Testing
The project is nearing its end and we are going to wrap up our work. This means that we’re going to run full conformance testing on all implementations in EWC and report on their status. This page gives you all the information on this.
All participants that have worked on an implementation for wallets, issuing or verifying MUST perform conformance testing.
- Between 10 June and 18 July 2025
- By running the tests in the conformance test suite in the ITB
- And uploading the test reports to NextCloud Details are provided in this e-mail and on GitHub. Find information on Who/What/How below.
The results will be part of our Final Technical Report. We will list all operational participants and their results. This will be evaluated by HADEA and it might affect your funding if you don’t provide the test results. It is allowed to fail the tests (see below).
This will apply to all operational participants (Issuers, Verifiers and Wallets) that are part of WP2, WP3 and/or WP4
- If you are NOT a wallet-provider, issuer or verifier, then this is not relevant to you.
- If you planned to be a wallet-provider, issuer or verifier at the beginning of the project, but haven’t been able to set up services:
- Please write a short motivation on this and share it with WP4 (upload it to NextCloud). You’ll also need to include this in your own report if you’re a Beneficiary
- We will mention this in the final technical report
What you need to do:
- Get your implementation ready (wallet-, verifying- and/or issuing-service, aligned to EWC RFCs, Rulebooks and Data Schemas)
- Onboard to the EWC Trust List
- Integrate to the ITB
- Run the conformance tests
- Generate and upload the test reports
We have to wrap up our LSP and freeze the scope we work against. Over the last few months there have been biweekly updates to the ARF, the various standards and through the Implementing Acts. This will continue for the rest of this year, but EWC will end working on this in July.
This is reflected in the EWC RFCs, which have been updated to a final v3 release:
- Credential formats: IETF SD-JWT (Mandatory) and Optionally, W3C VC (JWT) and ISO 18013-5 (mdoc, mDL)
- Data workflow spec: OpenID4VCI Draft 15 (ID2) and OpenID4VP Draft 23 (ID3)
- DC APIs will be optional in v3.
Ensure that your service is in line with the EWC RFCs that you want to test against.
- The basic conformance test suite will focus on RFC-001 (Issue Verifiable Credential - v3.0) and (RFC-002 Present Verifiable Credentials Workflow - v3.0).
- You are allowed to test against other RFCs and provide those reports to us as well (we encourage you to do as many as you want).
Issuing- and verifying-services must also be based on a data schema in our repository.
- Information on usage of the data schemas is provided in the rulebooks.
- For the payment-related data schemas more information can be found in the implementation guides.
Keep in mind that the EWC Trust List can also be part of testing.
- Pay attention to RFC012 for your service and make sure it adheres to it.
- Even if you do not use/test it, others may report your service to fail on this.
Any questions on this topic can be asked in the #wallet-support channel on Slack.
Your service must be listed in the EWC TL before you can run conformance testing. Information on the EWC TL is on Github. This includes documentation on onboarding and the EWC Trust List itself. RFC 012 describes how the EWC TL is used by the EWC participants.
Onboarding to the EWC TL requires the following information:
- Legal entity and trade name
- Complete postal and electronic address
- A valid X.509 Certificate or DID or JWK
- Public endpoints (wallet URLs or verifiable credential APIs)
- Correct Service Type Identifier from supported types
Make sure to check your details, even if you already registered in the EWC TL (there are many errors in the existing entries). We will report on these registrations and we will list any errors. These errors might “merely” cause errors to show in the TL, but your services will also show up in the reports of participants who run tests against this as an error or incompliant service.
Any questions on this topic can be asked in the #wallet-support channel on Slack.
The details on ITB and interoperability are described in RFC 100.
Wallet Providers (your wallet MUST be compliant to RFC001 and RFC002)
- Contact Nikos (mail or Slack) to get an account to the ITB.
- Run the basic issuing- and verifying test cases. These work with standard services for issuing and verifying a mock PID and will give you a first idea on how well your wallet service is aligned to the EWC RFCs.
Issuers (your service MUST be compliant to RFC001)
- Contact Nikos (mail or Slack) to get an account to the ITB.
- Expose a REST endpoint for requesting the creation of a Credential Offer (this should be a GET endpoint, as described in RFC100 4.1).
- Expose a REST endpoint for polling the status of the Issuance process (described in RFC100 4.1).
- Your endpoints must be in the EWC TL listing.
Verifiers (your service MUST be compliant to RFC002)
- Contact Nikos (mail or Slack) to get an account to the ITB.
- Expose a REST endpoint for requesting the creation of a VP request (this should be a GET endpoint, as described in RFC100 5.1).
- Expose a REST endpoint for polling the status of the Verification process (described in RFC100 5.1).
- Your endpoints must be in the EWC TL listing.
In the ITB there is a conformance test suite “EWC RFC v3”. This is the minimum test suite you need to run. You can also run other tests if you want to.
Because the ITB is wallet-centric, only the wallets can run full testing. If you're an issuer/verifier with no wallet-capabilities (on issuing or verifying), then test your service against 1 conformant wallet. A list of v3-conformant wallets can be found on the readme page of the EWC RFCs. We will later on test all available conformant wallets against your service for full reports.
The ITB allows you to generate PDF test reports. Please do so for all tests you run, but at least for the conformance test suite (EWC RFC v3).
- Upload the test reports to NextCloud (create a folder for your company and put them in there).
- Add written motivation on tests that you failed, explaining why you are not (yet) conformant to the EWC RFCs.
The project is co-funded by the European Union. Views and opinions expressed are, however, those of the author(s) only and do not necessarily reflect those of the European Union or the granting authority. Neither the European Union nor the granting authority can be held responsible for them.