search

hyperledger / anoncreds-rs

anoncreds-rs
https://wiki.hyperledger.org/display/anoncreds
Apache License 2.0
73 stars 51 forks source link

W3C CredentialSubjectId property not set correctly #308

Closed auer-martin closed 5 months ago

auer-martin commented 5 months ago

In the current implementation of the W3C credentials, there is a issue with the credential subject id property.
When converting a credential from JSON to a W3cCredential, the subject id property of the credential is not set correctly.
When the credential is processed, we get the following error: " Invalid state: Credential attribute 'id' value not provided".

    const _credential = W3cCredential.create({
      credentialDefinition,
      credentialDefinitionPrivate,
      credentialOffer,
      credentialRequest,
      attributeRawValues: { id: 'http://example.com', name: 'Alex', height: '175', age: '28', sex: 'male' },
      revocationConfiguration: new CredentialRevocationConfig({
        registryDefinition: revocationRegistryDefinition,
        registryDefinitionPrivate: revocationRegistryDefinitionPrivate,
        statusList: revocationStatusList,
        registryIndex: 9
      })
    })

    const tmp = _credential.toJson()
    const credential = W3cCredential.fromJson(tmp)

    // " Invalid state: Credential attribute 'id' value not provided".
    const credentialReceived = credential.process({
      credentialDefinition,
      credentialRequestMetadata,
      linkSecret,
      revocationRegistryDefinition
    })

@Artemkaaas can you take a look at this?

Artemkaaas commented 5 months ago

I suppose that id property here attributeRawValues: { id: 'http://example.com' ... } is not part of credential definition. attributeRawValues must match to credential definition. This is why you are getting the error.

Adding such non-anoncreds properties should be handled outside anoncreds library as @TimoGlastra mentioned here: https://github.com/hyperledger/anoncreds-rs/pull/273#discussion_r1422071313

TimoGlastra commented 5 months ago

@Artemkaaas I think there is still logic in place that strips out the id. I think we should remove all special handling for the id property.

If you look at the credential subject, it separates the id from the other attributes, and then only the attributes are used in the actual credenital.: https://github.com/hyperledger/anoncreds-rs/blob/8c7a83a563cb318ba169d3515988b30fc031d85d/src/data_types/w3c/credential.rs#L51