Will using random numbers in Claim's RevNonce cause problems?
Closed this issue · 4 comments
The following code show that, the revocation nonce of the issuer's authClaim and claims/credentials issued to holders uses random numbers.
issuer-node/internal/core/services/identity.go
Line 1127 in 7e0c661
issuer-node/internal/core/services/claims.go
Line 132 in 7e0c661
The random algorithm used by both is the same.
Lines 8 to 14 in 7e0c661
issuer-node/internal/common/util.go
Lines 84 to 91 in 7e0c661
Is it possible that the same revocationNonce may appear between different claims issued by the issuer to holders, as well as between these claims and the issuer's own authClaim?
Will this cause problems with the revocation of these claims?
For example, when revoking one of them, will it mistakenly cause the other claim(with same revNonce) to be considered as revoked?
hi, the random number is assigned if the nonce is not specified when a claim is created. There is a parameter to do it:
link. Same rev nonce could be a problem in some contexts because all the claims with that nonce will be revoked.
regarding your question: "Is it possible that the same revocationNonce may appear between different claims issued by the issuer to holders, as well as between these claims and the issuer's own authClaim?" yes it's possible but unlikely. btw authClaim rev nonce is 0.
Thank you for your response.
btw authClaim rev nonce is 0.
From the code below, it seems that the issuer may create an identity with a random number as revNonce when creating an identity?
issuer-node/internal/core/services/identity.go
Lines 1125 to 1135 in 7e0c661
Hi @yushihang after calling that method rev nonce is set to 0:
.Thanks
A very clear answer, thank you for your patience in answering.