Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Credential Offer] It's possible to receive connection-less credential offer from removed contact #930

Open
3 of 5 tasks
AlexanderShenshin opened this issue Aug 14, 2023 · 0 comments
Open
3 of 5 tasks

[Credential Offer] It's possible to receive connection-less credential offer from removed contact #930

AlexanderShenshin opened this issue Aug 14, 2023 · 0 comments

Comments

@AlexanderShenshin
Copy link
Contributor

Description of problem

It appears to be possible to receive credential offer from already removed contact. It will be handled as connection-less under the hood and will display Unknown contact label in UI. Such message cannot be normally processed by the user.

It looks like the actual reason is following:

  • According to implementation, Unknown contact label is displayed in case if there is no connection ID in credential offer record
  • It’s possible because AFJ will consider message as connection-less if connection cannot be found by sender/recipient keys
  • Scenario where it’s possible - removed contact
  • Normally, if contact was already removed, mediator will not send messages from this contact as mobile wallet will remove it’s connection key by sending keylist-update message (notify mediator that connection is removed)
  • But if keylist-update message was not delivered to mediator or already sent credential offer is stuck because of network delays just before contact removal, above-mentioned issue will appear

Expected behavior

It's probably makes sense to not accept such connection-less credential offers from removed contact, but it's not obvious how exactly such cases should be handled.

Steps to reproduce (for credential offer)

Note: reproduction may be not 100% stable as it depends on network connection and delays

  • Add new contact
  • Disable internet connection on a device
  • Send credential offer from a contact
  • In mobile app, open contact details → enable internet connection and quickly remove contact
  • Go to the Home screen, wait for Credential Offer to appear and open it

Screenshots and/or log output

Screenshot (Small)

Related AFJ logs:

2023-06-06T11:52:13.097Z | AFJ | DEBUG : No connection record found for encrypted message with recipient key z6Mknc8GXEjQ8sFeG9D3224xF1z7ZD94gFAbxk9dB6UuF9qD and sender key z6Mkkxu7Q1YZ6kCERxBpANUeizpuNhr2mvpNoCMEAfnPUDvA 
2023-06-06T11:52:13.101Z | AFJ | DEBUG : Processing credential offer with id 802ee8b9-c586-43e8-b4bf-ced1d04b6173 
2023-06-06T11:52:13.102Z | AFJ | DEBUG : 
[
  "Processing connection-less message with id 802ee8b9-c586-43e8-b4bf-ced1d04b6173",
  {
    "type": "https://didcomm.org/issue-credential/2.0/offer-credential"
  }
]

Environment

  • Occurs on Android
  • Occurs on iOS

Build #: https://github.com/hyperledger/aries-mobile-agent-react-native/tree/db3f18af25f554cd5d616e977e08551b77791c09

Android Device Model: POCO X3 NFC / MIUI version 12.5.7 (Android version 11 RKQ1.200826.002)

iOS Device Model: iPhone 8 Plus / iOS 16

Severity

  • High
  • Medium (corner case)
  • Low
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AlexanderShenshin