VeraId Architecture (MVP)
This document describes the systems and software architecture of the various component that will make up the Minimum Viable Product (MVP) version of VeraId.
VeraId library
This library, available in JavaScript and JVM/Android, will implement all the cryptographic and data serialisation operations needed by the various components in VeraId.
- Production implementation:
relaycorp/veraid-js
andrelaycorp/veraid-jvm
. - Prototype implementation:
vera-lib
.
VeraId Certificate Authority (CA) server
This multi-tenant server will allow one or more organisations to manage their VeraId setup, and it’ll also allow organisation members to claim and renew their VeraId Ids.
- Production implementation:
relaycorp/veraid-authority
. - Prototype implementation:
vera-ca
.
VeraId CA Console
This will be the command-line interface (CLI) to the admin-only endpoints in the VeraId CA Server.
The admin user will have to log in using device authorisation code, ideally.
Prototype implementation: vera-ca
(tech.relaycorp.vera.ca.cli.Main
).
Notable compromises
We’re taking the following shortcuts to keep the cost of the MVP down:
- The VeraId CA Console is to be implemented as a CLI.
- No way for organisation users to claim their ids without admin intervention.
- No support for bot accounts as organisation members.