nage (Fri, 03 May 2019 01:34:01 GMT):
Welcome everyone to the Hyperledger Aries channel!

nage (Fri, 03 May 2019 01:34:58 GMT):
We expect folks from Indy and IIW will make their way here soon. Please "/invite" those you expect to see be a part of the project launch conversation.

danielhardman (Fri, 03 May 2019 04:20:07 GMT):
So excited about this new project!

pknowles (Fri, 03 May 2019 05:23:53 GMT):
User User_151 added by pknowles.

pknowles (Fri, 03 May 2019 05:26:46 GMT):
User User_152 added by pknowles.

mtfk (Fri, 03 May 2019 07:04:29 GMT):
Hi guys, glad to be here. So what is the current status/roadmap, did the proposal went through? What is the plan for moving forward?

jljordan_bcgov (Fri, 03 May 2019 15:06:14 GMT):
I’m not the first poster :(

VipinB (Fri, 03 May 2019 16:05:55 GMT):
@jljordan_bcgov it is the quality not the primacy of posts that matter. I am sure yours posts will be of high quality

VipinB (Fri, 03 May 2019 16:09:16 GMT):
Since the Healthcare SIG is discussing privacy and confidentiality issues I steered them towards Aries.

TelegramSam (Fri, 03 May 2019 17:03:36 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=Wruj2cYMkC76ABcnd) @mtfk The Indy Agent call will meet next Wed at normal time (1pm US/Mountain) as the last meeting under that name. We will talk about the transition / boot up plan at that meeting. Feedback on all of that very welcome, so please attend!

drummondreed (Sun, 05 May 2019 23:28:13 GMT):
Very glad to see this new channel. Will #indy-agent continue as a channel or will it be replaced by this one?

nage (Mon, 06 May 2019 14:56:50 GMT):
I expect at some point we will rename it to something like aries-agent or aries-applications, or similar

nage (Wed, 08 May 2019 19:03:01 GMT):
The Indy Agent WG call (which constitutes much of the new Aries community) is on now https://zoom.us/j/856588081

kdenhartog (Wed, 08 May 2019 23:19:55 GMT):
When do we want to discuss DIDComms on the Aries call? I'd like to give sufficient time to let people in DIF know.

george.aristy (Fri, 10 May 2019 14:37:26 GMT):
Hi @kdenhartog - can you share a link to DIDComms?

Silona (Fri, 10 May 2019 21:39:07 GMT):
hey y'alls email is also up now https://lists.hyperledger.org/g/aries/topics

Silona (Fri, 10 May 2019 21:39:18 GMT):
and watch the progress getting setup here! https://wiki.hyperledger.org/display/tools/Aries+New+Project+Checklist

Silona (Fri, 10 May 2019 21:39:41 GMT):
Y'all do need to sort out when you want your meetings on the calendar

kdenhartog (Tue, 14 May 2019 01:01:43 GMT):
@george.aristy https://github.com/hyperledger/indy-hipe/tree/master/text/0028-wire-message-format

kdenhartog (Tue, 14 May 2019 01:02:19 GMT):
that's the documentation and here's a link to the NPM package https://www.npmjs.com/package/pack-unpack

rjones (Tue, 14 May 2019 12:15:55 GMT):
Howdy. I need a list of committers for the three new repos (please send github IDs). ```https://github.com/hyperledger/aries ```

rjones (Tue, 14 May 2019 12:15:55 GMT):
Howdy. I need a list of committers for the three new repos (please send github IDs). ```https://github.com/hyperledger/arieshttps://github.com/hyperledger/aries-rfcs ```

kdenhartog (Tue, 14 May 2019 12:35:28 GMT):
I'd like to be added to aries and aries-rfcs (@kyledenhartog)

kdenhartog (Tue, 14 May 2019 12:40:26 GMT):
I would think @TelegramSam should be added to aries-rfcs and aries-agent @dhh1128 should be added to aries-rfc @jovfer should be added to aries @nage should be added to aries-rfc @swcurran should be added to aries-rfc

kdenhartog (Tue, 14 May 2019 12:40:52 GMT):
the names coincide with github names (and overlap with their rocketchat names)

kdenhartog (Tue, 14 May 2019 12:44:18 GMT):
also may be good to have @dbluhm added to aries-agent and aries

kdenhartog (Tue, 14 May 2019 12:46:10 GMT):
These are just my suggestions though tagging @danielhardman and @tplooker as well so they can weigh in.

kdenhartog (Tue, 14 May 2019 12:47:18 GMT):
Another consideration is to bring in people who weren't previously on Indy projects. @troyronda may be a good option or another one of the people who attended the f2f IIW session

rjones (Tue, 14 May 2019 13:11:07 GMT):
OK I will do this instead: I'll delegate :)

kdenhartog (Tue, 14 May 2019 13:15:18 GMT):
perfect, I can work with everyone to figure out who should get the rights in each repo

rjones (Tue, 14 May 2019 13:15:31 GMT):
https://github.com/orgs/hyperledger/teams/aries-committers/members

rjones (Tue, 14 May 2019 13:16:29 GMT):
https://github.com/orgs/hyperledger/teams/aries-committers/repositories

kdenhartog (Tue, 14 May 2019 13:17:44 GMT):
That works. Looks like Nathan can update as we get proper people signed up as well.

rjones (Tue, 14 May 2019 13:20:21 GMT):
Yup. If we get to the point we need to decompose it to a different ACL for each repo that can happen. I'm just trying to get the ball rolling :)

TelegramSam (Tue, 14 May 2019 13:21:40 GMT):
Thanks for helping us @rjones !

TelegramSam (Tue, 14 May 2019 14:28:33 GMT):
Aries WG Call Agenda for tomorrow's meeting: https://wiki.hyperledger.org/display/ARIES/2019-05-15+Aries+Working+Group+Call

TelegramSam (Tue, 14 May 2019 14:29:14 GMT):
Please reach out if you have topics that you'd like to cover, and we can get them scheduled for tomorrow or a future meeting.

TelegramSam (Tue, 14 May 2019 14:32:19 GMT):
Agenda contains link to PR for RFC process (based on @danielhardman improvement suggestions)

helengarneau (Tue, 14 May 2019 14:43:11 GMT):
Brian B talking with Drummond at Consensus now airing live on Periscope Tune in at this link: http://www.periscope.tv/coindesk

helengarneau (Tue, 14 May 2019 14:43:11 GMT):
Brian B talking with Drummond announcing Aries at Consensus, now airing live on Periscope Tune in at this link: http://www.periscope.tv/coindesk

troyronda (Tue, 14 May 2019 16:09:46 GMT):
Yes - I would be happy to do so (my GitHub ID is also troyronda).

iamtxena (Tue, 14 May 2019 16:34:34 GMT):
Hi! I am Albert from Validated Id, Spain. I'll join tomorrow's call as I would like to contribute in the means that I can. I was in the F2F and IIW. ;)

VipinB (Tue, 14 May 2019 17:18:41 GMT):
I would like to contribute. I am at Consensus now, may join tomorrow's call.

VipinB (Tue, 14 May 2019 17:20:29 GMT):
Doing a talk on Ursa in Construct/Consensus> Will mention link to Aries....

danielhardman (Tue, 14 May 2019 17:32:02 GMT):
@TelegramSam I left one comment on Aries PR #2.

sklump (Tue, 14 May 2019 17:33:16 GMT):
Please invite me? stephen.klump@becker-carroll.com

rjones (Tue, 14 May 2019 17:45:54 GMT):
@VipinB I'm inviting people to the org, I'll delegate adding committers to @nage

danielhardman (Tue, 14 May 2019 18:13:31 GMT):
Can I merge the PR from @TelegramSam that defines the process the aries-rfc repo will use? It's a process that's been extensively discussed by maintainers, and it would be good to have it documented ASAP.

tplooker (Tue, 14 May 2019 20:53:02 GMT):
yes please add me to the aries and aries-rfc repos @tplooker

rjones (Tue, 14 May 2019 21:01:05 GMT):
@danielhardman @kdenhartog do you want silos of aries committers, one per repo?

kdenhartog (Tue, 14 May 2019 21:01:49 GMT):
yeah that's probably best so we can separate the different concerns

rjones (Tue, 14 May 2019 21:11:40 GMT):
@kdenhartog @nage @danielhardman I made three teams, one per repo. You're all maintainers of those groups. Please add people as appropriate.

TelegramSam (Tue, 14 May 2019 23:40:39 GMT):
@danielhardman @kdenhartog I plan to invite comment on the process doc during the meeting tomorrow, and merge it soon after.

canadaduane (Wed, 15 May 2019 01:10:54 GMT):
What time/place is the Aries call tomorrow?

canadaduane (Wed, 15 May 2019 01:11:15 GMT):
I'd like to join if I don't have any scheduling conflicts

danielhardman (Wed, 15 May 2019 05:02:47 GMT):
I think it's at 1 pm mountain timezone, at https://zoom.us/j/856588081.

Audrius (Wed, 15 May 2019 08:36:41 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=sSnc8wHSgCPxii5KE) @danielhardman On community meetings list is at 12:00 to 13:30 GMT-7, Mountain Standard Time

TelegramSam (Wed, 15 May 2019 13:41:09 GMT):
US Mountain Time is currently in Mountain Daylight Time, not Mountain Standard Time. The community calendar is correct: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings

dbluhm (Wed, 15 May 2019 13:44:27 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=J59hv55cjHS6L2wjz) @canadaduane Today at 1PM MDT

mbanerjee (Wed, 15 May 2019 15:53:09 GMT):
Hi! I would like to contribute to the Aries as well. Can you add me to the GitHub. thanks.

mbanerjee (Wed, 15 May 2019 15:53:09 GMT):
Hi! I would like to contribute to the Aries as well. Can you add me to the GitHub (id - mron0210)? thanks.

mtfk (Wed, 15 May 2019 16:27:26 GMT):
Minerva - Digital Wallet in action - https://www.youtube.com/watch?v=Er9ifHvKPBM We use DID base identity to identify user, car and the pad to start the payment and the charging. Then we use one of the assets account (in this example crypto currency) from the wallet to stream money (not micro transaction but really stream it in real time) to the charging provider. This approach allow to get into interaction with any service provider in a secure way without need to share any data or register up front. Small step towards MyData economy.

pknowles (Wed, 15 May 2019 16:30:19 GMT):
Beautiful work, @mtfk and the Lab10 Collective team!

rjones (Wed, 15 May 2019 17:51:33 GMT):
I would appreciate some words to put in the descriptions of https://github.com/hyperledger/aries etc

TelegramSam (Wed, 15 May 2019 18:54:46 GMT):
@rjones we have a PR in (like to be merged today) for aries-rfc.

TelegramSam (Wed, 15 May 2019 18:54:46 GMT):
@rjones we have a PR in (likely to be merged today) for aries-rfc.

TelegramSam (Wed, 15 May 2019 18:56:08 GMT):
Aries WG Call in 5 minutes. Details here (bookmarkable link) https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

rjones (Wed, 15 May 2019 19:11:54 GMT):
@TelegramSam are you asking me to merge that PR?

kdenhartog (Wed, 15 May 2019 21:42:51 GMT):
With the formation of the new Aries group, I'd like for many of us to read through this website on building and maintaining a good community in open source. There's excellent thinking here that we can reference as we are building and growing. https://opensource.guide

kdenhartog (Wed, 15 May 2019 22:14:06 GMT):
Hey various Aries members, At IIW I noticed that there was quite a bit of interest in discussing how a DIDComm protocol might work. I've been discussing this work in many places to help evangelize and find early consensus on what we would like to see in a common messaging protocol that's based on DID work that has been baking in various communities. Given that this work would likely need to cross cutting through (hopefully) the entire DID space, I wanted to reach out to various people in many different orgs to get discussion going on this subject. My hope is that we can start with a call to discuss things and move forward in an agile way as needed. Right now I'm looking to find a good time for this call and have setup a scheduler here: http://whenisgood.net/DIDComms/ If you would like to join the calls please provide times that would work best for you weekly. Also, if you aren't able to make the calls, but would like to follow the discussion will be taking notes in a google doc here. https://docs.google.com/document/d/1k5USBTdQP9RbcImbnC61cjyxRI3FtbTq8IRHlK-_7cw/edit# Thanks! Kyle Den Hartog

danielhardman (Wed, 15 May 2019 22:24:55 GMT):
@TelegramSam and @kdenhartog et al: I have raised several PRs against the aries-rfc repo. One (https://github.com/hyperledger/aries-rfcs/pull/7) adds a brief section describing the use of github issues. I don't think it's controversial, given our discussion earlier this afternoon--but we would have to get someone with greater privileges to turn on Github Issues for that repo before we merge it (@rjones?). Others move a few very core concepts in the Aries RFC space. Given our discussion about process (which has now been formalized in the merged PR from Sam), can another maintainer quickly merge these today?

kdenhartog (Wed, 15 May 2019 22:33:25 GMT):
@danielhardman merged in. As a general process, when I'm checking PRs I'm planning to only check for status changes right now to know if I should accept or reject PRs. In the future, I suspect will want PRs to have some sort of FCP waiting period to change statuses. Is this in line with others thinking?

TelegramSam (Wed, 15 May 2019 22:37:30 GMT):
Also check for Indy renames to Aries

danielhardman (Wed, 15 May 2019 22:40:19 GMT):
Thanks. My head's more or less in the same place. Moving status from Proposed to Accepted and from Accepted to Adopted have a substantially higher bar than just updating some verbiage. Those are community decisions. As a frequent author of stuff like this, I'm really glad to have a chance to update a doc with only a light interaction. However, even the authors of specs shouldn't just update them in significant ways willy nilly. I suggest we adopt a convention that a PR should be named according to its effect. I named mine "Propose RFC" when I was requesting the PROPOSED status, and "Accept RFC" when I was requesting the ACCEPTED status. For PRs that don't include substantive changes, I suggest we name them "tweak " so a maintainer knows they're just typo fixes or clarifications. For PRs that do make substantive updates without requesting a status change, I suggest we name them "update ". This will help us triage better.

rjones (Wed, 15 May 2019 22:46:17 GMT):
@danielhardman do you want issues enabled across all three repos?

danielhardman (Wed, 15 May 2019 22:58:15 GMT):
So far we have only discussed enabling them in aries-rfcs

rjones (Wed, 15 May 2019 22:58:41 GMT):
OK. I enabled them there, since the PR was merged

danielhardman (Wed, 15 May 2019 22:59:29 GMT):
@kdenhartog Can you do another quick merge? This is just trivial terminology fixes: s/HIPE/RFC/g etc.

rjones (Wed, 15 May 2019 22:59:35 GMT):
I also submitted a PR to fix the links to chat in the README, I wasn't sure if that needed to be an RFC or not. It was inconsistent.

danielhardman (Wed, 15 May 2019 22:59:45 GMT):
https://github.com/hyperledger/aries-rfcs/pull/10/files

rjones (Wed, 15 May 2019 23:00:23 GMT):
https://github.com/hyperledger/aries-rfcs/pull/9/files

kdenhartog (Wed, 15 May 2019 23:04:13 GMT):
Does anyone know if there's a way to ping a group on rocketchat? like @committers can automatically ping the committers of the group, so that we can merge quickly? If not anyone who wants a PR merged, you can ping me and take proper steps to move it. Please follow Daniel's suggestions as well.

danielhardman (Wed, 15 May 2019 23:22:22 GMT):
@kdenhartog : one more merge, pretty please? https://github.com/hyperledger/aries-rfcs/pull/11

kdenhartog (Wed, 15 May 2019 23:24:23 GMT):
Did a quick editor check for the hipe -> rfc and indy -> aries things. Only spotted one change.

kdenhartog (Wed, 15 May 2019 23:25:34 GMT):
There's a few other ones worth checking as well, but may be worth keeping since you reference HIPEs

kdenhartog (Wed, 15 May 2019 23:30:07 GMT):
@danielhardman found one last change that I think needs to go from HIPE to RFC and then I can merge it.

kdenhartog (Wed, 15 May 2019 23:41:13 GMT):
Merged it. If there's other changes that need to happen we can just PR it.

rjones (Thu, 16 May 2019 00:11:22 GMT):
Borked link within readme: https://github.com/hyperledger/aries-rfcs/pull/12/files

rjones (Thu, 16 May 2019 12:28:35 GMT):
@kdenhartog What you could do is ping the github group directly in github. You could @aries-rfc-committers I think in a PR to mention them

TelegramSam (Thu, 16 May 2019 12:51:22 GMT):
All this RFC work is making me happy. Thanks all!

TelegramSam (Thu, 16 May 2019 19:05:16 GMT):
Aries WG Call Recording Posted: https://wiki.hyperledger.org/display/ARIES/2019-05-15+Aries+Working+Group+Call

kdenhartog (Fri, 17 May 2019 13:40:20 GMT):
@pleerock someone just posted this on the IndySDK channel yesterday. May be of help https://github.com/Quintor/StudyBitsWallet

pimotte (Fri, 17 May 2019 13:58:38 GMT):
I'm the lead dev of this, feel free to ping me for any questions (haven't really read up on aries or how a wallet fits in xD)

kdenhartog (Fri, 17 May 2019 13:59:38 GMT):
Oh gotcha! I haven't had a chance to dig through it yet and see how things are running. Is it using the updated work from the HIPEs (i.e. pack/unpack work)?

pimotte (Fri, 17 May 2019 14:11:31 GMT):
Nope, not yet. We've updated the underlying library (Quintor/quindy) to use indy-sdk 1.8.2 and someone was working on using pack/unpack, but it looks like he'll be occupied elsewhere for the foreseeable future

kdenhartog (Fri, 17 May 2019 14:12:20 GMT):
No worries, I'll keep my eye on it on github. Glad to see that there's some diversity coming in wallets. I'd suggest adding this work to the Indy-agents repository list as well.

kdenhartog (Fri, 17 May 2019 14:12:48 GMT):
The list in the known-implementations https://github.com/hyperledger/indy-agent

pimotte (Fri, 17 May 2019 14:13:52 GMT):
I was mildly inspired by the early indy HIPES, but I sort of diverged when they moved slower than development, and we mostly wanted to figure out if it worked. So interop with others is probably a ways off

kdenhartog (Fri, 17 May 2019 14:15:32 GMT):
That's good feedback. We're hoping that this new process in Aries should allow HIPEs to move more closely to the pace of development

pimotte (Fri, 17 May 2019 14:16:20 GMT):
Do you think adding it to the list makes sense if we are not making moves ourselves towards interop? (I would accept PRs for it)

kdenhartog (Fri, 17 May 2019 14:17:22 GMT):
yup, just clarify in the tests passing section that it's not passing tests will indicate it

kdenhartog (Fri, 17 May 2019 14:17:36 GMT):
It may help with getting others to build on top

kdenhartog (Fri, 17 May 2019 14:18:04 GMT):
I'm mostly focused on lower levels at the moment so I won't be able to write any PRs for it

kdenhartog (Fri, 17 May 2019 14:19:06 GMT):
@twshelton may be interested in collaborating with your to build a common Java library on Indy. It looks very similar to the Quindy stuff you guys are working on.

kdenhartog (Fri, 17 May 2019 14:19:44 GMT):
Last I heard he was committing to maintaining the SDK Java wrapper

pimotte (Fri, 17 May 2019 14:20:31 GMT):
This is the thing that would be named indy-sdk-java, right?

kdenhartog (Fri, 17 May 2019 14:21:24 GMT):
yup. I'd hope it would also lead to collaboration of a library/framework built on top in Java similar to the Agent framework stuff in C#

kdenhartog (Fri, 17 May 2019 14:22:05 GMT):
A lot of the reason the agent framework stuff has been successful at moving quickly is because multiple teams are collaborating and building services with it

danielhardman (Tue, 21 May 2019 20:46:27 GMT):
@kdenhartog or @TelegramSam New Aries PR with Proposed status: ACKs. https://github.com/hyperledger/aries-rfcs/pull/15

danielhardman (Tue, 21 May 2019 20:46:44 GMT):
@TelegramSam I am reviewing your PR so it can be merged momentarily.

kdenhartog (Tue, 21 May 2019 20:52:02 GMT):
Just merged both of yours @danielhardman

danielhardman (Tue, 21 May 2019 20:52:55 GMT):
I will have a bunch more. I am doing HIPE maintenance tasks this afternoon, and will convert some more to RFCs.

danielhardman (Tue, 21 May 2019 20:53:17 GMT):
I am closing the HIPE PRs at the same time, so that repo should get cleaner.

danielhardman (Tue, 21 May 2019 21:05:27 GMT):
A trivial non-RFC PR: https://github.com/hyperledger/aries-rfcs/pull/16

danielhardman (Tue, 21 May 2019 21:07:11 GMT):
@kdenhartog I'm thinking of moving the Message Trust Contexts HIPE. Do you want me to rename it to Message Security Contexts at the same time--or have you retracted that suggestion?

danielhardman (Tue, 21 May 2019 21:31:56 GMT):
@kdenhartog or @TelegramSam Could you merge this PR quickly? https://github.com/hyperledger/aries-rfcs/pull/16 I raised it from the wrong branch of my fork, and having it open is complicating some other PRs I'm trying to raise...

rjones (Tue, 21 May 2019 21:51:44 GMT):
@danielhardman I can also merge if you like

danielhardman (Tue, 21 May 2019 21:52:29 GMT):
@rjones That'd be great. It's just a trivial tweak, not something substantive.

rjones (Tue, 21 May 2019 21:52:45 GMT):
it looks like @TelegramSam has approved it already

TelegramSam (Tue, 21 May 2019 21:52:59 GMT):
I approved it, but I'm not a maintainer?

danielhardman (Tue, 21 May 2019 21:53:22 GMT):
Should we be talking about this in an #aries-maintainer channel to avoid cluttering the general channel?

danielhardman (Tue, 21 May 2019 21:53:50 GMT):
@rjones TelegramSam should be able to merge. Can you check group membership?

danielhardman (Tue, 21 May 2019 21:53:56 GMT):
Or can I? Teach me to fish...

rjones (Tue, 21 May 2019 21:56:31 GMT):
@danielhardman join me: https://zoom.us/j/2032622322

kdenhartog (Tue, 21 May 2019 23:05:04 GMT):
Just merged your attachments PR. Only saw one use of HIPE in there, so I merged it and figured we can go back and change all of these later.

Oskar_van_Deventer (Wed, 22 May 2019 15:06:28 GMT):
Has joined the channel.

TelegramSam (Wed, 22 May 2019 16:46:22 GMT):
Aries Call today. Agenda: https://wiki.hyperledger.org/display/ARIES/2019-05-22+Aries+Working+Group+Call

VipinB (Wed, 22 May 2019 17:27:08 GMT):
Good to see Aries blog https://sovrin.org/sovrin-proudly-contributes-to-hyperledger-aries/ on Sovrin site

george.aristy (Wed, 22 May 2019 20:38:16 GMT):
@swcurran first question: is the Phone Agent sharing two DIDDocs? One for the Routing Agent, and the other for the Other Agent?

george.aristy (Wed, 22 May 2019 20:38:56 GMT):
Ok, we're done! I understand now.

TelegramSam (Wed, 22 May 2019 20:39:04 GMT):
I'll make a better diagram next time.

jonnycrunch (Wed, 22 May 2019 20:50:48 GMT):
yes, that makes more sense. B/c the routing agent needs to encrypt for the phone despite using a push notification like apple push.

jonnycrunch (Wed, 22 May 2019 20:51:18 GMT):
it is just not shared with the other agents

swcurran (Wed, 22 May 2019 20:55:31 GMT):
And the routing agent is forwarding messages for all sorts of other agents. The routing agent can't see what's in those messages, just needs to get them to the phone so it can decrypt/process them.

swcurran (Wed, 22 May 2019 20:55:31 GMT):
And the routing agent is forwarding messages from all sorts of other agents. The routing agent can't see what's in those messages, just needs to get them to the phone so it can decrypt/process them.

swcurran (Wed, 22 May 2019 20:56:03 GMT):
The routing agent and the mobile agent are a collaborating pair.

TelegramSam (Wed, 22 May 2019 20:56:52 GMT):
also important is that the routing agent doens't have to be under the control of the same identity owner as the phone.

TelegramSam (Wed, 22 May 2019 20:56:58 GMT):
It _can_ be, but is not required.

TelegramSam (Wed, 22 May 2019 20:57:37 GMT):
the routing agent will have some reason for providing that service, like getting paid to do so, or supplying services to members of it's parent org or something.

jonnycrunch (Wed, 22 May 2019 20:57:51 GMT):
I'm still not sure how to specify the protocol that I want the other agents to communicate over my service endpoint on the routing agent? Is that specified in the DID doc? ... and by that nature, I want my phone to initiate the query of the routing agent if I have queued messages or a push notification to my phone that I have a message and initiates me to send a query request.

TelegramSam (Wed, 22 May 2019 20:58:28 GMT):
yes, endpoint goes in the DID doc given to other agents.

TelegramSam (Wed, 22 May 2019 20:58:43 GMT):
and yes, your phone will need to initiate the request.

TelegramSam (Wed, 22 May 2019 20:58:53 GMT):
one proposal here: https://github.com/hyperledger/indy-hipe/blob/2af3bca5bf51f2936e04dae1d71071fdb9712d77/text/return-route/README.md

TelegramSam (Wed, 22 May 2019 20:59:03 GMT):
(not yet migrated to an Aries RFC)

jonnycrunch (Wed, 22 May 2019 20:59:28 GMT):
but, where to specify the protocol and messaging format that my routing agent is using?

TelegramSam (Wed, 22 May 2019 20:59:46 GMT):
protocol also in endpoint. It's a URI, not an IP.

TelegramSam (Wed, 22 May 2019 21:00:04 GMT):
message format will hopfully be quite standard.

TelegramSam (Wed, 22 May 2019 21:00:18 GMT):
but the endpoint type would indicate that.

TelegramSam (Wed, 22 May 2019 21:00:45 GMT):
For example: a DIDComms endpoint would use DIDComms standard encryption and message types.

jonnycrunch (Wed, 22 May 2019 21:03:24 GMT):
and where is the endpoint `type` (i.e. DIDComms) declared/understood to have its meaning? What about version?

TelegramSam (Wed, 22 May 2019 21:04:35 GMT):
It is more or less open to whoever whats to declare how their stuff works. As we are seeking a common way, we'll want to decide something and publish it.

tplooker (Wed, 22 May 2019 21:08:26 GMT):
@jonnycrunch here is a document on some proposed did doc conventions

tplooker (Wed, 22 May 2019 21:08:27 GMT):
https://github.com/hyperledger/indy-hipe/blob/f5726a3cf1c8bdd601a7ea29ffb4a9ad33969f89/text/0023-diddoc-conventions/README.md

danielhardman (Thu, 23 May 2019 00:19:39 GMT):
On the Aries call today, I promised I'd post a doc with a summary of what I've been doing to move HIPEs into Aries. Here you go: https://docs.google.com/document/d/1BKLR6lmjuwmHrYldNELijddJYi43IJByBXSMQgIHSYM/edit#

lucianosilva44 (Thu, 23 May 2019 14:50:52 GMT):
Hello! New to Aries here! Are you searching for contributors, right?

lucianosilva44 (Thu, 23 May 2019 14:51:32 GMT):
How could interested people contribute? Do you have a Github Repository, or something like that?

rjones (Thu, 23 May 2019 14:55:55 GMT):
https://github.com/hyperledger?utf8=✓&q=aries&type=&language=

swcurran (Thu, 23 May 2019 14:55:56 GMT):
Welcome @lucianosilva44! Best place to start right now is here: https://wiki.hyperledger.org/display/ARIES/Hyperledger+Aries Code is still being gathered together. It will be pulled from various repos and grown from there.

TelegramSam (Thu, 23 May 2019 15:09:14 GMT):
Aries Call Recording Posted: https://wiki.hyperledger.org/display/ARIES/2019-05-22+Aries+Working+Group+Call

george.aristy (Thu, 23 May 2019 15:23:26 GMT):
Have we published thoughts on how should an Identity Owner syncs wallets across their agents?

george.aristy (Thu, 23 May 2019 15:23:26 GMT):
Have we published thoughts on how should an Identity Owner sync wallets across their agents?

TelegramSam (Thu, 23 May 2019 15:40:30 GMT):
We are working with the DIF on data sync protocols to sync data between different agents. To clarify though, private keys are not intended to sync. Relationship information with other parties, as well as internal protocol state, are prime targets for sync.

george.aristy (Thu, 23 May 2019 15:41:52 GMT):
@TelegramSam through what channels is that work with the DIF taking place?

TelegramSam (Thu, 23 May 2019 15:46:14 GMT):
Hasn't really started yet, though I suspect the DIF Storage and Compute WG will be where the conversation starts.

swcurran (Thu, 23 May 2019 15:54:36 GMT):
I think we need to get to that conversation pretty soon. If we are going to achieve portability, we need to define how things can be exported/imported - credentials and relationships.

swcurran (Thu, 23 May 2019 15:57:02 GMT):
Decentralized Identity Foundation - https://identity.foundation/

sklump (Thu, 23 May 2019 16:27:51 GMT):
re: another option for proposal, could use 'bid'. Parallels with other negotiations i.e., bid/offer

sklump (Thu, 23 May 2019 16:27:51 GMT):
re: another option for proposal, could use 'bid'. Parallels with other negotiations i.e., bid/offer. Also shorter :)

TelegramSam (Thu, 23 May 2019 16:30:13 GMT):
shorter indeed. Bid kind of implies payment, which can apply, but isn't required.

sklump (Thu, 23 May 2019 16:39:00 GMT):
Other possibilities: credential [inquiry, call]. I like proposal just fine if it comes to that. It works in iteration (as opposed to 'init' which doesn't, semantically). I'm just listening to the call now.

sklump (Thu, 23 May 2019 16:39:00 GMT):
Other possibilities: credential [inquiry, order, appeal, requisition <-terrible, abbreviates same as 'request']. I like proposal just fine if it comes to that. It works in iteration (as opposed to 'init' which doesn't, semantically). I'm just listening to the call now.

sklump (Thu, 23 May 2019 16:39:00 GMT):
Other possibilities: credential [inquiry, order, appeal, requisition _<-terrible, abbreviates same as 'request'_]. I like proposal just fine if it comes to that. It works in iteration (as opposed to 'init' which doesn't, semantically). I'm just listening to the call now.

sklump (Thu, 23 May 2019 16:43:03 GMT):
What is payment but a specialized credential transfer in any case?

danielhardman (Thu, 23 May 2019 17:10:30 GMT):
@sklump and @TelegramSam What if we changed the terms as follows: The early messages, currently called "proposal" and "offer", get renamed to "holder-cred-plan" and "issuer-cred-plan", respectively. The back-and-forth of cred plans is optional and can happen as long as it takes to guarantee alignment. This phase, when plans are being negotiated, is called the planning phase. ZKP-oriented credentials require at least a plan from the issuer, to satisfy the cryptographic protections they need. Once the planning phase is done, the execution phase begins. This consists of a pair of messages -- cred-request followed by cred-delivery. Non-ZKP cred issuance can skip the planning phase entirely if it likes.

sklump (Thu, 23 May 2019 17:19:56 GMT):
This seems OK to me, but I have no problem with proposal/offer either.

TelegramSam (Thu, 23 May 2019 17:22:17 GMT):
I like that it helps identify the two flows.

danielhardman (Thu, 23 May 2019 17:23:47 GMT):
ALL: The Peer DID Method Spec is maturing nicely, thanks to thoughtful improvements from many--especially Oskar van Deventer and Christian Lundkvist. We still have more to do, though. You can help in the following two ways: 1. Please review this PR and express an opinion about whether it should be accepted: https://github.com/openssi/peer-did-method-spec/pull/32 This PR would change the way a peer DID's numeric basis is generated. Instead of generating from the initial public key, it would use a sha256 hash of the initial version of the DID Doc, which means the initial DID Doc could have any number of keys, and that it wouldn't be vital to rotate the one and only initial key value immediately after being used to generate the DID. 2. Please read at least section 5 of Oskar's doc here: https://docs.google.com/document/d/1SgKvuG7u0r5UkaDRnnkQmnarVylCx5VF5y0eIyV-I6Y/edit. Perhaps we can discuss some of the questions he raises in our next Aries call.

lucianosilva44 (Thu, 23 May 2019 19:16:58 GMT):
I was reading the aries-rfc repo right now. Sorry for the ignorance, but what would be an RFC?

danielhardman (Thu, 23 May 2019 19:16:59 GMT):
Socializing a possible convention: I'd like to suggest that *protocols be named by a verb, not a noun*. For example, we would have the "issue credential" protocol, not the "credential issuance" protocol; "connect" instead of "connection". My reasoning: You can do lots of things with a noun. With the noun "connection", for example, I could "build" it, "destroy" it, "maintain" it, etc. By naming protocols after a noun, I think we're creating an inherent fuzziness that would go away if we named them with a verb or verb phrase.

danielhardman (Thu, 23 May 2019 19:19:01 GMT):
An RFC is a "Request for Comment" (a specification that we want to align around). This terminology comes from RFCs that define most of the internet's plumbing today. An example of an RFC in Aries is the DIDComm explainer RFC: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0005-didcomm/README.md

lucianosilva44 (Thu, 23 May 2019 19:25:03 GMT):
Understood! Thanks by the explanation, @danielhardman !

TelegramSam (Thu, 23 May 2019 19:53:29 GMT):
@danielhardman I generally like that. thinking through the implications: a single message family would likely need to contain multiple protocols if it were to cover multiple 'verbs' that were closely related.

jljordan_bcgov (Thu, 23 May 2019 23:41:28 GMT):
is a message family one or more protocols?

swcurran (Fri, 24 May 2019 03:47:17 GMT):
@jljordan_bcgov - that's a good question. Currently we have in the (currently named) "Credential Exchange" message family both the (soon to be called) Issue Credential and Present Credential protocols. My preference (although not strong) is that we treated them as two separate message families, and define a message family as being a single protocol.

swcurran (Fri, 24 May 2019 03:50:41 GMT):
Reasoning - we reduce potential artificial dependencies between protocols that occur if they are in the same family, and there is confusion during message family discussions about which protocol we're talking about. That occured several times this week around the credential exchange protocol.

jljordan_bcgov (Fri, 24 May 2019 04:40:44 GMT):
Can we just eliminate one of the labels?

jljordan_bcgov (Fri, 24 May 2019 04:40:59 GMT):
Protocols are groups of messages

jljordan_bcgov (Fri, 24 May 2019 04:40:59 GMT):
Protocols are groups of messages by definition

TelegramSam (Fri, 24 May 2019 12:53:09 GMT):
@jljordan_bcgov @swcurran The word Protocol doens't naturally scope well: it is possible for one Protocol to have sub protocols that refer to different roles within the protocol.

TelegramSam (Fri, 24 May 2019 12:54:03 GMT):
@swcurran I also prefer two different message families for issue vs present.

sklump (Fri, 24 May 2019 13:02:32 GMT):
This consideration generates more heat than light, but a protocol implies a message order and a message family seems an unordered bag to me. However, it appears to me that we fleshing out protocols more than message families.

sklump (Fri, 24 May 2019 13:02:32 GMT):
At the risk of generating more heat than light, but a protocol implies a message order and a message family seems an unordered bag to me. However, it appears to me that we fleshing out protocols more than message families.

sklump (Fri, 24 May 2019 13:02:32 GMT):
At the risk of generating more heat than light, a protocol implies a message order and a message family seems an unordered bag to me. However, it appears to me that we fleshing out protocols more than message families.

sklump (Fri, 24 May 2019 13:02:32 GMT):
At the risk of generating more heat than light, a protocol implies a message order and a message family seems an unordered bag of message templates to me. However, it appears to me that we fleshing out protocols more than message families.

TelegramSam (Fri, 24 May 2019 13:04:40 GMT):
messaage families contain both the message templates and the instructions about order and other protocol expectations.

sklump (Fri, 24 May 2019 13:06:49 GMT):
Then what is the protocol beyond the message family?

sklump (Fri, 24 May 2019 13:07:21 GMT):
Then what is the protocol beyond the message family?

TelegramSam (Fri, 24 May 2019 13:08:38 GMT):
A protocol is a concept. A message family is the technical application of that concept.

TelegramSam (Fri, 24 May 2019 13:16:47 GMT):
Tempted to rename "Wire Level" HIPE to "Message Encryption" in the RFC transition. Thoughts? @swcurran @danielhardman @kdenhartog

swcurran (Fri, 24 May 2019 13:23:12 GMT):
As we use it today, a message family is a set of related messages that implement one or more protocols.

swcurran (Fri, 24 May 2019 13:24:22 GMT):
If we just go with protocol, and restrict it to one per message family than they are the same and we can eliminate the term "message family"

swcurran (Fri, 24 May 2019 13:25:49 GMT):
Argument against I think is that in other places, "protocol" is a whole bunch of interactions - HTTP, SMTP.

TelegramSam (Fri, 24 May 2019 13:26:04 GMT):
There'a always a bigger protocol.

jljordan_bcgov (Fri, 24 May 2019 13:37:18 GMT):
https://en.wikipedia.org/wiki/Internet_protocol_suite I think we are dealing with protocols. And there can be protocol suites that align with a more business/human level goal and the set of suites forms part of the Trust over IP stack. I think my point is this is not new territory and we should not feel the need to rework what is already well understood. Using nomenclature that is familiar to future implementors of the Stack is more important I’ve never heard of a message family and I’ve dealt with probably dozens and dozens of protocols from ARP to http.

danielhardman (Fri, 24 May 2019 14:23:05 GMT):
I don't know if I'm the first person to use the phrase "message family", but I was one of the first. And I wish I'd never used it. Its relationship to the true, crisp concept of "protocol" is muddy. We have to version a protocol, and we have to route based on a protocol. The messages involved in creating connections, and the messages involved in synchronizing changes to DID Docs, are both part of a logical grouping of messages about connections, but they have to be versioned in different units. We could say there's a general "message family" about connections, but there are most certainly two distinct protocols there. I've never liked the idea that "message family" included sequence rules, roles, and state machines; that always felt like a "protocol" construct to me. Sam (and I think Stephen to a lesser extent) have been the main proponents of promoting the term "message family", and I went along because I was a lone voice in the wilderness. But if there are others now showing up saying that "protocol" is the term that really resonates, I think we should listen to them and de-emphasize the term "message family" as a fuzzy term with little practical impact that could be applied to any type of grouping.

danielhardman (Fri, 24 May 2019 14:32:20 GMT):
I'd like to rename the term as well; "wire" doesn't really apply well to messages at rest on disk, or to messages transmitted wirelessly. But I have a different preference from "message encryption". Let me explain. I think the other "layer" or "level" of messaging (the one where agents or applications deal in plaintext JSON structures) is also misnamed as the "application level". We struggled with this term quite a bit, wanting to call it "agent level" at one point, but never really loving anything we came up with. There is a metaphor that I think gives us both terms very nicely. It's the metaphor of envelopes and the content inside them. So I'd suggest that we use the terms "message" and "envelope", and talk about putting a message inside an envelope. This is exactly the visual I used in diagrams in the mediators and relays HIPE, and I think it was very clear. This also has a nice secondary consequence, which is that Tobias's idea of plaintext-but-signed messages as an alternate wire format just becomes a second type of envelope. (And that's the reason I don't want to refer to this layer as "encrypted", BTW, even though I think encrypted envelopes will be far and away the most common envelope style.)

TelegramSam (Fri, 24 May 2019 15:08:02 GMT):
so, DIDComms Encryption Envelope?

sklump (Fri, 24 May 2019 15:23:29 GMT):
... only sometimes it might not encrypt (e.g., signed-only), so maybe a DIDComms cryptographic envelope. My two cents only.

kdenhartog (Fri, 24 May 2019 15:39:05 GMT):
I like @sklump suggestion of DIDComms cryptographic envelope

kdenhartog (Fri, 24 May 2019 15:41:33 GMT):
I also like the idea of calling it a DIDComms message instead of application layer

TelegramSam (Fri, 24 May 2019 15:49:27 GMT):
I'd call that a DIDComms Signature Envelope.

TelegramSam (Fri, 24 May 2019 15:51:31 GMT):
Both the encryption envelope and the signature envelope are cryptographic envelopes.

TelegramSam (Fri, 24 May 2019 16:00:09 GMT):
I've updated my PRs to reflect encryption envelope.

VipinB (Fri, 24 May 2019 21:22:34 GMT):
So it would be plan-cred-issuer and plan-cred-holder etc.

swcurran (Fri, 24 May 2019 21:26:45 GMT):
No...message families are dead to me.

swcurran (Fri, 24 May 2019 21:27:01 GMT):
I think that, but John made me put it that way.

tplooker (Fri, 24 May 2019 21:47:57 GMT):
I have been working on a HIPE that I discussed with Daniel Hardman the other day that is relivant to the above conversation, welcome feedback https://hackmd.io/Hnhq48ZxTlaqxzGzuR8rGg

tplooker (Fri, 24 May 2019 21:47:57 GMT):
I have been working on a RFC that I discussed with Daniel Hardman the other day that is relivant to the above conversation, welcome feedback https://hackmd.io/Hnhq48ZxTlaqxzGzuR8rGg

tplooker (Fri, 24 May 2019 21:48:22 GMT):
This would have us rename the wire level to envelop level and application level to content level as to fit with the postal analogy

tplooker (Fri, 24 May 2019 21:48:22 GMT):
This would have us rename the wire level to envelope level and application level to content level as to fit with the postal analogy

tplooker (Fri, 24 May 2019 21:48:34 GMT):
We could then restructure downstream hipes accordingly

tplooker (Fri, 24 May 2019 21:51:15 GMT):
I'd also like to start talking about these formats in a more general sense and the fact that JOSE is used as the serialization format for the envelop level currently but that may not always be the case. Same goes for the content level of DID comm messages, we have defined a set of conventions for expressing DID comm messages in JSON however I dont want DID comm to be reliant on JSON long term.

tplooker (Fri, 24 May 2019 21:51:15 GMT):
I'd also like to start talking about these formats in a more general sense and the fact that JOSE is used as the serialization format for the envelope level currently but that may not always be the case. Same goes for the content level of DID comm messages, we have defined a set of conventions for expressing DID comm messages in JSON however I dont want DID comm to be reliant on JSON long term.

TelegramSam (Fri, 24 May 2019 22:37:16 GMT):
I submitted a transfered RFC (merged a few hours) that replaces message family with protocol.

TelegramSam (Fri, 24 May 2019 22:37:50 GMT):
I'm probably the reason we have message family, and I've been nearly convinced that protocol is the right term.

TelegramSam (Fri, 24 May 2019 22:39:55 GMT):
@tplooker I'm a fan. I thing you mostly mean 'envelope' though, unless this is a regional spelling difference.

TelegramSam (Fri, 24 May 2019 22:39:55 GMT):
@tplooker I'm a fan. I think you mostly mean 'envelope' though, unless this is a regional spelling difference.

tplooker (Fri, 24 May 2019 23:19:56 GMT):
@TelegramSam nope I do mean envelope sorry was a typo

tplooker (Sun, 26 May 2019 20:39:42 GMT):
Opened a RFC on did comm message anatomy https://github.com/hyperledger/aries-rfcs/pull/21/files

tplooker (Sun, 26 May 2019 20:39:42 GMT):
Opened an RFC on did comm message anatomy https://github.com/hyperledger/aries-rfcs/pull/21/files

TelegramSam (Mon, 27 May 2019 14:02:02 GMT):
@tplooker minor update needed before merge: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0008-message-id-and-threading/README.md

TelegramSam (Mon, 27 May 2019 14:02:02 GMT):
@tplooker minor update needed before merge: https://github.com/hyperledger/aries-rfcs/pull/21

Oskar_van_Deventer (Mon, 27 May 2019 15:55:34 GMT):
Sam, all, here is the pre-proposed Aries RFC 0024: https://github.com/hyperledger/aries-rfcs/pull/24. Unfortunately, the DCO stuff continues to provide headaches, but that should not refrain us from discussing it in the upcoming Aries meeting May 29. Note that I shall be out of office. Alexander Blom of Bloqzone shall present on behalf of the both of us.

tplooker (Mon, 27 May 2019 18:25:33 GMT):
@TelegramSam change has been made https://github.com/hyperledger/aries-rfcs/pull/21

troyronda (Mon, 27 May 2019 20:02:25 GMT):
@Oskar_van_Deventer I wonder if the bot is failing DCO due to not having <> around your email address? Sample DCO: Signed-off-by: Random J Developer

kdenhartog (Tue, 28 May 2019 06:30:57 GMT):
are you using the -s when commiting locally? I've found that even when properly copying it doesn't work. You may need to squash all of your commits and then do an ammend to sign them off.

TelegramSam (Tue, 28 May 2019 12:44:43 GMT):
Aries RFC index updated: https://github.com/hyperledger/aries-rfcs/blob/master/index.md Now, with sorted RFC Numbers.

jljordan_bcgov (Tue, 28 May 2019 13:39:50 GMT):
Nice ... I like sorted lists :)

jljordan_bcgov (Tue, 28 May 2019 13:40:41 GMT):
Are we deprecating use of the term “message family”? A matter of finding the time to do some minor edits? Some references in here for example https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0003-protocols/README.md

Oskar_van_Deventer (Tue, 28 May 2019 14:01:22 GMT):
@troyronda I added the < >. Still, I am getting To https://github.com/Oskar-van-Deventer/aries-rfcs.git ! [rejected] didcom-over-xmpp -> didcom-over-xmpp (stale info) error: failed to push some refs to 'https://github.com/Oskar-van-Deventer/aries-rfcs.git'

Oskar_van_Deventer (Tue, 28 May 2019 14:01:55 GMT):
I wish there was some simple DCO documentation that just says "step 1: ..., step 2: ..." and then worked. Anyway ...

Oskar_van_Deventer (Tue, 28 May 2019 14:02:55 GMT):
@kdenhartog I have no clue what you are saying. I am not that github-language-savy. Sorry ...

sklump (Tue, 28 May 2019 14:09:16 GMT):
@Oskar_van_Deventer try ``` $ git pull $ git push ```

sklump (Tue, 28 May 2019 14:09:16 GMT):
@Oskar_van_Deventer try ``` $ git pull $ git push ``` ? It fixed a similar problem I was having for a PR.

Oskar_van_Deventer (Tue, 28 May 2019 15:19:07 GMT):
@sklump Git says "all is OK"

Oskar_van_Deventer (Tue, 28 May 2019 15:21:58 GMT):
Still not sure what is the exact recipe for next time, but I'll keep these commands in mind

Oskar_van_Deventer (Tue, 28 May 2019 15:22:26 GMT):
@sklump @kdenhartog Thank you!

sklump (Tue, 28 May 2019 15:47:29 GMT):
In Aries-RFC#0005 (DID Communication), * the title still reads 0003 instead of 0005 * "Now Alice's agent uses its own private key to encrypt the plaintext so only Bob's agent can read it, and it arranges delivery to Bob": surely Alice's agent uses Bob's public key to encrypt, and her own private key to authenticate the message? My two cents only.

sklump (Wed, 29 May 2019 13:58:40 GMT):
*Fundamental Question* I had understood that every holder/prover would have a nym on (some) ledger. Is that still a valid assumption, or can an entity use exclusively off-ledger n-wise (pairwise) DIDs?

TelegramSam (Wed, 29 May 2019 14:45:23 GMT):
@sklump For Indy based credentials, only the Issuer needs to have a ledger anchored DID. Holders can use a Peer DID Exclusively. For non-Indy based credentials, there has not yet been deep discussion on this topic that I'm aware of

TelegramSam (Wed, 29 May 2019 16:53:19 GMT):
Aries call today: https://wiki.hyperledger.org/display/ARIES/2019-05-29+Aries+Working+Group+Call

kdenhartog (Wed, 29 May 2019 18:04:38 GMT):
@danielhardman should RFC #33 be proposed or accepted status? I think it's fine to make it accepted given it was in FCP previously and should have been accepted as a HIPE awhile ago. Just want to make sure it aligns with your thinking.

TelegramSam (Wed, 29 May 2019 18:07:28 GMT):
There are only minimal implementations so far, though it has largely been without controversy.

kdenhartog (Wed, 29 May 2019 18:28:45 GMT):
I interpret that to mean it's good to make an accepted status. Is that true?

swcurran (Wed, 29 May 2019 18:36:01 GMT):
33 is the l10n RFC. My vote is it is proposed - I added a comment.

kdenhartog (Wed, 29 May 2019 18:38:35 GMT):
I tried changing it then broke the DCO. Looks like we're going to need Daniel to change it.

swcurran (Wed, 29 May 2019 18:40:17 GMT):
What does "broke the DCO" mean? Weird.

kdenhartog (Wed, 29 May 2019 18:41:54 GMT):
DCO was passing before I pushed the change through Github. Now it doesn't pass because my latest commit doesn't have the signed off line

rjones (Wed, 29 May 2019 19:59:48 GMT):
`git commit --amend -s ; git push --force ...` :)

kdenhartog (Wed, 29 May 2019 20:04:28 GMT):
I'm still getting errors. I think it's because I was trying to edit Daniel's PR. I just am going to do a separate PR for now, but I would like to learn how to handle this in the future.

rjones (Wed, 29 May 2019 20:05:01 GMT):
Ah, github makes it basically impossible to fix DCO issues in the UI

kdenhartog (Wed, 29 May 2019 20:55:15 GMT):
@danielhardman I just made a PR onto your fork for the localization work. When you merge that in than I can merge it into the RFC repo.

MALodder (Wed, 29 May 2019 21:05:20 GMT):
Quick comment about wallets. Wallets to me include the following components: 1- Data storage layer 2- Security layer 3- Messaging ayer The data storage layer is currently pluggable. The security layer currently has fixed crypto and requires a single key to access the wallet either a key itself or derived from a password. The messaging layer should provide the capabilities of syncing data and recovery. From the last call it sounds like we aren't ready to discuss this yet but I would like to do the work for the RFCs to cover what I am suggesting

MALodder (Wed, 29 May 2019 21:05:35 GMT):
The layer I want to upgrade and propose RFCs for is the security layer

MALodder (Wed, 29 May 2019 21:06:39 GMT):
I would like to create RFCs that 1- allow the crypto to be pluggable 2- support better methods for opening the wallet besides just one key. I would like to deprecate the password derivation. I would like to support threshold based key creation, 2FA and multiple keys that can access the wallet. 3- Allow clusters (groups, think of these like a folder of data that is accessed based on your permission) of data that are accessed based on the wallet access key so a single key doesn't access everything just a subset that they are granted access.

MALodder (Wed, 29 May 2019 21:08:15 GMT):
I also want to write up an RFC that explains the tradeoffs for the wallet security properties like the Threat models. Take for example if the security layer and storage layer are on separate instances, an attacker could sniff the traffic between them even though he doesn't have access to either.

TelegramSam (Wed, 29 May 2019 22:00:37 GMT):
I'd argue that the wallet enables 3 (messaging layer) but does not contain it.

mtfk (Wed, 29 May 2019 22:24:51 GMT):
This is where would be nice to really define what is wallet, agent, digital wallet, credential store etc... In our world digital wallet (mobile ) looks more less like this:

mtfk (Wed, 29 May 2019 22:26:49 GMT):
This is simplify version of "mobile agent" or as we call it Digital Wallet, there is a lot of components around that which in my opinion should or already are part of the Aries scope.

nhelmy (Wed, 29 May 2019 22:27:02 GMT):
@mtfk is the wallet in this case the dotted box?

mtfk (Wed, 29 May 2019 22:27:23 GMT):
yes, dotted box is the mobile digital wallet

mtfk (Wed, 29 May 2019 22:29:16 GMT):
the way as we think of that one is that you can put and take out anything anytime from it. You can think of it as your pocket wallet where you put only stuff which you need to carry with you atm. You could have stronger digital wallet (agent) in a cloud (personal cloud if you wish at your home) where everything would be stored and you could pull stuff from it etc...

mtfk (Wed, 29 May 2019 22:31:52 GMT):
If you take a look on the Digital Wallet report: https://ssimeetup.org/state-digital-identity-crypto-wallets-darrell-odonnell-webinar-22/ you would see that here is much more into it then actually scope of any work so far in indy or aries.

mtfk (Wed, 29 May 2019 22:35:03 GMT):
I tried to compose a list of stuff which goes into the thing called "Digital wallet" and above diagram is the result. Not sure if would confuse more or help but definitely would be nice to bootstrap a discussion about that topic.

mtfk (Wed, 29 May 2019 22:35:54 GMT):
For me Aries is a candidate to take care of all above from the backend perspective.

jmason900 (Thu, 30 May 2019 01:06:53 GMT):
@VipinB - zoom meeting nbr for tonight's meeting ?? the link does not work - thanks

swcurran (Thu, 30 May 2019 01:46:33 GMT):
@mtfk - that's a very good list. It does mix a number of concepts though, that go beyond storage. For example "Credentials" would be just one thing, and the other items listed are the actions (by agents) related to Credentials. Necessary, but not storage. Another class you have are the features of an agent with storage - e.g. rmulti-device replication, backup/restore. The indy discussions to this point have covered at various times all of those things (to varying degrees of detail), but those are separated into storage (aka wallet) and functionality (aka agent). It will be interesting to see how that evolves with Aries.

MALodder (Thu, 30 May 2019 12:33:18 GMT):
My point is what layer should we call the key management in the wallet?

MALodder (Thu, 30 May 2019 12:34:10 GMT):
The messaging portion facilitates DKMS, data sync, and consensus

TelegramSam (Thu, 30 May 2019 14:27:59 GMT):
@MALodder I still consider "DKMS, data sync, and consensus" to be data held by the wallet, but enabled by communication of the agent itself.

MALodder (Thu, 30 May 2019 14:35:51 GMT):
@TelegramSam we saying the same thing in different ways

MALodder (Thu, 30 May 2019 14:35:51 GMT):
@TelegramSam we are saying the same thing in different ways

TelegramSam (Thu, 30 May 2019 15:14:15 GMT):
Aries call recording from yesterday's meeting posted: https://wiki.hyperledger.org/display/ARIES/2019-05-29+Aries+Working+Group+Call

MALodder (Thu, 30 May 2019 15:47:19 GMT):
Besides static agents and using TLS between hops, have we written anything that ensures end-to-end security–ensure that messages are only accessible to the communicating endpoints, and not to any servers involved in the delivery. This involves establishing keys to provide such protections

danielhardman (Thu, 30 May 2019 16:46:53 GMT):
@MALodder and @mtfk and others: There is an Indy HIPE that was accepted by the community 10 months ago that describes exactly what wallets are, what they contain, how they are layered, how their encryption works, and so forth. That HIPE is fully implemented by Indy's current wallet implementation, and it includes a lot of very desirable architectural features that have been thoughtfully chosen--including a number of features that I believe are misunderstood or not known, as well as several forward-looking hooks for future DKMS work. Besides Indy's implementation, @ianco and others at BCGov have invested time in building atop it (e.g., Ian's work on the postgres storage plugin), and Evernym has built the Sovrin Connector, Connect.Me, and its own enterprise storage solution atop it as well. This does not mean the HIPE is the last word--but it should be referenced and debated, not ignored, when offering new ideas. Can we please frame new thinking on wallets in terms of deltas to the agreed-upon architecture? https://github.com/hyperledger/indy-hipe/blob/master/text/0013-wallets/README.md

danielhardman (Thu, 30 May 2019 16:46:53 GMT):
@MALodder and @mtfk and others: There is an Indy HIPE that was accepted by the community 10 months ago that describes exactly what wallets are, what they contain, how they are layered, how their encryption works, and so forth. That HIPE is fully implemented by the current Indy SDK, and it includes a lot of very desirable architectural features that have been thoughtfully chosen--including a number of features that I believe are misunderstood or not known, as well as several forward-looking hooks for future DKMS work. Besides Indy's implementation, @ianco and others at BCGov have invested time in building atop it (e.g., Ian's work on the postgres storage plugin), and Evernym has built the Sovrin Connector, Connect.Me, and its own enterprise storage solution atop it as well. This does not mean the HIPE is the last word--but it should be referenced and debated, not ignored, when offering new ideas. Can we please frame new thinking on wallets in terms of deltas to the agreed-upon architecture? https://github.com/hyperledger/indy-hipe/blob/master/text/0013-wallets/README.md

danielhardman (Thu, 30 May 2019 16:48:48 GMT):
This is a core characteristic of DIDComm, not an incidental feature that we might need to add. It has been a guarantee since day 1. We don't use TLS to achieve any of those guarantees, and it has nothing to do with static agents. So I am puzzled by the question. Could you maybe restate it?

MALodder (Thu, 30 May 2019 18:04:11 GMT):
Sure, I understand DIDComm, but we haven't done any more work for pushing forward the signal or MLS protocol right?

danielhardman (Thu, 30 May 2019 18:22:49 GMT):
We have not yet implemented the HIPE that you wrote about perfect forward secrecy. We are likely to propose adopting MLS at some point in the future, when it is more mature.

tomislav (Thu, 30 May 2019 20:06:29 GMT):
Any teams attending Identity North next week?

swcurran (Thu, 30 May 2019 21:27:39 GMT):
We're not, but some folks from BC are. Will you be going @tomislav?

tomislav (Thu, 30 May 2019 21:29:37 GMT):
I'm undecided yet. I am currently here in Toronto until tomorrow, don't mind coming back again, but was wondering who else might be there.

tomislav (Thu, 30 May 2019 21:30:17 GMT):
Would be great to geek out with some aries folks

kdenhartog (Thu, 30 May 2019 22:36:42 GMT):
Interesting discovery I just came across. JWS support both repudiable (SHA 256 HMACS) and non repudiable signatures (edDSA, ECDSA, etc) This would mean that we could get integrity protection of an entire JWE if we required a JWS to wrap JWE for DIDComms. @TelegramSam @MALodder @danielhardman @tplooker what's your take on this?

kdenhartog (Thu, 30 May 2019 22:36:42 GMT):
Interesting discovery I just came across. JWS support both repudiable (SHA 256 HMAC) and non repudiable signatures (edDSA, ECDSA, etc) This would mean that we could get integrity protection of an entire JWE if we required a JWS to wrap JWE for DIDComms. @TelegramSam @MALodder @danielhardman @tplooker what's your take on this?

MALodder (Thu, 30 May 2019 22:38:35 GMT):
I’ll have to take a look at it before I can give an opinion

danielhardman (Thu, 30 May 2019 22:38:54 GMT):
I was lightly aware of this, but I've never understood how the repudiable signature actually works. Does it cease to become a signature in the sense that you know who affixed it? If so, what is preventing a middleman from replacing the content and affixing a different HMAC?

kdenhartog (Thu, 30 May 2019 22:42:29 GMT):
interesting points. I think you're right in that it provides no origin guarantees. I'll dig in more to see what I can find. Given the HMAC version is the required algorithm, I wonder how this affects the kosherness of being "JWS compliant". Similarly this raises the question for me if we have to support the required parts of JWE in order to be "JWE compliant"

kdenhartog (Thu, 30 May 2019 22:42:43 GMT):
I'll do some more digging and get back on this.

MALodder (Fri, 31 May 2019 05:09:10 GMT):
New RFC [here](https://github.com/hyperledger/aries-rfcs/pull/42/files?short_path=0bad27e#diff-0bad27e8c8b46ab9261526ef41c4201f)

MALodder (Fri, 31 May 2019 05:09:10 GMT):
New RFC [here](https://github.com/hyperledger/aries-rfcs/pull/42)

MALodder (Fri, 31 May 2019 05:09:31 GMT):
I hope I followed the correct procedure. I was just getting use to Indy-HIPEs

kdenhartog (Fri, 31 May 2019 06:09:51 GMT):
Yeah procedually this is correct. However, I'd suggest moving it to the Features rather than the concepts folder. From what I know about this as well as what the doc looks like it would fit better there.

mtfk (Fri, 31 May 2019 11:06:03 GMT):
My way of thinking about digital wallet is not far away from that what is currently in the HIPE, and if is not yet migrated to Aries would be nice to have it there. I think important part is to agree on the naming as we already have agent, wallet, digital wallet, identity wallet, Personal Digital Assistant etc. Maybe for one of the call we could go through the status quo discuss mentioned HIPE (and how it would impact Aries) and talk about overall picture on this part. We already know that we have multiple types of the wallets (mobile, cloud, public, private) which would required different set of features. Of course underlying toolkit should be shared but would be nice to draw the boarder where is what. For example for me is unclear difference between agent and identity wallet which is mentioned in this HIPE. Working with different initiative we came with some basic components which in our opinion this basic toolkit should cover:

mtfk (Fri, 31 May 2019 11:07:19 GMT):
@danielhardman above picture is to the thread discussion about the HIPE (for some reason I can't find a way to attach picture to the thread)

MALodder (Fri, 31 May 2019 12:04:42 GMT):
Yeah I wasn’t sure where it should go. The read looks to be a copy from Indy-HIPE and says to copy the text.md to the text folder and there is no text folder

MALodder (Fri, 31 May 2019 12:04:42 GMT):
Yeah I wasn’t sure where it should go. The README looks to be a copy from Indy-HIPE and says to copy the text.md to the text folder and there is no text folder

MALodder (Fri, 31 May 2019 12:06:23 GMT):
This layer I’m suggesting is part of the digital wallet and is part of the access layer. We now deprecate the password based call and providing the raw key is the same as picking a null enclave backend

MikeRichardson (Fri, 31 May 2019 13:47:34 GMT):
Hello everyone, having spent a fair bit of time trying to figure out Indy SDK I am at the point where I am considering a pilot. Would it make more sense to wait for Aries to be ready or do people think I should go ahead and build stuff with Indy and perhaps cut across in the future? We are involved with credential verification for civil engineering firms here in Romania.

MikeRichardson (Fri, 31 May 2019 13:47:34 GMT):
Hello everyone, having spent a fair bit of time trying to figure out Indy SDK I am at the point where I am considering a pilot. Would it make more sense to wait for Aries to be ready or do people think I should go ahead and build stuff with Indy and perhaps cut across [to Aries] in the future? Or are they inextricably linked? We are involved with credential verification for civil engineering firms here in Romania.

MikeRichardson (Fri, 31 May 2019 13:47:34 GMT):
Hello everyone. Having spent a fair bit of time trying to figure out Indy SDK I am at the point where I am considering a pilot. Would it make more sense to wait for Aries to be ready or do people think I should go ahead and build stuff with Indy and perhaps cut across [to Aries] in the future? Or are they inextricably linked? We are involved with credential verification for civil engineering firms here in Romania.

kdenhartog (Fri, 31 May 2019 14:01:13 GMT):
Oh good catch. We'll need to update that.

kdenhartog (Fri, 31 May 2019 14:02:46 GMT):
You could get start working with the IndySDK and when we properly move things over to Aries, that would be when you make the switch. Lots of us are taking that approach as well.

MikeRichardson (Fri, 31 May 2019 14:03:51 GMT):
Ah ok. What are the advantages of Aries over Indy SDK. I am assuming it might be a shorter learning curve. Indy SDK is a challenge to say the least.

MikeRichardson (Fri, 31 May 2019 14:03:51 GMT):
Ah ok. Thanks. What are the advantages of Aries over Indy SDK. I am assuming it might be a shorter learning curve. Indy SDK is a challenge to say the least.

MikeRichardson (Fri, 31 May 2019 14:04:36 GMT):
Ah ok. Thanks. What are the advantages of Aries over Indy SDK. I am assuming it might be a shorter learning curve. Indy SDK is a challenge to say the least.

MikeRichardson (Fri, 31 May 2019 14:04:36 GMT):
Ah ok. Thanks. What are the advantages of Aries over Indy SDK? I am assuming it might be a shorter learning curve. Indy SDK is a challenge to say the least.

kdenhartog (Fri, 31 May 2019 14:08:37 GMT):
The main advantage is we will have better support of languages with easy to use APIs. Where the logic is implemented isn't decided yet.

kdenhartog (Fri, 31 May 2019 14:09:24 GMT):
I suspect most people just want to consume a prebuilt agent and add their own protocols in. When Aries is mature it will make that easy for you.

SteveMagennis (Fri, 31 May 2019 14:09:35 GMT):
Given wallets can represent a target of highly concentrated value, thresholds, 2FA, etc. all make a lot of sense - especially if pluggable - to mitigate unauthorized access or restore rightful access. One topic I haven't heard discussed much though is how to rapidly (and maybe even just temporarily) suspend activity as a backstop to limit time critical damage that could be caused by a breach. Sort of like a 'panic button' that would pause wallet activity if something hinkey were detected. The thinking may be that once a breach occurs, it is too late to do anything anyhow and maybe the focus should be on creating a trail. Thoughts? IMHO if we accept that breaches will occur and can limit the extent of damage as a native feature (pluggable) rather than push mop up activity to a higher layer there is greater likelihood of getting it right.

swcurran (Fri, 31 May 2019 14:14:31 GMT):
I woujld not recommend starting with the Indy-SDK but start with a framework on top. Depending on language of interests - at least look at agent-framework (streetcred repo, c#) or indy-catalyst (bcgov repo, python) agent folder. Those are approximately what will become Aries.

swcurran (Fri, 31 May 2019 14:14:31 GMT):
I woujld not recommend starting with the Indy-SDK but start with a framework on top. Depending on language of interest - at least look at agent-framework (streetcred repo, c#) or indy-catalyst (bcgov repo, python) agent folder. Those are approximately what will become Aries.

kdenhartog (Fri, 31 May 2019 14:15:03 GMT):
This is definitely the route to go ^

kdenhartog (Fri, 31 May 2019 14:15:20 GMT):
Thank you for clarifying it better.

MikeRichardson (Fri, 31 May 2019 14:26:16 GMT):
What is the thinking on not using SDK as is? Too complex? Unstable?

MikeRichardson (Fri, 31 May 2019 14:26:37 GMT):
What is the thinking on not using SDK as is? Too complex? Unstable?

swcurran (Fri, 31 May 2019 14:27:39 GMT):
Too low level. It's like building an app starting from TCP library calls. SDK is embedded in the frameworks so you are still using it, but you have way (way) less plumbing to write and things to learn that aren't helpful to you.

MikeRichardson (Fri, 31 May 2019 14:29:24 GMT):
That would explain why I am finding it a challenge then!

MikeRichardson (Fri, 31 May 2019 14:29:52 GMT):
I will check out the indy-catalyst

swcurran (Fri, 31 May 2019 14:32:21 GMT):
You can run a demo of using indy-catalyst at http://iiw.vonx.io. The email verification server and iiwbook are both indycat agents with different personalities - they are good ways to see how the Agent works.

swcurran (Fri, 31 May 2019 14:32:21 GMT):
You can run a demo using indy-catalyst at http://iiw.vonx.io. The email verification server and iiwbook are both indycat agents with different personalities - they are good ways to see how the Agent works.

swcurran (Fri, 31 May 2019 14:33:00 GMT):
IOS only, but even without IOS you can go to the servers, and there are pictures in the overiew.

swcurran (Fri, 31 May 2019 14:33:00 GMT):
IOS only, but even without IOS you can go to the servers, and there are pictures in the overview.

kdenhartog (Fri, 31 May 2019 14:33:38 GMT):
If you want you can sideload the OSMA .apk and use android. We haven't put it on the app store yet which is why you'd have to sideload it.

kdenhartog (Fri, 31 May 2019 14:34:01 GMT):
Speaking of that, should we just publish a link to an android .apk so people can sideload the app for the demo?

swcurran (Fri, 31 May 2019 14:34:35 GMT):
Is there an agency with it? Last I checked there is no osma agency, so no way to use it as is.

swcurran (Fri, 31 May 2019 14:34:57 GMT):
Someone would have to do a proper deployment with a full configuration.

MikeRichardson (Fri, 31 May 2019 14:35:36 GMT):
but one *could* use the Indy SDK and that would be a way to really understand how the technology works.

kdenhartog (Fri, 31 May 2019 14:37:02 GMT):
Yeah that's possible. Framework developers will need to understand how the IndySDK works so if you want to get to that point then it would be useful. I would suggest consuming one as @swcurran which will get you more familar with consuming the SDK too.

MikeRichardson (Fri, 31 May 2019 14:37:45 GMT):
Kyle you got me there..."consume"?

kdenhartog (Fri, 31 May 2019 14:38:21 GMT):
Make calls to the framework rather than directly to the IndySDK.

kdenhartog (Fri, 31 May 2019 14:38:31 GMT):
Definitely depends on goals though.

MikeRichardson (Fri, 31 May 2019 14:38:42 GMT):
initially we want to build a simple web agent, like Alice and faber college

swcurran (Fri, 31 May 2019 14:40:01 GMT):
You can take 6 months starting from the indy-sdk and the HIPEs/RFCs (so that you are compatible with others) or a week using indyCatAgent.

swcurran (Fri, 31 May 2019 14:40:48 GMT):
There is also a command line example of alice/faber in indycatagent repo that you can explore to understand.

swcurran (Fri, 31 May 2019 14:41:39 GMT):
And I'm not joking about the 6 months. We've been working on Indy code for 18 months. IndyCat is the second iteration done in the last 6 months based on all the learnings of the community.

MikeRichardson (Fri, 31 May 2019 15:08:21 GMT):
I am a little confused...while I have plenty of spare time so I could spend 6 months learning stuff...but my question is. if SDK is so low level why was Indy moved from incubation to production in April. Surely that would be done with a mature SDK??

MikeRichardson (Fri, 31 May 2019 15:09:07 GMT):
Thanks for all the replies btw I will certainly check out IndyCat

swcurran (Fri, 31 May 2019 15:12:12 GMT):
The code is extremely solid and the SDK does all it should do. However, what the SDK should do and what is needed to build valuable apps are two different things. Kubernetes is awesome and amazing, but as a business, you don't want to build/manage raw kubernetes. Same with this.

MikeRichardson (Fri, 31 May 2019 15:19:06 GMT):
I am slightly surprised: sure it is a lot to learn but the code base for the Alice -Faber demo doesn't look *that* big. Could that demo not be used as a framework for a POC?

MikeRichardson (Fri, 31 May 2019 15:19:54 GMT):
But it sounds like IndyCat agent is the way to go

swcurran (Fri, 31 May 2019 15:21:53 GMT):
Sure, and lots of have done that. It's where we started. Challenge is that it's not update to date with latest protocols of how to use indy - pairwise DIDs, establishing connections in interop ways, exchanging credentials so it works with other implementations, etc.. You can make it work with a one off, but not to interop with the community. And you will have to solve lots of higher level issues.

swcurran (Fri, 31 May 2019 15:21:53 GMT):
Sure, and lots of have done that. It's where we started. Challenge is that it's not up to date with latest protocols of how to use indy - pairwise DIDs, establishing connections in interop ways, exchanging credentials so it works with other implementations, etc.. You can make it work with a one off, but not to interop with the community. And you will have to solve lots of higher level issues.

MikeRichardson (Fri, 31 May 2019 15:22:48 GMT):
Maybe just as a learning exercise then. We are a long way off being expected to produce a production quality app.

MikeRichardson (Fri, 31 May 2019 15:23:13 GMT):
Thank you Stephen. I appreciate your comments.

kdenhartog (Fri, 31 May 2019 15:25:10 GMT):
If you're looking to make a time commitment like that having a team that's working on a JS framework would be awesome. I suspect if you got started others would help contribute to it.

kdenhartog (Fri, 31 May 2019 15:25:10 GMT):
If you're looking to make a time commitment like that having people that are working on a JS framework would be awesome. I suspect if you got started others would help contribute to it.

MikeRichardson (Fri, 31 May 2019 15:25:43 GMT):
That's exactly what I would like to do

MikeRichardson (Fri, 31 May 2019 15:26:10 GMT):
But I am working alone on my blockchain work so everything takes sooooo long!

kdenhartog (Fri, 31 May 2019 15:26:22 GMT):
I suspect @ptab-pawan would be interested in helping and @PatrikStas may be interested as well

swcurran (Fri, 31 May 2019 15:26:48 GMT):
Do you have a business driver? Everything we do is in the context of getting some business value and I think by far the best way to go.

swcurran (Fri, 31 May 2019 15:27:10 GMT):
Wow...this is a long convo and rocketchat replies are TERRIBLE :-)

MikeRichardson (Fri, 31 May 2019 15:28:12 GMT):
Yes. We have a business (funded) project which involves credential verification for civil engineering, and also a potential client whom we are meeting in Berlin. We are totally business driven.

MikeRichardson (Fri, 31 May 2019 15:30:31 GMT):
I dont like rocket chat much if i'm honest

kdenhartog (Fri, 31 May 2019 15:30:56 GMT):
I started a github issue in the aries channel to discuss this. Here's a link https://github.com/hyperledger/aries-rfcs/issues/41#issuecomment-497752453

swcurran (Fri, 31 May 2019 15:31:22 GMT):
I'm back to use something that exists. We're aiming to have a live production system with lawyers using verifiable credentials by summer. That sounds pretty close to your use case.

kdenhartog (Fri, 31 May 2019 15:31:33 GMT):
I'm fairly certain the new threading broke the android mobile app too.

MikeRichardson (Fri, 31 May 2019 15:32:21 GMT):
that's cool: we are in very early days of discussing with clients exactly what they want. We are detecting increasing interest in digital identity across the industry.

swcurran (Fri, 31 May 2019 15:33:01 GMT):
https://docs.google.com/document/d/1gbyoTBK-71y_6rQ9-H4CoSU1rFoOgny31kz1LCFVKLA/edit?usp=sharing

swcurran (Fri, 31 May 2019 15:33:30 GMT):
Digital identity done right you mean. It's been around (badly) since the start.

MikeRichardson (Fri, 31 May 2019 15:35:31 GMT):
Yes that is true. Digital Identity done right...there's a business slogan in there ))

swcurran (Fri, 31 May 2019 15:36:01 GMT):
Send me the rolyalties when its done!

swcurran (Fri, 31 May 2019 15:36:01 GMT):
Send me the royalties when its done!

MikeRichardson (Fri, 31 May 2019 15:37:02 GMT):
Here in Bucharest we have the Romanian Department of Education about to put their Diploma system onto Quorum. I wonder how that will work out...

MikeRichardson (Fri, 31 May 2019 16:14:34 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=XKJ727NMMjuN862Sy) Can you ping me contact details for these guys (I don't really want to message them on RC). I very much like the suggestion. Since I have a lot of time to devote to this project I am definitely interested.

mtfk (Fri, 31 May 2019 17:15:23 GMT):
For me the "panic button" is just revocation (could be temporary) of all keys which are within the wallet. The assumption in our approach is that master key is never in the wallet (not the one which is operating) it is in cold storage or something like that. Within the wallet you just keep derived keys which in case of breach (or in case of losing the device) you could turn panic button which would required extra signature from "panic button" key which is available somewhere outside the wallet (for example shared with one of your relatives).

MALodder (Fri, 31 May 2019 17:30:50 GMT):
Thats the point of the enclave approach of LOX

MALodder (Fri, 31 May 2019 17:31:36 GMT):
The keys to the kingdom are protected by a common interface and the enclave service providers are pluggable and can be configured according to an organization or individuals needs

MALodder (Fri, 31 May 2019 17:33:02 GMT):
@mtfk I don't know what you mean by revocation of a key. Are you talking DID keys or issuer keys? To revoke your anonymous credentials, one has to contact the issuer to revoke it on their behalf, at least thats the architecture for now

mtfk (Fri, 31 May 2019 17:54:18 GMT):
@MALodder Any key which is in compromise wallet like DID, crypto wallet, derived key from your national identifier etc..

mtfk (Fri, 31 May 2019 17:54:18 GMT):
@MALodder Any key which is in compromised wallet like DID, crypto wallet, derived key from your national identifier etc..

mtfk (Fri, 31 May 2019 17:54:51 GMT):
for some reason messages in the threads returns 400 error. Rocket chat really sucks recently.

mtfk (Fri, 31 May 2019 17:54:51 GMT):
for some reason messages in the threads returns 400 error for me. Rocket chat really sucks recently.

mtfk (Fri, 31 May 2019 17:55:58 GMT):
@MALodder I don't see reason to involve issuer in the process of revocation, it is mine I can decide if someone should trust it or not. Without informing issuer.

sklump (Fri, 31 May 2019 18:11:30 GMT):
@mtfk if the holder doesn't trust it, the holder can delete it or just not present it.

sklump (Fri, 31 May 2019 18:11:30 GMT):
@mtfk if the holder doesn't like a credential in the wallet, the holder can delete it or just not present it.

sklump (Fri, 31 May 2019 18:11:30 GMT):
@mtfk if the holder doesn't like a credential in the wallet, the holder can delete it or just not present it. There are all kinds of reasons an issuer needs authority to revoke a credential. A drunk driver likes his driver's licence just fine, but the province might not.

MALodder (Fri, 31 May 2019 18:35:53 GMT):
you may want to revoke your compromised credentials so impersonation is halted

rjones (Fri, 31 May 2019 18:41:50 GMT):
@mtfk are you using a client, or the web version? I prefer the web version TBH. The clients are subpar

danielhardman (Fri, 31 May 2019 22:51:22 GMT):
All: I proposed an RFC to supersede the merged Indy HIPE 0026 about "agent file format". This RFC would answer the question, "what is the MIME type of a DIDComm message in an encrypted or signed envelope, or without any envelope. It is mostly a straightforward evolution of what we had before, but it now includes the notion of a signed envelope that @tplooker and @kdenhartog have been talking about. https://github.com/hyperledger/aries-rfcs/pull/44

kdenhartog (Fri, 31 May 2019 23:12:34 GMT):
The remaining RFCs left I put comments on for changes or questions before I merged them.

rjones (Fri, 31 May 2019 23:49:31 GMT):
https://gist.github.com/ryjones/5500064ce49d137e3c6be9bb90a81111

danielhardman (Sat, 01 Jun 2019 00:08:50 GMT):
@kdenhartog More RFC PRs to merge; please check #46 through #49

danielhardman (Sat, 01 Jun 2019 00:10:15 GMT):
@dhuseby What would it take to get the Aries repos to use your new signing tools along with the did:git method? I'm asking because I saw @rjones 's post about crypto signing of commits...

rjones (Sat, 01 Jun 2019 00:10:43 GMT):
I actually goofed, I didn't mean to post it here :)

kdenhartog (Sat, 01 Jun 2019 00:12:32 GMT):
I'm going to go ahead and merge the feature discovery HIPE too. If people would like to see things reverted back to proposed status we can discuss that in Issues.

danielhardman (Sat, 01 Jun 2019 00:19:45 GMT):
Thanks for all the merging, Kyle. I'm really liking how much faster this stuff is--even though I'm only shifting content right now instead of writing new stuff. Pretty soon I'll be creating new stuff and then it will *really* begin to pay off.

kdenhartog (Sat, 01 Jun 2019 00:22:50 GMT):
Yeah, I'm liking using issues for communicating too. It means I don't feel like I need to jump on a call to figure some small thing out and I know everyone will eventually see it where rocketchat can be a hit and miss.

danielhardman (Sat, 01 Jun 2019 00:37:08 GMT):
Two more PRs: wallets and dkms

tplooker (Sat, 01 Jun 2019 01:05:25 GMT):
@danielhardman great PR, perhaps we should make clear the plain text content format you are talking about is just a content level message or are you envisaging a plain text unsigned envelope around messages stored in this format (*.dm)? Happy to file a PR either way if we are in agreement about an approach?

tplooker (Sat, 01 Jun 2019 01:07:11 GMT):
Also in general I would like to start talking about message id, message type and decorators in their general sense rather than how they are expressed in content level messages that are JSON based? Thoughts? This would just mean a tweak to some RFC's, again happy to work on these changes if others think the exercise is worthwhile?

MALodder (Sat, 01 Jun 2019 01:15:16 GMT):
PR 42 merged. RFC about better key management and wallet security

mtfk (Sat, 01 Jun 2019 13:07:44 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=59BZrGNuysJLkCTnP) Web version

sklump (Mon, 03 Jun 2019 16:38:04 GMT):
Hello, I see that Aries-RFC (feature) 0025 is gone. What superseded it, please & thanks?

kdenhartog (Mon, 03 Jun 2019 16:45:47 GMT):
@sklump do you know what the specific RFC was about? I'm not seeing PR#25 in the closed PR list.

kdenhartog (Mon, 03 Jun 2019 16:48:32 GMT):
Ahh 25 is still awaiting merging. There were some comments in the PR that appeared unresolved, so I left a comment.

sklump (Mon, 03 Jun 2019 16:48:33 GMT):
@kdenhartog found it: it's a pull request https://github.com/hyperledger/aries-rfcs/pull/25

dbluhm (Mon, 03 Jun 2019 19:24:27 GMT):
Did the discussion about naming protocols by verbs rather than nouns come to a point? I scanned back in the chat but am having difficulty stringing all the conversations together. cc @danielhardman

TelegramSam (Mon, 03 Jun 2019 20:58:53 GMT):
but it's likely going to come up on Wed.

danielhardman (Mon, 03 Jun 2019 21:02:48 GMT):
@dbluhm I have been trying it out in the RFCs I've submitted, to get a feel for whether the convention seems to make sense. So far I think it's fairly good, but Sam indentified some awkwardness that's worthy of discussion. So still TBD.

SteveMagennis (Tue, 04 Jun 2019 00:39:31 GMT):
I guess this implies the need to access the master key (however it may be protected or cached) each time a new derived key is generated, i.e. a window of exposure exists at least each time a key is generated and maybe more often if access to the master key is always available via a call over a network connection for example. Then, once a (derived) key exists, and lives in a wallet on a device, the security protecting the use of the keys, VC, agents, etc. is for the most part dependent upon the security of the device itself (pwd, biometrics, 2FA, etc). Do I have these two concepts right?

kdenhartog (Tue, 04 Jun 2019 08:01:36 GMT):
We've had some initial interest by @MikeRichardson to create a JS Agent Framework/Library. If you're interested in co-maintaining this project or contributing and would like to learn more I'm going to host a call to explain more. Please submit times that work for you if you'd like to join. The more times you can include the better since it's a one time meeting: http://whenisgood.net/ytiqi5f/

MikeRichardson (Tue, 04 Jun 2019 08:02:44 GMT):
Any time between 09:00 and 19:00 (GMT) is good for me

kdenhartog (Tue, 04 Jun 2019 08:29:40 GMT):
Do you mind clicking the link and adding it in there? The web app compiles everyone's times and makes it easy to find a good time.

MikeRichardson (Tue, 04 Jun 2019 13:48:44 GMT):
I should also say @PatrikStas is interested as well

troyronda (Tue, 04 Jun 2019 14:08:21 GMT):
@swcurran are you planning to move Indy HIPE 0022: Cross-Domain Messaging over to Aries RFCs?

swcurran (Tue, 04 Jun 2019 14:10:13 GMT):
I (or someone) need(s) to look at it again. Pretty sure it still applies, but it was written a long time ago.

swcurran (Tue, 04 Jun 2019 14:10:35 GMT):
I will take a look in a few days - I'm on the road right now.

troyronda (Tue, 04 Jun 2019 14:15:22 GMT):
@danielhardman fixed RFC number typo: https://github.com/hyperledger/aries-rfcs/pull/57

smithbk (Tue, 04 Jun 2019 14:24:21 GMT):
Has the connect protocol been moved to aries-rfc? Maybe I'm missing it. Otherwise, is the hipe at https://github.com/hyperledger/indy-hipe/blob/463cf212f003213ba9c8192c1441ab4348d3b837/text/connection-protocol/README.md still up-to-date?

iainbarclay (Tue, 04 Jun 2019 14:25:54 GMT):
Hi - I shared this use case on the Sovrin board earlier, and was advised that Aries was a better place to start - I want to build a PoC/demo as part of PhD project - it looks from the discussion above, that indy-catalyst could get me up and running soonest... would appreciate any pointers, this is a new world for me :) - https://docs.google.com/document/d/1sWdjxMoaPedzpmvy7zye96bFSESLcwRWU0YWYcQvVGk/edit?usp=sharing

troyronda (Tue, 04 Jun 2019 14:31:20 GMT):
@smithbk do you mean this: https://github.com/hyperledger/aries-rfcs/pull/23

troyronda (Tue, 04 Jun 2019 14:31:20 GMT):
@smithbk check out https://github.com/hyperledger/aries-rfcs/pull/23

danielhardman (Tue, 04 Jun 2019 16:31:57 GMT):
@troyronda Thank you! Merged.

rjones (Tue, 04 Jun 2019 17:28:17 GMT):
New repos rolled out. I experimented with adding the "maintainer" role to the repos - would you please let me know if it's useful?

TelegramSam (Tue, 04 Jun 2019 20:14:24 GMT):
It's in a PR. That's a topic on the Aries call tomorrow.

nage (Tue, 04 Jun 2019 22:15:05 GMT):
Thanks for setting up the new repositories. @TelegramSam, lets make sure to talk about them and ensure everyone has what they need to get started on Wednesday's call.

nage (Tue, 04 Jun 2019 22:15:54 GMT):
Also, please remember *all* commits need proper signatures in these repos -- if you are moving code from Indy, we need to do the leg work to find committers and get things signed.

nage (Tue, 04 Jun 2019 22:16:14 GMT):
(we can discuss more on the call if there are questions or we need to make exceptions)

nage (Tue, 04 Jun 2019 22:16:14 GMT):
(we can discuss more on the call if there are questions or we "need" to make exceptions)

rjones (Tue, 04 Jun 2019 22:54:17 GMT):
I have a public gist showing how I was able to bring in multiple repos with history into a third repo.

rjones (Tue, 04 Jun 2019 22:55:25 GMT):
https://gist.github.com/ryjones/5500064ce49d137e3c6be9bb90a81111

MALodder (Wed, 05 Jun 2019 14:35:40 GMT):
Can we put https://github.com/hyperledger/aries-rfcs/tree/master/features/0042-lox on the agenda for todays meeting

MALodder (Wed, 05 Jun 2019 14:40:08 GMT):
I put it here https://wiki.hyperledger.org/display/ARIES/2019-06-05+Aries+Working+Group+Call

SteveMagennis (Wed, 05 Jun 2019 15:01:32 GMT):
I like the use case, it got me thinking of other scenarios around certification of things that are in part based on credentials of both people and process. I made a few comments on your doc. Always keep in mind an issuer needs to be credible with respect to the topic they are attesting to, have a self-interest that is distinct from that of the holder, and themselves have a trustworthy reputation with respect to the verifier.

spacemandev (Wed, 05 Jun 2019 15:29:03 GMT):
hey so i am a little confused about how agents are built using indy-sdk: is the native compile step required for installing and using indy-sdk

spacemandev (Wed, 05 Jun 2019 15:29:45 GMT):
ie, trying to bundle wallet functionality into things like a chrome extension or something similar and trying to figure out how to 'bundlde' compiled libraries

jljordan_bcgov (Wed, 05 Jun 2019 16:08:04 GMT):
https://blockchain.ubc.ca/summer-institute-2019

dbluhm (Wed, 05 Jun 2019 16:14:27 GMT):
The Indy SDK provides wrappers in multiple languages that call into the indy library (libindy). The native compile step is necessary to use the library assuming you're on a platform that does not have pre-build packages available.

jljordan_bcgov (Wed, 05 Jun 2019 16:16:08 GMT):
Much easier to start with already built libraries and agent-frameworks

jljordan_bcgov (Wed, 05 Jun 2019 16:16:26 GMT):
https://github.com/bcgov/indy-catalyst/tree/master/agent

jljordan_bcgov (Wed, 05 Jun 2019 16:16:26 GMT):
https://github.com/bcgov/indy-catalyst/tree/master/agent for enterprise python

jljordan_bcgov (Wed, 05 Jun 2019 16:16:38 GMT):
https://github.com/streetcred-id/agent-framework

spacemandev (Wed, 05 Jun 2019 16:16:49 GMT):
right we have indycat and such working, more planning on expanding our agents

spacemandev (Wed, 05 Jun 2019 16:17:12 GMT):
so couple of things we're working on right now is a serverless cloud agent and a chrome extension agent

jljordan_bcgov (Wed, 05 Jun 2019 16:17:31 GMT):
we have some docker images as well that can be helpful

jljordan_bcgov (Wed, 05 Jun 2019 16:17:54 GMT):
https://hub.docker.com/r/bcgovimages/von-image/

spacemandev (Wed, 05 Jun 2019 16:18:37 GMT):
i'm trying to figure out if i can bundle indy-sdk with the libindy such that we can use it for platform agnostic calls. or if it's not possible, trying to understand why it's not possible

spacemandev (Wed, 05 Jun 2019 16:19:16 GMT):
ie, we got agents + servers working great, we have our version of the vonx email credentialing and verification all working

spacemandev (Wed, 05 Jun 2019 16:19:25 GMT):
but the agents basically can only exist on servers

jljordan_bcgov (Wed, 05 Jun 2019 16:19:37 GMT):
too detailed for me :) some of the devs need to join in to help with that!

spacemandev (Wed, 05 Jun 2019 16:19:38 GMT):
(or docker containers) -- but basically 24/7 services

jljordan_bcgov (Wed, 05 Jun 2019 16:19:57 GMT):
all our stuff is containerized

dbluhm (Wed, 05 Jun 2019 16:19:59 GMT):
What platforms do you want to run agents on?

jljordan_bcgov (Wed, 05 Jun 2019 16:20:16 GMT):
we use OpenShift (kubernetes)

spacemandev (Wed, 05 Jun 2019 16:20:51 GMT):
first platform that would be super useful is aws lambda

spacemandev (Wed, 05 Jun 2019 16:21:19 GMT):
serverless stuff is nice for auto scaling

spacemandev (Wed, 05 Jun 2019 16:21:50 GMT):
but the restriction with lambda is that you don't get access to the container itself. there is no 'npm install' you bundle all the files (including libraries) with webpack

spacemandev (Wed, 05 Jun 2019 16:24:20 GMT):
the ways that we are thinking about solving it are: 1. trying to precompile indy-sdk on a image similar to the container that lambda runs in (aws linux 2) and then copy+pasting that linked library on upload (with libindy mounted on /opt in the container and LD_LINKED_PATH set) ==> running into problems with libzmq not being found for bindings.js trying to debug that or 2. the easier solution to use knative with gcloud so we have control over the container

spacemandev (Wed, 05 Jun 2019 16:25:09 GMT):
i'm pretty sure the second way will solve this issue (cause then we can specify the container as a custom container that configures indy-sdk on startup) but it would fragment our API across services so we're keeping it as a backup

spacemandev (Wed, 05 Jun 2019 16:25:26 GMT):
furthermore, the other agent we want to work on is a chrome extension wallet

spacemandev (Wed, 05 Jun 2019 16:25:49 GMT):
but again the problem of bundling indy-sdk as a dependency comes up

dbluhm (Wed, 05 Jun 2019 16:26:28 GMT):
libindy has dependencies on libzmq (and openssl? need to verify) so you'd have to go through a similar process of building in a similar environment and packing it up with the libindy.so

dbluhm (Wed, 05 Jun 2019 16:26:59 GMT):
openssl is likely already present on AWS lambda, though, I'd guess.

dbluhm (Wed, 05 Jun 2019 16:27:31 GMT):
There are plans to create WASM builds of libindy that can be run in a browser

dbluhm (Wed, 05 Jun 2019 16:31:57 GMT):
Efforts on that are currently blocked by the libzmq as well and poor performance of generating safe primes for credentials without using openssl. In the long run, I believe we will be able to overcome this through the advent of the aries-SDK (still forthcoming) which will essentially be the indy-sdk without the indy node communication pieces, removing the dependency on libzmq. As for the poor performance, future versions of anoncreds will use ECC instead of RSA, removing the need to generate safe primes.

spacemandev (Wed, 05 Jun 2019 16:32:39 GMT):
ah yes ! this is the explanation i was looking for

spacemandev (Wed, 05 Jun 2019 16:33:25 GMT):
like i was struggling hard to figure out the motivation and what libindy actually does that couldn't be written as a non compile needed library

nage (Wed, 05 Jun 2019 16:33:58 GMT):
@MALodder has been working on WebASM builds of Ursa and, when we can remove or handle the libzmq issue, of the SDK as well

nage (Wed, 05 Jun 2019 16:34:35 GMT):
For those interested in browser-based wallets, it may be easier to help Mike with his efforts than pursuing something independently

spacemandev (Wed, 05 Jun 2019 16:34:54 GMT):
link to that browser based wallet work?

dbluhm (Wed, 05 Jun 2019 16:35:37 GMT):
There are undeniable benefits to having a common, compiled library but it can be troublesome

spacemandev (Wed, 05 Jun 2019 16:35:39 GMT):
is it possible to provide libzmq within the linked libraries path as well?

dbluhm (Wed, 05 Jun 2019 16:36:24 GMT):
That should be possible, yes. Should look very similar to how you packed libindy for the AWS lambda container

spacemandev (Wed, 05 Jun 2019 16:36:41 GMT):
@dbluhm i agree that it's abstractly good, but as someone who's getting into in the indy ecosystem post creation, it's helpful to understand motivation of why certain design decisions were made

spacemandev (Wed, 05 Jun 2019 16:36:56 GMT):
to just better understand how everything fits together

nage (Wed, 05 Jun 2019 16:37:41 GMT):
Where we are now trying to move to more conventional transports like HTTP2, away from libZMQ (and before that RAET) has a lot of history.

nage (Wed, 05 Jun 2019 16:38:36 GMT):
I expect we will document it more extensively when we can devote more attention to it. Right now @MALodder is focused on offline CLI support for high security wallets, and the new Anoncreds 2.0 work

spacemandev (Wed, 05 Jun 2019 16:40:11 GMT):
well, so if i may ask a bit more naive question -- does libindy not do similar work to web3 for ethereum in terms of crypto and node communication ?

nage (Wed, 05 Jun 2019 16:41:10 GMT):
yes, but focuses more on keeping things off ledger using verifiable credentials

spacemandev (Wed, 05 Jun 2019 16:43:07 GMT):
that translates to figuring out verifying proofs through crypto libraries like anoncred right?

spacemandev (Wed, 05 Jun 2019 16:44:22 GMT):
asking because previously in this thread the issues for browser based was Libzmq (messaging for nodes) and OpenSSL for deps. is then the issue for aries-sdk just porting anoncreds to WASM?

nage (Wed, 05 Jun 2019 16:46:46 GMT):
yes verifiable credentials using anoncreds are the heart of how the system is constructed. There are two pieces holding browser-based SDK back: using libzmq for ledger communication (we hope to enable agent-messaging to ledger nodes to fix this), and some likely hiccups in how background threads are currently handled (not sure if we have a coherent plan for this yet).

spacemandev (Wed, 05 Jun 2019 16:49:45 GMT):
thank you! this has been very helpful basically for agents right now we're focused on using mobile agents

spacemandev (Wed, 05 Jun 2019 16:49:45 GMT):
thank you! this has been very helpful basically for agents right now indy is focused on using mobile agents until aries-sdk / libindy in WASM

nage (Wed, 05 Jun 2019 16:56:34 GMT):
I would include both mobile and system-service agents

nage (Wed, 05 Jun 2019 16:57:02 GMT):
and pushing for browser-based agents, but there has been less community dev support there so far

spacemandev (Wed, 05 Jun 2019 16:58:23 GMT):
yea i'm going to try to get lambda agent to work, otherwise knative on gcloud for a nice edge agent set up with same key wallet generation for quickly scaling for however many requests

MALodder (Wed, 05 Jun 2019 17:05:15 GMT):
Ursa can do WASM, but until zmq can be built to WASM or libindy drops ZMQ, then we're stuck with no WASM for now

george.aristy (Wed, 05 Jun 2019 18:08:13 GMT):
Can we start pushing code to aries-sdk-go?

TelegramSam (Wed, 05 Jun 2019 18:16:06 GMT):
@esplinr has the list of who volunteered for which repo, but I can't seem to find it.

rjones (Wed, 05 Jun 2019 18:26:50 GMT):
@george.aristy yes, it's open for development

rjones (Wed, 05 Jun 2019 18:27:21 GMT):
@esplinr I sent an invite to the people you wanted specifically for go, as they aren't part of the org.

rjones (Wed, 05 Jun 2019 18:27:50 GMT):
currently, these people have a commit bit: https://github.com/orgs/hyperledger/teams/aries-committers/members

rjones (Wed, 05 Jun 2019 18:33:26 GMT):
I invited GitHub user arjanvaneersel to be a maintainer of the Go SDK but they have not accepted.

troyronda (Wed, 05 Jun 2019 18:40:33 GMT):
@esplinr @TelegramSam I guess we missed the call for volunteers.

TelegramSam (Wed, 05 Jun 2019 18:59:33 GMT):
Aries call starting now: https://wiki.hyperledger.org/display/ARIES/2019-06-05+Aries+Working+Group+Call

mtfk (Wed, 05 Jun 2019 19:35:29 GMT):
@tomislav do we have somewhere list of the requirements/goals to achieve with the "universal agent links", cross platform? multiple browsers? multiple apps? Is there any RFC for it or doc?

mtfk (Wed, 05 Jun 2019 20:32:26 GMT):
I would have suggestion to limit topics for the weekly calls to very high level which impacting project overall or are critical/interesting for whole community. Aries is quite big and complex projects in my understanding. Discussing specific RFC or specific technical issue give me the feeling that it is limiting the audience a lot and makes the call discussion of few instead of the voice of the community. Not mentioning that we would always lack of time for proper discussion. What are your thoughts about that? Is just me? Wouldn't it be better to spent those calls to talk about the project overall instead of rushing through each issue?

troyronda (Wed, 05 Jun 2019 20:36:00 GMT):
Is there a dashboard and/or roadmap that maps the RFCs to implementation status in the SDK (or for those not implemented, the community or maintainer interest/priority)? (e.g., I was curious about the forward message, and more generally, the mediator concept).

troyronda (Wed, 05 Jun 2019 20:42:12 GMT):
I've also been curious about the layering of the protocols and message families that are being defined in Aries. There appear to be more lower-layer concepts such as connections, introductions (I assume these fall into "DIDCOMM") and higher-layer concepts such as ZKP-based credential exchange (e.g., PresentProof). So one thought I had is that it would be handy to show the separation in the RFCs; but I was also more generally wondering about messages that might do, say, a non-ZKP-based credential exchange and how that fits.

troyronda (Wed, 05 Jun 2019 20:42:12 GMT):
I've also been curious about the layering of the protocols and message families that are being defined in Aries. There appear to be more lower-layer concepts such as connections, introductions (I assume these fall into "DIDCOMM") and higher-layer concepts such as ZKP-based credential exchange (e.g., PresentProof). So one thought I had is that it would be handy to show the separation in the RFCs (and also indicate what should have a broader audience for standardization); but I was also more generally wondering about messages that might do, say, a non-ZKP-based credential exchange and how that fits.

kdenhartog (Wed, 05 Jun 2019 20:45:28 GMT):
@TelegramSam or @danielhardman would you mind merging RFC 0066? Also, What's the plan with 0023 connection-initiate?

danielhardman (Wed, 05 Jun 2019 20:48:16 GMT):
Note that I left a couple minor comments.

TelegramSam (Wed, 05 Jun 2019 20:48:32 GMT):
Let me hit 23 up with a few changes.

TelegramSam (Wed, 05 Jun 2019 20:48:56 GMT):
beginning to really like DID Exchange.

danielhardman (Wed, 05 Jun 2019 20:49:12 GMT):
Yes, I like that quite a bit, too.

TelegramSam (Wed, 05 Jun 2019 20:49:45 GMT):
avoids the confusion about what a connection really is, and gets right to the heart of the interaction.

kdenhartog (Wed, 05 Jun 2019 20:51:29 GMT):
I'll need to update mine based on that.

troyronda (Wed, 05 Jun 2019 20:54:50 GMT):
(following-up on my above question, I'm guessing there is a gap between the "accepted" state ... as in good idea & "adopted" state as in implementations have accumulated; the gap being "at least one" implementation).

troyronda (Wed, 05 Jun 2019 20:54:50 GMT):
(following-up on my above question, I'm guessing there is a gap between the "accepted" state ... as in consensus for good idea & "adopted" state as in implementations have accumulated & defacto standard; the gap being "at least one" implementation).

kdenhartog (Wed, 05 Jun 2019 20:57:02 GMT):
Preferably more than one, but yes one is satisfactory.

kdenhartog (Wed, 05 Jun 2019 20:57:28 GMT):
For example if the one implementation is in the rust library that would be fine.

troyronda (Wed, 05 Jun 2019 20:57:35 GMT):
Sure - I'm just saying that there isn't clarity on 0 or 1 implementations :).

troyronda (Wed, 05 Jun 2019 20:57:35 GMT):
Sure - I'm just saying that there isn't clarity on 0 or 1 implementations from the status :).

kdenhartog (Wed, 05 Jun 2019 20:58:05 GMT):
We should probably add that detail to the description

danielhardman (Wed, 05 Jun 2019 21:22:19 GMT):
The "concepts" folder is for RFCs that are conceptual (maybe we could say low-level building blocks that apply to many different business problems); the "features" folder is for RFCs that are higher-level and more specific. Do you think we should show which folder an RFC comes from in index.md? Re. a non-zkp-based cred exchange: that should be covered by the existing RFCs. Our intent was to point out that some of the early steps in the diagram become optional when ZKPs are not used, and that you could short-circuit all the way to cred-request+cred-response. Did that not make it into the RFC yet?

danielhardman (Wed, 05 Jun 2019 21:30:41 GMT):
No, there is no RFC. Shall we collaborate on one? What Tomislav presented was an excellent start. I will attach some thinking that one of Evernym's developers did.

danielhardman (Wed, 05 Jun 2019 21:33:19 GMT):
Here was the set of requirements that Khagesh was given, that drove his doc: 1. A URI format has been defined that explains how to pass messages by simply invoking the URI. 2. The payload of such URIs consists of a single A2A message, packed and encrypted. 3. The URI format is associated with a predefined schema (I suggest "ssi://") that would be serviced by whichever rich agent is the "master" app for managing someone's identity on a mobile device. 4. The URI format can also be associated with one or more "thin agent" schemas (e.g., "fitbitssi://") on the same device. By having this predefined schema plus one or more thin agent schemas, messages can be sent to the rich agent, and responses can flow back to each thin agent that wants to communicate this way. 5. It is possible to discover whether a rich agent has registered as the handler of "ssi://" messages. 6. A message family has been defined that can be used to query the rich agent to find out its name and characteristics, and to register thin agents to cooperate with it. 7. A simple security model has been specified, clarifying what trust should be imputed to apps communicating in this way, under which circumstances. 8. It is possible to envision a way to use this mechanism so a thin app could query the ssi wallet on a mobile device for the 1 relationship it is interested in, to share credentials, and so forth.

danielhardman (Wed, 05 Jun 2019 21:37:42 GMT):
I gave the wrong term on today's call. Not "Farley Book", but "Farley File": https://en.wikipedia.org/wiki/Farley_file

mtfk (Wed, 05 Jun 2019 21:42:56 GMT):
Thanks, I still think that the custom schema would do the work instead of having files throwing around, would give same possibility as the file (content association) but still not sure about ios (official spec says it is possible). Will check that with @tomislav. My favorite is custom schema as it is more UX friendly. Files are always problematical.

danielhardman (Wed, 05 Jun 2019 21:43:33 GMT):
Yes. That was Khagesh's conclusion as well.

danielhardman (Wed, 05 Jun 2019 21:44:10 GMT):
But what I heard from @tomislav today made me wonder if Khagesh had gone deep enough. Perhaps what Khagesh imagined is not as practical as he had hoped.

mtfk (Wed, 05 Jun 2019 21:48:06 GMT):
AFAIK custom schema is the way to trigger application across different operating systems (including mobiles), it is basically handling URLs this is well established on windows/linux/unix/mac/android etc...

mtfk (Wed, 05 Jun 2019 21:48:17 GMT):
According to this one even ios supports it: https://developer.apple.com/documentation/uikit/inter-process_communication/allowing_apps_and_websites_to_link_to_your_content/defining_a_custom_url_scheme_for_your_app

danielhardman (Wed, 05 Jun 2019 21:49:09 GMT):
Yes, but that mechanism has limitations. For example, it's not clear that you can have multiple apps register to handle the same schema.

danielhardman (Wed, 05 Jun 2019 21:49:31 GMT):
You can on desktop OSes, and on Android--but on iOS, the UX isn't deterministic.

danielhardman (Wed, 05 Jun 2019 21:50:04 GMT):
Robert, are you asserting that from personal experience, or from theory? That's the crux of the doubt here.

mtfk (Wed, 05 Jun 2019 21:51:05 GMT):
From experience on all systems except ios where I have just theory from official documentation. I will check that and try to provide some more details

danielhardman (Wed, 05 Jun 2019 21:51:06 GMT):
What I have observed is that the zoom app registers for https://zoom.us URIs, but about half the time clicking on such a URI launches google maps from a meeting invitation.

mtfk (Wed, 05 Jun 2019 21:51:38 GMT):
with custom schema you would have zoom://meeting/123

mtfk (Wed, 05 Jun 2019 21:51:51 GMT):
and this one is registered on os level and then app is triggered

mtfk (Wed, 05 Jun 2019 21:51:57 GMT):
if there is more then one it should ask

mtfk (Wed, 05 Jun 2019 21:52:31 GMT):
You can test that with `mailto` if you have other email clients

mtfk (Wed, 05 Jun 2019 21:52:31 GMT):
You can test that with `mailto` if you have other email clients on ios

mtfk (Wed, 05 Jun 2019 21:53:00 GMT):
anyway will check it no need to discuss it if we are not sure

danielhardman (Wed, 05 Jun 2019 21:54:05 GMT):
If that is how it works in practice, and it works well, then I will be very pleased. What I heard Tomislav assert is that iOS doesn't provide an easy way to manage the case where the user picks "always handle with App X" -- there's no way to undo that choice. Also, that iOS is using some sort of opaque algorithm to decide which app to recommend; the ways to make one app appear sooner in the list of alternatives are crude, and sometimes the results are iffy.

troyronda (Wed, 05 Jun 2019 21:56:54 GMT):
I had intended to say you can’t tell in accepted state if there are 0 or at least 1 implementation.

mtfk (Wed, 05 Jun 2019 22:03:24 GMT):
I am 99% sure is possible I saw somewhere way to do it with hold press and then open with ... If you have custom schema which works only with 2-3 apps which you have installed (in most cases it would be just one) there should not be a problem with that at all. When you change to new app you can just simple remove the old one or just do `open with`

danielhardman (Wed, 05 Jun 2019 22:04:26 GMT):
If we can make custom schema work *smoothly*, I agree that it is a slicker UX.

mtfk (Wed, 05 Jun 2019 22:05:20 GMT):
For sure you cannot override existing schema like mailto, message etc. but custom one should not be a problem will check it.

danielhardman (Wed, 05 Jun 2019 22:13:35 GMT):
New thread: renaming wallet (@kdenhartog, @swcurran, @TelegramSam , et al)

danielhardman (Wed, 05 Jun 2019 22:14:17 GMT):
I heard the term "enclave" proposed by @MALodder . I kind of like that. It's better than almost any alternative I can imagine.

danielhardman (Wed, 05 Jun 2019 22:14:57 GMT):
However, it does carry a connotation of secretness. Only half of what a wallet does has the same characteristics as a secure enclave.

MALodder (Wed, 05 Jun 2019 22:15:25 GMT):
Agreed. I’m not completely sold on it but it’s best term I can think of and encapsulates what it does it’s a SW enclave

danielhardman (Wed, 05 Jun 2019 22:16:16 GMT):
However, it does carry a connotation of secretness. Only half of what a wallet does has the same characteristics as a secure enclave.

danielhardman (Wed, 05 Jun 2019 22:19:38 GMT):
I wonder about using the adjective "agent" in front of it: "agent enclave". It seems to me that a defining characteristic might be that it's used by agents. I'm contrasting this mentally with cat videos or bank records (varying degrees of sensitivity, but neither used by agents). This other type of data is part of the larger corpus of what I own, but it isn't the unit of identity portability when I fire my agent and go get a different one. The scope of what we call wallet today is what I need to back up to ensure minimal continuity of my identity when I move.

danielhardman (Wed, 05 Jun 2019 22:19:58 GMT):
The other type of data is what hubs are particularly good at managing.

danielhardman (Wed, 05 Jun 2019 22:21:15 GMT):
We can think of the "agent enclave" as a subset of the larger unit ("all my data" --which we tentatively called "my vault" in the old wallet HIPE). In that sense, "enclave" particularly works, because besides its resonance with "secure enclave", it also resonates with a partioned-off subset of a larger geographic area.

swcurran (Wed, 05 Jun 2019 22:24:30 GMT):
-100 for enclave. It's already defined in technical context and it's obscure otherwise.

danielhardman (Wed, 05 Jun 2019 22:27:36 GMT):
An alternative to "enclave" is "database" or "db", as in "agent db".

danielhardman (Wed, 05 Jun 2019 22:30:15 GMT):
Minor quibble, @swcurran : "enclave" is not defined in a technical context; "secure enclave" is. We are not including the word "secure" in our term, so we are not redefining its meaning any more than putting an adjective in front of "imaging" redefines "magnetic resonance imaging"

mtfk (Wed, 05 Jun 2019 22:32:22 GMT):
btw. and ask for the requirements as if we would not limit the size of the message which we want to pass then files would be the option with url the size limit is quite strict.

danielhardman (Wed, 05 Jun 2019 22:33:37 GMT):
Yes, that is an important advantage of files.

mtfk (Wed, 05 Jun 2019 22:33:50 GMT):
so not sure what kind of messages we would pass but maybe we would not have any other choice. Especial that in above points you have "consists of a single A2A message, packed and encrypted"

mtfk (Wed, 05 Jun 2019 22:34:41 GMT):
with files we have basically no limit.

mtfk (Wed, 05 Jun 2019 22:35:07 GMT):
Basically RFC would be handy to collect all requirements in front

mtfk (Wed, 05 Jun 2019 22:36:20 GMT):
or maybe it should be part of any existing one?

danielhardman (Wed, 05 Jun 2019 22:36:38 GMT):
No, I think it deserves its own RFC

tplooker (Wed, 05 Jun 2019 22:36:55 GMT):
My view was that a custom scheme does work as explained above eg didcomm://example.com?m= however this effects the discover-ability of did comm messages as if a user without an ssi agent a message in this format there is no app installed capable of them interpreting the message

kdenhartog (Wed, 05 Jun 2019 22:37:20 GMT):
One of the major questions I have is what is considered to be data within the wallet? For example, do cat pics go in the "wallet" or what about a publicly served HTML page?

tplooker (Wed, 05 Jun 2019 22:38:05 GMT):
this is loosely how email clients work with mailto://

tplooker (Wed, 05 Jun 2019 22:38:05 GMT):
this is loosely how links to email clients work with mailto://

danielhardman (Wed, 05 Jun 2019 22:38:51 GMT):
No, neither of those goes in a wallet. See the RFC here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0050-wallets/README.md#types-of-sovereign-data

danielhardman (Wed, 05 Jun 2019 22:40:35 GMT):
So what happens on a mobile device if you ask it to load undefined schema xyz://foo? Does it just err out, or defer to browser as default handler of all content, or do nothing, or give the user the chance to pick?

danielhardman (Wed, 05 Jun 2019 22:41:51 GMT):
Summary line: "This variety suggests that an identity wallet as a loose grab-bag of all our digital "stuff" will give us a poor design. We won't be able to make good tradeoffs that satisfy everybody; some will want rigorous, optimized search; others will want to minimize storage footprint; others will be concerned about maximizing security. We reserve the term vault to refer to the complex collection of all an identity owner's data"

kdenhartog (Wed, 05 Jun 2019 22:47:31 GMT):
Ahh gotcha, thanks for referencing that. Do you see the sync protocol data going in a wallet or a vault then?

kdenhartog (Wed, 05 Jun 2019 22:49:32 GMT):
The main reason I'm asking this is because within the scope of Aries we said we want general storage, so I'm hoping to start drawing a fuzzy line between the wallet and vault. My current thinking is that the wallet is for secrets that can't be removed, but can be requested to have something done for you. However, the vault is more like a Hub in that it will store just about anything and things can be removed.

danielhardman (Wed, 05 Jun 2019 22:51:31 GMT):
I'm feeling like there is data that agents need for their direct operation, and data that is more general. The former data includes keys, dids, link secrets, and credentials. It may also include agent policy, agent config, etc. I think this stuff belongs in what we currently call a "wallet" but want to rename--and that all other data could be handled with a more general mechanism.

danielhardman (Wed, 05 Jun 2019 22:51:47 GMT):
I agree that vault approximately equals hub.

danielhardman (Wed, 05 Jun 2019 22:52:11 GMT):
I don't think all agent data has the secure enclave behavior where you can put it in but not get it out.

danielhardman (Wed, 05 Jun 2019 22:52:52 GMT):
But I could be convinced to draw the line elsewhere.

kdenhartog (Wed, 05 Jun 2019 22:52:53 GMT):
Another weird edge case worth teasing out would be the state records used by the Agent Framework right now.

kdenhartog (Wed, 05 Jun 2019 22:54:06 GMT):
I'm not really certain where to draw the line either. I'm just at the stage where these are use cases I've seen popping up so I want to see if we can find a pattern.

kdenhartog (Wed, 05 Jun 2019 22:54:24 GMT):
My early thinking is that if it involves tagging and searchability it should go in the vault.

kdenhartog (Wed, 05 Jun 2019 22:54:46 GMT):
However, I see a usecase for credential tagging to speed things up, so that doesn't fit very well.

troyronda (Thu, 06 Jun 2019 00:08:37 GMT):
Or even “store” as in agent storage.

SteveMagennis (Thu, 06 Jun 2019 01:04:08 GMT):
there has got to be some analog from the world of telecom or networks that can be appropriated. Descriptively, the collection of 'stuff' contained within the erstwhile wallet facilitates and in some cases manage connections or circuits. Something like 'circuit manager' maybe?

MALodder (Thu, 06 Jun 2019 01:21:15 GMT):
So we have compartments in the wallet: secrets that shouldn’t be extracted-private keys, secrets that need to be protected but can be extracted-credentials, and non secrets like settings. Enclaves function exactly like non-extractable secrets, protect secrets with other secrets and do nothing for non secrets. So what if we name parts of the wallet to be as follows, enclave, wallet, and vault. The whole thing is a vault. Thoughts?

wombletron (Thu, 06 Jun 2019 01:58:09 GMT):
Sounds like you are almost describing wine storage, you have your open rack of wine you share with anyone, you may also have a wine cabinet that is on display but clearly not for general consumption, you may then have a locked cupboard that only the family has access too, and possibly you have the basement where only you know what is there...

swcurran (Thu, 06 Jun 2019 02:11:58 GMT):
"wine rack" is the best name so far. 🤣

wombletron (Thu, 06 Jun 2019 02:20:17 GMT):
You could go old english and use stowage... then you can have, upperdeck, galley, midship, cabin stowage types, with ability to test is it stowed, stowable, retrieved, retrievable as well as available stowage... og the joy

MALodder (Thu, 06 Jun 2019 03:36:56 GMT):
Stowage sounds like street slang for something nasty

MALodder (Thu, 06 Jun 2019 03:37:47 GMT):
We should use womble. Put your credentials in the womble. @wombletron where does that name come from?

DibbsZA (Thu, 06 Jun 2019 05:46:37 GMT):
A cyberspace version of a normal womble? https://en.wikipedia.org/wiki/The_Wombles

mtfk (Thu, 06 Jun 2019 06:06:00 GMT):
* Vault is extensively use right now for personal data storage and it sound like you can put there anything (as soon as the vault is big enough ) * wallet - is something bigger then just keys and people already used to called wallet something more then just storage for keys. * enclave - is just "territory" which gives you some boundaries. Does not specify what is in. This is why in mobile there is something called secure enclave which defines secure place - but this quite often assume that you can not get anything out. My suggestion would be to have few layers similar to the suggestion from @MALodder and reuse definitions which are already there: - secure element/secure enclave (HW backed or not place for storing securely secrets - you can not get anything out) - Key chain - place where you can store and manage your pair of keys - can be unlocked with SE^ to get stuff out Don't know what do you mean by having non secret stuff there but I would decouple that from "secrets". And put it somewhere else. What are the use cases for non secret stuff atm?

mtfk (Thu, 06 Jun 2019 06:13:34 GMT):
Btw. created issue for further discussion: https://github.com/hyperledger/aries-rfcs/issues/68 Tracking it here on rocket chat is really painful. and spam everyone even those who are not interested in the discussion.

DibbsZA (Thu, 06 Jun 2019 06:13:49 GMT):
This is a Womble : https://en.wikipedia.org/wiki/The_Wombles

mtfk (Thu, 06 Jun 2019 08:19:32 GMT):
Browser will complain that does not know how to handle the url.I belive that browser is default app to handle any url . the process is close to: user clicks - if schema is something which browser can handle it just handles it, if not checks OS schema registry to see if there is any app if not throw an error that don't know what to do with it.

mtfk (Thu, 06 Jun 2019 08:19:32 GMT):
Browser will complain that does not know how to handle the url.I belive that browser is default app to handle any url . the process is more less like this: user clicks - if schema is something which browser can handle it just handles it, if not checks OS schema registry to see if there is any app if not throw an error that don't know what to do with it.

wombletron (Thu, 06 Jun 2019 10:11:49 GMT):
It was said with tongue firmly planted in cheek.

