Implements SD-JWT

[andresuribe87]

Overview

Implements a module that supports SD-JWT according to https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.htm
This PR will be a first step towards fully closing #56

Description

SD-JWT is becoming the de-factor standard. This PR implements the basic functionality in order to support SD-JWT from the perspective of the holder, the issuer, and the verifier. Simple documentation has been added in this iteration. It's published as a separate module, and it's dependencies are kept lean on purpose, since this module is meant to be used independently from DIDs and VCs.

Most of the design takes inspiration from the Nimbus library, where a JWT needs to be created first, and then signed.

Feedback would be much appreciated.

How Has This Been Tested?

Unit tests everywhere.

[codecov]

Codecov Report

Merging #103 (4eb9bcb) into main (a0e4225) will increase coverage by 0.95%.
Report is 7 commits behind head on main.
The diff coverage is 67.36%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #103      +/-   ##
==========================================
+ Coverage   78.96%   79.91%   +0.95%     
==========================================
  Files          33       41       +8     
  Lines        1930     2788     +858     
  Branches      265      477     +212     
==========================================
+ Hits         1524     2228     +704     
- Misses        274      378     +104     
- Partials      132      182      +50     

Components	Coverage Δ
credentials	84.60% <ø> (+3.92%)	⬆️
crypto	38.07% <ø> (ø)
dids	90.98% <ø> (+1.38%)	⬆️
common	80.55% <ø> (+0.10%)	⬆️

[nitro-neal]

Are these nulls in the constructor expected?

[andresuribe87]

Yes. Those provide fields that are required. passing null validated the nbf, iat, and exp claims only when they're present.

[nitro-neal]

did similar supportedAlgorithms above, maybe pull out into a fuction

[andresuribe87]

I didn't quite follow the suggestion, mind elaborating?

[nitro-neal]

Same here

[andresuribe87]

verificationOptions.supportedAlgorithms are meant to be user specified, BUT the spec explicitly says that NONE cannot be part of it. Let me know if that makes sense. If not, mind making a concrete suggestion to improve?

[nitro-neal]

fancy fancy

[nitro-neal]

Is this correct? Seems like there is a case to handle 2 elements

[andresuribe87]

fixed, thx!

[nitro-neal]

We so need external audits on this stuff :hahaha:

[andresuribe87]

Curious what parts were red flags?

[nitro-neal]

Is there not a library for this? Is this a special case sd-jwt salt?

[andresuribe87]

There isn't a library that does exactly what's needed. This module provides an implementation below, which is used by default. It can be overriden, which was super useful for tests.

[nitro-neal]

wow some leetcode stuff

[andresuribe87]

More like CHAD stuff hahaha

[nitro-neal]

Why can't this be dynamic? Is it to give the option to the user?
If they provide null as claimsToBlind can it dynamically do default blinding to all?

[andresuribe87]

The issuer of an SdJwt must, at some point, select which claims they'll allow the holder to selectively disclose. For those, they must also say how they'll be disclosable, since there are various mechanisms.

What do you think should be the way in which they are all blinded by default?

[nitro-neal]

Wow mind blown. Great stuff! I need to reread the sd-jwt spec and look over one more time.

Will this only be used for credentials? Does it make sense to put it in a sub package of credentials or something?

There will be more changes in the credentials package to make it user friendly to get SD JWT creds along with the normal cred they made?

VerifiableCredential.create(sdJwt=ture) // something like this?

[andresuribe87]

Will this only be used for credentials?

No, it can be used for other types credentials, that aren't w3c vcs.

There will be more changes in the credentials package to make it user friendly to get SD JWT creds along with the normal cred they made?

Yes, but that comes later. Once we have support for VC2.0, then we'll need to allow securing it using sd-jwt. That will likely be the piece that does belong inside the credentials module.

VerifiableCredential.create(sdJwt=ture) // something like this?

Something like that sounds reasonable.

[nitro-neal]

Maybe add some more detailed explanations on these comments, similar to our other packages, and add example code if it is short and sweet

[andresuribe87]

Added more documentation, and an example.

[nitro-neal]

Suggested change

	// 2. Separate the Presentation into the SD-JWT, the Disclosures (if any), and the Holder Binding JWT (if provided).
	// Separate the Presentation into the SD-JWT, the Disclosures (if any), and the Holder Binding JWT (if provided).

[andresuribe87]

Done

[nitro-neal]

Suggested change

//

[andresuribe87]

Done

[nitro-neal]

fix the test names in this file

[andresuribe87]

Fixed, and added where they came from

[nitro-neal]

are these lines needed?

[andresuribe87]

They aren't! Removed.

[nitro-neal]

Suggested change

	include("common", "crypto", "dids", "credentials")
	include("common", "crypto", "dids", "credentials", "sdjwt")

[andresuribe87]

Actually, separated everything into single lines and sorted alphabetically.

[nitro-neal]

Why is this another package?

In the future should we abstract like a lot of this away and have something like:

data class StreetCredibility(val localRespect: String, val legit: Boolean)

val vc = VerifiableCredential.create(
  type = "StreetCred",
  issuer = "did:example:issuer",
  subject = "did:example:subject",
  data = StreetCredibility(localRespect = "high", legit = true)
)

val sdVcs = vc.toSdVcs()

Am I thinking about this the wrong way?

[nitro-neal]

Happy to get this in since it is isolated in another package, but I want to see how we fit this into the bigger picture of our VerifiableCredential packages.

Would love to the see the api interface easier to understand and/or integrated in our existing VC package if possible

[decentralgabe]

why is this secret but the others are public?

[andresuribe87]

Ooof, good catch. Removed this line. Should only be using asymmetric keys.

[decentralgabe]

nit: put 2 before 3

[andresuribe87]

Done

[decentralgabe]

lgtm - would appreciate a review from @mistermoe or @phoebe-lew before merging

[phoebe-lew]

So in order to use SD-JWT, if for example if I have VC in JWT format created by the web5/credentials package, do I first need to convert it into the nimbusds SignedJWT object?

[andresuribe87]

Yes you do.

Assuming you have an object of type String that was returned from the VerifiableCredential.sign function, you can do something like this:

val vcJwtString = ""
val issuerJwt = SignedJWT.parse(vcJwtString)

The motivation behind this design for a the SdJwt object was to:

• Reduce cognitive overhead by only allowing specific types instead of generic primitives (i.e. SignedJWT vs String).
• Allow for others to use the sd-jwt library by itself by decoupling it from other existing packages in web5. Later on, changes can be made to web5/credentials and web5/dids to make it easy to create an sd-jwt that contains a VC.

[phoebe-lew]

Maybe move out disclosure classes into separate file?

[andresuribe87]

Done.

[phoebe-lew]

@andresuribe87 can you add comments or doc for this function? For code readability rather than external documentation

[phoebe-lew]

super helpful to understand how the whole thing works!

[phoebe-lew]

Can I not sign this with my did?

[andresuribe87]

No. As mentioned in #103 (comment), the motivation was to make this a lower level lib. What you're suggesting is an excellent idea, and I would encourage that to be done in a separate PR that changes the public APIs that exist in the web5/credentials module.