Skip to content
BaseID Docs

Architecture

Layer Design

Section titled “Layer Design”

BaseID follows a 5-layer architecture where each layer depends only on layers below it:

LayerCratesPurpose
Corebaseid-core, baseid-cryptoShared types, cryptographic primitives
Identitybaseid-didDID methods and resolution
Credentialsbaseid-vc, baseid-sd-jwt, baseid-mdlCredential format implementations
Protocolsbaseid-oid4vci, baseid-oid4vp, baseid-siop, baseid-didcommCommunication protocols
Applicationbaseid-wallet-core, baseid-issuer-core, baseid-verifier-coreBusiness logic orchestration

Dependency Graph

Section titled “Dependency Graph”
┌─────────────────────────────────────────────┐
│  Application: wallet-core, issuer-core, ... │
├─────────────────────────────────────────────┤
│  Protocols: oid4vci, oid4vp, siop, didcomm  │
├─────────────────────────────────────────────┤
│  Credentials: vc, sd-jwt, mdl               │
├─────────────────────────────────────────────┤
│  Identity: did                              │
├─────────────────────────────────────────────┤
│  Core: baseid-core, baseid-crypto           │
└─────────────────────────────────────────────┘

Key Design Principles

Section titled “Key Design Principles”

Pure Rust

Section titled “Pure Rust”

No runtime dependencies, memory-safe, cross-platform. The entire stack compiles to native code, WASM, and can be wrapped for mobile via FFI.

Bilingual Errors

Section titled “Bilingual Errors”

All BaseID errors implement the BilingualError trait, providing messages in English and French (with support for additional languages). This is a core requirement for Canadian government deployments.

Trait-Based Lifecycle

Section titled “Trait-Based Lifecycle”

The credential lifecycle is modeled with three core traits:

  • CredentialIssuer — creates and signs credentials
  • CredentialVerifier — validates credentials and extracts claims
  • CredentialPresenter — selects and presents credentials

Each credential format implements these traits, enabling format-agnostic application logic.

Format-Agnostic Credential Handling

Section titled “Format-Agnostic Credential Handling”

The AnyCredential enum wraps all supported formats (VC, mDL, SD-JWT), allowing application code to handle credentials without knowing their specific format.

Crate Map

Section titled “Crate Map”
src/rust/crates/
├── baseid-core/         # Shared types and traits
├── baseid-crypto/       # Key generation, signing, verification
├── baseid-did/          # DID methods (did:key, did:web, did:jwk)
├── baseid-vc/           # W3C Verifiable Credentials (JWT-VC)
├── baseid-sd-jwt/       # SD-JWT Verifiable Credentials
├── baseid-mdl/          # ISO 18013-5 mobile driving licences
├── baseid-oid4vci/      # OpenID for Verifiable Credential Issuance
├── baseid-oid4vp/       # OpenID for Verifiable Presentations
├── baseid-siop/         # Self-Issued OpenID Provider v2
├── baseid-didcomm/      # DIDComm v2 messaging
├── baseid-wallet-core/  # Wallet business logic
├── baseid-issuer-core/  # Issuer business logic
└── baseid-verifier-core/# Verifier business logic