Skip to content

Deactivated schema/semantic validation still requires ontology definition

Expected behavior: with deactivated schema and/or semantic validation, the ontology is not checked. Both can be deactivated for the catalog here. The same goes for POST queries at the catalogs verification endpoint (/verification?verifySemantics=false&verifySchema=false&verifySignatures=true).

Current behavior: adding self-descriptions (POST /self-descriptions) & the verification (POST /verification?...) do not work with deactivated schema/semantics. The error Semantic Error: no proper CredentialSubject found is thrown (here). This has also the effect that signatures cannot be checked before adding the VPs ontology to the catalog, as discussed here #178 (comment 1890405).

Is this wanted? Being able to check the signature or define tests without the need of defining the ontology first would certainly be handy.

The VP I've tested (valid at Gaia-X Compliance):

Click to expand 
{
    "@context": "https://www.w3.org/2018/credentials/v1",
    "type": "VerifiablePresentation",
    "verifiableCredential": [
        {
            "@context": [
                "https://www.w3.org/2018/credentials/v1",
                "https://w3id.org/security/suites/jws-2020/v1",
                "https://registry.lab.gaia-x.eu/development/api/trusted-shape-registry/v1/shapes/jsonld/trustframework#"
            ],
            "type": [
                "VerifiableCredential"
            ],
            "id": "did:web:gaiax4roms.hotsprings.io:LegalParticipant-min-cs",
            "issuer": "did:web:gaiax4roms.hotsprings.io",
            "issuanceDate": "2024-03-13T09:25:48.040Z",
            "credentialSubject": {
                "gx:legalName": "Accenture GmbH",
                "gx:headquarterAddress": {
                    "gx:countrySubdivisionCode": "DE-HE"
                },
                "gx:legalRegistrationNumber": {
                    "id": "did:web:gaiax4roms.hotsprings.io:legalRegistrationNumber-min-cs#1"
                },
                "gx:legalAddress": {
                    "gx:countrySubdivisionCode": "DE-HE"
                },
                "type": "gx:LegalParticipant",
                "gx-terms-and-conditions:gaiaxTermsAndConditions": "70c1d713215f95191a11d38fe2341faed27d19e083917bc8732ca4fea4976700",
                "id": "did:web:gaiax4roms.hotsprings.io:LegalParticipant-min-cs#1"
            },
            "proof": {
                "type": "JsonWebSignature2020",
                "created": "2024-03-13T09:25:50.958Z",
                "proofPurpose": "assertionMethod",
                "verificationMethod": "did:web:gaiax4roms.hotsprings.io#gaiax4roms.hotsprings.io",
                "jws": "eyJhbGciOiJQUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..VUjlAc8J59K8bVK7-P2uiTJXVFOMADYqFGzWSXt49Nx5qUcL7-gI_TzkMLEYdZ358qJ_uiCLfW6unXNTvoYNB7sUFxsgA-DWB1qRSX82GmxSRHBJlgoL1HJJytyjyQpkInJaRupCOaLd5oIwJH3IrL2ioX1JMkoB6wm0xiJOySmwq50aYkZg6shbyJFLXM8Q9Px6xeDLGcBh76yFZsbbBiJPVh6FbRaYBZZbbUs1OPNmYcelRSoMdGsX4nDXU_U-6P5P5t6lZi8BobQ0bvpOoXOIfCmg_i1aJqmFPg093zLNyERB9PUb_1y23DuzDBqCzxpTJE0uYfoGpTfqPobgqQ"
            }
        },
        {
            "@context": [
                "https://www.w3.org/2018/credentials/v1",
                "https://w3id.org/security/suites/jws-2020/v1",
                "https://registry.lab.gaia-x.eu/development/api/trusted-shape-registry/v1/shapes/jsonld/trustframework#"
            ],
            "type": "VerifiableCredential",
            "id": "did:web:gaiax4roms.hotsprings.io:GaiaXTermsAndConditions-min-cs",
            "issuer": "did:web:gaiax4roms.hotsprings.io",
            "issuanceDate": "2024-03-13T09:16:00.386Z",
            "credentialSubject": {
