2023-02-27 AnonCreds Specification Working Group Meeting

Owned by Stephen Curran
Last updated: Feb 27, 2023
5 min read

Summary

  • Update on the AnonCreds V2.0 Working Group
  • AnonCreds on Cardano - Presentation by Rodolfo Miranda 
  • AnonCreds, JSON-LD, W3C Verifiable Credentials Data Model Standard and the VCWG
  • PRs
  • Issues to discuss
  • Checkin: anoncreds-rs implementation progress, requests
  • Open Discussion

Recording of Call: dummyfile.txt


Notices: 

This specification creating group operates under the Linux Foundation Community Specification License v1.0.

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Meeting Attendees

Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>

Rodolfo Miranda (RootsID)<rodolfo.miranda@rootsid.com>

Steve McCown (Anonyome Labs) <smccown@anonyome.com>

Sam Curren (Indicio) <sam@indicio.tech>

Matteo Midena (Monokee) <matteo.midena@monokee.com>


Related Repositories:

Meeting Preliminaries:

  • Welcome and Introductions
  • Announcements:
    • AnonCreds V2.0 Working Group meetings started last week, and will meet every second Monday (next meeting is next Monday, March 6 at 10:00 Pacific / 19:00 Central Europe)
    • This meeting will now be every second Monday as will, but at this time of 7:00 Pacific / 16:00 Central Europe.
  • Any updates to the Agenda?

Agenda

Open Issue

  • Update on the AnonCreds V2.0 Working Group
    • The goal of AnonCreds v2.0 is to retain and extend the privacy-preserving features of AnonCreds v1.0, while improving capabilities, performance, extensibility, and security.
    • Next week's meeting: Data Model proposals from Mike Lodder
  • AnonCreds on Cardano - Presentation by Rodolfo Miranda 
  • Migrating to did:indy – can just happen?
  • AnonCreds, JSON-LD, W3C Verifiable Credentials Data Model Standard and the VCWG
    • On step further in aligning with JSON-LD – signing the hash of the @context  RDF tuple WITHOUT credential data.  Good idea?
    • The VCWG Miami F2F – the resolution to the "Big Tent" issue.
  • PRs for review and merging
    • AnonCreds Rust 102 – handling combinations of Revoked/Non-Revoked presentations
      • Timestamp
      • Handling of both revocable and non-revocable credentials in a single presentation in all cases (bug in older implementation).
    • ANDs and ORs in the spec. are wrong – need to update the specification.
  • Issues to Discuss – notably, issues that are ready to be closed.
  • Checkin: anoncreds-rs implementation progress, requests
  • Open Discussion:
    • Ideas on how to link from the specification to the cryptographic operations?
    • Discussion from several weeks ago – having an intermediary collect presentations from holders and then share them with the final verifier.
      • Use Case:
        • A bus is visiting a secure site for which all visitors must present ID.
        • Site sends the bus operator a nonce.
        • The bus operator uses the nonce in a presentation request flow with each passenger.
        • Bus operator verifies all of the presentations.
        • The Bus operator forwards all of the presentations to the site for verification.
      • Questions:
        • Is there value in the use of the nonce in this way?
        • Does this alter the cryptography in any way?
        • Terms of use of the data received by the bus operator?
      • Discussion to be carried forward to next week.
    • Proposal: Should we move attribute encoding into the specification and out of the hands of the issuer?
      • Approach:
        • Deprecate the inclusion of encoded values from the "sign credential" process
        • If passed, recalculate and error if they don't match the canonicalization algorithm
          • If integer or string integer - leave as is
          • Else stringify and hash
        • In presentation – recalculate on use, as needed.

Future Calls

To Dos:

  • Issue #137 added regarding further investigation into what happens to the issuance data flow nonce(s) by Belsy – definition completed, to be added to the spec. Stephen Curran 
  • Issue #140 should WQL be allowed in a Presentation Request?
    • WQL is supported currently in the Indy SDK, but not in the Aries Frameworks
    • Should it be in the specification?
    • If so, in what form. From Sam Curren — don't call it WQL if we do include it – just describe it.
    • Not used and it is not clear there is a good reason to support it.
    • Complicates the specification and the implementation.
    • Decision:
      • Not supported in the specification – let's keep it out in this version
  • Revocation Interval
    • Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
    • Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
      • Verifier or AnonCreds?
    • To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval?  Presentation 
    • Key points:
      • 1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
      • 2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
      • 3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
        • Dangers:
          • False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
          • False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
      • 4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
    • Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
  • Backwards Compatibility
    • PRs in (#82, #105) that seem to change public data structures – ones that are handled outside of AnonCreds and/or by two or more participants (issuer, holder, verifier)
    • We want to retain compatibility with existing data – credentials that have been issued and the published AnonCreds objects on which they rely.
    • That extends to business logic – e.g. the handling of the objects not just by AnonCreds, AnonCreds Methods and Aries Frameworks, but also by business applications built on Aries.
    • Suggestion:
      • Include in the specification a statement about backward compatibility
        • Perhaps this is what Ankur had planned to do?
      • Formalize what data structures will be expected by AnonCreds
        • This is being done throughout the specification and verified against the current implementation.
      • As needed support sending and receiving data in "old" and "new" formats, but (for now) always sending "old" formats.
        • TBD if there are any such cases.

Action items