β οΈ WORK IN PROGRESS - NOT READY FOR PRODUCTIONThis is an experimental conformance testing suite that is actively under development. The codebase is fragile, unstable, and subject to breaking changes. DO NOT USE IN PRODUCTION ENVIRONMENTS.
This repository contains experimental conformance testing tools for validating digital identity implementations against Ayra Trust Network standards. The project explores two distinct architectural approaches for SSI (Self-Sovereign Identity) conformance testing.
π¨ IMPORTANT DISCLAIMER
- Experimental Software: This code is exploratory and may contain bugs, security vulnerabilities, or incomplete features
- No Stability Guarantees: APIs, interfaces, and functionality may change without notice
- Development Use Only: Intended for research, development, and testing purposes only
- No Production Support: Not suitable for production environments or critical systems
conformance-test-suite/
βββ certification-simple/ # Exploratory monolithic approach
βββ test-harness-integrated/ # Production-oriented distributed approach
βββ README.md # This file
Location: ./certification-simple/
Architecture: Monolithic Next.js application with integrated testing
- Rapid prototyping and exploration of conformance testing concepts
- Quick iteration on test scenarios and user interfaces
- Research into direct agent testing approaches
- Development and debugging workflow validation
- Single Next.js application serving both frontend and backend
- Integrated Express.js server for API endpoints
- Built-in test pipeline orchestration with DAG-based execution
- Direct integration with Credo-TS agents
- Real-time WebSocket updates for test monitoring
- QR code generation for mobile wallet testing
- Fragile Architecture: Code may break unexpectedly with minor changes
- Limited Error Handling: May not gracefully handle edge cases
- Unstable APIs: Internal interfaces subject to frequent changes
- Basic Security: Not hardened for production security requirements
- Performance Issues: Not optimized for concurrent users or heavy loads
- Incomplete Features: Many features are partially implemented
- Technical Debt: Quick prototyping has resulted in code quality issues
- β Local development and testing
- β Proof of concept demonstrations
- β Research and experimentation
- β Production deployments
- β Multi-user environments
- β Security-critical applications
Location: ./test-harness-integrated/
Architecture: Distributed microservices with external harness integration
- Production-ready conformance testing infrastructure
- Integration with established industry testing harnesses
- Scalable multi-user testing environment
- Standardized testing protocols and reporting
- Separate Next.js frontend and Express.js backend services
- Integration with Aries Agent Test Harness (AATH)
- Integration with OpenID Conformance Suite
- PostgreSQL database for persistent test results
- Scalable microservices architecture
- Standardized test protocols and reporting
- Multi-user support with authentication
- π§ In Active Development
- π Architecture Stabilizing
- β³ Features Being Implemented
- π Testing Protocols Being Defined
- π― Enterprise conformance testing
- π― Certification and compliance validation
- π― Multi-implementation interoperability testing
- π― Automated CI/CD integration
- π― Regulatory compliance reporting
- Node.js 18+
- pnpm 9.1.0+
- Docker & Docker Compose (recommended)
β οΈ Remember: This is experimental software. Expect issues!
# Clone the repository
git clone <repository-url>
cd conformance-test-suite
# Copy the sample env and edit the NGROK / agent settings
cp .env.example .env
# (update REFERENCE_AGENT, NGROK domains, tokens, etc.)
# Start the certification-simple stack
docker compose up --build acapy-control acapy-ngrok app
# When finished
docker compose downRequired Environment Variables (in the repo root .env):
USE_NGROK=true # Enable NGROK tunneling for CTS services
NGROK_AUTH_TOKEN=your_token_here # NGROK authentication token (required when USE_NGROK=true)
REFERENCE_AGENT=credo|acapy # Which agent drives holder/verifier flows
REFERENCE_AGENT_NGROK_DOMAIN=ref.example.ngrok.app # Domain for the reference agent tunnel
VERIFIER_TEST_NGROK_DOMAIN=verifier.example.ngrok.app # Domain for the test-verifier container
ISSUER_OVERRIDE_AGENT=credo|acapy|auto # (optional) force the issuer controller
ISSUER_OVERRIDE_NGROK_DOMAIN=issuer.example.ngrok.app # Domain for the override issuer tunnel
SERVER_NGROK_DOMAIN=cts-server.example.ngrok.app # Domain for API callbacksFor NGROK domain planning, tunnel rotation, and the full list of optional variables see certification-simple/NGROK_SETUP.md.
