Release v0.2.0: Selective Disclosure holder/verifier lifecycle & security hardening#7
Merged
brody-0125 merged 1 commit intomainfrom Apr 16, 2026
Merged
Conversation
Bump the Gradle install snippets to 0.2.0 and extend the Supported Proof Mechanisms table so the full ecdsa-sd-2023 holder/verifier lifecycle (createBaseProof / deriveProof / verifyDerivedProof) is visible. Move the 0.2.0 release notes out of the README into a dedicated CHANGELOG.md following Keep-a-Changelog conventions. The README now links to CHANGELOG.md from a short Changelog section. 0.2.0 covers the five April 16, 2026 commits: the sd-2023 derivation/verification path (including the CBOR header and multibase-prefix spec fix), the ECDSA low-S malleability fix, key material zeroization, JSON-LD NFC ingress + W3C rdf-canon conformance tests, and the new GitHub Actions CI workflow.
brody-0125
force-pushed
the
claude/update-readme-apr-16-5ljhq
branch
from
da9ee31 to
d359c0b
Compare
brody-0125
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This release completes the Selective Disclosure (
ecdsa-sd-2023) implementation with holder and verifier workflows, adds critical security hardening for ECDSA signatures and key material, and improves JSON-LD canonicalization robustness.Key Changes
Selective Disclosure — Full Lifecycle
SelectiveDisclosure.deriveProof()for holder-side proof derivation that strips the issuer HMAC key and emits a derived proof (CBOR tag0xd9 0x5d 0x01) with per-quad signatures and label mappingSelectiveDisclosure.verifyDerivedProof()for verifier-side reconstruction and validation without requiring the HMAC key0xd9 0x5d 0x00andproofValuemultibase prefix tou(base64url-no-pad) per W3C VC-DI-ECDSA specificationSecurity Hardening
(r, s)and(r, n − s)both verifyecdsa-sd-2023HMAC-SHA256 keys to reduce exposure in heap/core dumps and swapJSON-LD Canonicalization
Short,Byte,Float,BigDecimal,BigIntegerrdf-canonconformance tests covering blank-node relabeling, graph isomorphism, RDF collections, and language-tagged literalsDocumentation & CI
Version
Updated dependency version from
0.1.0to1.2.0https://claude.ai/code/session_01JCxZUynYHgu4mYqREkBVWy