diff --git a/Multiledger.md b/Multiledger.md index 30c692c878..5d575c9969 100644 --- a/Multiledger.md +++ b/Multiledger.md @@ -14,6 +14,7 @@ More background information including problem statement, design (algorithm) and - [Read Requests](#read-requests) - [For checking ledger in parallel](#for-checking-ledger-in-parallel) - [Write Requests](#write-requests) +- [A Special Warning for TAA Acceptance](#a-special-warning-for-taa-acceptance) - [Impact on other ACA-Py function](#impact-on-other-aca-py-function) ## Usage @@ -104,6 +105,25 @@ If multiple ledgers are configured then `IndyLedgerRequestsExecutor` service ext On startup, the first configured applicable ledger is assigned as the `write_ledger` [`BaseLedger`], the selection is dependant on the order (top-down) and whether it is `production` or `non_production`. For instance, considering this [example configuration](#example-config-file), ledger `bcorvinTest` will be set as `write_ledger` as it is the topmost `production` ledger. If no `production` ledgers are included in configuration then the topmost `non_production` ledger is selected. +## A Special Warning for TAA Acceptance + +When you run in multi-ledger mode, ACA-Py will use the `pool-name` (or `id`) specified in the ledger configuration file for each ledger. + +(When running in single-ledger mode, ACA-Py uses `default` as the ledger name.) + +If you are running against a ledger in `write` mode, and the ledger requires you to accept a Transaction Author Agreement (TAA), ACA-Py stores the TAA acceptance +status in the wallet in a non-secrets record, using the ledger's `pool_name` as a key. + +This means that if you are upgrading from single-ledger to multi-ledger mode, you will need to *either*: + +- set the `id` for your writable ledger to `default` (in your `ledgers.yaml` file) + +*or*: + +- re-accept the TAA once you restart your ACA-Py in multi-ledger mode + +Once you re-start ACA-Py, you can check the `GET /ledger/taa` endpoint to verify your TAA acceptance status. + ## Impact on other ACA-Py function There should be no impact/change in functionality to any ACA-Py protocols. diff --git a/demo/docker/docker-compose.yml b/demo/docker/docker-compose.yml new file mode 100644 index 0000000000..94c4061fa6 --- /dev/null +++ b/demo/docker/docker-compose.yml @@ -0,0 +1,62 @@ +# Sample docker-compose to start a local aca-py in multi-ledger mode +# To start aca-py and the postgres database, just run `docker-compose up` +# To shut down the services run `docker-compose rm` - this will retain the postgres database, so you can change aca-py startup parameters +# and restart the docker containers without losing your wallet data +# If you want to delete your wallet data just run `docker volume ls -q | xargs docker volume rm` +version: "3" +services: + vcr-agent: + image: bcgovimages/aries-cloudagent:py36-1.16-1_0.7.3 + ports: + - 8010:8010 + depends_on: + - wallet-db + entrypoint: /bin/bash + command: [ + "-c", + "sleep 5; \ + aca-py start \ + --auto-provision \ + --inbound-transport http '0.0.0.0' 8001 \ + --endpoint 'http://host.docker.internal:8001' \ + --outbound-transport http \ + --genesis-transactions-list 'ledgers.yaml' + --auto-accept-invites \ + --auto-accept-requests \ + --auto-ping-connection \ + --auto-respond-messages \ + --auto-respond-credential-proposal \ + --auto-respond-credential-offer \ + --auto-respond-credential-request \ + --auto-verify-presentation \ + --wallet-type 'indy' \ + --wallet-name 'acapy_agent_wallet' \ + --wallet-key 'key' \ + --wallet-storage-type 'postgres_storage' \ + --wallet-storage-config '{\"url\":\"wallet-db:5432\",\"max_connections\":5}' \ + --wallet-storage-creds '{\"account\":\"DB_USER\",\"password\":\"DB_PASSWORD\",\"admin_account\":\"postgres\",\"admin_password\":\"mysecretpassword\"}' \ + --admin '0.0.0.0' 8010 \ + --admin-insecure-mode \ + --label 'tester_agent' \ + --log-level 'info' ", + ] + volumes: + - ./ledgers.yaml:/home/indy/ledgers.yaml + +# note - if you want to start aca-py in single-ledger mode, replace the `--genesis-transactions-list` parameter above with: +# --genesis-url 'https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_sandbox_genesis' \ + + wallet-db: + image: vcr-postgresql + environment: + - POSTGRESQL_USER=DB_USER + - POSTGRESQL_PASSWORD=DB_PASSWORD + - POSTGRESQL_DATABASE=DB_USER + - POSTGRESQL_ADMIN_PASSWORD=mysecretpassword + ports: + - 5433:5432 + volumes: + - wallet-db-data:/var/lib/pgsql/data + +volumes: + wallet-db-data: diff --git a/demo/docker/ledgers.yaml b/demo/docker/ledgers.yaml new file mode 100644 index 0000000000..baf174d35e --- /dev/null +++ b/demo/docker/ledgers.yaml @@ -0,0 +1,16 @@ +# the `id` is used as the `pool_name` in aca-py +# note that if you are upgrading from single- to multi-ledger, you need to *either*: +# - set the `id` of your `is_write: true` ledger to `default` (the `pool_name` used in single-ledger mode) +# *or*: +# - re-accept the TAA once you start aca-py in multi-ledger mode +# (the TAA acceptance is stored in a wallet record keyed on the `pool_name`) +- id: SOVRINSandbox + is_production: true + is_write: true + genesis_url: 'https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_sandbox_genesis' +- id: BCovrinTest + is_production: true + genesis_url: 'http://test.bcovrin.vonx.io/genesis' +- id: CANdyDev + is_production: true + genesis_url: 'https://raw.githubusercontent.com/ICCS-ISAC/dtrust-reconu/main/CANdy/dev/pool_transactions_genesis'