Specify structure of private fields in RFQ

[diehuxx]

History

Previously, we considered the concept of a top-level private property in RFQ, which would contain the private data specified by the Offering, where corresponding Rfq.data would be hashed. This has proved to be complicated in design and implementation.

We opened a PR #232 with a proposal, however @decentralgabe pointed out that 1) we should discuss in an Issue before opening a PR, and 2) the proposal partially implements SD-JWT and we might be better off just using SD-JWT.

[diehuxx]

@mistermoe @decentralgabe and I chatted offline. Looks like we can settle on the following design. PII fields (claims, payin.paymentDetails, and payout.paymentDetails) are not signed over and their salted hashes are signed over. So I'll update #232 to specify salted hashes.

[jiyoontbd]

just want to clarify - is this work slated for 1.0?

[diehuxx]

Hi @jiyoontbd -- good question, yes it is. I just added labels/milestones to this issue to denote that it's part of 1.0. Since we're coming up on the deadline, this ticket is my main priority this week. I'm planning to open PRs for the spec and JS SDK today.