# 5B/ JSON Eb Proofs (JWP’s) What, Why and How

**Session Topic/Title: JSON Web Proofs (JWP)**

**Session Convener:** David Waite (DW), Michael B. Jones

**Notes-taker(s):** Michael B. Jones

**Tags / links to resources / technology discussed, related to this session:**

**Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:**

DW explained the representation format

- Payloads separated by ~ characters
- Claims ordered based on issuer metadata

Two kinds of use cases

- Ongoing relationship with issuer
- No ongoing relationship with issuer

There are two kinds of JWPs

- Single use JWPs, which enable correlation if used multiple times
- Can use standard cryptography, such as ECDSA signatures with P-256

- Multiple use JWPs
- Use pairing-friendly curves to prevent correlation with multipe uses

Question about differences between "proofs" and "signatures"
Brent Zundel said that a signature is a kind of proof but some proofs are not signatures

- You can prove knowledge of the signature itself
- For instance CL proofs

Tobias Looker described receiving something in an issued form and adding a presentation header

- JWPs issued to the holder are augmented with a presentation header for presentation to a verifier

The same issuer and signature algorithm are used for all payloads

- Attendees said that anoncreds can be used to combine multiple tokens from different issuers

Examples in the spec

- Single-use JWT using ECDSA with P-256
- BBS signatures

GitHub Shortcut
https://jwp.tools

Three specifications

- JSON Web Proof: https://json-web-proofs.github.io/json-web-proofs/examples_tooling/draft-jmiller-json-web-proof.html
- JSON Proof Token: https://json-web-proofs.github.io/json-web-proofs/examples_tooling/draft-jmiller-json-proof-token.html
- JSON Proof Algorithms: https://json-web-proofs.github.io/json-web-proofs/draft-jmiller-json-proof-algorithms.html

Tobias discussed link secrets

- He said their usefulness depends upon what you're trying to solve

Standards Status

- Currently in DIF Crypto WG
- Plan to take it to the IETF this year
- Will probably need a new working group

A goal is clear separation of the security and application layers