2023-12-11 AnonCreds Working Group Meeting
Summary
- Project Update/Discussion: AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format
- Wrap up!!!
- Exposed APIs
- Aries Issue Credential and Present Proof attachment formats
- Eliminating the need for an AnonCreds JSON-LD
@context
- Open Discussion
Time: 7:00 Pacific / 16:00 Central Europe
Call Link: https://zoom.us/j/97954159540?pwd=WWk3WmQ3MVh1SXBYZGVreGl0QllGdz09
Recording:
Notices:
This specification creating group operates under the Linux Foundation Community Specification License v1.0.
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
---|
Meeting Attendees
Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
Related Repositories:
- AnonCreds Specification: https://hyperledger.github.io/anoncreds-spec/
- AnonCreds Methods Registry: https://hyperledger.github.io/anoncreds-methods-registry
- AnonCreds Rust Open Source Code: https://github.com/hyperledger/anoncreds-rs
Meeting Preliminaries:
- Welcome and Introductions
- Announcements:
- Any updates to the Agenda?
Agenda
Open Issues
- Design and planning – AnonCreds v1.0 in the W3C Verifiable Credentials Data Model Standard format
- Exposed APIs – walkthrough
- Remaining questions:
- VC 1.1 vs. 2.0 spec. – what would have to change?
- Given this Email From Manu Sporny:
- "and if Anoncreds needs to define new properties (which I'd very strongly advise against), your VC ends up w/ this context:..."
- What is in the AnonCreds context?
- Example use
- Follow up questions for JSON-LD experts
- Aries Issue Credential / Present Proof Attachments
- Eliminating having a special `@context` for AnonCreds
- What do we do about the AnonCreds
@type
values? - Can/should we move more into the
proof
sections?- Downside is you can't look at the proof and see the IDs for the CredDef or Schema.
- What do we do about the AnonCreds
- Open discussion
Future Calls
To Dos:
- Issue to talking about what AnonCreds verifies and what is left to the issuer to verify.
- Revocation Interval
- Approach to determine if the holder used an acceptable RevRegistry – see this Issue comment
- Who calls the AnonCreds method to get the Revocation Registry from the ledger for verification
- Verifier
or AnonCreds?
- Verifier
- To set "validation" to true/false based on the RevRegEntry timestamp in relation to the revocation interval? Presentation
- Key points:
- 1. an RevRegEntry is “current” from the time it is written, to the time of the next RevRegEntry
- 2. “within the interval” is based on when a RevRegEntry is “current” (see 1.), not its timestamp.
- 3. AnonCreds or the Verifier (calling AnonCreds) should calculate “within interval” (using 2.) and mark verification true if the RevRegEntry used by the Prover is within the interval, else false.
- Dangers:
- False-Negatives: If a strict "timestamp used is between from, to" and not based on when a RevReg is "current" (per 2.), we will get "not verified" incorrectly.
- False-Positives: If we don't do any checking of the timestamp and the interval, the holder could incorrectly use an old RevRegEntry.
- Dangers:
- 4. General point: AnonCreds should return both a summary (true/false) and if false, additional data about why it was false.
- Decision – add an optional `at_from_ts` set of entries, one per NRP, that AnonCreds can use for determining if the holder_ts is within the Presentation Request interval.
Action items
- Adding support for W3C Format AnonCreds to the anoncreds implementation and the spec.
- Links to be referenced in the spec and used where needed:
W3C AnonCreds + AFJ Demo
- Aries Framework JavaScript repo: https://github.com/DSRCorporation/aries-framework-javascript/tree/w3c-demo-poc
- Anoncreds-RS library, Anoncreds-NodeJs, and Anoncreds-Shared are built from the branch: https://github.com/DSRCorporation/anoncreds-rs/tree/anoncreds-wc3-wrappers
- Use main implementation (not included, dropping of
mapping
andencoding
changes)
- Use main implementation (not included, dropping of
- Update AFJ
@hyperledger/anoncreds-nodejs
and `@hyperledger/anoncreds-shared` dependencies to use locally built packages