Merge branch 'main' into didx_oob_improvement

AnonCredsWalletType.md

@@ -63,18 +63,36 @@ Everything should just work!!!
 
 Theoretically ATH should work with anoncreds as well, by setting the wallet type (see https://github.com/hyperledger/aries-agent-test-harness#extra-backchannel-specific-parameters).
 
+
+## Revocation (new in anoncreds)
+
+The changes are significant.  Notably:
+
+- the old way was that from Indy you got the timestamp of the RevRegEntry used, accumulator and the "deltas" -- list of revoked and list of unrevoked credentials for a given range.  I'm not exactly sure what was passed to the AnonCreds library code for building the presentation.
+- In the new way, the AnonCreds library expects the identifier for the revregentry used (aka the timestamp), the accumulator, and the full state (0s and 1s) of the revocation status of all credentials in the registry.
+- The conversion from delta to full state must be handled in the Indy resolver -- not in the "generic" ACA-Py code, since the other ledgers automagically provide the full state. In fact, we're likely to update Indy VDR to always provide the full state.  The "common" (post resolver) code should get back from the resolver the full state.
+
+The Tails file changes are minimal -- nothing about the file itself changed.  What changed:
+
+- the tails-file-server can be published to WITHOUT knowing the ID of the RevRegEntry, since that is not known when the tails file is generated/published.  See: https://github.com/bcgov/indy-tails-server/pull/53 -- basically, by publishing based on the hash.
+- The tails-file is not needed by the issuer after generation. It used to be needed for (I think) issuing and revoking credentials. Those are now done without the tails file. See: https://github.com/hyperledger/aries-cloudagent-python/pull/2302/files. That code is already in Main, so you should have it.
+
+
 ## Outstanding work
 
-- unit tests (in the new anoncreds package)
+- unit tests (in the new anoncreds package) (see https://github.com/hyperledger/aries-cloudagent-python/pull/2596/commits/229ffbba209aff0ea7def5bad6556d93057f3c2a)
 - unit tests (review and possibly update unit tests for the credential and presentation integration)
-- revocation support - migrate code from `anoncreds-rs` branch
+- revocation support - migrate code from `anoncreds-rs` branch (in progress)
+- revocation notifications (not sure if they're included in `anoncreds-rs` updates, haven'e tested them ...)
 - revocation support - complete the revocation implementation (support for unhappy path scenarios)
 - endorsement (not implemented with new anoncreds code)
+- endpoints - don't load the schema/cred-def endpoints when wallet type is anoncreds (will require some BDD updates)
 - testing - various scenarios like mediation, multitenancy etc.
 - wallet upgrade (askar to askar-anoncreds)
 - update V1.0 versions of the Credential and Presentation endpoints to use anoncreds
 - any other anoncreds issues - https://github.com/hyperledger/aries-cloudagent-python/issues?q=is%3Aopen+is%3Aissue+label%3AAnonCreds
 
+
 ## Retiring old Indy and Askar (credx) Code
 
 The main changes for the Credential and Presentation support are in the following two files:

aries_cloudagent/anoncreds/default/legacy_indy/registry.py

@@ -20,8 +20,8 @@
     IndyLedgerRequestsExecutor,
 )
 from ....multitenant.base import BaseMultitenantManager
-from ....revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
-from ....revocation.recover import generate_ledger_rrrecovery_txn
+from ....revocation_anoncreds.models.issuer_cred_rev_record import IssuerCredRevRecord
+from ....revocation_anoncreds.recover import generate_ledger_rrrecovery_txn
 from ...base import (
     AnonCredsObjectAlreadyExists,
     AnonCredsObjectNotFound,

aries_cloudagent/anoncreds/routes.py

@@ -18,8 +18,8 @@
 from ..messaging.models.openapi import OpenAPISchema
 from ..messaging.valid import UUIDFour
 from ..revocation.error import RevocationError, RevocationNotSupportedError
-from ..revocation.manager import RevocationManager, RevocationManagerError
-from ..revocation.routes import (
+from ..revocation_anoncreds.manager import RevocationManager, RevocationManagerError
+from ..revocation_anoncreds.routes import (
     PublishRevocationsSchema,
     RevRegIdMatchInfoSchema,
     RevocationModuleResponseSchema,

aries_cloudagent/config/default_context.py

@@ -88,12 +88,21 @@ async def bind_providers(self, context: InjectionContext):
 
         context.injector.bind_provider(ProfileManager, ProfileManagerProvider())
 
-        context.injector.bind_provider(
-            BaseTailsServer,
-            ClassProvider(
-                "aries_cloudagent.tails.indy_tails_server.IndyTailsServer",
-            ),
-        )
+        wallet_type = self.settings.get("wallet.type")
+        if wallet_type == "askar-anoncreds":
+            context.injector.bind_provider(
+                BaseTailsServer,
+                ClassProvider(
+                    "aries_cloudagent.tails.anoncreds_tails_server.AnonCredsTailsServer",
+                ),
+            )
+        else:
+            context.injector.bind_provider(
+                BaseTailsServer,
+                ClassProvider(
+                    "aries_cloudagent.tails.indy_tails_server.IndyTailsServer",
+                ),
+            )
 
         # Register default pack format
         context.injector.bind_provider(
@@ -120,6 +129,7 @@ async def load_plugins(self, context: InjectionContext):
         plugin_registry = PluginRegistry(
             blocklist=self.settings.get("blocked_plugins", [])
         )
+        wallet_type = self.settings.get("wallet.type")
         context.injector.bind_instance(PluginRegistry, plugin_registry)
 
         # Register standard protocol plugins
@@ -133,16 +143,23 @@ async def load_plugins(self, context: InjectionContext):
         )
         plugin_registry.register_plugin("aries_cloudagent.messaging.schemas")
         plugin_registry.register_plugin("aries_cloudagent.messaging.jsonld")
-        plugin_registry.register_plugin("aries_cloudagent.revocation")
         plugin_registry.register_plugin("aries_cloudagent.resolver")
         plugin_registry.register_plugin("aries_cloudagent.settings")
         plugin_registry.register_plugin("aries_cloudagent.wallet")
-        plugin_registry.register_plugin("aries_cloudagent.anoncreds")
-        plugin_registry.register_plugin("aries_cloudagent.anoncreds.default.did_indy")
-        plugin_registry.register_plugin("aries_cloudagent.anoncreds.default.did_web")
-        plugin_registry.register_plugin(
-            "aries_cloudagent.anoncreds.default.legacy_indy"
-        )
+        if wallet_type == "askar-anoncreds":
+            plugin_registry.register_plugin("aries_cloudagent.anoncreds")
+            plugin_registry.register_plugin(
+                "aries_cloudagent.anoncreds.default.did_indy"
+            )
+            plugin_registry.register_plugin(
+                "aries_cloudagent.anoncreds.default.did_web"
+            )
+            plugin_registry.register_plugin(
+                "aries_cloudagent.anoncreds.default.legacy_indy"
+            )
+            plugin_registry.register_plugin("aries_cloudagent.revocation_anoncreds")
+        else:
+            plugin_registry.register_plugin("aries_cloudagent.revocation")
 
         if context.settings.get("multitenant.admin_enabled"):
             plugin_registry.register_plugin("aries_cloudagent.multitenant.admin")

aries_cloudagent/protocols/issue_credential/v2_0/formats/anoncreds/handler.py

@@ -28,7 +28,7 @@
 )
 from ......messaging.decorators.attach_decorator import AttachDecorator
 from ......multitenant.base import BaseMultitenantManager
-from ......revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
+from ......revocation_anoncreds.models.issuer_cred_rev_record import IssuerCredRevRecord
 from ......storage.base import BaseStorage
 from ...message_types import (
     ATTACHMENT_FORMAT,