Re: Breakthrough: Parallel Signatures - NIST, ECDSA-SD, and BBS

This is great to see! There is a similar idea behind the ongoing anoncreds
in w3c work from BC Gov, very interesting to see this pattern making its
way in the community.

I would be interested to start discussing how the vc-api can be leveraged
to issue such credentials.

On Tue, Jan 30, 2024 at 3:24 AM Daniel Hardman <daniel.hardman@gmail.com>
wrote:

> Congratulations and thank you for this important milestone, Manu and crew.
>
> On Mon, Jan 29, 2024 at 2:03 PM Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
>> Hi Credentials CG (bcc: W3C VCWG),
>>
>> We're excited to announce that a big milestone, that our community has
>> been striving towards for years, has been achieved. This is a
>> historical first; to our knowledge, it's never been accomplished
>> before.
>>
>> We now have the first public technical demonstration of cryptographic
>> layering[1] (aka parallel signatures) on a Verifiable Credential that
>> uses government approved cryptographic algorithms (FIPS-140) for full
>> and selective disclosure of a VC, as well as unlinkable signatures
>> using BBS, to achieve advanced privacy protections.
>>
>> What this means is that a single Verifiable Credential can be issued
>> that meets all government requirements when it comes to cryptographic
>> algorithms as well as one that addresses privacy concerns highlighted
>> by civil society and existing government privacy regulations.
>>
>> The work implements the latest W3C Data Integrity specifications that
>> are in the Candidate Recommendation phase in the W3C Verifiable
>> Credentials Working Group.
>>
>> We have deployed this infrastructure to the Verifiable Credentials
>> Playground, so anyone reading this message has the ability to try this
>> out for themselves. If you'd like to do so, here are the steps:
>>
>> 1. Go to https://demo.vereswallet.dev/ and sign up for a free digital
>> wallet.
>> 2. Go to https://vcplayground.org/ and click on the "Issuer Demo".
>> 3. Select the Gear icon at the top-right.
>> 4. Select "@digitalbazaar/vc - ECDSA+Ed25519+BBS (did:web)" as the
>> backend issuer service.
>> 5. Select the "Permanent Resident" VC.
>> 6. Click "Issue Verifiable Credential".
>> 7. Click "Skip DID Authentication" (optional, you can do this if you
>> want).
>> 8. Click "Store in wallet" and follow the prompts to save the
>> credential in the wallet.
>>
>> You now have a VC that is secured using 5 different cryptographic
>> suites in parallel, each having different capabilities. We're going to
>> focus on unlinkable signatures via BBS for the demo today.
>>
>> To present a BBS-secured VC:
>>
>> 1. Go to https://vcplayground.org/ and click on the "Verifier Demo".
>> 2. Select "Permanent Resident (Country Only)" as the credential to
>> request.
>> 3. Click "Request Verifiable Credential".
>> 4. Follow the prompts to share your VC with the Verifier Demo website.
>> 5. You should see the VC that was shared, with a BBS signature on the
>> VC and ONLY type information, country of birth, and validity period
>> are shared (specifically, all of the other claims in the VC will be
>> hidden from the verifier).
>>
>> As with any technology demo, there are some rough edges that need to
>> be sanded down (such as not including a counter-signature from the
>> holder, adding confidenceMethod, etc.). We'll follow this email up
>> with a technical explanation of what is possible today, and what we
>> think the community could focus on next. We'll be advancing these
>> initiatives over the next couple of weeks and months with others in
>> the ecosystem that we've been collaborating with on this release.
>> Exciting things to come.
>>
>> We just wanted to share the good news to start.
>>
>> -- manu
>>
>> --
>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>> Founder/CEO - Digital Bazaar, Inc.
>> https://www.digitalbazaar.com/
>>
>>