Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(present-proof): add support for aries RFC 510 #1676

Merged
merged 17 commits into from
Jan 10, 2024
Merged

feat(present-proof): add support for aries RFC 510 #1676

merged 17 commits into from
Jan 10, 2024

Conversation

berendsliedrecht
Copy link
Contributor

@berendsliedrecht berendsliedrecht commented Dec 19, 2023
edited
Loading

  • Adds basic support for dif presentation exchange over DIDComm

    • According to RFC 0454 and 510

  • Would be good to include some more tests, but code is ready to review

  • There is still an open issue I have with the credential selection. Right now if we use PEXv2, we basically call getAll on the w3c credentials which is not really great... For V1 we could use the schema attribute, but that is not included anymore. For now, it might be fine to just call the getAll function and use those credentials and resolve this later when we want to revamp the storage.

@berendsliedrecht berendsliedrecht force-pushed the present-proof-v2 branch 3 times, most recently from 436b922 to 27fb71a Compare December 21, 2023 09:04
@berendsliedrecht berendsliedrecht marked this pull request as ready for review December 21, 2023 12:24
@berendsliedrecht berendsliedrecht requested a review from a team as a code owner December 21, 2023 12:24
TimoGlastra
TimoGlastra requested changes Dec 22, 2023
View reviewed changes
Copy link
Contributor

@TimoGlastra TimoGlastra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good, but it's missing some things

packages/core/src/modules/presentation-exchange/PresentationExchangeService.ts Outdated Show resolved Hide resolved
packages/core/src/modules/presentation-exchange/PresentationExchangeService.ts Outdated Show resolved Hide resolved
packages/core/src/modules/presentation-exchange/PresentationExchangeService.ts Outdated Show resolved Hide resolved
packages/core/src/modules/presentation-exchange/PresentationExchangeService.ts Outdated
proofType: this.getProofTypeForLdpVc(agentContext, presentationDefinition, verificationMethod),
proofType: this.getProofTypeForLdpVc(
agentContext,
presentationDefinition as PresentationDefinition,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

packages/core/src/modules/presentation-exchange/utils/credentialSelection.ts Outdated
Comment on lines 40 to 43
const credentialRecord = credentialRecords.find((record) => {
const originalVc = getSphereonOriginalVerifiableCredential(record.credential)

return deepEquality(originalVc, encoded)
})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It feels a bit expensive to do a deepEquality on every credential to find the original record that was associated with VC. Is there no other way to do the matching?

Because we have the encodedCredenitals, we can do a === check on it right, as the object references are the same?

So in that case const credentialIndex = encodedCredentials.indexOf(encoded) should still work

But maybe I'm missing something

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried it again, but the indexOf does not seem to work. Likely somewhere deeper in the code a clone is being done (could be in the sphereon library). I will leave it like this for now.

...e/src/modules/proofs/formats/presentation-exchange/PresentationExchangeProofFormatService.ts Outdated
ps.validatePresentationSubmission(presentation.presentation_submission)
}

ps.validatePresentation(presentationDefinition, presentation as unknown as VerifiablePresentation)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the presentation submission not used to verify a presentation? Does it just check if it matches the presentationDefinition, but not the presentationSubmission?

Also -- should we make validatePresentation take a W3CVerifiablePresentation instead of a sphereon interface?

...e/src/modules/proofs/formats/presentation-exchange/PresentationExchangeProofFormatService.ts Outdated
presentation_definition: PresentationDefinition
}>()
const presentation = attachment.getDataAsJson<
W3cVerifiablePresentation & { presentation_submission: PresentationSubmission }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

W3cVerifiablePresentation is incorrect I think, as it's a class, while we just take the object here. So the type will think it has context property, but it will actually have @context property. We need to use json transformer on it as well.

...e/src/modules/proofs/formats/presentation-exchange/PresentationExchangeProofFormatService.ts Outdated
ps.validatePresentation(presentationDefinition, presentation as unknown as VerifiablePresentation)
return true
} catch (e) {
agentContext.config.logger.error(e)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
agentContext.config.logger.error(e)
agentContext.config.logger.error(`Failed to verify presentation in PEX proof format service: ${e.message}`, { cause: e })

...e/src/modules/proofs/formats/presentation-exchange/PresentationExchangeProofFormatService.ts Outdated
Comment on lines 237 to 283
const credentials = presentationSubmission.requirements.flatMap((r) =>
r.submissionEntry.flatMap((e) => e.verifiableCredentials)
)

return credentials
}

public async selectCredentialsForRequest(
agentContext: AgentContext,
{ requestAttachment }: ProofFormatSelectCredentialsForRequestOptions<PresentationExchangeProofFormat>
): Promise<Array<W3cCredentialRecord>> {
const ps = this.presentationExchangeService(agentContext)
const { presentation_definition: presentationDefinition } = requestAttachment.getDataAsJson<{
presentation_definition: PresentationDefinition
}>()

ps.validatePresentationDefinition(presentationDefinition)

const presentationSubmission = await ps.selectCredentialsForRequest(agentContext, presentationDefinition)

const credentials = presentationSubmission.requirements.flatMap((r) =>
r.submissionEntry.flatMap((e) => e.verifiableCredentials)
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in other comments, the structures returned by the service adds a lot of needed context. I think we should return them as is, rather than flatmapping

packages/core/tests/jsonld.ts Outdated
}),
cache: new CacheModule({
cache: new InMemoryLruCache({ limit: 100 }),
}),
indySdk: new IndySdkModule({
indySdk,
}),
pex: new PresentationExchangeModule(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this registered by default? As it's in core, I think we should register it by default

@berendsliedrecht
feat(proofs): added PresentationExchangeService
ead1020 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
feat(proofs): initial boiler plate for ppv2
3dd4e61 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
feat(proofs): added PresentationExchangeModule
8ef8f2d 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
feat(present-proof): initial implementation without tests
528d31b 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
feat(pex): created core PEX module
e4a41c2 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
chore(proofs): use core pex implementation
12ca53b 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
feat(present-proof): working initial full flow
802a016 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
fix(present-proof): fixed the pex tests
2df672f 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
fix(present-proof): do not take credentials as an input
985b19b 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
fix(present-proof): resolved feedback but proof is not included
f3e1534 
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
@berendsliedrecht
Copy link
Contributor Author

@TimoGlastra I resolved your feedback, but I am now encountering an error that the PresentationExchangeProofFormatData.formatData.presentation does not contain the proof object. Do you know if we have this already defined somewhere as a type that I could reuse? I could not find it myself.

@TimoGlastra
Copy link
Contributor

@TimoGlastra I resolved your feedback, but I am now encountering an error that the PresentationExchangeProofFormatData.formatData.presentation does not contain the proof object. Do you know if we have this already defined somewhere as a type that I could reuse? I could not find it myself.

I was able to fix this by using presentation.encoded. This return either the JSON variant of the w3c presentation or the serialized JWT as string (in case of JWT VP). You were directly using the class, which is not suitable for directly sending over the wire (it first needs to be serialized to JSON).

@TimoGlastra
updates to PEX flow
6757add 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
Copy link
Contributor

@berendsliedrecht I have pushed a fix for the above + several other fixes (please take a look at the commit so you can see which changes I made).

Could you maybe to wrap this up, update the tests in packages/core/src/modules/proofs/protocol/v2/__tests__/v2-presentation-exchange-presentation.e2e.test.ts to make it either all standalone tests or a single test?

Currently it's multiple tests but they depend on each other. It will result in that you can't run the tests separately, and if one fails the others will fail too. So in that case it's better to make it just one test or properly split them up.

Otherwise I think we're good here, really nice work and happy that it's finally ready to be integrated into AFJ :)

Once merged I'll update it in the openid4vc branch

BTW -- added a non-spec compliant way to also support JWT VPs. Haven't added tests for it yet, but I think it is really nice to also support JWT VPs (although it only supports once and you can't add multiple proofs, see suggestion in this issue on some changes I want to propose for V2 of the attachment format: hyperledger/aries-rfcs#807)

@TimoGlastra
cleanup and ppv2 only supports pex v1
59ed3d3 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
refactor: add dif prefix
04b17b6 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
fix: json-ld issues ... :(
d19ccb5 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
style: formatting
e2a67b8 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
remove console log
1e5fe20 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra
fix test
80bbc8b 
Signed-off-by: Timo Glastra <timo@animo.id>
@TimoGlastra TimoGlastra self-requested a review January 8, 2024 08:42
@TimoGlastra
Copy link
Contributor

Merging, would be great if you can still do a small follow up PR @berendsliedrecht

@TimoGlastra TimoGlastra merged commit 40c9bb6 into openwallet-foundation:main Jan 10, 2024
7 checks passed
@berendsliedrecht berendsliedrecht deleted the present-proof-v2 branch January 10, 2024 10:26
@berendsliedrecht
Copy link
Contributor Author

Should be fixed in #1696

genaris pushed a commit to genaris/credo-ts that referenced this pull request Jan 29, 2024
@berendsliedrecht @genaris
feat(present-proof): add support for aries RFC 510 (openwallet-founda…
2f7caa5 
…tion#1676)

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>
genaris added a commit to genaris/credo-ts that referenced this pull request Jan 29, 2024
@genaris
fix: only remove session if it's not the new one
5afcd33 
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat: deliver messages individually, not fetching from the queue every time

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: revert to free runners (openwallet-foundation#1662)

Signed-off-by: Ry Jones <ry@linux.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: create settings.yml (openwallet-foundation#1663)

Signed-off-by: Ry Jones <ry@linux.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: fix ci and add note to readme (openwallet-foundation#1669)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

docs: update active maintainers (openwallet-foundation#1664)

Signed-off-by: Karim Stekelenburg <karim@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat: did:peer:2 and did:peer:4 support in DID Exchange (openwallet-foundation#1550)

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat(presentation-exchange): added PresentationExchangeService (openwallet-foundation#1672)

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: removed jan as maintainer (openwallet-foundation#1678)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

ci: change secret (openwallet-foundation#1679)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: add meta to rxjs timeout errors (openwallet-foundation#1683)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

build(deps): bump ws and @types/ws (openwallet-foundation#1686)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

build(deps): bump follow-redirects from 1.15.2 to 1.15.4 (openwallet-foundation#1694)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: update shared components libraries (openwallet-foundation#1691)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

fix: properly print key class (openwallet-foundation#1684)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat(present-proof): add support for aries RFC 510 (openwallet-foundation#1676)

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

fix(present-proof): isolated tests (openwallet-foundation#1696)

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat(indy-vdr): register revocation registry definitions and status list (openwallet-foundation#1693)

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

chore: rename to credo-ts (openwallet-foundation#1703)

Signed-off-by: Ry Jones <ry@linux.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

ci: fix git checkout path and update setup-node (openwallet-foundation#1709)

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

fix: remove check for DifPresentationExchangeService dependency (openwallet-foundation#1702)

Signed-off-by: Sai Ranjit Tummalapalli <sairanjit.tummalapalli@ayanworks.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

docs: update zoom meeting link (openwallet-foundation#1706)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

refactor(oob)!: make label optional (openwallet-foundation#1680)

Signed-off-by: Timo Glastra <timo@animo.id>
Co-authored-by: Ariel Gentile <gentilester@gmail.com>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat: support short legacy connectionless invitations (openwallet-foundation#1705)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat(dids)!: did caching (openwallet-foundation#1710)

feat: did caching

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

fix: jsonld document loader node 18 (openwallet-foundation#1454)

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

build(deps): bump amannn/action-semantic-pull-request from 5.3.0 to 5.4.0 (openwallet-foundation#1656)

build(deps): bump amannn/action-semantic-pull-request

Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/amannn/action-semantic-pull-request/releases)
- [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md)
- [Commits](amannn/action-semantic-pull-request@v5.3.0...v5.4.0)

---
updated-dependencies:
- dependency-name: amannn/action-semantic-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Timo Glastra <timo@animo.id>
Signed-off-by: Ariel Gentile <gentilester@gmail.com>

feat: did rotate (openwallet-foundation#1699)

Signed-off-by: Ariel Gentile <gentilester@gmail.com>

refactor: pickup protocol method names

Signed-off-by: Ariel Gentile <gentilester@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TimoGlastra TimoGlastra TimoGlastra approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@berendsliedrecht @TimoGlastra