Skip to content

Real public verification (verifyVc against the vc-vault) #40

Description

@DanielCotoJ

Effort: M — Estimate: 8-11 h — Dependencies: #36, #39Unlocks: trust in shared links

Context

The public verifier page loads data from the mock source and never checks the chain. apps/credit-history/src/components/verify/public-verification-view.tsx:

// SEAM: this is where the SDK verification will be called by RPC against the vc-vault.
// NOTE: verifyVc returns ONLY 'valid' | 'revoked'. The 'invalid' state is decided by this view.
const source = getCredentialSource();

Goal

/verify/[token] resolves the real presentation (#39), verifies each credential against the vc-vault via the SDK, and renders valid / revoked / invalid truthfully.

Step by step

  1. Resolve the presentation from the token via the Secure presentation links (signed/encrypted, not plaintext base64) #39 mechanism (opaque reference → credential set).
  2. For each credential, call the SDK verifyVc (through @acta-products/acta) by RPC against the vc-vault; map the contract result (valid/revoked) to the UI status.
  3. Keep invalid as the app-level fallback (not found / not verifiable / malformed / expired token).
  4. Preserve the existing banner + skeleton + state panels; wire the real holderDid (now did:stellar).

Out of scope

Acceptance criteria

  • Each shared credential's status reflects a real on-chain verifyVc result.
  • Revoked credentials show as revoked; malformed/expired tokens show the invalid state.
  • holderDid renders in did:stellar format.
  • pnpm lint && pnpm typecheck && pnpm build pass.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions