Proposal: DIF PE v2.0 support in ACA-Py

[shaangill025]

trafficstars

DIF PE v2.0 Implementation in ACA-Py

• Links to specification
  • v2.0, current status is working group draft
  • v1.0, currently supported in ACA-Py

Major differences from v1.0

• schema has been removed from input_descriptors
  This has been replaced with an optional ..input_descriptors.constraints.types property.
  types JSON Schema

"types": {
    "type": "array",
    "items": {
      "type": "object",
      "properties": {
        "path": {
          "type": "array",
          "items": { "type": "string" }
        },
        "purpose": { "type": "string" },
        "filter": { "$ref": "http://json-schema.org/schema#" }
      },
      "required": ["path", "filter"],
      "additionalProperties": false
    }
}

Functions the same way as fields but it is semantically different and used to validate against JSON schemas such as context, type and credentialSchema. More details Examples

"constraints": {
    "types": [
        {
            "path": ["$.credentialSchema.id", "$.vc.credentialSchema.id"],
            "filter": {
                "type": "string",
                "pattern": "https://bank-schemas.org/1.0.0/accounts.json|https://bank-schemas.org/2.0.0/accounts.json"
            }
        }
    ],
    ...

"constraints": {
    "types": [
      {
        "path": ["$.credentialSchema.id", "$.vc.credentialSchema.id"],
        "filter": {
          "type": "string",
          "const": "https://yourwatchful.gov/drivers-license-schema.json"
        }
      }
    ],
    ...

• New frame optional property inside presentation_definitions
  It accepts a JSON LD Framing Document object
frame JSON Schema
  

"frame": {
    "type": "object",
    "additionalProperties": true
}

Expected changes to support v2.0

• ACA-Py already provides holders the ability to accept a JSON-LD frame using reveal_doc parameter (/present-proof-2.0/records/{pres_ex_id}/send-presentation). The frame property implementation can be easily accommodated leveraging upon existing work.

• Currently, ACA-Py schema filtering of W3C credentials is done by starting a VCRecordSearch on the expanded type (credentialSchema is not supported). Then the subsequent application of constraints is done on these filtered credentials. There are huge performance/scale benefits with this approach when dealing with a large number of stored W3C credentials.
  With types property in DIF v2.0, this will become complicated. One approach can be to pass all stored credentials (VCRecords) to the handler and apply the constraints leveraging filters already implemented but with performance downsides. Another approach is to translate the types constraint into a WQL and then execute a VCRecordSearch. Certain assumptions and limits will have to be defined (around WQL capabilities) to manage it. Following updates (WIP) will be needed:

  • schema_ids will have to be supported in VCRecord (issue-credential v2.0).

• Refactoring existing code by separating ./present_proof/dif into v1_0 and v2_0 and refactoring current code by extracting common functions into an utility.

[TimoGlastra]

Is the idea to support both v1 and v2 concurrently?

[swcurran]

Right now, the idea is just document what the differences are and the changes that will be required when a move to v2 is made. As a team, we're mostly focusing on AnonCreds right now, so this is a placeholder for others that might want to implement this, or for us when there is more of a need for supporting DIF PE and W3C VCs in general.

Whether to support just V2 or both concurrently will depend on the state of PE usage at the time of implementation.