Wallet encrypting c_nonce as JWE - Unresolved key used

Wallet is encrypting the `c_nonce` value as a JWE using **RSA-OAEP-256**,  
but the Credential Issuer does not publish any RSA encryption key in its metadata.

We need clarification on:
1. Whether nonce encryption is required by your wallet implementation
2. Where the wallet obtains the RSA public key for this encryption

---

### Steps to Reproduce

1. Issuer publishes metadata with **only EC signing key**
2. Wallet calls `/nonce` endpoint, receives plain text `c_nonce`
3. Wallet encrypts `c_nonce` as **JWE** using **RSA-OAEP-256**
4. Wallet sends proof JWT with **encrypted nonce**

---

### Expected Behavior

Wallet should either:
- Use the plain text `c_nonce` as provided by the Issuer,  
  **or**
- Encrypt it using a key published in Issuer metadata (.well-known/openid-credential-issuer, if encryption is required)

---

### Actual Behavior

Wallet encrypts the `c_nonce` without a known public key,  
making the Issuer unable to decrypt and verify the proof.

---

Thanks for support.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Wallet encrypting c_nonce as JWE - Unresolved key used #228

Steps to Reproduce

Expected Behavior

Actual Behavior

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Wallet encrypting c_nonce as JWE - Unresolved key used #228

Description

Steps to Reproduce

Expected Behavior

Actual Behavior

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions