Self-Attested Attributes

ACA-Py allows a holder/prover to respond to proof requests with self-attested values for requested attributes. This means the prover can provide values that are not represented by credentials in their wallet.

Responding with self-attested attributes

If a prover receives a proof request they can respond with self-attested values. However if there are restrictions on these attributes and the prover responds with self-attested attributes, then the proof will fail.

Let's take a look at how to respond with self_attested_attributes.

Below a verifier will send a proof request, requesting the prover's name and cell_number.

The verifier sends the proof request:

POST  /v1/verifier/send-request
{
  "comment": "Demo",
  "type": "indy",
  "indy_proof_request": {
    "requested_attributes": {
      "given_name": { "name": "name" },
      "cellphone": { "name": "cell_number" }
    },
    "requested_predicates": {}
  },
  "save_exchange_record": true,
  "connection_id": "38f14bc4-4ec5-42bc-8f69-ffe8f792dfaf"
}

Taking a look at the proof request above, the verifier requested two different attributes with attribute referents given_name and cellphone, each requesting attribute name and cell_number respectively.

Take a look at how the prover responds to the proof below, specifically in regard to the attribute referent cellphone. By doing this, the prover is able to provide a value that they don't have in their credentials.

POST /v1/verifier/accept-request
{
  "proof_id": "v2-d0d0e554-ce14-492e-935e-64a7be72ec5b",
  "type": "indy",
  "indy_presentation_spec": {
    "requested_attributes": {
      "given_name": {
        "cred_id": "cb844509-c687-48aa-bbea-dbaecca28a11",
        "revealed": true
      }
    },
    "requested_predicates": {},
    "self_attested_attributes": {
      "cellphone": "0123456789"
    }
  }
}

In the verifier's proof record below, we can see the values the prover responded with can be found under self_attested_attrs.

Note that some large payloads are obfuscated in the following response for readability.

{
    "connection_id": "38f14bc4-4ec5-42bc-8f69-ffe8f792dfaf",
    "created_at": "2025-01-05T11:09:25.161719Z",
    "error_msg": null,
    "parent_thread_id": "839aae9d-29e7-4e7b-aad5-f157d62fe750",
    "presentation": {
      "identifiers": [
        {
          "cred_def_id": "Ph5VFe1yyiwoPKbJmn33d6:3:CL:16:Demo_cred_def",
          "rev_reg_id": null,
          "schema_id": "4vedijxB6SCddvXVYWaTwP:2:Demo:0.1.0",
          "timestamp": null
        }
      ],
      "proof": {
        "aggregated_proof": {...},
        "proofs": [...]
      },
      "requested_proof": {
        "predicates": {},
        "revealed_attr_groups": null,
        "revealed_attrs": {
          "given_name": {
            "encoded": "...",
            "raw": "Alice",
            "sub_proof_index": 0
          }
        },
        "self_attested_attrs": {
          "cellphone": "0123456789"
        },
        "unrevealed_attrs": {}
      }
    },
    "presentation_request": {
      "name": "Proof",
      "non_revoked": null,
      "nonce": "1177112554048610547997440",
      "requested_attributes": {
        "given_name": {
          "name": "name",
          "names": null,
          "non_revoked": null,
          "restrictions": null
        },
        "self_attested": {
          "name": "cell_number",
          "names": null,
          "non_revoked": null,
          "restrictions": null
        }
      },
      "requested_predicates": {},
      "version": "1.0"
    },
    "proof_id": "v2-9d2d22b0-7381-4070-8929-6578399c9ae9",
    "role": "verifier",
    "state": "done",
    "thread_id": "839aae9d-29e7-4e7b-aad5-f157d62fe750",
    "updated_at": "2025-01-05T11:10:55.867679Z",
    "verified": true
  }

Note that the proof is valid (verified: true), and that the prover's cellphone number is available in the self_attested_attrs section as cell_number, the name of the requested attribute.