Michael – interesting question. The main reason for keeping the private key around would be if that key is associated with an identity that wishes to establish a history of “trust” by signing multiple objects/documents over time. If, however, there are reasons why there is no need to do that or you are situation where it is not possible to keep it around (e.g., hardware/memory/storage), then it is fine to dispose of it. Leonard From: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net> Date: Saturday, December 11, 2021 at 11:50 PM To: sam@prosapien.com <sam@prosapien.com>, public-credentials (public-credentials@w3.org) <public-credentials@w3.org> Subject: Single Use Key Pairs: Disposable Private Keys? If an NFT (for a photo, a calf, or a kiss, etc.) or a unique one-of-a-kind business document (a specific purchase order, invoice, waybill, delivery confirmation, etc.) is represented as a (signed) verifiable credential, once the proof is generated for the VC, is it necessary to persist the private key used to sign the VC? ...can't the private key be thrown away if it is no longer needed to sign anything further? ...that is, only the public key needs to be persisted and keyed to the VC's outer id and stored in the corresponding DID document? ... inspired by the early part of Sam's KERI ssimeetup talk. Michael Herman Founder Trusted Digital Web Get Outlook for Android<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2FAAb9ysg&data=04%7C01%7Clrosenth%40adobe.com%7C012dd9618f544fd3254408d9bd2ad990%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637748814016005456%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=uE9UXaphFdjMYJFYMO%2Fkta%2BL7wYpIcTZTEEuBFVHcoo%3D&reserved=0>
Received on Monday, 13 December 2021 13:18:56 UTC