Based on my understanding, only when the issuer needs to revoke a VC, there should be a transaction to the registry revoking that credential.
Some implementations write the hash of the VC on the registry and later on they can revoke the VC with revoking the hash. This means there will be one write transaction per issued VC to the registry. Assuming our registry is a public blockchain, this will be costly and a slow step.
For sake of simplicity, let's assume the proof on a VC is a simple digital signature using public/private key pairs. Also the issuer has a master key pair (MK) where its public key is known to everyone (at least to holders and verifiers). Could the following flow be a secure VC issuance and revoke process?
Issuer generates a new pair of keys (K1)
Issuer signs the PK1 (the public key of K1) using master key MK to prove origin of K1 and delivers the signed PK1 to the holder
Issuer signs the VC using K1 and delivers it to the holder (steps 2. & 3. could be done in one step)
Any verifier trusting the issuer can verify the VC by tracing back the signatures to the known public key of issuer's master key
To revoke the credential, the issuer must send a transaction signed with its master key MK to the registry (public blockchain) calling revoke on the PK1. This means as part of verification process, verifier must read the registry for any revoke transaction from MK on PK1
This flow ensures minimum number of transactions to the registry which is only in time of revoke events. (Of course, if the VC has an expiration date and it reaches before revoke event, no revoke transaction is necessary)
I couldn't find any documentation or implementation for this flow but I assume I'm not the first one coming up with it :). If this already exists, I really appreciate it if you could redirect me to it, otherwise I would like to know if there is any security concerns to this flow and that's why it's not mentioned anywhere or it's just new?
In section 6.1 of VC use cases and afterwards in 6.2 for usage of VCs, no write transaction to a registry is required.
Based on my understanding, only when the issuer needs to revoke a VC, there should be a transaction to the registry revoking that credential.
Some implementations write the hash of the VC on the registry and later on they can revoke the VC with revoking the hash. This means there will be one write transaction per issued VC to the registry. Assuming our registry is a public blockchain, this will be costly and a slow step.
For sake of simplicity, let's assume the proof on a VC is a simple digital signature using public/private key pairs. Also the issuer has a master key pair (MK) where its public key is known to everyone (at least to holders and verifiers). Could the following flow be a secure VC issuance and revoke process?
This flow ensures minimum number of transactions to the registry which is only in time of revoke events. (Of course, if the VC has an expiration date and it reaches before revoke event, no revoke transaction is necessary)
I couldn't find any documentation or implementation for this flow but I assume I'm not the first one coming up with it :). If this already exists, I really appreciate it if you could redirect me to it, otherwise I would like to know if there is any security concerns to this flow and that's why it's not mentioned anywhere or it's just new?
Thank you in advance.