2023-11-20 AnonCreds Working Group Meeting
Summary
PRs to the AnonCreds specification
CL Signature PRs
Project Update/Discussion: AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format
Discussion with the downstream implementers
Open Discussion
Time: 7:00 Pacific / 16:00 Central Europe
Call Link: https://zoom.us/j/97954159540?pwd=WWk3WmQ3MVh1SXBYZGVreGl0QllGdz09
Recording:
Notices:
This specification creating group operates under the Linux Foundation Community Specification License v1.0.
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Meeting Attendees
@Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
@Kimmo Hovi (FindyNet coop) <ext.kimmo.hovi@findy.fi>
@Artem Ivanov (DSR) <artem.ivanov@dsr-corporation.com>
Related Repositories:
AnonCreds Specification: https://hyperledger.github.io/anoncreds-spec/
AnonCreds Methods Registry: https://hyperledger.github.io/anoncreds-methods-registry
AnonCreds Rust Open Source Code: https://github.com/hyperledger/anoncreds-rs
Meeting Preliminaries:
Welcome and Introductions
Announcements:
Any updates to the Agenda?
Agenda
Open Issues
AnonCreds Spec PRs to Review
CL Signature PRs to review
Design and planning – AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format
The BC Gov Code With Us on AnonCreds Rust – https://marketplace.digital.gov.bc.ca/opportunities/code-with-us/d81f1bb4-4abb-4a4c-8b19-92904e0bd6a6
Design PR: https://github.com/hyperledger/anoncreds-rs/pull/266
Downstream Code With Us opportunities for Aries Cloud Agent Python and Aries Framework JavaScript
Open discussion
Future Calls
To Dos:
Issue to talking about what AnonCreds verifies and what is left to the issuer to verify.
Revocation Interval
Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
Verifier or AnonCreds?
To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval? Presentation
Key points:
1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
Dangers:
False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
Action items
Adding support for W3C Format AnonCreds to the anoncreds implementation and the spec.
Links to be referenced in the spec and used where needed: