Getting started
Welcome to KryptoOS — sovereign identity infrastructure for the Empoorio ecosystem. This guide walks you through creating did:emp identifiers, issuing verifiable credentials, and integrating KryptoOS into your applications using public SDKs and testnet endpoints.
What is KryptoOS?
KryptoOS is production-oriented SSI infrastructure built around open standards and Rust-native cryptography (kryptos-core). At a high level it provides:
- Decentralized Identifiers (DIDs): W3C-compliant
did:empidentities anchored on EmpoorioChain - Verifiable Credentials (VCs): Issue, verify, and revoke tamper-evident credentials with Ed25519 proofs
- Privacy by design: Selective disclosure and zero-knowledge flows — personal data stays off-chain
- Blockchain integration: Native DID Registry and VC Anchor pallets on EmpoorioChain testnet
- Multi-language SDKs: TypeScript, Rust, Python, and Dart — all sharing the same cryptographic core
Public testnet
Use the endpoints on the SDK Registry page for development. Production deployments should follow the Privacy & Security guide.
Core concepts
Before installing an SDK, it helps to understand the trust model:
- Issuer — a trusted entity signs claims about a subject (KYC level, age, membership, etc.)
- Holder — the user stores credentials in a wallet (e.g. Eoonia) and controls disclosure
- Verifier — your application checks cryptographic proofs and revocation status (fail-closed)
Private keys never leave the holder's wallet. EmpoorioChain stores DIDs, public keys, and revocation state — not raw personally identifiable information.
Quick Start
Installation
Choose your preferred SDK to get started:
Install the TypeScript SDK via npm:
npm install @empoorio/ssi-sdkOr using yarn:
yarn add @empoorio/ssi-sdkCreating Your First DID
A Decentralized Identifier (DID) is your unique, self-sovereign digital identity.
import { SSIClient } from '@empoorio/ssi-sdk';
// Initialize the client
const client = new SSIClient({
nodeUrl: 'wss://ws.empooriochain.org',
issuerDid: 'did:emp:issuer-01'
});
// Create a new DID
const did = await client.did.register({
method: 'Ed25519VerificationKey2020',
controller: userWallet.address
});
console.log('Your DID:', did.id);
// Output: did:emp:user-abc123...Issuing Your First Credential
Verifiable Credentials are tamper-proof digital credentials that can be cryptographically verified.
// Issue a credential
const credential = await client.vc.issue({
'@context': ['https://www.w3.org/2018/credentials/v1'],
type: ['VerifiableCredential', 'UniversityDegree'],
issuer: 'did:emp:university-01',
credentialSubject: {
id: 'did:emp:student-123',
degree: 'Bachelor of Science',
field: 'Computer Science',
graduationDate: '2024-06-15'
}
});
console.log('Credential issued:', credential.id);Verifying a Credential
Verify the authenticity and validity of a credential:
const result = await client.verifier.verifyVC(credential);
if (result.valid) {
console.log('✓ Credential is valid');
console.log('Issuer:', result.issuer);
console.log('Status:', result.status);
} else {
console.log('✗ Credential verification failed:', result.error);
}Core Concepts
Decentralized Identifiers (DIDs)
DIDs are globally unique identifiers that enable verifiable, decentralized digital identity. Unlike traditional identifiers (email, username), DIDs are:
- Self-sovereign: You own and control them
- Persistent: They don't depend on any centralized authority
- Resolvable: Can be looked up to retrieve public keys and service endpoints
- Cryptographically verifiable: Secured by public-key cryptography
Example DID: did:emp:1234abcd5678efgh
Verifiable Credentials (VCs)
VCs are tamper-evident credentials that can be cryptographically verified. They contain:
- Issuer: Who issued the credential (e.g., university, bank, government)
- Subject: Who the credential is about (identified by DID)
- Claims: The actual data (degree, age, KYC status, etc.)
- Proof: Cryptographic signature proving authenticity
DID Documents
A DID Document contains the public keys, authentication methods, and service endpoints associated with a DID:
{
"id": "did:emp:1234abcd",
"verificationMethod": [{
"id": "did:emp:1234abcd#keys-1",
"type": "Ed25519VerificationKey2020",
"controller": "did:emp:1234abcd",
"publicKeyMultibase": "z6Mki..."
}],
"authentication": ["did:emp:1234abcd#keys-1"],
"service": [{
"id": "#didcomm-1",
"type": "DIDCommMessaging",
"serviceEndpoint": "https://messaging.emp"
}]
}Next Steps
Now that you understand the basics, explore these guides:
- DID Management: Learn how to manage DIDs, rotate keys, and update DID documents
- Credentials: Deep dive into issuing, presenting, and revoking credentials
- Privacy & Security: Implement zero-knowledge proofs and selective disclosure
- Integration: Integrate KryptoOS into your applications
- Architecture: Understand the technical architecture
Common Use Cases
Financial Services (KYC/AML)
// Issue KYC credential
const kycCredential = await client.vc.issue({
type: ['VerifiableCredential', 'KYCCredential'],
issuer: 'did:emp:bank-01',
credentialSubject: {
id: userDid,
kycLevel: 'advanced',
jurisdiction: 'EU',
verificationDate: new Date().toISOString()
}
});Education (Academic Credentials)
// Issue diploma
const diploma = await client.vc.issue({
type: ['VerifiableCredential', 'UniversityDegree'],
issuer: 'did:emp:university-01',
credentialSubject: {
id: studentDid,
degree: 'Master of Science',
field: 'Blockchain Technology',
honors: 'Summa Cum Laude'
}
});Healthcare (Medical Records)
// Issue vaccination credential
const vaccinationRecord = await client.vc.issue({
type: ['VerifiableCredential', 'VaccinationCredential'],
issuer: 'did:emp:hospital-01',
credentialSubject: {
id: patientDid,
vaccine: 'COVID-19',
doses: 2,
lastDoseDate: '2024-01-15'
}
});Troubleshooting
Connection Issues
If you're having trouble connecting to the KryptoOS network:
- Verify your node URL is correct:
wss://ws.empooriochain.org - Check your network connection
- Ensure you're using the latest SDK version
DID Registration Fails
Common causes:
- Insufficient funds: Ensure your wallet has enough Dracma (DMS) tokens for transaction fees
- Invalid keys: Verify your cryptographic keys are properly formatted
- Network congestion: Try again after a few moments
Credential Verification Fails
Check these points:
- Issuer DID: Ensure the issuer's DID is registered and active
- Credential status: The credential may have been revoked or suspended
- Signature: Verify the cryptographic signature is valid
- Expiration: Check if the credential has expired
Getting Help
- Documentation: Browse our comprehensive guides
- FAQ: Check our frequently asked questions
- GitHub: Report issues or contribute at github.com/empoorio/kryptos
- Community: Join our Discord server for support
Ready to build with KryptoOS? Continue to the Integration Guide to learn how to integrate SSI into your applications.