Page History

...

Recording of Call:   20230313 AnonCreds Specification Working Group Call Recording.mp4

Notices: 

This specification creating group operates under the Linux Foundation Community Specification License v1.0.

...

Stephen Curran (BC Gov / Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>

Alex Andrei (RootsID)<alex.andrei@rootsid.com>

Steve McCown (Anonyome Labs) <smccown@anonyome.com>

Related Repositories:

• AnonCreds Specification: https://hyperledger.github.io/anoncreds-spec/
• AnonCreds Methods Registry: https://hyperledger.github.io/anoncreds-methods-registry
• AnonCreds Rust Open Source Code: https://github.com/hyperledger/anoncreds-rs
  • Ledger Agnostic AnonCreds Project Page: https://github.com/orgs/hyperledger/projects/16

...

• Update on the AnonCreds V2.0 Working Group
  • The goal of AnonCreds v2.0 is to retain and extend the privacy-preserving features of AnonCreds v1.0, while improving capabilities, performance, extensibility, and security.
  • Next Last week's meeting: Issuance Data Model proposals from Mike Lodder
• AnonCreds on Cardano - Presentation by Rodolfo Miranda 
  • From Timo Glastra : I was wondering after your last demo. Even if it would support any did as issuerId, I think we should still limit the identifier of the anoncreds object to be specific to the cardano registry. That could for example mean prepending it with `did:cardano` or it could mean prefixing it with something like `anoncreds:cardano:<identifier>`. As otherwise we're going to have conflicts I assume with an anoncreds object having e.g. an `did:example` identifier, which should be reserved for the `did:example` method.
  • Links:
    • https://wiki.trustoverip.org/display/HOME/DID-Linked+Resources+Specification
    • https://github.com/roots-id/cardano-anoncreds/blob/main/cardano-anoncred-methods.md
    • https://hyperledger.github.io/anoncreds-methods-registry/#cardano-anoncreds-method
    • https://github.com/roots-id/cardano-anoncreds/tree/main/reference-implementations
  • From Alex Andrei : I was talking to the side tree guys and they mentioned that using IPNS is also a good use case for anoncreds objects
• Migrating to did:indy – can just happen?
  • Credentials issued to old identifiers - proof request has old identifiers, either unqualified or "did:sov" – there is an equivalent "did:indy"
  • Add to spec – unqualified and map them to "did:indy" automagically, or require the verifier to ask for both representations explicitly.
  • Timo Glastra to do a test to see the effort is supporting all flavours on receipt of a proof request and in verifying.  How painful is that to support?
  • Link to Indy DID Networks repo: https://github.com/hyperledger/indy-did-networks
    • Discord: https://discord.com/channels/905194001349627914/941708981825576960/1036580808196116481
• • Next week: Revisiting the Issuance Data Models OR Mike's Presentation Data Models
• Hyperledger AnonCreds Workshop – interest? ideas for content?
  • Rodolofo volunteered to help
• The new revocation process for Indy – is it working?  Implemented?
  • Change from
    • deltas and tails file to update the witness
  • to:
    • Deltas to full state
    • full state + tails file to create witness
  AnonCreds, JSON-LD, W3C Verifiable Credentials Data Model Standard and the VCWG
  • On step further in aligning with JSON-LD – signing the hash of the @context  RDF tuple WITHOUT credential data.  Good idea?
  • The VCWG Miami F2F – the resolution to the "Big Tent" issue.
• PRs for review and merging
  • AnonCreds Rust 102 – handling combinations of Revoked/Non-Revoked presentations
    • Timestamp
    • Handling of both revocable and non-revocable credentials in a single presentation in all cases (bug in older implementation).
  • ANDs and ORs in the spec. are wrong – need to update the specification.
• Issues to Discuss – notably, issues that are ready to be closed.
• Checkin: anoncreds-rs implementation progress, requests
  
  • Fixes in the React Native side – registration, memory leaks, but largely figured out.
  • Tweaks and adjustments in AFJ, plus the revocation API.NodeJs wrapper performance issue: https://github.com/hyperledger/aries-askar/issues/76
• Open Discussion: Possible topics:
  • Ideas on how to link from the specification to the math of the cryptographic operations?
  • Discussion from several weeks ago – having an intermediary collect presentations from holders and then share them with the final verifier.
    • Use Case:
      • A bus is visiting a secure site for which all visitors must present ID.
      • Site sends the bus operator a nonce.
      • The bus operator uses the nonce in a presentation request flow with each passenger.
      • Bus operator verifies all of the presentations.
      • The Bus operator forwards all of the presentations to the site for verification.
    • Questions:
      • Is there value in the use of the nonce in this way?
      • Does this alter the cryptography in any way?
      • Terms of use of the data received by the bus operator?
    • Discussion to be carried forward to next week.
  • Proposal: Should we move attribute encoding into the specification and out of the hands of the issuer?
    • Approach:
      • Deprecate the inclusion of encoded values from the "sign credential" process
      • If passed, recalculate and error if they don't match the canonicalization algorithm
        • If integer or string integer - leave as is
        • Else stringify and hash
      • In presentation – recalculate on use, as needed.

...