Open conanoc opened 7 months ago
swcurran
commented
7 months ago This requires a fix to the Indy SDK. The change in the format in the presentation is necessary.
It might be possible to code around the issue in the Indy SDK if anyone is interested in taking that path.
The (strong) recommendation is to upgrade from the Indy SDK to use the shared components.
TimoGlastra
commented
7 months ago Why would this require a change in the indy-sdk? was the change in anoncreds-cl-signatures made because of a security concern?
Because it would mean all deployments now using Indy SDK will be broken and this has quite some implications for adopting AnonCreds RS v0.2 over v0.1 as you don't always control the verifier (the important part here it seems)
swcurran
commented
7 months ago This was made because of a vulnerability. We let Aries maintainers know some time ago about it, and will be publishing the vulnerability information soon.
version: anoncreds-rs v0.2.0-dev.4
Non revocation proof created by anoncreds-rs fails to be parsed by Indy-SDK. This is due to anoncreds-clsignatures-rs, and I filed an issue there: https://github.com/hyperledger/anoncreds-clsignatures-rs/issues/37