Skip to content

Getting started

Welcome to KryptoOS — sovereign identity infrastructure for the Empoorio ecosystem. This guide walks you through creating did:emp identifiers, issuing verifiable credentials, and integrating KryptoOS into your applications using public SDKs and testnet endpoints.

What is KryptoOS?

KryptoOS is production-oriented SSI infrastructure built around open standards and Rust-native cryptography (kryptos-core). At a high level it provides:

  • Decentralized Identifiers (DIDs): W3C-compliant did:emp identities anchored on EmpoorioChain
  • Verifiable Credentials (VCs): Issue, verify, and revoke tamper-evident credentials with Ed25519 proofs
  • Privacy by design: Selective disclosure and zero-knowledge flows — personal data stays off-chain
  • Blockchain integration: Native DID Registry and VC Anchor pallets on EmpoorioChain testnet
  • Multi-language SDKs: TypeScript, Rust, Python, and Dart — all sharing the same cryptographic core

Public testnet

Use the endpoints on the SDK Registry page for development. Production deployments should follow the Privacy & Security guide.

Core concepts

Before installing an SDK, it helps to understand the trust model:

  1. Issuer — a trusted entity signs claims about a subject (KYC level, age, membership, etc.)
  2. Holder — the user stores credentials in a wallet (e.g. Eoonia) and controls disclosure
  3. Verifier — your application checks cryptographic proofs and revocation status (fail-closed)

Private keys never leave the holder's wallet. EmpoorioChain stores DIDs, public keys, and revocation state — not raw personally identifiable information.

Quick Start

Installation

Choose your preferred SDK to get started:

Install the TypeScript SDK via npm:

bash
npm install @empoorio/ssi-sdk

Or using yarn:

bash
yarn add @empoorio/ssi-sdk

Creating Your First DID

A Decentralized Identifier (DID) is your unique, self-sovereign digital identity.

typescript
import { SSIClient } from '@empoorio/ssi-sdk';

// Initialize the client
const client = new SSIClient({
  nodeUrl: 'wss://ws.empooriochain.org',
  issuerDid: 'did:emp:issuer-01'
});

// Create a new DID
const did = await client.did.register({
  method: 'Ed25519VerificationKey2020',
  controller: userWallet.address
});

console.log('Your DID:', did.id);
// Output: did:emp:user-abc123...

Issuing Your First Credential

Verifiable Credentials are tamper-proof digital credentials that can be cryptographically verified.

typescript
// Issue a credential
const credential = await client.vc.issue({
  '@context': ['https://www.w3.org/2018/credentials/v1'],
  type: ['VerifiableCredential', 'UniversityDegree'],
  issuer: 'did:emp:university-01',
  credentialSubject: {
    id: 'did:emp:student-123',
    degree: 'Bachelor of Science',
    field: 'Computer Science',
    graduationDate: '2024-06-15'
  }
});

console.log('Credential issued:', credential.id);

Verifying a Credential

Verify the authenticity and validity of a credential:

typescript
const result = await client.verifier.verifyVC(credential);

if (result.valid) {
  console.log('✓ Credential is valid');
  console.log('Issuer:', result.issuer);
  console.log('Status:', result.status);
} else {
  console.log('✗ Credential verification failed:', result.error);
}

Core Concepts

Decentralized Identifiers (DIDs)

DIDs are globally unique identifiers that enable verifiable, decentralized digital identity. Unlike traditional identifiers (email, username), DIDs are:

  • Self-sovereign: You own and control them
  • Persistent: They don't depend on any centralized authority
  • Resolvable: Can be looked up to retrieve public keys and service endpoints
  • Cryptographically verifiable: Secured by public-key cryptography

Example DID: did:emp:1234abcd5678efgh

Verifiable Credentials (VCs)

VCs are tamper-evident credentials that can be cryptographically verified. They contain:

  • Issuer: Who issued the credential (e.g., university, bank, government)
  • Subject: Who the credential is about (identified by DID)
  • Claims: The actual data (degree, age, KYC status, etc.)
  • Proof: Cryptographic signature proving authenticity

DID Documents

A DID Document contains the public keys, authentication methods, and service endpoints associated with a DID:

json
{
  "id": "did:emp:1234abcd",
  "verificationMethod": [{
    "id": "did:emp:1234abcd#keys-1",
    "type": "Ed25519VerificationKey2020",
    "controller": "did:emp:1234abcd",
    "publicKeyMultibase": "z6Mki..."
  }],
  "authentication": ["did:emp:1234abcd#keys-1"],
  "service": [{
    "id": "#didcomm-1",
    "type": "DIDCommMessaging",
    "serviceEndpoint": "https://messaging.emp"
  }]
}

Next Steps

Now that you understand the basics, explore these guides:

  • DID Management: Learn how to manage DIDs, rotate keys, and update DID documents
  • Credentials: Deep dive into issuing, presenting, and revoking credentials
  • Privacy & Security: Implement zero-knowledge proofs and selective disclosure
  • Integration: Integrate KryptoOS into your applications
  • Architecture: Understand the technical architecture

Common Use Cases

Financial Services (KYC/AML)

typescript
// Issue KYC credential
const kycCredential = await client.vc.issue({
  type: ['VerifiableCredential', 'KYCCredential'],
  issuer: 'did:emp:bank-01',
  credentialSubject: {
    id: userDid,
    kycLevel: 'advanced',
    jurisdiction: 'EU',
    verificationDate: new Date().toISOString()
  }
});

Education (Academic Credentials)

typescript
// Issue diploma
const diploma = await client.vc.issue({
  type: ['VerifiableCredential', 'UniversityDegree'],
  issuer: 'did:emp:university-01',
  credentialSubject: {
    id: studentDid,
    degree: 'Master of Science',
    field: 'Blockchain Technology',
    honors: 'Summa Cum Laude'
  }
});

Healthcare (Medical Records)

typescript
// Issue vaccination credential
const vaccinationRecord = await client.vc.issue({
  type: ['VerifiableCredential', 'VaccinationCredential'],
  issuer: 'did:emp:hospital-01',
  credentialSubject: {
    id: patientDid,
    vaccine: 'COVID-19',
    doses: 2,
    lastDoseDate: '2024-01-15'
  }
});

Troubleshooting

Connection Issues

If you're having trouble connecting to the KryptoOS network:

  1. Verify your node URL is correct: wss://ws.empooriochain.org
  2. Check your network connection
  3. Ensure you're using the latest SDK version

DID Registration Fails

Common causes:

  • Insufficient funds: Ensure your wallet has enough Dracma (DMS) tokens for transaction fees
  • Invalid keys: Verify your cryptographic keys are properly formatted
  • Network congestion: Try again after a few moments

Credential Verification Fails

Check these points:

  • Issuer DID: Ensure the issuer's DID is registered and active
  • Credential status: The credential may have been revoked or suspended
  • Signature: Verify the cryptographic signature is valid
  • Expiration: Check if the credential has expired

Getting Help


Ready to build with KryptoOS? Continue to the Integration Guide to learn how to integrate SSI into your applications.