Merge remote-tracking branch 'upstream/main' into various-revocation-…

…fixes

packages/anoncreds-rs/src/services/AnonCredsRsHolderService.ts

@@ -40,7 +40,7 @@ import {
   Credential,
   CredentialRequest,
   CredentialRevocationState,
-  MasterSecret,
+  LinkSecret,
   Presentation,
   RevocationRegistryDefinition,
   RevocationStatusList,
@@ -55,19 +55,9 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
     agentContext: AgentContext,
     options?: CreateLinkSecretOptions
   ): Promise<CreateLinkSecretReturn> {
-    let masterSecret: MasterSecret | undefined
-    try {
-      masterSecret = MasterSecret.create()
-
-      // FIXME: This is a very specific format of anoncreds-rs. I think it should be simply a string
-      const linkSecretJson = masterSecret.toJson() as { value: { ms: string } }
-
-      return {
-        linkSecretId: options?.linkSecretId ?? utils.uuid(),
-        linkSecretValue: linkSecretJson.value.ms,
-      }
-    } finally {
-      masterSecret?.handle.clear()
+    return {
+      linkSecretId: options?.linkSecretId ?? utils.uuid(),
+      linkSecretValue: LinkSecret.create(),
     }
   }
 
@@ -187,7 +177,7 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
         credentials: credentials.map((entry) => entry.credentialEntry),
         credentialsProve,
         selfAttest: selectedCredentials.selfAttestedAttributes,
-        masterSecret: { value: { ms: linkSecretRecord.value } },
+        linkSecret: linkSecretRecord.value,
       })
 
       return presentation.toJson() as unknown as AnonCredsProof
@@ -219,6 +209,10 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
         )
       }
 
+      if (!linkSecretRecord.value) {
+        throw new AnonCredsRsError('Link Secret value not stored')
+      }
+
       const isLegacyIdentifier = credentialOffer.cred_def_id.match(legacyIndyCredentialDefinitionIdRegex)
       if (!isLegacyIdentifier && useLegacyProverDid) {
         throw new AriesFrameworkError('Cannot use legacy prover_did with non-legacy identifiers')
@@ -230,8 +224,8 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
           : undefined,
         credentialDefinition: credentialDefinition as unknown as JsonObject,
         credentialOffer: credentialOffer as unknown as JsonObject,
-        masterSecret: { value: { ms: linkSecretRecord.value } },
-        masterSecretId: linkSecretRecord.linkSecretId,
+        linkSecret: linkSecretRecord.value,
+        linkSecretId: linkSecretRecord.linkSecretId,
       })
 
       return {
@@ -250,7 +244,11 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
 
     const linkSecretRecord = await agentContext.dependencyManager
       .resolve(AnonCredsLinkSecretRepository)
-      .getByLinkSecretId(agentContext, credentialRequestMetadata.master_secret_name)
+      .getByLinkSecretId(agentContext, credentialRequestMetadata.link_secret_name)
+
+    if (!linkSecretRecord.value) {
+      throw new AnonCredsRsError('Link Secret value not stored')
+    }
 
     const revocationRegistryDefinition = revocationRegistry?.definition as unknown as JsonObject
 
@@ -263,7 +261,7 @@ export class AnonCredsRsHolderService implements AnonCredsHolderService {
       processedCredential = credentialObj.process({
         credentialDefinition: credentialDefinition as unknown as JsonObject,
         credentialRequestMetadata: credentialRequestMetadata as unknown as JsonObject,
-        masterSecret: { value: { ms: linkSecretRecord.value } },
+        linkSecret: linkSecretRecord.value,
         revocationRegistryDefinition,
       })
 

