Re: Multi-signature Verifiable Credentials from Jack Tanner on 2022-12-05 (public-credentials@w3.org from December 2022)

From: Jack Tanner <jack@tonomy.foundation>
Date: Mon, 5 Dec 2022 10:59:05 +0100
To: steve.e.magennis@gmail.com
Cc: Snorre Lothar von Gohren Edwin <snorre@diwala.io>, Manu Sporny <msporny@digitalbazaar.com>, public-credentials@w3.org, rebal@tonomy.foundation, Suneet Bendre <bendre.android@gmail.com>
Message-ID: <CAPfSfL_X8An0RB+Z9OPLsr9LSUxjuo1jAGSmFzLU+CcUHqH8dA@mail.gmail.com>
We have now completed an implementation of the multi-signature and
delegated VCs up and running using the DIF did-jwt(-vc) libraries!

https://blog.tonomy.foundation/verifiable-credentials-with-provable-delegated-and-multi-sig-signatures-e46ca74d7d87
The above article explains what we've done and links the various works.

I'd like to add this as a discussion agenda point on tomorrow's weeks W3C
CCG call. Eventually, we'd like to get this change approved and added to
the upstream repos as well.

As part of this, we renamed "Verifiable Conditions" to "Conditional Proofs"
as suggested in our call, and would like to see upstream change approved to
the W3C CCG repo <https://github.com/w3c-ccg/verifiable-conditions/pull/10>
as well.

Cheers,
Jack

On Tue, 18 Oct 2022 at 16:44, <steve.e.magennis@gmail.com> wrote:

> Snorree, the scenario you describe regarding potential future dissonance
> highlights an important consideration. VC’s are great for preserving *the*
> *intent* of one or more parties **at a given point in time** if that
> intent later changes then you need to think in terms of
> revocation/re-issuance or modification of a VC. Multi-sig can potentially
> give you a little flexibility by allowing some issuers to change their
> intent while others do not, but I don’t think M of N is the best way to
> deal with it.
>
>
>
> -S
>
>
>
> *From:* Snorre Lothar von Gohren Edwin <snorre@diwala.io>
> *Sent:* Tuesday, October 18, 2022 6:52 AM
> *To:* Jack Tanner <jack@tonomy.foundation>
> *Cc:* Manu Sporny <msporny@digitalbazaar.com>; public-credentials@w3.org;
> rebal@tonomy.foundation; Suneet Bendre <bendre.android@gmail.com>
> *Subject:* Re: Multi-signature Verifiable Credentials
>
>
>
> I would love to understand what customers are asking for to translate this
> logic into human needs.
>
> Because we are facing a situation where credentials have had the
> Presidents signature on them(physically) and that was a verification
> mechanism in this ecosystem. But in reality, adding this signature together
> with the institute signature inside the VC, will add a potential
> future dissonance. Because the President might have quit, and it might not
> make sense any more. Unless you mix in timestamps and so on.
>
> What I have been reasoning about is the question, does this signature need
> external auditability? Yes? Put it in the VC. No? Leave it.
> While for most cases, the institute signature is enough, and if one ever
> wants to dispute a credential, there is an internal audit that has to make
> sure it was not a bad actor move or something else.
>
> What are your thoughts on this?
>
> Also why Im trying to learn what real live customers are asking for and
> what mental model I can wrap around what we are discussing here.
>
> ᐧ
>
>
>
> On Mon, Oct 3, 2022 at 12:18 PM Jack Tanner <jack@tonomy.foundation>
> wrote:
>
> For the cases that we are looking at
>
> * Using multiple proofs to perform set-based multi-signature. (we want to
> be able to asynchronous sign the VC)
> * Using multiple proofs to perform chain-based multi-signature.
> * Using multiple proofs to perform multi-level/enveloped multi-signature.
> * Using a single proof to perform set-based multi-signature. (sign a VC
> with a number of keys at once)
> * Using a single proof to perform chain-based multi-signature.
> * Using a single proof to perform M of N threshold multi-signature. (we
> are using W3C's Verifiable Condition to express this condition in the DID
> Document)
> * Using a single proof to perform privacy-preserving M of N  threshold
> multi-signature.
>
>
>
> Food for thought, the implementation we just finished with JWT's is a kind
> of chain proof in the end to make it comply to the JWT standard - we nested
> each JWS as the payload for the next JWS inside the JWT.
>
>
>
> Proof sets for JSON-LD format is also a great approach.
>
>
>
> Cheers,
>
> Jack
>
>
>
> On Sat, 1 Oct 2022 at 20:52, Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
> On Wed, Sep 28, 2022 at 4:08 AM Jack Tanner <jack@tonomy.foundation>
> wrote:
> > What should the proof look like?
>
> We're trying to lock this down over the next couple of weeks in the
> VCWG. The specific sections of the Data Integrity spec (with examples)
> are here:
>
>
> https://pr-preview.s3.amazonaws.com/w3c/vc-data-integrity/pull/59.html#proof-sets
>
> and here:
>
>
> https://pr-preview.s3.amazonaws.com/w3c/vc-data-integrity/pull/59.html#proof-chains
>
> > Which VC library would make the most sense for the initial
> implementation?
>
> Digital Bazaar's open source vc-js library will support proof sets and
> chains (as specified in the Data Integrity spec by the VCWG) in
> production. There is strong customer pull for proof sets. There is not
> strong customer pull for proof chains, but given that we have the
> opportunity to define a global standard for doing that AND because
> there are use cases like notarization that are important, we plan to
> add full support for that as well.
>
> Regarding the concept of multi-signature, I am a bit concerned that
> people are talking past each other as there are a number of categories
> there and it's possible that not everyone is talking about the same
> categories of multisig. There are at least these categories:
>
> * Using multiple proofs to perform set-based multi-signature.
> * Using multiple proofs to perform chain-based multi-signature.
> * Using multiple proofs to perform multi-level/enveloped multi-signature.
> * Using a single proof to perform set-based multi-signature.
> * Using a single proof to perform chain-based multi-signature.
> * Using a single proof to perform M of N threshold multi-signature.
> * Using a single proof to perform privacy-preserving M of N  threshold
> multi-signature.
>
> So, when you say "multi-signature" -- which one of these things are
> you talking about?
>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> News: Digital Bazaar Announces New Case Studies (2021)
> https://www.digitalbazaar.com/
>
>
>
>
> --
>
> _________________________________________
>
> Jack Tanner
>
> Founder and Architect | Tonomy Foundation
>
> p: (+31) 6 2216 5433
>
> w: tonomy.foundation e: jack@tonomy.foundation
>
> <https://twitter.com/@theblockstalk>
> <https://www.linkedin.com/in/jack-tanner/>
>
>
>
>
> --
>
> *Snorre Lothar von Gohren Edwin*
>
> Co-Founder & CTO, Diwala
>
> +47 411 611 94
> www.diwala.io
> <http://www.diwala.io/>
>
> *Stay on top of Diwala news on social media! Facebook
> <https://www.facebook.com/diwalaorg> / LinkedIn
> <https://www.linkedin.com/company/diwala> / Instagram
> <https://www.instagram.com/diwala_/> / Twitter <https://twitter.com/Diwala>*
>


-- 
_________________________________________

Jack Tanner
Founder and Architect | Tonomy Foundation
p: (+31) 6 2216 5433
w: tonomy.foundation e: jack@tonomy.foundation
<https://twitter.com/@theblockstalk>
<https://www.linkedin.com/in/jack-tanner/>
Received on Monday, 5 December 2022 09:59:31 UTC