Skip to content

CCCEV renderer leaks the outcome of a redacted evaluation as cccev:isConformantTo: false #176

Description

@jeremi

What Happened

For a claim evaluated with redacted disclosure, the standard result body correctly withholds both the value and the satisfaction outcome (satisfied is None). But when the same result is rendered in the CCCEV JSON-LD format, the outcome is serialized as "cccev:isConformantTo": result.satisfied.unwrap_or(false) — so a redacted result surfaces cccev:isConformantTo: false.

In a deployment that allows both redacted disclosure and the CCCEV render format for a claim, a caller therefore receives a yes/no-looking conformance value that redaction is meant to withhold. redacted is documented and specified to reveal neither the value nor the outcome, so this is a redaction leak in the CCCEV render path.

Expected Behavior

A redacted result should withhold the outcome in every render. The CCCEV renderer should omit cccev:isConformantTo (or otherwise represent "no outcome") when satisfied is None, rather than defaulting it to false.

Reproduction

  • Configure a claim that permits redacted disclosure and the CCCEV evidence render format.
  • Evaluate it with redacted disclosure.
  • The CCCEV JSON-LD node carries "cccev:isConformantTo": false, even though the outcome should be withheld.
  • Relevant code: render_cccev_evidence_node (in the notary server runtime) uses result.satisfied.unwrap_or(false), while view_claim sets satisfied = None for the redacted disclosure profile.

Environment

Found by code inspection of the current default branch, during documentation review of #174. Affects the Notary CCCEV render path.

Privacy note: redaction is intended to reveal neither value nor outcome, so maintainers may want to assess severity and whether this belongs on a security-advisory track rather than a public issue.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions