# PART 3: Connect with `City` Agent for remote SMC

In [3]:
%%javascript
document.title="Manufacturer1 Agent"

<IPython.core.display.Javascript object>

### Imports

In [4]:
from aries_cloudcontroller import AriesAgentController
import os
from termcolor import colored
from pprintpp import pprint

### Initialise the Agent Controller

In [5]:
api_key = os.getenv("ACAPY_ADMIN_API_KEY")
admin_url = os.getenv("ADMIN_URL")

print(f"Initialising a controller with admin api at {admin_url} and an api key of {api_key}")
agent_controller = AriesAgentController(admin_url,api_key)

Initialising a controller with admin api at http://manufacturer1-agent:3021 and an api key of adminApiKey


In [6]:
# Verify if VC "M1-isManufacturer-VC" already exists in wallet
vc = "M1-isManufacturer-VC"
credentials = await agent_controller.credentials.get_all()
if any(result["referent"] == vc for result in credentials["results"]):
    print("Credential {vc} already in wallet. Please proceed.".format(vc=vc))
else:
    print("Execute notebooks 01 to issue a VC to M1!")

Credential M1-isManufacturer-VC already in wallet. Please proceed.


### Start a Webhook Server

In [7]:
webhook_port = int(os.getenv("WEBHOOK_PORT"))
webhook_host = "0.0.0.0"

await agent_controller.init_webhook_server(webhook_host, webhook_port)

print(f"Listening for webhooks from agent at http://{webhook_host}:{webhook_port}")

Listening for webhooks from agent at http://0.0.0.0:3010


## Register Agent Event Listeners

You can see some examples within the webhook_listeners recipe. Copy any relevant cells across and customise as needed.

In [6]:
listeners = []

# Receive connection messages
def connections_handler(payload):
    state = payload['state']
    connection_id = payload["connection_id"]
    their_role = payload["their_role"]
    routing_state = payload["routing_state"]
    rfc_state = payload["rfc23_state"]
    
    print("----------------------------------------------------------")
    print("Connection Webhook Event Received")
    print("Connection ID : ", connection_id)
    print("State : ", state)
    print("Routing State : {routing} ({rfc})".format(routing=routing_state, rfc=rfc_state))
    if 'their_label' in payload: 
        print(f"Connection with : ", payload['their_label'])
    print("Their Role : ", their_role)
    print("----------------------------------------------------------")

    if state == "invitation":
        # Your business logic
        print("invitation")
    elif state == "request":
        # Your business logic
        print("request")

    elif state == "response":
        # Your business logic
        print("response")
    elif state == "active":
        # Your business logic
        print(colored("Connection ID: {0} is now active.".format(connection_id), "green", attrs=["bold"]))


def prover_proof_handler(payload):
    role = payload["role"]
    connection_id = payload["connection_id"]
    pres_ex_id = payload["presentation_exchange_id"]
    state = payload["state"]
    print("\n---------------------------------------------------------------------\n")
    print("Handle present-proof")
    print("Connection ID : ", connection_id)
    print("Presentation Exchange ID : ", pres_ex_id)
    print("Protocol State : ", state)
    print("Agent Role : ", role)
    print("Initiator : ", payload["initiator"])
    print("\n---------------------------------------------------------------------\n")
    
    
    if state == "request_received":
        presentation_request = payload["presentation_request"]
        print("Recieved Presentation Request\n")
        print("\nRequested Attributes - Note the restrictions. These limit the credentials we could respond with\n")
        print(presentation_request["requested_attributes"])
    elif state == "presentation_sent":
        print("Presentation sent\n")
        
    elif state == "presentation_acked":
        print("Presentation has been acknowledged by the Issuer")
        
        
connection_listener = {"handler": connections_handler, "topic": "connections"}
listeners.append(connection_listener)

prover_listener = {"topic": "present_proof", "handler": prover_proof_handler}
listeners.append(prover_listener)

agent_controller.register_listeners(listeners)

## Accept Invitation

Copy an invitation object from another agent playing the role inviter (see the inviter_template recipe)

In [8]:
invitation = {
    '@id': 'ef311c96-d2c3-495a-8a42-1f88984f2a9c',
    '@type': 'did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation',
    'label': 'City',
    'recipientKeys': ['DGQxsLtJ3q7jWJP2mzQK5AWhTqr6yE5ddVkc1v5Nsctq'],
    'serviceEndpoint': 'https://45c4ba2baaed.ngrok.io',
}

In [9]:
auto_accept="true"
alias=None

invite_response = await agent_controller.connections.receive_invitation(invitation, alias, auto_accept)
connection_id = invite_response["connection_id"]

----------------------------------------------------------
Connection Webhook Event Received
Connection ID :  992ea5a9-7382-4c2a-b102-7fb4a51faeaf
State :  invitation
Routing State : none (invitation-received)
Connection with :  City
Their Role :  inviter
----------------------------------------------------------
invitation
----------------------------------------------------------
Connection Webhook Event Received
Connection ID :  992ea5a9-7382-4c2a-b102-7fb4a51faeaf
State :  request
Routing State : none (request-sent)
Connection with :  City
Their Role :  inviter
----------------------------------------------------------
request
----------------------------------------------------------
Connection Webhook Event Received
Connection ID :  992ea5a9-7382-4c2a-b102-7fb4a51faeaf
State :  response
Routing State : none (response-received)
Connection with :  City
Their Role :  inviter
----------------------------------------------------------
response
-----------------------------------------

## Optional: Send Proposal

Propose a presentation to a verifier

In [None]:
# TODO: Example proposal object below

# proposal_object = {
#   "auto_present": true,
#   "comment": "string",
#   "connection_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
#   "presentation_proposal": {
#     "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/presentation-preview",
#     "attributes": [
#       {
#         "cred_def_id": "WgWxqztrNooG92RXvxSTWv:3:CL:20:tag",
#         "mime-type": "image/jpeg",
#         "name": "favourite_drink",
#         "referent": "0",
#         "value": "martini"
#       }
#     ],
#     "predicates": [
#       {
#         "cred_def_id": "WgWxqztrNooG92RXvxSTWv:3:CL:20:tag",
#         "name": "high_score",
#         "predicate": ">=",
#         "threshold": 0
#       }
#     ]
#   },
#   "trace": false
# }

# proposal_response = await agent_controller.proofs.send_proposal(proposal_object)

## Fetch Presentation Records

Before you can present a presentation, you must identify the presentation record which you wish to respond to with a presentation. This could also be done through the present_proof listeners which have access to a presentation record in the payload.

In [10]:
# Step 2

# Optional Query parameters
verifier_connection_id = connection_id
thread_id = None
state = "request_received"
role = "prover"

proof_records_response = await agent_controller.proofs.get_records(verifier_connection_id, thread_id, state, role)
pprint(proof_records_response)

{
    'results': [
        {
            'connection_id': '992ea5a9-7382-4c2a-b102-7fb4a51faeaf',
            'created_at': '2021-08-10 09:01:02.121714Z',
            'initiator': 'external',
            'presentation_exchange_id': '9728d1c8-29ff-437b-8fd7-8f21dffcdd92',
            'presentation_request': {
                'name': 'isManufacturer Proof Request',
                'non_revoked': {'to': 1628586025},
                'nonce': '924037072991337116006702',
                'requested_attributes': {
                    '0_isManufacturer_uuid': {
                        'name': 'isManufacturer',
                        'restrictions': [
                            {
                                'schema_id': 'MTXSc4YD8wixyM9ekZbmMC:2:certify-manufacturer:0.0.1',
                            },
                        ],
                    },
                },
                'requested_predicates': {},
                'version': '1.0',
            },
            'presentation_

In [11]:
# Fetch records from response that were sent via connection_id
presentation_records = [r for r in proof_records_response["results"] if (r["connection_id"] == connection_id) is True] 

# Process only the first record:
presentation_record = presentation_records[0]
presentation_exchange_id = presentation_record["presentation_exchange_id"]

## Search For Available Credentials to Construct Presentation From

The presentation record can be used to query your agents wallet and return all credentials that could be used to construct valid presentation

In [12]:
def get_proof_request_requirements(presentation_record):
    """
    Returns dictionary with {<required-attribute>: <restrictions-of-attribute>} from presentation record
    """
    # Setup
    restrictions = {}
    presentation_request = presentation_record["presentation_request"]
    
