGRIQnVhbVU1UWtSQ1ZIcDFUa1JRTTJ0dWJqWnhURnBGY25wa05HSktOV2R2TWtORGFHOVFhbVExUjBGSU0zcHdSa3BRTldaMWQxTnJOalpWTlZCeE5rVm9SalJ1UzI1SWVrUnVlbTVGVURobVdEazVibHBIWjNkaVFXZ3hiemRIYWpGWU5USlVaR2htTjFVMFMxUnJOalo0YzBFMWNpSXNJbWxoZENJNk1UVTRPVFk1T1RJMk1Dd2libUptSWpveE5UZzVOams1TWpZd0xDSmxlSEFpT2pFMU9EazJPVGt5TmpBc0ltcDBhU0k2SW5WeWJqcDFkV2xrTURBMk1qZGpNell0WXpCallTMDBaR0U1TFRsallURXRObU5pTm1ObU4yRmtNekJrSWl3aWRtTWlPbnNpUUdOdmJuUmxlSFFpT2xzaWFIUjBjSE02THk5M2QzY3Vkek11YjNKbkx6SXdNVGd2WTNKbFpHVnVkR2xoYkhNdmRqRWlYU3dpYVdRaU9pSjFjbTQ2ZFhWcFpEb3dNRFl5TjJNek5pMWpNR05oTFRSa1lUa3RPV05oTVMwMlkySTJZMlkzWVdRek1HUWlMQ0owZVhCbElqcGJJbFpsY21sbWFXRmliR1ZEY21Wa1pXNTBhV0ZzSWl3aVZtVnlhV1pwWVdKc1pVRjBkR1Z6ZEdGMGFXOXVJaXdpUTFSWFlXeHNaWFJEY205emMwbHVWR2x0WlNKZExDSnBjM04xWlhJaU9pSmthV1E2WldKemFUcDZka2hYV0RNMU9VRXpRM1ptU201RFdXRkJhVUZrWlNJc0ltbHpjM1ZoYm1ObFJHRjBaU0k2SWpJd01qQXRNRFV0TVRkVU1EYzZNRGM2TkRCYUlpd2lkbUZzYVdSR2NtOXRJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSjJZV3hwWkZWdWRHbHNJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSmxlSEJwY21GMGFXOXVSR0YwWlNJNklqSXdNakF0TURVdE1UZFVNRGM2TURjNk5EQmFJaXdpYVhOemRXVmtJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSmpjbVZrWlc1MGFXRnNVM1ZpYW1WamRDSTZleUpwWkNJNkltUnBaRHByWlhrNmVqSmtiWHBFT0RGaloxQjRPRlpyYVRkS1luVjFUVzFHV1hKWFVHZFpiM2wwZVd0VldqTmxlWEZvZERGcU9VdGljMFZaZG1SeWFuaE5hbEUwZEhCdWFtVTVRa1JDVkhwMVRrUlFNMnR1YmpaeFRGcEZjbnBrTkdKS05XZHZNa05EYUc5UWFtUTFSMEZJTTNwd1JrcFFOV1oxZDFOck5qWlZOVkJ4TmtWb1JqUnVTMjVJZWtSdWVtNUZVRGhtV0RrNWJscEhaM2RpUVdneGJ6ZEhhakZZTlRKVVpHaG1OMVUwUzFSck5qWjRjMEUxY2lKOUxDSmpjbVZrWlc1MGFXRnNVMk5vWlcxaElqcDdJbWxrSWpvaWFIUjBjSE02THk5aGNHa3RjR2xzYjNRdVpXSnphUzVsZFM5MGNuVnpkR1ZrTFhOamFHVnRZWE10Y21WbmFYTjBjbmt2ZGpJdmMyTm9aVzFoY3k4d2VESXpNRE01WlRZek5UWmxZVFppTnpBelkyVTJOekpsTjJObVlXTXdZalF5TnpZMVlqRTFNR1kyTTJSbU56aGxNbUprTVRoaFpUYzROVGM0TjJZMllUSWlMQ0owZVhCbElqb2lSblZzYkVwemIyNVRZMmhsYldGV1lXeHBaR0YwYjNJeU1ESXhJbjE5ZlEuSVVuRFJhTHpUdHhPejc3THcyMmNsVjc1S01Ia3Z6UkhHSjFQX0pacTVpdVBFTGVseTE0Q0U4dTRYZ0F0bWw3MzJ2NjQyMm9ZdHhndVhfV1pjUXZ6bmciLCJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpGVXpJMU5pSXNJbXRwWkNJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSTBZd2NqVlBlWFJmYkdGb2RuWjZOazFYYkZsek0yMWpXVTVMV21scFVXUlZabkYyT0hSemFFaE9PWGNpZlEuZXlKcGMzTWlPaUprYVdRNlpXSnphVHA2ZGtoWFdETTFPVUV6UTNabVNtNURXV0ZCYVVGa1pTSXNJbk4xWWlJNkltUnBaRHByWlhrNmVqSmtiWHBFT0RGaloxQjRPRlpyYVRkS1luVjFUVzFHV1hKWFVHZFpiM2wwZVd0VldqTmxlWEZvZERGcU9VdGljMFZaZG1SeWFuaE5hbEUwZEhCdWFtVTVRa1JDVkhwMVRrUlFNMnR1YmpaeFRGcEZjbnBrTkdKS05XZHZNa05EYUc5UWFtUTFSMEZJTTNwd1JrcFFOV1oxZDFOck5qWlZOVkJ4TmtWb1JqUnVTMjVJZWtSdWVtNUZVRGhtV0RrNWJscEhaM2RpUVdneGJ6ZEhhakZZTlRKVVpHaG1OMVUwUzFSck5qWjRjMEUxY2lJc0ltbGhkQ0k2TVRVNE9UWTVPVEkyTUN3aWJtSm1Jam94TlRnNU5qazVNall3TENKbGVIQWlPakUxT0RrMk9Ua3lOakFzSW1wMGFTSTZJblZ5YmpwMWRXbGtNakF5TldRNU1EUXRZakExTkMwMFkySTNMVGd5WWprdE1qSm1NR0l6TW1SbU5tTXlJaXdpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaVhTd2lhV1FpT2lKMWNtNDZkWFZwWkRveU1ESTFaRGt3TkMxaU1EVTBMVFJqWWpjdE9ESmlPUzB5TW1Zd1lqTXlaR1kyWXpJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpVm1WeWFXWnBZV0pzWlVGMGRHVnpkR0YwYVc5dUlpd2lRMVJYWVd4c1pYUlRZVzFsUkdWbVpYSnlaV1FpWFN3aWFYTnpkV1Z5SWpvaVpHbGtPbVZpYzJrNmVuWklWMWd6TlRsQk0wTjJaa3B1UTFsaFFXbEJaR1VpTENKcGMzTjFZVzVqWlVSaGRHVWlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0luWmhiR2xrUm5KdmJTSTZJakl3TWpBdE1EVXRNVGRVTURjNk1EYzZOREJhSWl3aWRtRnNhV1JWYm5ScGJDSTZJakl3TWpBdE1EVXRNVGRVTURjNk1EYzZOREJhSWl3aVpYaHdhWEpoZEdsdmJrUmhkR1VpT2lJeU1ESXdMVEExTFRFM1ZEQTNPakEzT2pRd1dpSXNJbWx6YzNWbFpDSTZJakl3TWpBdE1EVXRNVGRVTURjNk1EYzZOREJhSWl3aVkzSmxaR1Z1ZEdsaGJGTjFZbXBsWTNRaU9uc2lhV1FpT2lKa2FXUTZhMlY1T25veVpHMTZSRGd4WTJkUWVEaFdhMmszU21KMWRVMXRSbGx5VjFCbldXOTVkSGxyVlZvelpYbHhhSFF4YWpsTFluTkZXWFprY21wNFRXcFJOSFJ3Ym1wbE9VSkVRbFI2ZFU1RVVETnJibTQyY1V4YVJYSjZaRFJpU2pWbmJ6SkRRMmh2VUdwa05VZEJTRE42Y0VaS1VEVm1kWGRUYXpZMlZUVlFjVFpGYUVZMGJrdHVTSHBFYm5wdVJWQTRabGc1T1c1YVIyZDNZa0ZvTVc4M1Iyb3hXRFV5VkdSb1pqZFZORXRVYXpZMmVITkJOWElpZlN3aVkzSmxaR1Z1ZEdsaGJGTmphR1Z0WVNJNmV5SnBaQ0k2SW1oMGRIQnpPaTh2WVhCcExYQnBiRzkwTG1WaWMya3VaWFV2ZEhKMWMzUmxaQzF6WTJobGJXRnpMWEpsWjJsemRISjVMM1l5TDNOamFHVnRZWE12TUhneU16QXpPV1UyTXpVMlpXRTJZamN3TTJObE5qY3laVGRqWm1Gak1HSTBNamMyTldJeE5UQm1Oak5rWmpjNFpUSmlaREU0WVdVM09EVTNPRGRtTm1FeUlpd2lkSGx3WlNJNklrWjFiR3hLYzI5dVUyTm9aVzFoVm1Gc2FXUmhkRzl5TWpBeU1TSjlmWDAuc0FacDhISXNvUzlaUDllTnBtNVhsWUVWMlRKWnBxVkVySWQzekJuVHdzVUk2OUNRMFN3S1lhSjlPRlBwLWhvb0Jnd0JuWkRqYV9ieTYyV0hicm4yTVEiLCJleUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpGVXpJMU5pSXNJbXRwWkNJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSTBZd2NqVlBlWFJmYkdGb2RuWjZOazFYYkZsek0yMWpXVTVMV21scFVXUlZabkYyT0hSemFFaE9PWGNpZlEuZXlKcGMzTWlPaUprYVdRNlpXSnphVHA2ZGtoWFdETTFPVUV6UTNabVNtNURXV0ZCYVVGa1pTSXNJbk4xWWlJNkltUnBaRHByWlhrNmVqSmtiWHBFT0RGaloxQjRPRlpyYVRkS1luVjFUVzFHV1hKWFVHZFpiM2wwZVd0VldqTmxlWEZvZERGcU9VdGljMFZaZG1SeWFuaE5hbEUwZEhCdWFtVTVRa1JDVkhwMVRrUlFNMnR1YmpaeFRGcEZjbnBrTkdKS05XZHZNa05EYUc5UWFtUTFSMEZJTTNwd1JrcFFOV1oxZDFOck5qWlZOVkJ4TmtWb1JqUnVTMjVJZWtSdWVtNUZVRGhtV0RrNWJscEhaM2RpUVdneGJ6ZEhhakZZTlRKVVpHaG1OMVUwUzFSck5qWjRjMEUxY2lJc0ltbGhkQ0k2TVRVNE9UWTVPVEkyTUN3aWJtSm1Jam94TlRnNU5qazVNall3TENKbGVIQWlPakUxT0RrMk9Ua3lOakFzSW1wMGFTSTZJblZ5YmpwMWRXbGtNekUzWXpWaFpqVXRaRFF4WmkwMFptWmlMV0U0WldFdE56VmpPVFZpTVRjNE5ESXlJaXdpZG1NaU9uc2lRR052Ym5SbGVIUWlPbHNpYUhSMGNITTZMeTkzZDNjdWR6TXViM0puTHpJd01UZ3ZZM0psWkdWdWRHbGhiSE12ZGpFaVhTd2lhV1FpT2lKMWNtNDZkWFZwWkRvek1UZGpOV0ZtTlMxa05ERm1MVFJtWm1JdFlUaGxZUzAzTldNNU5XSXhOemcwTWpJaUxDSjBlWEJsSWpwYklsWmxjbWxtYVdGaWJHVkRjbVZrWlc1MGFXRnNJaXdpVm1WeWFXWnBZV0pzWlVGMGRHVnpkR0YwYVc5dUlpd2lRMVJYWVd4c1pYUkRjbTl6YzBSbFptVnljbVZrSWwwc0ltbHpjM1ZsY2lJNkltUnBaRHBsWW5OcE9ucDJTRmRZTXpVNVFUTkRkbVpLYmtOWllVRnBRV1JsSWl3aWFYTnpkV0Z1WTJWRVlYUmxJam9pTWpBeU1DMHdOUzB4TjFRd056b3dOem8wTUZvaUxDSjJZV3hwWkVaeWIyMGlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0luWmhiR2xrVlc1MGFXd2lPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltVjRjR2x5WVhScGIyNUVZWFJsSWpvaU1qQXlNQzB3TlMweE4xUXdOem93TnpvME1Gb2lMQ0pwYzNOMVpXUWlPaUl5TURJd0xUQTFMVEUzVkRBM09qQTNPalF3V2lJc0ltTnlaV1JsYm5ScFlXeFRkV0pxWldOMElqcDdJbWxrSWpvaVpHbGtPbXRsZVRwNk1tUnRla1E0TVdOblVIZzRWbXRwTjBwaWRYVk5iVVpaY2xkUVoxbHZlWFI1YTFWYU0yVjVjV2gwTVdvNVMySnpSVmwyWkhKcWVFMXFVVFIwY0c1cVpUbENSRUpVZW5WT1JGQXphMjV1Tm5GTVdrVnllbVEwWWtvMVoyOHlRME5vYjFCcVpEVkhRVWd6ZW5CR1NsQTFablYzVTJzMk5sVTFVSEUyUldoR05HNUxia2g2Ukc1NmJrVlFPR1pZT1RsdVdrZG5kMkpCYURGdk4wZHFNVmcxTWxSa2FHWTNWVFJMVkdzMk5uaHpRVFZ5SW4wc0ltTnlaV1JsYm5ScFlXeFRZMmhsYldFaU9uc2lhV1FpT2lKb2RIUndjem92TDJGd2FTMXdhV3h2ZEM1bFluTnBMbVYxTDNSeWRYTjBaV1F0YzJOb1pXMWhjeTF5WldkcGMzUnllUzkyTWk5elkyaGxiV0Z6THpCNE1qTXdNemxsTmpNMU5tVmhObUkzTUROalpUWTNNbVUzWTJaaFl6QmlOREkzTmpWaU1UVXdaall6WkdZM09HVXlZbVF4T0dGbE56ZzFOemczWmpaaE1pSXNJblI1Y0dVaU9pSkdkV3hzU25OdmJsTmphR1Z0WVZaaGJHbGtZWFJ2Y2pJd01qRWlmWDE5LnFKbDR5bnp1VGZQM09wSXFkai05U1B6NkVuckk4Vy14My1uZHMyM3otNUR4MHJITTBOLVJ3UDZRTnJWZ0N3WVd0b0M5a0NjNm9TOWFOLWs0dFJ4LTFBIiwiZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKRlV6STFOaUlzSW10cFpDSTZJbVJwWkRwbFluTnBPbnAyU0ZkWU16VTVRVE5EZG1aS2JrTlpZVUZwUVdSbEkwWXdjalZQZVhSZmJHRm9kblo2TmsxWGJGbHpNMjFqV1U1TFdtbHBVV1JWWm5GMk9IUnphRWhPT1hjaWZRLmV5SnBjM01pT2lKa2FXUTZaV0p6YVRwNmRraFhXRE0xT1VFelEzWm1TbTVEV1dGQmFVRmtaU0lzSW5OMVlpSTZJbVJwWkRwclpYazZlakprYlhwRU9ERmpaMUI0T0ZacmFUZEtZblYxVFcxR1dYSlhVR2RaYjNsMGVXdFZXak5sZVhGb2RERnFPVXRpYzBWWmRtUnlhbmhOYWxFMGRIQnVhbVU1UWtSQ1ZIcDFUa1JRTTJ0dWJqWnhURnBGY25wa05HSktOV2R2TWtORGFHOVFhbVExUjBGSU0zcHdSa3BRTldaMWQxTnJOalpWTlZCeE5rVm9SalJ1UzI1SWVrUnVlbTVGVURobVdEazVibHBIWjNkaVFXZ3hiemRIYWpGWU5USlVaR2htTjFVMFMxUnJOalo0YzBFMWNpSXNJbWxoZENJNk1UVTRPVFk1T1RJMk1Dd2libUptSWpveE5UZzVOams1TWpZd0xDSmxlSEFpT2pFMU9EazJPVGt5TmpBc0ltcDBhU0k2SW5WeWJqcDFkV2xrTm1Wa09UVm1OMlV0T0RJeFppMDBZamsxTFdFMVpXUXRNekV6TVRsbFptVTFOelV6SWl3aWRtTWlPbnNpUUdOdmJuUmxlSFFpT2xzaWFIUjBjSE02THk5M2QzY3Vkek11YjNKbkx6SXdNVGd2WTNKbFpHVnVkR2xoYkhNdmRqRWlYU3dpYVdRaU9pSjFjbTQ2ZFhWcFpEbzJaV1E1TldZM1pTMDRNakZtTFRSaU9UVXRZVFZsWkMwek1UTXhPV1ZtWlRVM05UTWlMQ0owZVhCbElqcGJJbFpsY21sbWFXRmliR1ZEY21Wa1pXNTBhV0ZzSWl3aVZtVnlhV1pwWVdKc1pVRjBkR1Z6ZEdGMGFXOXVJaXdpUTFSWFlXeHNaWFJUWVcxbFVISmxRWFYwYUc5eWFYTmxaQ0pkTENKcGMzTjFaWElpT2lKa2FXUTZaV0p6YVRwNmRraFhXRE0xT1VFelEzWm1TbTVEV1dGQmFVRmtaU0lzSW1semMzVmhibU5sUkdGMFpTSTZJakl3TWpBdE1EVXRNVGRVTURjNk1EYzZOREJhSWl3aWRtRnNhV1JHY205dElqb2lNakF5TUMwd05TMHhOMVF3Tnpvd056bzBNRm9pTENKMllXeHBaRlZ1ZEdsc0lqb2lNakF5TUMwd05TMHhOMVF3Tnpvd056bzBNRm9pTENKbGVIQnBjbUYwYVc5dVJHRjBaU0k2SWpJd01qQXRNRFV0TVRkVU1EYzZNRGM2TkRCYUlpd2lhWE56ZFdWa0lqb2lNakF5TUMwd05TMHhOMVF3Tnpvd056bzBNRm9pTENKamNtVmtaVzUwYVdGc1UzVmlhbVZqZENJNmV5SnBaQ0k2SW1ScFpEcHJaWGs2ZWpKa2JYcEVPREZqWjFCNE9GWnJhVGRLWW5WMVRXMUdXWEpYVUdkWmIzbDBlV3RWV2pObGVYRm9kREZxT1V0aWMwVlpkbVJ5YW5oTmFsRTBkSEJ1YW1VNVFrUkNWSHAxVGtSUU0ydHVialp4VEZwRmNucGtOR0pLTldkdk1rTkRhRzlRYW1RMVIwRklNM3B3UmtwUU5XWjFkMU5yTmpaVk5WQnhOa1ZvUmpSdVMyNUlla1J1ZW01RlVEaG1XRGs1YmxwSFozZGlRV2d4YnpkSGFqRllOVEpVWkdobU4xVTBTMVJyTmpaNGMwRTFjaUo5TENKamNtVmtaVzUwYVdGc1UyTm9aVzFoSWpwN0ltbGtJam9pYUhSMGNITTZMeTloY0drdGNHbHNiM1F1WldKemFTNWxkUzkwY25WemRHVmtMWE5qYUdWdFlYTXRjbVZuYVhOMGNua3Zkakl2YzJOb1pXMWhjeTh3ZURJek1ETTVaVFl6TlRabFlUWmlOekF6WTJVMk56SmxOMk5tWVdNd1lqUXlOelkxWWpFMU1HWTJNMlJtTnpobE1tSmtNVGhoWlRjNE5UYzROMlkyWVRJaUxDSjBlWEJsSWpvaVJuVnNiRXB6YjI1VFkyaGxiV0ZXWVd4cFpHRjBiM0l5TURJeEluMTlmUS5ONU9QVU11dVRmbzBXRTJTX24tQ2k1SFFrcmhoZWU4MXNYQ29mX05fR01QS2ZFbEFxUVBGajQ5azFUSmFBVi1OQ2JQSWZ4Q3dhR21sY2lNV1Z1SFpJQSIsImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSkZVekkxTmlJc0ltdHBaQ0k2SW1ScFpEcGxZbk5wT25wMlNGZFlNelU1UVRORGRtWktia05aWVVGcFFXUmxJMFl3Y2pWUGVYUmZiR0ZvZG5aNk5rMVhiRmx6TTIxaldVNUxXbWxwVVdSVlpuRjJPSFJ6YUVoT09YY2lmUS5leUpwYzNNaU9pSmthV1E2WldKemFUcDZka2hYV0RNMU9VRXpRM1ptU201RFdXRkJhVUZrWlNJc0luTjFZaUk2SW1ScFpEcHJaWGs2ZWpKa2JYcEVPREZqWjFCNE9GWnJhVGRLWW5WMVRXMUdXWEpYVUdkWmIzbDBlV3RWV2pObGVYRm9kREZxT1V0aWMwVlpkbVJ5YW5oTmFsRTBkSEJ1YW1VNVFrUkNWSHAxVGtSUU0ydHVialp4VEZwRmNucGtOR0pLTldkdk1rTkRhRzlRYW1RMVIwRklNM3B3UmtwUU5XWjFkMU5yTmpaVk5WQnhOa1ZvUmpSdVMyNUlla1J1ZW01RlVEaG1XRGs1YmxwSFozZGlRV2d4YnpkSGFqRllOVEpVWkdobU4xVTBTMVJyTmpaNGMwRTFjaUlzSW1saGRDSTZNVFU0T1RZNU9USTJNQ3dpYm1KbUlqb3hOVGc1TmprNU1qWXdMQ0psZUhBaU9qRTFPRGsyT1RreU5qQXNJbXAwYVNJNkluVnlianAxZFdsa1pHRmtNV1l5WldFdFpUazVNeTAwTVRneUxXSXhZMk10TjJWaU16RmpZMk14WkdZeklpd2lkbU1pT25zaVFHTnZiblJsZUhRaU9sc2lhSFIwY0hNNkx5OTNkM2N1ZHpNdWIzSm5Mekl3TVRndlkzSmxaR1Z1ZEdsaGJITXZkakVpWFN3aWFXUWlPaUoxY200NmRYVnBaRHBrWVdReFpqSmxZUzFsT1RrekxUUXhPREl0WWpGall5MDNaV0l6TVdOall6Rmtaak1pTENKMGVYQmxJanBiSWxabGNtbG1hV0ZpYkdWRGNtVmtaVzUwYVdGc0lpd2lWbVZ5YVdacFlXSnNaVUYwZEdWemRHRjBhVzl1SWl3aVExUlhZV3hzWlhSRGNtOXpjMUJ5WlVGMWRHaHZjbWx6WldRaVhTd2lhWE56ZFdWeUlqb2laR2xrT21WaWMyazZlblpJVjFnek5UbEJNME4yWmtwdVExbGhRV2xCWkdVaUxDSnBjM04xWVc1alpVUmhkR1VpT2lJeU1ESXdMVEExTFRFM1ZEQTNPakEzT2pRd1dpSXNJblpoYkdsa1JuSnZiU0k2SWpJd01qQXRNRFV0TVRkVU1EYzZNRGM2TkRCYUlpd2lkbUZzYVdSVmJuUnBiQ0k2SWpJd01qQXRNRFV0TVRkVU1EYzZNRGM2TkRCYUlpd2laWGh3YVhKaGRHbHZia1JoZEdVaU9pSXlNREl3TFRBMUxURTNWREEzT2pBM09qUXdXaUlzSW1semMzVmxaQ0k2SWpJd01qQXRNRFV0TVRkVU1EYzZNRGM2TkRCYUlpd2lZM0psWkdWdWRHbGhiRk4xWW1wbFkzUWlPbnNpYVdRaU9pSmthV1E2YTJWNU9ub3laRzE2UkRneFkyZFFlRGhXYTJrM1NtSjFkVTF0UmxseVYxQm5XVzk1ZEhsclZWb3paWGx4YUhReGFqbExZbk5GV1haa2NtcDRUV3BSTkhSd2JtcGxPVUpFUWxSNmRVNUVVRE5yYm00MmNVeGFSWEo2WkRSaVNqVm5iekpEUTJodlVHcGtOVWRCU0RONmNFWktVRFZtZFhkVGF6WTJWVFZRY1RaRmFFWTBia3R1U0hwRWJucHVSVkE0WmxnNU9XNWFSMmQzWWtGb01XODNSMm94V0RVeVZHUm9aamRWTkV0VWF6WTJlSE5CTlhJaWZTd2lZM0psWkdWdWRHbGhiRk5qYUdWdFlTSTZleUpwWkNJNkltaDBkSEJ6T2k4dllYQnBMWEJwYkc5MExtVmljMmt1WlhVdmRISjFjM1JsWkMxelkyaGxiV0Z6TFhKbFoybHpkSEo1TDNZeUwzTmphR1Z0WVhNdk1IZ3lNekF6T1dVMk16VTJaV0UyWWpjd00yTmxOamN5WlRkalptRmpNR0kwTWpjMk5XSXhOVEJtTmpOa1pqYzRaVEppWkRFNFlXVTNPRFUzT0RkbU5tRXlJaXdpZEhsd1pTSTZJa1oxYkd4S2MyOXVVMk5vWlcxaFZtRnNhV1JoZEc5eU1qQXlNU0o5ZlgwLk1oQlNzZlRMUERHdlMycVBTR3o5VWFWbE45VzgxSWJ4MXZfYmwzdjdDQlp6T3diTUlWS195bWdORnlFR2FCbXJ0TjI3Mk5kR0JpUEFLS3FSSzAtdkN3Il19fQ.Mgdo7DHMPb4zuFV8hholdGj1M2tNFTebPvCK1Hd8X1NZ2cFQyIuJ0Y2uv52pMm3MjbgnCbY7TqDwRNzI4CEw2w
&presentation_submission=%7B%22id%22%3A%22d6c0b497-bed9-4c5f-9929-de31fec0adf0%22%2C%22definition_id%22%3A%22holder-wallet-qualification-presentation%22%2C%22descriptor_map%22%3A%5B%7B%22id%22%3A%22same-device-authorised-in-time-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22same-device-authorised-in-time-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B0%5D%22%7D%7D%2C%7B%22id%22%3A%22cross-device-authorised-in-time-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22cross-device-authorised-in-time-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B1%5D%22%7D%7D%2C%7B%22id%22%3A%22same-device-authorised-deferred-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22same-device-authorised-deferred-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B2%5D%22%7D%7D%2C%7B%22id%22%3A%22cross-device-authorised-deferred-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22cross-device-authorised-deferred-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B3%5D%22%7D%7D%2C%7B%22id%22%3A%22same-device-pre-authorised-in-time-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22same-device-pre-authorised-in-time-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B4%5D%22%7D%7D%2C%7B%22id%22%3A%22cross-device-pre-authorised-in-time-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22cross-device-pre-authorised-in-time-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B5%5D%22%7D%7D%2C%7B%22id%22%3A%22same-device-pre-authorised-deferred-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22same-device-pre-authorised-deferred-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B6%5D%22%7D%7D%2C%7B%22id%22%3A%22cross-device-pre-authorised-deferred-credential%22%2C%22path%22%3A%22%24%22%2C%22format%22%3A%22jwt_vp%22%2C%22path_nested%22%3A%7B%22id%22%3A%22cross-device-pre-authorised-deferred-credential%22%2C%22format%22%3A%22jwt_vc%22%2C%22path%22%3A%22%24.vp.verifiableCredential%5B7%5D%22%7D%7D%5D%7D

