JSON-LD VC with BBS, OID4VCI, OID4VP, and Pseudonymous DID Key

JSON-LD VC with BBS, OID4VCI, OID4VP, and Pseudonymous DID key Dan Yamamoto (Internet Initiative Japan Inc.) 2024-10-30 / IIW 39

Overview Yet to be Standardized Wallet-initiated presentation Issuer Pseudonymous did:key Pseudonymous did:key Blind BBS BBS ZKP W3C Data Integrity W3C Data Integrity W3C VC OID4VCI Holder / Wallet W3C VP Verifier OID4VP 1

Pseudonymous DID key Holder / Wallet Issuers did:key for I1 Verifiers did:key for V1 did:key for I2 did:key for V2 secret key did:key for I3 did:key for V3 pubkey for dom := Hash(dom)^secret ◼ A single secret key can generate multiple public keys (did:key) for different domains ◼ Multiple public keys cannot be shown within a single domain (inner-domain linkability) ◼ It is not possible to correlate public keys across different domains (inter-domain unlinkability) 2

Pseudonymous DID key Holder / Wallet Issuers did:key for I1 Verifiers did:key for V1 appeared in VP for OID4VP appeared in Key Proof for OID4VCI secret key 3

Demo VC Issuer 1. Obtain a certificate of residence from the local government VP Verifier 2. Present the certificate at a skills testing center for identity verification VC Issuer 3. Receive a skill credential from the testing center after the assessment VP Verifier 4. Attach the credential to your Nostr account and share it with your friends 4

TODOs ◼ Catch up the latest features e.g. Browser API, DCQL, transaction_data, ... ◼ More sophisticated user experiences ◼ Revocation ◼ Hardware security module ◼ Documentation and Standardization 5