Vasilis Kalos
Vasilis Kalos
As members of the WG have noted (thanks @christianpaquin, @tmarkovski!!), the current [EncodeForHash](https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html#name-encodeforhash) section is confusing and prone to error. Especially the part about encoding octet strings. A possible solution...
This is a tracking issue to address [comments](https://github.com/decentralized-identity/bbs-signature/pull/221#issuecomment-1283168657) made by @tmarkovski around test vectors and the spec in general!
As noted by @mikelodder7, in the document we don't yet discuss the integers (i.e., scalars mod r) serialization. More specifically, since we have a description for the byte length of...
When using the public key as input to Sign, Verify etc., we can define it either as a point of G2 or as an octet string. Rn we do the...
Currently we allow seeds with different scopes but it is not clear how a signature specific seed is going to be used since it is passed as a parameter to...
Through the use of `expand_message` we put an upper limit to the number of signed messages. `expand_message` aborts if `len_in_bytes` is larger than `2^16 - 1 = 65535`. In our...
Although deterministic proof generation should not be used in practice it may be useful to support it, so we can more easily create and update test vectors. This MUST NEVER...
Currently the spec is missing a way to bind a signature to a user. The proposal from [here](https://github.com/w3c-ccg/ldp-bbs2020/issues/37) is to use BLS keys. Essentially the process will be the following,...
New (updated) draft on blind signatures: https://basileioskal.github.io/blind-bbs-signatures/draft-bbs-blind-signatures.html Couple notes: - It seems that the commitment value added in `CoreSign` in the main draft is not useful after all. Will probably...
2 sugestions for the Ciphersuite format: ### A. Points serialization: The point serialization we use is curve agnostic. No reason to be defined in the Ciphersuite. We could simplify things...