SteveMagennis (Thu, 06 Jun 2019 13:35:31 GMT):
...as long as the trip is no longer than 15 miles https://kids.tpl.ca/ready-for-reading/things-to-do/activity/rhyme-from-wibbleton-to-wobbleton

TelegramSam (Thu, 06 Jun 2019 14:10:22 GMT):
Recordings posted for yesterday's meeting: https://wiki.hyperledger.org/display/ARIES/2019-06-05+Aries+Working+Group+Call

TelegramSam (Thu, 06 Jun 2019 14:19:43 GMT):
Depressingly, I'm not sure we can handle the discoverability case, at least without actually loading the URL and doing some detection on that page.

TelegramSam (Thu, 06 Jun 2019 14:40:10 GMT):
Next Aries Call Agenda: https://wiki.hyperledger.org/display/ARIES/2019-06-12+Aries+Working+Group+Call

george.aristy (Thu, 06 Jun 2019 18:00:05 GMT):
Where can I view this DID doc? `did:sov:BzCbsNYhMrjHiqZDTUASHg`

george.aristy (Thu, 06 Jun 2019 18:00:29 GMT):
We're defining message types under its namespace. I'd like to take a look at the DID doc itself

george.aristy (Thu, 06 Jun 2019 18:03:12 GMT):
It's not resolvable on https://uniresolver.io/...

george.aristy (Thu, 06 Jun 2019 18:06:17 GMT):
I assume `did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation` should resolve to a json-ld context

TelegramSam (Thu, 06 Jun 2019 18:31:09 GMT):
@george.aristy That DID is not yet registered, but the associated keys are currently held by @danielhardman.

TelegramSam (Thu, 06 Jun 2019 18:31:36 GMT):
The resolution of the URL should be developer documentation, NOT a json-ld context.

TelegramSam (Thu, 06 Jun 2019 18:32:45 GMT):
Core namespace DID discussed here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0020-message-types/README.md

george.aristy (Thu, 06 Jun 2019 18:32:52 GMT):
@TelegramSam kind of strange that it doesn't resolve to a json-ld context. For example, the DID spec's `@context` does resolve to its json-ld schema

TelegramSam (Thu, 06 Jun 2019 18:33:14 GMT):
json-ld compatibility discussed here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0047-json-ld-compatibility/README.md

TelegramSam (Thu, 06 Jun 2019 18:33:31 GMT):
not strictly tying it to json-ld is a baggage avoidance measure.

TelegramSam (Thu, 06 Jun 2019 18:34:18 GMT):
the pretext of an `@type` not pointing to a json-ld schema is well established by schema.org practices.

dbluhm (Thu, 06 Jun 2019 18:50:41 GMT):
@TelegramSam @george.aristy I may be remembering incorrectly but I seem to recall having brief discussions about eventually anchoring immutable schemas for the core message types on a ledger and using that to resolve context

TelegramSam (Thu, 06 Jun 2019 18:55:56 GMT):
That is a good eventual goal. I think that formalizing things at this stage would add a large amount of friction.

TelegramSam (Thu, 06 Jun 2019 18:56:48 GMT):
Content based references struggle with minor clarifications.

kdenhartog (Thu, 06 Jun 2019 20:01:00 GMT):
@troyronda I just saw that you commented on RFC 23 right after I merged it. I figured it's good to move in, but we definitely still have some changes to make to it based on conversations yesterday. Was there anything absolutely pressing that needed to be changed before I merged or was it mainly editorial aspects?

mtfk (Thu, 06 Jun 2019 20:03:41 GMT):
Got confirmation from ios dev that the schema can be registered by multiple apps. In case if there is more then one there is no way to control which one would be taken. Basically from user perspective it would always start the first one I guess. But we would need to test that.

danielhardman (Thu, 06 Jun 2019 20:34:30 GMT):
Sounds like direct experiments are our next step.

mtfk (Thu, 06 Jun 2019 20:36:40 GMT):
I think crucial question would be about the size of the data which we would like to pass. Of course we can have multiple ways of communicating: - deep links - gives you the way to handle situation in a way where user does not have any app installed. - schema for easy way of triggering simple actions/communication etc.. - files for heavy load Not sure if the idea is to have all of them, some or just one.

TelegramSam (Thu, 06 Jun 2019 21:00:15 GMT):
can we do deep links with a custom schema?

tplooker (Thu, 06 Jun 2019 21:02:45 GMT):
I thought on IOS you could not use a custom scheme unless it aligned with the package name of the app? so for example no app could register to ssi:// on IOS

andrew.whitehead (Thu, 06 Jun 2019 21:13:28 GMT):
https://developer.apple.com/documentation/uikit/inter-process_communication/allowing_apps_and_websites_to_link_to_your_content/defining_a_custom_url_scheme_for_your_app This page clarifies that multiple apps can register for the same schema, but doesn't say how it decides which to open

brentzundel (Thu, 06 Jun 2019 21:30:23 GMT):
this happens for me on android maybe 25% of the time.

esplinr (Thu, 06 Jun 2019 21:33:19 GMT):
I responded to your question in #indy-sdk. Sorry, I got behind with all the activity in this channel.

esplinr (Thu, 06 Jun 2019 21:34:16 GMT):
We will always need more volunteers!

mtfk (Thu, 06 Jun 2019 21:37:15 GMT):
@tplooker it is possible simple look the above doc or think of `mailto` schema

mtfk (Thu, 06 Jun 2019 21:38:33 GMT):
registration of the schema within the app required to link it to the package name but that on the app side so when you register to the OS with that schema OS will know that this app can be called as soon as someone will ask for `ssi`

mtfk (Thu, 06 Jun 2019 21:41:11 GMT):
@TelegramSam deep links required to have `http` to work correctly means the idea is that you have universal link that no matter on which platform you click it you will get something. Redirect to store to install the app, website explaining what is wallet and how to get it etc... in the back it include custom schema so when the app will be installed it would be passed to it but on top is just https

esplinr (Thu, 06 Jun 2019 21:43:35 GMT):
This project is very new, and I expect we will be experimenting with the call format a lot in coming weeks. Specifically, we need a summary call that is more similar to the general Indy Working Group.

esplinr (Thu, 06 Jun 2019 21:53:15 GMT):
I was thinking "pantry" or "larder".

wombletron (Thu, 06 Jun 2019 21:58:57 GMT):
What about "depot", you could have types of "inventory". You can use all the language that fits with that like deposit, list, catalog, borrow, withdraw, expire etc

esplinr (Thu, 06 Jun 2019 21:59:29 GMT):
@wombletron I don't think this thread is for viable suggestions. wink

esplinr (Thu, 06 Jun 2019 21:59:35 GMT):
Seriously though, "debot" is pretty good.

wombletron (Thu, 06 Jun 2019 22:03:27 GMT):
well in that case you could call it ballbag, then you can have various balls...

andrew.whitehead (Thu, 06 Jun 2019 22:09:56 GMT):
Reminds me of the windows 3.x briefcase

TelegramSam (Fri, 07 Jun 2019 00:12:02 GMT):
Right, but can more than one app register to a single domain to allow deep linking to work? I think registering as a handler for http requires proof that you own the domain.

TelegramSam (Fri, 07 Jun 2019 00:13:25 GMT):
This is likely to come up next week when we discuss asia/pacific friendly calls.

george.aristy (Fri, 07 Jun 2019 00:47:42 GMT):
@esplinr did you mean #aries-adk ?

rjones (Fri, 07 Jun 2019 00:49:46 GMT):
@george.aristy the main Aries committers are the only people with commit bits.

rjones (Fri, 07 Jun 2019 00:50:11 GMT):
If you look here: https://github.com/orgs/hyperledger/teams/aries-sdk-go-committers/members there are no specific committers for go-sdk only

rjones (Fri, 07 Jun 2019 00:50:44 GMT):
if you look here: https://github.com/orgs/hyperledger/teams/aries-committers/members you will see the other set of people with commit bits

george.aristy (Fri, 07 Jun 2019 00:50:46 GMT):
@rjones I get 404 (is it a private repo?)

rjones (Fri, 07 Jun 2019 00:52:19 GMT):
it's nage, @danielhardman , @kdenhartog

rjones (Fri, 07 Jun 2019 00:55:37 GMT):
https://github.com/hyperledger go there to accept invite

rjones (Fri, 07 Jun 2019 00:58:39 GMT):
if you still can't see the teams after you accept, I have no idea what "public" means any more

george.aristy (Fri, 07 Jun 2019 00:58:40 GMT):
@rjones got it, thanks, I can see now

tomislav (Fri, 07 Jun 2019 03:14:13 GMT):
iOS will allow you to register URL scheme for multiple apps, but there's no control which one will be used when launching the app. From Apple's docs ``` Note: If more than one third-party app registers to handle the same URL scheme, there is currently no process for determining which app will be given that scheme. ```

tomislav (Fri, 07 Jun 2019 03:15:30 GMT):
I am testing this right now, three apps all with ssi:// scheme registered, iOS launches only one of them every time (the first one I installed in my case)

tomislav (Fri, 07 Jun 2019 03:18:52 GMT):
Universal Links on the other hand are tied to a domain, so they're actually less universal than URL schemes

mtfk (Fri, 07 Jun 2019 05:30:57 GMT):
The point of deep links is to guide user through specific process so having one deep link to multiple apps has no point. If the user does not have any app where the link should lead? To appA, B ? To landing page of company A or B? I think that deep links are case specific and anyone would be allow to use it to improve UX

TelegramSam (Fri, 07 Jun 2019 13:29:45 GMT):
Deep links do provide a nice guide feature, but by design only for a single domain/app. The goal is to allow any installed app to receive the message, which is served by a custom scheme. These two options appear to be opposed to each other.

danielhardman (Fri, 07 Jun 2019 19:18:50 GMT):
New topic thread: "didcomm" versus "didcomms"

danielhardman (Fri, 07 Jun 2019 19:20:28 GMT):
I don't think it matters how we speak informally; these can be in free variation for all I care. However, when we write or name formal RFCs, I think we should be consistent. I'd like to suggest that the version without the 's' is more correct. Here's why.

danielhardman (Fri, 07 Jun 2019 19:35:41 GMT):
In English, we have the phenomenon of count nouns and non-count nouns. A count noun is something that you count with integers: cars, shoes, phones, etc. We say, "I own 3 cars." A non-count noun is something that you quantify as a collective or mass: "My car is emitting *a lot* of smoke." "I bought *3 bushels* of wheat." Count nouns carry plural markers in English: I own 3 car*s*. Non-count nouns do NOT carry plural markers in English. We would not say, "I saw 3 smoke*s* coming out of my tailpipe when I started the car." It is possible for a noun to be both a count noun and a non-count noun. "Water" is a great example. Normally, water is a non-count noun--we measure it in real units, as a collective. However, when a waiter takes our order at a restaurant, he may say, "Okay, so that's 3 waters, right?" When this happens, we're implying that we've packaged the non-count, collective noun in a discrete form. When you turn nouns into adjectives, usually the non-count, non-plural version is more common. We talk about "water-borne illnesses" and "watercraft", not "waters-born illnesses" and "waterscraft". So what about the word "communication"? Well, "communication" is normally a non-count noun. We say things like "There's a lot of communication happening" (non-count collective) or "The internet backbone carries 3.9 terabytes of communication per second in the transatlantic cable" (units +real quantifying a collective but not discrete items). We *also* use communication as a count noun, in the same way that my water example does. If each discrete communication event is counted, then we can say things like, "27 communications arrived on this radio channel in the past hour." So, what would "didcomm" imply, and what would "didcomms" imply? "Didcomm" means communication in bulk, uncounted. It is also the appropriate ajective form. "Didcomms" means individual, countable didcomm events. Almost always, we want the non-plural, non-count sense. As I said before, I really don't care how we talk informally--but in formal written artifacts, I suggest that we follow best practice grammar and use the form without the 's'.

troyronda (Fri, 07 Jun 2019 19:59:29 GMT):
my comment was minor editorial (e.g., HIPE instead of RFC).

esplinr (Fri, 07 Jun 2019 22:02:34 GMT):
@george.aristy Here is the Go work that arjanvaneersel was starting from: https://github.com/hyperledger/indy-sdk/pull/1355 Other contributors are listed here: https://jira.hyperledger.org/browse/IS-522 I would suggest starting on aries-sdk-go with a pull request moving that indy-sdk code into it.

jljordan_bcgov (Sat, 08 Jun 2019 02:01:46 GMT):
Although I quite like reliquary

jljordan_bcgov (Sat, 08 Jun 2019 02:02:33 GMT):
reliquary.rs has a nice ring and alliteration

MikeRichardson (Sat, 08 Jun 2019 05:45:10 GMT):
@kdenhartog @PatrikStas Is there sufficient interest to begin discussing the JS agent framework?

MikeRichardson (Sat, 08 Jun 2019 05:45:10 GMT):
@kdenhartog @PatrikStas ((or anyone else who might be interested) Is there sufficient interest to begin discussing the JS agent framework?

MikeRichardson (Sat, 08 Jun 2019 05:45:10 GMT):
@kdenhartog @PatrikStas (or anyone else who might be interested) Is there sufficient interest to begin discussing the JS agent framework?

MikeRichardson (Sat, 08 Jun 2019 10:46:05 GMT):
Additionally I would like to hear from others who are building agent frameworks in other languages as I presume there could be some overlap in terms of understanding

TelegramSam (Sat, 08 Jun 2019 14:11:16 GMT):
I'd love to talk about ideas for this. Are you thinking server js as a focus, client js as a focus, or both?

tomislav (Sat, 08 Jun 2019 15:38:33 GMT):
I did some more research on this topic, @mtfk suggested I try an option that would potentially allow iOS to switch opening ssi scheme to another app, but that's not possible. Regardless, I believe for the most part, having a ssi:// scheme for all links is a good way to go. Most consumers will likely have one app that they use as their default wallet. If users, and I mean here iOS users only, want to juggle couple of apps, application providers can alternatively offer extension support for this. It's not ideal, but it's a step toward unifying app linking. There's a lot of pressure on Apple to add support for this, I think Apple is just playing politics here encouraging use of their own apps. Not that application can register for multiple schemes, so there's flexibility if vendors want to promote their own app. Ex

tomislav (Sat, 08 Jun 2019 15:38:33 GMT):
I did some more research on this topic, @mtfk suggested I try an option that would potentially allow iOS to switch opening ssi scheme to another app, but that's not possible. Regardless, I believe for the most part, having a ssi:// scheme for all links is a good way to go. Most consumers will likely have one app that they use as their default wallet. If users, and I mean here iOS users only, want to juggle couple of apps, application providers can alternatively offer extension support for this. It's not ideal, but it's a step toward unifying app linking. There's a lot of pressure on Apple to add support for this, I think Apple is just playing politics here encouraging use of their own apps. Note that application can register for multiple schemes, so there's flexibility if vendors want to promote their own app. Ex

tomislav (Sat, 08 Jun 2019 15:38:56 GMT):
[Open in Osma] [Open in another agent]

MikeRichardson (Sun, 09 Jun 2019 07:52:27 GMT):
Hi I saw your message regarding NodeJS Agent Framework. I would like to discuss with you (keep in mind I am new to Indy). We have one other person (@PatrikStas) who is defintely interested. What is the best way to have an initial discussion? rgds Mike

PatrikStas (Mon, 10 Jun 2019 09:42:28 GMT):
Hi everyone, thanks for reaching out to me @kdenhartog and @MikeRichardson, very excited about Aries! I don't think I'll have much capacity to contribute to protocol design, but rather I see myself more on the implementation side of things for now. I'll join the wednesday's Aries call to get hopefully bit more in touch with what's the Aries roadmap and how exactly I can start contributing.

MikeRichardson (Mon, 10 Jun 2019 10:02:27 GMT):
I will also join the call. I guess the implementors of other frameworks (in other languages) will be able to advise on the design. Either way that will require assistance from Indy SDK experts (until we catch up which could take a while)

MikeRichardson (Mon, 10 Jun 2019 10:02:27 GMT):
I will also join the call. I guess the implementors of other frameworks (in other languages) will be able to advise on/assist with the design. Either way that will require assistance from Indy SDK experts (until we catch up which could take a while)

AlexanderVtyurin (Mon, 10 Jun 2019 10:28:18 GMT):
Hey. Just found out this project. Nice idea! I've looked through the RFCs and noticed the one related to protocols. I was working on this topic for a while and now I have a nice implementation of a tool that is able to describe protocols in a declarative way. There are many similarities between your RFC and my implementation such as request-response/notify logic and an ability to nest one protocol inside the other. As a bonus my implementation is based on no-ARQ reliable udp. Check it out: https://github.com/seniorjoinu/prodigy Yes, it's not finished (I have some issues with concurrency and I'd like to implement some congestion control, security and nat traversal techniques), but the field of improvements and fixes is clearly defined, and the concept is proved to be working.

jakubkoci (Mon, 10 Jun 2019 10:36:12 GMT):
Thanks @PatrikStas to mentioning me. I’ll also join the call. I would be happy to work on that with you guys.

MikeRichardson (Mon, 10 Jun 2019 10:38:47 GMT):
Great stuff: welcome @jakubkoci ! Seems like we have a few people raring to go on the new project.

mboyd (Mon, 10 Jun 2019 13:34:43 GMT):
@Oskar_van_Deventer I just joined this channel, but here a doc I've written for simple steps to sign previous commits: https://github.com/hyperledger/indy-sdk/blob/master/docs/contributors/signing-commits.md

danielhardman (Mon, 10 Jun 2019 17:40:29 GMT):
@AlexanderVtyurin : I read the README.md in your github repo, and I can see that there is, indeed, much in common in our thinking. I'm glad you found us! Having a declarative language for protocols is something I'm quite interested in. However, it would have to be something we could use in languages other than Kotlin before we could adopt it, because we are language-agnostic. How do you propose to deal with protocols that are not composed purely of peers (that is, there are different roles with different rules about how they interact)?

kdenhartog (Mon, 10 Jun 2019 19:11:00 GMT):
Sorry, I intended to get the call going this week, but this week hasn't been the greatest time to get it done. I see that the best time for the majority of people is 9AM. Would you mind if we move this back a week at the same time? I'm thinking Tuesday June 18th at 9AM MDT which would be 6PM UTC +3. Would that work for you @jakubkoci and @PatrikStas?

kdenhartog (Mon, 10 Jun 2019 19:15:17 GMT):
For those interested in the Javascript Agent Framework discussions please DM me your email and I'll add you to the calendar invite. @TelegramSam or @nage can we use a Sovrin Zoom room for this meeting? Right now it looks like it will be June 18th at 9AM MDT, 6PM UTC +3, etc.

jakubkoci (Mon, 10 Jun 2019 19:21:31 GMT):
No problem, June 18th works for me.

PatrikStas (Mon, 10 Jun 2019 20:24:36 GMT):
@kdenhartog works for me as well.

danielhardman (Mon, 10 Jun 2019 21:54:59 GMT):
All: I have raised an RFC that contains a dump of the tribal knowledge I know about, related to DIDComm best practices. Credit to @devin-fisher who wrote a large chunk of the content. I am certain that there are more topics that would be good to include in this RFC; this just represents a place to collect all such info and debate it. https://github.com/hyperledger/aries-rfcs/pull/74

AlexanderVtyurin (Mon, 10 Jun 2019 22:38:37 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=YRGHAmGXq3PxxAYfa) @danielhardman Can you give an example of such a protocol? I don't think I understand you. Prodigy can be language-agnostic - after all it's just about message format and serialization specifications. Transport layer can be replaced easily (because without it prodigy is tiny). But I personally feel negative about all this enterprise ultra-flexible stuff. I believe that as a developer/creator I should promote my own way of thinking and technologies that I find more attractive. Don't get me wrong - I understand why you guys are designing your tools to be like this and I respect it.

george.aristy (Tue, 11 Jun 2019 00:30:45 GMT):
@tplooker I know that in Aries we're trying to avoid the baggage of JSON-LD, but why aren't we specifying new a `@context` for the extended service endpoints of *DID documents* when we add `recipientKeys` and `routingKeys`?

george.aristy (Tue, 11 Jun 2019 00:30:45 GMT):
@tplooker I know that in Aries we're trying to avoid the baggage of JSON-LD, but why aren't we specifying a new `@context` for the extended service endpoints of *DID documents* when we add `recipientKeys` and `routingKeys`?

tplooker (Tue, 11 Jun 2019 00:32:06 GMT):
@george.aristy can you clarify are you speaking about why this isnt present in the did doc or in a did comm service decorator?

george.aristy (Tue, 11 Jun 2019 00:33:09 GMT):
(because the service decorator imports its definition from the service endpoint of the did spec)

tplooker (Tue, 11 Jun 2019 00:34:48 GMT):
The conventions that are present in the did doc are mandated by that spec, when we were defining a did communication service type we just followed the conventions applied by that spec, how it relates to a service level decorator is still in development. Could you elaborate more on how you foresee that behavior?

esplinr (Tue, 11 Jun 2019 00:43:07 GMT):
Ooo, I like reliquary. It is a fun word!

esplinr (Tue, 11 Jun 2019 00:44:50 GMT):
cc @joegenereux , who is very interested in Javascript for the browser

esplinr (Tue, 11 Jun 2019 00:49:08 GMT):
@joegenereux See the post by @kdenhartog where he is setting up a meeting.

george.aristy (Tue, 11 Jun 2019 00:52:42 GMT):
@tplooker The DID spec leverages JSON-LD for its definition. It also conveniently offers an example of how to extend a service endpoint definition: https://w3c-ccg.github.io/did-spec/#extensibility

george.aristy (Tue, 11 Jun 2019 00:53:49 GMT):
Based on that example I would expect a new `@context` for the service decorator since we say the service decorator inherits its definition from the service endpoint of the DID spec, and we're also adding new properties

tplooker (Tue, 11 Jun 2019 00:55:35 GMT):
Ok I understand, JSON-LD compatible decorators would have to be discussed in a broad sense though rather than adding support for this just in the service decorator.

george.aristy (Tue, 11 Jun 2019 00:59:17 GMT):
You think the routing stuff belongs in the DID spec?

tplooker (Tue, 11 Jun 2019 01:04:19 GMT):
Sorry, im not sure I follow, my above remark was that I think JSON-LD support for decorators (a purely did communication based concept) should be discussed as a behaviour for all decorators, rather than just adding JSON-LD support for the ~service decorator, does that make sense?

tplooker (Tue, 11 Jun 2019 01:05:13 GMT):
In regards to what we have put in the did doc currently, we defined a service definition for the did doc which expresses the information required to send a compatible did a did comm message

nage (Tue, 11 Jun 2019 15:59:04 GMT):
Yes, we can an SF zoom room setup. I will ask Kayla to get something setup. Can you email Kayla and I the attendees so we get the calendar appointment sent to the right people?

haniavis (Tue, 11 Jun 2019 19:33:08 GMT):
Hi all, I was using for some time now Indy (local pool + cli) in order to get familiar with it and now I am at the point to start implementing an Indy application using IndySDK, to provide Decentralized Identities. But now there is the Aries project where there are interoperable agent among others. Which is the way forward? Should I jump to Aries and keep Indy just for the pool of nodes and the ledger?

danielhardman (Tue, 11 Jun 2019 23:24:08 GMT):
@kdenhartog and @TelegramSam and @tomislav and @sergey.minaev : I have raised a new RFC PR about the payment decorator concept. See https://github.com/hyperledger/aries-rfcs/pull/75. This PR incorporates Sam's thinking from Indy HIPE PR #129, plus Tomislav's request that we harmonize with the W3C's PaymentRequest API.

esplinr (Tue, 11 Jun 2019 23:47:34 GMT):
@haniavis For now, there isn't any Aries to jump to. My suggestion is that you get started with Indy SDK, but keep an eye here so that you can migrate when the time is right.

esplinr (Tue, 11 Jun 2019 23:49:00 GMT):
As Aries SDK maintainers, we will keep in mind the migration path from Indy SDK. We plan to make it as easy as possible for people.

haniavis (Tue, 11 Jun 2019 23:49:38 GMT):
ok thank you for the reply. Do you know for how long will the Indy SDK and Indy Agent repositories be updated?

haniavis (Tue, 11 Jun 2019 23:50:04 GMT):
good to know there is a plan for the migration

esplinr (Tue, 11 Jun 2019 23:50:44 GMT):
There is a plan for a plan, but we don't yet have a plan. grin

esplinr (Tue, 11 Jun 2019 23:51:16 GMT):
Or, in a more serious tone, we are only now getting organized. No one has signed up to complete any work on any specific timeline.

esplinr (Tue, 11 Jun 2019 23:51:28 GMT):
But there is lots of enthusiasm to make progress in 2019.

swcurran (Wed, 12 Jun 2019 00:16:54 GMT):
@haniavis - I would not recommend spending much time at the indy-sdk level for getting started. Definitely look at the various agents in the community - indy-agent, the BC Gov's indy-catalyst repo (agent folder) and Streetcred's agent-framework repo. They all embed the indy-sdk, but operate at a higher level. Saves a lot of time and struggle.

rjones (Wed, 12 Jun 2019 01:45:57 GMT):
Hi. It looks like, by accident, the Aries meeting was cancelled. I've added what I could to the calendar - please take a look and make sure?

TelegramSam (Wed, 12 Jun 2019 04:10:20 GMT):
looks normal on the community calendar as well.

drummondreed (Wed, 12 Jun 2019 05:57:23 GMT):
Thanks @helengarneau—look great

mtfk (Wed, 12 Jun 2019 11:39:33 GMT):
@tomislav @TelegramSam Regarding the topic of "deep links" we had recently some internal discussion about how to make that right from usability point of view. Basically the point is that neither custom schema or file provides proper flow for regular users. Generates a lot of questions and confusions. This is why important would be to get the deep link rights so we can guide user through the whole journey. We can talk about the details later but overall it could work like this: - Umbrella organization like MyData could host a website `https://digital.wallet` which would be the registry of all known SSI digital wallets. What that means for the user is that if you want to send a link to someone you sent:: `https://digital.wallet/identity/xaddw324?callback=myservice.com` Which let's assume that this point to identity request with schema `xaddw234`. If the user clicks it and on given platform does not have any wallet it would open a page where whole concept would be explained and give possibility to download one of the existing wallets.

mtfk (Wed, 12 Jun 2019 11:39:33 GMT):
@tomislav @TelegramSam Regarding the topic of "deep links" we had recently some internal discussion about how to make that right from usability point of view. Basically the point is that neither custom schema or file provides proper flow for regular users. Those flows generates a lot of questions and confusions. This is why important would be to get the deep link rights so we can guide user through the whole journey. We can talk about the details later but overall it could work like this: - Umbrella organization like MyData could host a website `https://digital.wallet` which would be the registry of all known SSI digital wallets. What that means for the user is that if you want to send a link to someone you sent:: `https://digital.wallet/identity/xaddw324?callback=myservice.com` Which let's assume that this point to identity request with schema `xaddw234`. If the user clicks it and on given platform does not have any wallet it would open a page where whole concept would be explained and give possibility to download one of the existing wallets.

mtfk (Wed, 12 Jun 2019 11:41:22 GMT):
You can replace umbrella organization by any DAO or ENS with some black magic but the overall idea would stay the same.

TelegramSam (Wed, 12 Jun 2019 13:09:27 GMT):
can multiple applications register to the same domain (digital.wallet in this case) on both iOS and Android? @mtfk

mtfk (Wed, 12 Jun 2019 14:41:36 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=W3myZYbb5CCLXyhcv) Yes it is possible but the owner of the domain controls who can be on the list. Which is why some trusted organization needs to take care of it

drummondreed (Wed, 12 Jun 2019 15:44:34 GMT):
This sounds very interesting, and seems to address a critical UX issue for all of SSI, yes? It's a little worrying that it involves a centralized component for decentralized identity, but hopefully we can work around that.

drummondreed (Wed, 12 Jun 2019 15:46:34 GMT):
It sounds like it's an important discussion of what org (or orgs—this could be a cooperative project among several) are the best fit for this. And it sounds to me like it needs a governance framework (but then, I tend to see a lot of things through that lens :grin: )

TelegramSam (Wed, 12 Jun 2019 16:21:25 GMT):
I also like that it could be more than one org if necessary. Ideally not many, but more than one is better.

MALodder (Wed, 12 Jun 2019 16:28:27 GMT):
how would people feel if the key to open the wallet was one-time use and LOX changed the key each time the wallet was opened?

MALodder (Wed, 12 Jun 2019 16:29:11 GMT):
obviously there would be a performance hit so maybe it would be good to do it each time for bigger wallets, but for smaller wallets I think it would be a great feature

TelegramSam (Wed, 12 Jun 2019 16:35:47 GMT):
the part I struggle with most with LOX is figuring out how it applies to wallet use within agents.

tomislav (Wed, 12 Jun 2019 16:54:13 GMT):
Technically, it's not possible. You are saying that we choose a centralized domain and depend on that entity to allows our URL access to our own apps. I have concerns about this approach as app vendors won't have control over their own links. The same can be achieved if we establish a UX framework to guide vendors how to display links. For example: use custom universal scheme for links ssi:// but give the (iOS) user an option to invoke their own app by falling back to file type associations. I believe this is what roughly Sam suggested at the Aries call.

tomislav (Wed, 12 Jun 2019 16:54:13 GMT):
Technically, it's not possible. You are suggesting that we choose a centralized domain and depend on that entity to allow our URLs access to our own apps. I have concerns about this approach as app vendors won't have control over their own links. The same can be achieved if we establish a UX framework to guide vendors how to display links. For example: use custom universal scheme for links ssi:// but give the (iOS) user an option to invoke their own app by falling back to file type associations. I believe this is what roughly Sam suggested at the Aries call.

MALodder (Wed, 12 Jun 2019 16:55:26 GMT):
Instead of "enter password" or "supply the raw key" just ask LOX to open the wallet or create the wallet

TelegramSam (Wed, 12 Jun 2019 17:04:04 GMT):
Technically not possible and Undesirable for app developers are two different things. They are both important, but we should address them separately.

TelegramSam (Wed, 12 Jun 2019 17:05:05 GMT):
yeah, I'm still not sure how the gap is closed. I understand the hand wave description, but I'm still unsure of the technical details.

MALodder (Wed, 12 Jun 2019 17:06:16 GMT):
The agent supplies the wallet name instead of the key. Technically, LOX will use that plus other information about the caller to ask the OS keyring or other secure enclave to retrieve the wallet key to open the wallet

MALodder (Wed, 12 Jun 2019 17:06:35 GMT):
Instead of right now where the agent has to manage the wallet key, LOX does it

MALodder (Wed, 12 Jun 2019 17:07:13 GMT):
the agent just tells LOX who it is. LOX and the OS determine if the agent has access to the wallet key \

MALodder (Wed, 12 Jun 2019 17:07:13 GMT):
the agent just tells LOX who it is. LOX and the OS determine if the agent has access to the wallet key

MALodder (Wed, 12 Jun 2019 17:08:11 GMT):
LOX is a wallet key protection provider

MALodder (Wed, 12 Jun 2019 17:08:29 GMT):
Another pluggable layer like the data storage

TelegramSam (Wed, 12 Jun 2019 17:09:43 GMT):
I won't have time till next week for a call on this.

MALodder (Wed, 12 Jun 2019 17:11:56 GMT):
An example is in Linux or windows when you log in as a user and try access someone else’s stuff the OS blocks you unless they have shared it. Key rings also add another protection layer by encrypting the Keyring so only the user can decrypt it so even if someone gets root/admin privileges they could read the keyring

MALodder (Wed, 12 Jun 2019 17:27:21 GMT):
Key rings have been around a long time they are understood by the security community

TelegramSam (Wed, 12 Jun 2019 17:29:59 GMT):
Yes, but you are talking about keyring mediated access to encrypted storage.

TelegramSam (Wed, 12 Jun 2019 17:32:32 GMT):
so it's giving the key back to the wallet to decrypt storage.

MALodder (Wed, 12 Jun 2019 17:33:02 GMT):
Lox talks to the keyring and selects the correct key to open the wallet, opens the wallet and securely erases the key from memory

MALodder (Wed, 12 Jun 2019 17:35:06 GMT):
Right now, the agent has to ask the user for a password right? Instead LOX would ask the OS for keyring access then the OS determines what is needed to authenticate to the keyring and handles that for you like on mobile devices asking for a fingerprint or facial recognition, or the pin code to unlock the phone.

TelegramSam (Wed, 12 Jun 2019 17:35:59 GMT):
Many agents pull password from config. No user directly involved.

TelegramSam (Wed, 12 Jun 2019 17:36:22 GMT):
also, 'opening the wallet' means decrypting all of it so you can remove key from memory?

MALodder (Wed, 12 Jun 2019 17:44:37 GMT):
No need to put the password in a config because the password is sensitive. Instead, put it in the keyring and ask for it relying on the OS to authenticate the running process.

MALodder (Wed, 12 Jun 2019 17:45:17 GMT):
Opening the wallet doesn’t decrypt all of it. It just opens it so the accessor can then do CRUD

TelegramSam (Wed, 12 Jun 2019 17:51:27 GMT):
so the accessor keeps the keys used to encrypt the data at rest?

TelegramSam (Wed, 12 Jun 2019 17:51:42 GMT):
and we trust the Agent to not remember the password?

MALodder (Wed, 12 Jun 2019 17:55:31 GMT):
I don’t understand your question

MALodder (Wed, 12 Jun 2019 17:56:11 GMT):
Layer that sits right above the wallet layer

MALodder (Wed, 12 Jun 2019 17:56:23 GMT):
Just like wallet access is a layer

TelegramSam (Wed, 12 Jun 2019 17:58:27 GMT):
let's pick this up another time and see if we can work out the details.

MALodder (Wed, 12 Jun 2019 17:58:36 GMT):
If that’s better how you think of it

TelegramSam (Wed, 12 Jun 2019 17:59:01 GMT):
that has implications you are not considering.

TelegramSam (Wed, 12 Jun 2019 18:01:20 GMT):
Not the right medium, not enough time at the moment.

MALodder (Wed, 12 Jun 2019 18:03:43 GMT):
To me it’s just another function call to open or create the wallet. Just like it has now. You could also plug in a different one than the OS default keyring if want just like the storage layer so I’m failing to see the implications

tomislav (Wed, 12 Jun 2019 18:49:35 GMT):
How does this work in server scenarios when there's no user interaction for a consent? Does LOX provide pluggable support for secure storage integration?

kdenhartog (Wed, 12 Jun 2019 18:56:09 GMT):
I see huge security concerns as well if that domain wasn't properly managed. For example, doing a DNS cache poisoning is a potential attack vector that has to be considered by ALL vendors and they have no way to mitigate other than trust the webmaster to handle it. I would strongly advocate against using a common domain name. We evaluated this originally, but chose to opt away from this because of a variety of concerns this being only one.

TelegramSam (Wed, 12 Jun 2019 18:58:08 GMT):
we have two thing in conflict: New user experience (deep link best for this), and Robust Decentralization (ssi:// best for this).

kdenhartog (Wed, 12 Jun 2019 18:58:40 GMT):
Bad idea, access to the config file gives access to the wallet and the config file is left unprotected.

TelegramSam (Wed, 12 Jun 2019 18:59:08 GMT):
what is an enterprise agent to do then?

kdenhartog (Wed, 12 Jun 2019 19:00:34 GMT):
Should rely on the OS keyring (e.g. Lox) an HSM, or FIDO authenticator.

kdenhartog (Wed, 12 Jun 2019 19:00:54 GMT):
Alternatively a password managed by a sysadmin (which is what's done today).

MALodder (Wed, 12 Jun 2019 19:03:57 GMT):
LOX will provide a pluggable layer yes. Enterprise's can use an HSM, FIDO, OS keyring, Hashicorp vault to store the wallet key

MALodder (Wed, 12 Jun 2019 19:04:15 GMT):
For everyday agents the OS keyring will be the default

MALodder (Wed, 12 Jun 2019 19:05:32 GMT):
For server scenarios, the effective uid:gid that is executing the process is used by the OS keyring. The OS may or may not need any interaction with a user

MALodder (Wed, 12 Jun 2019 19:05:40 GMT):
it depends on how the server is configured

MALodder (Wed, 12 Jun 2019 19:05:58 GMT):
Keys and password should never have to be stored in a config file

MALodder (Wed, 12 Jun 2019 19:05:58 GMT):
Keys and passwords should never have to be stored in a config file

MALodder (Wed, 12 Jun 2019 19:07:19 GMT):
LOX will not force people to use it, I'm proposing to leave the current method to access the wallet using a raw key, but deprecate the password method as that's not recommended and usually not secure

MALodder (Wed, 12 Jun 2019 19:07:45 GMT):
If someone wants to provide a LOX plugin that does the password method then I'll let them if they go thru that effort

MALodder (Wed, 12 Jun 2019 19:41:10 GMT):
This also permits wallets on different agents to have keys specific to the hardware they run on

mtfk (Wed, 12 Jun 2019 20:00:46 GMT):
There are ways to mitigate all above concerns, the important point is that we need to find a balance between UX and security. As @TelegramSam mentioned you can't have both.

mtfk (Wed, 12 Jun 2019 20:01:15 GMT):
Having super secure system with 0 adoption won't help anybody.

danielhardman (Wed, 12 Jun 2019 20:18:24 GMT):
@swcurran Is your "code-with-me" bounty to add other ledger support imagined to be done at the level of indy-cat/python -- or at the level of aries-sdk? It seems very unfortunate if only python gets support for other ledgers. Could I convince you to bounty the creation of that support inside Rust in aries-sdk?

kdenhartog (Wed, 12 Jun 2019 20:46:21 GMT):
@TelegramSam can I get on the front of next weeks call? I want to give a demo for a few options based on your suggestion for JWS supporting both a sign only function plus a pack with sign function.

TelegramSam (Wed, 12 Jun 2019 20:47:09 GMT):
@kdenhartog YES! I had the same plan.

kdenhartog (Wed, 12 Jun 2019 20:47:31 GMT):
Main concern I want is to get dev feedback on API design. I'll take care of the rest.

TelegramSam (Wed, 12 Jun 2019 20:48:17 GMT):
I apologize for not managing time better on this call.

swcurran (Wed, 12 Jun 2019 21:03:32 GMT):
@danielhardman - as mentioned on the call, the bounty will be a first cut at using one or more other ledgers at the lower level - a PoC. We would likely not start with Rust (friction), and we would (very likely) not put the code in indycat (very likely wrong layer).

o.terbu (Wed, 12 Jun 2019 21:12:05 GMT):
wrt. uport presentation. the first response can of course also be encrypted. i have updated and uploaded the slides in the minutes. if you want more info on how uport's encryption works, you can find the documentation here: https://github.com/uport-project/specs/blob/develop/messages/encryption.md

swcurran (Wed, 12 Jun 2019 21:17:47 GMT):
The presentation about IndyCat Agent is here: https://docs.google.com/presentation/d/1SeGmyt7BIZRw-XDHR2NcmxJSZ2g7-tZPoBaBZ7-Jt8I/edit?usp=sharing It contains links within the document to all sorts of other resoures about IndyCat Agent.

tomislav (Wed, 12 Jun 2019 23:18:22 GMT):
@MALodder If applications utilize OS keyrings/keychains and cloud services use secure key storage already, like key vault, what added security does LOX offer? Inter-application/memory key management is one I can think of. I like that the component is optional, as it allows concrete added layer of security that a lot of enterprise adopters would be interested in.

tomislav (Wed, 12 Jun 2019 23:18:56 GMT):
How is LOX implemented? Is it a native library layer? How would applications use it?

MALodder (Wed, 12 Jun 2019 23:20:58 GMT):
Right now how is the wallet key managed?

tomislav (Wed, 12 Jun 2019 23:21:23 GMT):
keychain on mobile devices, and azure key vault on cloud services, specifically

MALodder (Wed, 12 Jun 2019 23:24:08 GMT):
LOX allows you to not have to worry about it

MALodder (Wed, 12 Jun 2019 23:25:04 GMT):
but if you want to do your own thing you are not restricted to LOX

MALodder (Wed, 12 Jun 2019 23:25:18 GMT):
LOX will be additional functions in indy-sdk

tomislav (Wed, 12 Jun 2019 23:26:50 GMT):
I see. Would LOX talk directly to the secure storage then?

tomislav (Wed, 12 Jun 2019 23:28:48 GMT):
How is the keyring implemented for different platforms?

MALodder (Wed, 12 Jun 2019 23:29:17 GMT):
opens the wallet, erases the wallet key from memory, hands the wallet handle back to the caller and steps out of the way

tomislav (Wed, 12 Jun 2019 23:30:37 GMT):
What would the application supply then to access the wallet? Different key every time?

tomislav (Wed, 12 Jun 2019 23:31:24 GMT):
Or the same key, but the actual underlying wallet key is different that LOX takes care of

MALodder (Wed, 12 Jun 2019 23:31:46 GMT):
to your question about OS keyrings, see https://github.com/hyperledger/aries-rfcs/tree/master/features/0042-lox

MALodder (Wed, 12 Jun 2019 23:33:15 GMT):
to your question what does the application supply see my RFC as well

tomislav (Wed, 12 Jun 2019 23:33:42 GMT):
I'm sorry, I wasn't aware of this RFC, should've read it first

MALodder (Wed, 12 Jun 2019 23:35:31 GMT):
but the OS looks at the effective user, running process, and key id

MALodder (Wed, 12 Jun 2019 23:35:46 GMT):
if that combination has access to the key then the OS returns it

MALodder (Wed, 12 Jun 2019 23:36:07 GMT):
if the OS needs to ask the user for a password/biometric/pin/hardware token it does

MALodder (Wed, 12 Jun 2019 23:36:34 GMT):
The advantage of LOX is that you can put the public information in your program

MALodder (Wed, 12 Jun 2019 23:37:04 GMT):
no putting the password in a config file

MALodder (Wed, 12 Jun 2019 23:37:29 GMT):
and have LOX open the wallet for you and done

tomislav (Wed, 12 Jun 2019 23:39:05 GMT):
I see. What about remote wallet scenarios i.e. my key would be stored in my device keyring, but the actual wallet is on a server, that has different security policies? Would it be able to delegate this security access?

MALodder (Wed, 12 Jun 2019 23:39:42 GMT):
The OS keyring won't but LOX would support plugins that could

MALodder (Wed, 12 Jun 2019 23:39:58 GMT):
Are you thinking like AWS CloudHSMs?

MALodder (Wed, 12 Jun 2019 23:40:15 GMT):
OS keyrings work similar to how AWS uses group permissions

MALodder (Wed, 12 Jun 2019 23:40:39 GMT):
if the instance is part of the IAM role then it grants access

MALodder (Wed, 12 Jun 2019 23:40:54 GMT):
and you don't have to supply anything because its implied by the instance and IAM role

MALodder (Wed, 12 Jun 2019 23:41:14 GMT):
so LOX could have a plugin for that easily because it matches how OS keyrings works

MALodder (Wed, 12 Jun 2019 23:41:14 GMT):
so LOX could have a plugin for that easily because it matches how OS keyrings work

tomislav (Wed, 12 Jun 2019 23:41:24 GMT):
I see a lot of value and added security for this with wallets that have remote storage, i.e. my indy process is local, but I have registered remote storage that now has different key for access.

MALodder (Wed, 12 Jun 2019 23:41:46 GMT):
right, LOX would be the component that allows better wallet key management

tomislav (Wed, 12 Jun 2019 23:41:56 GMT):
Remote storage wallets are the easiest way to solve backup/restore

MALodder (Wed, 12 Jun 2019 23:42:03 GMT):
then agents can use LOX to open/create the wallet

MALodder (Wed, 12 Jun 2019 23:42:21 GMT):
the other thing you could do with LOX is change the wallet key each time you open it

MALodder (Wed, 12 Jun 2019 23:42:48 GMT):
So even if someone manages to sniff your wallet key, its use is gone because you already used it

MALodder (Wed, 12 Jun 2019 23:43:09 GMT):
key rotation because more trivial with LOX

MALodder (Wed, 12 Jun 2019 23:43:34 GMT):
you also don't need to sync the wallet key across devices because each device could have its own wallet key protected in its own way

MALodder (Wed, 12 Jun 2019 23:43:51 GMT):
unless you are in a multi tenant situation but still LOX is flexible that way

tomislav (Wed, 12 Jun 2019 23:44:55 GMT):
Right, awesome. And OS keyring already sync between user's devices, so if key rotation can be implemented automagically in applications, that's great

MALodder (Wed, 12 Jun 2019 23:45:42 GMT):
this could be a setting of LOX that you pass in such as rotate every time/week/month

tomislav (Wed, 12 Jun 2019 23:45:51 GMT):
Cool, thank you for answering my questions :beers:

MALodder (Wed, 12 Jun 2019 23:46:27 GMT):
but I want to leave the normal use raw key interface so if LOX bothers you, fine implement your own solution

MALodder (Wed, 12 Jun 2019 23:46:40 GMT):
but definitely get rid of just derive key from password

MikeRichardson (Thu, 13 Jun 2019 07:31:00 GMT):
@TelegramSam What happened to the WG recording?

TelegramSam (Thu, 13 Jun 2019 14:31:02 GMT):
Aries WG Call Recording Posted: https://wiki.hyperledger.org/display/ARIES/2019-06-12+Aries+Working+Group+Call

TelegramSam (Thu, 13 Jun 2019 14:33:24 GMT):
@MikeRichardson Sorry for the delay.

TelegramSam (Thu, 13 Jun 2019 14:41:33 GMT):
Meeting Agenda for next week's Aries WG Call: https://wiki.hyperledger.org/display/ARIES/2019-06-19+Aries+Working+Group+Call

MikeRichardson (Thu, 13 Jun 2019 14:47:03 GMT):
It's no problem; I just got confused because I saw it there, then it was taken away. Thanks Sam

TelegramSam (Thu, 13 Jun 2019 14:47:55 GMT):
Sorry about the confusion. When you copy a meeting page for a new meeting, it brings over the attachments, and I sometimes forget to remove them. :/

mavarley (Thu, 13 Jun 2019 18:20:20 GMT):
I believe it is possible to link multiple Apps to a URL, but the mOS will automatically chose the "top one in the list" if the user has multiple associated apps installed; unlike the protocol handler approach, the user is not given a choice / selector of which app (wallet) to launch...

MikeRichardson (Thu, 13 Jun 2019 18:35:26 GMT):
ok cheers Sam. That was the first WG call i attended and it was very interesting. Some great ideas and demos. I would encourage anyone who hasn't attended to come over.

kdenhartog (Thu, 13 Jun 2019 18:43:33 GMT):
Is there other ways that we could achieve similar UX without the use of deep linking or Domain linking? For example could we use a Http redirect to an SSI schema URL in order to get robust decentralization, but also get the UX we're after?

TelegramSam (Thu, 13 Jun 2019 19:37:53 GMT):
I would very much like an approach like that, if we could work it out.

tomislav (Thu, 13 Jun 2019 20:12:00 GMT):
I would love a solution and decision to this.

mtfk (Thu, 13 Jun 2019 20:13:09 GMT):
I am afraid that there is no much alternatives here. Deep links (universal links) are the only way afaik for smooth UX. And basically it works as @kdenhartog requested http redeirect to custom schema (more less)

mtfk (Thu, 13 Jun 2019 20:13:09 GMT):
I am afraid that there is not much alternatives here. Deep links (universal links) are the only way afaik for smooth UX. And basically it works as @kdenhartog requested http redeirect to custom schema (more less)

tomislav (Thu, 13 Jun 2019 20:13:38 GMT):
@kdenhartog ultimately, the OS will try to resolve the SSI scheme and take over, so we fall back to whatever the OS is capable of.

tomislav (Thu, 13 Jun 2019 20:13:38 GMT):
@kdenhartog ultimately, the OS will try to resolve the SSI scheme and take over, so we fall back to whatever the (i)OS is (not) capable of.

mtfk (Thu, 13 Jun 2019 20:14:53 GMT):
We have a bit room to experiment with who own the domain which is able to resolve deep links.

mtfk (Thu, 13 Jun 2019 20:15:50 GMT):
for example we could use ENS or just simply github repo which would host the file (repo would be "owned by community") etc...

mtfk (Thu, 13 Jun 2019 20:16:55 GMT):
another challenging part is the owner ship of the project in firebase as this is something which we would probably won't be able to overcome

tomislav (Thu, 13 Jun 2019 20:17:55 GMT):
What would this domain host and ultimately do? How will it solve the problem of giving iOS users option to launch their own app?

mtfk (Thu, 13 Jun 2019 20:19:47 GMT):
not much just give possibility to link to the app with specific custom schema let say `wallet://` means that if you click on the link like: `https;//digital.wallet/identity/xad2d2` it would open any app is able to handle `wallet://` if you don;t have any it would open you a website with list of compatible digital wallets.

mtfk (Thu, 13 Jun 2019 20:20:33 GMT):
The main reasoning for it is that if user does not have any app that there would be fallback page which would explain what to do.

tomislav (Thu, 13 Jun 2019 20:21:27 GMT):
How would this domain detect if you have an app installed that supports that scheme?

mtfk (Thu, 13 Jun 2019 20:22:05 GMT):
It would be registered within firebase and apple with fallback url which would be called if there is no app.

mtfk (Thu, 13 Jun 2019 20:22:45 GMT):
Default behavior is that it would send you to the apple store/google play store. But you can override that behavior and send to the website. Which in our case would be helpful.

tomislav (Thu, 13 Jun 2019 20:23:15 GMT):
Aren't there privacy concerns about having all links go through a central web server?

mtfk (Thu, 13 Jun 2019 20:25:05 GMT):
You could have it only for entry links, everything else could go to specific provider as soon as user would choose it.

mtfk (Thu, 13 Jun 2019 20:25:24 GMT):
But still some traffic would go through it.

tomislav (Thu, 13 Jun 2019 20:25:42 GMT):
I'm still unclear how will this domain capture the universal link? Doesn't that mean it will require an app to function?

mtfk (Thu, 13 Jun 2019 20:25:49 GMT):
Is similar concern that traffic goes via apple or google :)

mtfk (Thu, 13 Jun 2019 20:25:49 GMT):
Is similar concern that all traffic goes via apple or google :)

mtfk (Thu, 13 Jun 2019 20:28:09 GMT):
The domain would works more less like this: e.g. on apple: `https://digital.wallet/identity` if the link would be clicked on mobile apple will check the association file and see if there is any app which is associated with that link. If so trigger the app if no send to store to install it or send user to fallback url

tomislav (Thu, 13 Jun 2019 20:29:06 GMT):
but that URL can ever launch only one app

mtfk (Thu, 13 Jun 2019 20:29:22 GMT):
on ios the first one from the list would be picked, yes

tomislav (Thu, 13 Jun 2019 20:29:39 GMT):
It's an https domain, only one vendor can claim it.

mtfk (Thu, 13 Jun 2019 20:30:14 GMT):
https://stackoverflow.com/questions/40790747/can-ios-universal-app-link-support-multiple-apps-using-the-same-domain

tomislav (Thu, 13 Jun 2019 20:30:33 GMT):
Yes, multiple apps from the same vendor, with the same Team ID

tomislav (Thu, 13 Jun 2019 20:31:21 GMT):
This app must be published to the App Store under that specific publisher, which means all SSI apps would have to be published by the same account

mtfk (Thu, 13 Jun 2019 20:31:56 GMT):
my understanding is that it does not matter.

mtfk (Thu, 13 Jun 2019 20:32:13 GMT):
I can host domain for you app without having access to your teamID nor apple account.

mtfk (Thu, 13 Jun 2019 20:32:22 GMT):
Is just association file needs to match

tomislav (Thu, 13 Jun 2019 20:32:39 GMT):
Read the requirements what it takes to setup universal links. I guarantee you are fundamentally misunderstanding the usage of it

tomislav (Thu, 13 Jun 2019 20:33:35 GMT):
https://developer.apple.com/documentation/uikit/inter-process_communication/allowing_apps_and_websites_to_link_to_your_content/enabling_universal_links

tomislav (Thu, 13 Jun 2019 20:34:05 GMT):
Apple's example show how you can setup multiple apps, but these apps originate from same Team/Account/Publisher

mtfk (Thu, 13 Jun 2019 20:34:42 GMT):
But does not say that this is requirement.

mtfk (Thu, 13 Jun 2019 20:34:48 GMT):
Are yo sure that this is the limitation?

mtfk (Thu, 13 Jun 2019 20:35:17 GMT):
The link between app and the domain is just associated file.

tomislav (Thu, 13 Jun 2019 20:35:22 GMT):
Yes, your app is signed with the that teams provisioning certificate

mtfk (Thu, 13 Jun 2019 20:35:44 GMT):
yes but it has nothing to do with the file hosted under the domain.

mtfk (Thu, 13 Jun 2019 20:35:59 GMT):
You can release the app without owning the domain.

mtfk (Thu, 13 Jun 2019 20:36:13 GMT):
you need to have possibility to upload the associated file, isn't it?

mtfk (Thu, 13 Jun 2019 20:37:00 GMT):
So I can host that file for you (or multiple apps) without having rights to release any of those app

mtfk (Thu, 13 Jun 2019 20:37:43 GMT):
Best would be to do test and make sure that it works like this.

mtfk (Thu, 13 Jun 2019 20:37:57 GMT):
I would test that scenario on Android to make sure that it works as suggested.

tomislav (Thu, 13 Jun 2019 20:38:08 GMT):
Each app would then have to claim a specific path. domain.com/app1, etc.

tomislav (Thu, 13 Jun 2019 20:38:19 GMT):
No two apps can have the exact same domain and path

mtfk (Thu, 13 Jun 2019 20:40:05 GMT):
according to that what I got from our devs it is possible but then if you would have both apps installed the one on top would be picked.

mtfk (Thu, 13 Jun 2019 20:40:19 GMT):
so best would be to test it and verify it.

tomislav (Thu, 13 Jun 2019 20:41:51 GMT):
So then why use universal links when we can just use scheme or app specific universal links?

mtfk (Thu, 13 Jun 2019 20:42:44 GMT):
So you can have universal link which would handle case when the app is not installed.

mtfk (Thu, 13 Jun 2019 20:42:44 GMT):
So you can have generic link which would handle case when the app is not installed.

mtfk (Thu, 13 Jun 2019 20:43:21 GMT):
Covers the flow like this: if app is installed - run it if app is not installed -> show website with list of wallets.

mtfk (Thu, 13 Jun 2019 20:43:46 GMT):
you can not do it with custom schema nor with universal link for specific app because then you forcing to use that specific app.

tomislav (Thu, 13 Jun 2019 20:43:57 GMT):
So the only gain is really the list of wallets

TelegramSam (Thu, 13 Jun 2019 20:44:22 GMT):
could that website detect other installed wallets?

TelegramSam (Thu, 13 Jun 2019 20:45:14 GMT):
to auto redirect them to the link for an installed one.

mtfk (Thu, 13 Jun 2019 20:45:15 GMT):
The website would ask to start app for `wallet://` if there is any installed it would be started if none website would popup

tomislav (Thu, 13 Jun 2019 20:45:21 GMT):
No, there's no mechanism to do that

mtfk (Thu, 13 Jun 2019 20:46:43 GMT):
Basically the purpose of the website is that the website does not care which app is installed, as soon as there is one which can handle `wallet://` it would ask to start it. If not help user to figure out what to do next.

tomislav (Thu, 13 Jun 2019 20:47:20 GMT):
How will the website detect if an app has been started?

mtfk (Thu, 13 Jun 2019 20:47:44 GMT):
Does not have to. Just redirect to the custom schema and the os is doing rest

tomislav (Thu, 13 Jun 2019 20:48:34 GMT):
This would show a invalid URL on some browsers, wouldn't it?

mtfk (Thu, 13 Jun 2019 20:49:34 GMT):
no, this is why you have the http on front which ping firebase or apple ot check if the app is there if not there is fallback url which should be http page to open in browser.

mtfk (Thu, 13 Jun 2019 20:49:48 GMT):
Browser will never handle custom schema as this is just payload for the app

TelegramSam (Thu, 13 Jun 2019 20:50:01 GMT):
how do you propose the app detection work?

mtfk (Thu, 13 Jun 2019 20:50:22 GMT):
I don't, it is given by google and apple.

TelegramSam (Thu, 13 Jun 2019 20:51:02 GMT):
do you have references for this process?

TelegramSam (Thu, 13 Jun 2019 20:52:00 GMT):
yes. What you shared doesn't help me understand anything about the process.

mtfk (Thu, 13 Jun 2019 20:53:30 GMT):
you can start reading about deep links (android) and universal links (apple) but there is much more into the whole process. Basically the flow is more less like this: domain -> apple/firebase -> custom schema (or fallback url)

TelegramSam (Thu, 13 Jun 2019 20:54:03 GMT):
apple/firebase is very inspecific.

mtfk (Thu, 13 Jun 2019 20:54:34 GMT):
you can not do universal links nor deep links without using firebase or apple notification system.

tomislav (Thu, 13 Jun 2019 20:55:15 GMT):
who would own firebase instance? the owner of the domain?

tomislav (Thu, 13 Jun 2019 20:56:16 GMT):
What consumes the data in this firebase database and what's in it?

mtfk (Thu, 13 Jun 2019 20:56:18 GMT):
@telegramSam there is API which you use and integration which needs to be done up front. Slightly different in each case.

tomislav (Thu, 13 Jun 2019 20:56:40 GMT):
So each app would need to talk to this firebase instance?

mtfk (Thu, 13 Jun 2019 20:57:10 GMT):
it could be encrypted (good example is this what uport is doing)

mtfk (Thu, 13 Jun 2019 20:57:27 GMT):
sorry forget about the data ... is not related.

mtfk (Thu, 13 Jun 2019 20:57:57 GMT):
data is related if you would like to have push notification but we are not there yet.

mtfk (Thu, 13 Jun 2019 20:58:25 GMT):
so the idea is that this setup is just for simple link handling which is entry point for someone who does not have yet the app.

mtfk (Thu, 13 Jun 2019 20:59:17 GMT):
Not sure if that is the case but I can imagine that all links will include only public data anyway.

mtfk (Thu, 13 Jun 2019 20:59:53 GMT):
any further communication would be established outside that link.

TelegramSam (Thu, 13 Jun 2019 21:00:06 GMT):
I'm still unsure how the website knows that a compatible app is installed and redirects to the wallet:// url

mtfk (Thu, 13 Jun 2019 21:00:52 GMT):
this is magic behind deep links and universal link which is happening within the black box of google and apple

TelegramSam (Thu, 13 Jun 2019 21:01:11 GMT):
we've now completed a full circle of not understanding.

TelegramSam (Thu, 13 Jun 2019 21:01:25 GMT):
there has to be an explanation somewhere on how this mechanism works.

tomislav (Thu, 13 Jun 2019 21:02:11 GMT):
mtfk, setting up deep links and universal links is fairly straightforward. Do you think you can come up with a POC to showcase this?

TelegramSam (Thu, 13 Jun 2019 21:02:34 GMT):
I have to run, but if you have addiitonal info or links (or an example!) that'd be awesome.

mtfk (Thu, 13 Jun 2019 21:02:40 GMT):
Appel: https://developer.apple.com/ios/universal-links/ Android: https://developer.android.com/training/app-links/deep-linking I would recommend start here.

mtfk (Thu, 13 Jun 2019 21:03:03 GMT):
Yes I will try to build it for android.

TelegramSam (Thu, 13 Jun 2019 21:03:10 GMT):
I understand both and the common case. What you are describing is different than I've read there.

tomislav (Thu, 13 Jun 2019 21:03:20 GMT):
But the issue we have is for iOS primarily

mtfk (Thu, 13 Jun 2019 21:03:53 GMT):
I do not have xcode anywhere to build it on iOS so help is welcome.

mtfk (Thu, 13 Jun 2019 21:05:53 GMT):
@TelegramSam let's build POC and present it during the call, so we can share know-how. Basically all above comes from the links of official spec..

mtfk (Thu, 13 Jun 2019 21:06:14 GMT):
Having understanding how both ecosystems works help to understand the flow.

mtfk (Thu, 13 Jun 2019 21:06:41 GMT):
One of the crucial part is that you can not do it without google nor apple :)

TelegramSam (Fri, 14 Jun 2019 13:32:48 GMT):
Somebody asked on the call about RFCs that related to DIDComm. Rather than spill a list, I added them to the 0005 DIDComm RFC near the bottom in a 'Related RFCs' list: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0005-didcomm

danielhardman (Fri, 14 Jun 2019 20:50:56 GMT):
@rjones I'm interested in enabling CI/CD for the aries-rfcs repo. The initial tests would be exceedingly simple--they'd just test that /index.md (which is autogenerated) is up-to-date, and maybe test for broken hyperlinks. Later we might add checks for a few other things, like use of correct terminology and so forth. I haven't been involved in any of the discussions that happened around using HL CI infrastructure for Indy. I can ask my buddies what they know, but I thought I'd come straight to the source and ask you what I should know about this topic. Can you teach me? (CC: @TelegramSam @swcurran @kdenhartog ) PS. Should we create an #aries-maintainers channel, since this sort of question isn't very interesting to people who are just showing up to learn how to consume or contribute.

rjones (Fri, 14 Jun 2019 20:51:53 GMT):
what CI system do you want to use? CircleCI or something else?

jljordan_bcgov (Sun, 16 Jun 2019 02:36:35 GMT):
I thought the move for CICD was to GitLab ...

swcurran (Sun, 16 Jun 2019 15:10:35 GMT):
@danielhardman - should we be using elements of the did:peer method in Aries agents? If so - what parts are ready now? For example, should we start by putting "did:peer:" into the DIDs?

jljordan_bcgov (Sun, 16 Jun 2019 15:31:09 GMT):
Perhaps https://developer.apple.com/library/archive/documentation/UserExperience/Conceptual/PassKit_PG/Apps.html#//apple_ref/doc/uid/TP40012195-CH6-SW1 would be a way to improve UX in terms of the discussion that was happening around deep links and so forth

jljordan_bcgov (Sun, 16 Jun 2019 15:31:57 GMT):
certain well-known or commonly used proofs could be added by users or suggested to be added as passes to apple/google wallet

rjones (Sun, 16 Jun 2019 17:39:25 GMT):
@jljordan_bcgov no decisions have been made WRT CircleCI/GitLabCI/etc. CircleCI is easy for me to pay for, which is why I suggested it. It's also the direction LF in general is moving

jljordan_bcgov (Sun, 16 Jun 2019 18:18:27 GMT):
Ok. My understanding was investigation in Indy was going on with GitLab. It’s important to have consistent tooling. At least across the HL project to do with Indy, Aries and ideally Ursa as they are likely to form part of an overall system

rjones (Sun, 16 Jun 2019 18:20:21 GMT):
If they've decided on GitLab this is a) news to me and b) not a big deal. We're having weekly meetings on the direction of CI/CD and @dhuseby has been leading them

rjones (Sun, 16 Jun 2019 18:20:50 GMT):
If the Indy-Ursa-Aries teams want GitLab then it's gitlab. My feelings are not hurt :)

jljordan_bcgov (Sun, 16 Jun 2019 18:21:45 GMT):
Cool. Just would like to see a purposeful discussion and decision making occur rather than choose what you like and we deal with the consequences later

rjones (Sun, 16 Jun 2019 18:22:22 GMT):
There are meetings every Friday, please join us?

jljordan_bcgov (Sun, 16 Jun 2019 18:24:42 GMT):
I’ll check with the team. I’m not the person that can provide experience based opinions on the actual option.

rjones (Sun, 16 Jun 2019 18:25:54 GMT):
OK. The thing that is news to me is that A/U/I had made any decisions. Since they're on the call every week - I would have expected more mention of it. If that decision is made, cool.

jljordan_bcgov (Sun, 16 Jun 2019 18:26:11 GMT):
@WadeBarnes may be able to provide his input

WadeBarnes (Mon, 17 Jun 2019 13:18:37 GMT):
@rjones, Discussions regarding CI/CD for Indy have been happening over on the `chat.sovrin.org`, `community-ci-agents` channel.

WadeBarnes (Mon, 17 Jun 2019 13:19:58 GMT):
There has been some progress on the pipelines for `indy-sdk`.

WadeBarnes (Mon, 17 Jun 2019 13:21:35 GMT):
We've tried out a number of different things with our projects. I'll provide more details later today when I have a bit more time.

WadeBarnes (Mon, 17 Jun 2019 13:21:35 GMT):
We've tried out a number of different things (Jenkins/SonarQube/Zap in OpenShift, CircleCI/Codecov, GitLab CI) with our projects. I'll provide more details later today when I have a bit more time.

WadeBarnes (Mon, 17 Jun 2019 13:23:04 GMT):
I'd like to join the calls so I can get a better feel for every ones thoughts. I won't be able to make the call this Friday though.

rjones (Mon, 17 Jun 2019 15:27:08 GMT):
OK @WadeBarnes please do join when you can.

danielhardman (Mon, 17 Jun 2019 15:58:51 GMT):
@rjones I wouldn't conflate Aries with Indy. I had heard that Indy folks were liking gitlab--but I wouldn't imagine that has much to do with Aries, necessarily. In particular, the aries-rfcs repo has very different CI requirements from the others and can probably make its own choice.

danielhardman (Mon, 17 Jun 2019 16:25:07 GMT):
Anybody submitting a new Aries RFC: the instructions have been tweaked very slightly, so you get an RFC number JIT, right before you submit. And you get the number by clicking a link instead of looking up the highest-numbered PR by yourself. This should make things a bit easier. Note also that you should now be updating index.md as part of your PR, because we are now enforcing correctness of the index with a CI test step. See https://github.com/hyperledger/aries-rfcs#mechanics

TelegramSam (Mon, 17 Jun 2019 18:47:24 GMT):
We have talked about Static Agents before, but we don't have any reference code showing how it could be done. Daniel Bluhm and I wrote one. Quick recap of Static Agents: - Capable of speaking DIDComm, - no wallet, - minimal dependancies, - should feel like using an API. Here is the code: https://github.com/TelegramSam/aries-staticagent-python

george.aristy (Mon, 17 Jun 2019 20:01:20 GMT):
@TelegramSam what were the doubts about how to do static agents?

TelegramSam (Mon, 17 Jun 2019 20:07:03 GMT):
I didn't have any doubts, but thought a working example would be useful.

george.aristy (Mon, 17 Jun 2019 20:29:54 GMT):
Sorry - I misread your first sentence ("We have talked about Static Agents before, but we don't have any reference code showing how it could be done.")

esplinr (Tue, 18 Jun 2019 00:14:32 GMT):
I find this conversation to be really surprising.

esplinr (Tue, 18 Jun 2019 00:14:44 GMT):
One of the arguments for moving from Jenkins to GitLab was "that is where all of Hyperledger is going".

esplinr (Tue, 18 Jun 2019 00:14:53 GMT):
I hadn't heard of Circle CI until this thraed.

esplinr (Tue, 18 Jun 2019 00:14:53 GMT):
I hadn't heard of Circle CI until this thread.

esplinr (Tue, 18 Jun 2019 00:15:15 GMT):
@MALodder should Indy be moving to Circle CI instead of Jenkins?

esplinr (Tue, 18 Jun 2019 00:15:54 GMT):
This is an important question because much of the Indy code will be moving to Aries, and there is a push away from Jenkins. I don't want to pay the cost of migration twice.

esplinr (Tue, 18 Jun 2019 00:18:38 GMT):
I apologize generally that I have had conflicts on many Wednesdays preventing me from attending the Aries calls.

esplinr (Tue, 18 Jun 2019 00:19:31 GMT):
I have been on the schedule for discussing meeting schedules and formats, as well as Evernym's thinking on how to start moving code from Indy SDK to Aries. I have another conflict this Wednesday and would appreciate these topics waiting one more week.

esplinr (Tue, 18 Jun 2019 00:19:47 GMT):
@tplooker was on the schedule to discuss meeting times. Feel free to proceed on that one without me.

esplinr (Tue, 18 Jun 2019 00:20:29 GMT):
Evernym would support a call where @tplooker and @sergey.minaev could talk, even though that probably won't work for most people in the US.

MALodder (Tue, 18 Jun 2019 02:25:33 GMT):
This is my first notice of circle CI. I’ll look into it

WadeBarnes (Tue, 18 Jun 2019 02:41:37 GMT):
We’re using Circle CI on Indy Catalyst; https://circleci.com/gh/bcgov/indy-catalyst https://github.com/bcgov/indy-catalyst

DucaDellaForcoletta (Tue, 18 Jun 2019 07:46:28 GMT):
Has joined the channel.

jljordan_bcgov (Tue, 18 Jun 2019 12:24:42 GMT):
@esplinr I was also surprised which is why I raised the issue

WadeBarnes (Tue, 18 Jun 2019 12:51:07 GMT):
If there is still question about the direction there is also GitHub Actions to consider. It's still in beta, but it's basically GitHub's answer to GitLab CI.

WadeBarnes (Tue, 18 Jun 2019 13:29:19 GMT):
In my limited experience with GitLab CI, I've found although it is powerful you sacrifice many of the slick reporting features when you are just using GitHub integration. You only get those when using GitLab is your active repository for PRs and so forth.

MALodder (Tue, 18 Jun 2019 13:36:09 GMT):
One of the reasons Indy was looking at Gitlab Is its ability to have anyone provide CI runners. And this way if the CI pipeline is slowing down the community may donate runners to help speed it up temporarily or permanently I don’t know if Circle CI supports that or not

MALodder (Tue, 18 Jun 2019 13:36:34 GMT):
Last I heard hyper ledger was switching to Kubernetes

rjones (Tue, 18 Jun 2019 13:37:01 GMT):
No, we were investigating k8s and discarded it as a path forward

rjones (Tue, 18 Jun 2019 13:37:26 GMT):
we're trying to figure out a way forward with ci/cd. no decisions are made.

MALodder (Tue, 18 Jun 2019 13:37:48 GMT):
I find Gitlabs reports to be fantastic and way better than Jenkins or Travis CI or appveyor

rjones (Tue, 18 Jun 2019 13:38:11 GMT):
ci/cd is, right now, bespoke silos of knowledge. it's hard for someone to switch from project to project and get up to speed.

WadeBarnes (Tue, 18 Jun 2019 13:39:56 GMT):
Self hosted runners, is one of the powerful features of GitLab CI.

MALodder (Tue, 18 Jun 2019 13:40:11 GMT):
Doesn’t appear to be here https://travis-ci.com

MALodder (Tue, 18 Jun 2019 13:40:21 GMT):
Unless you’re talking about a different Travis

rjones (Tue, 18 Jun 2019 13:44:10 GMT):
https://www.reddit.com/r/devops/comments/at3oyq/it_looks_like_ibera_is_gutting_travis_ci_just_a/

rjones (Tue, 18 Jun 2019 13:44:26 GMT):
they laid off most of the staff a few months ago

rjones (Tue, 18 Jun 2019 13:46:36 GMT):
https://news.ycombinator.com/item?id=19218036

MALodder (Tue, 18 Jun 2019 13:49:00 GMT):
All the more reason we are looking at Gitlab

WadeBarnes (Tue, 18 Jun 2019 13:52:55 GMT):
As a comparison to the Circle CI, and CodeCov integration we have on the main Indy Catalyst repo I did a GitLab CI integration here; https://gitlab.com/WadeBarnes/indy-catalyst/pipelines

WadeBarnes (Tue, 18 Jun 2019 13:54:23 GMT):
Some related reporting can be found by clicking on the badges in the readme on this branch; https://gitlab.com/WadeBarnes/indy-catalyst/tree/ci-testing

WadeBarnes (Tue, 18 Jun 2019 13:56:07 GMT):
The 2 CI integrations provide the equivalent functionality.

WadeBarnes (Tue, 18 Jun 2019 13:58:25 GMT):
What we loose with the GitLab CI integration is the direct PR message integration we get from Circle ci and CodeCov regarding the code's health and deltas in quality.

MALodder (Tue, 18 Jun 2019 13:59:00 GMT):
does Circle CI allow self hosted runners?

WadeBarnes (Tue, 18 Jun 2019 13:59:28 GMT):
I'm just providing a comparison, I don't have a strong preference.

WadeBarnes (Tue, 18 Jun 2019 13:59:28 GMT):
I'm just providing a comparison, I don't have a strong preference for any particular CI tool at the moment. However reporting and notifications become more important at scale.

WadeBarnes (Tue, 18 Jun 2019 14:00:12 GMT):
@MALodder, I'm not sure, that is one of the compelling features of GitLab CI.

WadeBarnes (Tue, 18 Jun 2019 14:13:57 GMT):
GitLab CI does integrate back to the GitHub repository, but the feedback is much more subtle.

WadeBarnes (Tue, 18 Jun 2019 14:20:07 GMT):
One feature I am partial to is container based CI/CD pipelines. GitLab CI, Circle CI, and GitHub Actions all have this in common.

swcurran (Tue, 18 Jun 2019 14:55:15 GMT):
Agree with @WadeBarnes - container driven is a must do approach these days.

rjones (Tue, 18 Jun 2019 15:01:44 GMT):
My message evaporated. Could I ask that this discussion is reflected in #cicd? it would help inform us of community needs

WadeBarnes (Tue, 18 Jun 2019 15:05:28 GMT):
This conversation is moving to #cicd

WadeBarnes (Tue, 18 Jun 2019 15:05:28 GMT):
This conversation is moving to #cicd, starting here; https://chat.hyperledger.org/channel/cicd?msg=t7REA2Erwf4vZFxF2

swcurran (Tue, 18 Jun 2019 18:17:31 GMT):
I'm trying to port the "Cross-Domain-Messaging" HIPE into Aries - and decide if it should be moved, or is it covered elsewhere. It relates to several other HIPEs and I'm trying not very successfully to determine if they have been migrated yet: - Wire Message - @kdenhartog - DIDDoc Conventions/Routing Messages - @tplooker (looks like it is still a PR in indy-hipe?) - Agent Messages - @dbluhm @danielhardman Could I please get an update on those HIPEs and/or guidance on how to handle this migration? Do it? Don't do it? At minimum, I have to remove the no longer relevant (and terrible) parts of this in favour of the Routing Messages HIPE/RFC.

swcurran (Tue, 18 Jun 2019 18:17:31 GMT):
I'm trying to port the "Cross-Domain-Messaging" HIPE into Aries - and decide if it should be moved, or is it covered elsewhere. It relates to several other HIPEs and I'm trying not very successfully to determine if they have been migrated yet: - Wire Message - @kdenhartog - DIDDoc Conventions/Routing Messages - @tplooker (looks like it is still a PR in indy-hipe?) - Agent Messages - @dbluhm @danielhardman Could I please get an update on those HIPEs (with current links to use for them) and/or guidance on how to handle this migration? Do it? Don't do it? At minimum, I have to remove the no longer relevant (and terrible) parts of this in favour of the Routing Messages HIPE/RFC.

tplooker (Tue, 18 Jun 2019 18:19:04 GMT):
@swcurran the diddoc conventions is migrated and I'm working on a new routing rfc

swcurran (Tue, 18 Jun 2019 18:19:53 GMT):
So use the PR in Indy-HIPE for now for the routing? https://github.com/hyperledger/indy-hipe/blob/42fd315eed4a502f34a956abafd80a73700dbcb3/text/agent-message-routing/README.md

swcurran (Tue, 18 Jun 2019 18:21:24 GMT):
@tplooker which RFC is the diddoc conventions one? I checked the HIPE and there is no reference to one, and there is no RFC called that.

tplooker (Tue, 18 Jun 2019 18:30:33 GMT):
@swcurran https://github.com/hyperledger/aries-rfcs/blob/master/features/0067-didcomm-diddoc-conventions/README.md

danielhardman (Tue, 18 Jun 2019 18:30:39 GMT):
@swcurran I'm not sure which HIPE went by the name "Agent Messages". Are you talking about the one that defined file formats and mime types? I think that's RFC 0044.

tplooker (Tue, 18 Jun 2019 18:30:51 GMT):
It is heavily modified from the original

danielhardman (Tue, 18 Jun 2019 18:31:32 GMT):
All: I updated the instructions about migrating Indy HIPEs to Aries. Note that the step where you get an RFC number is now later in the flow, and that it's now important to regenerate /index.md and run unit tests: https://docs.google.com/document/d/1BKLR6lmjuwmHrYldNELijddJYi43IJByBXSMQgIHSYM/edit

swcurran (Tue, 18 Jun 2019 18:33:34 GMT):
Should update the HIPE to say it's moved.

swcurran (Tue, 18 Jun 2019 18:35:18 GMT):
@tplooker - yes. What is it's migrated name?

andrew.whitehead (Tue, 18 Jun 2019 18:35:54 GMT):
Does it include any of my updates from here? :) https://github.com/andrewwhitehead/indy-hipe/tree/inbound-routing-update/text/agent-message-routing

swcurran (Tue, 18 Jun 2019 18:36:39 GMT):
@danielhardman - no, but I found it - RFC 0020.

tplooker (Tue, 18 Jun 2019 18:36:55 GMT):
@andrew.whitehead thanks was looking for that it will :) I think we need to break the HIPE up too, my first submission was just going to describe key based routing

andrew.whitehead (Tue, 18 Jun 2019 18:37:40 GMT):
That makes sense, I think like queuing there could be alternative management protocols

andrew.whitehead (Tue, 18 Jun 2019 18:38:15 GMT):
I've implemented that protocol in indy-cat btw

swcurran (Tue, 18 Jun 2019 18:38:59 GMT):
BTW - I'm thinking the DIDDoc Conventions one should be a concept vs. feature. I think that was why I missed it.

tplooker (Tue, 18 Jun 2019 18:40:56 GMT):
Ok happy to move if the everybody else agrees?

tplooker (Tue, 18 Jun 2019 18:41:16 GMT):
@andrew.whitehead interesting I will review

kdenhartog (Tue, 18 Jun 2019 19:21:22 GMT):
@swcurran Wire message format -> 0019 encryption envelope

swcurran (Tue, 18 Jun 2019 19:21:44 GMT):
Could you update the HIPE to reference that?

drummondreed (Wed, 19 Jun 2019 04:49:34 GMT):
@esplinr Will you be able to bring that up on the Aries call this week? Or must it wait until next week?

sergey.khoroshavin (Wed, 19 Jun 2019 11:47:19 GMT):
Has joined the channel.

helengarneau (Wed, 19 Jun 2019 17:39:42 GMT):
Working on getting some Aries stickers made. Stay tuned.

danielhardman (Wed, 19 Jun 2019 18:13:56 GMT):
@TelegramSam and/or @swcurran , can I have 3 minutes on the Aries call today? I just want to announce that I am going to be proposing adjustments to the status of a few RFCs that are currently PROPOSED but should probably move to ACCEPTED because they are standards track. No discussion--just alerting the community to watch for those PRs.

TelegramSam (Wed, 19 Jun 2019 18:15:51 GMT):
we are having an RFC/HIPE discussion anyway. I'll give you the first few minutes of that.

danielhardman (Wed, 19 Jun 2019 19:41:36 GMT):
For those who are wondering about the relationship between Indy and Aries, here is a formal answer that could be shared: https://github.com/hyperledger/aries/blob/master/README.md#relationship-to-hyperledger-indy

george.aristy (Wed, 19 Jun 2019 20:04:17 GMT):
Is it possible to separate discussion of protocols (and, in general, matters concerning interoperability) from specific libraries and implementations (ie. the SDK)?

swcurran (Wed, 19 Jun 2019 20:35:47 GMT):
@george.aristy - I think we are getting there and that will happen over time. I think it will be hard to just declare it and make it happen. I think we are becoming concious of it as a community, which will lead it it happening faster.

rchristman (Thu, 20 Jun 2019 15:10:34 GMT):
@TelegramSam - Would you connect me with one of the python tasks that needs to be done on Aries? Thanks

TelegramSam (Thu, 20 Jun 2019 15:33:02 GMT):
Recordings from yesterday's meeting posted: https://wiki.hyperledger.org/display/ARIES/2019-06-19+Aries+Working+Group+Call

kdenhartog (Thu, 20 Jun 2019 18:15:11 GMT):
@TelegramSam and @dbluhm here's how web crypto is storing keys when used in a browser. https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage

kdenhartog (Thu, 20 Jun 2019 18:15:41 GMT):
While it won't help with the chron job use case it may be useful for in browser web app static agents.

dbluhm (Thu, 20 Jun 2019 18:26:05 GMT):
The browser extension I wrote a while back uses browser local storage for storing its keys. It looks like WebCrypto is encouraging/anticipating use of the IndexedDB API. This isn't really my area of expertise but I haven't identified a significant difference in security between those two storage mechanisms? IndexedDB has definite advantages when a more sophisticated data storage solution is needed, though.

TelegramSam (Thu, 20 Jun 2019 20:39:35 GMT):
This might be a good one to get started with: https://github.com/hyperledger/aries-staticagent-python/issues/4

pknowles (Thu, 20 Jun 2019 20:41:05 GMT):
Quote of the day: "Mickey Mouse's left ear is essentially an "Agent Hub"! [The good news is that when I go senile, nobody will notice.]

pknowles (Thu, 20 Jun 2019 20:41:05 GMT):
Quote of the day: "Mickey Mouse's left ear is essentially an "Agent Hub"! [Note to self: The good news is that when you go senile, nobody will notice.]

pknowles (Thu, 20 Jun 2019 20:41:05 GMT):
Quote of the day: "Mickey Mouse's left ear is essentially an "Agent Hub"!

pknowles (Thu, 20 Jun 2019 20:43:55 GMT):
[Note to self: The good news is that when you go senile, nobody will notice.]

esplinr (Thu, 20 Jun 2019 20:59:55 GMT):
I was scheduled out of the office yesterday afternoon.

rchristman (Thu, 20 Jun 2019 21:26:46 GMT):
Yes, this is a good one. Thanks! After I get into it, I'll probably have questions. Who should I ask?

dbluhm (Fri, 21 Jun 2019 20:54:40 GMT):
One day after releasing aries-staticagent-python 0.1.0, we've released 0.2.0! Mostly just cleanup. Link: https://pypi.org/project/aries-staticagent/

sukalpomitra (Mon, 24 Jun 2019 03:28:10 GMT):
hi can anyone guide in how to install indy-cat-agent. The readme says "Instructions forthcoming. indy_catalyst_agent will be made available in the future as a python package at pypi.org."

sukalpomitra (Mon, 24 Jun 2019 03:28:10 GMT):
hi can anyone guide in how to run indy-cat-agent. The readme says "Instructions forthcoming. indy_catalyst_agent will be made available in the future as a python package at pypi.org."

sukalpomitra (Mon, 24 Jun 2019 04:21:37 GMT):
got it running now. thanks to @andrew.whitehead

smithsamuelm (Tue, 25 Jun 2019 03:04:23 GMT):
Is there are regular conf call for Aries?

swcurran (Tue, 25 Jun 2019 03:13:22 GMT):
Yes - Wed. at 3PM Eastern, Noon Pacific. Information is on the Hyperledger Wiki and will be posted here shortly before the call. It's also on the Hyperledger Calendar of events.

swcurran (Tue, 25 Jun 2019 03:17:21 GMT):
Meeting page: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

swcurran (Wed, 26 Jun 2019 16:19:04 GMT):
FYI - BC Gov just posted a new Code With Us bounty about integrating an Aries agent as an IdP with Red Hat's Keycloak (and other) OpenID Connect IAM - https://www.bcdevexchange.org/opportunities/cwu/opp-create-a-red-hat-keycloak-identity-provider--idp--capable-of-processing-verifiable-credentials-using-decentralized-identity-technology-created-by-bc-gov-to-authorize-access-to-a-bc-government-digital-service-

swcurran (Wed, 26 Jun 2019 16:19:35 GMT):
Check it out and if you have the expertise - please apply!

swcurran (Wed, 26 Jun 2019 17:55:01 GMT):
The Aries Working Group call is in just over 1 hour. Details: Call Time: Wednesdays, 1 pm - 2:30 pm US/Mountain Call Link: https://zoom.us/j/856588081 Today's Agenda: https://wiki.hyperledger.org/display/ARIES/2019-06-26+Aries+Working+Group+Call

swcurran (Wed, 26 Jun 2019 17:55:01 GMT):
The Aries Working Group call is in just over 1 hour. Details: Call Time: Wednesdays, 1 pm - 2:30 pm US/Mountain, 12 Noon Pacific Call Link: https://zoom.us/j/856588081 Today's Agenda: https://wiki.hyperledger.org/display/ARIES/2019-06-26+Aries+Working+Group+Call

danielhardman (Wed, 26 Jun 2019 22:24:52 GMT):
For everyone writing Aries RFCs, I just learned a trick that I wanted to share. A lot of our RFCs need to show JSON samples. I've never been very happy with directly embedding the JSON in the markdown using its code block construct with 3 backticks, because: A) I wanted to be able to point to or highlight parts of the JSON, to make it easier to explain its structure B) I couldn't put comments in the JSON, because github's JSON beautifier highlights such things and complains about them. This has caused me to take the alternate approach of writing JSON files, checking them in next to the markdown, and then taking an image of how the JSON displays in an editor, adding highlights and arrows, etc. I know this has annoyed @swcurran particularly, because it makes it harder to see the diff as JSON changes. (It's still there, just in a .json file instead of in the main markdown file. But I agree that's not obvious or ideal.) Anyway, here's what I learned: If you declare that the language of your codeblock is "jsonc" instead of "json" after the 3 opening backticks, Github uses its Sublime/JSON-with-comments beautifier, which allows you to use `//` for comments. This gives much better outcomes than calling the code block straight JSON and having ugly red marks all over it when github beautifies it. I will probably still use the embedded image approach sometimes when I need to highlight a subset of a JSON block (e.g., the way I used it in the attachments RFC here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0017-attachments/README.md#inlining). But I'm going to start using the "jsonc" code style instead of the "json" code style in other places, to reduce the ugly JSON rendering and improve my ability to comment inline.

danielhardman (Wed, 26 Jun 2019 22:24:52 GMT):
For everyone writing Aries RFCs, I just learned a trick that I wanted to share. A lot of our RFCs need to show JSON samples. I've never been very happy with directly embedding the JSON in the markdown using its code block construct with 3 backticks, because: A ) I wanted to be able to point to or highlight parts of the JSON, to make it easier to explain its structure B ) I couldn't put comments in the JSON, because github's JSON beautifier highlights such things and complains about them. This has caused me to take the alternate approach of writing JSON files, checking them in next to the markdown, and then taking an image of how the JSON displays in an editor, adding highlights and arrows, etc. I know this has annoyed @swcurran particularly, because it makes it harder to see the diff as JSON changes. (It's still there, just in a .json file instead of in the main markdown file. But I agree that's not obvious or ideal.) Anyway, here's what I learned: If you declare that the language of your codeblock is "jsonc" instead of "json" after the 3 opening backticks, Github uses its Sublime/JSON-with-comments beautifier, which allows you to use `//` for comments. This gives much better outcomes than calling the code block straight JSON and having ugly red marks all over it when github beautifies it. I will probably still use the embedded image approach sometimes when I need to highlight a subset of a JSON block (e.g., the way I used it in the attachments RFC here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0017-attachments/README.md#inlining). But I'm going to start using the "jsonc" code style instead of the "json" code style in other places, to reduce the ugly JSON rendering and improve my ability to comment inline.

danielhardman (Wed, 26 Jun 2019 22:24:52 GMT):
For everyone writing Aries RFCs, I just learned a trick that I wanted to share. A lot of our RFCs need to show JSON samples. I've never been very happy with directly embedding the JSON in the markdown using its code block construct with 3 backticks, because: A ) I wanted to be able to point to or highlight parts of the JSON, to make it easier to explain its structure B ) I couldn't put comments in the JSON, because github's JSON beautifier highlights such things and complains about them. This has caused me to take the alternate approach of writing JSON files, checking them in next to the markdown, and then taking an image of how the JSON displays in an editor, adding highlights and arrows, and embedded the image in the markdown. I know this has annoyed @swcurran particularly, because it makes it harder to see the diff as JSON changes. (It's still there, just in a .json file instead of in the main markdown file. But I agree that's not obvious or ideal.) Anyway, here's what I learned: If you declare that the language of your codeblock is "jsonc" instead of "json" after the 3 opening backticks, Github uses its Sublime/JSON-with-comments beautifier, which allows you to use `//` for comments. This gives much better outcomes than calling the code block straight JSON and having ugly red marks all over it when github beautifies it. I will probably still use the embedded image approach sometimes when I need to highlight a subset of a JSON block (e.g., the way I used it in the attachments RFC here: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0017-attachments/README.md#inlining). But I'm going to start using the "jsonc" code style instead of the "json" code style in other places, to reduce the ugly JSON rendering and improve my ability to comment inline.

MikeRichardson (Thu, 27 Jun 2019 07:52:00 GMT):
I was very interested to hear about the plans to make Aries compatible with Fabric at last night's call (I have been working with Fabric for the last year). I was wondering if anynody is appointed to start looking at this work yet, and perhaps what people think would be the timescales for having something working.

MikeRichardson (Thu, 27 Jun 2019 07:52:00 GMT):
I was very interested to hear about the plans to make Aries compatible with Fabric at last night's call (I have been working with Fabric for the last year). I was wondering if anybody is appointed to start looking at this work yet, and perhaps what people think would be the timescales for having something working.

MikeRichardson (Thu, 27 Jun 2019 07:52:00 GMT):
I was very interested to hear about the plans to make Aries compatible with Fabric at last night's call (I have been working with Fabric for the last year). I was wondering if anybody has volunteered to start looking at this work yet, and perhaps what people think would be the timescales for having something working.

troyronda (Thu, 27 Jun 2019 09:53:31 GMT):
@MikeRichardson we are implementing a derivation of Fabric as a DID ledger, and will be using that effort in conjunction with our Aries/DIDComm work.

troyronda (Thu, 27 Jun 2019 09:54:57 GMT):
We used the DIF sidetree design for this implementation.

troyronda (Thu, 27 Jun 2019 09:55:05 GMT):
https://github.com/trustbloc/sidetree-fabric

MikeRichardson (Thu, 27 Jun 2019 10:19:46 GMT):
thks @troyronda. "A derivative of Fabric" implies that Fabric needs to be modified to work with Aries? So is there official Fabric work going on in conjunction with Aries?

troyronda (Thu, 27 Jun 2019 11:28:21 GMT):
Our modifications (related to a DID ledger) were to add a built-in DCAS, enable a REST API on the peer, and performance tweaks.

troyronda (Thu, 27 Jun 2019 11:28:21 GMT):
Our modifications (related to a DID ledger) were to add a built-in DCAS, enable a REST API on the peer, and performance tweaks. These extensions are here: https://github.com/trustbloc/fabric-peer-ext

troyronda (Thu, 27 Jun 2019 11:28:21 GMT):
Our modifications (related to a DID ledger) were to add a built-in DCAS, enable a REST API on the peer, and performance tweaks. Our fabric extension code is here: https://github.com/trustbloc/fabric-peer-ext

troyronda (Thu, 27 Jun 2019 11:30:27 GMT):
We also built chaincode and interacted with the peers using fabric-SDK-go (Eg to write batches and observe the chain).

troyronda (Thu, 27 Jun 2019 11:33:31 GMT):
Btw - You could use something like IPFS instead of our built-in DCAS (replacing our fabric DCAS client with an IPFS one).

troyronda (Thu, 27 Jun 2019 11:34:26 GMT):
Official efforts? Not that I’m aware of.

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, ``` ``` that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. ``` ``` I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger.``` ``` for example, I get the following error when I try and send a schema to the ledger``` ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` ```

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, ``` that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. ``` I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger.``` for example, I get the following error when I try and send a schema to the ledger``` ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` ```

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, ``` that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. ``` I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger.``` for example, I get the following error when I try and send a schema to the ledger``` ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ```

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, ``` that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. ``` I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger.``` for example, I get the following error when I try and send a schema to the ledger``` ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` My major questions are 1) how do I properly connect to the ledger? and 2)how do I save connections between users and make them persistent?

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger. for example, I get the following error when I try and send a schema to the ledger ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` My major questions are 1) how do I properly connect to the ledger? and 2)how do I save connections between users and make them persistent?

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. I assume connections are stored on a distributed ledger somewhere, but I can't seem to access the ledger. for example, I get the following error when I try and send a schema to the ledger ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` ``` Note: i'm using the following command to run the indy-catalyst agent:``` PORTS="5000:5000 8000:8000 1000:1000" ./scripts/run_docker --inbound-transpor t http 0.0.0.0 10000 --outbound-transport http --admin 0.0.0.0 5000 -e "http:// host.docker.internal:10000" --accept-requests --accept-invites --log-level DEBU G ``` My major questions are 1) how do I properly connect to the ledger? and 2)how do I save connections between users and make them persistent?

wadeking98 (Thu, 27 Jun 2019 17:11:20 GMT):
I'm new to the indy community and I have a couple questions. I'm building on top of indy-catalyst and I'm trying to find a way to make the user sessions persistent, that is, once a connection is made the user should be able to log off and then log on and the connection will still be there. I assume connections are stored on the ledger somewhere, but I can't seem to access the ledger. for example, I get the following error when I try and send a schema to the ledger ``` 500 Internal Server Error Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/indy_catalyst_agent/messaging/schemas/routes.py", line 56, in schemas_send_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/home/indy/indy_catalyst_agent/config/injection_context.py", line 124, in inject return await self.injector.inject(base_cls, settings, required=required) File "/home/indy/indy_catalyst_agent/config/injector.py", line 80, in inject "No instance provided for class: {}".format(base_cls.__name__) indy_catalyst_agent.config.base.InjectorError: No instance provided for class: BaseLedger ``` Note: i'm using the following command to run the indy-catalyst agent:``` PORTS="5000:5000 8000:8000 1000:1000" ./scripts/run_docker --inbound-transpor t http 0.0.0.0 10000 --outbound-transport http --admin 0.0.0.0 5000 -e "http:// host.docker.internal:10000" --accept-requests --accept-invites --log-level DEBU G ``` My major questions are 1) how do I properly connect to the ledger? and 2)how do I save connections between users and make them persistent?

danielhardman (Thu, 27 Jun 2019 17:17:39 GMT):
@wadeking98: I don't know the answer to your question, because I'm not an expert on that codebase. However, I am certain that it is NOT related to the ledger. You don't have to persist anything to a ledger to remember your connection. It is more likely the case that you are storing something in your wallet already, without realizing it, and that you have to look it up again when you want to use the connection in the future.

sklump (Thu, 27 Jun 2019 17:32:33 GMT):
@wadeking98 the connections are in the wallet. If you are using postgres instead of in-memory wallet, they ought to still be there. Check out the admin API (port 5000) and enumerate the connections to find the one of interest. I notice that your command line is missing the genesis URL, so it has no idea what its ledger is.

sklump (Thu, 27 Jun 2019 17:35:09 GMT):
Here's a command line I've been using to thrash on my instance: ``` $ PORTS="5000:5000 8000:8000" ./scripts/run_docker --admin 0.0.0.0 5000 --inbound-transport http 0.0.0.0 8000 --outbound-transport http -e http://192.168.56.132:8000 --auto-ping-connection --accept-invites --accept-requests --genesis-url http://192.168.56.132:9000/genesis --seed 00000000000000000000000000000000 --wallet-type indy --wallet-name issuer --wallet-key mykey ``` Simplicity itself!

swcurran (Thu, 27 Jun 2019 17:36:38 GMT):
We're working on a tutorial as I type that will show how to use the Swagger interface (e.g. port 5000) to test the API for such things. It will be part of the `aries-cloudagent-python` repo (which is what you are looking at in indy-catalyst today) and which should be transferred to hyperledger on Monday (this Monday). The tutorial will walk through spinning up the agent and using the API to connect agents, issue a credential and then prove it. And, we'll try to wrap the command line a bit to make it easier on the first run :-)

swcurran (Thu, 27 Jun 2019 17:36:38 GMT):
We're working on a tutorial as I type that will show how to use the Swagger interface (e.g. port 5000) to experiment with the API for such things. It will be part of the `aries-cloudagent-python` repo (which is what you are looking at in indy-catalyst today) and which should be transferred to hyperledger on Monday (this Monday). The tutorial will walk through spinning up the agent and using the API to connect agents, issue a credential and then prove it. And, we'll try to wrap the command line a bit to make it easier on the first run :-)

sklump (Thu, 27 Jun 2019 17:56:26 GMT):
@swcurran I think the parameters are all important, but maybe they ought to go into a config file. There is a config file, it also provides a natural conversation point for how-to documentation.

swcurran (Thu, 27 Jun 2019 17:59:40 GMT):
That's what I'm thinking - something .gitignore'd. But for sure we'll have something for the initial tutorial.

swcurran (Thu, 27 Jun 2019 18:00:54 GMT):
Want to do a pull request to add a config file? :-)

wadeking98 (Thu, 27 Jun 2019 18:04:34 GMT):
von-network is running in the background on port 9000. when I tried to run my version of your command is said it didnt recognize the genesis url argument? here is my version of your command followed by the resulting error ``` PORTS="5000:5000 8000:8000" ./scripts/run_docker --admin 0.0.0.0 5000 --inbound-transport http 0.0.0.0 8000 --outbound-transport http -e http://localhost:8000 --auto-ping-connection --accept-invites --accept-requests --genesis-url http://localhost:9000/genesis --seed 00000000000000000000000000000000 --wallet-type indy --wallet-name issuer --wallet-key mykey Sending build context to Docker daemon 2.753MB Step 1/10 : FROM bcgovimages/von-image:py36-1.9-0 ---> 566a0c829bcd Step 2/10 : ENV ENABLE_PTVSD 0 ---> Using cache ---> 57edd611c612 Step 3/10 : ADD requirements.txt . ---> Using cache ---> e8b32f5c90ba Step 4/10 : ADD requirements.dev.txt . ---> Using cache ---> bb6037ac2600 Step 5/10 : RUN pip3 install --no-cache-dir -r requirements.txt -r requirements. dev.txt ---> Using cache ---> f639ee696f04 Step 6/10 : ADD indy_catalyst_agent ./indy_catalyst_agent ---> Using cache ---> be5ad1d6a21f Step 7/10 : ADD scripts ./scripts ---> Using cache ---> 5d5f0998914e Step 8/10 : ADD setup.py ./ ---> Using cache ---> ddd31565d07c Step 9/10 : RUN pip3 install --no-cache-dir -e . ---> Using cache ---> 65466efedfe3 Step 10/10 : ENTRYPOINT ["/bin/bash", "-c", "icatagent \"$@\"", "--"] ---> Using cache ---> 129d39a98e9a Successfully built 129d39a98e9a Successfully tagged indy-cat-run:latest SECURITY WARNING: You are building a Docker image from Windows against a non-Win dows Docker host. All files and directories added to build context will have '-r wxr-xr-x' permissions. It is recommended to double check and reset permissions f or sensitive files and directories. usage: icatagent [-h] -it -ot [--logging-config ] [--log-level ] [-e ] [-l ] [--seed ] [--storage-type ] [--wallet-key ] [--wallet-name ] [--wallet-type ] [--wallet-storage-type ] [--wallet-storage-config ] [--wallet-storage-creds ] [--pool-name ] [--genesis-transactions ] [--admin ] [--debug] [--debug-seed ] [--debug-connections] [--accept-invites] [--accept-requests] [--auto-ping-connection] [--auto-respond-messages] [--auto-respond-credential-offer] [--auto-respond-presentation-request] [--auto-verify-presentation] [--no-receive-invites] [--help-link ] [--invite] [--send-invite ] [--timing] icatagent: error: unrecognized arguments: --genesis-url http://127.0.0.1:9000/ge nesis```

andrew.whitehead (Thu, 27 Jun 2019 18:05:01 GMT):
Might want to wait for me to move the command line parsing out of __init__.py

sklump (Thu, 27 Jun 2019 18:12:23 GMT):
I want to finish what I've already started first.

sklump (Thu, 27 Jun 2019 18:14:40 GMT):
Can you telnet to 127.0.0.1 9000 ? Maybe it needs your actual IP address as once it's running in the docker box, localhost looks different from inside

sklump (Thu, 27 Jun 2019 18:14:40 GMT):
Can you telnet to 127.0.0.1 9000 from the docker image? Maybe it needs your actual IP address as once it's running in the docker box, localhost looks different from inside

sklump (Thu, 27 Jun 2019 18:14:40 GMT):
Can you telnet to 127.0.0.1 9000 from the docker container? Maybe it needs your actual IP address as once it's running in the docker box, localhost looks different from inside

swcurran (Thu, 27 Jun 2019 18:53:39 GMT):
We use this trick to get the docker host IP in a portable way `docker run --net=host codenvy/che-ip`

swcurran (Thu, 27 Jun 2019 18:54:13 GMT):
That might be what you need. I needed it for running the agent and API on linux.

wadeking98 (Thu, 27 Jun 2019 18:59:13 GMT):
I got my docker host IP as 192.168.65.3 so I used that in place as local host, I also tried my local ip address but none of those worked. I dont think it's a problem with the url, I think that --genesis-url isn't recognized as an argument. when I run "Scripts/run_docker --help" I dont see --genesis-url come up as a recognized argument. The closest argument that I see is --genesis-transactions

sklump (Thu, 27 Jun 2019 19:01:46 GMT):
OK I guess genesis-url is new: somehow the transactions then have to go in as a string.

sklump (Thu, 27 Jun 2019 19:04:37 GMT):
and it appears that string is a path

sklump (Thu, 27 Jun 2019 19:04:37 GMT):
and it appears that string is ~a path~ correction, the genesis transactions as a string. If so, that's awful but it might work.

sklump (Thu, 27 Jun 2019 19:09:47 GMT):
So something like `'{"reqSignature":{},"txn":{"data":{"data":{"alias":"Node1","blskey":"4N8aUNHSgjQVgkpm8nhNEfDf6txHznoYREg9kirmJrkivgL4oSEi mFF6nsQ6M41QvhM2Z33nves5vfSn9n1UwNFJBYtWVnHYMATn76vLuL3zU88KyeAYcHfsih3He6UHcXDxcaecHVz6jhCYz1P2UZn2bDVruL5wXpehgBfBaLKm 3Ba","blskey_pop":"RahHYiCvoNCtPTrVtP7nMC5eTYrsUA8WjXbdhNc8debh1agE9bGiJxWBXYNFbnJXoXhWFMvyqhqhRoq737YQemH5ik9oL7R4NTTCz 2LEZhkgLJzB3QRQqJyBNyv7acbdHrAT8nQ9UkLbaVL9NBpnWXBTw4LEMePaSHEw66RzPNdAX1","client_ip":"10.0.0.2","client_port":9702,"no de_ip":"10.0.0.2","node_port":9701,"services":["VALIDATOR"]},"dest":"Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv"},"met adata":{"from":"Th7MpTaRZVRYnPiabds81Y"},"type":"0"},"txnMetadata":{"seqNo":1,"txnId":"fea82e10e894419fe2bea7d96296a6d46 f50f93f9eeda954ec461b2ed2950b62"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node2","blskey":"37rAPpXVoxzKhz7d9gkUe52XuXryuLXoM6P6LbWDB7LSbG62Lsb3 3sfG7zqS8TK1MXwuCHj1FKNzVpsnafmqLG1vXN88rt38mNFs9TENzm4QHdBzsvCuoBnPH7rpYYDo9DZNJePaDvRvqJKByCabubJz3XXKbEeshzpz4Ma5QYpJ qjk","blskey_pop":"Qr658mWZ2YC8JXGXwMDQTzuZCWF7NK9EwxphGmcBvCh6ybUuLxbG65nsX4JvD4SPNtkJ2w9ug1yLTj6fgmuDg41TgECXjLCij3RMs V8CwewBVgVN67wsA45DFWvqvLtu4rjNnE9JbdFTc1Z4WCPA3Xan44K1HoHAq9EVeaRYs8zoF5","client_ip":"10.0.0.2","client_port":9704,"no de_ip":"10.0.0.2","node_port":9703,"services":["VALIDATOR"]},"dest":"8ECVSk179mjsjKRLWiQtssMLgp6EPhWXtaYyStWPSGAb"},"met adata":{"from":"EbP4aYNeTHL6q385GuVpRV"},"type":"0"},"txnMetadata":{"seqNo":2,"txnId":"1ac8aece2a18ced660fef8694b61aac3a f08ba875ce3026a160acbc3a3af35fc"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node3","blskey":"3WFpdbg7C5cnLYZwFZevJqhubkFALBfCBBok15GdrKMUhUjGsk3j V6QKj6MZgEubF7oqCafxNdkm7eswgA4sdKTRc82tLGzZBd6vNqU8dupzup6uYUf32KTHTPQbuUM8Yk4QFXjEf2Usu2TJcNkdgpyeUSX42u5LqdDDpNSWUK5d eC5","blskey_pop":"QwDeb2CkNSx6r8QC8vGQK3GRv7Yndn84TGNijX8YXHPiagXajyfTjoR87rXUu4G4QLk2cF8NNyqWiYMus1623dELWwx57rLCFqGh7 N4ZRbGDRP4fnVcaKg1BcUxQ866Ven4gw8y4N56S5HzxXNBZtLYmhGHvDtk6PFkFwCvxYrNYjh","client_ip":"10.0.0.2","client_port":9706,"no de_ip":"10.0.0.2","node_port":9705,"services":["VALIDATOR"]},"dest":"DKVxG2fXXTU8yT5N7hGEbXB3dfdAnYv1JczDUHpmDxya"},"met adata":{"from":"4cU41vWW82ArfxJxHkzXPG"},"type":"0"},"txnMetadata":{"seqNo":3,"txnId":"7e9f355dffa78ed24668f0e0e369fd8c2 24076571c51e2ea8be5f26479edebe4"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node4","blskey":"2zN3bHM1m4rLz54MJHYSwvqzPchYp8jkHswveCLAEJVcX6Mm1wHQ D1SkPYMzUDTZvWvhuE6VNAkK3KxVeEmsanSmvjVkReDeBEMxeDaayjcZjFGPydyey1qxBHmTvAnBKoPydvuTAqx5f7YNNRAdeLmUi99gERUU7TD8KfAa6MpQ 9bw","blskey_pop":"RPLagxaR5xdimFzwmzYnz4ZhWtYQEj8iR5ZU53T2gitPCyCHQneUn2Huc4oeLd2B2HzkGnjAff4hWTJT6C7qHYB1Mv2wU5iHHGFWk hnTX9WsEAbunJCV2qcaXScKj4tTfvdDKfLiVuU2av6hbsMztirRze7LvYBkRHV3tGwyCptsrP","client_ip":"10.0.0.2","client_port":9708,"no de_ip":"10.0.0.2","node_port":9707,"services":["VALIDATOR"]},"dest":"4PS3EDQ3dW1tci1Bp6543CfuuebjFrg36kLAUcskGfaA"},"met adata":{"from":"TWwCRQRZ2ZHMJFn9TzLp7W"},"type":"0"},"txnMetadata":{"seqNo":4,"txnId":"aa5e817d7cc626170eca175822029339a 444eb0ee8f0bd20d3b0b76e566fb008"},"ver":"1"}'`

sklump (Thu, 27 Jun 2019 19:09:47 GMT):
So something like ``` '{"reqSignature":{},"txn":{"data":{"data":{"alias":"Node1","blskey":"4N8aUNHSgjQVgkpm8nhNEfDf6txHznoYREg9kirmJrkivgL4oSEi mFF6nsQ6M41QvhM2Z33nves5vfSn9n1UwNFJBYtWVnHYMATn76vLuL3zU88KyeAYcHfsih3He6UHcXDxcaecHVz6jhCYz1P2UZn2bDVruL5wXpehgBfBaLKm 3Ba","blskey_pop":"RahHYiCvoNCtPTrVtP7nMC5eTYrsUA8WjXbdhNc8debh1agE9bGiJxWBXYNFbnJXoXhWFMvyqhqhRoq737YQemH5ik9oL7R4NTTCz 2LEZhkgLJzB3QRQqJyBNyv7acbdHrAT8nQ9UkLbaVL9NBpnWXBTw4LEMePaSHEw66RzPNdAX1","client_ip":"10.0.0.2","client_port":9702,"no de_ip":"10.0.0.2","node_port":9701,"services":["VALIDATOR"]},"dest":"Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv"},"met adata":{"from":"Th7MpTaRZVRYnPiabds81Y"},"type":"0"},"txnMetadata":{"seqNo":1,"txnId":"fea82e10e894419fe2bea7d96296a6d46 f50f93f9eeda954ec461b2ed2950b62"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node2","blskey":"37rAPpXVoxzKhz7d9gkUe52XuXryuLXoM6P6LbWDB7LSbG62Lsb3 3sfG7zqS8TK1MXwuCHj1FKNzVpsnafmqLG1vXN88rt38mNFs9TENzm4QHdBzsvCuoBnPH7rpYYDo9DZNJePaDvRvqJKByCabubJz3XXKbEeshzpz4Ma5QYpJ qjk","blskey_pop":"Qr658mWZ2YC8JXGXwMDQTzuZCWF7NK9EwxphGmcBvCh6ybUuLxbG65nsX4JvD4SPNtkJ2w9ug1yLTj6fgmuDg41TgECXjLCij3RMs V8CwewBVgVN67wsA45DFWvqvLtu4rjNnE9JbdFTc1Z4WCPA3Xan44K1HoHAq9EVeaRYs8zoF5","client_ip":"10.0.0.2","client_port":9704,"no de_ip":"10.0.0.2","node_port":9703,"services":["VALIDATOR"]},"dest":"8ECVSk179mjsjKRLWiQtssMLgp6EPhWXtaYyStWPSGAb"},"met adata":{"from":"EbP4aYNeTHL6q385GuVpRV"},"type":"0"},"txnMetadata":{"seqNo":2,"txnId":"1ac8aece2a18ced660fef8694b61aac3a f08ba875ce3026a160acbc3a3af35fc"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node3","blskey":"3WFpdbg7C5cnLYZwFZevJqhubkFALBfCBBok15GdrKMUhUjGsk3j V6QKj6MZgEubF7oqCafxNdkm7eswgA4sdKTRc82tLGzZBd6vNqU8dupzup6uYUf32KTHTPQbuUM8Yk4QFXjEf2Usu2TJcNkdgpyeUSX42u5LqdDDpNSWUK5d eC5","blskey_pop":"QwDeb2CkNSx6r8QC8vGQK3GRv7Yndn84TGNijX8YXHPiagXajyfTjoR87rXUu4G4QLk2cF8NNyqWiYMus1623dELWwx57rLCFqGh7 N4ZRbGDRP4fnVcaKg1BcUxQ866Ven4gw8y4N56S5HzxXNBZtLYmhGHvDtk6PFkFwCvxYrNYjh","client_ip":"10.0.0.2","client_port":9706,"no de_ip":"10.0.0.2","node_port":9705,"services":["VALIDATOR"]},"dest":"DKVxG2fXXTU8yT5N7hGEbXB3dfdAnYv1JczDUHpmDxya"},"met adata":{"from":"4cU41vWW82ArfxJxHkzXPG"},"type":"0"},"txnMetadata":{"seqNo":3,"txnId":"7e9f355dffa78ed24668f0e0e369fd8c2 24076571c51e2ea8be5f26479edebe4"},"ver":"1"} {"reqSignature":{},"txn":{"data":{"data":{"alias":"Node4","blskey":"2zN3bHM1m4rLz54MJHYSwvqzPchYp8jkHswveCLAEJVcX6Mm1wHQ D1SkPYMzUDTZvWvhuE6VNAkK3KxVeEmsanSmvjVkReDeBEMxeDaayjcZjFGPydyey1qxBHmTvAnBKoPydvuTAqx5f7YNNRAdeLmUi99gERUU7TD8KfAa6MpQ 9bw","blskey_pop":"RPLagxaR5xdimFzwmzYnz4ZhWtYQEj8iR5ZU53T2gitPCyCHQneUn2Huc4oeLd2B2HzkGnjAff4hWTJT6C7qHYB1Mv2wU5iHHGFWk hnTX9WsEAbunJCV2qcaXScKj4tTfvdDKfLiVuU2av6hbsMztirRze7LvYBkRHV3tGwyCptsrP","client_ip":"10.0.0.2","client_port":9708,"no de_ip":"10.0.0.2","node_port":9707,"services":["VALIDATOR"]},"dest":"4PS3EDQ3dW1tci1Bp6543CfuuebjFrg36kLAUcskGfaA"},"met adata":{"from":"TWwCRQRZ2ZHMJFn9TzLp7W"},"type":"0"},"txnMetadata":{"seqNo":4,"txnId":"aa5e817d7cc626170eca175822029339a 444eb0ee8f0bd20d3b0b76e566fb008"},"ver":"1"}' ```

sklump (Thu, 27 Jun 2019 19:10:26 GMT):
with the single quotes for the shell

wadeking98 (Thu, 27 Jun 2019 20:04:32 GMT):
I used my genesis transactions string and it said that "Genesis txn is mailformed j son" then I put the string all on one line and I got the same error. Next I tried putting all the reqSignature objects as an array and using that as the string. It did't say malformed json anymore but it said "MerkleTree contains invalid item". Finally I tried using a single reqSigniture object and I got "client request invalid: CouldNotAuthenticate('Can not find verkey for 4QxzWk3ajdnEA37NdNU5Kt',)" Is there any way I can switch to the newer indy catalyst agent that uses genesis-url instead? or has that version not been published yet

swcurran (Thu, 27 Jun 2019 20:05:56 GMT):
The latest repo is here - https://github.com/bcgov/aries-cloudagent-python

swcurran (Thu, 27 Jun 2019 20:06:06 GMT):
But it should be pretty much the same as what you have.

swcurran (Thu, 27 Jun 2019 20:06:48 GMT):
FYI - next week we will be transferring the repo to Hyperledger. Your fork will still work, it's just it will be referencing into Hyperledger vs. BC Gov.

swcurran (Thu, 27 Jun 2019 20:07:18 GMT):
We're working on cleaning things up before the transfer - adding more docs, tutorials, etc.

wadeking98 (Thu, 27 Jun 2019 20:31:08 GMT):
sounds good, thank you guys so much for your help, I really appreciate it!

SteveMagennis (Fri, 28 Jun 2019 18:04:48 GMT):
…hey guys, I’m trying to run faber-pg.py (from indy-catalyst) locally in debug mode in VSCode, webhook in_port_1 set to 9001. Per Readme it suggests using the indy SDK docker image as a local ledger – I had no luck with that. I then tried using the von-network container – this allowed me to get farther into the code to line 157 (print endpoint url): Admin url is at: http://127.0.0.1:9004 Endpoint url is at: http://127.0.0.1:9001 When I get to the next statement (line 161 check swagger content) things blow up OSError: No socket could be created -- (('0.0.0.0', 9000): [Errno 98] Address already in use) I feel I’m missing something basic, like using the wrong ledger container, not understanding something about the way the ports are being used, etc. Any suggestions for a different rock to beat my head against?

swcurran (Fri, 28 Jun 2019 18:10:56 GMT):
@andrew.whitehead @sklump ^^^ Can you help? Are you on a Linux? Mac? Last I check there was a Linux issue - the use of host.docker.internal in the scripts that needs to be removed.

swcurran (Fri, 28 Jun 2019 18:12:21 GMT):
FYI - the agent code has been moved to `aries-cloudagent-python` and will be moved from bcgov to hyperledger early next week - Monday or Tuesday. You can fork that today and the fork will continue to work after the transfer.

SteveMagennis (Fri, 28 Jun 2019 18:13:25 GMT):
yeah, i saw that - trying to get a little further before switching code base. I saw a couple small differences

andrew.whitehead (Fri, 28 Jun 2019 18:14:05 GMT):
The ledger is using port 9000 so the agent is not able to bind that port

swcurran (Fri, 28 Jun 2019 18:14:46 GMT):
`PORTS="5000:5000 10000:10000" ./scripts/run_docker -it http 0.0.0.0 10000 -ot http --admin 0.0.0.0 5001 -e http://docker run --net=host codenvy/che-ip:10000 --genesis-url http://docker run --net=host codenvy/che-ip:9000/genesis --seed 00000000000000000000000000000000 --auto-ping-connection --accept-invites --accept-requests --auto-verify-presentation --wallet-type indy --label "Issuer/Verifier"` `PORTS="5001:5001 10001:10001" ./scripts/run_docker -it http 0.0.0.0 10001 -ot http --admin 0.0.0.0 5001 -e http://docker run --net=host codenvy/che-ip:10001 --genesis-url http://docker run --net=host codenvy/che-ip:9000/genesis --seed 00000000000000000000000000000001 --auto-ping-connection --accept-invites --accept-requests --auto-verify-presentation --auto-respond-credential-offer --auto-respond-presentation-request --wallet-type indy --label "Holder Agent"`

swcurran (Fri, 28 Jun 2019 18:14:46 GMT):
`PORTS="5000:5000 10000:10000" ./scripts/run_docker -it http 0.0.0.0 10000 -ot http --admin 0.0.0.0 5000 -e http://docker run --net=host codenvy/che-ip:10000 --genesis-url http://docker run --net=host codenvy/che-ip:9000/genesis --seed 00000000000000000000000000000000 --auto-ping-connection --accept-invites --accept-requests --auto-verify-presentation --wallet-type indy --label "Issuer/Verifier"` `PORTS="5001:5001 10001:10001" ./scripts/run_docker -it http 0.0.0.0 10001 -ot http --admin 0.0.0.0 5001 -e http://docker run --net=host codenvy/che-ip:10001 --genesis-url http://docker run --net=host codenvy/che-ip:9000/genesis --seed 00000000000000000000000000000001 --auto-ping-connection --accept-invites --accept-requests --auto-verify-presentation --auto-respond-credential-offer --auto-respond-presentation-request --wallet-type indy --label "Holder Agent"`

swcurran (Fri, 28 Jun 2019 18:15:20 GMT):
I was able to use those on Linux to run, and then can see the ledger at 9000, and the swagger UI at 5000 and 5001

swcurran (Fri, 28 Jun 2019 18:15:20 GMT):
I was able to use those on Linux to run, and then can see the ledger at localhost:9000, and the swagger UI at localhost:5000 and localhost:5001

SteveMagennis (Fri, 28 Jun 2019 18:15:23 GMT):
i thought the agent started at 9001?

swcurran (Fri, 28 Jun 2019 18:16:18 GMT):
No - in the above at least it's on 5000 for the first, 5001 for the second. See the --admin pair of arguments.

swcurran (Fri, 28 Jun 2019 18:16:18 GMT):
No - in the above at least it's on 5000 for the first, 5001 for the second. See the `--admin` pair of arguments.

swcurran (Fri, 28 Jun 2019 18:16:18 GMT):
We're working on a full tutorial on this for starting, connecting, and issuing/proving credentials using Swagger for Monday.

swcurran (Fri, 28 Jun 2019 18:18:25 GMT):
The `--admin` parameter defines the swagger API port.

SteveMagennis (Fri, 28 Jun 2019 18:21:28 GMT):
I'll muck with this for a while then look for the new content Monday. Thanks!

tplooker (Sat, 29 Jun 2019 03:05:15 GMT):
Hey guys, at Mattr, we're growing and on the lookout for new members in the developer community that are interested in an opportunity with us. If you are or know anyone that could be interested please let either @kdenhartog or I know, thanks.

jljordan_bcgov (Sat, 29 Jun 2019 15:43:05 GMT):
Opportunity for UK citizens and I think global citizens to help UK Companies House understand the potential to achieve their objectives and improve services https://www.gov.uk/government/news/have-your-say-on-the-future-of-companies-house

jljordan_bcgov (Sat, 29 Jun 2019 15:43:34 GMT):
Tell them about VON / Aries / Indy and digital trust !

swcurran (Sat, 29 Jun 2019 17:24:42 GMT):
@SteveMagennis - not sure you care as the tutorial WILL be available :-), but there was a type in the two commands above, now corrected :-).

swcurran (Mon, 01 Jul 2019 05:51:34 GMT):
@SteveMagennis - the Swagger-driven demo for the Aries Cloud Agent - Python is now in the repo - https://github.com/bcgov/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo.md

swcurran (Mon, 01 Jul 2019 05:52:50 GMT):
If you are interested we've taken a cut at a "0 to coding" guide for getting started with building Aries applications. Love to get your feedback - https://github.com/bcgov/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/README.md

TelegramSam (Mon, 01 Jul 2019 14:48:27 GMT):
Call Recording for last week's call now posted: https://wiki.hyperledger.org/display/ARIES/2019-06-26+Aries+Working+Group+Call

smithsamuelm (Mon, 01 Jul 2019 15:25:31 GMT):
@TelegramSam Would it be possible to add me sam@samuelsmith.org to the Aries WG weekly meeting

jljordan_bcgov (Mon, 01 Jul 2019 15:38:11 GMT):
Hi Sam. I think you just add the Hyperledger calendar to your calendar app You can find link for that on the wiki page https://wiki.hyperledger.org/plugins/servlet/mobile?contentId=10846210#content/view/10846210

TelegramSam (Mon, 01 Jul 2019 16:21:21 GMT):
you can do that too. I've added you to the invite also.

jljordan_bcgov (Mon, 01 Jul 2019 16:24:36 GMT):
Didn’t even know there was an invite :)

esplinr (Tue, 02 Jul 2019 14:57:13 GMT):
Per our conversation on last Wednesday's Aries Working Group call, tomorrow w will be adding an additional Aries call scheduled to be during business hours in Europe.

esplinr (Tue, 02 Jul 2019 14:57:36 GMT):
It will happen every other Wednesday, offset from the Ursa call.

esplinr (Tue, 02 Jul 2019 14:58:34 GMT):
The Hyperledger Community Calendar is updated, as is the Aries wiki page.

esplinr (Tue, 02 Jul 2019 14:58:37 GMT):
The call is 7AM Los Angeles, 10AM New York, 3PM London, 17H Moscow

esplinr (Tue, 02 Jul 2019 15:17:13 GMT):
I'm pulling together an agenda here: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320158

swcurran (Tue, 02 Jul 2019 15:33:13 GMT):
Hey @esplinr - do we have a set host for the meeting on an ongoing basis? Want to be sure that someone has the lead on this.

esplinr (Tue, 02 Jul 2019 15:33:30 GMT):
I'll host unless someone else volunteers.

swcurran (Tue, 02 Jul 2019 15:33:50 GMT):
FYI - BC Gov has posted this "Code With Us" (bounty) opportunity for a developer/team to build an Aries-based Identity Provider (IdP) for an IAM solution (Red Hat's Keycloak). *The opportunity closes at 4PM Pacific on July 3, 2019* so if you are interested, please get your response in ASAP. https://www.bcdevexchange.org/opportunities/cwu/opp-create-a-red-hat-keycloak-identity-provider--idp--capable-of-processing-verifiable-credentials-using-decentralized-identity-technology-created-by-bc-gov-to-authorize-access-to-a-bc-government-digital-service-

esplinr (Tue, 02 Jul 2019 15:34:10 GMT):
I put my zoom in the calendar invite to avoid stomping on anyone else. So I can also manage the recording.

esplinr (Tue, 02 Jul 2019 15:34:43 GMT):
Any objection to my removing the tables from the Aries agendas? I prefer bulleted lists because the tables make it hard to take notes and don't copy / paste well between agendas.

rjones (Tue, 02 Jul 2019 15:34:43 GMT):
I appreciate that. It is a discussion we're having internally if we should even have community Zoom accounts

esplinr (Tue, 02 Jul 2019 15:35:36 GMT):
Ry: I think the community Zoom account can be useful for some meetings. But this call conflicts with the Quilt call.

rjones (Tue, 02 Jul 2019 15:36:21 GMT):
We have three accounts to reduce conflict. Where I think it was most useful is when we used to host the recordings and could pay for that. Since we don't do that any more, I'm not sure of the value.

rjones (Tue, 02 Jul 2019 15:36:54 GMT):
but: this isn't a decision we're making this year, since they're already paid for.

esplinr (Tue, 02 Jul 2019 15:39:06 GMT):
@swcurran I can't attend the afternoon call this week to explain any changes I make to the agenda layout, so I'll wait to until next week to do that. That also allows us to try out the layout on the morning call.

TelegramSam (Tue, 02 Jul 2019 16:58:15 GMT):
Is having different zoom meeting URLs going to be confusing? I'm happy to try and make the other one work.

esplinr (Tue, 02 Jul 2019 17:00:45 GMT):
The URLs are correct in both meeting invitations, and on the Aries page in the wiki.

esplinr (Tue, 02 Jul 2019 17:01:00 GMT):
I'm fine changing the URL if we want, but I'm nervous about how that impacts my ability to help with the recordings.

TelegramSam (Tue, 02 Jul 2019 17:01:16 GMT):
yeah, the shared host requirement of the same org is lame.

TelegramSam (Tue, 02 Jul 2019 17:04:32 GMT):
I can't make another zoom account a co-host unless we are members of the same paid org.

rjones (Tue, 02 Jul 2019 17:05:23 GMT):
strange. could we experiment? We had out the host codes for Hyperledger zoom accounts, but they are paid accounts (not for orgs)

TelegramSam (Tue, 02 Jul 2019 17:07:33 GMT):
there is a different way than handing out the host codes.

wadeking98 (Tue, 02 Jul 2019 17:33:09 GMT):
Just a heads up that the files in aries contain \r\n flags for new lines. Windows doesn't recognize the \r character but it can be removed easily from all files using ``` find . -mindepth 1 -type f -exec sed -i 's/\r//g' {} \; ``` from a bash command line (in my case git bash)

rjones (Tue, 02 Jul 2019 18:21:28 GMT):
@wadeking98 this as well: https://stackoverflow.com/questions/10418975/how-to-change-line-ending-settings

rjones (Tue, 02 Jul 2019 18:22:13 GMT):
https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration#Formatting-and-Whitespace

PatrikStas (Tue, 02 Jul 2019 18:44:58 GMT):
@swcurran the tutorial is great, everything worked right out of the box for me. I made a pull request with just a tiny adjustment. Amazing work done at BC Gov!

callahan (Wed, 03 Jul 2019 13:18:04 GMT):
Can't make the 10AM EDT call but looking forward to migrating current ruby work (https://github.com/johncallahan/rindy) to aries-sdk-ruby. Is there a second Aries WG call for 3pm EDT today?

TelegramSam (Wed, 03 Jul 2019 13:21:59 GMT):
The 10AM Eastern call is a new call starting today to better match some timezones. The 3pm Eastern call is the main call.

TelegramSam (Wed, 03 Jul 2019 13:22:33 GMT):
@callahan both will be recorded, with notes and agendas here: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

callahan (Wed, 03 Jul 2019 13:41:09 GMT):
thanks Sam... I'll be able to attend the 3pm EDT call

callahan (Wed, 03 Jul 2019 13:46:03 GMT):
I got a chance to review @nage SSI meetup presentation on Aries. Great talk! How do I get involved on Aries DKMS work? I've read the RFC doc at https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0051-dkms/dkms-v4.md . I need to start converge of work on biometric-based recovery (see Sovrin Showcase talk last week) into Aries DKMS recovery as we intend

TelegramSam (Wed, 03 Jul 2019 13:52:15 GMT):
What are the deliverable goals for your work? DKMS has a large surface area.

esplinr (Wed, 03 Jul 2019 14:00:28 GMT):
We'll be starting the Aries call a couple of minutes late. Sorry.

esplinr (Wed, 03 Jul 2019 14:06:49 GMT):
Getting started in the Aries call now: https://zoom.us/j/6385450258

callahan (Wed, 03 Jul 2019 14:07:38 GMT):
@TelegramSam I'm not sure yet.... good question but @nage asked for participation and I *think* it fits under DKMS but need a forum to ask questions

esplinr (Wed, 03 Jul 2019 14:41:30 GMT):
Sorry about he mistaken zoom account. I'll get that fixed.

MikeRichardson (Wed, 03 Jul 2019 14:42:05 GMT):
So am I right in saying that tonight's WG call is one hour earlier than previously?

esplinr (Wed, 03 Jul 2019 14:42:32 GMT):
It's the same time as always on my calendar.

MikeRichardson (Wed, 03 Jul 2019 14:44:23 GMT):
The two meetings are four hours apart and the first one just ended

TelegramSam (Wed, 03 Jul 2019 14:44:32 GMT):
There is not yet. I would love to understand which aspects of DKMS you are aiming to work on, and then we can figure out the best way to support your work.

esplinr (Wed, 03 Jul 2019 14:44:55 GMT):
I probably miscounted when I said how far apart they are.

nage (Wed, 03 Jul 2019 15:10:45 GMT):
There is a dkms channel on chat.sovrin.org/channel/dkms

nage (Wed, 03 Jul 2019 15:11:19 GMT):
The work spans a few disciplines, agents and crypto in particular. @MALodder is the right one to talk to.

dbluhm (Wed, 03 Jul 2019 15:57:57 GMT):
@nbrempel or @andrew.whitehead I noticed something that seemed odd in aries-cloudagent (congrats on getting it migrated to Aries, btw!) For context: https://github.com/hyperledger/aries-cloudagent-python/blob/727b3430492e3d3b9d96c8a648d792f673799058/aries_cloudagent/messaging/serializer.py#L61 The order of decorator checks and unpacking seems off; it first deserializes which would result in a dictionary with 'tag' and 'iv' and 'ciphertext' etc but then checks for '~thread

dbluhm (Wed, 03 Jul 2019 15:59:01 GMT):
Shouldn't it be unpacking the message before checking for decorators?

nbrempel (Wed, 03 Jul 2019 16:00:31 GMT):
Thanks @dbluhm! Can you open a github issue?

WadeBarnes (Wed, 03 Jul 2019 16:02:57 GMT):
Have you already created your issue?

WadeBarnes (Wed, 03 Jul 2019 16:03:52 GMT):
Perhaps coordinate with @dbluhm since you were going to take a crack at fixing it.

dbluhm (Wed, 03 Jul 2019 16:04:26 GMT):
Created https://github.com/hyperledger/aries-cloudagent-python/issues/37

sukalpomitra (Wed, 03 Jul 2019 16:04:54 GMT):
@dbluhm thanks! I will try to see if i can fix it with my limited python knowledge :)

wadeking98 (Wed, 03 Jul 2019 18:24:27 GMT):
Thank you for the tutorial everyone, I still have a couple questions about the persistence of credentials and connections across reboots. From my understanding when two users connect, their connection information is stored on a private ledger between the two users, when both users log out (by pressing ctrl+c in both terminals) the ledger no longer exists. Is there anyway to save the private ledger to a database so that the users dont lose connection information when they log out and log back in?

wadeking98 (Wed, 03 Jul 2019 18:24:27 GMT):
Thank you for the tutorial everyone, I still have a couple questions about the persistence of credentials and connections across reboots. From my understanding when two users connect, their connection information is stored on a private ledger between the two users, when both users log out (by pressing ctrl+c in both terminals) the ledger no longer exists. Is there anyway to save the private ledger so that the users dont lose connection information when they log out and log back in?

jljordan_bcgov (Wed, 03 Jul 2019 18:35:02 GMT):
It is not actually a ledger ... it is simply state that is stored in the respective peer agents

jljordan_bcgov (Wed, 03 Jul 2019 18:35:02 GMT):
It is not actually a ledger ... it is simply state that is stored in the respective peer agents persistent storage

wadeking98 (Wed, 03 Jul 2019 18:40:09 GMT):
ah, thank you. How do I stop the agent's persistent storage from being destroyed when I press ctrl+c ? can I just save the connection json somewhere until the agents log in again?

jljordan_bcgov (Wed, 03 Jul 2019 18:40:37 GMT):
ah .. you mean in one of the demos

jljordan_bcgov (Wed, 03 Jul 2019 18:40:55 GMT):
I was speaking more generally ...

wadeking98 (Wed, 03 Jul 2019 18:41:46 GMT):
yes the issuer/holder demo, no worries

wadeking98 (Wed, 03 Jul 2019 18:44:02 GMT):
yes the issuer/holder demo, no worries

jljordan_bcgov (Wed, 03 Jul 2019 18:44:54 GMT):
right ... one of the devs may know a way to do that but I think it was not the intention of the demo to maintain state across "reboots"

wadeking98 (Wed, 03 Jul 2019 18:48:30 GMT):
okay I have a meeting about it later today so I should get a chance to talk to one of the developers. Thank you for your help

dbluhm (Wed, 03 Jul 2019 20:54:43 GMT):
As per our discussion on the WG Call today, I'll start preparing the test suite I demoed today for publishing under Hyperledger!

wadeking98 (Wed, 03 Jul 2019 21:21:50 GMT):
I have a general question about how aries agents will be running on the network. Currently in the demo each user has their own port value, there are about 65,000 ports available on most computers so there can be at most 65,000 active agents at a time. This is fine for now but I'm worried about how it will scale as the project i'm building grows. Is there a way around assigning each user their own port? or will there be a different approach for managing users in the production version of aries?

wadeking98 (Wed, 03 Jul 2019 21:21:50 GMT):
I have a general question about how aries agents will be running on the network. Currently in the demo each user has their own port value, there are about 65,000 ports available on most computers so there can be at most 65,000 active agents at a time. This is fine for now but I'm worried about how it will scale as the project i'm building grows. Is there a way around assigning each active user their own port? or will there be a different approach for managing users in the production version of aries?

andrew.whitehead (Wed, 03 Jul 2019 21:59:20 GMT):
@wadeking98 I think a situation like that would normally be handled by a routing agent dispatching messages to the edge agents

ianco (Wed, 03 Jul 2019 22:26:30 GMT):
The agent stores all of its "state" in the wallet (in non-secrets storage). Credentials are also stored in the wallet. To persist across reboots you should (a) use a postgres wallet, and (b) setup your postgres (assuming you are running in docker) with persistent storage

ianco (Wed, 03 Jul 2019 22:27:46 GMT):
We have a standard setup with docker compose that orchestrates the various containers that are needed to run an aries solution (including the agent, postgres storage, controller app, etc)

ianco (Wed, 03 Jul 2019 22:28:53 GMT):
For example see the "docker-compose.yml" and "manage" scripts here: https://github.com/bcgov/indy-catalyst/tree/refactoring/starter-kits/credential-registry/docker

ianco (Wed, 03 Jul 2019 22:29:53 GMT):
Other examples are https://github.com/bcgov/iiwbook/tree/master/docker and https://github.com/bcgov/indy-email-verification/tree/master/docker

dbluhm (Wed, 03 Jul 2019 22:30:56 GMT):
As @andrew.whitehead said already, this is not generally how agents will work. Most of the time, Agents will be behind a routing agent that routes to the edge so all of the edge agents are behind a single endpoint. This removes one piece of information that could be correlated. I think we commonly see the one-port-per-agent thing today because that's the simplest way to show that the two interacting agents are separate from each other.

nage (Wed, 03 Jul 2019 22:31:53 GMT):
Correct, and on something like Linux you could add virtual network adapters, or file sockets instead of network sockets (not sure how adaptable our code bases is to that approach, but it shouldn't be too difficult).

sklump (Thu, 04 Jul 2019 11:32:44 GMT):
Fixing this order would also obviate the need for a workaround I've shimmed in for the present: in several Aries#0036 messages, attachment decorators are required, but this code strips them before validation. My workaround puts them back for the validation step. It's ugly and won't scale. The right thing here is to validate first.

swcurran (Thu, 04 Jul 2019 17:31:41 GMT):
FYI - fyi, you can now install the Aries Cloud Agent - Python (aca-py) with `pip install aries-cloudagent` Checkout: https://pypi.org/project/aries-cloudagent/

swcurran (Thu, 04 Jul 2019 17:31:41 GMT):
FYI - per @nbrempel - you can now install the Aries Cloud Agent - Python (aca-py) with `pip install aries-cloudagent` Checkout: https://pypi.org/project/aries-cloudagent/

andrew.whitehead (Thu, 04 Jul 2019 17:37:06 GMT):
@sklump That particular code doesn't strip any decorators, it's just grabbing a couple fields to allow return routing of error messages (like if validation fails). Decorator support was also refactored a while ago to support things field decorators automatically and not fail on unknown decorators

andrew.whitehead (Thu, 04 Jul 2019 17:38:49 GMT):
We might need to add a post-validation step to check the presence of decorators, I think they're populated after the message is deserialized

sklump (Thu, 04 Jul 2019 17:49:08 GMT):
It doesn't strip it as such, but it abstains from adding their content into something called `remain`, which it then returns. So whatever uses the remainder doesn't get the attachments. In this case, what uses it is marshmallow's deserialization validation step.

andrew.whitehead (Thu, 04 Jul 2019 17:53:01 GMT):
Yes, and then the decorators that were found are populated on message._decorators

andrew.whitehead (Thu, 04 Jul 2019 17:53:01 GMT):
Yes, and then the decorators that were found are populated on message._decorators. But that's a different step from this issue

sklump (Thu, 04 Jul 2019 17:57:41 GMT):
Can it be fixed so that if a decorator is required, it is still there for marshmallow to validate?

sklump (Thu, 04 Jul 2019 17:57:41 GMT):
Can it be fixed so that if a marshmallow schema requires a decorator, it is still there for marshmallow to validate on deserialization?

andrew.whitehead (Thu, 04 Jul 2019 18:20:10 GMT):
It's too fragile that way, the decorator formats are independent of the message formats so eventually the agent may support a few different variations of ~attach decorators, for example. That's why I was suggesting adding a post-validation method that could be overridden in that AgentMessage class to check for the decorator. It would have to be called from the Dispatcher after deserializing the message

andrew.whitehead (Thu, 04 Jul 2019 18:20:52 GMT):
Actually I see it could be called from populate_decorators on the AgentMessage class

andrew.whitehead (Thu, 04 Jul 2019 18:20:52 GMT):
Actually I see it could be called from populate_decorators on the AgentMessageSchema class

andrew.whitehead (Thu, 04 Jul 2019 18:20:52 GMT):
Actually I see it could be called from populate_decorators on the AgentMessageSchema class. Or you could override that method

sklump (Thu, 04 Jul 2019 18:23:56 GMT):
I think you're going to have to tell me what buttons to push.

sklump (Thu, 04 Jul 2019 18:24:55 GMT):
Anyway I'm thinking, next week is good enough.

swcurran (Thu, 04 Jul 2019 21:40:14 GMT):
FYI - Congrats to @tplooker and the team from MattrGlobal on winning the Code With Us opportunity at BC Gov. Appreciate the responses from others that applied - good stuff! We're looking forward to working with Tobias and team on this. It's development in the open, so hopefully others will be able to benefit from (and perhaps even contribute to) this effort. Here is the opportunity that was posted: https://www.bcdevexchange.org/opportunities/cwu/opp-create-a-red-hat-keycloak-identity-provider--idp--capable-of-processing-verifiable-credentials-using-decentralized-identity-technology-created-by-bc-gov-to-authorize-access-to-a-bc-government-digital-service-

brian.richter (Fri, 05 Jul 2019 17:25:48 GMT):
hi all, are the slides at the bottom of this page the only record of the last working group call? https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320115 would love some audio describing these slides they're quite technical

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5000:5000" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container?
*Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container?
*Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? // *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? \\ *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? \newline *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
\allowbreak hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ```
*Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? \newline *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml*
``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ``` *Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

wadeking98 (Fri, 05 Jul 2019 18:14:31 GMT):
hello again everyone, I'm trying to set up persistent storage with the aries agent using a postgres database. The approach I'm taking is to set up a docker-compose file to run a postgres container and then connect to that container from the aries agent container. The database is running and I think I'm using the correct arguments for "--wallet-storage-type", "--wallet-storage-config", and "--wallet-storage-creds" but it still fails to connect. Here is the docker-compose file I'm using and the resulting error trace: *docker-compose.yml* ``` version: '3.1' services: aries: build: . ports: - "5001:5001" command: "-it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e http://172.17.0.1:10001 \ --genesis-url http://172.17.0.1:9000/genesis \ --seed 00000000000000000000000000000001 \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{\"url\":\"postgres://db:5432\", \"max_connections\":5}' \ --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' \ --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - "5432:5432" adminer: image: adminer restart: always ports: - 8080:8080 ``` *Error Trace:*``` sudo docker-compose up Creating network "aries_default" with the default driver Creating aries_db_1 ... done Creating aries_aries_1 ... done Creating aries_adminer_1 ... done Attaching to aries_aries_1, aries_db_1, aries_adminer_1 aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage aries_1 | 2019-07-05 17:40:09,286 asyncio ERROR Task exception was never retrieved aries_1 | future: exception=WalletError("(, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\\n Caused by: Plugin returned error\\n'})",)> aries_1 | Traceback (most recent call last): aries_1 | File "/home/indy/aries_cloudagent/wallet/indy.py", line 153, in create aries_1 | credentials=json.dumps(self._wallet_access), aries_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/wallet.py", line 61, in create_wallet aries_1 | create_wallet.cb) aries_1 | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'}) ``` I'm assuming this error means it failed to connect to postgres. My question is: am I using the correct arguments to connect to the postgres docker container? *Note: I copied and renamed aries/docker/Dockerfile.run to aries/Dockerfile. My docker-compose file is in aries/docker-compose.yml. von-network is running in the background. I could not post the full error trace, only the last part with the error message. After running docker-compose up I am able to connect to postgres on dbeaver using username postgres and password docker *

WadeBarnes (Fri, 05 Jul 2019 19:09:07 GMT):
It looks like the database container has not started and initialized before the agent tries to create the wallet.

WadeBarnes (Fri, 05 Jul 2019 19:09:07 GMT):
It looks like the database container has not started and initialized before the agent tries to create the wallet. You may need to add a delay to the agent startup process

WadeBarnes (Fri, 05 Jul 2019 19:15:56 GMT):
Example of waiting for a container dependency; https://github.com/bcgov/indy-catalyst/blob/master/starter-kits/credential-registry/docker/docker-compose.yml#L130

wadeking98 (Fri, 05 Jul 2019 23:31:12 GMT):
I gave it a quite a few tries, my docker compose file currently looks like this:

wadeking98 (Fri, 05 Jul 2019 23:31:12 GMT):
I gave it a quite a few tries, my docker compose file currently looks like this: ``` version: '3.1' services: aries: build: . ports: - 5001:5001 depends_on: - db command: > /bin/bash -c "echo sleeping...; sleep 10; acagent -it http 0.0.0.0 10001 -ot http --admin 0.0.0.0 5001 -e http://172.17.0.1:10001 --genesis-url http://172.17.0.1:9000/genesis --seed 00000000000000000000000000000001 --auto-ping-connection --accept-invites --accept-requests --auto-verify-presentation --auto-respond-credential-offer --auto-respond-presentation-request --wallet-type indy --wallet-key key --wallet-storage-type postgres_storage --wallet-storage-config '{\"url\":\"jdbc:postgresql://db:5432/postgres\", \"max_connections\":5}' --wallet-storage-creds '{\"account\":\"postgres\",\"password\":\"docker\",\"admin_account\":\"postgres\",\"admin_password\":\"docker\"}' --label \"Holder\"" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 adminer: image: adminer restart: always ports: - 8080:8080 ``` The database is active but it still fails to connect

andrew.whitehead (Sat, 06 Jul 2019 01:03:31 GMT):
I got it working by changing a few things. Added 'db' to the aries 'links', changed the DB url to just 'db:5432', and changed the wallet name ("CREATE DATABASE default" was causing a syntax error, @ianco)

andrew.whitehead (Sat, 06 Jul 2019 01:03:45 GMT):
```version: '3.1' services: aries: build: context: . dockerfile: docker/Dockerfile.run ports: - 5001:5001 links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 10001 \ -ot http --admin 0.0.0.0 5001 \ -e "http://host.docker.internal:10001" \ --genesis-url "http://host.docker.internal:9000/genesis" \ --seed "00000000000000000000000000000001" \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "Holder" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432```

andrew.whitehead (Sat, 06 Jul 2019 01:04:30 GMT):
Also 'entrypoint' instead of command, since that dockerfile overrides the entrypoint

SvenHammann90 (Mon, 08 Jul 2019 09:20:19 GMT):
Hi all, any news on when the recording on last week's call 2 will be posted (https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320115) ? I would like to learn more about peer DIDs. Currently, only a PDF is available.

kdenhartog (Mon, 08 Jul 2019 12:48:41 GMT):
@TelegramSam have you gotten the call posted by chance?

TelegramSam (Mon, 08 Jul 2019 13:14:15 GMT):
Call Recordings for the afternoon call posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320115

xfreeman (Mon, 08 Jul 2019 14:23:02 GMT):
hi good morning i was checking the code of https://github.com/hyperledger/indy-agent/tree/master/python and now i found aca-py agent here, which one should I focus? but I guess they are both pretty related...i want to play a little with the demos code and I had some doubts... Is there a better channel to make these kind of questions? like where is this come from (hardcoded in indy agent demo**) *did:sov:BzCbsNYhMrjHiqZDTUASHg* ....

MALodder (Mon, 08 Jul 2019 14:33:46 GMT):
what would the community like to see to be able to push the LOX RFC from proposed to accepted?

jljordan_bcgov (Mon, 08 Jul 2019 14:46:28 GMT):
Hi @xfreeman .. aca-py is the latest code with demos and we are actively maintaining and enhancing it toward production ... for us production will be this summer for the GA release of OrgBook.gov.bc.ca The channel you want to be in for things Agent is #aries

jljordan_bcgov (Mon, 08 Jul 2019 14:47:41 GMT):
There is a 0 to code guide here -> https://github.com/hyperledger/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/README.md

jljordan_bcgov (Mon, 08 Jul 2019 14:48:05 GMT):
Feedback and even better PRs welcome!

jljordan_bcgov (Mon, 08 Jul 2019 14:48:30 GMT):
Happy Monday (or Tuesday if you are on the other side of the dateline!)

jljordan_bcgov (Mon, 08 Jul 2019 14:51:55 GMT):
Should there be an example working implementation?

MALodder (Mon, 08 Jul 2019 14:52:42 GMT):
but its my understanding that code doesn't need to be written

xfreeman (Mon, 08 Jul 2019 14:53:40 GMT):
thanks, then I´ll take a close look at aca-py.. have a nice week...just in case , do you know in demo indy reference agent where the hardcoded did comes from, where it is registered in the ledger? just to know. Thanks again

TelegramSam (Mon, 08 Jul 2019 15:02:01 GMT):
Related to where the did comes from: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0020-message-types/README.md#aries-core-message-namespace

kdenhartog (Mon, 08 Jul 2019 20:22:03 GMT):
Just ran through the ACA-py demo and was amazed at the 0 to working time of around 3 minutes to complete the demo. Great work BCGov team! I'd advocate for us making this the standard demo used to getting started with Indy as well. The current demo in Indy should remain for people who want to dig into the SDK, but I bet the majority of developers just want to be able to run something like ACA-py and go.

TelegramSam (Mon, 08 Jul 2019 20:40:54 GMT):
@kdenhartog was that the Alice Faber demo, or something else? (https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo)

pknowles (Tue, 09 Jul 2019 11:32:17 GMT):
Cause for concern? https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

luckycharms810 (Tue, 09 Jul 2019 15:46:43 GMT):
Hello, I have been looking at the Indy Agent code for a while now, and more recently the ACA code as well. I was curious if there was a spec for how Credential offer messages look in Indy / Aries ?

luckycharms810 (Tue, 09 Jul 2019 15:47:10 GMT):
I have used https://github.com/hyperledger/indy-agent/blob/master/python/modules/connection.py#L235 as a reference for connection requests, but curious if there is something similar for credential offer's that are made to an agent.

sklump (Tue, 09 Jul 2019 15:54:28 GMT):
@luckycharms810 there is a v1.0 proposed standard in https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential Work to support Aries#0036 is in the queue.

luckycharms810 (Tue, 09 Jul 2019 16:08:44 GMT):
Are there any reference implementations ?

luckycharms810 (Tue, 09 Jul 2019 16:25:11 GMT):
I see, are there any currently adopted standards ?

swcurran (Tue, 09 Jul 2019 17:22:54 GMT):
I believe the current state of the credentials exchange is what is known as 0.1 version - https://hackmd.io/@QNKW9ANJRy6t81D7IfgiZQ/HkklVzww4?type=view

swcurran (Tue, 09 Jul 2019 17:23:22 GMT):
It's implemented by a number of implementations - ACA-Py, StreetCred, Mattr at least.

luckycharms810 (Tue, 09 Jul 2019 17:38:21 GMT):
Yep I definitely saw the implementation in ACA-py, but was curious where the corresponding spec was

luckycharms810 (Tue, 09 Jul 2019 17:39:54 GMT):
Within the context of the credential preview, what do the following mean ?

luckycharms810 (Tue, 09 Jul 2019 17:39:56 GMT):
```"@context": string, "@id": string,```

andrew.whitehead (Tue, 09 Jul 2019 17:59:59 GMT):
@luckycharms810 Those are JSON-LD properties, probably best covered here: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0047-json-ld-compatibility

wadeking98 (Tue, 09 Jul 2019 19:28:52 GMT):
Hello everyone, I have persistent storage set up for one aries agent but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for it, seed, etc: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db ```

wadeking98 (Tue, 09 Jul 2019 19:51:53 GMT):
Hello everyone, I have persistent storage set up for one aries agent but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for it, seed, etc: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 ${it} \ -ot http --admin 0.0.0.0 ${ot} \ -e "http://172.17.0.1:${it}" \ --genesis-url "http://172.17.0.1:9000/genesis" \ --seed ${seed} \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "${label}" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 networks: default: ipam: driver: default config: - subnet: 172.33.1.0/16 ``` However, If i comment out the tags for database connection in the aries service in docker compose, I can run two agents in different shells using docker-compose up. It seems that the public DID information is stored in the postgres db and there is only allowed to be one public DID at a time in the database. (this makes sense if each database is supposed to be the wallet of a single agent). *My main question is "How do I initialize seperete databases for each aries agent?"*

wadeking98 (Tue, 09 Jul 2019 19:51:53 GMT):
Hello everyone. I have persistent storage set up for one aries agent, but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for it, seed, etc: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 ${it} \ -ot http --admin 0.0.0.0 ${ot} \ -e "http://172.17.0.1:${it}" \ --genesis-url "http://172.17.0.1:9000/genesis" \ --seed ${seed} \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "${label}" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 networks: default: ipam: driver: default config: - subnet: 172.33.1.0/16 ``` However, If i comment out the tags for database connection in the aries service in docker compose, I can run two agents in different shells using docker-compose up. It seems that the public DID information is stored in the postgres db and there is only allowed to be one public DID at a time in the database. (this makes sense if each database is supposed to be the wallet of a single agent). *My main question is "How do I initialize seperete databases for each aries agent?"*

wadeking98 (Tue, 09 Jul 2019 19:51:53 GMT):
Hello everyone. I have persistent storage set up for one aries agent, but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for ot, it, and seed: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 ${it} \ -ot http --admin 0.0.0.0 ${ot} \ -e "http://172.17.0.1:${it}" \ --genesis-url "http://172.17.0.1:9000/genesis" \ --seed ${seed} \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "${label}" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 networks: default: ipam: driver: default config: - subnet: 172.33.1.0/16 ``` However, If i comment out the tags for database connection in the aries service in docker compose, I can run two agents in different shells using docker-compose up. It seems that the public DID information is stored in the postgres db and there is only allowed to be one public DID at a time in the database. (this makes sense if each database is supposed to be the wallet of a single agent). *My main question is "How do I initialize seperete databases for each aries agent?"*

wadeking98 (Tue, 09 Jul 2019 19:51:53 GMT):
Hello everyone. I have persistent storage set up for one aries agent, but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for ot, it, and seed: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 ${it} \ -ot http --admin 0.0.0.0 ${ot} \ -e "http://172.17.0.1:${it}" \ --genesis-url "http://172.17.0.1:9000/genesis" \ --seed ${seed} \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ --wallet-storage-type postgres_storage \ --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "${label}" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 networks: default: ipam: driver: default config: - subnet: 172.33.1.0/16 ``` However, If i comment out the tags for database connection in the aries service in docker compose, I can run two agents in different shells using docker-compose up. It seems that the public DID information is stored in the postgres db and there is only allowed to be one public DID at a time in the database. (this makes sense if each database is supposed to be the wallet of a single agent). *My main question is "How do I initialize seperete databases for each aries agent so they can connect?"*

wadeking98 (Tue, 09 Jul 2019 19:51:53 GMT):
Hello everyone. I have persistent storage set up for one aries agent, but I'm trying to connect multiple agents. I'm assuming that each agent should have their own postgres db instance running since the postgres db serves as each agent's wallet. when I try and run multiple instances of the aries agent with persistent storage I get the following error: ``` aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt ``` I'm currently just running the following command in different shells with different arguments for ot, it, and seed: ``` it=10001 ot=5001 seed=00000000000000000000000000000001 label=alice docker-compose up ``` here is my docker compose file for reference: ``` version: '3.1' services: aries: build: context: . dockerfile: docker/Dockerfile.run ports: - ${ot}:${ot} links: - db depends_on: - db entrypoint: - /bin/bash - -c - | echo sleeping...; sleep 10; acagent -it http 0.0.0.0 ${it} \ -ot http --admin 0.0.0.0 ${ot} \ -e "http://172.17.0.1:${it}" \ --genesis-url "http://172.17.0.1:9000/genesis" \ --seed ${seed} \ --auto-ping-connection \ --accept-invites \ --accept-requests \ --auto-verify-presentation \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --wallet-name aries \ --wallet-type indy \ --wallet-key key \ # --wallet-storage-type postgres_storage \ # --wallet-storage-config '{"url":"db:5432", "max_connections":5}' \ # --wallet-storage-creds '{"account":"postgres","password":"docker","admin_account":"postgres","admin_password":"docker"}' \ --label "${label}" db: image: postgres restart: always environment: POSTGRES_PASSWORD: docker POSTGRES_USER: postgres ports: - 5432:5432 networks: default: ipv4_address: 172.33.1.5 networks: default: ipam: driver: default config: - subnet: 172.33.1.0/16 ``` However, If i comment out the tags for database connection in the aries service in docker compose, I can run two agents in different shells using docker-compose up. It seems that the public DID information is stored in the postgres db and there is only allowed to be one public DID at a time in the database. (this makes sense if each database is supposed to be the wallet of a single agent). *My main question is "How do I initialize seperete databases for each aries agent so they can connect?"*

WadeBarnes (Tue, 09 Jul 2019 20:00:05 GMT):
You can share the same server instance, but you have to define a unique wallet (database) name for each agent; `--wallet-name`.

wadeking98 (Tue, 09 Jul 2019 20:37:23 GMT):
Thanks for the quick reply, I've added the --wallet-name tag but whenever I start a new agent in another shell, it kills and re-runs the agents in the other shells and makes them run on the same port. Example: the aries agent is running in shell 1 with wallet name alice on port 5000. When the command `it=10001 ot=5001 seed=00000000000000000000000000000001 label=faber wallet_name=faber docker-compose up` is entered into shell 2, shell 1 outputs the following: ``` aries_1 | aries_aries_1 exited with code 137 aries_1 | sleeping... aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage db_1 | 2019-07-09 20:22:18.303 UTC [64] FATAL: database "faber" does not exist aries_1 | aries_1 | :::::::::::::::::::::::::::::::::::::::::::::: aries_1 | :: Aries Cloud Agent :: aries_1 | :: :: aries_1 | :: :: aries_1 | :: Inbound Transports: :: aries_1 | :: :: aries_1 | :: - http://0.0.0.0:10001 :: aries_1 | :: :: aries_1 | :: Outbound Transports: :: aries_1 | :: :: aries_1 | :: - http :: aries_1 | :: - https :: aries_1 | :: :: aries_1 | :: Public DID Information: :: aries_1 | :: :: aries_1 | :: - DID: 4cLztgZYocjqTdAZM93t27 :: aries_1 | :: :: aries_1 | :: Administration API: :: aries_1 | :: :: aries_1 | :: - http://0.0.0.0:5001 :: aries_1 | :: :: aries_1 | :: ver: 0.10.0 :: aries_1 | :::::::::::::::::::::::::::::::::::::::::::::: aries_1 | aries_1 | Listening... aries_1 | ``` shell 1 changed from hosting the agent on port 5000 to 5001 so now we can't access the agent running in shell 2 because it's ports are conflicting with shell 1

wadeking98 (Tue, 09 Jul 2019 20:37:23 GMT):
Thanks for the quick reply, I've added the --wallet-name tag but whenever I start a new agent in another shell, it kills and re-runs the agents in the other shells and makes them run on the same port. Example: the aries agent is running in shell 1 with wallet name alice on port 5000. When the command `it=10001 ot=5001 seed=00000000000000000000000000000001 label=faber wallet_name=faber docker-compose up` is entered into shell 2, shell 1 outputs the following: ``` aries_1 | aries_aries_1 exited with code 137 aries_1 | sleeping... aries_1 | Initializing postgres wallet aries_1 | Success, loaded postgres wallet storage db_1 | 2019-07-09 20:22:18.303 UTC [64] FATAL: database "faber" does not exist aries_1 | aries_1 | :::::::::::::::::::::::::::::::::::::::::::::: aries_1 | :: Aries Cloud Agent :: aries_1 | :: :: aries_1 | :: :: aries_1 | :: Inbound Transports: :: aries_1 | :: :: aries_1 | :: - http://0.0.0.0:10001 :: aries_1 | :: :: aries_1 | :: Outbound Transports: :: aries_1 | :: :: aries_1 | :: - http :: aries_1 | :: - https :: aries_1 | :: :: aries_1 | :: Public DID Information: :: aries_1 | :: :: aries_1 | :: - DID: 4cLztgZYocjqTdAZM93t27 :: aries_1 | :: :: aries_1 | :: Administration API: :: aries_1 | :: :: aries_1 | :: - http://0.0.0.0:5001 :: aries_1 | :: :: aries_1 | :: ver: 0.10.0 :: aries_1 | :::::::::::::::::::::::::::::::::::::::::::::: aries_1 | aries_1 | Listening... aries_1 | ``` shell 1 and shell2 are now running duplicate agents so we have no way to access the agent previously running in shell1

WadeBarnes (Tue, 09 Jul 2019 20:46:16 GMT):
How are you starting the agents?

WadeBarnes (Tue, 09 Jul 2019 20:47:29 GMT):
It may be best to define each agent in the yaml individually.

WadeBarnes (Tue, 09 Jul 2019 20:47:29 GMT):
It may be best to define each agent in the yaml individually. Give each it's own service name.

wadeking98 (Tue, 09 Jul 2019 20:48:26 GMT):
with `it=10000 ot=5000 seed=00000000000000000000000000000000 label=alice wallet_name=alice docker-compose up` in shell 1 and `it=10001 ot=5001 seed=00000000000000000000000000000001 label=faber wallet_name=faber docker-compose up`

wadeking98 (Tue, 09 Jul 2019 20:48:48 GMT):
with `it=10000 ot=5000 seed=00000000000000000000000000000000 label=alice wallet_name=alice docker-compose up` in shell 1 and `it=10001 ot=5001 seed=00000000000000000000000000000001 label=faber wallet_name=faber docker-compose up`

WadeBarnes (Tue, 09 Jul 2019 20:49:24 GMT):
It appears docker-compose is recreating the service.

WadeBarnes (Tue, 09 Jul 2019 20:49:24 GMT):
It appears `docker-compose` is recreating the service.

wadeking98 (Tue, 09 Jul 2019 20:57:39 GMT):
it seems like it, but the only thing is that if I comment out the database connection tags for the aries agent in the docker compose, docker no longer tries to recreate the aries agent, which is strange

wadeking98 (Tue, 09 Jul 2019 21:00:04 GMT):
I can send you my project so you can have a look at it if you want

WadeBarnes (Tue, 09 Jul 2019 21:01:28 GMT):
Wondering if @ianco, or @andrew.whitehead have any thoughts.

ianco (Tue, 09 Jul 2019 21:04:42 GMT):
You should be able to use one postgres for multiple wallets

ianco (Tue, 09 Jul 2019 21:04:58 GMT):
The wallet name is used to create the database inside the postgres server

ianco (Tue, 09 Jul 2019 21:11:21 GMT):
... so you need to provide a different wallet name for each instance of the agent

ianco (Tue, 09 Jul 2019 21:11:35 GMT):
... but they can all point to the same postgres database

andrew.whitehead (Tue, 09 Jul 2019 21:12:23 GMT):
docker-compose up is always going to recreate the environment, and running it twice (with -p to override the project name) would just give you two database containers. It's not the right application for docker-compose if you want to run an arbitrary number of agents

wadeking98 (Tue, 09 Jul 2019 21:13:32 GMT):
@ianco they are connecting to the same database and I'm providing different wallet names with the wallet_name environment variable

wadeking98 (Tue, 09 Jul 2019 21:14:12 GMT):
@andrew.whitehead ya I may have to abandon docker-compose

wadeking98 (Tue, 09 Jul 2019 21:14:12 GMT):
@andrew.whitehead ya I may have to abandon docker-compose, I may be able to get around docker-compose if I assign a static ip to the docker container running the postgres db

andrew.whitehead (Tue, 09 Jul 2019 21:16:20 GMT):
It should be sufficient to use the same docker network name

andrew.whitehead (Tue, 09 Jul 2019 21:16:20 GMT):
It should be sufficient to use the same docker network name and the DB's container name

wadeking98 (Tue, 09 Jul 2019 21:22:55 GMT):
thank you everyone for your help, I'll post my solution when I get the project working

ianco (Tue, 09 Jul 2019 21:23:48 GMT):
You can take a look at how the agent is started as a subprocess in the alice/faber demo, that may be a more suitable approach for your use case

jljordan_bcgov (Wed, 10 Jul 2019 14:28:06 GMT):
Driving adopting of Trust over IP for a safer people centric Internet :)

Rick (Thu, 11 Jul 2019 04:37:11 GMT):
Hello, for Aries any nodejs wrapper / expected date ?

TelegramSam (Thu, 11 Jul 2019 12:19:49 GMT):
meeting recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320908

Oskar_van_Deventer (Thu, 11 Jul 2019 13:21:49 GMT):
@TelegramSam Hi Sam, all, I created pull request https://github.com/hyperledger/aries-rfcs/pull/119, in which I propose to add XMPP to the list of DIDcom transports, with reference to RFC 0024 DIDCom-over-XMPP, https://github.com/hyperledger/aries-rfcs/tree/master/features/0024-didcomm-over-xmpp. Please let me know if you have any questions. Also, what steps/actions would be needed from my side to bring 0024 further? Should I be discussing this proposed RFC with you? Oskar

josh.graber (Thu, 11 Jul 2019 15:02:06 GMT):
I'm trying to understand the current concerns with correctable service endpoints for individuals. Can someone clarify for me who would be doing the correlation and what they would observe in order to see this correlation?

josh.graber (Thu, 11 Jul 2019 15:02:06 GMT):
I'm trying to understand the current concerns with correlatable service endpoints for individuals. Can someone clarify for me who would be doing the correlation and what they would observe in order to see this correlation?

josh.graber (Thu, 11 Jul 2019 15:02:30 GMT):
Let's say that a private individual were to use the same service endpoint for 2 different pairwise relationships

josh.graber (Thu, 11 Jul 2019 15:02:44 GMT):
Who would observe and correlate this?

josh.graber (Thu, 11 Jul 2019 15:02:53 GMT):
Someone sniffing traffic being passed across a network?

josh.graber (Thu, 11 Jul 2019 15:03:22 GMT):
Or these the two entities that this person was interacting with could collaborate and both share with each other that they have relationships with the same person?

josh.graber (Thu, 11 Jul 2019 15:03:22 GMT):
Or the possibility that these the two entities that this person was interacting with could collaborate and both share with each other that they have relationships with the same person?

josh.graber (Thu, 11 Jul 2019 15:04:24 GMT):
This seems significant, because it is clear that a RoutingRUs universal router would solve these problems, but it's not clear if a very specific routing / forwarding agent solves this at all

josh.graber (Thu, 11 Jul 2019 15:04:57 GMT):
For example, if I had my own personal cloud agent that forwarded DID messages to my edge devices, this would hypothetically be very correlatable

josh.graber (Thu, 11 Jul 2019 15:05:16 GMT):
Because all of my relationships would point to this agent, but only MY relationships not relationships of others

josh.graber (Thu, 11 Jul 2019 15:05:23 GMT):
Am I thinking about this correctly?

josh.graber (Thu, 11 Jul 2019 15:05:56 GMT):
The requirement of having routers that serve a lot of traffic but definitely aren't central (this causes a host of other issues) seems difficult

josh.graber (Thu, 11 Jul 2019 15:10:06 GMT):
Seems like this could easily push towards a few very centralized routing providers... and then these providers can correlate everything and know a lot more than they should about all of the traffic

kdenhartog (Thu, 11 Jul 2019 16:47:32 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=Ha33Ap3fXqt8agX9t) @Oskar_van_Deventer I accepted the PR. To move the work forward, I'd suggest raising a GitHub issue asking for feedback.

kdenhartog (Thu, 11 Jul 2019 16:52:02 GMT):
@josh.graber you've hit the paradox of the problem of routing on it's head. This is a tricky problem that we felt didn't have great answers. On the one hand a person can be fully self sovereign by hosting their own router, on the other hand they lose out on the herd privacy. We thought about how mixnets could fit in to help, but ultimately didn't follow up with that work. Right now we felt it was sufficient to leave the options you suggested as available and see if anyone could offer improvements to the design later.

josh.graber (Thu, 11 Jul 2019 17:12:56 GMT):
Can you clarify how you envision the correlation would actually occur for my benefit?

josh.graber (Thu, 11 Jul 2019 17:12:56 GMT):
Can you clarify how you envision the correlation would actually occur... for my benefit?

josh.graber (Thu, 11 Jul 2019 17:13:13 GMT):
For example in the case of a personal router

josh.graber (Thu, 11 Jul 2019 18:12:07 GMT):
I think there is some clarity in this document on this topic: https://github.com/hyperledger/education/blob/master/LFS171x/docs/introduction-to-hyperledger-indy.md#unwanted-correlation

josh.graber (Thu, 11 Jul 2019 18:12:54 GMT):
It would appear the concern is with service providers collaborating to correlate end user data for the purpose of advertising, which clearly is a widespread problem with the current flawed identity / authentication system

josh.graber (Thu, 11 Jul 2019 18:19:35 GMT):
Any thoughts about how we can prevent this same correlation from occurring on the bases of disclosed attributes from verifiable credentials?

josh.graber (Thu, 11 Jul 2019 18:30:14 GMT):
I guessing zero knowledge proofs are the best answer to this question

josh.graber (Thu, 11 Jul 2019 18:30:14 GMT):
I'm guessing zero knowledge proofs are the best answer to this question

josh.graber (Thu, 11 Jul 2019 18:30:36 GMT):
There are still a couple of potential issues to keep an eye on.

josh.graber (Thu, 11 Jul 2019 18:31:11 GMT):
First, the difficulty of establishing trust. Which does often require sharing a certain amount of information (which could then be used for correlations).

josh.graber (Thu, 11 Jul 2019 18:31:59 GMT):
Second, for essential services it sometimes feels like we are at the mercy of the providers. If they require that we disclose more information than we are comfortable with we often feel as if we do not have any viable alternatives.

josh.graber (Thu, 11 Jul 2019 18:31:59 GMT):
Second, for essential services it sometimes feels like we are at the mercy of service providers. If they require that we disclose more information than we are comfortable with we often feel as if we do not have any viable alternatives.

josh.graber (Thu, 11 Jul 2019 18:32:50 GMT):
Legislation and / or healthy free market competition could both be possible solutions to the latter

josh.graber (Thu, 11 Jul 2019 18:33:12 GMT):
Anyway, I apologize for conversing with myself. Just thinking out loud as I seek to understand all of this stuff :)

jljordan_bcgov (Thu, 11 Jul 2019 18:49:27 GMT):
I am currently of the thinking that once we have “safe streets” via DIDComm peer connections and we have devalued non-VC based Data (your accurate but not presented in a cryptographic envelope personal data) we will need to use privacy commissioners and regulations to discourage the storing of Personal data in relying party systems

TelegramSam (Thu, 11 Jul 2019 22:57:22 GMT):
@josh.graber You ask good questions. Let me attempt to address the personal router endpoint correlation case specifically.

ravip (Thu, 11 Jul 2019 23:31:37 GMT):
This might be a silly question, but is it possible to have a connection download my images (IPFS links to those images are stored in aries / indy wallet)? Also, Can I have a consent receipt from the connection for the use of my images only for a period of time?

TelegramSam (Thu, 11 Jul 2019 23:42:24 GMT):
@ravip you could design a protocol to allow that behavior, but I'm unaware of any existing protocols for that behavior.

ravip (Fri, 12 Jul 2019 00:02:45 GMT):
okay, do you think the consent part can be achieved using indy wallets?

ravip (Fri, 12 Jul 2019 00:06:46 GMT):
I mean, is there some kind of explorer for microledger between entities wherein a data subject could see what they have consented to and for how long to data controllers?

jljordan_bcgov (Fri, 12 Jul 2019 01:33:00 GMT):
A bunch of thinking and work about consent going on in #indy-semantics Consent likely managed via verifiable credentials.. perhaps issued to the person providing consent as a “receipt” and vice versa. Recall that verifiable credentials are always countersigned...

jljordan_bcgov (Fri, 12 Jul 2019 01:33:33 GMT):
At least that is what I would imagine. The other channel has way more experienced people on this topic

drummondreed (Fri, 12 Jul 2019 04:15:04 GMT):
@jljordan_bcgov Brilliantly said.

rchristman (Fri, 12 Jul 2019 18:25:35 GMT):
@TelegramSam I'm working on adding the feature query to static agent as we discussed. The static agent sends the query to indy-agent. I'm stuck because indy-agent doesn't have 'their-endpoint' for the static agent. It looks to me like I need to add 0092: transports return route to indy-agent and use ~transport with return_route: thread in the feature query. I wanted to check with you before launching into this. Does this sound reasonable to you?

dbluhm (Fri, 12 Jul 2019 19:35:34 GMT):
@rchristman for now, you can get around this by using one of the static agen examples that has a web server running so both sides can contact each other over http post. At this point, the addition of return route support to the indy agent python reference agent is not trivial and I would recommend you don't worry about it for the time being.

dbluhm (Fri, 12 Jul 2019 19:35:34 GMT):
@rchristman for now, you can get around this by using one of the static agent examples that has a web server running so both sides can contact each other over http post. At this point, the addition of return route support to the indy agent python reference agent is not trivial and I would recommend you don't worry about it for the time being.

rchristman (Fri, 12 Jul 2019 19:36:23 GMT):
okay, sounds good. Thanks for the suggestion.

rchristman (Fri, 12 Jul 2019 19:44:46 GMT):
@dbluhm Two more questions. There's inconsistency in using '-' and '_' in the family names. Which one is the standard going forward?

rchristman (Fri, 12 Jul 2019 19:46:06 GMT):
@dbluhm Other question. There are big similarities between the protocol query and feature query. Is 'feature' replacing 'protocol', or are these different things?

dbluhm (Fri, 12 Jul 2019 19:50:09 GMT):
@rchristman refer to the aries-rfc repository for up to date naming conventions. I believe `-` is preferred over `_`. Protocol discovery was the original naming as captured in the Indy HIPE repository. The updated protocol name is `discover-features`. This may be problematic in your testing against the python reference agent as it uses the old naming convention. If you feel so inclined, I'd be happy to accept a PR that updates the naming convention in the reference agent.

VipinB (Fri, 12 Jul 2019 20:58:58 GMT):
@ravip sounds a lot like snap, of course they have it implemented using a central server, but using e2e encryption and a ratchet protocol, so even snap does not have access to your images. There are leakages that can occur like taking a screenshot or a photo of the screen which cannot be prevented. The trick will be to transform the protocol into a decentralized peer to peer setting

ravip (Sat, 13 Jul 2019 19:35:26 GMT):
Thank you @jljordan_bcgov for the insight. I would forward my question to the relevant channels.

jadhavajay (Mon, 15 Jul 2019 14:23:42 GMT):
We are planning to use a node.js cloud agent. Do you guys suggest to start with the reference node.js agent from https://github.com/hyperledger/indy-agent/blob/master/nodejs/README.md ??

jadhavajay (Mon, 15 Jul 2019 14:23:42 GMT):
@dbluhm , @swcurran - We are planning to use a node.js cloud agent. Do you guys suggest to start with the reference node.js agent from https://github.com/hyperledger/indy-agent/blob/master/nodejs/README.md ??

jadhavajay (Mon, 15 Jul 2019 14:24:49 GMT):
or we should refer the ACA Python and build Node.js from scratch ?

jadhavajay (Mon, 15 Jul 2019 14:24:49 GMT):
or we should refer the ACA Python and build Node.js agent from scratch ?

jadhavajay (Mon, 15 Jul 2019 14:24:49 GMT):
or we should refer the ACA Python and build the Node.js agent from scratch ?

TelegramSam (Mon, 15 Jul 2019 15:25:03 GMT):
@jadhavajay The existing indy-agent node codebase was an early project prior to much progress in settling protocol work. It will need updating, but does include many of the core ideas and ui to enable use. So your choice depends pretty heavily on the architecture you want in your final work. The node app has a built in ui, the ACA-py has a driver architecture.

swcurran (Mon, 15 Jul 2019 15:39:10 GMT):
My $0.02CDN would be to use ACA-Py for guidance. @mhailstone might want to weigh in on this since he was driving the early work on the node-js implementation.

swcurran (Mon, 15 Jul 2019 15:39:46 GMT):
I don't know if it makes any sense as a demo to do a controller in nodejs that talks to the ACA-Py agent.

smithsamuelm (Tue, 16 Jul 2019 00:01:05 GMT):
I was able to build libindy.dylb on macos and by softlinking into /usr/local/lib the faber.py demo could find it. ( I had to fix the faber.py so it would run from the command line). But I get an error when it tries to create the schema or credential. Here is the error.

smithsamuelm (Tue, 16 Jul 2019 00:01:17 GMT):
#1 Provision an agent and wallet, get back configuration details Faber | Registering Faber Agent with seed d_000000000000000000000000392615 Faber | Got DID: DKYg8X7yUiD8CNc7LHxEAV Startup duration: 2.01s Admin url is at: http://127.0.0.1:8021 Endpoint url is at: http://localhost:8020 #3/4 Create a new schema/cred def on the ledger Faber | 2019-07-15 17:55:54,800 aiohttp.server ERROR Error handling request Faber | Traceback (most recent call last): Faber | File "/usr/local/lib/python3.7/site-packages/aiohttp/web_protocol.py", line 418, in start Faber | resp = await task Faber | File "/usr/local/lib/python3.7/site-packages/aiohttp/web_app.py", line 458, in _handle Faber | resp = await handler(request) Faber | File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/messaging/schemas/routes.py", line 57, in schemas_send_schema Faber | async with ledger: Faber | File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 141, in __aenter__ Faber | await self._context_open() Faber | File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 111, in _context_open Faber | await self.open() Faber | File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 94, in open Faber | self.pool_handle = await indy.pool.open_pool_ledger(self.name, "{}") Faber | File "/Data/Code/public/hyperledger/indy/indy-sdk/wrappers/python/indy/pool.py", line 82, in open_pool_ledger Faber | open_pool_ledger.cb) Faber | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Invalid library state\n Caused by: Ledger merkle tree is not acceptable for current tree.\n'}) Faber | Faber | :::::::::::::::::::::::::::::::::::::::::::::: Faber | :: Aries Cloud Agent :: Faber | :: :: Faber | :: :: Faber | :: Inbound Transports: :: Faber | :: :: Faber | :: - http://0.0.0.0:8020 :: Faber | :: :: Faber | :: Outbound Transports: :: Faber | :: :: Faber | :: - http :: Faber | :: - https :: Faber | :: :: Faber | :: Public DID Information: :: Faber | :: :: Faber | :: - DID: DKYg8X7yUiD8CNc7LHxEAV :: Faber | :: :: Faber | :: Administration API: :: Faber | :: :: Faber | :: - http://0.0.0.0:8021 :: Faber | :: :: Faber | :: ver: 0.10.0 :: Faber | :::::::::::::::::::::::::::::::::::::::::::::: Faber | Faber | Listening... Faber | Faber | Faber | Shutting down Faber | Exited with return code 0

smithsamuelm (Tue, 16 Jul 2019 00:03:46 GMT):
The error is 'Error: Invalid library state\n Caused by: Ledger merkle tree is not acceptable for current tree.\n' Any ideas why this error. Could it be the genesis file? There is a local-genesis.txt file in .demo

swcurran (Tue, 16 Jul 2019 00:24:32 GMT):
What are you using for the ledger? von-network also running locally?

swcurran (Tue, 16 Jul 2019 00:28:01 GMT):
Assuming you are running von-network, you are running indy-node 1.8.4 (based on the dockerfile - `FROM bcgovimages/von-image:py35-1.8-4`). Is it possible that is an older version of Indy Node?

swcurran (Tue, 16 Jul 2019 00:28:31 GMT):
It's weird that the DID was created, but failed on the schema and cred def creation calls.

andrew.whitehead (Tue, 16 Jul 2019 00:33:41 GMT):
If GENESIS_URL isn't set then it defaults to local-genesis.txt. It's possible the transactions there don't match the actual ledger instance

swcurran (Tue, 16 Jul 2019 00:35:16 GMT):
So GENESIS_URL should be something like https://localhost:9000/genesis

swcurran (Tue, 16 Jul 2019 00:35:16 GMT):
So GENESIS_URL should be something like http://localhost:9000/genesis

smithsamuelm (Tue, 16 Jul 2019 02:25:19 GMT):
Nope that didn't fix it. Same error. So not sure what is happening.

jljordan_bcgov (Tue, 16 Jul 2019 02:27:42 GMT):
Wallet and ledger out of sync perhaps now. Restart with clean ledger and reinitialized wallet? (I’m guessing)

smithsamuelm (Tue, 16 Jul 2019 02:29:50 GMT):
Not sure exactly how to do that. If ./manage down then ./manage start does that start with clean ledger? And then how to clean wallet? Is there stuff stored on disk or should it be clear every time I run faber.py?

swcurran (Tue, 16 Jul 2019 02:30:59 GMT):
The ./manage down removes the volumes. Not sure how to remove local wallet - its a removal of a magic folder. I'll see what I can see in the indy-sdk channel.

swcurran (Tue, 16 Jul 2019 02:31:11 GMT):
If this is not the first run, then that likely is the issue.

jljordan_bcgov (Tue, 16 Jul 2019 02:31:49 GMT):
If you are using von-network you can use the ledger browser at localhost:9000 to see the state of the ledger

smithsamuelm (Tue, 16 Jul 2019 02:31:58 GMT):
I have tried to run it several times. At first it couldn't find the libindy.dylb but I fixed that.

smithsamuelm (Tue, 16 Jul 2019 02:38:12 GMT):
The ledger is getting cleaned when I bring down and back up so I think its the local wallet.

smithsamuelm (Tue, 16 Jul 2019 02:38:39 GMT):
Where is that stored? Magic Folder?

swcurran (Tue, 16 Jul 2019 02:39:49 GMT):
There is `./manage stop` which does not delete the ledger persistence. But you really shouldn't need to stop it without deleting it - just leave it running.

andrew.whitehead (Tue, 16 Jul 2019 02:55:30 GMT):
I think the local wallet would be stored in `~/.indy_client/wallet`

AmanAgrawal (Tue, 16 Jul 2019 06:18:12 GMT):
Hi, I am following the https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/README.md running through the docker. I am able to establish the network using link https://github.com/bcgov/von-network#running-the-network-locally but getting an error while connecting to indy network using CLI: indy> pool connect sandbox Error: Invalid library state Caused by: Ledger merkle tree is not acceptable for current tree. Additionaly while trying to connect the Agents with network getting an error as below: Error loading genesis transactions: Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 924, in _wrap_create_connection await self._loop.create_connection(*args, **kwargs)) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/base_events.py", line 794, in create_connection raise exceptions[0] File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/base_events.py", line 781, in create_connection yield from self.sock_connect(sock, address) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/selector_events.py", line 439, in sock_connect return (yield from fut) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/selector_events.py", line 469, in _sock_connect_cb raise OSError(err, 'Connect call failed %s' % (address,)) ConnectionRefusedError: [Errno 111] Connect call failed ('172.17.0.1', 9000) The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/indy/demo/agent.py", line 48, in default_genesis_txns f"http://{DEFAULT_EXTERNAL_HOST}:9000/genesis" File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 1005, in __aenter__ self._resp = await self._coro File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 476, in _request timeout=real_timeout File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 522, in connect proto = await self._create_connection(req, traces, timeout) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 854, in _create_connection req, traces, timeout) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 992, in _create_direct_connection raise last_exc File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 974, in _create_direct_connection req=req, client_error=client_error) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/connector.py", line 931, in _wrap_create_connection raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host 172.17.0.1:9000 ssl:None [Connect call failed ('172.17.0.1', 9000)] Error retrieving ledger genesis transactions

AmanAgrawal (Tue, 16 Jul 2019 09:02:05 GMT):
Hi, the above issue is resolved now by giving my docker ip to the public ip here. : ./manage start public_ip_address WEB_SERVER_HOST_PORT=80 "LEDGER_INSTANCE_NAME=My Ledger" &

smithsamuelm (Tue, 16 Jul 2019 14:52:45 GMT):
Yes the local wallet for faber is being created in ~/.indy_client/wallet but deleting it before running does not change the error. humph. ?

swcurran (Tue, 16 Jul 2019 15:10:45 GMT):
Hi @AmanAgrawal - what is your setup? The scripts usually figure out your docker IP address using the follow command - `DOCKERHOST=$(docker run --rm --net=host codenvy/che-ip)`

AmanAgrawal (Tue, 16 Jul 2019 15:17:14 GMT):
I am using the Running the Network on a VPS approach. had to give the public_ip_address as my docker IP and it worked. Also, had to make IP changes to the agent.py file to make this work.

AmanAgrawal (Tue, 16 Jul 2019 15:17:14 GMT):
@swcurran I am using the Running the Network on a VPS approach. had to give the public_ip_address as my docker IP and it worked. Also, had to make IP changes to the agent.py file to make this work.

swcurran (Tue, 16 Jul 2019 15:19:16 GMT):
Could you attach the two files so I can see what you did? We should be able to make it "just work". Attaching them here would be great.

AmanAgrawal (Tue, 16 Jul 2019 15:25:55 GMT):
for the 5th step i.e run the network of nodes i had to put my docker ip as to the below command:

AmanAgrawal (Tue, 16 Jul 2019 15:25:58 GMT):
./manage start 172.17.0.1 WEB_SERVER_HOST_PORT=80 "LEDGER_INSTANCE_NAME=My Ledger" &

WadeBarnes (Tue, 16 Jul 2019 15:28:32 GMT):
@AmanAgrawal, for the demos, assuming you are running everything locally, you should be able to start `von-network` by running `./manage start`

WadeBarnes (Tue, 16 Jul 2019 15:29:52 GMT):
@AmanAgrawal, so you are hosting `von-network` on a machine separate from where you are running the demos?

WadeBarnes (Tue, 16 Jul 2019 15:31:07 GMT):
The demo instructions assume you are running everything locally.

WadeBarnes (Tue, 16 Jul 2019 15:31:44 GMT):
@AmanAgrawal, Yes, I mean agents.

WadeBarnes (Tue, 16 Jul 2019 15:31:44 GMT):
@AmanAgrawal, Yes, I mean demo agents.

AmanAgrawal (Tue, 16 Jul 2019 15:33:01 GMT):
just followed these two links : https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo & https://github.com/bcgov/von-network#running-the-network-locally

WadeBarnes (Tue, 16 Jul 2019 15:35:15 GMT):
@AmanAgrawal, Specifically the *Running in Docker" instructions; correct?

WadeBarnes (Tue, 16 Jul 2019 15:35:15 GMT):
@AmanAgrawal, Specifically the *Running in Docker* instructions; correct?

WadeBarnes (Tue, 16 Jul 2019 15:37:46 GMT):
Those instructions assume all of the commands and services (von-network, faber, and alice) are all run on the same machine; local machine, or VM (VPS).

AmanAgrawal (Tue, 16 Jul 2019 15:40:14 GMT):
so according to you what should be the public IP while running the ./manage start public_ip_address WEB_SERVER_HOST_PORT=80 "LEDGER_INSTANCE_NAME=My Ledger" & command?

AmanAgrawal (Tue, 16 Jul 2019 15:40:37 GMT):
assuming i am doing this on my VPS

WadeBarnes (Tue, 16 Jul 2019 15:41:12 GMT):
You should literally be able to do; `/von-network $ ./manage start` `/aries-cloudagent-python/demo $ ./run_demo faber` `/aries-cloudagent-python/demo $ ./run_demo alice`

WadeBarnes (Tue, 16 Jul 2019 15:42:34 GMT):
The VPS instructions for `von-network` are for hosting shared instance of `von-network` like this; http://dev.bcovrin.vonx.io/

WadeBarnes (Tue, 16 Jul 2019 15:44:33 GMT):
The VPS instructions are not meant to be followed when you are running von-network locally for development or demos. The demos assume von-network is running on the same machine and available at `http://DOCKERHOST:9000/` and/or via is service name. Running von-network using `./manage start` will also expose it at `http://localhost:9000/`

AmanAgrawal (Tue, 16 Jul 2019 15:46:16 GMT):
did you check the connection error i posted above? i did just the steps you have mentioned.

WadeBarnes (Tue, 16 Jul 2019 15:47:37 GMT):
I did, how are where were you running the `CLI`

WadeBarnes (Tue, 16 Jul 2019 15:47:37 GMT):
I did, how are where were you running the `CLI`? Also are you running von-network in it's default mode; `./manage start`?

WadeBarnes (Tue, 16 Jul 2019 15:47:37 GMT):
I did, how are where were you running the `CLI`? Also, are you running von-network in it's default mode; `./manage start`?

AmanAgrawal (Tue, 16 Jul 2019 15:52:35 GMT):
i did these steps precisely as mentioned : Download this repository: curl -L https://github.com/bcgov/von-network/archive/master.zip > bcovrin.zip && \ unzip bcovrin.zip && \ cd von-network-master && \ chmod a+w ./server/ Build the Docker container: ./manage build Run the network of nodes: # This command requires the publicly accessible ip address of the machine `public_ip_address` # WEB_SERVER_HOST_PORT maps the docker service port to a public port on the machine # LEDGER_INSTANCE_NAME sets the display name of the ledger on the page headers. ./manage start public_ip_address WEB_SERVER_HOST_PORT=80 "LEDGER_INSTANCE_NAME=My Ledger" & Connecting to the Network With the CLI Once the nodes are all running and have connected to each other, you can run the Indy client to test the connection in a separate terminal window: ./manage cli

WadeBarnes (Tue, 16 Jul 2019 15:54:10 GMT):
Those are the instructions for hosting a shared instance of `von-network`.

WadeBarnes (Tue, 16 Jul 2019 15:55:37 GMT):
Please follow these instructions; https://github.com/bcgov/von-network#running-the-network-locally

WadeBarnes (Tue, 16 Jul 2019 15:55:37 GMT):
Please follow these instructions; https://github.com/bcgov/von-network#running-the-network-locally; *Running the Network Locally*

AmanAgrawal (Tue, 16 Jul 2019 15:58:41 GMT):
@WadeBarnes @swcurran Also i want to try hands on creating a new aries agent. could you please direct me about how to to proceed.

WadeBarnes (Tue, 16 Jul 2019 16:08:27 GMT):
@AmanAgrawal, I believe this is what you are looking for; https://github.com/hyperledger/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/README.md @swcurran, please correct me if I am wrong.

ravip (Tue, 16 Jul 2019 20:33:53 GMT):
Let's say, an organization is developing an application that uses decentralized identity mechanism to recognize the participants and it is a requirement that user wallet needs to be portable, meaning user should be able to login from any machine. In this case, if I am not wrong, the wallets (agent) need to be on cloud. Now, who hosts user's wallet (database)? Where does it reside? And I guess the user would be able to read from the wallet only when they provide decryption key which is tied to an agent? I am still in the process of learning the concepts of decentralized identity and agents so please pardon me if I have used incorrect technical vocabulary.

smithsamuelm (Tue, 16 Jul 2019 20:36:56 GMT):
My group developed an app for that its called Didery see https://github.com/reputage/didery

smithsamuelm (Tue, 16 Jul 2019 20:38:20 GMT):
Also see the following KERI https://arxiv.org/abs/1907.02143 for an architecture for decentralized key management infrastructure (aka wallets etc)

smithsamuelm (Tue, 16 Jul 2019 20:39:48 GMT):
One of DIdery's features is cloud encrypted store of private keys using OTP encryption. In general storing private keys in the cloud for very valuable keys is not recommended but some sort of hardware security module.

esplinr (Wed, 17 Jul 2019 00:18:45 GMT):
Tomorrow we will be having two Aries Working Group meetings: * 7AM US Pacific / 16H Europe: https://zoom.us/j/244779296 Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16320302 * Noon US Pacific / 6AM New Zealand: https://zoom.us/j/856588081 Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16321260

esplinr (Wed, 17 Jul 2019 00:19:15 GMT):
I received some good feedback on the proposal for moving key parts of Indy SDK to Aries, and look forward to leading a discussion at that topic during the first call.

mbonito (Wed, 17 Jul 2019 01:57:52 GMT):
Does anyone know if there is an implementation of the aries-agent with a mobile hybrid framework like phonegap, ionic, angular mobile, etc.. if not on the indy-sdk side of things?

jljordan_bcgov (Wed, 17 Jul 2019 05:04:30 GMT):
https://github.com/streetcred-id/agent-framework

jljordan_bcgov (Wed, 17 Jul 2019 05:06:45 GMT):
https://github.com/mattrglobal/osma

sukalpomitra (Wed, 17 Jul 2019 06:22:16 GMT):
@spacemandev I am using osma and it compiles for me. are you stuck somewhere?

spacemandev (Wed, 17 Jul 2019 06:22:44 GMT):
what phone are you using it on?

spacemandev (Wed, 17 Jul 2019 06:23:00 GMT):
we got the apk to build but it won't open up on any of our android phones

sukalpomitra (Wed, 17 Jul 2019 06:23:05 GMT):
my samsung S8 and a very cheap phone brand called realme

spacemandev (Wed, 17 Jul 2019 06:23:48 GMT):
what were the compile steps you followed?

sukalpomitra (Wed, 17 Jul 2019 06:24:46 GMT):
i am using visual studio for mac ide. I just imported the solution and ran the app on debug mode with my phone connected with mac

spacemandev (Wed, 17 Jul 2019 06:25:47 GMT):
if you got time, would you mind compiling and sharing an APK with me?

sukalpomitra (Wed, 17 Jul 2019 06:26:27 GMT):
yeah sure why not.. but it will take some time. I will ping you separately

mbonito (Wed, 17 Jul 2019 12:50:00 GMT):
thank you @jljordan_bcgov for the links

mbonito (Wed, 17 Jul 2019 12:52:38 GMT):
was hoping for something with Node JS base so that I can leverage ionic, or phonegap any ideas?

tomislav (Wed, 17 Jul 2019 13:02:14 GMT):
@mbonito Cordova based frameworks use a javascript bridge to invoke native features. To use the indy-sdk you would need the native wrapper for iOS/droid in addition to a bridge that would invoke these functionalities from javascript. I am not familiar with any effort for this. Nodejs wrapper wouldn't work in this scenario as it requires nodejs runtime, not a browser JS runtime. Xamarin has the ability to invoke the native libraries for each platform through the .NET wrapper, which is why it's convenient for cross platform dev right now.

esplinr (Wed, 17 Jul 2019 13:02:42 GMT):
Aries WG call A starts in 1 hour. Key topic is discussing what Indy SDK code we should move to Aries. Join here: https://zoom.us/j/244779296 We hope to see some people that haven't been able to join the later call.

esplinr (Wed, 17 Jul 2019 14:03:37 GMT):
Starting the working group call now. https://zoom.us/j/244779296

mbonito (Wed, 17 Jul 2019 14:29:14 GMT):
@tomislav thank you much appreciated and what I thought.

zzx02 (Wed, 17 Jul 2019 15:45:48 GMT):
Hi, I am trying to run the Alice-faber demo following the https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo#Running-Locally running locally. I am facing an error running the Alice on a raspberry pi, and the errors are below:

zzx02 (Wed, 17 Jul 2019 15:45:54 GMT):
#7 Provision an agent and wallet, get back configuration details Alice | Alice | Shutting down Alice | Exited with return code 0 Traceback (most recent call last): File "/usr/local/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/local/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/pi/aries-cloudagent-python/demo/alice.py", line 223, in asyncio.get_event_loop().run_until_complete(main()) File "/usr/local/lib/python3.6/asyncio/base_events.py", line 468, in run_until_complete return future.result() File "/home/pi/aries-cloudagent-python/demo/alice.py", line 176, in main await agent.start_process() File "/home/pi/aries-cloudagent-python/demo/agent.py", line 286, in start_process await self.detect_process() File "/home/pi/aries-cloudagent-python/demo/agent.py", line 373, in detect_process raise Exception(f"Timed out waiting for agent process to start") Exception: Timed out waiting for agent process to start

zzx02 (Wed, 17 Jul 2019 15:46:52 GMT):
There seems no problem running the cloud agent itself, any ideas about the "Timed out waiting for agent process to start"? Thanks

swcurran (Wed, 17 Jul 2019 16:04:14 GMT):
Looks like you are running with Docker - correct? I'm trying to run the demo just using python directly, and not getting much luck, so we'll have to get back to you.

swcurran (Wed, 17 Jul 2019 16:15:55 GMT):
OK - right now I can't get it running on linux at all - even less than you have. I've got a question out to the dev to look at it and get proper instructions. We'll post as soon as we nail it down.

WadeBarnes (Wed, 17 Jul 2019 16:24:35 GMT):
@zzx02, can you confirm whether you are running the demo in Docker or directly in python?

WadeBarnes (Wed, 17 Jul 2019 16:26:54 GMT):
@zzx02, Either way, where and how are you running `von-network`?

swcurran (Wed, 17 Jul 2019 18:12:10 GMT):
Update - @andrew.whitehead is looking at this and we'll do an update to the instructions. The layout of the folders is making it awkward to run, so that's being adjusted. Not sure how you got as far as you did @zzx02, as we are having different issues, so it all needs to be sorted out.

smithsamuelm (Wed, 17 Jul 2019 19:22:28 GMT):
Running locally won't work as instructed because of the relative imports in the same folder. I fixed that for me by adding a glue file to fix the imports but then ran into indy-sdk issues. which I then fixed but now am stuck on the issue reported above with the error creating the credential.

smithsamuelm (Wed, 17 Jul 2019 20:36:04 GMT):
My best guess of my current problem is that Docket is setting up environment variables that the local setup instructions do not include. There are several places within the agent codes where is sets defaults via os.getenv() and does not supply a default if os.getenv() is empy (Which IMHO is good practive)

mccown (Wed, 17 Jul 2019 20:47:15 GMT):
Regarding the label discussion from the aries call... The self-asserted label field in the invitation seems analogous to the 'reply to' name in email addresses, which is abused, today. However, since we are processing pairwise DID invitations from currently unverified parties, then it seems more useful than not. (In-person QR codes help with the uncertainty.) However, if these invitations are received remotely, what will the UX designers do? If they display the name, it gives the impression of trust -- unless it specifically states that the name is "unverified". Should that be called out as a requirment?

mtfk (Wed, 17 Jul 2019 20:59:08 GMT):
I see label as analogy to the label of the phone within Bluetooth communication (hard to connect just on mac addresses) but for BT quite often you have second step before that will happen that other part need to confirm with pin or just a message box (this is how the UX is design)

mtfk (Wed, 17 Jul 2019 21:00:29 GMT):
I don't think that even signature on the message proposed by Tobias would help in that case. As you still can't trust the label anyway.

mtfk (Wed, 17 Jul 2019 21:01:36 GMT):
But I get the point from @danielhardman why it is there. I am just afraid that it will be misused and the UX won't be the right one.

mtfk (Wed, 17 Jul 2019 21:02:19 GMT):
I could imagine that you enter huge event where you have 100 companies which each of them want to advertise to you with did:peer sending out invitation to everyone who is in the range.

spacemandev (Wed, 17 Jul 2019 21:02:41 GMT):
I wasn't on the call, but we did bring up this topic in a slightly related context. Tobias's connectionless authentication HIPE could also use this label on challenge requests. This was brought up when discussing the challenge flow with Tyler (connect.me team), for when a challenge is shown, what's the UX to see who is sending it if it's not already a connection.

mtfk (Wed, 17 Jul 2019 21:03:26 GMT):
Or even better example shopping mall where every store would like to send you some invitation to established relationship.

mtfk (Wed, 17 Jul 2019 21:03:43 GMT):
My invitation inbox would be full all the time.

mtfk (Wed, 17 Jul 2019 21:07:12 GMT):
We started thinking about making this secure connection completely transparent by user to filter out for him connection requests which he should never deal with and just drop them for him). But valid point is that for did:peer could be to expensive to do it that way. But still problem stays how to deal with potential hundreds connections coming in while e.g. my BT is on.

mtfk (Wed, 17 Jul 2019 21:09:00 GMT):
My ideal scenario would be that the "agent" is dealing with all those request on behave of the user means that the user never interact with the request. Just "agent" shows the most relevant one or the one which you approved (e.g. by setting proper filter - no adds.)

danielhardman (Wed, 17 Jul 2019 21:26:43 GMT):
I think I have an answer that will make all of us happy. See this doc: https://docs.google.com/document/d/1OBp_dtctlRtEsg7j_0gRnRopxcfoD_xEriKtCsamw2A/edit#

danielhardman (Wed, 17 Jul 2019 21:29:45 GMT):
@kdenhartog @mtfk @TelegramSam @swcurran ^^

kdenhartog (Wed, 17 Jul 2019 21:35:44 GMT):
I'm on board with this approach. I especially like that the UX accounts for the 3rd and forth options. This feels like a good middle ground that's analogous to handling a phone call received from a random number.

spacemandev (Wed, 17 Jul 2019 21:40:51 GMT):
For the third option (Alice asks for a self attested ID), would it not be ideal to already include an ~ optional ~ label field in the connection invite, allowing the agent to use that instead of delegating it to a separate protocol?

spacemandev (Wed, 17 Jul 2019 21:40:51 GMT):
For the third option (Alice asks for a self attested ID), would it not be ideal to already include an optional label field in the connection invite, allowing the agent to use that instead of delegating it to a separate protocol?

danielhardman (Wed, 17 Jul 2019 21:43:07 GMT):
I wouldn't be super opposed, but I think some of the other purists might be. And they might be right. If we *did* allow this, it should be on the latter messages in the protocol, NOT on the invitation. and it should be named something that makes its self-attested nature clear. The UX in my proposal would be modified so that button 3 says, "Rename Anonymous Panda to the self-attested name 'Bob'" or something like that.

spacemandev (Wed, 17 Jul 2019 21:45:16 GMT):
i would also possibly position that instead of a label field, it could be self attested "metadata" field -- this would spawned from a conversation with the evernym folks, for stuff like picture of the invitee, any other info, etc

danielhardman (Wed, 17 Jul 2019 21:46:06 GMT):
As soon as you start getting fancy, you make me wonder if that's not just some sort of "describe yourself" or "share a profile" protocol that policy could trigger once DID exchange is done.

spacemandev (Wed, 17 Jul 2019 21:46:15 GMT):
Alice's agent would be in charge of actually reading this field or not

spacemandev (Wed, 17 Jul 2019 21:47:07 GMT):
I guess my motivation really comes form the fact that we're really liked the connectionless flow for interactions a lot, the idea of having a connection with everything that you interact with seems -- a little tedious to user flow

spacemandev (Wed, 17 Jul 2019 21:47:07 GMT):
I guess my motivation really comes form the fact that we've really liked the connectionless flow for interactions a lot, the idea of having a connection with everything that you interact with seems -- a little tedious to user flow

spacemandev (Wed, 17 Jul 2019 21:49:01 GMT):
Ie, one of the key things we're trying to develop is API integration for websites to allow for verifications and "one click login" that uses connectionless auth instead of creating a new connection for every website you visit. having tons and tons of connections seems like non ideal UX

mccown (Wed, 17 Jul 2019 21:53:03 GMT):
I like @danielhardman 's approach and think there are some simple use cases, such as this: 1) Bill: thanks for the chat, Alice, I'm sending a invite request 2) Alice: looks for Bill's invite (which shows his self-asserted name) and accepts In this model, the label isn't a trust point by itself, but becomes a fiducial point in context with their conversation. This helps housekeeping, but does reinforce the "don't accept connections from strangers".

danielhardman (Wed, 17 Jul 2019 21:57:45 GMT):
@spacemandev, although I was one of the people who tried to normalize the idea of operating in connectionless mode, I don't think it's a good idea to stay connectionless as standard operating procedure. Connections give you an audit trail; they are what you would look up to say, "What does know about me? What consent have I given them? What credentials have they seen? And what do I know about them, too?" Connections are also a point of policy enforcement; they are where you can say, "Don't ever tell Bank X anything else about me". If everything you do is ephemeral, it is true that you are a ghost on the digital landscape, but so is everybody else. Usually, you want more record-keeping and control than that. As far as the UX implications, think of connections like cookies. How much time do most users spend inspecting a list of their cookies? And how much of a UX burden do you consider them?

spacemandev (Wed, 17 Jul 2019 22:05:43 GMT):
well, for the first bit, I would say I don't think it's all or nothing -- i think there's specific cases where connectionless shines. as for the second, i don't know if cookies is the appropriate term because there is more user involvement with "connectioning". i know that it's been discussed about setting up rules for agents to be able to automate stuff like this, but i think in practice setting rules for each type of usecase increases set up time for users who likely won't engage in that and leave it to defaults i think of it more like adding email addresses/phone numbers to your address book. for example, if I wanted to start a secure did message chat with someone i'm connectioned with, it'd be clunky to go to my connections list and see every service i've ever interacted with as a connection. furthermore, like emails and and phone numbers, you could still maintain logs of proof requests fulfilled for audit purposes without needing to tie those to connections -- and linking them automatically if a connection with an entity was created after the fact (texting a number, then adding that number to your contact list later is an example i think of)

TelegramSam (Thu, 18 Jul 2019 15:37:37 GMT):
call recording posted for USAfternoon call yesterday: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16321260

TelegramSam (Thu, 18 Jul 2019 16:14:25 GMT):
Thinking about the two roles of this: the inviter and invitee. The inviteee is actively involved in receiving an invite (due to the out of band passing of the invite) which means that prompting the user for a name (perhaps prefilled with a random name as suggested) is a normal flow.

TelegramSam (Thu, 18 Jul 2019 16:16:48 GMT):
the label field is also present in a Request message. This helps the inviter identify the invitee. This is particulary important when it's a group invite, such as a slide during a presentation.

TelegramSam (Thu, 18 Jul 2019 16:18:48 GMT):
so: I think we can eliminate the label from the invite, but we need to discuss the use of a label in the rest of the flow.

TelegramSam (Thu, 18 Jul 2019 16:19:17 GMT):
other ideas include a visual identifier derived from the keys in use.

danielhardman (Thu, 18 Jul 2019 16:21:51 GMT):
@TelegramSam I hadn't considered the need to identify the invitee. That's a good wrinkle to think about. The other thing to consider, possibly, is the need to facilitate introductions. The DID exchange protocol is the second half of the introduction protocol (or more precisely, the introduction protocol ends when the introducer has triggered the DID exchange protocol between the other two parties). When that's the context, the introducer will have already given a label to the other two parties to help them know what to expect of the DID exchange that's about to start...

danielhardman (Thu, 18 Jul 2019 16:23:05 GMT):
For those unfamiliar with the introduce protocol, please see https://github.com/hyperledger/aries-rfcs/blob/master/features/0028-introduce/README.md

TelegramSam (Thu, 18 Jul 2019 16:26:44 GMT):
In all cases, labeling the DID with a 'user suggested name' and allowing easy renaming might be the right answer.

ravip (Thu, 18 Jul 2019 17:56:27 GMT):
Hello everyone, how can one start an agent with '--auto-accept-requests and --auto-accept-invites' flags ON? I see that they have implemented this feature in Aries OpenAPI demo.

sklump (Thu, 18 Jul 2019 18:03:02 GMT):
They're command line arguments; e.g., ``` PORTS="5000:5000 8000:8000" ./scripts/run_docker --admin 0.0.0.0 5000 --inbound-transport http 0.0.0.0 8000 --outbound-transport http -e http://192.168.56.132:8000 --auto-ping-connection --accept-invites --accept-requests --genesis-url http://192.168.56.132:9000/genesis --seed 00000000000000000000000000000000 --wallet-type indy --wallet-name issuer --wallet-key mykey ```

swcurran (Thu, 18 Jul 2019 18:07:17 GMT):
@ravip - in the aries-cloudagent-python Alice/Faber demo, the agent is invoked as a sub-process of the controller and the command line parameters are set here - https://github.com/hyperledger/aries-cloudagent-python/blob/9428c083d76712028e820d87ccdc8719e827b106/demo/runners/support/agent.py#L142 We expect the "normal" use case for ACA-Py will be to have the agent in it's own container (vs. a sub-process) and so in the start up of that container, you would specifiy the command line parameters. The list of command line parameters is documented here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/DevReadMe.md#command-line-arguments

swcurran (Thu, 18 Jul 2019 18:17:05 GMT):
@AmanAgrawal - the OrgBook use case is special in two ways. First, the credentials in it are all public, *not* private information - basically, the pieces of paper that a business puts on their wall for clients to see that they are permitted/qualified to do the work they do. Second, the mechanism is largely to bootstrap the Verifiable Credentials model in a jurisdiction - to get all the gov't (and others) to issue Verifiable Credentials even though no business have their own wallets (to create a supply), so that when organizations get their wallets, they can get verifiable credentials (the demand). There are longer term uses of OrgBook that go beyond bootstrapping, but that was the initial reason for building it. We would definitely not recommend putting 14M citizens private information into an OrgBook-like repository. That would be private information would just be a honeypot for attacks. We would never use that approach for citizen data. On your last question. Once an organization has their own wallet, they will connect to the various services that issued credentials about them to OrgBook to be issued a verifiable credential directly to them. The OrgBook could facilitate the connections, but would not "transfer" the credential they have to the organization. That is technically not feasible, nor is it desirable. The business would just collect the verifiable credentials from the enabled services that provided those same credentials to OrgBook. Hope that helps.

nage (Thu, 18 Jul 2019 18:42:55 GMT):
The implementation work for identity inside of Hyperledger has gotten to a point where there is a significant amount of cross-project collaboration. In particular we have a lot of Indy+Aries+Ursa discussions about API surfaces, release planning and use cases that has always been going on in the Thursday Indy WG call. Since the nature of that collaboration now spans multiple projects with the three we mentioned, we are moving that call underneath the Identity WG's management and officially opening it up to all Identity Implementation work (we didn't want it to distract from the higher-level whitepaper or use case work already going on in the bi-weekly call we have now). So if you're writing identity code for a Hyperledger project, or anything that intends to be interoperable with a Hyperledger project, please join us for the first Identity Implementers call next Thursday at 9 AM mountain time. We will be discussing whether to have the call every week or every other week, and looking for any other working groups from the projects that would like to report status or discuss progress.

swcurran (Thu, 18 Jul 2019 18:45:28 GMT):
What about allowing an optional passing of a proof as the label in the request and response messages? So instead of getting a self-attested name, you are getting a self-selected, 3rd party attested name? I believe the other party can construct the proof request and send the proof, and that the recipient can verify it, and use the included claim for the label. This would work like the "reply-to" mechanism, be flexible, but in time, cultural norms would define what is appropriate to use for that in different situations. Could that work?

danielhardman (Thu, 18 Jul 2019 18:49:09 GMT):
It could. But if that's the only option we offer, I think it still depends on VCs too much. Self-attested names are really quite normal and perfectly fine for many relationships. If I meet a salesman at a car dealership and we build a relationship around a car purchase, I may eventually do some pretty formal stuff with him--but I will *never* care whether he's lied to me about his first name. It's just a handle. He could call himself Iggy Stardust for all I care. Now, if we make your proposal optional, then I think we've done something quite nice. We've given people the option of beginning a relationship with high assurance of the other party's name. A moderate amount of the time, that would be nice.

swcurran (Thu, 18 Jul 2019 18:51:26 GMT):
Yes, that's what I was thinking - optional and a self-attested option as well. Then the user experience and usage patterns would push to making one that easy path for the user.

danielhardman (Thu, 18 Jul 2019 18:51:41 GMT):
That's a pretty happy place, IMO.

smithsamuelm (Thu, 18 Jul 2019 19:18:14 GMT):
will you be sending a calendar invite

kdenhartog (Thu, 18 Jul 2019 20:35:01 GMT):
I'm a bit leery on the idea of passing credentials in the unencrypted format. It seems odd that we would go to great lengths to protect the sender's key in the crypto layer and then pass plaintext VCs around.

nage (Thu, 18 Jul 2019 20:35:20 GMT):
The existing Indy WG appointment on the Hyperledger calendar will be updated to reflect the change

kdenhartog (Thu, 18 Jul 2019 20:36:27 GMT):
At least with the self attested data I can do something that provides indirection (e.g. provide a random number) but with credential data it makes for some privacy reduction that I don't believe are worth the tradeoffs of being able to name the connection immediately.

swcurran (Thu, 18 Jul 2019 20:43:03 GMT):
I deliberately did not say in the invite, but on the request/response, which are encrypted.

kdenhartog (Thu, 18 Jul 2019 20:43:56 GMT):
ahh ok, I missunderstood you then. Thanks for clarifying.

drummondreed (Fri, 19 Jul 2019 05:04:37 GMT):
+1 to the "happy place" (as Daniel calls it) where this thread ended up. The option of a self-attested label or a VC (or, in theory, both) seems right.

swcurran (Fri, 19 Jul 2019 16:48:03 GMT):
FYI - the BC Gov team has initiated an open source project (via an open source "Code With Us" bounty) to implement a OpenIDConnect Identity Provider that works using Verifiable Credentials. Mattr Global is doing the work with BC Gov. The initial repo for the effort has been created and a first draft of a document that outlines many of the details of how it is going to work is in the repo. Check it out here - https://github.com/bcgov/vc-authn-oidc. Please feel free to help with this effort - add issues, ask questions and add pull requests. We're hoping to have something that can be easily used with any IAM in any deployment.

gcsfred (Sun, 21 Jul 2019 00:44:08 GMT):
Greetings from Ottawa! This is my interaction at this chat. I read https://github.com/hyperledger/education/blob/master/LFS171x/docs/introduction-to-hyperledger-indy.md . It is still not very clear how Indy uses ZKPs. The same question goes for Aries. How does Aries use ZKPs. -- Cheers -- Gustavo

AmanAgrawal (Sun, 21 Jul 2019 10:52:34 GMT):
Thanks much for the insight @swcurran

AmanAgrawal (Mon, 22 Jul 2019 03:57:35 GMT):
Thanks much for the insight @swcurran

Thomas_the_Consultant (Mon, 22 Jul 2019 10:35:21 GMT):
Has joined the channel.

janb (Mon, 22 Jul 2019 10:36:36 GMT):
the ZKPs that are supported in the protocol are basically that you can require that a certain attribute has an integer value >= a given value.. so anything you want to check if someone is 18 and you have the DOB the credential would need to use e.g. epoch date.. so you cannot use a string notation for the date if you want to use ZKPs. /// predicate_info: Describes requested attribute predicate /// { /// "name": attribute name, (case insensitive and ignore spaces) /// "p_type": predicate type (Currently >= only) /// "p_value": predicate value /// "restrictions": Optional, /// "non_revoked": Optional<>, // see below, /// // If specified prover must proof non-revocation /// // for date in this interval this attribute /// // (overrides proof level interval) /// } https://hyperledger-indy.readthedocs.io/projects/sdk/en/latest/docs/design/002-anoncreds/README.html

sklump (Mon, 22 Jul 2019 11:15:59 GMT):
A richer set of predicates are part of the upcoming rich schema project. At present it's even less complete than it appears at first glance: if you want to use DoB for age of majority, you must store it as a negative stringified integer (e.g., epoch seconds) and then test whether that moment exceeds the negative of the current moment plus [16/18/19/21] calendar years' worth of seconds.

sklump (Mon, 22 Jul 2019 11:15:59 GMT):
A richer set of predicates are part of the upcoming rich schema project. At present it's even less complete than it appears at first glance: if you want to use DoB for age of majority, you must store it as a negative stringified integer (e.g., epoch seconds) and then test whether that (negative) moment exceeds the negative of the current moment plus [16/18/19/21] calendar years' worth of seconds.

sklump (Mon, 22 Jul 2019 11:15:59 GMT):
A richer set of predicates are part of the upcoming rich schema project. At present it's even less complete than it appears at first glance: if you want to use DoB for age of majority, you must store it as a negative stringified integer (e.g., epoch seconds) and then test whether that (negative) value exceeds the negative of the current moment plus [16/18/19/21] calendar years' worth of seconds.

janb (Mon, 22 Jul 2019 15:14:19 GMT):
on that topic - can anyone share the anoncreds 2.0 roadmap? I hear richer schema etc. but I have a hard time to find info on that.

dbluhm (Mon, 22 Jul 2019 15:22:24 GMT):
https://github.com/hyperledger/indy-hipe/tree/master/text/0119-rich-schemas That's the HIPE on rich scehmas. @kenebert can point you to other resources are perhaps answer other questions directly.

VipinB (Mon, 22 Jul 2019 16:36:47 GMT):
One of the themes of this year for the Identity WG has been the building of bridges from Blockchain systems to Legacy and Enterprise IAM. This effort fits that theme. @swcurran, please do a presentation of this effort on the IDWG call this wednesday at 12 noon EDT (16:00 UTC)...

swcurran (Mon, 22 Jul 2019 16:45:59 GMT):
I'm not familiar with that meeting. Can you point me to the details?

AmanAgrawal (Mon, 22 Jul 2019 16:47:05 GMT):
Hello, I am working on implementing a business scenario where, one of the agent contains multiple VCs in its wallet and wants to share the data with the other agents on the network, how can I achieve this using indy-aries? Is it feasible enough to pursue?

AmanAgrawal (Mon, 22 Jul 2019 16:47:05 GMT):
Hello, I am working on implementing a business scenario where, one of the agent contains multiple VCs in its wallet and wants to share this private data with the other agents on the network(just among the agents), how can I achieve this using indy-aries? Is it feasible enough to pursue?

VipinB (Mon, 22 Jul 2019 16:49:36 GMT):
https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings Wednesday 24th 4 pm UTC

VipinB (Mon, 22 Jul 2019 16:51:22 GMT):
We helped launch Indy, and will also host the implementation co-ordination of Aries/Indy/Ursa on Thursday instead of Indy WG meeting - Identity WG is the home of all Identity related concerns in Hyperledger channel: https://chat.hyperledger.org/channel/identity-wg

swcurran (Mon, 22 Jul 2019 17:54:26 GMT):
Sounds good. I can join the call and talk about it. How long are you thinking?

RaviJha (Mon, 22 Jul 2019 17:57:42 GMT):
Hi, I am trying to run the Alice-faber demo and wanted to understand how the credentials are getting stored? I can see in the code that it's just a dictionary and stored anywhere. How can I store them?

swcurran (Mon, 22 Jul 2019 18:00:57 GMT):
A reminder that BC Gov is presenting a session on *aries-cloudagent-python: Architectural Deep Dive* tomorrow at 8AM Pacific. We'll do a summary of the architecture with all of the developers available for questions and discussions. Join the Zoom Meeting: https://zoom.us/j/491220480

swcurran (Mon, 22 Jul 2019 18:00:57 GMT):
A reminder that BC Gov is presenting a session on *aries-cloudagent-python: Architectural Deep Dive* tomorrow at 8AM Pacific (21 hours from now). We'll do a summary of the architecture with all of the developers available for questions and discussions. Join the Zoom Meeting: https://zoom.us/j/491220480

mccown (Mon, 22 Jul 2019 18:02:54 GMT):
@swcurran will the BC Gov presentation be recorded? Part of our office is Australia and I'd like to point them to it.

swcurran (Mon, 22 Jul 2019 18:05:13 GMT):
Yes. If there is enough demand, we can do a late-in-our-day one to cover other time zones.

swcurran (Mon, 22 Jul 2019 21:32:47 GMT):
OK - that's more than enough, and will leave time for questions. Talk to you then!

VipinB (Mon, 22 Jul 2019 21:34:07 GMT):
I will put this on the Agenda and frame it around the bigger issue of Bridges between Blockchains and Legacy IAM.

gcsfred (Tue, 23 Jul 2019 12:16:39 GMT):
the ZKPs that are supported in the protocol are basically that you can require that a certain attribute has an integer value >= a given valu

Zohaib_Sohail (Tue, 23 Jul 2019 12:49:43 GMT):
I want to know that how messages are exchanged between edge agents? Like my current understanding is that every edge agent have a Public Did and an endpoint(ip address) associated with it but in real life use case mobile phones would have dynamic ips. So, how would this scheme is going to work? Please Clarify @swcurran @tplooker @kdenhartog @danielhardman ?

wangdong (Tue, 23 Jul 2019 12:52:30 GMT):
@swcurran is there a recording for the meeting?

sklump (Tue, 23 Jul 2019 13:01:39 GMT):
@wangdong note that it is till 2 hours in the future

sklump (Tue, 23 Jul 2019 13:01:39 GMT):
@wangdong note that it is still 2 hours in the future

Thomas_the_Consultant (Tue, 23 Jul 2019 14:13:27 GMT):
IIRC (I'm just an Indy user, not part of the Sovrin team), the mobile agent would include an end-point to a cloud agent in their DID document. You would then send any messages intended for the mobile to the cloud agent which acts as a post box for the mobile.

janb (Tue, 23 Jul 2019 14:13:43 GMT):
question: is there a way to promote a way to acquire a credential? If you miss a credential to fulfill a proof, is there something in the did to promote a URL "go here and follow the steps to get the XY credential"? (bit of a crosspost from the DID sovrin chat)

swcurran (Tue, 23 Jul 2019 14:35:40 GMT):
A reminder that BC Gov is presenting a session on aries-cloudagent-python: Architectural Deep Dive starting in 25 minutes. We'll do a summary of the architecture with all of the developers available for questions and discussions. Join the Zoom Meeting: https://zoom.us/j/491220480

dbluhm (Tue, 23 Jul 2019 15:11:26 GMT):
@swcurran's slides for the Architectural Deep Dive: https://docs.google.com/presentation/d/1K7qiQkVi4n-lpJ3nUZY27OniUEM0c8HAIk4imCWCx5Q/edit?usp=sharing

swcurran (Tue, 23 Jul 2019 17:09:11 GMT):
Here is the recording from the Aries Cloud Agent - Python Architectural Deep Dive today. Enjoy! https://zoom.us/recording/share/g0FWhTIU1GB8OzDvZw3edEJlI9ipmNzGM-qWPtJ51-OwIumekTziMw

TelegramSam (Tue, 23 Jul 2019 17:17:41 GMT):
We have time for additional topics on the Aries call tomorrow. What topics/RFCs do you want to be covered tomorrow?

Silona (Tue, 23 Jul 2019 17:32:45 GMT):
https://www.hyperledger.org/blog/2019/07/23/rhythm-and-melody-how-hubs-and-agents-rock-together

TelegramSam (Tue, 23 Jul 2019 18:05:16 GMT):
Thank you @Silona et. al. for getting that posted!

dbluhm (Tue, 23 Jul 2019 18:21:15 GMT):
I raised a question in Aries RFCs for adding a predefined identity for the protocol test suite: https://github.com/hyperledger/aries-rfcs/issues/139 Comments from @danielhardman would be particularly helpful! :slight_smile:

Silona (Tue, 23 Jul 2019 18:54:49 GMT):
Thanks! I also tweeted it and posted it to my linkedin...

spilling (Tue, 23 Jul 2019 19:25:46 GMT):
I have a use case where a mobile agent has an existing connection to a web agent. I would like to issue a credential to the mobile agent. Assuming that this user has connected multiple mobile agents to the web agent, how would we decide which connection to prepare the credential offer for? The preferred path would be to offer a QR code to the mobile agent and somehow negotiate to find the existing connection, then offer the credential on that connection. Is there already a feature to cover this?

swcurran (Tue, 23 Jul 2019 19:54:17 GMT):
That sounds much like the Email Verification Service is doing. It's a controller for the Aries-CloudAgent-Python. It collects and email address from the user, creates an invitation associated with the email address and puts it into a link in an email. When the user clicks on the link (confirming they own the link) they get a QR code of the invitation such that there is a linkage between the connection and the web session (aka the email address). It's not a "core feature" but certainly can be implemented. Look at https://github.com/bcgov/indy-email-verification

haniavis (Tue, 23 Jul 2019 19:54:35 GMT):
Hi, what is the difference between these two agents? https://github.com/hyperledger/aries-cloudagent-python and https://github.com/hyperledger/indy-agent/tree/master/python

dbluhm (Tue, 23 Jul 2019 19:57:20 GMT):
https://github.com/hyperledger/indy-agent#migration-notice

dbluhm (Tue, 23 Jul 2019 20:01:03 GMT):
The Aries Cloud Agent - Python supersedes the Indy Python Reference Agent. Indy Agent was a useful demonstration of a lot of the principles discussed as part of the Indy Agent WG call. The Aries Cloud Agent Python has far more hours of developer time put into it and is actively being developed. It is currently unclear whether there is any need to continue work on the Python Reference Agent but probably not; it is effectively deprecated.

swcurran (Tue, 23 Jul 2019 21:27:31 GMT):
Yup - that's it. To extend it a little further, in the newer take on Indy, few agents would have public DIDs - just those that issue credentials. All others would connect using pairwise dids that are not published on a ledger. This material starts from the Indy course on blockchain and goes from there to explain it... https://github.com/hyperledger/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev

george.aristy (Tue, 23 Jul 2019 21:36:16 GMT):
Do we have a standard Storage API yet? The wallets RFC talks about the general features that storage must provide not technical specifications for the actual interface. All I see is indy-sdk used as reference.

ianco (Tue, 23 Jul 2019 21:37:27 GMT):
https://github.com/hyperledger/indy-sdk/tree/master/docs/design/003-wallet-storage

george.aristy (Tue, 23 Jul 2019 21:38:38 GMT):
Yep - I know. I want to know if this will be the standard Aries Storage interface

george.aristy (Tue, 23 Jul 2019 21:39:28 GMT):
At least, will all those be standard Storage features?

ianco (Tue, 23 Jul 2019 21:39:50 GMT):
Ah ok got it. This is the standard for Indy, I don't think there is (yet) a plan for a different storage for Aries. @swcurran would know

swcurran (Tue, 23 Jul 2019 21:48:56 GMT):
Currently in aries-cloudagent-python there is a generic storage service, and two implementations - one using in-memory persistence (mainly for tests) and one based on Indy storage. So, there is an abstraction layer that enables other implementations, but no serious alternatives other than Indy. For now, it's sufficient, but we'd be fine with the community deciding on other approaches.

swcurran (Tue, 23 Jul 2019 21:50:02 GMT):
We're also looking for some new features in the underlying Indy implementation.

jljordan_bcgov (Tue, 23 Jul 2019 23:19:48 GMT):
Hi Fellow Community Members! We, the folks from the BC gov VON (https://vonx.io) team, would like to share an opportunity with members of open communities to work with us to do some focused collaboration around mobile agent, Aries agents and aries-cloudagent-python interoperability. We have a pilot production service planned for a significant professional accreditation organization within our province coming up in the fall. This pilot has a requirement for mobile agents to be able to hold and offer verifiable credentials issued and verified by services operating instances of aries-cloudagent-python. Details are in this Open Collaboration MOU: https://drive.google.com/open?id=1GPZ4p4zM36AN3DcHJ13s_IisSrT4F3S0 More details around the use case and how we intend to work with the community are in the document. Our offer is to work closely, in the open, with groups that we believe are close to having a releasable mobile agent such that their agent could be one of the listed compatible agents when this new service goes live. Our expectation is for the production pilot to occur this fall. If you are interested and think you have a mobile agent that is close to release, please review this Open Collaboration MOU, and contact us via Hyperledger Rocket.Chat or via my email available in the MOU. We would expect to have all participates identified with signed MOUs by Aug 6th 2019.

Rick (Wed, 24 Jul 2019 06:34:31 GMT):
hi, for aries agent how can a holder knows that if his credential is revoked or not? does the holder need to selfcreate a proof to himself and verify proof?

sklump (Wed, 24 Jul 2019 10:09:31 GMT):
At present, aca-py does not support revocation.

swcurran (Wed, 24 Jul 2019 13:52:22 GMT):
Revocation support in Aries agents for Indy Credentials will be the same as for Indy agent and will be added relatively soon. From a technical perspective, the Issuer can unilaterally revoke the credential with no notice need be given to the holder. From a business perspective (which is what I think you are asking), we would expect that the issuer will notify the holder that they will/have revoke the credential and offer the holder a new credential that reflects the new state of the credential. For example, if you move, the Driver's Licence agency will revoke your old licence and issue you a new one with the new address. Since the issuer has a nice, secure, end-to-end channel to message you with DIDComm, they would have an easy time notifying you of the change and offering you a new credential.

janb (Wed, 24 Jul 2019 17:57:01 GMT):
another interesting aspect: even if a credential was revoked you can also check if it was valid before timestamp X, so even if e.g. the drivers license is revoked the DoB attribute on that license still holds value regardless of the overall validity

janb (Wed, 24 Jul 2019 17:57:45 GMT):
so revoked -> have the holder delete it is not necessarily the flow you might want to implement

swcurran (Wed, 24 Jul 2019 17:58:28 GMT):
Agreed - a passport can still be used for somethings even after revocation.

swcurran (Wed, 24 Jul 2019 17:58:28 GMT):
Agreed - a physical passport can still be used for somethings even after revocation.

swcurran (Wed, 24 Jul 2019 17:58:28 GMT):
Agreed - a physical passport can still be used for some things even after revocation.

sklump (Wed, 24 Jul 2019 18:04:21 GMT):
@janb , true from far but not in detail: the holder can present proof that it was valid at timestamp X if it actually was: it's an instant, not a time period. The verifier can specify an interval where he will accept proof of non-revocation, but the non-revocation proof itself is at a given timestamp, not over an interval. For example, verifier: was he a lawyer any time last year?

sklump (Wed, 24 Jul 2019 18:04:21 GMT):
@janb , true from far but not in detail: the holder/prover can present proof that it was valid at timestamp X if it actually was: it's an instant, not a time period. The verifier can specify an interval where he will accept proof of non-revocation, but the non-revocation proof itself is at a given timestamp, not over an interval. For example, verifier: was he a lawyer any time last year? prover: here's proof he was a lawyer on Feb 3.

sklump (Wed, 24 Jul 2019 18:04:21 GMT):
@janb , true from far but not in detail: the holder/prover can present proof that it was valid at timestamp X if it actually was: it's an instant, not a time period. The verifier can specify an interval where he will accept proof of non-revocation, but the non-revocation proof itself is at a given timestamp, not over an interval. For example, verifier: was he a lawyer any time in 2018? prover: here's proof he was a lawyer on 2018-02-03.

VipinB (Wed, 24 Jul 2019 18:48:34 GMT):
Thanks for your presentation! I have posted the meeting minutes.

VipinB (Wed, 24 Jul 2019 18:51:02 GMT):
https://wiki.hyperledger.org/display/IWG/2019-07-24

TelegramSam (Wed, 24 Jul 2019 18:53:44 GMT):
Aries WG Meeting in 7 minutes: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16322546

Rick (Thu, 25 Jul 2019 02:48:29 GMT):
can we configure for the agent to target a specific node in the indy pool to communicate to instead of the indy-node-pool?

mtfk (Thu, 25 Jul 2019 04:52:10 GMT):
As we briefly mentioned during our yesterday call about the topic of IoT and connection towards Aries components. I would love to find out who is in that space and collect some more information about the current status. Would be nice to bootstrap discussion. If anyone has anything to share in the space of IoT or knows someone who could, please comment here. I will try to collect as much input as possible for further discussion and do some preparation for our call (it could be the morning call if the timezone is problematical). Of course if someone has already some work which he would like to share that would be perfect.

janb (Thu, 25 Jul 2019 08:18:49 GMT):
@sklump yes that's how I understood it, I thought though that you can define a span or just a before

TelegramSam (Thu, 25 Jul 2019 14:19:41 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16322546

nage (Thu, 25 Jul 2019 14:36:18 GMT):
https://wiki.hyperledger.org/display/IWG/2019-07-25+Identity+WG+Implementers+Call

TelegramSam (Thu, 25 Jul 2019 15:31:51 GMT):
Repo link for Aries Toolbox: https://github.com/TelegramSam/aries-toolbox

TelegramSam (Thu, 25 Jul 2019 15:32:06 GMT):
Please follow master. After I return from vacation, I'll be transfering the repo to hyperledger.

mxs1491 (Thu, 25 Jul 2019 15:47:11 GMT):
Hi Robert, would you be interested in joining the conversation on SSI in IoT task force? Would be great to have you part of the team.

mtfk (Thu, 25 Jul 2019 17:02:49 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=3zPRapQNoQhn9CKSu) @mxs1491 I am definitely in. Just tell me where and when

wadeking98 (Thu, 25 Jul 2019 21:26:46 GMT):
Hello again everyone, on my project I have users connected to aries agents with the ability to connect to each other and send messages. when a user logs in it finds two random free ports to start the aries agent on. The only problem is that when two users form a connection each user's inbound transport port is saved in the connection. so if one user logs out and logs back in again they will be allocated a new port for inbound transport, but the connection will still contain their old inbound transport and the user won't be able to recieve messages. My question is: *is there any way I can update the connection information so that it contains the new inbound transport for each agent?*

andrew.whitehead (Thu, 25 Jul 2019 22:23:26 GMT):
I believe this is covered by Aries RFC 30 but I don’t know of any implementations yet

swcurran (Thu, 25 Jul 2019 22:25:19 GMT):
Two answers. First, I think you want to avoid that situation, so I would relook at the approach. Second, what you are asking is can you update the DIDDoc of a peer DID. At the moment, you cannot. The did:peer spec is being reviewed and will be accepted and then implemented in the various code bases in a consistent way. Once that is there you will be able to update a DIDDoc for a pairwise DID.

swcurran (Thu, 25 Jul 2019 22:26:25 GMT):
Ah...well there you go. Same answer as mine, but you can look at RFC 30 - which should be the same as the did:peer spec.

wadeking98 (Thu, 25 Jul 2019 22:31:24 GMT):
sorry I'm still a bit new to hyperledger, what is RFC 30?

wadeking98 (Thu, 25 Jul 2019 22:31:24 GMT):
sorry I'm still a bit new to hyperledger, what is RFC 30 or where can I find it?

swcurran (Thu, 25 Jul 2019 22:36:20 GMT):
It's here - https://github.com/hyperledger/aries-rfcs/tree/master/features/0030-sync-connection

swcurran (Thu, 25 Jul 2019 22:36:50 GMT):
The aries-rfc repo has many specs about aries that enables interop.

wadeking98 (Thu, 25 Jul 2019 22:41:09 GMT):
ah thank you, I'll read it over and maybe think of a different approach for my user connections

swcurran (Thu, 25 Jul 2019 22:59:36 GMT):
FYI - this is the did:peer spec that will be the basis of pairwise DIDs.

swcurran (Thu, 25 Jul 2019 22:59:38 GMT):
https://openssi.github.io/peer-did-method-spec/index.html

Zohaib_Sohail (Fri, 26 Jul 2019 07:19:15 GMT):
I have indy local pool running inside a vm and indy agent on my host machine but could not be able to open pool handler with the error: name: 'IndyError', message: 'PoolLedgerTimeout', indyCode: 307, indyName: 'PoolLedgerTimeout'

WadeBarnes (Fri, 26 Jul 2019 12:58:14 GMT):
@Zohaib_Sohail, How did you start the Indy Pool inside your VM? Are you using [von-network](https://github.com/bcgov/von-network)? If so you may have to follow the [Running the Network on a VPS](https://github.com/bcgov/von-network#running-the-network-on-a-vps) instructions and expose the ledger network on the VM's external IP, otherwise it will be running on `http://localhost:9000` and be inaccessible to external agents. On the agent side you'll need to point it at VM's IP.

jadhavajay (Fri, 26 Jul 2019 16:37:29 GMT):
Great, thanks for your suggestions - @TelegramSam & @swcurran. It's a good idea to write a demo controller in nodejs which talks to the ACA-Py agent.

carl.diclementi (Fri, 26 Jul 2019 18:07:42 GMT):
current revokation status should still be checked though, right? It may be revoked due to an error in the issuance process where invalid data was used in the claim(s)

swcurran (Fri, 26 Jul 2019 18:19:44 GMT):
That's a business decision you would make as a verifier. How fresh does the revocation check have to be in the proof?

spilling (Fri, 26 Jul 2019 21:55:19 GMT):
I have gotten a 307 when I mixed up the txn file being used by the agent. In my case I had 4 nodes in the file, but only three running.

