diff --git a/index.html b/index.html
index e459f9c..240af28 100644
--- a/index.html
+++ b/index.html
@@ -688,13 +688,14 @@
parseBaseProofValue
-
-Ensure the `proofValue` string starts with
+If the `proofValue` string does not start with
u
(U+0075
LATIN SMALL LETTER U
),
-indicating that it is a `multibase-base64url-no-pad-encoded` value, and throw
-an error if it does not.
+indicating that it is a `multibase-base64url-no-pad-encoded` value,
+an error MUST be raised and SHOULD convey an error type of
+PROOF_VERIFICATION_ERROR.
-
Initialize |decodedProofValue| to the result of base64url-no-pad-decoding the
@@ -721,8 +722,9 @@
parseBaseProofValue
|featureOption| to `"pseudonym_hidden_pid"`.
-
-If the |decodedProofValue| starts with any other three byte sequence, throw an
-error.
+If the |decodedProofValue| starts with any other three byte sequence,
+an error MUST be raised and SHOULD convey an error type of
+PROOF_VERIFICATION_ERROR.
@@ -1125,13 +1127,14 @@ parseDerivedProofValue
-
-Ensure the `proofValue` string starts with
+If the `proofValue` string does not start with
u
(U+0075
,
LATIN SMALL LETTER U
), indicating that
-it is a `multibase-base64url-no-pad-encoded` value, and throw an error if it does
-not.
+it is a `multibase-base64url-no-pad-encoded` value,
+an error MUST be raised and SHOULD convey an error type of
+PROOF_VERIFICATION_ERROR.
-
Initialize |decodedProofValue| to the result of base64url-no-pad-decoding the
@@ -1161,11 +1164,12 @@
parseDerivedProofValue
-
Initialize `components` to an array that is the result of CBOR-decoding the
-bytes that follow the three-byte BBS disclosure proof header. Ensure the result
-is an array of five or six elements —
-a byte array, a map of integers to integers, an
-array of integers, another array of integers, and one or two byte arrays;
-otherwise, throw an error.
+bytes that follow the three-byte BBS disclosure proof header. If the result
+is not an array of five or six elements —
+a byte array, a map of integers to integers,
+two arrays of integers, and one or two byte arrays;
+an error MUST be raised and SHOULD convey an error type of
+PROOF_VERIFICATION_ERROR.
-
Replace the second element in `components` using the result of calling the
@@ -1463,13 +1467,15 @@
Base Proof Configuration (bbs-2023)
-
If |proofConfig|.|type| is not set to `DataIntegrityProof` and/or
-|proofConfig|.|cryptosuite| is not set to `bbs-2023`, an
-`INVALID_PROOF_CONFIGURATION` error MUST be raised.
+|proofConfig|.|cryptosuite| is not set to `bbs-2023`, an error MUST be raised
+and SHOULD convey an error type of
+PROOF_GENERATION_ERROR.
-
-If |proofConfig|.|created| is set and the value is not a
-valid [[XMLSCHEMA11-2]] datetime, an `INVALID_PROOF_DATETIME` error MUST be
-raised.
+If |proofConfig|.|created| is set and if the value is not a
+valid [[XMLSCHEMA11-2]] datetime, an error MUST be raised and SHOULD convey an
+error type of
+PROOF_GENERATION_ERROR.
-
Set |proofConfig|.|@context| to
@@ -1504,9 +1510,13 @@
Base Proof Serialization (bbs-2023)
|commitment_with_proof|.
If |featureOption| is set to `"anonymous_holder_binding"` or
`"pseudonym_hidden_pid"`, the
-|commitment_with_proof| input MUST be supplied; if not supplied, an error SHOULD be
-returned.
-A single digital proof value
+|commitment_with_proof| input MUST be supplied; if not supplied,
+an error MUST be raised and SHOULD convey an error type of
+PROOF_GENERATION_ERROR.
+The proof options MUST contain a type identifier for the
+
+cryptographic suite (|type|) and MAY contain a cryptosuite
+identifier (|cryptosuite|). A single digital proof value
represented as series of bytes is produced as output.