    # Get required attributes and requirements for the individual attributes
    for attr_key, attr_val in presentation_request["requested_attributes"].items():
        restrictions[attr_val["name"]] = {}
        restrictions[attr_val["name"]]["requirements"] = attr_val["restrictions"][0] 
        restrictions[attr_val["name"]]["request_attr_name"] = attr_key
        
    return restrictions


def get_suitable_credentials(credentials_all, requirements):
    """
    Finds credentials in credentials_all that satisfy the requirements provided by the relying party.
    Returns dictionary with: {<attribute-name>: <suitable-credential>}, where the suitable-credential satisfies all requirements 
    """
    # Setup
    relevant_credentials = {}
    revealed = {}
    credentials = credentials_all["results"]
    
    # Iterate through attribute name and attribute requirements of relying party
    for name, conditions in requirements.items():
        
        req = conditions["requirements"]
        req_name = conditions["request_attr_name"]
        
        # Break if the required attribute name is not in any credential, or if all requirements (e.g., schema_id) are not within one credential
        if (any(name in cred["attrs"] for cred in credentials) is False) or (any(r in cred.keys() for r in req for cred in credentials) is False):
            continue

        # Iterate through credentials
        for cred in credentials:

            # Verify if requirement value (r_val) and credential value (cred[r_key]) match for required attribute (r_key)
            for r_key, r_val in req.items():
                try:
                    # Append cred to relevant_credentials if all requirements match
                    if (cred[r_key] == r_val) is True:
                        relevant_credentials[name] = cred
                        print(f"Attribute request for '{name}' can be satisfied by Credential with Referent -- {cred['referent']}")
                        revealed[req_name] = {"cred_id": cred["referent"], "revealed": True}
                except:
                    pass

    return relevant_credentials, revealed

In [13]:
# Get requirements of proof request
proof_attribute_requirements = get_proof_request_requirements(presentation_record)

# Verify all credentials of M1 and verify if they satisfy the requirements defined in proof_attribute_requirements
credentials = await agent_controller.credentials.get_all()
suitable_credentials, revealed = get_suitable_credentials(credentials, proof_attribute_requirements)
#pprint(credentials)
pprint(revealed)

Attribute request for 'isManufacturer' can be satisfied by Credential with Referent -- M1-isManufacturer-VC
{
    '0_isManufacturer_uuid': {
        'cred_id': 'M1-isManufacturer-VC',
        'revealed': True,
    },
}


In [40]:
# select credentials to provide for the proof
#credentials = await agent_controller.proofs.get_presentation_credentials(presentation_exchange_id)
#print("Credentials stored that could be used to satisfy the request. In some situations you applications may have a choice which credential to reveal\n")

#attribute_by_reft = {}
#revealed = {}
#self_attested = {}
#predicates = {}

In [14]:
predicates = {}
self_attested = {}


In [15]:
# Note we are working on a friendlier api to abstract this away

print("\nGenerate the proof")
presentation = {
    "requested_predicates": predicates,
    "requested_attributes": revealed,
    "self_attested_attributes": self_attested,
}
print(presentation)


Generate the proof
{'requested_predicates': {}, 'requested_attributes': {'0_isManufacturer_uuid': {'cred_id': 'M1-isManufacturer-VC', 'revealed': True}}, 'self_attested_attributes': {}}


## Send Presentation

A presentation is sent in represent to a presentation record that has previously been created.

In [16]:
presentation_response = await agent_controller.proofs.send_presentation(presentation_exchange_id, presentation)


---------------------------------------------------------------------

Handle present-proof
Connection ID :  992ea5a9-7382-4c2a-b102-7fb4a51faeaf
Presentation Exchange ID :  9728d1c8-29ff-437b-8fd7-8f21dffcdd92
Protocol State :  presentation_sent
Agent Role :  prover
Initiator :  external

---------------------------------------------------------------------

Presentation sent


---------------------------------------------------------------------

Handle present-proof
Connection ID :  992ea5a9-7382-4c2a-b102-7fb4a51faeaf
Presentation Exchange ID :  9728d1c8-29ff-437b-8fd7-8f21dffcdd92
Protocol State :  presentation_acked
Agent Role :  prover
Initiator :  external

---------------------------------------------------------------------

Presentation has been acknowledged by the Issuer


## Your Own Business Logic

Now you should have an established, active connection you can write any custom logic you want to engage with protocols with the connection

In [1]:
# Imports
import torch as th
import syft as sy

#from sympc.session import Session
#from sympc.session import SessionManager
#from sympc.tensor import MPCTensor

In [2]:
sy.VERBOSE = True

In [3]:
# Step 2: Join duet of DS
#duet_city = sy.duet("cbeb0fa4e181a272a55df58bfc9f5585")

In [None]:
# Copy and paste client_id and ping the city!

