...
- PRs from AnonCreds v1.0 Spec.
- Clarification about nonces used in the issue credential process:
- Nonces are used to prevent replay attacks, requiring the other party to use the nonce in proofs, thus requiring that they be calculated in real time – and preventing the reuse of a previously calculated proof.
- Issuer generates nonce n0 and sends it to the holder in OfferCredential data structure.
- Holder:
- Uses nonce n0 in creating the blinded_link_secret_correctness_proof that proves the holder knows the link secret that was used to create the blinded link secret.
- Generates nonce n1.
- Sends both the blinded_link_secret_correctness_proof and n1 to the issuer in the RequestCredential data structure.
- Issuer:
- Uses nonce n0 and the blinded_link_secret_correctness_proof to verify the proof.
- Uses the nonce n1 when creating the signature_correctness_proof that proves the issuer knows the private keys used to generate the signature over the credential (didn't just send a previously signed credential).
- Sends the data, signature, and signature_correctness_proof to the holder.
- Holder
- Uses nonce n1 to verify the signature_correctness_proof
- Accepts the credential from the issuer as valid.
- Clarification about nonces used in the issue credential process:
- Open Discussion
Future Calls
...