bc-pi
commented
1 year ago FWIW I noticed the stray _sd_alg in the verified payload content while looking at https://github.com/w3c/vc-jwt/pull/114 and trying to figure out what it was trying to accomplish but (at the time of looking) the only SD-JWT thing in that PR was _sd_alg.
Verification and Processing say to remove the
_sd_algclaim but the the verified_contents.json files, typically qualified with "After the validation, the Verifier will have the following data for further processing", have the claim in them._sd_algprobably should not be included in the verified data provided to the application.