Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Less confusing handling of keyring network names in CLI #98

Closed
vipyne opened this issue Nov 20, 2018 · 2 comments
Closed

Less confusing handling of keyring network names in CLI #98

vipyne opened this issue Nov 20, 2018 · 2 comments
Labels
enhancement New feature or request

Comments

@vipyne
Copy link
Contributor

vipyne commented Nov 20, 2018

Allow a keyring URL ie http://keyrings.ara.one/1.0/did:ara:59f8d0... to be passed in without a network name specified in the URL. Use the network name passed in via --network arg.

Desired Behavior

$ aid resolve did:ara:4d9a84... \
-k http://keyrings.ara.one/1.0/did:ara:59f8d...71a87987ef -n archiver -s test-node

Actual Behavior

$ aid resolve did:ara:4d9a84... \
-k http://keyrings.ara.one/1.0/did:ara:59f8d...71a87987ef/archiver -n resolver -s test-node
@vipyne vipyne added the enhancement New feature or request label Nov 20, 2018
@Prash74
Copy link
Contributor

Prash74 commented Nov 20, 2018
edited
Loading

@vipyne so the --network flag in ara-identity CLI refers to the network name inside the keyring file.

So the keyring file stores network keys in a key-value pair format. Something like this

$ ank -i did:ara:59f8d.....7ef -s test-node -n archiver -k keyring-file

will result in,

{
"archiver" : {Network keys containing the discovery key }
}

Lets say if we append another entry into the same keyring file as below,

$ ank -i did:ara:59f8d.....7ef -s test-node -n resolver -k keyring-file

It will result in the keyring file looking something like this,

{
"archiver" : {Network keys containing a discovery key},
"resolver" : {Network keys containing a discovery key}
}

So, lets say you want to retrieve the discovery key for the archiver entry from the above file, you would use it as

$ aid archive <DID> -s test-node -n archiver -k keyring-file.pub

As for the keyring-registry URL's, the name in the URL refers to the file name used to store when publishing. The registry server treats it as a single file and doesn't care about what values are inside the keyring file.

In order to use a keyring file from the registry, you would need to know the shared-secret and network values inside the keyring file beforehand. This can be obtained from the developer who provided the URL for the keyring file.

So if the same file above is published as ara-dev-keyring and the URL is http://keyrings.ara.one/1.0/did:ara:59f8d...71a87987ef/ara-dev-keyring, it can used as

$ aid archive <DID> -s test-node -n archiver -k 'http://keyrings.ara.one/1.0/did:ara:59f8d...71a87987ef/ara-dev-keyring'
$ aid resolve <DID> -s test-node -n resolver -k 'http://keyrings.ara.one/1.0/did:ara:59f8d...71a87987ef/ara-dev-keyring'

@vipyne
Copy link
Contributor Author

vipyne commented Nov 20, 2018

ah, I think this explains the difference between name and network.
Thanks @Prash74 !

@vipyne vipyne closed this as completed Nov 20, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vipyne @Prash74