[VC-1161] [VC-1162] updated tn, org-identity and brand owner schemas

[Arsh-Sandhu]

No description provided.

[Copilot]

Pull request overview

This PR updates the OVC Org Identity, OVC Brand Owner, and TN Allocation credential schemas/docs to v2, aligning them with JSON Schema draft 2020-12 and expanding field descriptions and constraints.

Changes:

• Bump schemas to version 2.0.0, update $schema to draft 2020-12, and refresh schema SAIDs in registry.json.
• Revise TN allocation attributes to support array-based number expressions (single numbers + inclusive ranges) and multi-channel scoping.
• Expand documentation in the index.md files to explain intent, semantics, and edge/rules structure.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 17 comments.

Show a summary per file

File	Description
tn-alloc/tn-alloc.schema.json	Updates TN allocation schema to v2 with richer constraints and revised attributes/edges/rules structure.
tn-alloc/index.md	Rewrites TN allocation documentation to explain number expressions, channels, edges, and governance.
tn-alloc/example-tn-alloc.json	Updates example payload to match TN allocation v2 structure (numbers array, channel array, updated SAIDs).
registry.json	Updates registry entries to new schema SAIDs for tn-alloc, ovc-org-vet, and ovc-brand-owner.
ovc-org-vet/rules.json	Removes the standalone rules JSON file.
ovc-org-vet/ovc-org-vet.schema.json	Updates OVC Org Identity schema to v2 with stronger patterns/examples and revised attributes/rules/edges.
ovc-org-vet/index.md	Updates OVC Org Identity documentation to reflect new intent and field structure.
ovc-brand-owner/ovc-brand-owner.schema.json	Updates OVC Brand Owner schema to v2 with stronger patterns/examples and revised attributes/rules/edges.
ovc-brand-owner/index.md	Expands OVC Brand Owner documentation and usage guidance.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 9 out of 9 changed files in this pull request and generated 18 comments.

[dhh1128]

Review against the stated success criteria

Thanks @Arsh-Sandhu — solid PR. Mechanically it's in good shape: all three schemas are valid JSON-Schema Draft 2020-12, every $id/nested-block SAID recomputes correctly and matches registry.json, and example-tn-alloc.json validates against the new tn-alloc schema.

Scorecard:

• version ✅ — all 1.0.0 → 2.0.0 (see inline note to confirm the GSMA-trial value).
• names ✅ (mostly) — titles use OVC / "Org Identity" / no dossier-vs-credential misuse; residual "org vet" wording noted inline.
• rules ✅ — governance statement present in all three (but see the org-identity citation-rules blocker inline).
• constraints ⚠️ — strong regexes for v/d/i/ri/s, LEI, E.164, channel enum, LOA; gaps noted inline (E.164 leading zero, unconstrained u, and the compact-form SAID strings: ovc-org-vet/ovc-brand-owner pattern-constrain the compact r string, but tn-alloc's compact a/e/r branches are bare type: string — pin ^E[A-Za-z0-9_-]{43}$ for consistency).
• examples ✅ (mostly) — most fields have believable examples; see pre-existing vcard note below.
• docs ✅ — all three have substantial index.md; defects noted inline + below.
• multichannel ✅ (strongest part) — tn-alloc makes channel an optional ["sms","voice"] array (one channel-agnostic credential, no proliferation), and brand-owner uses goals to scope channel/purpose. Well reasoned in the docs and exactly the "single type, optional" direction we wanted.

Top things to address: (1) the citation-semantics rules on the org-identity credential, (2) the legalIdentifiers schema↔doc contradiction, (3) the doc defects below.

Pre-existing issues (outside this diff, so not inline — but worth fixing while here)

These live on lines the PR didn't change, so GitHub won't let me anchor a comment:

• ovc-org-vet/index.md LoA table is broken & has typos: the "gold" (LoA 3) row is column-shifted (its <ol> landed in the intended meaning column, with a stray </li></li> and a missing <li>); threshhold → "threshold"; FBAC → FBCA (correct once, then misspelled 3×); ISO/IEC 2915 → ISO/IEC 29115; LoA 1 row duplicates "tools" ("legalities, tools, governance, tools…").
• ovc-brand-owner vcard/goals use format: "cesr" on items that are vCard content lines / Aries goal codes (not CESR primitives) — questionable format. Also the vcard examples array lists individual strings at the array level, so each "example" isn't a valid instance of the array property (wrap as one example array, or move under items).

Full off-PR write-up is in my review notes; happy to expand on any of these.

[dhh1128]

E.164 regex is slightly too permissive. ^\+[0-9]{7,15}(-\+[0-9]{7,15})?$ allows a leading zero, but E.164 country codes never start with 0. Suggest pinning the first digit non-zero:

^\+[1-9][0-9]{6,14}(-\+[1-9][0-9]{6,14})?$

(Range start≤end and equal-length endpoints can't be enforced in regex — the index.md correctly defers that to verifier evaluation, which is fine.)

[dhh1128]

u (salt) is unconstrained here and in the other two schemas (type: string, no pattern). Per the "constrain inputs as much as possible" goal, consider a pattern for a 128-bit CESR salt, e.g. ^0A[A-Za-z0-9_-]{22}$.

Also: top-level required is inconsistent across the three schemas — tn-alloc requires u, but ovc-org-vet and ovc-brand-owner make it optional. Pick one convention and apply it uniformly.

[dhh1128]

version: bumped 1.0.0 → 2.0.0 on all three — good (≥ 1.0 and differs from the value on main). Just confirming: the GSMA-trial schemas were at 1.0.0, so 2.0.0 satisfies "must differ from the trial version". If the trial actually shipped something other than 1.0.0, double-check there's no collision.

(Minor: version is a non-standard JSON-Schema keyword — ignored by validators — but it's the existing repo convention, so fine.)

[dhh1128]

Schema ↔ doc contradiction. This lists domain and linkedin as example type values, but index.md says "Domain names and social media handles are intentionally excluded: they do not unambiguously identify a legal entity." One of the two is wrong — reconcile.

Separately, the example vocabulary differs between schema (gb, che) and doc (uk-crn, che, us-ein). Consider a single controlled vocabulary for type (even just consistent examples).

[dhh1128]

Redundant bounds. minimum: 0 together with exclusiveMinimum: 0 is contradictory. If LOA can be zero, then eclusive is wrong; if not, then minimum is wrong.

[dhh1128]

Stale s example. This uses EAoRVmgPyacjhUxaV0nPwiuUuHMjKDpNZrj7ClofZ-3Z, which is the brand-owner schema's old (pre-PR) SAID; the new $id is EImfvpfRx4YKhTzAzdZzCCjSNmwtY5yw9QlpZirG6OUa. A self-referential s example should show the current schema SAID. (Same old SAID is reused as the brandauth.s example further down.)

[dhh1128]

Contradicts the schema: ovc-org-vet.schema.json lists domain and linkedin as example legalIdentifiers types, but here they're "intentionally excluded." Pick one and align both.

[dhh1128]

Residual "org vet" naming. The title was updated to OVC Org Identity Credential (good), but the body still says "org vet" / "Org vet credentials" in places, and the image assets are org-vet-*.png/.svg. For consistency with the naming goal ("use 'org identity' rather than 'org vet'"), update the prose and consider renaming the image files (and eventually the directory).