## DWNaaS Example
```mermaid
sequenceDiagram
participant C as Client
participant D as PFI DWN
participant PFI as PFI Service
PFI->>D: 0. Configure proxy for ASKs
C->>D: 1. Send ASK DWebMsg
D->>D: 2. Integrity checks
critical
D->>PFI: 3. Proxy decrypted ASK
PFI->>PFI: 4. Process ASK
PFI->>D: Response e.g. 202 Accepted / 400 Bad Request
end
D->>D: 5. Optionally store depending on response?
D->>D: DWMify response
D->>C: Response
```
**Note**: The response is not expected to be a `ConditionalOffer`. It'd be a `202: Accepted` or `400: Bad Request`. The client would poll for a reply to the Ask which could be either a `ConditionalOffer` or a `Close`
webhook example: for `{"method": "CollectionsWrite", "schema": https://tbdex.io/schemas/Ask"}` trigger hook `POST https://pfi.institution.com/tbdex/asks`
## Data Flow
* Client sends ASK DWeb Message to PFI DWN
```json=
{
"descriptor": {
"method": "CollectionsWrite",
"protocol": "tbdex",
"contextId": 1,
"objectId": 1
"schema": "https://schemas.tbdex.io/Ask",
"target": "did:ex:wellsfargo"
},
"authorization": "JWS"
"data": "BASE64URL_ENCODED_DATA"
}
```
* PFI DWN processes message
* does the message have all of the expected properties?
* does `authorization` check out?
* integrity checks
* signature verification definition?
* PFI DWN sends decrypted message data and sender DID to PFI Service
* query registered hooks
* if > 0 are found:
* decrypt `data`
* send decrypted data + DID to each hook
```json=
POST pfi.wellsfargo.com/tbdex/asks
{
"did": "did:ex:alice",
"data": {
"sourceCurrency": "USD",
"sourceAmount": 100,
"targetCurrency": "USDC"
}
}
```
* PFI Service receives ASK via hook and processes it (e.g request body validation)
* PFI Service responds to hook request with.. ???
* PFI DWN does ....?
## Thoughts:
* Re: Critical Region
* Instinctively, I feel like this needs to be sync because imagine a scenario where the ASK is malformed (e.g. missing required property, incorrect type for property value etc.). I think we'd want to inform the client (e.g. 400 bad request) synchronously. seems strange to handle it async. Where the client sends a malformed ASK which gets stored. and the client is now polling for the "reply" which ends up being the error.
* Re: Step 5
* If the response from the PFI service is `400: Bad Request`, there's presumably no reason to store the message bc it's kaka. It's also worth considering whether storage should happen at all
# Open Questions
- How does Neal send `CredentialsManifest` to the DWN
- Is Multi-tenancy supported?
- The assumption based on our perception of Daniel's response: Yes
- So then are we holding keys for all tenants that have created handlers?
- When does storage happen?
- before proxy?
- after proxy?
- both?
Sign in with Wallet
Connect another wallet