/
2023-12-11 AnonCreds Working Group Meeting

2023-12-11 AnonCreds Working Group Meeting

Dec 15, 2023

Summary

  • Project Update/Discussion: AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format

    • Wrap up!!!

    • Exposed APIs

  • Aries Issue Credential and Present Proof attachment formats

  • Eliminating the need for an AnonCreds JSON-LD @context 

  • Open Discussion

Time: 7:00 Pacific / 16:00 Central Europe
Call Link: https://zoom.us/j/97954159540?pwd=WWk3WmQ3MVh1SXBYZGVreGl0QllGdz09

Recording:



Notices: 

This specification creating group operates under the Linux Foundation Community Specification License v1.0.

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Meeting Attendees

@Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>



Related Repositories:

Meeting Preliminaries:

  • Welcome and Introductions

  • Announcements:

  • Any updates to the Agenda?

Agenda

Open Issues

  • Design and planning – AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format

    • Exposed APIs – walkthrough

    • Remaining questions:

      • VC 1.1 vs. 2.0 spec. – what would have to change?

      • Given this Email From Manu Sporny:

        • "and if Anoncreds needs to define new properties (which I'd very strongly advise against), your VC ends up w/ this context:..."

        • What is in the AnonCreds context?

        • Example use

        • Follow up questions for JSON-LD experts

  • Aries Issue Credential / Present Proof Attachments

    • Current: Indy, JSON-LD - which do we use, or should we define another that (also) handles JWTs?

  • Eliminating having a special `@context` for AnonCreds

    • What do we do about the AnonCreds @type values?

    • Can/should we move more into the proof  sections?

      • Downside is you can't look at the proof and see the IDs for the CredDef or Schema.

  • Open discussion

Future Calls

To Dos:

  • Issue to talking about what AnonCreds verifies and what is left to the issuer to verify.

  • Revocation Interval

    • Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment

    • Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification

      • Verifier or AnonCreds?

    • To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval?  Presentation 

    • Key points:

      • 1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry

      • 2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.

      • 3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.

        • Dangers:

          • False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.

          • False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.

      • 4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.

    • Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.

Action items



W3C AnonCreds + AFJ Demo