Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/basileioskal/canonizevulnerability

URDNA2015 Algorithm Vulnerability Examples
https://github.com/basileioskal/canonizevulnerability

Last synced: about 1 year ago
JSON representation

URDNA2015 Algorithm Vulnerability Examples

Awesome Lists containing this project

README 

          
# **Canonicalization Vulnerability**



Three examples of using the canonical blank node labels, produced by the URDNA2015 algorithm,

to get information regarding the non-disclosed messages in a Verifiable Credential.  



The examples use a slightly reformed version of the [URDNA2015 algorithm](https://github.com/digitalbazaar/rdf-canonize), that also returns the

reference sets of each blank node along with the final canonicalization result.



To sign, validate and derive a proof of knowledge for each credential, the 

[jsonld-signatures-bbs](https://github.com/mattrglobal/jsonld-signatures-bbs)

library is used implemented by [Mattr](https://github.com/mattrglobal).



## Usage

You can run each example by either using the docker image, or by installing the 

dependencies locally with yarn.



### **1. With Docker**



From inside each example folder, first, build the docker image by running,



`> docker build --tag example . `



To run the example use,



`> docker run example`



or



`> docker run --rm example`



to automatically remove the created container afterwards.



### **2. With Yarn**

Again from inside each example folder, install all dependencies with,



`> yarn install --frozen-lockfile`



(Note: during the installation, node-pre-gyp package may throw an error. It is optional

dependency, the code should run regardless)



To generate the derived credential (the one the Verifier will receive) 

using selective disclosure, use,



`> yarn generate`



Then, to read that credential and search the hidden values, run,



`> yarn search`