vc-data-model icon indicating copy to clipboard operation
vc-data-model copied to clipboard

Published 20 hours ago verified publisher icon w3c

Bug in the credential vocabulary specification

Open iherman opened this issue 4 years ago • 5 comments

The current credential vocabulary says:

cred:verifiableCredential a rdf:Property;
  ...
  rdfs:domain cred:VerifiablePresentation;
  rdfs:range cred:VerifiableCredential;
  ...

However, both the specification and the official context file specifies that the value of cred:verifiableCredential is a graph, more exactly the label of a graph; the graph itself consists of a verifiable credential. This is also clear on the set of quads generated from one of the examples (see the json-ld playground):

...
_:b0 cred:verifiableCredential _:b3 .
...
<http://example.edu/credentials/1872> rdf:type cred:VerifiableCredential _:b3 .

(I modified the quads using CURIE-s to make it more readable)

I.e., the value of cred:verifiableCredential is, in this case, a bNode (_:b3) that serves as a graph identifier (i.e., 4th entry in the quad) for the an object being defined of type VerifiableCredential. This is not what the vocabulary says.

It is of course not obvious to propose a clean solution for that, because the (RDF) semantics of RDF Datasets has not been clearly defined. A, I believe, acceptable solution would be the following:

  • Define a separate class in the cred namespace, say, cred:CredentialGraph. The semantics of this class must be defined in English prose (there is no way to define it properly otherwise). The definition may be something like

    Instances of this class are used as labels for special RDF Graphs that contain a single cred:VerifiableCredential instance with all its related nodes.

    or something like that.

  • The domain of cred:verifiableCredential can then be set to cred:CredentialGraph.

The same problem occurs with the sec:proof property, except that it is a property defined in another namespace (and, afaik, there is no RDFS vocabulary specification for it anywhere…).

Cc: @pchampin

iherman avatar Mar 23 '21 15:03 iherman

My initial gut reaction is that you're correct, @iherman... however, there was a lot of consideration that went into this part of the design that escapes me now. I'll have to go back and remember the thought process that led us there. One of the issues was transitioning from RDF Graphs to RDF Datasets... the early versions of the work predated RDF Datasets and when it came time to support them fully, I can't remember if the decision made had any rough edges. I vaguely remember not being able to do some of the things we wanted to do.

All that to say, it'll take me a few hours to dust off my memory in this long buried issue and try to remember enough to provide some useful input. I expect @dlongley might have a few things to say about this as well.

msporny avatar Mar 27 '21 17:03 msporny

Yes, the value of cred:verifiableCredential should be a graph which contains a VC. This is important for containerizing/isolating statements so one can determine their origin and properly recompute their hashes and verify their proofs and so on. Proofs work in a similar way; each proof in a set of proofs must be isolated from each other and from the document to which they apply so that there is no ambiguous cross talk about the same subjects.

dlongley avatar Mar 27 '21 19:03 dlongley

When going through and triaging this I wasn't able to quite grok the problem/proposed solution yet. I'll have to revisit this so leaving as proposedErratum for now until I can understand it better.

kdenhartog avatar Jul 29 '21 02:07 kdenhartog

The issue was discussed in a meeting on 2021-08-25

  • no resolutions were taken
View the transcript

6.2. Bug in the credential vocabulary specification (issue vc-data-model#770)

See github issue #770.

Brent Zundel: https://github.com/w3c/vc-data-model/issues/770

Manu Sporny: +1 to defer v2

Brent Zundel: label this defer to v2.0

iherman avatar Aug 26 '21 06:08 iherman

The issue was discussed in a meeting on 2022-08-03

  • no resolutions were taken
View the transcript

6.4. Bug in the credential vocabulary specification (issue vc-data-model#770)

See github issue vc-data-model#770.

Manu Sporny: I think this is a core data model question. It's the core context for the data model..

Orie Steele: +1 its a core data model issue..

Manu Sporny: and so should probably stay in the VC Data Model. And it has implications....

Brent Zundel: Anyone feel differently? Otherwise will remove the label..
… Removing label; moving forward..

iherman avatar Aug 04 '22 04:08 iherman