This document outlines the scope of work undertaken by the AnonCreds Open Specification Working Group.
The objective of this Working Group is to document the existing AnonCreds de facto standard as the initial AnonCreds v1.0 Specification and put the specification on a standards track. Once the work on defining the initial specification is sufficiently far along, the Working Group will develop additional versions of the specification evolving from the initial specification.
The AnonCreds v1.0 Specification should vary only minimally from the existing Hyperledger Indy SDK (“libindy”) and Indy Credential Exchange (“cred-x”) implementations. Specifically, the v1.0 SHOULD remove any requirements related to the storage of the objects used in AnonCreds, whether they be stored remotely on a “verifiable data registry” (including Hyperledger Indy) or in local secure storage.
Since 2017, many organizations across the globe have been implementing verifiable credential-based solutions using the AnonCreds (Anonymous Credentials) implementation that was built into the Hyperledger Indy open source project. AnonCreds provides capabilities that many see as important for digital identity use cases in particular, and verifiable data in general. These features include:
- A full implementation of the Layer 3 verifiable credential “Trust Triangle” of the Trust over IP Model.
- Complete flows for issuing verifiable credentials (Issuer to Holder), and requesting, generating and verifying presentations of verifiable claims (Holder to Verifier) as well as revocation capabilities.
- Fully defined data models for all of the objects in the flows, including verifiable credentials, presentation requests and presentations sourced from multiple credentials.
- Fully defined applications of cryptographic primitives.
- The use of Zero Knowledge Proofs (ZKPs) in the verifiable presentation process to enhance the privacy protections available to the holder in presenting data to verifiers, including:
- Blinding issuer signatures to prevent correlation based on those signatures.
- The use of unrevealed identifiers for holder binding to prevent correlation based on such identifiers.
- The use of predicate proofs to reduce the sharing of PII and potentially correlating data, especially dates (birth, credential issuance/expiry, etc.).
- A revocation scheme that proves a presentation is based on credentials that have not been revoked by the issuers without revealing correlatable revocation identifiers.
While AnonCreds is open source and has become a de facto standard, it is not an open specification. Some in the larger self-sovereign identity community view AnonCreds as proprietary. Others are concerned that it is only open source, and subject to change by any code maintainer. The focus of this Working Group is to make AnonCreds an open specification and remove those barriers to broader adoption. As well, unsuccessful attempts have been made to align AnonCreds with the W3C Verifiable Credential Data Model v1.x, larger because of some core differences in the two approaches to verifiable credentials.
Initial work of the group will focus on putting into specification form the existing implementation of AnonCreds as found in the two existing Indy implementations. Part of that work will be the removal of all dependencies in the specification on the remote storage of objects, including Hyperledger Indy ledger. There is no technical requirement to require Indy in implementing AnonCreds, although there may be some identifiers that may have to be renamed because of Indy-isms in the identifiers.
Subsequent work will be on a new AnonCreds specification that has the goal of keeping the capabilities of the current AnonCreds, while updating the underlying primitives, such as replacing CL-Signatures with BBS+ Signatures and defining a more scalable revocation scheme. To be determined by the working group is whether and how the standard might produce artifacts that align with the in-process W3C VC v2.0 data model standard.
This specification is being developed under the Community Specification 1.0 License. Contributors to this specification must adhere to the license, as outlined in the repository’s license file file.
- AnonCreds Specification v0.1 — matching the existing AnonCreds implementations exactly.
- AnonCreds Specification v1.0 — matching the existing AnonCreds implementations, minus the requirement to use Indy, and in a format suitable for the selected Standards Developing Organization.
- Future AnonCreds Specification versions — evolutions from the AnonCreds Specification v1.0.
- Link to GitHub repository: https://github.com/AnonCreds-WG/anoncreds-spec
- Link to Draft specification: https://anoncreds-wg.github.io/anoncreds-spec
Key milestones will include, but are not limited to:
- Publication of the first Draft AnonCreds v0.1 Deliverable from a generated GitHub repository.
- Publication of the first Draft AnonCreds v1.0 Deliverable from a generated GitHub repository.
- Publication of the final Draft AnonCreds v1.0 Deliverable.
- Approval of the Draft AnonCreds v1.0 Deliverable as a Working Group Approved Deliverable.
- The placement of the AnonCreds v1.0 Specification on the standards track of an SDO.
- Repeat steps 2-5 for AnonCreds v2.0 Specification.
- The AnonCreds v0.1 specification MUST align with AnonCreds open source implementations in Hyperledger Indy (indy-sdk, indy-shared-rs repos).
- The AnonCreds v1.0 MUST align with the existing AnonCreds open source implementations in Hyperledger Indy (indy-sdk, indy-shared-rs repos) minus any specific dependency on the Hyperledger Indy ledger.
- The Hyperledger Aries Issue Credential (v1, v2) and Present Proof (v1, v2) protocols defined in the Aries RFC repository of standards and protocols.
Meetings of the Working Group are held weekly on Mondays at 7AM Pacific/Vancouver time. That is 16:00 CET for most of the year, except for the periods around the daylight savings time changes. Meeting details, agendas, notes and links to the recordings are posted on the repository Wiki.
This task force uses the following for communications
- Mailing List: There is no mailing list; TBD if we will need one.
- Messaging: Discord invitation: https://discord.gg/hYmBNhTFY9
- Wiki: The Working group uses the wiki at: https://github.com/AnonCreds-WG/anoncreds-spec/wiki
Include in this document a detailed description of this Working Group’s Scope. This Scope is important is it establishes the bounds of each contributor's and licensee's patent commitment. For guidance on drafting an appropriate Scope, you may find ISO's guidance (see page 5) helpful.
Any changes of Scope are not retroactive.