JWT Header:
{
  typ: 'JWT',
  alg: 'ES256',
  kid: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r#z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r'
}
JWT Payload:
{
  iss: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  aud: 'https://api-conformance.ebsi.eu/conformance/v3/auth-mock',
  sub: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
  iat: 1589699260,
  nbf: 1589699260,
  exp: 1589699260,
  nonce: 'FgkeErf91kfl',
  jti: 'urn:uuid:0706061a-e2ca-4614-9de7-9c1451935f02',
  vp: {
    '@context': [ 'https://www.w3.org/2018/credentials/v1' ],
    id: 'urn:uuid:0706061a-e2ca-4614-9de7-9c1451935f02',
    type: [ 'VerifiablePresentation' ],
    holder: 'did:key:z2dmzD81cgPx8Vki7JbuuMmFYrWPgYoytykUZ3eyqht1j9KbsEYvdrjxMjQ4tpnje9BDBTzuNDP3knn6qLZErzd4bJ5go2CChoPjd5GAH3zpFJP5fuwSk66U5Pq6EhF4nKnHzDnznEP8fX99nZGgwbAh1o7Gj1X52Tdhf7U4KTk66xsA5r',
    verifiableCredential: [
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkYjY5MTZjMTAtOGI2NC00NDI4LThiZjUtY2RmNDgzODMzMTBjIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDpiNjkxNmMxMC04YjY0LTQ0MjgtOGJmNS1jZGY0ODM4MzMxMGMiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRTYW1lSW5UaW1lIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZEZyb20iOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkVW50aWwiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJpc3N1ZWQiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIn0sImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92Mi9zY2hlbWFzLzB4MjMwMzllNjM1NmVhNmI3MDNjZTY3MmU3Y2ZhYzBiNDI3NjViMTUwZjYzZGY3OGUyYmQxOGFlNzg1Nzg3ZjZhMiIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.ElxWQAwjJJZYX0_1rewrSB8RBXMmgjoWTs_VehcUIeC-NNfMJmwY1PBvU0h-UlL0F0uATngizjcwe2Hfs8xzkw',
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkMDA2MjdjMzYtYzBjYS00ZGE5LTljYTEtNmNiNmNmN2FkMzBkIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDowMDYyN2MzNi1jMGNhLTRkYTktOWNhMS02Y2I2Y2Y3YWQzMGQiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRDcm9zc0luVGltZSJdLCJpc3N1ZXIiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsImlzc3VhbmNlRGF0ZSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwidmFsaWRGcm9tIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZFVudGlsIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiaXNzdWVkIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9LCJjcmVkZW50aWFsU2NoZW1hIjp7ImlkIjoiaHR0cHM6Ly9hcGktcGlsb3QuZWJzaS5ldS90cnVzdGVkLXNjaGVtYXMtcmVnaXN0cnkvdjIvc2NoZW1hcy8weDIzMDM5ZTYzNTZlYTZiNzAzY2U2NzJlN2NmYWMwYjQyNzY1YjE1MGY2M2RmNzhlMmJkMThhZTc4NTc4N2Y2YTIiLCJ0eXBlIjoiRnVsbEpzb25TY2hlbWFWYWxpZGF0b3IyMDIxIn19fQ.IUnDRaLzTtxOz77Lw22clV75KMHkvzRHGJ1P_JZq5iuPELely14CE8u4XgAtml732v6422oYtxguX_WZcQvzng',
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkMjAyNWQ5MDQtYjA1NC00Y2I3LTgyYjktMjJmMGIzMmRmNmMyIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDoyMDI1ZDkwNC1iMDU0LTRjYjctODJiOS0yMmYwYjMyZGY2YzIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRTYW1lRGVmZXJyZWQiXSwiaXNzdWVyIjoiZGlkOmVic2k6enZIV1gzNTlBM0N2ZkpuQ1lhQWlBZGUiLCJpc3N1YW5jZURhdGUiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkRnJvbSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwidmFsaWRVbnRpbCI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImlzc3VlZCI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIifSwiY3JlZGVudGlhbFNjaGVtYSI6eyJpZCI6Imh0dHBzOi8vYXBpLXBpbG90LmVic2kuZXUvdHJ1c3RlZC1zY2hlbWFzLXJlZ2lzdHJ5L3YyL3NjaGVtYXMvMHgyMzAzOWU2MzU2ZWE2YjcwM2NlNjcyZTdjZmFjMGI0Mjc2NWIxNTBmNjNkZjc4ZTJiZDE4YWU3ODU3ODdmNmEyIiwidHlwZSI6IkZ1bGxKc29uU2NoZW1hVmFsaWRhdG9yMjAyMSJ9fX0.sAZp8HIsoS9ZP9eNpm5XlYEV2TJZpqVErId3zBnTwsUI69CQ0SwKYaJ9OFPp-hooBgwBnZDja_by62WHbrn2MQ',
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkMzE3YzVhZjUtZDQxZi00ZmZiLWE4ZWEtNzVjOTViMTc4NDIyIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDozMTdjNWFmNS1kNDFmLTRmZmItYThlYS03NWM5NWIxNzg0MjIiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRDcm9zc0RlZmVycmVkIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZEZyb20iOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkVW50aWwiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJpc3N1ZWQiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmtleTp6MmRtekQ4MWNnUHg4VmtpN0pidXVNbUZZcldQZ1lveXR5a1VaM2V5cWh0MWo5S2JzRVl2ZHJqeE1qUTR0cG5qZTlCREJUenVORFAza25uNnFMWkVyemQ0Yko1Z28yQ0Nob1BqZDVHQUgzenBGSlA1ZnV3U2s2NlU1UHE2RWhGNG5Lbkh6RG56bkVQOGZYOTluWkdnd2JBaDFvN0dqMVg1MlRkaGY3VTRLVGs2NnhzQTVyIn0sImNyZWRlbnRpYWxTY2hlbWEiOnsiaWQiOiJodHRwczovL2FwaS1waWxvdC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92Mi9zY2hlbWFzLzB4MjMwMzllNjM1NmVhNmI3MDNjZTY3MmU3Y2ZhYzBiNDI3NjViMTUwZjYzZGY3OGUyYmQxOGFlNzg1Nzg3ZjZhMiIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.qJl4ynzuTfP3OpIqdj-9SPz6EnrI8W-x3-nds23z-5Dx0rHM0N-RwP6QNrVgCwYWtoC9kCc6oS9aN-k4tRx-1A',
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkNmVkOTVmN2UtODIxZi00Yjk1LWE1ZWQtMzEzMTllZmU1NzUzIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDo2ZWQ5NWY3ZS04MjFmLTRiOTUtYTVlZC0zMTMxOWVmZTU3NTMiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRTYW1lUHJlQXV0aG9yaXNlZCJdLCJpc3N1ZXIiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsImlzc3VhbmNlRGF0ZSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwidmFsaWRGcm9tIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJ2YWxpZFVudGlsIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJleHBpcmF0aW9uRGF0ZSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiaXNzdWVkIjoiMjAyMC0wNS0xN1QwNzowNzo0MFoiLCJjcmVkZW50aWFsU3ViamVjdCI6eyJpZCI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciJ9LCJjcmVkZW50aWFsU2NoZW1hIjp7ImlkIjoiaHR0cHM6Ly9hcGktcGlsb3QuZWJzaS5ldS90cnVzdGVkLXNjaGVtYXMtcmVnaXN0cnkvdjIvc2NoZW1hcy8weDIzMDM5ZTYzNTZlYTZiNzAzY2U2NzJlN2NmYWMwYjQyNzY1YjE1MGY2M2RmNzhlMmJkMThhZTc4NTc4N2Y2YTIiLCJ0eXBlIjoiRnVsbEpzb25TY2hlbWFWYWxpZGF0b3IyMDIxIn19fQ.N5OPUMuuTfo0WE2S_n-Ci5HQkrhhee81sXCof_N_GMPKfElAqQPFj49k1TJaAV-NCbPIfxCwaGmlciMWVuHZIA',
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDprZXk6ejJkbXpEODFjZ1B4OFZraTdKYnV1TW1GWXJXUGdZb3l0eWtVWjNleXFodDFqOUtic0VZdmRyanhNalE0dHBuamU5QkRCVHp1TkRQM2tubjZxTFpFcnpkNGJKNWdvMkNDaG9QamQ1R0FIM3pwRkpQNWZ1d1NrNjZVNVBxNkVoRjRuS25IekRuem5FUDhmWDk5blpHZ3diQWgxbzdHajFYNTJUZGhmN1U0S1RrNjZ4c0E1ciIsImlhdCI6MTU4OTY5OTI2MCwibmJmIjoxNTg5Njk5MjYwLCJleHAiOjE1ODk2OTkyNjAsImp0aSI6InVybjp1dWlkZGFkMWYyZWEtZTk5My00MTgyLWIxY2MtN2ViMzFjY2MxZGYzIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDpkYWQxZjJlYS1lOTkzLTQxODItYjFjYy03ZWIzMWNjYzFkZjMiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiQ1RXYWxsZXRDcm9zc1ByZUF1dGhvcmlzZWQiXSwiaXNzdWVyIjoiZGlkOmVic2k6enZIV1gzNTlBM0N2ZkpuQ1lhQWlBZGUiLCJpc3N1YW5jZURhdGUiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsInZhbGlkRnJvbSI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwidmFsaWRVbnRpbCI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiZXhwaXJhdGlvbkRhdGUiOiIyMDIwLTA1LTE3VDA3OjA3OjQwWiIsImlzc3VlZCI6IjIwMjAtMDUtMTdUMDc6MDc6NDBaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiaWQiOiJkaWQ6a2V5OnoyZG16RDgxY2dQeDhWa2k3SmJ1dU1tRllyV1BnWW95dHlrVVozZXlxaHQxajlLYnNFWXZkcmp4TWpRNHRwbmplOUJEQlR6dU5EUDNrbm42cUxaRXJ6ZDRiSjVnbzJDQ2hvUGpkNUdBSDN6cEZKUDVmdXdTazY2VTVQcTZFaEY0bktuSHpEbnpuRVA4Zlg5OW5aR2d3YkFoMW83R2oxWDUyVGRoZjdVNEtUazY2eHNBNXIifSwiY3JlZGVudGlhbFNjaGVtYSI6eyJpZCI6Imh0dHBzOi8vYXBpLXBpbG90LmVic2kuZXUvdHJ1c3RlZC1zY2hlbWFzLXJlZ2lzdHJ5L3YyL3NjaGVtYXMvMHgyMzAzOWU2MzU2ZWE2YjcwM2NlNjcyZTdjZmFjMGI0Mjc2NWIxNTBmNjNkZjc4ZTJiZDE4YWU3ODU3ODdmNmEyIiwidHlwZSI6IkZ1bGxKc29uU2NoZW1hVmFsaWRhdG9yMjAyMSJ9fX0.MhBSsfTLPDGvS2qPSGz9UaVlN9W81Ibx1v_bl3v7CBZzOwbMIVK_ymgNFyEGaBmrtN272NdGBiPAKKqRK0-vCw'
    ]
  }
}

Presentation Definition and Presentation Submission

Presentation Definition

{
  "id": "holder-wallet-qualification-presentation",
  "format": { "jwt_vc": { "alg": ["ES256"] }, "jwt_vp": { "alg": ["ES256"] } },
  "input_descriptors": [
    {
      "id": "same-device-authorised-in-time-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletSameAuthorisedInTime" }
            }
          }
        ]
      }
    },
    {
      "id": "cross-device-authorised-in-time-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletCrossAuthorisedInTime" }
            }
          }
        ]
      }
    },
    {
      "id": "same-device-authorised-deferred-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletSameAuthorisedDeferred" }
            }
          }
        ]
      }
    },
    {
      "id": "cross-device-authorised-deferred-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletCrossAuthorisedDeferred" }
            }
          }
        ]
      }
    },
    {
      "id": "same-device-pre-authorised-in-time-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletSamePreAuthorisedInTime" }
            }
          }
        ]
      }
    },
    {
      "id": "cross-device-pre-authorised-in-time-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletCrossPreAuthorisedInTime" }
            }
          }
        ]
      }
    },
    {
      "id": "same-device-pre-authorised-deferred-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletSamePreAuthorisedDeferred" }
            }
          }
        ]
      }
    },
    {
      "id": "cross-device-pre-authorised-deferred-credential",
      "format": { "jwt_vc": { "alg": ["ES256"] } },
      "constraints": {
        "fields": [
          {
            "path": ["$.vc.type"],
            "filter": {
              "type": "array",
              "contains": { "const": "CTWalletCrossPreAuthorisedDeferred" }
            }
          }
        ]
      }
    }
  ]
}

Presentation Submission

{
  "id": "a30e3b91-fb77-4d22-95fa-871689c322e2",
  "definition_id": "holder-wallet-qualification-presentation",
  "descriptor_map": [
    {
      "id": "same-device-authorised-in-time-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "same-device-authorised-in-time-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[0]"
      }
    },
    {
      "id": "cross-device-authorised-in-time-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "cross-device-authorised-in-time-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[1]"
      }
    },
    {
      "id": "same-device-authorised-deferred-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "same-device-authorised-deferred-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[2]"
      }
    },
    {
      "id": "cross-device-authorised-deferred-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "cross-device-authorised-deferred-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[3]"
      }
    },
    {
      "id": "same-device-pre-authorised-in-time-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "same-device-pre-authorised-in-time-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[4]"
      }
    },
    {
      "id": "cross-device-pre-authorised-in-time-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "cross-device-pre-authorised-in-time-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[5]"
      }
    },
    {
      "id": "same-device-pre-authorised-deferred-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "same-device-pre-authorised-deferred-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[6]"
      }
    },
    {
      "id": "cross-device-pre-authorised-deferred-credential",
      "path": "$",
      "format": "jwt_vp",
      "path_nested": {
        "id": "cross-device-pre-authorised-deferred-credential",
        "format": "jwt_vc",
        "path": "$.vp.verifiableCredential[7]"
      }
    }
  ]
}

Context​

Wallet tests guidelines​

Issuer initiated generic flows​

Tests​

In Time​

Deferred​

Pre-authorised​

In Time​

Deferred​

CT Qualification Credentials with VP Exchange​

Presentation Definition and Presentation Submission​

Context

Wallet tests guidelines

Issuer initiated generic flows

Tests

In Time

Deferred

Pre-authorised

In Time

Deferred

CT Qualification Credentials with VP Exchange

Presentation Definition and Presentation Submission