Skip to main content

Documentation

Getting started

The Self-Assessment runs every auto-tested control against an Electronic Attestation of Attributes (EAA) you supply, then produces a downloadable report. It runs entirely in your browser; nothing about your credential is sent to a server. The whole flow takes about five minutes the first time.

1. Pick a scope

Open /eudi-wallet-compliance/self-assessment/ and choose four things on the form:

  • Module. Today the only available module is EAA Conformance, which covers ETSI TS 119 472-1. The other modules in the dropdown are placeholders for future releases.
  • Role. Tick Issuer if you are testing what you issue, or Verifier if you are testing how a verifier should validate the credential. You can tick both, in which case the engine includes every control whose declared role intersects with either selection.
  • Profile. Tick SD-JWT VC, ISO mdoc, or both. The available checks today exercise the SD-JWT VC profile; mdoc support is on the roadmap.
  • Tier. Pick Ordinary EAA, QEAA, or PuB-EAA. This drives both the in-scope control set and the gap-analysis projections to higher tiers.

Click Continue. The scope is persisted to URL search parameters so you can share or bookmark a particular flow.

2. Upload your evidence

On the upload step, paste your SD-JWT VC compact serialisation into the EAA payload field, or drop a file containing it. The field colour-codes the three JWS segments (header pink, payload purple, signature cyan) plus disclosures (emerald) so you can sanity- check the artefact at a glance. Three other inputs are optional:

  • Issuer X.509 certificate in PEM form. Used by the trust-list lookup checks (deferred today).
  • Status list URL. If the credential carries a status component, the runtime resolver fetches and parses it.
  • Type metadata. JSON object linked to the vct.

If you do not have a credential to hand, every entry in the reference samples library carries a "Run Self-Assessment with this sample" button that pre-fills the upload form. Useful for kicking the tyres.

3. Run the assessment

Click Run Assessment. The engine evaluates every in-scope control against your evidence and writes the result to your browser's local storage (kept for 30 days). You land on the report page automatically.

4. Read the report

Verdicts are grouped by clause so you can see structural results at a glance. Each control id links to its catalogue page where the full spec text and the plain-English explanation live. The summary cards above show pass / fail / warn / N/A counts; a small line below names the catalogue-coverage gap (the engine ships fewer checks than the full catalogue today).

See Understanding your report for the precise meaning of each verdict and how to read the gap analysis.

5. Download or share

Below the verdicts, an email gate unlocks two downloads: a PDF suitable for circulating to a notified body or to your engineering team, and a JSON file with the raw AssessmentResult shape for piping into your own tooling. Both are produced client-side; the email is stored only in your browser.

Doing it from your CI

The same engine that powers the Self-Assessment runner is published as @iwc/engine in the eudi-wallet-compliance repository. Drop it into a regression test against every build of your issuer, parse the resulting verdicts, and fail the build on any new fail. The reference samples are committed to that repo too, so you can use them as known-good fixtures.

Last reviewed 02/05/2026. All documentation · Back to the Hub ·