[Proposed Work Item] Verifiable Condition- new DID verificationMethod type

[ghost]

Abstract

VerifiableCondition is a new type of verification method for decentralised identifier (DID) documents. It can be used to express complex conditions and additional meta data about verification methods. It can be used to combine verification methods together to form conjugated conditions such as logical operations &&, thresholds, weighted thresholds, relationships and a delegation to external verification methods.

Spec: https://github.com/Gimly-Blockchain/verifiable-conditions

Work Owners

Jack Tanner @gimly-jack Blockchain and SSI Developer | Gimly jack@gimly.io Markus Sabadello @peacekeeper | Danube Tech markus@danubetech.com Caspar Roelofs @gimly-caspar | Gimly caspar@gimly.io

Work Item Questions

1. What are we trying to do?

We are trying to support more advanced security and privacy techniques enabled by cryptographic proofs that have conditional logic and combine multiple proofs to be for fulfilled. This is for use with self sovereign identity (SSI) applications. This is to support Blockchain and distributed ledgers with multikey signature schemes such as Ripple, BigchainDB, EOSIO, Keri, Hyperledger Fabric and Hyperledger Indy.

2. How is it done today, and what are the limits of the current practice?

Currently, DID documents can only express cryptographic material allowing proofs with one key for each proof. Proofs for verifiable credentials, authorisation and more are not able to use multi-key signature proofs for additional security and authenticity.

3. What is new in your approach and why do you think it will be successful?

We have created a new verification method type which allows advanced cryptographic material and conditions to be expressed in a DID document. This can then be used to verify proofs against multi-key, delegated authorization and hierarchical key structures

4. How are you involving participants from multiple skill sets and global locations in this work item? (Skill sets: technical, design, product, marketing, anthropological, and UX. Global locations: the Americas, APAC, Europe, Middle East.)

The Decentralised Identity Foundation (DIF) Has facilitated discussions with several participants representing several of the targeted use cases: EOSIO, Hyperledger Indy and EOSIO. This specification has been reviewed several times by external parties in Europe and North America.

5. What actions are you taking to make this work item accessible to a non-technical audience?

We are actively engaging with communities to gain support for this specification. This includes creating content to explain the significance of this proposal.

[OR13]

High level, this is a way of combining the verificationMethod's we're familiar with to create support for M of N multisig, etc.... I am supportive of this work, would love to sit down and hack out support for secp256k1 if I can find time.

[wyc]

Hi, with two co-owners and the questions answered, the requirements for a work item have been fulfilled, pending any objections from @kimdhamilton and @vsnt. I am fine to make the repository early next week.

1. Do you prefer a new empty repository, or an import of your existing one? Note that for an import, we will need to satisfy the LICENSE and CODEOWNERS requirements for work items as seen in the other repositories.

2. Would you be willing to come to the credentials call on Weds, March 31st at 1 PM ET or the week after to give a summary to the community?

[ghost]

Hi

1. I think import
2. I can join the week after on 7th April. Can you please invite @Caspar Roelofs @.***> and I to the meeting?

I'm on holiday next week, so would like to progress after our call on the 7th.

Cheers, Jack

---

[https://image.ibb.co/gEfyRz/profile.jpg] Jack Tanner Blockchain and SSI developer | Gimly p: (+31) 6 2216 5433 w: gimly.iohttps://gimly.io [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-twitter-32.png] https://twitter.com/gimly_io [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-linkedin-32.png] https://www.linkedin.com/company/gimly-blockchain @.***> [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-linkedin-32.png] https://www.linkedin.com/in/jack-tanner/

---

From: wyc @.> Sent: 27 March 2021 5:27 PM To: w3c-ccg/community @.> Cc: Jack Tanner @.>; Mention @.> Subject: Re: [w3c-ccg/community] [Proposed Work Item] Verifiable Condition- new DID verificationMethod type (#188)

Hi, with two co-owners and the questions answered, the requirements for a work item have been fulfilled, pending any objections from @kimdhamiltonhttps://github.com/kimdhamilton and @vsnthttps://github.com/vsnt. I am fine to make the repository early next week.

1. Do you prefer a new empty repository, or an import of your existing one? Note that for an import, we will need to satisfy the LICENSE and CODEOWNERS requirements for work items as seen in the other repositories.

2. Would you be willing to come to the credentials call on Weds, March 31st at 1 PM ET or the week after to give a summary to the community?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/w3c-ccg/community/issues/188#issuecomment-808757970, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASWXOHJDUPYKKC4DCSSUZWLTFYBQPANCNFSM4Z3H36RA.

[peacekeeper]

I had the opportunity to look over this in the last few weeks with @gimly-jack and fully support this work item!

[vsnt]

LGTM.

[msporny]

I'm supportive of the use case, but deeply concerned by the mechanism. Exposing developers to these sorts of cryptographic structures (effectively programs as data) can lead to catastrophic security errors.

+1 to the work item, just noting my hesitance -- feel that the approach is a cryptography anti-pattern.

[ghost]

I'll be at the next meeting, which I see is Tuesday midday EST. See you then to progress this.

---

[https://image.ibb.co/gEfyRz/profile.jpg] Jack Tanner Blockchain and SSI developer | Gimly p: (+31) 6 2216 5433 w: gimly.iohttps://gimly.io [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-twitter-32.png] https://twitter.com/gimly_io [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-linkedin-32.png] https://www.linkedin.com/company/gimly-blockchain @.***> [https://cdn1.iconfinder.com/data/icons/logotypes/32/square-linkedin-32.png] https://www.linkedin.com/in/jack-tanner/

---

From: Manu Sporny @.> Sent: 03 April 2021 6:19 PM To: w3c-ccg/community @.> Cc: Jack Tanner @.>; Mention @.> Subject: Re: [w3c-ccg/community] [Proposed Work Item] Verifiable Condition- new DID verificationMethod type (#188)

I'm supportive of the use case, but deeply concerned by the mechanism. Exposing developers to these sorts of cryptographic structures (effectively programs as data) can lead to catastrophic security errors.

+1 to the work item, just noting my hesitance -- feel that the approach is a cryptography anti-pattern.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/w3c-ccg/community/issues/188#issuecomment-812887907, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASWXOHKU4DJHSAY52LUOLTLTG4525ANCNFSM4Z3H36RA.

[vsnt]

We'll be next meeting on Tuesday, April 13. Cancelling this week's meeting. Thanks.

[vsnt]

This work item has been approved and the repo has been transferred and is now here: https://github.com/w3c-ccg/verifiable-conditions.

Chairs to add boilerplate docs, then close this issue. Will make an announcement at the 5/4 meeting this is an active item.

[vsnt]

Closing this issue. I have added the boilerplate files to the new repo & included the work item here: https://github.com/w3c-ccg/community/blob/master/work_items.md.