-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bound BBS signatures #262
Comments
Can you make the html link show up in the github page fro the repo? |
Discussed on WG call 1st of May, In order to better support this draft we have identified a couple of places that the core draft could be better, @BasileiosKal will raise some issues to capture these concepts. |
Hi Vasilis, I did an initial read. I think the curve BLS12-381 curve library I use has a pretty good BLS signature implementation. Let us know if/when you've got some test vectors and I can try a JavaScript implementation. Cheers Greg |
@Wind4Greg That's awesome!! We have an implementation of the draft so we will be able to post some test vectors soon. Thank you! |
It seems like the verification is missing a way to pass in the BP_1 generator point to BbsVerify. We might need to add a CoreProofVerify operation which is called by ProofVerify and accepts the list of generators as input. I'm a little unsure about just adding For our applications I think I would also prefer a zero-knowledge proof of key possession and blind signing similar to the old implementation, but that would lose the benefit of delegating to the BLS draft. |
Thanks for the feedback @andrewwhitehead 🙏
BbsVerify should be using this
I agree. This was a temporally solution until we define a new ciphersuite. The structure of a bound ciphersuite will depend on the flexibility of the core draft, so waiting for that discussion there to move on a bit first.
As an alternative, we could also make one document that encapsulates both generic Schnorr-like commitments and BLS signatures. The flow is the same, so we could define |
I missed that |
Hi, I'm interested in this, any updates?? |
hey, does there exist a prototype implementation of this? |
@Wind4Greg have you found the time to code up a prototype? |
Hi @matthiasgeihs we are using Blind BBS Signatures to implement a form of holder binding for verifiable credentials VC-DI=BBS: anonymous holder binding. My implementation of Blind BBS can be found at https://github.com/Wind4Greg/grotto-bbs-signatures. Cheers Greg |
Hi @Wind4Greg, thank you for your reply. Can the holder secret be used to create signatures on other documents as well? Use case: A credential holder wants to sign a different document using the holder secret. The holder also wants to prove that the signature was created by someone who fulfills certain properties certified in the holder credential. The holder doesn't want to reveal anything else about its identity (i.e., signature and proofs should be zero-knowledge). |
Hey all!
Posting a first draft of bound BBS signatures, using BLS key pairs: https://basileioskal.github.io/bbs-bound-signatures/draft-bound-bbs-signatures.html
You can find the repo here
(for context see also #28 and #37)
The text was updated successfully, but these errors were encountered: