-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Data model and canonicalization #8
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The TypedData object for signing should be able to encode objects in the VC Data Model in a canonical way. I am seeing five possible ways to do it:
id
string property). There is also still a limitation that arrays in TypedData must be of the same type, while in arbitrary JSON arrays may contain values of different types. To represent arrays containing values of multiple types (i.e. polymorphism), some additional conversion will be needed. This could seem to lead back to (2) above in order to represent arbitrary JSON values as TypedData values - but I think we could skip that by using structs instead arrays: each array of N values would be represented by a struct with N values (which may be of different types), where the property names are whole numbers. Avoiding TypedData arrays also has the benefit of not having to deal with the apparent inconsistency betweeneth-sig-util
(MetaMask) and EIP-712 (signTypedData_v4 not according to specification MetaMask/eth-sig-util#106) in the encoding of arrays - which I think this specification should otherwise address. A verifier needs to have the type information to verify the signature; this suggests putting it in the proof. This specification currently does this, using themessageSchema
property of theeip712Domain
property of the proof. With the EIP-712 type information provided, I don't think there is need for canonicalization of the message being signed, since the EIP-712 type information defines the order of object properties, except for representing floating-point numbers for which some representation must be specified as in (2); I don't think the use of JCS in the current specification has an effect on the signing input.Of the above five approaches, only 1, 2 and 5 can fully represent the VC Data Model. 2 cannot avoid using TypedData arrays which might be problematic. 1 is the only one that is based on linked data and uses information from JSON-LD contexts in the signing input.
I think if linked data is important, we should change this specification to use 1; otherwise I would suggest moving towards 5. Does this make sense?
The text was updated successfully, but these errors were encountered: