My understanding is that the cryptosuite does not specify or include in its scope what to use as the unsecured document. The “remove the proof property” bit actually comes from VCDI, which is itself an implementation of a VC 2.0 “Securing Mechanism”.
So the issue probably got closed as “nothing to do” in scope of the cryptosuite, and I think a more appropriate resolution from msporny would have been to move it from w3c/vc-di-eddsa to w3c/vc-data-integrity. I filed https://github.com/w3c/vc-data-integrity/issues/350 to see if there’s any upstream guidance that can be included in the VCDI spec about how to get the unsecured document in a consistent way. Essentially, if I’m reading the spec correctly, then the “outer proof” needs to sign the inner object but not the inner proof, and the “inner proof” applying only to the inner object is just a convention that extends VCDI. With compound documents, we’d need to specify how to extract a complete “inner” document from the current (compound) document.
Yeah, I think it’s something like this:
Compound documents
- FEP-8b32
proofMAY be present at any level in an AS2 document. - When FEP-8b32
proofis present on a JSON node/map/object, the sub-document is a JSON document containing only that JSON object at the top level. (This is what isn’t defined in VCDI.)@contextis the total context array active at that part of the document, so in other words, it inherits any@contextdeclarations from higher levels.
- When FEP-8b32
proofis present at the top level, the unsecured document is the same as the AS2 document, but with all instances of theproofkey removed from the entire document.
Example 1: only a top-level proof
The unsecured document is the current document with proof removed, as currently expected.
Example 2: only an inner proof
{
"@context": "https://www.w3.org/ns/activitystreams",
"id": "https://foo.example/",
"type": "Activity",
"object": {
"@context": "https://another-context.example/",
"id": "https://bar.example/",
"type": "Object",
"proof": {"id": "https://inner-proof.example/", "type": "DataIntegrityProof"}
}
}
Expected sub-document:
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://another-context.example/"
],
"id": "https://bar.example/",
"type": "Object",
"proof": {"id": "https://inner-proof.example/", "type": "DataIntegrityProof"}
}
Expected unsecured sub-document:
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://another-context.example/"
],
"id": "https://bar.example/",
"type": "Object"
}
Example 3: outer proof with an inner proof
{
"@context": "https://www.w3.org/ns/activitystreams",
"id": "https://foo.example/",
"type": "Activity",
"object": {
"@context": "https://another-context.example/",
"id": "https://bar.example/",
"type": "Object",
"proof": {"id": "https://inner-proof.example/", "type": "DataIntegrityProof"}
},
"proof": {"id": "https://outer-proof.example/", "type": "DataIntegrityProof"}
}
Expected sub-document:
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://another-context.example/"
],
"id": "https://bar.example/",
"type": "Object",
"proof": {"id": "https://inner-proof.example/", "type": "DataIntegrityProof"}
}
Expected sub-document and unsecured sub-document: same as in Example 2
Expected unsecured document:
{
"@context": "https://www.w3.org/ns/activitystreams",
"id": "https://foo.example/",
"type": "Activity",
"object": {
"@context": "https://another-context.example/",
"id": "https://bar.example/",
"type": "Object"
}
}
Note that inner-proof was removed even though we are verifying outer-proof. Basically we are not expected to sign other people’s signatures.
Additional note: JSON:API included or JSON-LD @included can make extracting sub-documents easier. Consider this example:
{
"@context": [
"https://www.w3.org/ns/activitystreams",
{"included": "@included"}
],
"actor": "https://actor.example",
"type": "Activity",
"object": "https://object.example",
"included": [
{"id": "https://actor.example", "type": "Person", "proof": {...}},
{"id": "https://object.example", "type": "Object", "proof": {...}}
],
"proof": {...}
}
(You’d still need to strip all instances of proof.)