Rick (Sun, 28 Jul 2019 14:32:41 GMT):
During wallet query could there be pagination for the credentials? as i checked the implementation seems to not have it

jljordan_bcgov (Sun, 28 Jul 2019 15:59:06 GMT):
What would your use case be?

jljordan_bcgov (Sun, 28 Jul 2019 16:00:37 GMT):
For individuals it’s likely there will be very few credentials that satisfy a presentation request For credential registry use case such as our OrgBook BC implementation there is a query language to narrow down search results from wallet

Rick (Mon, 29 Jul 2019 06:25:01 GMT):
let's say for OrgBook BC i would like to query all credentials from a province, naturally there would be a large amount of credentials

lucafra (Mon, 29 Jul 2019 11:20:29 GMT):
Hi guys, I am having problems running the Aries Cloud Agent. I have tried to install the libsodium library in several ways, but I still get the same error logs: `Traceback (most recent call last): File "/home/ubuntu/.local/bin/aca-py", line 23, in from aries_cloudagent import main File "/home/ubuntu/.local/lib/python3.6/site-packages/aries_cloudagent/__init__.py", line 10, in from .conductor import Conductor File "/home/ubuntu/.local/lib/python3.6/site-packages/aries_cloudagent/conductor.py", line 37, in from .wallet.crypto import seed_to_did File "/home/ubuntu/.local/lib/python3.6/site-packages/aries_cloudagent/wallet/crypto.py", line 9, in import pysodium File "/home/ubuntu/.local/lib/python3.6/site-packages/pysodium/__init__.py", line 35, in raise ValueError('Unable to find libsodium') ValueError: Unable to find libsodium`. Can somebody give me some tips to go through it? Thanks

dbluhm (Mon, 29 Jul 2019 12:44:15 GMT):
What are the ways you've tried installing libsodium? What version of ubuntu are you running?

lucafra (Mon, 29 Jul 2019 13:06:14 GMT):
Hi dbluhm, thank you for your answer, i had a slip in getting the right libsodium for my ubuntu 18.04. It was probably my fault on getting the right binary, thanks for the help!

jljordan_bcgov (Mon, 29 Jul 2019 15:57:23 GMT):
So ... it depends on what layer you are contemplating the query from. If it is from the API / web app level then it is a question of configuration of the SOLR index and web app. If you are thinking about the lower layers at the Indy SDK or Aries Cloud Agent layers .. that is a different question that some of the developers can tackle ... https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0050-wallets/README.md is a helpful doc

smithsamuelm (Mon, 29 Jul 2019 16:36:58 GMT):
I have been exercising the aca-py CLI agent. I am confused about the difference in purpose of the inbound transport and the endpoint. Could someone care to explain in more detail?

andrew.whitehead (Mon, 29 Jul 2019 17:00:21 GMT):
Hi Sam – the inbound transports define what address and port to bind to, but the endpoint is the URL used by an external client to connect to the service. It may use a resolvable domain name instead of an IP address, and the port number or path could be different due to request forwarding. At the moment only one endpoint is supported (added to the DIDDoc sent in a connection request/response)

sauveergoel (Mon, 29 Jul 2019 17:27:53 GMT):
Hi, I am trying to make the indy-email-verification project but recieving the following error

sauveergoel (Mon, 29 Jul 2019 17:28:13 GMT):
aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: UnauthorizedClientRequest('The action is forbidden',)

wadeking98 (Mon, 29 Jul 2019 17:50:02 GMT):
Hi all, I'm looking into setting up a routing agent so other agents can change ports and still be connected through the routing agent. Before I get started, I wanted to ask if there's any existing support in aca-py for creating a routing agent (ie, special flags or combination of flags, etc)

andrew.whitehead (Mon, 29 Jul 2019 17:53:53 GMT):
Actually it's automatically enabled at the moment, although that should be changed. I'll likely add a `--enable-routing` flag soon

andrew.whitehead (Mon, 29 Jul 2019 17:54:35 GMT):
It sounds like the agent's DID isn't registered on the ledger. Which ledger are you using?

andrew.whitehead (Mon, 29 Jul 2019 17:54:35 GMT):
It sounds like the agent's DID isn't registered on the ledger, or is registered with an insufficient role. Which ledger are you using?

andrew.whitehead (Mon, 29 Jul 2019 17:56:44 GMT):
You should likely run a local von-network instance and connect to that instead

andrew.whitehead (Mon, 29 Jul 2019 17:56:44 GMT):
You should likely run a local von-network instance and connect to that instead, if doing local development

sauveergoel (Mon, 29 Jul 2019 17:57:18 GMT):
i am just trying to make the code up and running as of now

sauveergoel (Mon, 29 Jul 2019 17:58:15 GMT):
these are the genesis txns that are throwing issue

sauveergoel (Mon, 29 Jul 2019 18:01:23 GMT):
could you please guide me with the steps to setup and point towards a local von-network instance

andrew.whitehead (Mon, 29 Jul 2019 18:03:26 GMT):
Oh I see, the docker-compose file for that project has the genesis transactions and seed hard-coded

andrew.whitehead (Mon, 29 Jul 2019 18:04:12 GMT):
You can plug in a different seed and register it using the form on the ledger page

swcurran (Mon, 29 Jul 2019 18:05:17 GMT):
The inbound transport is how to physically reach the agent. The endpoint is what the agent will put into a DIDDoc to tell other agents how to reach it. Those could be the same thing if the agent is directly connecting to other agents. However, if the agent is using a routing agent, those would be different things - the endpoint would be how another agent (owned by another entity) would send message to this agent.

smithsamuelm (Mon, 29 Jul 2019 18:06:00 GMT):
So if I don't supply and endpoint is it the same as the inbound transport?. To be more specific. I have agents and ledger nodes. When do agents use the endpoint vs the inbound transport. Likewise for ledger nodes?

sauveergoel (Mon, 29 Jul 2019 18:06:52 GMT):
aries_cloudagent.error.StartupError: New seed provided which doesn't match the registered public did 4QxzWk3ajdnEA37NdNU5Kt

sauveergoel (Mon, 29 Jul 2019 18:07:11 GMT):
i registered this DID using the new seed

smithsamuelm (Mon, 29 Jul 2019 18:07:16 GMT):
So invites etc can all use the inbound transport. Only when I do routing do I need the endpoint so that it can be different than the inbound if needed?

sauveergoel (Mon, 29 Jul 2019 18:07:33 GMT):
on the portal and then supplied the same seed to the docker-compose file and recieved this error

andrew.whitehead (Mon, 29 Jul 2019 18:07:36 GMT):
Try a ./manage rm first to erase the wallet

andrew.whitehead (Mon, 29 Jul 2019 18:07:36 GMT):
Try a `./manage rm` first to erase the wallet

wadeking98 (Mon, 29 Jul 2019 18:08:21 GMT):
Thats an issue with the wallet name, If you regester a new seed without changing the wallet name it will give you that error.

sauveergoel (Mon, 29 Jul 2019 18:10:05 GMT):
how can i change the wallet name

sauveergoel (Mon, 29 Jul 2019 18:10:14 GMT):
CouldNotAuthenticate('Can not find verkey for 8VgcmHBjpjuNjjPx6f9YYR',) this is the new error is gave

wadeking98 (Mon, 29 Jul 2019 18:11:28 GMT):
could you post the full command you're using to run the agent?

sauveergoel (Mon, 29 Jul 2019 18:12:05 GMT):
aca-py -it http 0.0.0.0 $${AGENT_PORT} -ot http --admin 0.0.0.0 $${ADMIN_PORT} -e \"$${SITE_URL}\" --wallet-type indy --seed \"$${INDY_SEED}\" --genesis-transactions \"$${GENESIS_TRANSACTIONS}\" --label \"$${AGENT_LABEL}\" --auto-accept-invites --auto-accept-requests --admin-insecure-mode

sauveergoel (Mon, 29 Jul 2019 18:13:21 GMT):
also the new wallet and registering the new DID worked for a few further steps but it gave a new eror afterwards

sauveergoel (Mon, 29 Jul 2019 18:13:28 GMT):
aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: UnauthorizedClientRequest('The action is forbidden',)

sauveergoel (Mon, 29 Jul 2019 18:14:28 GMT):
also the email-verifier-service gave the below 2 errors:

sauveergoel (Mon, 29 Jul 2019 18:14:30 GMT):
WARNING: seems that you're using Django, but we could not find a 'manage.py' file.

sauveergoel (Mon, 29 Jul 2019 18:14:39 GMT):
json.decoder.JSONDecodeError: Extra data: line 1 column 5 (char 4)

wadeking98 (Mon, 29 Jul 2019 18:14:49 GMT):
add a "--wallet-name sauveergoal" flag to your command.

andrew.whitehead (Mon, 29 Jul 2019 18:15:09 GMT):
You should always specify the endpoint, otherwise it won't know what URL to use in the invitation

wadeking98 (Mon, 29 Jul 2019 18:15:09 GMT):
each wallet name should have it's own seed

wadeking98 (Mon, 29 Jul 2019 18:15:35 GMT):
and if a wallet name has more than one seed it will throw an error

wadeking98 (Mon, 29 Jul 2019 18:16:51 GMT):
also could you tell me what action you're doing when you get the CouldNotAuthenticate('Can not find verkey for 8VgcmHBjpjuNjjPx6f9YYR',) error

sauveergoel (Mon, 29 Jul 2019 18:17:44 GMT):
i registered the DID on the portal with the new seed value and role as trust_anchor

wadeking98 (Mon, 29 Jul 2019 18:19:29 GMT):
are you using the register from seed option or the register from did option

wadeking98 (Mon, 29 Jul 2019 18:22:36 GMT):
there's a couple buttons above the form. One says register from DID, the other says register from seed

wadeking98 (Mon, 29 Jul 2019 18:23:32 GMT):
okay and what are you inputting into the form

sauveergoel (Mon, 29 Jul 2019 18:24:14 GMT):
the seed value as 00000000000000000000000000041234 and the DID as RfypwYjJtEsohYsAVVoZL2 which is generated by the code

wadeking98 (Mon, 29 Jul 2019 18:24:38 GMT):
try just regestering the seed, you dont need to register the did

sauveergoel (Mon, 29 Jul 2019 18:25:18 GMT):
sure, then how can i tell the docker-compose to use the generated DID

wadeking98 (Mon, 29 Jul 2019 18:28:48 GMT):
I think the same seed will generate the same DID every time. if you use a seed that is hardcoded into your docker-compose, if will be linked to the corresponding DID that is also hardcoded into your docker-compose

sauveergoel (Mon, 29 Jul 2019 18:29:54 GMT):
unfortunately when i supply a new seed it generates a DID for the agent

sauveergoel (Mon, 29 Jul 2019 18:30:32 GMT):
it is possible to highlight where exactly can i hardcode the DID

wadeking98 (Mon, 29 Jul 2019 18:31:11 GMT):
yes new seeds will generate new DIDs but old seeds will generate the same DIDs

sauveergoel (Mon, 29 Jul 2019 18:31:49 GMT):
to some extend my problem got solved but what is happening now is that

sauveergoel (Mon, 29 Jul 2019 18:32:07 GMT):
it is able to create a schema and credential def

sauveergoel (Mon, 29 Jul 2019 18:32:20 GMT):
but then it starts to give me the following error:

sauveergoel (Mon, 29 Jul 2019 18:32:28 GMT):
aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: UnauthorizedClientRequest('The action is forbidden',)

wadeking98 (Mon, 29 Jul 2019 18:33:36 GMT):
can you give me an example of the schema you're sending to the ledger?

sauveergoel (Mon, 29 Jul 2019 18:34:02 GMT):
i am not sending it, it is a part of the existing code

sauveergoel (Mon, 29 Jul 2019 18:34:25 GMT):
from the email-verifier-service container

sauveergoel (Mon, 29 Jul 2019 18:35:11 GMT):
INFO 2019-07-29 18:27:28,383 apps 22 139906099361600 {"schema_id": "HQKtQnR8V1opzubac8SSuc:2:verified-email:1.2.1"} email-verifier-service_1 | INFO 2019-07-29 18:27:37,386 apps 22 139906099361600 {"credential_definition_id": "HQKtQnR8V1opzubac8SSuc:3:CL:623:default"} email-verifier-service_1 | INFO 2019-07-29 18:27:37,387 apps 22 139906099361600 cred def id: HQKtQnR8V1opzubac8SSuc:3:CL:623:defaul

smithsamuelm (Mon, 29 Jul 2019 18:36:25 GMT):
can the endpoint be the same as the inbound transport

wadeking98 (Mon, 29 Jul 2019 18:41:09 GMT):
okay I just found a way to replicate the error message. It seems you have to regester an agent's seed before you start the agent or it will crash and give you that error message

andrew.whitehead (Mon, 29 Jul 2019 18:41:24 GMT):
You might use `-it http 127.0.0.1 5000 -endpoint http://127.0.0.1:5000` for instance

andrew.whitehead (Mon, 29 Jul 2019 18:41:24 GMT):
You might use `-it http 127.0.0.1 5000 --endpoint http://127.0.0.1:5000` for instance

sauveergoel (Mon, 29 Jul 2019 18:42:37 GMT):
i supply a new seed and do a ./manage rm and register the seed on the portal

wadeking98 (Mon, 29 Jul 2019 18:44:20 GMT):
you might not have to do all those steps, but for now just to be safe yes, that's what I would do

sauveergoel (Mon, 29 Jul 2019 18:44:45 GMT):
ok doing them and let you know of what happened

wadeking98 (Mon, 29 Jul 2019 18:45:06 GMT):
sounds good, goodluck :thumbsup:

sauveergoel (Mon, 29 Jul 2019 18:45:25 GMT):
should i register the seed with a role?

wadeking98 (Mon, 29 Jul 2019 18:47:55 GMT):
great! so if alice, and faber are connected to the routing agent's endpoint and alice wants to send a message to faber through the routing agent, would I have to create some sort of script so that the routing agent will automatically send alice's message to faber and vice versa? or it there a more elegant solution.

sauveergoel (Mon, 29 Jul 2019 18:48:40 GMT):
so, with all the steps done, it initialized the agent pretty well with the new registered seed, created the schema and the cred_def_id

sauveergoel (Mon, 29 Jul 2019 18:48:53 GMT):
but then again it gave the error

sauveergoel (Mon, 29 Jul 2019 18:49:07 GMT):
Traceback (most recent call last): email-verifier-agent_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start email-verifier-agent_1 | resp = await task email-verifier-agent_1 | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle email-verifier-agent_1 | resp = await handler(request) email-verifier-agent_1 | File "/home/indy/src/aries-cloudagent/aries_cloudagent/messaging/schemas/routes.py", line 59, in schemas_send_schema email-verifier-agent_1 | ledger.send_schema(schema_name, schema_version, attributes) email-verifier-agent_1 | File "/home/indy/src/aries-cloudagent/aries_cloudagent/ledger/indy.py", line 259, in send_schema email-verifier-agent_1 | await self._submit(request_json) email-verifier-agent_1 | File "/home/indy/src/aries-cloudagent/aries_cloudagent/ledger/indy.py", line 220, in _submit email-verifier-agent_1 | f"Ledger rejected transaction request: {request_result['reason']}" email-verifier-agent_1 | aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: UnauthorizedClientRequest('The action is forbidden',)

sauveergoel (Mon, 29 Jul 2019 18:50:17 GMT):
2019-07-29 18:47:25,305 aiohttp.server ERROR Error handling request

sauveergoel (Mon, 29 Jul 2019 18:51:00 GMT):
and this happens just after the email-verifier-service gets up and running

smithsamuelm (Mon, 29 Jul 2019 18:52:02 GMT):
I get this error: Traceback (most recent call last): File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/task_processor.py", line 14, in delay_task return await task File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/transport/outbound/manager.py", line 216, in dispatch_message await transport.handle_message(message) File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/transport/outbound/http.py", line 45, in handle_message message.endpoint, data=message.payload, headers=headers File "/usr/local/lib/python3.7/site-packages/aiohttp/client.py", line 1005, in __aenter__ self._resp = await self._coro File "/usr/local/lib/python3.7/site-packages/aiohttp/client.py", line 476, in _request timeout=real_timeout File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 522, in connect proto = await self._create_connection(req, traces, timeout) File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 854, in _create_connection req, traces, timeout) File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 992, in _create_direct_connection raise last_exc File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 974, in _create_direct_connection req=req, client_error=client_error) File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 931, in _wrap_create_connection raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:8210 ssl:None [Connect call failed ('127.0.0.1', 8210)]

smithsamuelm (Mon, 29 Jul 2019 18:52:35 GMT):
Looks lit its trying to use SSL. Does that mean its requires https? Is that an undocumented feature or a bug?

smithsamuelm (Mon, 29 Jul 2019 18:53:03 GMT):
This is an invitation receipt when the bug occurs

wadeking98 (Mon, 29 Jul 2019 18:55:55 GMT):
unfortunatly I'm not an aries developer so I'm not familiar with the email-verification service because I haven't used it in my project. Maybe @andrew.whitehead @swcurran can help you

andrew.whitehead (Mon, 29 Jul 2019 18:56:33 GMT):
You would need to substitute your real IP address. For the inbound transport you can use 0.0.0.0 to bind on all addresses, partly why we need to support both options

sauveergoel (Mon, 29 Jul 2019 18:56:56 GMT):
I really appriaciate your help. many thanks. waiting for then to reply

andrew.whitehead (Mon, 29 Jul 2019 18:57:54 GMT):
I don't know what's going on there. You say it published the schema and cred def, but it's failing while trying to publish the schema. Is this a second run?

smithsamuelm (Mon, 29 Jul 2019 18:58:42 GMT):
So what it listens for on the endpoint is the same as the inbound transport. It goes into the same workflow for messages? But you need an externalbly addressable endpoint for invitations and routing?

andrew.whitehead (Mon, 29 Jul 2019 18:59:04 GMT):
If you remove the wallet in between but keep the same seed, then it won't have a local copy of the schema and will try to publish it again. That should produce a duplicate schema error though, not this one

andrew.whitehead (Mon, 29 Jul 2019 18:59:53 GMT):
No it just says ssl:None, as in none is enabled

sauveergoel (Mon, 29 Jul 2019 19:00:00 GMT):
i am posting the whole docker-compose log

sauveergoel (Mon, 29 Jul 2019 19:02:09 GMT):
oh wait i guess this is the log when ran the already registered seed, i will register a new seed and send that log too

smithsamuelm (Mon, 29 Jul 2019 19:02:50 GMT):
Hm. Just following the swagger demo and got that error message trying to complete an invite.

andrew.whitehead (Mon, 29 Jul 2019 19:14:09 GMT):
I'm not sure. It looks like the verifier service tries to register the schema again, maybe because the django cache was lost for some reason. Could be a bug in the deployment.

wadeking98 (Mon, 29 Jul 2019 19:14:25 GMT):
I have a quick question similar to @smithsamuelm 's question. Can multiple agents use the same endpoint so long as they have different inbound transports? or does each agent need their own unique endpoint

sauveergoel (Mon, 29 Jul 2019 19:15:16 GMT):
ok...any suggestions on what can be done?

andrew.whitehead (Mon, 29 Jul 2019 19:17:24 GMT):
Not at the moment. I see you already filed an issue. The service isn't under active development but hopefully somebody can try to reproduce it

andrew.whitehead (Mon, 29 Jul 2019 19:20:51 GMT):
There's an example in the demos if you run the performance demo with --routing. Basically Alice would form a connection with the routing agent, then receive an invitation from Faber, without accepting it. The admin method /connections/{conn_id}/establish_inbound/{router_conn_id} is used to make the Faber-Router connection the inbound route for that new invitation. Then when the invitation is accepted, the DIDDoc that is generated in the connection request will reflect the route through the routing agent, which will automatically forward messages to Faber

andrew.whitehead (Mon, 29 Jul 2019 19:20:51 GMT):
There's an example in the demos if you run the performance demo with --routing. Basically Alice would form a connection with the routing agent, then receive an invitation from Faber, without accepting it. The admin method /connections/{invite_conn_id}/establish_inbound/{router_conn_id} is used to make the Faber-Router connection the inbound route for that new invitation. Then when the invitation is accepted, the DIDDoc that is generated in the connection request will reflect the route through the routing agent, which will automatically forward messages to Faber

andrew.whitehead (Mon, 29 Jul 2019 19:20:51 GMT):
There's an example in the demos if you run the performance demo with --routing. Basically Alice would form a connection with the routing agent, then receive an invitation from Faber, without accepting it. The admin method /connections/{invite_conn_id}/establish_inbound/{router_conn_id} is used to make the Faber-Router connection the inbound route for that new invitation. Then when the invitation is accepted, the DIDDoc that is generated in the connection request will reflect the route through the routing agent. That agent will automatically forward messages to Faber based on the recipient key

smithsamuelm (Mon, 29 Jul 2019 20:24:28 GMT):
@andrew.whitehead Maybe you can see what I am doing wrong.

smithsamuelm (Mon, 29 Jul 2019 20:24:51 GMT):
I have two agents running with aca-py. The first one Leo is run with this command line invocation:

smithsamuelm (Mon, 29 Jul 2019 20:24:55 GMT):
$ aca-py --inbound-transport http 0.0.0.0 8100 \ --outbound-transport http \ --log-level debug \ --endpoint https://localhost:8110 \ --label leo \ --genesis-url http://localhost:9000/genesis \ --admin 0.0.0.0 8150 --admin-insecure-mode \ --public-invites \ --auto-accept-invites \ --auto-accept-requests \ --auto-ping-connection \ --auto-respond-messages \ --invite

smithsamuelm (Mon, 29 Jul 2019 20:25:50 GMT):
I am able to see the swagger interface on 8150 and use POST /connections/create-invitation to create an invitation.

smithsamuelm (Mon, 29 Jul 2019 20:26:05 GMT):
{ "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation", "@id": "95570169-2cfb-4f00-be68-a3c456d52a6e", "serviceEndpoint": "http://localhost:8110", "label": "leo", "recipientKeys": [ "3fVhXFAJoqtmLFuryPp3wRDW3EZWSz2vooyEeTyRKc1z" ] }

smithsamuelm (Mon, 29 Jul 2019 20:26:33 GMT):
I then go to Zoe which is another aca-py CLI created with this invocation:

smithsamuelm (Mon, 29 Jul 2019 20:26:47 GMT):
$ aca-py --inbound-transport http 0.0.0.0 8200 \ --outbound-transport http \ --log-level debug \ --endpoint https://localhost:8210 \ --label zoe \ --genesis-url http://localhost:9000/genesis \ --admin 0.0.0.0 8250 --admin-insecure-mode \ --public-invites \ --auto-accept-invites \ --auto-accept-requests \ --auto-ping-connection \ --auto-respond-messages \ --invite

andrew.whitehead (Mon, 29 Jul 2019 20:28:01 GMT):
Leo seems to have https in the endpoint in the invocation, but not in the invite. Zoe has 8200 for the inbound port but 8210 for the endpoint

smithsamuelm (Mon, 29 Jul 2019 20:29:43 GMT):
I then use the swagger interface to POST /connections/receive-invitation I get the following error in the console for Zoe.

smithsamuelm (Mon, 29 Jul 2019 20:30:20 GMT):
File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 931, in _wrap_create_connection raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:8110 ssl:None [Connect call failed ('127.0.0.1', 8110)] 2019-07-29 14:28:02,049 aiohttp.access INFO 127.0.0.1 [29/Jul/2019:20:28:02 +0000] "GET /connections HTTP/1.1" 200 1509 "http://127.0.0.1:8250/api/doc" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Safari/605.1.15"

smithsamuelm (Mon, 29 Jul 2019 20:30:47 GMT):
Says it can't connect to Leo's endpoint.

andrew.whitehead (Mon, 29 Jul 2019 20:31:59 GMT):
Actually Leo is bound to 8100 but has 8110 in the endpoint

smithsamuelm (Mon, 29 Jul 2019 20:32:28 GMT):
So the endpoint and the inbound transport have to be the same port?

smithsamuelm (Mon, 29 Jul 2019 20:33:13 GMT):
OK that would be a good constraint to document in the aca-py docs.

smithsamuelm (Mon, 29 Jul 2019 20:34:11 GMT):
@andrew.whitehead thanks I will test it out.

smithsamuelm (Mon, 29 Jul 2019 20:39:19 GMT):
=( I changed the ports to match now I get a different error

smithsamuelm (Mon, 29 Jul 2019 20:39:21 GMT):
File "/usr/local/lib/python3.7/site-packages/aiohttp/connector.py", line 929, in _wrap_create_connection raise ClientConnectorSSLError(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorSSLError: Cannot connect to host localhost:8100 ssl:None [[SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:1076)] 2019-07-29 14:37:33,751 aiohttp.access INFO 127.0.0.1 [29/Jul/2019:20:37:33 +0000] "GET /connections HTTP/1.1" 200 1509 "http://127.0.0.1:8250/api/doc" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Safari/605.1.15"

andrew.whitehead (Mon, 29 Jul 2019 20:41:40 GMT):
There was an https in the endpoint for Leo, should be http

smithsamuelm (Mon, 29 Jul 2019 21:12:51 GMT):
one clarification. The connection id for the same connection is different on each of the agent's IE Zoe's connection id is not the same as Leo's connection id for the same connection?

andrew.whitehead (Mon, 29 Jul 2019 21:14:33 GMT):
That's right, each agent randomly generates it. It's the key when the record is stored in non-secrets

smithsamuelm (Mon, 29 Jul 2019 21:17:15 GMT):
One more thing. the command line option --invite generates an invite URL that it prints to the console. How would I used that?

andrew.whitehead (Mon, 29 Jul 2019 21:20:13 GMT):
The controller would have to base64-decode the c_i query parameter and post the contents to the connections/receive-invitation endpoint as the request body

luckycharms810 (Mon, 29 Jul 2019 21:25:28 GMT):
When a revocation registry is created for a specific credential, is there a record that allows me to look it up given the credential it has been defined for ?

wadeking98 (Mon, 29 Jul 2019 21:26:26 GMT):
thank you, sorry for the late reply I was doing some digging and testing things out. I noticed that I need to provide the accept="manual" key word arg to the receive_invite method. there's a feild to do this from the admin page but I'm not sure how to do this from a restful API POST call

smithsamuelm (Mon, 29 Jul 2019 21:30:49 GMT):
Making progress =) I am attempting to reproduce the Open API demo but using the aca-py CLI. The next step is

smithsamuelm (Mon, 29 Jul 2019 21:30:49 GMT):
How would I go about getting on the calendar invite list for the morning WG call?

smithsamuelm (Mon, 29 Jul 2019 21:36:35 GMT):
1) Register a public DID and store it on the ledger.

andrew.whitehead (Mon, 29 Jul 2019 21:36:58 GMT):
?accept=manual should work. That or don't turn on --accept-invites

smithsamuelm (Mon, 29 Jul 2019 21:37:21 GMT):
But it appears that there is no endpoint in aca-py to register a did but the faber agent demo does that so how should I do that using the agent?

wadeking98 (Mon, 29 Jul 2019 21:38:31 GMT):
thanks! I'll let you know if it works

andrew.whitehead (Mon, 29 Jul 2019 21:39:02 GMT):
That depends on the ledger. For von-network it's easy, there's a form on the index page (at localhost:9000) or a REST API. For the sovrin test networks you'd have to send an email

smithsamuelm (Mon, 29 Jul 2019 21:43:10 GMT):
Oh I am using the von web server connected to a local indy browser.

smithsamuelm (Mon, 29 Jul 2019 22:02:54 GMT):
Publishing a schema definition requires a public DID but I don't see where to enter it in POST /schemas (I get this error) BadLedgerRequestError("Cannot publish schema without a public DID")

smithsamuelm (Mon, 29 Jul 2019 22:03:48 GMT):
Do I need to bootstrap the Agent with a public DID stored in its wallet? or something like that.

smithsamuelm (Mon, 29 Jul 2019 22:04:08 GMT):
DID: 3avoBCqDMFHFaKUHug9s8W Verkey: 2QiWG18JjfjUFQMk8xdmhyphRzmbveaYbGM3R8iPbiBx

smithsamuelm (Mon, 29 Jul 2019 22:07:28 GMT):
Such as using the same seed in the --seed option

smithsamuelm (Mon, 29 Jul 2019 22:07:30 GMT):
--seed --seed 00000000000000000000000000000000

andrew.whitehead (Mon, 29 Jul 2019 22:11:27 GMT):
Yes, passing --seed would automatically register it as the public DID

rchristman (Tue, 30 Jul 2019 00:15:00 GMT):
@dbluhm in aries_staticagent why is there a route_def decorator in the Module base class? I see the dispatcher has route and flavors of route_module. They make sense, but I can't figure out what Module \@route_def does.

dbluhm (Tue, 30 Jul 2019 00:40:51 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=84vDByJbZqxgnPJaT) @rchristman That decorator allows you to explicitly define routes inside of a module. Look at tests/test_module.py (I believe that's the path...) for an example of its usage

rchristman (Tue, 30 Jul 2019 00:45:43 GMT):
I see \@route_def in test_module_routing_explicit_def. Why do you want to do that? I'm missing something basic here, it seems.

Rick (Tue, 30 Jul 2019 03:53:44 GMT):
Hi all, question about query in aca-py the example inputs in a credential as follows: "results": [ { "referent": "5e3e2521-99bf-4f30-849f-0d2f23e861af", "attrs": { "age": "24", "name": "Alice Smith", "date": "2018-05-28", "degree": "Maths" }, "schema_id": "FR4ZXVDup5giwift49JtFr:2:degree schema:84.58.33", "cred_def_id": "FR4ZXVDup5giwift49JtFr:3:CL:8:default", "rev_reg_id": null, "cred_rev_id": null } ]; how do i write a wql to fire into the api provided "GET /credentials" to get all credentials with { "degree" : "Maths" } I tried to put directly `{ "degree" : "Maths" }` and ` { "attr" { "degree" : "Maths" } }` but seems to be no avail, i could however query the "schema_id" at the level 1 json attributes

PaulA (Tue, 30 Jul 2019 05:07:48 GMT):
Use case example: Entities issuing credential to people with a designated wallet only accessible with a "Private key" to store and present credential for verification; Further, a verifier can verify the authenticity of credentials from specific users. is this use case currently feasible with Aries or Indy SDK? Side note: As I am aware with the concepts of VON & ORgBook. It won't work for this use case.

PaulA (Tue, 30 Jul 2019 05:07:48 GMT):
Use case example: Entities issuing credential to people with a designated wallet only accessible with a "Private key" to store and present credential for verification; Further, a verifier can verify the authenticity of credentials from specific users. is this use case currently feasible with Aries or Indy SDK? Side note: As I am aware of VON & ORgBook concepts. It won't work for this use case. @swcurran @WadeBarnes

andrew.whitehead (Tue, 30 Jul 2019 06:23:06 GMT):
Try `{"attr::degree::value": "Maths"}`? I'm looking at the examples here: https://github.com/PSPC-SPAC-buyandsell/von_anchor/blob/f0a597fda1ac115544097d50adf6d0ef84f46c85/test/test_anchors.py

Zohaib_Sohail (Tue, 30 Jul 2019 06:30:13 GMT):
I have a question that how does the verifier verifies the authenticity of credentials like what is going on behind the scenes which keys are being used by the verifier and some comments on CL-signatures please?

Rick (Tue, 30 Jul 2019 06:56:19 GMT):
oh, `{"attr::degree::value": "Maths"}` works what about for.. `{ "attr::degree::value": { "$like":"M%" } }` i tried this and saw the code based on the same file you sent

andrew.whitehead (Tue, 30 Jul 2019 06:58:35 GMT):
I think that would only work for unencrypted tags. At the moment all the schema attributes are encrypted

andrew.whitehead (Tue, 30 Jul 2019 06:58:48 GMT):
https://github.com/hyperledger/indy-sdk/tree/master/docs/design/011-wallet-query-language

WadeBarnes (Tue, 30 Jul 2019 12:47:43 GMT):
@PaulA, I believe the short answer is; Yes. @swcurran can provide details. Have a look at this demo, I believe it covers your use case. https://iiwbook.vonx.io

PaulA (Tue, 30 Jul 2019 13:24:11 GMT):
Thanks @wadafud . Will look the demo.

jljordan_bcgov (Tue, 30 Jul 2019 13:25:15 GMT):
Interesting paper from NIST on blockchain based identity systems. https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.07092019-draft.pdf

Shubham-koli (Tue, 30 Jul 2019 13:34:48 GMT):
I was trying to create multiple users in indy... but somehow all the users that I create with my code has same DID and Key. I'm not able to understand why is this happening. I'm using the code in https://github.com/hyperledger/indy-sdk/blob/master/samples/nodejs/src/gettingStarted.js

sukalpomitra (Tue, 30 Jul 2019 13:58:33 GMT):
hi @Shubham-koli I am not an expert at this. But if I have to make a guess I would say its because your seed is constant. Try to randomise your seed

rchristman (Tue, 30 Jul 2019 16:33:03 GMT):
Good paper. Easy to read and comprehensive.

dbluhm (Tue, 30 Jul 2019 17:26:29 GMT):
Sorry, I seem to have pointed you to the wrong file. Here's where I was actually thinking of: https://github.com/hyperledger/aries-staticagent-python/blob/master/tests/test_dispatcher.py#L28-L74

rchristman (Tue, 30 Jul 2019 17:43:01 GMT):
Thanks! I think I need to run these tests in the debugger to understand how they work. A README page for the tests would be helpful, which I could write if you point me in the right direction. How do you usually run the tests? I'm guessing you pull the test module into the Python interpreter and type the method/function name in at the command line.

dbluhm (Tue, 30 Jul 2019 17:45:24 GMT):
With the most recent updates I made, you can install test dependencies by creating a virtual environment (you don't need another if you've already made one), activating it, then running `pip install -e .[test]`. Then you can run tests with a simple `pytest`.

dbluhm (Tue, 30 Jul 2019 17:46:05 GMT):
If you already have `pytest` installed globally on your machine, you might be able to just run `pytest` without installing it locally into the virtual environment.

dbluhm (Tue, 30 Jul 2019 17:46:28 GMT):
I alluded to doing this in the main README but we can probably make the instructions more explicit

gcsfred (Tue, 30 Jul 2019 18:28:36 GMT):
Hi, I was reading https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/README.md and just starting to run the Alice/Faber Python demo. The "Running in a Browser" section has a link to "Play with VON" (http://play-with-von.vonx.io/). The instructions have 3 lines to put in the command-line. The problem is that after creating an instance in this "Play with VON", I can't run anything. There is no shell. I tried in both Chrome and Safari.

gcsfred (Tue, 30 Jul 2019 18:29:18 GMT):
From the comment it appears that this "Play with VON" site is provided by the BC Gov. Does anyone know if the demo is broken?

gcsfred (Tue, 30 Jul 2019 19:07:22 GMT):
--- Also related to the Alice/Faber Python demo, I followed the instructions from https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo , from the "Follow The Script" section. When I chose option 2 at the Faber shell, I got an error. I just cloned the repositories (von-network and aries-cloudagent-python). This is what is displayed: (1) Issue Credential, (2) Send Proof Request, (3) Send Message (X) Exit? [1/2/3/X] 2 #20 Request proof of degree from alice Faber | Presentation: state = request_sent , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a Faber | Presentation: state = presentation_received , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a #27 Process the proof provided by X #28 Check if proof is valid [...] Faber | File "/home/indy/aries_cloudagent/messaging/presentations/manager.py", line 270, in verify_presentation Faber | presentation_request, presentation, schemas, credential_definitions Faber | File "/home/indy/aries_cloudagent/verifier/indy.py", line 44, in verify_presentation Faber | json.dumps({}), Faber | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/anoncreds.py", line 1390, in verifier_verify_proof Faber | verifier_verify_proof.cb) Faber | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Invalid structure\n Caused by: Requested predicates {"0a245b41-ede4-4788-b73f-01d3e7c7fefb"} do not correspond to received {}\n'}) Faber | Presentation: state = presentation_received , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a

gcsfred (Tue, 30 Jul 2019 19:07:22 GMT):
--- Also related to the Alice/Faber Python demo, I followed the instructions from https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo , from the "Follow The Script" section. When I chose option 2 at the Faber shell, I got an error. I just cloned the repositories (von-network and aries-cloudagent-python). This is what is displayed: ` (1) Issue Credential, (2) Send Proof Request, (3) Send Message (X) Exit? [1/2/3/X] 2 #20 Request proof of degree from alice Faber | Presentation: state = request_sent , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a Faber | Presentation: state = presentation_received , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a #27 Process the proof provided by X #28 Check if proof is valid [...] Faber | File "/home/indy/aries_cloudagent/messaging/presentations/manager.py", line 270, in verify_presentation Faber | presentation_request, presentation, schemas, credential_definitions Faber | File "/home/indy/aries_cloudagent/verifier/indy.py", line 44, in verify_presentation Faber | json.dumps({}), Faber | File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/indy/anoncreds.py", line 1390, in verifier_verify_proof Faber | verifier_verify_proof.cb) Faber | indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Invalid structure\n Caused by: Requested predicates {"0a245b41-ede4-4788-b73f-01d3e7c7fefb"} do not correspond to received {}\n'}) Faber | Presentation: state = presentation_received , presentation_exchange_id = db4fd973-f6d9-4c93-a209-aaaaa202685a `

andrew.whitehead (Tue, 30 Jul 2019 19:08:44 GMT):
@gcsfred That's because a credential has to be issued first before it can be proven, although that probably shouldn't throw an exception

gcsfred (Tue, 30 Jul 2019 19:09:47 GMT):
But I issued the credential first, with option "1" before option "2". The instructions say 'When ready to test the credentials exchange protocols, go to the Faber prompt, enter "1" to send a credential, and then "2" to request a proof.'

andrew.whitehead (Tue, 30 Jul 2019 19:12:12 GMT):
Just tested it here and got the same result, so I guess a bug snuck in somewhere

gcsfred (Tue, 30 Jul 2019 19:12:46 GMT):
The error message has an empty set Requested predicates {"0a245b41-ede4-4788-b73f-01d3e7c7fefb"} do not correspond to received {}

gcsfred (Tue, 30 Jul 2019 19:13:05 GMT):
On Alice's side there are no errors. #25 Generate the proof #26 Send the proof to X Presentation: state = presentation_sent , presentation_exchange_id = ce4fc6aa-5924-4b70-9e50-ca6e228b5537

WadeBarnes (Tue, 30 Jul 2019 19:18:12 GMT):
@gcsfred, [Play with VON](http://play-with-von.vonx.io) is working again.

rchristman (Tue, 30 Jul 2019 19:32:14 GMT):
There's a nice README for the indy-agent test_suite.

rchristman (Tue, 30 Jul 2019 19:37:09 GMT):
And link over to https://github.com/hyperledger/aries-protocol-test-suite. This should take care of me. Thanks for your help!

PaulA (Wed, 31 Jul 2019 03:39:03 GMT):
Play with VON is not working as of now. I can't type anything.

simranvc (Wed, 31 Jul 2019 04:41:04 GMT):
@sukalpomitra i have created random seed value and passed in the code but iam getting an error didvalue doesnt exsist so you have any idea how we can create seed value of random user

sauveergoel (Wed, 31 Jul 2019 06:07:25 GMT):
Hi, I am trying to connect to my local indy pool with my aries agent and getting the following error:

sauveergoel (Wed, 31 Jul 2019 06:07:26 GMT):
indy.error.IndyError: (, {'backtrace': '', 'message': 'Error: Invalid library state\n Caused by: Ledger merkle tree is not acceptable for current tree.\n'})

charliez (Wed, 31 Jul 2019 10:39:02 GMT):
Hi everyone, we are building a platform based on Hyperledger Indy and Corda, called CrossPool, github repo of the client node is here https://github.com/finfabrik/xplet welcome any feedbacks :slight_smile:

vinomaster (Wed, 31 Jul 2019 14:55:33 GMT):
Can anyone point me to the chat channel where discussions pertaining to bridging the DIF Hubs and Aries protocols is happening?

gcsfred (Wed, 31 Jul 2019 15:17:39 GMT):
Hi, http://play-with-von.vonx.io/ is not responding... I was going to demo it in 15 minutes :(

swcurran (Wed, 31 Jul 2019 15:21:52 GMT):
@WadeBarnes is looking at it. Sorry to hear this. We've had good luck with it up to now, but have recently had a bit a trouble. It's code from the folks that build Docker that is super useful for demos and testing things. We'll see if we can get it back to being stable.

WadeBarnes (Wed, 31 Jul 2019 15:24:17 GMT):
2 issues at play. One, the hosting provider is reporting degraded performance/availability. Two, whatever was being run maxed out CPU, RAM, and was causing excessive load which caused the services to crash.

WadeBarnes (Wed, 31 Jul 2019 15:37:47 GMT):
Sorry for the delay. Try now. @gcsfred, @swcurran

ianco (Wed, 31 Jul 2019 15:59:22 GMT):
you can also use https://labs.play-with-docker.com/

gcsfred (Wed, 31 Jul 2019 17:02:52 GMT):
Thank you, all. I was able to use https://labs.play-with-docker.com .

swcurran (Wed, 31 Jul 2019 18:52:37 GMT):
Aries Working Group call starting in 8 minutes: US afternoon / Asia-Pacific morning: 1.5 hours each Wednesday at 12PM Los Angeles, 3PM New York, Tuesday at 5AM Sydney. Location: https://zoom.us/j/856588081 Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323217

smithsamuelm (Wed, 31 Jul 2019 19:12:48 GMT):
How would I go about getting added to the calendar invite list for the Morning Aries WG Call

dbluhm (Wed, 31 Jul 2019 19:21:07 GMT):
It's on the hyperledger community calendar: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings

dbluhm (Wed, 31 Jul 2019 19:23:02 GMT):
You can download an ical from that page or add to google calendar as well. That's how I got the meeting info at least.

dbluhm (Wed, 31 Jul 2019 20:21:15 GMT):
Identity WG Implementers call is happening tomorrow! @SteveGoob will be demoing the Indy GitLab CI/CD Migration and we'll have time for open discussion. If anyone has other topics they'd like to bring up on the call tomorrow, let me know! @rchristman has graciously volunteered to host the call for us. Agenda (Zoom link, call time, and meeting notes included): https://wiki.hyperledger.org/x/ehP5

dbluhm (Thu, 01 Aug 2019 14:38:28 GMT):
Apologies; last minute Zoom room changes for the Implementers call (happening in about 20 minutes) to make sure we can record the call. The updated link can be found on the Agenda: https://wiki.hyperledger.org/x/ehP5

smithsamuelm (Thu, 01 Aug 2019 17:53:00 GMT):
I get an error when using the aca-py with the --seed option. I need the --seed so it has a public did in order to create schema etc. on the ledger. Looks like a wallet problem. This is the associated issue. https://github.com/hyperledger/aries-cloudagent-python/issues/113 and here is a synopsis of the bug.

smithsamuelm (Thu, 01 Aug 2019 17:54:09 GMT):
aca-py start \ > --inbound-transport http 0.0.0.0 8100 \ > --outbound-transport http \ > --log-level debug \ > --endpoint http://localhost:8100 \ > --label leo \ > --seed 0123456789ABCDEF0123456789ABCDEF \ > --genesis-url http://localhost:9000/genesis \ > --pool-name localindypool \ > --admin 0.0.0.0 8150 --admin-insecure-mode \ > --public-invites \ > --auto-accept-invites \ > --auto-accept-requests \ > --auto-ping-connection \ > --auto-respond-messages \ > --auto-respond-credential-offer \ > --auto-respond-presentation-request \ > --auto-verify-presentation

smithsamuelm (Thu, 01 Aug 2019 17:54:26 GMT):
asyncio ERROR Task exception was never retrieved future: exception=TypeError('an integer is required (got type NoneType)')> Traceback (most recent call last): File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/commands/start.py", line 19, in start_app await conductor.start() File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/conductor.py", line 171, in start await ledger.update_endpoint_for_did(public_did, endpoint) File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 465, in update_endpoint_for_did exist_endpoint = await self.get_endpoint_for_did(did) File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 448, in get_endpoint_for_did response_json = await self._submit(request_json, sign=bool(public_did)) File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/ledger/indy.py", line 207, in _submit request_result_json = await submit_op File "/Data/Code/public/hyperledger/indy/indy-sdk/wrappers/python/indy/ledger.py", line 39, in sign_and_submit_request c_wallet_handle = c_int32(wallet_handle) TypeError: an integer is required (got type NoneType)

brentzundel (Thu, 01 Aug 2019 18:02:47 GMT):
For those interested in the DIF DID Interop project, join the mailing list: InteropProject+subscribe@DIF.groups.io

ianco (Thu, 01 Aug 2019 18:06:17 GMT):
aca-py doesn't register DID's on the ledger so you need to register your DID in advance, before starting aca-py If you are running von-network you can register your did using the ledger browser UI.

smithsamuelm (Thu, 01 Aug 2019 18:07:03 GMT):
As workaround I want to try using the postgres wallet instead of the default (i assume in memory wallet) The help does not have a full example. If I start postgres with this

smithsamuelm (Thu, 01 Aug 2019 18:07:06 GMT):
$ docker run --name demo-postgres -e POSTGRES_PASSWORD=mysecretpassword -d -p 5432:5432 postgres -c 'log_statement=all' -c 'logging_collector=on' -c 'log_destination=stderr'

smithsamuelm (Thu, 01 Aug 2019 18:07:19 GMT):
Then how would I configure these options:

smithsamuelm (Thu, 01 Aug 2019 18:07:32 GMT):
--wallet-key ? \ --wallet-name ? \ --wallet-type postgres? \ --wallet-storage-type postgres? \ --wallet-storage-config '{"url":"localhost:5432"}' \ --wallet-storage-creds '{"account":"postgres","password":"mysecretpassword","admin_account":"postgres","admin_password":"mysecretpassword"}' \

smithsamuelm (Thu, 01 Aug 2019 18:09:09 GMT):
@ianco I did register it on the ledger first. I think I may not understand the problem it might be just putting the DIDits creating from the seed into the wallet that is the problem.

smithsamuelm (Thu, 01 Aug 2019 18:09:40 GMT):
smithsamuelm 12:07 PM As workaround I want to try using the postgres wallet instead of the default (i assume in memory wallet) The help does not have a full example. If I start postgres with this $ docker run --name demo-postgres -e POSTGRES_PASSWORD=mysecretpassword -d -p 5432:5432 postgres -c 'log_statement=all' -c 'logging_collector=on' -c 'log_destination=stderr' Then how would I configure these options: --wallet-key ? \ --wallet-name ? \ --wallet-type postgres? \ --wallet-storage-type postgres? \ --wallet-storage-config '{"url":"localhost:5432"}' \ --wallet-storage-creds '{"account":"postgres","password":"mysecretpassword","admin_account":"postgres","admin_password":"mysecretpassword"}' \

ianco (Thu, 01 Aug 2019 18:11:08 GMT):
Ah ok - I got the same error when I tried to start aca-py *without* registering the DID first ...

ianco (Thu, 01 Aug 2019 18:13:23 GMT):
Re postgres wallet, there's an example of a docker compose file that runs aca-py with a postgres wallet here: https://github.com/bcgov/indy-catalyst-issuer-controller/blob/master/docker/docker-compose.yml#L99

ianco (Thu, 01 Aug 2019 18:14:02 GMT):
The parameters are set in the `manage` script in the same directory: https://github.com/bcgov/indy-catalyst-issuer-controller/blob/master/docker/manage#L87

smithsamuelm (Thu, 01 Aug 2019 20:55:48 GMT):
Thanks I tried that. Had to first build the dylb for postgressstrg but now getting another wallet error that is not very helpful. 2019-08-01 14:52:35,169 indy.libindy DEBUG do_call: >>> name: indy_create_wallet, args: (c_char_p(4425056512), c_char_p(4425647696), ) 2019-08-01 14:52:35,169 indy.libindy DEBUG do_call: Function indy_create_wallet returned err: 0 2019-08-01 14:52:35,169 indy.libindy DEBUG do_call: <<< 2019-08-01 14:52:35,169 indy.libindy.native.indy.commands INFO src/commands/mod.rs:148 | WalletCommand command received 2019-08-01 14:52:35,169 indy.libindy.native.wallet_command_executor DEBUG src/commands/wallet.rs:133 | Create command received 2019-08-01 14:52:35,170 indy.libindy.native.indy.commands INFO src/commands/mod.rs:148 | WalletCommand command received 2019-08-01 14:52:35,170 indy.libindy.native.wallet_command_executor DEBUG src/commands/wallet.rs:181 | DeriveKey command received 2019-08-01 14:52:35,961 indy.libindy.native.indy.commands INFO src/commands/mod.rs:148 | WalletCommand command received 2019-08-01 14:52:35,961 indy.libindy.native.wallet_command_executor DEBUG src/commands/wallet.rs:137 | CreateContinue command received 2019-08-01 14:52:36,284 indy.libindy DEBUG _get_error_details: >>> 2019-08-01 14:52:36,284 indy.libindy DEBUG _get_error_details: <<< error_details: {'backtrace': '', 'message': 'Error: Wallet storage error occurred\n Caused by: Plugin returned error\n'} 2019-08-01 14:52:36,284 indy.libindy DEBUG _indy_callback: >>> command_handle: 1, err , args: () 2019-08-01 14:52:36,284 indy.libindy DEBUG _indy_callback: <<< 2019-08-01 14:52:36,284 indy.libindy DEBUG _indy_loop_callback: >>> command_handle: 1, err , args: () 2019-08-01 14:52:36,284 indy.libindy WARNING _indy_loop_callback: Function returned error 2019-08-01 14:52:36,285 indy.libindy DEBUG _indy_loop_callback <<< 2019-08-01 14:52:36,285 asyncio ERROR Task exception was never retrieved future: exception=WalletError('')> Traceback (most recent call last): File "/Data/Code/public/hyperledger/aries/cloudagentpy/aries_cloudagent/wallet/indy.py", line 160, in create credentials=json.dumps(self._wallet_access), File "/Data/Code/public/hyperledger/indy/indy-sdk/wrappers/python/indy/wallet.py", line 61, in create_wallet create_wallet.cb) indy.error.WalletStorageError During handling of the above exception, another exception occurred:

smithsamuelm (Thu, 01 Aug 2019 20:56:20 GMT):
Feel stuck. The default wallet should just work.

smithsamuelm (Thu, 01 Aug 2019 20:57:00 GMT):
might be the same error just exhibiting in a different way with postgres wallet

ianco (Thu, 01 Aug 2019 20:58:06 GMT):
I've had both the default wallet and postgres wallet work with aca-py with no issues, creating the DID in advance

ianco (Thu, 01 Aug 2019 20:58:17 GMT):
Can you post the full set of parameters you are passing?

wadeking98 (Thu, 01 Aug 2019 21:00:16 GMT):
Hi all, I'm setting up credential presentation requests on my project. I saw the tutorial for setting up automatic presentation requests, but I want alice to be able to view the request and respond to it manually. I'm wondering what the manual flow is for the credential presentation exchange. I imagine alice uses "/presentation_exchange/{presentation_request_id}/send_presentation" after recieving a presentation request but I'm not sure what to input for "requested_attributes","self_attested_attributes", and "requested_predicates"

smithsamuelm (Thu, 01 Aug 2019 21:01:32 GMT):
aca-py start \ > --inbound-transport http 0.0.0.0 8100 \ > --outbound-transport http \ > --log-level debug \ > --endpoint http://localhost:8100 \ > --label leo \ > --seed 0123456789ABCDEF0123456789ABCDEF \ > --genesis-url http://localhost:9000/genesis \ > --pool-name localindypool \ > --admin 0.0.0.0 8150 --admin-insecure-mode \ > --public-invites \ > --auto-accept-invites \ > --auto-accept-requests \ > --auto-ping-connection \ > --auto-respond-messages \ > --auto-respond-credential-offer \ > --auto-respond-presentation-request \ > --auto-verify-presentation \ > --wallet-key key \ > --wallet-name leopy_wallet \ > --wallet-type indy \ > --wallet-storage-type postgres_storage \ > --wallet-storage-config '{"url":"localhost:5432"}' \ > --wallet-storage-creds '{"account":"leo","password":"leopassword","admin_account":"postgres","admin_password":"mysecretpassword"}' \ >

smithsamuelm (Thu, 01 Aug 2019 21:03:08 GMT):
aca-py start \ --inbound-transport http 0.0.0.0 8100 \ --outbound-transport http \ --log-level debug \ --endpoint http://localhost:8100 \ --label leo \ --seed 0123456789ABCDEF0123456789ABCDEF \ --genesis-url http://localhost:9000/genesis \ --pool-name localindypool \ --admin 0.0.0.0 8150 --admin-insecure-mode \ --public-invites \ --auto-accept-invites \ --auto-accept-requests \ --auto-ping-connection \ --auto-respond-messages \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --auto-verify-presentation

ianco (Thu, 01 Aug 2019 21:04:39 GMT):
are you running von-network or a local set of indy nodes?

smithsamuelm (Thu, 01 Aug 2019 21:05:29 GMT):
docker run -itd -p 9701-9708:9701-9708 indy_pool

smithsamuelm (Thu, 01 Aug 2019 21:05:47 GMT):
GENESIS_FILE=/Data/Code/public/hyperledger/aries/cloudagentpy/demo/local-genesis.txt PORT=9000 REGISTER_NEW_DIDS=true python3 -m server.server

ianco (Thu, 01 Aug 2019 21:06:47 GMT):
... and using localhost:9000 to register the DID?

ianco (Thu, 01 Aug 2019 21:14:47 GMT):
Check out the code here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/alice.py#L99

ianco (Thu, 01 Aug 2019 21:16:03 GMT):
The query at line # 111 fetches credentials that match the requested proof, you just need to have Alice select what to present (in the demo it just grabs the first option I think)

ianco (Thu, 01 Aug 2019 21:20:21 GMT):
Did you get the Alice/Faber demo workign?

ianco (Thu, 01 Aug 2019 21:20:21 GMT):
Did you get the Alice/Faber demo working?

smithsamuelm (Thu, 01 Aug 2019 21:23:05 GMT):
Yes but not with aca-py. What I have been trying to do is use aca-py and repeat the alice-faber demo. but with aca-py instead of faber.py alice.py ie use open-api but with aca-py. So I need --seed to create credential and thats where aca-py breaks

ianco (Thu, 01 Aug 2019 21:24:11 GMT):
If the demo is working then you can check to see if there are any differences between what the demo is doing vs what you are doing

ianco (Thu, 01 Aug 2019 21:24:35 GMT):
The demo runs aca-py, it just runs it as a sub-process, so theoretically it should work the same as a separate process

ianco (Thu, 01 Aug 2019 21:25:05 GMT):
It sets up all the aca-py args here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/support/agent.py#L142

smithsamuelm (Thu, 01 Aug 2019 21:25:32 GMT):
I understand but theoretically is where config differences or bugs get exposed.

smithsamuelm (Thu, 01 Aug 2019 21:25:43 GMT):
But thanks I will try some more.

ianco (Thu, 01 Aug 2019 21:25:57 GMT):
... and then runs the aca-py process here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/support/agent.py#L240

ianco (Thu, 01 Aug 2019 21:25:57 GMT):
... and then runs the aca-py process here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/support/agent.py#L270

smithsamuelm (Thu, 01 Aug 2019 21:29:55 GMT):
One of my reasons or reproducing demo but with aca-py is because that is the target architecture not the combined controller-agent that is faber.py. So I am trying to build confidence that it works as aca-py.

ianco (Thu, 01 Aug 2019 21:30:39 GMT):
It's running as a separate process in all of our docker-compose deployments

smithsamuelm (Thu, 01 Aug 2019 21:30:42 GMT):
The config for aca-py is explicit whereas faber.py its hard to track it down.

smithsamuelm (Thu, 01 Aug 2019 21:31:15 GMT):
So it must be a config problem? some subtle difference?

ianco (Thu, 01 Aug 2019 21:31:37 GMT):
... although your config looked ok to me

ianco (Thu, 01 Aug 2019 21:32:48 GMT):
The docker-compose for credential registry is here: https://github.com/bcgov/indy-catalyst/tree/master/starter-kits/credential-registry/docker

ianco (Thu, 01 Aug 2019 21:33:15 GMT):
... and for an indy catalyst issuer is here: https://github.com/bcgov/indy-catalyst-issuer-controller/tree/master/docker

ianco (Thu, 01 Aug 2019 21:33:39 GMT):
both of these spin up aca-py in a separate docker container

ianco (Thu, 01 Aug 2019 21:34:27 GMT):
You can see the args passed to each instance of aca-py in the docker-compose script, you can compare that to the values you are supplying to see if there are any differences

smithsamuelm (Thu, 01 Aug 2019 21:37:41 GMT):
interesting difference is that when I run the faber demo agent with postgres it never complained about not finding libindystrgpostgres.dylib but when I ran postgres config with aca-py it complained.

smithsamuelm (Thu, 01 Aug 2019 21:39:02 GMT):
anyway I will use the exact postgres config that faber.py is using see if that fixes it. The onlyu difference I see so far is the postgres user

wadeking98 (Thu, 01 Aug 2019 22:30:20 GMT):
I'm getting an error when I try and send presentation. here is my input json: { "requested_attributes": {"cred_id":"7894ed38-0ac7-434b-95a6-439ac948e936", "revealed":"true"}, "self_attested_attributes": {}, "requested_predicates": {} } and here is a snippet of the resulting error message: credential_id = requested_attributes[presentation_referent]["cred_id"] TypeError: string indices must be integers

ianco (Thu, 01 Aug 2019 22:51:11 GMT):
sounds like you're passing in a string and it's expecting a dict

wadeking98 (Thu, 01 Aug 2019 22:58:23 GMT):
i'm using the swagger interface so it shouldn't be a string

wadeking98 (Thu, 01 Aug 2019 22:59:36 GMT):
unless you mean that cred_id should be a dict?

ianco (Thu, 01 Aug 2019 23:02:38 GMT):
I'm not sure offhand what the format should be, but that error message indicates that you're indexing into a string with another string

wadeking98 (Thu, 01 Aug 2019 23:18:00 GMT):
okay I got it, this is the proper json { "requested_attributes": {"33159178-5263-4f7c-9ee0-f0a023c10633":{"cred_id":"7894ed38-0ac7-434b-95a6-439ac948e936", "revealed":true}}, "self_attested_attributes": {}, "requested_predicates": {} } where the first hex string is the referent in the credential presentation request, and the second hex string is the referent of the credential in the wallet

guolidong (Fri, 02 Aug 2019 08:10:28 GMT):
Hello guys , Why can't I find the repository for Aries on gerrit ?

dbluhm (Fri, 02 Aug 2019 11:56:01 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=5bbjRCY2ZZafFA9ph) @guolidong The Aries project uses GitHub

uNmAnNeR (Fri, 02 Aug 2019 12:59:44 GMT):
Hi! Please someone explain what is the difference between `ack` and `trustping` messages. Does anyone use `ack` for what? Which one should be used for confirming connection? or for confirming proof?

uNmAnNeR (Fri, 02 Aug 2019 13:14:40 GMT):
And how client can backup a wallet in aries? I could not find anything on this topic. Please advise

uNmAnNeR (Fri, 02 Aug 2019 13:14:40 GMT):
And how client can backup a wallet to agent in aries? I could not find anything on this topic. Please advise

dbluhm (Fri, 02 Aug 2019 13:23:41 GMT):
`ack` is a general purpose acknowledgement message that can be mixed in to protocols rather than each protocol defining their own `ack` like message. `trustping` is for testing the liveness of the cryptographic connection between agents. At one point, we talked about using `trustping` to confirm connection establishment but I believe `ack` has superseded these original talks. It's valuable to note, however, that sending an `ack` message is not necessary if you intend to immediately send another message after connection like a presentation request or a discover-features message.

dbluhm (Fri, 02 Aug 2019 13:25:03 GMT):
You'll have to clarify what you mean by backup a wallet into an agent

uNmAnNeR (Fri, 02 Aug 2019 13:26:52 GMT):
i mean export wallet (indy.exportWallet) and then store it somewhere in agent to be able to restore sometime later.

dbluhm (Fri, 02 Aug 2019 13:58:53 GMT):
I'm not sure the ACA-Py team has exposed that ability yet or not

uNmAnNeR (Fri, 02 Aug 2019 14:09:16 GMT):
i am interested in conception in general, ACA-Py is nice case though.

dbluhm (Fri, 02 Aug 2019 14:14:13 GMT):
In general, I think wallet backup has ties to the DKMS work and maybe even DIF hubs. We could definitely use more discussion on that topic as I don't think we have much in the way of formal discussions on it yet. Exporting and importing a wallet is possible but that is focusing more on data portability than wallet backup, I think. On top of that, import and export have a few issues that need to be sorted out since independent agent implementations use the wallet slightly differently so export from one agent and importing in another may not work in some cases.

dbluhm (Fri, 02 Aug 2019 14:29:32 GMT):
Question on message threading: How long does an agent have to hold onto threading information? As an example, say I sent a message 30 days ago with a message id of `12345` then that agent decides to respond today using the threading decorator: ``` { "@type": "whatever_message_type_in_response_to_my_message", "~thread": { "thid": 12345 }, "...": "..." } ```

dbluhm (Fri, 02 Aug 2019 14:29:32 GMT):
Question on message threading: How long does an agent have to hold on to threading information? As an example, say I sent a message 30 days ago with a message id of `12345` then that agent decides to respond today using the threading decorator: ``` { "@type": "whatever_message_type_in_response_to_my_message", "~thread": { "thid": 12345 }, "...": "..." } ```

dbluhm (Fri, 02 Aug 2019 14:29:54 GMT):
Is there a threshold for how long I have to remember the context of that original message?

dbluhm (Fri, 02 Aug 2019 14:31:32 GMT):
Is it acceptable for some agents to be more forgetful than others like a static agent vs a full agent?

joshgraber (Fri, 02 Aug 2019 15:24:53 GMT):
Looking to get connected with the group that is working on the Javascript Aries agent... what is the best way to get in touch?

joshgraber (Fri, 02 Aug 2019 15:24:53 GMT):
I'm looking to get connected with the group that is working on the Javascript Aries agent... what is the best way to get in touch?

joshgraber (Fri, 02 Aug 2019 15:46:43 GMT):
Seems inflexible to make the assumption that controllers and the Aries agent code will communicate via HTTP

joshgraber (Fri, 02 Aug 2019 15:47:47 GMT):
Would be nice if the underlying agent library was a DLL that could be interacted with directly with the HTTP rest api built on top as an option for those that want to go that route

jljordan_bcgov (Fri, 02 Aug 2019 16:22:54 GMT):
I believe websockets and HTTP are currently supported in ACA-Py ... our use case is for deployment in the government enterprise ... and so an HTTP transport lowers the barrier to adoption by our sometimes (often) older services This is if I understood your question correctly

joshgraber (Fri, 02 Aug 2019 17:31:50 GMT):
My go to, at least for a new application would be to embed the Aries logic as a DLL that directly integrates with the controller

joshgraber (Fri, 02 Aug 2019 17:32:19 GMT):
So the assumption that the Aries logic runs as a separate process with HTTP communication to the controller seems very limiting

ianco (Fri, 02 Aug 2019 17:53:07 GMT):
aries-cloudagent-python is just one instance of an Aries agent. There are others in development, possibly one that will provide the Agent services as a DLL. VCX for example loads as a shared library, and is in the process if being updated to support interoperability with other Aries agents

ianco (Fri, 02 Aug 2019 17:53:42 GMT):
community contributions are welcome in all repositories

joshgraber (Fri, 02 Aug 2019 18:01:23 GMT):
Yep, I'm looking to get and stay up to speed on latest Aries conversations so I can meaningfully contribute

joshgraber (Fri, 02 Aug 2019 18:01:32 GMT):
Everything is moving so fast right now that it is difficult

joshgraber (Fri, 02 Aug 2019 18:02:23 GMT):
Building an agent for JavaScript / TypeScript that can be embedded into a controller would be one of my specific interests

swcurran (Fri, 02 Aug 2019 19:07:48 GMT):
My $0.02CDN is that it a DIDComm protocol needs to be defined that will support this. To date, I think the Indy support for the wallet is weak and that will need to be improved as the basis for the protocol. Agree that the DIF sync-ing protocol could help, as at minimum, we'll need incremental backups vs. periodic full backups. A good topic to dive into!

swcurran (Fri, 02 Aug 2019 19:17:26 GMT):
@joshgraber the `agent-framework` open source project from Streetcred is based on dotnet and can be embedded, so is more aligned with what you want. As well, the in development `aries-framework-go` is also intended to work in the way you are thinking about it.

swcurran (Fri, 02 Aug 2019 19:17:26 GMT):
@joshgraber the `agent-framework` open source project from Streetcred is based on dotnet and (I think) can be embedded, so is more aligned with what you want. As well, the in development `aries-framework-go` is also intended to work in the way you are thinking about it.

joshgraber (Fri, 02 Aug 2019 19:18:26 GMT):
Do you know who is heading up work on the JS agent? In the working group recordings it seemed like perhaps it was @kdenhartog ?

dbluhm (Fri, 02 Aug 2019 19:55:39 GMT):
@kdenhartog was heading up those discussions initially at least. There was at least one call he organized but I'm not sure if there has been much beyond that recently.

dbluhm (Fri, 02 Aug 2019 19:59:32 GMT):
There has been some "agent-y" work going on in javascript in the form of the Aries Toolbox @TelegramSam has been working on and recently I transferred ownership to DIF of a library I wrote that makes static agents in JS possible. There has been some conversation about that library in DIF from what I gather but aside from those efforts, I haven't heard much from those interested in a JS Agent framework as of late.

dbluhm (Fri, 02 Aug 2019 20:01:30 GMT):
If heading up that work is something you're interested in, I and I'm sure others in the Aries community would be happy to provide support

joshgraber (Fri, 02 Aug 2019 20:11:48 GMT):
I'm going to spend some time exploring the .net and python repositories first

joshgraber (Fri, 02 Aug 2019 20:12:19 GMT):
I haven't been able to make it to any of the Aries working group meetings at this point... the time/day consistently doesn't work well for me unfortunately

joshgraber (Fri, 02 Aug 2019 20:12:39 GMT):
I've been working to get caught up on past working group meetings, but there are a lot of them to go through :grinning:

joshgraber (Fri, 02 Aug 2019 21:04:43 GMT):
Is there a working list of protocols and messages somewhere?

joshgraber (Fri, 02 Aug 2019 21:05:03 GMT):
This information seems to be pretty distributed in a lot of places, very difficult to see what types of protocols have been proposed.

dbluhm (Fri, 02 Aug 2019 21:05:39 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/index.md

joshgraber (Fri, 02 Aug 2019 21:06:30 GMT):
But those RFCs point to many concepts, with a large number of them having nothing to do with protocols, correct?

joshgraber (Fri, 02 Aug 2019 21:07:21 GMT):
Weeding through every RFC to determine what protocols have been accepted and / or proposed is tedious. But I should be going through these protocols anyway I guess...

dbluhm (Fri, 02 Aug 2019 21:07:52 GMT):
I wouldn't say "nothing to do with protocols" necessarily; the RFCs not explicitly defining a protocol still tend to contain information vital to successfully implementing an agent and understanding how an agent functions

dbluhm (Fri, 02 Aug 2019 21:08:17 GMT):
Having some way to distinguish which RFCs do define a protocol would be good though, I agree

joshgraber (Fri, 02 Aug 2019 21:08:24 GMT):
My point is that we will want a complete list of accepted protocols

dbluhm (Fri, 02 Aug 2019 21:08:51 GMT):
@danielhardman can we incorporate this into your updates to the indexer?

joshgraber (Fri, 02 Aug 2019 21:08:54 GMT):
Not sure where this should live, but work in progress

joshgraber (Fri, 02 Aug 2019 21:09:24 GMT):
Or perhaps add to the hyperledger wiki once we have protocols that move to adopted

danielhardman (Fri, 02 Aug 2019 21:10:30 GMT):
@dbluhm , absolutely I can make the updated indexer expose this info better. I'll have a proposed update by EOD.

danielhardman (Fri, 02 Aug 2019 21:11:18 GMT):
@joshgraber I proposed that the names of folder for RFCs should include the word "protocol" if they defined a protocol. Nobody commented one way or another. Maybe I'll push that a bit more. That would make some things a bit easier and more consistent.

dbluhm (Fri, 02 Aug 2019 21:15:04 GMT):
Having info in the wiki could be a good idea though I do worry about it lagging behind or in general not being updated. The indexer is built into the RFC process at least.

joshgraber (Fri, 02 Aug 2019 23:05:57 GMT):
Big fan! :grinning: Thank you for jumping on this, much appreciated!

joshgraber (Fri, 02 Aug 2019 23:06:44 GMT):
Yeah, that's a good point. An automated system with the indexer would be more ideal

swcurran (Fri, 02 Aug 2019 23:23:37 GMT):
It definitely should be with the indexer. Daniel is improving it right now to add (I think) the name and status, but more things could be added - feature/concept flags, etc.

swcurran (Fri, 02 Aug 2019 23:25:00 GMT):
Here is a list of the RFCs supported in ACA-PY - https://github.com/hyperledger/aries-cloudagent-python/blob/master/SupportedRFCs.md

swcurran (Fri, 02 Aug 2019 23:28:50 GMT):
My $0.02 on a JS framework. I think it's of questionable value. I think once you have either an embedded (DLL-like) library (e.g. go-framework) or an HTTP cloudagent (e.g. aca-py) then you can use those to build controller logic in JS. In other words - the cloudagent/framework code does not have to be in JS and unless you are building the cloudagent/framework what it is implemented in.

danielhardman (Sat, 03 Aug 2019 01:17:48 GMT):
I have an early update to the indexer. It's generating cleanly, but it's not linking the index completely. I'll have to finish next week.

joshgraber (Sat, 03 Aug 2019 12:37:33 GMT):
There are a few potential advantages to JavaScript, but only time will tell. Primarily it would be around ReactNative and/or the feasibility of wrapping the go library into a mobile application.

smithsamuelm (Sun, 04 Aug 2019 02:28:26 GMT):
Found two breaking bugs in aca-py 0.2.1 see https://github.com/hyperledger/aries-cloudagent-python/issues/120 and https://github.com/hyperledger/aries-cloudagent-python/issues/121

smithsamuelm (Sun, 04 Aug 2019 02:29:22 GMT):
Also a couple of feature requests related to the use of genesis transactions to bootstrap communications with an indy ledger. https://github.com/hyperledger/aries-cloudagent-python/issues/122 and https://github.com/hyperledger/aries-cloudagent-python/issues/123

simranvc (Mon, 05 Aug 2019 06:28:28 GMT):
hello guys i am facing this error when i pass the function proverstorecredentails `TypeError: proverStoreCredential expects String or null for credId'

SergeyBrazhnik (Mon, 05 Aug 2019 08:34:37 GMT):
Hello everyone. Could somebody explain correct behaviour for Propose Presentation message in 0037 doc? AFAIK this message belongs to case when Prover want to initiate verification process with verifier or on response of verifier want to say: "Yeah, I saw you proof request and Im sure that I do not have attributes that you require, but I have different attributes that may suite you" Additional question why in Propose Presentation message you have changed the format to https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof#presentation-preview instead of using ``` { "name": string, "version": string, "nonce": string, "requested_attributes": { "": }, "requested_predicates": { "": }, "non_revoked": Optional<> } ```

Rick (Mon, 05 Aug 2019 09:00:38 GMT):
Hello everyone, is there a bulit-in way in aca that we could listen to every event that is happening in aries, for example if a message was sent over it goes to the listener?

SvenHammann90 (Mon, 05 Aug 2019 09:46:19 GMT):
Hello everyone, any news on when the call recordings for the latest US afternoon call https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323217 will be posted?

Rick (Mon, 05 Aug 2019 11:55:18 GMT):
Hi, i am running the demo code and faces this issue.. im not sure what is the cause because i could connect locally to get the json `Faber | Listening... Faber | Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/faber.py", line 248, in asyncio.get_event_loop().run_until_complete(main(args.port, args.timing)) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/faber.py", line 117, in main await agent.start_process() File "/home/indy/demo/runners/support/agent.py", line 286, in start_process await self.detect_process() File "/home/indy/demo/runners/support/agent.py", line 364, in detect_process self.admin_url + "/api/docs/swagger.json" File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 1005, in __aenter__ self._resp = await self._coro File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 497, in _request await resp.start(conn) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client_reqrep.py", line 857, in start self._continue = None File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/helpers.py", line 585, in __exit__ raise asyncio.TimeoutError from None concurrent.futures._base.TimeoutError`

Rick (Mon, 05 Aug 2019 11:55:18 GMT):
Hi, i am running the demo code and faces this issue.. im not sure what is the cause because i could connect locally to get the json ```Faber | Listening... Faber | Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/faber.py", line 248, in asyncio.get_event_loop().run_until_complete(main(args.port, args.timing)) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/faber.py", line 117, in main await agent.start_process() File "/home/indy/demo/runners/support/agent.py", line 286, in start_process await self.detect_process() File "/home/indy/demo/runners/support/agent.py", line 364, in detect_process self.admin_url + "/api/docs/swagger.json" File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 1005, in __aenter__ self._resp = await self._coro File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client.py", line 497, in _request await resp.start(conn) File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/client_reqrep.py", line 857, in start self._continue = None File "/home/indy/.pyenv/versions/3.6.8/lib/python3.6/site-packages/aiohttp/helpers.py", line 585, in __exit__ raise asyncio.TimeoutError from None concurrent.futures._base.TimeoutError```

dbluhm (Mon, 05 Aug 2019 13:37:36 GMT):
Hopefully today; I made sure the call was recorded but it was recording to @TelegramSam's zoom and he was off until today

TelegramSam (Mon, 05 Aug 2019 14:38:47 GMT):
I'm working on the recording, and it'll be up today. I'll message the channel when it's ready.

swcurran (Mon, 05 Aug 2019 17:33:43 GMT):
It's a long weekend in Canada, so the team will be looking at these tomorrow.

swcurran (Mon, 05 Aug 2019 17:37:59 GMT):
Not sure what you mean with this, but guessing it is this. Currently, the aca webhook fires on every event, notifying the controller. There is a short cut implemented with the "issue credential" via an extra endpoint (/send) where the controller says to the agent ("hey - you handle the back and forth on sending the credential and let me know when you are done"), but that is optional. The controller could start with "offer credential" (/offer_credential) and handle each event in the process.

swcurran (Mon, 05 Aug 2019 17:40:23 GMT):
The ACA team is off today - holiday in Canada. Someone one will check this tomorrow and get back to you. In the meantime, could you provide a bit of info on how you are running the demo? Are you using docker or running native on your platform? If native, what platform are you on? Thanks

Rick (Mon, 05 Aug 2019 17:47:09 GMT):
I'm running it on docker. sws: Docker Engine 19.03.1 , Python 3.7.3 , macOS Mojave 10.14.6. i tried to connect to the swagger api via docker curl it seems to be able to respond too, not sure why it can't get the response.

swcurran (Mon, 05 Aug 2019 18:07:59 GMT):
Have you started up von-network? It' looks to me (but not certain) that it is dying on the connect to ledger?

TelegramSam (Mon, 05 Aug 2019 18:10:17 GMT):
Last week's call recording is now posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323217

smithbk (Mon, 05 Aug 2019 19:59:30 GMT):
Anyone, is there an RFC pertaining to an issuer notifying a holder that a credential has been revoked?

swcurran (Mon, 05 Aug 2019 21:15:41 GMT):
There is no RFC about that, but we've proposed that the "Credential Offer" be updated to include data to reflect that the offer is being made because the holder's credential of this type, from this issuer has been revoked. This would then serve as the notification to the holder that their credential has been revoked.

swcurran (Mon, 05 Aug 2019 21:16:24 GMT):
There are some updates happening to 0036 (issue-credential) and once those are done, we're going to submit that as a new version.

swcurran (Mon, 05 Aug 2019 21:16:55 GMT):
Or maybe it should be included as part of the 1.0 vs. 1.1?

smithbk (Mon, 05 Aug 2019 21:17:31 GMT):
It seems that we should have a separate revoke message so that it can be revoked w/o issuing a new one, right?

smithbk (Mon, 05 Aug 2019 21:18:11 GMT):
I mean, notification that it has been revoked that is w/o issuing a new one

swcurran (Mon, 05 Aug 2019 21:18:46 GMT):
True. I think in practice I would expect that to be rare, but you are right, it would have to be covered.

danielhardman (Tue, 06 Aug 2019 07:45:56 GMT):
I did some work to improve the indexing script. It's substantially cleaner and more useful. It counts and reports/hyperlinks implementations for each indexed item in the new impl section that swcurran added. It also shows the last status date of each RFC, so we can see what's stalled. And it supports tagging. I have defined and used 4 tags so far; you'll see them when you go look at the latest version of /index.md. I went in and added links to implementations for a number of RFCs. They are definitely incomplete/imperfect, but even so, it is very encouraging to see how much real progress we've made that we just weren't giving ourselves credit for. This change caused a number of RFCs to move from PROPOSED to DEMONSTRATED status. I went ahead and merged those changes, because this status change is not controversial; it's just a reflection of us having data about impl code. Many of the things that are now in DEMONSTRATED status should probably be in ACCEPTED status instead, but that's a more controversial move and one that I think others might want to advocate. Please note: I also added a new unit test that is picky about the metadata at the top of each RFC. Your PRs won't pass unless you follow the format. To find out if you're following the format, run pytest code from the root of the repo.

lucafra (Tue, 06 Aug 2019 09:13:08 GMT):
Hi All, is there already an idea for a timeline in which code for Mobile/Edge Agents will be provided? It seems the only Agent resources available are concerning Aries, which does not work on edge/mobile devices. If I needed to implement and edge Agent now, do you guys have some suggestions on how to bootstrap it? Thanks

sukalpomitra (Tue, 06 Aug 2019 09:48:33 GMT):
Hi Lucafra look at https://github.com/mattrglobal/osma

haniavis (Tue, 06 Aug 2019 15:47:37 GMT):
I have the same question as @lucafra. Which is the right repository to start developing an edge agent that will be compatible with the aca-py? Is it the [agent-framework](https://github.com/streetcred-id/agent-framework)?

TelegramSam (Tue, 06 Aug 2019 16:15:16 GMT):
agent framework is used by osma, and is a good starting place. You can also implement the protocols natively though that is a substantially larger engineering effort.

AlexITC (Tue, 06 Aug 2019 18:13:42 GMT):
Its funny that this page (https://github.com/hyperledger/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/RoutingEncryption.md) iinks to a webcam modeling page (https://agents-R-Us.com)

AlexITC (Tue, 06 Aug 2019 18:13:42 GMT):
Its funny that this page (https://github.com/hyperledger/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/RoutingEncryption.md) links to a webcam modeling page (https://agents-R-Us.com)

swcurran (Tue, 06 Aug 2019 18:18:05 GMT):
I need a new go to agents domain name.

TelegramSam (Tue, 06 Aug 2019 18:46:33 GMT):
Preliminary agenda for tomorrow's Aries WG Call. https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323792

TelegramSam (Tue, 06 Aug 2019 18:47:21 GMT):
We'd love to see discussion of any RFCs that need movement, and have some time for other topics as well.

TelegramSam (Tue, 06 Aug 2019 18:47:37 GMT):
Please let me know if you'd like something added.

wadeking98 (Tue, 06 Aug 2019 21:49:46 GMT):
hello everyone, i'm tring to send a credential presentation request and I would like to filter the credentials by "type" (a field I added into attributes) instead of by "cred_def_id". Here's what I have so far for the presentation request json: ``` { "version": "1.0", "connection_id": "535c72fe-ea99-400a-b280-b909ef67b408", "name": "proof of immunization", "requested_predicates": {}, "requested_attributes": [ { "restrictions": [ {"attrs":{"type":"imm"}} ], "name": "imm_name" } ] } ``` but no credentials match the filter. I figure it's because "attrs" contains "type":"imm" but it does not equal {"type":"imm"} because it also contains "imm_name", "imm_id", etc and therefore will not match the filter. is there any way to filter by object attributes like "type" without including the rest of the attributes like "imm_name", etc?

wadeking98 (Tue, 06 Aug 2019 21:49:46 GMT):
hello everyone, i'm tring to send a credential presentation request and I would like to filter the credentials by "type" (a field I added into attributes) instead of by "cred_def_id". Here's what I have so far for the presentation request json: ``` { "version": "1.0", "connection_id": "535c72fe-ea99-400a-b280-b909ef67b408", "name": "proof of immunization", "requested_predicates": {}, "requested_attributes": [ { "restrictions": [ {"attrs":{"type":"imm"}} ], "name": "imm_name" } ] } ``` but no credentials match the restriction. I figure it's because "attrs" contains "type":"imm" but it does not equal {"type":"imm"} because it also contains "imm_name", "imm_id", etc and therefore will not match the restriction. is there any way to filter by object attributes like "type" without including the rest of the attributes like "imm_name", etc?

faber_alice (Wed, 07 Aug 2019 12:37:04 GMT):
Hi guys, I'm trying to run the alice-faber demo and I kept getting the following error when I run faber.py: `#1 Provision an agent and wallet, get back configuration details Faber | Registering Faber Agent with seed d_000000000000000000000000937374 Faber | Got DID: RiuWTaGEP7zYYT21gzNvDk Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/root/aries-cloudagent-python/demo/runners/faber.py", line 248, in asyncio.get_event_loop().run_until_complete(main(args.port, args.timing)) File "/usr/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/root/aries-cloudagent-python/demo/runners/faber.py", line 117, in main await agent.start_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 286, in start_process await self.detect_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 373, in detect_process raise Exception(f"Timed out waiting for agent process to start") `

faber_alice (Wed, 07 Aug 2019 12:37:04 GMT):
```Hi guys, I'm trying to run the alice-faber demo and I kept getting the following error when I run faber.py: `#1 Provision an agent and wallet, get back configuration details Faber | Registering Faber Agent with seed d_000000000000000000000000937374 Faber | Got DID: RiuWTaGEP7zYYT21gzNvDk Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/root/aries-cloudagent-python/demo/runners/faber.py", line 248, in asyncio.get_event_loop().run_until_complete(main(args.port, args.timing)) File "/usr/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/root/aries-cloudagent-python/demo/runners/faber.py", line 117, in main await agent.start_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 286, in start_process await self.detect_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 373, in detect_process raise Exception(f"Timed out waiting for agent process to start") ` Any clue as to why I'm getting this error?

faber_alice (Wed, 07 Aug 2019 12:37:04 GMT):
Hi guys, I'm trying to run the alice-faber demo and I kept getting the following error when I run faber.py: ```#1 Provision an agent and wallet, get back configuration details Faber | Registering Faber Agent with seed d_000000000000000000000000937374 Faber | Got DID: RiuWTaGEP7zYYT21gzNvDk Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/root/aries-cloudagent-python/demo/runners/faber.py", line 248, in asyncio.get_event_loop().run_until_complete(main(args.port, args.timing)) File "/usr/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/root/aries-cloudagent-python/demo/runners/faber.py", line 117, in main await agent.start_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 286, in start_process await self.detect_process() File "/root/aries-cloudagent-python/demo/runners/support/agent.py", line 373, in detect_process raise Exception(f"Timed out waiting for agent process to start") ``` Any clue as to why I'm getting this error?

swcurran (Wed, 07 Aug 2019 14:37:51 GMT):
@andrew.whitehead - can you please take a look at this and the previous one from @Rick earlier in the channel? Both look similar.

andrew.whitehead (Wed, 07 Aug 2019 14:40:02 GMT):
@swcurran There's a PR in for that already

swcurran (Wed, 07 Aug 2019 14:40:18 GMT):
I'm running on Linux and the demo is working fine.

swcurran (Wed, 07 Aug 2019 14:41:08 GMT):
Ah...thanks. FYI - I'm running on Linux and it's working fine. I'll look at the PR.

swcurran (Wed, 07 Aug 2019 14:57:57 GMT):
PR has been merged and looks good. I didn't test it on Mac, but Andrew likely did, so should be fine for others. Please give it a try.

swcurran (Wed, 07 Aug 2019 14:58:36 GMT):
Hi @Rick - a PR was just merged that might (should?) address this issue. Can you please give it a try and let me know?

Iso5786 (Wed, 07 Aug 2019 15:02:22 GMT):
Hi, am Daniel and just wanted to start to implement aries-framework-go within an existing go project. But it states that "master: Could not introduce github.com/hyperledger/aries-framework-go@master, as its subpackage github.com/hyperledger/aries-framework-go does not contain usable Go code". Is it already usable? If yes, how can I import it into an existing project?

Baha-sk (Wed, 07 Aug 2019 17:02:54 GMT):
@Iso5786 you need to import the full package you want to use ... not just the base project path

Baha-sk (Wed, 07 Aug 2019 17:02:54 GMT):
@Iso5786 you need to import the full package you want to use ... not just the base project path (no need for `@master`), the project uses go mod.. so you can specify the version you like in there

Baha-sk (Wed, 07 Aug 2019 17:03:48 GMT):
also Aries-framework-go is WIP.. so features are being built as we speak..

TelegramSam (Wed, 07 Aug 2019 18:38:09 GMT):
Aries call in 22 minutes. Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323792

faber_alice (Thu, 08 Aug 2019 04:28:57 GMT):
Hmm nope same problem still, I don't know if this will help but when I try to run aca-py I'm getting this error ``` Traceback (most recent call last): File "/usr/local/bin/aca-py", line 25, in main() File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/__init__.py", line 56, in main LoggingConfigurator.configure(log_config, log_level) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/logging.py", line 30, in configure fileConfig(config_path, disable_existing_loggers=False) File "/usr/lib/python3.6/logging/config.py", line 76, in fileConfig formatters = _create_formatters(cp) File "/usr/lib/python3.6/logging/config.py", line 109, in _create_formatters flist = cp["formatters"]["keys"] File "/usr/lib/python3.6/configparser.py", line 959, in __getitem__ raise KeyError(key) KeyError: 'formatters' ```

faber_alice (Thu, 08 Aug 2019 04:28:57 GMT):
Hmm nope same problem still, doubling the timeout doesn't seem to fix it :\

faber_alice (Thu, 08 Aug 2019 04:28:57 GMT):
Hmm nope same problem still, even doubling the timeout doesn't seem to matter :\

faber_alice (Thu, 08 Aug 2019 04:28:57 GMT):
Whoops actually I think I should've specified the IP address when I first run the test pool, sorry about that

dgunseli (Thu, 08 Aug 2019 14:02:06 GMT):
Hi everyone, we just started to run our own Aries agent, and we were wondering if aries agent is capable to accept connection invitations from Evernym agent?

dbluhm (Thu, 08 Aug 2019 14:21:39 GMT):
As far as I know, the two are currently not compatible but the Evernym team is working on bringing their agent solutions up to Aries spec.

esplinr (Thu, 08 Aug 2019 14:23:50 GMT):
Connections might work, but credential exchange definitely doesn't work yet.

dbluhm (Thu, 08 Aug 2019 14:25:30 GMT):
I think @george.aristy or @troyronda are the best contacts on the go framework

dbluhm (Thu, 08 Aug 2019 14:26:24 GMT):
Oops sorry; just noticed that someone else may have answered the question already

joshgraber (Thu, 08 Aug 2019 17:27:48 GMT):
The new index looks fantastic! Thanks for incorporating the protocol tags, very useful

joshgraber (Thu, 08 Aug 2019 17:28:22 GMT):
Are there currently any protocols in place for interacting with a steward to publish a public DID document to the ledger, for an issuer for instance?

swcurran (Thu, 08 Aug 2019 17:42:15 GMT):
I've been waiting for that to come up...using DIDComm to talk to the ledger. Not happening yet, but I think it should...

troyronda (Thu, 08 Aug 2019 17:52:58 GMT):
and it would be awesome if one of those backing ledgers could be based on Sidetree :).

swcurran (Thu, 08 Aug 2019 18:29:21 GMT):
Are you all set @faber_alice ? Is the demo now working?

TelegramSam (Thu, 08 Aug 2019 21:43:33 GMT):
Yesterday's Aries Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16323792

swcurran (Fri, 09 Aug 2019 04:05:59 GMT):
Release 0.3.0 of aries-cloudagent-python has been released and is available on PyPi. Some of the bigger issues added include: - support for the Transaction Author Agreement (TAA) necessary for anyone deploying to Sovrin - reorganization of the command line parameters to enable separate initialization parameters from operational - timeout handling improvements based on feedback from users (thanks!) - some demo handling cleanups based on feedback from users (thanks!) - support for using public DIDs during the connection process. Checkout the release page for a full list of changes.

swcurran (Fri, 09 Aug 2019 04:05:59 GMT):
Release 0.3.0 of aries-cloudagent-python has been tagged and is available on PyPi. Some of the bigger issues added include: - support for the Transaction Author Agreement (TAA) necessary for anyone deploying to Sovrin - reorganization of the command line parameters to enable separate initialization parameters from operational - timeout handling improvements based on feedback from users (thanks!) - some demo handling cleanups based on feedback from users (thanks!) - support for using public DIDs during the connection process. Checkout the release page for a full list of changes: https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.3.0

swcurran (Fri, 09 Aug 2019 04:05:59 GMT):
Release 0.3.0 of aries-cloudagent-python has been tagged and is available on PyPi. Some of the bigger issues added include: - support for the Transaction Author Agreement (TAA) necessary for anyone deploying to Sovrin - reorganization of the command line parameters to enable separate initialization parameters from operational - timeout handling improvements based on feedback from users (thanks!) - demo handling cleanups based on feedback from users (thanks!) - support for using public DIDs during the connection process. Checkout the release page for a full list of changes: https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.3.0

swcurran (Fri, 09 Aug 2019 04:09:21 GMT):
We recommend unless you plan on updating aries-cloudagent-python itself (or are just running the demos), you should use the released version from PyPi.

Iso5786 (Fri, 09 Aug 2019 13:55:05 GMT):
Thx! Now I got it working, not sure why ;)

Iso5786 (Fri, 09 Aug 2019 13:55:31 GMT):
To Gopkg.toml I added : [[constraint]] branch = "master" name = "github.com/hyperledger/aries-framework-go"

Baha-sk (Fri, 09 Aug 2019 13:58:49 GMT):
sounds good. you're using vendoring via toml files.. that should be ok, but you can upgrade to use go mod instead, you don't need a local vendor folder with go mod ... but if you wanna stick to vendoring, as long as it works and you can reference the project, you should be fine

Iso5786 (Sun, 11 Aug 2019 18:06:16 GMT):
Am wondering how I can resolve Sovrin DIDs via aries-framework-go as I need to specify the method on how to resolve them but what do I exactly need to define there? E.g. setup a connection to a resolver URL (see for example https://github.com/decentralized-identity/universal-resolver/tree/master/resolver/java)?

manavgupta (Mon, 12 Aug 2019 05:08:48 GMT):
can anyone suggest me the best way to get started with aries??? I have run the demo for aries agent now i want to implement aries agent for mobile application. So what will be the best source to get started with.

troyronda (Mon, 12 Aug 2019 14:03:42 GMT):
We haven't built additional DID resolver methods into the project yet (we recently kicked off the Aries Framework Go project, and we started with the Peer DID implementation). I made note of the feature request to support DID resolution via the universal resolver Web API: https://github.com/hyperledger/aries-framework-go/issues/86.

Iso5786 (Mon, 12 Aug 2019 14:27:16 GMT):
Ah ok :-) Thx for creating the feature request. :clap:

haniavis (Mon, 12 Aug 2019 16:29:25 GMT):
Hi, looking in the aca-py, I would like to ask if a cloud agent is supposed to have a wallet. Since it is not an edge agent, I understand that it is just a data relay to other agents and ledgers. So what is the purpose of a wallet here? Is it storing the exact same private data as an edge agent?

dbluhm (Mon, 12 Aug 2019 16:51:43 GMT):
Many of the uses cases targeted by ACA-Py at the present time are enterprise oriented. In the case of an organization-representing agent, the "cloud" agent holding the keys and credentials of the organization makes sense. Cloud Agents would also still need to maintain keys and relationships even in the case that it is not used as the main agent of an individual or organization. For example, if a cloud agent is operating as a moderator for the edge agent running on my phone, my edge agent and the cloud agent providing that service have a relationship with keys and potentially credentials associated with it. So the cloud agent wallet does not store the same data as the edge agent and I would say it is discouraged to ever duplicate private keys or other secrets. Using the Indy-SDK, this is in fact not possible by design.

haniavis (Mon, 12 Aug 2019 19:47:24 GMT):
Another question is: can an aries cloud agent represent an enterprise/organization/company and at the same time be the relay for another edge agent of an end-user?

dbluhm (Mon, 12 Aug 2019 19:49:19 GMT):
I don't think there is anything technically preventing that. Whether it's advisable in terms of allocating the appropriate resources to the agent and having a good separation of concerns etc may be another question.

dbluhm (Mon, 12 Aug 2019 19:50:59 GMT):
I can imagine, for instance, that there may one day be an agent that is optimized for being a mediator. Given those optimizations, it may no longer be the ideal candidate for an enterprise agent. I can also imagine the reverse case where one agent implementation is optimized for representing an org and isn't particularly great at efficient routing or something.

ptab-pawan (Tue, 13 Aug 2019 13:16:01 GMT):
@kdenhartog and @swcurran : I want to consume Indy-SDK in react native and build android/iOS app. Please suggest which approach would help to consume all indy features . I want to consume Indy-SDK in react native and build android/iOS app. Please suggest which approach would help to consume all indy features . Need suggestion as which approach is stable and would work the best. 1. Approach 1: 1. Use the libIndy framework files and load libIndy library. Write bridging methods between java to JS and call the methods from libIndy . libIndy referred from : https://repo.sovrin.org/android/libindy/rc/1.11.0-81. 2. Approach 2: 1. Use the libVCX framework files and load libVCX library. Write bridging methods between java to JS and call methods of libVCX. libVCX referred from : https://repo.sovrin.org/android/libvcx/rc/0.4.0-81/ 3. Approach 3: 1. Use Indy-SDK npm node module. Ref : https://www.npmjs.com/package/indy-sdk 2. Consume the indy methods directly by creating JS modules.

ptab-pawan (Tue, 13 Aug 2019 13:16:01 GMT):
@kdenhartog and @swcurran : I want to consume Indy-SDK in react native and build android/iOS app. Please suggest which approach would help to consume all indy features . I want to consume Indy-SDK in react native and build android/iOS app. Please suggest which approach would help to consume all indy features . Need suggestion as which approach is stable and would work the best. 1. Approach 1: 1. Use the libIndy framework files and load libIndy library. Write bridging methods between java to JS and call the methods from libIndy . libIndy referred from : https://repo.sovrin.org/android/libindy/rc/1.11.0-81. 2. Approach 2: 1. Use the libVCX framework files and load libVCX library. Write bridging methods between java to JS and call methods of libVCX. libVCX referred from : https://repo.sovrin.org/android/libvcx/rc/0.4.0-81/.But the libVCX wrapper is only available for android and not for iOS. 3. Approach 3: 1. Use Indy-SDK npm node module. Ref : https://www.npmjs.com/package/indy-sdk 2. Consume the indy methods directly by creating JS modules.

kdenhartog (Tue, 13 Aug 2019 13:35:10 GMT):
I'm not familiar enough with react to understand the tradeoffs you'd be encountering picking one over the other. However I can say that when I tried using Java/Obj-C libraries as a bridge to build a PoC flutter app the solution felt very slow.

kdenhartog (Tue, 13 Aug 2019 13:35:39 GMT):
I'm not sure if this would be the same experience with react

swcurran (Tue, 13 Aug 2019 17:39:19 GMT):
Same answer from me - not familiar enough with the stack to help. @TelegramSam - any thoughts on who best to answer this?

cam-parra (Tue, 13 Aug 2019 18:15:38 GMT):
@ptab-pawan Our company has found it fairly easu to use they indy-sdk node module. We do not use VCX since it does not meet community standards and key pieces for an android part are missing.

cam-parra (Tue, 13 Aug 2019 18:15:38 GMT):
@ptab-pawan Our company has found it fairly easy to use they indy-sdk node module. We do not use VCX since it does not meet community standards and key pieces for an android part are missing.

gcsfred (Tue, 13 Aug 2019 18:16:19 GMT):
"Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments." Is there a mobile Python-based Aries SDK?

dbluhm (Tue, 13 Aug 2019 18:29:11 GMT):
There is no mobile python-based Aries Agent. As far as I can tell, creating a python-based mobile app for Aries would be quite complicated and one appearing in the future somewhat unlikely due to iOS and Android devices being locked in to their respective Objective-C/Swift and Java/Kotlin ecosystems. However, there are significant efforts within the community to create mobile apps using frameworks like Xamarin and react native and a vanilla iOS or Android app is also possible.

gcsfred (Tue, 13 Aug 2019 18:36:22 GMT):
Ok. It's nice that there are people creating mobile apps. However, if I'm going to create Aries apps, it would be nice to start with an SDK, instead of just RFCs...

gcsfred (Tue, 13 Aug 2019 18:36:22 GMT):
Ok. It's nice that there are people creating mobile apps. However, if I'm going to create Aries mobile apps, it would be nice to start with an SDK, instead of just RFCs...

dbluhm (Tue, 13 Aug 2019 18:40:15 GMT):
Yep, we agree :slight_smile: the creation/migration of the Aries SDK is actively underway and you're welcome to join the efforts. Even prior to the official release of an Aries SDK, however, using one of the frameworks like the dotnet agent framework (https://github.com/streetcred-id/agent-framework) or starting with an app like OSMA (https://github.com/mattrglobal/osma) are viable options.

gcsfred (Tue, 13 Aug 2019 18:42:27 GMT):
Is there anything non-.NET by any chance? Any open source mobile Aries agent?

gcsfred (Tue, 13 Aug 2019 18:44:33 GMT):
The same questions go to Indy. Is there any mobile Indy SDK by any chance?

dbluhm (Tue, 13 Aug 2019 18:45:47 GMT):
At the moment, the OSMA is the most developed Aries compatible agent in the open having been graciously open sourced by the Mattr team. I'm not aware of any other open source mobile agents right now.

dbluhm (Tue, 13 Aug 2019 18:47:02 GMT):
The Indy SDK is available for iOS and Android though I'm not the best one to ask for details. The Indy SDK is the basis for the agent framework.

TelegramSam (Tue, 13 Aug 2019 22:35:46 GMT):
@ptab-pawan I also lack experience here, but would only recommend using lib-vcx if in contact and coordination with Evernym so as to be ready for planned changes to that library as it moves (or doesn't move) to Aries.

ptab-pawan (Wed, 14 Aug 2019 05:49:49 GMT):
@TelegramSam :Thanks. Could you tell me poc from evernym team so that I can come to a conclusion. Problem to use libVCX is the wrapper for iOS isnt available.

ptab-pawan (Wed, 14 Aug 2019 06:04:47 GMT):
@cam-parra : what was your reference for implementation? Did you use Xamarin or react native ?

ptab-pawan (Wed, 14 Aug 2019 06:04:47 GMT):
@cam-parra : what was your reference agent framework or docs for implementation? Did you use Xamarin or react native ?

tomislav (Wed, 14 Aug 2019 12:06:06 GMT):
@gcsfred Agent Framework for dotnet (and all other wrappers) use Indy SDK static library for iOS and Android to invoke Indy methods and actions. Indy SDK itself only provides static libraries for all platforms, but relies on wrappers and application frameworks to call them. .NET core is entirely open-source, as well as the agent framework stack, all the way through Indy SDK.

ptab-pawan (Wed, 14 Aug 2019 13:23:28 GMT):
@dbluhm : Could you provide point of contact of anyone who has tried indy with react native?

ptab-pawan (Wed, 14 Aug 2019 13:23:28 GMT):
@dbluhm @tomislav : from the converstations with @TelegramSam and @cam-parra still there seems 2 approaches for react native mobile app :indy-sdk - npm and libIndy wrappers. libVCX is out of question as no wrapper for iOS. Any point of contact who has tried indy in react native. Want to know which is the faster and better approach.

dbluhm (Wed, 14 Aug 2019 13:24:53 GMT):
Evernym's Connect.me app is written in react native. @esplinr might be able to connect you with someone.

jakubkoci (Wed, 14 Aug 2019 13:26:08 GMT):
And there is an open-sourced version of older version of Connect.me https://github.com/sovrin-foundation/connector-app

ptab-pawan (Wed, 14 Aug 2019 13:31:36 GMT):
@dbluhm : thanks . Just curious to know how is connect.me different from https://github.com/evernym/sovrin-connector-preview

ptab-pawan (Wed, 14 Aug 2019 13:34:52 GMT):
@jakubkoci : https://github.com/sovrin-foundation/connector-app#run-ios-on-device is dependent on contributor. who is the active contributor to connect for these steps?

jakubkoci (Wed, 14 Aug 2019 13:38:05 GMT):
I guess it is. I think connector-preview is predcessor of connector-app (the same, but older version, before Evernym donated it to Sovrin. Connect.me diverged from that repo and continue as proprietary solution, developed only by Evernym.

jakubkoci (Wed, 14 Aug 2019 13:45:26 GMT):
As you can see from commits there is no active development around this repo, so I don't know who is the right person to contact. I work for Absa and we developed our own version of mobile app in React Native (we started before connector-app code was available). It would be great to have open-source solution in RN, or at least wrappers around Aries/Indy.

ptab-pawan (Wed, 14 Aug 2019 13:46:47 GMT):
So what was your approach. Is your solution mature to be opensourced?

jakubkoci (Wed, 14 Aug 2019 14:05:33 GMT):
We're currently using libvcx on both Android and iOS. Its maturity is close to be open-sourced. But 1. We have some custom part/module for our specific use cases 2. There can be some legal stuff to be done before open sourcing.

jakubkoci (Wed, 14 Aug 2019 14:07:34 GMT):
There are also other questions/issues, highly related to your questions/list in the main thread. We don't know whether to continue with vcx or return back to pure indy sdk with potentialy new aries-js-sdk

jakubkoci (Wed, 14 Aug 2019 14:11:52 GMT):
To be honest, I'm not sure how to approach it now. I would be glad if we open-sourced that, because we could potentially move faster and build better solution togheter with other participants. On the other hand, open-sourcing would require some effort for our small team and we need to handle that together with other our business priorities.

callahan (Wed, 14 Aug 2019 15:33:54 GMT):
Hi Aries team: I am thinking of proposing a new RFC for "Biometric Service Provider" (BSP) based on a white paper that we worked on with Daniel and Lovesh at Evernym. Daniel sent me the guidelines for RFCs and it suggests to pick a folder (concept, feature, etc.). Where would people suggest I put it?

swcurran (Wed, 14 Aug 2019 15:37:47 GMT):
Sounds like a concept, unless you are proposing a concrete protocol or decorator. I suspect from the sounds of the topic, it would go with concepts.

swcurran (Wed, 14 Aug 2019 15:37:47 GMT):
Sounds like a concept, unless you are proposing a concrete protocol or decorator. I suspect from the sounds of the topic, it would go with concepts. And worst case we can move it later :-)

callahan (Wed, 14 Aug 2019 15:38:18 GMT):
That's my thought too... start with concept and move to API/protocol type document later. Thx!

sukalpomitra (Wed, 14 Aug 2019 15:43:49 GMT):
Hi, is this whitepaper available for general public? If yes can you please provide a link so that I can read.

callahan (Wed, 14 Aug 2019 15:45:03 GMT):
Please check with Daniel as principle author on whether we can release it or not.

callahan (Wed, 14 Aug 2019 15:46:37 GMT):
Would love to have your contributions as we move forward of course

jadhavajay (Wed, 14 Aug 2019 16:14:40 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=hcoXxcEdZzwxLxkZg) Excellent, would love to contribute.

VipinB (Wed, 14 Aug 2019 17:32:02 GMT):
We have had a writeup on biometrics in the Identity WG a couple of years ago; the link is https://docs.google.com/document/d/1YaQo5Yd2ooDurKhL_iGWkHO5KuNFA9L50GkXCs3LqeA/edit#heading=h.yh0l87vux0on

esplinr (Thu, 15 Aug 2019 03:00:43 GMT):
You should study the approach taken in the Sovrin Connector App: https://calendar.google.com/calendar/b/0?cid=a2VuQHNvdnJpbi5vcmc

esplinr (Thu, 15 Aug 2019 03:00:43 GMT):
You should study the approach taken in the Sovrin Connector App: https://github.com/sovrin-foundation/connector-app

esplinr (Thu, 15 Aug 2019 03:05:14 GMT):
With the creation of the Aries project, we have been discussing the future architecture of the Indy SDK. Lots of it will move to Aries, leaving behind the Indy resolver. We haven't seen a lot of collaborative development on LibVCX, so it is likely to be deprecated instead of moving from Indy to Aries. People who need a long term support path for LibVCX should contact Evernym, who are continuing development for their customers.

esplinr (Thu, 15 Aug 2019 03:06:37 GMT):
No one has volunteered to update the Sovrin Connector App, but it could be updated to use the latest LibVCX and work against ACA-py without too much effort. The bigger lift will be modifying LibVCX to use the current Aries protocols, as it is based on the original credential exchange format and hasn't kept pace with the Aries standardization process.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could unblind someone's identity. If we go anymore granular than that, we'll need a real expert to be involved.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we go anymore granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic but it is heaped with danger.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic but it is heaped with danger.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic heaped with danger.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic heaped with dangerous consequences.

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic heaped with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need a real expert to be involved. Genome data sharing is a hot topic but heaped with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic but heaped with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements currently defined that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic but heaped with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements currently defined that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic stacked with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements currently defined that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic which is obviously stacked with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data research as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements currently defined that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic which is obviously stacked with dangerous consequences. @callahan @VipinB

pknowles (Thu, 15 Aug 2019 07:37:46 GMT):
I had a brief foray into genome data research as part of the Blinding Identity Taxonomy (BIT) initiative. In the end, we went with "Genetic Identifiers (incl. chromosomal, deoxyribonucleic acid (DNA) and ribonucleic acid (RNA) data)" as one of the 47 elements currently defined that could potentially unblind someone's identity. If we decide to go more granular than that, we'll need strong input from a true genome expert. Genome data sharing is a hot topic which is obviously fraught with dangerous consequences. @callahan @VipinB

dbluhm (Thu, 15 Aug 2019 14:46:03 GMT):
Identity WG Implementer's call will be starting in about 15 minutes! Vladimir Shishkin of Evernym will be talking about Indy performance testing after our regular project updates. Meeting agenda with zoom link: https://wiki.hyperledger.org/x/zhP5

TelegramSam (Thu, 15 Aug 2019 15:15:19 GMT):
Aries WG call posted from yesterday (US Afternoon): https://wiki.hyperledger.org/pages/viewpage.action?pageId=16324273

pknowles (Thu, 15 Aug 2019 17:42:08 GMT):
Very much needed by the looks of things! https://www.vpnmentor.com/blog/report-biostar2-leak/

SteveMagennis (Thu, 15 Aug 2019 21:51:55 GMT):
Is anyone out there focused on wallets in the context of aries agents? I'd like to flesh out some thoughts?

SteveMagennis (Thu, 15 Aug 2019 21:51:55 GMT):
Q1: Is anyone out there focused on wallets in the context of aries agents? I'd like to flesh out some thoughts?

SteveMagennis (Thu, 15 Aug 2019 21:52:55 GMT):
Must an agent have one and only one endpoint, or has there been any discussion about 'multi-homing'

SteveMagennis (Thu, 15 Aug 2019 21:52:55 GMT):
Q2: Must an agent have one and only one endpoint, or has there been any discussion about 'multi-homing'

dbluhm (Thu, 15 Aug 2019 22:17:02 GMT):
DID Documents allow for specifying multiple service endpoints; I don't think anyone's been pushing for having only one endpoint but there also hasn't been lots of conversation about having multiple endpoints. I think this was recently brought up by @TelegramSam as a gap that needs filling. I believe he resolved to write up an RFC that filled out some of the thinking around multiple endpoints and other transport topics.

dbluhm (Thu, 15 Aug 2019 22:18:30 GMT):
Many here are likely interested in wallets and how they are used in aries agents. #aries-sdk might be another good channel for a wallet discussion.

SteveMagennis (Thu, 15 Aug 2019 22:22:05 GMT):
i get the concept that a DID doc can spec multiple service endpoints, my question is from the service side. in particular, for example could aliases exist that would resolve to a single particular agent

swcurran (Thu, 15 Aug 2019 22:30:55 GMT):
Is your interest just in the Indy term for wallets (aka secure storage of DID keys and credentials) or in the industry term - e.g. an agent-y type thing that runs on your device (usually mobile) and lets you store and use things?

swcurran (Thu, 15 Aug 2019 22:32:45 GMT):
I think the answer is yes. On the one hand, your agent will construct a did:peer DID/DIDDoc for every contact you have, and you could put have different paths in different DID/DIDDoc instances that lead to the same agent.

swcurran (Thu, 15 Aug 2019 22:34:30 GMT):
On the other hand, you could have multiple keys/service endpoints within a single DID/DIDDoc that you share that actually lead back to the same agent. The recipient of the DID/DIDDoc would have no way to know. The challenge is of course the user experience for that. What triggers the entries to be put into the DIDDoc in that way.

swcurran (Thu, 15 Aug 2019 22:35:56 GMT):
So short answer - technically possible. Not clear on why you would do that. Once that is defined, how you trigger that might be easier to understand.

SteveMagennis (Thu, 15 Aug 2019 22:43:34 GMT):
let me re-read the protocol and make sure I'm asking the right question...

swcurran (Thu, 15 Aug 2019 23:20:52 GMT):
Release 0.3.1 of aries-cloudagent-python is now available in github and pypi. This is (mostly) a cleanup release (TAA tweaks - thanks to the community) but with a couple of new features. https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.3.1 https://pypi.org/project/aries-cloudagent/0.3.1/

SteveMagennis (Thu, 15 Aug 2019 23:43:56 GMT):
Let’s say I have 3 public DID’s that I use to represent a personal persona, a work persona and a hobby persona. Let’s also say that the DID Docs associated with each persona expose the same collection of services with the same serviceEndpoints. In theory since all of these DIDs are public, someone could correlate my personas by matching endpoints. Not sure this would be a problem IRL, maybe a corporation wouldn’t want people to correlate a budget brand with a premium brand or something like that. Mostly it was nagging me and I wanted to make sure I was thinking about things correctly.

SteveMagennis (Thu, 15 Aug 2019 23:45:57 GMT):
probably the later. In thinking about how agents use wallets it quickly exploded into much more than keys and credentials.

SteveMagennis (Thu, 15 Aug 2019 23:45:57 GMT):
probably the later. In thinking about how agents use wallets it quickly exploded into much more than keys and credentials event for just comms and creds

swcurran (Fri, 16 Aug 2019 00:38:25 GMT):
The simple answer to your question is that they could have non-correlating endpoints. For example, each could have the endpoint "https://agents-r-us.com" that would be the end point for you and all of Agents-R-Us's clients (aka "lost in the crowd" or "herd privacy"). WIthin the Agents-R-Us agency, you would configure a unique route for each DID that would lead to the same agent. No one reading the DIDDoc could correlate the three DIDs. This is described in the (I think) DIDDoc Conventions RFC. In the current vision, unless each of your persona needed to issue credentials, they would not need to have a public DID at all, but that might change. Or there might be a good reason to support credential issuance for each persona - for example, delegation of authority. In that case, you might have many issuing DIDs, all seemingly independent, and all leading back to your agent.

SteveMagennis (Fri, 16 Aug 2019 00:39:50 GMT):
that clears it up. thank you!

swcurran (Fri, 16 Aug 2019 00:41:03 GMT):
Confirmed - DIDDoc Conventions - https://github.com/hyperledger/aries-rfcs/blob/master/features/0067-didcomm-diddoc-conventions/README.md

ptab-pawan (Fri, 16 Aug 2019 07:22:37 GMT):
Hi @danielhardman : Any roadmap document or PR list for Aries and JS framework for Aies?

danielhardman (Fri, 16 Aug 2019 15:47:45 GMT):
On the JS framework for Aries: please contact @kdenhartog and @richardespli

danielhardman (Fri, 16 Aug 2019 15:47:45 GMT):
On the JS framework for Aries: please contact @kdenhartog and @esplinr

danielhardman (Fri, 16 Aug 2019 15:48:45 GMT):
On the roadmap: each Aries subproject (e.g., aries-cloudagent-python, aries-framework-go, etc) has its own roadmap.

danielhardman (Fri, 16 Aug 2019 15:50:04 GMT):
@swcurran might know about roadmap for aries-cloudagent-python; @troyronda for go; @tomislav for the new dotnet initiative.

swcurran (Fri, 16 Aug 2019 16:05:38 GMT):
Good idea - I'll add that to my list to get going. We have a few plans. A related question is how to define what is a 1.0 release? We've started to think about that a little. Would welcome any thoughts on that.

andrew.whitehead (Fri, 16 Aug 2019 17:03:56 GMT):
This seems relevant? https://wiki.hyperledger.org/pages/viewpage.action?pageId=16321784

swcurran (Fri, 16 Aug 2019 17:05:10 GMT):
Yes - thanks for posting. I saw that yesterday. Trying to think how it applies to aca-py specifically. And how if aca-py goes to 1.0 what does that mean for Aries?

andrew.whitehead (Fri, 16 Aug 2019 17:05:51 GMT):
Yes, I think that's meant to be guidelines for top-level projects. And can't really get specific with features

troyronda (Fri, 16 Aug 2019 19:58:11 GMT):
We are working on planning the aries-framework-go roadmap in the wiki and using GitHub milestones. e.g., for 0.1.0: https://github.com/hyperledger/aries-framework-go/milestone/1 and https://wiki.hyperledger.org/display/ARIES/Framework+Go+v0.1.0

swcurran (Fri, 16 Aug 2019 20:09:31 GMT):
@troyronda - it looks like you aren't going to be doing any integration with Indy at all for Verifiable Credentials. Is that right? Are you planning on doing anything with Indy Wallet/Storage, or will this implementation use some other storage implemention?

troyronda (Fri, 16 Aug 2019 20:10:29 GMT):
@swcurran this page only represents a first milestone where are trying to achieve DID exchange based on both peer DIDs and ledger-backed DIDs.

troyronda (Fri, 16 Aug 2019 20:10:51 GMT):
(we haven't yet started on the next phase of planning for verifiable credentials).

troyronda (Fri, 16 Aug 2019 20:11:08 GMT):
(and ledger-backed DIDs from a ledger supporting HTTPS binding).

troyronda (Fri, 16 Aug 2019 20:11:08 GMT):
(and ledger-backed DIDs from a ledger supporting HTTPS binding - also included universal resolver).

troyronda (Fri, 16 Aug 2019 20:11:08 GMT):
(and ledger-backed DIDs from a ledger supporting HTTPS binding - also includes universal resolver).

swcurran (Fri, 16 Aug 2019 20:11:59 GMT):
Got it. I was combining your comments from last call and thinking this list was a larger goal.

troyronda (Fri, 16 Aug 2019 20:12:01 GMT):
In this first milestone, we are doing very limited storage -- just to achieve the DID exchange.

troyronda (Fri, 16 Aug 2019 20:26:03 GMT):
@swcurran nope - just the first milestone.

troyronda (Fri, 16 Aug 2019 20:26:38 GMT):
(btw - I think it would be cool to be able to show Peer DIDs + Indy DIDs + Fabric DIDs in a demo).

troyronda (Fri, 16 Aug 2019 20:26:38 GMT):
(btw - I think it would be cool to be able to show Peer DIDs + Indy DIDs + Sidetree/Fabric DIDs in a demo).

troyronda (Fri, 16 Aug 2019 20:26:38 GMT):
(btw - I think it would be cool to be able to show peer DIDs + indy DIDs + sidetree-fabric DIDs in a demo).

swcurran (Fri, 16 Aug 2019 20:28:58 GMT):
We did the agentbook demo back in Feb that used just Connections (aka DID Exchange), Trust Ping and Basic Message to create a pretty cool demo. Could do something like that.

troyronda (Fri, 16 Aug 2019 20:29:41 GMT):
Nice. BTW - I was going to ask you where you think the cloudagent swagger surface will go with did-exchange?

troyronda (Fri, 16 Aug 2019 20:29:41 GMT):
Nice. I think bringing together these implementations is a very good goal.

troyronda (Fri, 16 Aug 2019 20:29:52 GMT):
BTW - I was going to ask you where you think the cloudagent swagger surface will go with did-exchange?

swcurran (Fri, 16 Aug 2019 20:31:10 GMT):
Hmm....those just use did:peer - no Indy DIDs. Have to think of how to add the other DID methods.

swcurran (Fri, 16 Aug 2019 20:31:10 GMT):
Hmm....that demo just use did:peer - no Indy DIDs. Have to think of how to add the other DID methods.

troyronda (Fri, 16 Aug 2019 20:31:44 GMT):
(reference: for our controller REST API that we expose for our bdd test steps, we have been seeing where consistency can exist with cloudagent-python).

swcurran (Fri, 16 Aug 2019 20:32:17 GMT):
For did-exchange, we will likely just add did-exchange as a new protocol with it's own set of admin endpoints. Likely the same ones that are named "connection" today.

swcurran (Fri, 16 Aug 2019 20:32:51 GMT):
Then we will eventually remove the connection protocol, which in turn will remove that from the swagger interface.

swcurran (Fri, 16 Aug 2019 20:32:51 GMT):
Then we will eventually remove the connection protocol, which in turn will remove those endpoints from the swagger interface.

troyronda (Fri, 16 Aug 2019 20:33:07 GMT):
The particular example that we were looking at was did-exchange/connections

troyronda (Fri, 16 Aug 2019 20:33:07 GMT):
The particular example that we were thinking about was did-exchange/connections

troyronda (Fri, 16 Aug 2019 20:33:07 GMT):
The particular example that we were thinking about was /did-exchange/connections

troyronda (Fri, 16 Aug 2019 20:33:07 GMT):
The particular example that we were thinking about was GET /did-exchange/connections

StefanK (Sat, 17 Aug 2019 11:17:35 GMT):
Hey People, is it possible to run the aries cloud agent without the demo but with swagger? Want to build a vue.js typescript app upon that, for a PoC. Iam not very familiar with python ^^'..

StefanK (Sat, 17 Aug 2019 16:08:14 GMT):
And another question x) after play around with the python demo code. I made a acme aquivalent to faber. But acme have no auto accept invite flag, can i accept the invite with the swagger api? And which method do i have to use?

StefanK (Sat, 17 Aug 2019 16:09:23 GMT):
if my questions are fail on place somebody should tell me :D und sry for my retarded english skills

andrew.whitehead (Sat, 17 Aug 2019 19:51:25 GMT):
@StefanK There's instructions here for running the agent, and details at the bottom of the page for running in Docker: https://github.com/hyperledger/aries-cloudagent-python/blob/master/DevReadMe.md#Running I also have a basic vue.js app (not compiled) that makes use of the admin API here, it includes support for accepting invitations: https://github.com/andrewwhitehead/catalyst-demo-ui

StefanK (Sun, 18 Aug 2019 16:28:34 GMT):
Hey Andrew, thx a lot. :) Lets see what i can make out of that.

StefanK (Mon, 19 Aug 2019 14:17:25 GMT):
Hey can someone tell me why the aca-py doesnt make a connection to the ledger or lets say i get the following error for the follwing command. aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http --admin 0.0.0.0 8001 --admin-insecure-mode --genesis-url http://195.128.101.205:9000/genesis --label "MyAgent1" --seed 000000000000000000000000Steward1 2019-08-19 07:11:10,895 aiohttp.server ERROR Error handling request Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/messaging/schemas/routes.py", line 83, in schemas_get_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/injection_context.py", line 126, in inject return await self.injector.inject(base_cls, settings, required=required) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/injector.py", line 83, in inject "No instance provided for class: {}".format(base_cls.__name__) aries_cloudagent.config.base.InjectorError: No instance provided for class: BaseLedger

StefanK (Mon, 19 Aug 2019 14:17:25 GMT):
Hey can someone tell me why the aca-py doesnt make a connection to the ledger or lets say i get the following error for the follwing command. Ah and i get that error by try to interact with the ledger via swagger, get a schema .. aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http --admin 0.0.0.0 8001 --admin-insecure-mode --genesis-url http://195.128.101.205:9000/genesis --label "MyAgent1" --seed 000000000000000000000000Steward1 2019-08-19 07:11:10,895 aiohttp.server ERROR Error handling request Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/messaging/schemas/routes.py", line 83, in schemas_get_schema ledger: BaseLedger = await context.inject(BaseLedger) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/injection_context.py", line 126, in inject return await self.injector.inject(base_cls, settings, required=required) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/injector.py", line 83, in inject "No instance provided for class: {}".format(base_cls.__name__) aries_cloudagent.config.base.InjectorError: No instance provided for class: BaseLedger

StefanK (Mon, 19 Aug 2019 14:20:20 GMT):
Ah and i get that error by try to interact with the ledger via swagger, get a schema ..

swcurran (Mon, 19 Aug 2019 15:04:37 GMT):
How are you running the ledger? Have you got a ledger browser server running on this - http://195.128.101.205:9000/genesis? I think there is a missing argument, but can't find it to be sure. @andrew.whitehead Can you please take a look?

StefanK (Mon, 19 Aug 2019 15:05:41 GMT):
Yes thats right, i have running the VON-Network on the same machine.

andrew.whitehead (Mon, 19 Aug 2019 15:59:06 GMT):
It must use `--wallet-type indy` as well at the moment

StefanK (Mon, 19 Aug 2019 16:00:16 GMT):
by the way what exactly is this flag doin ?

swcurran (Mon, 19 Aug 2019 16:00:21 GMT):
I was thinking there was an "indy" arg, but couldn't find it. We should do a pass over the help text.

swcurran (Mon, 19 Aug 2019 16:01:05 GMT):
The wallet type is pluggable, and there are (I think) two version - base and indy.

swcurran (Mon, 19 Aug 2019 16:01:14 GMT):
In theory there might be more later.

StefanK (Mon, 19 Aug 2019 16:01:54 GMT):
Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/commands/start.py", line 66, in init await startup File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/commands/start.py", line 22, in start_app await conductor.start() File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/conductor.py", line 148, in start await ledger_config(context, public_did) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/config/ledger.py", line 79, in ledger_config taa_info = await ledger.get_txn_author_agreement() File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/ledger/indy.py", line 569, in get_txn_author_agreement self.taa_cache = await self.fetch_txn_author_agreement() File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/ledger/indy.py", line 576, in fetch_txn_author_agreement get_aml_req = await indy.ledger.build_get_acceptance_mechanisms_request( AttributeError: module 'indy.ledger' has no attribute 'build_get_acceptance_mechanisms_request'

andrew.whitehead (Mon, 19 Aug 2019 16:03:17 GMT):
The python3-indy module and libindy.so / dll need upgrading

StefanK (Mon, 19 Aug 2019 16:05:42 GMT):
mh, my setup right now is that i got the indy-cli via ubuntu apt-get not python3 does that makes a difference ?

StefanK (Mon, 19 Aug 2019 16:07:26 GMT):
also libindy.so is installed by that doesnt it ?

StefanK (Mon, 19 Aug 2019 16:09:01 GMT):
ok after i started the VON-ledger it about indy version 1.9

StefanK (Mon, 19 Aug 2019 16:09:31 GMT):
does the ledger need to be also on the newest version ?

andrew.whitehead (Mon, 19 Aug 2019 16:11:06 GMT):
1.9.0 is sufficient I think

andrew.whitehead (Mon, 19 Aug 2019 16:11:49 GMT):
pip3 install python3-indy==1.11.0

StefanK (Mon, 19 Aug 2019 16:18:31 GMT):
allright i got it, i could also fetch a schema from the ledger

StefanK (Mon, 19 Aug 2019 16:20:37 GMT):
by the way while someone reads that ;) What i have had a hard time was understanding the Swagger-Api by using the Demo Agents, the automatic arguemtns conused me a little. But anyway i think a short diescripting for the normal workflow how to make invites credentiels etc. as when to use which call would be an awesome Document :)

StefanK (Mon, 19 Aug 2019 16:20:37 GMT):
by the way while someone reads that ;) What i have had a hard time was understanding the Swagger-Api by using the Demo Agents, the automatic arguments confused me a little. But anyway i think a short discription for the normal workflow how to make invites credentiels etc. as when to use which call would be an awesome Document :)

swcurran (Mon, 19 Aug 2019 16:22:44 GMT):
You mean because the agents are configured to automatically do things, the swagger API is harder to understand. You make one call and all the rest just happen. Is that what you mean?

StefanK (Mon, 19 Aug 2019 16:24:58 GMT):
i tried go through the invite process. And used half of a day to get that if i recieve the invite the rest go atomaticly. I did for sure make the other requests and wondered why the connection never get to active state >.<

StefanK (Mon, 19 Aug 2019 16:24:58 GMT):
i tried go through the invite process. And used half of a day to get that if i recieve the invite the rest go automaticly. I did for sure make the other requests and wondered why the connection never get to active state >.<

StefanK (Mon, 19 Aug 2019 16:26:00 GMT):
after i wanne get how its working without the auto-flags there is a little way to got for me :)

StefanK (Mon, 19 Aug 2019 16:26:00 GMT):
after i wanna get how its working without the auto-flags there is a little way to got for me :)

StefanK (Mon, 19 Aug 2019 16:26:00 GMT):
i wanna get how its working without the auto-flags, there is a some way to go for me :) (correction)

swcurran (Mon, 19 Aug 2019 16:27:00 GMT):
Sounds good. Thanks for the suggestion. I think we could do that pretty easily.

StefanK (Mon, 19 Aug 2019 16:28:12 GMT):
If i figure it faster out and get to make something with visio i will share it. But for now i need to write on my these the next two days my prof will kill me already x)...

esplinr (Tue, 20 Aug 2019 04:10:39 GMT):
We are still looking for volunteers to work on the JS framework for Aries and push it forward. There is a pretty good start in the Indy SDK wrappers.

SergeyBrazhnik (Tue, 20 Aug 2019 09:17:10 GMT):
Hello everyone! Could somebody point me out the document where I can read about goal of Aries agent. What problems it attempts to solve? Im interesting in location of wallets of clients that going to interract over this agent. F.e it Mobile client 1 and mobile client 2 wants to establish connection over Aries agent what it exactly will do? Provide transport for this messages or will it encrypt/decrypt this messages, if yes, then how Aries will get access to user's wallet?

SergeyBrazhnik (Tue, 20 Aug 2019 09:40:03 GMT):
I had investigation of https://github.com/streetcred-id/agent-framework/tree/dbc429aa7bf9171fb6e5607c51addc2a7278590a and found that guys somehow have access to both wallets (of client 1 and client 2)

SergeyBrazhnik (Tue, 20 Aug 2019 09:48:54 GMT):
if take a look at parameters of test in this repo I could find both wallets of clients ( IAgentContext issuerContext, IAgentContext holderContext ). Agent have access to both wallets??? ``` public static async Task<(CredentialRecord issuerCredential, CredentialRecord holderCredential)> IssueCredentialAsync( ISchemaService schemaService, ICredentialService credentialService, IProducerConsumerCollection messages, ConnectionRecord issuerConnection, ConnectionRecord holderConnection, IAgentContext issuerContext, IAgentContext holderContext, Pool pool, string proverMasterSecretId, bool revocable, List credentialAttributes, OfferConfiguration offerConfiguration = null) ```

raj_shekhar (Tue, 20 Aug 2019 10:56:22 GMT):
Hi, I am going through INDY docs, tutorials, Indy presentations in Hyperledger Global Forum, the resources are pretty confusing for new devs as project code migration is going on, can anyone please redirect me to some resources with latest demos and docs?

dbluhm (Tue, 20 Aug 2019 13:00:14 GMT):
https://github.com/sovrin-foundation/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev

SergeyBrazhnik (Tue, 20 Aug 2019 13:19:12 GMT):
Answering to my previous question - I have to search there https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0004-agents#categorizing-agents

SergeyBrazhnik (Tue, 20 Aug 2019 13:20:50 GMT):
One more question. I investigate a lot the python-cloud-agent a lot and found the module which connected to routing. Could somebody answer, what this routing module stands for? This is a place how f.e mobile edge agent could be connected to issuer edge agent over cloud agent?

dbluhm (Tue, 20 Aug 2019 13:44:13 GMT):
I think that module enables the ACA to act as a Mediator as defined in this RFC: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0046-mediators-and-relays/README.md

dbluhm (Tue, 20 Aug 2019 13:44:55 GMT):
@andrew.whitehead could probably give a more thorough answer

smithsamuelm (Tue, 20 Aug 2019 16:40:14 GMT):
I am at the stage where these ToDo Docs would be really helpful. https://github.com/sovrin-foundation/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev

smithsamuelm (Tue, 20 Aug 2019 16:40:16 GMT):
To Do: Establishing a connection between Aries Agents To Do: Issuing an Indy credential: From Issuer to Holder/Prover To Do: Presenting an Indy credential: From Holder/Prover to Verifier To Do: Next steps: Creating your own Aries Agent

swcurran (Tue, 20 Aug 2019 16:41:40 GMT):
I'll work on those. Dang - didn't want to leave anyone hanging...

smithsamuelm (Tue, 20 Aug 2019 16:42:49 GMT):
I have the aca-py 0.3.1 working and am working through the demo Open Api but enough steps are left out that its easy to get stuck and reverse engineering the code if very time consuming.

smithsamuelm (Tue, 20 Aug 2019 16:43:14 GMT):
Mapping the demo to aca-py with controller

smithsamuelm (Tue, 20 Aug 2019 16:48:28 GMT):
Thanks for working on them. Look forward to it.

raj_shekhar (Wed, 21 Aug 2019 08:24:09 GMT):
Hi, I am running Alice-faber demo of Aries python cloud agent. https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/README.md I have done set up of faber agent and is up and running and while doing so 4 transactions get added to the ledger. But when I set up the alice agent as per the demo, no transaction is added to the ledger, so my query is how alice DID getting registered then?? @swcurran

raj_shekhar (Wed, 21 Aug 2019 12:24:45 GMT):
I have modified the Aries python cloud agent demo with different attributes, till the issuance it works fine but while sending the response of proof request it fails at the proof holder agent with error as below - #26 Send the proof to X Farmer | 2019-08-21 12:14:06,857 aiohttp.server ERROR Error handling request Farmer | Traceback (most recent call last): Farmer | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start Farmer | resp = await task Farmer | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle Farmer | resp = await handler(request) Farmer | File "/home/indy/aries_cloudagent/messaging/presentations/routes.py", line 310, in presentation_exchange_send_credential_presentation Farmer | presentation_exchange_record, body Farmer | File "/home/indy/aries_cloudagent/messaging/presentations/manager.py", line 197, in create_presentation Farmer | credential_definitions, Farmer | File "/home/indy/aries_cloudagent/holder/indy.py", line 252, in create_presentation Farmer | json.dumps({}), # We don't support revocation currently. Farmer | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/anoncreds.py", line 1412, in prover_create_proof Farmer | prover_create_proof.cb) Farmer | indy.error.CommonInvalidStructure

jadhavajay (Wed, 21 Aug 2019 14:43:22 GMT):
@TelegramSam Are there any changes in the Aries call ?

dbluhm (Wed, 21 Aug 2019 14:50:45 GMT):
Nothing has changed. This is the off week for the morning call and the afternoon call will happen today in about 4 hours. See the Hyperledger calendar: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings

swcurran (Wed, 21 Aug 2019 14:52:38 GMT):
Alice does not have a DID on the ledger. Since Alice does not issue credentials, she does not need a public DID. She does have a did:peer pairwise DID for each relationship she has - e.g. with Faber and ACME.

jadhavajay (Wed, 21 Aug 2019 14:52:46 GMT):
Looks like the afternoon call really does not consider Indians at all :relaxed:

jadhavajay (Wed, 21 Aug 2019 14:52:46 GMT):
Looks like the afternoon call does not consider Indians at all :relaxed:

jadhavajay (Wed, 21 Aug 2019 14:53:12 GMT):
it would be at 12:30 AM on 22nd here in India

dbluhm (Wed, 21 Aug 2019 14:56:18 GMT):
Yes, timezone differences are definitely a challenge, unfortunately. The call will be recorded at least and the US Morning call will be next week; though, the topic of discussion for the morning call is mostly focused on the Indy Agent -> Aries Migration and the afternoon call is focused on RFC and protocol discussions.

jadhavajay (Wed, 21 Aug 2019 14:58:00 GMT):
Thanks @dbluhm . I am looking forward to contribute to the Aries Migration part, either to the aries-dotnet-sdk or aries-js-sdk

esplinr (Wed, 21 Aug 2019 14:59:00 GMT):
We need a maintainer to volunteer for the aries-js-sdk.

jadhavajay (Wed, 21 Aug 2019 14:59:26 GMT):
Definitely, I would love to volunteer..

esplinr (Wed, 21 Aug 2019 14:59:38 GMT):
The Indy JS wrapper provides a great start. You could move that into the Aries repo and see who else wants to contribute.

jadhavajay (Wed, 21 Aug 2019 15:00:32 GMT):
Great. I have recently used Indy NodeJS SDK. Hopefully, that would help

esplinr (Wed, 21 Aug 2019 15:01:11 GMT):
We have discussed moving the afternoon call a few hours later, but it would be hard to move it late enough for India to join and we haven't seen much interest from East Asia.

jadhavajay (Wed, 21 Aug 2019 15:01:44 GMT):
I am assuming you're referring to this codebase - https://github.com/hyperledger/indy-sdk/tree/master/wrappers/nodejs

esplinr (Wed, 21 Aug 2019 15:02:24 GMT):
Once you have a PR against the aries-sdk-js repo, we can get you merge rights.

jadhavajay (Wed, 21 Aug 2019 15:03:11 GMT):
Perfect. To start with, I will move this code into aries-sdk-js and will raise a PR

jadhavajay (Wed, 21 Aug 2019 15:03:11 GMT):
Perfect. To start with, I will move this code into aries-sdk-javascript and will raise a PR

jadhavajay (Wed, 21 Aug 2019 15:04:26 GMT):
This is the one - https://github.com/hyperledger/aries-sdk-javascript

jadhavajay (Wed, 21 Aug 2019 15:04:26 GMT):
I guess this is the target repo - https://github.com/hyperledger/aries-sdk-javascript

esplinr (Wed, 21 Aug 2019 15:43:00 GMT):
Wow, that was fast. I'll bring it up for discussion in the Aries call later today to see who is interested in collaborating with you.

esplinr (Wed, 21 Aug 2019 15:43:29 GMT):
I think @smithbk was working on the Node JS wrapper recently.

esplinr (Wed, 21 Aug 2019 15:43:56 GMT):
If we can get two contributors, then we can implement code reviews. Otherwise, we'll give you free-reign to the repo until we see contributions from others.

jadhavajay (Wed, 21 Aug 2019 15:44:20 GMT):
okay, that's great. will collaborate with @smithbk

andrew.whitehead (Wed, 21 Aug 2019 17:17:20 GMT):
The current routing module allows a connected agent to establish an inbound route, such that they can use the routing agent as their endpoint and receive messages packed for a certain key. There isn't an official RFC for this protocol yet, although the message formats are covered here: https://github.com/andrewwhitehead/indy-hipe/tree/inbound-routing-update/text/agent-message-routing

andrew.whitehead (Wed, 21 Aug 2019 17:18:19 GMT):
It would also be necessary to implement message queuing in order to support a disconnected edge agent. I think Sam is discussing that on the call today

george.aristy (Wed, 21 Aug 2019 17:47:23 GMT):
@andrew.whitehead this RFC should be proposed to Aries

andrew.whitehead (Wed, 21 Aug 2019 17:47:59 GMT):
Tobias was working on a newer version incorporating the changes

kdenhartog (Wed, 21 Aug 2019 21:04:26 GMT):
@TelegramSam I was just thinking about the protocol you proposed on the call today, and realized I stated incorrectly that intradomain can be more trusted than interdomain. I think its safer to assume an adversarial environment exists within a domain too and we should still treat it as if its an interdomain by default.

kdenhartog (Wed, 21 Aug 2019 22:03:11 GMT):
Yup, I made a mistake in assuming that the trust would be inherently different originally. I agree we should be aiming to go to a zero trust architecture.

raj_shekhar (Thu, 22 Aug 2019 04:09:44 GMT):
@swcurran so if BOB wants to connect to Alice then how this whole process will look like?

swcurran (Thu, 22 Aug 2019 04:49:54 GMT):
There is an invitation message that must go between Alice and Bob - from one or the other. The invitation is an out of band message - perhaps delivered by email or a QR code. This is described in the "DID Exchange" protocol in the Aries RFC https://github.com/hyperledger/aries-rfcs/tree/master/features/0023-did-exchange

swcurran (Thu, 22 Aug 2019 04:50:50 GMT):
The invitation includes a key and endpoint so that the connection request response can be encrypted and sent.

MALodder (Thu, 22 Aug 2019 05:09:50 GMT):
How to hide tor traffic in plain sight https://blog.torproject.org/obfsproxy-next-step-censorship-arms-race

TelegramSam (Thu, 22 Aug 2019 05:36:59 GMT):
Call Recording Posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16324879

emis (Thu, 22 Aug 2019 11:41:23 GMT):
Hi, I want to make my own simple agent . Is it good idea to start with Aries project since it is in incubation or to use the old indy-agent project ? What is a good point to start?

dbluhm (Thu, 22 Aug 2019 13:34:42 GMT):
Hyperledger Aries is a continuation of the work started in Indy Agent. Indy Agent has officially been deprecated in favor of Aries; I strongly recommend you start in Aries. The incubation status refers more to the maturity of the processes of Aries as a community than to the maturity of the code itself. To get a feel for Agents, if you haven't already, I recommend reading through this RFC: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0004-agents/README.md The Aries Cloud Agent - Python project is a good project to learn and get started with but is also fully production grade. You can check it out here: https://github.com/hyperledger/aries-cloudagent-python

smithsamuelm (Thu, 22 Aug 2019 16:08:09 GMT):
Using decorators as middleware would be one way to add service types to the protocol that allow different trade-offs between reliability and performance.

SvenHammann90 (Thu, 22 Aug 2019 16:28:20 GMT):
Hi, I believe you made the call-out to the "formal analysis guy" in the call :-) I'm listening to the calls, I just cannot attend as they are after my working hours in Switzerland. I would be very interested to talk to you at RWOT; I believe that formal analysis could make these kinds of assumptions (adversarial environment) much more explicit. I believe it is important to be precise about the desired security properties from protocols, especially with the DIDComm landscape becoming increasingly complex.

Alexi (Fri, 23 Aug 2019 16:34:31 GMT):
I was wondering if someone had information on what the status of agent authorization policies was? Is it implemented? if not what the timeline is / any documentation made for it. Thanks!

TelegramSam (Fri, 23 Aug 2019 18:52:20 GMT):
@Alexi you mean permissions within an agent for what types of messages it is willing to process?

swcurran (Fri, 23 Aug 2019 18:53:37 GMT):
I would guess @Alexi is asking about the device authorization policy that has been talked about in the DKMS document and various other paper. Or if he isn't asking about it, I'd love to know.

swcurran (Fri, 23 Aug 2019 18:54:33 GMT):
There was a Sovrin paper promoted yesterday about it.

Alexi (Fri, 23 Aug 2019 18:58:42 GMT):
I think @swcurran is correct in what I am referring to. Policy list of authorized agents for an identity holder. On this paper its described on page 9 https://sovrin.org/wp-content/uploads/2018/10/What-Goes-On-The-Ledger.pdf

TelegramSam (Fri, 23 Aug 2019 19:03:34 GMT):
@Alexi Ah. That question is better answered by @mike or @ken over on chat.sovrin.org.

nage (Fri, 23 Aug 2019 19:59:39 GMT):
If you have a contribution to Hyperledger code bases in the past 12 months (Indy, Aries, Ursa, and more) and haven't received an email with the subject "[Hyperledger Contributors] 2019-2020 TSC elections starting soon" then you didn't catch the email with instructions for being included in the upcoming Hyperledger elections or may have a problem that prevents you from voting. PM me if this is you, and I will see what we can do to help.

raj_shekhar (Mon, 26 Aug 2019 09:25:36 GMT):
Hi @swcurran While adding acme controller to the Aries python agent alice -faber demo I am getting below error while connecting to acme from alice. first time when I acme dosnt respond but second time it throws below error Acme | 2019-08-26 09:16:28,002 aries_cloudagent.messaging.base_handler ERROR Error receiving connection request Acme | Traceback (most recent call last): Acme | File "/home/indy/aries_cloudagent/messaging/connections/manager.py", line 331, in receive_request Acme | self.context, connection_key, ConnectionRecord.INITIATOR_SELF Acme | File "/home/indy/aries_cloudagent/messaging/connections/models/connection_record.py", line 171, in retrieve_by_invitation_key Acme | return await cls.retrieve_by_tag_filter(context, tag_filter) Acme | File "/home/indy/aries_cloudagent/messaging/models/base_record.py", line 207, in retrieve_by_tag_filter Acme | cls.RECORD_TYPE, tag_filter Acme | File "/home/indy/aries_cloudagent/storage/base.py", line 217, in fetch_single Acme | raise StorageNotFoundError("Record not found") Acme | aries_cloudagent.storage.error.StorageNotFoundError: Record not found Acme | Acme | During handling of the above exception, another exception occurred: Acme | Acme | Traceback (most recent call last): Acme | File "/home/indy/aries_cloudagent/messaging/connections/handlers/connection_request_handler.py", line 27, in handle Acme | await mgr.receive_request(context.message, context.message_delivery) Acme | File "/home/indy/aries_cloudagent/messaging/connections/manager.py", line 335, in receive_request Acme | "No invitation found for pairwise connection" Acme | aries_cloudagent.messaging.connections.manager.ConnectionManagerError: No invitation found for pairwise connection

raj_shekhar (Mon, 26 Aug 2019 09:25:36 GMT):
Hi @swcurran While adding acme controller to the Aries python agent alice -faber demo I am getting below error while connecting to acme from alice. first time when I acme dosnt respond but second time it throws below error-- Acme | 2019-08-26 09:16:28,002 aries_cloudagent.messaging.base_handler ERROR Error receiving connection request Acme | Traceback (most recent call last): Acme | File "/home/indy/aries_cloudagent/messaging/connections/manager.py", line 331, in receive_request Acme | self.context, connection_key, ConnectionRecord.INITIATOR_SELF Acme | File "/home/indy/aries_cloudagent/messaging/connections/models/connection_record.py", line 171, in retrieve_by_invitation_key Acme | return await cls.retrieve_by_tag_filter(context, tag_filter) Acme | File "/home/indy/aries_cloudagent/messaging/models/base_record.py", line 207, in retrieve_by_tag_filter Acme | cls.RECORD_TYPE, tag_filter Acme | File "/home/indy/aries_cloudagent/storage/base.py", line 217, in fetch_single Acme | raise StorageNotFoundError("Record not found") Acme | aries_cloudagent.storage.error.StorageNotFoundError: Record not found Acme | Acme | During handling of the above exception, another exception occurred: Acme | Acme | Traceback (most recent call last): Acme | File "/home/indy/aries_cloudagent/messaging/connections/handlers/connection_request_handler.py", line 27, in handle Acme | await mgr.receive_request(context.message, context.message_delivery) Acme | File "/home/indy/aries_cloudagent/messaging/connections/manager.py", line 335, in receive_request Acme | "No invitation found for pairwise connection" Acme | aries_cloudagent.messaging.connections.manager.ConnectionManagerError: No invitation found for pairwise connection

StefanK (Mon, 26 Aug 2019 09:32:28 GMT):
what does /connections in swagger say ? of the acme agent but anyway i think i had the same error with not responding maybe, its only a assumption that you dont have the autoflags in acme enabled, the demo needs that as i assume it right ^^'..

StefanK (Mon, 26 Aug 2019 09:32:28 GMT):
what does /connections in swagger say ? of the acme agent but anyway i think i had the same error with not responding cli, maybe its only a assumption that you dont have the autoflags in acme enabled, the demo needs that as i assume it right ^^'..

StefanK (Mon, 26 Aug 2019 09:36:24 GMT):
look at the faber script there must somewhere the --auto-accept-requests --auto-accept-invites and so on

StefanK (Mon, 26 Aug 2019 09:37:18 GMT):
but iam not sure if thats the problem but its worth to test it ^^

raj_shekhar (Mon, 26 Aug 2019 09:39:50 GMT):
yeah it is missing..... I am trying by adding it..... will update ,,, thanks :)

raj_shekhar (Mon, 26 Aug 2019 09:51:25 GMT):
it got connected but if we have connected earlier then on later request it it throwing exception... looks like not handled in code

StefanK (Mon, 26 Aug 2019 10:10:55 GMT):
well thats good, that means they can talk to each other, what i did was to differ from faber to acme. Dont know anymore if i got it working but it should be the same process wasnt it ? The thing is, if its working for faber it have to for acme ;) but yes its not that easy

raj_shekhar (Mon, 26 Aug 2019 10:12:47 GMT):
so far with some compromises, I am able to achieve that,,,, :)

george.aristy (Mon, 26 Aug 2019 17:30:08 GMT):
@TelegramSam can I suggest we include this issue in the next agenda? https://github.com/hyperledger/aries-rfcs/issues/104

swcurran (Mon, 26 Aug 2019 18:37:35 GMT):
Just getting online now. Sounds like you are making progress. Success yet?

smithsamuelm (Mon, 26 Aug 2019 19:31:22 GMT):
= +1 to @george.aristy comment. I added s Comment to github iddue

StefanK (Mon, 26 Aug 2019 21:41:25 GMT):
@swcurran or @andrew.whitehead I got to the point when i want to issue a credential, i use /credential_exchange/send on Agent1, for Agent2 i say /credential_exchange/{credential_exchnage_id}/store and get the following error, i dont get whats the problem ^^.. it needs to be in issued state doesnt it ? What i mean is STATE_CREDENTIAL_RECIEVED isnt the endstate isnt it ? 2019-08-26 23:29:58,359 aiohttp.server ERROR Error handling request Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/usr/local/lib/python3.6/dist-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/messaging/credentials/routes.py", line 461, in credential_exchange_store credential_exchange_record.state == CredentialExchange.STATE_CREDENTIAL_RECEIVED AssertionError

tplooker (Mon, 26 Aug 2019 22:00:35 GMT):
+1 to @george.aristy I would like to be involved in this conversation but I will miss the first 30-40mins of this meeting this week

tplooker (Mon, 26 Aug 2019 22:00:35 GMT):
+1 to @george.aristy comment I would like to be involved in this conversation but I will miss the first 30-40mins of this meeting this week

tplooker (Mon, 26 Aug 2019 22:00:35 GMT):
+1 to @george.aristy comment I would like to be involved in this conversation but I will miss the first 30-40mins of the meeting this week

smithsamuelm (Mon, 26 Aug 2019 22:28:38 GMT):
In working through the swagger api the id on both sides of a connection or exchange are different for each side. While its possible to figure out merely do the order of events what responses belong to a given connection/exchange it seems like it would be much easier if the API included the ids from the other side. I could see this manual matchup getting really complicated if there were more than one agent talking at the same time. I assume (maybe this is a big assumption) that under the hood each agent is keeping track of the ids from the other side of any connection or exchange but only exposing in the API their side. It would be helpful to understand why only one side shows up in the API. After the incepting event both sides should have both sets of ids or am I missing something fundamental here?

smithsamuelm (Mon, 26 Aug 2019 22:28:38 GMT):
In working through the swagger api the id on both sides of a connection or exchange are different for each side. While its possible to figure from the order of events what responses belong to a given connection/exchange it seems like it would be much easier if the API included the ids from the other side. Indeed its somewhat tedious if there are multiple exchanges etc. I fear that this manual matchup would be error prone and could get really complicated and problematic if there were more than one agent talking at the same time. I assume (maybe this is a big assumption) that under the hood each agent is keeping track of the ids from the other side of any connection or exchange but only exposing in the API their side. It would be helpful to understand why only one side shows up in the API. After the incepting event both sides should have both sets of ids or am I missing something fundamental here?

andrew.whitehead (Tue, 27 Aug 2019 01:47:57 GMT):
The connection protocol does not include connection IDs, those are only used internally by the agent and with their controller, and not shared over didcomm. Each connection record does contain the (likely pairwise) DIDs used by both sides though.

raj_shekhar (Tue, 27 Aug 2019 04:14:04 GMT):
diff timezones :grimacing: @swcurran , I am able to add the third party in the demo(acme) and its working, I open one issue also in github and propose few modifications in demo code.

raj_shekhar (Tue, 27 Aug 2019 04:15:56 GMT):
I am looking for resources to understand more about the api which we call to handle presentation, verification and other purposes...... Can you please suggest any?

vitoroliveira (Tue, 27 Aug 2019 12:19:21 GMT):
Hi guys, how i can run swagger API with aca-py? I tried to follow the tutorial by the following commands: `./scripts/run_docker start --inbound-transport http 0.0.0.0 10000 --outbound-transport http Von-network ./manage build ./manage start ` Running the `docker ps` i get this: `aries-cloudagent-runner von_node1_1 von_node2_1 von_node3_1 von_node4_1 von_webserver_1` accessing localhost:9000 i get the Von Ledger web page. But i don't know how i can access the swagger API equals demo Alice

sukalpomitra (Tue, 27 Aug 2019 12:21:33 GMT):
BROWSE TO http://localhost:5000

vitoroliveira (Tue, 27 Aug 2019 12:24:51 GMT):
I edit my question, could you please read again?

sukalpomitra (Tue, 27 Aug 2019 12:31:42 GMT):
are you not getting the swagger url at localhost:5000?

vitoroliveira (Tue, 27 Aug 2019 12:33:08 GMT):
I tried but doesn't open, connection refused, Have any special arg to pass?

sukalpomitra (Tue, 27 Aug 2019 12:33:09 GMT):
if not please check if u have added the following params while starting aca-py --admin 0.0.0.0 5000

vitoroliveira (Tue, 27 Aug 2019 12:50:26 GMT):
Thanks for your answer, solved my problem. i forgot the params. my command line to up the swagger was that: `./scripts/run_docker start --inbound-transport http 0.0.0.0 10000 --outbound-transport http --admin 0.0.0.0 5000 --admin-insecure-mode `

vitoroliveira (Tue, 27 Aug 2019 12:52:42 GMT):
One more question, How can i run in secure-mode ? i don't know what is the API KEY

MALodder (Wed, 28 Aug 2019 03:04:16 GMT):
Found an interesting paper on routing that could be used by agents https://arxiv.org/abs/1703.00536

troyronda (Wed, 28 Aug 2019 13:52:22 GMT):
FYI: we are hosting daily status meetings for aries-framework-go at 10am (eastern time) weekdays. This meeting is in the style of standup for regular contributors to give an update. We also have separate weekly contributor planning meetings and are also thinking about a less formal session if there becomes interest.

troyronda (Wed, 28 Aug 2019 13:57:37 GMT):
https://wiki.hyperledger.org/display/ARIES/Framework+Go+Meetings

TelegramSam (Wed, 28 Aug 2019 14:46:35 GMT):
you'll need to add a few arguments to enable the REST interface.

swcurran (Wed, 28 Aug 2019 20:47:40 GMT):
Follow up to the discussion today. The "extra" fields in the did:key DIDDoc are NOT in the JSON-LD context. Using the URL that was referenced (https://w3id.org/did/v1) resolves to this - https://w3c-ccg.github.io/did-spec/contexts/did-v1.jsonld and none of those fields (`assertionMethod`, `capabilityDelegation`, `capabilityInvocation` and `keyAgreement`) are in that context document. So - @drummondreed no need to panic about the context - the list looks reasonable. @tplooker - great if at RWoT you could get the did:key to resolve to (IMHO) just this: ``` { "@context": "https://w3id.org/did/v1", "id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "publicKey": [ { "id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "type": "Ed25519VerificationKey2018", "controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "publicKeyBase58": "B12NYF8RrR3h41TDCTJojY59usg3mbtbjnFs7Eud1Y6u" } ], "authentication": [ "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH" ] } ```

swcurran (Wed, 28 Aug 2019 20:47:40 GMT):
Follow up to the discussion today. The "extra" fields in the did:key DIDDoc are NOT in the W3C DID Spec JSON-LD context. Using the URL that was referenced (https://w3id.org/did/v1) resolves to this - https://w3c-ccg.github.io/did-spec/contexts/did-v1.jsonld and none of those fields (`assertionMethod`, `capabilityDelegation`, `capabilityInvocation` and `keyAgreement`) are in that context document. So - @drummondreed no need to panic about the context - the list looks reasonable. @tplooker - great if at RWoT you could get the did:key to resolve to (IMHO) just this: ``` { "@context": "https://w3id.org/did/v1", "id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "publicKey": [ { "id": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "type": "Ed25519VerificationKey2018", "controller": "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH", "publicKeyBase58": "B12NYF8RrR3h41TDCTJojY59usg3mbtbjnFs7Eud1Y6u" } ], "authentication": [ "did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH" ] } ```

tplooker (Wed, 28 Aug 2019 20:58:04 GMT):
Ah sorry I think the confusion is because did/v1 means a veres one did not version one? 😂

tplooker (Wed, 28 Aug 2019 20:58:36 GMT):
So the context is a non standard did context

swcurran (Wed, 28 Aug 2019 21:03:46 GMT):
In the DID Spec itself, the context is https://www.w3.org/2019/did/v1, which doesn't resolve at all.

swcurran (Wed, 28 Aug 2019 21:04:05 GMT):
But the one that does resolve, does not include those fields.

swcurran (Wed, 28 Aug 2019 21:04:05 GMT):
But the one that does resolve, does not include those elements.

Alexi (Wed, 28 Aug 2019 21:33:28 GMT):
Is there a current discussion (possibly RFC?) that is currently open about what the standard for an SSI mobile app URI/URL scheme is (i.e deep linking)? For application developers that would like to have functionality with all mobile wallets and not just a specific one this standard would be very useful (would also open up any mobile wallets being made to be used in the space without restriction).

swcurran (Wed, 28 Aug 2019 23:04:01 GMT):
This was discussed on an Aries call, but I missed it. We (BC Gov) are very interested in getting this resolved. AFAIK, we can do something like define a URL starting with didcomm://... (or something, maybe aries://....), and Aries mobile agents would register to handle that. That process works smoothly on Android and works, but not as smoothly on IOS (not sure what the issue is, but's inflicted by Apple).

swcurran (Wed, 28 Aug 2019 23:14:44 GMT):
Related to the threading discussion from this morning's Aries call. In our performance tests, we've found that pack() is the major bottleneck. Has any work been done into the performance of that code? Any likely easy wins? @kdenhartog @esplinr

kdenhartog (Wed, 28 Aug 2019 23:16:58 GMT):
This is interesting and I don't have an answer at this point. How are you testing this? Could I test authcrypt/anoncrypt API calls as well to see if they're faster, slower, or similar?

swcurran (Wed, 28 Aug 2019 23:20:12 GMT):
We're using ACA-Py in a script to issue and receive 300 credentials. @andrew.whitehead is going to determine exactly the amount spent in pack. It looks like we can horizontally scale to get more throughput, but it still would be nice to reduce pack() as it seems to be a significant bottleneck.

StefanK (Thu, 29 Aug 2019 08:55:47 GMT):
Hey Folks, can someone tell me what's this method for ? /connections/{id}/establish-inbound/{ref_id} Which cases is it good for ? Using the connection_id for doing stuff seem enough right now. Ok i tested with my controllers only with connection establishment. Doing of issuing credentials now and schma / definition at the moment. Could it be i need it sometime ?

StefanK (Thu, 29 Aug 2019 08:55:47 GMT):
Hey Folks, can someone tell me what's this method for ? /connections/{id}/establish-inbound/{ref_id} Which cases is it good for ? Using the connection_id for doing stuff seem enough right now. Ok i tested with my controllers only with connection establishment. Issuing credentials and schma / definition is what i working on at the moment. Could it be i need it sometime ? *in swagger

StefanK (Thu, 29 Aug 2019 08:55:47 GMT):
Hey Folks, can someone tell me what's this method for ? /connections/{id}/establish-inbound/{ref_id} Which cases is it good for ? Using the connection_id for doing stuff seem enough right now. Ok i tested with my controllers only with connection establishment. Issuing credentials and schma / definition is what i working on at the moment. Could it be i need it sometime ? just thought about it *in swagger

sklump (Thu, 29 Aug 2019 12:52:37 GMT):
@StefanK It looks like it populates pairwises DIDs/verkeys in the connection record for communications along the channel

sklump (Thu, 29 Aug 2019 12:52:37 GMT):
@StefanK It looks like it populates pairwises DIDs/verkeys in the connection record for communications along the channel.

TelegramSam (Thu, 29 Aug 2019 13:21:41 GMT):
The discussion was mostly focused on how to handle invitations, not mesages generically. The problem arises when a user receives such a URI without a mobile agent.

TelegramSam (Thu, 29 Aug 2019 13:21:59 GMT):
For invitations specifically, we might want to avoid deep linking.

TelegramSam (Thu, 29 Aug 2019 13:22:13 GMT):
For all other use cases, we should probably define something.

TelegramSam (Thu, 29 Aug 2019 13:22:27 GMT):
(Also, maybe too in the invite case....)

dbluhm (Thu, 29 Aug 2019 13:33:10 GMT):
Identity WG Implementers Call will be happening in about an hour and half! Agenda: https://wiki.hyperledger.org/x/MSD5 We will have our project updates with a more in depth update on the Aries SDK Architecture discussions. If you have other topics you would like to add to the agenda, feel free to edit the agenda yourself or contact me or @nage.

Alexi (Thu, 29 Aug 2019 13:54:12 GMT):
Do you know which aries call this was so I can look at the notes? The problem where a user does not have a mobile agent for invitations does not seem like much of a problem to me. Would be the same if an invitation is presented in QR form without a mobile agent its not much use, and as such an invitation can be presented in various forms this is up to the application developers to work through. But having a universal SSI URI is a definite benefit to the space as a whole

TelegramSam (Thu, 29 Aug 2019 13:55:54 GMT):
Meeting recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16325760

MALodder (Thu, 29 Aug 2019 14:44:20 GMT):
I have some questions about RFC 0036 and RFC0037. Can I send proofs to the issuer as described in 0037 as part of the credential request in 0036?

MALodder (Thu, 29 Aug 2019 14:46:10 GMT):
For example, In the ZKP case I want to blind some attributes from the Issuer and must include a proof of blinding correctness at the minimum. But the issuer might also require a proof from another credential and need to send both of these as part of the credential request

MALodder (Thu, 29 Aug 2019 14:46:51 GMT):
If the issuer handles all proving in the physical world with no digital proof requirements, I still need to do the proof of blinding correctness

MALodder (Thu, 29 Aug 2019 14:48:09 GMT):
Would I send these as two separate messages as part of the threading sub protocol or is there a better method?

swcurran (Thu, 29 Aug 2019 15:25:15 GMT):
@andrew.whitehead - can you please respond to this one?

swcurran (Thu, 29 Aug 2019 15:46:42 GMT):
Through some clever detective work :-) I determined that it was the June 5th Aries WG Meeting. It was Tomislav Markovski that led the conversation I believe.

domwoe (Thu, 29 Aug 2019 20:09:10 GMT):
AFAICT the aries cloudagent does only support anonymous credentials and not JWT-style Verifiable Credentials. Is there a reason for this? In particular for the OrgBook Case wouldn't JWT-style VCs suffice?

TelegramSam (Thu, 29 Aug 2019 20:14:15 GMT):
It doesn't support JWT credentials _yet_. That is not only the desire, but plans are being made. Leaving the comparison of ZKPs and JWT style VCs aside, the Goal of Aries is to support any and all DIDs, credentials, etc. supported in the larger community.

TelegramSam (Thu, 29 Aug 2019 20:21:31 GMT):
The last two days, Ken shared some thoughts and proposals in community meetings about the architecture of the future Aries SDK as the Indy parts are split between Aries specific functions and the Indy specific resolver that can plug into it. I know Ken speaks with a calming, assuring voice and rocks a very authoratitive beard, but please don't misconstrue his proposals as anything more than he intended. They were shared for the purpose of gathering feedback on the approach and as a community contribution. Next steps involve some experimental code that will help us see the effects of those design choices. That code, and the design as a whole, is not only open to community feedback but NEEDS it. There is absolutely nothing final about what was shared. If you see problems with the approach in any way, please speak up and help the effort to arrive at the best possible solution.

dbluhm (Thu, 29 Aug 2019 20:38:42 GMT):
Link to the slides used during those presentations: https://docs.google.com/presentation/d/1ODtHCeB6x7yVGfhyJHFUKn0f070sqZXhff1C8M7jfTY/edit?usp=sharing Feel free to comment there as well

cam-parra (Thu, 29 Aug 2019 21:29:56 GMT):
I know my team would benefit from having a discussion on this topic. Are there any others who are interested in joining this discussion?

andrew.whitehead (Thu, 29 Aug 2019 21:53:30 GMT):
This method is used to establish an inbound route using the draft routing protocol. ref_id represents an connection to an agent that supports the protocol, as aca-py does

swcurran (Thu, 29 Aug 2019 22:06:24 GMT):
As far as the OrgBook use case, agreed that AnonCreds are not crucial for a Credential Registry with public credentials. A big part of why we used Indy was that there weren't any other available solutions when we started. However, another reason for creating OrgBooks is to enable Issuers that deal in verifiable credentials, so that when Orgs (and people) with wallets show up, the issuer is ready to provide them directly to the Holder. In those cases, the Issuer may want to give the Holder anoncred capabilities.

esplinr (Thu, 29 Aug 2019 23:51:51 GMT):
Very interesting. We haven't done SDK performance testing since before pack/unpack replaced msgpack.

StefanK (Fri, 30 Aug 2019 04:48:54 GMT):
draft routing protocol <- is this something special ? sry, i dont get it..

StefanK (Fri, 30 Aug 2019 04:52:15 GMT):
as first i thought it just introduce a new inbound from another agent ilets say i have agent 1 2 3. 1 talks with 2 and well 1 or 3 can excute that to intrduce a the inbound to 1 to 3. But that seems somhow useless since i can use the connection_id to just make requests for a connection which x to x is known through the connection_id

StefanK (Fri, 30 Aug 2019 04:52:15 GMT):
as first i thought it just introduce a new inbound from another agent lets say i have agent 1 2 3. 1 talks with 2 and well 1 or 3 can excute that to intrduce a new inbound from 1 to 3. But that seems somhow useless since i can use the connection_id to just make requests for a connection which x to x is known through the connection_id

StefanK (Fri, 30 Aug 2019 04:55:22 GMT):
or this have nothin to do with the admin api just the sockets ?

Zohaib_Sohail (Fri, 30 Aug 2019 09:26:04 GMT):
is revocation supported in aries? if not then expected timeline for revocation?

pknowles (Fri, 30 Aug 2019 14:35:35 GMT):
I'm sure it will in the not-too-distant future. https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0167-data-consent-lifecycle/README.md

swcurran (Fri, 30 Aug 2019 15:32:40 GMT):
We're in the process of implementing it in Aries Cloud Agent Python. Should be in the next release or two in the next few weeks.

swcurran (Fri, 30 Aug 2019 15:39:24 GMT):
This is about mediators and being able to tell someone sending me a message - you need to encrypt the message multiple times (encryption inside encryption...) and sent to this endpoint. The message will then be passed through multiple agents before it gets to me, with each agent decrypting it's layer. This is described here: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0094-cross-domain-messaging Look at the `RoutingKeys` array for the concept being described here. To implement that, the agents in your domain need to coordinate the keys and endpoints to use for passing the messages.

swcurran (Fri, 30 Aug 2019 15:39:47 GMT):
About mediators - see this: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0046-mediators-and-relays

StefanK (Fri, 30 Aug 2019 15:41:15 GMT):
thx for that, i will have a look at this. :)

StefanK (Fri, 30 Aug 2019 15:42:11 GMT):
btw, another thing an more importeant case for my these, is it possible with aries to issue a credential to myself right now ?

StefanK (Fri, 30 Aug 2019 15:42:11 GMT):
btw, another thing a more importeant case for my these, is it possible with aries to issue a credential to myself right now ?

StefanK (Fri, 30 Aug 2019 15:42:11 GMT):
btw, another thing a more important case for my these.., is it possible with aries to issue a credential to myself right now ? The usecase could be the milage of a car. Or lets say i every time i start my car and stop it i need to issue the count of the driven miles / kilometers

swcurran (Fri, 30 Aug 2019 16:15:43 GMT):
Yes, you can do that. Although I would question whether that is to yourself. That is likely issued from a device to you, where the device could have been certified by an outside party to be trusted for what it issues. E.g. a standards organization could certify the device meets the "start and stop vehicle" standard and so it's credentials can be trusted.

swcurran (Fri, 30 Aug 2019 16:15:43 GMT):
Yes, you can do that. Although I would question whether that is issuing to yourself. That is likely issued from a device to you, where the device could have been certified by an outside party to be trusted for what it issues. E.g. a standards organization could certify the device meets the "start and stop vehicle" standard and so it's credentials can be trusted.

Alexi (Fri, 30 Aug 2019 19:33:37 GMT):
the work you guys are doing with aca-py is awesome!

swcurran (Fri, 30 Aug 2019 21:23:31 GMT):
I notice that the CII badge on the Aries Hyperledger Wiki page (https://wiki.hyperledger.org/display/ARIES/Hyperledger+Aries) has a "not started" status. Given the structure of Aries, when can we change that? For example, ACA-Py has pretty much complete CI - a test suite, static code analysis, unit tests, etc. Is that enough for updating the overall Aries badge?

Zohaib_Sohail (Sun, 01 Sep 2019 17:21:59 GMT):
@swcurran can you please tell me how can I revoke a credential means steps required/flow to revoke a credential, any document/sample code in indy?

swcurran (Sun, 01 Sep 2019 17:24:22 GMT):
Best overview of the mechanism is here - https://github.com/hyperledger/indy-hipe/tree/master/text/0011-cred-revocation Best implementation to date is in von-anchor - start here: https://von-anchor.readthedocs.io/en/latest/von_anchor/revocation-and-tails-files.html

swcurran (Sun, 01 Sep 2019 17:25:03 GMT):
ACA-Py will borrow heavily from the von-anchor implementation, including having a tails server that we (BC Gov) will deploy.

swcurran (Sun, 01 Sep 2019 17:26:14 GMT):
The elimination of the tails file mechanism is the important upgrade to revocation in anoncreds 2.0. Instead of a tails file, a merkle tree rooted in the ledger will be used.

lucafra (Mon, 02 Sep 2019 10:11:54 GMT):
Hi All, I would like to have a Mobile Edge Agent based on react that will interact with the Aries Cloud Agent. The projects in Txamarin is not a good option because of the knowledge of the team. Is there already a codebase for the Aries Cloud Agent Controller? I would like to bootstrap a Mobile Edge Agent. As far as I understand, the main features would be a wallet and a REST API integration with the ACA-PY. Is there some code, documentation or resources I could use to build this solution?Thanks!

lucafra (Mon, 02 Sep 2019 10:11:54 GMT):
Hi All, I would like to have a Mobile Edge Agent based on React Native that will interact with the Aries Cloud Agent. The projects in Txamarin is not a good option because of the specific knowledge of our team. Is there already a codebase for the Aries Cloud Agent Controller? I would like to bootstrap a Mobile Edge Agent. As far as I understand, the main features would be a wallet and a REST API integration with the ACA-PY. Is there some code, documentation or resources I could use to build this solution?Thanks!

lucafra (Mon, 02 Sep 2019 10:11:54 GMT):
Hi All, I would like to have a Mobile Edge Agent based on React Native that will interact with the Aries Cloud Agent. The projects in Txamarin are not a good option for us, because of the specific knowledge of our team. Is there already a codebase for the Aries Cloud Agent Controller? I would like to bootstrap a Mobile Edge Agent. As far as I understand, the main features would be a wallet and a REST API integration with the ACA-PY. Is there some code, documentation or resources I could use to build this solution?Thanks!

lucafra (Mon, 02 Sep 2019 10:11:54 GMT):
Hi All, I would like to have a Mobile Edge Agent based on React Native that will interact with the Aries Cloud Agent. The projects based on Txamarin are not a good option for us, because of the specific knowledge of our team. Is there already a codebase for the Aries Cloud Agent Controller? I would like to bootstrap a Mobile Edge Agent. As far as I understand, the main features would be a wallet and a REST API integration with the ACA-PY. Is there some code, documentation or resources I could use to build this solution?Thanks!

sergey.minaev (Mon, 02 Sep 2019 13:11:40 GMT):
@swcurran @andrew.whitehead there is some kind of load test for authcrypt/anoncrypt that can be parameterized https://github.com/hyperledger/indy-sdk/blob/master/libindy/tests/crypto.rs#L643 I think you can easily adopt it for pack/unpack and I hope it may be useful in your benches to check not only python level but the library level as well

danielhardman (Mon, 02 Sep 2019 14:53:14 GMT):
For anyone who is interested, I've been trying to get some folks together to confer a bit about a dependency management strategy among Aries libraries down at the core level (not at the framework level). I've reached out to the people who own the community calendar to get it listed there, but I don't know if they'll list it in time, so I also wanted to mention it here. The meeting is entitled "Aries Dependency Architecture" and will be held Tue at 1930 Central Europe Time, 1130 US Mountain Time, at zoom link https://zoom.us/j/8013612445 This is a discussion about the internal dependency management strategy between libraries in Aries. It relates to the email thread that we started a few days ago. Diagram that will be useful: https://github.com/hyperledger/indy-sdk/blob/master/docs/architecture/libindy_layers.md#layers-interaction

StefanK (Mon, 02 Sep 2019 15:13:55 GMT):
Hey i tried now to create a self certified credential. Well what i have done is to create a connection with myself and that seems fine. But if i try to create a credential offer request issue process .. thats the only thing i have in swagger .. i get the following error by requesting the credenntial cls.RECORD_TYPE, tag_filter File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/storage/base.py", line 219, in fetch_single raise StorageDuplicateError("Duplicate records found") aries_cloudagent.storage.error.StorageDuplicateError: Duplicate records found Well i mean yes thats maybe about the same wallet with the sent recieve request etc logs .. well i think i do some mistake here from the beginning maybe .. How exactly can i self certify a credential for myself :) Yes and you may be right about the device wich certify a credential but my case is that i have a device in a car that certify itself that its driven some miles.

swcurran (Mon, 02 Sep 2019 17:34:10 GMT):
The challenge with approach that is the ACA-Py agent would not be on the mobile platform, which is a questionable approach for securing the keys. @andrew.whitehead might have additional input on that. For documentation, you can look in the /demo folder of the ACA-Py repo. In particular, there is an OpenAPI demo that shows the full API exposed by ACA-Py for the controller to use. Within the docs folder is the "getting started" guide that has lots of material that you can review or skip based on your knowledge of the Indy/verifiable credentials space. You also have to pay attention to the webhook data sent to the controller as events occur. Examples to this point have mostly been Web frameworks - django and Java.

swcurran (Mon, 02 Sep 2019 21:42:01 GMT):
@nbrempel is working on this as well, but from a proof standpoint. Our application (indy-catalyst) needs to ask itself for a proof and respond to it. Nick is implementing that much as you have done here - the controller uses the agent to connect and then uses the connection for the proof. I'm not sure how issuing a credential would be different, but I wouldn't think it would be too much. Nick, any thoughts? Any code to point to how you are doing the proof? NOTE - Nick ran into a missing feature in Indy related to the specific proof he is doing. Shouldn't affect the DIDComm pieces (messaging with yourself), but it means he doesn't have a full implementation.

Zohaib_Sohail (Tue, 03 Sep 2019 08:21:39 GMT):
what should be done to connection once we have sent/received the credential? should it be removed or left as it is? @andrew.whitehead

lucafra (Tue, 03 Sep 2019 08:52:52 GMT):
ok thanks for your answer. The idea is to have the ACA-PY on the cloud, but allowing users to manage the permissions of their cloud agent through their Mobile Edge Agent. The Mobile Edge Agent would be just. a way for the user to control the permissions of the Cloud Agent and the flow of information that this Cloud Agent is managing. The keys stored on the mobile phone would be just the keys related to identification of the mobile phone to the cloud agent, and related to the control of the Cloud Agent.The Cloud Agent would manage all the other keys(related to other agents, services, issuers, holders and so on..). If mobile is lost or robbed, a cold-storage secret key can be used for recovery, as well as social recovery(key sharding). As far as I understand for your answer, a HTTP/JSON API can be implemented based on the exposed endpoints of the OPEN API/ SWAGGER: this would allow the user to post request to their Cloud Agent, while receiving events through Webhooks.

StefanK (Tue, 03 Sep 2019 09:13:03 GMT):
@swcurran @nbrempel somehow i cant anser in the old thread whatever why o.O RE: the controller uses the agent to connect and then uses the connection for the proof. I'm not sure how issuing a credential would be different, but I wouldn't think it would be too much. ---- What I did was: 1. establish a connection with mysef. 2. send offer to myself 3. got a sent_offer received_offer the same time. 4. take the credential exchange_id of the received_offer 5. send a credential request with the credential_exchange_id of the received entry 6. error as showed ..

StefanK (Tue, 03 Sep 2019 09:18:39 GMT):
i will setup an agent that you can have a look what was done :thumbsup:

wangdong (Tue, 03 Sep 2019 09:26:35 GMT):
`eaca-py provision --wallet-type indy --seed $SEED`

wangdong (Tue, 03 Sep 2019 09:26:51 GMT):
with this command, how can get the seed as a agent?

wangdong (Tue, 03 Sep 2019 09:26:51 GMT):
with this command, how can get the SEED as a agent?

wangdong (Tue, 03 Sep 2019 09:28:11 GMT):
Is it generated or just can be speicified by myself with respecint some rules?

StefanK (Tue, 03 Sep 2019 10:30:58 GMT):
As i look into the records, offer_receive record seems edited or removed by executing of the credential request.

swcurran (Tue, 03 Sep 2019 15:55:25 GMT):
You can set it yourself. It must be 32 characters long.

nbrempel (Tue, 03 Sep 2019 17:06:37 GMT):
Hi @StefanK, I believe you are experiencing a bug that was recently fixed. Issuing credentials and sending proof from an agent back to itself caused the duplicate record error you are seeing.

nbrempel (Tue, 03 Sep 2019 17:06:48 GMT):
https://github.com/hyperledger/aries-cloudagent-python/pull/161/files

nbrempel (Tue, 03 Sep 2019 17:07:15 GMT):
If you are using 0.3.1, can you try building from master to see if that solves it?

TelegramSam (Tue, 03 Sep 2019 21:16:49 GMT):
Tomorrow during our normally scheduled call, we will have an 'Ask us Anything' Community Questions segment. We will do our best to field answers to all of your questions.

TelegramSam (Wed, 04 Sep 2019 19:03:01 GMT):
Aries WG Call on now: https://wiki.hyperledger.org/pages/viewpage.action?pageId=16326726

TelegramSam (Wed, 04 Sep 2019 20:24:24 GMT):
https://medium.com/decentralized-identity/rhythm-and-melody-how-hubs-and-agents-rock-together-ac2dd6bf8cf4

swcurran (Thu, 05 Sep 2019 00:30:41 GMT):
Do we have any other names for the messaging protocols that we are using than: 1. The DIDComm Protocol is the mechanism for sending messages from one edge agent to another edge agent irresepective of the message content. 2. DIDComm Protocols are the definition of roles, messages, and state to accomplish some shared goal. In the first, you only care about message delivery, in the second, you only care about message content. Do we have names for those two things? Can we define names for those things? The subtle "s" at the end of the second word seems to be an insufficient differentiator. Probably needs to be an issue in aries-rfcs. @danielhardman @TelegramSam @tplooker @troyronda @kdenhartog

danielhardman (Thu, 05 Sep 2019 05:55:49 GMT):
I recently updated RFC 0003: Protocols to discuss this issue a little. I think the verbiage I added helped a little bit, but it still did not introduce crisp terms. Here is what I wrote: ``` In the context of decentralized identity, protocols manifest at many different levels of the stack: at the lowest levels of networking, in cryptographic algorithms like Diffie Helman, in the management of DIDs, in the conventions of DIDComm, and in higher-level interactions that solve problems for people with only minimal interest in the technology they're using. However, this RFC focuses on the last of these layers, where use cases and personas are transformed into features with obvious social value like: Connecting with one another Buying and Selling Negotiating Enacting and enforcing contracts Requesting and issuing credentials Proving things using credentials Discovering things Putting things in escrow (and taking them out again) Scheduling Auditing Reporting errors Cooperative debugging When "protocol" is used in an Aries context without any qualifying adjective, it is referencing a recipe for a high-level interaction like these. Lower-level protocols are usually described more specifically and possibly with other verbiage: "cryptographic algorithms", "DID management procedures", "DIDComm conventions", "wire-level message exchange", "transports", and so forth. This helps us focus "protocol" on the place where application developers that consume Aries do most of the work that creates value. ``` I would like to float the following terms: **Application-Level Protocols** for the high-level protocols that RFC 00003 describes, that we mostly intend when we use "protocol" without any adjective. **The DIDComm Protocol** or just **DIDComm** for the collection of conventions that is used as a foundation by all Application-Level Protocols.

iainbarclay (Thu, 05 Sep 2019 13:55:32 GMT):
A quick comment on this - the text "this RFC focuses on the last of these layers" - it wasn't really clear to me which was the last of the layers, though I would interpret it as the "application-level protocols". Its also a little unclear if "higher-level interactions that solve problems for people with only minimal interest in the technology they're using" refers to the end-users of the solutions, or to the application developers (who I guess are "application protocol users") - if the latter, I (as one of these people) would suggest that there is a strong interest in the technology, but the focus of the role is to understand the application level protocols in order to deliver the solution. Does that help at all?

smithsamuelm (Thu, 05 Sep 2019 14:10:12 GMT):
Another term is interaction but that maybe not specific enough.

Thomas_the_Consultant (Thu, 05 Sep 2019 17:28:52 GMT):
I picked up an impression from somewhere that it's possible to configure `aca-py` as a relay agent just doing store-and-forward for edge agents running on smartphones etc. Am I correct, and is this easy to do? If so, how?

swcurran (Thu, 05 Sep 2019 17:53:56 GMT):
I like "Interaction Protocols" better than Application-Level Protocols, but am OK with either. I'm good with going with just "DIDComm".

swcurran (Thu, 05 Sep 2019 17:54:19 GMT):
Good points @iainbarclay! That's helpful feedback.

swcurran (Thu, 05 Sep 2019 17:59:57 GMT):
I would say it is easy, but there is work to be done in doing that. I'm not sure if anyone has an open source repo created with a controller that does this. I think @sukalpomitra has done that already, and he might share some thoughts on this. @tomislav has also done a version of this with aries-framework-dotnet. The recent RFCs (last couple of days) that @TelegramSam proposed talk about the concepts for doing that - handling the queuing of message for the smartphone-based edge agent. The routing RFC is also relevant, as it shows what the cloud and edge agents have to coordinate to put into the service endpoint fields, particular the RoutingKeys array.

george.aristy (Thu, 05 Sep 2019 20:58:06 GMT):
In which RFC is the `Forward` message defined?

george.aristy (Thu, 05 Sep 2019 21:00:31 GMT):
Found it: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0094-cross-domain-messaging

StefanK (Fri, 06 Sep 2019 11:54:54 GMT):
@nbrempel yep that was the problem, haha didn't thought that iam that near on the bleeding edge.

zixian5 (Fri, 06 Sep 2019 12:49:46 GMT):
HI ,guys .Who has implemented the agent himself or has the code about indy-agent

sklump (Fri, 06 Sep 2019 13:55:16 GMT):
Unfortunately this filter is no good for v1.0 of these interactions: under Aries#0036/37, either party can initiate.

sklump (Fri, 06 Sep 2019 14:07:34 GMT):
I think the workaround for this case would be in the manager, to null out the proposal in the credential exchange record if the originator was self (i.e., it's a free offer not a bound offer) once it creates the credential offer. Then the search can look for the absence of the credential proposal as a substitute for the initiator=self. There are a few ways into this method, so there might be some dancing about, which smacks of wrongness. Unit tests ought to cover the use cases.

sklump (Fri, 06 Sep 2019 14:07:34 GMT):
I think the workaround for this case would be in the manager, to null out the proposal in the [credential, presentation] exchange record if the originator was self (i.e., it's a free offer not a bound offer) once it creates the [credential offer, presentation request]. Then the search can look for the absence of the proposal as a substitute for the initiator=self. There are a few ways into the issue_credential.v1_0.manager::create_offer() method in particular and possibly its present_proof.v1_0.manager analogue, so there might be some dancing about, which smacks of wrongness. Unit tests ought to cover the use cases.

sklump (Fri, 06 Sep 2019 14:07:34 GMT):
I think the workaround for this case would be in the manager, to null out the proposal in the [credential, presentation] exchange record if the originator was self (i.e., it's a free offer not a bound offer) once it creates the [credential offer, presentation request]. I had built up the proposals (previews) to feed into subsequent Aries structures that used them. But once those are fleshed out, I suppose there is no reason to keep the originals around. Then the search can look for the absence of the proposal as a substitute for the initiator=self. There are a few ways into the issue_credential.v1_0.manager::create_offer() method in particular and possibly its present_proof.v1_0.manager analogue, so there might be some dancing about, which smacks of bad design. Unit tests ought to cover the use cases.

sklump (Fri, 06 Sep 2019 14:07:34 GMT):
I think the workaround for this case would be in the manager, to null out the proposal in the [credential, presentation] exchange record if the originator was self (i.e., it's a free [offer, request] not a bound one) once it creates the [credential offer, presentation request]. I had built up the proposals (previews) to feed into subsequent Aries structures that used them. But once those are fleshed out, I suppose there is no reason to keep the originals around. Then the search can look for the absence of the proposal as a substitute for the initiator=self. There are a few ways into the issue_credential.v1_0.manager::create_offer() method in particular and possibly its present_proof.v1_0.manager analogue, so there might be some dancing about, which smacks of bad design. Unit tests ought to cover the use cases.

sklump (Fri, 06 Sep 2019 14:19:18 GMT):
Or perhaps the initiator enum can take another value; i.e., initiator=auto to mean that the initiator and recipient are the same.

swcurran (Fri, 06 Sep 2019 17:21:13 GMT):
There are a number of implementations, particularly in the Hyperledger aries repos. What kind of agent are you looking for?

iainbarclay (Fri, 06 Sep 2019 18:45:45 GMT):
Hi - I noticed when going through the tutorials on the Aries cloud agent, and especially the Swagger/OpenAPI sections, that connection_id plays a significant role, more so than individual DIDs - is this a reasonable observation, and as an agent developer, should I keep a record of connection_ids as well as or instead of DIDs?

swcurran (Fri, 06 Sep 2019 21:30:02 GMT):
I think internally that connection_ids are the primary entity to track. Each represents a relationship/a connection that has DIDs for each party plus other metadata about the connection - possibly what I call the connection, what credentials I have issued from the connection, what proof requests the connection has asked me, what proofs the connection has provided me, basic messages to/from the connection, etc. It's a lot more than just the DIDs. We may even need to support reverse lookups of the public keys associated with the connection so that we can find the connection given a key.

drewau (Fri, 06 Sep 2019 23:06:49 GMT):
Hello! I've been looking into DID options for our mobile wallet, and Aries looks really compelling. Would anyone be interested in chatting a bit to see if it would address the use case I have in mind and helping me understand what it would take to implement?

zixian5 (Sat, 07 Sep 2019 03:32:11 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=NKpsPbzomnmQgTy4h) Thanks for reply . Python , Web and Complete implementation of the communication protocol will be the best

swcurran (Sat, 07 Sep 2019 03:53:48 GMT):
You probably want to start with aries-cloudagent-python https://github.com/hyperledger/aries-cloudagent-python - There is documentation linked from the readme that you can use to figure out how to use it. If you are interested in a dotnet implementation, you can look at aries-framework-dotnet for a library you can embed in an app for a mobile instance or for server based. You'll need to understand more about agents before you are ready to get going with a mobile agent.

zixian5 (Sat, 07 Sep 2019 13:05:06 GMT):
When i run this code(https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo) locally, i got this error indy.error.CommonInvalidState ., please help me

VenkateshSYS (Sat, 07 Sep 2019 13:05:14 GMT):
Hello Guys, From this url of hyperledger-indy demo, https://github.com/hyperledger/education/tree/master/LFS171x/indy-material/nodejs all the nodes and agents (which are static) are running in the docker container automatically when runs the docker-compose.yml file. Username and Password are defined in the docker-compose.yml file in the demo which is static process How to do the sign up functionality dynamically ?

swcurran (Sat, 07 Sep 2019 15:44:33 GMT):
That code base is a good demo of SSI, but is not really being looked at actively. If you plan on digging into Indy/Aries, you should be look at the Aries code bases. Not sure what you are trying to do. As I recall, we removed the login parts of the demo. Not sure why you would want to have that in the demo.

PatrickLenert (Mon, 09 Sep 2019 07:22:51 GMT):
Hi - Is there a concept for fetching Schemas from the ledger without an ID? (I think British Columbia does this with a local registry?)

PatrickLenert (Mon, 09 Sep 2019 07:22:51 GMT):
Hi - Is there a concept for fetching Schemas from the ledger without an ID? (I think British Columbia does this with a registry?)

sklump (Mon, 09 Sep 2019 10:41:21 GMT):
Pondering this some more, I think the fix has to be in the connection itself. The invitation should include an auto flag to note that the same agent has both ends of the connection, and then the connection record should retain it. Then the operation should check the connection to avoid duplicating records that are really auto-connections. I think this is the most bulletproof approach. My two cents only.

sklump (Mon, 09 Sep 2019 10:41:21 GMT):
Pondering this some more, I think the fix has to be in the connection itself. The invitation should include an auto flag to note that the same agent has both ends of the connection, and then the connection record should retain it. Then the operation should check the connection to avoid creating distinct model records (cred exchange, etc) for each end when the connection line is really a loop. I think this is the most bulletproof approach. My two cents only.

PatrickLenert (Mon, 09 Sep 2019 10:45:01 GMT):
@sklump what is your answer? You referenced a thread but I don't see the schema issue was mentioned.

sklump (Mon, 09 Sep 2019 10:48:16 GMT):
@PatrickLenert It's a different thread. You can get schemas from the ledger without a DID, see the sample code: https://github.com/hyperledger/indy-sdk/blob/master/wrappers/python/tests/ledger/test_build_get_schema_request.py

PatrickLenert (Mon, 09 Sep 2019 10:51:14 GMT):
So if I want an REST API Endpoint for my ACA-Py Agent, I have to implement this interface in the python code myself?

PatrickLenert (Mon, 09 Sep 2019 10:51:14 GMT):
So if I want a REST API Endpoint for my ACA-Py Agent, I have to implement this interface in the python code myself?

sklump (Mon, 09 Sep 2019 11:04:16 GMT):
You could write one there. But the aca-py agent necessarily has a DID on the ledger or else it won't start. Maybe you want something closer to the indy-sdk instead for this.

PatrickLenert (Mon, 09 Sep 2019 13:05:59 GMT):
@sklump I think you misunderstood my question. What I search for is a *global registry* or ledger method to retrieve schemas from other partys without the DID, only *using attributes*.

sklump (Mon, 09 Sep 2019 13:07:53 GMT):
There is no API like that as far as I know.

PatrickLenert (Mon, 09 Sep 2019 13:09:10 GMT):
@sklump Is there any third-party solution you can think of? How would you implement this?

sklump (Mon, 09 Sep 2019 13:17:34 GMT):
I believe it is the wrong question. There is no semantic value to an attribute in a schema. Any schema-issuer (origin) can publish any schema to the ledger. Relying on an attribute set's meanings and then getting candidate schemas from those are prone to bait-and-switch, and/or to accidental or malicious pollution of the schema space. For example, 'score' could refer to a credit score, a test score, a high score in some game, etc. Only when you know what schema you want by name/version/origin(DID) can you get a good bead on the target.

PatrickLenert (Mon, 09 Sep 2019 13:22:12 GMT):
what if I want to import schemas from the ledger? At the beginning I certainly don't know what I am looking for.

PatrickLenert (Mon, 09 Sep 2019 13:22:12 GMT):
what if I want to import schemas from the ledger? At the beginning I certainly don't know what attributes I am looking for.

sklump (Mon, 09 Sep 2019 13:25:04 GMT):
I think you need to go over the wrapper code tests to get a sense of what is typical operation in any case. As a prospective holder, you would be in contact with a credential issuer to ascertain the schema(s) against which it issues credentials.

PatrickLenert (Mon, 09 Sep 2019 13:30:29 GMT):
ok, from the Issuer perspective: How would you use existing schemas if you as an Issuer doesn't have the Schema ID and there is no method and concept to retrieve them all together?

sklump (Mon, 09 Sep 2019 13:35:53 GMT):
As an Issuer you would have contact with the Origin (e.g. government defines drivers' licences). Ultimately the idea is that these live in some sort of publicly accessible space like schema.org. For now you can poll the ledger transaction by transaction and inspect the ones marked as schema definitions (`transaction['type'] == '101'`).

PatrickLenert (Mon, 09 Sep 2019 13:39:17 GMT):
thanks for the advice @sklump. Do you want to say something @luckycharms810 ?

PatrickLenert (Mon, 09 Sep 2019 13:39:17 GMT):
thanks for the advice @sklump . Do you want to say something @luckycharms810 ?

luckycharms810 (Mon, 09 Sep 2019 13:41:33 GMT):
Yep, just wanted to mention - we have been polling the ledger for schema's and caching/indexing them in local stores.

PatrickLenert (Mon, 09 Sep 2019 13:42:47 GMT):
@luckycharms810 what do you mean with "polling the ledger" in the context of ACA-Py Agent?

luckycharms810 (Mon, 09 Sep 2019 13:43:21 GMT):
Well, we are currently running our local nodes, and checking the '

luckycharms810 (Mon, 09 Sep 2019 13:43:30 GMT):
domain ledger for new transactions

luckycharms810 (Mon, 09 Sep 2019 13:43:58 GMT):
This is not within the context of the ACA agent

PatrickLenert (Mon, 09 Sep 2019 13:44:31 GMT):
You didn't use Aries Cloud Agent?

luckycharms810 (Mon, 09 Sep 2019 13:46:11 GMT):
You do not need the functionality of the agent to query for transactions on the ledger

PatrickLenert (Mon, 09 Sep 2019 13:48:03 GMT):
do you maybe can provide me with the Query Function Code Snippet? Just to see how this would look like??

luckycharms810 (Mon, 09 Sep 2019 13:49:07 GMT):
We use a utility script that is bundled with the indy node package

luckycharms810 (Mon, 09 Sep 2019 13:49:09 GMT):
https://github.com/hyperledger/indy-node/blob/master/scripts/read_ledger

swcurran (Mon, 09 Sep 2019 14:02:32 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=wwRRH2cZ7HGtSGFmm) This is not correct (99% sure - @andrew.whitehead). An ACA-Py agent that is not an issuer does not have a DID on the ledger and in fact often will not.

swcurran (Mon, 09 Sep 2019 14:06:25 GMT):
@PatrickLenert - there is no schema discovery built into indy-node, no transactions to find schema or creddefs. What some have done, BC Gov and another instance, is to simply read the entire ledger into a database and using that for discovery. This is implemented in von-network (https://github.com/bcgov/von-network - the /server code), and we have running instances that scan our test ledgers and the Sovrin MainMain (https://sovrin-mainnet-browser.vonx.io/).

sklump (Mon, 09 Sep 2019 14:11:59 GMT):
I've put in an Issue at hyperledger/aries-rfc: https://github.com/hyperledger/aries-rfcs/issues/215 I have to walk kind of a fine line here since I am not on any contract. This is where I believe the best fix is to be found, but I shouldn't start building prototypes until I get on some kind of vehicle for an interested party. It won't be long, I am convinced.

luckycharms810 (Tue, 10 Sep 2019 15:39:01 GMT):
Hello all, Our team has been working hard to create a v1.0 compliant agent and we are at the point of creating the messages for credential presentation. We are diving in to the creation of the proofs and are a little confused about what is going on here -> https://github.com/hyperledger/indy-sdk/blob/master/samples/python/src/getting_started.py#L1125

luckycharms810 (Tue, 10 Sep 2019 15:39:27 GMT):
We have been using the getting_started.py as a reference since there currently does not exist a revocation implementation in ACA-py.

luckycharms810 (Tue, 10 Sep 2019 15:40:31 GMT):
We are a little confused about why there is a tails reader being opened here. Our understanding was that the credential and the current value of the pertinent revocation registry would be enough to create a proof of non-revocation. Is this correct ?

swcurran (Tue, 10 Sep 2019 15:47:16 GMT):
No, a tails file is needed in preparing the proof on non-revocation. We're looking forward to the day when that is not required, but it's still needed.

swcurran (Tue, 10 Sep 2019 15:48:03 GMT):
As we work on revocation for ACA-Py, we're anticipating that BC Gov will host a tails file server that others can use for the short term until anoncreds 2.0.

luckycharms810 (Tue, 10 Sep 2019 15:51:48 GMT):
Ah okay, so is the idea that each trust anchor would publicly host their tails file ?

sklump (Tue, 10 Sep 2019 15:55:32 GMT):
@luckycharms810 or post to a trustworthy aggregator such as https://github.com/PSPC-SPAC-buyandsell/von_tails

sklump (Tue, 10 Sep 2019 15:55:32 GMT):
@luckycharms810 or post to a public aggregator such as https://github.com/PSPC-SPAC-buyandsell/von_tails

sklump (Tue, 10 Sep 2019 15:55:32 GMT):
@luckycharms810 or post to a public aggregator such as https://github.com/PSPC-SPAC-buyandsell/von_tails. Only issuers create tails files, but holders (provers) need a copy to create proof. Tails files are burdensome to generate but public and immutable once created.

luckycharms810 (Tue, 10 Sep 2019 15:57:33 GMT):
So this tails file would need to get updated every time the trust anchor issues a credential ?

swcurran (Tue, 10 Sep 2019 15:57:44 GMT):
Tails files can be anywhere. They just need to be referenceable. We're going to host a tails service (using von_tails that @sklump references).

luckycharms810 (Tue, 10 Sep 2019 15:59:16 GMT):
How would a holder know where to access the tails file for a given credential ?

sklump (Tue, 10 Sep 2019 15:59:59 GMT):
Enjoy: https://hyperledger-indy.readthedocs.io/projects/sdk/en/latest/docs/concepts/revocation/cred-revocation.html

sklump (Tue, 10 Sep 2019 16:00:32 GMT):
Great question: out of band, or by convention, I imagine

luckycharms810 (Tue, 10 Sep 2019 16:07:04 GMT):
Okay so just for me to be sure I understand this

luckycharms810 (Tue, 10 Sep 2019 16:07:29 GMT):
If an issuer is no longer able to host the tails file, the holder can no longer create a proof of non-revocation for that credential

sklump (Tue, 10 Sep 2019 16:08:23 GMT):
Not quite: the holder ought to get a copy for itself. Or else a process on the issuer can monitor tails file directory as it populates and whisk the tails file up to a server once it's done.

sklump (Tue, 10 Sep 2019 16:08:41 GMT):
Then as long as the holder can get to its own copy, or download one from the server, it will be fine.

sklump (Tue, 10 Sep 2019 16:09:07 GMT):
For what it's worth, the issuer can also monitor the server in case it's sabotaged to get fresh copies from the server.

sklump (Tue, 10 Sep 2019 16:09:07 GMT):
For what it's worth, the issuer can also monitor the server in case it's sabotaged to get fresh copies from the server (unlikely).

sklump (Tue, 10 Sep 2019 16:10:04 GMT):
But I think only the holders need the tails files once they're generated. Issuers, on revocation, operate on the revocation registry, not the tails file, and revocation registry states are on the ledger.

sklump (Tue, 10 Sep 2019 16:10:28 GMT):
Since tails files are gargantuan, I don't advise downloading a fresh one every time.

sklump (Tue, 10 Sep 2019 16:10:50 GMT):
(and immutable; i.e., tamper-evident)

sklump (Tue, 10 Sep 2019 16:11:25 GMT):
Examples and configuration instructions for such sync scripts come included in von_tails

sklump (Tue, 10 Sep 2019 16:12:40 GMT):
For example, von_anchor only allows the holder to store a credential if it already has the corresponding tails file.

sklump (Tue, 10 Sep 2019 16:14:07 GMT):
Cred def : revocation registry is a one-to-many relation. Revocation registry : tails file is a 1:1 relation. Once a rev reg fills up, the issuer must generate a new rev reg (with corresponding tails file) before issuing a new credential.

luckycharms810 (Tue, 10 Sep 2019 16:18:05 GMT):
Really appreciate the information here @sklump

luckycharms810 (Tue, 10 Sep 2019 16:18:34 GMT):
Will spend sometime re-reading and follow up with additional questions

luckycharms810 (Tue, 10 Sep 2019 16:19:58 GMT):
Given the 1:1 connection between revocation registries and tails files, would it be reasonable to include the path to the tails file in the revocation registry transaction?

luckycharms810 (Tue, 10 Sep 2019 16:23:35 GMT):
Ah i see this here - "Each issuer must also publish on the ledger a revocation registry. This metadata references a credential definition and specifies how revocation for that credential type will be handled. The revocation registry tells which cryptographic accumulator can be used to test revocation, and gives the URI and hash of the associated tails file."

sklump (Tue, 10 Sep 2019 16:23:37 GMT):
Probably not - these can live anywhere - there may be multiple services, or they may spin up and shut down over the weeks and months. An admin-API-like call to the Issuer would be a good place to get a tails file server, then query the server by rev reg id.

sklump (Tue, 10 Sep 2019 16:25:29 GMT):
... yes, but in effect this is only for local file system writes. As it should be - tails file creation should not depend on this or that external service being up. This is where a sync script can watch over the local directory vs. a remote service, and copy deltas in the issuer direction (local->remote) or the holder direction (remote->local) until they match.

sklump (Tue, 10 Sep 2019 16:28:17 GMT):
Not all holders may be interested in tails files from all cred def ids (or rev reg ids), and not all servers may be interested in hosting tails files from all cred def ids (or rev reg ids), so there is some configuration available to specify domains of interest.

luckycharms810 (Tue, 10 Sep 2019 19:55:31 GMT):
@sklump - Is this size of the tails file limited by the max_cred_num ?

luckycharms810 (Tue, 10 Sep 2019 20:07:15 GMT):
Also out of curiosity, how big can tails files potentially grow to ? MBs ? GBs ?

swcurran (Tue, 10 Sep 2019 21:03:29 GMT):
Yes and Yes. This is why we want to get rid of the tails approach. #anocreds2

janb (Wed, 11 Sep 2019 09:45:51 GMT):
get rid of tails file? where can I find more info about the planned changed in anoncreds2?

janb (Wed, 11 Sep 2019 09:46:30 GMT):
I thought tails files are necessary to generate the proof

SvenHammann90 (Wed, 11 Sep 2019 10:54:45 GMT):
Hi all, the recording of last week's call is not uploaded yet, could you please do so? We listeners are actually out there :)

luckycharms810 (Wed, 11 Sep 2019 13:12:10 GMT):
@swcurran Thanks for the answer. Couple of follow up questions. 1. Is there somewhere I can view the exposed APIs from anoncreds 2.0 ? 2. Would it be right to assume that the tails file would not go away, but just that the holder would not need it to prove non-revocation ? 3. Is there somewhere I can get a better understanding of how the tails file grows ? I noticed that a file with a record of 1 issued credential, and a file with 60 issued credentials both have the same size of 2.4mb. I can run some tests on my end to see how these grow but would love if you had a resource i could refer to for this.

swcurran (Wed, 11 Sep 2019 14:21:04 GMT):
1. There is a writeup on what AnonCreds 2.0 is somewhere - I've been looking but can't find the reference. @MALodder knows it. The API you are asking about is the revocation from an Indy perspective. My guess it is essentially the same, with the URI for the tails file replaced with a reference to a transaction on the ledger for the root of the merkle tree construct that replaces the tails file. 2. The tails file concept (array of ints) goes away, replaced (AFAIK) with a merkle tree where the bits of the leaf nodes represent the credentials and status. The root of the merkle tree is in the ledger, and when credentials are revoked, the a new tree/transaction is written. @MALodder knows better :-) 3. I have not been able to find the history that has the size of files. However, I know that the files get very large - on the order of GBs.

MALodder (Wed, 11 Sep 2019 14:22:21 GMT):
https://github.com/hyperledger/ursa-docs/tree/master/specs/anoncreds2

swcurran (Wed, 11 Sep 2019 14:22:21 GMT):
See the thread under luckycharms810 below.

luckycharms810 (Wed, 11 Sep 2019 14:42:28 GMT):
Thank you @swcurran, Fwiw I am trying to understand how I can sustainably implement this in production in the short term. Is it a reasonable solution for me to basically keep the max cred num low, and use multiple revocation registries to keep the tails files smaller ?

swcurran (Wed, 11 Sep 2019 14:49:09 GMT):
That's the approach we are taking. We need revocation now, but want to waste as little effort as possible on the tails approach. Hence we will use a tails server (building on von-tails work) and as you note, keep the tails files as small as reasonable. We're hoping the API stays largely the same - the same interactions have to occur, just with (naively stated) different parameters.

luckycharms810 (Wed, 11 Sep 2019 15:14:38 GMT):
Got it, just looked through this repository for the von-tails server. Would it be reasonable to say we would be good citizens of the eco-system if we simply host tails files for any issuers that we represent ?

luckycharms810 (Wed, 11 Sep 2019 15:15:27 GMT):
I am seeing that with in von-tails, it seems to be the issuer that is responsible for pushing their tails files to the server to keep them current.

swcurran (Wed, 11 Sep 2019 15:19:39 GMT):
Yes. That's why I was mentioning that we are going to host a tails server. Perhaps that will save others from having to have one. May not be a big deal, but could make it a bit easier for everyone. Not scalable, but it hopefully doesn't have to be.

luckycharms810 (Wed, 11 Sep 2019 15:30:14 GMT):
Really helpful @swcurran , appreciate it! How are you currently planning for the shift from the tails files to the on-chain revocation registry merkle trees ?

luckycharms810 (Wed, 11 Sep 2019 15:30:37 GMT):
Also curious if you have information on that timeline

sklump (Wed, 11 Sep 2019 15:33:47 GMT):
Yes, the synchronization must start with the issuer, who generates tails files, to push such to the server. The issuer (trust anchor) itself is not necessarily responsible, but an actuator (script) has to push from issuer to server. Note that a tails file, once complete for a revocation registry, is immutable (always current, tamper-evident).

swcurran (Wed, 11 Sep 2019 15:38:29 GMT):
We have a limited "in the wild" use case that will use tails (at least for now). My guess is that we will try to reissue credentials to eliminate the tails based ones that exist as quickly as possible - send messages to those with old ones and get them to collect new ones. Then we can drop support for tails files. Not easy... I don't know about the timeline, but assuming it will be within a year, hopefully well within a year. Others might have different opinions on that.

swcurran (Wed, 11 Sep 2019 22:25:56 GMT):
Today's afternoon US Aries Working Group call was not recorded because we didn't have anyone on with the power to record the session. My apologizes for that. We should be able to sort that out for next week and make a recording.

janb (Thu, 12 Sep 2019 07:46:13 GMT):
about the tails files: in our current approach we hand over the tails file to the credential holder so they can generate proof without phoning home.. am I missing something?

sklump (Thu, 12 Sep 2019 10:59:33 GMT):
@janb the issuer could include it with the credential, but (1) typically they are very large and (2) the same tails file pertains to potentially hundreds of thousands of credentials, so if the same holder gets multiple credentials from the same revocation registry [e.g., short-lived duty roster assignment], their tails files will be duplicates.

janb (Thu, 12 Sep 2019 11:26:04 GMT):
we check if the tails file already exists in which case we leave it as-is. My understanding is that it will never change after creation. When creating a tails file for <1000 entries the size is still a few KB ... so I'm still not clear on the following: will tails files be removed in anoncreds 2? I thought they are part of how proofs are generated and guarantee a certain anonymity on revocation checks

sklump (Thu, 12 Sep 2019 11:35:48 GMT):
Anoncreds 2.0 promises to change the process of revocation, using a Merkle tree small enough to put on the ledger itself. Truly these are the days of miracle and wonder.

sklump (Thu, 12 Sep 2019 11:47:11 GMT):
Honest, 25ish years ago none of this math even existed.

janb (Thu, 12 Sep 2019 11:55:09 GMT):
trying to wrap your head around it is a quite humbling experience

iainbarclay (Thu, 12 Sep 2019 16:15:45 GMT):
Is their a recommended approach for credentials that need to be updated - eg. a golf handicap, or an athlete's Personal Best in an event - should the previous credential be revoked and a new one issued, or is there some mechanism to update the values within a currently held credential?

iainbarclay (Thu, 12 Sep 2019 16:15:45 GMT):
Is there a recommended approach for credentials that need to be updated - eg. a golf handicap, or an athlete's Personal Best in an event - should the previous credential be revoked and a new one issued, or is there some mechanism to update the values within a currently held credential?

sklump (Thu, 12 Sep 2019 16:35:15 GMT):
There is no way to update the value of a credential. Revoke and re-issue, or delete and re-issue*. * philosophically, a superseded credential may still be valid as an assertion; e.g., yesterday my PB may have been 39:05 and today it may be 38:59. Both credentials `{'date': '2019-09-11', 'mile': '39:05'}` and `{'date': '2019-09-12', 'mile': '38:55'}` are both valid. To manage wallet fatness, the holder may want to remove old records.

sklump (Thu, 12 Sep 2019 16:35:15 GMT):
There is no way to update the value of a credential. Revoke and re-issue, or delete and re-issue, or retain and re-issue*. * philosophically, a superseded credential may still be valid as an assertion; e.g., yesterday my PB may have been 39:05 and today it may be 38:59. Both credentials `{'date': '2019-09-11', 'mile': '39:05'}` and `{'date': '2019-09-12', 'mile': '38:55'}` are both valid. To manage wallet fatness, the holder may want to remove old records.

sklump (Thu, 12 Sep 2019 16:35:15 GMT):
There is no way to update the value of a credential. Revoke and re-issue, or delete and re-issue, or retain and re-issue*. * philosophically, a superseded credential may still be valid as an assertion; e.g., yesterday my PB may have been 39:05 and today it may be 38:59. Both credentials `{'date': '2019-09-11', 'mile': '39:05'}` and `{'date': '2019-09-12', 'mile': '38:59'}` are both valid. To manage wallet fatness, the holder may want to remove old records.

sklump (Thu, 12 Sep 2019 16:35:15 GMT):
There is no way to update the value of a credential. Revoke and re-issue, or delete and re-issue, or retain and re-issue*. * philosophically, a superseded credential may still be valid as an assertion; e.g., yesterday my PB may have been 39:05 and today it may be 38:59. Both credentials `{'date': '2019-09-11', 'mile': '39:05'}` and `{'date': '2019-09-12', 'mile': '38:59'}` are valid. To manage wallet fatness, the holder may want to remove old records.

iainbarclay (Thu, 12 Sep 2019 16:39:38 GMT):
Thanks - so if we retain and reissue, and another party asks for the "PB" credential - who decides whether they get them all, or just the latest - I guess I can see that both might be useful outcomes...

iainbarclay (Thu, 12 Sep 2019 16:39:38 GMT):
The stack of credentials is new to me, and interesting - I probably have terminology wrong, but could I write an athlete-alice-agent which provided REST APIs to fetch 1) the set of all Alice's "PB" credentials and 2) just her most recent "PB"? (ignoring revocation for now)

swcurran (Thu, 12 Sep 2019 17:25:04 GMT):
Its up to the holder/prover to decide what to deliver in the proof, and the verifier to decide what to accept. In the case the prover sends a proof based on time earlier than the last revocations, the verifier could request a proof of non-revocation from a later time. Participants operate somewhat independently in what the deliver and accept. They can't fake the crypto, but the can control what the request and present.

swcurran (Thu, 12 Sep 2019 17:26:32 GMT):
The verifier can see on the ledger the time of the last revocations (but not what credentials were revoked) and the ledger data that the prover used to create the proof.

iainbarclay (Thu, 12 Sep 2019 17:43:51 GMT):
Thank you - its the "stack" of credentials that is new to me, and presents some interesting opportunities - I'm sure my terminology is wrong, but in the "PB" case - could I have an athlete-alice-agent which provides methods to return both cases - all Alice's PB credentials, and only the latest PB credential? (ignoring revocation for now)

swcurran (Thu, 12 Sep 2019 17:53:06 GMT):
Definitely. I think there is a use case to return an array of proofs. It's how to convey the need and understand the request.

sklump (Thu, 12 Sep 2019 18:20:26 GMT):
Sure, but remember not to let the attribute names hypnotize you into assigning any kind of semantics to them. They are just commitments that this datum was in that hole. For example, you could issue a credential with `effective_date` and `expiry_date` in them, but that does not force any relying party to reject a credential at a date outside those markers. With a bunch of dated performance records, Alice's coach (or interested punters, for example, if Alice were a race horse) could track her progress over the year, for example.

sklump (Thu, 12 Sep 2019 18:20:26 GMT):
Sure, but remember not to let the attribute names hypnotize you into assigning any kind of semantics to them. They are just verifiable claim that this datum was in that hole. For example, you could issue a credential with `effective_date` and `expiry_date` in them, but that does not force any relying party to reject a credential at a date outside those markers. With a bunch of dated performance records, Alice's coach (or interested punters, for example, if Alice were a race horse) could track her progress over time.

sklump (Thu, 12 Sep 2019 18:20:26 GMT):
Sure, but remember not to let the attribute names hypnotize you into assigning any kind of semantics to them. They are just verifiable claims that this datum was in that hole. For example, you could issue a credential with `effective_date` and `expiry_date` in them, but that does not force any relying party to reject a credential at a date outside those markers. With a bunch of dated performance records, Alice's coach (or interested punters, for example, if Alice were a race horse) could track her progress over time.

sklump (Thu, 12 Sep 2019 18:24:30 GMT):
It may be of as much interest to see how fast an athlete's performance decays from personal best (spot the runners over 40 in this crowd)

iainbarclay (Thu, 12 Sep 2019 18:38:35 GMT):
Got it, thanks, really cool. I guess my next step is to see if I code something up around this, based on Faber/Alice example I expect!

swcurran (Thu, 12 Sep 2019 18:40:05 GMT):
[Mobile agent put this response in the wrong place, so moving it.] Definitely. I think there is a use case to return an array of proofs. It's how to convey the need and understand the request.

StefanK (Thu, 12 Sep 2019 23:07:24 GMT):
Heyhey another short question :) Is a DID required to create and send a schema + definition + credential to the ledger or is a szenario like i create a schema without a did but send it to someone with a did and that entity publish it for me thinkable ?

StefanK (Thu, 12 Sep 2019 23:07:24 GMT):
Heyhey another short question :) Is a DID required to create and send a schema + definition to the ledger or is a szenario like i create a schema without a did but send it to someone with a did and that entity publish it for me thinkable ? So that i can create a credential from that definition ?

StefanK (Thu, 12 Sep 2019 23:07:24 GMT):
Heyhey another short question :) Is a public did required to create and send a schema + definition to the ledger or is a szenario like i create a schema without a did but send it to someone with a public did and that entity publish it for me thinkable ? So that i can create a credential from that definition ..

cam-parra (Fri, 13 Sep 2019 17:51:34 GMT):
Hi all! I wanted to let you all know that Kiva will start working on a PoC for a plugable Aries wallet API. We will share our progress during Aries calls and on here as well. If you'd like to contribute please let me know! We appreciate all contributions whether it's a comment, pointing out and error, and anything else.

swcurran (Fri, 13 Sep 2019 17:58:04 GMT):
@StefanK - I've also been thinking about that scenario. It would require code changes in how indy works, but I think technically it should be possible. The use case I'm thinking of is a person without a public DID being able to issue credentials that can be verified by an entity that has been given the cred def. Basically, the credential and proof is not generally useful - only to those that the issuer has specifically shared the creddef. But it does open use cases like a person giving out delegations of authority to a number of people for access to a specific service, such as a bank. There may be other ways to do delegation of authority, but that's not the only use case for this.

swcurran (Fri, 13 Sep 2019 18:01:17 GMT):
Awesome! Where are the repos? FYI - we're running production volume tests (2.5M credentials issued/received) through Aries agents right now and running into bottlenecks that we're starting to dig into. Right now, it's appears to be the wallet that is holding us up (hence why I mention it). We'll keep you posted on the progress...

cam-parra (Fri, 13 Sep 2019 18:23:54 GMT):
Repos will be made on Monday. I will share them ASAP Very interesting. Are you seeing this on your reqs/sec or just the 2.5m wallet creating?

cam-parra (Fri, 13 Sep 2019 18:23:54 GMT):
Repos will be made on Monday. I will share them ASAP Very interesting. Are you seeing this on your reqs/sec or just the 2.5m wallet creation?

swcurran (Fri, 13 Sep 2019 18:26:42 GMT):
We have both a performance issue, and a wallet size issue. It's early and we're sure there are things we can do, but the excessive use of tags in a naive implementation seems to be problematic. There is code in Indy to manage tags and we'll be using that as a first cut.

cam-parra (Fri, 13 Sep 2019 18:29:32 GMT):
We think that we have managed some of the problems with caching. But our implementation is still maturing as well. Speaking with @MALodder today and he pointed out that postgres might be another bottleneck. And he had concerns of reads and writes at a large scale with postgres

swcurran (Fri, 13 Sep 2019 19:13:54 GMT):
We're pretty happy with postgres, but regardless, there is no other current option that meets enterprise requirements - not just volume of data, but scalability (multiple agent instances), and robust in the face of process restarts (e.g. running in kubernetes-type environments).

swcurran (Fri, 13 Sep 2019 19:15:28 GMT):
Another fun issue this week - being able to debug in the face of an encrypted wallet. We were hitting a problem that could only be solved when we hacked the implementation to be able to see the wallet contents.

jljordan_bcgov (Sun, 15 Sep 2019 00:31:25 GMT):
Also ... the bulk loading of credentials is a startup for a credential registry issue ... we are loading credentials from the B.C. registry service for all legal entities in BC ... normally there would not be that level of pressure on the wallet Implementation. Nevertheless there are some real performance tunings that need to happen. I’ve little doubt that postgres can handle whatever is thrown at it.

cam-parra (Mon, 16 Sep 2019 19:15:03 GMT):
@swcurran here is the fork we will be working on. No work currently is pushed to it but we will be adding content this week and next. https://github.com/kiva/aries-sdk.git

VenkateshSYS (Tue, 17 Sep 2019 09:29:52 GMT):
Is there any way to debug the indy application https://github.com/hyperledger/education/tree/master/LFS171x/indy-material/nodejs in google chrome?

pradeepjain (Tue, 17 Sep 2019 09:50:36 GMT):
Hi All, I am learning about the indy-agent and very new to indy-agent part and indy-agent migrated to the Aries. We have created an application based on node.js and running on the single VM. but now we wanted to split out into multiple pieces and wanted to run all the pieces on different - different VM's. To run on the different VM's, we need the indy-agent on all VM's for communication between containers

pradeepjain (Tue, 17 Sep 2019 09:55:20 GMT):
Hi Everyone, I am learning about the indy-agent and very new to indy-agent part and indy-agent migrated to the Aries. We have created an application based on node.js and running on the single VM. but now we wanted to split out into multiple pieces and run all the pieces on different - different VM's. To run on the different VM's, we needs nodeJS indy-agents running on all VM's for communication between VM's. Can anyone help me how it works and how I can get the updated code base for nodeJS agent from Aries.

smithbk (Tue, 17 Sep 2019 11:34:56 GMT):
Can someone tell me the relationship between RFC 23 (https://github.com/hyperledger/aries-rfcs/tree/master/features/0023-did-exchange) and RFC 160 (https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol)? Why both and which one should be used?

george.aristy (Tue, 17 Sep 2019 13:25:28 GMT):
https://github.com/hyperledger/aries-rfcs/issues/214

troyronda (Tue, 17 Sep 2019 13:37:52 GMT):
Note: the advice from previous WG calls was to implement the DID Exchange RFC. In a recent WG call, there was a proposal to bring in the Connection Protocol RFC. I had the impression this was as grandfathered documentation. Now there is a new thread (214) about going back to Connections. In the Go framework, we have been implementing the DID Exchange RFC.

troyronda (Tue, 17 Sep 2019 13:37:52 GMT):
Note: the advice from previous Aries WG calls was to implement the DID Exchange RFC. In a recent WG call, there was a proposal to bring in the Connection Protocol RFC. I had the impression this was as grandfathered documentation (for the pre-Aries implementations). Now there is a new thread (214) about going back to Connections. In the Go framework, we have been implementing the DID Exchange RFC.

cam-parra (Tue, 17 Sep 2019 15:43:41 GMT):
Thanks for your question. This is the aries channel so it be better to ask this question in #indy.

daidoji (Wed, 18 Sep 2019 14:52:39 GMT):
in the last meeting here this appeared in the notes `Sovrin Foundation is looking to build a Indy specific Ursa, with ZKPs. Other Aries clients would build a different Ursa.`

daidoji (Wed, 18 Sep 2019 14:53:04 GMT):
Also, can the call recording be uploaded https://wiki.hyperledger.org/pages/viewpage.action?pageId=20021893

daidoji (Wed, 18 Sep 2019 14:53:29 GMT):
Also, did that meeting happen in the future :) `2019-09-25-A Aries Working Group Call (US morning)`

swcurran (Wed, 18 Sep 2019 15:13:35 GMT):
The last minute was not recorded - there was no one there with permission :-(. #fail

swcurran (Wed, 18 Sep 2019 15:13:35 GMT):
The last meeting was not recorded - there was no one there with permission :-(. #fail

swcurran (Wed, 18 Sep 2019 15:16:23 GMT):
My interpretation of the Ursa line above means that Ursa will be produce several artifacts with different build items in them. At least one of them will include the ZKP stuff needed for Indy-style verifiable credentials, while another would not include the ZKP items, but just the elements needed for an Aries agent that will not use Indy-style verifiable credentials. That will allow different Aries agent implementations to support the features they want, but still be able to communicate.

swcurran (Wed, 18 Sep 2019 15:16:50 GMT):
And on your last note - meeting agendas are pre-published.

daidoji (Wed, 18 Sep 2019 15:23:49 GMT):
oh, so it is in the future :-( My apologies. @swcurran thanks for the insight!

iainbarclay (Wed, 18 Sep 2019 17:05:49 GMT):
Hi - I'm writing a paper (part of PhD) about using SSI (and agents in particular) to issue credentials to a dataset, there's much still to be written and polished, but would anyone be willing to take a look over a draft of an early version and sanity check for me please?

danielhardman (Wed, 18 Sep 2019 17:13:25 GMT):
Interesting effort here; I wonder if we should approach them about contributing as an Aries JS agent? https://github.com/rabobank-blockchain/universal-ledger-agent

swcurran (Wed, 18 Sep 2019 18:53:58 GMT):
Aries working Group call starting in about 6 minutes: US afternoon / Asia-Pacific morning: 1.5 hours each Wednesday at 12PM Los Angeles, 3PM New York, Tuesday at 5AM Sydney. Location: https://zoom.us/j/856588081

Audrius (Thu, 19 Sep 2019 07:47:32 GMT):
I am trying to identify possible issues for the following use case: potential credentials owner, give „consent“ (owner issue related credentials?) to his cloud agent to get “external” (like university) credentials on the owner behalf?

AngelPalomares (Thu, 19 Sep 2019 15:12:39 GMT):
Do you have some roadmap defining when it will available aries-sdk, aries-agent-java, etc?

AngelPalomares (Thu, 19 Sep 2019 15:14:35 GMT):
In addition, are you planning to realises some software compatible with mobile developments (either the sdk or directly a agent for mobiles)? If yes, when?

cam-parra (Thu, 19 Sep 2019 16:07:01 GMT):
@swcurran how do we get added as maintainers for an aries repo? I think me and @MALodder should be added to that list

swcurran (Thu, 19 Sep 2019 16:07:47 GMT):
Talk to @rjones about who you wanted added to what repo. He's got the power.

cam-parra (Thu, 19 Sep 2019 16:09:14 GMT):
aries-sdk ... please and thank you

cam-parra (Thu, 19 Sep 2019 16:09:39 GMT):
these ursa people always bothering you about maintainers right? :)

rjones (Thu, 19 Sep 2019 16:10:41 GMT):
Sure. dhh1128 is the admin and could do it, but I'll do it now

cam-parra (Thu, 19 Sep 2019 16:11:57 GMT):
Is it not setup like the ursa repos where all maintainers can add new maintainers?

rjones (Thu, 19 Sep 2019 16:12:31 GMT):
these people: https://github.com/orgs/hyperledger/teams/aries-sdk-committers/members should be able to add people

rjones (Thu, 19 Sep 2019 16:14:01 GMT):
https://github.com/orgs/hyperledger/teams/aries-sdk-committers/members added

rjones (Thu, 19 Sep 2019 16:14:24 GMT):
https://github.com/orgs/hyperledger/teams/aries-admins/members

swcurran (Thu, 19 Sep 2019 20:14:51 GMT):
Yesterday afternoon (US) Aries Working Group call was recorded. The recording can be viewed here: https://zoom.us/recording/play/TxXUzmASuDaiZnFFa1PnoO-Yux6j2AspGS-6oCgGYJ1jvtvFPiJb0fvbXD3upF1t

vitoroliveira (Fri, 20 Sep 2019 19:53:35 GMT):
Hi guys! I'm just trying post a proof-request

VenkateshSYS (Sun, 22 Sep 2019 14:59:12 GMT):
How to run custom nodejs express api (get/post) file in running docker container and how to access it?

VenkateshSYS (Sun, 22 Sep 2019 15:49:06 GMT):
"scripts": { "startfile" : "node file.js" } How to write this in dockerfile CMD []

cam-parra (Mon, 23 Sep 2019 15:28:56 GMT):
@rjones could we have you create an aries-wallet repo? please and thank you

cam-parra (Mon, 23 Sep 2019 16:22:59 GMT):
@george.aristy for now this will implement a c callable api and then i expect that different repos with various languages/dbs will come about

cam-parra (Mon, 23 Sep 2019 16:35:00 GMT):
@rjones thank you! Could you also add matt-raffel-kiva as a maintainer? please and thank you

cam-parra (Mon, 23 Sep 2019 16:35:25 GMT):
oh and if haven't added me that would be great

cam-parra (Mon, 23 Sep 2019 19:00:41 GMT):
@rjones do you know how we can setup a circle ci instance on these repos?

troyronda (Mon, 23 Sep 2019 19:08:21 GMT):
@cam-parra FYI: GitHub Actions are enabled. (we defined a workflow for aries-framework-go here: https://github.com/hyperledger/aries-framework-go/blob/master/.github/workflows/build.yml).

cam-parra (Mon, 23 Sep 2019 19:09:26 GMT):
thanks troy. I will add the yml file then

jmandel (Tue, 24 Sep 2019 20:45:17 GMT):
Hi all! I'm new here and just reading through the RFCs. Really enjoying the clarity of thought/exposition so far. Quick question at https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets#managing-secrets, where I'm trying to understand where secrets live. * I see "You can’t get private keys out" but also... * in the underlying design doc on wallets (https://github.com/hyperledger/indy-sdk/blob/master/docs/design/009-wallet-export-import/README.md) I see "Export should contain the whole wallet data (including secrets)." Are private keys (e.g. the private half of an authentication keypair referenced in my DID) stored in a wallet? Exported? Is this specified, or just an implementation choice?

dbluhm (Tue, 24 Sep 2019 20:50:37 GMT):
In the current wallet implementation which was essentially grandfathered in from the Indy Agent community (in Indy-SDK), the private keys are stored in the wallet and are never returned to the library caller. Exporting your wallet is the only exception I'm aware of.

jmandel (Tue, 24 Sep 2019 20:51:20 GMT):
Okay -- so export is considered "a different kind of thing" from general API access. Fair enough (and thanks for the quick response).

dbluhm (Tue, 24 Sep 2019 20:53:51 GMT):
No problem! Yeah, data portability is a major goal but not something I would anticipate happening frequently

swcurran (Wed, 25 Sep 2019 04:34:41 GMT):
So do we anticipate using export for backups, or would we expect to use tools from the underlying database? I had been anticipating that export would be used, but that is limiting in that (right now), there is no incremental export. But if we use the database, we get lots of tools, but no portability across wallet implementations. And in turn that is fine because when we do need that, we can use the export that we do have.

cam-parra (Wed, 25 Sep 2019 19:20:23 GMT):
Can't join the call today. My stance stand that we need to wait in order to make a decision on what direction we should take for the aries wallet. That was clear from the call this morning. We need to have input from @MALodder , Ken, @nage , @swcurran , and @danielhardman to make this decision. I suggest that after we all come back from conferences that we begin this process.

nage (Wed, 25 Sep 2019 19:29:23 GMT):
Sounds like a good IIW topic (Mike and Ken won't be there but Daniel, Daniel and Stephen should be)

danielhardman (Wed, 25 Sep 2019 19:53:32 GMT):
@swcurran: Backing up could happen at either layer (upper/outer surface of wallet, or underlying storage). If you back up at the low level storage, then you can only restore your backup to the same storage, and you don't have a view of the organization of data items that lets you pluck individual items out of the backup, restore a subset, only backup a subset, etc. You also have only an encrypted view of the data (when at rest in the storage, the data is already encrypted), so it makes no sense to use an encryption key. The wallet unlock key is inextricably intertwined with your data; you could add a new key, but you can't avoid needing the old one, so why bother? If you back up at the upper/outer surface of wallet, using the `export()` function, then you could choose to back up only half your relationships, and you could choose entirely different encryption and keys to do it.

danielhardman (Wed, 25 Sep 2019 19:54:59 GMT):
There are reasons to do both; they just have different characteristics.

jljordan_bcgov (Thu, 26 Sep 2019 01:30:46 GMT):
No @swcurran at IIW this time .. he is on another continent

swcurran (Thu, 26 Sep 2019 04:21:19 GMT):
Thanks @danielhardman - so you agree with the concept that there be a single key needed for restore? You are suggesting that actual wallet key would be sufficient rather than creating a new key for encrypting a backup package that consists of the wallet key with the backup (plus possibly other metadata). That does mean that the metadata and some data from the backup - number of records per table, the unencrypted tags - would be visible to anyone with access to the backup. I suspect that more metadata would be needed about the backup to restore it, but don't have concrete examples. If there was a need for more data and so a different key was used to encrypt a package, you don't see a concern with embedding the wallet key with the database backup?

MALodder (Thu, 26 Sep 2019 04:38:11 GMT):
If possible keep the key separate from the backup otherwise what’s the point of encryption

danielhardman (Thu, 26 Sep 2019 04:38:36 GMT):
I do believe in the idea of having a single key. However, you have to think hard about which key to use. If you're backing up it at the database level, then you should not put the wallet key with it, because that is the very thing that's needed to turn all the encrypted data into plain text. However, you could store the backup key in one place, and the backed up data in a different place. Or, you could use a different key to encrypt the wallet key. What you don't want is a situation where a database admin could turn all of the backed up data into plain text.

danielhardman (Thu, 26 Sep 2019 04:39:52 GMT):
I think, if you are backing up at the database level, then you shouldn't call it a wallet backup. That is a storage backup, not a wallet backup. Backing up a wallet is the thing that's done through the export function.

swcurran (Thu, 26 Sep 2019 05:32:29 GMT):
@MALodder - there are two keys and the outer one that is saved is encrypting a package consisting of a database with encrypted contents and the key for the contents. I'm assuming that is safe enough.

swcurran (Thu, 26 Sep 2019 05:35:56 GMT):
@danielhardman - the idea is put the wallet key with the database level backup as a package, then to encrypt that package with a key that you keep separate from the encrypted package. The whole goal is to keep those two things separate until you need them.

swcurran (Thu, 26 Sep 2019 05:37:15 GMT):
@danielhardman - we should never use the term "wallet", but that's a whole other discussion. At MyData I'm having to clarify the term "wallet" in the Indy usage. AMS, please...

MALodder (Thu, 26 Sep 2019 05:37:47 GMT):
@swcurran that approach is acceptable

jakubkoci (Thu, 26 Sep 2019 08:13:20 GMT):
I have a question I wanted to ask for a long time somehow related to export-import/backup. I know there is a plan to have a device revocation feature. I guess one of the purposes of it is when I someone steals my phone I can revoke all credentials in it by revoking the device. What if that thief do an export of the wallet before I do the revocation? Will be all exported credentials also revoked or not? (Maybe it's a corner case because I assume the attacker has access to that phone and into the app, which is, of course, a huge problem itself and both should be protected by TouchID or PIN, but it also can fail - more by a human than a technological error)

dbluhm (Thu, 26 Sep 2019 15:04:07 GMT):
Identity WG Implementers call happening now: https://zoom.us/j/232861185

danielhardman (Thu, 26 Sep 2019 15:25:42 GMT):
@jakubkoci: Whether the thief exports the wallet or not, before the device is revoked, does not significantly alter how much mischief can be done. Credentials are not revoked by device revocation; those are entirely separate. When a device is revoked, then the device's ability to prove something with the credentials is revoked, whether or not the credentials are valid. If you have valid credentials but an unauthorized device, you can't prove anything with them. For more on this, please see this whitepaper: https://sovrin.org/library/lost-phone/

jakubkoci (Thu, 26 Sep 2019 16:40:43 GMT):
Hmm 🤔, thanks for the clarification, I’ll look at the document.

fhmarino (Thu, 26 Sep 2019 17:33:26 GMT):
*Hi guys! I'm just trying to create an aca-py with the following command:* aca-py start --inbound-transport http 0.0.0.0 8100 \ --outbound-transport http \ --log-level debug \ --endpoint http://localhost:8100 \ --label back-office \ --seed 10d38d0ea70ca428b98d95ce6888151a \ --genesis-url http://localhost:9000/genesis \ --ledger-pool-name localindypool \ --wallet-key 123456 --wallet-name backofficewallet --wallet-type indy \ --admin 0.0.0.0 8150 --admin-insecure-mode \ --public-invites --auto-accept-invites --auto-accept-requests --auto-ping-connection --auto-respond-messages \ --auto-respond-credential-offer --auto-respond-presentation-request --auto-verify-presentation --auto-store-credential \ --auto-respond-presentation-proposal --auto-respond-credential-request --auto-respond-credential-proposal \ --debug-connections --debug-credentials --debug-presentations *But it's raising this error:* aries_cloudagent.conductor ERROR Unable to start administration API ... AttributeError: 'MarshmallowPlugin' object has no attribute 'openapi'

andrew.whitehead (Thu, 26 Sep 2019 19:15:58 GMT):
This is due to a new release of a supporting package, we've added the specific version to the requirements for our next release. Try installing `apispec==2.0.2` with pip

swcurran (Thu, 26 Sep 2019 20:01:21 GMT):
@andrew.whitehead - sounds like we need to get a new release published to address this? Is that right?

andrew.whitehead (Thu, 26 Sep 2019 20:05:20 GMT):
@swcurran That's right, should be out today

cam-parra (Thu, 26 Sep 2019 21:19:35 GMT):
@ryjones could we enable deleting branches for maintainers on aries-wallet?

cam-parra (Thu, 26 Sep 2019 21:19:35 GMT):
@rjones could we enable deleting branches for maintainers on aries-wallet?

rjones (Fri, 27 Sep 2019 05:32:35 GMT):
@cam-parra not easily - how did you end up with these branches? Those look like they should be PRs

rjones (Fri, 27 Sep 2019 05:33:24 GMT):
looks like some failed DCO checks there, too

cam-parra (Fri, 27 Sep 2019 15:59:12 GMT):
yeah that was my naive way of setting up actions through the browser. They can all be deleted

rjones (Fri, 27 Sep 2019 16:03:05 GMT):
in the future, feel free to noodle in the `hyperledger-cicd` org - that's what it's there for

fhmarino (Fri, 27 Sep 2019 18:32:23 GMT):
Thanks @andrew.whitehead, It works here!

jmandel (Sat, 28 Sep 2019 01:06:57 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0094-cross-domain-messaging/README.md indicates that:> The Receiver of the message knows from the "to" field the DID to which the message was sent. From that, the Receiver is expected to be able to determine the DID of the Sender

jmandel (Sat, 28 Sep 2019 01:06:57 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0094-cross-domain-messaging/README.md indicates that:> Receiver of the message knows from the "to" field the DID to which the message was sent. From that, the Receiver is expected to be able to determine the DID of the Sender

jmandel (Sat, 28 Sep 2019 01:12:13 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0094-cross-domain-messaging/README.md indicates that: > The Receiver of the message knows from the "to" field the DID to which the message was sent. From that, the Receiver is expected to be able to determine the DID of the Sender I think this implies that the receiver *must* be using a pairwise DID -- because if the receiver used a public DID, that couldn't uniquely identify the sender. However, the Assumptions section states: > The Receiver's DID MAY be a public or pairwise DID These two claims seem incompatible. (Or I'm confused, which is entirely possible -- I'm new here :-))

jmandel (Sat, 28 Sep 2019 01:12:13 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0094-cross-domain-messaging/README.md indicates that: >The Receiver of the message knows from the "to" field the DID to which the message was sent. From that, the Receiver is expected to be able to determine the DID of the Sender I think this implies that the receiver *must* be using a pairwise DID -- because if the receiver used a public DID, that couldn't uniquely identify the sender. However, the Assumptions section states: >The Receiver's DID MAY be a public or pairwise DID These two claims seem incompatible. (Or I'm confused, which is entirely possible -- I'm new here :-))

jmandel (Sat, 28 Sep 2019 01:12:13 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0094-cross-domain-messaging/README.md indicates that: >The Receiver of the message knows from the "to" field the DID to which the message was sent. From that, the Receiver is expected to be able to determine the DID of the Sender I think this implies that the receiver *must* be using a pairwise DID -- because if the receiver used a public DID, that receiver DID couldn't uniquely identify the sender. However, the Assumptions section states: >The Receiver's DID MAY be a public or pairwise DID These two claims seem incompatible. (Or I'm confused, which is entirely possible -- I'm new here :-))

MALodder (Mon, 30 Sep 2019 14:14:39 GMT):
https://twitter.com/steveklabnik/status/1177304867624411136?s=19

MALodder (Mon, 30 Sep 2019 14:14:53 GMT):
6 more weeks to wait for Async/Await in Rust

cam-parra (Mon, 30 Sep 2019 15:05:12 GMT):
@MALodder 6 weeks until it's on nightly?

MALodder (Mon, 30 Sep 2019 15:16:29 GMT):
so that's when it should be in stable

MALodder (Mon, 30 Sep 2019 15:16:52 GMT):
it has to stay clean for 6 weeks (no bugs) before it can land in stable

MALodder (Mon, 30 Sep 2019 15:45:41 GMT):
https://blog.rust-lang.org/2019/09/30/Security-advisory-for-cargo.html

janl (Mon, 30 Sep 2019 21:02:14 GMT):
Hi, I have an update to my rfc: 167, data consent lifecycle, which may be of general interest. I have given several demos of how indy-sdk can be used can used for creating consent receipt and performing proof request without revealing any private information. The demo is based on getting-started and is now available as a reference implementation for anybody to check out. Once Aries is ready the plan is to adapt it over. The next step for the reference implementation is to add revocation example which is on the works. Welcome to come with feedback. https://github.com/JanLin/aries-rfcs/tree/master/concepts/0167-data-consent-lifecycle Best regards, Jan Note the new reference implementation is in a Pull Request #238 to hyperledger:master.

george.aristy (Tue, 01 Oct 2019 13:01:51 GMT):
@janl have you looked to see how Delegatable Credentials might fit for Consent Receipts?

george.aristy (Tue, 01 Oct 2019 13:02:26 GMT):
As I understand, using regular credentials has several downsides as @danielhardman points out here: https://hackmd.io/qVtYLFAtST-79OIprMUiUQ

george.aristy (Tue, 01 Oct 2019 13:02:52 GMT):
RFC for delegatable credentials: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0104-delegatable-credentials

EdCurran (Tue, 01 Oct 2019 13:07:42 GMT):
Hi, In the ACA-PY architecture deep dive its mentioned how one instance of a cloud agent is designed to be paired with one controller. What is the reason for this? Is it due to concurrency issues in having concurrent processes hit the same agent? Or other reasons? I'm thinking of the scenario where within a business I have multiple processes executing that need verifiable credential capability e.g. I have a process to on-board customers that requires verifying credentials, I scale this out horizontally such that I can have multiple versions of this process, each on-boarding a different customer, running concurrently. How do I connect these up to an ACA-PY cloud agent, or multiple agents that all act as on behalf of the business entity. If I write a controller that sits in front of an agent, then send the verifiable credential verify requests from my internal processes to it, then the controller forwards on to the agent, how is this different from having my processes talk to the agent directly? Is it simply because my controller will queue up the requests into a linear order to send on to the agent? or is there another reason for doing it? In such a system, to scale out agent capability horizontally I could create a cluster of controller-agent pairs and load balance requests from my internal services between them correct? I'm asking because if concurrency is the only issue then isn't it fairly trivial to have the agent implement a queue itself and avoid the need for the controller as described? I'm pretty convinced there's some reasoning behind the one controller to agent principle that I'm missing probably due to not knowing much about the ACA-PY implementation. Cheers, Ed

swcurran (Tue, 01 Oct 2019 13:36:33 GMT):
We mean one logical controller to one agent process. As long as Data is persisted, you can horizontally scale the agent and controller as necessary. We are running this architecture on a Red Hat OpenShift cluster (Kubernetes) and all works properly.

swcurran (Tue, 01 Oct 2019 13:36:33 GMT):
We mean one logical controller to one logical agent process. As long as Data is persisted, you can horizontally scale the agent and controller as necessary. We are running this architecture on a Red Hat OpenShift cluster (Kubernetes) and all works properly.

swcurran (Tue, 01 Oct 2019 13:36:33 GMT):
We mean one logical controller to one logical agent process. As long as data is persisted, you can horizontally scale the agent and controller as necessary. We are running this architecture on a Red Hat OpenShift cluster (Kubernetes) and all works properly.

swcurran (Tue, 01 Oct 2019 13:36:33 GMT):
We mean one logical controller to one logical agent. As long as data is persisted, you can horizontally scale the agent and controller as necessary. We are running this architecture on a Red Hat OpenShift cluster (Kubernetes) and all works properly.

daidoji (Wed, 02 Oct 2019 00:39:36 GMT):
my CTO (at IIW right now) says someone described an "action protocol" specified in Aries. Does anyone know which HIPE/feature this might refer to?

andrew.whitehead (Wed, 02 Oct 2019 01:46:15 GMT):
https://hackmd.io/s/HkpyhdGtV This is the only spec right now, we hope to submit a version soon as an RFC. There is also an implementation in aries-cloudagent-python

janl (Wed, 02 Oct 2019 08:49:46 GMT):
Hi @george.aristy , Good question! Delegation, as well as, guardianship are fundamental aspects of giving consent and getting access to data and data sharing. Eventually we will align with the verifiable credential as described by @danielhardman rfc.

sklump (Wed, 02 Oct 2019 12:16:59 GMT):
From a privacy point of view, migrating to delegatable credentials would allow the holder, instead of the issuer, to set privacy policy -- an approach which seems at my naïve first look closer to the be-your-own-identity-provider bent of self sovereign identity. Much as you've obviously put in a ton of work to build the RFP as it stands.

pknowles (Wed, 02 Oct 2019 12:33:54 GMT):
@sklump That seems an unnatural flow to me as it could create a bottleneck in information exchange. On a practical level, that would mean I set some conditions for data sharing and, if they are not met, there is no conversation to be had. It also suggests that the holder has to be aware of every single purpose prior to setting those conditions. That to me is unrealistic. The more natural flow would be for the issuer to specify the purpose for data sharing and the holder can then either opt-in or opt-out. There is no danger of a bottleneck in natural conversation.

sklump (Wed, 02 Oct 2019 12:38:28 GMT):
True, the delegatable credential approach, on its own, has no answer for the non-power-user.

george.aristy (Wed, 02 Oct 2019 13:04:55 GMT):
The delegatable credential approach is not limited to power users. Non-power users register for services using Google's Sign-in, and this would be a similar flow.

Rick (Wed, 02 Oct 2019 14:12:29 GMT):
Hi, what is an advisable way to quickly mass-create wallets, just empty wallets

danielhardman (Wed, 02 Oct 2019 14:33:54 GMT):
You can script this by repeated calls to libindy. What programming language are you using? Note that every wallet you create will need an "unlock key", so this operation would also be creating a large corpus of keys...

Rick (Wed, 02 Oct 2019 15:04:59 GMT):
nodejs, yes im using the postgres MultiWalletSingleTable config enabled. will there be quite a heavy amount of overhead because im assuming that the rust code is doing open-con and close-conn at the end of each all. i've tested that one wallet creation was around 1.6s SDK version 1.11.1

danielhardman (Wed, 02 Oct 2019 15:09:53 GMT):
Someone with deeper experience with the postgress wallet will have to comment on overhead. Yes, I think the underlying Rust impl opens and closes a wallet handle for each call you make. But I believe the postgres driver is using a table structure where the wallet identifier is just part of the primary key of each record, so creating a new wallet doesn't actually create new tables; it just adds a row to create the wallet identifier. Thus, I suspect the expense is just the expense of writing a row to a table (relatively cheap).

janl (Wed, 02 Oct 2019 19:53:01 GMT):
@sklump, Interesting question how delegatable credential is created. I am considering adding a level of abstraction to privacy questions with actors and roles in order to better describe the delegation process. In an earlier discussion of the rfc/hipe the holder or individual "actor" should not create credentials due to privacy because the individual would have to register on the ledger which is required for issuer. Better is that the issues (institution actor) has role to manage creating credentials so they can be revoked. Not to try to describe how solution would look like but it would a combination of adding an option to delegate in the first or updated consent certificate so when delegation is required then holder needs to be able to respond to proof request by a verifier which is the one delegating to. This is my initial thoughts how it could be done.

sklump (Thu, 03 Oct 2019 14:15:21 GMT):
Note that to create a delegated credential, the holder need not have nor use a public DID on the ledger, as far as I read https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0104-delegatable-credentials. The delegation proof links to the original holder's credential, with some special sauce. I haven't thought about how to twist the idea of delegation into privacy policy. My gut says it ought to be possible, but of course that's hardly a standard.

swcurran (Fri, 04 Oct 2019 05:59:37 GMT):
Your gut has been a pretty good gauge...

janl (Fri, 04 Oct 2019 16:41:03 GMT):
Is there any information when the (w3c) verifiable credential for delegation is going to be supported? I would use it but used what is implemented in indy-sdk.

MALodder (Fri, 04 Oct 2019 21:07:11 GMT):
In aries-cloudagent-python I'm have a message handler for ledger async def handle(self, context: RequestContext, responder: BaseResponder): ledger: BaseLedger = await context.inject(BaseLedger, {"pool_name":context.message.pool_name, "genesis_transactions":context.message.genesis_txn})

MALodder (Fri, 04 Oct 2019 21:07:11 GMT):
In aries-cloudagent-python I'm have a message handler for ledger ``` async def handle(self, context: RequestContext, responder: BaseResponder): ledger: BaseLedger = await context.inject(BaseLedger, {"pool_name":context.message.pool_name, "genesis_transactions":context.message.genesis_txn}) ```

MALodder (Fri, 04 Oct 2019 21:10:29 GMT):
When I run aca-py and send the correct message, I get `exception=InjectorError('No instance provided for class: BaseLedger')>`

MALodder (Fri, 04 Oct 2019 21:11:01 GMT):
I'm using the command line options `--wallet-type indy --wallet-name mike`

MALodder (Fri, 04 Oct 2019 21:11:42 GMT):
What do I need to do to hook up so that BaseLedger returns an instance of IndyLedger?

MALodder (Fri, 04 Oct 2019 21:11:42 GMT):
What do I need to do so that BaseLedger returns an instance of IndyLedger?

MALodder (Fri, 04 Oct 2019 21:11:42 GMT):
What do I need to do so that `context.inject` returns an instance of IndyLedger?

MALodder (Fri, 04 Oct 2019 21:13:27 GMT):
I'm hoping someone from BCGov can help me

MALodder (Fri, 04 Oct 2019 21:13:57 GMT):
@swcurran @sklump @andrew.whitehead ^^^

andrew.whitehead (Fri, 04 Oct 2019 22:58:13 GMT):
Is this a new message handler you’re writing?

andrew.whitehead (Sat, 05 Oct 2019 02:48:04 GMT):
I’m not sure if you’re trying to reconfigure what ledger instance is provided to other handlers, or just connect to one temporarily. The first instance isn’t really supported at the moment, we could use an interface to reconfigure the current settings

andrew.whitehead (Sat, 05 Oct 2019 03:15:13 GMT):
See ledger/provider.py for how it creates the ledger instance

ShrinivasDeshmukh (Mon, 07 Oct 2019 08:26:59 GMT):
Has joined the channel.

TelegramSam (Tue, 08 Oct 2019 16:24:43 GMT):
Aries Call This Wed: We want to hear from IIW attendees about what you learned, and have at least one demo that was shown. Please be ready to share!

george.aristy (Tue, 08 Oct 2019 18:24:23 GMT):
The recording for the last call have not been posted yet.

george.aristy (Tue, 08 Oct 2019 18:24:23 GMT):
The recording for the last call has not been posted yet.

dbluhm (Tue, 08 Oct 2019 18:33:01 GMT):
The call was not held last week due to IIW

dbluhm (Tue, 08 Oct 2019 18:34:09 GMT):
But the call from Sept 25 is missing a recording which is probably what you were referring to lol

cam-parra (Tue, 08 Oct 2019 18:58:38 GMT):
Should we hold a meeting tomorrow since we will be at the maintainers summit? And I think EV and BC are also at conferences

TelegramSam (Tue, 08 Oct 2019 19:22:15 GMT):
Call recordings from Sept 25th now posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=20023885

TelegramSam (Tue, 08 Oct 2019 19:28:18 GMT):
@cam-parra I think we should, even if it's smaller. Focus will be some IIW reports, and recording can be reviewed later.

TelegramSam (Tue, 08 Oct 2019 21:10:39 GMT):
Maintainers Summit Session on Aries and ledgers like Fabric and Sawtooth.
IMG_20191008_155152.jpg

Zohaib_Sohail (Wed, 09 Oct 2019 06:56:24 GMT):
lets say I want to issue two credentials to the same user, do I need to have two connections for it or one connection would be sufficient?

lucasmori (Wed, 09 Oct 2019 11:23:50 GMT):
Hi guys, I'm starting using webhook's with aries to collect all data and transport, but is taking a lot of time to response. Have any idea how to improve webhook response with aries?

dbluhm (Wed, 09 Oct 2019 13:44:10 GMT):
What codebase are you referring to when you say "aries?" There are multiple on-going implementations so specifying which one you are using will help us help you :slight_smile:

esplinr (Wed, 09 Oct 2019 13:54:06 GMT):
Feel free to add things to the Aries WG Call that starts in 7 minutes: https://wiki.hyperledger.org/pages/viewpage.action?pageId=20023918

lucasmori (Wed, 09 Oct 2019 14:01:10 GMT):
i'm working on this https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo I want more details how I can use the webhooks return

esplinr (Wed, 09 Oct 2019 14:04:17 GMT):
Aries WG A Call starting now: https://wiki.hyperledger.org/pages/resumedraft.action?draftId=20023919&draftShareId=6b6baf3a-0a5c-4daf-8619-27ec386f745a&

cam-parra (Wed, 09 Oct 2019 15:03:41 GMT):
I would vote that no decisions be made from this morning call until the rest of the community maintainers can vote on it as well. We will be joining the afternoon call today so please come if you'd like to get a final decision

dbluhm (Wed, 09 Oct 2019 15:07:09 GMT):
@cam-parra we discussed the need for interfaces to be defined and repositories that we would like created. No hard decisions were made but it was decided to propose a list of repositories we would like created and leave a 48 hour comment period for anyone that wasn't able to attend to weigh in. The proposed repo list can be found here: https://jira.hyperledger.org/browse/ARIES-3

cam-parra (Wed, 09 Oct 2019 15:08:18 GMT):
thank you! I will take some time out right now to review and comment :)

esplinr (Wed, 09 Oct 2019 15:12:47 GMT):
We also would appreciate you attending the call on October 23 to share Kiva's proposal for an Aries Wallet. Are you available for that @cam-parra ?

cam-parra (Wed, 09 Oct 2019 15:15:18 GMT):
I would stray away from calling it Kiva's proposal. A few of us from different ORGs will present our proposal which can be done by Oct 23rd

esplinr (Wed, 09 Oct 2019 15:18:01 GMT):
Sounds good. I list you as the leader of that discussion.

wip-abramson (Wed, 09 Oct 2019 15:39:13 GMT):
Hey, I have been messing around with aries cloud agent locally. I tried to connect to https://agentbook.vonx.io/ following this https://github.com/cloudcompass/ToIPLabs/blob/master/docs/agentbook-acapy.md but the connection never becomes ready. I actually get a 400 error (line 47 of outbound/http.py) When I run through play with docker it connects fine. Any ideas? Thanks

jsmitchell (Wed, 09 Oct 2019 16:31:47 GMT):
@TelegramSam I've started a doc based on our discussion yesterday

jsmitchell (Wed, 09 Oct 2019 16:32:50 GMT):
need to figure out how to share google docs outside our org

jsmitchell (Wed, 09 Oct 2019 16:32:56 GMT):
```Motivation Sawtooth/Transact (and many other ledgers) use anonymous (to the platform) public keys to identify transaction signers, verify that messages are correctly signed, and perform ‘light’ permissioning checks. For example, Sawtooth supports an on-chain transactor permissioning setting which is represented by a simple list of valid public keys (all keys are permitted by default). An understanding of ‘who’ (person, system, organization, etc...) is associated with a public key is explicitly not handled at the platform level. This is delegated to the ‘application layer’. In Sawtooth/Transact, this is handled by the design of the transaction family (transaction formats, storage formats, and smart contracts). For example, if a transaction family wants to restrict the creation of certain record types to a set of ‘administrative users’, it needs to handle the mapping of the identity of those users (in the real world) to their public keys. In a simple scenario, this may be a simple list of public keys that the smart contract reads out of state. Such transactions would only be considered valid by the smart contract when they were signed by a key in the application-specific ‘administrators’ list. In a more complex scenario, bootstrapped organizational administrative keys might submit transactions which update user identities and their associated rights. Smart contract logic would interpret this access control data to determine if the signer of the transaction had been granted permission to perform the action. Sawtooth/Transact use an approach called Smart Permissions to delegate these permissions checks to ‘organization’ specific code. This allows organizations to provide their own implementation while sharing the same fundamental contract business logic. For example, two organizations may have radically different ways of determining who can create invoices, while the process for creating a valid invoice may be identical. The root-of-trust problem is significant. How can we ensure that the bootstrapped administrative org keys are actually owned by that organization (and controlled by organizationally trusted parties)? How can we provide patterns which allow organizations to verify their individual’s identities, and publish the right evidence to the system to verify permissions? Is it possible for the individuals themselves to submit evidence of their permission to transact? Aries’ DID and VC support potentially provides a path which addresses a number of the root-of-trust identity problems, allowing organizations to provide and revoke permissions to individuals, and allowing individuals to manage signing keys to close the loop on the ledger transaction construction/validation process. ```

jsmitchell (Wed, 09 Oct 2019 17:39:39 GMT):
https://docs.google.com/document/d/12ce5XjmNdMF647mk2IyWdyz1mYPEA7MtCrfpKQw0t3c/edit?usp=sharing

dbluhm (Wed, 09 Oct 2019 18:53:22 GMT):
The Aries Cloud Agent Python implementation has a concept of an admin interface which is a REST API + webhooks mechanism to build out your business logic in a "driver." The driver is essentially just a webserver that listens on the webhook routes and uses the REST API of the agent. To use the webhooks, ACA-Py needs to be configured to know the URL of the driver using the `--webhook-url` command line argument and . I'm not quite sure what step you are on so there's some general information.

dbluhm (Wed, 09 Oct 2019 18:53:22 GMT):
The Aries Cloud Agent Python implementation has a concept of an admin interface which is a REST API + webhooks mechanism to build out your business logic in a "driver." The driver is essentially just a webserver that listens on the webhook routes and uses the REST API of the agent. To use the webhooks, ACA-Py needs to be configured to know the URL of the driver using the `--webhook-url` command line argument. I'm not quite sure what step you are on so there's some general information.

TelegramSam (Wed, 09 Oct 2019 18:57:16 GMT):
Aries WG Call in 4 minutes: https://wiki.hyperledger.org/pages/viewpage.action?pageId=22381790

TelegramSam (Thu, 10 Oct 2019 14:47:06 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=22381790

esplinr (Thu, 10 Oct 2019 15:07:31 GMT):
Identity Implementers call is starting: https://zoom.us/j/232861185

jsmitchell (Thu, 10 Oct 2019 15:09:09 GMT):
@TelegramSam or others - if you have a chance to jump into that doc I linked above and add some color commentary/specifics on the aries language I'm sure I got wrong, that would be great. I'd like to flesh out the concept section.

TelegramSam (Thu, 10 Oct 2019 15:16:00 GMT):
@jsmitchell I'll give it some time today.

lucasmori (Thu, 10 Oct 2019 16:53:15 GMT):
Thanks, I'm did this. I'm confused about which method on swagger the webhook returns some thing. Do you have any list of methods that implement webhooks?

dbluhm (Thu, 10 Oct 2019 16:57:53 GMT):
The swagger document doesn't document the webhooks, unfortunately. I'll check to see if I can find a list of the webhooks in the docs

dbluhm (Thu, 10 Oct 2019 16:58:08 GMT):
@andrew.whitehead Are you aware of such a document?

lucasmori (Thu, 10 Oct 2019 17:00:46 GMT):
Oh thank you very much! I find a bug in webhook, that returns more than one time what i want, but I don't no how to solve that.

andrew.whitehead (Thu, 10 Oct 2019 17:07:31 GMT):
There's some documentation in progress here: https://hackmd.io/4MYrV-f3TYiwMKvIVgMn6A?view

andrew.whitehead (Thu, 10 Oct 2019 17:07:45 GMT):
Records are sent each time the state property is updated

lucasmori (Thu, 10 Oct 2019 17:12:12 GMT):
anything about cred_proof, i looked the swagger but the method is now deprecated

andrew.whitehead (Thu, 10 Oct 2019 17:12:55 GMT):
`present-proof` is the replacement

andrew.whitehead (Thu, 10 Oct 2019 17:13:23 GMT):
https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof

lucasmori (Thu, 10 Oct 2019 17:14:20 GMT):
there's a method on swagger to test that?

andrew.whitehead (Thu, 10 Oct 2019 17:20:13 GMT):
Yes there's a family of methods under the present-proof header

andrew.whitehead (Thu, 10 Oct 2019 17:20:30 GMT):
I added the presentation request state object to the documentation there

lucasmori (Thu, 10 Oct 2019 17:21:44 GMT):
I'll check that! thanks for the support

mwherman2000 (Fri, 11 Oct 2019 05:04:29 GMT):
To follow-up (and clarify) my comments about the "slide 5", "slide 7", etc. slides from this week's Aries call (presented by @danielhardman), I'm advocating that there be a common "query language" based on the DID _identifier architecture_ for all 3 types of data in the decision tree that was presented ...a common "query" box that runs across the top of multiple instances of the slide 5/slide 7 stacks ...based on DID identifiers ...for both the two categories of sensitive, verifiable data as well as all non-verifiable data.

mwherman2000 (Fri, 11 Oct 2019 05:07:06 GMT):
Sort of illustrated like the following (which is data model and not a software architecture model (like the one presented by @danielhardman ))...

mwherman2000 (Fri, 11 Oct 2019 05:07:06 GMT):
Sort of illustrated like the following (which is data model and not a software architecture model (i.e. it's not directly comparable with the one presented by @danielhardman ))...

yerlibilgin (Fri, 11 Oct 2019 13:11:32 GMT):
Hi All. I am working on a DigitalID project and we want to use the HyperLedger aries/ursa and related technologies underneath. While I have been researching and reading a lot, I feel like getting more confused about especially the aries sdk. There are several repos on github for aries (rfcs, go, cloud agent, dot net), I wonder if they all will go in parallel or one of them will be the master repo (e.g. aries-framework-go). Digging the code I also saw some crypto codes that both exist under ursa and aries-go. I would appreciate if anyone can direct me a big picture of what is for what, maybe a Solution Architecture diagram showing what lies where?

dbluhm (Fri, 11 Oct 2019 13:45:39 GMT):
To give some background in case you were not already aware, the Aries project was essentially born out of the Indy Agent community. Much of the code present in Aries today started as an Indy Agent project. While under Indy, most of us used the Indy-SDK which provides a "wallet," an interface to an Indy ledger, a credentials implementation using anoncreds, etc. As the community grew up, we realized that most of our work within the Indy Agent community did not need to be specific to Indy and so came Aries. Many of us that migrated with Indy Agent into Aries still like the idea of having a common library that we can all build on. That is the idea behind the Aries SDK. We're currently working as a community to figure out how a common library for aries looks; this has been the main point of discussion in the Aries Morning calls. While that is getting sorted out, many are continuing to use the Indy SDK to perform the role that we eventually want the Aries SDK to play, with the downside of not yet having the interfaces to swap out ledger implementations, credential implementations, crypto suites, etc. This is the approach the cloud agent and dot net frameworks have taken. Others prefer to work with their own language native or alternative implementations; this has been the approach to the Aries Go framework. Ultimately both approaches are perfectly fine. As long as your Aries implementation speaks the protocols defined in Aries RFCs, the underlying infrastructure of your agent is not significant and we all should be able to interoperate.

dbluhm (Fri, 11 Oct 2019 13:52:18 GMT):
Aries is an interesting mixture of code and ideas that matured in Indy, new code and ideas to make the original code and ideas more generally applicable, and completely new ideas introduced by those coming to work with us on Aries that were not previously involved in Indy. Given this mixing of ideas and the relative youth of the project, there is a definite need for more documentation. A big picture diagram of all the different parts is something we plan on producing and using at the beginning of calls and topics to help orient everyone in the discussion.

yerlibilgin (Fri, 11 Oct 2019 14:25:55 GMT):
Thanks a lot for this long and supportive answer. I have been specifically dealing with aries-framework-go and also inspecting ursa. I know that libursa exports crypto functionality for signig, enc-dec and key generation. But for example aries-framework-go also has its own wallet functionality (I didn’t inspect the py and dotnet ones though) and AFAIS it doesn’t use ursa. Is the aries—ursa integration on the table?

dbluhm (Fri, 11 Oct 2019 14:29:24 GMT):
Yes; however, that again is up to the implementation contributors. Ursa will likely provide the majority of the base crypto for the Aries SDK. I think it is also likely that other implementations that don't want to use the Aries SDK could use Ursa to get anoncreds style credential support.

mwherman2000 (Fri, 11 Oct 2019 17:01:55 GMT):
@danielhardman Attached is something closer to a software architecture view. One pattern I used is to separate the interface drivers from the interface providers.

mwherman2000 (Fri, 11 Oct 2019 17:01:55 GMT):
@danielhardman Attached is something closer to a software architecture view for the Universal DID Data Service ...that would, for example, sit underneath an Agent client app ...and collectively provide the Wallet functionality for both verifiable as well as non-verifiable data (aka credentials). One pattern I used is to separate the interface drivers from the interface providers.

mwherman2000 (Fri, 11 Oct 2019 17:01:55 GMT):
@danielhardman Attached is something closer to a software architecture view for the Universal DID Data Service ...that would, for example, sit underneath an Agent client app ...and collectively provide the Wallet functionality for both verifiable as well as non-verifiable data (aka Verifiable Credentials and Credentials, respectively). One pattern I used is to separate the interface drivers from the interface providers.

george.aristy (Fri, 11 Oct 2019 17:38:49 GMT):
anyone know if support for signature chains is in plans for JWS?

aaronr (Fri, 11 Oct 2019 18:23:35 GMT):
Hi, I'm looking for the "right way" to initiate a topic of discussion/collaboration in Aries. Is it to open an Epic in the Aries Jira that people can contribute to? To be clear, I have no real proposal yet, just wanted to capture the user scenarios and possible requirements so that others with similar leanings can add to or critique what is there. With the goal to make a real proposal at some point.

aaronr (Fri, 11 Oct 2019 18:24:22 GMT):
once possible collaborators have been identified

TelegramSam (Fri, 11 Oct 2019 20:03:40 GMT):
Often discussions are best started with Issues on the aries-rfc repo, and drawing attention to that with chat here.

kdenhartog (Sat, 12 Oct 2019 11:16:18 GMT):
@george.aristy when you say signature chains what did you have in mind?

StefanK (Sat, 12 Oct 2019 21:19:50 GMT):
Hey folks, got another nice question from some colleagues, they asked me if its possible to take a schema from lets say a central service or ethereum entry and use this to create a schema definition on indy / sovrin is the interoperable like this ? Is this what the standard should be ?

StefanK (Sat, 12 Oct 2019 21:34:41 GMT):
What i have in mind is that a schema in general is also only a DID Document which is referenced in in the schema definition .. well or maybe not :D .. furthermore thats why a schema should also be on-chain for immutatbility.. iam mean lets have the following thoughts. Some Schemas are online on a websites everyone creates definitions of that and a hacker manipulate a schema there .. interoperability will fail because new definitions does not match what some verifier expect...? Another thing is how does others do this.. like jolocom uport, can they all work togehter in the end ? Is that what the Universalresolver of DIF want to solve ? And btw have they also the schema and schema definition princip for creating credentials ? Well sry that are some more question in one :D needed to write my thoughts down..

StefanK (Sat, 12 Oct 2019 21:34:41 GMT):
What i have in mind is that a schema in general is also only a DID Document which is referenced in in the schema definition .. well or maybe not :D .. furthermore thats why a schema should also be on-chain? For immutatbility? Iam mean lets have the following thought.. sme schemas are online on a websites everyone creates definitions of that and a hacker manipulate a schema there .. interoperability will fail because new definitions does not match what some verifier expect...? Another thing is how does others do this.. like jolocom uport, can they all work togehter in the end ? Is that what the Universalresolver of DIF want to solve ? And btw have they also the schema and schema definition princip for creating credentials ? Well sry that are some more question in one :D needed to write my thoughts down..

swcurran (Sat, 12 Oct 2019 22:19:58 GMT):
Hey Will - just getting back online. It's because AgentBook needs to be able to access a public address for the other agent. Play With Docker has public addresses, but local agent instances don't - just localhost. This could be rectified with a mediator cloud agent for your local agent, of course :-). But that's a lot more work.

george.aristy (Sat, 12 Oct 2019 22:45:11 GMT):
I mean a chain of signatures where the order of them matters.

george.aristy (Sat, 12 Oct 2019 23:52:04 GMT):
similar to this: https://w3c-dvcg.github.io/ld-signatures/#signature-chains

george.aristy (Sat, 12 Oct 2019 23:52:23 GMT):
similar to this: https://w3c-dvcg.github.io/ld-signatures/#signature-chains

kdenhartog (Sun, 13 Oct 2019 02:03:09 GMT):
As far as I’m aware the JWS spec doesn’t support this feature. I did see it’s possible to support some multisig capabilities with the JSON serialization.

TelegramSam (Wed, 16 Oct 2019 13:54:20 GMT):
Call Agenda for today's Aries WG call: https://wiki.hyperledger.org/pages/viewpage.action?pageId=22382505

TelegramSam (Wed, 16 Oct 2019 13:54:32 GMT):
Please read the linked items on the agenda to be ready for discussion.

cam-parra (Wed, 16 Oct 2019 15:16:42 GMT):
@TelegramSam and @danielhardman I have left a comment in ARIES-3 that should get rid of the stalemate. I would also like to begin working on this asap

gcsfred (Wed, 16 Oct 2019 17:36:11 GMT):
Can I please join the Aries WG call? Can I please get an invitation?

gcsfred (Wed, 16 Oct 2019 17:43:34 GMT):
Hi, I have a general question. I understand that often, in a certain (Hyperledger) system users may have one or more DIDs. How are people implementing authentication in practice within a self-contained system? Is it with the common username and password?

TelegramSam (Wed, 16 Oct 2019 18:07:58 GMT):
Of course! Call times and links are here: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

TelegramSam (Wed, 16 Oct 2019 18:08:15 GMT):
if you send me the email address you use with google calendar, I can add you to that invite.

TelegramSam (Wed, 16 Oct 2019 18:10:35 GMT):
DID Auth is a huge topic by itself. Most Aries work uses messages with mutual authentication on each message, so there isn't really a concept of login.

TelegramSam (Wed, 16 Oct 2019 18:11:53 GMT):
Using DIDs to authenticate to a site by proving key possession should kill usernames and passwords, and is contained within the DIDAuth Discussions.

ajayjadhav (Wed, 16 Oct 2019 18:16:37 GMT):
Hi @TelegramSam , is there any reference implementation available for DIDAuth in your knowledge?

TelegramSam (Wed, 16 Oct 2019 18:29:57 GMT):
I have not been following those conversations as closely. Many of them are happening in DIF meetings. I'm not aware of any reference implementations as yet, but I'm not the person who would know if there was.

ajayjadhav (Wed, 16 Oct 2019 18:30:45 GMT):
okay, anyone you know you can point me to?

TelegramSam (Wed, 16 Oct 2019 18:32:00 GMT):
Orie Steele with Transmute might be a good one.

ajayjadhav (Wed, 16 Oct 2019 18:32:27 GMT):
cool, thanks for your help. I will try to get in touch with Orie.

TelegramSam (Wed, 16 Oct 2019 18:32:31 GMT):
I don't think he's on this rocketchat server though.

ajayjadhav (Wed, 16 Oct 2019 18:33:07 GMT):
ohokay. Let's see If I can connect with him elsewhere using social media.

swcurran (Wed, 16 Oct 2019 18:40:34 GMT):
We have a working OIDC Identity Provider (OP) that uses Aries protocols and verifiable credentials for authentication. An RP can using stock OIDC protocols, the OP receives the request and then talks DIDComm with an agent to get a proof, and then uses the data in the proof to populate to the OIDC token to pass to the RP. Code - https://github.com/bcgov/vc-authn-oidc Recording of IIW presentation of this - https://t.co/l40vWnarc5

ajayjadhav (Wed, 16 Oct 2019 18:42:06 GMT):
Great, Thanks for sharing @swcurran . will have a look at the recording

gcsfred (Wed, 16 Oct 2019 18:49:45 GMT):
Thanks, all this info is interesting. I'm trying to visualize this. How does can a UI look like in practice with these DID Auth things?

swcurran (Wed, 16 Oct 2019 18:57:44 GMT):
Here is the current approach. Picture a login screen with various options to login - Facebook, Google, Email. Add an option "Verifiable Credential". When that one is clicked, a QR comes up. Scan it with phone in Mobile Agent app. A Proof Request confirmation screen pops up in mobile agent with credentials pre-populated. Tap "Send Claims" (or something understandable :-) ). Back to the browser, the user is logged into the app. The QR code and Mobile App is the equivalent of logging into Facebook. The proof request confirmation is the equivalent of answering the "Do you want to share these attributes with App Foo". The difference is that only you know that you were asked, and only you know what you shared.

swcurran (Wed, 16 Oct 2019 18:58:01 GMT):
We'll have a demo that anyone can try up Real Soon Now.

TelegramSam (Wed, 16 Oct 2019 18:59:01 GMT):
Aries call in 2 minutes: https://wiki.hyperledger.org/pages/viewpage.action?pageId=22382505

gcsfred (Wed, 16 Oct 2019 19:00:29 GMT):
Interesting. Is there any documentation that you can refer to that describes this flow and messages?

ajayjadhav (Wed, 16 Oct 2019 19:02:04 GMT):
The QR Code which comes up is of the public DID of the Org of that website?

helengarneau (Wed, 16 Oct 2019 19:55:48 GMT):
Hope everyone can make it out to Utah for this Aries community event! Be sure to register using the google form. Also, please let me know if you have any questions about sponsorships or think your organization may want to chip-in and sponsor a meal. Thanks! https://www.meetup.com/Utah-Sovrin-Meetup/events/265714942/

swcurran (Wed, 16 Oct 2019 20:27:15 GMT):
@gcsfred - see the vc-authn-oidc repo referenced above for some docs.

swcurran (Wed, 16 Oct 2019 20:28:25 GMT):
The QR code is a DIDComm connection protocol invitation.

aaronr (Thu, 17 Oct 2019 04:37:30 GMT):
Hi, I have a question about RFC 0023 (DID Exchange Protocol). I didn't see in the RFC any way that the Exchange Request or Exchange Response is tied to the original invitation, though I do see that the Exchange Request and Response are associated with the thread id. Is there an association with the invitation that I'm missing? My thought is that I could target invitations toward different groups (or even different individuals) and I want to know which invitation spawned which of the Exchange Requests that I've received.

george.aristy (Thu, 17 Oct 2019 11:28:44 GMT):
correlation of request to invitation: https://github.com/hyperledger/aries-rfcs/pull/254

aaronr (Thu, 17 Oct 2019 16:12:30 GMT):
Exactly what I was looking for and exactly what I need. Thanks!

gcsfred (Fri, 18 Oct 2019 18:36:54 GMT):
Is Sovrin the only blockchain supported by Aries?

gcsfred (Fri, 18 Oct 2019 18:50:10 GMT):
And if the intent is to support other blockchains, what are those of "higher priority"?

dbluhm (Sat, 19 Oct 2019 01:33:29 GMT):
Since many of the Aries implementations originated from the Indy Agent work, Indy ledgers are currently the only ledgers implemented in many of those code bases. Support for other ledgers is one of the foundational goals of Aries but "high priority" first targets have not been identified by the community collectively.

wip-abramson (Sat, 19 Oct 2019 12:40:15 GMT):
Hi - I am trying to use the aries-cloud-agent to connect to the sovrin staging network using this genesis file - https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_sandbox_genesis. This ends up throwing multiple "node is not a validator" errors. Has anyone done this before?

andrew.whitehead (Sat, 19 Oct 2019 20:49:44 GMT):
I think there are nodes in the genesis file that are no longer available, but it should work despite the warnings

kdenhartog (Sun, 20 Oct 2019 03:20:22 GMT):
Take note there's a request to change RFC 0250 regarding Rich Schemas from a `proposed status` to `accepted status`. Please give a look within the next week and raise any concerns within that time period. Otherwise we'll assume consensus has been achieved.

kdenhartog (Sun, 20 Oct 2019 03:20:22 GMT):
Take note there's a request to change RFC 0250 regarding Rich Schemas from a `proposed status` to `accepted status`. If you have an objection it should be raised within the next week. Otherwise we'll assume consensus has been achieved.

pknowles (Tue, 22 Oct 2019 13:47:48 GMT):
We're currently working on a wallet integration for a Third Party Risk Management project with Novartis. I'd like to push the integration team to work with HL Aries rather than HL Indy for better interoperability. Is the Aries infrastructure fleshed out enough or are we better off sticking with Indy for the time being?

pknowles (Tue, 22 Oct 2019 13:47:48 GMT):
We're currently working on a wallet integration for a Third Party Risk Management project with Novartis. I'd like to push the integration team to work with HL Aries rather than HL Indy for better platform interoperability. Is the Aries infrastructure fleshed out enough or are we better off sticking with Indy for the time being?

TelegramSam (Tue, 22 Oct 2019 14:14:18 GMT):
Aries call for tomorrow includes DID Exchange and related issues. Reading links can be found under Agenda to help center the conversation: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24772655

swcurran (Tue, 22 Oct 2019 21:22:04 GMT):
Definitely better going with Aries. Going with Indy means redoing lots of things already done, and winding up with something that doesn't work with anything else.

swcurran (Tue, 22 Oct 2019 21:22:04 GMT):
Definitely better going with Aries. Going with Indy means redoing lots of things already done in Aries implementations, thinking up lots of new ways to do things, and winding up with something that doesn't work with anything else.

swcurran (Tue, 22 Oct 2019 21:26:13 GMT):
Constraint is the limited implementations. If you are building a mobile app, pretty much all you can use at the core is aries-framework-dotnet embedded in a Xamarin deployment. If you are building a non-mobile agent, you can use aries-cloudagent-python and use any language you want (doesn't have to be python). If you want/need to code the agent itself, you have to use Python, but for the business application, you can use any language.

ajayjadhav (Tue, 22 Oct 2019 21:40:37 GMT):
Out of the two Aries framework implementations (.NET Core & Golang), which one do you think is more mature in terms of RFC coverage & potential to go into production ?

swcurran (Tue, 22 Oct 2019 21:42:58 GMT):
The .NET Core one as it is used in a number of implementations. You can check the status of the Go one, but I think it has a way to go yet.

ajayjadhav (Tue, 22 Oct 2019 21:43:51 GMT):
Great, that gives a clear direction.. Thanks @swcurran ...

TelegramSam (Wed, 23 Oct 2019 18:56:51 GMT):
Aries Afternoon call, in 4 minutes: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24772655

danielhardman (Wed, 23 Oct 2019 21:18:19 GMT):
Okay, @TelegramSam , here is an update to the Attachments RFC that uses `~sig` as we discussed on today's call: https://github.com/hyperledger/aries-rfcs/pull/267

kdenhartog (Wed, 23 Oct 2019 22:24:09 GMT):
I joined the call late, but I meant to bring up during the sig discussion that I think it would be useful for us to use JWS consistently in the non-repudiable work and the `~sig` decorator. What's others thoughts on this? I'll write it up if we think this is a good idea.

kdenhartog (Wed, 23 Oct 2019 22:29:18 GMT):
@TelegramSam or @danielhardman any strong opinions against that?

danielhardman (Wed, 23 Oct 2019 22:35:32 GMT):
I don't mind ~sig's internal structure being reimagined as a JWS.

danielhardman (Wed, 23 Oct 2019 22:35:52 GMT):
Note, however, that there are impls that will break. (BCGOV?)

andrew.whitehead (Wed, 23 Oct 2019 22:36:03 GMT):
Nesting the `~sig` decorator inside `~attach` isn't exactly what I had in mind, I wanted to shoot `~sig` and move the functionality over :)

andrew.whitehead (Wed, 23 Oct 2019 22:36:44 GMT):
It would break compatibility but switching to did-exchange is expected to do that anyway

danielhardman (Wed, 23 Oct 2019 22:36:50 GMT):
@andrew.whitehead : we need a way to sign an arbitrary scope smaller than a whole message. Attachments are just one example. It sounds like you wanted that to be the only example?

andrew.whitehead (Wed, 23 Oct 2019 22:38:15 GMT):
That's right, if I'm understanding you. Effectively sig is acting as an attachment anyway

danielhardman (Wed, 23 Oct 2019 22:38:27 GMT):
I can't think of an example where we need that arbitrary scope that isn't *also* doable nicely through attachments, so maybe we make it a non-decorator?

andrew.whitehead (Wed, 23 Oct 2019 22:41:38 GMT):
Make which one a non-decorator?

danielhardman (Wed, 23 Oct 2019 22:41:44 GMT):
Okay. The thing that would change from my most recent PR is that I would no longer be linking to the RFC that defines `~sig`, and I would call it a field rather than an attachment. Then, if Kyle's JWS suggestion is taken, we redefine its internal structure to be JWS-compliant. Separate from my tweaks to RFC 0017, we'd need to mark the `~sig` RFC RETIRED.

danielhardman (Wed, 23 Oct 2019 22:42:23 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=CChHozMTjFYsd4G3Q) Make the attachment descriptor's `data.~sig` field into `data.sig`

danielhardman (Wed, 23 Oct 2019 22:43:26 GMT):
Okay. I'll update RFC 0017. ETA 15 min.

danielhardman (Wed, 23 Oct 2019 22:54:22 GMT):
Okay, @andrew.whitehead and @kdenhartog : the attachments RFC now doesn't use a `~sig` decorator but instead a `sig` field--and its format is JWS. @kdenhartog , will you take care of retiring the RFC about `~sig`?

danielhardman (Wed, 23 Oct 2019 22:54:22 GMT):
Okay, @andrew.whitehead and @kdenhartog : the attachments RFC now doesn't use a `~sig` decorator but instead a `sig` field--and its format is JWS. At least, that's the way it looks in my PR. @kdenhartog , will you take care of retiring the RFC about `~sig`?

troyronda (Wed, 23 Oct 2019 23:08:10 GMT):
Thanks @danielhardman JWS makes more sense to me.

troyronda (Wed, 23 Oct 2019 23:08:10 GMT):
Thanks @danielhardman JWS makes more sense to me, as you did.

troyronda (Wed, 23 Oct 2019 23:08:10 GMT):
Thanks @danielhardman JWS makes more sense to me, as the PR now shows.

troyronda (Wed, 23 Oct 2019 23:08:10 GMT):
Thanks @danielhardman JWS makes more sense to me, as the PR now contains.

andrew.whitehead (Wed, 23 Oct 2019 23:29:12 GMT):
I thought it was interesting how this RFC basically describes anoncrypt and authcrypt (as the Base and Auth modes) while also defining support for PSKs and streams of messages, maybe it would make sense to define the envelope as a wire format in these terms: https://datatracker.ietf.org/doc/draft-irtf-cfrg-hpke/

kdenhartog (Thu, 24 Oct 2019 04:13:27 GMT):
@andrew.whitehead that's quite an interesting find, I think what your suggesting is a good idea and worth looking into further

prieblinger (Thu, 24 Oct 2019 06:27:16 GMT):
Hello everyone! We are building a system to integrate Sovrin-based SSI into existing identity & access management solutions. For this, we would like to have a way to negotiate the attributes to prove before an actual proof request (Like "definitely prove attribute A, but you can choose if you want to additionally prove attribute B or attribute C. You can also add attribute D to this, but that's optional"). So we had drafted an Aries-RFC for this feature, but swcurran, who kindly took the time to talk to us on the subject, mentioned that this feature would rather be something to request from Ursa. Then again, all we could find when it comes to RFCs in Ursa was this apparently abandoned RFC from march: https://wiki.hyperledger.org/display/ursa/0000-OpenSSL-Interface . So basically, we are kind of confused as to where to request this feature and describe it in detail. What is the general opinion over here as to where this belongs? I have added a pdf showing a presentation on the idea. If you have questions on this, please do ask. Also, can you tell us what you think of Aries RFC 0013-overlays? This might be something to build on for our credential negotiation idea, but that would only make sense if this is something that will actually find approval. We are looking forward to your feedback!

pknowles (Thu, 24 Oct 2019 07:10:03 GMT):
@prieblinger I'm the chair of the #indy-semantics WG. Re Aries RFC 0013-overlays, I'm the inventor of the Overlays Data Capture Architecture (ODCA). The first real implementation of the architecture will be for a Third Party Risk Management (TPRM) project spearheaded by Novartis. The schema assets (i.e. schema bases and overlays) for that project will ultimately be issued by PSCI. If you DM me, I can point you to some richer documentation. The current RFC needs to be updated slightly.

pknowles (Thu, 24 Oct 2019 07:10:03 GMT):
@prieblinger I'm the chair of the #indy-semantics WG. Re Aries RFC 0013-overlays, I'm the inventor of the Overlays Data Capture Architecture (ODCA). The first real implementation of the architecture will be for a Third Party Risk Management (TPRM) project spearheaded by Novartis. The schema assets (i.e. schema bases and overlays) for that project will ultimately be issued by the Pharmaceutical Supply Chain Initiative (PSCI). If you DM me, I can point you to some richer documentation. The current RFC needs to be updated slightly.

pknowles (Thu, 24 Oct 2019 07:10:03 GMT):
@prieblinger I'm the chair of the #indy-semantics WG. Re Aries RFC 0013-overlays, I'm the inventor of the Overlays Data Capture Architecture (ODCA). The first real implementation of the architecture will be for a Third Party Risk Management (TPRM) project spearheaded by Novartis. The schema assets (i.e. schema bases and overlays) for that project will ultimately be issued by the Pharmaceutical Supply Chain Initiative (PSCI). If you DM me, I can point you to some richer documentation. The current RFC needs to be updated.

pknowles (Thu, 24 Oct 2019 07:10:03 GMT):
@prieblinger I'm the chair of the #indy-semantics WG. Re Aries RFC 0013-overlays, I'm the inventor of the Overlays Data Capture Architecture (ODCA). The first real implementation of the architecture will be for a Third Party Risk Management (TPRM) project spearheaded by Novartis. The schema assets (i.e. schema bases and overlays) for that project will ultimately be issued by the Pharmaceutical Supply Chain Initiative (PSCI). If you DM me, I can point you to some richer documentation. The current RFC needs updating.

pknowles (Thu, 24 Oct 2019 07:21:04 GMT):
... and, yes, @danielhardman , I will make some edit requests over the next few days!

danielhardman (Thu, 24 Oct 2019 07:23:33 GMT):
@prieblinger : I suggest you get the attention of @brentzundel and @kenebert here on Rocket Chat, and of Daniel McGrogan of Workday (probably not here on Rocket.Chat, but Brent and Ken have his contact info). They've been working on similar concepts (see, for example, Daniel's RWOT paper here: https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/verifiable-credentials-proof-request.md. I think the overlays idea may be fruitful for you as well, but I think parts of what you need may live elsewhere, so it could be a combination of overlays and other stuff.

danielhardman (Thu, 24 Oct 2019 07:25:23 GMT):
(I also agree with @swcurran that there is work related to this that naturally lives in Ursa. They're working on something called zklang which is a formal expression of a proof request. However, it's lower level than what you need. Think of it like assembly language instructions for proof requests, where what you want is a higher-level language.)

DibbsZA (Thu, 24 Oct 2019 15:31:13 GMT):
I was wondering that myself. Thanks for the clarification

swcurran (Thu, 24 Oct 2019 16:57:58 GMT):
A related question to the issue raised by @prieblinger. I think the general understanding of the community is that an Indy proof will be "True" only if all claims requested in the proof request are correctly provided in the proof. In reality, I think that a proof will be "True" if the things that are included in the proof are true, and if things are left out, that's OK. For example, in my experience with using a Mobile Agent app, the prover leaves out claims and hides claims as they want, and the proof will still be "true" in that the prover has the claims provided (without exposing their value and the things that were left out are not proven. Thus it is up to the verifier to check what data was received to determine if what they need is actually included. It would be nice to have a clear description of exactly what "True" means in the context of a verification and in relation to the proof request provided. If what I suspect is true, that means there is/could be a separation between the crypto proof, and the business needs. In @prieblinger's case, the crypto proof request could be the list of all possible claims being requested, and the business needs are information to the prover of what combination of claims the verifier will accept.

swcurran (Thu, 24 Oct 2019 16:57:58 GMT):
A related question to the issue raised by @prieblinger . I think the general understanding of the community is that an Indy proof will be "True" only if all claims requested in the proof request are correctly provided in the proof. In reality, I think that a proof will be "True" if the things that are included in the proof are true, and if things are left out, that's OK. For example, in my experience with using a Mobile Agent app, the prover leaves out claims and hides claims as they want, and the proof will still be "true" in that the prover has the claims provided (without exposing their value and the things that were left out are not proven. Thus it is up to the verifier to check what data was received to determine if what they need is actually included. It would be nice to have a clear description of exactly what "True" means in the context of a verification and in relation to the proof request provided. If what I suspect is true, that means there is/could be a separation between the crypto proof, and the business needs. In @prieblinger's case, the crypto proof request could be the list of all possible claims being requested, and the business needs are information to the prover of what combination of claims the verifier will accept.

swcurran (Thu, 24 Oct 2019 16:57:58 GMT):
A related question to the issue raised by @prieblinger . I think the general understanding of the community is that an Indy proof will be "True" only if all claims requested in the proof request are correctly provided in the proof. In reality, I think that a proof will be "True" if the things that are included in the proof are true, and if things are left out, that's OK. For example, in my experience with using a Mobile Agent app, the prover leaves out claims and hides claims as they want, and the proof will still be "true" in that the prover has provided some claims even though they didn't expose the values and some were left out entirely. Thus it is up to the verifier to check what data was received to determine if what they need is actually included. It would be nice to have a clear description of exactly what "True" means in the context of a verification and in relation to the proof request provided. If what I suspect is true, that means there is/could be a separation between the crypto proof, and the business needs. In @prieblinger's case, the crypto proof request could be the list of all possible claims being requested, and the business needs are information to the prover of what combination of claims the verifier will accept.

swcurran (Thu, 24 Oct 2019 16:57:58 GMT):
A related question to the issue raised by @prieblinger . I think the general understanding of the community is that an Indy proof will be "True" only if all claims requested in the proof request are correctly provided in the proof. In reality, I think that a proof will be "True" if the things that are included in the proof are true, and if things are left out, that's OK. For example, in my experience with using a Mobile Agent app, the prover leaves out claims and hides claims as they want, and the proof will still be "true" in that the prover has provided some claims even though they didn't expose the values and some were left out entirely. Thus it is up to the verifier to check what data was received to determine if what they need is actually included. It would be nice to have a clear description of exactly what "True" means in the context of a verification and in relation to the proof request provided. If what I suspect is true, that means there is/could be a separation between the crypto proof, and the business needs. In @prieblinger's case, the crypto proof request could be the list of all possible claims being requested, and the business needs are information to the prover of what combination of claims the verifier will accept in a given context.

danielhardman (Thu, 24 Oct 2019 23:27:46 GMT):
@swcurran : I would get even more nuanced. There are 3 questions: 1. Does the presentation pass cryptographic verification (all signatures are correct, nothing is expired/revoked)? 2. Does the presentation include everything that was requested (proof matches proof request, leaving nothing out)? 3. Does the presentation satisfy all relevant business requirements? Item 1 can be tested entirely in a library. Item 2 could be tested entirely in a library, IFF we had a standardized, formal proof request language AND a proof response message included a reconciliation against the preceding request. Today we don't have either piece, so you are correct to point out that it is missing. Item 3 might be unnecessary in some cases, because if the expressive power of proof requests is great enough to capture everything that a particular verifier cares about, it has no greater scope than items 1 and 2. But I think it is still a logically separate question. Sometimes a verifier may want to consider factors outside the proof itself, such as "Does your score on this test [as proved by credentials] make you one of the top 3 applicants?" You could say that this is outside the scope of our proving, and I would agree--but I bring it up because verifiers should not expect to be able to express everything they want to know inside the proving protocol. There will *always* be business criteria that don't fit inside it. We should recognize when we run into stuff like that, and not try to overload the protocol with stuff that doesn't belong there. And we shouldn't equate verification of the first 2 items with verification that satisfies all possible business criteria.

danielhardman (Thu, 24 Oct 2019 23:27:46 GMT):
@swcurran : I would get even more nuanced. There are 3 questions: 1. Does the presentation pass cryptographic verification (all signatures are correct, nothing is expired/revoked)? 2. Does the presentation include everything that was requested (proof matches proof request, leaving nothing out)? 3. Does the presentation satisfy all relevant business requirements? Item 1 can be implemented and tested once, and encapsulated entirely in a library. Item 2 could be tested entirely in a library, IFF we had a standardized, formal proof request language AND a proof response message included a reconciliation against the preceding request. Today we don't have either piece, so you are correct to point out that it is missing. Item 3 might be unnecessary in some cases, because if the expressive power of proof requests is great enough to capture everything that a particular verifier cares about, it has no greater scope than items 1 and 2. But I think it is still a logically separate question. Sometimes a verifier may want to consider factors outside the proof itself, such as "Does your score on this test [as proved by credentials] make you one of the top 3 applicants?" You could say that this is outside the scope of our proving, and I would agree--but I bring it up because verifiers should not expect to be able to express everything they want to know inside the proving protocol. There will *always* be business criteria that don't fit inside it. We should recognize when we run into stuff like that, and not try to overload the protocol with stuff that doesn't belong there. And we shouldn't equate verification of the first 2 items with verification that satisfies all possible business criteria.

danielhardman (Thu, 24 Oct 2019 23:27:46 GMT):
@swcurran : I would get even more nuanced. There are 3 questions: 1. Does the presentation pass cryptographic verification (all signatures are correct, nothing is expired/revoked)? 2. Does the presentation include everything that was requested (proof matches proof request, leaving nothing out)? 3. Does the presentation satisfy all relevant business requirements? Item 1 can be implemented once and encapsulated entirely in a library, with no reliance on higher-level code. Item 2 could be provided entirely in a library as well, IFF we had a standardized, formal proof request language AND a proof response message included a reconciliation against the preceding request. Today we don't have either piece, so you are correct to point out that it is missing. Item 3 might be unnecessary in some cases, because if the expressive power of proof requests is great enough to capture everything that a particular verifier cares about, it has no greater scope than items 1 and 2. But I think it is still a logically separate question. Sometimes a verifier may want to consider factors outside the proof itself, such as "Does your score on this test [as proved by credentials] make you one of the top 3 applicants?" You could say that this is outside the scope of our proving, and I would agree--but I bring it up because verifiers should not expect to be able to express everything they want to know inside the proving protocol. There will *always* be business criteria that don't fit inside it. We should recognize when we run into stuff like that, and not try to overload the protocol with stuff that doesn't belong there. And we shouldn't equate verification of the first 2 items with verification that satisfies all possible business criteria.

danielhardman (Thu, 24 Oct 2019 23:35:44 GMT):
All: I want to solicit feedback about this slide deck, which is my proposal for the community-requested diagrams that we can point at during discussions, saying, "we're talking about this thing here". It also includes some thoughts about how architecture of what we build in aries ought to map to installable packages, rust crates, libraries, and github repos. Note the questions in some of the callouts. https://docs.google.com/presentation/d/1L5L4QcZOATrn9rj4bEMmlbvij9XWyqgQRoWO-HNiUGw/edit If we like it, maybe we can reference part of a relevant diagram when we write the readmes for various git repos, and when we create RFCs about KMS, VDRI, etc. @cam-parra @brentzundel @kenebert @swcurran @TelegramSam @kdenhartog

kdenhartog (Fri, 25 Oct 2019 00:49:57 GMT):
I think that's a good high level overview for the direction that the Aries project is heading. What I don't see in this that I suspect we'll run into quite often is the architecture of the agent/framework aspect. For example, where pointing to people to say we're talking about decorator processing and pointing to the agent-framework layer would be correct, but not frame the discussion enough to cut through the unimportant details to identify the important details.

troyronda (Fri, 25 Oct 2019 02:04:26 GMT):
@danielhardman Thanks for putting this deck together. I particularly found it useful in presenting the boundaries between each pluggable components. From my perspective on working on the Go framework, I had a few thoughts (but a bit into the weeds): (1) The topic of this presentation seems to be more specifically the Aries Plugin Architecture. (2) I assume each component wrapper is also useable independently from each other wrapper (like was shown for the component boundaries). (3) For a component that can have multiple plugins loaded at once, I would assume the framework would load each plugin and route appropriately. (4) A framework for a particular language can also load its native format for code/plugins, in addition to the c-callable rust plugins supplied by the core libs. i.e., not every component in the ecosystem is written in rust. (5) As an extension to the last point, a framework can also include some of these native components as "batteries included" defaults. (6) On slide 4, you might want to remove the individual red lines. (7) I think of a backing storage component/plugin as being injected into the overall KMS component/plugin (at least when I think of a Go design).

troyronda (Fri, 25 Oct 2019 02:09:39 GMT):
Re slide 11. In our efforts, so far, we started with HTTP binding and peer DID as sensible "batteries included" resolvers. (It's not entirely clear that every resolver fits as an in-process library so it would seem good to have an easy way to reach out of process too.)

swcurran (Fri, 25 Oct 2019 03:03:40 GMT):
@andrew.whitehead @jljordan_bcgov @sklump @nbrempel

mtfk (Fri, 25 Oct 2019 10:28:59 GMT):
Hi Daniel, Great work with slides. Here are few comments from my side: - slide 4 - mapping for agent/framework on the current slide there is just one mapping of the agent to layer two which suggest that it is very limited to the simple communication. But in my understanding Agent is mainly in Layer Tree where all complex use cases with VC are implemented. As well from perspective of someone who would like to build something on top of that stack I think they should mainly build against agents not core components. It would definitely make the adoption much easier. - I got the point of not calling aries yet sdk but overall it is inevitable to use i t as a SDK otherwise Aries would need to become something much bigger (like ready application but this would blow up the scope) - slide 8 - adding other components like payments, smart contract etc. expand the scope of aries defined on slide 2. If we are focusing on SSI technology having stuff like payments does not sens (remember that some of those components would be huge - payment is good example). - slide 15 - funcs does not seems to need plugins build in but maybe we cold think of allowing for implementing own "business logic"/flows which reuse existing components to make it easier in higher levels to fulfill the user cases in the TDA. You could imagine that someone would build the flow for credentials specifically for driving license, this could be part of the functions sets which you can import. I think the key point here is to define the scope of the Aries and try to stay within its boundaries. SSI has a huge impact on a lot of components not necessary we want to have them in aries (like payments -> blockchain and regular, sending files, exchanging securely information (IM) etc..) Base on above comments I took liberty to modify a bit your deck and include above comments as well put a bigger picture on the vision of Aries within connection of Trusted Digital Agent (aka Digital wallet) - user friendly interface towards decentralized economy. You can find it here: https://docs.google.com/presentation/d/1ot2SersaBdFwt1KrkE9X5S7oIx-7h8l-9bhHvDfzvgs/edit?usp=sharing btw. it is allow to comment in the document. Would be nice if you would allow as well in yours make live easier.

swcurran (Fri, 25 Oct 2019 14:55:35 GMT):
@nbrempel, @jljordan_bcgov - FYI about this. This gets to the definition of "verified" from an Indy sense today.

danielhardman (Fri, 25 Oct 2019 15:00:15 GMT):
@troyronda Your feedback makes me realize that I took an overly simplistic view of the relationship between a framework and the components of Aries that it may use. I assumed that every framework got its SSI features from Aries core, rather than implementing them on its own. What you're making me realize is that it's possible for a framework to pick and choose--maybe for example getting resolvers from Aries core+core plugins, but getting KMS from its own internal constructs. Perhaps we need some slides that highlight this alternative possibility...

danielhardman (Fri, 25 Oct 2019 15:00:28 GMT):
(Thanks to everyone who's given feedback so far, BTW...)

swcurran (Fri, 25 Oct 2019 15:17:38 GMT):
@ianco - I missed you on my earlier comment. Please review.

helengarneau (Fri, 25 Oct 2019 16:45:07 GMT):
Reminder to please register for the Aries Connectathon Dec 3-5 in Provo using the link to the Google Form listed on the meetup page. Please register as soon as possible so we can account for food/venue options. Also- Sponsorships to cover costs of food are still open. Sponsors who commit by November 1 will have their logos on the event t-shirt! DM me with any questions. Thanks! https://www.meetup.com/Utah-Sovrin-Meetup/events/265714942/?success=email_sent&success=mailinglist_sent

sklump (Fri, 25 Oct 2019 17:32:31 GMT):
Re: JWS. Who knows this spec? Can anyone tell me where the verification key goes into the token? As far as I can see, a JWS has a header, dot, a base64url-encoded payload, dot, and a signature value. How to recover the verkey to try to verify the signature?

sklump (Fri, 25 Oct 2019 17:32:31 GMT):
Re: JWS. Who knows this spec? Can anyone tell me where the verification key goes into the token? As far as I can see, a JWS has a header [literally `base64url({"alg":"EdDSA"})`], dot, a base64url-encoded payload, dot, and a base64url-encoded signature value. How to recover the verkey to try to verify the signature?

sklump (Fri, 25 Oct 2019 17:32:31 GMT):
Re: JWS. Who knows this spec? Can anyone tell me where the verification key goes into the token? As far as I can see, a JWS has a header [always `base64url({"alg":"EdDSA"})`], dot, a base64url-encoded payload, dot, and a base64url-encoded signature value. How to recover the verkey to try to verify the signature?

DibbsZA (Fri, 25 Oct 2019 17:38:31 GMT):
A query if anyone can help. I have the **aca-py** agent up and running with the postgress db and it set up to connect to buldernet. I previously used https://selfserve.sovrin.org/ to ledger the DID as an Endorser, this is the public DID in the wallet which I can retrieve after startup. Then I tried to create a Schema and I get this in the logs ``` aca-py_1 | 2019-10-25 16:45:25,530 indy.ledger DEBUG sign_and_submit_request: <<< res: '{"reason":"client request invalid: InvalidClientTaaAcceptanceError(\'Txn Author Agreement acceptance is required for ledger with id 1\',)","identifier":"8EscMmKWP89KZCYDotgneQ","reqId":1572021925105906503,"op":"REJECT"}' ``` What steps have I missed to setting up my agent?

swcurran (Fri, 25 Oct 2019 18:30:31 GMT):
@andrew.whitehead - can you help with this? I think we have the TAA support in ACA-Py, so should be doable.

DibbsZA (Fri, 25 Oct 2019 18:35:37 GMT):
for ref I am using the ```bcgovimages/aries-cloudagent:py36-1.11-1_0.3.2``` image

andrew.whitehead (Fri, 25 Oct 2019 18:36:42 GMT):
The agent should be run with `aca-py provision (wallet args, ledger args)`, then it will prompt for TAA acceptance

DibbsZA (Fri, 25 Oct 2019 18:38:56 GMT):
Doh! I skipped that part. For the args you mention, are they the same you would use for a normal start?

DibbsZA (Fri, 25 Oct 2019 18:39:55 GMT):
cool. Thanks very much. I'll give that a go

DibbsZA (Fri, 25 Oct 2019 20:10:35 GMT):
@andrew.whitehead How would one do the provisioning if aca-py is inside a container? I tried starting the container with attach and interactive, but I still get this ``` 2019-10-25 20:07:14,718 aries_cloudagent.config.ledger WARNING Cannot accept TAA without interactive terminal ```

andrew.whitehead (Fri, 25 Oct 2019 20:11:14 GMT):
How are you running it normally?

andrew.whitehead (Fri, 25 Oct 2019 20:14:04 GMT):
I think you would need to use `docker exec -ti (containername)` once it's running

andrew.whitehead (Fri, 25 Oct 2019 20:14:04 GMT):
I think you would need to use `docker exec -ti (containername) bash` once it's running

andrew.whitehead (Fri, 25 Oct 2019 22:27:42 GMT):
The variables in wallet-storage-config and wallet-storage-creds wouldn't be replaced due to the single quotes

magicindustries (Mon, 28 Oct 2019 08:05:09 GMT):
can anyone give me a generalised idea of the state of Aries? I'm building several agents and wondering whether to try using it for them now or keep an eye on it and work with it in development.

magicindustries (Mon, 28 Oct 2019 08:05:35 GMT):
the state of the repos is a bit confusing as to what's current

magicindustries (Mon, 28 Oct 2019 09:09:56 GMT):
In the aries-framework-dotnet the provisioning configurations all report "This class will no longer be used" but that's what's in the docs. Is there something updated I'm missing?

magicindustries (Mon, 28 Oct 2019 09:40:29 GMT):
ah never mind, finally found this "If you are using Indy SDK today to build a decentralized identity solution, keep doing so for the time being. Aries is not yet mature enough to build upon, but when it gets there, a reasonable transition process will be provided, and announcements will be made in community channels." I will keep an eye on the channel but keep building directly with libindy

sklump (Mon, 28 Oct 2019 14:28:09 GMT):
Oh: the "kid" attribute in the header ought to suffice.

george.aristy (Mon, 28 Oct 2019 19:11:22 GMT):
@sklump the `jwk` header is better IMO: https://tools.ietf.org/html/rfc7515#section-4.1.3

danielhardman (Mon, 28 Oct 2019 20:15:48 GMT):
Agreed. `jwk` is what we want, not `kid`

swcurran (Mon, 28 Oct 2019 20:33:23 GMT):
@magicindustries - it depends on what you are doing. If you are creating a PoC that only involves your own code, it's fine to use libindy and your own design. If you want to do something that interoperates with other code bases (agents), then you need to use the concepts in the Aries RFCs. And if you are building on Aries, then you might want to consider aries-cloudagent-python or aries-framework-dotnet as completed implementations that you can use as a black box. I personally think you will get a lot farther a lot faster if you use an existing Aries agent. Both of those code bases come with 2 years of experience building on the indy-sdk. The python implementation is a second iteration where we started the new version from a blank repo.

mxs1491 (Mon, 28 Oct 2019 21:46:57 GMT):
Daniel, does this same framework hold for an embedded or resource constrained device? In general I should think so, but are there any special considerations that will be needed in addition?

danielhardman (Mon, 28 Oct 2019 21:49:29 GMT):
I haven't thought that through very deeply. In general, I would guess that the answer is "yes, it applies". Part of the reason to have a plugin model is that it lets you select different implementations depending on the needs of your platform. For example, we don't want everyone depending on postgres KMS (even though that's an excellent KMS plugin for enterprise servers); we want an embedded platform to be able to use flash memory or something else that's equally light. But I'm sure there are interesting angles to your question that we should reflect in the diagrams before we're fully happy.

magicindustries (Tue, 29 Oct 2019 10:33:34 GMT):
@swcurran thanks for that. I guess it's a bit hard to tell what's complete and what's not at the moment, the docs have code in them that doesn't seem to be applicable any more. I'd like to use the dotnet aries agent but one thing that's hard to find clarity on amongst all the moving projects and repos - does/will Aries cover the basic agent functions like wallet management, secret storage, did generation etc, or is it purely for credential exchange flows?

magicindustries (Tue, 29 Oct 2019 10:34:35 GMT):
I have a slightly odd use case so I have to take the instructions and modify them to suit, which makes it difficult not know what docs are up to date etc. And how does Aries tie in with libVCX?

helengarneau (Tue, 29 Oct 2019 17:10:11 GMT):
Just a reminder to please contact me if your organization is interested in sponsoring the Aries Connectathon. We're still looking for a few good teams to help with food costs. Prices listed on the event page are based on 100 people but will be lowered as registration numbers come in. We can provide receipts for reimbursement if need be. Whatever is easy for you & your organization. DM me today! https://www.meetup.com/Utah-Sovrin-Meetup/events/265714942/?success=email_sent&success=mailinglist_sent

prieblinger (Wed, 30 Oct 2019 08:07:55 GMT):
@danielhardman I suppose what I am looking at is a RFC on item 2. For the features we want to request, I think that extending RFC-0037: Present Proof Protocol would be the thing to do. One thing I am currently struggling with is that the RFC0037 only mentions attributes in the presentation preview (= where requested proof elements are listed), it leaves out credentials and openid, which are used in the DID credential manifest (https://github.com/decentralized-identity/credential-manifest/blob/master/explainer.md), which we would like to merge into this for our feature request RFC. Would it be make sense to you to pull the "type" differentiation for proof elements into my RFC, extending the RFC0037 even further?

wip-abramson (Wed, 30 Oct 2019 13:32:01 GMT):
Has anyone looking into trying to use aries messaging for sending files? Would this need a new protocol?

swcurran (Wed, 30 Oct 2019 15:01:11 GMT):
Yes - in the two "complete" (nothing is ever complete), all of those functions are covered. This document that lists the implemented Aries RFCs in ACA-Py (Python implementation) gives a good feel for what's implemented, and the linked RFCs define in detail exactly what each supported feature includes. https://github.com/hyperledger/aries-cloudagent-python/blob/master/SupportedRFCs.md

swcurran (Wed, 30 Oct 2019 15:02:59 GMT):
Some, including work at putting images in credentials (@sklump did that). The ~attach decorator is can handled files, but is not an explicit file exchange protocol.

swcurran (Wed, 30 Oct 2019 15:04:03 GMT):
libVCX does not currently play well with Aries, but I'm told work is happening now to make it work with Aries. @esplinr would have more details.

danielhardman (Wed, 30 Oct 2019 15:48:53 GMT):
@prieblinger : I don't know enough about what you're imagining to give you an intelligent answer. Maybe share an RFC draft and I can give better feedback?

swcurran (Wed, 30 Oct 2019 16:37:28 GMT):
I'm thinking this might be a separate protocol from 0037 that is used to negotiate what proof request to generate. I'm thinking something along the lines of 0214 - https://github.com/hyperledger/aries-rfcs/tree/master/features/0214-help-me-discover, but about what credentials the issuer has.

swcurran (Wed, 30 Oct 2019 16:38:21 GMT):
That would make it a "business protocol" and definitely out of the realm of Ursa and being a crypto protocol.

swcurran (Wed, 30 Oct 2019 16:42:58 GMT):
I still would like to know about what guarantees that Indy gives between what was asked for in a request and what is "true" when the crypto returns a result.

swcurran (Wed, 30 Oct 2019 16:44:28 GMT):
In other words, can the Request include a super set of things, the holder prove the claims it has, and the proof still be "true"?

danielhardman (Wed, 30 Oct 2019 16:45:54 GMT):
That's why the response to a proof request needs to include a "proof reconciliation". The proof in a response should be true or false on its own merits, but the relationship between the presented proof and the requested proof is a separate question that should *also* be evaluated by the library.

swcurran (Wed, 30 Oct 2019 17:37:32 GMT):
I think those should be separate though. I want to know from the crypto what's correct, and the connection between the proof and proof request, since the later is not crypto related. And to include support for value equalities, we need encode/decode built in. Those are the places things are not working right now.

danielhardman (Wed, 30 Oct 2019 17:40:09 GMT):
If you use ~attach in indirect mode, you can signal to the receiver that there is content for them, but tell them they have to go download it from somewhere else, using a different protocol (e.g., HTTP, FTP, bittorrent). The DIDComm message should include a sha256 hash of the content so that when the content is fetched, there's a guarantee it has not been tampered with.

sklump (Wed, 30 Oct 2019 17:48:02 GMT):
There is a sha256 slot in the attachment decorator for links mode

ajayjadhav (Wed, 30 Oct 2019 20:51:51 GMT):
Just to confirm - @swcurran, @danielhardman.. with respect to the discussion on rename of RFC 0050 - Wallets, a don't think search-and-replace will work :), as there are references to Indy Wallets. I think the text which refers to new Aries key management implementation should be described as KMS, right?

ajayjadhav (Wed, 30 Oct 2019 20:51:51 GMT):
Just to confirm - @swcurran, @danielhardman - with respect to the discussion on rename of RFC 0050 - Wallets, a don't think search-and-replace will work :), as there are references to Indy Wallets. I think the text which refers to new Aries key management implementation should be described as KMS, right?

ajayjadhav (Wed, 30 Oct 2019 20:52:49 GMT):
was reading the conversation here - https://github.com/hyperledger/aries-rfcs/issues/68

swcurran (Wed, 30 Oct 2019 20:55:54 GMT):
This one might be a tricky one to do across all RFCs. Basically, when the use of "wallet" means the mainstream use of the term ("digital wallet" as in Google Pay, Apple Pay and so on), we want to keep the term. When the use of "wallet" means "storing keys and metadata for an agent", or what is called "wallet" in Indy, it needs to change to KMS. Does that make sense?

pknowles (Wed, 30 Oct 2019 20:57:49 GMT):
Re KMS, it might be worth updating the Sovrin Glossary too. Just a thought.

swcurran (Wed, 30 Oct 2019 21:32:04 GMT):
Regards KMS and the storage of credentials. Per the call today, KMS is to be limited to keys and metadata. As I understood the discussion, that means DIDs and connections (in metadata), and creddefs. There may be some other misc. keys for the operation, and LOX holds the keys to the wallets. Specifically excluded from KMS (from the discussion) are credentials. I would assume that the other major content we have with Aries (protocol state) would also be excluded. For portability, the import/export functions are intended to enable moving your data, so that would have to include at least so that would include at least - DIDs, connections, creddefs, and credentials. Questions: 0. Did I get that right? 1. Where do we expect credentials to go? 2. Is Aries Core going to opinionated about the APIs used to access the data that's needed but not in Aries?

swcurran (Wed, 30 Oct 2019 21:32:28 GMT):
That's for Sovrin to do. @drummondreed

cam-parra (Wed, 30 Oct 2019 22:22:41 GMT):
I am creating an RFC for KMS please stand by. This will override or I guess redefine 0050.

cam-parra (Wed, 30 Oct 2019 22:53:00 GMT):
Actually now that i think about it just a search and replace won't do here. KMS != Wallet. Correct me if I am wrong but I don't believe that we actually have referenced a proper KMS in past rfcs

sebastillar (Wed, 30 Oct 2019 23:54:19 GMT):
I need some help to build my first agent with Aries. How can I do? Any tutorial suggest?

ajayjadhav (Thu, 31 Oct 2019 09:34:26 GMT):
Okay @cam-parra, I am holding it..

DibbsZA (Thu, 31 Oct 2019 09:38:25 GMT):
Hi, Have you seen this? https://github.com/hyperledger/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev

DibbsZA (Thu, 31 Oct 2019 09:38:25 GMT):
Hi, @sebastillar . Have you seen this? https://github.com/hyperledger/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev

wip-abramson (Thu, 31 Oct 2019 11:29:56 GMT):
Great thanks, could anyone point me to an example? I have been trying to send it across as encoded bytes, but the file seems to get messed up in the process.

wip-abramson (Thu, 31 Oct 2019 13:35:02 GMT):
Actually I managed to get it working the way I was trying before. Converted to hex then sent the hex string

swcurran (Thu, 31 Oct 2019 15:00:19 GMT):
I would be pretty suprised if we don't reference storage in the RFCs, and when we did that, the usual way was "wallet". Could be wrong - we'll see. Agree that 0050 is the place to start. Note that 0050 is accepted, so I think this should be in addition to 0050 and we'll archive 0050 when appropriate.

cam-parra (Thu, 31 Oct 2019 15:06:07 GMT):
Jay if you find any instances where we just refer to key management then those instances would be fine as Stephen has mentioned

ajayjadhav (Thu, 31 Oct 2019 15:07:40 GMT):
Sure, I will go ahead and make those changes..

mwherman2000 (Thu, 31 Oct 2019 15:08:38 GMT):
Is there an Aries/Indy working group call this morning? ...I'm guessing there isn't ....only 2 of us online.

cam-parra (Thu, 31 Oct 2019 15:18:30 GMT):
Thanks, Jay. Really appreciate your help.

swcurran (Thu, 31 Oct 2019 15:19:54 GMT):
That meeting is now every second week and will be on next week.

sklump (Thu, 31 Oct 2019 17:08:40 GMT):
As long as we are talking about wallets, kindly humour a naïf for a moment. Suppose a holder (say) has multiple agents (one per device, say). On storing a credential, one of these agents writes it to its wallet. What makes this credential subsequently available to the wallets of all other agents? Or is this a work in progress? I may have missed a whole lot of discussion on this sync problem; if so, I'd appreciate a link to it.

sklump (Thu, 31 Oct 2019 17:08:40 GMT):
As long as we are talking about wallets, kindly humour a naïf for a moment. Suppose a holder (say) has multiple agents (one per device, say). On storing a credential, one of these agents writes it to its wallet. What makes this credential subsequently available to the wallets of all of the holder's other agents? Or is this a work in progress? I may have missed a whole lot of discussion on this sync problem; if so, I'd appreciate a link to it.

helengarneau (Thu, 31 Oct 2019 18:39:42 GMT):
Aries Connectathon- I'm starting to advertise out on social media to make sure folks see the registration link for the Aries Connectathon. Please sign up as soon as possible or send a note if you need a bit more info. Trying to get numbers dialed in as soon as possible. https://www.meetup.com/Utah-Sovrin-Meetup/events/265714942/?success=email_sent&success=mailinglist_sent Thanks!

ajayjadhav (Thu, 31 Oct 2019 18:48:40 GMT):
Hi all, has anyone played around Deno (https://deno.land/) for building agents or otherwise ?

ajayjadhav (Thu, 31 Oct 2019 18:49:44 GMT):
I know it's still under development, however, some projects like https://github.com/superfly/fly are using it..

HLFPOC (Fri, 01 Nov 2019 04:09:05 GMT):
Hi Team, Not sure if this is the right place to ask this question , but I wanted to understand overall flow of how ZKPs in credentials are handled by Aries/Indy?

MALodder (Fri, 01 Nov 2019 04:40:17 GMT):
https://eprint.iacr.org/2019/1126.pdf

MALodder (Fri, 01 Nov 2019 04:40:47 GMT):
Considerations if using side chains or DHTs

prieblinger (Fri, 01 Nov 2019 09:00:19 GMT):
@danielhardman I am attaching a draft of the RFC. I am looking forward to hearing your opinions on this!

donqui (Fri, 01 Nov 2019 10:23:26 GMT):
Maybe something like this: https://github.com/hyperledger/indy-sdk/tree/master/docs/design/002-anoncreds https://github.com/hyperledger/indy-crypto/blob/master/libindy-crypto/docs/AnonCred.pdf https://github.com/hyperledger/ursa/blob/master/libursa/docs/anoncreds-design.md https://github.com/hyperledger/ursa/tree/master/libursa/src/cl

esplinr (Fri, 01 Nov 2019 13:14:23 GMT):
The work we are doing is intended to make it easier to migrate to Aries from LibVCX. But the Aries community has decided not to adopt the approach taken in LibVCX (implementing agent functionality as a C-callable library). I wouldn't recommend it for a new project.

esplinr (Fri, 01 Nov 2019 13:14:43 GMT):
If you are an Evernym customer, you should contact us to discuss how we are helping people to transition.

ajayjadhav (Fri, 01 Nov 2019 15:46:31 GMT):
Hi @tomislav - During agent provisioning, is there any IHostedService used in Xamarin to host an Agent? Or it just creates a wallet/DID ?

ajayjadhav (Fri, 01 Nov 2019 15:46:31 GMT):
Hi @tomislav - During agent provisioning, is there any `IHostedService` used in Xamarin to host an Agent? Or it just creates a wallet/DID ?

TelegramSam (Fri, 01 Nov 2019 16:26:13 GMT):
@wip-abramson You might need a new protocol, but I'd use the attachments pattern over a new file encoding method. This allows better support from existing code, as well as easier protocol adoption.

mboyd (Fri, 01 Nov 2019 16:49:56 GMT):
@swcurran @tplooker I tried to run the VC-authn-oidc demo today, and got to the final step. clicking on the `verified credential access` on keycloak gives me a `{"error":"unknown_presentation_record_id","error_description":"Cannot find respective record id"}` error. More info here: https://github.com/bcgov/vc-authn-oidc/issues/16

swcurran (Fri, 01 Nov 2019 17:27:19 GMT):
@esune can help with that. He's been working with @sukalpomitra and they got the OSMA client working. There is a PR in the repo that might be the issue that you are hitting.

swcurran (Fri, 01 Nov 2019 17:28:15 GMT):
Hmm...error message looks more like a config error, but again - @esune can work with you on it.

esune (Fri, 01 Nov 2019 17:29:17 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=fBatGCHj8SAjpB3iR) I'll comment on the GitHub issue

troyronda (Fri, 01 Nov 2019 18:41:27 GMT):
Has there been prior discussion on a WebAssembly WASI interface for aries core libraries?

troyronda (Fri, 01 Nov 2019 18:41:27 GMT):
Has there been prior discussion on a WebAssembly WASI interface target for aries core libraries (in addition to the C-Callable interface)?

troyronda (Fri, 01 Nov 2019 18:41:27 GMT):
Has there been prior discussion on a WebAssembly WASI interface target for aries core libraries (as an additional target beyond the C-Callable interface)?

troyronda (Fri, 01 Nov 2019 18:41:27 GMT):
Has there been prior discussion on a WebAssembly WASI target for aries core libraries (as an additional target beyond the C-Callable interface)?

swcurran (Fri, 01 Nov 2019 18:52:14 GMT):
There has been on and off discussions about it in the indy context, and a few experiments to try it. General agreement it would be a Good Thing, but not a focused initiative that has really scoped the challenge/effort/structure.

swcurran (Fri, 01 Nov 2019 18:54:14 GMT):
FYI: Aries Cloud Agent - Python Release 0..3.5 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.3.5. We've been working on performance lately, so the changes are related to that.

troyronda (Fri, 01 Nov 2019 19:47:54 GMT):
Ah cool. We are investigating having aries-framework-go have a WASM Controller target (in addition to the REST and native Go controllers) and I was thinking about pluggability in that case.

troyronda (Fri, 01 Nov 2019 19:47:54 GMT):
Ah cool. We are investigating having aries-framework-go have a WASM Controller API target (in addition to the REST and native Go controller APIs) and I was thinking about pluggability in that case.

troyronda (Fri, 01 Nov 2019 21:13:11 GMT):
This controller API post also brings up the topic that there are opportunities for implementation re-usage beyond the rust language projects.

troyronda (Fri, 01 Nov 2019 21:16:17 GMT):
And there could be three tiers: pluggable libraries, services, and controller APIs.

troyronda (Fri, 01 Nov 2019 21:16:17 GMT):
And there could be three tiers: pluggable libraries, services, and controller APIs. (note: this is how we are building the Go framework).

troyronda (Fri, 01 Nov 2019 21:16:17 GMT):
And there could be three tiers: pluggable libraries, services, and controller APIs. Note: this is how we are building the Go framework. (and I wonder if there are opportunities to re-use some of the work being done in the Go framework.)

troyronda (Fri, 01 Nov 2019 21:16:17 GMT):
e.g., there could be three tiers: pluggable libraries, services, and controller APIs. Note: this is how we are building the Go framework. (and I wonder if there are opportunities to re-use some of the work being done in the Go framework across the community.)

cam-parra (Fri, 01 Nov 2019 21:17:28 GMT):
I think that myself and other who have been working on architecture and code for Aries-KMS have done a bad job at explaining what a KMS is. There seems to be a lingering belief that KMS is just a rebranding of the name wallet but that is not true. I would invite the community to look over the Aries proposed architecture slides prepared by @danielhardman and take a look at what a KMS does. I am trying to make a RFC and a POC to show how this architecture would work at a personal level. It's a slow process since its a combined effort and gathering of information from different meetings. Here is a table that i believe outlines some of the main differences that can show you how a KMS is not a wallet

cam-parra (Fri, 01 Nov 2019 21:17:57 GMT):
```| Aries-KMS | Indy-Wallet | | ----------- | ----------- | |Securely creates, deletes, manages keys and their metadata| Securely creates, manages keys| |Does NOT manage general storage|Manages general storage| | Integrates with OS keystore / ACL / biometrics (LOX)|No LOX support| | Leverages HMS / TEE / secure enclave when present |Is enclave like| | Plugins for different persistence mechanisms |Multi threadeding enforced | | Plugins for different crypto approaches |No puggable crypto|```

cam-parra (Fri, 01 Nov 2019 21:21:00 GMT):
Shout out to @MALodder for supplying code, clarity, and ideas

swcurran (Fri, 01 Nov 2019 21:31:36 GMT):
Suggest having every line be one issue. I think the "Plugins for different..." and "Multi-threadening..." are two different attributes of the two solutions. Right?

swcurran (Fri, 01 Nov 2019 21:31:36 GMT):
Suggest having every line be one issue. I think the "Plugins for different..." and "Multi-threading..." are two different attributes of the two solutions. Right?

swcurran (Fri, 01 Nov 2019 21:32:23 GMT):
Also, want to make sure that on Aries KMS that there are ONLY "plugins for different persistence mechanisms" and we eliminate the "Native database" as a thing.

cam-parra (Fri, 01 Nov 2019 21:43:12 GMT):
that is correct, Stephen. Thank you

esplinr (Fri, 01 Nov 2019 21:45:27 GMT):
This description of the current Indy Wallet is not accurate. Indy Wallet is not intended to be a place for general storage, and it already has pluggable persistence mechanisms.

swcurran (Fri, 01 Nov 2019 21:46:21 GMT):
Wouldn't non-secrets storage be "general". It's certainly being used that way.

esplinr (Fri, 01 Nov 2019 21:46:23 GMT):
We keep using the term LOX. I keep forgetting what it means. Can someone remind me?

esplinr (Fri, 01 Nov 2019 21:46:43 GMT):
It is often used that way, but it wasn't the intention.

swcurran (Fri, 01 Nov 2019 21:47:06 GMT):
Where should that be going? I asked that on a previous note, but didn't get a response.

swcurran (Fri, 01 Nov 2019 21:47:39 GMT):
Presumably that includes credentials.

esplinr (Fri, 01 Nov 2019 21:47:41 GMT):
To be clear, I like the definition of Aries-KMS. I think it's better communicated that the Indy-Wallet. But I don't think the vision is that different.

esplinr (Fri, 01 Nov 2019 21:47:41 GMT):
To be clear, I like the definition of Aries-KMS. I think it's better communicated than we did with the Indy-Wallet. But I don't think the vision is that different.

swcurran (Fri, 01 Nov 2019 21:49:01 GMT):
Definitely communicated better, since I've been in the community for a long time and never knew that credentials shouldn't be going into indy-wallet :-)

esplinr (Fri, 01 Nov 2019 21:49:06 GMT):
I know that some credential stuff is considered metadata for keys, but we put some credential stuff outside of the wallet storage. We were never very clear on that line. I'm glad we are improving that in Aries.

swcurran (Fri, 01 Nov 2019 21:49:51 GMT):
The question I have is does that data need to be encrypted?

swcurran (Fri, 01 Nov 2019 21:50:17 GMT):
Specifically, credentials and protocol state.

esplinr (Fri, 01 Nov 2019 21:50:21 GMT):
I think that is still one of the big open questions.

esplinr (Fri, 01 Nov 2019 21:50:43 GMT):
This is where I admit I'm not an architect, and let smarter people tell me the right answer. grin

swcurran (Fri, 01 Nov 2019 21:52:08 GMT):
Pretty surprised that's a question. Since credentials are likely to contain PII, and protocol state is likely to contain credentials, then it seems to me that they should be encrypted at rest.

MALodder (Fri, 01 Nov 2019 21:52:46 GMT):
I would encrypt Credentials. Not sure what you mean by protocol state

cam-parra (Fri, 01 Nov 2019 21:53:41 GMT):
A tool for accessing various keychains or secure enclaves

cam-parra (Fri, 01 Nov 2019 21:54:34 GMT):
Again this conversation leads to me to belive that we don't have a clear picture and that it is worth waiting a week or even less for an RFC. Where we can openly discuss this

esplinr (Fri, 01 Nov 2019 21:55:57 GMT):
Google isn't helping me. Is it an Aries specific thing, or a general purpose thing?

swcurran (Fri, 01 Nov 2019 21:56:01 GMT):
When you run a protocol (e.g. Issue Credential, Present Proof, etc.) you have a sequence of async messages and you need to persist that state, so when the next message is processed, you can get the state. Generally, that includes the messages in the protocol instance. Many of those messages will have credentials and other PII in them.

MALodder (Fri, 01 Nov 2019 21:56:23 GMT):
gotcha, then I would encrypt those as well

cam-parra (Fri, 01 Nov 2019 21:56:33 GMT):
It's an aries RFC hold on let me link you to it

cam-parra (Fri, 01 Nov 2019 21:57:16 GMT):
https://github.com/hyperledger/aries-rfcs/tree/master/features/0042-lox/reference_code

esplinr (Fri, 01 Nov 2019 21:57:19 GMT):
Thanks Cam. That's the level of information I needed.

swcurran (Fri, 01 Nov 2019 21:57:37 GMT):
If so, then I would recommend including that in some sort of storage managed by Aries. KMS or another storage module. Especially since credentials MUST be part of the export from an agent.

swcurran (Fri, 01 Nov 2019 21:59:02 GMT):
There is no storage thing called a "wallet". A wallet is a mobile agent in the common parlance and we should not try to redefine it.

esplinr (Fri, 01 Nov 2019 22:00:06 GMT):
It's really weird to have the implementation of a command line tool defined in an RFC. That seems like something that should go in an Aries Core / Aries-SDK set of libraries.

swcurran (Fri, 01 Nov 2019 22:01:59 GMT):
So maybe AMS and KMS will be used. FYI - in ACA-Py, we have different implementations for secrets and non-secret storage. We can use different plugins for each. That sounds like we are talking about here. All credentials go into "secrets", which I believe is defined by Indy.

swcurran (Fri, 01 Nov 2019 22:01:59 GMT):
So maybe AMS and KMS will be used. FYI - in ACA-Py, we have different implementations for secrets and non-secret storage. We can use different plugins for each. That sounds like what we are talking about here. All credentials go into "secrets", which I believe is defined by Indy.

swcurran (Fri, 01 Nov 2019 22:01:59 GMT):
So maybe AMS and KMS will be used. FYI - in ACA-Py, we have different implementations for secrets and non-secret storage. We can use different plugins for each. That sounds like what we are talking about here. All credentials go into "secrets", which I believe is defined by Indy. FYI: Nick and Andrew designed that.

esplinr (Sun, 03 Nov 2019 02:53:24 GMT):
You make a good point. Perhaps the components of the Go Framework could become the basis of an Aries SDK. My biggest concern is about how to call these Go components from the other language frameworks.

troyronda (Sun, 03 Nov 2019 12:54:21 GMT):
Looks possible (see our conversation in #aries-sdk).

HLFPOC (Mon, 04 Nov 2019 09:14:09 GMT):
Hi Team, I am trying to learn and understand the concepts of Aires and from what I have learnt is, using Aires, we can build agent apps which can support W3C standards (like verfiable credentials, dids etc.) and use these agent apps to interact with the underlying blockchain network which will be most likely Hyperledger Indy in this case. Now based on my understanding, I have below queries: 1) Is my understanding correct ? (Stated above) 2) How mature is Aries project ? If we want to start fresh development, should we consider using Indy SDK or go with Aries ? 3) Can we develop custom agent apps using Hyperledger Aries which can interact with any other underlying blockchain network ? (like Hyperledger fabric, R3 Corda etc. ?) 4) If yes, are there are any reference projects/artifacts which are using Aries with any other blockchain network ?

HLFPOC (Mon, 04 Nov 2019 09:14:09 GMT):
Hi Team, I am trying to learn and understand the concepts of Aires and from what I have learnt is, using Aries, we can build agent apps which can support W3C standards (like verfiable credentials, dids etc.) and use these agent apps to interact with the underlying blockchain network which will be most likely Hyperledger Indy in this case. Now based on my understanding, I have below queries: 1) Is my understanding correct ? (Stated above) 2) How mature is Aries project ? If we want to start fresh development, should we consider using Indy SDK or go with Aries ? 3) Can we develop custom agent apps using Hyperledger Aries which can interact with any other underlying blockchain network ? (like Hyperledger fabric, R3 Corda etc. ?) 4) If yes, are there are any reference projects/artifacts which are using Aries with any other blockchain network ?

danielhardman (Mon, 04 Nov 2019 15:31:25 GMT):
Yes, your understanding is correct. Aries is not super mature yet, although there are pockets of maturity in aries-cloudagent-python, aries-framework-dotnet, and maybe Aries-framework-go. Re reference integrations with a blockchain other than Indy, I know some work has been done against R3 and Ethereum, but I don't know if it's been packaged as a reference. Others will have to weigh in.

swcurran (Mon, 04 Nov 2019 15:55:46 GMT):
For 3 and 4, I'd say know. We've talked about how it could be done now, and a planned architecture going forward, but there are no reference implementations. The plans of the aries-framework-go team are probably closest there as they don't plan on building on the indy-sdk, but rather plan to support initially a different ledger (Fabric, I believe).

troyronda (Mon, 04 Nov 2019 18:03:00 GMT):
re: aries-framework-go. So far we included a ledger-agnostic DID resolver following https://w3c-ccg.github.io/did-resolution/#bindings-https. In addition, a developer using the Go framework can inject their own DID resolver implementation when instantiating the framework.

troyronda (Mon, 04 Nov 2019 18:12:19 GMT):
re: fabric Externally, yes, we also have a Fabric ledger version of the Sidetree protocol (https://github.com/trustbloc/sidetree-fabric). The Go framework integrates with the Sidetree implementation using the https binding interface (^^). The Go framework's BDD tests also include steps that execute against a mock ledger that implements the Sidetree protocol.

troyronda (Mon, 04 Nov 2019 18:12:19 GMT):
re: fabric Externally, yes, we have a Fabric ledger version of the Sidetree protocol (https://github.com/trustbloc/sidetree-fabric). The Go framework integrates with the Sidetree implementation using the https binding interface (^^). The Go framework's BDD tests also include steps that execute against a mock ledger that implements the Sidetree protocol.

ntonani (Mon, 04 Nov 2019 22:33:32 GMT):
We have a unique use case requiring credential issuance from a permissioned ledger. The network must ideally retain enough information about issued credentials to provide data-driven metrics and analysis to node owners (I.e. number of creds issued of type X by node Y) - unsure at the moment if this must include PII. We'd like to use Aries for cred exchange and DID resolution as it is properly aligning itself with W3C specs and we feel that's essential for the utility of the greater vision. I am wondering if people in the community know of any projects that are trying something similar? Seems there are two glaring gaps in Aries at the moment: 1) Lack of non-Indy ledger support, 2) Lack of multi-ledger workflow support (I.e. resolving DID on ledger A, credential revocation status on ledger B). Is this accurate? Really appreciate any feedback. Including suggesting other forums / communities. Difficult to navigate

ntonani (Mon, 04 Nov 2019 22:33:32 GMT):
We have a unique use case requiring credential issuance from a permissioned ledger. The network must ideally retain enough information about issued credentials to provide data-driven metrics and analysis to node owners (I.e. number of creds issued of type X by node Y) - unsure at the moment if this must include PII. We'd like to use Aries for cred exchange and DID resolution as it is properly aligning itself with W3C specs and we feel that's essential for the utility of the greater vision. I am wondering if people in the community know of any projects that are trying something similar? Seems there are two glaring gaps in Aries at the moment: 1) Lack of non-Indy ledger support, 2) Lack of multi-ledger workflow support (I.e. resolving DID on ledger A, credential revocation status on ledger B ). Is this accurate? Really appreciate any feedback. Including suggesting other forums / communities. Difficult to navigate

ntonani (Mon, 04 Nov 2019 22:33:32 GMT):
We have a unique use case requiring credential issuance from a permissioned ledger. The network must ideally retain enough information about issued credentials to provide data-driven metrics and analysis to node owners (I.e. number of creds issued of type X by node Y) - unsure at the moment if this must include PII. We'd like to use Aries for cred exchange and DID resolution as it is properly aligning itself with W3C specs and we feel that's essential for the utility of the greater vision. I am wondering if people in the community know of any projects that are trying something similar? Seems there are two gaps in Aries at the moment: 1) Lack of non-Indy ledger support, 2) Lack of multi-ledger workflow support (I.e. resolving DID on ledger A, credential revocation status on ledger B ). Is this accurate? Really appreciate any feedback. Including suggesting other forums / communities. Difficult to navigate

jljordan_bcgov (Tue, 05 Nov 2019 10:11:21 GMT):
Our latest RFC might help with understanding the context of various projects (Indy, Aries, Ursa), other ledgers and so forth. https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0289-toip-stack/README.md In terms of getting support for more DID methods/ledgers etc ... we are a friendly group and would welcome folks in that would like to help build out these capabilities

troyronda (Tue, 05 Nov 2019 15:22:11 GMT):
Weekly planning meeting for aries-framework-go starts in ~10 mins.

troyronda (Tue, 05 Nov 2019 15:22:11 GMT):
Weekly planning meeting for aries-framework-go starts in ~10 mins. #aries-go

danielhardman (Tue, 05 Nov 2019 17:46:35 GMT):
All: we've recently had an RFC submitted that I would like to renumber. It's RFC 0289--a proposal about how to think about the self-sovereign and decentralized identity problem domain at the highest level of abstraction. Its main authors are Drummond Reed, John Jordan, Darrell O'Donnell, and Dan Gisolfi. (I am also a listed author, though I'm really more of a mechanical helper. I converted some graphics and assisted with git mechanics). I think this particular RFC ought to be RFC 0001, because it explains the entire problem that Aries is trying to solve, and how a solution must involve layers of technology that includes DIDs at the bottom, DIDComm in the middle, protocols like credential exchange above that, and so forth. Other foundational concept RFCs like the ones about protocols, agents, and didcomm as a concept use similar small numbers. Please separate this proposal about numbering from the question of whether the content of the RFC is correct. Undoubtedly there are things in this RFC that are not yet optimal, and we should fix those things using the normal process we go to when an RFC is proposed and the community begins looking at it. Until we are happy with it, I wouldn't advocate any status for the RFC other than PROPOSED. But I'm suggesting that the RFC number "0001" is appropriate for a doc that provides the overarching context / background for everything else in the repo, so I'd like to adjust the RFC's number and designate it as the place where we put our best consensus thinking about how to orient a person to the problem space that Aries has carved out for itself. I will make this proposal again on a community call, but wanted to put it here in written form as well. Shall we let the proposal accumulate feedback for a couple weeks, as we have done for proposals about changing an RFC's status?

danielhardman (Tue, 05 Nov 2019 17:46:35 GMT):
All: we've recently had an RFC submitted that I would like to renumber. It's RFC 0289--a proposal about how to think about the self-sovereign and decentralized identity problem domain at the highest level of abstraction. Its main authors are Drummond Reed, John Jordan, Darrell O'Donnell, and Dan Gisolfi. (I am also a listed author, though I'm really more of a mechanical helper. I converted some graphics and assisted with git processing.) I think this particular RFC ought to be RFC 0001, because it explains the entire problem that Aries is trying to solve, and how a solution must involve layers of technology that includes DIDs at the bottom, DIDComm in the middle, protocols like credential exchange above that, and so forth. Other foundational concept RFCs like the ones about protocols, agents, and didcomm as a concept use similar small numbers. Please separate this proposal about numbering from the question of whether the content of the RFC is correct. Undoubtedly there are things in this RFC that are not yet optimal, and we should fix those things using the normal process we go to when an RFC is proposed and the community begins looking at it. Until we are happy with it, I wouldn't advocate any status for the RFC other than PROPOSED. But I'm suggesting that the RFC number "0001" is appropriate for a doc that provides the overarching context / background for everything else in the repo, so I'd like to adjust the RFC's number and designate it as the place where we put our best consensus thinking about how to orient a person to the problem space that Aries has carved out for itself. I will make this proposal again on a community call, but wanted to put it here in written form as well. Shall we let the proposal accumulate feedback for a couple weeks, as we have done for proposals about changing an RFC's status?

swcurran (Tue, 05 Nov 2019 17:51:43 GMT):
An idea to float to the group. In the KMS discussions, it has been stated that verifiable credentials (and things like them, including protocol state) should not be in the KMS. Obviously, if that's the case (and it makes sense) we'll need another encrypted place to keep that data. I'm wondering if that is actually in alignment with DIF's idea that hubs contain (among other things) verifiable credentials that are only accessed with owner-controlled keys. Does that lead us to where Aries should have a local hub component?

troyronda (Tue, 05 Nov 2019 18:24:46 GMT):
- I think Aries should have a local hub component and structured as being syncable to a remote hub. - I think KMS supports this hub component by enabling owner-controlled access / encryption.

troyronda (Tue, 05 Nov 2019 18:24:46 GMT):
- I think Aries should have a local hub component and structured as being syncable to a remote hub. - I think KMS (along with Crypto) supports this hub component by enabling owner-controlled access / encryption.

troyronda (Tue, 05 Nov 2019 18:25:50 GMT):
With that comes three other topics: Getting a new device, Losing my device, Multiple devices.

Baha-sk (Tue, 05 Nov 2019 18:51:45 GMT):
My understanding is KMS should only manage/store keys... It can sync the storage with a local hub if needed. Other artifacts should be managed by a separate service, I believe vrdi component is meant to be this service

swcurran (Tue, 05 Nov 2019 18:52:46 GMT):
vrdi is intended to be the ledger interface, but I hadn't thought of it for storing VCs. I definitely didn't see it handling protocol state, which must be encrypted.

Baha-sk (Tue, 05 Nov 2019 18:53:38 GMT):
It can use the crypto service to encrypt its artifacts

swcurran (Tue, 05 Nov 2019 18:54:24 GMT):
Sure, but it's not part of vrdi, I don't think.

Baha-sk (Tue, 05 Nov 2019 18:54:37 GMT):
Protocol state should be managed by a separate component maybe if vrdi is not meant to manage them

cam-parra (Tue, 05 Nov 2019 18:54:45 GMT):
it could be the vdri or it could be another service to use as general storage for credentials or whatever artifact your blockchain stores

Baha-sk (Tue, 05 Nov 2019 18:55:49 GMT):
Isn't blockchain supposed to store peer DIDs only?

cam-parra (Tue, 05 Nov 2019 18:56:13 GMT):
what you store in general storage is not up to the KMS

Baha-sk (Tue, 05 Nov 2019 18:56:58 GMT):
Agreed, KMS should only deal with keys, to my understanding

Baha-sk (Tue, 05 Nov 2019 18:57:28 GMT):
And it has its own underlying storage

swcurran (Tue, 05 Nov 2019 18:57:45 GMT):
I'm agreeing with the KMS part. I'm questioning where the other encrypted data that must be stored should go. I don't see it as vdri.

Baha-sk (Tue, 05 Nov 2019 19:01:08 GMT):
For KMS, in Aries framework go,we intend to have two separate storages, one as a keystore and another, metadatstore, for persisting keys relationships (private/public key references +signing/encryption key references)

Baha-sk (Tue, 05 Nov 2019 19:01:53 GMT):
Yeah..vdri can have its own store...

swcurran (Tue, 05 Nov 2019 19:02:36 GMT):
VDR is for the ledger - it's in the W3C standard. Nothing (AFAIK) to do with the storage that we're talking about. And, it does align with what DIF talks about with hubs, I think.

swcurran (Tue, 05 Nov 2019 19:03:11 GMT):
Verifiable Data Registry - it's for the DIDs and DIDDocs, and other metadata from a public ledger.

Baha-sk (Tue, 05 Nov 2019 19:04:47 GMT):
is protocol state meant to be part of VDRi?

Baha-sk (Tue, 05 Nov 2019 19:05:16 GMT):
then it should be in its own storage

filip.burlacu (Tue, 05 Nov 2019 19:05:31 GMT):
I don't think protocol state fits under any of the stores in the pluggable component layer

cam-parra (Tue, 05 Nov 2019 19:05:39 GMT):
here is a rough draft of my aries-kms rfc btw... it hasnt been reviewed by the other parties I've been working with yet so it is subjuect to change

cam-parra (Tue, 05 Nov 2019 19:05:42 GMT):
https://github.com/mac-arrap/aries-rfcs/tree/master/concepts/0276-key-management-service

cam-parra (Tue, 05 Nov 2019 19:07:49 GMT):
If you have concerns let me know but take it easy, it's a growing effort (since some seem to want to tear down all things KMS)

cam-parra (Tue, 05 Nov 2019 19:07:49 GMT):
If you have concerns let me know but take it easy, it's a growing effort (since some seem to want to tear down all things KMS) :)

Baha-sk (Tue, 05 Nov 2019 19:09:15 GMT):
that's fine, we're starting to work on Go version of KMS as we speak.. and i'm intending to use 2 storages, one for raw keys and one for references.. and it's still in its early stages...

Baha-sk (Tue, 05 Nov 2019 19:09:15 GMT):
that's fine, we're starting to work on the Go version of KMS as we speak.. and i'm intending to use 2 storages, one for raw keys and one for references.. and it's still in its early stages...

cam-parra (Tue, 05 Nov 2019 19:10:28 GMT):
I am starting work on the Rust kms. I can share the repo with y'all tomorrow

Baha-sk (Tue, 05 Nov 2019 19:10:33 GMT):
as a first phase, we're not going to support keys lifecycle (rotating, purging of keys) only creating keys..

cam-parra (Tue, 05 Nov 2019 19:10:37 GMT):
currently swamped with team interviews

cam-parra (Tue, 05 Nov 2019 19:11:00 GMT):
if you don't handle deleting keys you might want to stick with indy-sdk

cam-parra (Tue, 05 Nov 2019 19:11:00 GMT):
if you don't handle deleting keys you might want to stick with indy-walletg

cam-parra (Tue, 05 Nov 2019 19:11:00 GMT):
if you don't handle deleting keys you might want to stick with indy-wallet

Baha-sk (Tue, 05 Nov 2019 19:12:08 GMT):
we will eventually... i'm trying to get something built and used by our Crypto component.. then we'll add more features to it

filip.burlacu (Tue, 05 Nov 2019 19:13:20 GMT):
we intend to but as far as I understand the plugin interfaces themselves are uncertain as yet

Baha-sk (Tue, 05 Nov 2019 19:14:35 GMT):
crypto component is pluggable in the Aries go version we have.. only that they must be implemented in Go.. we haven't implemented the more general (C-Callable) plugins yet

cam-parra (Tue, 05 Nov 2019 19:15:16 GMT):
we should probably find a way to merge our efforts here. We want kms to be as solid and adoptable as possible

Baha-sk (Tue, 05 Nov 2019 19:15:40 GMT):
and our interface is custom for now.. as we don't have a community interface to follow

Baha-sk (Tue, 05 Nov 2019 19:16:30 GMT):
sure.. it does make sense to have 1 interface for Crypto another for KMS, VRDi, etc.

filip.burlacu (Tue, 05 Nov 2019 19:17:36 GMT):
for crypto we certainly need plugins for HSM and for wasm

troyronda (Tue, 05 Nov 2019 19:17:48 GMT):
We plan to allow plugable crypto as an option, in addition to native Go crypto.

troyronda (Tue, 05 Nov 2019 19:18:59 GMT):
Note: this requires creating a C-Go wrapper of C callable plugin interface and exposing the Go interface to the framework.

filip.burlacu (Tue, 05 Nov 2019 19:19:09 GMT):
come to think of it, my current concern with the design is that the KMS and crypto service are split, when both need to touch secrets unless the KMS is supposed to rely on the crypto service interface for all key wrapping etc

troyronda (Tue, 05 Nov 2019 19:19:37 GMT):
meaning we want to make sure the API surface is well aligned :)

cam-parra (Tue, 05 Nov 2019 19:20:00 GMT):
my design of the KMS includes a plugable crypto layer

Baha-sk (Tue, 05 Nov 2019 19:35:57 GMT):
@cam-parra since KMS is responsible for managing keys... wouldn't the Crypto service the one depending on it to get/store/update keys? i don't see why we would plug a Crypto service into KMS

Baha-sk (Tue, 05 Nov 2019 19:38:15 GMT):
I would rather say the Crypto service has a pluggable KMS layer, what do you think?

troyronda (Tue, 05 Nov 2019 19:44:08 GMT):
I think of it as KMS having a pluggable Crypto.

Baha-sk (Tue, 05 Nov 2019 19:50:39 GMT):
then this Crypto service should be used to encrypt/protect keys in the storage.. this would be a different service than the one use for Encrypting/Decrypting a DIDComm envelope

Baha-sk (Tue, 05 Nov 2019 19:50:39 GMT):
then this Crypto service should be used to encrypt/protect keys in the storage.. this would be a different service than the one used for Encrypting/Decrypting a DIDComm envelope

filip.burlacu (Tue, 05 Nov 2019 19:52:03 GMT):
we have key wrapping, if I understand correctly that goes through LOX, and then we have the keys in the KMS being used in crypto operations

Baha-sk (Tue, 05 Nov 2019 19:54:04 GMT):
but i see the crypto operations as the ones needing the KMS to `get` the keys

Baha-sk (Tue, 05 Nov 2019 19:54:04 GMT):
but i see the crypto operations as the ones needing the KMS to `fetch` the keys

filip.burlacu (Tue, 05 Nov 2019 19:58:42 GMT):
and that's fine, because key wrapping uses a key from LOX so you don't get a circular dependency

swcurran (Tue, 05 Nov 2019 20:25:49 GMT):
This is me being in way over my head, but seeing a pattern. Can you make the native go implementation so that it is pluggable? In the indy wallet, a native and pluggable implementation was created and our devs found it to be a pain in the butt. Two paths to support, to sets of tests (but the pluggable tests not created...) and so on. From that I took that having only a pluggable implementation as a preferred approach. Does that apply here?

swcurran (Tue, 05 Nov 2019 20:25:49 GMT):
This is me being in way over my head, but seeing a pattern. Can you make the native go implementation so that it is pluggable? In the indy wallet, a native and pluggable implementation was created and our devs found it to be a pain in the butt. Two paths to support, two sets of tests (but the pluggable tests not created...) and so on. From that I took that having only a pluggable implementation as a preferred approach. Does that apply here?

troyronda (Tue, 05 Nov 2019 20:27:47 GMT):
The native go implementation is, itself, pluggable.

troyronda (Tue, 05 Nov 2019 20:27:47 GMT):
The native go implementation is, itself, already pluggable.

troyronda (Tue, 05 Nov 2019 20:28:09 GMT):
We have defaults if you don't provide your own implementation.

troyronda (Tue, 05 Nov 2019 20:29:12 GMT):
The existing pluggable interfaces are listed here: https://godoc.org/github.com/hyperledger/aries-framework-go/pkg/framework/aries

cam-parra (Tue, 05 Nov 2019 20:31:20 GMT):
Great discussion... sorry to jump in kind of late. I split my time with other reponsibilities at Kiva and the community. Anyways my question is: should we design the interface for these various layers in our KMS RFC? if so could we set a time where we can do this. I think @MALodder could really help us with the crypto layer api as well

swcurran (Tue, 05 Nov 2019 20:33:27 GMT):
I think we're saying the same thing, so all good. You have one crypto API and you can have plugins that implement that API. One plugin is the native go implementation. The indy design was two APIs, one API to a "native driver" and another to a pluggable API, with several plugin implementations. The two APIs was (IMHO) bad.

cam-parra (Wed, 06 Nov 2019 00:17:13 GMT):
If you have any ideas or corrections or proposed APIs for the KMS please make a PR to https://github.com/mac-arrap/aries-rfcs/tree/master/concepts/0276-key-management-service

cam-parra (Wed, 06 Nov 2019 00:17:59 GMT):
Really enjoying the community being so lively today and talking about these very important decisions

danielhardman (Wed, 06 Nov 2019 01:34:13 GMT):
It sounds to me like some of the foregoing discussion mixes pluggability issues at multiple levels or layers. Big Aries subsystems are things like VDRI, KMS, and Creds. Each of these big subsystems needs to see the other subsystems through abstract interfaces, without worrying about the details of how they are implemented--and each also needs plugin capability such that we can supply the features of that subsytem in different ways. So, for example, we ought to be able to plug different implementations into the Creds subsystem, so we can support various flavors and versions of credentials in a single process or product. As I understand it from comments by @troyronda , there's another kind of pluggability that's also desirable, which is replacing entire subsystems. That is, the subsystem of Aries that supplies KMS features could be either built using Go, or built using Rust. This is an interesting feature, and I get why it is desirable--but I don't think it's the same pluggability as the other one I just defined.

troyronda (Wed, 06 Nov 2019 02:02:38 GMT):
@danielhardman I think I am missing the nuance. The Go framework plans to allow each of these subsystems to be replaced (pluggable). These pluggable interfaces are exposed individually for each subsystem. The interfaces are exposed as Go, but a c-callable library can be wrapped into this interface. Hence either Go code or Rust code can be plugged into each subsystem interface.

troyronda (Wed, 06 Nov 2019 02:26:19 GMT):
I will also argue that it is beneficial for the larger community to enable development beyond rust. The rust sub-components will be much less useful / interesting if we can’t mix-in efforts from other languages.

troyronda (Wed, 06 Nov 2019 02:26:19 GMT):
I will also argue that it is beneficial for the larger community to enable development beyond rust. The rust sub-components will be less usefulinteresting if we can’t mix-in efforts from other languages. In our case Go ... (and also hopefully WebAssembly also becomes an option).

troyronda (Wed, 06 Nov 2019 02:26:19 GMT):
I will also argue that it is beneficial for the larger community to enable development beyond rust. The rust sub-components will be less interesting if we can’t mix-in efforts from other languages. In our case Go ... (and also hopefully WebAssembly also becomes an option).

danielhardman (Wed, 06 Nov 2019 04:39:04 GMT):
I'm not arguing against the strategy the Go framework is taking. I am saying it is an additional type of plugin, over and above the other type of plugin that's contemplated. The other type of plugin isn't a plugin of KMS or VDRI; it's a plugin of a service layer below KMS or VDRI that has no public interface--only a contract with its KMS or VDRI host.

danielhardman (Wed, 06 Nov 2019 05:00:23 GMT):
Perhaps the difference would be best illustrated by a more concrete example. Suppose I am writing an agent. I begin with features for the encryption envelope and message routing. Maybe I implement them in F# from scratch. Now I would like to use Aries to improve my feature set in 2 ways: 1. I'd like to replace the informal key management that I have been doing with something more structured and spec-compliant, leveraging the Aries KMS. 2. I'd like to implement credential exchange, say using JWT credentials. It seems to me that plugins could help me in two different ways. Approach A: I introduce a dependency between my F# codebase and Aries core. This gives me standard C-callable interfaces for a KMS component and a Cred component. I then have to choose which plugin *underneath* these codebases I will activate to give Aries core the flavor I want. These plugins are libraries that I can either static link against, or install and link dynamically at runtime. I don't care what interface they provide, because I don't see any of it; the generic KMS component and Cred component call these plugins for me, as an indirect result of the C-callable functions I invoke against the generic KMS and Cred interfaces. I decide I will activate the plugin for JWT creds, and the plugin that activates mongo-DB-based persistence for KMS. Approach B: I don't care if there is such a thing as Aries core, except as a theoretical concept on paper. I consume an implementation of KMS that suits me, and an implementation of Creds that suits me. Alternative implementations of subsystems may or may not have a common generic interface; that's an uninteresting detail as well. Subsystem plugins like this bind tightly to specific details like which programming language's ABI [no, that's not a typo of "API"] they support, which persistence technology is behind the KMS, which cred ecosystem they use, which blockchain they like, etc. I'm not arguing for or against either approach here; I see that each of them has pros and cons. I'm just trying to highlight the difference. Did I clarify enough to accomplish that?

danielhardman (Wed, 06 Nov 2019 05:09:10 GMT):
VDRI = "verifiable data registry interface". This is not the thing that contains credentials; it's the thing outside your local storage that you check when you want to know if credentials are valid. In other words, VDRI is the interface to a blockchain, IPFS, or something similar. I think @swcurran is correct that we need an additional component that occupies the same logical spot as data hubs. However, I don't think it needs to be very sophisticated for now. For example, a simple folder on disk would provide a reasonable (though somewhat feature-restricted) starting impl. This idea of needing additional components, one of which might be a "hub" thing, is mentioned on this slide in the red text: https://docs.google.com/presentation/d/1L5L4QcZOATrn9rj4bEMmlbvij9XWyqgQRoWO-HNiUGw/edit#slide=id.g6f6594a78a_0_91

danielhardman (Wed, 06 Nov 2019 05:09:10 GMT):
Regarding some of the earlier messages today about whether we need a place to store credentials, and whether that place is hubs or VDRI or something different... VDRI = "verifiable data registry interface". This is not the thing that contains credentials; it's the thing outside your local storage that you check when you want to know if credentials are valid. In other words, VDRI is the interface to a blockchain, IPFS, or something similar. I think @swcurran is correct that we need an additional component that occupies the same logical spot as data hubs. However, I don't think it needs to be very sophisticated for now. For example, a simple folder on disk would provide a reasonable (though somewhat feature-restricted) starting impl. This idea of needing additional components, one of which might be a "hub" thing, is mentioned on this slide in the red text: https://docs.google.com/presentation/d/1L5L4QcZOATrn9rj4bEMmlbvij9XWyqgQRoWO-HNiUGw/edit#slide=id.g6f6594a78a_0_91

swcurran (Wed, 06 Nov 2019 05:15:22 GMT):
I think it does need to be encrypted (PII in the common case), so that involves keys, and it needs to be part of both backup and restore and export/import, as without it, the "Digital Wallet" is not backed up or portable. So I think it very quickly needs to be more complicated. As well, the place to keep the protocol state also needs to be put somewhere, needs to be fast, and needs to encrypted, as it too will hold PII in the common case. This does not need to be part of the export/import process.

TelegramSam (Wed, 06 Nov 2019 13:55:09 GMT):
Timezone Note: The Aries Afternoon WG Call is anchored in the US, which just switched back from Daylight Savings Time. I've updated the non-us times shown on the Aries WG Wiki Page for the B call to reflect that change: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

troyronda (Wed, 06 Nov 2019 14:57:18 GMT):
I would also suggest that the additional component may desire to use the same backing store as KMS (and that could be a locking in-process DB like LevelDB). It would be beneficial if the storage could be injected into KMS rather than KMS wrapping a storage.

esplinr (Wed, 06 Nov 2019 14:59:01 GMT):
Starting the Aries WG A call in 2 minutes: https://zoom.us/j/244779296

MALodder (Wed, 06 Nov 2019 15:46:58 GMT):
https://docs.google.com/document/d/10AXC6tRe_aqPPySeV4QzJbrteiTn5vxP9TVNSCJX2wA/edit

mwherman2000 (Wed, 06 Nov 2019 18:33:53 GMT):
FYI: I've been working to extend the original did-spec work into a concept called Universal Digital Identifiers (Universal DIDs). In addition, I’ve started building an end-to-end platform and network that instantiates these capabilities called the Trusted Digital Web (TDW). I've just published a fairly extensive #whitepaper (60 pages) describing the #TrustedDigitalWeb project. The Preview Draft can be found here: https://hyperonomy.com/2019/11/06/trusted-digital-web-whitepaper/ Feedback is welcome.

vineethkrishnan12 (Thu, 07 Nov 2019 09:15:40 GMT):
Has joined the channel.

HLFPOC (Thu, 07 Nov 2019 10:01:03 GMT):
Hi Team, Need some information on creating and resolving DIDs. Actually I want to implement a custom Identity platform based on SSI standards with an underlying DLT platform (permissioned one, but not finalized it yet). To achieve this, wanted to understand, can we make our own custom DID method for creating DIDs for this platform or should we use existing DID methods (like sovrin,uPort etc.)

domwoe (Thu, 07 Nov 2019 11:22:27 GMT):
Is there a possibility to send an invitation message from one agent to another given its public DID (i.e. its endpoint), instead of "manually" transporting the invitation object?

DibbsZA (Thu, 07 Nov 2019 13:10:47 GMT):
If you are running a seperate network, then you have to register a new DID method so that the resolution of that uniquly points to your network. If you new network is a copy/past of an existing one then you can cookie cutter the current specification (with anme change) UNLESS your network implements specific new rules or crypto etc

DibbsZA (Thu, 07 Nov 2019 13:10:47 GMT):
If you are running a seperate network, then you have to register a new DID method so that when resolving that, it uniquly points to your network. If you new network is a copy/past of an existing one then you can cookie cutter the current specification (with anme change) UNLESS your network implements specific new rules or crypto etc

DibbsZA (Thu, 07 Nov 2019 13:10:47 GMT):
If you are running a seperate network, then you have to register a new DID method so that when resolving that, it uniquely points to your network. If you new network is a copy/past of an existing one then you can cookie cutter the current specification (with anme change) UNLESS your network implements specific new rules or crypto etc

DibbsZA (Thu, 07 Nov 2019 13:10:47 GMT):
If you are running a seperate network, then you have to register a new DID method so that when resolving that, it uniquely points to your network. If your new network is a copy/paste of an existing one then you can cookie cutter the current specification (with name & address change) UNLESS your network implements specific new rules or crypto etc which you will then have to define

DibbsZA (Thu, 07 Nov 2019 13:17:56 GMT):
According to Sov DID spec: ``` Namestring Generation Method The 16-byte uuid underlying a Sovrin DID can be generated in various ways--using standard uuid methods, for example, or by selecting the first 16 bytes of a 256 bit Ed25519 verification key (the public portion of the key pair). In the latter case, there may or may not be an active verification key for the identity owner; that information is only available in the key descriptions in the owner section of the DID Document. A convenient regex to match sov DIDs is: ^[1-9A-HJ-NP-Za-km-z]{21,22}$ A convenient regex to match the entire did string is: ^did:sov:[1-9A-HJ-NP-Za-km-z]{21,22}(?(?::\w[-\w]*)*)$ ```

DibbsZA (Thu, 07 Nov 2019 13:17:56 GMT):
There is no "ARIES" method as Aries is meant to enable multiple network support. Aries would just call a DID create method provided by the underlying network connector. According to Sov DID spec: ``` Namestring Generation Method The 16-byte uuid underlying a Sovrin DID can be generated in various ways--using standard uuid methods, for example, or by selecting the first 16 bytes of a 256 bit Ed25519 verification key (the public portion of the key pair). In the latter case, there may or may not be an active verification key for the identity owner; that information is only available in the key descriptions in the owner section of the DID Document. A convenient regex to match sov DIDs is: ^[1-9A-HJ-NP-Za-km-z]{21,22}$ A convenient regex to match the entire did string is: ^did:sov:[1-9A-HJ-NP-Za-km-z]{21,22}(?(?::\w[-\w]*)*)$ ```

DibbsZA (Thu, 07 Nov 2019 13:18:08 GMT):
amestring Generation Method The 16-byte uuid underlying a Sovrin DID can be generated in various ways--using standard uuid methods, for example, or by selecting the first 16 bytes of a 256 bit Ed25519 verification key (the public portion of the key pair). In the latter case, there may or may not be an active verification key for the identity owner; that information is only available in the key descriptions in the owner section of the DID Document. A convenient regex to match sov DIDs is: ^[1-9A-HJ-NP-Za-km-z]{21,22}$ A convenient regex to match the entire did string is: ^did:sov:[1-9A-HJ-NP-Za-km-z]{21,22}(?(?::\w[-\w]*)*)$

DibbsZA (Thu, 07 Nov 2019 13:25:01 GMT):
I guess it may be possible if the agent support unsolicited connection requests. Not clear if this is currently supported?

domwoe (Thu, 07 Nov 2019 13:39:23 GMT):
Yeah, we solved it by starting the agent with "--public-invites" argument

DibbsZA (Thu, 07 Nov 2019 13:42:24 GMT):
Same. I guess I just missed it in all those startup options :blush:

TelegramSam (Thu, 07 Nov 2019 14:35:06 GMT):
Yesterday's call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24773976

JeromeK (Thu, 07 Nov 2019 14:41:01 GMT):
Hey Guys I have two questions regarding the Aries-Cloudagent-Python(https://github.com/hyperledger/aries-cloudagent-python) My run command: `aca-py start --inbound-transport http 0.0.0.0 8080 --outbound-transport http --invite --admin 0.0.0.0 8100 --admin-insecure-mode --seed $SEED --genesis-file ./genesis.txn` 1) After this request: `curl -X POST "http://localhost:8100/ledger/register-nym?did=V4SGRU86Z58d6TV7PBUe6f&verkey=GJ1SzoWzavQYfNL9XkaJdrQejfztN4XqdsiV4ct3LXKL" -H "accept: application/json"` i get a 403: Forbidden - where do i need permissons? (DID im using is a Trustee on the Testnet) 2)When trying to issue a Schema I get a "No instance provided for class: BaseLedger" error" (see screenshot)

swcurran (Thu, 07 Nov 2019 15:25:06 GMT):
I don't have a quick answer for you, but the folks that know will be online pretty soon. Have you looked at the examples in the /demo folder for their start up parameters?

JeromeK (Thu, 07 Nov 2019 16:07:53 GMT):
Hey @swcurran Thanks for the info:thumbsup: Yes I did, I've found those parameter https://github.com/hyperledger/aries-cloudagent-python/blob/9d6ec5c7c65b9d5907cdb5a05308f8efbd8793d8/demo/runners/support/agent.py#L154 It could be that im missing the Wallet-Parameters but then i would wonder how i can "store and create" new DIDs - In memory? Im also just playing around with the Admin-API (which is awesome) so all the needed values should be there Greets Jérôme

JeromeK (Thu, 07 Nov 2019 16:07:53 GMT):
Hey @swcurran Thanks for the info:thumbsup: Yes I did, I've found those parameter https://github.com/hyperledger/aries-cloudagent-python/blob/9d6ec5c7c65b9d5907cdb5a05308f8efbd8793d8/demo/runners/support/agent.py#L154 It could be that I'm missing the Wallet-Parameters but then I would wonder how I can "store and create" new DIDs - In memory? I'm also just playing around with the Admin-API (which is awesome) so all the needed values should be there Greets Jerome

troyronda (Thu, 07 Nov 2019 17:55:58 GMT):
aries-framework-go 0.1.0 draft release notes are posted: https://github.com/hyperledger/aries-framework-go/issues/720

danielhardman (Thu, 07 Nov 2019 18:56:52 GMT):
Kudos, @troyronda and @george.aristy and team!

danielhardman (Thu, 07 Nov 2019 20:38:00 GMT):
I wanted to announce that ssimeetup.org will be offering a webinar about peer DIDs on Nov 21 at 1 pm Mountain time. I don’t have dial-in info yet, but I’ll report back when I do. I’m the presenter, and I will be doing a demo of the synchronization algorithm, exploring the CRDT semantics that we built from work done on hubs at DIF, and taking questions about the security model.

helengarneau (Thu, 07 Nov 2019 22:14:35 GMT):
The Aries Connectathon event (December 3-5) has a wiki! All the info for registration and sponsorship is listed on the various pages. Please let me know if you have further questions. https://wiki.hyperledger.org/display/AriesConnect/Aries+Connect-a-thon

Dubh3124 (Fri, 08 Nov 2019 02:33:29 GMT):
Hey all, trying to catch back up on the latest changes of cloud agents with Aries. I have my aries-cloudagent-python container running but I 403 when I try to get the Verkey of my agent's DID from the ledger (i.e GET /ledger/did-verkey). Is that 403 due to the connection to the ledger?

andrew.whitehead (Fri, 08 Nov 2019 04:04:42 GMT):
It looks like it can raise that for two reasons, either because the ledger hasn't been configured (no genesis-url or genesis-file, or not using an Indy wallet) - or because the current public DID doesn't have permission to do that

Dubh3124 (Fri, 08 Nov 2019 18:38:48 GMT):
Gotcha, I was looking into the container to find log entries, but could not find any. Do I need to use the ptvsd debugger to get a full readout?

andrew.whitehead (Fri, 08 Nov 2019 19:04:27 GMT):
You can increase the log level with —log-level but the sdk output is pretty noisy

DibbsZA (Fri, 08 Nov 2019 19:17:00 GMT):
Hi all. I am using the AcaPy agent for the first time to issue a credential to the StreetCred app. I get the notification that a message has been received, but then I don't see anything in the app. No prompt, no credentials. As there are quite a few choices in the credential issuance class, I am wondering if I picked the wrong method to use? I am using: `/issue-credential/send`

esplinr (Fri, 08 Nov 2019 20:10:22 GMT):
Evernym's latest demo of our contributions to Hyperledger includes a demo of LibVCX working with ACA-Py, and a discussion of performance and stability testing of Indy Node with the view change enhancements: https://www.youtube.com/watch?v=OSpssHQXlOI&list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF

Dubh3124 (Fri, 08 Nov 2019 22:16:39 GMT):
Hmm I use --log-level debug but only get http requests, no sdk output

Dubh3124 (Sat, 09 Nov 2019 03:53:00 GMT):
Still the same. This is how I am starting the agent ``` PORTS="5000:5000 8000:8000 8001:8001 1000:1000" scripts/run_docker start - -admin-insecure-mode --genesis-url https://dub-indy.s3.us-east-2.amazonaw s.com/ptgenesis --seed 000000000000000000000000Steward1 --wallet-name Age nt1 --wallet-key=SuperAgent1! --inbound-transport http 0.0.0.0 8000 --out bound-transport http --admin 0.0.0.0 8001 --log-level 'debug' ```

Dubh3124 (Sat, 09 Nov 2019 09:32:55 GMT):
I figured it out! You have to set wallet-type to 'indy'

jljordan_bcgov (Sat, 09 Nov 2019 13:20:48 GMT):
That’s great! Look forward to a UI based demo!

Dubh3124 (Sat, 09 Nov 2019 17:43:07 GMT):
To make it easier, for me at least, to programmatically use the aries-cloudagent-python API, I took the swagger.json file and ran it through Swagger's client generator to create a client API wrapper. Is there a reason to not create the client API wrapper this way?

Dubh3124 (Sat, 09 Nov 2019 17:45:20 GMT):
Does such a client API wrapper exist already?

andrew.whitehead (Sat, 09 Nov 2019 19:02:53 GMT):
It doesn't exist that I know of, hopefully it works!

swcurran (Sat, 09 Nov 2019 23:14:15 GMT):
Great idea! That becomes a controller-generator, available in all languages supported by swagger. FYI - the team building the go framework is using the same Admin API as aca-py, which means your generated controller has a decent chance of working with both implementations. We've not done a lot to ensure that yet, but so far we're compatible.

swcurran (Sat, 09 Nov 2019 23:18:00 GMT):
Folks, per the discussion at last Wednesday's afternoon Aries WG call, we've submitted a PR to the aries-rfcs repo that defines in an RFC a process for establishing a version of Aries Stable, and proposes the contents for Aries Stable v1.0.0. Please see the README in the PR for RFC 0302-aries-stable for details. Glad to hear thoughts from others about the process and about the contents of the first version. https://github.com/hyperledger/aries-rfcs/blob/d2e8df9d37a0622a0f013224023b41733fb377a5/concepts/0302-aries-stable/README.md

jljordan_bcgov (Sun, 10 Nov 2019 05:48:47 GMT):
Note that Aries Stable denotes a suite of protocols ... it’s not “stable code” but a defined set of specific RFPs that an Aries agent can implement

Dubh3124 (Sun, 10 Nov 2019 07:23:32 GMT):
It's has been working great so far! If this can be apart of the build process then everyone could use that as general controller logic across all languages Aries supports

tomislav (Sun, 10 Nov 2019 14:17:15 GMT):
On the topic of swagger gen clients, I would suggest using Autorest (https://github.com/Azure/autorest). It's a great tool with support for Authentication and much more. It's also easily integrated in CI. (example https://github.com/streetcred-id/service-clients/blob/860d1eeb0a9f82f2c3d89f32e97e844bc1504372/azure-pipelines.yml#L44)

tomislav (Sun, 10 Nov 2019 14:17:59 GMT):
The build-in swagger hub tool is nice, but it's more of a convenience tool.

wip-abramson (Sun, 10 Nov 2019 14:25:11 GMT):
Hi, can anyone provide me with some detail on how the handlers of an aca-py controller should work. I am attempting to implement a node controller and have got initial connection with a python controlled agent working but the handle_connections function in the node controller code is never getting called. Cheerse

swcurran (Sun, 10 Nov 2019 14:37:15 GMT):
@andrew.whitehead can help. FYI: Sean on our team (not sure he's on rocketchat yet) has been working on an aries-cloudcontroller-node project that might help. He's close to wrapping up a couple of projects using it, and building a third. Very lightly documented at this time, so may not be too much help yet. You could ask Sean questions on github issues. https://github.com/bcgov/aries-cloudcontroller-node

DibbsZA (Mon, 11 Nov 2019 06:25:41 GMT):
I also used the swagger client gen method with both Angular and dotNet. the only problem is that you tend to forget completely about the webhook that you have to implement and there is no easy generator for that.

Dubh3124 (Mon, 11 Nov 2019 10:21:02 GMT):
Just ran into my first snag as well. A lot of "responses" configs are missing which is causing GET responses to be Null even though, according to the logs, the Agent is successfully handling request/response to ledger.

Dubh3124 (Mon, 11 Nov 2019 10:23:16 GMT):
From Swagger Editor ``` /ledger/did-verkey: get: parameters: - name: did in: query schema: type: string required: true responses: {} tags: - ledger summary: Get the verkey for a DID from the ledger. produces: - application/json ``` Structural error at paths./ledger/did-verkey.get.responses should define at least one response Jump to line 155

Dubh3124 (Mon, 11 Nov 2019 10:26:21 GMT):
Swagger Yaml file: https://pastebin.com/AH0wEVSD Full Error Output for all APIs: https://pastebin.com/tmgzGYf4

Dubh3124 (Mon, 11 Nov 2019 10:27:09 GMT):
If someone can direct me to where I can fix the Swagger Doc, I can try to fix this.

gordon_hkpkiforum (Mon, 11 Nov 2019 10:33:14 GMT):
Has joined the channel.

DibbsZA (Mon, 11 Nov 2019 13:31:58 GMT):
Is the swagger not auto generated when the agent is compiled? Is the python code just not missing the relevant decorators?

swcurran (Mon, 11 Nov 2019 14:20:54 GMT):
As I understand it, the swagger is generated using marshmallow. Searching the code should find the snippets where the marshmallow is invoked.

tomislav (Mon, 11 Nov 2019 14:29:05 GMT):
I am craving marshmallows now. Thanks a lot @swcurran

Dubh3124 (Tue, 12 Nov 2019 06:20:36 GMT):
I found a fix for this. The ledger routes do not have response schemas implemented. Doing something similar fixed this ``` """Ledger admin routes.""" from aiohttp import web from aiohttp_apispec import docs, response_schema from marshmallow import Schema, fields from .base import BaseLedger from .error import LedgerTransactionError class ResponseSchema(Schema): verkey = fields.Str() @response_schema(ResponseSchema(), 200) async def get_did_verkey(request: web.BaseRequest): """ Request handler for getting a verkey for a DID from the ledger. Args: request: aiohttp request object """ context = request.app["request_context"] ledger = await context.inject(BaseLedger, required=False) if not ledger: raise web.HTTPForbidden() did = request.query.get("did") if not did: raise web.HTTPBadRequest() async with ledger: r = await ledger.get_key_for_did(did) return web.json_response({"verkey": r}) ```

Dubh3124 (Tue, 12 Nov 2019 06:24:03 GMT):
My log output using python swagger client ``` INFO:src.agent.agent:{'verkey': 'bitv2z9n69v4yD3Htdsc7pv3FiNE2jeX2YvxgCXz7VY'} ```

Dubh3124 (Tue, 12 Nov 2019 06:24:03 GMT):
My log output using swagger generated python client ``` INFO:src.agent.agent:{'verkey': 'bitv2z9n69v4yD3Htdsc7pv3FiNE2jeX2YvxgCXz7VY'} ```

prieblinger (Tue, 12 Nov 2019 09:12:46 GMT):
@danielhardman @swcurran @brentzundel @kenebert I would like to provide you with a draft of the RFC on a procedure for proof negotiation, as described by me a while ago. You can find the draft on @CHempel 's Github, right here: https://github.com/CHempel-esatus/aries_draft/blob/master/Aries_RFC_draft.md We are looking forward to your feedback on this before we make this a feature RFC.

danielhardman (Tue, 12 Nov 2019 09:23:58 GMT):
@prieblinger : I did a quick scan, and what you are proposing makes pretty good sense to me. Some points of feedback: 1. Have you reconciled this work against similar work being done by Workday? If we can have one aligned mechanism instead of 2 competing ones, that would be desirable... 2. I think the response to the proof request needs to include something I'm calling a "proof reconciliation" which shows which of several valid paths to satisfy the proof request is the one taken by the prover. 3. The use of weights is mysterious to me. Aren't we assuming that you either do or do not satisfy the request (binary) rather than satisfying a request in some partial degree? 4. I don't get the openid stuff. Need more explanation/commentary about that. 5. How can you deal with self-attested attributes that have no other source than the prover's say-so?

prieblinger (Tue, 12 Nov 2019 09:46:32 GMT):
Thank you for your feedback, we appreciate that! 1. That's a valid point. We don't want no redundancy. Can you point me to the content you are referring to? I'm having trouble finding it on my own. 2. We will think about how we can implement this and come back to you. 3. Weights come into play when talking about OR-connected attributes, like "you can provide a passport *or* a driver's license". The weight is meant to enable the verifier to express that they prefer one of the options over the other. 4. The openid-thingy was taken from the Credential Manifest. I think it includes access to OAUTH into a proof. It is not relevant for the scope of this RFC draft, so we might just kick it out to prevent confusion. 5. As we are talking about the negotiation of a proof here, I was considering self-attested attributes as undesired and out-of-scope, as we are only talking about provable attributes. Am I wrong in this?

wip-abramson (Tue, 12 Nov 2019 12:13:31 GMT):
Thanks! looks pretty well developed. Ill have a dig around.

sklump (Tue, 12 Nov 2019 12:49:05 GMT):
*Naïve question* Suppose Alice has two Aries agents (e.g., laptop, mobile). Alice gets a credential via her laptop agent. What is the process by which she can use this credential with her mobile agent? What RFCs/discussions should I be looking at to understand how distinct wallets sync up for the same holder? Or is the assumption that they share a wallet in the cloud?

ruairiq (Tue, 12 Nov 2019 13:02:00 GMT):
Hi All, I've been wading through documentation and demos for a few days now (which are really impressive), just want to confirm what we intend is possible. A team of us at PwC aim to build a PoC to confirm the hash for a certificate has been included in a BTC transactions, then issue a verifiable certificate to a Connect.me wallet. We plan to have an agent (running a Dockerised version of `aries-cloudagent-python`) and a controller (a NodeJs app running in a separate process sending HTTP requests to agent). Could anyone confirm that this approach is feasible. Some concerns we have are: 1. Will we be able to communicate between the running instance of `aries-cloudagent-python` and the Connect.me wallet over DIDComm? 2. Once the `aries-cloudagent-python` agent and the Connect.me wallet are connected, is it as simple as sending the like of a POST `/issue-credential/send` request to the agent and DIDComm will ensure it reaches Connect.me?

tomislav (Tue, 12 Nov 2019 13:46:39 GMT):
We haven't dealt with this topic yet in a specific technical implementation. Cloud wallet is obviously the most straightforward solution to cross device sync. Another option is to leverage vendor specific app data syncing that only works across iOS and Android devices. This means if you create the wallet in a location that the mobile OS considers app data, it will be synced in almost real time across user's devices. We've only briefly tested this with iOS and it seemed to work pretty well.

tomislav (Tue, 12 Nov 2019 13:49:18 GMT):
There are some challenges to be solved here, like which device gets the message from the mediator agent first, do all devices get push notification, etc.

sklump (Tue, 12 Nov 2019 13:51:13 GMT):
Does it look like a bits-to-bits duplication (since, by design, copying a credential is not a libindy feature)? Like I said, naïve question.

tomislav (Tue, 12 Nov 2019 13:51:40 GMT):
The entire sqlite.db gets copied over

sklump (Tue, 12 Nov 2019 13:52:18 GMT):
I remember at the Utah thing last February the vision was to have agents:wallets look like nodes:ledgers, but that was a stretch goal.

tomislav (Tue, 12 Nov 2019 13:53:59 GMT):
It's still a stretch goal. The app data syncing is just leveraging an existing feature mobile OS offer today and consider the wallet is just a sqlite file, the syncing can be done without much friction

tomislav (Tue, 12 Nov 2019 13:54:36 GMT):
This is how apps sync data today in most scenarios

tomislav (Tue, 12 Nov 2019 13:55:08 GMT):
Conflict resolution relies on the vendor specific sync method.

tomislav (Tue, 12 Nov 2019 13:55:59 GMT):
I accidentally a word or two there :)

swcurran (Tue, 12 Nov 2019 14:45:03 GMT):
The current Connect.Me isn't using DIDComm yet, so is not compatible with ACA-Py (`aries-cloudagent-python`), but I understand that the Evernym team is working on that with a new release expected shortly. ACA-Py

swcurran (Tue, 12 Nov 2019 14:47:23 GMT):
ACA-Py exposes an HTTP interface to a controller, which sounds like the app that will issue the credential. As such, yes, to issue the credential, you will just need to POST to `send` endpoint of your ACA-Py agent. There will some setup needed, but the bulk of your app will just do that.

swcurran (Tue, 12 Nov 2019 14:48:25 GMT):
We've got several examples of ACA-Py controllers in Python and node (and I think a bash script using curl :-) ). You can use any language you want.

TelegramSam (Tue, 12 Nov 2019 15:37:40 GMT):
@sklump We have not had a good discussion about that yet, nor relationship sync between agents in the same scenario.

swcurran (Tue, 12 Nov 2019 15:51:30 GMT):
I think the idea of having agents:wallets look like nodes:ledgers has been abandoned. I think replication in some form is needed. Interesting about the mobile agent option at the OS level. @tomislav - does that include the handling of the biometric-protected key to open the wallet?

danielhardman (Tue, 12 Nov 2019 15:59:20 GMT):
In general, yes, this should work. The current build of Connect.Me and the current build of aries-cloudagent-python speak different variants of DIDComm, but by the time of the connectathon at the beginning of Dec, we expect that to be resolved. You need an acapy expert to answer question 2.

swcurran (Tue, 12 Nov 2019 16:10:08 GMT):
BTW - we have a repo - `aries-cloudcontroller-node` that is a node controller for ACA-Py. It's brand new and not well enough documented, but it could be your starting point. We'll be polishing it over the next short while. https://github.com/bcgov/aries-cloudcontroller-node

tomislav (Tue, 12 Nov 2019 16:16:34 GMT):
Correct. The keys are synced through keychain syncing, which is technically different from app data syncing, but the result is the same.

tomislav (Tue, 12 Nov 2019 16:17:03 GMT):
keychain syncing outlives the app installation, which is great for key recovery

TelegramSam (Tue, 12 Nov 2019 16:18:45 GMT):
This works well within agents produced by the same vendor, but doesn't well serve agents from different vendors.

ruairiq (Tue, 12 Nov 2019 16:31:53 GMT):
@swcurran @danielhardman thanks so much for the information. That's really helpful Daniel - could you possibly shed some light on the variants of DIDComm which they support?

mtfk (Tue, 12 Nov 2019 16:32:09 GMT):
hi guys I have quick question, is there any RFC currently in Aries which covers request of encrypting decrypting content by the wallet (if not would make sens to create one). The case here is that the Service provider does not have access to the keys. So the flow could be like this: Service App sending request to Wallet to decrypt the payload - wallet get the request checks which key (fragment) is assigned to that service and use it to decrypt the payload and send it back. So wallet serves generic purpose of encrypting/decrypting stuff on demand.

sukalpomitra (Tue, 12 Nov 2019 16:40:34 GMT):
I think you can achieve thos flow quite easily using the aca-py. You just need to create your own controller to talk to aca-py

sukalpomitra (Tue, 12 Nov 2019 16:40:34 GMT):
I think you can achieve this flow quite easily using the aca-py. You just need to create your own controller to talk to aca-py

MALodder (Tue, 12 Nov 2019 16:50:25 GMT):
I believe the new terminology is key management service that does have access to the keys. Whoever encrypts/decrypts data must have access to keys. I view the wallet as an app

mtfk (Tue, 12 Nov 2019 16:56:39 GMT):
I am just wondering if there is any protocol (message family?) which allows to have standardize feature within agent which provides feature of decrypt/encrypt of given payload

MALodder (Tue, 12 Nov 2019 16:57:10 GMT):
I'm not sure if there are messages for handling encryption as a service in agents yet

sukalpomitra (Tue, 12 Nov 2019 16:57:39 GMT):
There is not, but this can be achieved by adding your own web hooks in aca-py

tomislav (Tue, 12 Nov 2019 17:00:01 GMT):
True. To use the same agent on your iOS and Android device you would have to roll your own sync mechanic, or use cloud agents.

mtfk (Tue, 12 Nov 2019 17:12:30 GMT):
obviously knowing how to do it is one part letting everyone know to do same way is other and this is why thinking about RFC to cover that.

mtfk (Tue, 12 Nov 2019 17:13:15 GMT):
I am pretty sure that it should be on the level of the agent feature so you can discover it.

ruairiq (Tue, 12 Nov 2019 17:14:34 GMT):
Also, is https://github.com/sovrin-foundation/connector-app the best place to find the most up to date Connect.me code?

sukalpomitra (Tue, 12 Nov 2019 17:14:53 GMT):
I get your point, this can be a diff message type. What I was pointing is that you can add your own apis (web hooks) in the aca-py to call the pack/unpack wallet methods and then call them from your controller

mtfk (Tue, 12 Nov 2019 17:15:26 GMT):
but the pack/unpack works against any key within did document?

sukalpomitra (Tue, 12 Nov 2019 17:17:50 GMT):
Not any key, only works if the payload is encrypted by the aca-py wallet's public key

mtfk (Tue, 12 Nov 2019 17:38:39 GMT):
ok so once more I am looking into use case where anyone (who I allow to) can request from my agent to encrypt or decrypt the payload

mtfk (Tue, 12 Nov 2019 17:39:44 GMT):
any payload but in most cases I think it would be AES key or other key.

mtfk (Tue, 12 Nov 2019 17:40:59 GMT):
so let say that I am sending you a encrypted document which lands in your gmail inbox. Gmail is asking your wallet to decrypt the attachment to be able to show it to you.

MALodder (Tue, 12 Nov 2019 17:42:04 GMT):
@TelegramSam @dbluhm would be a good reference for how agents currently would do this

sukalpomitra (Tue, 12 Nov 2019 17:49:58 GMT):
Generally if I am not wrong as of now a single wallet cannot cater to multiple keys. Maybe what you need is a tweak of how routing keys work. So the cloud agent having a record for each service and its corresponding private key. And each time a different service can register itself with its private key. But then the user who is sending the encrypted message should also have a similar record of service and a corresponding public key. But why will I use a service to send an encrypted message? Why cant i simply connect with the recipient and do the message transfer directly? I am just trying to understand the use case.

TelegramSam (Tue, 12 Nov 2019 18:13:46 GMT):
That's the level of sync I think we need to discuss as a community.

danielhardman (Tue, 12 Nov 2019 18:34:00 GMT):
The metadata (DIDs, state) and the public keys in a KMS should sync from agent to agent. The private keys in a KMS should not sync, though they could be backed up. This means that simple bitwise copy of a KMS's persisted storage will work for backup, but not for sync.

sebastillar (Tue, 12 Nov 2019 19:19:42 GMT):
I have some issues when I try install ACA-py

sebastillar (Tue, 12 Nov 2019 19:23:18 GMT):
I need my local version of ACA running....

andrew.whitehead (Tue, 12 Nov 2019 19:25:25 GMT):
@sebastillar You will need the indy-sdk library installed as well as the python wrapper, which is called python3-indy. Current aca-py versions expect version 1.11.1

sebastillar (Tue, 12 Nov 2019 19:26:27 GMT):
oh, great! I will try. Thank youuu

mtfk (Tue, 12 Nov 2019 21:20:56 GMT):
The use case which I am having in mind is a platform which allow you to send and archive your invoices. Each invoice is encrypted in a way that only receiver can open it. It is backed by blockchain for tracking who got what and when. To keep separation between service and identity - service does not want to see or touch the key which allow to open the document. Why not sending directly to the user/agent? The reason is simple not every agent is able to handle this type of service. e.g are not always online (mobile agent), you do not have proper storage to keep everything on your side etc. And I can think of other services base on same concept - encrypted storage, payment etc... So is just a simple feature for agent as a key keeper to be able to do to this simple encrypt/decrypt sign/verify methods which then unlock you everything else. And you are still in charge even if service is on AWS or hosted by 3rd party companies (like IM with e2e encryption - they provided service but are not able to spy on data flows). Does that make any sens in the context of what I asked?

sukalpomitra (Wed, 13 Nov 2019 00:06:16 GMT):
It does. Though I want to contradict your point of "The reason is simple not every agent is able to handle this type of service. e.g are not always online (mobile agent)" - This is why we have a cloud agent for a mobile agent. The cloud agent stores the messages for the mobile edge agents which when becomes online, can then get these messages from the cloud agent.

priyashankar (Wed, 13 Nov 2019 06:20:47 GMT):
Where is Faber listed as a Trust Anchor in the Aries faber-alice demo (aries-cloudagent-python). I inspected the relevant docker file, even the individual python scripts but there was no mention of it. Maybe, I am missing something. Can anybody help me out on this one?

sukalpomitra (Wed, 13 Nov 2019 06:52:33 GMT):
If I am wrong, when you try to create a public DID in Sovrin, thats when you assign a role of trust anchor. The step to create a public did in sovrin is manual where you need to mail the sovrin team with your public did and the role and need to sign some legal agreements. The demo does not need that. I may be wrong but thats what I understand.

sukalpomitra (Wed, 13 Nov 2019 06:52:33 GMT):
If I am not wrong, when you try to create a public DID in Sovrin, thats when you assign a role of trust anchor. The step to create a public did in sovrin is manual where you need to mail the sovrin team with your public did and the role and need to sign some legal agreements. The demo does not need that. I may be wrong but thats what I understand.

andrew.whitehead (Wed, 13 Nov 2019 07:17:38 GMT):
That’s right, it uses the /register API endpoint of von-network to establish the DID as a trust anchor on a development ledger

mtfk (Wed, 13 Nov 2019 07:59:44 GMT):
Yes the thing is that not always everyone would have cloud agent. Another thing is that using cloud agent in connection of data vaults is something which probably will be common (like storing you life time picture collection or documents) and this is exactly how you could secure it.

mtfk (Wed, 13 Nov 2019 07:59:44 GMT):
Yes the thing is that not always everyone would have cloud agent. Another thing is that using cloud agent in connection of data vaults is something which probably will be common (like storing your life time picture collection or documents) and this is exactly how you could secure it.

priyashankar (Wed, 13 Nov 2019 10:11:00 GMT):
But if Faber is not a Trust Anchor, then how come it has the capability to issue a credential to Alice in the demo?

priyashankar (Wed, 13 Nov 2019 10:32:43 GMT):
I am interacting with the ledger using Swagger UI for the aries-faber-alice demo. After Faber sends in a credential offer, Alice has to send in a request corresponding to that offer. What I see, the credential exchange ids for the same process are different for both, and that's fine. I queried all offers made to Alice and it shows one such record having Faber. But when using the same exchange id, Alice is trying to send in a credential request to Faber, an error message "WalletItemNotFound" is displayed.

priyashankar (Wed, 13 Nov 2019 10:35:42 GMT):
Running one such instance of aries-cloudagent-python, the payload sent to /issue-credential/send-offer has a key "auto_issue" which is set to true by default. What does that mean?

sklump (Wed, 13 Nov 2019 11:57:54 GMT):
The runner setup invokes the DID registration that anchors Faber to the ledger. https://github.com/sklump/aries-cloudagent-python/blob/94ef616d59ab404948bbf9abfa745233d88f3213/demo/runners/support/agent.py#L196

sklump (Wed, 13 Nov 2019 11:57:54 GMT):
The runner line invokes the DID registration https://github.com/sklump/aries-cloudagent-python/blob/94ef616d59ab404948bbf9abfa745233d88f3213/demo/runners/faber.py#L132 that anchors Faber https://github.com/sklump/aries-cloudagent-python/blob/94ef616d59ab404948bbf9abfa745233d88f3213/demo/runners/support/agent.py#L196 to the ledger.

mxs1491 (Wed, 13 Nov 2019 14:54:16 GMT):
What is the state or Aries 'agnosticism'? What I mean here, the project is coming from the Indy world, and I understand the ultimate goal is method agnostic to provide the interoperability needed for the market, but at the moment, what is the state of that objective? (I also understand it is still early days in this effort,

mxs1491 (Wed, 13 Nov 2019 14:54:16 GMT):
What is the state of Aries 'agnosticism'? What I mean here, the project is coming from the Indy world, and I understand the ultimate goal is method agnostic to provide the interoperability needed for the market, but at the moment, what is the state of that objective? (I also understand it is still early days in this effort) Just trying to make sure that I do not mis-speak when talking with others.

TelegramSam (Wed, 13 Nov 2019 15:14:01 GMT):
@mxs1491 It's mostly still a goal, with too little code to show for it. Several codebases work have beginning support for Peer DIDs, and can be used without the Indy ledger.

mxs1491 (Wed, 13 Nov 2019 15:17:48 GMT):
Thanks @TelegramSam ! This space is moving so fast it is tricky to not mis-speak...

TelegramSam (Wed, 13 Nov 2019 15:18:46 GMT):
The Go framework has better (other) ledger support than most.

cam-parra (Wed, 13 Nov 2019 15:18:56 GMT):
@mxs1491 But being real there are two parts to the community those of us who want to start out agnostic and others who come from indy. There is still a lot of debate around this and we're trying to resolve these concerns so we can move ahead

TelegramSam (Wed, 13 Nov 2019 15:19:36 GMT):
@cam-parra stay tuned for the Aries WG call. I'm leading a discussion that's bound to be exiciting.

cam-parra (Wed, 13 Nov 2019 15:21:33 GMT):
Do you have the agenda for today?

swcurran (Wed, 13 Nov 2019 16:14:41 GMT):
@cam-parra - I'm not aware of any part of the Aries community that wants just Indy. Surprised at that comment.

swcurran (Wed, 13 Nov 2019 16:15:02 GMT):
Agree that there is lots of discussion, but not a lot of code being written.

bansatya (Wed, 13 Nov 2019 16:15:53 GMT):
HI, I am new to this . Can anyone tell me if I can use aries agent and libvcx to implement agent communication.

swcurran (Wed, 13 Nov 2019 16:16:38 GMT):
@bansatya not today, but my understanding is that the Evernym team is working on that as we type. Release expected soon.

cam-parra (Wed, 13 Nov 2019 16:17:34 GMT):
I did not mean that. I meant there are different opinions on starting off points. To just start off with indy or being agnostic

swcurran (Wed, 13 Nov 2019 16:18:23 GMT):
Ah...got it. Definitely agree with that. :-)

TelegramSam (Wed, 13 Nov 2019 16:29:12 GMT):
@cam-parra https://wiki.hyperledger.org/pages/viewpage.action?pageId=24774622 (but juicy discussion topics are not yet explicitly linked)

ianco (Wed, 13 Nov 2019 18:05:16 GMT):
See this video from the VCX team, they've done a POC connecting aca-py and VCX: https://www.youtube.com/watch?v=OSpssHQXlOI&list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF

troyronda (Wed, 13 Nov 2019 18:41:15 GMT):
The aries-framework-go contributors are happy to announce our first preview release (0.1.0). https://github.com/hyperledger/aries-framework-go

troyronda (Wed, 13 Nov 2019 18:41:58 GMT):
release notes: https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.0

PHilArc (Wed, 13 Nov 2019 18:48:43 GMT):
Hi everyone, I'm a newbie and I am just trying to understand the bcgov iiwbook demo. So I have tried to install some part on my local development environment.

PHilArc (Wed, 13 Nov 2019 18:48:54 GMT):
I now have this error: File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/anoncreds.py", line 1705, in verifier_verify_proof verifier_verify_proof.cb) indy.error.CommonInvalidStructure

PHilArc (Wed, 13 Nov 2019 18:49:46 GMT):
Sorry, here is the fullstack: 2019-11-13 18:29:00,961 aiohttp.server ERROR Error handling request Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/web_protocol.py", line 418, in start resp = await task File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/web_app.py", line 458, in _handle resp = await handler(request) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/messaging/presentations/routes.py", line 361, in presentation_exchange_verify_credential_presentation presentation_exchange_record File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/messaging/presentations/manager.py", line 276, in verify_presentation presentation_request, presentation, schemas, credential_definitions File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/verifier/indy.py", line 44, in verify_presentation json.dumps({}), File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/anoncreds.py", line 1705, in verifier_verify_proof verifier_verify_proof.cb) indy.error.CommonInvalidStructure

sukalpomitra (Wed, 13 Nov 2019 23:03:42 GMT):
@PHilArc the error generally means the proof json sent is not correct. One tip if the rev_reg_id is null then the timestamp should be null too. If you are sending a timestamp you may get the above error

bansatya (Thu, 14 Nov 2019 03:34:10 GMT):
@ianco , Thanks. Seems like it was released last week only.

domwoe (Thu, 14 Nov 2019 07:12:28 GMT):
We are working on a use case where organizations interact via Aries and DIDcomm. Therefore, we'd like to the base the interaction on public DIDs. We configured the Aries agents with the "--public-invites" flag, such that we can initiate a connection just by giving the one agent the public DID of the other. However, still the connection is based on two new pairwise DIDs. This means also that the second agent does not learn the public DID of the other agent. Currently, we use a workaround that we use the Public DID as the label, but this is not ideal. Is there some configuration to no use new pairwise DIDs for every connection?

domwoe (Thu, 14 Nov 2019 07:29:45 GMT):
Another question I have is the following: In the ACA-Py demos the agent gets initialized with the Genesis transaction of the Indy network. I'm wondering if this a convenient fix for the demo or if this would be used in practice. AFAIK, the Aries agent itself does not verify the ledger itself, so we have to give him IPs (and keys?) of at least one trusted node. Is this correct? Is there any other reason for giving the genesis transaction to the agent?

dbluhm (Thu, 14 Nov 2019 14:42:18 GMT):
The genesis transaction is used to inform the agent of how to communicate with the nodes of the ledger. This is how the Indy SDK loads information about a ledger so if you're looking for more detail on the reasoning, #indy-sdk is probably the channel to ask in.

dbluhm (Thu, 14 Nov 2019 14:50:27 GMT):
How do you intend to use the Public DID(s) in the interactions between these two agents? If you want one agent to know that the other is a specific organization or that it owns the Public DID, you can prove that with a verifiable credential and a proof of ownership of the DID. The use of pairwise identifiers for communication even between two public entities helps to reduce linkability and in general that is desirable but a little more detail of your use case may highlight why that isn't desirable in this case.

troyronda (Thu, 14 Nov 2019 15:11:23 GMT):
We are now getting started on 0.1.1 of aries-framework-go. It would be wonderful if there are new people who are interested in participating in this next cycle.

troyronda (Thu, 14 Nov 2019 15:15:45 GMT):
Major topics that the current contributors are looking into: * Continuing with W3C Verifiable Credentials support. * Reorganizing some of the SPIs (pluggability). * Issue credential protocol. * WebAssembly and WebSockets. * Introduce protocol Feel free to join regular meetings, chat on #aries-go, play with the release, create issues... write code :).

troyronda (Thu, 14 Nov 2019 19:29:49 GMT):
@andrew.whitehead do you have any updates on the message queue protocol?(https://hackmd.io/@8VtAqKThQ6mKa9T7JgzIaw/SJw9Ead2N?type=view from https://hackmd.io/@aC7I0qpfR1itp7so-PU8Xg/Sk2tyR5EB#/)

domwoe (Thu, 14 Nov 2019 19:31:29 GMT):
thx. I dug a bit deeper. I think I was wrong on the claim that the Aries agent does not verify the ledger. I think the indy-sdk allows to verify the pool ledger based on the pool genesis transaction file. But I'll check in #indy-sdk

troyronda (Thu, 14 Nov 2019 19:38:41 GMT):
@danielhardman @TelegramSam As a continuance of the discussion in yesterday's WG call, it would be great to hear any updates or next steps to achieve DIDComm having wider interoperability and usage. (thinking about the project principle of shared protocol interoperability on slide 3). What's next for having more engagement with other communities like DIF?

danielhardman (Thu, 14 Nov 2019 19:41:49 GMT):
@troyronda : Several of us are actively talking with DIF in various ways. Right now these are not formal channels, but informal ones, and the conversations are ad hoc (somebody sends an email here, a couple jump on a phone call there, etc). Feel free to do your own informal socializing. The inhibitor is clarity around IPR issues. Rouven has some action items on that front; until those are completed, all conversations have to remain informal.

ajayjadhav (Fri, 15 Nov 2019 12:09:22 GMT):
Hi everyone, does anyone know/has any introductory presentation on Aries ? want to refer it for a meetup presentation in India...

AvikHazra-klizos (Fri, 15 Nov 2019 12:44:07 GMT):
Hello, I'm gone through the aries Open API, After issue credential from faber cloud agent no records found in Alice end. If anyone help me, what is wrong in my end.

sklump (Fri, 15 Nov 2019 13:54:18 GMT):
The operation deletes such records once it has completed the issue-cred protocol. Alic should have the cred in her wallet.

sklump (Fri, 15 Nov 2019 13:54:18 GMT):
The operation deletes such records once it has completed the issue-cred protocol. Alice should have the cred in her wallet.

Dubh3124 (Fri, 15 Nov 2019 15:50:15 GMT):
Using aries-cloudagent-python, when calling `/schemas` it submits a credential schema on behalf of the Agent's DID instead of taking a User's DID (i.e a non Agent-owned DID) essentially showing the Agent submitting the DID owns the schema. Is this by design?

andrew.whitehead (Fri, 15 Nov 2019 16:14:48 GMT):
There aren't any implementations that I know of. ACApy does have a very basic queue mechanism for return-routing messages that couldn't be delivered to an endpoint, but there's no way to inspect it. If there's enough interest the spec could be turned into an RFC

andrew.whitehead (Fri, 15 Nov 2019 16:41:59 GMT):
That sounds more like endorsing a ledger transaction for another party? It's not something that has come up

Dubh3124 (Fri, 15 Nov 2019 16:56:20 GMT):
Yes. So Pre-ACA, when I was hacking together an agent, I assumed the agent was an endorser (gatekeeper?) for the network so I would have my agent "sign off" on schemas and credential definitions submitted to ledger, then store the IDs in the submitter's wallet. This was working code from my previous agent to do this. ``` async def create_credential_schema( self, schema_name, schema_version, schemajson, tags=None, wallet_handle=None, pool_handle=None, ): try: did = await self.getwalletdid(wallet_handle) record_tags = {} schema_id, schema = await anoncreds.issuer_create_schema( did, schema_name, schema_version, schemajson ) schema_request = await self._build_schema_request(did, schema) record_tags["schemaName"] = schema_name record_tags["schemaVersion"] = schema_version if tags: record_tags.update(tags) await ledger.sign_and_submit_request( pool_handle, wallet_handle, did, schema_request ) await self.store_wallet_record( wallet_handle, self.cred_schema_record_type, schema_id, record_tags, ) return schema_id except IndyError: log.exception("Error occured while creating schema") raise except Exception: log.exception("Error occured while creating schema") raise ```

Dubh3124 (Fri, 15 Nov 2019 17:01:36 GMT):
ACA uses ledger.sign_and_submit_request when calling /schemas but uses its own DID as the submitter did and signing off in which returns its DID in the schema id. With my code example above, the Agent is signing off on the request but the schema request is built using the User's DID in turn returning the User's DID in the resulting schema id.

andrew.whitehead (Fri, 15 Nov 2019 17:39:47 GMT):
I only see one did used in that example

andrew.whitehead (Fri, 15 Nov 2019 17:39:47 GMT):
I only see one DID used in that example

Dubh3124 (Fri, 15 Nov 2019 17:56:01 GMT):
That DID being used is a User DID. Actually, I misspoke, the User DID is signing off on its own schema request in my code example. However, with /schemas call I cannot specify a User's DID to sign off on their created schema.

Dubh3124 (Fri, 15 Nov 2019 17:57:02 GMT):
Basically I would like to show a schema is owned by a User instead of a agent

andrew.whitehead (Fri, 15 Nov 2019 17:57:48 GMT):
ACApy does not have the concept of users, there's just the agent and its associated DIDs

Dubh3124 (Fri, 15 Nov 2019 18:23:36 GMT):
I was thinking the cloud agent acts moreso as a router. So it is responsible for storing various the ID's in its wallet?

Dubh3124 (Fri, 15 Nov 2019 18:23:36 GMT):
I was thinking the cloud agent acts moreso as a router. So it is responsible for storing various ID's in its wallet?

swcurran (Fri, 15 Nov 2019 18:29:05 GMT):
It could be an endorser and do what you would like, but there is currently no mechanism to do that - so it is by design that it doesn't currently support that. I would think that would need to be some sort of DIDComm protocol to enable that. A user agent would create, sign and send a "create schema" (or execute transaction) request, and the endorser agent would sign the request and send it to the ledger. FYI - we had to do that sort of sequence manually to create some transactions on the Sovrin network and it was manual and painful. The process is documented here: https://github.com/bcgov/von-network/blob/master/docs/Writing%20Transactions%20to%20a%20Ledger%20for%20an%20Un-privileged%20Author.md

swcurran (Fri, 15 Nov 2019 18:29:51 GMT):
Another complication for this, at least on Sovrin. Payments are needed to execute writes on the Sovrin mainnet, and likely this protocol would have to take that into account.

Dubh3124 (Fri, 15 Nov 2019 18:46:43 GMT):
In the service I was imagining, wallets and agents (other that an agent wallet used to store various routes) were loosely coupled. User's devices would have wallets and send schema, cred_def, creds or whatever kinda of requests to a cloud agent sitting behind a service API. The agent would do things on behalf of a registered User's DID. This was possible because a User's DID had to first be "registered" first by the Agent using a nym request, then the User's DID could create any other type build requests to send to ledger.

Dubh3124 (Fri, 15 Nov 2019 18:46:43 GMT):
In the service I was imagining, wallets and agents (other that an agent wallet used to store various routes) were loosely coupled. User's devices would have wallets and send schema, cred_def, creds or whatever kinda of requests to a cloud agent sitting behind a service API. The agent would do things on behalf of a registered User's DID. This was possible because a User's DID had to first be "registered" by the Agent using a nym request, then the User's DID could create any other type build requests to send to ledger.

Dubh3124 (Fri, 15 Nov 2019 18:50:57 GMT):
Unless there is some kind of security concern; I may fork ACA to see if it is possible because it is possible using the indy-sdk. I greatly appreciate the ACA, it makes it easier to not have to worry about agent code.

andrew.whitehead (Fri, 15 Nov 2019 18:55:40 GMT):
The controller API is basically for an administrator to direct ACApy, it sounds like you're talking about adding an additional API for to support users.

Dubh3124 (Fri, 15 Nov 2019 18:59:32 GMT):
Yeah, I guess so, unless I am using ACApy wrong. Now that I think about it, the only way I could access the API was to set an Admin port. Is there an API to access without turning on admin port?

swcurran (Fri, 15 Nov 2019 19:01:42 GMT):
That's why I'm suggesting you define a protocol for this. Then you are just using agent messaging - no need for a separate interface. The protocol is the new API for doing what you are trying to do.

danielhardman (Fri, 15 Nov 2019 22:53:04 GMT):
General announcement from Manu Sporny, for all interested parties in the Aries community: Hi all, There have been a set of discussions happening over the past several months across the DIF, Aries, IIW, RWoT, and W3C CCG communities related to personal data storage (aka Identity Hubs, Encrypted Data Vaults, Secure Data Hubs, Solid Pods, etc.). I've been speaking with a number of people in each community and it seems like there is momentum to avoid duplication of effort. Key individuals in the various communities have agreed to participate in a call on neutral territory to work on the following items: 1. Discuss a plan on how we work together. 2. Discuss where the work could happen. 3. Discuss the Intellectual Property regime for the work. To be clear, this call will not involve any discussion concerning Intellectual Property or technical details. The purpose of the call is to come to consensus out how all three communities will work together on a common foundational layer related to personal data storage. Please come to the call if you have an opinion about how you would like this personal data storage work to progress across these various communities. Please share this message with anyone that you feel should be on this upcoming call. Reading the following documents will help prepare yourself for the call: https://docs.google.com/presentation/d/1OBgDCUNPsd6LKApO1nrQ3RuriCoZgls5_UsUN0rZOvk/edit?usp=sharing https://github.com/decentralized-identity/identity-hub/blob/master/explainer.md https://github.com/WebOfTrustInfo/rwot9-prague/raw/master/final-documents/encrypted-data-vaults.pdf Dial in information for the call can be found below: Time : 12pm ET - Friday, November 22nd, 2019 (next Friday) Where: https://zoom.us/j/358615366 One tap mobile +16468769923,,358615366# US (New York) +14086380968,,358615366# US (San Jose) Meeting ID: 358 615 366 Dial by your location +1 646 876 9923 US (New York) +1 408 638 0968 US (San Jose) +1 669 900 6833 US (San Jose) Meeting ID: 358 615 366 Find your local number: https://zoom.us/u/acqUJFUODw

troyronda (Sat, 16 Nov 2019 14:49:49 GMT):
It’s very good to see these multi-community standardization efforts. I would also note the potential synergy between “MV” protocol and https://github.com/hyperledger/aries-rfcs/pull/310

troyronda (Mon, 18 Nov 2019 14:52:33 GMT):
@danielhardman What organization is incubating did:peer? https://openssi.github.io/peer-did-method-spec/index.html ? (and is that also being discussed or planned for a standards hosting organization?)

danielhardman (Mon, 18 Nov 2019 14:53:21 GMT):
Today, no org is incubating it. There is an intention to move it to DIF, maybe, depending on IPR resolution.

ayushmanss (Tue, 19 Nov 2019 05:37:57 GMT):
where can i find web agent like the one shown in the faber alice demo that used the old indy-agent. I cant seem to find any

mtfk (Tue, 19 Nov 2019 10:19:09 GMT):
Hi guys, couple of days ago I mentioned about the need for crypto service in Agent from side of some projects which I am involved. I talked with few people about possible way to implement it including the pros and cons. Base on that I complied draft of RFC which I would like to challenge here . I would like to know what you think about it and if the purpose of that feature is clear enough. https://github.com/mitfik/aries-rfcs/tree/master/features/0312-crypto-service Please let me know what do you think.

mtfk (Tue, 19 Nov 2019 10:21:29 GMT):
If topic would be interesting enough I can talk a bit about it during one of our tomorrow call @esplinr @TelegramSam (morning or evening does not matter)

MALodder (Tue, 19 Nov 2019 17:18:02 GMT):
@mtfk the article looks like a good start to having a crypto-service protocol design. However, from reading it, it feels like it overlaps with KMS a lot and there needs to be some distinction drawn between the two.

filip.burlacu (Tue, 19 Nov 2019 19:59:03 GMT):
@MALodder The boundary between a crypto service and a kms, as far as I see, is often blurry and inconsistent from one telling to the next - for example, the crypto service could be a collection of functions which consume the KMS and access secrets for crypto operations, or the crypto service could be in charge of wrapping secrets for storage and unwrapping them for use, with the KMS being a lower-privilege storage (that does metadata work like asking the crypto service to generate new keys when it's time to rotate, but never sees unwrapped secrets), or both might be provided by the same object, like an HSM, in which case the split between the interfaces is down to convenience

filip.burlacu (Tue, 19 Nov 2019 19:59:03 GMT):
@MALodder The boundary between a crypto service and a kms is, as far as I see, often blurry and inconsistent from one telling to the next - for example, the crypto service could be a collection of functions which consume the KMS and access secrets for crypto operations, or the crypto service could be in charge of wrapping secrets for storage and unwrapping them for use, with the KMS being a lower-privilege storage (that does metadata work like asking the crypto service to generate new keys when it's time to rotate, but never sees unwrapped secrets), or both might be provided by the same object, like an HSM, in which case the split between the interfaces is down to convenience

MALodder (Tue, 19 Nov 2019 20:03:09 GMT):
@filip.burlacu I get that but the RFC mentions sending encrypted files. I get that the service is often in front of the KMS similar to an HSM/TEE but the RFC gives the idea that the service is acting like an agency and there is key exchange which feels like duplicated work from other RFCs which already define some of this

filip.burlacu (Tue, 19 Nov 2019 20:05:05 GMT):
good point, it looks like a crypto server that's at the very least on its own process

MALodder (Tue, 19 Nov 2019 20:05:23 GMT):
Its muddled between what the service is doing and what the agent is doing

MALodder (Tue, 19 Nov 2019 20:05:52 GMT):
okay a crypto server to me reads like a cloud HSM

MALodder (Tue, 19 Nov 2019 20:06:27 GMT):
I'm not opposed to standardizing this but the distinction should be clear

filip.burlacu (Tue, 19 Nov 2019 20:10:32 GMT):
do you see the agent <-> service coupling as being more loose, like microservices? My assumption was that this would be tight, with plugins using C-callable APIs but any user requiring looser coupling could implement the plugins using separate services behind a thin plugin in the agent executable itself

filip.burlacu (Tue, 19 Nov 2019 20:12:02 GMT):
the example that immediately comes to mind being an HSM plugin for the agent

filip.burlacu (Tue, 19 Nov 2019 20:16:09 GMT):
then with the RFC being meant to define the plugin interface, for aries agent/plugin interop, it shouldn't assume the plugins are loosely-coupled services, separate processes, whatever

filip.burlacu (Tue, 19 Nov 2019 20:17:08 GMT):
conversely neither should it assume that plugins are synchronous and nonblocking

MALodder (Tue, 19 Nov 2019 20:27:31 GMT):
usually the service is tightly coupled with the KMS. The KMS can be wrapped in an agent or a KMS can act like a service for multiple agents. It depends on the use case, but I get where you're going with this

MALodder (Tue, 19 Nov 2019 20:31:10 GMT):
you might be interested in https://github.com/parallaxsecond/parsec

kengeo (Tue, 19 Nov 2019 21:05:17 GMT):
hello team, hope everyone is well. i have a quick question: which framework/agent would be best for building out an api using Elixir/Erlang?

esplinr (Tue, 19 Nov 2019 21:36:46 GMT):
This would be a great topic for the morning call. I'll add you to the agenda.

esplinr (Tue, 19 Nov 2019 21:52:18 GMT):
I would suggest you build directly on the C-callable APIs provided by LibIndy in the Indy SDK. But many of the Aries frameworks start from scratch.

esplinr (Tue, 19 Nov 2019 21:52:47 GMT):
I'm assuming that you are trying to build something like aries-sdk-erlang

esplinr (Tue, 19 Nov 2019 21:52:47 GMT):
I'm assuming that you are trying to build something like an aries-sdk-erlang

kengeo (Tue, 19 Nov 2019 21:59:49 GMT):
Essentially. Don't mind using libindy but I will definitely join the call tomorrow.

mtfk (Tue, 19 Nov 2019 22:04:18 GMT):
As you noticed it is indeed a start. Overlapping with KMS/Lox is not intentionally basically I was thinking about extension for Lox in form of crypto-service which expose some crypto magic to the 3rd parties services. Basically the idea is to have features within agent which allow to use my KMS/Lox to lock/unlock stuff outside of the wallet. It could provide some more advance features like proxy re-encryption, Shamir's Secret etc... So instead of letting developers include URSA into their products nor implement own stuff they could use user agent to do what is needed. This way keys never leaves user wallet/lox and speed up adoption of SSI within all sort of software.

MALodder (Tue, 19 Nov 2019 22:08:59 GMT):
that sounds like a extrapolation of LOX

MALodder (Tue, 19 Nov 2019 22:10:29 GMT):
Not necessarily. LOX's purpose is to handle the authentication layer of an agent to storage and KMS. LOX should return a session handler to the caller who then handles it from there

MALodder (Tue, 19 Nov 2019 22:11:05 GMT):
LOX can talk to another LOX if needed. To keep keys on a mobile agent you have an authentication protocol that doesn't involve sending keys or passwords

mtfk (Tue, 19 Nov 2019 22:13:01 GMT):
the question how this can be exposed via Agent features. I could imagine that you login to a service where service ask your agent do you support "encryption/decryption" feature if so please tell me which key you are planning to use. Then each time when 3rd party service want's to encrypt something for you just send the message to your agent, agent already know that service and check if they have permission for this operation and encrypt stuff for them

MALodder (Tue, 19 Nov 2019 22:14:32 GMT):
Okay this is very different than the RFC comes across. The RFC gives the impression to have the crypto service function as a crypto as a service layer in the agent. The CaaS can be integrated into the agent directly or as another microservice and the purpose of the RFC was to expose the crypto functions

MALodder (Tue, 19 Nov 2019 22:14:45 GMT):
at least that's what I thought you meant by it

mtfk (Tue, 19 Nov 2019 22:15:13 GMT):
for me "crypto as a service" is LOX which this service would use.

mtfk (Tue, 19 Nov 2019 22:15:41 GMT):
`crypto-service` just expose that in a form of feature (message family) which agent can talk with external world

MALodder (Tue, 19 Nov 2019 22:18:58 GMT):
My idea behind LOX was to handle the storage and security of credentials to open agent storage and the KMS. The storage layer could be a postgres database and LOX would securely store the x509 certificate or username and password to log into postgres by storing those in a keyring or hsm. LOX passes the authentication stuff to the user to perform then uses those credentials to securely connect to postgres. At this point, LOX is done and returns the connection handle to the caller. The OS for example would prompt the user to enter their biometrics/password/access card separately from LOX which doesn't see those. LOX only knows if access was granted to the edge or not

MALodder (Tue, 19 Nov 2019 22:19:20 GMT):
So you want to propose a message family if LOX was a service outside of the agent?

mtfk (Tue, 19 Nov 2019 22:22:32 GMT):
Basically that was one of the purpose to expose Lox to the outside so through the agent feature 3rd party services can use crypto to secure your assets without knowing your keys. As Lox can unlock it for you whenever you needs it.

MALodder (Tue, 19 Nov 2019 22:23:52 GMT):
One problem I foresee is when LOX is tightly coupled to the agent, there is no authentication between the agent and LOX. If LOX is separate, how does LOX know what the remote agent know can access?

MALodder (Tue, 19 Nov 2019 22:24:12 GMT):
or are we talking about LOX-to-LOX communication?

mtfk (Tue, 19 Nov 2019 22:28:30 GMT):
Good question. I tried to find a mechanism for that, basically is all about permission saying how I know that this service can use my key to decrypt stuff or sign ... One of the solution which I could think of is as this: - you register on a service K via did auth. - service K request to add to your did document their service endpoint with pub key dedicated for that service. - when service wants to decode something for you sent a message to your agent with prove that they are owner of the pub key which was used in the registration process (could come directly from did document or in form of VC) - agent can resolve that and confirm that the keys match and can do the operation.

mtfk (Tue, 19 Nov 2019 22:29:00 GMT):
Not sure if there is better way of doing it but seems like did doc and VC are best option to achieve simple permission mechanism

MALodder (Tue, 19 Nov 2019 22:30:23 GMT):
So this a way of situating LOX to handle more complex stuff in a central way and having simple agents at the edge

MALodder (Tue, 19 Nov 2019 22:30:43 GMT):
Agents at the edge will still need some crypto to perform did auth or VC

MALodder (Tue, 19 Nov 2019 22:31:21 GMT):
If I were you, I would turn this RFC into a messaging one between the edge agent and their KMS

MALodder (Tue, 19 Nov 2019 22:32:15 GMT):
My local agent may use Azure keyvault, AWS Cloud HSM as the KMS, but there is no defined method for agents to use CMKs yet

mtfk (Tue, 19 Nov 2019 22:34:37 GMT):
Let's continue discussion tomorrow during the morning call. I am sure we can figure out how to do it right. Are you able to join that call?

mtfk (Tue, 19 Nov 2019 22:35:07 GMT):
Great. Thanks for feedback and hear you tomorrow

smohan (Wed, 20 Nov 2019 05:43:40 GMT):
`PORTS="5000:5000 10000:10000" ./scripts/run_docker -it` <- shouldn't this be `PORTS="5000:5000 10000:10000" ./scripts/run_docker start -it`

smohan (Wed, 20 Nov 2019 05:43:53 GMT):
^^^ https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo-DMV.md

domwoe (Wed, 20 Nov 2019 07:39:21 GMT):
We do want to use public DIDs as permanent identifiers of organizations. How do I prove ownership of the public DID with ACA-Py ?

troyronda (Wed, 20 Nov 2019 14:27:02 GMT):
We are starting efforts on a mediator/router that can perform forwarding from HTTP endpoints to a connected WebSocket device (that is unable to have an HTTP Inbound endpoint). I see that there are RFCs defining the forward protocol and the route coordination. I haven't yet seen an RFC that describes the bootstrapping of the WebSocket device to the mediator/router such that they can perform their initial DID Exchange.

troyronda (Wed, 20 Nov 2019 14:27:02 GMT):
We are starting efforts on a mediator (acting as a router) that can perform forwarding from HTTP endpoints to a connected WebSocket device (that is unable to have an HTTP Inbound endpoint). I see that there are RFCs defining the forward protocol and the route coordination. I haven't yet seen an RFC that describes the bootstrapping of the WebSocket device to the mediator/router such that they can perform their initial DID Exchange.

troyronda (Wed, 20 Nov 2019 14:27:58 GMT):
(we have thoughts on how to achieve this bootstrapping, but was just checking on if there was already something described).

troyronda (Wed, 20 Nov 2019 14:33:07 GMT):
Also I was curious on the terminology (mediator vs router).

troyronda (Wed, 20 Nov 2019 14:33:07 GMT):
Also I was curious on the terminology (mediator vs router). RFC 211 mentions a router role (but no mention of mediator); RFC 46/94 mention mediator but not a router.

troyronda (Wed, 20 Nov 2019 14:33:07 GMT):
Also I was curious on the terminology (mediator vs router). RFC 211 mentions a router role (but no mention of mediator or relay); RFC 46/94 mention relays & mediators but not a router.

troyronda (Wed, 20 Nov 2019 14:33:07 GMT):
Also I was curious on the terminology (mediator, relay vs router). RFC 211 mentions a router role (but no mention of mediator or relay); RFC 46/94 mention relays & mediators but not a router.

TelegramSam (Wed, 20 Nov 2019 14:44:18 GMT):
I think it's always been Mediator vs Relay. Router is used as a synonym for Mediator (known to sender).

TelegramSam (Wed, 20 Nov 2019 14:45:13 GMT):
>I haven't yet seen an RFC that describes the bootstrapping of the WebSocket device to the mediator/router such that they can perform their initial DID Exchange. (we have thoughts on how to achieve this bootstrapping, but was just checking on if there was already something described). I'm not sure I understand what you are describing here.

troyronda (Wed, 20 Nov 2019 14:50:29 GMT):
DID Exchange requires both agents to have a reachable Inbound from the other Agent.

troyronda (Wed, 20 Nov 2019 14:51:46 GMT):
In this case, the Agent doesn't technically have a reachable endpoint. Except from the PoV that the Agent could "bootstrap" an endpoint on the mediator... but this needs to happen before DID Exchange and Route Coordination.

esplinr (Wed, 20 Nov 2019 15:01:54 GMT):
Starting the Aries WG A call: https://zoom.us/j/244779296

troyronda (Wed, 20 Nov 2019 15:06:10 GMT):
@danielhardman I'm curious if you have some hints on the bits being updated in Forward Protocol 2.0 :).

troyronda (Wed, 20 Nov 2019 15:06:10 GMT):
@danielhardman I'm curious if you have some hints on the bits being updated in Forward Protocol 2.0 :). (PR 277)

troyronda (Wed, 20 Nov 2019 16:40:52 GMT):
@TelegramSam In summary: how do we perform DID Exchange when one agent can't support inbound transport (but is able to make a WebSocket connection to the other party).

troyronda (Wed, 20 Nov 2019 16:43:02 GMT):
example: have an out-of-band registration of a unique WS endpoint and the Agent refers to it as its endpoint during DID Exchange.

troyronda (Wed, 20 Nov 2019 16:46:39 GMT):
(also, you could have a duplex solution for this problem where endpoint is omitted).

danielhardman (Wed, 20 Nov 2019 19:28:01 GMT):
I was hoping to have this doc written by now, but I am not going to be able to pay attention to it until after the connectathon.

pknowles (Wed, 20 Nov 2019 21:43:45 GMT):
My connection during the Aries WG call wasn't great so I may not have got my point across re schema and CredDef implementations. The ZKP-related constructs should definitely remain with Ursa. However, there are a number of different implementations / scenarios that won't require ZKP and it would be nice to have a stable home for those discussions and subsequent implementations. In my humble opinion, the Aries WG should stay on course with the foundation architecture of the project. An Aries semantics WG could take care of all non-ZKP schema and CredDef implementations.

TelegramSam (Wed, 20 Nov 2019 21:48:12 GMT):
DID Exchange should support one agent without an inbound transport the same way the Connections Protocol does (and currently works between ACApy and the Toolbox): Return Routing.

TelegramSam (Wed, 20 Nov 2019 21:48:49 GMT):
the agent WITH inbound transport functions as the inviter, and places the websocket endpoint in the invitation.

TelegramSam (Wed, 20 Nov 2019 21:49:23 GMT):
the invitee opens the websocket connection to complete the protocol, and can receive return responses over the same connection.

swcurran (Wed, 20 Nov 2019 21:49:38 GMT):
How about a PR to fix that? Hey, you already created it! Thanks!

TelegramSam (Wed, 20 Nov 2019 21:49:46 GMT):
(the Toolbox does not _yet_ use websockets, but it does use Return Routing)

swcurran (Wed, 20 Nov 2019 21:54:07 GMT):
Actually works both ways. For example, either Streetcred agent can connect to another by letting the mediator know how to (return) route the message and putting the mediator endpoint in the invite. This was demonstrated at the end of the IIWBook demo flow. The agents can also ask each other for proofs after connecting.

swcurran (Wed, 20 Nov 2019 21:54:07 GMT):
Actually works both ways. For example, a Streetcred agent can connect to another by letting the mediator know how to (return) route the message and putting the mediator endpoint in the invite. This was demonstrated at the end of the IIWBook demo flow. The agents can also ask each other for proofs after connecting.

swcurran (Wed, 20 Nov 2019 21:54:07 GMT):
Actually works both ways. For example, a Streetcred agent can connect to another by letting the mediator know how to (return) route the connection request message and putting the mediator endpoint in the invite. This was demonstrated at the end of the IIWBook demo flow. The agents can also ask each other for proofs after connecting.

swcurran (Wed, 20 Nov 2019 21:54:07 GMT):
Actually works both ways. For example, a Streetcred agent can connect to another by letting the mediator know how to (return) route the connection request message and putting the mediator endpoint in the invite. This was demonstrated at the end of the IIWBook demo flow. Streetcred agents can also ask each other for proofs after connecting.

troyronda (Wed, 20 Nov 2019 23:12:38 GMT):
Thanks.. perfect. So with RFC92 (Return Routing), the edge agent declares that the WebSocket should be treated as duplex.

troyronda (Wed, 20 Nov 2019 23:13:28 GMT):
I assume that the edge agent endpoint field is then omitted from the exchange request in this situation?

troyronda (Wed, 20 Nov 2019 23:13:28 GMT):
I assume that the edge agent endpoint field is then omitted during the exchange flow in this situation?

swcurran (Wed, 20 Nov 2019 23:28:13 GMT):
In the edge agent-to-mediator relationship there is no endpoint needed. The edge-to-edge relationships (e.g. Alice to Bob), the mediator's endpoint is provided. Does that cover what you are asking?

muddahany (Thu, 21 Nov 2019 06:54:57 GMT):
Hi all, It has been some days now since I started following the Hyperledger Aries documentation. Its concept for creating decentralised identity is simple to understand and I hope also to implement. So I thought we might use it for a production project for issuing credentials. I know that Aries status is still Incubation, But is it safe to use it in a big production project? one other thing, How long do you think it will take to be active ?

DibbsZA (Thu, 21 Nov 2019 10:06:27 GMT):
What is your timeline for your project @muddahany ? I am eager for it to mature too, but I think there are too many pieces still outstanding (and even undecided) for more than a POC at this stage.

priyashankar (Thu, 21 Nov 2019 12:25:31 GMT):
@muddahany Even, I have the same concerns over Aries, whether it can be used in production given its current status.

swcurran (Thu, 21 Nov 2019 15:58:53 GMT):
I think it depends on your use case. The code is solid, works very well and the community is active such that there is support if something isn't working as designed. So while it can be used in production (and BC Gov has a production app using it), it really depends on your use case. Mobile Agents are few and far between (but coming), so if you rely on that, and you aren't building it, you'll have a challenge. Long term viability is still unknown, although that's what we are building towards. If you want to be a leader in the field, this is the time, I think. But if not...

esplinr (Thu, 21 Nov 2019 19:14:25 GMT):
The Evernym team's fortnightly demo shows the Aries Test Suite running against LibVCX. https://www.youtube.com/watch?v=lH5tjrb1uu0&list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF

danielhardman (Thu, 21 Nov 2019 19:41:56 GMT):
In 20 minutes I am starting a webinar from SSIMeetup.org about peer DIDs. There will be a recording, too. https://ssimeetup.org/peer-dids-secure-scalable-method-dids-off-ledger-daniel-hardman-webinar-42/

TelegramSam (Fri, 22 Nov 2019 14:57:45 GMT):
Aries WG Meeting recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24774927

troyronda (Fri, 22 Nov 2019 16:35:01 GMT):
What names are being used for non-edge agents? I've seen "Cloud Agents" and "Enterprise Agents" so far.

troyronda (Fri, 22 Nov 2019 16:37:09 GMT):
E.g., https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0289-toip-stack/img/fig-3-agent-ecosystem.png has "Cloud Agent".

swcurran (Fri, 22 Nov 2019 16:37:52 GMT):
Enterprise agents are definitely Edge Agents.

troyronda (Fri, 22 Nov 2019 16:38:31 GMT):
Would you call a mediator agent a "cloud agent"?

swcurran (Fri, 22 Nov 2019 16:38:56 GMT):
Yes - that's the understanding - mediators and relays are different from edge agents.

swcurran (Fri, 22 Nov 2019 16:39:44 GMT):
And of course, you can merge different kinds of functionality into a single agent.

troyronda (Fri, 22 Nov 2019 16:39:50 GMT):
Yeh - I was hoping to attach a higher-level name to the "thing" that is doing mediation and relays :).

swcurran (Fri, 22 Nov 2019 16:41:31 GMT):
I have a fairly big chunk of a chapter of our aries online course on the various types of agents. But the community hasn't really settled on "Thing".

swcurran (Fri, 22 Nov 2019 16:41:46 GMT):
Tried, but nothing has become de facto.

swcurran (Fri, 22 Nov 2019 16:42:31 GMT):
Closest is "Cloud" and "Edge" (Sovrin was first mover on that), and then you have to add the caveats that we just discussed above.

troyronda (Fri, 22 Nov 2019 18:06:19 GMT):
So it looks like I end up with Edge Agent (User), Edge Agent (Enterprise), Cloud Agent. I had alternatively been thinking about categorizing as Edge Agent (User Device) vs everything server/cloud based.

swcurran (Fri, 22 Nov 2019 18:31:30 GMT):
I would disagree with the vs. everything.

troyronda (Fri, 22 Nov 2019 18:33:18 GMT):
Yeh. To be honest, it was mostly thoughts on code organization. :).

swcurran (Fri, 22 Nov 2019 18:37:15 GMT):
What you don't want to do is create dissonance between the developer conversations and business. But it ain't easy. Enterprise also has two different flavours - the issuer/verifier (line of business) and the true agent of the enterprise, that holds the creds of the enterprise. Much closer to the personal edge agent.

TelegramSam (Fri, 22 Nov 2019 23:34:35 GMT):
There are several factors here: fiduciary responsibility, trust, network availability, holding of keys, etc.

TelegramSam (Fri, 22 Nov 2019 23:34:35 GMT):
There are several factors here: fiduciary responsibility, trust, network availability, holding of keys, proximity to human control, etc.

TelegramSam (Fri, 22 Nov 2019 23:35:39 GMT):
Enterprise Agent is usually high availability, holds keys, has fiduciary responsibility to the enterprise it serves, not typically controlled by a human.

swcurran (Fri, 22 Nov 2019 23:46:46 GMT):
On the latter, I wouldn't necessarily agree on "not typically controlled by a human". I think for an enterprise agent that is other than an Issuer/Verifier - e.g. one that holds the credentials of the enterprise - it will have a controller piece of software, including a UI that is invoked as needed to facilitate decisions. Which is much like how a personal agent works on a mobile phone. In other words, I think the handling model will be very similar. Pure opinion though. I think that does impact the words we use.

TelegramSam (Fri, 22 Nov 2019 23:56:45 GMT):
I consider that 'remote control' by a human (UI) or by automation (controller). the UI bit is fuzzy, as it can be built in a variety of ways.

swcurran (Sat, 23 Nov 2019 00:14:19 GMT):
IMHO - there is always a controller - it's just the number of decisions it makes vs. the number of times it presents a UI for a human to answer. A mobile agent is a controller with a UI that defers to the human. But now we are just splitting hairs :-)

george.aristy (Mon, 25 Nov 2019 13:39:27 GMT):
This "controller" sounds a lot like an Authorization Server. Sounds like it MAY auto-approve a request according to policies. Or it MAY defer approval to a human operator ("resource owner"?) or another piece of software.

bansatya (Mon, 25 Nov 2019 15:57:32 GMT):
Hey Guys, I started the agent same way but not able to access the admin Ui

bansatya (Mon, 25 Nov 2019 15:57:55 GMT):
what would be the URL to access the swagger admin UI?

bansatya (Mon, 25 Nov 2019 16:21:56 GMT):
Hey Guys, what is the difference between mobile agent (edge agent) and edge agent running on a PC?

bansatya (Mon, 25 Nov 2019 16:40:14 GMT):
Hi, Can anyone please help me to understand , the difference between dummy cloud agent, Indy agent (agent to agent protocol) and aries agent. My understanding is, dummy cloud agents acts as a cloud agents and does the communication between agents built using Libvcx. Aries agent can be configured to act as edge agents as well as cloud agents and can be configured indy ledger being used.Then why do we need libvcx integration here. What about Indy-agent. Can we create both cloud and edge agents using this?

dbluhm (Mon, 25 Nov 2019 20:37:07 GMT):
@bansatya Indy Agent was superseded by Aries. Everything that was going on on that front has been migrated to Aries or discontinued. Aries today is more accurately defined as a collection of implementations that are striving to match the protocol defined in Aries RFCs. Using the codebases in Aries, you can implement cloud or edge agents. LibVCX was developed by Evernym and significant amounts of that work occurred before even the Indy Agent community had started up. It represents some of the earliest forays into Identity agents and as a result some of the approaches it takes don't align with thinking now commonly held within the community. Evernym is actively working to make libVCX Aries spec compatible. The dummy cloud agent fulfills a dependency in libVCX based agents in the simplest possible way. @esplinr can probably provide more detail on that if you're interested.

esplinr (Mon, 25 Nov 2019 21:01:48 GMT):
That's a pretty good summary @dbluhm . Dummy cloud agent is a testing tool. It acts as a cloud agent.

esplinr (Mon, 25 Nov 2019 21:01:48 GMT):
That's a pretty good summary @dbluhm . Dummy cloud agent is a testing tool. It acts as a cloud agent in LibVCX system tests.

Dubh3124 (Mon, 25 Nov 2019 21:08:26 GMT):
Had anyone tried to create a python based mobile agent using Kivy or pybee tools? Just curious

kengeo (Mon, 25 Nov 2019 21:25:04 GMT):
Hello team, did anyone record this meeting by any chance? I was not able to attend and would love to give it a listen.

bansatya (Tue, 26 Nov 2019 01:53:55 GMT):
@dbluhm , Thanks for the summary. So, an agent can be build (that uses indy) without Libvcx using Aries (ACA-py). Is this correct understanding?

bansatya (Tue, 26 Nov 2019 02:04:57 GMT):
Thanks @dbluhm . I understand that using Aries I can build my own agent (that uses Indy) and there is no dependency in libvcx.

bansatya (Tue, 26 Nov 2019 02:13:57 GMT):
@esplinr , we can build indy agents using libvcx. Can those communicate without dummy cloud agent? Because initialisation of a libvcx agent needs an agency URL which has to be the dummy cloud agent URL for successful communication. Apologies, for asking multiple questions on this. But, dependency of libvcx on other agents(ex. dummy cloud agent) is confusing me

AvikHazra-klizos (Tue, 26 Nov 2019 04:19:18 GMT):
Hello... I create two client, *bob* and *alice*. then use CreateInvitation, HandleInvitation and GetConnection for create invitation from bob, handle invitation from alice and get connection from alice. After that I want to check the connection record from client alice. I'm using ```didexchangeAlice.QueryConnections()``` that showing not enough arguments in call to didexchangeAlice.QueryConnections have () want (*"github.com/hyperledger/aries-framework-go/pkg/client/didexchange".QueryConnectionsParams)

AvikHazra-klizos (Tue, 26 Nov 2019 04:19:18 GMT):
Hello... I create two client, *bob* and *alice*. then use CreateInvitation, HandleInvitation and GetConnection for create invitation from bob, handle invitation from alice and get connection from alice. After that I want to check the connection record from client alice. I'm using ```didexchangeAlice.QueryConnections()``` that showing the following, can anyone help me out ? what parameter is required, and how to use that not enough arguments in call to didexchangeAlice.QueryConnections have () want (*"github.com/hyperledger/aries-framework-go/pkg/client/didexchange".QueryConnectionsParams)

IWontDiscloseMyIdentity (Tue, 26 Nov 2019 04:54:39 GMT):
Has joined the channel.

esplinr (Tue, 26 Nov 2019 14:43:56 GMT):
LibVCX was designed by Evernym around the use cases in our products. It uses the mediator pattern to rely on the commercial Evernym Agency as a cloud agent for persistent connectivity. We contributed the Dummy Cloud agent to show how the Evernym Agency can be abstracted away, but I haven't seen anyone do the work to get it to communicate with a different cloud agent.

helengarneau (Tue, 26 Nov 2019 16:13:37 GMT):
Aries Connectathon attendance numbers for catering and venue are being finalized today. Please sign up by COB 11/26 to attend this event so there is enough food, space, and goodies for everyone. PLEASE SIGN UP HERE: https://forms.gle/aCsMzcfhLJ21CbnP6

Henrycoffin (Wed, 27 Nov 2019 09:53:38 GMT):
Hi everyone. Can anyone point me at any docs explaining how wallet security works? Specifically around storage. I am really looking for something i can share with business people. Thanks

swcurran (Wed, 27 Nov 2019 15:46:48 GMT):
The best overall description is here - https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets. Not ideal for business, but perhaps you can adapt it.

rodolfoleal (Wed, 27 Nov 2019 17:09:26 GMT):
There is already some mobile wallet that i can use to develop, validate and show a working solution to stakeholders?

rodolfoleal (Wed, 27 Nov 2019 17:10:14 GMT):
I just found evernym one, but I can't point to my development pool.

swcurran (Wed, 27 Nov 2019 17:38:18 GMT):
There is https://streetcred.id's wallet (not sure you can point it at your own ledger though) and OSMA from which you can build your own - but that will take some work. https://github.com/mattrglobal/osma

priyashankar (Thu, 28 Nov 2019 11:10:57 GMT):
I know it's a lot to ask for, but when can we expect a getting-started developer guide for Aries just like Indy? Although, I must say that the Go Docs are so far impressive, but it requires a lot of time to decode and build a prototype on top of that.

AvikHazra-klizos (Thu, 28 Nov 2019 11:14:14 GMT):
I too have the same question. @swcurran Sir, can you add something on this one?

CHempel (Thu, 28 Nov 2019 11:15:31 GMT):
I'm facing some issues with proofing credentials issued on cred defs with revocation support. When there's only one credential issued for the corresponding revoc reg everything is fine. But if I issue another credential, every following proof is verified as false. I'll attach some code, using mainly the indy sdk and also some functions from the Aries Framework for .NET. The Agent is running inside a docker container based on ubuntu 18.04 as libindy 1.11.1 from https://repo.sovrin.org/sdk/deb xenial stable is used. Would be great if anyone can help. Thanks, Christopher

swcurran (Thu, 28 Nov 2019 14:47:20 GMT):
@sklump ^^ Perhaps you can help. @CHempel - Stephen has done the most work I'm aware of on revocation. He has several repos that have functionality and tests that cover many a lot of revocation based functions. See the docs and the related github repos: https://von-anchor.readthedocs.io/en/latest/ There is a full section on revocation and the related code and tests are linked.

swcurran (Thu, 28 Nov 2019 14:50:54 GMT):
We've put together the set of docs and demo code you can find here: https://github.com/hyperledger/aries-cloudagent-python/tree/master/docs/GettingStartedAriesDev We plan to use that as the basis of an edX course that will extend the one just published about Indy, Aries and Ursa. The material is not complete, but it gives you a decent start in using the aries-cloudagent-python. Many of the same principles apply with aries-framework-dotnet, and aries-framework-go uses the same agent+controller architecture of ACA-Py.

swcurran (Thu, 28 Nov 2019 14:51:22 GMT):
The Indy/Aries/Ursa course is here: https://www.edx.org/course/introduction-to-hyperledger-sovereign-identity-blockchain-solutions-indy-aries-and-ursa

swcurran (Thu, 28 Nov 2019 14:51:36 GMT):
The new course is planned for release in early 2020.

priyashankar (Thu, 28 Nov 2019 15:21:07 GMT):
This might seem dumb but with aries-cloudagent-python exposing every agent on a separate port altogether, is that a scalable solution at all?

priyashankar (Thu, 28 Nov 2019 15:21:07 GMT):
@swcurran This might seem dumb but with aries-cloudagent-python exposing every agent on a separate port altogether, is that a scalable solution at all? I am not talking about an enterprise agent but a mobile one which has wide adoption in the general public.

swcurran (Thu, 28 Nov 2019 18:46:26 GMT):
It depends on what you are doing and how you are configuring agents. Seems like you have a specific design in mind? We're using horizontal scaling for what we are building and that's working fine.

Baha-sk (Thu, 28 Nov 2019 23:59:33 GMT):
I pushed a PR to make the Aries envelope JWE compliant: https://github.com/hyperledger/aries-rfcs/pull/334 .. hopefully we can enhance/improve the envelope structure and streamline interoperability between Aries agents.. @kdenhartog @danielhardman @troyronda

priyashankar (Fri, 29 Nov 2019 05:07:22 GMT):
What is the difference between creating two clients using the same context and using different contexts for both?

anchit (Fri, 29 Nov 2019 05:34:05 GMT):
Hi All, I am exploring Aries and identity related concepts and have below doubts: 1) Is there any document/paper which explains how credentials are verified when presented to a verified? I understand that Ursa's cryptographic methods handles this for us, but want to know the underlying concepts of this verification. 2) Why do we need to store revocation registry along with a credential definition? As per my understanding, creds can be issued to multiple users from a same cred definition. Then if we revoke a cred def, will it revoke that credential for all the users?

bansatya (Fri, 29 Nov 2019 07:42:09 GMT):
Hi, I setup aries agent (python packages) and tried to access the admin endpoints. While it's being accessed within same machine, it 's working fine. However, while trying to access from remote machine, I am not getting the swagger UI even though required ports are open. Anyone face this sort of issues?

bansatya (Fri, 29 Nov 2019 07:42:09 GMT):
HI, I am using python package, I started the agent using "aca-py start --inbound-transport http 0.0.0.0 8001 --outbound-transport http --admin 127.0.0.1 8000 --admin-insecure-mode --log-level debug" options. However, I could access the admin url only if I am accessing from local machine (ubuntu). However, if I use cloud terminal (ubuntu) to start the agent (with the respective port open) and then access same from local machine, I am not able to access. Any additional configuration is required for same? Can anyone share any thoughts?

priyashankar (Fri, 29 Nov 2019 08:57:39 GMT):
Have you deployed your aries agent locally?

priyashankar (Fri, 29 Nov 2019 10:14:10 GMT):
In that case, those endpoints are only accessible remotely over a LAN and that too, only after you allow those particular ports to accept all incoming connections.

SwapnaliDive (Fri, 29 Nov 2019 10:16:29 GMT):
Hey, Can we have more detailed document of aries aca-py to setup it locally and run it

bansatya (Fri, 29 Nov 2019 10:16:36 GMT):
The port where this is configured are open for outside access. So, should be accessed remotely using IP and port

priyashankar (Fri, 29 Nov 2019 10:34:10 GMT):
With locally, I meant localhost. Is that the case?

priyashankar (Fri, 29 Nov 2019 10:34:10 GMT):
With locally, I meant localhost/private IP. Is that the case?

priyashankar (Fri, 29 Nov 2019 10:34:10 GMT):
With locally, I meant either localhost or the Private IP. Is that the case?

bansatya (Fri, 29 Nov 2019 12:50:43 GMT):
@priyashankar, Yes deployed in localhost

tomislav (Fri, 29 Nov 2019 12:54:06 GMT):
@CHempel This can be an issue with multiple things. Maintenance of the revoc file, usage of the revocation interval in proof request, updating the ledger with delta. Can you provide more info on the specific usage?

tomislav (Fri, 29 Nov 2019 13:10:03 GMT):
@CHempel I would verify that the tails file is correctly created and updated after the second credential is issued. The flow in your code looks to be correct.

CHempel (Fri, 29 Nov 2019 13:15:11 GMT):
@tomislav when I revoke the second credential, proofs using the first credentials return true again. When I issue another credential, same as before, all proofs return false.

tomislav (Fri, 29 Nov 2019 13:16:33 GMT):
Do they return true even if you set the `timestamp` of the revocation in proof request to something way in the past?

tomislav (Fri, 29 Nov 2019 13:23:21 GMT):
Interesting. I don't think revocation has been tested extensively by the community, past simple issue/revoke scenarios. Some agent implementation don't support revocation at all.

tomislav (Fri, 29 Nov 2019 13:24:01 GMT):
I would love to dive deeper into this. Perhaps create an integration unit test inside the aries framework .net testing out multiple issuance and revocation.

lovesh (Fri, 29 Nov 2019 14:12:02 GMT):
A similar issue was reported in Ursa channel here https://chat.hyperledger.org/channel/ursa?msg=YpnnAn34hTNofkExb.

jljordan_bcgov (Fri, 29 Nov 2019 17:24:23 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/master/DevReadMe.md#running

swcurran (Fri, 29 Nov 2019 17:51:27 GMT):
There was a very detailed description created by someone as they deployed it locally on MacOS. Would that help? https://github.com/SmithSamuelM/aries-cloudagent-python/blob/766fec3c7fdde5ee01ac432e2c6bd92ab929a111/demo/DemoMacOSRunLocalTLDR.md The problem with that description is that it is so detailed, it is out of date re versions and so on, and we can't take on the burden of maintaining it. Let us know if it works for you.

swcurran (Fri, 29 Nov 2019 17:53:53 GMT):
@rjones - can you please add @sklump (github id: sklump) as a committer on the aries-cloudagent-python project (https://github.com/hyperledger/aries-cloudagent-python)? Thanks

rjones (Sat, 30 Nov 2019 06:35:51 GMT):
@swcurran done. You had the power to do it yourself, though, via https://github.com/orgs/hyperledger/teams/aries-cloudagent-python-committers/members

swcurran (Sat, 30 Nov 2019 18:36:10 GMT):
Thanks. Sorry for not doing it myself. I was looking for that ability in the repo itself. I've bookmarked that link now.

rjones (Sat, 30 Nov 2019 20:13:22 GMT):
No worries. There is a time when you can't do it: when the person you want to add isn't a member of the Hyperledger org. If you run into that, let me know.

priyashankar (Mon, 02 Dec 2019 04:01:43 GMT):
If that be the case, then I suppose it can not be accessed remotely.

priyashankar (Mon, 02 Dec 2019 04:06:54 GMT):
@swcurran Thank you, it means a lot coming from your end. I'm not trying to bother you but can you please add a little more on the horizontal scaling bit?

priyashankar (Mon, 02 Dec 2019 04:27:22 GMT):
How to define/create a wallet separately for an Aries agent?

AvikHazra-klizos (Mon, 02 Dec 2019 05:19:43 GMT):
Is there any option for an aries client to connect to a *pool* ?

AvikHazra-klizos (Mon, 02 Dec 2019 05:19:43 GMT):
Is there any option for an aries client to connect to a *Indy pool* ? If yes, then how ?

AvikHazra-klizos (Mon, 02 Dec 2019 05:19:43 GMT):
Is there any option for an aries client to connect to a *Indy pool*? If yes, then how?

AvikHazra-klizos (Mon, 02 Dec 2019 05:19:43 GMT):
@swcurran Is there any option for an aries client to connect to a *Indy pool*? If yes, then how?

cam-parra (Mon, 02 Dec 2019 17:37:48 GMT):
Hi all! If you're in Utah for the connectathon please let me know if you need anything. some slopes are open and I can take a group of you up if you'd like. Just shoot me a message

filip.burlacu (Mon, 02 Dec 2019 19:20:24 GMT):
@kdenhartog I think we may need to scrap multi-recipient messages entirely

filip.burlacu (Mon, 02 Dec 2019 19:23:50 GMT):
as far as I can tell, they only offer convenience a recipient cannot be guaranteed that the other recipients received the same message, since a malicious sender could give one of its recipients a bad CEK, so they get a garbage message which fails to authenticate, while other recipients think the message was completely fine

kdenhartog (Mon, 02 Dec 2019 19:47:13 GMT):
How is that fixed by splitting it into multiple messages?

filip.burlacu (Mon, 02 Dec 2019 19:54:24 GMT):
doesn't fix that, but it does get around a vulnerability where any recipient of a multi-recipient message can send arbitrary messages impersonating the sender to any subset of the other recipients

filip.burlacu (Mon, 02 Dec 2019 19:55:13 GMT):
I'm saying that multi-recipient messages don't seem to offer anything with reliable guarantees over just sending multiple messages

tplooker (Mon, 02 Dec 2019 20:14:36 GMT):
@filip.burlacu we are aware of the vulnerability you are citing, and as far as I can see there are two options 1. Different messages entirely so we have unique CEK's and ciphers per recipient (this exponentially increases the computation required to create a multi-recipient message) 2. Include a hash of the original message from the sender encrypted to each recipient along with the CEK which allows a recipient to confirm the cipher has not been swapped

filip.burlacu (Mon, 02 Dec 2019 20:20:48 GMT):
1. good point, the cost is multiplied by the number of recipients, which is a cost we'd have to bear unless we have a 2. good cryptographic guarantee

tplooker (Mon, 02 Dec 2019 20:22:24 GMT):
Correct, in-fact I think you could just hash the resulting cipher text and encrypt that per recipient like we do with the CEK

tplooker (Mon, 02 Dec 2019 20:22:35 GMT):
Need to investigate further though

filip.burlacu (Mon, 02 Dec 2019 20:26:19 GMT):
I suggested encrypting the auth tag the same way we encrypt the CEK since the auth tag is a hash construction anyway

filip.burlacu (Mon, 02 Dec 2019 20:28:01 GMT):
but encrypting a hash of the ciphertext is less ...bespoke

tplooker (Mon, 02 Dec 2019 20:30:32 GMT):
We will explore a couple of options in regards to this and come back to the community with some suggestions

george.aristy (Mon, 02 Dec 2019 20:51:46 GMT):
How can the malicious recipient successfully impersonate the sender with arbitrary authcrypted msgs?

Baha-sk (Mon, 02 Dec 2019 23:23:15 GMT):
if the malicious recipient was able to decrypt the CEK (using the compromised recipient private key), then they can impersonate the sender with that CEK and the use of the corresponding JWE headers

Baha-sk (Mon, 02 Dec 2019 23:25:55 GMT):
i'm more concerned about JWE compliance, how would this fit in a JWE, what field would be used for this `encrypted` hash

tplooker (Mon, 02 Dec 2019 23:36:51 GMT):
I agree JWE compliance is very important to have. I intend to reach out to the author of the ECDH-1PU draft and ask if he would consider defining a new JOSE header field in the draft and describes its application in the context of ECDH-1PU

tplooker (Mon, 02 Dec 2019 23:37:51 GMT):
Do you have any alternative approaches?

Baha-sk (Mon, 02 Dec 2019 23:46:04 GMT):
The ietf draft of ECDH-1PU does mention wrapping the contents with a JWS as a solution for forging vulnerabilities....

Baha-sk (Mon, 02 Dec 2019 23:47:27 GMT):
@troyronda and I are the authors of the RFC btw

Baha-sk (Mon, 02 Dec 2019 23:49:31 GMT):
The Aries RFC-0335 that is... Not the ietf draft

priyashankar (Tue, 03 Dec 2019 04:16:58 GMT):
@kdenhartog I wrote a Node.js application using Indy to complete the holder-issuer-verifier loop. I am trying to do the same thing with Aries, but I am failing to understand where to start. Can you please guide me up a bit?

TelegramSam (Tue, 03 Dec 2019 15:00:24 GMT):
Last week's Aries WG call recording posted. Sorry for the delay! https://wiki.hyperledger.org/pages/viewpage.action?pageId=24775630

TelegramSam (Tue, 03 Dec 2019 15:33:40 GMT):
Aries Connectathon Announcement: We are meeting in person in Provo Utah for the next three days. We don't have professional AV support for remote attendance, but we will be doing our best to post zoom links for sessions where we can. We will use this channel whenever possible.

nage (Tue, 03 Dec 2019 15:35:15 GMT):
### Aries Connectathon in Provo, UT starting in 25 minutes ###

TelegramSam (Tue, 03 Dec 2019 15:35:22 GMT):
https://zoom.us/j/8018881111 please do not join audio if you are in the room in Provo

nage (Tue, 03 Dec 2019 15:35:35 GMT):
To listen in or see the screen, jump on the zoom link

daidoji (Tue, 03 Dec 2019 15:47:58 GMT):
@TelegramSam does that mean don't listen or just make sure we're muted?

nage (Tue, 03 Dec 2019 15:48:23 GMT):
If multiple people inside the physical room join the audio we get terrible feedback

nage (Tue, 03 Dec 2019 15:48:36 GMT):
it is best if you don't join the audio at all if you are phsycially in the room to avoid problems

nage (Tue, 03 Dec 2019 15:49:50 GMT):
if you are remote, please join. It is likely best to stay muted and ask questions here -- while we will make efforts to include everyone, it is often the case that audio during group discussions will be useless, and only really helpful when there is a single speaker.

nage (Tue, 03 Dec 2019 15:50:07 GMT):
(too much background noise and distance from the mic)

callahan (Tue, 03 Dec 2019 16:03:58 GMT):
For those of you unaware of the past event (err... @TelegramSam ) 20 Nov Hyperledger DC event on Aries: https://www.meetup.com/Hyperledger-Washington-DC/events/266346975/

nage (Tue, 03 Dec 2019 16:09:12 GMT):
Special thanks to @Silona for the work enabling and organizing

Silona (Tue, 03 Dec 2019 16:10:17 GMT):
Thank you! Sorry I couldn't make it but Doctor's orders and all. Have fun and be productive!

Silona (Tue, 03 Dec 2019 16:10:30 GMT):
Can't wait to hear about what everyone works on!

nage (Tue, 03 Dec 2019 16:18:12 GMT):
If you have agenda or proceedure questions @burdettadam @TelegramSam @helengarneau and @nage can all help

nage (Tue, 03 Dec 2019 16:40:52 GMT):
### Test Suite update and overview ###

nage (Tue, 03 Dec 2019 16:43:23 GMT):
@dbluhm will you post a link to your slides here?

dbluhm (Tue, 03 Dec 2019 16:44:26 GMT):
https://docs.google.com/presentation/d/1HwvCvYvgYZhvVQZH7pk3ALCMs2aT5_8dwgo43YmciVs/edit?usp=sharing

mboyd (Tue, 03 Dec 2019 16:56:52 GMT):
https://github.com/hyperledger/aries-protocol-test-suite

nage (Tue, 03 Dec 2019 17:03:24 GMT):
### On to a test harness discussion ###

nage (Tue, 03 Dec 2019 17:03:37 GMT):
@ianco and @swcurran leading this section

ianco (Tue, 03 Dec 2019 17:04:14 GMT):
https://docs.google.com/presentation/d/17iEhjs9xv3JRpcvXn6eu_12uEhOlwxyL_Tgt584wJmg/edit#slide=id.g7a60ac61bd_0_6

dbluhm (Tue, 03 Dec 2019 17:37:54 GMT):
## Morning Break ## Back in a minute for a white board discussion

vinomaster (Tue, 03 Dec 2019 17:48:29 GMT):
@lanco pls share link to your test suite repo

josephboyle (Tue, 03 Dec 2019 18:01:36 GMT):
https://github.com/ianco/aries-agent-test-harness

helengarneau (Tue, 03 Dec 2019 18:14:27 GMT):
Please email me: helen(at)sovrin.org if you'd like a copy of the group picture

nage (Tue, 03 Dec 2019 19:13:53 GMT):
### Testing discussion has wrapped up for lunch ###

nage (Tue, 03 Dec 2019 19:14:12 GMT):
some more unstructured discussion will likely occur durng lunchtime, we will re-convene at the new location at 1:15

TelegramSam (Tue, 03 Dec 2019 20:24:01 GMT):
https://zoom.us/j/8018881111 Zoom room (in a sec) for the Interop Profile Discussion.

troyronda (Tue, 03 Dec 2019 20:38:25 GMT):
The protocols by themselves will not indicate interop for issue credential, for example.

troyronda (Tue, 03 Dec 2019 20:38:25 GMT):