REFERENCE_AGENTselects which controller powers the holder and verifier flows.credouses the built-in Credo agent;acapyconnects to the ACA-Py control service.ISSUER_OVERRIDE_AGENT(defaultauto) lets you force the credential issuer to Credo or ACA-Py independently of the reference agent. When set tocredo, also provideISSUER_OVERRIDE_NGROK_DOMAINso the override agent has a unique tunnel; otherwise the UI QR codes collide.REFERENCE_AGENT_NGROK_DOMAINis the hostname wallets use to reach the reference agent. When ACA-Py is the reference agent, theacapy-ngroksidecar automatically advertises this domain.VERIFIER_TEST_NGROK_DOMAINis only used by the standalonetest-verifiercontainer (the legacy CLI harness); it does not affect the UI flows.
- Frontend: http://localhost:3000
- API Server: http://localhost:5005
- Test Interfaces: http://localhost:3000/holder, /verifier, /issuer, /registry
Compatible Wallets Tested:
- β BC Government Wallet - Successfully tested with holder conformance flows
- π§ͺ Other Credo-TS based wallets (experimental support)
- π± Mobile wallets supporting DIDComm v1/v2 protocols
β οΈ DEVELOPMENT ENVIRONMENT ONLY β οΈ
This software is provided "as-is" for development and research purposes.
- Expect bugs, crashes, and unexpected behavior
- Code may be restructured or removed without notice
- No backwards compatibility guarantees
- Security vulnerabilities may exist
- Performance is not optimized
- Documentation may be outdated or incomplete
π¨ Read This First
This is experimental software under active development. Contributions are welcome, but please understand:
- Code may be refactored or removed entirely
- No guarantees about contribution longevity
- Focus on learning and experimentation over production quality
- Expect frequent breaking changes
- Fork and clone the repository
- Create a feature branch for your changes
- Test thoroughly in development environment
- Document any breaking changes
- Submit pull request with clear description
- Certification-Simple: Experimental code quality accepted, focus on functionality
- Test-Harness-Integrated: Higher code quality standards, production considerations
| Aspect | Certification-Simple | Test-Harness-Integrated |
|---|---|---|
| Complexity | Low - Single application | High - Distributed services |
| Setup Time | Minutes | Hours |
| Stability | π Improving | |
| Scalability | Limited | High |
| Standards | Custom protocols | Industry standards |
| Database | In-memory/file | PostgreSQL |
| Authentication | None | Multi-user |
| Deployment | Single container | Multi-service |
| Use Case | Development/Research | Production/Enterprise |
π SECURITY WARNING
DO NOT USE IN PRODUCTION - Both approaches have security limitations:
- No authentication or authorization mechanisms
- Unvalidated user inputs in many areas
- Potential injection vulnerabilities
- Insecure default configurations
- Missing rate limiting and DoS protection
- Unencrypted sensitive data transmission
- Debug information exposed in production builds
- Use only in isolated development environments
- Do not expose to public networks
- Do not process real credentials or sensitive data
- Implement proper security measures before any production use
Licensed under the Apache License 2.0. See LICENSE for details.
- π Documentation: Check individual README files in each approach directory
- π Issues: Report bugs and issues via GitHub Issues
- π¬ Discussions: Use GitHub Discussions for questions and feedback
This is experimental software - your feedback helps improve it:
- What works well?
- What breaks frequently?
- What features are missing?
- How can the architecture be improved?
Remember: This is experimental software. Use at your own risk, expect issues, and help us make it better! π