I don't want to detract from Orie's explanation of the verified claim set, but one correction below...
On Mon, Dec 29, 2025 at 4:44 PM Watson Ladd <[email protected]> wrote: > On Mon, Dec 29, 2025, 10:04 AM Orie <[email protected]> wrote: > I'm a bit confused. As I understood it, the length of the array and > ordering is always exposed to the verifier in the commitments that > then get hashed together to verify the signature. Small correction: the length of the *presented* array is always exposed. However with decoy digests, that number could be any number ≥ to the actual number of array elements. The verifier won't be sure of the actual length of the array unless it has a disclosure for all the redacted claims in the array. Thanks, -rohan
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
