search

w3c-ccg / Merkle-Disclosure-2021

Allow systems to share some information that some original system approved without sharing all information that the original system approved.
https://w3c-ccg.github.io/Merkle-Disclosure-2021/jwp/
Other
1 stars 0 forks source link

Re: [PROPOSED WORK ITEM] Merkle Disclosure Proof 2021 #209 #1

Open anotherlevel99 opened 2 years ago

anotherlevel99 commented 2 years ago

Hi,

I was following your post W3C's github discussion and read with interest the technical methods for Merkle Disclosure Proof.

In a related merkle disclosure project we had used Open attestation's with Merkle Disclosure proof based on user credentials. More write up of the method here: https://github.com/Open-Attestation/adr/blob/master/signature-proof-spec/spec.md

Wonder if it will be of value to the W3C community to also integrate the methods in the work item?

Thanks

OR13 commented 2 years ago

@anotherlevel99 Thanks for linking!

I will review and try and propose next steps.

OR13 commented 2 years ago

@anotherlevel99 The work looks very related / nearly identical in some cases, for example:

"proof": {
    "type": "OpenAttestationMerkleProofSignature2018",
    "proofPurpose": "assertionMethod",
    "targetHash": "d9336a9ca1ecbc3cd9c7a4245bda9d4994c86cd056a436ef120481eb14a3d101",
    "proofs": [
      "8b315ff6e14f40022b073d32aff47022d43e3f296b98de0055bd031709c3284b"
    ],
    "merkleRoot": "4f6339d030193e96c724b5f9520c716306ccb675ade5fa2d60ec1a8691687492",
    "salts": "W3sidmFsdWUiOiJjMzc2YzE2N2E2Yzk4MGMyMDcyZGFjNDZjY2RjZGZhNWUyMTc5YWVkYTM4ZmM0OWY0MTRiMTNjNGQyMzU3Mzk5IiwicGF0aCI6InZlcnNpb24ifSx7InZhbHVlIjoiYmY2NDUyOWJlMDQ4YjY1ZDVmMGNlY2ZmOTQwOWFjZjk4MmYwMjRmNTcxMjk1ZThmODc2NTdlZGUzZDAzMzlkZCIsInBhdGgiOiJAY29udGV4dFswXSJ9LHsidmFsdWUiOiI4OTAzZTFkYWM0YmMwZjI5MDYzNTk1Y2ZmODFmYjQ5NGVjZGVkYjllNmZmYjAxZTAzYTA2ZThiYWU0ZTc1NzlkIiwicGF0aCI6IkBjb250ZXh0WzFdIn0seyJ2YWx1ZSI6ImQ2YTMwMzIxNWIxNmRmMDA1MzI1OThmNDRkMTExN2QxNjJkMTY4NTMxYzE2OTdlMjU5ZTgxYjRhMWM0OThmMzMiLCJwYXRoIjoiQGNvbnRleHRbMl0ifSx7InZhbHVlIjoiM2Q4ZmFjYTkzMWE3ZTZjYTk2MjRmZjEyYzY2MDAxOWU5OGFjM2E2ZDU0ZmNjZmNhZGUxOTc2OGNiMjdlMTlmNyIsInBhdGgiOiJpZCJ9LHsidmFsdWUiOiJmZjk1ZTQ1NDIzYTRiYjhhNGEyMjg0MTRiMmJlMWMzNWQyYjdjNGFjODRkZGQwZWYzY2FkMDNmNjU3ZWEwODY1IiwicGF0aCI6InR5cGVbMF0ifSx7InZhbHVlIjoiNTEzYTdjMjY0N2ZkZmQ4M2VjNzc5ZjNkYzgyZGI3OWNmM2IyZjkyMzQ1NTQxZWE1OTQ5YThkYTRkMGJlODliOSIsInBhdGgiOiJ0eXBlWzFdIn0seyJ2YWx1ZSI6IjY2ZDgxM2UyMTAwMDU2MGI5NmZmZGMyNGU0MzJjNzRlM2RhNzYwNzY2ZGE2NjVjZWIzMmUyNjA1NjQ4NTRlNmIiLCJwYXRoIjoidHlwZVsyXSJ9LHsidmFsdWUiOiJiYTA1ZmM4OTIzMGI2NjExODhhMDczYTkyNWY2NjY0YTM3OTU1ZjdhNGZjYzA0YjQ1NjZlZGI0YjI1NThiYmFmIiwicGF0aCI6Imlzc3VlciJ9LHsidmFsdWUiOiI1ZTY2MTI0ZDBjNDk1ZWVlZDMyMzVhYmRmMGVkZDEwNmQ3NjQxN2M1ZjljZGRhMzA1MDM4ZDY5YTkzODc1ODRkIiwicGF0aCI6Imlzc3VhbmNlRGF0ZSJ9LHsidmFsdWUiOiJmNDMzMzE4YWU5YTZlZWY2OTc5NmIwZjhlZDRmMTYxYzk0YTM5MzJkN2M0MzEyNmMzZGVmYzNjN2Q0MDYyYzhlIiwicGF0aCI6ImNyZWRlbnRpYWxTdWJqZWN0LmlkIn0seyJ2YWx1ZSI6IjUzYjQwZjc4MjM3OTgzY2QyODg1N2NiMGYzN2EyZDg0YWQ1MzRjMjU5MTMwY2U2YzU0MTQ2ZDc2MTQ3MDhlYWMiLCJwYXRoIjoiY3JlZGVudGlhbFN1YmplY3QuYWx1bW5pT2YifSx7InZhbHVlIjoiNDBlZTQ2ZDBjN2NkYWUyZTE1ZTk2MjZlYzg4ZjZmY2QzZTAwMDNhYmQwMWQ4MDM1YjBhYTVmYTg0ZTY5MzljNSIsInBhdGgiOiJvcGVuQXR0ZXN0YXRpb25NZXRhZGF0YS50ZW1wbGF0ZS5uYW1lIn0seyJ2YWx1ZSI6ImY2OWUyMGI4YWUzNjg5MjY5NjhjNTY2ZjBjOTZmYjM0ZGQ3YzlmMTg3MzY0ZmIwMTg1YTU1Zjc1YmNiZTU4ZTEiLCJwYXRoIjoib3BlbkF0dGVzdGF0aW9uTWV0YWRhdGEudGVtcGxhdGUudHlwZSJ9LHsidmFsdWUiOiI0MGI1YWZjMjg2ODM0MDliMjZjMDBmNzcwYWFkZDBhNmM2MDUzN2Q1NGU2Y2Y2MjMxMTQwN2FmMzEwNDZkYmVkIiwicGF0aCI6Im9wZW5BdHRlc3RhdGlvbk1ldGFkYXRhLnRlbXBsYXRlLnVybCJ9LHsidmFsdWUiOiIwY2IwMTI0MGRlMzIyODBiOGMyOTkwMmFmZmQ0NmJmNzcyNzQ2ZWI3NTBlMjI0YjM3YmY2MzQzODgzZWVhZjNhIiwicGF0aCI6Im9wZW5BdHRlc3RhdGlvbk1ldGFkYXRhLnByb29mLnR5cGUifSx7InZhbHVlIjoiNDE4NTdiMjhkZmM0MTJjMzc2NWM5NGFjYTIzOWRjZTE1MzgxMjVmNDgzNDc0MmU2YzZhODg5MDc5NWMyN2Q1OSIsInBhdGgiOiJvcGVuQXR0ZXN0YXRpb25NZXRhZGF0YS5wcm9vZi5tZXRob2QifSx7InZhbHVlIjoiYTNiMjljMmMzOTkwY2Q5Mzc2MTFmZTU4ZmIyZjAxYmY3NTlhYmQxNjM2ZmJhZmZjOGNiZjRmYTIzOWZiYjlkNCIsInBhdGgiOiJvcGVuQXR0ZXN0YXRpb25NZXRhZGF0YS5wcm9vZi52YWx1ZSJ9LHsidmFsdWUiOiI4Y2I0ZjIzNDI0MzgzOTE1YWNmNjBhZTRlMGNjYTI5MTgzNGNkOWU3NTU0NGJhYjQ4ZDYyYzk3YWZhZjRlN2YxIiwicGF0aCI6Im9wZW5BdHRlc3RhdGlvbk1ldGFkYXRhLmlkZW50aXR5UHJvb2YuaWRlbnRpZmllciJ9LHsidmFsdWUiOiJkMWU2OWFhYWUwZWE0ZTJhNTg2YmYzMDk0MzExZTA1OTlkZjBmMTk0MTA4NDZkZjFmZTA3MjIwNGRmNjI1Njg2IiwicGF0aCI6Im9wZW5BdHRlc3RhdGlvbk1ldGFkYXRhLmlkZW50aXR5UHJvb2YudHlwZSJ9XQ==",
    "privacy": {
      "obfuscated": []
    }
  }

I think it would be excellent to collaborate as much as possible.

This work item was created to offer an alternative to BBS+ that did not rely on pairing friendly curves or CL-Signatures.

The goal was to use boing old RFC7515 and merkle proofs to create a selective disclosure scheme that could be a drop in replacement for BBS+ LD proofs seen here: https://github.com/w3c-ccg/ldp-bbs2020

We are not considering CL at this time.

However, we are now focusing on JWP encodings for merkle proofs first, before addressing LD proofs that rely on merkle proofs.

This approach mirrors the successful work with JsonWebSignature2020, which is an LD Proof scheme built on boring old RFC7515.

So in short, merkle-disclosure-2021 is to JWP Merkle Proofs, as json-web-signature-2020 is to JWS.

From what I can see, this would not preclude the approach open attestation is taking, but it would solve a major problem you will face when attempting to rely on "standard serializations of merkle proofs"... there is no such thing, especially in the context of JOSE. Therefore I suggest we collaborate on JWP merkle proofs to solve this jointly, and then iterate on LD proofs based on it, to align them... that second step would involve conversations regarding canonicalization (URDNA2015 vs JSON Pointer, etc).

Does this make sense?

Please share this with anyone you think might have suggestions.

joelkek commented 2 years ago

Hi @OR13,

I'm a contributor to https://github.com/Open-Attestation/, and I read your work with interest. At Open Attestation, we've been issuing verifiable credentials for education, health, and trade use cases, with merkle proofs to allow for selective disclosure (e.g. https://www.computerweekly.com/news/252462777/Singapore-rolls-out-blockchain-platform-for-verifying-educational-certificates).

You're right that the lack of a standard serialisations is an issue. Agree that it would be excellent to collaborate to define serialisations of merkle proofs.

What are the blockers to this repo and how can my team contribute?

OR13 commented 2 years ago

hey @joelkek

There are 3 issues really.

  1. No standard binary format for merkle proofs outside of https://datatracker.ietf.org/doc/html/rfc9162
  2. No support for merkle proofs in JOSE / COSE (because of 1)
  3. No standard "Linked Data" or "Data Integrity" solution based on either 1 or 1 and 2.

The crypto works, and there are a few implementations with similar behavior floating around, some have been working happily for years without a standard.

I think the best path forward is to define a binary representation for merkle proofs at IETF.

I implemented a version of this here:

And have a WIP spec here:

Originally I thought I could do the proof definition and the JOSE / COSE alg bit at the same time.... thats still possible, but its a lot more work, and I wonder if we might achieve better velocity splitting these things up.

I am also involved in https://github.com/json-web-proofs/json-web-proofs which is required to solve the JOSE / COSE part... but is not yet an RFC. The meetings for that are at DIF, but it's an IETF standards track document.

TLDR;

^ if you are interested in either, I would very much welcome your help!