Reviewer sandbox

Passpod TASK / Remote Worker Trust local sandbox.

This page explains what reviewers receive when they request the local sandbox package. It is designed for local review of request, consent, Trust Action Receipt, verify, withdraw, revoke, and block-reuse flows.

If GitLab access is restricted, request access at pilots [at] passpod [dot] io.

Safety boundary

Local sandbox only
No real identity data
No production keys
Not a production EUDI Wallet integration

The sandbox is a reviewer package. It does not claim EUDI certification, France Identite approval, or production wallet integration. Reviewers receive local files and run the API and static frontend on their own machine.

Recommended reviewer path

  1. View scenario first. Open the Console scenario to inspect the request, policy check, decision path, and sandbox Trust Action Receipt before installing anything.
  2. Run locally. Use the Playground GitLab package if you already have access. If GitLab blocks you, use the ZIP fallback provided during Unfold.
  3. Test five scenarios. Allow, data minimization, consent withdrawal, revoke/block reuse, and fair review.
  4. Send focused feedback. Tell us where the Trust Action Receipt is useful, confusing, or missing from EUDI relying-party workflows.

Five scenarios to test

1. Normal allowA recruiter requests work-readiness proof. The worker consents. TASK issues a Trust Action Receipt.
2. Data minimizationThe requester asks for too much. TASK limits the data request and produces a minimized receipt.
3. Consent withdrawalThe worker withdraws consent. The receipt status changes and reuse is blocked.
4. Revoke / abuse controlA previous receipt is revoked. Verification shows it is no longer valid.
5. Fair reviewTASK returns review_required instead of blindly allowing or denying.

How to run the local demo

After receiving the package, reviewers run two local services on their own machine: the API on port 8080 and the static front-end on port 8081. The browser connects the front-end to the local API. These addresses are for local testing only, not public access.

Local API: runs on port 8080
Static front-end: runs on port 8081

Example local commands after receiving the package

These commands are examples for reviewers who already received and unpacked the local sandbox package.

cd remote-worker-trustpass-api-partner
npm run check
npm start
cd playground
python3 -m http.server 8081 --bind 127.0.0.1
open http://127.0.0.1:8081/?api=http://127.0.0.1:8080