-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdelanocreds.wit
159 lines (128 loc) · 5 KB
/
delanocreds.wit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
package delano:[email protected];
interface types {
// An attribute is a 32 bytes hash value
type attribute = list<u8>;
type entry = list<attribute>;
type nonce = list<u8>;
type proof = list<u8>;
type selected = list<entry>;
record provables {
credential: credential-compressed,
entries: list<entry>,
selected: list<attribute>,
nonce: list<u8>
}
record proven {
proof: cred-proof-compressed,
selected: selected
}
record verifiables {
proof: cred-proof-compressed,
issuer-public: issuer-public-compressed,
nonce: option<list<u8>>,
selected: selected
}
/// Issuer config: Default config creates (issues) a credential to yourself.
/// Provide a config to offer it to someone else's nym, and optionally verify it with a nonce.
record issue-options {
nymproof: nym-proof-compressed,
nonce: option<list<u8>>
}
/// Configuration of an Offer. Can set 3 things:
/// 1) without-attribute: an optional redactable record of attributes to redact,
/// 2) additional-entry: an optional single additional entry,
/// 3) max-entries: the maximum number of entries the delegated party can add to the credential.
record offer-config {
redact: option<redactables>,
additional-entry: option<entry>,
/// Optionally reduces the number of entries that can be added to the credential.
max-entries: option<u8>
}
/// If you want to redact an Entry containing an Attribute,
/// construct a redactable record with all Entries and the list of Attributes to redact.
record redactables {
entries: list<entry>,
remove: list<attribute>
}
/// A compressed version of the Credential
record credential-compressed {
sigma: signature-compressed,
update-key: option<list<list<list<u8>>>>,
commitment-vector: list<list<u8>>,
opening-vector: list<list<u8>>,
issuer-public: issuer-public-compressed,
}
/// A compressed signature
record signature-compressed {
z: list<u8>,
y-g1: list<u8>,
y-hat: list<u8>,
t: list<u8>,
}
/// Issuer public parameters, compressed
record issuer-public-compressed {
parameters: param-set-commitment-compressed,
vk: list<vk-compressed>,
}
record param-set-commitment-compressed {
pp-commit-g1: list<list<u8>>,
pp-commit-g2: list<list<u8>>
}
variant vk-compressed {
g1(list<u8>),
g2(list<u8>)
}
record cred-proof-compressed {
sigma: signature-compressed,
commitment-vector: list<list<u8>>,
witness-pi: list<u8>,
nym-proof: nym-proof-compressed
}
record nym-proof-compressed {
challenge: list<u8>,
pedersen-open: pedersen-open-compressed,
pedersen-commit: list<u8>,
public-key: list<u8>,
response: list<u8>,
damgard: damgard-transform-compressed
}
record damgard-transform-compressed {
pedersen: pedersen-compressed
}
record pedersen-compressed {
h: list<u8>,
}
record pedersen-open-compressed {
open-randomness: list<u8>,
announce-randomness: list<u8>,
announce-element: option<list<u8>>
}
}
interface actions {
use types.{attribute, provables, verifiables, offer-config, issue-options, nonce, entry, proven, credential-compressed, nym-proof-compressed, issuer-public-compressed};
/// Returns the active Nym of the component.
get-nym-proof: func(nonce: list<u8>) -> result<nym-proof-compressed, string>;
/// Issue a credential Entry to a Nym with maximum entries.
/// By default issues a credential to your own Nym. To issue to others, set the options to their nymproof and optionally the nonce you gave them.
issue: func(attributes: list<attribute>, maxentries: u8, options: option<issue-options>) -> result<credential-compressed, string>;
/// Create an offer for a credential with its given entries and a given configuration.
offer: func(cred: credential-compressed, config: offer-config) -> result<credential-compressed, string>;
/// Accept a credential offer and return the accepte Credential bytes
accept: func(offer: credential-compressed) -> result<credential-compressed, string>;
/// Extend a credential with a new entry
extend: func(cred: credential-compressed, entry: entry) -> result<credential-compressed, string>;
/// Export a function that proves selected attributes in a given credential
/// Returns the selected attributes in the proper order in order to verify the proof,
/// as each Attribute needs to be verified from their respective Entry.
prove: func(values: provables) -> result<proven, string>;
/// Export a function that verifies a proof against a public key, nonce and selected attributes
verify: func(values: verifiables) -> result<bool, string>;
/// Returns the Issuer's public key if it exists, otherwise returns an error.
issuer-public: func() -> result<issuer-public-compressed, string>;
}
/// A Delanocreds world for the component to target.
world delanocreds {
/// Import the seed-keeper wallet config, so we can call get-seed()
import seed-keeper:wallet/[email protected];
export actions;
}