This document outlines the scope of work undertaken by the AnonCreds Open Specification Working Group.
The objective of this Working Group is to document the existing AnonCreds de facto standard as the initial AnonCreds v1.0 Specification and put the specification on a standards track. Once the work on defining the initial specification is sufficiently far along, the Working Group will develop additional versions of the specification evolving from the initial specification.
The AnonCreds v1.0 Specification provides, as a main difference to v0.1, the decoupling from the Indy ledger. It aims at being entirely ledger-agnostic. Non-goals of this version are changes to the CL signatures signing algorithm in the sense that this will remain the single supported cryptographic signature suite.
Tentatively (this is subject to change in the the future, before an actual release of a v2.x spec), the v2.x will additionally aim at being crypto-agnostic. This entails integrating e.g. BBS+ signatures as an alternative to CL signatures. Eventually, the user should be able to choose which signing algorithms they prefer to use.
Since 2017, many organizations across the globe have been implementing verifiable credential-based solutions using the AnonCreds (Anonymous Credentials) implementation that was built into the Hyperledger Indy open source project. AnonCreds provides capabilities that many see as important for digital identity use cases in particular, and verifiable data in general. These features include:
- A full implementation of the Layer 3 verifiable credential “Trust Triangle” of the Trust over IP Model.
- Complete flows for issuing verifiable credentials (Issuer to Holder), and requesting, generating and verifying presentations of verifiable claims (Holder to Verifier) as well as revocation capabilities.
- Fully defined data models for all of the objects in the flows, including verifiable credentials, presentation requests and presentations sourced from multiple credentials.
- Fully defined applications of cryptographic primitives.
- The use of Zero Knowledge Proofs (ZKPs) in the verifiable presentation process to enhance the privacy protections available to the holder in presenting data to verifiers, including:
- Blinding issuer signatures to prevent correlation based on those signatures.
- The use of unrevealed identifiers for holder binding to prevent correlation based on such identifiers.
- The use of predicate proofs to reduce the sharing of PII and potentially correlating data, especially dates (birth, credential issuance/expiry, etc.).
- A revocation scheme that proves a presentation is based on credentials that have not been revoked by the issuers without revealing correlatable revocation identifiers.
While AnonCreds is open source and has become a de facto standard, it is not an open specification. Some in the larger self-sovereign identity community view AnonCreds as proprietary. Others are concerned that it is only open source, and subject to change by any code maintainer. The focus of this Working Group is to make AnonCreds an open specification and remove those barriers to broader adoption. As well, unsuccessful attempts have been made to align AnonCreds with the W3C Verifiable Credential Data Model v1.x, larger because of some core differences in the two approaches to verifiable credentials.
Initial work of the group will focus on putting into specification form the existing implementation of AnonCreds as found in the two existing Indy implementations. Part of that work will be the removal of all dependencies in the specification on the remote storage of objects, including Hyperledger Indy ledger. There is no technical requirement to require Indy in implementing AnonCreds, although there may be some identifiers that may have to be renamed because of Indy-isms in the identifiers.
Subsequent work will be on a new AnonCreds specification that has the goal of keeping the capabilities of the current AnonCreds, while updating the underlying primitives, such as replacing CL-Signatures with BBS+ Signatures and defining a more scalable revocation scheme. To be determined by the working group is whether and how the standard might produce artifacts that align with the in-process W3C VC v2.0 data model standard.
This specification is being developed under the Community Specification 1.0 License. Contributors to this specification must adhere to the license, as outlined in the repository’s license file file.
- AnonCreds Specification v0.1 — matching the existing Indy-specific AnonCreds implementations exactly.
- The AnonCreds Specification Working Group has de-emphasized this version and is focused on the v1.0 specification. The v0.1 MAY be published after the v1.0 specification is complete, if the Working Group feels there is value in doing that.
- AnonCreds Specification v1.0 — matching the existing AnonCreds implementations, agnostic to the Verifiable Data Registry (VDR) used for the storage of published AnonCreds objects, and in a format suitable for a selected Standards Developing Organization.
- Future AnonCreds Specification versions — evolutions from AnonCreds Specification v1.0.
- Link to GitHub repository: https://github.com/hyperledger/anoncreds-spec
- Link to Draft specification: https://hyperledger.github.io/anoncreds-spec
Key milestones will include, but are not limited to:
- Publication of the first Draft AnonCreds v1.0 Deliverable from a generated GitHub repository.
- Publication of the final Draft AnonCreds v1.0 Deliverable.
- Approval of the Draft AnonCreds v1.0 Deliverable as a Working Group Approved Deliverable.
- Optional: Publication of the AnonCreds v0.1 Deliverable from a generated GitHub repository.
- The placement of the AnonCreds v1.0 Specification on the standards track of an SDO.
- Repeat steps 2-4, 5 for AnonCreds v2.0 Specification.
- The AnonCreds v0.1 specification MUST align with AnonCreds open source implementations in Hyperledger Indy (indy-sdk, indy-shared-rs repos).
- The AnonCreds v1.0 MUST align with the existing AnonCreds open source implementations in Hyperledger AnonCreds (anoncreds-rs repo) and be Verifiable Data Registry-agnostic.
- The Hyperledger Aries Issue Credential (v1, v2) and Present Proof (v1, v2) protocols defined in the Aries RFC repository of standards and protocols.
Meetings of the Working Group are held weekly on Mondays at 7AM Pacific/Vancouver time. That is 16:00 CET for most of the year, except for the periods around the daylight savings time changes. Meeting details, agendas, notes and links to the recordings are posted here.
This task force uses the following for communications
- Mailing List: Information about the mailing list for Hyperledger AnonCreds is available here: https://lists.hyperledger.org/g/anoncreds, including guidance on subscribing to the list and access to the mailing list archives.
- Messaging: Hyperledger Discord invitation: https://discord.gg/hyperledger
- Hyperledger AnonCreds Wiki Home Page: The Working group uses the Hyperledger Wiki at: https://wiki.hyperledger.org/display/anoncreds
Include in this document a detailed description of this Working Group’s Scope. This Scope is important is it establishes the bounds of each contributor's and licensee's patent commitment. For guidance on drafting an appropriate Scope, you may find ISO's guidance (see page 5) helpful.
Any changes of Scope are not retroactive.