Show / Hide Table of Contents

Handshake protocol

1. Aim

The handshake protocol aims to provide a unified QR code that allows the user to choose the wallet to initiate an identity attribute exchange.

Initiation problem statementInitiation problem statement<$user><$user><$application_server><$application_server><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional>UserUserRelying Partyor IssuerRelying Partyor IssuerWrong WalletWrong WalletRight WalletRight Wallet1access request2QR code to initiatewallet communication3user scans QR code4user has usedwrong wallet toscan this QR code5user scans QR codewith the right wallet6wallet can interpretthe QR codecopyright Condatis Group LimitedLast Published: 04 March 2025 at 16:02Classification: COMPANY CONFIDENTIAL

2. Approach

The approach:

  1. Introduce a QR code that would work for every wallet, by applying a standardisation around a call-back to the initiating agent.
  2. Introducing a wallet identification method on the call-back to produce a wallet specific initiation.
Handshake ApproachHandshake Approach<$application_server><$application_server><$application_server><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional>InitiatingServiceInitiatingServiceWalletWallet1generate QR codewith"request uri"2capture QR code3extract"request URI"4request full request at"request URI"andidentify wallet5generate full requestbased onidentified wallet6return full requestContinue SSI stack specific interaction ...copyright Condatis Group LimitedLast Published: 04 March 2025 at 16:02Classification: COMPANY CONFIDENTIAL

2.1 Initiation

Most wallet provider allow the QR code to contain a URL that allows the abstraction of a more complex initiation request that would make the QR code density too high.

This allows to unify the initiation QR code:

The proposal is to use a short URI in the QR code that points back to the requester based on the SIOP standard of abstracting the request into an uri.

https://openid.net/specs/openid-connect-core-1_0.html#RequestUriParameter

Example Request

openid://?request_uri=[uri_to_full_request]

This now allows the wallet to query for the full request and by this identify itself to the stack.

Initiation with common QR codeInitiation with common QR code<$user><$user><$application_server><$application_server><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional>UserUserRelying Partyor IssuerRelying Partyor IssuerWalletWallet1access request2QR code to initiatewallet communication"openid://?request_uri=[uri_to_full_request]"3user scans QR code4query for full requestcopyright Condatis Group LimitedLast Published: 04 March 2025 at 16:02Classification: COMPANY CONFIDENTIAL

2.2 Identification of wallets

We propose that the wallet is identifying itself to the URI hosing the full initiation request with the following:

Based on https://tools.ietf.org/html/rfc7231#section-5.3.2 the wallet adds accept to the http request to identify itself.

 Accept = #( media-range [ accept-params ] )

Example:

 Accept = application/json

The following agreements have already been taken:

Supplier Wallet mime type
Microsoft Authenticator application/jwt
Evernym Connect.me application/json

3 Resulting Flow

Handshake ProtocolHandshake Protocol<$user><$user><$user><$application_server><$application_server><$application_server><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional><$cell_phone_iphone_proportional>UserUserRelying Partyor IssuerRelying Partyor IssuerWalletWallet1access request2QR code to initiatewallet communication"openid://?request_uri=[uri_to_full_request]"3user scans QR code4query for full requestAccept =[accepted-mime-type]5generate full requestbased on mime type6return requestContinue SSI stack specific interaction ...copyright Condatis Group LimitedLast Published: 04 March 2025 at 16:02Classification: COMPANY CONFIDENTIAL
In This Article
Back to top copyright Condatis Group Limited
Last Published: Tuesday, 04 March 2025
Classification: COMPANY CONFIDENTIAL