- From: Amir Hameed <amsaalegal@gmail.com>
- Date: Fri, 6 Feb 2026 22:32:32 +0530
- To: Will Abramson <will@legreq.com>
- Cc: W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <CANGYBswz9FMvusXgb_dnmHO+ewBsZtr0k9X=fRQqkg0DPc=QWw@mail.gmail.com>
Hi Will, Thank you for your message and for sharing the link to the CCG Data Integrity cryptosuite work item — very helpful! I appreciate the opportunity to provide feedback, and I’ll review the existing spec based on our implementation experience. Regarding the DID method dilithium that you noticed in the screenshots — that was just a placeholder/example. We can easily use other keywords or DID methods in its place. The main goal right now was to get the end-to-end implementation working, and the placeholder allowed us to test the flow without being tied to a specific DID method. I’m happy to discuss further or provide any feedback that might help with adoption in the VCWG scope. Best regards, Amir On Fri, 6 Feb 2026 at 10:24 PM, Will Abramson <will@legreq.com> wrote: > Hi Amir, > > Great that you are interested in quantum safe cryptography for securing > VCs! > > The CCG has a work item that defines a Data Integrity cryptosuite for a > bunch of different quantum safe algorithms - > http://w3c-ccg.github.io/di-quantum-safe/. > > Including one ML-DSA - which I believe is the same as the > crystals-dilithium one you mention. > > It would be great to get your feedback on the existing spec based on your > implementation experience. > > I know the VCWG would love to adopt this as part of their charter scope, > but were struggling to find people willing to be editors for the spec. > > The other thing I noticed from your screenshots is you seem to be using a > DID method called `dilithium`. > I am wondering what the reason for this is? Is this just a > placeholder/example or is this a DID method you are working on? > > Best, > Will > > On Fri, Feb 6, 2026 at 4:22 PM Amir Hameed <amsaalegal@gmail.com> wrote: > >> Dear Harrison, >> >> Thank you for your kind words — I really appreciate it. I’ll be reaching >> out soon to discuss the PQC + VC/DID implementation in more detail and >> explore next steps. >> >> Best regards, >> Amir Hameed Mir >> Principal Investigator, >> Sirraya Labs >> >> >> On Fri, 6 Feb 2026 at 9:23 PM, Harrison <harrison@spokeo.com> wrote: >> >>> Cool, nice work! >>> >>> Sincerely, >>> >>> *Harrison Tang* >>> COO >>> LinkedIn <https://www.linkedin.com/company/spokeo/> • Instagram >>> <https://www.instagram.com/spokeo/> • Youtube <https://bit.ly/2oh8YPv> >>> >>> >>> On Fri, Feb 6, 2026 at 6:11 AM Amir Hameed <amsaalegal@gmail.com> wrote: >>> >>>> Hello CCG, >>>> >>>> I wanted to share a successful implementation of a Post-Quantum >>>> Cryptography (PQC) stack within the W3C VC/DID framework. >>>> >>>> Attached are screenshots demonstrating a full lifecycle using >>>> *CRYSTALS-Dilithium5* (Dilithium5VerificationKey2023): >>>> >>>> 1. >>>> >>>> *holder_did.json*: A DID Document utilizing a Dilithium5 public key. >>>> 2. >>>> >>>> *verifiable_credential.json*: A university degree credential issued >>>> and signed with Dilithium5. >>>> 3. >>>> >>>> *verifiable_presentation.json*: A complete presentation where the >>>> holder-binding is also secured via Dilithium. >>>> >>>> Given the NIST standardization of Dilithium, I believe this >>>> demonstrates the readiness of PQC suites for production-grade Decentralized >>>> Identity. >>>> >>>> Looking forward to any feedback or discussion on further standardizing >>>> these PQC-based verification methods. >>>> >>>> Best, >>>> >>>> Amir Hameed Mir >>>> >>>> Principal Investigator , Sirraya Labs >>>> >>>
Received on Friday, 6 February 2026 17:02:49 UTC