                "gx:termsAndConditions": "The PARTICIPANT signing the Self-Description agrees as follows:\n- to update its descriptions about any changes, be it technical, organizational, or legal - especially but not limited to contractual in regards to the indicated attributes present in the descriptions.\n\nThe keypair used to sign Verifiable Credentials will be revoked where Gaia-X Association becomes aware of any inaccurate statements in regards to the claims which result in a non-compliance with the Trust Framework and policy rules defined in the Policy Rules and Labelling Document (PRLD).",
                "type": "gx:GaiaXTermsAndConditions",
                "id": "did:web:gaiax4roms.hotsprings.io:GaiaXTermsAndConditions-min-cs#1"
            },
            "proof": {
                "type": "JsonWebSignature2020",
                "created": "2024-03-13T09:16:03.601Z",
                "proofPurpose": "assertionMethod",
                "verificationMethod": "did:web:gaiax4roms.hotsprings.io#gaiax4roms.hotsprings.io",
                "jws": "eyJhbGciOiJQUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..OSpuZ6PyYmZ3nUgHr-thUgB3k3a9G7q_spxauNV68NJF18qBdoGgKkE7ghNbcma4Rl8YbThafgFI0opOkxGN6xIFZ5b-RG-CAg4SF6Q4ulpC_uUt5NqlJODXpdBb2zJ0k1FtiKtRXELg68ksJiMn4GqU-sJ_rbddXXVPTZ_CVsP0n6tf6151gnHb-hcjmrQ3_88xP_ct8LgOviG3s-77dNgA4psJJBiZATycHVV0RDJ8i4J0nqlgC88L3i5t3LCw7WArjd8DgvMpmHr3u3I8YRaBkbWWsFMjsKLDnetPcTEMyaY7eY-NhoxZj55HS5CQecv_VtwD_ID102bM6cEEiQ"
            }
        },
        {
            "@context": [
                "https://www.w3.org/2018/credentials/v1",
                "https://w3id.org/security/suites/jws-2020/v1"
            ],
            "type": [
                "VerifiableCredential"
            ],
            "id": "did:web:gaiax4roms.hotsprings.io:legalRegistrationNumber-min-cs",
            "issuer": "did:web:gaiax4roms.hotsprings.io",
            "issuanceDate": "2024-03-13T09:24:40.466Z",
            "credentialSubject": {
                "@context": "https://registry.lab.gaia-x.eu/development/api/trusted-shape-registry/v1/shapes/jsonld/trustframework#",
                "id": "did:web:gaiax4roms.hotsprings.io:legalRegistrationNumber-min-cs#1",
                "type": "gx:legalRegistrationNumber",
                "gx:leiCode": "529900X5XV1P9A1V3168",
                "gx:leiCode-countryCode": "DE",
                "gx:leiCode-subdivisionCountryCode": "DE-HE"
            },
            "evidence": [
                {
                    "gx:evidenceOf": "LEI_CODE",
                    "gx:evidenceURL": "https://api.gleif.org/api/v1/lei-records/529900X5XV1P9A1V3168",
                    "gx:executionDate": "2024-03-01T14:46:27.850+00:00"
                }
            ],
            "proof": {
                "type": "JsonWebSignature2020",
                "created": "2024-03-13T09:24:43.174Z",
                "proofPurpose": "assertionMethod",
                "verificationMethod": "did:web:gaiax4roms.hotsprings.io#gaiax4roms.hotsprings.io",
                "jws": "eyJhbGciOiJQUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..F3jDBNrFfYHG0Y5IHDKlS5gYy55F2S3-UR5YgwXeVGVxXSc9Ch32D8i7gEeqfLK0FcdRAkBaboJXR3gmDNE_CPWjNkAMzc02nMkFbQW4Vow7G_yad3-LLYHBTqlJctJpLvjZCmtFhkfJdSGTwCBzq0788DALWCmz2a9X0odb8uj0ZDCiFkWL_0Cn0CkB7boB5dCw9nqo_SzZC1oQBN1bk-X7_eOQGq9qaD6vdeI6GWYn1S0ZB_QnpY-cu3fymvtqvgjM53scgiiFzdSMTgpAGNcaCLxjCg2HfRRi4lGwXDj2ousw0b4Y2s55VasImfV7MeBY64NJdDk1U0PDhkiAOw"
            }
        }
    ],
    "proof": {
        "type": "JsonWebSignature2020",
        "created": "2024-03-13T12:44:50.372Z",
        "proofPurpose": "assertionMethod",
        "verificationMethod": "did:web:gaiax4roms.hotsprings.io#gaiax4roms.hotsprings.io",
        "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJQUzI1NiJ9..uIqDnS6i6LaN7c9zgbGAjst4Ynm6HXbfpQAsnqyAXN82OdZ0py5eaiNdOYYflmstCbe25YIMRpNntLvD_tOom8zlznCGb4e9Z4Ue8TVEnPLKzxsC3u0_i9IhyBOu0CgfKJfi2Hlx1wxMjz6wDHBGQUhXJOuvFv84PD4eBmEJdjYvTMTDh8RvWpUVrJXmRlv6n1WKlj0qu6UUa3hK_kLbJ1auLctmnEs4pXYOQPKfJCl1HuWfHvtEszy_S4QbIRLAERQqxscT191d3RBoLfL-YoFENgRXp1cFEVg5Mf50dLZyTECyxHhpXwuK4HaqyJo3ctB_2X58UwT6WY478wPErQ"
    }
}

Verification & adding the VP to the catalog succeeds once the schema is added. A schema can be added by POST /schemas.

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent