- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 29 Jan 2024 08:00:00 -0500
- To: W3C Credentials CG <public-credentials@w3.org>
Hi Credentials CG (bcc: W3C VCWG), We're excited to announce that a big milestone, that our community has been striving towards for years, has been achieved. This is a historical first; to our knowledge, it's never been accomplished before. We now have the first public technical demonstration of cryptographic layering[1] (aka parallel signatures) on a Verifiable Credential that uses government approved cryptographic algorithms (FIPS-140) for full and selective disclosure of a VC, as well as unlinkable signatures using BBS, to achieve advanced privacy protections. What this means is that a single Verifiable Credential can be issued that meets all government requirements when it comes to cryptographic algorithms as well as one that addresses privacy concerns highlighted by civil society and existing government privacy regulations. The work implements the latest W3C Data Integrity specifications that are in the Candidate Recommendation phase in the W3C Verifiable Credentials Working Group. We have deployed this infrastructure to the Verifiable Credentials Playground, so anyone reading this message has the ability to try this out for themselves. If you'd like to do so, here are the steps: 1. Go to https://demo.vereswallet.dev/ and sign up for a free digital wallet. 2. Go to https://vcplayground.org/ and click on the "Issuer Demo". 3. Select the Gear icon at the top-right. 4. Select "@digitalbazaar/vc - ECDSA+Ed25519+BBS (did:web)" as the backend issuer service. 5. Select the "Permanent Resident" VC. 6. Click "Issue Verifiable Credential". 7. Click "Skip DID Authentication" (optional, you can do this if you want). 8. Click "Store in wallet" and follow the prompts to save the credential in the wallet. You now have a VC that is secured using 5 different cryptographic suites in parallel, each having different capabilities. We're going to focus on unlinkable signatures via BBS for the demo today. To present a BBS-secured VC: 1. Go to https://vcplayground.org/ and click on the "Verifier Demo". 2. Select "Permanent Resident (Country Only)" as the credential to request. 3. Click "Request Verifiable Credential". 4. Follow the prompts to share your VC with the Verifier Demo website. 5. You should see the VC that was shared, with a BBS signature on the VC and ONLY type information, country of birth, and validity period are shared (specifically, all of the other claims in the VC will be hidden from the verifier). As with any technology demo, there are some rough edges that need to be sanded down (such as not including a counter-signature from the holder, adding confidenceMethod, etc.). We'll follow this email up with a technical explanation of what is possible today, and what we think the community could focus on next. We'll be advancing these initiatives over the next couple of weeks and months with others in the ecosystem that we've been collaborating with on this release. Exciting things to come. We just wanted to share the good news to start. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Monday, 29 January 2024 13:01:12 UTC