Master Thesis project proposal 

“Designing and implementing an ECDSA-based Zero-Knowledge Credential Architecture for Yivi as EUDI Wallet” 

Context and motivation 

Background 

Yivi is a privacy-preserving digital identity platform that has successfully launched production deployments using IRMA/Idemix protocols based on zero-knowledge proof (ZKP) schemes. With the introduction of the EU Digital Identity (EUDI) Wallet regulation (eIDAS 2.0), Yivi aims to evolve into a compliant EUDI wallet while maintaining its strong privacy guarantees and crypto-agile architecture. 

The EUDI ecosystem increasingly standardises on: 

• Verifiable Credentials (e.g. W3C VC, SD-JWT-VC, ISO 18013-5 mDL/MDOC) 

• Presentation and issuance protocols such as OpenID4VCI and OpenID4VP 

• Selective disclosure and zero-knowledge techniques, analysed in detail in ETSI TR 119 476, including BBS+, CL signatures and other privacy-enhancing cryptographic mechanisms. 

Yivi wants to leverage these developments while preserving its core privacy values: minimum disclosure, unlinkability, and user-controlled identity. 

Strategic challenge 

Today, many credentials in practice are signed using ECDSA keys (for example JWT-based credentials, SD-JWT-VC, mDL/MDOC. At the same time, privacy-preserving credential systems often rely on different cryptographic primitives (e.g. CL, BBS+ on BLS12-381). 

Yivi faces a strategic challenge: 

• How to evolve towards an EUDI-compliant wallet that: Reuses existing and widely deployed ECDSA key material, 

• Supports zero-knowledge proofs and selective disclosure, 

• Remains interoperable with OpenID4VCI / OpenID4VP and standard verifiers, 

• And preserves Yivi’s strong privacy guarantees and crypto-agility. 

The ECDSA-based ZKP opportunity 

Recent work such as Google’s Longfellow project (“Anonymous credentials from ECDSA”) and new proposals around BBS# indicate that it is possible to: 

• Build anonymous credential schemes on top of existing ECDSA-signed credentials, 

• Provide selective disclosure and unlinkable presentations, 

• Minimise changes to issuer infrastructure, 

• And potentially integrate with standard protocols such as OpenID4VCI and OpenID4VP. 

This opens the possibility for Yivi to design a next-generation ZKP layer that: 

• Uses ECDSA keys as the fundamental trust anchor, 

• Compares and possibly combines Longfellow-style constructions with BBS+/BBS#-based approaches, 

• And is grounded in the requirements and recommendations of ETSI TR 119 476. 

Research objectives 

Primary objective 

Design and prototype an ECDSA-based zero-knowledge credential architecture for Yivi that: 

• Provides selective disclosure and unlinkable presentations based on ECDSA keys, 

• Is aligned with the cryptographic and privacy requirements from ETSI TR 119 476, 

• Supports interoperability with OpenID4VCI and OpenID4VP, 

• And can be integrated into Yivi’s roadmap towards an EUDI-compliant wallet. 

Specific research questions 

RQ1: Requirements analysis based on ETSI TR 119 476 How can the privacy, security and interoperability requirements from ETSI TR 119 476 for selective disclosure and ZKP-based credentials be translated into concrete requirements for a Yivi ECDSA-ZKP architecture, in particular regarding: 

• Unlinkability across presentations 

• Minimal disclosure and predicate proofs 

• Revocation and status verification 

• Crypto-agility and (future) post-quantum considerations 

RQ2: ECDSA-based ZKP design options (Longfellow vs BBS#/BBS+) What are the design trade-offs between: 

• Longfellow / “Anonymous credentials from ECDSA” Using existing ECDSA-signed credentials (JWT / SD-JWT-VC / MDOC) as the base 

• Generating zero-knowledge proofs over attributes derived from these credentials 

• BBS+/BBS#-based credentials anchored in ECDSA trust Mapping Yivi (and EUDI) credential structures to BBS+/BBS# signatures 

