Wallet API Features
Core
| Feature | Highlights | Details |
|---|---|---|
| Automatic holder binding and proof-of-key | • PoP during issuance & presentation (OID4VCI/VP) • DID/key ownership checks • Protocol-compliant signing of VP / holder-binding JWTs • Works across supported credential formats | Wallet performs proof-of-possession and holder binding automatically during receive/present flows, signing the right artefacts per OID4VCI/VP so Issuers/Verifiers can trust key control. |
| One-user-one-wallet consumer model | • One user ↔ one wallet • Built-in end-user auth (email/password or external OIDC) • Custodial/stateful deployment • Optimized for B2C pilots/apps | Community Wallet is stateful and custodial with a fixed one-user-one-wallet model and built-in end-user auth—ideal for fast consumer pilots and demos. |
Keys & Identifiers
| Feature | Highlights | Details |
|---|---|---|
| Bind credentials to various key algorithms | • Use different key algorithms: Ed25519, secp256k1, secp256r1, RSA • Store keys in local DB or external KMS | Create and manage holder keys across multiple algorithms; store locally or delegate to external KMS. |
| Create DIDs with various did:methods | • DID creation, storage, resolution (e.g. did:key, did:web, did:jwk) • did:web hosting supported | Wallet creates and manages user DIDs (including hosting did:web) and uses them for holder binding and presentations. |
Credential Exchange
| Feature | Highlights | Details |
|---|---|---|
| Receiving credentials | • Supports pre-authorized code (with optional TX-PIN) • Full authorization code flow (coming soon) | Receive credentials via pre-auth or full auth OID4VCI flows; Pre-auth TX-PIN is supported. |
| Presenting credentials | • Parse Presentation Definition • Match credentials to constraints • DCQL support (coming soon) | Wallet parses Presentation Definition and (coming soon) DCQL requests, matches stored credentials, and signs presentations send via OID4VP. |
Standards
| Feature | Highlights | Details |
|---|---|---|
| Credentials: Support for all major credential standards | • ISO 18013-5 mDL • ISO/IEC 23220 • SD-JWT VC IETF • W3C VC v1.1+ • W3C VC v2.0 (coming soon) | Receive & present standard compliant credentials based on popular formats (incl. custom attribute structures, types and schemas). |
| Protocols: OID4VP flows and ISO-18013-7 | • OID4VP drafts 14/20 • OID4VP v1 (coming in Q4 25) • OID4VCI Draft 11/13 • OID4VCI v1 (coming in Q4 25) • 18013-7 | Interoperable OID4VCI/VP exchange across supported drafts using Presentation Definition. DCQL request syntax is coming soon with OID4VP v1 support. |
Storage & Data
| Feature | Highlights | Details |
|---|---|---|
| Local credential storage built into wallet | • Custodial storage in wallet DB • APIs to list/import/delete | Community Wallet stores received credentials in its configured database for straightforward B2C custodial scenarios and rapid prototyping. |
| Check/validate credential status | • Status check on stored credentials • Supported standards (e.g. BitstringStatusList, …) | Perform status/validity checks on stored credentials via a dedicated API endpoint for UI display. |
Authentication
| Feature | Highlights | Details |
|---|---|---|
| Username/Password | • Built-in end-user login • Password-based session | Built-in email/password auth for end users in the Community Wallet’s custodial model. |
| External IDP (OIDC) | • Plug external OIDC provider • Use IDP for end-user login | Optionally connect an external OIDC Identity Provider to authenticate end users while keeping the one-user-one-wallet model. |
| Web3 wallet auth | • Use web3 wallets accounts for auth | Web3 wallet integration is supported so users can leverage existing keys/addresses to access their identity wallet functions. |
DID & Trust Anchors
| Feature | Highlights | Details |
|---|---|---|
| Host did:web documents | • Serve did:web documents | Host did:web documents so Verifiers can resolve keys/services for wallet DIDs; works with wallet-managed identifiers. |
Integrations
| Feature | Highlights | Details |
|---|---|---|
| KMS integrations for holder keys | • Supported external KMS providers (e.g. Hashicorp Vault, AWS KMS, Azure Key Vault, …) | Use external KMS for key custody and signing where desired. |
Deployment
| Feature | Highlights | Details |
|---|---|---|
| Stateful Wallet API deployment via Docker | • Single service instance • Pairs with optional PWA front end | Deployed as a stateful API container that can be paired with the web wallet PWA; exposes endpoints for keys, DIDs, credentials, receive/present flows. Requires DB (sqlite, postgres, microsoft sql server). |
Frontend & UI
| Feature | Highlights | Details |
|---|---|---|
| Progressive Web App | • PWA white-label wallet (iOS/Android) | Provides a white-label PWA to test, demo, or embed wallet UX quickly across desktop, mobile, and cross-device scenarios. |
ID Ecosystems
| Feature | Highlights | Details |
|---|---|---|
| EMEA | • EU (eIDAS2, EBSI), Switzerland (SWIYU) | Wallets aligned with (emerging) regional trust frameworks. |
| APAC | • New Zealand (DISTF), Australia, Thailand, Japan, … | Wallets aligned with (emerging) regional trust frameworks. |
| Americas | • US, Canada, Brazil, … | Wallets aligned with (emerging) regional trust frameworks. |
| Custom | • Bring your own ID ecosystem | The wallet can be modified to comply with other ID ecosystems. |
Last updated on November 3, 2025