Re: [PROPOSED WORK ITEM] Cryptographic Event Log from Leonard Rosenthol on 2025-07-13 (public-credentials@w3.org from July 2025)

From: Leonard Rosenthol <lrosenth@adobe.com>
Date: Sun, 13 Jul 2025 18:16:12 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials CG <public-credentials@w3.org>
Message-ID: <DS0PR02MB9150D45415D893831FCEDF24CD55A@DS0PR02MB9150.namprd02.prod.outlook.com>
>Today, there is no standardized data structure for a cryptographic event log.
>
While we refer to it as a content provenance system, I would strongly argue that the Content Credentials technology from C2PA (https://c2pa.org<https://c2pa.org/>) serves the purpose you describe :
express changes to data over time and the means for a verifier tocryptographically verify those changes.’

Perhaps, before creating a new specification, evaluation of this (and possibly other solutions in use today) would be the right approach.

Leonard

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Sunday, July 13, 2025 at 10:17 AM
To: W3C Credentials CG <public-credentials@w3.org>
Subject: [PROPOSED WORK ITEM] Cryptographic Event Log
EXTERNAL: Use caution when clicking on links or opening attachments.


This is a proposal for a new CCG work item; the cryptographic event log.

The Cryptographic Event Log specification defines a data model for an
author to express changes to data, such as a DID Document, over time
and the means for a verifier to cryptographically verify those
changes. This data model helps you create decentralized,
mini-blockchains for data without the need for a big/expensive
consensus network. It is a useful technology tool for building DID
Methods, social media feeds, content provenance logs, and other data
objects that change over time, and where you need to be able to prove
when and how they changed over time.

## Link to Draft

https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdigitalbazaar.github.io%2Fcel-spec%2F&data=05%7C02%7Clrosenth%40adobe.com%7Cad0a3c3d1576491d83ab08ddc2180de3%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C638880130748257787%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Axbnt6wRjJ%2FVESdtjhcmxANFdy91Zt6bKRlgHWDP71w%3D&reserved=0<https://digitalbazaar.github.io/cel-spec/>

## Owners

Manu Sporny (@msporny), Markus Sabadello (@peacekeeper)

## Work Item Questions

> Please note if this work item supports the Silicon Valley Innovation program or another government or private sector project.

It is meant to support the "decentralized DID Method" class of DID
Methods, as an input document, in the upcoming DID Methods WG Charter
at W3C. It would be better for it to serve as an input document by
being a CCG work item.

> 1. Explain what you are trying to do using no jargon or acronyms.

We are trying to define the most minimal data model for an author to
express changes to data over time and the means for a verifier to
cryptographically verify those changes. You can think of it as a
mini-blockchain data structure that is useful for things like DID
Documents, Social Media conversations, and changes to creative works
(books, photos, videos) over time.

> 2. How is it done today, and what are the limits of the current practice?

Today, there is no standardized data structure for a cryptographic
event log. Instead, entire systems are usually developed (Bitcoin,
Ethereum, etc.) and then standardization is attempted on them (with
limited success). The limitations of the current practice is that
these systems become an "all or nothing" endeavor -- either you trust
the network, and it's data, or you don't -- either you store all
objects/references in this network, or you don't. Cryptographic event
logs today are often tightly coupled to their consensus networks.

> 3. What is new in your approach and why do you think it will be successful?

By separating the cryptographic event log data structure from the
cryptographic proof or consensus network, you can have data that is
protected through diverse proof systems or consensus networks where
one can distrust some of the proof systems/networks while trusting
alternate sets. Ultimately, people can philosophically agree to
disagree on all but one of the proof systems in the cryptographic
event log and still trust that the log is legitimate. Buying into the
changes on a piece of data is no longer and all-or-nothing decision.

> 4. How are you involving participants from multiple skill sets and global locations in this work item? (Skill sets: technical, design, product, marketing, anthropological, and UX. Global locations: the Americas, APAC, Europe, Middle East.)

The work is highly technical and so input from product, marketing,
anthropological, and UX doesn't make sense at this moment as those are
more focused at the application layer (in a specification that would
use this specification). We are performing the work in the CCG, which
is global and diverse in perspective, including people from around the
world, multiple decentralized projects, and multiple philosophical
positions.

> 5. What actions are you taking to make this work item accessible to a non-technical audience?

We are attempting to include examples in the specification that show
how the technology would work for DIDs, social media messages, and
other things of that nature. We are also using AI to try to convey the
concepts in the specification to a more general audience through the
mapping of technical concepts to general concepts that are more
familiar to people such as using social media, or figuring out if they
should trust if a set of historical events happened in the order that
they are being presented.

If you would like to support this work, please express your support in
this email thread, or go to the following location and provide your
support via a comment on this Github issue:

https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c-ccg%2Fcommunity%2Fissues%2F252&data=05%7C02%7Clrosenth%40adobe.com%7Cad0a3c3d1576491d83ab08ddc2180de3%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C638880130748275575%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=%2FYtRtipUrxOfi8dSGIxOMeSFOBp7xrWnLYmnQdHo4Ow%3D&reserved=0<https://github.com/w3c-ccg/community/issues/252>

-- manu

--
Manu Sporny - https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fmanusporny%2F&data=05%7C02%7Clrosenth%40adobe.com%7Cad0a3c3d1576491d83ab08ddc2180de3%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C638880130748893279%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=xht4OekM6hpFjY38deTVbdLBosBsCqLSFx35clZCCyM%3D&reserved=0<https://www.linkedin.com/in/manusporny/>
Founder/CEO - Digital Bazaar, Inc.
https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.digitalbazaar.com%2F&data=05%7C02%7Clrosenth%40adobe.com%7Cad0a3c3d1576491d83ab08ddc2180de3%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C638880130748904450%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=%2Bl2cq%2FuKDa8JSzbASkMfeIi5NaffhIXp3pMEkidlmLw%3D&reserved=0<https://www.digitalbazaar.com/>
Received on Sunday, 13 July 2025 18:16:19 UTC