martinsaporiti
commented
4 months ago hi, the random number is assigned if the nonce is not specified when a claim is created. There is a parameter to do it: link. Same rev nonce could be a problem in some contexts because all the claims with that nonce will be revoked.
regarding your question: "Is it possible that the same revocationNonce may appear between different claims issued by the issuer to holders, as well as between these claims and the issuer's own authClaim?" yes it's possible but unlikely. btw authClaim rev nonce is 0.
yushihang
The following code show that, the revocation nonce of the issuer's authClaim and claims/credentials issued to holders uses random numbers.
https://github.com/0xPolygonID/issuer-node/blob/7e0c6612a5b29cf48b1732ac5f5a89f12085e692/internal/core/services/identity.go#L1127
https://github.com/0xPolygonID/issuer-node/blob/7e0c6612a5b29cf48b1732ac5f5a89f12085e692/internal/core/services/claims.go#L132
The random algorithm used by both is the same. https://github.com/0xPolygonID/issuer-node/blob/7e0c6612a5b29cf48b1732ac5f5a89f12085e692/pkg/rand/rand.go#L8-L14 https://github.com/0xPolygonID/issuer-node/blob/7e0c6612a5b29cf48b1732ac5f5a89f12085e692/internal/common/util.go#L84-L91
Is it possible that the same revocationNonce may appear between different claims issued by the issuer to holders, as well as between these claims and the issuer's own authClaim?
Will this cause problems with the revocation of these claims? For example, when revoking one of them, will it mistakenly cause the other claim(with same revNonce) to be considered as revoked?