Currently, the algorithms provided naturally have a single issuer for the underlying information we are proving statements about. However, in trying to add support for more general-purpose ZKPs (R1CS, for instance), I don't think this is general enough. In particular, here is a natural proposal for a 2-issuer proof in the context of verifiable credentials: "exists X. I have a birth certificate with social security number X, and a background check issued for citizen with social security number X". By forcing all of the information required by the verifier to be provided by a single "issued proof", we are undermining the privacy properties of the protocols which more general zero-knowledge proofs enable.
I propose we change the language in the web-proofs draft to allow for multiple "issued proofs". Because they are no longer 1-to-1 with proofs, I also propose to bikeshed the language here: Let's call them "issued facts" instead, or "provable facts".
Currently, the algorithms provided naturally have a single issuer for the underlying information we are proving statements about. However, in trying to add support for more general-purpose ZKPs (R1CS, for instance), I don't think this is general enough. In particular, here is a natural proposal for a 2-issuer proof in the context of verifiable credentials: "exists X. I have a birth certificate with social security number X, and a background check issued for citizen with social security number X". By forcing all of the information required by the verifier to be provided by a single "issued proof", we are undermining the privacy properties of the protocols which more general zero-knowledge proofs enable.
I propose we change the language in the web-proofs draft to allow for multiple "issued proofs". Because they are no longer 1-to-1 with proofs, I also propose to bikeshed the language here: Let's call them "issued facts" instead, or "provable facts".