packages/anoncreds-rs/src/services/__tests__/helpers.ts

@@ -13,7 +13,7 @@ import {
   CredentialOffer,
   CredentialRequest,
   CredentialRevocationConfig,
-  MasterSecret,
+  LinkSecret,
   RevocationRegistryDefinition,
   RevocationRegistryDefinitionPrivate,
   RevocationStatusList,
@@ -77,10 +77,7 @@ export function createCredentialOffer(keyCorrectnessProof: Record<string, unknow
  * @returns Creates a valid link secret value for anoncreds-rs
  */
 export function createLinkSecret() {
-  const masterSecret = MasterSecret.create()
-  const ms = (masterSecret.toJson() as { value: { ms: string } }).value.ms as string
-  masterSecret.handle.clear()
-  return ms
+  return LinkSecret.create()
 }
 
 export function createCredentialForHolder(options: {
@@ -118,8 +115,8 @@ export function createCredentialForHolder(options: {
     entropy: 'some-entropy',
     credentialDefinition,
     credentialOffer,
-    masterSecret: { value: { ms: linkSecret } },
-    masterSecretId: linkSecretId,
+    linkSecret,
+    linkSecretId: linkSecretId,
   })
 
   const { revocationRegistryDefinition, revocationRegistryDefinitionPrivate, tailsPath } =

packages/anoncreds-rs/tests/anoncreds-flow.test.ts

@@ -279,8 +279,8 @@ describeRunInNodeVersion([18], 'AnonCreds format services using anoncreds-rs', (
         credentialDefinitionId: credentialDefinitionState.credentialDefinitionId,
       },
       '_anoncreds/credentialRequest': {
-        master_secret_blinding_data: expect.any(Object),
-        master_secret_name: expect.any(String),
+        link_secret_blinding_data: expect.any(Object),
+        link_secret_name: expect.any(String),
         nonce: expect.any(String),
       },
     })

packages/anoncreds-rs/tests/indy-flow.test.ts

@@ -279,8 +279,8 @@ describeRunInNodeVersion([18], 'Legacy indy format services using anoncreds-rs',
         credentialDefinitionId: credentialDefinitionState.credentialDefinitionId,
       },
       '_anoncreds/credentialRequest': {
-        master_secret_blinding_data: expect.any(Object),
-        master_secret_name: expect.any(String),
+        link_secret_blinding_data: expect.any(Object),
+        link_secret_name: expect.any(String),
         nonce: expect.any(String),
       },
     })

packages/anoncreds/src/formats/__tests__/legacy-indy-format-services.test.ts

@@ -251,8 +251,8 @@ describe('Legacy indy format services', () => {
         credentialDefinitionId: legacyCredentialDefinitionId,
       },
       '_anoncreds/credentialRequest': {
-        master_secret_blinding_data: expect.any(Object),
-        master_secret_name: expect.any(String),
+        link_secret_blinding_data: expect.any(Object),
+        link_secret_name: expect.any(String),
         nonce: expect.any(String),
       },
     })

packages/anoncreds/src/models/internal.ts

@@ -31,11 +31,13 @@ export interface AnonCredsSelectedCredentials {
   selfAttestedAttributes: Record<string, string>
 }
 
+export interface AnonCredsLinkSecretBlindingData {
+  v_prime: string
+  vr_prime: string | null
+}
+
 export interface AnonCredsCredentialRequestMetadata {
-  master_secret_blinding_data: {
-    v_prime: string
-    vr_prime: string | null
-  }
-  master_secret_name: string
+  link_secret_blinding_data: AnonCredsLinkSecretBlindingData
+  link_secret_name: string
   nonce: string
 }

packages/anoncreds/src/updates/0.3.1-0.4/__tests__/credentialExchangeRecord.test.ts

@@ -45,7 +45,7 @@ describe('0.3.1-0.4.0 | AnonCreds Migration | Credential Exchange Record', () =>
         getCredentialRecord({
           metadata: {
             '_internal/indyCredential': { some: 'value' },
-            '_internal/indyRequest': { another: 'value' },
+            '_internal/indyRequest': { nonce: 'nonce', master_secret_name: 'ms', master_secret_blinding_data: 'msbd' },
           },
           credentials: [
             {
@@ -71,7 +71,7 @@ describe('0.3.1-0.4.0 | AnonCreds Migration | Credential Exchange Record', () =>
       expect(credentialRecord.toJSON()).toMatchObject({
         metadata: {
           '_anoncreds/credential': { some: 'value' },
-          '_anoncreds/credentialRequest': { another: 'value' },
+          '_anoncreds/credentialRequest': { nonce: 'nonce', link_secret_name: 'ms', link_secret_blinding_data: 'msbd' },
         },
         credentials: [
           {
@@ -92,7 +92,7 @@ describe('0.3.1-0.4.0 | AnonCreds Migration | Credential Exchange Record', () =>
       const record = getCredentialRecord({
         metadata: {
           '_internal/indyCredential': { some: 'value' },
-          '_internal/indyRequest': { another: 'value' },
+          '_internal/indyRequest': { nonce: 'nonce', master_secret_name: 'ms', master_secret_blinding_data: 'msbd' },
         },
       })
 
@@ -101,7 +101,7 @@ describe('0.3.1-0.4.0 | AnonCreds Migration | Credential Exchange Record', () =>
       expect(record.toJSON()).toMatchObject({
         metadata: {
           '_anoncreds/credential': { some: 'value' },
-          '_anoncreds/credentialRequest': { another: 'value' },
+          '_anoncreds/credentialRequest': { nonce: 'nonce', link_secret_name: 'ms', link_secret_blinding_data: 'msbd' },
         },
       })
     })

packages/anoncreds/src/updates/0.3.1-0.4/credentialExchangeRecord.ts

@@ -131,8 +131,11 @@ export function migrateIndyCredentialMetadataToAnonCredsMetadata<Agent extends B
 
   const indyCredentialRequestMetadata = credentialRecord.metadata.get(indyCredentialRequestMetadataKey)
   if (indyCredentialRequestMetadata) {
-    // TODO: we if we choose to rename master secret to link secret in anoncreds-rs we should also rename it in the request
-    credentialRecord.metadata.set(ANONCREDS_CREDENTIAL_REQUEST_METADATA, indyCredentialRequestMetadata)
+    credentialRecord.metadata.set(ANONCREDS_CREDENTIAL_REQUEST_METADATA, {
+      link_secret_blinding_data: indyCredentialRequestMetadata.master_secret_blinding_data,
+      link_secret_name: indyCredentialRequestMetadata.master_secret_name,
+      nonce: indyCredentialRequestMetadata.nonce,
+    })
     credentialRecord.metadata.delete(indyCredentialRequestMetadataKey)
   }
 

packages/anoncreds/src/updates/__tests__/__snapshots__/0.3.test.ts.snap

@@ -58,11 +58,11 @@ exports[`UpdateAssistant | AnonCreds | v0.3.1 - v0.4 should correctly update the
           "schemaId": "A4CYPASJYRZRt98YWrac3H:2:Test Schema:5.0",
         },
         "_anoncreds/credentialRequest": {
-          "master_secret_blinding_data": {
+          "link_secret_blinding_data": {
             "v_prime": "6088566065720309491695644944398283228337587174153857313170975821102428665682789111613194763354086540665993822078019981371868225077833338619179176775427438467982451441607103798898879602785159234518625137830139620180247716943526165654371269235270542103763086097868993123576876140373079243750364373248313759006451117374448224809216784667062369066076812328680472952148248732117690061334364498707450807760707599232005951883007442927332478453073050250159545354197772368724822531644722135760544102661829321297308144745035201971564171469931191452967102169235498946760810509797149446495254099095221645804379785022515460071863075055785600423275733199",
             "vr_prime": null,
           },
-          "master_secret_name": "walletId28c602347-3f6e-429f-93cd-d5aa7856ef3f",
+          "link_secret_name": "walletId28c602347-3f6e-429f-93cd-d5aa7856ef3f",
           "nonce": "131502096406868204437821",
         },
       },

packages/core/src/agent/AgentModules.ts

@@ -9,6 +9,7 @@ import { CredentialsModule } from '../modules/credentials'
 import { DidsModule } from '../modules/dids'
 import { DiscoverFeaturesModule } from '../modules/discover-features'
 import { GenericRecordsModule } from '../modules/generic-records'
+import { MessagePickupModule } from '../modules/message-pìckup'
 import { OutOfBandModule } from '../modules/oob'
 import { ProofsModule } from '../modules/proofs'
 import { MediatorModule, MediationRecipientModule } from '../modules/routing'
@@ -121,6 +122,7 @@ function getDefaultAgentModules() {
     proofs: () => new ProofsModule(),
     mediator: () => new MediatorModule(),
     mediationRecipient: () => new MediationRecipientModule(),
+    messagePickup: () => new MessagePickupModule(),
     basicMessages: () => new BasicMessagesModule(),
     genericRecords: () => new GenericRecordsModule(),
     discovery: () => new DiscoverFeaturesModule(),

packages/core/src/agent/BaseAgent.ts

@@ -3,6 +3,7 @@ import type { AgentApi, CustomOrDefaultApi, EmptyModuleMap, ModulesMap, WithoutD
 import type { TransportSession } from './TransportService'
 import type { Logger } from '../logger'
 import type { CredentialsModule } from '../modules/credentials'
+import type { MessagePickupModule } from '../modules/message-pìckup'
 import type { ProofsModule } from '../modules/proofs'
 import type { DependencyManager } from '../plugins'
 
@@ -13,6 +14,7 @@ import { CredentialsApi } from '../modules/credentials'
 import { DidsApi } from '../modules/dids'
 import { DiscoverFeaturesApi } from '../modules/discover-features'
 import { GenericRecordsApi } from '../modules/generic-records'
+import { MessagePickupApi } from '../modules/message-pìckup/MessagePickupApi'
 import { OutOfBandApi } from '../modules/oob'
 import { ProofsApi } from '../modules/proofs'
 import { MediatorApi, MediationRecipientApi } from '../modules/routing'
@@ -47,6 +49,7 @@ export abstract class BaseAgent<AgentModules extends ModulesMap = EmptyModuleMap
   public readonly proofs: CustomOrDefaultApi<AgentModules['proofs'], ProofsModule>
   public readonly mediator: MediatorApi
   public readonly mediationRecipient: MediationRecipientApi
+  public readonly messagePickup: CustomOrDefaultApi<AgentModules['messagePickup'], MessagePickupModule>
   public readonly basicMessages: BasicMessagesApi
   public readonly genericRecords: GenericRecordsApi
   public readonly discovery: DiscoverFeaturesApi
@@ -90,6 +93,10 @@ export abstract class BaseAgent<AgentModules extends ModulesMap = EmptyModuleMap
     this.proofs = this.dependencyManager.resolve(ProofsApi) as CustomOrDefaultApi<AgentModules['proofs'], ProofsModule>
     this.mediator = this.dependencyManager.resolve(MediatorApi)
     this.mediationRecipient = this.dependencyManager.resolve(MediationRecipientApi)
+    this.messagePickup = this.dependencyManager.resolve(MessagePickupApi) as CustomOrDefaultApi<
+      AgentModules['messagePickup'],
+      MessagePickupModule
+    >
     this.basicMessages = this.dependencyManager.resolve(BasicMessagesApi)
     this.genericRecords = this.dependencyManager.resolve(GenericRecordsApi)
     this.discovery = this.dependencyManager.resolve(DiscoverFeaturesApi)
@@ -103,6 +110,7 @@ export abstract class BaseAgent<AgentModules extends ModulesMap = EmptyModuleMap
       this.proofs,
       this.mediator,
       this.mediationRecipient,
+      this.messagePickup,
       this.basicMessages,
       this.genericRecords,
       this.discovery,

