Difficult/impossible to match matches against the input_descriptors that satisfied them

[TimoGlastra]

• I'm submitting a ...
  [x] bug report
  [x] feature request

• Summary

The pex library filters credentials based on the submission requirements and input descriptors, and will return a set of matches based on that that satisfy the definition.

However, I'm having a hard time to to find the input_descriptors that satisfy a match, so we can correctly render this in the wallet.

If the input descriptor doesn't contain a name, the name of the match will be the id of the input descriptor that satisfied it (in case there was a single input descriptor that satisfied the match). However when name is present this isn't the case.

We want the user to be able to select which credentials to share, and the general process I'm following is:

• loop through the submission requirements
• for each submission requirement, find the input_descriptors that are related to that submission requirement
• for each of the input descriptors, find the (potentional) matches for that input descriptors.

Currently the matches group the credentials, which make it hard to figure out which credentials satisfy which input_descriptor.

Maybe there could be a matches for input_descriptors where each input descriptor gets a list of verifiable credentials that match:

{
  "inputDescriptorId": "id-of-input-descriptor"
  // or verifiableCredential
  "vc_path": ["$.verififiableCredential[0]", "$.verififiableCredential[1]"],
},
{
  "inputDescriptorId": "id-of-input-descriptor2"
  "vc_path": ["$.verififiableCredential[2]"],
}

Then separate for that there could be a matches list that takes into account the submission requirements. Where each match points to several input descriptor ids that can satisfy them. E.g.:

This means we have to pick one credential from all of the input descriptors. The library provides you with matches for each of the input descriptors.

{
  "rule": "all",
  "from": "A",
  "inputDescriptorIds": ["id-of-input-descriptor", "id-of-input-descriptor2"],
}

Here is an example with pick. you need to pick one credentials from one of the input descriptors. You can choose if you choose the first or last one. If an inputDescriptor doesn't have any credentials that satisfy it, it won't be included here, as you can't use to to select a credential from.

{
  "rule": "pick",
  "from": "A",
  "count": 1,
  "inputDescriptorIds": ["id-of-input-descriptor", "id-of-input-descriptor2"],
}

I think especially the second example with pick is related to #115, where I don't think the library is currently following the spec, and following it would I think require a change to the structure to be able to determine which credentials to pick.

• Other information (e.g. detailed explanation, stack traces, related issues, suggestions how to fix, links for us to have context, eg. StackOverflow, personal fork, etc.)

[nklomp]

Yeah, agreed. This is on our list of things to change for the refactor we will start soon. It is nice to create a large lib like this but only as soon as you really start to use it you run into things like this.