2023-03-13 AnonCreds Specification Working Group Meeting
Summary
TIME CHANGE IN EUROPE – Call is one hour earlier than normal – 7:00 Pacific / 15:00 Central Europe
Update on the AnonCreds V2.0 Working Group
Hyperledger AnonCreds Workshop?
Question: The new Revocation Interface for Indy Ledgers – process? Working?
PRs
Issues to discuss
Checkin: anoncreds-rs implementation progress, requests
Open Discussion
Recording of Call:
Notices:
This specification creating group operates under the Linux Foundation Community Specification License v1.0.
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Meeting Attendees
@Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
@Alex Andrei (RootsID)<alex.andrei@rootsid.com>
@Steve McCown (Anonyome Labs) <smccown@anonyome.com>
Related Repositories:
AnonCreds Specification: https://hyperledger.github.io/anoncreds-spec/
AnonCreds Methods Registry: https://hyperledger.github.io/anoncreds-methods-registry
AnonCreds Rust Open Source Code: https://github.com/hyperledger/anoncreds-rs
Ledger Agnostic AnonCreds Project Page: https://github.com/orgs/hyperledger/projects/16
Meeting Preliminaries:
Welcome and Introductions
Announcements:
Any updates to the Agenda?
Agenda
Open Issue
Update on the AnonCreds V2.0 Working Group
Last week's meeting: Issuance Data Model proposals from Mike Lodder
Next week: Revisiting the Issuance Data Models OR Mike's Presentation Data Models
Hyperledger AnonCreds Workshop – interest? ideas for content?
Rodolofo volunteered to help
The new revocation process for Indy – is it working? Implemented?
Change from
deltas and tails file to update the witness
to:
Deltas to full state
full state + tails file to create witness
PRs for review and merging
AnonCreds Rust 102 – handling combinations of Revoked/Non-Revoked presentations
Timestamp
Handling of both revocable and non-revocable credentials in a single presentation in all cases (bug in older implementation).
ANDs and ORs in the spec. are wrong – need to update the specification.
Issues to Discuss – notably, issues that are ready to be closed.
Checkin: anoncreds-rs implementation progress, requests
Fixes in the React Native side – registration, memory leaks, but largely figured out.
Tweaks and adjustments in AFJ, plus the revocation API.
Open Discussion: Possible topics:
Ideas on how to link from the specification to the math of the cryptographic operations?
Discussion from several weeks ago – having an intermediary collect presentations from holders and then share them with the final verifier.
Use Case:
A bus is visiting a secure site for which all visitors must present ID.
Site sends the bus operator a nonce.
The bus operator uses the nonce in a presentation request flow with each passenger.
Bus operator verifies all of the presentations.
The Bus operator forwards all of the presentations to the site for verification.
Questions:
Is there value in the use of the nonce in this way?
Does this alter the cryptography in any way?
Terms of use of the data received by the bus operator?
Discussion to be carried forward to next week.
Proposal: Should we move attribute encoding into the specification and out of the hands of the issuer?
Approach:
Deprecate the inclusion of encoded values from the "sign credential" process
If passed, recalculate and error if they don't match the canonicalization algorithm
If integer or string integer - leave as is
Else stringify and hash
In presentation – recalculate on use, as needed.
Future Calls
To Dos:
Issue #137 added regarding further investigation into what happens to the issuance data flow nonce(s) by Belsy – definition completed, to be added to the spec. @Stephen Curran
Issue #140 should WQL be allowed in a Presentation Request?
WQL is supported currently in the Indy SDK, but not in the Aries Frameworks
Should it be in the specification?
If so, in what form. From @Sam Curren — don't call it WQL if we do include it – just describe it.
Not used and it is not clear there is a good reason to support it.
Complicates the specification and the implementation.
Decision:
Not supported in the specification – let's keep it out in this version
Revocation Interval
Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
Verifier or AnonCreds?
To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval? Presentation
Key points:
1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
Dangers:
False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
Backwards Compatibility
PRs in (#82, #105) that seem to change public data structures – ones that are handled outside of AnonCreds and/or by two or more participants (issuer, holder, verifier)
We want to retain compatibility with existing data – credentials that have been issued and the published AnonCreds objects on which they rely.
That extends to business logic – e.g. the handling of the objects not just by AnonCreds, AnonCreds Methods and Aries Frameworks, but also by business applications built on Aries.
Suggestion:
Include in the specification a statement about backward compatibility
Perhaps this is what Ankur had planned to do?
Formalize what data structures will be expected by AnonCreds
This is being done throughout the specification and verified against the current implementation.
As needed support sending and receiving data in "old" and "new" formats, but (for now) always sending "old" formats.
TBD if there are any such cases.
Action items
Adding support for W3C Format AnonCreds to the anoncreds implementation and the spec.
Issue -- should "encoded" generation be handled by the Issuer or within AnonCreds?
Formalize the encoding in the specification
Transition to "encoding in AnonCreds" ASAP
Links to be referenced in the spec and used where needed: