[{"data":1,"prerenderedAt":424},["ShallowReactive",2],{"/blog/product-update-30":3},{"id":4,"title":5,"archived":6,"author":7,"body":8,"category":412,"coverImage":7,"description":413,"extension":414,"meta":415,"navigation":416,"ogImage":417,"path":418,"publishedAt":419,"seo":420,"stem":421,"tags":422,"__hash__":423},"blog/blog/product-update-30.md","Product Update #30",false,"",{"type":9,"value":10,"toc":395},"minimark",[11,16,33,38,41,59,63,68,73,76,83,88,97,103,108,111,117,122,125,131,136,139,145,150,153,158,161,166,169,174,177,181,201,203,207,219,222,225,229,234,240,245,248,254,259,262,265,270,273,278,281,286,289,293,337,339,343,346,353,359,362,369,375,378,385,387],[12,13,15],"h1",{"id":14},"tldr","TL;DR",[17,18,19,27],"ul",{},[20,21,22,26],"li",{},[23,24,25],"strong",{},"New release"," - OID4VCI v1 in Community Stack Issuer, transaction data authorization for payment flows, automated status list rollover, and much more.",[20,28,29,32],{},[23,30,31],{},"New resources"," – eIDAS 2 guide for financial services, interactive DCQL Builder tool for credential requests.",[34,35,37],"h2",{"id":36},"community-stack-0210","Community Stack (0.21.0)",[39,40],"hr",{},[42,43,44,45,52,53,58],"p",{},"Below are the highlights available through 0.21.0 of the identity lib. Check out the full change log for 0.21.0 ",[46,47,51],"a",{"href":48,"rel":49},"https://github.com/walt-id/waltid-identity/releases/tag/v0.21.0",[50],"nofollow","here",". Want to learn more about the identity lib in general? Check out our ",[46,54,57],{"href":55,"rel":56},"https://youtu.be/5T7M63apfdg",[50],"intro video",".",[34,60,62],{"id":61},"_0210","0.21.0",[64,65,67],"h3",{"id":66},"features","Features",[42,69,70],{},[23,71,72],{},"Issuer 2",[42,74,75],{},"Issue credentials aligned with the OID4VCI v1 version with our new issuer2 service in the Community Stack. Next to core capabilities such as tx-code support for pre-auth flows and wallet-initiated issuance, the issuer2 also comes with an improved general interface, including a profile system to issue credentials.",[42,77,78,79],{},"Learn more ",[46,80,51],{"href":81,"rel":82},"https://docs.walt.id/community-stack/issuer2/getting-started",[50],[42,84,85],{},[23,86,87],{},"Transaction Data Support In the Verifier 2",[42,89,90,91,96],{},"Bind credential presentations to specific transaction data in the Community Stack Verifier, aligned with the ",[46,92,95],{"href":93,"rel":94},"https://github.com/eu-digital-identity-wallet/eudi-doc-standards-and-technical-specifications/blob/main/docs/technical-specifications/ts12-electronic-payments-SCA-implementation-with-wallet.md",[50],"EUDI TS-12 Strong Customer Authentication specification",". Enable payment authorizations, account access requests, and custom transaction types. It supports SD-JWT VC and mDL credentials via configurable transaction data profiles.",[42,98,78,99],{},[46,100,51],{"href":101,"rel":102},"https://docs.walt.id/community-stack/verifier2/credential-verification/sd-jwt-vc-oid4vp#transaction-data-authorization",[50],[42,104,105],{},[23,106,107],{},"OpenID4VP 1.0 holder support",[42,109,110],{},"Added OpenID4VP 1.0 holder support with draft compatibility, including request_uri POST metadata/nonce validation, unified VP format capabilities, and hardened request object handling",[42,112,78,113],{},[46,114,51],{"href":115,"rel":116},"https://github.com/walt-id/waltid-identity/pull/1694",[50],[42,118,119],{},[23,120,121],{},"X.509 Certificate Signing Request (CSR) support",[42,123,124],{},"Added X.509 Certificate Signing Request (CSR) support in the x509 library for certificate generation workflows",[42,126,78,127],{},[46,128,51],{"href":129,"rel":130},"https://github.com/walt-id/waltid-identity/pull/1753",[50],[42,132,133],{},[23,134,135],{},"x5c support for W3C Credentials",[42,137,138],{},"Added x5c support for W3C Credentials, enabling X.509 certificate chain embedding in credential signatures",[42,140,78,141],{},[46,142,51],{"href":143,"rel":144},"https://github.com/walt-id/waltid-identity/pull/1742",[50],[42,146,147],{},[23,148,149],{},"Ktor/Gradle