Aries Framework Swift is an iOS framework for Aries protocol.
Aries Framework Swift supports most of AIP 1.0 features for mobile agents.
- ✅ (RFC 0160) Connection Protocol
- ✅ (RFC 0211) Mediator Coordination Protocol
- ✅ (RFC 0095) Basic Message Protocol
- ✅ (RFC 0036) Issue Credential Protocol
- ✅ (RFC 0037) Present Proof Protocol
- Does not implement alternate begining (Prover begins with proposal)
- ✅ HTTP, WebSocket and Bluetooth Transport
- ✅ (RFC 0434) Out of Band Protocol (AIP 2.0)
- ✅ (RFC 0035) Report Problem Protocol
- ✅ (RFC 0023) DID Exchange Protocol (AIP 2.0)
- ❌ (RFC 0056) Service Decorator
Aries Framework Swift requires iOS 15.0+ and distributed as a Swift package.
Add a dependency to your Package.swift
file:
dependencies: [
.package(url: "https://github.com/hyperledger/aries-framework-swift", from: "2.5.0")
]
App development using Aries Framework Swift is done in following steps:
- Create an Agent instance
- Create a connection with another agent by receiving a connection invitation
- Receive credentials or proof requests by implementing a AgentDelegate
import AriesFramework
let config = AgentConfig(walletKey: key,
genesisPath: genesisPath,
mediatorConnectionsInvite: mediatorInvitationUrl,
mediatorPickupStrategy: .Implicit,
label: "SampleApp",
autoAcceptCredential: .never,
autoAcceptProof: .never)
let agent = Agent(agentConfig: config, agentDelegate: myAgentDelegate)
try await agent.initialize()
To create an agent, first create a key to encrypt the wallet and save it in the keychain.
let key = try Agent.generateWalletKey()
A genesis file for the indy pool should be included as a resource in the app bundle and get the path to it.
let genesisPath = Bundle.main.path(forResource: "genesis", ofType: "txn")
If you want to use a mediator, set the mediatorConnectionsInvite
in the config.
mediatorConnectionsInvite
is a url containing either a connection invitation or an out-of-band invitation.
mediatorPickupStrategy
need to be .Implicit
to connect to an ACA-Py mediator.
You can use WebSocket transport without a mediator, but you will need a mediator if the counterparty agent only supports http transport.
agentDelegate
can be nil if you don't want to receive any events from the agent.
Create a connection by receiving a connection invitation.
let (_, connection) = try await agent.oob.receiveInvitationFromUrl(url)
You will generally get the invitation url by QR code scanning. Once the connection is created, it is stored in the wallet and your counterparty agent can send you a credential or a proof request using the connection at any time. The connection record contains keys to encrypt or decrypt messages exchanged through the connection.
Implement AgentDelegate
to receive events from the agent and use agent.credentials
or agent.proofs
commands to handle the requests.
class MyAgentDelegate: AgentDelegate {
func onCredentialStateChanged(credentialRecord: CredentialExchangeRecord) {
if credentialRecord.state == .OfferReceived {
processCredentialOffer(credentialRecord)
} else if credentialRecord.state == .Done {
showSimpleAlert(message: "Credential received")
}
}
func onProofStateChanged(proofRecord: ProofExchangeRecord) {
if proofRecord.state == .RequestReceived {
processProofRequest(proofRecord)
} else if proofRecord.state == .Done {
showSimpleAlert(message: "Proof done")
}
}
func processCredentialOffer(_ credentialRecord: CredentialExchangeRecord) {
Task {
do {
_ = try await agent.credentials.acceptOffer(options: AcceptOfferOptions(credentialRecordId: credentialRecord.id, autoAcceptCredential: .always))
} catch {
showSimpleAlert(message: "Failed to receive credential")
print(error)
}
}
}
func processProofRequest(_ proofRecord: ProofExchangeRecord) {
Task {
do {
let retrievedCredentials = try await agent.proofs.getRequestedCredentialsForProofRequest(proofRecordId: proofRecord.id)
let requestedCredentials = try await agent.proofService.autoSelectCredentialsForProofRequest(retrievedCredentials: retrievedCredentials)
_ = try await agent!.proofs.acceptRequest(proofRecordId: proofRecord.id, requestedCredentials: requestedCredentials)
} catch {
showSimpleAlert(message: "Failed to present proof")
print(error)
}
}
}
}
If you set autoAcceptCredential
and autoAcceptProof
to .always
in the config, it will be done automatically and you don't need to implement a delegate.
Another way to handle those requests is to implement your own MessageHandler
class and register it to the agent.
let messageHandler = MyOfferCredentialHandler()
agent.dispatcher.registerHandler(handler: messageHandler)
Aries Framework Swift supports phone to phone communication over Bluetooth.
You will need to add NSBluetoothAlwaysUsageDescription
key to the info.plist of your app to use Bluetooth.
Verifier side:
- Call
try await agent.startBLE()
to create an endpoint over BLE. The endpoint has the form of "ble://aries/endpoint?uuid={uuid}". - Create an oob-invitation and create a QR code with the invitation url. This invitation will use the endpoint created above even though the agent has a mediator connection. You should create an oob-invitation attaching a proof request message without handshake option. This allows the prover sends the proof directly to the verifier without preparing any endpoint.
let oob = try await agent!.oob.createInvitation(config: CreateOutOfBandInvitationConfig(handshake: false, messages: [message]))
let invitationUrl = oob.outOfBandInvitation.toUrl(domain: "http://example.com")
- Call
try? await agent.stopBLE()
after you finish verification.
Prover side:
- There is nothing you need to do to communicate over BLE on prover side. The agent will recognize the
ble://
scheme and connect to the verifier's device over BLE. The connection will be closed automatically after the message is sent.
The sample app has sample codes that demonstrates proof exchange over Bluetooth.
Sample
directory contains an iOS sample app that demonstrates how to use Aries Framework Swift. The app receives a connection invitation from a QR code or from a URL input and handles credential offers and proof requests.
The agent is created in the WalletOpener.swift
file and you can set a mediator connection invitation url there, if you want.
There are two genesis files in the resources
directory.
bcovrin-genesis.txn
is for the GreenLight Dev Ledgerlocal-genesis.txn
is for the local indy-pool.
We welcome contributions to Aries Framework Swift. Please see our Developer Guide for more information.
Aries Framework Swift is licensed under the Apache License 2.0.