wyc
commented
3 years ago Yes, I believe the verification method/credential must contain the public key for tz1, but for tz2 and tz3 you can use ecrecover because it is supported by ECDSA.
Closed clehner closed 3 years ago
wyc
commented
3 years ago Yes, I believe the verification method/credential must contain the public key for tz1, but for tz2 and tz3 you can use ecrecover because it is supported by ECDSA.
clehner
commented
3 years ago This was implemented, for tz1, in https://github.com/spruceid/ssi/pull/76 and https://github.com/spruceid/ssi/pull/92.
I put the publicKeyJwk in the proof object. publicKeyBase58 would be more compact so maybe could use that in the future (did-core allows either key representation).
These proof type and verification method type should probably be specified in their own document or in this one:
Ed25519BLAKE2BDigestSize20Base58CheckEncodedSignature2021Ed25519PublicKeyBLAKE2BDigestSize20Base58CheckEncoded2021For comparison these are the specs for the other proof/key types that DIDKit supports:
Examples of Derived
did:tzDID documents include apublicKeyBase58value. How is this derived? Since Tezos addresses are based on a hash of the public key, doesn't this mean a resolver cannot derive a Tezos DID's public key from the DID alone? A verifier needs the public key to verify a proof signed by adid:tz. Public keys could be retrieved from the blockchain/network, but I understand thatdid:tzaddresses are supposed to able to work offine, also before any rotations. To enable verification for the offline use case, I think a VC/VP issuer will need to include their public key in the proof and/or credential/presentation. Typically a proof references its public key for verification using theverificationMethodproperty with a URL or DID URL. Possibly we could add a query string or path to the DID, and use that for theverificationMethod. Then the resolver could use the query string or path to reconstruct the public key in the DID document.