Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Multi-Stage Applications #133

Open
decentralgabe opened this issue Nov 4, 2022 · 9 comments
Open

Support Multi-Stage Applications #133

decentralgabe opened this issue Nov 4, 2022 · 9 comments
Labels
editorial Editorial, examples, or implementation notes; not substantive change to the spec
Milestone

Comments

@decentralgabe
Copy link
Member

decentralgabe commented Nov 4, 2022

A common KYC process:

  1. Submit your drivers license
  2. OK, validated, now submit a selfie
  3. OK, validate, here's your credential

With CM today we cannot represent this type of interaction. Notably (2) is depending on the processing and validation of (1). More specifically the issuer needs proof of completion of one step to proceed with a second.

One way to solve for this would be to have a concept of "multi-part manifest" which allows you to chain together sub-manifests and accept sub-applications based on the original manifest and its submission. Another way to address this is potentially more simple: alter the "CredentialResponse" to return either fulfillment, denial, another manifest. It's also possible that we alter "Fulfillment" to include a credential AND another manifest.

cc: @csuwildcat

@andorsk
Copy link
Contributor

andorsk commented Nov 7, 2022

This seems like there's some correlation with this issue and decentralized-identity/presentation-exchange#364. Mitch from Flindev figured out the relationship @scrummitch

@andorsk
Copy link
Contributor

andorsk commented Nov 7, 2022

It was suggested from @nklomp that Present Proof v2 from Aries might be the answer to this, but I'm not sure this is the optimal solution ( though I admit I'm still working on a better way to do it ) and what he's proposed is so far the closest to a solution I've seen.

My gut is that there's an advantage toward baking in some interaction guidance into the presentation/CM specifications themselves as I think @decentralgabe is suggesting.

@decentralgabe
Copy link
Member Author

Yeah I mainly want to have a discussion on whether we have PE and CM as protocols or just data models. This suggestion has a risk of making that distinction a bit more gray.

@nklomp
Copy link
Member

nklomp commented Nov 7, 2022

I guess the benefit of current spec is that it can be used in all kinds of transport mechanisms (OID4VP, WACI-DIDComm, VC-API) etc. If we want to retain that the only path forward I see is to have something that can be interpreted on both sides from a single exchange.

So then having a graph like decision structure in PE makes sense.

The other solution I can see is to go down an exchange protocol path, like Aries Present Proof. That then has to be a seperate spec and almost certainly cannot support all other protocols, simply because they typically cannot handle multiple interactions

@djvs
Copy link

djvs commented Nov 7, 2022

Speaking from current implementation needs @ Bloom, we're definitely seeing intermediate out-of-band steps need to take place in between, so any approach should definitely support asynchronicity. That's likely a hint that multiple requests should be handled as entirely separate, or wrapped in a broader concept.

@decentralgabe
Copy link
Member Author

If anything this raises the importance of including an implementers guide or at least more examples that can demonstrate multi-step interactions.

@kimdhamilton
Copy link
Contributor

Per discussion on Nov 10, all agree with consensus of this thread -- focus of CM and PE should on data model (not protocol).

To @decentralgabe's point, we can approach this as add to an implementation guide or examples.

If the need emerges for additional data models resulting in substantive changes to the spec, we can revisit that.

Creating a label "editorial" to classify this as "would be nice", but not blocking to the spec

@kimdhamilton kimdhamilton added the editorial Editorial, examples, or implementation notes; not substantive change to the spec label Nov 10, 2022
@andorsk
Copy link
Contributor

andorsk commented Nov 10, 2022

Tom Jones on the Nov 11 C&C call brought up an excellent point in the chat during the PE call that I wanted to note: that if there was a "continuation" like exchange, where you could lead people down a chain of claims, and that there could be some legal implications to it. I was a really interesting thought so wanted to make sure I had it caught for reference later.

@csuwildcat
Copy link
Member

csuwildcat commented Nov 10, 2022 via email

@brentzundel brentzundel added this to the Future milestone Dec 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
editorial Editorial, examples, or implementation notes; not substantive change to the spec
Projects
None yet
Development

No branches or pull requests

7 participants