packages/core/src/agent/__tests__/Agent.test.ts

@@ -13,6 +13,7 @@ import { ConnectionService } from '../../modules/connections/services/Connection
 import { TrustPingService } from '../../modules/connections/services/TrustPingService'
 import { CredentialRepository } from '../../modules/credentials'
 import { CredentialsApi } from '../../modules/credentials/CredentialsApi'
+import { MessagePickupApi } from '../../modules/message-pìckup'
 import { ProofRepository } from '../../modules/proofs'
 import { ProofsApi } from '../../modules/proofs/ProofsApi'
 import {
@@ -171,6 +172,7 @@ describe('Agent', () => {
 
       expect(container.resolve(MediatorApi)).toBeInstanceOf(MediatorApi)
       expect(container.resolve(MediationRecipientApi)).toBeInstanceOf(MediationRecipientApi)
+      expect(container.resolve(MessagePickupApi)).toBeInstanceOf(MessagePickupApi)
       expect(container.resolve(MediationRepository)).toBeInstanceOf(MediationRepository)
       expect(container.resolve(MediatorService)).toBeInstanceOf(MediatorService)
       expect(container.resolve(MediationRecipientService)).toBeInstanceOf(MediationRecipientService)
@@ -208,6 +210,7 @@ describe('Agent', () => {
 
       expect(container.resolve(MediatorApi)).toBe(container.resolve(MediatorApi))
       expect(container.resolve(MediationRecipientApi)).toBe(container.resolve(MediationRecipientApi))
+      expect(container.resolve(MessagePickupApi)).toBe(container.resolve(MessagePickupApi))
       expect(container.resolve(MediationRepository)).toBe(container.resolve(MediationRepository))
       expect(container.resolve(MediatorService)).toBe(container.resolve(MediatorService))
       expect(container.resolve(MediationRecipientService)).toBe(container.resolve(MediationRecipientService))

packages/core/src/agent/__tests__/AgentModules.test.ts

@@ -7,6 +7,7 @@ import { CredentialsModule } from '../../modules/credentials'
 import { DidsModule } from '../../modules/dids'
 import { DiscoverFeaturesModule } from '../../modules/discover-features'
 import { GenericRecordsModule } from '../../modules/generic-records'
+import { MessagePickupModule } from '../../modules/message-pìckup'
 import { OutOfBandModule } from '../../modules/oob'
 import { ProofsModule } from '../../modules/proofs'
 import { MediatorModule, MediationRecipientModule } from '../../modules/routing'
@@ -59,6 +60,7 @@ describe('AgentModules', () => {
         proofs: expect.any(ProofsModule),
         mediator: expect.any(MediatorModule),
         mediationRecipient: expect.any(MediationRecipientModule),
+        messagePickup: expect.any(MessagePickupModule),
         basicMessages: expect.any(BasicMessagesModule),
         genericRecords: expect.any(GenericRecordsModule),
         discovery: expect.any(DiscoverFeaturesModule),
@@ -82,6 +84,7 @@ describe('AgentModules', () => {
         proofs: expect.any(ProofsModule),
         mediator: expect.any(MediatorModule),
         mediationRecipient: expect.any(MediationRecipientModule),
+        messagePickup: expect.any(MessagePickupModule),
         basicMessages: expect.any(BasicMessagesModule),
         genericRecords: expect.any(GenericRecordsModule),
         discovery: expect.any(DiscoverFeaturesModule),
@@ -108,6 +111,7 @@ describe('AgentModules', () => {
         proofs: expect.any(ProofsModule),
         mediator: expect.any(MediatorModule),
         mediationRecipient: expect.any(MediationRecipientModule),
+        messagePickup: expect.any(MessagePickupModule),
         basicMessages: expect.any(BasicMessagesModule),
         genericRecords: expect.any(GenericRecordsModule),
         discovery: expect.any(DiscoverFeaturesModule),