Skip to content

docs(credential-zk): add README and KNOWN_LIMITATIONS (docs parity with nft-zk)#3

Open
CjDabrow wants to merge 2 commits into
DpacJones:mainfrom
CjDabrow:docs/credential-zk-readme-and-limitations
Open

docs(credential-zk): add README and KNOWN_LIMITATIONS (docs parity with nft-zk)#3
CjDabrow wants to merge 2 commits into
DpacJones:mainfrom
CjDabrow:docs/credential-zk-readme-and-limitations

Conversation

@CjDabrow

Copy link
Copy Markdown

Adds the two contributor-facing docs for credential-zk that the MIP calls for, bringing it to docs parity with nft-zk (which already ships a README + KNOWN_LIMITATIONS).

What's in here

  • README.md — what the soulbound credential primitive is, the design model (secret-derived issuer auth, hiding commitments, IMT private non-revocation, soulbound-by-construction), the wallet/bearer profiles, a circuit table, the one-instance-per-class normative note, the single-file design rationale, and build/test steps (incl. the Windows compact.exe gotcha).
  • KNOWN_LIMITATIONS.md — an honest caveat list synced to the MIP's Security Considerations and review Review: credential-zk (MIP-A) — suggestions + one design question (branch mip-a-credential-primitive) #2: single-secret issuer authority, the load-bearing deploymentSalt, opaque issuance + the issuer-knowledge open design point, holder delegation, verifier-side replay/nullifier, presentation liveness under revocation churn, correlation/metadata, handle generation, off-chain index bookkeeping, and the pending "Path to Active" items (testnet harness, conformance vectors).

Notes

  • Docs only — no contract or behavior change.
  • Content is drawn from the contract source + the MIP; not yet build-verified locally (toolchain/node env still being set up), so please sanity-check any claim against the code before relying on it.
  • Companion to review Review: credential-zk (MIP-A) — suggestions + one design question (branch mip-a-credential-primitive) #2. Happy to adjust wording, scope, or framing — especially the issuer-knowledge limitation, which is phrased as an open design point rather than a settled conclusion.

Adds the two contributor-facing docs the MIP calls for (docs parity with nft-zk):
- README.md: what the primitive is, the design model (secret-derived issuer
  auth, hiding commitments, IMT non-revocation, soulbound), wallet/bearer
  profiles, circuit table, one-instance-per-class note, build/test steps.
- KNOWN_LIMITATIONS.md: honest caveat list synced to the MIP Security
  Considerations + review issue DpacJones#2 (single-secret issuer, deploymentSalt,
  opaque issuance + the issuer-knowledge open point, delegation, verifier-side
  replay, presentation liveness under revocation churn, correlation, pending
  testnet + conformance vectors).

Docs only; no contract or behavior change.
Copilot AI review requested due to automatic review settings June 30, 2026 03:36

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds contributor-facing documentation for the contracts/credential-zk reference implementation to bring it to docs parity with nft-zk.

Changes:

  • Add contracts/credential-zk/README.md describing the credential primitive, design model, circuits, and how to run tests.
  • Add contracts/credential-zk/KNOWN_LIMITATIONS.md enumerating known limitations and “Path to Active” TODOs for the MIP-A implementation.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
contracts/credential-zk/README.md Adds an overview + circuit inventory + test/toolchain notes for credential-zk.
contracts/credential-zk/KNOWN_LIMITATIONS.md Documents security/operational limitations and pending deliverables for MIP-A.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +9 to +12
Status: **v3 reference implementation. Compile-verified (compactc 0.31.0 / language 0.23.0) with 28
in-process tests including adversarial cases.** The core state machine is sound: secret-derived issuer
authority, holder-built hiding commitments, a single bound presentation (issued ∧ not-revoked over one
opening), a path-derived revoke index, and a two-step rotation that cannot brick authority. The items
Comment thread contracts/credential-zk/README.md Outdated
Comment on lines +101 to +103
Compiled with `compactc 0.31.0` / language `0.23.0` (`pragma language_version >= 0.23`). On Windows note
that `compact` may collide with the built-in `C:\Windows\System32\compact.exe`; ensure the Compact
toolchain resolves first.
Addresses the automated review on PR DpacJones#3: the status/toolchain lines read as a
fresh verification signal, but this is a docs-only change. Reword to attribute
the 'compiles on 0.31.0, 28 tests pass' result to the MIP + commit history and
note it was not re-verified here; frame the README toolchain line as the target
/ pinned version.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants