You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue #150 was raised concerning the exact details of how one of the optional features (Anonymous Holder Binding) impacts the creation of a derived proof, while issue #155 had a question of where an important parameter mandatory pointers comes from. I think we need to make it clear where "inputs" and "parameters" come from, in addition it would be good to clarify how the optional features modify outputs (serializations) and procedures used.
Note that the goal is to clarify things for developers. I'd propose to do this in the following ways: (a) small clarifications to the normative procedures as to inputs/parameters and their sources, (b) fill in any missing procedural details, (c) use distinct tag/header bytes to differentiate options as discussed in issue #153, and (d) provide informative summary of the different options in the Optional Features section.
Optional Feature Procedure Impacts
Create Base Proof (Issuer)
Note that the different options can only be differentiated based on issuer intent.
Option Name
Extra Tasks
Extra Inputs
Extra Outputs
BBS Variant Used
Anonymous Holder Binding
None
commitment with proof to holder secret from holder
signerBlind
Blind BBS
Pseudonym with Issuer Pid
Generate pid
None
pid
Pseudonym BBS
Pseudonym with Hidden Pid
None
commitment with proof to secret pid from holder
signerBlind
Pseudo/Blind BBS
Add Derived Proof (Holder)
Note that the different options can be differentiated from the header bytes in the received base proof.
Option Name
Extra Tasks
Extra Inputs
Extra Outputs
BBS Variant Used
Anonymous Holder Binding
None
holder secret, prover blind (both known to holder), signer blind (included in base from issuer)
None
Blind BBS
Pseudonym with Issuer Pid
Generate pseudonym
verifier id (from verifier), pid (included in base from issuer)
pseudonym
Pseudonym BBS
Pseudonym with Hidden Pid
Generate pseudonym
pid, prover blind (both known to holder), signer blind (included in base from issuer), verifier id (from verifier)
pseudonym
Pseudo/Blind BBS
Verify Derived Proof (Verifier)
Note that the different options can be differentiated from the header bytes in the received derived proof.
Option Name
Extra Inputs
BBS Variant Used
Anonymous Holder Binding
None
Blind BBS
Pseudonym with Issuer Pid
verifier id (known to verifier), pseudonym (included in derived proof)
Pseudonym BBS
Pseudonym with Hidden Pid
verifier id (known to verifier), pseudonym (included in derived proof)
Pseudo/Blind BBS
The text was updated successfully, but these errors were encountered:
Issue #150 was raised concerning the exact details of how one of the optional features (Anonymous Holder Binding) impacts the creation of a derived proof, while issue #155 had a question of where an important parameter
mandatory pointers
comes from. I think we need to make it clear where "inputs" and "parameters" come from, in addition it would be good to clarify how the optional features modify outputs (serializations) and procedures used.Note that the goal is to clarify things for developers. I'd propose to do this in the following ways: (a) small clarifications to the normative procedures as to inputs/parameters and their sources, (b) fill in any missing procedural details, (c) use distinct tag/header bytes to differentiate options as discussed in issue #153, and (d) provide informative summary of the different options in the Optional Features section.
Optional Feature Procedure Impacts
Note that the different options can only be differentiated based on issuer intent.
Note that the different options can be differentiated from the header bytes in the received base proof.
Note that the different options can be differentiated from the header bytes in the received derived proof.
The text was updated successfully, but these errors were encountered: