How Wallet Providing Works

What are wallet attestations?

The attestations issued by a Wallet Provider do not contain user credentials. Instead, they contain claims about the wallet itself. This is what allows credential issuers and verifiers to trust that the wallet is a legitimate, secure place to store and present sensitive identity information.

There are two types of attestation defined in OpenID4VCI:

Wallet App Attestation (WAA) authenticates the wallet application itself, proving it's legitimate, unmodified, and from a trusted provider. These short-lived attestations are used during authorization flows. (OpenID4VCI Appendix E: "Wallet Attestation")

Wallet Unit Attestation (WUA) attests to the security properties of cryptographic keys, proving they're stored securely and meet specific requirements. These longer-lived attestations are used when binding credentials to keys. (OpenID4VCI Appendix D: "Key Attestation")

Together, these attestations enable issuers to confidently distribute credentials, verifiers to trust presentations, and users to benefit from enhanced privacy and security across the ecosystem.

Wallet Providing implementation

For details of the Procivis One Wallet Provider implementation, see Providing Wallets.

What are wallet attestations?​

Wallet Providing implementation​

What are wallet attestations?

Wallet Providing implementation