Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(present-proof): add support for aries RFC 510 #1676

Merged

Conversation

berendsliedrecht
Copy link
Contributor

@berendsliedrecht berendsliedrecht commented Dec 19, 2023

  • Adds basic support for dif presentation exchange over DIDComm

    • According to RFC 0454 and 510
  • Would be good to include some more tests, but code is ready to review

  • There is still an open issue I have with the credential selection. Right now if we use PEXv2, we basically call getAll on the w3c credentials which is not really great... For V1 we could use the schema attribute, but that is not included anymore. For now, it might be fine to just call the getAll function and use those credentials and resolve this later when we want to revamp the storage.

@berendsliedrecht berendsliedrecht force-pushed the present-proof-v2 branch 3 times, most recently from 436b922 to 27fb71a Compare December 21, 2023 09:04
@berendsliedrecht berendsliedrecht marked this pull request as ready for review December 21, 2023 12:24
@berendsliedrecht berendsliedrecht requested a review from a team as a code owner December 21, 2023 12:24
Copy link
Contributor

@TimoGlastra TimoGlastra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good, but it's missing some things

proofType: this.getProofTypeForLdpVc(agentContext, presentationDefinition, verificationMethod),
proofType: this.getProofTypeForLdpVc(
agentContext,
presentationDefinition as PresentationDefinition,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

Comment on lines 40 to 43
const credentialRecord = credentialRecords.find((record) => {
const originalVc = getSphereonOriginalVerifiableCredential(record.credential)

return deepEquality(originalVc, encoded)
})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It feels a bit expensive to do a deepEquality on every credential to find the original record that was associated with VC. Is there no other way to do the matching?

Because we have the encodedCredenitals, we can do a === check on it right, as the object references are the same?

So in that case const credentialIndex = encodedCredentials.indexOf(encoded) should still work

But maybe I'm missing something

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried it again, but the indexOf does not seem to work. Likely somewhere deeper in the code a clone is being done (could be in the sphereon library). I will leave it like this for now.

ps.validatePresentationSubmission(presentation.presentation_submission)
}

ps.validatePresentation(presentationDefinition, presentation as unknown as VerifiablePresentation)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the presentation submission not used to verify a presentation? Does it just check if it matches the presentationDefinition, but not the presentationSubmission?

Also -- should we make validatePresentation take a W3CVerifiablePresentation instead of a sphereon interface?

presentation_definition: PresentationDefinition
}>()
const presentation = attachment.getDataAsJson<
W3cVerifiablePresentation & { presentation_submission: PresentationSubmission }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

W3cVerifiablePresentation is incorrect I think, as it's a class, while we just take the object here. So the type will think it has context property, but it will actually have @context property. We need to use json transformer on it as well.

ps.validatePresentation(presentationDefinition, presentation as unknown as VerifiablePresentation)
return true
} catch (e) {
agentContext.config.logger.error(e)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
agentContext.config.logger.error(e)
agentContext.config.logger.error(`Failed to verify presentation in PEX proof format service: ${e.message}`, { cause: e })

Comment on lines 237 to 283
const credentials = presentationSubmission.requirements.flatMap((r) =>
r.submissionEntry.flatMap((e) => e.verifiableCredentials)
)

return credentials
}

public async selectCredentialsForRequest(
agentContext: AgentContext,
{ requestAttachment }: ProofFormatSelectCredentialsForRequestOptions<PresentationExchangeProofFormat>
): Promise<Array<W3cCredentialRecord>> {
const ps = this.presentationExchangeService(agentContext)
const { presentation_definition: presentationDefinition } = requestAttachment.getDataAsJson<{
presentation_definition: PresentationDefinition
}>()

ps.validatePresentationDefinition(presentationDefinition)

const presentationSubmission = await ps.selectCredentialsForRequest(agentContext, presentationDefinition)

const credentials = presentationSubmission.requirements.flatMap((r) =>
r.submissionEntry.flatMap((e) => e.verifiableCredentials)
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in other comments, the structures returned by the service adds a lot of needed context. I think we should return them as is, rather than flatmapping

}),
cache: new CacheModule({
cache: new InMemoryLruCache({ limit: 100 }),
}),
indySdk: new IndySdkModule({
indySdk,
}),
pex: new PresentationExchangeModule(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this registered by default? As it's in core, I think we should register it by default

@berendsliedrecht
Copy link
Contributor Author

@TimoGlastra I resolved your feedback, but I am now encountering an error that the PresentationExchangeProofFormatData.formatData.presentation does not contain the proof object. Do you know if we have this already defined somewhere as a type that I could reuse? I could not find it myself.

@TimoGlastra
Copy link
Contributor

@TimoGlastra I resolved your feedback, but I am now encountering an error that the PresentationExchangeProofFormatData.formatData.presentation does not contain the proof object. Do you know if we have this already defined somewhere as a type that I could reuse? I could not find it myself.

I was able to fix this by using presentation.encoded. This return either the JSON variant of the w3c presentation or the serialized JWT as string (in case of JWT VP). You were directly using the class, which is not suitable for directly sending over the wire (it first needs to be serialized to JSON).

Signed-off-by: Timo Glastra <[email protected]>
@TimoGlastra
Copy link
Contributor

@berendsliedrecht I have pushed a fix for the above + several other fixes (please take a look at the commit so you can see which changes I made).

Could you maybe to wrap this up, update the tests in packages/core/src/modules/proofs/protocol/v2/__tests__/v2-presentation-exchange-presentation.e2e.test.ts to make it either all standalone tests or a single test?

Currently it's multiple tests but they depend on each other. It will result in that you can't run the tests separately, and if one fails the others will fail too. So in that case it's better to make it just one test or properly split them up.

Otherwise I think we're good here, really nice work and happy that it's finally ready to be integrated into AFJ :)

Once merged I'll update it in the openid4vc branch

BTW -- added a non-spec compliant way to also support JWT VPs. Haven't added tests for it yet, but I think it is really nice to also support JWT VPs (although it only supports once and you can't add multiple proofs, see suggestion in this issue on some changes I want to propose for V2 of the attachment format: hyperledger/aries-rfcs#807)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Timo Glastra <[email protected]>
@TimoGlastra TimoGlastra self-requested a review January 8, 2024 08:42
@TimoGlastra
Copy link
Contributor

Merging, would be great if you can still do a small follow up PR @berendsliedrecht

@TimoGlastra TimoGlastra merged commit 40c9bb6 into openwallet-foundation:main Jan 10, 2024
7 checks passed
@berendsliedrecht berendsliedrecht deleted the present-proof-v2 branch January 10, 2024 10:26
@berendsliedrecht
Copy link
Contributor Author

Should be fixed in #1696

genaris pushed a commit to genaris/credo-ts that referenced this pull request Jan 29, 2024
genaris added a commit to genaris/credo-ts that referenced this pull request Jan 29, 2024
Signed-off-by: Ariel Gentile <[email protected]>

feat: deliver messages individually, not fetching from the queue every time

Signed-off-by: Ariel Gentile <[email protected]>

chore: revert to free runners (openwallet-foundation#1662)

Signed-off-by: Ry Jones <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

chore: create settings.yml (openwallet-foundation#1663)

Signed-off-by: Ry Jones <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

chore: fix ci and add note to readme (openwallet-foundation#1669)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

docs: update active maintainers (openwallet-foundation#1664)

Signed-off-by: Karim Stekelenburg <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

feat: did:peer:2 and did:peer:4 support in DID Exchange (openwallet-foundation#1550)

Signed-off-by: Ariel Gentile <[email protected]>

feat(presentation-exchange): added PresentationExchangeService (openwallet-foundation#1672)

Signed-off-by: Berend Sliedrecht <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

chore: removed jan as maintainer (openwallet-foundation#1678)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

ci: change secret (openwallet-foundation#1679)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

chore: add meta to rxjs timeout errors (openwallet-foundation#1683)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

build(deps): bump ws and @types/ws (openwallet-foundation#1686)

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

build(deps): bump follow-redirects from 1.15.2 to 1.15.4 (openwallet-foundation#1694)

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

chore: update shared components libraries (openwallet-foundation#1691)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

fix: properly print key class (openwallet-foundation#1684)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

feat(present-proof): add support for aries RFC 510 (openwallet-foundation#1676)

Signed-off-by: Berend Sliedrecht <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

fix(present-proof): isolated tests (openwallet-foundation#1696)

Signed-off-by: Ariel Gentile <[email protected]>

feat(indy-vdr): register revocation registry definitions and status list (openwallet-foundation#1693)

Signed-off-by: Ariel Gentile <[email protected]>

chore: rename to credo-ts (openwallet-foundation#1703)

Signed-off-by: Ry Jones <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

ci: fix git checkout path and update setup-node (openwallet-foundation#1709)

Signed-off-by: Ariel Gentile <[email protected]>

fix: remove check for DifPresentationExchangeService dependency (openwallet-foundation#1702)

Signed-off-by: Sai Ranjit Tummalapalli <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

docs: update zoom meeting link (openwallet-foundation#1706)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

refactor(oob)!: make label optional (openwallet-foundation#1680)

Signed-off-by: Timo Glastra <[email protected]>
Co-authored-by: Ariel Gentile <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

feat: support short legacy connectionless invitations (openwallet-foundation#1705)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

feat(dids)!: did caching (openwallet-foundation#1710)

feat: did caching

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

fix: jsonld document loader node 18 (openwallet-foundation#1454)

Signed-off-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

build(deps): bump amannn/action-semantic-pull-request from 5.3.0 to 5.4.0 (openwallet-foundation#1656)

build(deps): bump amannn/action-semantic-pull-request

Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/amannn/action-semantic-pull-request/releases)
- [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md)
- [Commits](amannn/action-semantic-pull-request@v5.3.0...v5.4.0)

---
updated-dependencies:
- dependency-name: amannn/action-semantic-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Timo Glastra <[email protected]>
Signed-off-by: Ariel Gentile <[email protected]>

feat: did rotate (openwallet-foundation#1699)

Signed-off-by: Ariel Gentile <[email protected]>

refactor: pickup protocol method names

Signed-off-by: Ariel Gentile <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants