aries-framework-dotnet icon indicating copy to clipboard operation
aries-framework-dotnet copied to clipboard

Published 20 hours ago verified publisher icon hyperledger-archives

A proof request which was presented using a revoked credential passes the validation when call VerifyProofAsync

Open vasile135 opened this issue 4 years ago • 0 comments

The proof request is seen as valid, even if the used credential was revoked and the proof request contains the NonRevoked parameter

To Reproduce Steps to reproduce the behavior:

  1. Issued a document as an issuer agent;
  2. Accepted the credential as holder;
  3. Successfully revoked the credential as issuer;
  4. As holder agent, queried the revocation status of the credential (IsRevokedAsync). The response is "true". The credential status changed to "Revoked";
  5. Sent a proof request as a verifier:
   "name":"Test Verification",
   "version":"1.0",
   "nonce":"483754409945318649274168",
   "requested_attributes":{
      "test-verification":{
         "names":[
            "FirstName"
         ]
      }
   },
   "requested_predicates":{
      
   },
   "non_revoked":{
      "from":0,
      "to":1637675098
   }
}
  1. Used the revoked credential to create a presentation as a holder.
  2. Queried the proof validity as the verifier by calling
await proofService.VerifyProofAsync(context, proofRecord.RequestJson, proofRecord.ProofJson)

The response is "true" which means that the proof is seen as valid.

Expected behavior Expected VerifyProofAsync to return "false".

Desktop (please complete the following information):

  • OS: Windows
  • .NET 5.0

Please help, as I perform the same steps as in Revocation Unit tests, but in my case, the proof still passes the validation. Also, the VerifyProofAsync is also called inside the IsRevoked, but in this case, the response is "false" as expected.

vasile135 avatar Nov 23 '21 16:11 vasile135