search

decentralized-identity / bbs-signature

The BBS Signature Scheme
https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html
Apache License 2.0
79 stars 26 forks source link

feat: parameterize proof generation and verification #281

Closed BasileiosKal closed 1 year ago

BasileiosKal commented 1 year ago

Divide ProofGen and ProofVerify to the Initialization, Challenge Calculation and Finalization phases.

This is done by introducing 3 operations; ProofInit, ProofFinalize and ProofVerifyInit, that handle the computations that were previously part of ProofGen and ProofVerify.

This is to allow for extensions of BBS, like predicate proofs, combining 2 BBS proofs, combining BBS proofs with other Pedersen-style commitments and much more, without requiring them to re-define the entire operations from scratch.

Advantages: Not a breaking change. Disadvantages: More operations/ larger document.

andrewwhitehead commented 1 year ago

I think this is a useful set of changes, and that is how implementations have been written previously in order to allow for proof combinations. The additional complexity, especially with separating out the core operations does me a little nervous about getting the draft adopted though.

BasileiosKal commented 1 year ago

Discussed on the WG call at 25th of Sep. Merging.