Switching between single keypair and unique keys per credential

[pstamatop]

Is it possible to make the wallet configurable, allowing a switch between using a single public-private key pair for all credentials versus unique keys per credential?

This could be useful in scenarios where combined presentations of credentials (e.g. an EHIC without personal information alongside a PID) require binding to a single proof for verification, since claim-based binding isn't possible. This switch could act as a practical temporary solution until full unlinkability is achieved.

@emlun would love to hear your thoughts on this - also tagging @kkmanos and @gkatrakazas to keep both in the loop

[emlun]

Sorry for the delayed response - sure, this is most definitely possible. It could even be done on an individual per-credential basis if we want to go that route: rather than use one single key pair for everything, we could selectively bind the same keypair to two different credentials if we want them to be associated. The difficulty in this would lie almost entirely in figuring out the UI for it; the key management part of it should be very simple and straightforward.

But yes, using a single keypair for everything shouldn't take much more than adding a global config option to the wallet and diverting the key generation function to "just return the existing key" if that option is set.