You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It appears to be possible to receive credential offer from already removed contact. It will be handled as connection-less under the hood and will display Unknown contact label in UI. Such message cannot be normally processed by the user.
It looks like the actual reason is following:
According to implementation, Unknown contact label is displayed in case if there is no connection ID in credential offer record
It’s possible because AFJ will consider message as connection-less if connection cannot be found by sender/recipient keys
Scenario where it’s possible - removed contact
Normally, if contact was already removed, mediator will not send messages from this contact as mobile wallet will remove it’s connection key by sending keylist-update message (notify mediator that connection is removed)
But if keylist-update message was not delivered to mediator or already sent credential offer is stuck because of network delays just before contact removal, above-mentioned issue will appear
Expected behavior
It's probably makes sense to not accept such connection-less credential offers from removed contact, but it's not obvious how exactly such cases should be handled.
Steps to reproduce (for credential offer)
Note: reproduction may be not 100% stable as it depends on network connection and delays
Add new contact
Disable internet connection on a device
Send credential offer from a contact
In mobile app, open contact details → enable internet connection and quickly remove contact
Go to the Home screen, wait for Credential Offer to appear and open it
Screenshots and/or log output
Related AFJ logs:
2023-06-06T11:52:13.097Z | AFJ | DEBUG : No connection record found for encrypted message with recipient key z6Mknc8GXEjQ8sFeG9D3224xF1z7ZD94gFAbxk9dB6UuF9qD and sender key z6Mkkxu7Q1YZ6kCERxBpANUeizpuNhr2mvpNoCMEAfnPUDvA
2023-06-06T11:52:13.101Z | AFJ | DEBUG : Processing credential offer with id 802ee8b9-c586-43e8-b4bf-ced1d04b6173
2023-06-06T11:52:13.102Z | AFJ | DEBUG :
[
"Processing connection-less message with id 802ee8b9-c586-43e8-b4bf-ced1d04b6173",
{
"type": "https://didcomm.org/issue-credential/2.0/offer-credential"
}
]
Description of problem
It appears to be possible to receive credential offer from already removed contact. It will be handled as connection-less under the hood and will display
Unknown contact
label in UI. Such message cannot be normally processed by the user.It looks like the actual reason is following:
Unknown contact
label is displayed in case if there is no connection ID in credential offer recordkeylist-update
message (notify mediator that connection is removed)keylist-update
message was not delivered to mediator or already sent credential offer is stuck because of network delays just before contact removal, above-mentioned issue will appearExpected behavior
It's probably makes sense to not accept such connection-less credential offers from removed contact, but it's not obvious how exactly such cases should be handled.
Steps to reproduce (for credential offer)
Note: reproduction may be not 100% stable as it depends on network connection and delays
Screenshots and/or log output
Related AFJ logs:
Environment
Build #: https://github.com/hyperledger/aries-mobile-agent-react-native/tree/db3f18af25f554cd5d616e977e08551b77791c09
Android Device Model: POCO X3 NFC / MIUI version 12.5.7 (Android version 11 RKQ1.200826.002)
iOS Device Model: iPhone 8 Plus / iOS 16
Severity
The text was updated successfully, but these errors were encountered: