Should `id` be included in AnonCreds W3C credential, or is it 'valid' to only include it in the W3C credential

hyperledger / anoncreds-rs

anoncreds-rs

https://wiki.hyperledger.org/display/anoncreds

Apache License 2.0

73 stars 51 forks source link

Should `id` be included in AnonCreds W3C credential, or is it 'valid' to only include it in the W3C credential #293

Closed TimoGlastra closed 6 months ago

TimoGlastra commented 7 months ago

When creating a W3C credential with both an anoncreds and eddsa signature, should we add the id property to the AnonCreds schema and cred def, or can we issue the anoncreds cred without the id property, and only include it in the signature of the eddsa signature?

cc @swcurran @Artemkaaas @gvelez17 @2mau

swcurran commented 7 months ago

We can only use W3C VCs with AnonCreds that adhere to AnonCreds limitations — no complex structures, no arrays. As such, I think this should also align to that. My suggestion:

to have eddsa holder binding the AnonCreds schema MUST have an id field in it.
if not — the eddsa signing amounts to a bearer/unbound token.

Is that a reasonable way to go?

I think that adding an id to AnonCreds "under the covers" is problematic.

TimoGlastra commented 6 months ago

Updated in test vectors