Support BBS+ and JWP #1285

AlbertoSvg · 2024-01-26T11:25:15Z

Description of change

Integration of BBS+ Signature Scheme and JSON Web Proof representation to enable Zero-Knowledge functionalities.
Using https://github.com/Cybersecurity-LINKS/json-proof-token and https://github.com/Cybersecurity-LINKS/zkryptium.

Type of change

Add an x to the boxes that are relevant to your changes.

Bug fix (a non-breaking change which fixes an issue)
Enhancement (a non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
Documentation Fix

How the change has been tested

Added a new example called 9_zkp for testing Zero-Knowledge Proof funtionalities

Change checklist

Add an x to the boxes that are relevant to your changes.

I have followed the contribution guidelines for this project
I have performed a self-review of my own code
I have commented my code, particularly in hard-to-understand areas
I have made corresponding changes to the documentation
I have added tests that prove my fix is effective or that my feature works
New and existing unit tests pass locally with my changes

…jose

…efined in it

…wp implementation

…tPresentationValidationOptions

…ntial is supported during presentation

…tion

eike-hass

Very readable and well structured implementation. Thank you very much for the contribution!

Could you go through the remaining TODO comments and either remove outdated ones or clarify remaining ones? That will help us to judge the outstanding work better.

examples/0_basic/0_create_did.rs

examples/1_advanced/9_zkp.rs

examples/utils/utils.rs

eike-hass · 2024-01-26T15:01:54Z

identity_credential/src/presentation/jwp_presentation_builder.rs

+
+        jwp_builder.set_undisclosed("nbf").ok(); // 
+
+        jwp_builder.set_undisclosed("issuanceDate").ok(); // Depending on the revocation method used it will be necessary or not


we expect issuanceDate and expirationDatewill be superseded byvalidFromandvalidUntil` in the VC Data Model 2.0. Can we already anticipate that somehow?

@eike-hass I think we could already set the two fields, validFrom and validUntil, as undisclosed. Currently, if they are not present, they will simply be ignored. What do you think?

abdulmth

Very valuable contribution to the library, generally fits in the code base very well. I added minor comments.

One thing we have to change is having json-proof-token as a workspace dependency, we probably have to feature gate all ZK implementation and make that dependency optional. This might require some tweaks here and there to make it work.

Also, to make CI happy, you can run these commands locally and potentially fix warnings

format all files:
cargo +nightly fmt --all

fix clippy warnings:
cargo clippy  --fix --allow-dirty --allow-staged --all-targets --all-features -- -D warnings 

dprint format: (dprint should be installed)
npx dprint fmt

And add the license header to all added Rust files (I think the license header also applies to external contributions, not 100% sure, maybe @eike-hass knows).

abdulmth · 2024-01-31T14:05:02Z

examples/1_advanced/9_zkp.rs

@@ -0,0 +1,246 @@
+


Suggested change

// Copyright 2020-2024 IOTA Stiftung

// SPDX-License-Identifier: Apache-2.0

A license header is needed on all files added.

examples/1_advanced/9_zkp.rs

identity_credential/src/credential/jpt.rs

identity_document/src/verifiable/jwp_verification_options.rs

abdulmth · 2024-01-31T20:00:45Z

identity_jose/src/jwk/key_operation.rs

+  /// Compute proof
+  ProofGeneration,
+  /// Verify proof
+  ProofVerification


These variants are added to an public exhaustive enum, which is a breaking change. Although the identity_jose crate is only used internally but we have to investigate this, maybe add then only under a specific feature.

abdulmth · 2024-01-31T20:01:54Z

identity_jose/src/jwk/key_use.rs

@@ -16,6 +16,9 @@ pub enum JwkUse {
  /// Encryption.
  #[serde(rename = "enc")]
  Encryption,
+  /// Proof
+  #[serde(rename = "proof")]


identity_storage/src/storage/jwp_document_ext.rs

AlbertoSvg · 2024-02-19T14:41:33Z

@abdulmth @eike-hass Hello, I've just updated the pull request with the latest changes about the revocation. I look forward to your feedback.
Thanks!

UMR1352

Looking good! 👍

UMR1352 · 2024-02-29T09:45:56Z

examples/1_advanced/10_zkp_revocation.rs

+  thread::sleep(SleepDuration::from_secs(61));
+
+  let timeframe_result = JptPresentationValidatorUtils::check_timeframes_with_validity_timeframe_2024(
+    &decoded_presented_credential.credential,
+    None,
+    StatusCheck::Strict,
+  );


Suggested change

thread::sleep(SleepDuration::from_secs(61));

let timeframe_result = JptPresentationValidatorUtils::check_timeframes_with_validity_timeframe_2024(

&decoded_presented_credential.credential,

None,

StatusCheck::Strict,

);

let advanced_time = Timestamp::now_utc().checked_add(Duration::seconds(61)).unwrap();

let timeframe_result = JptPresentationValidatorUtils::check_timeframes_with_validity_timeframe_2024(

&decoded_presented_credential.credential,

Some(advanced_time),

StatusCheck::Strict,

);

Duration is identity_iota::common::Duration.

UMR1352 · 2024-02-29T09:49:13Z

examples/1_advanced/10_zkp_revocation.rs

+
+  let timeframe_result = JptCredentialValidatorUtils::check_timeframes_with_validity_timeframe_2024(
+    &validation_result.credential,
+    None,


Suggested change

None,

Some(advanced_time),

UMR1352 · 2024-02-29T09:59:02Z

identity_credential/src/revocation/validity_timeframe_2024/revocation_timeframe_status.rs

+
+/// Information used to determine the current status of a [`Credential`][crate::credential::Credential]
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct RevocationTimeframeStatus(Status);


Instead of simply wrapping Status, parse (instead of validating) whatever you need out of it. Derive Serialize and Deserialize and use them to parse Status.
In the implementation for TryFrom<Status> you can use serde_json::from_value(serde_json::to_value(status)?)?.

eike-hass · 2024-02-29T12:51:54Z

@AlbertoSvg We are almost there 💪 Any chance you can re-sign your previous commits?

eike-hass · 2024-03-04T14:52:24Z

Thank you for your contribution 🙏 We will merge this in the feature branch and take it from there 💪

* Support BBS+ and JWP (#1285) * merge main * Wasm bindings for Jpt credentials * JPT presentation bindings * docs * jsonprooftoken payloads * Refactor `RevocationTimeframeStatus` to align with other setups (#1340) * refactor `RevocationTimeframeStatus` to other setups * fix smaller typos * binding coverage for jsonprooftoken * Use latest releases of zkryptium/json-proof-token and add new BLS key representation (#1339) * update zkryptium/json-proof-token deps and new BLS key representation * minor fix * Use zkryptium for cryptographic operations inside Memstore (#1351) * update zkryptium/json-proof-token deps and new BLS key representation * minor fix * use zkryptium for crypto operations and JPT for serialization * fix format * Feat/jpt bbs+ sd stronghold impl (#1354) * Implement JwkStorageExt for StrongholdStorage * reorganize code * persist changes to stronghold when creating bbs+ keypair, clippy, fmt * feature gate * zkp wasm example * zkp_revocation wasm example * wasm bindings * fix docs * rename JwkStorageExt to JwkStorageBbsPlusExt * JwkStorageBbsPlusExt impl refactor for Stronghold, MemStore, WasmStore * Squashed commit of the following: commit 30c9bf2 Author: Foorack / Max Faxälv <max@foorack.com> Date: Tue Apr 2 10:32:48 2024 +0200 inherit `repository` in identity_verification (#1348) commit 1e9c9a3 Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed Mar 27 15:35:29 2024 +0100 Release wasm-v1.2.0 (#1345) commit 84a630d Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed Mar 27 15:32:19 2024 +0100 Release v1.2.0 (#1347) commit 1aba4b5 Author: Eike Haß <eike-hass@web.de> Date: Wed Mar 27 13:13:27 2024 +0100 removed dev_dep version commit 0352b84 Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Wed Mar 27 10:44:43 2024 +0100 Support %-encoded characters in DID method id (#1303) commit e68538f Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue Mar 26 11:58:35 2024 +0100 gRPC bindings (#1264) commit e53561e Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue Mar 26 11:18:14 2024 +0100 allow large result err variants (#1342) commit 4a144a3 Author: Eike Haß <eike-hass@web.de> Date: Tue Mar 19 09:51:52 2024 +0100 fix readme links (#1336) commit 0af29fc Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Mon Mar 18 17:16:57 2024 +0100 Feat/custom verification method (#1334) * Add support for arbitrary (custom) verification method data * wasm bindings * custom method type + wasm * workaround serde's issue * Update bindings/wasm/src/verification/wasm_method_data.rs Co-authored-by: Abdulrahim Al Methiab <31316147+abdulmth@users.noreply.github.com> * review comments * fmt * review comment --------- Co-authored-by: Abdulrahim Al Methiab <31316147+abdulmth@users.noreply.github.com> commit edb9150 Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue Mar 12 14:45:04 2024 +0100 use latest release of sd-jwt-payload (#1333) * use latest release of sd-jwt-payload * make clippy happy commit 0794379 Author: Abdulrahim Al Methiab <31316147+abdulmth@users.noreply.github.com> Date: Wed Mar 6 14:16:00 2024 +0100 Wasm bindings for `BlockChainAccountId` verification method. (#1326) commit 59d38f7 Author: Abdulrahim Al Methiab <31316147+abdulmth@users.noreply.github.com> Date: Wed Mar 6 10:56:23 2024 +0100 Add constructor for VerificationMethod in TS (#1321) * clippy * fmt * add stronghold bbs+ tests * review comments * add license header * fix wasm bindings * Persist Stronghold's changes only when its handle is dropped * Fix StrongholdStorage::get_public_key * rename stronghold_jwk_storage_ext * Add inx-faucet profile in CI * change stronghold crate's structure, revert persist changes on drop * review comments * Update identity_credential/src/presentation/jwp_presentation_builder.rs Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * fix wasm bindings * expose stronghold's key types * revert last commit * Add "Fondazione Links" to license header * Squashed commit of the following: commit 9abdb38 Author: Sven <sven.feuchtmueller@gmx.de> Date: Tue May 14 09:16:09 2024 +0200 Add EcDSA verifier (#1353) * add ecdsa verifier * add identity_ecdsa_verifier to workspace, add license headers * Update identity_ecdsa_verifier/Cargo.toml Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * Update identity_ecdsa_verifier/src/secp256k1.rs Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * Update identity_ecdsa_verifier/Cargo.toml Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * Update identity_ecdsa_verifier/src/secp256k1.rs Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * Update identity_ecdsa_verifier/src/secp256r1.rs Co-authored-by: wulfraem <wulfraem@users.noreply.github.com> * add feedback * add OpenSSL installation to windows runner in CI * update license headers and authors for ecdsa verifier * update license template to allow multiple contributors --------- Co-authored-by: Sebastian Wolfram <wulfraem@users.noreply.github.com> commit 149bfac Author: wulfraem <wulfraem@users.noreply.github.com> Date: Mon May 13 10:44:09 2024 +0200 Fix findings after clippy update (#1365) * fix clippy findings * fix formatting * refactor .clone_into calls into .to_string * fix previous edit * disable empty_docs for wasm binding for now * fix missing newline * disable self update from rust setup in ci for now * update self update skip to skip only for windows build commit 51aedd5 Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue Apr 30 16:16:36 2024 +0200 Use STRONGHOLD_PWD_FILE env variable to pass stronghold's password (#1363) commit edec26c Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue Apr 30 15:40:55 2024 +0200 Arbitrary data signing service (#1350) commit f59e75a Author: Eike Haß <eike-hass@web.de> Date: Tue Apr 30 15:34:40 2024 +0200 Fix dockerhub workflow (#1343) commit 993cfec Author: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Fri Apr 26 13:39:29 2024 +0200 add inx-faucet profile (#1356) * update stronghold and sdk --------- Co-authored-by: Alberto Solavagione <albertosolavagione30@gmail.com> Co-authored-by: wulfraem <wulfraem@users.noreply.github.com>

AlbertoSvg added 26 commits November 14, 2023 17:53

mapping from Jwk (JwkExt) from json-proof-token to Jwk from identity_…

12722a3

…jose

implemented JwpDocumentExt for IotaDocument and CoreDocument

b012e97

generate_method_extended that handles both JWS and JWP algorithm

b170249

new trait JwpDocumentExt separated from JwkDocumentExt using macros d…

7d9fee0

…efined in it

json-proof-token dependency update

d948aea

From<CredentialJwtClaims> trait for JptClaims and create_credential_j…

db46722

…wp implementation

new JwpOptions

21b9588

successful issuing of a jpt VC

fb8e303

fix stronhold path

732e4c6

fix JPT type

234843f

update to latest version of json-proof-token library

e783430

Merge branch 'iotaledger:main' into jwp-integration

55749ca

fix key conversion

53051fe

alternative selective disclosure method

4b9a199

Jwp Presentation creation

a7fbe6b

remove JwpOptions and introduce JptCredentialValidationOptions and Jp…

9e5a595

…tPresentationValidationOptions

JWP Presentation verification

217a754

removed multiple issuers during JWP verification since only one Crede…

b33a604

…ntial is supported during presentation

extract_issuer_from_presented_jpt util and remove identity_zk module

6429817

add some comments

820672f

fix jti undisclose

1fea3be

comments and fix nbf undisclosing

ef77d68

new RevocationTimeframeStatus and revocation check

4becafb

remove unused 'use' statements

b03bdc1

remove ValidityTimeframeGranularity::SECOND

f274243

Merge remote-tracking branch 'origin/main' into jwp-integration-tmp

b7c71e5

AlbertoSvg requested a review from a team as a code owner January 26, 2024 11:25

Merge remote-tracking branch 'origin/main' into zk-revocation-integra…

2e4ad45

…tion

abdulmth added Added A new feature that requires a minor release. Part of "Added" section in changelog Rust Related to the core Rust code. Becomes part of the Rust changelog. labels Jan 26, 2024

eike-hass requested changes Jan 26, 2024

View reviewed changes

eike-hass linked an issue Jan 26, 2024 that may be closed by this pull request

Add Selective Disclosure Support to VC #144

Closed

4 tasks

AlbertoSvg added 2 commits January 30, 2024 16:00

remove unused TODOs and 'use' statements and minor fixes

fe23be7

fix endpoint

4a13956

abdulmth reviewed Jan 31, 2024

View reviewed changes

AlbertoSvg added 15 commits February 1, 2024 16:53

add RevocationTimeframeStatus

a74f5aa

revocation in credential and presentation validation

23938a7

add TimeframeRevocationExtension for Core/IotaDocument

071e6b8

update 10_zkp_revocation example

1992b28

fix format and other minor fixes

23239ab

holder authentication during revocation update

c37fad8

fix update

744c51b

check validity timeframes utility function

a4b6d77

fix presentation validation

7b1c82c

Merge remote-tracking branch 'origin/main' into tmp

eb19417

Merge remote-tracking branch 'origin/zk-revocation-integration' into tmp

f9a07fb

removed some TODOs and unused 'use' statements

b5a035f

fix endpoint

1244c48

fix doc

929dbf7

fix format and clippy warnings

6f4a488

fix json-proof-token and zkryptium dep

957981e

UMR1352 reviewed Feb 29, 2024

View reviewed changes

Merge branch 'iotaledger:main' into jwp-integration

affa45a

AlbertoSvg changed the base branch from main to feat/jpt-bbs+-sd March 4, 2024 13:58

eike-hass merged commit 6003cf0 into iotaledger:feat/jpt-bbs+-sd Mar 4, 2024
7 of 12 checks passed

AlbertoSvg deleted the jwp-integration branch October 7, 2024 14:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support BBS+ and JWP #1285

Support BBS+ and JWP #1285

AlbertoSvg commented Jan 26, 2024

eike-hass left a comment

eike-hass Jan 26, 2024

AlbertoSvg Jan 26, 2024 •

edited

Loading

abdulmth left a comment

abdulmth Jan 31, 2024

abdulmth Jan 31, 2024

abdulmth Jan 31, 2024

AlbertoSvg commented Feb 19, 2024

UMR1352 left a comment

UMR1352 Feb 29, 2024

UMR1352 Feb 29, 2024

UMR1352 Feb 29, 2024

UMR1352 Feb 29, 2024

eike-hass commented Feb 29, 2024

eike-hass commented Mar 4, 2024


		jwp_builder.set_undisclosed("nbf").ok(); //

		jwp_builder.set_undisclosed("issuanceDate").ok(); // Depending on the revocation method used it will be necessary or not


	// Copyright 2020-2024 IOTA Stiftung
	// SPDX-License-Identifier: Apache-2.0

Support BBS+ and JWP #1285

Support BBS+ and JWP #1285

Conversation

AlbertoSvg commented Jan 26, 2024

Description of change

Type of change

How the change has been tested

Change checklist

eike-hass left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

AlbertoSvg Jan 26, 2024 • edited Loading

Choose a reason for hiding this comment

abdulmth left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

AlbertoSvg commented Feb 19, 2024

UMR1352 left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

eike-hass commented Feb 29, 2024

eike-hass commented Mar 4, 2024

AlbertoSvg Jan 26, 2024 •

edited

Loading