openid
Managing Verifiable Presentations with Mixed W3C Verifiable Credentials Data Models (1.1 and 2.0)
Hello,
We need assistance understanding how to manage Verifiable Presentations (credential format - ldp_vp) that include VCs with both W3C Verifiable Credentials Data Model 1.1 and W3C Verifiable Credentials Data Model 2.0.
Usecase
- A wallet holder can download W3C Verifiable Credentials Data Model 1.1 and 2.0 credentials.
- They are required to present both sets of credentials to the Verifier.
- Given this use case, how should the Wallet construct the Verifiable Presentation’s “
@context” property?
Issue
- We are currently creating a Verifiable Presentation with its “
@context” property value set only to the W3C Verifiable Credentials Data Model 1.1 context, and we are encountering canonicalization issues.
More details are attached below:
'Canonization failed:', { [jsonld.SyntaxError: Invalid JSON-LD syntax; tried to redefine "VerifiableCredential" which is a protected term.]
name: 'jsonld.SyntaxError',
details:
{ code: 'protected term redefinition'
Note that there's an issue open to add a format identifier for w3c vcdm 2.0: https://github.com/openid/OpenID4VP/issues/5
I'm not sure I fully understand the question you're asking - I'm not a w3c expert, but I would expect that if the wallet is returning both a VCDM 1.1 and a VCDM 2.0 credential in a single response then each would be encoded into separate entries in vp_token and hence the presentation of the VCDM 1.1 credential should have a 1.1 @context, and the presentation of the VCDM 2.0 credential should have a 2.0 @context. If that is what is being done I'm not sure how the canonization problem arises?
@jogu As per the spec, vp_token will have only one entry for multiple ldp_vc.
structure will be like
{ "@context": [ "https://www.w3.org/2018/credentials/v1" ], "type": [ "VerifiablePresentation" ], "verifiableCredential": [ {VCDM 1.1 credential }, {VCDM 2.0 credential} ] "id": "ebc6f1c2", "holder": "did:example:holder", "proof": { "type": "Ed25519Signature2018", "created": "2021-03-19T15:30:15Z", "challenge": "n-0S6_WzA2Mj", "domain": "https://client.example.org/cb", "jws": "eyJhbG...IAoDA", "proofPurpose": "authentication", "verificationMethod": "did:example:holder#key-1" } }
Now issue is how should we construct the @context which is at root level.
Currently spec doesn't refer to have 1 entry for one VCDM. It only talks about vp_token with different credential formats.
As you said If we have 1 entry per VCDM 1.1/2.0 then there won't be any issue. But it's not very clear through spec.
We seek some insights on it so that we are compliant with spec.
I'm not sure I fully understand. Can you share the DCQL query being sent please so I'm clear what the verifier requested?
Note that the spec you linked to is an older draft - we would strongly recommend only implementing using the final published version of the spec, https://openid.net/specs/openid-4-verifiable-presentations-1_0.html
Hi @jogu
Yes, I gave reference to older spec and still on draft 23 and using presentation exchange not DCQL.
Our request is simple VP request which satisfies the ldp_vc verifiable credentials which are combination of data model 1.1 and data model 2.0
So our vp token will be an object which contains two LDP VCs
VP token will look like this
So how should we define @context array for VP so that we can verify both the VCs available in this VP token
I don't think I have sufficient w3c vc expertise to answer any further unfortunately (I'm not even sure if what you're trying to do is legal or not) - I'd probably suggest you ask someone in the w3c group.
I don't think I have sufficient w3c vc expertise to answer any further unfortunately (I'm not even sure if what you're trying to do is legal or not) - I'd probably suggest you ask someone in the w3c group.
If this is purely an @context related question, I suggest to ask the W3C Credentials Community Group for advice on how to create a W3C VCDM v1 VP encapsulating both W3C VCDM v1 and v2 VCs.
