search

hyperledger-archives / aries-framework-dotnet

Aries Framework .NET for building multiplatform SSI services
https://wiki.hyperledger.org/display/aries
Apache License 2.0
84 stars 74 forks source link

A proof request which was presented using a revoked credential passes the validation when call VerifyProofAsync #206

Open vasile135 opened 2 years ago

vasile135 commented 2 years ago

The proof request is seen as valid, even if the used credential was revoked and the proof request contains the NonRevoked parameter

To Reproduce Steps to reproduce the behavior:

  1. Issued a document as an issuer agent;
  2. Accepted the credential as holder;
  3. Successfully revoked the credential as issuer;
  4. As holder agent, queried the revocation status of the credential (IsRevokedAsync). The response is "true". The credential status changed to "Revoked";

  5. Sent a proof request as a verifier:

    "name":"Test Verification",
"version":"1.0",
"nonce":"483754409945318649274168",
"requested_attributes":{
  "test-verification":{
     "names":[
        "FirstName"
     ]
  }
},
"requested_predicates":{

},
"non_revoked":{
  "from":0,
  "to":1637675098
}
}
  6. Used the revoked credential to create a presentation as a holder.
  7. Queried the proof validity as the verifier by calling 
    await proofService.VerifyProofAsync(context, proofRecord.RequestJson, proofRecord.ProofJson)

    The response is "true" which means that the proof is seen as valid.

Expected behavior Expected VerifyProofAsync to return "false".

Desktop (please complete the following information):

Please help, as I perform the same steps as in Revocation Unit tests, but in my case, the proof still passes the validation. Also, the VerifyProofAsync is also called inside the IsRevoked, but in this case, the response is "false" as expected.