During various VC and VP use scenarios, users need to sign specific data to assert their identity or display their authorization. These scenarios include:

• Attesters sign information, including the user VC's DigestHash, to signify the VC's issuance.
• Claimers sign the Challenge and other messages from the Verifier to pass identity authentication.
• Users implement zkID Login by signing information such as the Challenge provided by the website using their VP or DID.
• ......

Consequently, a reliable, stable, and user-friendly signature system is necessary. In response to this need, we have implemented the EIP-712 Proposal.

Implementation

Our implementation adheres to EIP-712, structuring the data to be encoded and signed as follows:

encode(domainSeparator, message : 𝕊) = "**\\x19\\x01" ‖ domainSeparator** ‖ hashStruct(message)

The 'version specific data' is the 32-byte domain separator domainSeparator

The 'data to sign' is the 32-byte hashStruct(message).

• Beginning with '\x19\x01' -- this indicates that the implementation follows the EIP-712 proposal.
• domainSeparator -- is a fixed structure that can be regarded as a 32-bit fixed string. It is calculated as follows:

domainSeparator = hashStruct(eip712Domain)

eip712Domain can include one or more of the following fields:

• string name

• string version

• uint256 chainId

• address verifyingContract

• bytes32 salt

• hashStruct(s : 𝕊) = keccak256(typeHash ‖ encodeData(s))

  • Here, typeHash = keccak256(encodeType(typeOf(s)))
  • The basic types of 𝕊 can contain: bytes1 to bytes32, uint8 to uint256, int8 to int256, bool and address,bytes and string
  • an example of 𝕊

  struct Credential {
      bytes32 digesthash;
  }