Project: Update DIDs for secp256k1 as per BIP39

[shannona]

This would be a good group project for interns interested in internal standards and self-sovereign identity, and with different skills (writing specs, testing, coding javascript, coding C or rust, writing documentation, etc.)

Few of the emerging W3C DID (Decentralized Identifier) methods are using secp256k1 (the curve that bitcoin uses). In addition, none of that I know are actively implementing Schnorr signatures for k1, and even those in spec-only form are not making some of the choices that BIP40 made, or leverage Schnorr in sufficiently security reviewed libsecp256k1 library. Finally, no one in implementing DIDs currently are leveraging the multisig opportunities Schnorr, including musig2, FROST, adapter signatures, blinded signatures, etc.

In particular:

• Write up use cases for what secp256k1 can offer leveraging k1 multisig to DIDs and Verifiable Credentials.
• Suggest changes and test vectors for existing did:key method to support k1 and Schnorr.
• Write reference code in javascript and other languages to transorm BIP340 keys into multibase & back, and register those with next update to the IETF internet-draft.
• Update DIF (Decentralized Identity Foundation) JSON-LD SchnorrSecp256k1Signature2019https://github.com/decentralized-identity/SchnorrSecp256k1Signature2019) spec for BIP340 differences, and update test vectors.
• Update reference javascript library for JSON-LD SchnorrSecp256k1Signature2019 and investigate other implementations.
• Investigate JWT support of k1 Schnorr rather than ECDSA. Possibly submit IETF internet-draft or PR to JWT group to add k1 Schnorr.
• Work toward a CBOR-LD version of SchnorrSecp256k1Signature2019
• Create example DID objects and Verifiable Credentials leveraging SchnorrSecp256k1Signature2019
• Investigate Ristretto255 versions of the above.
• Present these at W3C CCG (Credentials Community Group) and DIF.

Related to this is beginning to be able to did:btcr 2.0 someday, see:

• List of BTCR v0 resources
• Podcast: The Granddaddy of DIDs: BTCR

Potential mentors include: @kimdhamilton @csuwildcat @jandrieu @rxgrant

[ChristopherA]

An issue with pubkeys is bitcoin uses 32 byte x-only, but multicodec uses 33-byte. Re: conversion see: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-July/020663.html

[ChristopherA]

As far as signing, the best example we have is https://github.com/decentralized-identity/SchnorrSecp256k1Signature2019 but we don't actually know if it works.