Wallet Demonstrator
Please note: A-SIT's Valera and Wallet Services are intended as Technology Demonstrators!

Components and Processes

Components

Valera Wallet App

Valera, our open source Kotlin compose multiplatform wallet app, can be installed on your phone as follows:

Android

  • Download the APK
  • Runs on Android 12+

iOS

  • Join our Testflight, by requesting access for your Apple account
  • Runs on iOS 16+

Demo Issuing Service

The Issuing Service (M6) implements OpenID for Verifiable Credential Issuance, converting attributes from the national E-ID of Austria (ID Austria) into wallet credentials. Login at the issuing service with ID Austria test credentials (or use your national E-ID via eIDAS) to generate a QR Code containing a credential offer for your Wallet App. Alternatively, you can login directly at the issuing service using user and password.

Demo Relying Party

The Relying Party implements several use cases from Potential LSP as well as a generic remote authentication flow for wallets. The service generates QR Codes according to OpenID for Verifiable Presentations to start a cross device flow and renders links to start a same device flow. The verifier also links to an "online" or "remote" wallet, where the user can perform authentication directly in the browser, i.e. attribute data are loaded from ID Austria and are converted on-the-fly into wallet credentials.

Main Processes

Process Overview

Issue Credentials

  • To load credentials in your app, please use the backend service at the Issuing Service, which should be pre-selected in the app.
  • Proceeding in the app should open a login page, where you can login directly at the issuing service using Username user and Password password.
  • Alternatively, you can select "ID Austria" and then use username and password from the list of ID Austria test credentials (or use your national E-ID via eIDAS) to load attribute data.
  • The browser should redirect you back into the wallet app, where the selected credential is loaded.

Present Credentials

  • The wallet app can then be used to authenticate at compatible verifiers (see our Relying Party).
  • This is done either by scanning a login QR code, or by getting invoked directly by clicking a login link.

Guides

Various use cases can be tested with our wallet demonstrator system, as listed below.


App Wallet Remote Wallet
on same device on different device
Issue Credentials
» via QR - steps -
» via Browser steps - (implicitly in presentation)
Present Credentials
» remote to eIDAS2 RP steps steps steps
to IDA RP steps steps steps
» proximity
- steps -
Sign Documents
» Wallet-Centric ad-hoc certificate steps steps steps
pre-loaded certificate steps steps -
» RP-Centric
steps steps steps

Technical Details

Please note that we try our best, but this is a demonstrator, and thus we can't make guarantees that everything is correct and available all the time.

Open Source

Visit A-SIT Plus Open Source to have a look at the libraries powering the services mentioned above, in particular Signum for cryptography and VC-K for the credentials. Check out our Wallet app Valera and a very simple Relying Party Demonstrator too.

Implemented Specifications

We've implemented the relevant specifications like OID4VCI, OID4VP, SIOPv2, as well as relevant profiles from POTENTIAL and OpenID4VC HAIP. See the VC-K readme for some sample requests and responses.

Implemented Credentials

Our wallet system supports various credentials, defined by the EU, or porposed by the POTENTIAL LSP. See our Credential Collection.

EU Credentials
  • PID (ARF before 1.8.0)
  • PID (ARF 1.8.0+ in SD-JWT)
  • mDL
  • European Health Insurance Card
POTENTIAL Credentials
  • Power of Representation
  • Certificate of Residence
  • Health ID
  • Company Registration
  • Tax ID

Certificates

This is the root (IACA) certificate for our verifier and issuer.

Changelog

  • Valera has been updated on 2025-06-25 to version 5.7.1, adding encryption of authn responses on iOS, adding biometric authentication for the holder key, adding support for OpenID4VP and ISO 18013-7 Annex C over DCAPI.
  • The relying party has been updated on 2025-06-25.
  • The issuing service has been updated on 2025-06-25, fixing the format of several claims.