Hi,

Today the workflow to do vulnerability analysis is:

1. To have a database with two protocols, one licit (zero-effort impostors vs bonafides) and one called spoof (presentation attacks vs bonafides).
2. run bob bio pipelines vanilla-biometrics licit....
3. run bob bio pipelines vanilla-biometrics spoof....
4. run bob pad vulnerability .... {licit,spoof}/scores-{dev,eval}

I understand the reasons why this was made like this, but now with bob bio pipelines vanilla-biometrics --write-metadata .... we can have score files where metadata is available:

probe_key,probe_path,probe_reference_id,bio_ref_path,bio_ref_reference_id,is_bonafide,score
devel/real/client003_session01_webcam_authenticate_adverse_1,devel/real/client003_session01_webcam_authenticate_adverse_1,3,3,3,1,0.9919710755348206

Therefore, we can afford to have one protocol containing both zero-effort impostors and presentation attack probes, and the job of the tools inside of bob pad vulnerability would take care of selecting these two types of probes and do the correct analysis.

I think this is wiser.

What do you think @amohammadi @ydayer?

Thanks