Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for RFC 0360: did:key Usage #497

Closed
TimoGlastra opened this issue Oct 20, 2021 · 7 comments · Fixed by #1029
Closed

Add support for RFC 0360: did:key Usage #497

TimoGlastra opened this issue Oct 20, 2021 · 7 comments · Fixed by #1029
Assignees
Labels
AIP 2.0 Tasks related to AIP 2.0 support
Milestone

Comments

@TimoGlastra
Copy link
Contributor

https://github.com/hyperledger/aries-rfcs/tree/b3a3942ef052039e73cd23d847f42947f8287da2/features/0360-use-did-key

@TimoGlastra TimoGlastra added the AIP 2.0 Tasks related to AIP 2.0 support label Oct 20, 2021
@TimoGlastra TimoGlastra added this to the v0.3.0 milestone Mar 1, 2022
@genaris genaris self-assigned this Sep 1, 2022
@genaris
Copy link
Contributor

genaris commented Sep 1, 2022

I'll take a look at this one. For RFC 0211 usage of did:key maybe we can do something with Discover Features V2 to determine the key format to use.

@genaris
Copy link
Contributor

genaris commented Sep 9, 2022

I'm having some headaches trying to find a proper way of implementing this while maintaining compatibility with older agents. IMHO, this did:key thing has introduced a breaking change in protocols but their version number is kept (and there is no new flag to explicitly indicate RFC 0360 support). And also it has been introduced some time before we implemented RFC 0211, so we can admit that our implementation (probably biased by ACA-Py's) was not according to the spec.

It seems to me that a balanced solution would be to add a (yet another) flag in routing module that, when enabled, agent will encode keys in did:key for all related protocols (i.e Coordinate Mediation, Pick Up V1 and Pick Up V2). This flag will be default to false in 0.2.x to keep current behaviour.

For next major version, I think it should default to true, to enforce alignment with AIP 2.0 in new AFJ deployments. Yes, I know this is controversial, as some AFJ contributors like @TimoGlastra and myself are not convinced of this approach of encoding keys 😛, but it could be useful to ensure compatibility with other agents that might no be aware of this backwards compatibility (especially considering that this RFC 0360 was accepted 1,5 years ago.

BTW apart from routing protocols, is there any other protocol that we should still adapt? I'm not sure about Connections (RFC 0160) but I guess the other ones (OOB, DID Exchange, etc.) are already covered.

@swcurran
Copy link
Contributor

swcurran commented Sep 9, 2022

I assume the breaking issue is when to send a key in did:key format. Presumably it is pretty easy to support detecting/using did:key when you receive it. Has that been added to AFJ? However, when sending something, you can't be sure the other side has done even that much. Is that correct?

@ianco @andrewwhitehead @shaangill025 @dbluhm -- we've got to make sure we are doing the same things in ACA-Py. And the comment above about ACA-Py implementation not being to spec.

@genaris
Copy link
Contributor

genaris commented Sep 10, 2022

I assume the breaking issue is when to send a key in did:key format. Presumably it is pretty easy to support detecting/using did:key when you receive it. Has that been added to AFJ? However, when sending something, you can't be sure the other side has done even that much. Is that correct?

Yes, exactly. My concern is mainly with old agents that might not interpret correctly the keys we are sending to them if they are did:key encoded.

For compatibility with ACA-Py, I guess we are mostly covered, as AFJ since 0.2.2 supports receiving both did:key or base58 keys in Coordinate Mediation protocol. However, there is a case where recipient might send a key to the mediator: Status and Delivery request in Pick Up V2 protocol. In AFJ we are not yet sending it (it's an optional field), but probably will in a future version, so it might worth taking a look at ACA-Py implementation of that protocol to make sure it could handle did:key in such case.

@swcurran
Copy link
Contributor

@shaangill025 -- could you put the request in the previous comment at the top of your list -- can ACA-Py handle receiving a did:key in the PickUp protocol (@dbluhm FYI). Should be prioritized with the OOB work you are doing, and ahead of the AATH. Thanks!

@TimoGlastra
Copy link
Contributor Author

I think we can do maybe 3 things (and start with a flag):

  • if we receive a message with did:key, we respond with did:key
  • add a flag that will now keep current behavior, in next major inverts current behavior and in some version in the future we remove it (just always send new, but keep supporting receiving old).
  • once we have used did:key for a protocol we could store it in the record metadata to always use did:key from then on

@TheTechmage
Copy link

The way that this was implemented from within ACA-Py (as I recall) is that only the Coordinate Mediation protocol deals with did:key at this time. Originally, I had it handling did:key at the routing level, providing the capability for all protocols to use did:key. However, per @dbluhm's recommendation to follow the principle of least change, I limited the scope to just the coordinate mediation protocol. As I recall, it should support both the old keys and the new did:key formats.

This behavioral change was made in openwallet-foundation/acapy#1886

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
AIP 2.0 Tasks related to AIP 2.0 support
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants