The current (extended) reveal indicies are termwise indicies, i.e., each reveal index means which term in the revealed statements should be mapped to which term in the original document statements. This termwise indicies must be replaced by the statement-wise indicies because they are not only redundant in terms of efficiency but also vulnerable in terms of security. In fact, a malicious Holder can exploit termwise reveal indicies to control the order of terms, which let the Verifier accept modified (forged) JSON-LD credentials that are different from the original credentials issued by the Issuer. It is possible for the Verifier to recognize this term reordering by checking the revealed indicies, but is quite difficult task for the Verifier since the revealed indicies are currently embedded in proofValue as encoded values.
The current (extended) reveal indicies are termwise indicies, i.e., each reveal index means which term in the revealed statements should be mapped to which term in the original document statements. This termwise indicies must be replaced by the statement-wise indicies because they are not only redundant in terms of efficiency but also vulnerable in terms of security. In fact, a malicious Holder can exploit termwise reveal indicies to control the order of terms, which let the Verifier accept modified (forged) JSON-LD credentials that are different from the original credentials issued by the Issuer. It is possible for the Verifier to recognize this term reordering by checking the revealed indicies, but is quite difficult task for the Verifier since the revealed indicies are currently embedded in
proofValue
as encoded values.