Some suites would work with multiple verification method types.
Examples:
EcdsaSecp256k1RecoverySignature2020 should be verifiable using EcdsaSecp256k1VerificationKey2019 as well as EcdsaSecp256k1RecoveryMethod2020 since the Secp256k1 public key can also be expressed as the recovery method (blockchainAccountId).
Ed25519Signature2020 should be verifiable with Ed25519VerificationKey2020 as well as Ed25519VerificationKey2018 since the raw public key material is essentially the same.
Almost all signature suites should at least attempt to verify against JsonWebKey2020 or Multikey verification methods as long as the public key types match the signature algorithms.
Bug severity 4
Describe the bug
Some suites would work with multiple verification method types. Examples:
EcdsaSecp256k1RecoverySignature2020should be verifiable usingEcdsaSecp256k1VerificationKey2019as well asEcdsaSecp256k1RecoveryMethod2020since the Secp256k1 public key can also be expressed as the recovery method (blockchainAccountId).Ed25519Signature2020should be verifiable withEd25519VerificationKey2020as well asEd25519VerificationKey2018since the raw public key material is essentially the same.JsonWebKey2020orMultikeyverification methods as long as the public key types match the signature algorithms.Additional context https://github.com/decentralized-identity/veramo/blob/7896ceaf2c79993eee44e46950814bea74bfe647/packages/credential-ld/src/ld-suite-loader.ts#L10
Versions (please complete the following information):