Re: Multi-signature Verifiable Credentials from Gabe Cohen on 2022-12-06 (public-credentials@w3.org from December 2022)

From: Gabe Cohen <gabe@tbd.email>
Date: Tue, 6 Dec 2022 10:35:21 -0800
To: Jack Tanner <jack@tonomy.foundation>
Cc: Snorre Lothar von Gohren Edwin <snorre@diwala.io>, Manu Sporny <msporny@digitalbazaar.com>, public-credentials@w3.org, rebal@tonomy.foundation, Suneet Bendre <bendre.android@gmail.com>, steve.e.magennis@gmail.com
Message-ID: <CAPPN6phniMAGTsbrcBhZd+vG6Dp8wNfvDvb6O+P=+Y-W-f1EiA@mail.gmail.com>
 Jack, awesome work!

It would be great for you to add to this issue:
https://github.com/w3c/vc-data-model/issues/932 which attempts to address
“multiple issuers” in the VCDM.

Perhaps your work could make it into the spec as a reference to VC-JWT or
similar.

Gabe

On Dec 5, 2022 at 1:59:05 AM, Jack Tanner <jack@tonomy.foundation> wrote:

> We have now completed an implementation of the multi-signature and
> delegated VCs up and running using the DIF did-jwt(-vc) libraries!
>
>
> https://blog.tonomy.foundation/verifiable-credentials-with-provable-delegated-and-multi-sig-signatures-e46ca74d7d87
> The above article explains what we've done and links the various works.
>
> I'd like to add this as a discussion agenda point on tomorrow's weeks W3C
> CCG call. Eventually, we'd like to get this change approved and added to
> the upstream repos as well.
>
> As part of this, we renamed "Verifiable Conditions" to "Conditional
> Proofs" as suggested in our call, and would like to see upstream
> change approved to the W3C CCG repo
> <https://github.com/w3c-ccg/verifiable-conditions/pull/10> as well.
>
> Cheers,
> Jack
>
> On Tue, 18 Oct 2022 at 16:44, <steve.e.magennis@gmail.com> wrote:
>
>> Snorree, the scenario you describe regarding potential future dissonance
>> highlights an important consideration. VC’s are great for preserving
>> *the* *intent* of one or more parties **at a given point in time** if
>> that intent later changes then you need to think in terms of
>> revocation/re-issuance or modification of a VC. Multi-sig can potentially
>> give you a little flexibility by allowing some issuers to change their
>> intent while others do not, but I don’t think M of N is the best way to
>> deal with it.
>>
>>
>>
>> -S
>>
>>
>>
>> *From:* Snorre Lothar von Gohren Edwin <snorre@diwala.io>
>> *Sent:* Tuesday, October 18, 2022 6:52 AM
>> *To:* Jack Tanner <jack@tonomy.foundation>
>> *Cc:* Manu Sporny <msporny@digitalbazaar.com>; public-credentials@w3.org;
>> rebal@tonomy.foundation; Suneet Bendre <bendre.android@gmail.com>
>> *Subject:* Re: Multi-signature Verifiable Credentials
>>
>>
>>
>> I would love to understand what customers are asking for to translate
>> this logic into human needs.
>>
>> Because we are facing a situation where credentials have had the
>> Presidents signature on them(physically) and that was a verification
>> mechanism in this ecosystem. But in reality, adding this signature together
>> with the institute signature inside the VC, will add a potential
>> future dissonance. Because the President might have quit, and it might not
>> make sense any more. Unless you mix in timestamps and so on.
>>
>> What I have been reasoning about is the question, does this signature
>> need external auditability? Yes? Put it in the VC. No? Leave it.
>> While for most cases, the institute signature is enough, and if one ever
>> wants to dispute a credential, there is an internal audit that has to make
>> sure it was not a bad actor move or something else.
>>
>> What are your thoughts on this?
>>
>> Also why Im trying to learn what real live customers are asking for and
>> what mental model I can wrap around what we are discussing here.
>>
>> ᐧ
>>
>>
>>
>> On Mon, Oct 3, 2022 at 12:18 PM Jack Tanner <jack@tonomy.foundation>
>> wrote:
>>
>> For the cases that we are looking at
>>
>> * Using multiple proofs to perform set-based multi-signature. (we want to
>> be able to asynchronous sign the VC)
>> * Using multiple proofs to perform chain-based multi-signature.
>> * Using multiple proofs to perform multi-level/enveloped multi-signature..
>> * Using a single proof to perform set-based multi-signature. (sign a VC
>> with a number of keys at once)
>> * Using a single proof to perform chain-based multi-signature.
>> * Using a single proof to perform M of N threshold multi-signature. (we
>> are using W3C's Verifiable Condition to express this condition in the DID
>> Document)
>> * Using a single proof to perform privacy-preserving M of N  threshold
>> multi-signature.
>>
>>
>>
>> Food for thought, the implementation we just finished with JWT's is a
>> kind of chain proof in the end to make it comply to the JWT standard - we
>> nested each JWS as the payload for the next JWS inside the JWT.
>>
>>
>>
>> Proof sets for JSON-LD format is also a great approach.
>>
>>
>>
>> Cheers,
>>
>> Jack
>>
>>
>>
>> On Sat, 1 Oct 2022 at 20:52, Manu Sporny <msporny@digitalbazaar.com>
>> wrote:
>>
>> On Wed, Sep 28, 2022 at 4:08 AM Jack Tanner <jack@tonomy.foundation>
>> wrote:
>> > What should the proof look like?
>>
>> We're trying to lock this down over the next couple of weeks in the
>> VCWG. The specific sections of the Data Integrity spec (with examples)
>> are here:
>>
>>
>> https://pr-preview.s3.amazonaws.com/w3c/vc-data-integrity/pull/59.html#proof-sets
>>
>> and here:
>>
>>
>> https://pr-preview.s3.amazonaws.com/w3c/vc-data-integrity/pull/59.html#proof-chains
>>
>> > Which VC library would make the most sense for the initial
>> implementation?
>>
>> Digital Bazaar's open source vc-js library will support proof sets and
>> chains (as specified in the Data Integrity spec by the VCWG) in
>> production. There is strong customer pull for proof sets. There is not
>> strong customer pull for proof chains, but given that we have the
>> opportunity to define a global standard for doing that AND because
>> there are use cases like notarization that are important, we plan to
>> add full support for that as well.
>>
>> Regarding the concept of multi-signature, I am a bit concerned that
>> people are talking past each other as there are a number of categories
>> there and it's possible that not everyone is talking about the same
>> categories of multisig. There are at least these categories:
>>
>> * Using multiple proofs to perform set-based multi-signature.
>> * Using multiple proofs to perform chain-based multi-signature.
>> * Using multiple proofs to perform multi-level/enveloped multi-signature..
>> * Using a single proof to perform set-based multi-signature.
>> * Using a single proof to perform chain-based multi-signature.
>> * Using a single proof to perform M of N threshold multi-signature.
>> * Using a single proof to perform privacy-preserving M of N  threshold
>> multi-signature.
>>
>> So, when you say "multi-signature" -- which one of these things are
>> you talking about?
>>
>> -- manu
>>
>> --
>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>> Founder/CEO - Digital Bazaar, Inc.
>> News: Digital Bazaar Announces New Case Studies (2021)
>> https://www.digitalbazaar.com/
>>
>>
>>
>>
>> --
>>
>> _________________________________________
>>
>> Jack Tanner
>>
>> Founder and Architect | Tonomy Foundation
>>
>> p: (+31) 6 2216 5433
>>
>> w: tonomy.foundation e: jack@tonomy.foundation
>>
>> <https://twitter.com/@theblockstalk>
>> <https://www.linkedin.com/in/jack-tanner/>
>>
>>
>>
>>
>> --
>>
>> *Snorre Lothar von Gohren Edwin*
>>
>> Co-Founder & CTO, Diwala
>>
>> +47 411 611 94
>> www.diwala.io
>> <http://www.diwala.io/>
>>
>> *Stay on top of Diwala news on social media! Facebook
>> <https://www.facebook.com/diwalaorg> / LinkedIn
>> <https://www.linkedin.com/company/diwala> / Instagram
>> <https://www.instagram.com/diwala_/> / Twitter <https://twitter.com/Diwala>*
>>
>
>
> --
> _________________________________________
>
> Jack Tanner
> Founder and Architect | Tonomy Foundation
> p: (+31) 6 2216 5433
> w: tonomy.foundation e: jack@tonomy.foundation
> <https://twitter.com/@theblockstalk>
> <https://www.linkedin.com/in/jack-tanner/>
>
Received on Tuesday, 6 December 2022 20:28:54 UTC