Summary
There is no skill covering Internet Identity's attribute sharing capabilities. The existing internet-identity skill covers passkey/OpenID login and delegation-based auth, but says nothing about:
- Verifiable Credentials (VCs) -- live since mid-2024. Lets issuer dapps issue W3C-standard credentials that users present to relying parties via II, using privacy-preserving alias principals.
- Identity Attributes -- a newer flow (piloting with caffeine.ai) for sharing basic account info like email/name directly from II with user consent.
These are distinct integration patterns from basic II auth and are complex enough to warrant their own skill.
What a skill should cover
Verifiable Credentials flow
- The three-party model: Issuer, Internet Identity, Relying Party (RP)
- RP-side: initiating a VC request via
window.postMessage() JSON-RPC to II
- Issuer-side: implementing the required Candid API (
derivation_origin, vc_consent_message, prepare_credential, get_credential)
- Alias principals and how II preserves user privacy across issuer/RP boundaries
- Verifiable Presentation structure (JWT with two credentials)
- Common pitfalls (e.g., incorrect issuer canister ID, missing consent message, JWT validation)
Identity Attributes (email/name sharing)
- How the 1-click consent flow works for social-login-sourced attributes
- Current status and limitations (pilot stage)
Standards context
- Relationship to ICRC-21 (consent messages)
- Relationship to ICRC-34 (delegation, draft stage)
- W3C Verifiable Credentials Data Model alignment
Existing references
Relationship to existing skills
internet-identity -- should cross-reference the new skill for VC/attribute use cases, and explicitly note "Do NOT use for verifiable credentials or attribute sharing"wallet-integration -- covers ICRC-21/25/27/29/49 signer flows; the new skill would reference ICRC-21 for consent messages but is otherwise independent
Summary
There is no skill covering Internet Identity's attribute sharing capabilities. The existing
internet-identityskill covers passkey/OpenID login and delegation-based auth, but says nothing about:These are distinct integration patterns from basic II auth and are complex enough to warrant their own skill.
What a skill should cover
Verifiable Credentials flow
window.postMessage()JSON-RPC to IIderivation_origin,vc_consent_message,prepare_credential,get_credential)Identity Attributes (email/name sharing)
Standards context
Existing references
Relationship to existing skills
internet-identity-- should cross-reference the new skill for VC/attribute use cases, and explicitly note "Do NOT use for verifiable credentials or attribute sharing"wallet-integration-- covers ICRC-21/25/27/29/49 signer flows; the new skill would reference ICRC-21 for consent messages but is otherwise independent