The purpose of this test suite is to demonstrate a path to interoperability for the eddsa-rdfc-2022 and eddsa-jcs-2022 cryptosuites. The technologies explored in this test suite are experimental. This document contains the most recent interoperability report for a [DataIntegrityProof](https://www.w3.org/TR/vc-data-integrity/#dataintegrityproof) using the eddsa-rdfc-2022 and eddsa-jcs-2022 cryptosuites. This report is auto-generated.
Tests passed 335/374 89%
Tests failed 39/374 11%
Failures 39
Tests skipped 0
Total tests 374
These tests were run on
The results of the tests are shown below:
Issuer ⇒
⇓Test Name
|
apicatalog.com | Digital Bazaar | Open Security and Identity | SpruceID | Trinsic | bovine |
---|---|---|---|---|---|---|
When expressing a data integrity proof on an object, a proof property MUST be used. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If present (proof), its value MUST be either a single object, or an unordered set of objects |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
("proof.id") An optional identifier for the proof, which MUST be a URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The specific proof type used for the cryptographic proof MUST be specified as a string that maps to a URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The type property MUST contain the string DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the proof type is DataIntegrityProof, cryptosuite MUST be specified; otherwise, cryptosuite MAY be specified. If specified, its value MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The expires property is OPTIONAL and, if present, specifies when the proof expires. If present, it MUST be an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
A verification method is the means and information needed to verify the proof. If included, the value MUST be a string that maps to a [URL] |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The reason the proof was created ("proof.proofPurpose") MUST be specified as a string that maps to a URL |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The proofValue property MUST be used, as specified in 2.1 Proofs. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
Implementation ⇒
⇓Test Name
|
apicatalog.com | Digital Bazaar | Open Security and Identity | SpruceID | Trinsic | bovine |
---|---|---|---|---|---|---|
The field "cryptosuite" MUST be "eddsa-rdfc-2022". |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
Dereferencing the "verificationMethod" MUST result in an object containing a type property with the value set to "Multikey". |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The "publicKeyMultibase" value of the verification method MUST be 34 bytes in length and start with the base-58-btc prefix (z). |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
["publicKeyMultibase"] MUST consist of a binary value that startswith the two-byte prefix 0xed01 |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proofValue" field when decoded to raw bytes, MUST be 64 bytes in length if the associated public key is 32 bytes or 114 bytes in length if the public key is 57 bytes. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
"proof" MUST verify when using a conformant verifier. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
Verifier ⇒
⇓Test Name
|
apicatalog.com | Digital Bazaar | Open Security and Identity | SpruceID | Trinsic | bovine |
---|---|---|---|---|---|---|
If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
✓
|
❌
|
✓
|
✓
|
✓
|
❌
|
If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
❌
|
✓
|
✓
|
✓
|
✓
|
(created) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
✓
|
❌
|
❌
|
✓
|
✓
|
✓
|
(expires) Time values that are incorrectly serialized without an offset MUST be interpreted as UTC. |
❌
|
❌
|
❌
|
✓
|
✓
|
✓
|
If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The value of the cryptosuite property MUST be a string that identifies the cryptographic suite. If the processing environment supports subtypes of string, the type of the cryptosuite value MUST be the https://w3id.org/security#cryptosuiteString subtype of string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
Verifier ⇒
⇓Test Name
|
apicatalog.com | Digital Bazaar | Open Security and Identity | SpruceID | Trinsic | bovine |
---|---|---|---|---|---|---|
verifies a valid eddsa-rdfc-2022 proof. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
If the "proofValue" field, when decoded to raw bytes, is not 64 bytes in length if the associated public key is 32 bytes in length, or 114 bytes in length if the public key is 57 bytes in length, an error MUST be raised. |
✓
|
✓
|
❌
|
✓
|
✓
|
✓
|
fails verification when credential is not canonicalized correctly. |
✓
|
✓
|
❌
|
✓
|
✓
|
✓
|
If the "cryptosuite" field is not the string "eddsa-rdfc-2022", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
Verifier ⇒
⇓Issuer
|
apicatalog.com | Digital Bazaar | Open Security and Identity | SpruceID | Trinsic | bovine |
---|---|---|---|---|---|---|
apicatalog.com |
✓
|
❌
|
❌
|
✓
|
❌
|
✓
|
Digital Bazaar |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
Open Security and Identity |
✓
|
✓
|
✓
|
❌
|
❌
|
❌
|
SpruceID |
❌
|
✓
|
❌
|
✓
|
❌
|
✓
|
Trinsic |
❌
|
✓
|
❌
|
✓
|
✓
|
❌
|
bovine |
✓
|
❌
|
❌
|
❌
|
❌
|
✓
|
Issuer ⇒
⇓Test Name
|
Open Security and Identity | bovine |
---|---|---|
When expressing a data integrity proof on an object, a proof property MUST be used. |
✓
|
✓
|
If present (proof), its value MUST be either a single object, or an unordered set of objects |
✓
|
✓
|
("proof.id") An optional identifier for the proof, which MUST be a URL. |
✓
|
✓
|
The specific proof type used for the cryptographic proof MUST be specified as a string that maps to a URL. |
✓
|
✓
|
The type property MUST contain the string DataIntegrityProof. |
✓
|
✓
|
If the proof type is DataIntegrityProof, cryptosuite MUST be specified; otherwise, cryptosuite MAY be specified. If specified, its value MUST be a string. |
✓
|
✓
|
The date and time the proof was created is OPTIONAL and, if included, MUST be specified as an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
The expires property is OPTIONAL and, if present, specifies when the proof expires. If present, it MUST be an [XMLSCHEMA11-2] dateTimeStamp string, either in Universal Coordinated Time (UTC), denoted by a Z at the end of the value, or with a time zone offset relative to UTC. |
✓
|
✓
|
A verification method is the means and information needed to verify the proof. If included, the value MUST be a string that maps to a [URL] |
✓
|
✓
|
The reason the proof was created ("proof.proofPurpose") MUST be specified as a string that maps to a URL |
✓
|
✓
|
The proofValue property MUST be used, as specified in 2.1 Proofs. |
✓
|
✓
|
The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
Implementation ⇒
⇓Test Name
|
Open Security and Identity | bovine |
---|---|---|
The field "cryptosuite" MUST be "eddsa-jcs-2022". |
✓
|
✓
|
Dereferencing the "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
The "publicKeyMultibase" value of the verification method MUST be 34 bytes in length and starts with the base-58-btc prefix (z). |
✓
|
✓
|
"proofValue" field when decoded to raw bytes, MUST be 64 bytes in length if the associated public key is 32 bytes or 114 bytes in length if the public key is 57 bytes. |
✓
|
✓
|
"proof" MUST verify when using a conformant verifier. |
✓
|
✓
|
Verifier ⇒
⇓Test Name
|
Open Security and Identity | bovine |
---|---|---|
verifies a valid eddsa-jcs-2022 proof. |
❌
|
✓
|
If the "proofValue" field, when decoded to raw bytes, is not 64 bytes in length if the associated public key is 32 bytes in length, or 114 bytes in length if the public key is 57 bytes in length, an error MUST be raised. |
❌
|
✓
|
fails verification when credential is not canonicalized correctly. |
❌
|
✓
|
If the "cryptosuite" field is not the string "eddsa-jcs-2022", an error MUST be raised. |
✓
|
✓
|
Verifier ⇒
⇓Issuer
|
Open Security and Identity | bovine |
---|---|---|
Open Security and Identity |
✓
|
❌
|
bovine |
❌
|
✓
|