Re: [EXT] Work item suggestion: VC-ACDC

Gen supports this new work item. The chaining capabilities of ACDCs are badly needed by certain classes of credential use cases, for example the organizational identity use cases that are the focus of GLEIF. Given that GLEIF’s LEI and vLEI (verifiable LEI) infrastructure is backed by a Regulatory Oversight Committee<https://www.leiroc.org/index.htm> consisting of 65 of the world’s financial regulatory authorities, the addition of ACDC support would be an excellent addition the W3C Verifiable Credentials 2.0 family.

=Drummond

From: Kevin Griffin <Kevin.Griffin@Gleif.org>
Date: Friday, March 3, 2023 at 10:39 AM
To: public-vc-wg@w3c.org <public-vc-wg@w3c.org>
Subject: [EXT] Work item suggestion: VC-ACDC

Hey VCWG folks,

Quick thanks (again) for the guest status in Miami, I will in future be voting for “The Pirate“ as Mayor of Miami.

Thank you chairs for giving me two minutes on the last call to introduce the prospect of a new work item.

Advance apologies if this is too much information, I know GLEIF is new to the working group so I wanted to provide some additional background.

I’d like to propose/discuss the addition of VC-ACDC (https://weboftrust.github.io/vc-acdc) to the working group. It expands on the normative description of external proofs under Section 4.7 Proofs (Signatures) alongside the embedded proof format described in VC-DATA-INTEGRITY. Currently the section on external proofs refers to the VC-JWT specification and it was used to help model VC-ACDC.

Why include an additional external proof format?

JWT discussions usually revolve around two fronts, Authorization, and Information Exchange but I think it is fair to say their application is as broad (and valuable) as the Internet is wide with many use cases and implementations.

ACDCs are not designed to compete in the same spaces that JWTs do. Rather they offer a simple yet secure method of verifiable proofs when combined with CESR for a given payload. The VC-ACDC specification details the unidirectional transformation to the VCDM base media type, and will include an informative section for bi-directional transformations, with given security caveats.

Why not just use JWTs?

A tl;dr history.
GLEIF (a non-profit) is in a unique position within the European Union being mandated to bring transparency to the financial sector. Any digital solution involving traditional DLTs would have potentially meant endorsing one blockchain for all EU financial transactions.

We opted to invest in and build out Key Event Receipt Infrastructure (KERI) and subsequent technologies (ACDC, CESR) as an alternative.

ACDCs satisfy a requirement for GLEIF that vLEIs maintain a proof-of-authorship (authenticity) of their contained data via a tree or chain of linked ACDCs (technically a directed acyclic graph (DAG)).

JSON-LD is closely associated with the VCDM (base media type credential+ld+json) and with the inclusion of VC-DATA-INTEGRITY as an embedded proof format in the specification subsequently, albeit indirectly, supports RDF/JSON-LD as a preferred connected data approach.

Inclusion of VC-ACDC results in the VCDM fostering two approaches (LPG and RDF), to connected data and we think that speaks directly to the reach and intent of the W3C.

ACDCs are a special type of container that directly normatively provides provable provenance of its payload via chaining in the form of a labeled property graph. Nested JWTs can provide a form of provenance or chaining but the semantics are non-normative. This normative provenance of a payload via a container is one of the unique properties of ACDCs.

The provenance can be used to provide a chain-of-custody of the information payload, or a chain-of-authority for an entitlement that is the type of payload, or a chain-of-authority for an authoritative attestation that is the payload.

The work is primarily authored by myself, Philip Feairheller also from GLEIF and Dr Samuel Smith (invited expert).

My request would be (if this is the appropriate point in the process), to identify other members of this WG that would support the addition of VC-ACDC as an external proof alongside VC-JWT and help deliver the specification.
Kind regards,
Kevin Griffin
Software Developer
kevin.griffin@gleif.org <mailto:kevin.griffin@gleif.org >
+1 551 223-4337 <tel:+15512234337>
GLEIF, 2500 Plaza 5, 25th Floor, Harborside Financial Center, Jersey City, NJ, 07311
[GLEIF || Enabling global identity | Protecting digital trust]<https://gleif.org/>
GLEIF Americas a NJ Nonprofit Corporation
2500 Plaza 5, 25th Floor, Harborside Financial Center, Jersey City, NJ, 07311
Chairman of the Board: Stephan Wolf
Managing Director: Karla McKenna
NJ State Registration No.: 0450486330
LEI: 2549000PPU84GM83MG36
gleif.org <https://gleif.org>
[youtube]<https://www.youtube.com/channel/UCP2xdWOFG7dWNaFIBKyejhg>
[twitter]<https://twitter.com/GLEIF>
[linkedin]<https://www.linkedin.com/company/global-legal-entity-identifier-foundation-gleif-?trk=biz-companies-cym>
[Blog]<https://www.gleif.org/en/newsroom/blog>
[Newsletters]<https://www.gleif.org/en/newsroom/gleif-and-lei-news/subscribe-to-gleif-newsletter>


This message may contain confidential and/or privileged information. If you are not the intended recipient or if you have received this message in error, please
notify the sender and delete this message. Any unauthorized copying, disclosure or distribution of this message is strictly forbidden.