Currently, disclosed claims, represented in the CDDL by a salted_array have the same name (sd_claims) and the same key (TBD1), regardless if they are in the issued token or the presented one.
First of all, in each case they carry different semantics: they are "potentially disclosable" in the sd-cwt-issued whereas they are actually "actually disclosed" in the sd-cwt-presentation. So I think they should have at least a different name. Since we're not using JSON we do not have to abbreviate our keys so I would go for a full name.
Then, they both have structural differences. If we add Decoys as suggested in #11 , the sd_claims issued supports them whereas the presented one must not. I think it will help down the road help implementation of the spec easier by "making illegal state unrepresentable".
Currently, disclosed claims, represented in the CDDL by a
salted_arrayhave the same name (sd_claims) and the same key (TBD1), regardless if they are in the issued token or the presented one.First of all, in each case they carry different semantics: they are "potentially disclosable" in the
sd-cwt-issuedwhereas they are actually "actually disclosed" in thesd-cwt-presentation. So I think they should have at least a different name. Since we're not using JSON we do not have to abbreviate our keys so I would go for a full name.Then, they both have structural differences. If we add Decoys as suggested in #11 , the
sd_claimsissued supports them whereas the presented one must not. I think it will help down the road help implementation of the spec easier by "making illegal state unrepresentable".I think it could look like this:
What do you think ? I'll be happy to contribute to that in a PR.