Link Secret FUD and other VC Fraud Learnings

From IIW

Link Secret FUD & Other VC Fraud Learnings


Tuesday 1L


Convener(s): Daniel Hardman

Notes-taker(s): Daniel Hardman


Tags for the session - technology discussed/ideas considered:



Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Discussed the need to separate opinion from fact. We're all entitled to opinions, but not to our own facts.


Discussed 2 misconceptions about link secrets:


1. link secrets are not rotatable (false)


2. link secrets are transferrable (false)


Explained why neither of these perceptions is true. Linked to j.mp/zkp-vc-safety (a paper from recent RWOT), and also to "Alice Abuses Her Verifiable Credential" (another RWOT paper)


Then spent time exploring a general threat model for VCs, based on this doc: j.mp/vc-threat-model.