jsonld-vc-bbs-go
is a go module that can be used to implement the issuance, verification and selective disclosure of BbsBlsSignature2020
W3C JSON-LD verifiable credentials.
In the space of Digital Identity, W3C has defined a mature standard for BBS+ signed Verifiable Credentials in the format of JSON-LD (i.e. JSON Linked-Data).
The advantage of BBS+ credentials is mainly on the privacy side:
- they natively support selective disclosure;
- they achieve unlinkability between different presentations.
Therefore, they can be used in contexts where the privacy requirement is very sensitive.
To add this module within your go project, run:
go get github.com/hyperledger-labs/jsonld-vc-bbs-go
A usage example can be found in this main.go. You can execute it by running:
go run example/main.go
The library exposes 2 suites:
SignatureSuite2020
: suite to use to sign and verify a JSON-LD credential with a BBS+ keypair;SignatureProofSuite2020
: suite to use to perform selective disclosure of a BBS+ JSON-LD credential.
The SignatureSuite2020
presents the following interface:
// Sign a JSON-LD credential
func (s *SignatureSuite2020) Sign(credential model.JsonLdCredentialNoProof) (model.JsonLdCredential, string, error)
// Verify a BBS+ JSON-LD credential
func (s *SignatureSuite2020) Verify(credential model.JsonLdCredential) *model.VerificationResult
The SignatureProofSuite2020
presents the following interface:
// Derive a selective disclosure proof from a BBS+ JSON-LD credential
func (s *SignatureProofSuite2020) DeriveProof(signedCredential model.JsonLdCredential, frameDocument model.JsonLdFrame, nonceBytes []byte) (model.JsonLdCredential, error)
// Verify a selective disclosure proof
func (s *SignatureProofSuite2020) VerifyProof(signedCredential model.JsonLdCredential) *model.VerificationResult
The library comes with some preloaded JSON-LD contexts. In case your credential requires additional context to use, you can pass it as follows:
options := &model.SignatureSuiteOptions{
Contexts: map[string]map[string]interface{}{
"https://w3id.org/mycontext/v1": mycontextV1, // additional context
},
}
issuerSuite := jsonldbbs.NewJsonLDBBSSignatureSuite(ipbBytes, iskBytes, options)
Any contribution is welcome. Here a list of the next steps to achieve:
- bbs-2023 suite implementation;
- Blind issuance of the credential;
- Unblinding of blindly issued credential.