In [4]:
# Step 3: Create duet server
duet_m1 = sy.launch_duet(loopback=True)

🎤  🎸  ♪♪♪ Starting Duet ♫♫♫  🎻  🎹

♫♫♫ >[93m DISCLAIMER[0m: [1mDuet is an experimental feature currently in beta.
♫♫♫ > Use at your own risk.
[0m
[1m
    > ❤️ [91mLove[0m [92mDuet[0m? [93mPlease[0m [94mconsider[0m [95msupporting[0m [91mour[0m [93mcommunity![0m
    > https://github.com/sponsors/OpenMined[1m

♫♫♫ > Punching through firewall to OpenGrid Network Node at:
♫♫♫ > http://ec2-18-218-7-180.us-east-2.compute.amazonaws.com:5000
♫♫♫ >
♫♫♫ > ...waiting for response from OpenGrid Network... 
♫♫♫ > [92mDONE![0m

♫♫♫ > [95mSTEP 1:[0m Send the following code to your Duet Partner!

import syft as sy
duet = sy.join_duet(loopback=True)

♫♫♫ > Connecting...

♫♫♫ > [92mCONNECTED![0m

♫♫♫ > DUET LIVE STATUS  *  Objects: 1  Requests: 0   Messages: 5  Request Handlers: 0                                

## 2 - Secure Multi-Party Computation

In [5]:
from IPython.core.debugger import set_trace

♫♫♫ > DUET LIVE STATUS  *  Objects: 0  Requests: 0   Messages: 0  Request Handlers: 0                                

In [6]:
# Step 8: test there is no data in the server atm
duet_m1.store.pandas

In [7]:
age_data = th.tensor([50,23,72,83])
age_data = age_data.tag("test_data_age")
age_data = age_data.describe("description for age_data")
age_data_pointer = age_data.send(duet_m1, pointable=True)

In [8]:
duet_m1.store

♫♫♫ > DUET LIVE STATUS  *  Objects: 1  Requests: 0   Messages: 2  Request Handlers: 0                                

[<syft.proxy.torch.TensorPointer object at 0x7fd83abcf640>]

In [9]:
duet_m1.store.pandas

Unnamed: 0,ID,Tags,Description,object_type
0,<UID: 5f0b7083bf31407da1896880b94d7abd>,[test_data_age],description for age_data,<class 'torch.Tensor'>


In [7]:
duet_m1.id

<UID: fe060559684447b397a0b144d6413e7c>

In [8]:
duet_m1.name

'Launcher Client'

In [9]:
duet_m1.target_id

<SpecificLocation: fe060559684447b397a0b144d6413e7c>

In [10]:
duet_m1.network_id

In [6]:
#duet_city.store.pandas

In [16]:
# Step 9: Publish secret data

x = torch.tensor([50,60,77]) # define torch
x.send(duet_m1, pointable=True, tags=["TEST_#1_from_m1_to_ds"], description="Dummy data") # send torch to duet_m1

x = torch.tensor([[1,2], [3,4]])
x.send(duet_m1, pointable=True, tags=["TEST_#2_from_m1_to_ds"], description="Test to multiply matrices")

NameError: name 'torch' is not defined

In [11]:
# Step 10: verify that data was uploaded to the store
duet_m1.store.pandas

Unnamed: 0,ID,Tags,Description,object_type
0,<UID: 67d96afe7a794893b0989cec5267bf95>,[TEST_#1_from_m1_to_ds],Dummy data,<class 'torch.Tensor'>
1,<UID: a44f0d8e7c134c4e93941717115e4827>,[TEST_#2_from_m1_to_ds],Test to multiply matrices,<class 'torch.Tensor'>


In [8]:
# Step 11: Authorize the requests ds can make
duet_m1.requests.add_handler(action="accept")

In [13]:
# Step 11: Authorize the requests ds can make
duet_city.requests.add_handler(action="accept")

## Terminate Controller

Whenever you have finished with this notebook, be sure to terminate the controller. This is especially important if your business logic runs across multiple notebooks.

In [None]:
await agent_controller.terminate()