You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is particularly problematic when the peer is using a legacy DID, as this is when the peer would attach a did_doc. E.g. ACApy has been found to do this, causing AATH failures.
Other agents, like acapy, are tolerant to both legacy and spec-compliant DIDDoc structures in their DIDExchange handling.
To fix this, i believe we should do the following:
add a method to convert from the legacy structure (AriesDidDoc in aries/misc/legacy/diddoc_legacy/src/aries/diddoc.rs) into the spec-compliant structure (did_core/did_doc/src/schema/did_doc.rs). This method could probably live in the diddoc_legacy crate as a signal to consumers to migrate to use the new format; AriesDidDoc::try_into_compliant
Have the attachment_to_diddoc DIDExchange helper function in aries-vcx have a fallback of; 1. deserialize into AriesDidDoc, 2. convert AriesDidDoc into compliant DidDocument.
Alternatively to 2. ^, if it's more efficient, we could have some internal helper serde struct defined to represent both variants like a union type, then deserialize into that union type, then run the 2.2. conversion step if needed. e.g.:
@JamesKEbert there's arguably no point in doing this if we don't care for supporting for unqualified DIDs in DIDExchange. my understanding is that did_doc attachment is only used if unqualified DIDs are being used (i.e. bcus they are unresolvable). thoughts?
@gmulhearn-anonyome I'd tend to agree in that since we're attempting to migrate away from using unqualified DIDs as a community then it's not really worth the effort to add support for them, unless there's some strong need for that backwards compatibility that I'm not aware of.
As found here, aries-vcx DIDExchange handlers are not resilient to the case where the request or response message has a did_doc attachment that is a legacy DIDDoc structure (i.e. an older "aries" diddoc: https://hyperledger.github.io/aries-rfcs/latest/features/0067-didcomm-diddoc-conventions/#implementations).
This is particularly problematic when the peer is using a legacy DID, as this is when the peer would attach a did_doc. E.g. ACApy has been found to do this, causing AATH failures.
Other agents, like acapy, are tolerant to both legacy and spec-compliant DIDDoc structures in their DIDExchange handling.
To fix this, i believe we should do the following:
AriesDidDoc
inaries/misc/legacy/diddoc_legacy/src/aries/diddoc.rs
) into the spec-compliant structure (did_core/did_doc/src/schema/did_doc.rs
). This method could probably live in the diddoc_legacy crate as a signal to consumers to migrate to use the new format;AriesDidDoc::try_into_compliant
attachment_to_diddoc
DIDExchange helper function in aries-vcx have a fallback of; 1. deserialize into AriesDidDoc, 2. convert AriesDidDoc into compliant DidDocument.Alternatively to 2. ^, if it's more efficient, we could have some internal helper serde struct defined to represent both variants like a union type, then deserialize into that union type, then run the 2.2. conversion step if needed. e.g.:
ACAPY helpful reference
ACAPy also has a converter for legacy -> compliant, found here: https://github.com/hyperledger/aries-cloudagent-python/blob/5ad52c15d2f4f62db1678b22a7470776d78b36f5/aries_cloudagent/resolver/default/legacy_peer.py#L27. it could be used as a reference
The text was updated successfully, but these errors were encountered: