decentralized-id.github.io/_posts/identosphere-dump/open-standards/verifiable-credentials.md
2022-11-28 05:35:57 -05:00

20 KiB
Raw Blame History

published
false

Verifiable Credentials

Contents

  • Explainer
  • Comparisons with/ other Tech
  • Varieties
    • JSON-LD
    • JSON-LD ZKP BBS+
    • JSON-JWT
    • ZKP-CL - [IIA] Indy Aries AnnonCreds
    • JWP

Explainer

  • What are Verifiable Credentials
  • How W3C Verifiable Credentials (VC) Work: Part 1 Issuance

    When an issuer creates a verifiable credential, it contains following information

    • Who has issued DID of the Issuer
    • To whom it is issued User Identifier
    • Attributes of the credential Details of the credential being Issued
    • When it is Issued Date of issuance
    • Credential proof with Issuer signature that makes it tamper evident
    • Revocation details
  • The Role of Witness Organizations in Verifiable Credentials

    The basis is that not every source of a verifiable credential has an interest in issuing verifiable credentials and that it is not only logical but beneficial to the ecosystem of trust that witness organizations will issue on behalf of these sources.

  • An introductory dive into VCs (verifiable credentials) HackerNoon

    Verifiable Credentials heavily utilize Decentralized Identifiers to identify people, organizations, and things and to achieve a number of security and privacy-protecting guarantees. They are issued and cryptographically signed documents, intended to be understood by computers rather than people.

  • How Does a Verifier Know the Credential is Yours? Evernym

    A link secret is a large random number, wrapped in a way that allows the holder to prove that they know the secret.

  • Introduction to Verifiable Credentials Ubisecure

    The Verifiable Credentials specification is quite new, and many pieces that are required to create interoperable solutions are still incomplete or missing at time of writing. However, there is significant momentum around verifiable credentials (VCs). This is partly attributed to VCs being part of the solution for blockchain-based decentralised identity.

  • 8 Reasons to use Verifiable Credentials Affinidi

    VCs are interoperable across many systems and can be used in almost every possible scenario.

  • What are Verifiable Credentials in 3 Minutes Affinidi (video)
  • The VC Lifecycle Credential Master

    In 1956 the switch to consistent shipping containers began, and it changed the physical world profoundly; the switch to consistent, authenticatable digital data containers will do the same for cyberspace.

  • Verifiable Credentials Arent Credentials. And Theyre Not Verifiable In the Way You Might Think Timothy Ruff

    think “authenticatable data container” [...]

    VCs can carry any sort of data payload, and that isnt just a good thing, its a great one. Part two of my container series covers how such fluid data portability could economically affect cyberspace to a degree comparable to how shipping containers affected global trade.

  • Verifiable credentials are key to the future of online privacy HelpNetSecurity
    • All the data is decentralized, meaning theres no need for a database of student records that could be jeopardized. Alices data lives with her.
    • The employer doesnt need to keep a copy of Alices transcript to verify her education.
    • The college doesnt play intermediary and doesnt have access to the list of organizations Alice shares her data with. Other parties have no way of correlating this data as each exchange is private and unique.
    • If desired, Alice could pick and choose what she wants to share. She could prove her degree without sharing her date of graduation or GPA, for example.
  • What are Verifiable Credentials?

    At the most basic level, verifiable credentials, or VC in short, are tamper-proof credentials that can be verified cryptographically.

  • Self Attested vs Chain of Custody - assurance levels in data provenance in VCs by Stew Whitman & Alka Lachhwani

    There are two important factors in establishing “truth” or the trustworthiness of the information. Attributional and Reputational. You need to have both to have trust.

    Digital needs higher level of attestation because it is easier to forge and easier to propagate that forgery.

Comparisons with/ other Tech

  • Compare and Contrast: OpenBadges vs Verifiable Credentials Affinidi

    As we move towards a world of digital identity, many ways of sharing and verifying Personally Identifiable Information are emerging. Two such modes that well talk about today are Open Badges and Verifiable Credentials.

  • Non-Fungible Tokens (NFTs) vs Verifiable Credentials (VCs) Affinidi

    A common thread that connects both NFTs and VCs is that they leverage the potential benefits of the digital world to give users more security, flexibility, and freedom to monetize.

  • ERC-721 Non-Fungible Token Standard on Ethereum vs. VCs on Hyperledger Indy Michael Herman

    When are Hyperledger Indy/Sovrin VCs better than Ethereum smart contracts for NFEs/NFTs (non-fungible entities/tokens)?

    It seems obvious but I don't have a detailed/worked out answer.  One project I'm associated with wants to use the ERC-721 Non-Fungible Token Standard on Ethereum but I believe VCs are a better route to take. Part of the desire to stay on Ethereum is there is quite a vibrant NFT community on Ethereum and lots of different EC-721 tokens.

  • Comparing VCs to ZCAP-LD Kyle Den Hartog

    Why make the investment then to put the time and effort into ZCAPs when weve already got VCs? Simply put because security is hard and trying to push square pegs into round holes often times leads to bugs which are elevated to mission critical authentication/authorization bypass vulnerabilities. By designing around a fit for purpose data model with a well defined problem being solved it allows for us to be much more precise about where we believe extensibility is important versus where normative statements should be made to simplify the processing of the data models. By extension this leads to a simpler security model and likely a much more robust design with fewer vulnerabilities.

  • Compare and Contrast — IRMA vs Verifiable Credentials
  • Re: VCs - zCaps / OCap a Discussion Dave Longley 12/5

    TL; DR: My current view is that the main confusion here may be over the difference between VCs and LD Proofs, not VCs and ZCAPs. VCs are not a generalized container for attaching a cryptographic proof to a document. That's what LD proofs (or JOSE style proofs) are for. VCs use LD proofs (or JOSE style proofs) to attach an assertion proof to a document that specifically models statements made by an issuer about some subject, which is therefore inherently about the identity of that subject.

  • Could an NFT be a VC? by Grace Rachmany

    Case discussed: A group of villages in Africa using a cryptocurrency platform for alternative currencies. Different organizations issue the coins under different circumstances. When you accept a currency, you want to know who is the issuer. The Red Cross might be more or less trusted than the local leader or agricultural cooperative as the issuer of a currency that is supposedly equivalent to a shilling.

    What types of tech could be used for this?

    • Multiple currencies on the blockchains
    • Certifications in the form of some kind of NFT issued by the issuer.
    • Limited supply tokens or NFTs that are “expired” when you use them
    • Open Credential Publisher framework was suggested
    • VCs are generally authorizations associated with a person, so maybe a person could have the VC and show their credit rating in some way while they are making a transaction
    • Similarly maybe the VC belongs to the organization that is issuing the coin, proving its reputation over time.
  • How does VC Functional Stack compare to #ToIP Stack? @rufftimo
    1. ToIP Layers 2 & 3 compare to Functional Layer 2
    2. ToIP Layer 4 compares to Functional Layers 3 & 4 (horizontal layer for VC Management, vertical layer for Applications)
    3. Functional stack doesn't require #blockchain
    4. Functional Stack doesn't detail steps for trust or verification; ToIP Stack doesn't separate management or storage
    5. Functional Stack clarifies functions, roles, and potential business models; ToIP stack clarifies trust & security They are complementary, not contradictory.

HowTo

Organization

Weve been hard at work writing use cases, helping education standards organizations understand and align with VCs, and weve been heading towards a model recommendation doc for the community.

History

Use

Varieties

  • Verifiable Credentials Specifications Relationship Diagram "Good for anyone but especially useful when trying to jump in on the deep end. If you walk even this limited tree of specs you know a lot" - @michaelruminer
  • Paper based Verifiable Credentials Mattr

    Paper-based Verifiable Credentials allow us to have a low-tech solution for adopting VC's in situations where access to a phone cannot be guaranteed. This presentation looks at how this solution can be used to aid with the distribution of Vaccine Credentials.

  • The Flavors of Verifiable Credentials Linux Foundation Public Health Blog pdf

    The differences between the different flavors of VCs for technically inclined readers. It elaborated on the differences between JSON and JSON-LD and articulated differences between the two different implementations of ZKP style credentials. The Journey of a VC section articulated all steps where VCs are active and highlighted the differences in how different VC flavors behave.

  • Why the Verifiable Credentials Community Should Converge on BBS+

    BBS+ LD-Proofs use JSON-LD schemas, so credentials that use them can have a rich, hierarchical set of attributes. Instead of the heavy-handed mechanism for the encoding and canonicalization of attributes values that wed imagined for Rich Schemas, they use RDF canonicalization and a hash function. Rather than expanding the credential definition, they discarded it, taking advantage of some properties of BBS+ keys which allow for deterministic expansion.

  • GS1 2021 VC Prototype Journey by Paul Dietrich

    There was some feedback that  BBS, PE, and DIDCommV2 are possible points of convergence.

    Also comments that WACI Bloom may play a part in convergence

  • What BBS+ Means For Verifiable Credentials Evernym

    In a recent Evernym blog post, we discussed why BBS+ LD-Proofs are the privacy-preserving VC format that everyone should implement. In this webinar….

    • A brief history of verifiable credential formats, and how a lack of convergence makes scale and interoperability an ongoing challenge
    • How BBS+ Signatures are the breakthrough that combine the best of the JSON-LD and ZKP formats, while still allowing for selective disclosure and non-trackability
    • The path forward: What remains to be done to fully converge on the BBS+ format

Critique

Thread: VCs need Threat Modeling