• Exploring how ECDSA-based PKI and BBS#/BBS+-based ZKP can be combined or bridged 

RQ3: Yivi architecture integration 

How can an ECDSA-based ZKP scheme (Longfellow, BBS#, or a hybrid) be integrated into Yivi’s architecture while: 

• Maintaining backward compatibility with existing IRMA/Idemix credentials where needed 

• Supporting multiple credential formats (e.g. SD-JWT-VC, MDOC, IRMA) within Yivi 

• Preserving Yivi’s privacy-first design, including unlinkability and minimal disclosure 

• Allowing for crypto-agile evolution as standards mature 

RQ4: Interoperability with OpenID4VCI and OpenID4VP 

How can the proposed ECDSA-ZKP architecture: 

• Represent credentials and proofs in W3C VC formats (e.g. JWT/SD-JWT-VC or Data Integrity profiles) 

• Be transported using OpenID4VCI for issuance and OpenID4VP for presentations 

• Interoperate with verifiers that: Support advanced ZKP-proof types, and 

• Only support “classic” JWT/SD-JWT verification (graceful degradation / dual-path designs) 

RQ5: Evaluation and recommendations 

To what extent does the proposed architecture: 

• Meet the ETSI TR 119 476 criteria for privacy-preserving credentials, 

• Achieve practical performance for mobile wallets and verifiers, 

• Provide a realistic migration path for Yivi towards EUDI-compliant, ECDSA-based ZKP credentials? 

What recommendations can be made to Yivi for: 

• Short-term experimentation (e.g. Longfellow-style wrapping of existing credentials), and 

• Long-term architecture choices (e.g. adoption of BBS# or hybrid designs)? 

Student profile

We are looking for a motivated university-level student in Computer Science, Cyber Security or a closely related discipline. You have a strong affinity with cryptography, digital identity, and privacy-preserving technologies, and you are eager to apply academic knowledge to a real-world, high-impact use case. You work independently, think analytically, and are comfortable exploring complex technical concepts.

Thesis benefits

• Professional supervision from specialists in cryptography, identity management, and EUDI Wallet technologies

• Regular feedback and technical sparring sessions throughout the thesis process

• Access to technical documentation, development environments, and research materials relevant to the assignment

• A monthly thesis compensation of €500 (based on a 40-hour commitment; exceptions possible)

• Flexible working arrangements, including hybrid work options

• Opportunities to publish or present your research within the organization

• Real-world impact: your work may directly contribute to the integration of Yivi as an EUDI Wallet

References 

Academic 

• Anonymous credentials from ECDSA https://eprint.iacr.org/2024/2010 

• Privacy-Preserving Credentials: Camenisch et al https://eprint.iacr.org/2014/468.pdf 

• ETSI TR 119 476 - Electronic Signatures and Trust Infrastructures (ESI); Analysis of selective disclosure and zero-knowledge proofs applied to Electronic Attestation of Attributes https://www.etsi.org/deliver/etsi_tr/119400_119499/119476/01.02.01_60/tr_ 119476v010201p.pdf 

• BBS# and eIDAS 2.0 https://csrc.nist.gov/csrc/media/presentations/2024/wpec2024-3b3/images-media/wpec2024-3b3-slides-antoine-jacques--BBS-sharp-eIDAS2.pdf 

Other 

• What is Yivi https://docs.yivi.app/what-is-yivi 

• IRMAGO https://github.com/privacybydesign/irmago 

• EUDI Wallet ARF: EU Commission - Regulatory framework https://eudi.dev/2.5.0/architecture-and-reference-framework-main/ 

Contact 

Primary contact person 

Dibran Mulder, CTO Caesar Groep & Yivi 

+31 (0)6 39 30 61 18 

d.mulder@caesar.nl 

Address: 

Janssoniuslaan 80 

3528 AJ Utrecht

Websites:

https://yivi.app 

https://caesar.nl