W3C home > Mailing lists > Public > public-credentials@w3.org > June 2020

Re: selective disclosure without ZKP

From: Daniel Hardman <daniel.hardman@evernym.com>
Date: Wed, 10 Jun 2020 18:35:01 -0600
Message-ID: <CAFBYrUqEm-8F0gqoN8AwthmFbkDkxttJM25vUqAVPPzKH7w7dg@mail.gmail.com>
To: Nikos Fotiou <fotiou@aueb.gr>
Cc: "public-credentials@w3.org" <public-credentials@w3.org>
I believe this is the technique that Workday has advocated and demoed at
the Fall 2019 IIW. They may have more info.

Just to be clear: the merkle tree root hash is itself a perfect correlator;
every credential will have a different value for it. If you have fields
1-10, you can do selective disclosure on any subset of fields 1-10, but you
are *always* revealing field 11 (the merkle tree root hash) to every
verifier. This may or may not be a problem, depending on your requirements
-- but should be accounted for in the analysis of the selectivity benefit.



On Wed, Jun 10, 2020 at 5:39 PM Nikos Fotiou <fotiou@aueb.gr> wrote:

>
>
> Hi,
>
> We were thinking about VCs that support selective disclosure of claims
> without ZKP (we do not care about unlikability). A trivial approach that
> came up is the following: the issuer organizes all claims in a Merkle tree,
> includes the root of the Merkle tree (only) in the VC, and sends the VC and
> the tree to the holder. Then, the holder can include the VC and the
> corresponding Merkle membership proof in the verifiable representation.
>
>
>
> Does this sound reasonable?
>
>
>
> Best,
>
> Nikos
>
>
>
Received on Thursday, 11 June 2020 00:35:25 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 11 June 2020 00:35:26 UTC