Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(bug) Utilize entropy in anoncreds VCX when appropriate #1312

Open
gmulhearn opened this issue Dec 11, 2024 · 0 comments
Open

(bug) Utilize entropy in anoncreds VCX when appropriate #1312

gmulhearn opened this issue Dec 11, 2024 · 0 comments

Comments

@gmulhearn
Copy link
Contributor

Currently our Anoncreds trait and anoncreds-rs implementation is hardcoded to take in prover_did instead of entropy. This is a legacy method - it's used in "indy" anoncreds exchanges, but modern anoncreds exchanges prefer entropy.

This is particularly problematic as anoncreds-rs enforces this a bit with some validation, e.g. "if using modern credential-definition-identifier (qualified), then entropy must be used instead of prover did".

However it may not be as simple as permanently switching to usage of entropy instead of prover_did, as "indy" anoncreds exchanges might be expecting the presence of prover_did...

This should be investigated and determine a suitable approach. Some ideas:

  • choose entropy vs prover_did on behalf of the consumer based on the type of identifier they provide (legacy or not)
  • allow a config/flag to be passed in to choose between entropy or prover_did - this way, protocols utilizing "indy" exchanges can opt-in to using prover_did.

related issue (see thread): openwallet-foundation/acapy#3369
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gmulhearn