# Initialising Your Agent as an Issuing Authority

This template walks you through the basic steps you need to take to configure your agent as an issuing authority on the Sovrin StagingNet. If using a different network you will need to update this template. The steps include:

* Writing your DID to the Sovrin StagingNet
* Accepting the Transaction Author Agreement
* Authoring schema to the ledger
* Authoring credential definitions for the schema this agent intends to issue
* Persisting Identifiers for use throughout the playground.

It is recommended that this initialisation notebook be run **once**. If you are following the default docker-compose services then your agents wallet storage will be persisted in a postgres database as long as you run `./manage stop` rather than `./manage down`. 



### Imports

In [6]:
from aries_cloudcontroller import AriesAgentController
import os
from termcolor import colored

### Initialise the Agent Controller

In [7]:
api_key = os.getenv("ACAPY_ADMIN_API_KEY")
admin_url = os.getenv("ADMIN_URL")

print(f"Initialising a controller with admin api at {admin_url} and an api key of {api_key}")
agent_controller = AriesAgentController(admin_url,api_key)

Initialising a controller with admin api at http://hlgf-agent:3021 and an api key of adminApiKey


## Write DID to the Public Ledger

Note: if defined a ACAPY_WALLET_SEED value for your agent then this function will return a DID, but this DID still needs to be written to the ledger. If you did not define a seed you will need to create a DID first.

In [16]:
public_did_response = await agent_controller.wallet.get_public_did()

In [17]:
if public_did_response["result"]:
    did_obj = public_did_response["result"]
else:
    create_did_response = await agent_controller.wallet.create_did()
    did_obj = create_did_response['result']
print("DID", did_obj)

DID {'did': '5Q1Zz9foMeAA8Q7mrmzCfZ', 'verkey': '3PzN32XZEBRZSmuZ4958CK7KigYG23aCRt6FkeVxUShM', 'posture': 'public'}


In [14]:
# create_did_response = await agent_controller.wallet.create_did()
# did_obj = create_did_response['result']
# print(did_obj)

{'did': 'FcRM8hKZg9tZiAfWbHmBfx', 'verkey': '8xscNGPSwzxMtY2sy5bMgS8SzDoWEfYHMuRrbE9Rp6YW', 'posture': 'wallet_only'}


In [15]:
# write new DID to Yoma Testnet
import requests
import json 

url = 'http://testnet.didx.xyz/register'

#payload sovrin stagingnet
# payload = {"network":"stagingnet","did": did_obj["did"],"verkey":did_obj["verkey"],"paymentaddr":""}

#payload yoma testnet from did
payload = {"did": did_obj["did"], "seed": "null", "verkey": did_obj["verkey"]}

#payload yoma testnet from seed
# payload = {\"seed\":\"${INDY_WALLET_SEED}\", \"role\":\"TRUST_ANCHOR\", \"alias\":\"${AGENT_NAME}

# "curl -d '{\"seed\":\"${INDY_WALLET_SEED}\", \"role\":\"TRUST_ANCHOR\", \"alias\":\"${AGENT_NAME}\"}' -X POST ${LEDGER_URL}/register; \

# Adding empty header as parameters are being sent in payload
headers = {}

r = requests.post(url, data=json.dumps(payload), headers=headers)
print(r.json())

{'did': 'FcRM8hKZg9tZiAfWbHmBfx', 'seed': 'null0000000000000000000000000000', 'verkey': '8xscNGPSwzxMtY2sy5bMgS8SzDoWEfYHMuRrbE9Rp6YW'}


## Accept Transaction Author Agreement

Although the Sovrin StagingNet is permissionless, before DID's have the authority to write to the ledger they must accept something called a transaction author agreement by signing it using the DID they have on the ledger.

As a global public ledger, the Sovrin Ledger and all its participants are subject to privacy and data protection regulations such as the EU General Data Protection Regulation (GDPR). These regulations require that the participants be explicit about responsibilities for Personal Data.

To clarify these responsibilities and provide protection for all parties, the Sovrin Governance Framework Working Group developed an agreement between Transaction Authors and the Sovrin Foundation. The TAA can be found at Sovrin.org. It ensures that users are aware of and consent to the fact that all data written to the Sovrin Ledger cannot be removed, even if the original author of the transaction requests its removal.

The TAA outlines the policies that users must follow when interacting with the Sovrin Ledger. When a user’s client software is preparing a transaction for submission to the network, it must include a demonstration that the user had the opportunity to review the current TAA and accept it. This is done by including some additional fields in the ledger write transaction: 

* A hash of the agreement
* A date when the agreement was accepted, and
* A string indicating the user interaction that was followed to obtain the acceptance.

The Indy client API used by Sovrin has been extended to allow users to review current and past agreements and to indicate acceptance through an approved user interaction pattern. - source: https://sovrin.org/preparing-for-the-sovrin-transaction-author-agreement/

For more details on TAA please read more at the following links:
* [Preparing for the Sovrin Transaction Author Agreement](https://sovrin.org/preparing-for-the-sovrin-transaction-author-agreement/)
* [How the recent approval of the Sovrin Governance Framework v2 affects Transaction Authors
](https://sovrin.org/how-the-recent-approval-of-the-sovrin-governance-framework-v2-affects-transaction-authors/)
* [TAA v2](https://github.com/sovrin-foundation/sovrin/blob/master/TAA/TAA.md)
* [TAA Acceptance Mechanism List (AML)](https://github.com/sovrin-foundation/sovrin/blob/master/TAA/AML.md)

In [19]:
taa_response = await agent_controller.ledger.get_taa()
print(taa_response)
TAA = taa_response['result']['taa_record']
TAA['mechanism'] = "service_agreement"
await agent_controller.ledger.accept_taa(TAA)

{'result': {'aml_record': None, 'taa_record': None, 'taa_required': False, 'taa_accepted': None}}


TypeError: 'NoneType' object does not support item assignment

## Assign Agent Public DID if Not Set

Will only be ran if ACAPY_WALLET_SEED not initially set.

In [18]:
if did_obj["posture"] != "public":
    response = await agent_controller.wallet.assign_public_did(did_obj["did"])
print("Successfully intialised agent with Public DID : ", did_obj["did"])

Successfully intialised agent with Public DID :  5Q1Zz9foMeAA8Q7mrmzCfZ


## Writing Schema

Write as many schema to the ledger as you like. Be sure to store each schema_id, you will need these when it comes to authoring credential defintition transactions and issuing credentials against this schema.

Uncomment and copy the below cell as many times as you need. Be sure to update any arugments surrounded by <> with your own details.

In [14]:
# Define you schema name - must be unique on the ledger
schema_name = "Yoma Youth Member Badge"
# Can version the schema if you wish to update it
schema_version = "0.0.1"
# Define any list of attributes you wish to include in your schema
attributes = ["Organisation", "Firstname", "Surname", "Date"]

response = await agent_controller.schema.write_schema(schema_name, attributes, schema_version)
schema_id = response["schema_id"]

## Using External Schemas Already on Yoma Testnet

You do not have to author the schema for the credentials you wish to issue, instead you can identify extisting schema on the ledger that you want to issue against. To do this you must set the schema identifier for any schema you want to use and these MUST be on the ledger your agent is pointing to.

In [17]:
schema_id ='5Q1Zz9foMeAA8Q7mrmzCfZ:2:Aries ACA ACC Jupyter Playground Demo Participation:0.0.1'
cred_def_id='5Q1Zz9foMeAA8Q7mrmzCfZ:3:CL:8:default'

schema_id='5Q1Zz9foMeAA8Q7mrmzCfZ:2:Yoma Youth Member Badge:0.0.1'
cred_def_id='5Q1Zz9foMeAA8Q7mrmzCfZ:3:CL:11:default'

## Writing Credential Definitions

For all schema you intend to issue credentials against your agent must author a credential definition transaction to the public ledger. This specifies the public cryptographic material your agent will use to sign all credentials issued against a specific schema. 

Again uncomment and copy this cell as often as you need. Remebering to update the arguments in <> to specify your schema identifiers. Store each credential definition identifier in a unique variable.

In [15]:
# Tag and group specific credential definitions
tag = "default"

# Make Cred Def support revocation. Credentials issued using this definition will be able to be revoked.
# Note: ACAPY_TAILS_SERVER_BASE_URL env var must be properly configured
support_revocation = False

cred_def_response = await agent_controller.definitions.write_cred_def(schema_id, tag, support_revocation)
cred_def_id = cred_def_response["credential_definition_id"]

## Persist Identifiers for use throughout other business logic notebooks associated with this agent

The schema_id and cred_def_id value pairs are required whenever issuing credentials, and also can be used to constrain acceptable proof requests. In a real application these values might be stored in environment variables or most likely in a database. For notebooks we have found it easier to store as string values in a cell and then load these values into the jupyter store so that they can be fetched across multiple notebooks.

As such you are recommended to print out each of the schema and cred def identifiers used by your agent and copy them across to your **main** business logic notebook where you should store them in a variable and save them to the jupyter store. Remember, you should only be running this notebook once so having this logic in here will not be useful.


In [16]:
print(f"schema_id='{schema_id}'")
print(f"cred_def_id='{cred_def_id}'")

schema_id='5Q1Zz9foMeAA8Q7mrmzCfZ:2:Yoma Youth Member Badge:0.0.1'
cred_def_id='5Q1Zz9foMeAA8Q7mrmzCfZ:3:CL:11:default'


## Terminate Controller


In [20]:
await agent_controller.terminate()