owned this note
owned this note
Published
Linked with GitHub
DIDs
====
did_doc [example](https://w3c-ccg.github.io/did-spec/#example-19-advanced-did-document-example)
```
{
"@context": "https://w3id.org/future-method/v1",
"id": "did:example:123456789abcdefghi",
"publicKey": [{
"id": "did:example:123456789abcdefghi#keys-1",
"type": "RsaVerificationKey2018",
"controller": "did:example:123456789abcdefghi",
"publicKeyPem": "-----BEGIN PUBLIC KEY...END PUBLIC KEY-----\r\n"
}, {
"id": "did:example:123456789abcdefghi#keys-3",
"type": "Ieee2410VerificationKey2018",
"controller": "did:example:123456789abcdefghi",
"publicKeyPem": "-----BEGIN PUBLIC KEY...END PUBLIC KEY-----\r\n"
}],
"authentication": [
// this mechanism can be used to authenticate as did:...fghi
"did:example:123456789abcdefghi#keys-1",
// this mechanism can be used to biometrically authenticate as did:...fghi
"did:example:123456789abcdefghi#keys-3",
// this mechanism is *only* authorized for authentication, it may not
// be used for any other proof purpose, so its full description is
// embedded here rather than using only a reference
{
"id": "did:example:123456789abcdefghi#keys-2",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123456789abcdefghi",
"publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
}
],
"service": [{
"id": "did:example:123456789abcdefghi#oidc",
"type": "OpenIdConnectVersion1.0Service",
"serviceEndpoint": "https://openid.example.com/"
}, {
"id": "did:example:123456789abcdefghi#vcStore",
"type": "CredentialRepositoryService",
"serviceEndpoint": "https://repository.example.com/service/8377464"
}, {
"id": "did:example:123456789abcdefghi#xdi",
"type": "XdiService",
"serviceEndpoint": "https://xdi.example.com/8377464"
}, {
"id": "did:example:123456789abcdefghi#hub",
"type": "HubService",
"serviceEndpoint": "https://hub.example.com/.identity/did:example:0123456789abcdef/"
}, {
"id": "did:example:123456789abcdefghi#messaging",
"type": "MessagingService",
"serviceEndpoint": "https://example.com/messages/8377464"
}, {
"type": "SocialWebInboxService",
"id": "did:example:123456789abcdefghi#inbox",
"serviceEndpoint": "https://social.example.com/83hfh37dj",
"description": "My public social inbox",
"spamCost": {
"amount": "0.50",
"currency": "USD"
}
}, {
"type": "DidAuthPushModeVersion1",
"id": "did:example:123456789abcdefghi#push",
"serviceEndpoint": "http://auth.example.com/did:example:123456789abcdefghi"
}, {
"id": "did:example:123456789abcdefghi#bops",
"type": "BopsService",
"serviceEndpoint": "https://bops.example.com/enterprise/"
}]
"proof": {
"type": "LinkedDataSignature2015",
"created": "2016-02-08T16:02:20Z",
"creator": "did:example:8uQhQMGzWxR8vw5P3UWH1ja#keys-1",
"signatureValue": "QNB13Y7Q9...1tzjn4w=="
}
}
```
## Mapping of libindy did methods to Aries SDK methods.
|libindy |Aries_SDK |Dependencies |
|------------------------------|----------------------|------------------------|
|`indy_create_and_store_my_did`|`did_create` |`_did_create` |
| | |`wallet` |
| | |`[indyre._nym_resolve]` |
| | |`[indyre._nym_create]` |
|||
|`indy_replace_keys_start` |`did_add_keys` |`dev._key_create` |
| | |`did_update` |
| | |`wallet` |
| | |`[indyre._nym_update]` |
|||
|`indy_replace_keys_apply` |`did_remove_keys` |`did_update` |
| | |`wallet` |
| | |`[indyre._nym_update]` |
|||
|`indy_store_their_did` |`did_store` |`wallet` |
| | |`[indyre._nym_resolve]` |
|||
|`indy_key_for_did` |`did_key_get` |`wallet(check cache)` |
| | |`indyre._nyms_resolve` |
|||
|`None` |`did_inactivate` |`indyre._nym_inactivate`|
| | |`wallet` |
|||
|`None` |`did_rotate_key` |`_key_create` |
| | |`wallet` |
| | |`[indyre._nym_update]` |
|||
|`indy_key_for_local_did` |`did_key_get` |`_dids_read` |
| | |`wallet` |
|||
|`indy_set_endpoint_for_did` |`did_endpoint_set` |`did_update` |
| | |`wallet` |
| | |`[indyre._nym_update]` |
|||
|`indy_get_endpoint_for_did` |`did_endpoint ` |`dids_read` |
| | |`wallet` |
|||
|`indy_set_did_metadata` |`did_metadata_set` |`did_update` |
| | |`wallet` |
| | |`[indyre._nym_update]` |
|||
|`indy_get_did_metadata` |`did_metadata_get` |`dids_read` |
| | |`wallet` |
|||
|`indy_get_my_did_with_meta` |`my_did_metadata_get` |`dids_read` |
| | |`wallet` |
|||
|`indy_list_my_dids_with_meta` |`my_did_metadata_list`|`dids_read` |
| | |`wallet` |
|||
|`None` |`did_delete` |`wallet` |
|||
|`indy_abbreviate_verkey` |`abbreviate_verkey` |`_abbreviate_verkey` |
|||
|`None` |`key_did_get` |`wallet` |
[Optional]
_internal_method
## Aries SDK, consumer did methods
### Deprecated , maps old API to did doc
```c
~~did_metadata_set()~~ // does not map to did doc
did_metadata_get() // metadata
my_did_metadata_get() // metadata + verkey
my_did_metadata_list() // all did + metadata + verkey
~~did_endpoint_set~~ // does not map to did doc
did_endpoint_get()
```
### DID doc
```c
int32_t aries_did_create(int32_t wallet_handle,
const char* const did_options_json,
const char* did,
const char* vk,
const struct ExternError* err);
int32_t aries_did_store(int32_t wallet_handle,
const char* const did_json,
const struct ExternError* err);
int32_t aries_did_update(int32_t wallet_handle,
const char* const did_update_json,
const struct ExternError* err);
int32_t aries_did_delete(int32_t wallet_handle,
const char* const did,
const struct ExternError* err);
// Originally wanted to combine ledger reads and wallet reads into one
// method. This is unreasoable since we need to have both wallet and ledger
// info passed in when only one of the two will be used. Splitting it up.
int32_t aries_did_read(int32_t wallet_handle,
const char* const did,
const char* did_doc,
const struct ExternError* err);
/**
* Resolve a DID Doc from a ledger.
*/
int32_t aries_did_resolve(int32_t resolver_handle,
const char* const did,
const char* did_doc,
const struct ExternError* err);
int32_t aries_did_commit(int32_t wallet_handle,
int32_t resolver_handle,
const char* const did,
const char* did_doc,
const struct ExternError* err);
// not mutable
//did_context_set()
// Don't think this makes sense to include. It is always the same.
//int32_t did_context_get()
int32_t aries_did_authentication_add(int32_t wallet_handle,
const char* const did,
const char* const authentication,
const struct ExternError* err)
int32_t aries_did_authentication_get(int32_t wallet_handle,
const char* const did,
const struct ExternError* err)
int32_t aries_did_authentication_remove(int32_t wallet_handle,
const char* const did,
const char* const authentication,
const struct ExternError* err)
int32_t aries_did_authentication_list(int32_t wallet_handle,
const struct ExternError* err)
int32_t aries_did_key_add(int32_t wallet_handle,
const char* const did,
const char* const key,
const struct ExternError* err)
int32_t aries_did_key_get(int32_t wallet_handle,
const char* const did,
const struct ExternError* err)
int32_t aries_did_key_remove(int32_t wallet_handle,
const char* const did,
const char* const key,
const struct ExternError* err)
int32_t aries_did_key_list(int32_t wallet_handle,
const struct ExternError* err)
int32_t aries_did_service_add(int32_t wallet_handle,
const char* const did,
const char* const service,
const struct ExternError* err)
int32_t aries_did_service_get(int32_t wallet_handle,
const struct ExternError* err)
int32_t aries_did_service_remove(int32_t wallet_handle,
const char* const service,
const struct ExternError* err)
int32_t aries_did_service_list(int32_t wallet_handle,
const struct ExternError* err)
int32_t aries_abbreviate_verkey(const char* const verkey,
const struct ExternError* err)
```
### Example of Aries SDK Usage
```python
from aries import did, key, wallet, resolver # Separate "key" api?
wallet_config = {
#...
}
# Note the abscence of async. Maybe we include a python wrapper
# that does make the calls async.
wallet_handle = wallet.create(wallet_config)
# Leaving the wallet selection up to the wrapper/framework/app makes sense.
# They can decided how they want to handle multiple open wallets.
# Create a "public" DID
sov_did, sov_vk = did.create(
wallet_handle,
{'method': 'sov', 'seed': '...'},
{
'service': [{}, {}], #imagine proper service blocks
'authentication': [{}],
'key': [] # If empty or omitted, only sov_vk is included in publicKey list of DIDDoc
}
)
# Optionally update DIDDoc elements with update after creation:
did.update( # Overwrites? What happens to sov_key?
wallet_handle,
sov_did,
{
'service': [{}, {}], #imagine proper service blocks
'authentication': [{}],
'key': [] # If empty or omitted, only sov_vk is included in publicKey list of DIDDoc
}
)
# Create and add another key
another_key = key.create(wallet_handle, {'type': sov_vk['type']})
did.key_add(wallet_handle, sov_did, another_key)
# Open and commit to ledger
resolver_handle = resolver.open({'method': 'sov'})
did.commit(wallet_handle, resolver_handle, sov_did) # Read DIDDoc info out of the wallet? Or pass it in?
resolver.close(resolver_handle)
wallet.close(wallet_handle)
```
## Aries dev, wallet internal did resource methods // need better names specific to wallet interface
did_create(args,result,error)
did_update(args,error)
did_read({return_fields:[],selection_criteria:'did=123'},result,error)
did_delete(args,error)
## Indy resolver, ledger nym resource methods
_nym_create(args, result, error)
_nym_resolve()
_nym_update(args, result, error)
_nym_inactivate(args, Result, Error)
## Aries, did constructors
_did_create(args,result,error)
_key_create()
_linked_key_create(DidArgs, Result, Error)
???_abbreviate_verkey(args,result,error)
???_did_parse(DidArgs, Result, Error)
## Aries dev Inputs
- the resource methods are designed to provide a complete CRUD interface to the wallet.
- creation of new objects in the wallet takes three arguments, args, result and error.
- args is a struct with all needed parameters to create the new object to be inserted into the wallet.
- result is a pointer to where the results will be written
- error is a pointer to where any errors will be written
- update and delete takes two arguments, args and error.
- args is a struct that contains all information needed to update the object in the wallet
- error is a pointer to where any errors will be written
- read takes three arguments, args, result and error.
- args is a struct that contains all information needed to update the object in the wallet
- the method type can be thought of as a table in the wallet db.
- return_fields is a list of fields to be returned
- selection_criteria is the constraints to be applied on what will be returned.
- result is a pointer to where the results will be written
- error is a pointer to where any errors will be written
- security of the wallet is yet to be solved.
## Questions
- should dids have a meta data or is all data in docs.
- Should aries did create take a "doc" as an argument for easy cloning of
# Rich Schema
## Indy resolver, ledger schema resource methods
## Aries Anon_cred consumer SDK
```c
extern int32_t aries_schema_validate(const char* const schema,
const struct ExternError* err);
extern int32_t aries_schema_commit(int32_t wallet_handle,
const char* const did,
const char* schema_json,
const struct ExternError* err);
extern int32_t aries_context_validate(const char* const context,
const struct ExternError* err);
extern int32_t aries_context_commit(int32_t wallet_handle,
const char* const did,
const char* context_json,
const struct ExternError* err);
extern int32_t aries_mapping_validate(const char* const mapping,
const struct ExternError* err);
extern int32_t aries_mapping_commit(int32_t wallet_handle,
const char* const did,
const char* mapping_json,
const struct ExternError* err);
extern int32_t aries_encoding_validate(const char* const encoding,
const struct ExternError* err);
/* Encodings:
* UTF-8_SHA-256
* DateRFC3339_SecondsSince1970
* DateRFC3339_DaysSince1900
* HeightISO18013_HeightInInches
* Double_BigDecimal
* 32Integer_256Integer
*/
extern int32_t aries_encode_attribute(const char* const encoding,
const char* const attribute,
const char* encoded_attribute,
const struct ExternError* err);
extern int32_t aries_pres_def_validate(const char* const pres_def,
const struct ExternError* err);
extern int32_t aries_pres_def_commit(int32_t wallet_handle,
const char* const did,
const char* pres_def_json,
const struct ExternError* err);
extern int32_t aries_cred_def_create(int32_t wallet_handle,
const char* const cred_def_options_json,// mapping_id, schema_id, context_id,
const char* const did,
const char* cred_def,
const struct ExternError* err);
extern int32_t aries_cred_def_commit(int32_t wallet_handle,
const char* const did,
const char* cred_def_json,
const struct ExternError* err);
```