Upgrades",[42,151,152],{},"Upgraded to Ktor 3.4.3 and Gradle 9 with conformance test improvements, vulnerability fixes, and enhanced error handling",[42,154,155],{},[23,156,157],{},"Metadata Resolution",[42,159,160],{},"Simplified metadata URL construction and resolution logic. Added path-aware metadata URL resolution for OpenID4VCI wallet. Improved error body logging in IssuerMetadataResolver.",[42,162,163],{},[23,164,165],{},"Conformance / Testing",[42,167,168],{},"Upgraded conformance tests with Ktor 3.4.3 migration. Added KB IAT check policy for SD-JWT. Updated certificates and trust anchors for conformance tests. Improved presentation verification error messages. Fixed vulnerable transient dependency of Azure library.",[42,170,171],{},[23,172,173],{},"Infrastructure / Deployment",[42,175,176],{},"Refactored kubeconfig and updated deployment configurations. Updated ingress class from nginx to Traefik across services. Updated storageClass references for cloud deployments. Removed initContainers from wallet-api deployment. Fixed Docker Compose setup.",[64,178,180],{"id":179},"fixes","Fixes",[17,182,183,186,189,192,195,198],{},[20,184,185],{},"Fixed typo in codebase (#1780).",[20,187,188],{},"Fixed stale import (#1785).",[20,190,191],{},"Fixed WebDataFetcher JVM hang by moving to companion object.",[20,193,194],{},"Fixed database transaction context for KeysService.list() calls.",[20,196,197],{},"Fixed SD-JWT verification with issuer key set.",[20,199,200],{},"Fixed status list debug logging (thousands of 0s).",[39,202],{},[34,204,206],{"id":205},"enterprise-stack-0210","Enterprise Stack (0.21.0)",[42,208,209,210,214,215,58],{},"Below are the new feature highlights available through 0.21.0 of the Enterprise Stack. Check out the full change log for 0.21.0 ",[46,211,51],{"href":212,"rel":213},"https://docs.walt.id/enterprise-stack/release-notes/releases/0.21.x",[50],". Want to learn more about the enterprise stack in general? Check out our ",[46,216,57],{"href":217,"rel":218},"https://youtu.be/FKzoD9F23VE",[50],[34,220,62],{"id":221},"_0210-1",[64,223,67],{"id":224},"features-1",[42,226,227],{},[23,228,87],{},[42,230,90,231,96],{},[46,232,95],{"href":93,"rel":233},[50],[42,235,78,236],{},[46,237,51],{"href":238,"rel":239},"https://docs.walt.id/enterprise-stack/services/verifier2-service/credential-verification/sd-jwt-vc-oid4vp#transaction-data-authorization",[50],[42,241,242],{},[23,243,244],{},"Status List Capacity & Auto-Rollover via the Credential Status Service",[42,246,247],{},"Manage credential status at scale with configurable capacity monitoring and automatic rollover for status lists in the Enterprise Stack. Set warning and critical thresholds to track usage, and enable auto-rollover to seamlessly create new status lists when reaching capacity limits—ensuring uninterrupted credential lifecycle management for high-volume issuance scenarios.",[42,249,78,250],{},[46,251,51],{"href":252,"rel":253},"https://docs.walt.id/enterprise-stack/services/credential-status-service/setup#capacity-configuration",[50],[42,255,256],{},[23,257,258],{},"Certificate Signing Request (CSR) Workflows",[42,260,261],{},"Generate and process PKCS#10 Certificate Signing Requests with the X.509 Certificate Service in the Enterprise Stack. Enable proof-of-possession workflows where requesters prove control of private keys before certificate issuance—supporting both generic certificates and ISO Document Signer certificates.",[42,263,264],{},"Learn more here",[42,266,267],{},[23,268,269],{},"Improved Issuer2 UI",[42,271,272],{},"Streamline credential issuance workflows with improved Enterprise UI for the Issuer2 service.",[42,274,275],{},[23,276,277],{},"Database Migration Framework",[42,279,280],{},"Deploy schema updates safely across multi-node clusters with our new database migration framework. Featuring cluster-aware coordination, dry-run validation, rollback capabilities, and automatic recovery from node restarts—ensuring zero-downtime migrations and consistent database state across distributed Enterprise Stack deployments.",[42,282,283],{},[23,284,285],{},"Resource Timestamps",[42,287,288],{},"Track resource lifecycle with automatic timestamps in the Enterprise Stack. All resources now include server-side createdAt and updatedAt timestamps with indexed sorting support. Migration to populate existing data with timestamp fields is also supported.",[64,290,292],{"id":291},"fixes-an-improvements","Fixes an improvements",[17,294,295,298,301,304,307,310,313,316,319,322,325,328,331,334],{},[20,296,297],{},"Fixed issuerState handling for preauthorized offers.",[20,299,300],{},"Updated token and credential endpoint errors.",[20,302,303],{},"Upgraded to Ktor 3.4 with associated fixes.",[20,305,306],{},"Removed openid metadata endpoint.",[20,308,309],{},"Fixed OIDC metadata compatibility.",[20,311,312],{},"Updated MongoDB connection strings for new infrastructure.",[20,314,315],{},"Updated ingress class from nginx to Traefik.",[20,317,318],{},"Updated kubeconfig secret references.",[20,320,321],{},"Updated helm and k8s deployment workflow references.",[20,323,324],{},"Fixed policy field comparison to avoid timestamp mismatch in tests.",[20,326,327],{},"Fixed Sonar findings and code cleanup.",[20,329,330],{},"Reduced code duplication across services.",[20,332,333],{},"Removed unnecessary try-catch blocks.",[20,335,336],{},"Fixed duplicate imports after merge.",[39,338],{},[34,340,342],{"id":341},"digital-government-demo-credential-issuance-verification-trust","Digital Government Demo: Credential Issuance, Verification & Trust",[42,344,345],{},"Our latest demo shows how the walt.id products enable everything from credential issuance and verification to handling the underlying ecosystem trust layer in a digital government portal.",[42,347,348,349],{},"Watch the full demo ",[46,350,51],{"href":351,"rel":352},"https://youtu.be/nh4ieB7IVAI",[50],[34,354,356],{"id":355},"eidas2forfinancialservices",[23,357,358],{},"eIDAS 2 for Financial Services",[42,360,361],{},"A complete guide for banks navigating wallet acceptance, Strong Customer Authentication, and the 2027 compliance deadline. Understand the three roles banks play under eIDAS 2, how wallet-based SCA works under PSD2 with TS12, reusable KYC for customer onboarding, and qualified e-signatures for contracts.",[42,363,364,365],{},"Learn ",[46,366,368],{"href":367},"/eidas2/financial-services","more",[34,370,372],{"id":371},"dcql-builder-by-waltid",[23,373,374],{},"DCQL Builder by walt.id",[42,376,377],{},"Define the credentials you want to request and get a valid DCQL query instantly. Our interactive tool generates standards-compliant Digital Credentials Query Language queries for OpenID4VP credential verification—supporting SD-JWT VC, mDL, and W3C VC formats with real-time validation and seamless integration to the walt.id Verifier.",[42,379,380],{},[46,381,384],{"href":382,"rel":383},"https://dcql.walt.id/",[50],"Try the DCQL Builder",[39,386],{},[42,388,389,390],{},"PS: If you enjoy working with our tools, make sure to leave us a ⭐ ",[46,391,394],{"href":392,"rel":393},"https://github.com/walt-id/waltid-identity",[50],"on GitHub",{"title":7,"searchDepth":396,"depth":396,"links":397},2,[398,399,404,405,409,410,411],{"id":36,"depth":396,"text":37},{"id":61,"depth":396,"text":62,"children":400},[401,403],{"id":66,"depth":402,"text":67},3,{"id":179,"depth":402,"text":180},{"id":205,"depth":396,"text":206},{"id":221,"depth":396,"text":62,"children":406},[407,408],{"id":224,"depth":402,"text":67},{"id":291,"depth":402,"text":292},{"id":341,"depth":396,"text":342},{"id":355,"depth":396,"text":358},{"id":371,"depth":396,"text":374},"Product Updates","OID4VCI v1 in Community Stack Issuer, transaction data authorization for payment flows, automated status list rollover, and much more.","md",{},true,null,"/blog/product-update-30","2026-06-17",{"title":5,"description":413},"blog/product-update-30",[],"qdbMOKOvu4kdbl5dvJT6XkD53nVzeHyuDx7EzZQrFDg",1781690385456]