We’re excited to announce that Anonyome Labs continues to innovate at the forefront of decentralized identity technology by releasing the Sudo Platform Decentralized Identity Mobile Edge Agent SDK. This SDK unites industry-standard decentralized identity protocols with Sudo Platform’s modularity, reliability, and security. This article gives the details, but in summary:
- Sudo Platform Edge Agent SDK implements a variety of Hyperledger Aries RFCs to support end-to-end encrypted connections, receiving and storing credentials securely, and verifiably presenting credentials.
- Sudo Platform Edge Agent SDK is interoperable with other Hyperledger Aries agents in the ecosystem, such as Aries Cloud Agent Python (ACA-py) and Aries Framework JavaScript (AFJ) agents.
- An implementation of Aries RFC 0050: Wallets is used to ensure that all sensitive data, such as verifiable credentials and cryptographic keys, is securely stored on the device.
- The Sudo Platform Edge Agent SDK is available natively for iOS and Android.
- Anonyome’s Edge Agent SDK sits alongside our other DI offerings, such as the Sudo Platform Cloud Agent Service and the Sudo Platform Decentralized Identity Relay.
- Sudo Platform Edge Agent SDK has a rich roadmap ahead, including support for W3C verifiable credentials and support for more Hyperledger Aries RFCs.
Let’s dive into the technical details of the Sudo Platform Edge Agent SDK.
It supports a suite of Hyperledger Aries RFCs
The primary purpose of the Sudo Platform Edge Agent SDK is to implement Aries RFCs that allow us to receive and present verifiable credentials in an interoperable fashion. To accomplish this, we’ve configured our Edge Agent to implement and use the following Aries RFCs (from Aries Interop Protocol (AIP) 1.0):
- Connection Protocol (RFC 0160) for establishing peer-to-peer encrypted connections with other agents
- Issue Credential Protocol (RFC 0036) for negotiating and receiving verifiable credentials (Anoncreds) from Aries issuers
- Present Proof Protocol (RFC 0037) for presenting verifiable credentials to Aries verifiers
- Wallets (RFC 0050) for securely storing and managing sensitive data (keys, credentials, protocol metadata)
- A range of many more supplementary Aries RFCs to enable the secure communication channel (DIDComm).
To implement most of these Aries RFCs, we have leveraged and contributed to the open-source Hyperledger community wherever possible; most significantly, this has involved Aries-VCX.
Aries-VCX, as self-described on GitHub, is “a Rust library for building web and mobile applications issuing, holding, presenting and verifying Verifiable Credentials in accordance to the standards set by Hyperledger Aries.” Aries-VCX is populated with “state machines” which our Edge Agent SDK leverages to step through protocols.
As a relatively early adopter of Aries-VCX, Anonyome has contributed work back to the project, most notably including a large refactor to make the project compatible with technology other than the Indy-SDK. This change was important to Anonyome and the community as a whole because it enables compatibility with other actively maintained Hyperledger projects, such as Aries Askar (wallet), Indy VDR (ledger), and Anoncreds-rs.
With the improvements made to Aries-VCX, Anonyome has been able to leverage Aries-VCX with a range of other open-source projects. Our stack of technologies can be seen in Figure 1.
As you can see in Figure 1, we use Aries-VCX to drive the protocols themselves, while we manage all the data and processing around it. You can also see that Aries-VCX’s “modularity” is what allows us to plug in our own “profile” of components built from other open-source projects.
It is interoperable with other agents
One of the core concepts of decentralized identity is having an ecosystem of different but interoperable agents. As such, it’s vital that our Edge Agent can communicate and engage in protocols with other Aries Agents in the decentralized identity ecosystem.
Interoperability is one reason we choose to leverage Aries-VCX, because the VCX team actively monitors and maintains their interop with our Aries projects. Notably, Aries-VCX participates in the Aries Agent Test Harness (AATH) initiative. AATH is a project that frequently runs tests that report interop results between Aries implementation, including ACA-py, AFJ, and more. Edge Agent SDK is therefore as interoperable as Aries-VCX is in the protocols that we support.
Additionally, we maintain a strong test suite internally between our Edge Agent and our Cloud Agent Service, which ensures our agents maintain interoperability.
It is available for iOS and Android natively
Like our other Sudo Platform SDKs, the Edge Agent SDK is packaged together as native iOS (Swift) and Android (Kotlin) packages. However, unlike most of our other offerings, the Edge Agent SDK implements its core functionality written in the Rust language, which we then compile and bundle into our traditional native Swift and Kotlin SDK interfaces.
We did this for a few major reasons:
- Our stack of open-source technologies (Aries-VCX, Aries Askar, Indy VDR, Anoncreds-rs) are all implemented in Rust, so it naturally made sense that our consumption of all these technologies was also in Rust.
- It allows us to ensure that stored data and functionality between our iOS and Android SDK variants are at parity since the core logic is all in one place and then cross-compiled.
- It allows us to compile the core and package it as native SDKs (Kotlin and Swift) as opposed to other non-native mobile solutions such as JavaScript SDKs, all while having the great performance that comes with Rust implementations.
To accomplish native consumption of Rust code, we’ve created infrastructure to cross-compile the Edge Agent core for Android and iOS architectures, and then generate clean Foreign Function Interfaces (FFI) wrapper code in Kotlin and Swift using Mozilla’s UniFFI tool.
We then abstract over the UniFFI-generated wrappers with our neatly packaged SDK and implement any extra functionality that could only be accomplished natively in Kotlin or Swift. This final layer allows us to package together an SDK that has a friendly and clean interface for applications that consume our SDK.
It is used alongside our other DI SDK offerings
An important piece of the Edge Agent SDK is receiving messages from other DI agents. The Edge Agent SDK supports the ability to plugin whatever Message Source the SDK consumer wishes to use: for instance, an Aries Mediator message source or an Aries Relay message source. However, out of the box, we provide a message source that integrates seamlessly with our Sudo DI Relay SDK. This means that your applications can get started immediately by using the Edge Agent SDK configured to use our Relay SDK to receive incoming messages.
Additionally, our Edge Agent SDK has been tested extensively with our Cloud Agent Service to ensure interoperability between the agents we provide.
There is a rich roadmap ahead
Although the SDK is now released in a stable state, the SDK is designed to allow Anonyome to continuously add support for more protocols and more features, allowing your application to stay up to date with the latest and greatest in the DI ecosystem with every new release of our SDK.
In the next phase of the SDK, we’ll add support for the AIP 2.0 Issue and Presentation protocols:
- Issue Credential Protocol v2 (RFC 0453) for negotiating and receiving verifiable credentials (Anoncreds) from Aries issuers
- Present Proof Protocol v2 (RFC 0454) for presenting verifiable credentials (Anoncreds) to Aries verifiers.
As part of this project, we’ll contribute any updates we make to the Aries-VCX code base.
In addition, we’ll add W3C credential support to the Edge Agent SDK (specifically, support for W3C JSON-LD credentials).
Sudo Platform lets you put privacy in your customers’ hands
Sudo Platform is the mobile and cloud platform for decentralized identity. Use our APIs and SDKs to quickly build and deploy next-generation privacy, cybersafety and decentralized identity apps so your customers can communicate privately, navigate online safely, and transact securely in an increasingly connected world.
Sudo Platform combines a scalable identity foundation and menu of enterprise-ready APIs and SDKs, built for developers by developers. Quickly integrate our technology into your new or existing products. Create a custom solution or choose a pre-configured option.
