# Foundations Team Hackathon Ideas ## October 27, 2023 - Brainstorming - [2] OAuth2 Provider via DIDComm Agent - Sign in with DID - [2] Integration/System testing across multiple versions of ACA-Py - [2] Explore FIDO Passkeys - Biometrics for authentication - Can we do something other than biometrics? - [2] DIDComm using HSM modules - Crypto support might be lacking... - [YubikeyHSM2] appears to support ED25519 at least - Encrypted Sender, Signed Receiver - ESSR - [1] Signing credentials using an HSM - Crypto support should be better aligned - Would only be able to do JWT-VC and LDP-VC - **[4]** DIDComm v2 support in ACA-Py - Blitz it? How much could we get done in a day? - Some work already done on this: - Encryption envelope support - Something like an interface for the message models - Enable ACA-Py to talk to the didcomm-demo - ACA-Py Group Chatroom? - [1] Translating mobile app! - [1] Proven Modularization - Any piece we can bite off for a hackathon? - **[3]** Add features to the DIDComm Demo - OOB invitation generation - Connecting to a different mediator - Mediator Choice List - Connecting to a mediator that doesn't support WS - `did:web` support - [1] Break bitcoin crypto by exploiting nonce reuse vulnerability in EcDSA (secp256k1) - Follow the exploit outlined in [article](https://blog.trailofbits.com/2020/06/11/ecdsa-handle-with-care/) - https://github.com/daedalus/BreakingECDSAwithLLL - [1] Exploring PQC? - [1] Radio transmission fault tolerence - [1] [Hyperledger Labs]: Indy smart contract on Fabric - https://github.com/trential/fabric-aries - https://github.com/hyperledger-labs/aries-fabric-wrapper - https://labs.hyperledger.org/labs/aries-fabric.html - [0] Indy smart contract on Besu - [1] [Distributed database](https://github.com/apple/foundationdb) vs Ledger - **[4]** SD-JWT-VC Issuer/Verifier blitz - DIDComm v2 agent that's capable of issuing an SD-JWT-VC over Issue Credential protocol (NOT OpenID4VCI) and verifies over Present Proof protocol - How to integrate? Sample website? Present from browser? - Defining attachment format - Copy OpenID4VCI request and response format - Extract ICv3/PPv3 from [WACI-DIDComm profile](https://identity.foundation/waci-didcomm/)? - Probably not ACA-Py but would be interesting to implement in ACA-Py - **[3]** DIDComm Demo protocol for polls ("voting") - Collaboratively writing a protocol spec - Poll protocol - SD-JWT-VC - OAuth2 sign in with DID [YubikeyHSM2]: https://developers.yubico.com/YubiHSM2/Product_Overview/ [Hyperledger Labs]: https://labs.hyperledger.org/ ### First Round Winners - **[4]** DIDComm v2 support in ACA-Py - **[3]** Add features to the DIDComm Demo - **[4]** SD-JWT-VC Issuer/Verifier blitz - **[3]** DIDComm Demo protocol for polls ("voting") ## August 15, 2023 Brainstorm - keycloak demo using saml client. we take the bc_gov openid demo and setup saml client, see if it works. - zokrates distributed identity provider app. using zokrates, we create an app that verifies traditional certificates and presents a did_comm proof in zero knowledge. - aca-py web3 plugin. We make a plugin that adds web3.py as a dependency. - aries metaMask storage plugin - did registry smart contract - zkp revocation registry as a NFT. credentials are NFT, each NFT has a revocation status on the ledger. NFT credentials are first class citizens… - replace indy-node with a different ledger that supports smart contracts. - try to break aries security guarantees. - Store a video as raw nym data on a ledger and play it back. Indy as a streaming service ## ACA-Py Minimal Reproducible Template Generator [6] - https://hackmd.io/oseaLz4BQZWGYcah-d4dbw This would be a repo that anyone could fork and then trivially demonstrate an issue by specifying participants, making admin API calls, or triggering messages directly to one agent or another. If we could get to a point where the overhead of writing one of these is not a ton more than writing up a plantuml sequence diagram depicting the interactions between participants, I think that would be amazing. Heck, I might even consider parsing a plantuml sequence diagram at some point in the future. I think what we have in our integration testing frameworks is close to what I want but not quite there. I think what I'm after probably is not best formatted as pytest tests and fixtures, though those do provide a similar level of reusability and flexibility to what I'm interested in. I could also see this being used to demonstrate already existing features. We seem to have waves of frequent questions on certain features of ACA-Py; being able to point people to an easily consumable example of how it's supposed to work would be great during these waves. - Could be similar to BDD tests in ACA-Py - Do not recommend using all that ACA-Py has, would be better to use Behave directly - Could use as declarative config, similar to ansible/chef/teraform - Behave could be used to send commands to a "microservice" that constructs the appropriate environment ## ACA-Py Optimization [3] aca-py core optimization. cprofile aca-py core, and make it faster! - Test results with before and after and (hopefully) showing a performance improvement. Current tests do not use cprofile, this hack session topic would use cprofile to identify slow parts. ## Hack Together DIDComm V2 Capable Agent [4] This will help us to give feedback about the DIDComm v2 spec and available implementations. Could use ACA-Py, could use something else hacked together. ## ACA-Py as an OpenID Identity Provider [1] - Prior Art - https://github.com/Indicio-tech/vc-authn-oidc - https://github.com/UN-ICC/icc-oidc-bridge ## Generalized Mobile Notification aca-py plugin [4] current notification plugin only supports firebase, this topic would be focused on extending support to other services * appwrite * deployd * Kafka ## Use HL Fabric with ACA-Py [1] - DID Registry? - AnonCreds? Complete replacement of Indy Node? - fabric smart contract on other ledgers. ## Q&A Queue - For the heck of it, A DIDComm solution for a Q&A queue to use during Q&A sessions. Browser static agents to send the message to a central agent that holds a queue, displays on page. - For educational value, a "traditional" website would be interesting as well.
Last changed by  
Daniel Bluhm
294

Read more

ACA-Py - New AnonCreds Registry

The short form:

3/6/2024
ACA-Py Endorser Implementation through Registry Interface

All AnonCreds registration operations return a result object. The result object can represent a states with three different states:

1/12/2024
Indy DID Method Implementation Plan

Authors Daniel Bluhm daniel@indicio.tech Adam Burdett adam@indicio.tech Colton Wolkins colton@indicio.tech Char Howland char@indicio.tech Introduction Add support for W3C DID Specification compliant identifiers and documents on Indy Ledgers.

3/14/2022
Read more from Daniel Bluhm
Published on HackMD