The protocol name, by itself, will not always indicate interop. issue credential, for example.

troyronda (Tue, 03 Dec 2019 20:38:50 GMT):
There are variations based on the payload format.

troyronda (Tue, 03 Dec 2019 20:41:55 GMT):
I also think we need to have layers in the AIP stack: https://github.com/hyperledger/aries-rfcs/issues/332

troyronda (Tue, 03 Dec 2019 20:42:07 GMT):
Why would a DIDComm router support the entire list of protocols?

troyronda (Tue, 03 Dec 2019 20:42:07 GMT):
Why would a DIDComm router support the entire list of protocols? It's still a Hyperledger Aries Agent.

troyronda (Tue, 03 Dec 2019 20:42:07 GMT):
Why would a DIDComm router support the entire list of protocols? It's still a Hyperledger Aries Agent, acting in the mediator role.

troyronda (Tue, 03 Dec 2019 20:58:10 GMT):
(Without credential protocols, for example).

troyronda (Tue, 03 Dec 2019 21:07:46 GMT):
In summary it is difficult to have one size fits all. Layers and roles are important when talking about interop profiles.

filip.burlacu (Tue, 03 Dec 2019 21:15:05 GMT):
I drafted an RFC for using DIDComm as an HTTP tunnel https://github.com/hyperledger/aries-rfcs/pull/338 I welcome any comments, hopefully constructive ;)

troyronda (Tue, 03 Dec 2019 21:17:49 GMT):
Transport return route is important for the mediator role.

troyronda (Tue, 03 Dec 2019 21:17:49 GMT):
Transport return route (or equivalent) is important for the mediator role.

troyronda (Tue, 03 Dec 2019 21:17:49 GMT):
Duplex mode is important for the mediator role.

troyronda (Tue, 03 Dec 2019 21:18:23 GMT):
i will just keep repeating roles ;).

george.aristy (Tue, 03 Dec 2019 21:19:04 GMT):
There is ongoing discussion regarding this decorator here: https://github.com/hyperledger/aries-rfcs/pull/325

josephboyle (Tue, 03 Dec 2019 21:19:56 GMT):
Session grid says ZKP moved to 4pm and now there are two other sessions, Q&A and roadmap. However room 308 is actually doing ZKP now. Where are the other sessions besides 201 Interop? Not seeing a third room signed.

nage (Tue, 03 Dec 2019 21:27:18 GMT):
The third room is currently empty and available for those doing independent work

MALodder (Tue, 03 Dec 2019 21:27:49 GMT):
ZKP slides https://docs.google.com/presentation/d/1D94H8vu-cw-0USgNl1aqz18gvUBhdTMXkxKR4WVV1E8/edit?usp=sharing

troyronda (Tue, 03 Dec 2019 21:29:11 GMT):
I want a target for DIDComm routing and secure tunnelling :)

troyronda (Tue, 03 Dec 2019 21:29:11 GMT):
I want a target for DIDComm routing and transport :)

Identitywoman (Tue, 03 Dec 2019 22:39:09 GMT):
For tomorrow AM - the library opens at 9 and there will be some breakfast....but I would love for folks who might want to connect before to have a "sit down" breakfast at 8am. If we can find somewhere near.

AnnaJ (Tue, 03 Dec 2019 22:53:34 GMT):
If you are NOT attending the Aries Connectathon tomorrow (Wednesday), please message me. We need a headcount of who is not going to be there tomorrow to help us order food.

dbluhm (Tue, 03 Dec 2019 23:03:28 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=k8fgfF3un7zdNrFTt) A couple of nearby spots that are open at 8AM: Enliten Bakery and Cafe: https://goo.gl/maps/xxs6zgFpPS8QxDDu8 The Spoon: https://goo.gl/maps/E6QxxCHPnyiQFtHf9 Guru's: https://goo.gl/maps/2JgEz6bbNMZNxHsU8 Not a sit down location but Provo Bakery is fantastic still: https://goo.gl/maps/2W9D1Jz1sDz1jMF9A Another tiny place with only outdoor seating but great food is Hruska's Kolaches: https://goo.gl/maps/kM3jMHFst1wYMZbPA Haven't personally tried Enliten or The Spoon but they seem decent.

Identitywoman (Tue, 03 Dec 2019 23:37:55 GMT):
Also....for people from out of Town....who wants to go for dinner nearby? I am at an airbnb walking distance...would love to connect with others from out of town.

Identitywoman (Tue, 03 Dec 2019 23:38:49 GMT):
can we go somewhere and "socialize" once we get out of the library?

mwherman2000 (Wed, 04 Dec 2019 00:55:13 GMT):
The first #trusted web page was delivered today on the #TrustedDigitalWeb - end-to-end - from a #TrustedDigitalWeb Data Registry to a #TrustedDigitalAssistant client app - using didttp: (DID Trusted Transport Protocol). #HugeMilestone. Here are the steps to reproduce this scenario... https://hyperonomy.com/2019/12/03/trusted-digital-web-first-trusted-web-page-delivered-today-dec-3-2019/

MALodder (Wed, 04 Dec 2019 01:01:32 GMT):
I’ll be to the Sovrin office around 8 AM for those that want to come in with good Wi-Fi and do work

abdfaye (Wed, 04 Dec 2019 11:52:14 GMT):
Hi, I am trying to use the aries-framework-dotnet with Xamarin android for mobile but can't successfully expose my agent? Do you have any reference implementation for mobile? am I missing something?

abdfaye (Wed, 04 Dec 2019 11:52:14 GMT):
Hi, I am trying to use the aries-framework-dotnet with Xamarin android for mobile but can't successfully expose my agent. Do you have any reference implementation for mobile? am I missing something?

ajayjadhav (Wed, 04 Dec 2019 12:20:48 GMT):
Hi @MALodder - Is this session recorded? I missed it yesterday..

MALodder (Wed, 04 Dec 2019 13:35:43 GMT):
I don’t think so but I’m happy to discuss it 1-on-1 if you like

esplinr (Wed, 04 Dec 2019 14:56:49 GMT):
Well be starting the Aries WG A call in 5 minutes: https://zoom.us/j/244779296

esplinr (Wed, 04 Dec 2019 15:03:19 GMT):
Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24775431

troyronda (Wed, 04 Dec 2019 15:42:31 GMT):
We are looking at how well tink (https://github.com/google/tink) might fit into aries-framework-go.

swcurran (Wed, 04 Dec 2019 15:45:23 GMT):
Would that be an alternative to libsodium?

Baha-sk (Wed, 04 Dec 2019 15:55:41 GMT):
KMS will manage keys for the aries agent.. which can be plugged into to Tink

Baha-sk (Wed, 04 Dec 2019 15:56:30 GMT):
Tink will be the keys interface to the agent.. with the help of key handles to be used in the agent (something like an ID of the key to be used for crypto operations)

Baha-sk (Wed, 04 Dec 2019 15:57:20 GMT):
i believe Tink has Chacha20Poly1305 key and crypto providers.. these are alternatives to libsodium

Baha-sk (Wed, 04 Dec 2019 15:57:20 GMT):
i believe Tink has Chacha20Poly1305 key and crypto providers (or what they call Tink lingo primitives).. these are alternatives to libsodium. One can also create their own primitive (to call libsodium)

Baha-sk (Wed, 04 Dec 2019 15:57:20 GMT):
i believe Tink has Chacha20Poly1305 key and crypto providers (or what they call in Tink lingo primitives).. these are alternatives to libsodium. One can also create their own primitive (to call libsodium)

troyronda (Wed, 04 Dec 2019 15:58:45 GMT):
We are particularly interested in a multi-language library (in our case Go), so we can retain a native Go implementation of aries-framework-go default packages.

Baha-sk (Wed, 04 Dec 2019 16:00:12 GMT):
Python and Java are among the other languages supported too

Baha-sk (Wed, 04 Dec 2019 16:00:12 GMT):
Python, Java and javascript are among the other languages supported to

Baha-sk (Wed, 04 Dec 2019 16:00:12 GMT):
Python, Java and javascript are among the other languages supported too

troyronda (Wed, 04 Dec 2019 16:00:17 GMT):
So that framework users can easily just fetch the Go package and use it; and so we can compile to other targets like WASM.

ajayjadhav (Wed, 04 Dec 2019 16:36:20 GMT):
Oh, that's great. thanks.. I will talk to you..

MALodder (Wed, 04 Dec 2019 16:36:26 GMT):
you are going for FIPS then Tink is not an option other than it does NIST approved algorithms because its not a FIPS approved library

MALodder (Wed, 04 Dec 2019 16:36:26 GMT):
If you are going for FIPS then Tink is not an option other than it does NIST approved algorithms because its not a FIPS approved library

Baha-sk (Wed, 04 Dec 2019 16:38:06 GMT):
not sure what you mean by `its not a FIPS approved library` .. AESGCM is a FIPS approved algorithm.. libraries implement the algorithm as per the specs

MALodder (Wed, 04 Dec 2019 16:38:38 GMT):
right but implementations also need to be FIPS approved like OpenSSL or Microsofts NCrypt

MALodder (Wed, 04 Dec 2019 16:39:31 GMT):
there aren't many because its expensive and grueling to get FIPS approved

troyronda (Wed, 04 Dec 2019 16:39:50 GMT):
The goal should be FIPS algorithm usage and pluggable crypto implementations.

troyronda (Wed, 04 Dec 2019 16:40:08 GMT):
(obviously the default "out of the box" implementation is not FIPS approved).

MALodder (Wed, 04 Dec 2019 16:40:55 GMT):
a common configuration is to have software wrap a FIPS approved component like hardware and call into that

Baha-sk (Wed, 04 Dec 2019 16:41:28 GMT):
in this case, we don't have many options then

MALodder (Wed, 04 Dec 2019 16:42:20 GMT):
NIST hasn't looked at verifiable credentials and mandated any signatures or implementations so for now its open

ajayjadhav (Wed, 04 Dec 2019 16:42:32 GMT):
Zoom link - https://zoom.us/j/8018881111

MALodder (Wed, 04 Dec 2019 16:43:40 GMT):
It could be possible to create cryptographic modules using a TEE that could be FIPS compliant. The main reason for FIPS compliant is either gov or healthcare

AsemOthman (Wed, 04 Dec 2019 16:44:38 GMT):
@smithsamuelm , would you please share the KERI slides!!

MALodder (Wed, 04 Dec 2019 16:45:03 GMT):
Ursa is planning to allow Unbound to be used as a possible backend. Unbound just recently passed FIPS 140-2 Levels 1 & 2

MALodder (Wed, 04 Dec 2019 16:45:09 GMT):
https://www.unboundtech.com/unbound-receives-fips-140-2-certification/

george.aristy (Wed, 04 Dec 2019 16:50:28 GMT):
Which talk is this? I can't identify it in the session matrix

AsemOthman (Wed, 04 Dec 2019 17:02:50 GMT):
Found it in your github!! thanks

Baha-sk (Wed, 04 Dec 2019 17:17:31 GMT):
agree you... the goal is to create a pluggable Crypto and KMS modules where we can plug-in our own implementations that supports NIST/FIPS curve... but can also be replaced by modules that wrap a compliant library. The point is to offer flexibility to the framework user without constraints

Baha-sk (Wed, 04 Dec 2019 17:17:31 GMT):
agree you... the goal is to create a pluggable Crypto and KMS modules where we can plug-in our own implementations that supports NIST/FIPS curves... but can also be replaced by modules that wrap a compliant library. The point is to offer flexibility to the framework user without constraints

Baha-sk (Wed, 04 Dec 2019 17:17:31 GMT):
agree with you... the goal is to create a pluggable Crypto and KMS modules where we can plug-in our own implementations that supports NIST/FIPS curves... but can also be replaced by modules that wrap a compliant library. The point is to offer flexibility to the framework user without constraints

Baha-sk (Wed, 04 Dec 2019 17:17:31 GMT):
agree with you... the goal is to create a pluggable Crypto and KMS modules where we can plug-in our own implementations that supports NIST/FIPS curves & algorithms... but can also be replaced by modules that wrap a compliant library. The point is to offer flexibility to the framework user without constraints

danielhardman (Wed, 04 Dec 2019 17:22:48 GMT):
I just wanted to repost a note that Ivan Herman sent to the W3C folks recently. Apparently there is a github handle `@context` (and I dunno, maybe `@id` and `@type` as well) -- so when they were having conversations in W3C github PR/issue streams and used `@context`, a random person was getting tagged in the conversation. The owner of the `@context` github handle asked to not be tagged. The solution is to always encode `@context` inside the backticks so it's viewed as code by github, not as a reference to a github handle. Since our community occasionally discusses JSON-LD's `@context`, and regularly mentions `@id` and `@type`, I thought we might want to observe the same etiquette.

smithsamuelm (Wed, 04 Dec 2019 17:50:30 GMT):
Here is the link to download the SeedQuest APP https://github.com/reputage/seedQuest

smithsamuelm (Wed, 04 Dec 2019 17:51:52 GMT):
Here is the link to the WebGL version of SeedQuest: https://seedquest.herokuapp.com

smithsamuelm (Wed, 04 Dec 2019 17:53:06 GMT):
Here is the link to the KERI slides: https://github.com/SmithSamuelM/Papers/blob/master/presentations/KERI2_Details_IIW_2019_B.pdf

smithsamuelm (Wed, 04 Dec 2019 17:54:07 GMT):
Here is the WhitePaper for KERI: https://arxiv.org/abs/1907.02143

TelegramSam (Wed, 04 Dec 2019 20:04:00 GMT):
Link for the Aries WG call, live from the Connectathon: https://zoom.us/j/856588081

TelegramSam (Wed, 04 Dec 2019 22:08:15 GMT):
Backchannel for testing Zoom link - https://zoom.us/j/8018881111

TelegramSam (Wed, 04 Dec 2019 22:11:19 GMT):
https://hackmd.io/JA5rY-S6QA2qnZpO-qMbIQ

TelegramSam (Wed, 04 Dec 2019 23:57:43 GMT):
DIF DIDDoc WG Charter: https://docs.google.com/document/d/1dg60vnelrqBzP7oPMqlEClARrh5t1D6_t9RI88MIufw/ (Use Suggestions)

mwherman2000 (Thu, 05 Dec 2019 00:50:42 GMT):
As a follow-up to today's early morning Aries call (where someone asked for more details about the *didttp:* (DID Trusted Transport Protocol) used in the Trusted Digital Web project), I've added a new section _Appendix E - Trusted Digital Web Communications Protocol_ to the TDW whitepaper. Checkout https://hyperonomy.com/2019/11/06/trusted-digital-web-whitepaper/.

mwherman2000 (Thu, 05 Dec 2019 00:50:42 GMT):
As a follow-up to today's early morning Aries call (where someone asked for more details about *didttp:* (DID Trusted Transport Protocol) used in the Trusted Digital Web project), I've added a new section _Appendix E - Trusted Digital Web Communications Protocol_ to the TDW whitepaper. Checkout https://hyperonomy.com/2019/11/06/trusted-digital-web-whitepaper/.

mwherman2000 (Thu, 05 Dec 2019 00:50:42 GMT):
As a follow-up to today's early morning Aries call (where someone asked for more details about *didttp:* (DID Trusted Transport Protocol) used in the Trusted Digital Web project), I've added a new section _Appendix E - Trusted Digital Web Communications Protocols_ to the TDW whitepaper. Checkout https://hyperonomy.com/2019/11/06/trusted-digital-web-whitepaper/.

SwapnaliDive (Thu, 05 Dec 2019 10:11:49 GMT):
Hi, I started aca-py with the following command : aca-py start --inbound-transport http 10.10.10.98 20000 --admin-insecure-mode --outbound-transport http --debug --log-level DEBUG --admin 10.10.10.98 20001 --label faber --genesis-url 10.10.10.98:9701 --genesis-file /tmp/indy/pool1.txn --ledger-pool-name indy_pool --admin-insecure-mode I am not able to configure aca-py with local ledger. Please let me know if I am missing anything. Thank you.

esplinr (Thu, 05 Dec 2019 16:06:10 GMT):
We are getting started with the identity implementers working group call: https://zoom.us/j/232861185

TelegramSam (Thu, 05 Dec 2019 16:26:10 GMT):
Connectathon Day 3 Agenda Building - https://zoom.us/j/8018881111

TelegramSam (Thu, 05 Dec 2019 16:26:10 GMT):
Connectathon Day 3 Agenda Building - https://zoom.us/my/telegramsam (Updated Link)

danielhardman (Thu, 05 Dec 2019 18:18:40 GMT):
Yesterday at the connectathon, I got a bit overbearing in a discussion. I wanted to post a mea culpa and apology about that. To avoid bloating the chat stream, I put my apology in a doc and I'm just linking to it here. https://docs.google.com/document/d/1qtzOo_VchuVXV598w4T9J2OAC-R0KiHBjMX-DrpzWBk/edit#heading=h.wwoq7rtnurtu

nage (Thu, 05 Dec 2019 19:31:16 GMT):
A link to distract folks in the KID and peer DID discussions https://ssbc.github.io/scuttlebutt-protocol-guide/

troyronda (Thu, 05 Dec 2019 20:04:29 GMT):
I assume did:peer will also go to DIF?

troyronda (Thu, 05 Dec 2019 20:04:29 GMT):
I assume did:peer is still also going to DIF? Is it included in the DIDComm WG?

troyronda (Thu, 05 Dec 2019 20:04:29 GMT):
I assume did:peer is still also going to DIF? Which WG?

TelegramSam (Thu, 05 Dec 2019 20:38:44 GMT):
Connectathon: DIF DIDComm WG Charter Review: https://zoom.us/my/telegramsam

troyronda (Thu, 05 Dec 2019 21:16:04 GMT):
From yesterday's call, I thought it would be useful to clarify the current implementation status of RFCs in aries-framework-go (and also write up an RFC wish list): https://github.com/hyperledger/aries-framework-go/issues/920

esplinr (Thu, 05 Dec 2019 21:26:45 GMT):
Hyperledger has a new process for managing calendars. Administators of the mailing list group have the right to create calendar appointments. I requested to become an admin so that I could migrate the WG A and B calls to the new calendar. Hopefully my efforts are helpful. It would be great if others are admins and can manage this process.

MALodder (Thu, 05 Dec 2019 23:27:24 GMT):
In the last session of the connect-athon I asked the question why DIF is using regular signatures over the ZKP-based ones and the response was to avoid the three-step process of offer response and receive. The same for presentations here is why I don’t think that works, anything short of the three-step process is subject to forgeries and replay attacks because one side of the interaction needs to make sure that this is a new presentation or a new credential request that can only be guaranteed by getting a unique session ID like a nonce or random number from one of the parties which requires the three-step process. So unless they can address this in another way there is no difference between the ZKP-based approach and the simple signature based approach and this argument is not valid. Anything that works around this in a secure way can also be applied to the ZKP-based approach

MALodder (Thu, 05 Dec 2019 23:29:01 GMT):
No arguments so far that I have found has been strong enough to sufficiently mandate the non-ZKP method over the ZKP method

MALodder (Thu, 05 Dec 2019 23:31:05 GMT):
If they claim to only want a two-step process that doesn’t address the uniqueness of forgeries and replay attacks then their solution is completely insecure

MALodder (Thu, 05 Dec 2019 23:32:52 GMT):
There are very limited and effective secure cases of 1RTT

MALodder (Thu, 05 Dec 2019 23:34:15 GMT):
I get that ZKP’s are not necessary for every use case. But the decision to use ZKP’s or not should be based on use case not capabilities and perceived benefits of round-trip times

MALodder (Fri, 06 Dec 2019 00:06:26 GMT):
The advantage of the ZKP-based approach is that the cryptographers designed and approved the **protocol**. For those implementing the other approach using non-ZKP-based credentials have to invent their own protocol and then get it re-certified by security professionals

MALodder (Fri, 06 Dec 2019 00:08:23 GMT):
I personally prefer a protocol designed by a cryptographer rather than a credential implementer

MALodder (Fri, 06 Dec 2019 00:14:48 GMT):
Implemented typically have little to no experience designing security protocols

MALodder (Fri, 06 Dec 2019 00:15:08 GMT):
And designing security protocols is hard

MALodder (Fri, 06 Dec 2019 00:17:21 GMT):
It’s hard for even the cryptographers and security engineers to get right. Look at Z cash and Monero which were both designed by security professionals and the most recent vulnerability I just attended a talk on this: https://crypto.stanford.edu/timings/

george.aristy (Fri, 06 Dec 2019 00:24:58 GMT):
Is this nonce or session ID to be provided by the Holder?

MALodder (Fri, 06 Dec 2019 00:26:05 GMT):
Never. It must be supplied by the issuer during credential issuance or the verifier during presentation

MALodder (Fri, 06 Dec 2019 00:28:07 GMT):
Issuer or verifier could specify ahead of time that a reliable source they trust could also serve as the random session Id or nonce like the current root hash of the ledger but then the holder must go to another source instead of the one he needs to

MALodder (Fri, 06 Dec 2019 00:48:15 GMT):
I suppose an issuer or verifier could specify that the holder generate the random number that meets certain requirements but then both ZKP and non-ZKP methods can do that

MALodder (Fri, 06 Dec 2019 00:49:44 GMT):
This approach then requires the issuer or verifier to track these to prevent replays and handle collisions of numbers between holders

troyronda (Fri, 06 Dec 2019 01:13:16 GMT):
what happens with the “higher level” aries protocols?

danielhardman (Fri, 06 Dec 2019 02:47:33 GMT):
did:peer going to DIF is an entirely separate question, and its outcome is not obvious at the moment, though going to DIF is probably more than 50% likely. The higher level protocols remain in Aries.

rjones (Fri, 06 Dec 2019 05:53:49 GMT):
anyone that wants to do this - please send email to community-architects@hyperledger.org

SigmaS 1 (Fri, 06 Dec 2019 06:54:02 GMT):
Hello, i saw this RFC: https://github.com/hyperledger/aries-rfcs/blob/d2e8df9d37a0622a0f013224023b41733fb377a5/concepts/0302-aries-stable/README.md . Are there any prediction dates about the Aries Stable v1.0.0?

CHempel (Fri, 06 Dec 2019 11:55:01 GMT):
Hi, we’re planning on creating a new RFC for simplifying gaining access to a physical and virtual point or service. The idea is to connect a MultiPartyInvitation with something that we call Transaction-ID. Instead we will query for an existing connection matching the endpoint and routing keys in the MultiPartyInvitation. If there is no existing connection it’ll be possible to accept the MultiPartyInvitation and connect. This way it’s not required to create a new connection, for example when trying to login to an application. The biggest benefits kick in after this. The idea is to append a Transaction Record with a ProofRequest and or a CredentialOffer. So, after sending a TransactionResponse from the receiving agent, the appended types will be sent automatically. This time using a direct connection, which was either already established or established in the steps before sending the TransactionResponse. I’ll describe what’s happening in detail in an RFC draft within next week. I’ve already implemented it on a fork of the Aries Framework for .NET and it’s going to be included in the Lissi Wallet App. The fork of the Aries Framework for .NET can be found here: https://github.com/CHempel-esatus/aries-framework-dotnet/tree/feature/transaction What do you all think about this new feature?

CHempel (Fri, 06 Dec 2019 11:55:01 GMT):
Hi, we’re planning on creating a new RFC for simplifying gaining access to a physical and virtual point or service. The idea is to connect a MultiPartyInvitation with something that we call Transaction-ID. Instead of creating a new connection each time, we will query for an existing connection matching the endpoint and routing keys in the MultiPartyInvitation. If there is no existing connection it’ll be possible to accept the MultiPartyInvitation and connect. This way it’s not required to create a new connection, for example when trying to login to an application. The biggest benefits kick in after this. The idea is to append a Transaction Record with a ProofRequest and or a CredentialOffer. So, after sending a TransactionResponse from the receiving agent, the appended types will be sent automatically. This time using a direct connection, which was either already established or established in the steps before sending the TransactionResponse. I’ll describe what’s happening in detail in an RFC draft within next week. I’ve already implemented it on a fork of the Aries Framework for .NET and it’s going to be included in the Lissi Wallet App. The fork of the Aries Framework for .NET can be found here: https://github.com/CHempel-esatus/aries-framework-dotnet/tree/feature/transaction What do you all think about this new feature?

tomislav (Fri, 06 Dec 2019 21:33:24 GMT):
I'm not quite clear what the intent is. Is it to create a workflow where you send a credential based on a previous presentation, or is it to authenticate based on established connection where discriminator is endpoint + key?

CHempel (Fri, 06 Dec 2019 21:53:10 GMT):
The main purpose is to send a proof request after scanning a qr code. Without establishing a new connection. The QR Code content should look like: http://endpoint?t_o=TRANSACTION_ID&c_i=BASE64_CONNECTION_INVITATION On mobile look for a connection to endpoint + routing key. Send Transaction Response to Endpoint using existing connection or establish new connection an send Response afterwards. This way it's possible to map a multiparty invitation to a transaction. Like a Browser Session. The possibility to send and attach something like a credential offer and or a proof request is useful in my opinion. This way you can automate these kind of workflows without changing the main workflow for normal connections.

CHempel (Fri, 06 Dec 2019 21:53:10 GMT):
The main purpose is to send a proof request after scanning a qr code. Without establishing a new connection. The QR Code content should look like: http://endpoint?t_o=TRANSACTION_ID&c_i=BASE64_CONNECTION_INVITATION On mobile look for a connection to endpoint + routing key. Send Transaction Response to Endpoint using existing connection or establish new connection and send Response afterwards. This way it's possible to map a multiparty invitation to a transaction. Like a Browser Session. The possibility to send and attach something like a credential offer and or a proof request is useful in my opinion. This way you can automate these kind of workflows without changing the main workflow for normal connections.

tomislav (Fri, 06 Dec 2019 22:51:34 GMT):
Sounds like connectionless transport. Would the code scanning be an encoded presentation request?

s.weidenbach (Sat, 07 Dec 2019 09:22:48 GMT):
I like the feature because it keeps the amount of connections managable (the existing one can be used for multiple purposes) and the QR code remains small enaugh to scan it comfortably.

tomislav (Sat, 07 Dec 2019 14:56:25 GMT):
I think you can achieve the same functionality by using connectionless transport. A connection is not always needed to facilitate presentation, or even issuance of credentials. I'm still unclear on the exact use case for this, but I'd be happy to dive in deeper.

tomislav (Sat, 07 Dec 2019 14:58:07 GMT):
On the small QR code size, we are currently solving this by utilizing URL shortening services. You take a big URL, shorten it, and use that to encode a QR. In LISSI, you would then scan the code, determine if it has required query params, if not, follow the URL once and get the redirect URL and process that one again.

CHempel (Sat, 07 Dec 2019 15:00:32 GMT):
I will describe a complete use case on Monday. I am also open to do it differently.

tomislav (Sat, 07 Dec 2019 15:00:57 GMT):
Cool, looking forward to learning more about it

CHempel (Sat, 07 Dec 2019 15:02:21 GMT):
Thank you for your participation in this topic!

troyronda (Sat, 07 Dec 2019 16:23:05 GMT):
Was there any summary of kid discussions?

josephboyle (Sun, 08 Dec 2019 01:40:14 GMT):
Are the notes and slides from the Connectathon up somewhere?

Identitywoman (Mon, 09 Dec 2019 04:07:03 GMT):
Specifically where are the outcome notes?

Identitywoman (Mon, 09 Dec 2019 04:10:36 GMT):
I am looking through the notes - https://wiki.hyperledger.org/display/AriesConnect/Meeting+notes

CHempel (Mon, 09 Dec 2019 13:31:33 GMT):
You can find the use cas here: https://github.com/CHempel-esatus/Aries_Transaction/blob/master/Use-Case.md

CHempel (Mon, 09 Dec 2019 13:31:33 GMT):
You can find the use case here: https://github.com/CHempel-esatus/Aries_Transaction/blob/master/Use-Case.md

danielhardman (Mon, 09 Dec 2019 18:02:12 GMT):
Just saw this. I want to be sure @devin-fisher is aware, since is solving a similar problem. I would say that we need a general solution to the problem of trying to accomplish workflow X (e.g., request proof, but also lots of other stuff) independent of the connection status (we might already be connected, or we might not, but we just want to show you a QR code that kicks off the whole process and makes things run to completion). I think that may be a more general use case than what the proposed RFC targets.

danielhardman (Mon, 09 Dec 2019 18:02:12 GMT):
Just saw this. I want to be sure @devin-fisher is aware, since he is solving a similar problem. I would say that we need a general solution to the problem of trying to accomplish workflow X (e.g., request proof, but also lots of other stuff) independent of the connection status (we might already be connected, or we might not, but we just want to show you a QR code that kicks off the whole process and makes things run to completion). I think that may be a more general use case than what the proposed RFC targets.

CHempel (Mon, 09 Dec 2019 18:32:12 GMT):
Thank you for bringing this up @danielhardman. Offering credentials and sending proof requests were the first things that came to mind on this topic. Would be great to work this out in a bigger way. How do you think about getting in touch working on an RFC @devindevin-fisher?

CHempel (Mon, 09 Dec 2019 18:32:12 GMT):
Thank you for bringing this up @danielhardman. Offering credentials and sending proof requests were the first things that came to my mind on this topic. Would be great to work this out in a bigger way. How do you think about getting in touch working on an RFC @devindevin-fisher?

CHempel (Mon, 09 Dec 2019 18:32:12 GMT):
Thank you for bringing this up @danielhardman Offering credentials and sending proof requests were the first things that came to my mind on this topic. Would be great to work this out in a bigger way. How do you think about getting in touch working on an RFC @devin-fisher?

george.aristy (Mon, 09 Dec 2019 18:55:38 GMT):
@danielhardman @CHempel @devin-fisher this is exactly what we need. Let's get together and work on this.

swcurran (Mon, 09 Dec 2019 19:01:54 GMT):
We are also looking at similar issues - reconnecting to an existing connection with an invitation and making connectionless challenges.

mwherman2000 (Mon, 09 Dec 2019 20:14:06 GMT):
Where is the best place to start if you want to DIDComm-enable a hub/data registry? I've looked at: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0005-didcomm ...too conceptual. Is there a good sample that uses DIDComm for something simple like the Alice Buys a Car scenario? I significantly updated the documentation for original Getting Started Guide (https://github.com/mwherman2000/indy-gsg-ea/blob/master/python/doc/getting_started-enterpise.md#scenario-alice-buys-a-car), so I understand the concepts. The GSG used some initial ad-hoc messages. What does a more formal version of these messages and message flows look like in a DIDComm context?

TelegramSam (Mon, 09 Dec 2019 20:34:58 GMT):
I love this conversation! Thanks for everyone involved!

tplooker (Mon, 09 Dec 2019 21:41:57 GMT):
I have quite a few thoughts about this too would love to be involved

CHempel (Tue, 10 Dec 2019 11:51:16 GMT):
I've created a google doc where we can start collecting thoughts and requirements: https://docs.google.com/document/d/1bOpplQPX7vI0nkTyDiKXkHNAhdbQFthwHc6_qQZaBJ4

devin-fisher (Tue, 10 Dec 2019 16:09:47 GMT):
Yeah, I was thinking of a concept that I called `Protocol Invite` (likely a bad name, so very tentatively calling that). Basically, it would be static, out-of-band data structure that would express that a protocol interaction could be started and may provide some additional data to help start that interaction. Additionally, this data could contain information that would allow the scan to find an already existing connection or provide info that would allow it to start the did exchange protocol. I was think of using a publicly resolvable DID that I public entity would associate with all pairwise DID. Using service endpoint and routing keys would not work for Evernym echo system since we use a common service endpoint for all users of our agents and we don't reuse routing keys so there would not way to match. Another think we were thinking about is a alternative path of the DID exchange protocol. I calling it a redirect (also maybe bad name). But basically, if the invitee think that it already has a connection with the inviter, he could send a message redirecting to a already existing connection (maybe provide evidence that it controls that connection via signature). This would result in the protocol not forming a new exchange DID doc but redirecting to already existing connection. Anyway, some thoughts.

CHempel (Tue, 10 Dec 2019 16:59:05 GMT):
Correct me if I got this wrong, but this way you can use your public DID only in one agent?

swcurran (Tue, 10 Dec 2019 18:21:31 GMT):
@tomislav @andrew.whitehead - there is an issue on aries-cloudagent-python (PR https://github.com/hyperledger/aries-cloudagent-python/pull/240) that needs to be resolved. ACA-Py and aries-framework-dotnet are out of sync with the standard. Can the two of you look at this and figure out how to resolve this? Ideally, this would be done to be backwards compatible so that we can independently implement this change without breaking existing code. Is that possible?

TelegramSam (Tue, 10 Dec 2019 18:55:59 GMT):
I've thought of a protocol that allows an agent to share proof of being related to a DID.

TelegramSam (Tue, 10 Dec 2019 18:55:59 GMT):
I've thought about a protocol that allows an agent to share proof of being related to a DID.

TelegramSam (Tue, 10 Dec 2019 18:56:34 GMT):
Th agent doesn't even have to 'own' the public DID necessarily, just prove that it's authorized for representation.

CHempel (Tue, 10 Dec 2019 19:09:46 GMT):
Ok I think I got it, so you want to match endpoint + DID? Wouldn't it make sense to add the public DID to the connection invitation an the connection record in that case? So every agent has the possibility to query for an existing connection either by routing key or DID.

Silona (Wed, 11 Dec 2019 21:09:20 GMT):
Howdy! y'alls quarterly report is due https://wiki.hyperledger.org/display/TSC/2019+12+12+TSC+Agenda

jljordan_bcgov (Wed, 11 Dec 2019 21:29:30 GMT):
We delivered a lot of awesome code and are having fun doing it! Oh, and some RFCs too: :h-aries:

jljordan_bcgov (Wed, 11 Dec 2019 21:30:00 GMT):
Or maybe you are looking for something more robust :stuck_out_tongue_winking_eye:

Silona (Wed, 11 Dec 2019 21:44:23 GMT):
yea dude there is a form to fill out ;-)

Silona (Wed, 11 Dec 2019 21:44:28 GMT):
Hello everyone - Do you know of a developer event that we would like to get some Hyperledger representation at? Please submit it here. The marketing committee will review them all as we go thru our budget for 2020 Thank you! - Silona

swcurran (Wed, 11 Dec 2019 21:52:02 GMT):
@TelegramSam @nage - are y'all taking care of this? Who is running this ship?

nage (Wed, 11 Dec 2019 21:53:09 GMT):
@TelegramSam is the guy from the foundation who should be point on this @lynn.bendixsen might help some. Anyone else’s help is very appreciated

swcurran (Wed, 11 Dec 2019 21:57:01 GMT):
If there is a draft, let us know where and we'll see what we can add.

Silona (Wed, 11 Dec 2019 22:00:59 GMT):
https://wiki.hyperledger.org/display/Marketing/Developer+Events

gcsfred2 (Wed, 11 Dec 2019 22:29:19 GMT):
Hi, someone wrote here about a way to 'authenticate' using QR code in a mobile device. I think the Sovrin demo does the same, but I was looking for pointers to some Aries SDK.

gcsfred2 (Wed, 11 Dec 2019 22:30:23 GMT):
https://github.com/hyperledger/aries lists https://github.com/hyperledger/aries-rfcs https://github.com/hyperledger/aries-cloudagent-python https://github.com/hyperledger/aries-staticagent-python https://github.com/hyperledger/aries-framework-go

gcsfred2 (Wed, 11 Dec 2019 22:31:32 GMT):
Can someone please tell me what SDKs I'll need to implement that 'authentication with QR in mobile' scenario? The more specific the reference the better.

swcurran (Wed, 11 Dec 2019 22:33:08 GMT):
@gcsfred2 - here is a demo that you can run - https://github.com/bcgov/vc-authn-oidc/blob/master/docs/DemoInstructions.md

mboyd (Wed, 11 Dec 2019 22:33:19 GMT):
I believe what you're looking for is something called Verifiable Credential Authentication, or VCAuth for short. The British Columbia Government has created an implementation: https://github.com/bcgov/vc-authn-oidc

mboyd (Wed, 11 Dec 2019 22:33:40 GMT):
@swcurran is who you're looking for :)

gcsfred2 (Wed, 11 Dec 2019 22:34:08 GMT):
Thank you, @swcurran, I'll try to run it.

gcsfred2 (Wed, 11 Dec 2019 22:35:25 GMT):
If you or anyone else has comments on my diagram - specially about the authentication part - feel free to do so. My initial question would be what is encoded in the QR code. My first thought was that somehow a request-credential message is decoded by the mobile app, and that it sends an issue-credential message.

swcurran (Wed, 11 Dec 2019 22:35:40 GMT):
It uses: - https://github.com/bcgov/vc-authn-oidc as an Identity Provider that is called by an IAM like keycloak or gluu. - That in turn uses ACA-Py to interact with the Mobile Agent. - Currently only the Streetcred.id agent (IOS only) works with it, but others are coming Real Soon Now (we hope) - Streetcred's agent is built on aries-framework-dotnet

swcurran (Wed, 11 Dec 2019 22:37:06 GMT):
@gcsfred2 - the QR code is described in the presentation linked to from the instructions above. It is a "request-presentation" method (not a request-credential per se), but that's the same concept that you are thinking about.

mboyd (Thu, 12 Dec 2019 04:28:09 GMT):
I'd be happy to add the meager bit from streetcred around the dotnet implementation

nage (Thu, 12 Dec 2019 05:20:47 GMT):
@TelegramSam has a draft in a google doc that needs to be moved to the wiki

TelegramSam (Thu, 12 Dec 2019 14:07:58 GMT):
https://wiki.hyperledger.org/display/HYP/2019+Q4+Hyperledger+Aries

TelegramSam (Thu, 12 Dec 2019 14:08:41 GMT):
Next time we do this, I'll be more on the ball and invite collaborative creation on the creation of the report.

TelegramSam (Thu, 12 Dec 2019 14:42:21 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24778387

mtfk (Thu, 12 Dec 2019 20:23:18 GMT):
@swcurran have qucik question what is the purpose of aries-acapy-plugin-toolbox? why it is required? Is it just about lack of compatibility between endpoits in indy vs aca-py?

mtfk (Thu, 12 Dec 2019 20:23:18 GMT):
@swcurran have quick question what is the purpose of aries-acapy-plugin-toolbox? why it is required? Is it just about lack of compatibility between endpoits in indy vs aca-py?

mtfk (Thu, 12 Dec 2019 20:24:19 GMT):
why it is even needed wouldn't be easier to modify toolbox to point to proper endpoints? or I am missing something here?

swcurran (Thu, 12 Dec 2019 20:24:44 GMT):
I don't know. We didn't build that. @TelegramSam - can you answer those questions?

mtfk (Thu, 12 Dec 2019 20:48:37 GMT):
is there any other toolbox which works out of box with aca-py? or any other UI?

swcurran (Thu, 12 Dec 2019 21:07:13 GMT):
There is the swagger UI that is described in the /demo folder. There is the https://github.com/hyperledger/aries-toolbox that @TelegramSam and @dbluhm developed. I've not had a chance to play with it, but will Real Soon Now...

mtfk (Thu, 12 Dec 2019 21:11:04 GMT):
I am aware of swagger and I am using it already but wanted to try aries-toolbox but don't get the connection between aries-toolbox and aca-py plugin what was the reasoning behind it. I think we would need to wait for @TelegramSam or @dbluhm to get a bit more info about that.

mtfk (Thu, 12 Dec 2019 21:11:04 GMT):
I am aware of swagger and I am using it already but wanted to try aries-toolbox but don't understand how aries-toolbox is connected with aca-py plugin what was the reasoning behind it. I think we would need to wait for @TelegramSam or @dbluhm to get a bit more info about that.

TelegramSam (Thu, 12 Dec 2019 22:49:22 GMT):
The toolbox works with ACApy out of the box, but with quite limited support.

TelegramSam (Thu, 12 Dec 2019 22:49:49 GMT):
We have developed a plugin for ACApy that can be loaded via an argument that adds additional protocols for administrative tasks.

TelegramSam (Thu, 12 Dec 2019 22:50:05 GMT):
So if you use the plugin, you can do more with ACApy.

swcurran (Thu, 12 Dec 2019 22:52:41 GMT):
@TelegramSam - please note that with 0.4.0 of ACA-Py, there is a change to how plugins are deployed. If you haven't already, please update to use the new approach. Thanks

cam-parra (Thu, 12 Dec 2019 23:04:32 GMT):
@swcurran do you have documentation on how to deploy ACA-Py on aws? if you do and can share that it be awesome :)

mtfk (Thu, 12 Dec 2019 23:11:03 GMT):
but why a plugin instead of extending toolbox?

mtfk (Thu, 12 Dec 2019 23:12:04 GMT):
my understanding is that toolbox is just set of rest api calls which allow you to interact with the agent (isn't that the case?) Means if aca-py provides some features it should be added directly into toolbox to support aca-py agent

mtfk (Thu, 12 Dec 2019 23:12:26 GMT):
my understanding is that toolbox is just set of rest api calls which allow you to interact with the agent (isn't that the case?) Means if aca-py provides some features it should be added directly into toolbox to support aca-py agent

mtfk (Thu, 12 Dec 2019 23:13:28 GMT):
with some code modification (sent PR) I was able to run it against recent master aca-py but didn't manage to transport credentials, seems like credential is issued but other side never gets anything. Did that suppose to work?

mtfk (Thu, 12 Dec 2019 23:20:41 GMT):
do you mean change of the package for protocol_registry to core or there is something in addition?

andrew.whitehead (Thu, 12 Dec 2019 23:24:31 GMT):
Since 0.3.5 the --protocol argument also changed to --plugin

swcurran (Thu, 12 Dec 2019 23:28:19 GMT):
I don't think so. Lots about using docker locally and using OpenShift (k8s), but I don't think there is anything on AWS. We've also deployed it to Digital Ocean, but I think a dev did that undercover, so I don't have the docs. Sorry. Hmm...also deployed by another dev I know to AWS, but he's out on an extended break until into 2020. If you deploy it, please keep rough notes and let me know what you have. I can polish and publish.

swcurran (Thu, 12 Dec 2019 23:29:38 GMT):
Maybe @CHempel can get some notes about ACA-Py on AWS from Micha Kraus?

cam-parra (Thu, 12 Dec 2019 23:44:14 GMT):
Another thing I am interested is in documentation on credential issuing on ACA-py

cam-parra (Thu, 12 Dec 2019 23:44:14 GMT):
Another thing I am interested is in documentation on credential issuing on ACA-py. Is there any updates regarding this?

swcurran (Thu, 12 Dec 2019 23:52:53 GMT):
Just that we use the v1.0 almost exclusively now. The admin endpoints are there. I have not updated those sections of "Becoming an Aries Dev" for those yet.

Yoroitchi (Fri, 13 Dec 2019 11:00:57 GMT):
Hi everyone. I going to make an Android mobile agent for a PoC. I'm not sure on how to do it as there is no aries sdk available for now. So my question is should i use libvcx or something else ?

gnarula (Fri, 13 Dec 2019 14:21:20 GMT):
Hi! I'm a bit confused on how the connection protocol would work on a mobile device. Let's the scenario where an edge agent (mobile) would want to register with an agency (running aca-py). I'm assuming the interaction happens like 1. Edge agent gets the invitation from the agency (say by visiting a particular endpoint that just churns out invitations for simplicity). 2. Edge agent receives the invitation 3. Edge agent accepts the invitation and sends a connection request (this requires an endpoint for the edge agent) 4. Agency responds with a connection-response and 5. Edge agent sends an ack. My question is why does the edge agent require an endpoint at step 3 if they can a duplex channel open say over WebSockets?

swcurran (Fri, 13 Dec 2019 15:20:06 GMT):
Fastest starting point is probably OSMA (Open Source Mobile Agent) - https://github.com/mattrglobal/osma

swcurran (Fri, 13 Dec 2019 15:21:43 GMT):
It embeds the aries-framework-dotnet (formerly called agent-framework) into a Xamerin package that can be built for Android and IOS. I know that others have successfully deployed an Android agent based on that stack.

Yoroitchi (Fri, 13 Dec 2019 15:23:19 GMT):
Seems to be a fair starting point

swcurran (Fri, 13 Dec 2019 15:39:26 GMT):
I've not looked at that before, but it would be great if you kept a log of the process and made that available to others.

swcurran (Fri, 13 Dec 2019 15:39:56 GMT):
Perhaps that's already there, but if not, it would be appreciated.

Yoroitchi (Fri, 13 Dec 2019 15:40:26 GMT):
If I achieve it, yes with pleasure

swcurran (Fri, 13 Dec 2019 15:51:14 GMT):
FYI: Aries Cloud Agent - Python Release 0..4.0 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.0. This release has some internally breaking changes to the location of protocols and the handling of external plugins. The `--protocol` start up parameter has been changed to `--plugin` to reflect the broader range of capabilities that can be added through plugins. Other changes include the unit test coverage being significantly increased, the demo apps now using the v1.0 credential exchange protocols and support added for requesting connection-less proofs. Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

gnarula (Fri, 13 Dec 2019 16:51:10 GMT):
another related question is if the cloud agent is supposed to relay all the messages to the edge agent, wouldn't it have the ability to correlate all the pair-wise DIDs for a particular domain? If the cloud agent is provisioned by the agency, wouldn't this give the agency the ability to correlate pair-wise DIDs?

swcurran (Fri, 13 Dec 2019 17:12:26 GMT):
Short answer - yes. The idea is that the agency is semi-trusted - it can relay messages to (and optionally, from) the edge agent, but it can't see inside them - who they are from, what they are about. As such, it's possible to prevent it from learning a lot except about frequency and timing of messages. That said, while we expect the mobile agent and the agency to be from the same vendor, it is definitely possible (because of the standardization of the protocols) for the mobile agent to be independent of the agency, to use multiple agencies, and even to receive and send messages for the same relationship using different agencies. Lots of options, depending on the use case.

MALodder (Fri, 13 Dec 2019 18:08:52 GMT):
Whoever routes does have some insight as to whom is receving the messages. That

MALodder (Fri, 13 Dec 2019 18:08:52 GMT):
Whoever routes does have some insight as to whom is receving the messages. That's the way it is for now

jljordan_bcgov (Fri, 13 Dec 2019 23:41:19 GMT):
When you say “whom” I think that means perhaps at a network level ...

barrysieg (Sun, 15 Dec 2019 13:29:48 GMT):
@swcurran Hi all, I was able to go through the How-To steps and got it working. There seem to be no clarity deploying TOB. Is there any goto guide for deploying TOB for production?

gnarula (Mon, 16 Dec 2019 13:50:09 GMT):
how about this for an alternative: say the agency is serving `N` edge agents and it maintains `K` buckets (where `K` << `N`). Every edge agent subscribes to `k` out of `K` buckets where `k` depends on the DIDs it wants to receives communications for. On receiving a message, the agency determines the bucket it belongs to and broadcasts all edge agents the message. Now only the one having the private key for the message would be able to retrieve the actual message. Now while this is expensive on the network, it would prevent the agency from correlating DIDs. Is there anything that I'm overlooking here?

gnarula (Mon, 16 Dec 2019 13:50:09 GMT):
how about this for an alternative: say the agency is serving `N` edge agents and it maintains `K` buckets (where `K` << `N`). Every edge agent subscribes to `k` out of `K` buckets where `k` depends on the DIDs it wants to receives communications for. On receiving a message, the agency determines the bucket it belongs to and broadcasts the message to all edge agents subscribing to that bucket. Now only the one having the private key for the message would be able to retrieve the actual message. Now while this is expensive on the network, it would prevent the agency from correlating DIDs. Is there anything that I'm overlooking here?

gnarula (Mon, 16 Dec 2019 13:50:09 GMT):
how about this for an alternative: say the agency is serving `N` edge agents and it maintains `K` buckets (where `K` << `N`). Every edge agent subscribes to `k` out of `K` buckets where `k` depends on the DIDs it wants to receives communications for. On receiving a message, the agency determines the bucket it belongs to and broadcasts the message to all edge agents subscribed to that bucket. Now only the one having the private key for the message would be able to retrieve the actual message. Now while this is expensive on the network, it would prevent the agency from correlating DIDs. Is there anything that I'm overlooking here?

gnarula (Mon, 16 Dec 2019 13:50:09 GMT):
how about this for an alternative: say the agency is serving `N` edge agents and it maintains `K` buckets (where `K` << `N`). Every edge agent subscribes to `k` out of `K` buckets where `k` depends on the DIDs it wants to receives communications for. On receiving a message, the agency determines the bucket it belongs to and broadcasts the message to all edge agents subscribed to that bucket. Now only the one having the private key for the message would be able to retrieve the actual message. While this is expensive on the network, it would prevent the agency from correlating DIDs. Is there anything that I'm overlooking here?

jrallen (Mon, 16 Dec 2019 14:52:13 GMT):
Hello devs of aries-framework-dotnet, you don't allow issues in your GitHub repo, so it is hard to tell you when something doesn't work. Using port 5037 as the grok control port makes add fail silently, making it difficult to develop mobile wallets in android that talk to your agent!

tomislav (Mon, 16 Dec 2019 15:20:42 GMT):
I'll ask an admin to enable this for us.

tomislav (Mon, 16 Dec 2019 15:21:13 GMT):
Are you referring to ngrok setup by the scripts?

filip.burlacu (Mon, 16 Dec 2019 15:49:15 GMT):
I'm writing an RFC that involves aries agents acting as relays, where the relayed message is transported over DIDComm on one side, and on some non-DIDComm channel/protocol. My question is, do the RFCs already define behaviour for such relays? For example, how to handle threading when you have DIDComm on one side and a duplex protocol on the other. Should I work on defining this myself?

jrallen (Mon, 16 Dec 2019 15:55:07 GMT):
Yes. ./scripts/start-web-agents.sh and web-agents-ngrok-config.yaml specifies port 5037 for grok control, which is the default port for adb. and adb silently hangs when talking to an HTTP server.

jrallen (Mon, 16 Dec 2019 15:55:07 GMT):
Yes. ./scripts/start-web-agents.sh and web-agents-ngrok-config.yaml specifies port 5037 for ngrok control, which is the default port for adb. and adb silently hangs when talking to an HTTP server.

tomislav (Mon, 16 Dec 2019 16:00:17 GMT):
That's not good. What would be a good port to map it to other than 5037?

jrallen (Mon, 16 Dec 2019 16:05:20 GMT):
how about removing web_addr and letting it default to 4040 (https://ngrok.com/docs)

filip.burlacu (Mon, 16 Dec 2019 18:03:11 GMT):
I recently proposed an RFC for a means to tunnel HTTP over DIDComm I've split a portion of that work into a separate RFC, that deals solely with the transmission of generic messages over DIDComm between entities that might not be aries agents https://github.com/hyperledger/aries-rfcs/pull/351

priyashankar (Tue, 17 Dec 2019 04:13:01 GMT):
What is CRED_PREVIEW_TYPE as listed in demo issuer agents within the aries-cloudagent repo?

swcurran (Tue, 17 Dec 2019 04:48:46 GMT):
It is defined in the Issue Credential RFC 0036 - this section: https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential#preview-credential

swcurran (Tue, 17 Dec 2019 04:48:46 GMT):
I believe it is defined in the Issue Credential RFC 0036 - this section: https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential#preview-credential If that doesn't seem right, please point out where in the code you found the entity.

priyashankar (Tue, 17 Dec 2019 06:40:25 GMT):
@swcurran Thank you. You'll find that in each demo runner agent file (faber.py, alice.py, acme.py), CRED_PREVIEW_TYPE = ( "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/issue-credential/1.0/credential-preview" ) Why is this particular DID (did:sov:BzCbsNYhMrjHiqZDTUASHg) always listed? Is it like a reference or there is something else to it?

priyashankar (Tue, 17 Dec 2019 11:00:56 GMT):
#Running an Issuer agent demo (faber) in the aries-cloudagent repo, #L132 (./demo/faber.py) await agent.register_did() On inspecting the register_did() method in agent.py, I find that a DID is basically getting registered on the DEV ledger using a SEED on the /register endpoint. #L122 (./demo/runners/support/agent.py) self.seed = ( ("my_seed_000000000000000000000000" + rand_name)[-32:] if seed == "random" else seed ) Afterwards, when I GET on /wallet/did/public, I get the same public DID. How come the DID created using the SEED is stored in the agent wallet? I think I'm missing something here.

priyashankar (Tue, 17 Dec 2019 11:00:56 GMT):
I am running an issuer demo agent (faber) in the aries-cloudagent repo. #L132 (./demo/faber.py) await agent.register_did() On inspecting the register_did() method in agent.py, I find that a DID is basically getting registered on the DEV ledger using a SEED on the /register endpoint. #L122 (./demo/runners/support/agent.py) self.seed = ( ("my_seed_000000000000000000000000" + rand_name)[-32:] if seed == "random" else seed ) Afterwards, when I GET on /wallet/did/public, I get the same public DID. How come the DID created using the SEED is stored in the agent wallet? I think I'm missing something here.

priyashankar (Tue, 17 Dec 2019 11:00:56 GMT):
I am running an issuer demo agent (faber) in the aries-cloudagent repo. #L132 (./demo/faber.py) await agent.register_did() On inspecting the register_did() method in agent.py, I find that a DID is basically getting registered on the DEV ledger using a SEED on the /register endpoint. #L122 (./demo/runners/support/agent.py) self.seed = ( ("my_seed_000000000000000000000000" + rand_name)[-32:] if seed == "random" else seed ) Afterwards, when I GET on http://localhost:8021/wallet/did/public, I get the same public DID. How come the DID created is stored in the agent wallet? I think I'm missing something here.

priyashankar (Tue, 17 Dec 2019 11:00:56 GMT):
I am running an issuer demo agent (faber) in the aries-cloudagent repo. #L132 (./demo/faber.py) await agent.register_did() On inspecting the register_did() method in agent.py, I find that a DID is basically getting registered on the DEV ledger using a SEED on the /register endpoint at the LEDGER_URL. #L122 (./demo/runners/support/agent.py) self.seed = ( ("my_seed_000000000000000000000000" + rand_name)[-32:] if seed == "random" else seed ) Afterwards, when I GET on http://localhost:8021/wallet/did/public, I get the same public DID. How come the DID created is stored in the agent wallet? I think I'm missing something here.

tomislav (Tue, 17 Dec 2019 13:19:33 GMT):
Issues are now enabled on the repo - https://github.com/hyperledger/aries-framework-dotnet/issues

gnarula (Tue, 17 Dec 2019 13:59:55 GMT):
That's because when the agent is started, the wallet is initialized with a context that contains the seed (core/conductor.py:131). The seed creates and saves the same DID in the wallet as was registered on the ledger (config/wallet.py:48, wallet/base.py:166, wallet/indy.py:338). The public did is read from the wallet (wallet/base.py:177, wallet/indy.py:377) when you do a GET request

jrallen (Tue, 17 Dec 2019 16:15:25 GMT):
thanks. Now for something completely different. Nuget says that https://www.nuget.org/packages/AgentFramework.Core/ is still being published, 4.3.0 a month ago.

jrallen (Tue, 17 Dec 2019 16:16:05 GMT):
But the source for it seems to be in aries-framework-dotnet, and there, the package name should be Hyperledger.Aries. How does that work exactly?

jrallen (Tue, 17 Dec 2019 16:17:31 GMT):
When/how will Osma be updated to point to Hyperledger.Aries instead of AgentFramework.Core?

tomislav (Tue, 17 Dec 2019 16:22:08 GMT):
AgentFramework.* packages are obsolete, and replaced with Hyperledger.Aries.*. The code is pretty much the same. I don't know when OSMA will be updated to be honest, it should be just a matter of refactoring some namespaces

tomislav (Tue, 17 Dec 2019 16:22:08 GMT):
AgentFramework.\* packages are obsolete, and replaced with Hyperledger.Aries.\*. The code is pretty much the same. I don't know when OSMA will be updated to be honest, it should be just a matter of refactoring some namespaces

tomislav (Tue, 17 Dec 2019 16:22:08 GMT):
AgentFramework.** packages are obsolete, and replaced with Hyperledger.Aries.**. The code is pretty much the same. I don't know when OSMA will be updated to be honest, it should be just a matter of refactoring some namespaces

tomislav (Tue, 17 Dec 2019 16:22:08 GMT):
AgentFramework.*** packages are obsolete, and replaced with Hyperledger.Aries.**. The code is pretty much the same. I don't know when OSMA will be updated to be honest, it should be just a matter of refactoring some namespaces

tomislav (Tue, 17 Dec 2019 16:22:08 GMT):
AgentFramework.*** packages are obsolete, and replaced with Hyperledger.Aries.***. The code is pretty much the same. I don't know when OSMA will be updated to be honest, it should be just a matter of refactoring some namespaces

tomislav (Tue, 17 Dec 2019 16:24:35 GMT):
when we moved the repo over to Hyperledger, we didn't change the packages and namespaces immediately

jrallen (Tue, 17 Dec 2019 16:25:08 GMT):
osma is the only game in town for open source mobile agents. and yet Osma seems to be not actively maintained? Not criticising, just trying to understand what are realistic things I can/should build upon.

tomislav (Tue, 17 Dec 2019 16:26:09 GMT):
aries dotnet is actively maintained and we are building at least two commercial mobile agents on top of it. I'd be happy to help you get started with it.

jrallen (Tue, 17 Dec 2019 16:26:28 GMT):
Also, I'm not understanding how "AgentFramework packages are obsolete" goes with "4.3.0 released last month".

tomislav (Tue, 17 Dec 2019 16:27:02 GMT):
It means they will not receive updates. All updates are pushed to Hyperledger.Aries packages

jrallen (Tue, 17 Dec 2019 16:27:14 GMT):
I'm having good success with the server-side agent. I'm having trouble understanding where the focus of community effort related to mobile agents are.

jrallen (Tue, 17 Dec 2019 16:27:47 GMT):
Ok, got it. Do Osma committers (you?) would be open to a PR that changed Osma to Hyperledger.Aries, then?

tomislav (Tue, 17 Dec 2019 16:28:30 GMT):
It would have to approved by someone from Mattr, but yes, feel free to create a PR

jrallen (Tue, 17 Dec 2019 16:28:38 GMT):
(will unfortunately be dropping offline in a few minutes, sorry to start chatting and then bolt)

victor.martinez (Tue, 17 Dec 2019 18:26:38 GMT):
Hi @tomislav, quick question, is aries dotnet interoperable out of the box with aries cloud agent or only the comercial streetcred mobile agent version ?

victor.martinez (Tue, 17 Dec 2019 18:36:26 GMT):
The other question that I have is , a part from Osma and .net Aries framework , do you know if in a near future there will be any open source mobile agent framework available for native Android ? If not, then the available comercial option would be vcx java libraries from Evernym ? (not sure here if vcx libs are interoperable with aries cloud agent)

tomislav (Tue, 17 Dec 2019 18:42:42 GMT):
aries dotnet is compatible with acapy

tomislav (Tue, 17 Dec 2019 18:44:06 GMT):
I'm not aware of a native java framework. Vcx java wrapper is an option, and I believe Evernym is working on the interoperability piece.

mtfk (Tue, 17 Dec 2019 22:16:49 GMT):
Recently we dive into the future and talk a bit about integration between TDA (Trust Digital Assistant - aka digital wallet) and the data vault during myData webinar about which you can read more here: https://mydata.org/webinars/ and here is direct link to the wallet vs data vault webinar: https://youtu.be/CwWUxYk75r8 Cheers! And let me know if you have any thoughts about that topic.

swcurran (Tue, 17 Dec 2019 23:27:57 GMT):
I've update the Aries Interop Profile (AIP) RFC with updates from the Connectathon and to the links to make them to the most current compatible RFCs. The updated protocols do not have any changes from previous links - just some clarifications. I'm planning on merging the PR later today, barring objections. https://github.com/hyperledger/aries-rfcs/pull/350

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 05:56:00 GMT):
Hi Team ,I am thinking to develop a POC with mobile application

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 05:56:59 GMT):
but i am confused ,as we have liberaries from indy as well aries. I am confused ,in what way shall i implement those liberaries. Shall i use indy liberaries for the whole Project or aries

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 05:57:28 GMT):
As per my knowledge , Aries as of now doesn't have a mature library for nodejs

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 05:58:00 GMT):
and also for mobile qr scanning or mobile to mobile communication we need Aries libraries

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 05:58:12 GMT):
What you guys suggest ?

jrallen (Wed, 18 Dec 2019 08:06:14 GMT):
Good morning everyone. Head's up, I'm deep into preparing a couple of PRs, one that fixes Aries-framework-dotnet/samples/xamarin-forms to use the new Hyperledger.Aries namespace and one for Osma that does the same thing. I'm currently at the point where things are compiling but not working. My plan is that even if I'm still stuck later today, I will post what I have so that people can look at it with me.

domwoe (Wed, 18 Dec 2019 08:32:39 GMT):
Are all credentials in the OrgBook issued to a single link/master secret?

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 11:43:11 GMT):
HI Team .. is aries-framework-javascript mature enough to use ?

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 11:43:34 GMT):
can i use it instead indy-sdk for mobile and desktop app

tomislav (Wed, 18 Dec 2019 13:25:04 GMT):
Thank you for updating these. Some of the static libraries in the references may be outdated, you can replace them with precompiled libs from https://repo.sovrin.org

tomislav (Wed, 18 Dec 2019 13:25:32 GMT):
Let me know if you get stuck or run into an issue

ajayjadhav (Wed, 18 Dec 2019 14:41:52 GMT):
Hello @IWontDiscloseMyIdentity - aries-framework-javascript is not yet ready to use. So, as of now you need to rely on indy-sdk (node.js wrapper) ..

ajayjadhav (Wed, 18 Dec 2019 14:52:22 GMT):
Hi Everyone, I am wondering if it is possible today to generate a proof unprompted, without a proof request from a verifier?

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 14:55:24 GMT):
So which one shall i prefer

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 14:55:36 GMT):
cloudagent python , .net ramework

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 14:55:53 GMT):
and thanks for the help

esplinr (Wed, 18 Dec 2019 14:58:56 GMT):
We're about to start the Aries WG A call: https://zoom.us/j/244779296

ajayjadhav (Wed, 18 Dec 2019 14:59:00 GMT):
You can start with aries-framework-dotnet. However, It really depends on your tech stack preference and use case you're trying to build...

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:03:04 GMT):
ok , I am more familiar with the indy-sdk but not with aries-framework

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:03:16 GMT):
so i think i will go for .net framework

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:03:33 GMT):
are both libraries compatible with each other

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:03:44 GMT):
suppose for mobile i used aries and for webapp i used indy

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:03:57 GMT):
will it be able to read and share the Vcs to WebApp

IWontDiscloseMyIdentity (Wed, 18 Dec 2019 15:04:05 GMT):
which is using indy-sdk in backend

ianco (Wed, 18 Dec 2019 15:14:15 GMT):
You should use an Aries library for the web app as well. All Aries libraries should be compatible with each other.

ianco (Wed, 18 Dec 2019 15:14:47 GMT):
If you use Indy for the web app (but not aries) you won't have the full application-to-application protocols available

swcurran (Wed, 18 Dec 2019 15:18:11 GMT):
Yes. The holder is the OrgBook itself. The credentials are not issued to the organizations until they have their own agent to hold them. All of the claims contain public information.

andrew.whitehead (Wed, 18 Dec 2019 16:03:41 GMT):
I think for the forward messages I agree with updating the RFC to indicate a) a message in string format for version 1.0, and b) a version 1.1 which uses a JSON object. Presumably the object is the 'newer' version we want people to adopt

tomislav (Wed, 18 Dec 2019 16:30:22 GMT):
I agree with this. It would preserve existing compatibility, while providing pathway to support both protocols in future.

gnarula (Wed, 18 Dec 2019 16:37:14 GMT):
Hi everyone! I wonder if RFCs 0103-indirect-identity-control and 0104-delegatable-credentials are on the development roadmap in the near future for an agent. I'm working on something that requires delegation and I'd love to use this opportunity to contribute to aries :)

swcurran (Wed, 18 Dec 2019 17:23:05 GMT):
I don't know the steps to get them in, but I think they are awhile from being accessible at the Aries level. @danielhardman might have more knowledge in this area.

TelegramSam (Wed, 18 Dec 2019 17:40:11 GMT):
A breaking change needs to be a Major Version (2.0). Really, we should have used 0.1 for what is currently 1.0, and 0.2 for this next version.

TelegramSam (Wed, 18 Dec 2019 17:40:20 GMT):
As it is, going backwards is hard.

TelegramSam (Wed, 18 Dec 2019 17:40:30 GMT):
So I vote 2.0 to indicate a breaking change.

andrew.whitehead (Wed, 18 Dec 2019 17:41:00 GMT):
I think we might just update our implementations to use the object format instead

tomislav (Wed, 18 Dec 2019 17:42:58 GMT):
I tested the change according to RFC, unit tests pass. We'll be able to coordinate this with Andrew and his team and get this out the door soon

TelegramSam (Wed, 18 Dec 2019 18:59:33 GMT):
DIF DIDComm WG Meeting, on Now: https://docs.google.com/document/d/1BpTm5SmgfOJcEsXfizO0ZmH1r7imTJDGKudAZtYsm0M/edit#

filip.burlacu (Wed, 18 Dec 2019 21:32:30 GMT):
So I'll take my agenda item here for anyone who's sticking around :)

filip.burlacu (Wed, 18 Dec 2019 21:39:26 GMT):
The idea behind RFC 0351: Generic JSON Message is to allow two parties, which communicate via some protocol, to communicate with each other using DIDComm as a "tunnel", to transport the messages from one to the other. This RFC stitches together various features already present within the Aries design, and adds the missing piece, a message type which can itself be used to carry payloads of usage-dependent format.

filip.burlacu (Wed, 18 Dec 2019 21:45:03 GMT):
To that end, the new message type provides fields for namespacing the message contained within, so one agent could transport multiple types of message, perhaps for multiple clients, also allowing the recipient of a message to know how to process it. This is analogous to how DIDComm messages themselves have a type specifier, but this is not meant to be standardized since the expectation is that further protocols could standardize types/schemas on top, while developers deploying Aries agents for a tunnelling purpose could define their own types and schemas for their specific use case.

filip.burlacu (Wed, 18 Dec 2019 21:47:46 GMT):
HTTP over DIDComm is one such protocol, using this same specification to transparently carry HTTP messages between a client and server.

kdenhartog (Thu, 19 Dec 2019 01:07:48 GMT):
I don't believe this is possible without impacting the security guarantees of the CL signature cryptography. My understanding is that a part of the generation of the proof is that the verifier needs to generate a nonce which if the holder can predict then they can generate invalid proofs that appear valid. In the case of none CL signature based credentials, not including that nonce means that there's potential for replay attacks. @MALodder or @brentzundel would you mind confirming this for me or providing the correct answer?

swcurran (Thu, 19 Dec 2019 02:17:16 GMT):
Technically it can be done - we've used that technique for a couple of reasons. How you achieve trust in the proof is up to you. For example, we used it in proving that offline credentials could be proven.

kdenhartog (Thu, 19 Dec 2019 02:19:49 GMT):
Hmm that's interesting. I'm curious what the other two think of doing this. I was under the impression the nonce was need for the cryptographic security, but this opens up a new set of possibilities if it's acceptable.

brentzundel (Thu, 19 Dec 2019 04:05:52 GMT):
The nonce is necessary, and it shouldn't be supplied by the holder, but that doesn't mean the verifier needs to supply it. It could come from an agreed upon public source, like the root hash of the ledger at a specific time and date.

IWontDiscloseMyIdentity (Thu, 19 Dec 2019 04:18:24 GMT):
thanks alot sir for showing the clear picture

esplinr (Thu, 19 Dec 2019 15:24:30 GMT):
The Identity Implementers WG call starts in 35 minutes. Please note that the Zoom link has changed. The correct link is in the community calendar and the meeting agenda: https://zoom.us/j/244779296 https://wiki.hyperledger.org/display/IWG/2019-12-19+Identity+WG+Implementers+Call

TelegramSam (Thu, 19 Dec 2019 16:27:31 GMT):
Aries WG Afternoon Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24778954

danielhardman (Thu, 19 Dec 2019 19:37:12 GMT):
Just to be clear: the security issue that @kdenhartog raised and that @brentzundel commented on is not unique to ZKPs or CL signatures. If you prove something with any credential type, without someone asking you for the proof, there is a problem with replay attacks. This is because anyone can capture your proof and replay it at any time. The thing that protects the verifier from replay, with any credential type, is a nonce that the verifier supplies.

kdenhartog (Thu, 19 Dec 2019 19:43:52 GMT):
@swcurran what did you use as the source of randomness to get that working? @danielhardman thanks for clarifying that.

swcurran (Thu, 19 Dec 2019 19:51:11 GMT):
In our case, we were looking at the use case of in-person proofing. In the envisioned scenario, the holder would proof image and older-than. The inclusion of the image in an in-person proof is sufficient to get around replay attacks.

swcurran (Thu, 19 Dec 2019 19:52:33 GMT):
Could be used in many in-person scenarios, with different standard proof requests being used, generated by the holder, proven and provided to the verifier.

ajayjadhav (Thu, 19 Dec 2019 20:01:12 GMT):
@danielhardman I get the point of risk of replay attack by capturing my proof. I was thinking of the UX for presentation scenarios where digital proof generation need not be as formal as applying for a job. E.g. a) Proving my age to the bartender, or b) standing in the fast movies queue at the entry to the airport and showing/waiving my digital passport to the security personal. In short, generating a proof without someone requesting for it.

ajayjadhav (Thu, 19 Dec 2019 20:03:51 GMT):
Exactly, both the examples I mentioned are in-person scenario...

ajayjadhav (Thu, 19 Dec 2019 20:03:51 GMT):
@swcurran Exactly, both the examples I mentioned are in-person scenario...

brentzundel (Thu, 19 Dec 2019 20:07:24 GMT):
even in-person, what guarantees does the verifier have that the proof is fresh without some sort of nonce?

ajayjadhav (Thu, 19 Dec 2019 20:10:14 GMT):
@brentzundel so we need to think of some sort of randomness, in any case

swcurran (Thu, 19 Dec 2019 20:28:46 GMT):
The point is the freshness of the proof doesn't matter in the use cases we're talking about. The picture provides the necessary information for trust.

swcurran (Thu, 19 Dec 2019 20:30:53 GMT):
Not that in an online use case, there is no need for the prover to generate the proof request.

swcurran (Thu, 19 Dec 2019 20:31:25 GMT):
The original question was whther it was technically possible and the answer is yes. Is it a good idea? Different question.

brentzundel (Thu, 19 Dec 2019 20:34:24 GMT):
Okay, that's easier. Can it be done? yes. Is it a good idea? in almost all cases, no. And even those cases that seem okay should be very closely examined and rare.

tplooker (Thu, 19 Dec 2019 20:34:42 GMT):
@jrallen I have been working on a refactor of OSMA to update it to the aries packages I will link the PR when it is ready or the branch

george.aristy (Thu, 19 Dec 2019 21:32:01 GMT):
@swcurran doesn't sharing that picture represent a privacy breach?

swcurran (Thu, 19 Dec 2019 21:46:43 GMT):
Depends on the jurisdiction. I'm told that in Chicago, when they scan your driver's licence, they (a) store the data, (b) take and keep a picture of the licence and (c) take a picture of the person presenting. This is used to show evidence that minors are not being served. That's a privacy breach! But yes, that is a fair question.

swcurran (Thu, 19 Dec 2019 21:46:43 GMT):
Depends on the jurisdiction. I'm told that in Chicago, when they scan your driver's licence, they (a) store the data, (b) take and keep a picture of the licence and (c) take a picture of the person presenting. This is used to show evidence that minors are not knowlingly being served. That's a privacy breach! But yes, that is a fair question.

swcurran (Thu, 19 Dec 2019 21:49:32 GMT):
Also arguable because of the consent in presenting the picture. Daniel Hardman has suggested the approach of providing a fuzzy version of a biometric (such as a picture) that is not precise. Might apply in the case.

jrallen (Fri, 20 Dec 2019 15:50:12 GMT):
So as you can see from the PR, I managed to update aries-framework-dotnet. With Osma, the changes were easy enough to make, but we never got it working, too many moving pieces and too much uncertainty about what should go where.

jrallen (Fri, 20 Dec 2019 15:52:05 GMT):
It would really help to have a solid set of servers and clients to be able to evaluate this technology. Right now Gaurav and I are scratching our heads trying to understand what's supposed to be working. what's known not to work, etc. We are trying to find out where we can fit into this ecosystem constructively, but so far failing. Perhaps it will feel different after Christmas vacation.

jrallen (Fri, 20 Dec 2019 15:52:23 GMT):
So, with that, signing off for 2 weeks. See y'all in Jan 2020!

lijiachuan (Mon, 23 Dec 2019 08:42:29 GMT):
Hello Team, may I know where can I find the tutorials about how to use Aries DotNet Framework? From below website, only the initial setup of the environment seems like with latest Aries framework information, but in the sample folder's code is still using AgentFramework's version of code, so may I have anyone's instruction about after setup one local environment, how can I make this agent work with the indy test network? Thanks a lot. https://github.com/hyperledger/aries-framework-dotnet

HarpreetNanda (Mon, 23 Dec 2019 21:14:34 GMT):
@WadeBarnes - Hi. This is Harpreet from ISED

WadeBarnes (Mon, 23 Dec 2019 21:18:28 GMT):
@esune, @swcurran, @HarpreetNanda is a develper at ISED (Government of Canada). He's been looking at vc-auth-oidc for SSI and has some questions.

HarpreetNanda (Mon, 23 Dec 2019 21:18:29 GMT):
I am trying to replicate the bc law society demo. I have an oidc controller and an agent and a realm def similar to the one in the demo ( in my k.c on openshift). I created a presentation req and an passing that as an argument from the K.C

HarpreetNanda (Mon, 23 Dec 2019 21:18:55 GMT):
I end up on the verification flow and I have setup streetcred.id on a test iphone

HarpreetNanda (Mon, 23 Dec 2019 21:19:12 GMT):
but when I scan teh QR code ..it just crashes

HarpreetNanda (Mon, 23 Dec 2019 21:20:05 GMT):
I simulated the bc law society demo with this URL - https://vc-oidc-controller.pathfinder.gov.bc.ca/vc/connect/authorize?pres_req_conf_id=verifiable-credential&scope=openid+vc_authn&state=YcUfyIrG27Ctzr_e8qzkxfBI4u9ddWrib-PWFOnilb8.FgOZoksqMW4.law-society-demo&response_type=code&client_id=keycloak&redirect_uri=https%3A%2F%2Fsso-dev.pathfinder.gov.bc.ca%2Fauth%2Frealms%2Fvlv1c2en%2Fbroker%2Fverifiable-credential%2Fendpoint&nonce=d5514147-4ddd-43f0-8377-11188fc319ae

HarpreetNanda (Mon, 23 Dec 2019 21:20:24 GMT):
and I am able to scan teh QR code and process the proof on my digital wallet

HarpreetNanda (Mon, 23 Dec 2019 21:20:53 GMT):
so obviously my setup is not correct...just trying to establish whats my missing piece

HarpreetNanda (Mon, 23 Dec 2019 21:21:44 GMT):
I did examine the hwt tokens and it seems the once in teh bc law case has the request encoded in base64

WadeBarnes (Mon, 23 Dec 2019 21:23:16 GMT):
@esune, is the closest to that demo and likely the best one to help. I don’t know if his online today, but we’ll make sure he gets back to you.

WadeBarnes (Mon, 23 Dec 2019 21:23:16 GMT):
@esune, is the closest to that demo and likely the best one to help. I don’t know if he is online today, but we’ll make sure he gets back to you.

HarpreetNanda (Mon, 23 Dec 2019 21:24:33 GMT):
Just a quick question though.. I am using the http://test.bcovrin.vonx.io/

HarpreetNanda (Mon, 23 Dec 2019 21:24:49 GMT):
to register my seed.. should I be using this or the dev?

WadeBarnes (Mon, 23 Dec 2019 21:26:04 GMT):
You'll need to use `test` since all of the other agents are connected to that ledger.

WadeBarnes (Mon, 23 Dec 2019 21:27:14 GMT):
With the streetcred app, did you make sure it was switched to use the `test` ledger too?

HarpreetNanda (Mon, 23 Dec 2019 21:28:41 GMT):
Just a quick background. We have an IDM solution that is based on Keycloak ( migrated from forgerock). We are supporting multiple IDP(s) and we have been tasked to explore the SSI concept.

swcurran (Mon, 23 Dec 2019 21:40:22 GMT):
Hi @HarpreetNanda - awesome stuff. We really want to prove that the vc-authn-oidc IdP works with an IAM other than keycloak - and to document the process. We'll need to get Emilliano involved and learn more about your setup. It might take a bit - shouldn't be too bad. But easier if it wasn't holidays. :christmas_tree: I'm going to create a discussion for us to use starting from the next message. We can add anyone that is interested.

tomislav (Mon, 23 Dec 2019 22:46:47 GMT):
AgentFramework reference were just renamed to AriesFramework when we moved the repo. All AgentFramework.*** packages became Hyperledger.Aries.***, but everything should be similar to how the samples are structured. I would refer you to look at the Test projects as well as the TestHarness, which showcase usage of connections and credentials flow. We are looking for community contributions to work on the documentation. In the meantime, feel free to ask questions here.

lijiachuan (Tue, 24 Dec 2019 01:03:12 GMT):
Thanks @tomislav , will take a look

dgunseli (Tue, 24 Dec 2019 10:21:00 GMT):
Hi all, is there any existing request or function for update endpoint address of existing connection

dgunseli (Tue, 24 Dec 2019 10:21:00 GMT):
Hi all, is there any existing request or function for update endpoint address of existing connection [suppose that, a have a connection and my connection changed its endpoint and wants to update its existing connection]

dgunseli (Tue, 24 Dec 2019 10:21:00 GMT):
Hi all, is there any existing request or function for update endpoint address of existing connection [suppose that, I have a connection and my connection changed its endpoint and wants to update its existing connection]

ultimo2020 (Thu, 26 Dec 2019 07:35:53 GMT):
Hi everyone. Could you propose to me where could I test the Aries and Indy out for a proof of concept. Are there any online free infrastructure nodes to be used?

bansatya (Thu, 26 Dec 2019 15:39:32 GMT):
Can anyone please confirm while establishing connection between two agents , what details are exchanged which ensure the trust between themselves (without keeping anything in ledger)?

swcurran (Thu, 26 Dec 2019 17:24:40 GMT):
@bansatya - good question - I just answered essentially the same thing on the indy-sdk channel - copy of the response: The flow is defined in https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol However, what the agent does to respond to the invitation and prepare the request message is implementation specific, hence the complexity. Offhand it will likely be at least creating a message thread (to be able to recognize the response), creating a connection object, creating a DID for the connection object (including the keypair for the DID). There may be other things needed, depending on factors such as whether the agent uses a mediator.

swcurran (Thu, 26 Dec 2019 18:12:40 GMT):
@andrew.whitehead @tomislav - where are we on the Forward message change to align with the RFC? Sergey updated the PR to ACA-Py. Can we merge that? It would be nice to do this over the holidays to minimize the impact on deployments.

tomislav (Thu, 26 Dec 2019 18:27:54 GMT):
We spoke with @andrew.whitehead about this right after the Aries call. Aligning the two codebases seems to be a trivial effort. There are however complications in providing support for existing app due to dependency on mediator agents that are in production. We will most likely roll out this change with the updated app for iOS and Android sometime in January.

swcurran (Thu, 26 Dec 2019 20:14:47 GMT):
So as soon as the apps are in the app store, we'll update all of the deployments we have with the change and then verify. That will cover us. We can also announce on the aries channel, etc. so that people are aware of the change.

ultimo2020 (Fri, 27 Dec 2019 07:02:49 GMT):
Hi everyone. I have a small question. How can we protect the holder's identity (for example with anonymous usage) from everyone, even the issuer? Is there a working use case online where a user registers itself and creates an identity and only that user knows the details?

priyashankar (Fri, 27 Dec 2019 07:34:35 GMT):
An Aries Mobile Agent has no local wallet on device. Can anybody please explain me what happens in the background while a mobile agent is being provisioned? If the mobile agent is using a cloud agent as a mediator to talk to the ledger, then in that case do we need a separate cloud agent for every mobile agent? Is that even scalable? I guess I'm missing something here.

priyashankar (Fri, 27 Dec 2019 07:34:35 GMT):
Thank you. You were a savior. One question though, how are two mobile agents supposed to talk? Is it via the mediator agent?

bansatya (Fri, 27 Dec 2019 12:58:32 GMT):
@swcurran , Thanks for your response. But again Does these exchange of DID and DIDDoc privately build trusted p2p communication?

bansatya (Fri, 27 Dec 2019 13:03:58 GMT):
@swcurran , Also while issuer issues any credential, does it keep anything in ledger as a proof?

dgunseli (Fri, 27 Dec 2019 13:12:20 GMT):
As I know, issuer issues the credential with the credential definition and then send credential to the user, during this process there isn't any ledger operation as I know. But for issuing any credential with a schema, you have to write your schema and definition to the ledger before. Correct me if I'm wrong

bansatya (Fri, 27 Dec 2019 13:40:15 GMT):
@dgunseli ,Thanks. That's correct. However, as part of issuance whetehr there is any proof in ledger.

bansatya (Fri, 27 Dec 2019 14:57:36 GMT):
Also, does mobile agent create and store pseudonym in local storage or it's the cloud agent who generate and stores on behalf of it?

Alexi (Fri, 27 Dec 2019 15:13:30 GMT):
Currently when an issuer sends a credential, the values that are present with the preview sent along with the credential offer does not have to match the values that are part of the actual credential when issued. Are there plans to change this? or what is the design choice behind this?

tomislav (Fri, 27 Dec 2019 15:27:24 GMT):
If revocation is used, issuer will send an update of the revocation registry to the ledger. This is effectively proof that they issued a credential and that credential is valid until revoked.

tomislav (Fri, 27 Dec 2019 15:28:28 GMT):
Mobile agents can work directly managing dids and credentials, or they can connect to cloud agent who does it on their behalf. Both scenarios are valid

bansatya (Fri, 27 Dec 2019 15:34:57 GMT):
Thanks @tomislav . That means even though there is no issuance proof as such , but revocation registry can be used as issuance proof ( in case no entry)..

bansatya (Fri, 27 Dec 2019 15:38:12 GMT):
In case mobile agent manages all, does it need cloud agent for establishing p2p connection?

swcurran (Fri, 27 Dec 2019 16:36:56 GMT):
Normally, an Aries Mobile Agent does have storage (called in Indy a "wallet"). Were you not aware of that, or are you asking about a use case where it had no storage? In the normal use case, a mediator agent is provisioned (more on that below) for the mobile agent with a connection is established between the two, so the mobile agent can have an persistent endpoint. For scaling, a single mediator agent can be used to handle many mobile agents. In that case "provisioning" is really just establishing a new connection. Care must be taken in doing that to adequately separate out the services and storage per mobile agent, but since messages intended for the mobile agent are encrypted for the mobile agent only, that is doable. With ACA-Py, we've deployed agents on OpenShift (Kubernetes) that handle auto-scaling - deploying multiple containers for an agent to handle heavy loads.

swcurran (Fri, 27 Dec 2019 16:42:16 GMT):
@bansatya - no proof of issuance is on the ledger. The issuer can retain that they issued a credential, and the holder has the credential, and can prove it at any time to anyone that needs to know. Nothing on the ledger is needed. Revocation is recorded on the ledger, but is done in a ZKP manner, such that the verifier can't tell who the holder is based on any sort of revocation ID. It's not suitable as any sort of info on the ledger that others can look at. The bottom line - nothing goes on the ledger that others can be used as proof of issuance. That's not a concept used (or needed) in the verifiable credentials model.

swcurran (Fri, 27 Dec 2019 16:43:15 GMT):
On your last question about a mobile agent - yes, a mobile agent needs a cloud agent (mediator) as a persistent endpoint.

priyashankar (Sat, 28 Dec 2019 06:06:58 GMT):
@swcurran Thank you, you were a savior. One question though, how are two mobile agents supposed to talk with one another? Is it via this mediator agent?

bansatya (Sat, 28 Dec 2019 07:08:50 GMT):
Thanks a lot @swcurran for the clarification

tomislav (Sat, 28 Dec 2019 14:12:52 GMT):
@priyashankar Yes. Mobile1 sends message to Mediator2 addressed for Mobile2. Mobile2 retrieves the message from their configured Mediator2. Mobile2 replies to Mobile1, by sending message to Mediator1 addressed for Mobile1. Mobile1 retrieves the message from Mediator1.

HLFPOC (Mon, 30 Dec 2019 10:38:01 GMT):
Hello Team, I am trying to explore the ACA-py Open API demo. I was able to bring the agents up and do some transactions (connection, credential exchange etc). However, I have few queries: a) Where does the wallets gets created? How can I access those wallets directly (without swagger REST APIs)? b) How data is stored inside wallets? I guess it internally uses SQLITE or POSTGRESQL DB? c) Is there any way I can check the credentials issued by the Organization? For e.g. how to check the all the credentials issued by Acme Corp to different users? d) What will be the next step to build a custom controller? Lets say, I want to build a Node js based app (controller) for Alice to interact with the underlying agent. For this, which all agent services (commands) do I have to run in order to connect custom controller?

danielhardman (Mon, 30 Dec 2019 20:09:34 GMT):
I wanted to make everybody aware of a post that I just made to the email list of W3C’s Credentials group, raising a red flag about trying to standardize swagger APIs for credential exchange. If you are already on that mailing list, you will have seen the post in its original context. If not, here is a link to the google doc that contains the same content: https://docs.google.com/document/d/1BW07ev8lI5qgw2vU0zgDoJJqBRhMt81fYMr54w1zMI0/edit#

swcurran (Mon, 30 Dec 2019 23:22:57 GMT):
a) Wallets (storage) is created locally if necessary on startup of the agents. They are just databases and you can use database tools to access them. However, all of the data in them is encrypted, which makes accessing them kind of boring. b) Depending on the startup options selected, data is stored in SQLite or PostgreSQL databases. For aca-py, checkout the startup options. c) There is not currently a standard way to do that. A couple of approaches that might be useful for this. Read and create a searchable database of transactions, and use it for discovery. Find out the DID of Acme, and then find all of the Credential Definitions associated with Acme, and all the schema associated with those credential definitions. However, you won't know how many of those are still in use, and you may not even be able to tell the which DID is Acme's. Another way is that an Aries RFC could be created that enables such discovery. For example, after connecting with Acme, your agent sends a "discover-credentials" (made that name up...) protocol request, to which Acme replies with a list of credentials it offers. I don't know a lot about this protocol, but I think it is intended to be used for this type of thing - https://github.com/hyperledger/aries-rfcs/tree/master/features/0214-help-me-discover d) Take a look at the demo agent implementations in the /demo folder. In that are a couple of customer controllers (Alice, Faber) that interact. That might give you a starting point of what is needed.

bansatya (Tue, 31 Dec 2019 13:59:29 GMT):
@swcurran , while creating invitation, below is the response generated from inviter side.

bansatya (Tue, 31 Dec 2019 13:59:38 GMT):
{ "connection_id": "f69b7b49-2a63-46cd-9380-cd7e9ab2ab9c", "invitation": { "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation", "@id": "236f110b-15b0-4509-9c3d-b72991325f56", "recipientKeys": [ "Ea6QCCMdNkySNyHjxtSBwnoNSzBvZuMgBW9LCmxx1o6j" ], "label": "Faber", "serviceEndpoint": "http://0.0.0.0:8003" }, "invitation_url": "http://0.0.0.0:8003?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiMjM2ZjExMGItMTViMC00NTA5LTljM2QtYjcyOTkxMzI1ZjU2IiwgInJlY2lwaWVudEtleXMiOiBbIkVhNlFDQ01kTmt5U055SGp4dFNCd25vTlN6QnZadU1nQlc5TENteHgxbzZqIl0sICJsYWJlbCI6ICJGYWJlciIsICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cDovLzAuMC4wLjA6ODAwMyJ9", "alias": "alice" }

bansatya (Tue, 31 Dec 2019 14:01:18 GMT):
1. Does connection id maintained in local storage or a in memory? What is the use for this?

bansatya (Tue, 31 Dec 2019 14:03:42 GMT):
2. In Invitation object, type parameter is having pseudonym of the inviter side. Can you please explain/guide what is the @id and @recipient keys and what is the use for this?

bansatya (Tue, 31 Dec 2019 14:05:22 GMT):
3. If I start the agent without any service endpoint , then the invitation acceptance fails at invitee. Was this endpoint for exchange DID or DID docs?

bansatya (Tue, 31 Dec 2019 14:07:02 GMT):
4. any additional info why the p2p connection is considered as trusted.

swcurran (Tue, 31 Dec 2019 16:17:50 GMT):
So many questions! :-) 1. Persisted in storage. It is an ID for the persistent connection between the entities as held by one of the participants - Faber in this case. 2. Suggest you read about protocols and connections on the aries-rfcs site - these concepts are cover there. https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol

swcurran (Tue, 31 Dec 2019 16:25:24 GMT):
3. I'd have to do more checking to be certain, but I believe the endpoint you are referencing is the one that enables another agent to reach the starting agent. Without that, there is no way to send a message to the starting agent. Its the inbound transport endpoint, but a publicly accessible version of that endpoint. It is put into the DIDDoc so other agents know to where messages should be sent to get to the starting agent. 4. It's not really trusted, since the two entities don't really know who each other are from an identity perspective. But it is secure as each party create a keypair for the relationship, and exchanged that keypair between only each other. Thus, they are the only two parties that can see the messages being exchanged. It is trusted if later the two parties exchange messages, they know who they are. So it is the equivalent of a service creating an account for the user, but not getting anything more than an email address - a way to know the account when the user returns, and a way to connect the user. By using verifiable credentials on top of that, the two parties can establish trust about who each of them are. Make sense?

jljordan_bcgov (Tue, 31 Dec 2019 18:19:47 GMT):
Bit of a long reply here .. I'll further unpack what we mean by trusted ... 1) there is a connection between the two parties that only those two parties participated in establishing. That is they successfully created a DIDComm connection between them with DIDs and Keys they created and exchanged securely. 2) Once that connection is established, as @swcurran stated ... this is a secure DIDComm messaging channel ... the parties do not know anything about their "real world nature" 3) Now messages can be exchanged between the parties via DIDComm channel .. they could be simple text messages and if the parties are human beings controlling their agents this may be enough to establish some level of trust based on their decision to believe that the messages decribing common experiences that they share via text messages are genuinely from the person they think they are texting with 4) If the parties need a more formal verifiaction of who/what they are ... this is where Verifiable Credential exchange protocol comes in. a) Party one (verifier) can formally request a presentation of a verifiable credential the other party (holder) may hold which comes from a third party (issuer). b) The verifier party decides what credential(s) to request from the holder based on their needs. This is where the trust decision occurs ... the verifier, by requesting a credentials that the holder may hold from a third party issuer, is making a decision to trust that third party issuer. c) This trust decision is based two key aspects ... i) Cryptographic verifiability - that the holder can present the requested credential (attributes) in a way that satisfies the verifiable credential exchange protocol ii) Human / Process - the verifier and the holder mutually believe/agree that the processes executed by the issuer are trustworthy. For example, the government has the legislative authority and has trustworthy processes to issue the first and last name attributes to the person they belong to. If all of 4) is true then I would say that the verifier party has verified the origin of the holder's first and last name attributes from both a technical and process perspective and they can they decide to ascribe a level of trust to that digital relationship. The generalized model for this is describe in draft RFC0289 - The Trust over IP Stack. https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0289-toip-stack/README.md

jljordan_bcgov (Tue, 31 Dec 2019 18:19:47 GMT):
Bit of a long reply here .. I'll further unpack what we mean by trusted ... 1) there is a connection between the two parties that only those two parties participated in establishing. That is they successfully created a DIDComm connection between them with DIDs and Keys they created and exchanged securely. 2) Once that connection is established, as @swcurran stated ... this is a secure DIDComm messaging channel ... the parties do not know anything about their "real world nature" 3) Now messages can be exchanged between the parties via DIDComm channel .. they could be simple text messages and if the parties are human beings controlling their agents this may be enough to establish some level of trust based on their decision to believe that the messages decribing common experiences that they share via text messages are genuinely from the person they think they are texting with 4) If the parties need a more formal verifiaction of who/what they are ... this is where Verifiable Credential exchange protocol comes in. a) Party one (verifier) can formally request a presentation of a verifiable credential the other party (holder) may hold which comes from a third party (issuer). b) The verifier party decides what credential(s) to request from the holder based on their needs. This is where the trust decision occurs ... the verifier, by requesting a credentials that the holder may hold from a third party issuer, is making a decision to trust that third party issuer. c) This trust decision is based two key aspects ... i) Cryptographic verifiability - that the holder can present the requested credential (attributes) in a way that satisfies the verifiable credential exchange protocol ii) Human / Process - the verifier and the holder mutually believe/agree that the processes executed by the issuer are trustworthy. For example, the government has the legislative authority and has trustworthy processes to issue the first and last name attributes to the person they belong to. If all of 4) is true then I would say that the verifier party has verified the origin of the holder's first and last name attributes from both a technical and process perspective and they can they decide to ascribe a level of trust to that digital relationship. The generalized model for this is described in draft RFC0289 - The Trust over IP Stack. https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0289-toip-stack/README.md

HLFPOC (Wed, 01 Jan 2020 18:46:18 GMT):
Is there any sample Node.js based implementation of controller available which can connect with ACA-Py agent ?

HLFPOC (Wed, 01 Jan 2020 18:55:17 GMT):
I have some doubts on the wallets w.r.t ACA-Py agent: 1) As per my understanding, agents can only have a single wallet (storage) attached to them for storing keys/connections etc. But can we configure agent app to have multiple wallets ? For e.g We can have a use-case in which same agent is used by different users of the same organization, in this case, is it possible to create individual wallets for each user? 2) Where exactly the wallet (db) should be created? Should it run on the same machine where Agent is running or can we change the wallet location to some other instance/machine ?

HLFPOC (Wed, 01 Jan 2020 19:35:39 GMT):
One doubt about @type param: what does this type denotes and whose DID is it using ? ("@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation"). It is also hard-coded in demo file for Faber in CRED_PREVIEW_TYPE param.

swcurran (Wed, 01 Jan 2020 20:18:54 GMT):
Not sure how well documented it is, but there is one here: https://github.com/bcgov/aries-cloudcontroller-node

swcurran (Wed, 01 Jan 2020 20:20:05 GMT):
An example app is here that is based on the node controller - https://github.com/bcgov/identity-kit-poc

swcurran (Wed, 01 Jan 2020 20:27:47 GMT):
For (1) - this is a use case we are seeing more and more, and we've not fully thought it all the way through. Its really how you define "storage" per agent. For example, you could have a different database per agent, a different set of tables per agent or even just a wallet-id in one set of tables and filter what each agent sees using their wallet-id. I expect the latter is the best option, but TBD. As well, different encryption keys should be used per agent. With that, you have one agent service, and depending on the messages arriving, different storage is accessed based on the agent in the message. For (2) - currently you can use either sqlite or postgres. For sure postgres can be on a different machine - we do that with Kubernetes, where postgres is it's on pod, effectively a different machine. I suspect that you can do that with sqlite, but I'm not certain. As we rethink storage for a pure Aries solution, we are thinking perhaps it should be behind an HTTP interface, further enabling the separation of the agent from it's storage.

paliwalg (Thu, 02 Jan 2020 10:17:40 GMT):
I am using Aries .Net SDK with android mobile, and I am facing problem with the API call Pool.CreatePoolLedgerConfigAsync(poolName, poolConfig) of .Net Indy SDK. It is failing with the exception IInvalidStructureException. My Pool Config is {"genesis_txn":"/data/user/0/com.osma/files/pool_genesis.txn"}. There is valid genesis file at the path "/data/user/0/com.osma/files/pool_genesis.txn". Not sure what I am missing here or doing wrong ? Does it have anything to do with slashes in the path ?

swcurran (Thu, 02 Jan 2020 17:02:00 GMT):
The DID is a magic one that was created by someone in the community. It is used to have namespaces for DID Message Protocols and Types - e.g. the "issue_credential" protocol, and the "offer", "request", "issue" types. It's really just a string, and the plan was to publish the DID as a pointer to the specs. Recently, a decision was made to change that prefix to an HTTPS user - "https://didcomm.org/" for core protocols, followed by //, and the URL will point to the spec.

swcurran (Thu, 02 Jan 2020 17:02:42 GMT):
Issue documented here: https://github.com/hyperledger/aries-rfcs/issues/225

ShamGir (Fri, 03 Jan 2020 07:33:20 GMT):
Hello guys, How I use Aries in Java and JavaScript, also share some walk-through or samples of Aries

ShamGir (Fri, 03 Jan 2020 07:33:20 GMT):
Hello guys, How can I use Aries in Java and JavaScript, also share some walk-through or samples of Aries

HLFPOC (Fri, 03 Jan 2020 09:49:03 GMT):
In order to start the agent (ACA-py) from the CLI, what all flags are required to be specified? I tried starting the agent with below command but was not able to view Admin APIs page mentioned on the HOST:PORT. `scripts/run_docker start --inbound-transport http 0.0.0.0 8000 \ --outbound-transport http \ --admin 0.0.0.0 8001 \ --admin-insecure-mode` Do I also have to provide wallet related flags while starting the agent to view and access the Admin APIs? ?

swcurran (Fri, 03 Jan 2020 17:51:21 GMT):
Easiest way I'm aware of is to use ACA-Py and create your controller in Java or Node. The controller connects to the ACA-Py component via HTTP calls to control and receive events from ACA-Py. https://github.com/hyperledger/aries-cloudagent-python

swcurran (Fri, 03 Jan 2020 17:53:30 GMT):
You can see all the command line parameters for start with this - `./scripts/run_docker start --help`

swcurran (Fri, 03 Jan 2020 17:54:31 GMT):
The examples in the `/demo` folder show various examples of starting ACA-Py. The alice/faber start parameters are embedded in the code.

amanji (Sun, 05 Jan 2020 19:00:59 GMT):
Hi all. I have drafted a [PR](https://github.com/hyperledger/aries-cloudagent-python/pull/318) for issue [#93](https://github.com/hyperledger/aries-cloudagent-python/issues/93). I have left the PR in draft to accommodate reviewer comments and I'd very much appreciate any feedback. If you are interested in running demo web controllers locally I have forked the Aries ACA-py repo [here](https://github.com/amanji/aries-cloudagent-python)

amanji (Sun, 05 Jan 2020 19:00:59 GMT):
Hi all. I have drafted a [PR](https://github.com/hyperledger/aries-cloudagent-python/pull/318) for issue [#93](https://github.com/hyperledger/aries-cloudagent-python/issues/93). I have left the PR in draft to accommodate reviewer comments and I'd very much appreciate any feedback. If you are interested in running demo web controllers locally, I have forked the Aries ACA-py repo [here](https://github.com/amanji/aries-cloudagent-python). I have created 3 web controllers for the various demo cloud agents. Faber is a .NET implementation, Alice is an Angular implementation and Acme is an Express.js (Node.js) implementation.

swcurran (Sun, 05 Jan 2020 21:26:18 GMT):
Awesome stuff - thanks!! We'll be checking it and hopefully getting it merged into the rest of the ACA-Py demos.

daisuke1983 (Mon, 06 Jan 2020 06:08:58 GMT):
Hi all. I'm considering using one of aries sdk for our production identity wallet product. Could someone let me know which SDK is most matured and how mature is it?

ashlinSajan (Mon, 06 Jan 2020 12:19:42 GMT):
Hi all What are the existing open source mobile agents for SSI?

swcurran (Mon, 06 Jan 2020 16:04:28 GMT):
The most mature are aries-cloudagent-python and aries-framework-dotnet. For mobile, .NET is the only option right now. AFAIK, either will work for non-mobile and are pretty mature. ACA-Py uses an Aries+Controller architecture (using HTTP between the components) and so can be used with any language to build the application code. The .NET framework produces a library that must be wrapped in a compatible language. As I understand it from comments here - ACA-Py has more information on getting started and sample code. We (BC Gov) are primary maintainers of ACA-Py and use it in many PoC and (very near) production use cases.

bansatya (Mon, 06 Jan 2020 20:28:59 GMT):
Thanks @swcurran , @jljordan_bcgov . This really helps. Just another question while issuer issues the VC to Holder, the same short of trust has to be build.And this has to be done the same way as now is happening?

swcurran (Mon, 06 Jan 2020 22:02:56 GMT):
Building up the issuer to holder trust can come in different ways. Initial issuers will likely use their existing ways, and later may (or may not) transition to using proofs based on other verifiable credentials. Example - a BC Services card (similar to Driver's License) will use in person verification as the basis of its identity assurance and then enable citizens to get digital versions of their credential on the basis of that in-person assurance. This is a very high assurance process and hence credential. Existing services currently have an account management, authentication and authorization process -e.g. how a university student logs into their account. The university may decide that login/authentication process is sufficiently secure to issue credentials using that process. This would likely be a medium assurance process. Our existing email service https://email-verification.vonx.io/ is very simple - it prompts for an email address, sends an email with a unique link in it and issues a credential to whomever accesses that unique link - presumably the owner of that email address. Low assurance.

ashlinSajan (Tue, 07 Jan 2020 04:46:44 GMT):
@swcurran Pair wise DIDs used by Identities built on Indy are creating an issue for me. I need an identity to sign a message whose origin can be verified by any recipient of the message - I can assume that all recipients have a connection with the originating identity. I are using a signing facility provided by Indy/Aries agents but that seem to be specific to one pairwise connection even though signer uses a public DID. I am considering self-issued credentials as a work around but I would like to explore simpler options before I do that as it will proliferate the number of credentials created. A second option is to use Indy credentials as PKI certs with public key as an attribute. This requires that the key management, signing and verification to be done by the application external to the Aries/Indy agents. What is the recommended practice or is there a third option?

swcurran (Tue, 07 Jan 2020 05:26:32 GMT):
Not entirely sure of the use case, but I can think of a couple of things. First, a verifiable credential might meet the criteria, and we see a lot of uses for it. In that model, an Issuer issues the verifiable credential to a holder, and the holder can then prove that the issuer issued the credential to anyone else. The issuer puts metadata for the verifiable credential (a DID, a schema, and a credential definition) and it is that information that can be used to verify the validity of the proof. Alternatively, an entity can have a DID on a public ledger, and sign a message using that DID, and then deliver it (using Aries Agents over pairwise connections) to many recipients. Each can use the DID on the ledger to verify the signature, and can connect to/message the DID owner for proof of control of the DID. That's pretty similar to the verifiable credential mechanism, so you might be able to fit your use case to that. Not sure I've answered your question, but hopefully given you something to think about.

daisuke1983 (Tue, 07 Jan 2020 08:41:57 GMT):
Thanks! Sounds like there is no mature SDK for mobile identity wallet?

HLFPOC (Tue, 07 Jan 2020 10:04:07 GMT):
Has anyone tried running the ACA-Py agent using docker from terminal ? I am facing below error while starting the agent : Exception: `aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: CouldNotAuthenticate('Can not find verkey for RwSSfazUzCmRP6CQnxawkR',)` Any idea about this error ?

shubhamchaudhari (Tue, 07 Jan 2020 12:52:27 GMT):
Hi all. I want to develop a mobile application for credential exchange using hyperledger-indy. Is it necessary to have a separate cloud agent for each mobile edge agent-application? Or can we use a single cloud agent for multiple mobile edge agent-applications which will be used by different users ? If "yes" please provide some insights into the same

jljordan_bcgov (Tue, 07 Jan 2020 14:03:56 GMT):
.net framework is suitable for a mobile deployment. https://github.com/mattrglobal/osma is an open source example of a mobile agent using .net framework

danielhardman (Tue, 07 Jan 2020 14:43:56 GMT):
An agent works for one identity, so you wouldn't want to try to use a cloud agent to service multiple people.

lijiachuan (Tue, 07 Jan 2020 15:43:45 GMT):
hi all, I have one question that, if some of target users are not using mobile phone in their daily work, but we still need these individuals be participants for the Indy network, what is the best way for them to securely manage their wallets, public/private keys, DIDs, and VCs, etc? Kindly advise. Thanks.

swcurran (Tue, 07 Jan 2020 17:46:42 GMT):
How are you defining a single "agent" in that case, Daniel? For example, would you expect that each cloud agent to have it's own endpoint or could they share an endpoint? Would they be in their own container? Own process? Would each have their own database?

danielhardman (Tue, 07 Jan 2020 17:50:05 GMT):
Each needs to have its own set of keys and its own unique responsibilities. How isolation is achieved is of secondary interest; each could use its own Docker container and endpoint, or could run on the same endpoint and in the same process. But it should be clear that one has the responsibility to serve the interests of agent-owner A--and only A--and the other has the responsibility to serve the interests of agent-owner B. There should be some barrier that's trustable, that prevents the software from picking up the keys that allow it to service A, then putting them down and picking up the keys for B instead.

danielhardman (Tue, 07 Jan 2020 17:50:41 GMT):
If there's no meaningful barrier, then you have a shared service rather than an agent, and I think you have deep trust problems.

danielhardman (Tue, 07 Jan 2020 17:51:23 GMT):
Evernym achieves this barrier by running separate actors within the same process, and making those actors incapable of opening one another's wallets.

danielhardman (Tue, 07 Jan 2020 17:51:48 GMT):
And we use docker containers sometimes, too.

swcurran (Tue, 07 Jan 2020 17:55:24 GMT):
That's what I thought, but I think that subtlety might be lost on someone those not steeped in Aries lore. You don't have to have a single agent container/process (with corresponding endpoints) per mediator, but there must be a separation of the virtual agents by at least their keys/storage.

swcurran (Tue, 07 Jan 2020 17:55:24 GMT):
That's what I thought, but I think that subtlety might be lost on someone not steeped in Aries lore. You don't have to have a single agent container/process (with corresponding endpoints) per mediator, but there must be a separation of the virtual agents by at least their keys/storage.

danielhardman (Tue, 07 Jan 2020 17:56:37 GMT):
Good point, and agreed. Sorry I was unclear.

swcurran (Tue, 07 Jan 2020 18:30:41 GMT):
Folks, just added this Aries project JIRA - https://jira.hyperledger.org/browse/ARIES-6, with the following text. We'd like to get community feedback on this: As the BC Gov VON Team has been refining Indy Catalyst (a Verifiable Credential Registry) and making it work with Aries protocols for both the Issuer and the Holder/Prover/Credential Registry, we've realized that the Indy moniker is probably not appropriate. For the same reasons that "Indy Agents" have become "Aries Agents", we think it is more appropriate to have the Credential Registry moved from the Indy project to the Aries Project. As such, we are proposing to move the project to Aries and use the name "Aries Verifiable Credential Registry" (Aries VCR) in place of Indy Catalyst. This ticket is a request for community approval to create the aries-verifiable-credential-registry repo as part of the Aries project to house the product formerly known as Indy Catalyst.

drummondreed (Tue, 07 Jan 2020 20:05:17 GMT):
Sounds like a good idea to me, Stephen.

sebastillar (Tue, 07 Jan 2020 22:27:58 GMT):
Hi everybody! I continue studying the Indy and Aries projects, together with my partner we have installed both locally. I have the following doubts: What Indy-SDK components does ACA-Py require? I ask this because in Docker's images I find that for Agent Aries, Indy-SDK is also installed. I guess it's for the storage and wallet components, but I'd like someone else to confirm it. The other question refers to the Aries agent for mobile devices. I would like to know why it is more appropriate in that case to use the .NET implementation. thanks in advance!

swcurran (Tue, 07 Jan 2020 22:48:03 GMT):
On the first, ACA-Py currently uses most of the Indy-SDK - certainly all that an Aries Agent requires. Part of our team is currently working on a project to split apart the Indy SDK to make it easier to consume in an Aries context, as pluggable implementations. For example, an Aries agent might support multiple ledger interface (VDRI) implementations.

swcurran (Tue, 07 Jan 2020 22:49:58 GMT):
On the second issue, it's just that so far, the aries-framework-dotnet is the most advanced framework that is (relatively) easy to get going for mobile. By using Xamarin, the the .NET framework can be dropped into a Xamarin project and deployed to iOS and Android.

swcurran (Tue, 07 Jan 2020 22:50:36 GMT):
Lots of people would like a React Native client, but so far I'm not aware of an Open Source implementation or starting point.

sebastillar (Tue, 07 Jan 2020 22:53:29 GMT):
First, thanks for your answers!

sebastillar (Tue, 07 Jan 2020 22:53:32 GMT):
In our use case we need to deploy agents and clients to issue and verify verifiable credentials and thus complete a proof of concept. According to what you tell us, we understand that given the immaturity of Aries, it would be best to implement it with Indy-SDK

sebastillar (Tue, 07 Jan 2020 22:57:09 GMT):
What would be the disadvantage of implementing only cloud agents and not implementing mobile agents? I ask this because in the course of edx it says: "But personal agents don't have to be mobile. They could be run on a laptop or desktop computer as applications. Agents directly controlled by individuals might also be operated by a service and run entirely (including all keys) in the cloud. That model, however, is at odds with our goal of controlling your own agent — and your data. If an agent is running in the cloud, someone else is operating the agent and you are not fully in control. how much you trust the service. " Then I am in doubt if the web agents would not maintain the privacy of personal data or could not use local wallets.

swcurran (Tue, 07 Jan 2020 23:47:29 GMT):
Aries not immature and I would highly recommend NOT using just the Indy SDK. You will have to recreate all of what is in the Aries Agent repos and you will waste a ton of time. If you want to be able to interop, your implementation will have to implement all the aries-rfcs that are already supported in the Python and .NET code bases.

swcurran (Tue, 07 Jan 2020 23:47:29 GMT):
Aries is not immature and I would highly recommend NOT using just the Indy SDK. You will have to recreate all of what is in the Aries Agent repos and you will waste a ton of time. If you want to be able to interop, your implementation will have to implement all the aries-rfcs that are already supported in the Python and .NET code bases.

sebastillar (Tue, 07 Jan 2020 23:49:02 GMT):
Thanks for clarify, we really appreciate your help!

swcurran (Tue, 07 Jan 2020 23:51:49 GMT):
The reasons against using only cloud agents are covered in the quote. You could implement a native app on for the different platforms (e.g. Windows, Mac, Linux) rather than a mobile agent and then at least the keys and storage would be kept with the user. If you are doing a PoC, a short cut of implementing a server-based PWA with just the UI on mobile is probably fine. It's just not a production approach, and the use of a secure/safe agent must be in place before production.

swcurran (Tue, 07 Jan 2020 23:52:30 GMT):
As well, there are commercial mobile agents you might be able to use. E.g. Streetcred, which has an IOS agent and a "coming soon" Android agent.

ashlinSajan (Wed, 08 Jan 2020 04:52:29 GMT):
Thanks for your prompt response. Your suggestion sounds like something we can use, How do I get this DID that I put on the public ledger. is this one of the pairwise DIDs or another one that is not associated with any pair? If prover gets its agent to sign using this DID, prover application can supply this DID as part of the message along with the signature to the verifier application. I am assuming that the verifier application can get its agent to verify the signature knowing the DID. As I know, verification always takes the local end of the pair as the DID to verify a credential. is there a facility to use the remote DID that is not part of this pair wise connection? How do I get proof of ownership of the remote DID that is not part of a pair? Can this be done via the Aries agent APIs or do i have to use libindy or another interface. Thanks for the help.

daisuke1983 (Wed, 08 Jan 2020 12:11:11 GMT):
Can .NET SDK connect only to Indy network currently? What about Sovrin network?

JeromeK (Wed, 08 Jan 2020 12:16:44 GMT):
You should be able to connect to both

Yoroitchi (Wed, 08 Jan 2020 14:39:47 GMT):
Hi team. I'm trying to reproduce the following sample https://github.com/hyperledger/aries-framework-dotnet/tree/02617cfa24c796eedfdb9549f9200a92a714e1a2/samples/aspnetcore with the latest version of the framework. For now, I'm able de create an invitation but when accepting it I got the following error: ```HttpRequestException: An error occurred while sending the request. System.Net.Http.HttpConnection.SendAsyncCore(HttpRequestMessage request, CancellationToken cancellationToken) System.Net.Http.HttpConnectionPool.SendWithNtConnectionAuthAsync(HttpConnection connection, HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken) System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken) System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) Microsoft.Extensions.Http.Logging.LoggingHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts) Hyperledger.Aries.Agents.HttpMessageDispatcher.DispatchAsync(Uri endpointUri, PackedMessageContext message) Hyperledger.Aries.Agents.DefaultMessageService.SendAsync(Wallet wallet, AgentMessage message, string recipientKey, string endpointUri, string[] routingKeys, string senderKey) AriesWebApp.Controllers.ConnectionsController.AcceptInvitation(AcceptConnectionViewModel model) in ConnectionsController.cs await _messageService.SendAsync(context.Wallet, request, invite.RecipientKeys[0], record.Endpoint.Uri); Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor+TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, object controller, object[] arguments) System.Threading.Tasks.ValueTask.get_Result() System.Runtime.CompilerServices.ValueTaskAwaiter.GetResult() Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask actionResultValueTask) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|24_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|19_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext) Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) Hyperledger.Aries.AspNetCore.AgentMiddleware.Invoke(HttpContext httpContext, IAgentProvider agentProvider) Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) ``` Any idea of how to correct it ?

mattatkiva (Wed, 08 Jan 2020 15:04:16 GMT):
I do not see any aries meetings on hyperledger calendar. https://calendar.google.com/calendar/embed?mode=AGENDA&src=linuxfoundation.org_nf9u64g9k9rvd9f8vp4vur23b0%40group.calendar.google.com&ctz=US%2FMountain do I have the right link?

swcurran (Wed, 08 Jan 2020 15:22:35 GMT):
I think there is a new calendar - https://calendar.google.com/calendar/embed?src=5grb3o8cl0u8fnun5s9lfpm1iad70aff%40import.calendar.google.com&ctz=US%2FPacific The base page on the wiki for calendars is: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings

ashlinSajan (Thu, 09 Jan 2020 04:22:46 GMT):
@swcurran Thanks for your prompt response. Your suggestion sounds like something we can use, "Alternatively, an entity can have a DID on a public ledger, and sign a message using that DID, and then deliver it (using Aries Agents over pairwise connections) to many recipients. Each can use the DID on the ledger to verify the signature, and can connect to/message the DID owner for proof of control of the DID. That's pretty similar to the verifiable credential mechanism, so you might be able to fit your use case to that." How do I get this DID that I put on the public ledger. is this one of the pairwise DIDs or another one that is not associated with any pair? If prover gets its agent to sign using this DID, prover application can supply this DID as part of the message along with the signature to the verifier application. I am assuming that the verifier application can get its agent to verify the signature knowing the DID. As I know, verification always takes the local end of the pair as the DID to verify a credential. is there a facility to use the remote DID that is not part of this pair wise connection? How do I get proof of ownership of the remote DID that is not part of a pair? Can this be done via the Aries agent APIs or do i have to use libindy or another interface. Thanks for the help.

shubhamchaudhari (Thu, 09 Jan 2020 06:52:01 GMT):
Thank you @swcurran and @danielhardman for your guidance

shubhamchaudhari (Thu, 09 Jan 2020 06:56:33 GMT):
One more question in indy document walkthrough in connection establishment section of onboarding part its written that the steward sends the NYM transaction for did created for feber. Is that mean the Pseudonym did is stored on the ledger ?

shubhamchaudhari (Thu, 09 Jan 2020 06:56:33 GMT):
Hi all, Can I refer to "https://github.com/hyperledger/education/tree/master/LFS171x/indy-material/nodejs" repository for implementation of agent in node? Is it good enough?

Yoroitchi (Thu, 09 Jan 2020 10:21:46 GMT):
Hi team. I could use your help on this issue. I'm trying to make a simple web agent using latest Aries framework following the sample folder from below repo. I've been able to recreate the agent but when accepting an invitation message, I got the following error ``` IOException: The response ended prematurely. System.Net.Http.HttpConnection.FillAsync() HttpRequestException: An error occurred while sending the request. System.Net.Http.HttpConnection.SendAsyncCore(HttpRequestMessage request, CancellationToken cancellationToken) ``` Apparently the error comes from this piece of code. ``` [HttpPost] public async Task AcceptInvitation(AcceptConnectionViewModel model) { var context = await _agentContextProvider.GetContextAsync(); var invite = MessageUtils.DecodeMessageFromUrlFormat(model.InvitationDetails); var (request, record) = await _connectionService.CreateRequestAsync(context, invite); await _messageService.SendAsync(context.Wallet, request, invite.RecipientKeys[0], record.Endpoint.Uri); return RedirectToAction("Index"); } ``` May I have anyone's instruction about accepting a invitation message ? Or some advice on where to look to fix this. Thanks a lot https://github.com/hyperledger/aries-framework-dotnet

JavierVela (Thu, 09 Jan 2020 11:11:05 GMT):
@swcurran @danielhardman I have a similar use case where I want to use a single Aries cloudagent to manage multiple identities (each one with its own wallet and keys). When you mention that you can have a single endpoint, how you make that endpoint to be able to switch wallets. Currently I was thinking of firing a docker container per user, but we have thousands of users and it won't scale really well

JavierVela (Thu, 09 Jan 2020 11:11:05 GMT):
@swcurran @danielhardman I have a similar use case where I want to use a single Aries cloudagent to manage multiple identities (each one with its own wallet and keys). When you mention that you can have a single endpoint, how you make that endpoint to be able to switch wallets? Currently I was thinking of firing a docker container per user, but we have thousands of users and it won't scale really well

ankita.p (Thu, 09 Jan 2020 12:13:42 GMT):
Hi team, I provisioned a wallet using aca-py and trying to assign the created DID as public. I am facing issue : aries_cloudagent.ledger.error.LedgerTransactionError: Ledger rejected transaction request: client request invalid: could not authenticate, verkey for 55GkHamhTU1ZbTbV2ab9DE cannot be found

swcurran (Thu, 09 Jan 2020 17:22:56 GMT):
We've added a channel #aries-cloudagent-python so recommend asking there. I think the issue is just that you are trying to write to the ledger with a DID that either is not on the ledger or doesn't have write permission.

swcurran (Thu, 09 Jan 2020 17:28:43 GMT):
While the approach is viable, it is not handled by any of the currently defined aries protocols (list is here - https://github.com/hyperledger/aries-rfcs), To write the DID to a public ledger you have to use the DID method that you want to use, and an instance of that ledger. For that you could Sovrin (Indy), Veres One, Ion, Etherium, etc. Aries gives you a way using pairwise DIDs to connect and communicate, so the pairwise DIDs could still be used for communicating. They just are not appropriate for creating publicly signed messages verifiable by anyone. The use case is fairly far off what we are doing in Aries, and I think is covered by verifiable credentials, so I'm pretty much out of my depth on how to actually do it. I meant it was conceptually possible, but there are a lot of details.

victor.martinez (Thu, 09 Jan 2020 17:33:28 GMT):
Hello, what is level of JSON-LD support in Aries ? after reading the Aries RFC 0035: JSON-LD Compatibility it is my understading that is part of the road map but not yet fully implemented ?

swcurran (Thu, 09 Jan 2020 17:39:30 GMT):
At this point the plan is to be in line with JSON-LD, but not to make full use of it. There is not a plan to embrace it, so I would not say it is a roadmap item.

swcurran (Thu, 09 Jan 2020 17:39:30 GMT):
At this point the plan is to be in line with JSON-LD, but not to make full use of it. Basically, there is not a plan to embrace it, so I would not say it is a roadmap item.

HLFPOC (Thu, 09 Jan 2020 18:39:15 GMT):
I have few doubts on how trust is built within the Aries demo application: 1) As an end user, how can I trust the organization while making the connection request? For e.g. Faber generates invitation url and publishes the QR code on its public website and Alice scans it to connect with the Faber. But is there any way to check if Alice is connected with the valid and authorized Faber organization ? Someone can hack the website and change the invitation url and its endpoint, then how will the Aries handles this scenario? 2) Once the connection is established, Faber issues the credential to Alice, but how Faber authenticates if it is issuing credentials to the correct Alice? 3) After receiving the credentials, Alice connects with Acme and Acme sends Alice a proof request. When Alice shares her credentials on that request: a) How Acme verifies those credentials ? What exactly happens behind the scenes? b) If proof request says that one credential should come from Faber then how Acme validates the authenticity of Faber in the presented proof by Alice?

danielhardman (Thu, 09 Jan 2020 19:04:18 GMT):
I agree with Stephen's answer but wanted to add one point of clarification: RFC 0035 is about JSON-LD compatibility as it relates to DIDComm, not to Aries as a whole. What the RFC says is basically that we've structured DIDComm to be JSON-LD compatible but not to use it aggressively; JSON-LD experts who show up in the DIDComm world can use it in protocols they write, but developers who don't know a lot about it don't need to learn anything unless/until they encounter such protocols. Aries is all-in on JSON-LD compatibility for verifiable credentials, since the VC spec (no matter what style of creds you build) needs JSON-LD. And on DID resolution, where JSON-LD compatibility is being debated by the working group at W3C, Aries will support JSON-LD as much as is required to get full support for DID resolution features.

tomislav (Thu, 09 Jan 2020 21:12:17 GMT):
Are you accepting invitation created by an outside agent?

tomislav (Thu, 09 Jan 2020 21:13:23 GMT):
Are you running the agent locally or using the docker instance?

swcurran (Thu, 09 Jan 2020 21:39:03 GMT):
Answer from our DM - might be useful to others: 1) Simple answer - they can't. Making a connection doesn't establish trust - it just provides a secure communication path between two parties. Verifiable credentials would be used to establish trust. 2) They have to have a sufficiently high assurance process. That might be that they have had a website for years that has strong enough identity proofing that they can issue a credential. In the future, they would likely use verifiable credentials to establish that - a gov't ID for name, in person interview, etc. 3a) That is described in the Indy anoncreds materials. Its too much for me to put here. In short, Alice makes a proof, and Acme verifies that the prove is correct. 3b) Acme must know the DID of Faber (and has decided to trust it), or when first encounter must decide if they trust that DID, by finding out who that is. See this paper that I wrote about how this might be done. https://docs.google.com/document/d/1nYq0iakgtyC21oUGWa5hLuJUoKeJFpURtGz6HcLIltY/edit We have the idea of a "Credential Registry" that is operated by a trusted party that might enable short circuiting the traversal process. E.g. to find out if a company exists, go to the Credential Registry for the jurisdiction in which it is registered. This is a production example of a Credential Registry: https://orgbook.gov.bc.ca. It contains verifiable credentials about every company registered in BC.

HLFPOC (Fri, 10 Jan 2020 04:38:12 GMT):
Thanks for your inputs. Is there any detailed document available related to indy annon credentials process ?

swcurran (Fri, 10 Jan 2020 04:40:05 GMT):
Probably best is here: https://github.com/hyperledger/indy-sdk/tree/master/docs/design/002-anoncreds There are other indy-sdk design documents in that folder.

Yoroitchi (Fri, 10 Jan 2020 07:50:21 GMT):
Thank you for your answer. I'm running the agent localy. What do you mean by "outside agent" ?

Yoroitchi (Fri, 10 Jan 2020 08:05:34 GMT):
I'm running an instance of the web agent sample and an instance of my agent.

tomislav (Fri, 10 Jan 2020 15:52:26 GMT):
The problem looks like the web agent can't reach the endpoint of the other agent

Yoroitchi (Fri, 10 Jan 2020 17:03:44 GMT):
Ok, here's what I did. I create an invitation message with the agent made with latest Aries version (let's call it Agent A). Then I view it with the second agent, the one made with Agent Framework (let's call it Agent B). Until then, everything works perfectly. Then I try to accept the invitation but it fails, displaying the IOException. Wireshark see the POST, and the the invitation state goes to Negotiating. Do you have an idea on where should i look to fix this ? I don't fully understand what I'm doing to be honest, so I'll take any idea on where to look.

Yoroitchi (Fri, 10 Jan 2020 17:03:44 GMT):
Ok, here's what I did. I create an invitation message with the agent made with latest Aries version (let's call it Agent A). Then I view it with the second agent, the one made with Agent Framework (let's call it Agent B ). Until then, everything works perfectly. Then I try to accept the invitation but it fails, displaying the IOException. Wireshark see the POST, and the the invitation state goes to Negotiating. Do you have an idea on where should i look to fix this ? I don't fully understand what I'm doing to be honest, so I'll take any idea on where to look.

tomislav (Fri, 10 Jan 2020 18:17:37 GMT):
Interesting. Are you able to at least create and accept invitation on the same agent using the web agent sample for .net?

tomislav (Fri, 10 Jan 2020 18:18:22 GMT):
Can you also send the invitation data you're trying to paste in to the web sample?

Yoroitchi (Fri, 10 Jan 2020 18:21:26 GMT):
With agent B everything works fine, it can connect to itself

Yoroitchi (Fri, 10 Jan 2020 18:22:40 GMT):
I'm not sure to fully understand your second question. Am i able to paste the invitation message from agent A to agent B ?

tomislav (Fri, 10 Jan 2020 18:23:20 GMT):
No I meant can you send the invitation data that you're pasting in here. Id like to see if something may be causing the agent to break

Yoroitchi (Fri, 10 Jan 2020 18:27:13 GMT):
I'm working on it may take some time

tomislav (Fri, 10 Jan 2020 18:28:53 GMT):
No worries. If you're using the latest version of acapy, this may be related to the difference in the Forward message format. If you could, try running the sample from this repo and branch which has the updated format. https://github.com/streetcred-id/aries-framework-dotnet/tree/sample-update

tomislav (Fri, 10 Jan 2020 18:29:20 GMT):
make sure to switch to branch "sample-update"

Yoroitchi (Fri, 10 Jan 2020 18:46:29 GMT):
So the uri is this one http://localhost:7000?c_i=eyJsYWJlbCI6Ik15QWdlbnQiLCJpbWFnZVVybCI6bnVsbCwic2VydmljZUVuZHBvaW50IjoiaHR0cDovL2xvY2FsaG9zdDo3MDAwIiwicm91dGluZ0tleXMiOlsiQWRKcnNhYlRQbTJYSGRUcEY1MmoyRm5xTUNxRVBOcEN5YnpjN0xTaURvUGsiXSwicmVjaXBpZW50S2V5cyI6WyJEQlFzRFlDTWVtN25NNXptckg3WldlRFpZQmtMejh1WEpIM2ZSZkNjZXZtWSJdLCJAaWQiOiJhZGUzMzFjYS1mOWY1LTQ5M2UtODhkMy03OTNkMzlmYzRjZTkiLCJAdHlwZSI6ImRpZDpzb3Y6QnpDYnNOWWhNcmpIaXFaRFRVQVNIZztzcGVjL2Nvbm5lY3Rpb25zLzEuMC9pbnZpdGF0aW9uIn0

tomislav (Fri, 10 Jan 2020 18:48:55 GMT):
Yes. Is this the agent from the container?

Yoroitchi (Fri, 10 Jan 2020 18:50:49 GMT):
I don't think so, which container ?

tomislav (Fri, 10 Jan 2020 18:51:27 GMT):
Using `docker-compose up`. It starts two agents on ports 7000 and 8000 that can be used to connect to each other

Yoroitchi (Fri, 10 Jan 2020 18:52:01 GMT):
The port is a coincidence, sorry about that

tomislav (Fri, 10 Jan 2020 18:52:35 GMT):
Let's take this chat to DM, so we don't flood the channel

lijiachuan (Sat, 11 Jan 2020 09:59:06 GMT):
Hi @tomislav , am following the sample to build my app from scratch, I may raise lots of questions here, hope you could help on this. My first encountered question is in Startup.cs, below codes are there, am not sure what does DI mean, and why do we need these two services. Kindly advise. Thanks. // Register custom handlers with DI pipeline services.AddSingleton(); services.AddSingleton();

lijiachuan (Sat, 11 Jan 2020 10:59:46 GMT):
ok, I saw the steps to create message protocols part, so I think these two messages type are created here, but still not sure DI's meaning, still need your advise.

lijiachuan (Sat, 11 Jan 2020 11:00:38 GMT):
then another question is in CustomMessageTypes.cs, whether below did:sov is also applicable for Indy? BasicMessageType = "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/basicmessage/1.0/message";

lijiachuan (Sat, 11 Jan 2020 11:52:51 GMT):
in TrustPingMessageHandlers.cs, there is one line of code var pingMessage = messageContext.GetMessage(); But seems new agent framework's MessageContext doesn't have GetMessage function, may I know how should I change for it?

lijiachuan (Sat, 11 Jan 2020 12:11:14 GMT):
in ConnectionsController.cs, there is one line of code private readonly WalletOptions _walletOptions; But there is no WalletOptions in Hyperledger.Aries.Models, if refer to old framework, may I know where should I find it?

lijiachuan (Sat, 11 Jan 2020 12:13:38 GMT):
still in ConnectionsController.cs, there is one line of code return invitation.ToJson().ToBase64(); But there is no ToJson function defined in ConnectionInvitationMessage

victor.martinez (Sun, 12 Jan 2020 11:27:52 GMT):
@danielhardman @swcurran Thanks a lot for your detailed explanation.

AdrienViolet (Mon, 13 Jan 2020 09:11:52 GMT):
Hi I am Adrien, I am trying to integrate the lib VCX into an Android app, I have been able to find the prebuilt version here https://repo.sovrin.org/android/libvcx/stable/0.6.1/ But when I try to load I am getting some errors. Can someone help me or direct me to right documentation? Cheers

amarts (Mon, 13 Jan 2020 09:33:57 GMT):
@AdrienViolet I too had similar issue... not able to resolve still..

AdrienViolet (Mon, 13 Jan 2020 09:40:50 GMT):
I am getting this kind of error, I am not an expert in the field of Android NDK but it seems that the libvcx is referencing a specific ndk method that is not present in the version I am using `java.lang.UnsatisfiedLinkError: dlopen failed: cannot locate symbol "_ZNSt6__ndk15ctypeIcE2idE" referenced by` Maybe it could help if we could know what version of the NDK they used to build this lib

swcurran (Mon, 13 Jan 2020 19:41:57 GMT):
The ACA-Py (aries-cloudagent-python) team has created the ACA-Py User Group (ACA-Pug) has add three new resources for community members interested in learning about using and contributing to the ACA-Py Aries sub-project: First, there is a new rocketchat channel #aries-cloudagent-python available specifically for discussion about using and extending ACA-Py. Next, we'll be holding bi-weekly ACA-Pug meetings, starting on Wednesday, January 22, at 11am Pacific -- the slot immediately prior to the Aries Working Group meeting. Zoom info: https://zoom.us/j/900111661 Finally, we've create an ACA-Pug Hyperledger wiki page about the project that will be used to manage and document the meetings and as another starting point for discovering ACA-Py. Checkout the page, the meeting appointment information and the new ACA-Pug logo at: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24780322 If you are interested in ACA-Py, please use (and contribute to) those resources!

swcurran (Mon, 13 Jan 2020 19:41:57 GMT):
The ACA-Py (aries-cloudagent-python) team has created the ACA-Py User Group (ACA-Pug) has add three new resources for community members interested in learning about using and contributing to the ACA-Py Aries sub-project: First, there is a new rocketchat channel #aries-cloudagent-python available specifically for discussion about using and extending ACA-Py. Next, we'll be holding bi-weekly ACA-Pug meetings, starting on Wednesday, January 22, at 11am Pacific -- the slot immediately prior to the Aries Working Group meeting. Zoom info: https://zoom.us/j/900111661 Finally, we've create an ACA-Pug Hyperledger wiki page about the project team will use to manage and document the meetings and as another starting point for discovering ACA-Py. Checkout the page, the meeting appointment information and the new ACA-Pug logo at: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24780322 If you are interested in ACA-Py, please use (and contribute to) those resources!

shubhamchaudhari (Tue, 14 Jan 2020 06:27:57 GMT):
Hi all, Can I refer to "https://github.com/hyperledger/education/tree/master/LFS171x/indy-material/nodejs" repository for implementation of agent in node? Is it good enough?

priyashankar (Tue, 14 Jan 2020 10:07:50 GMT):
@tomislav In this case, for each Mobile Agent, there is a dedicated Cloud Agent due to which the Cloud Agent knows who to forward the message to. Consider the situation when there are multiple Mobile Agents tied to a single Cloud Agent. What happens with that?

Yoroitchi (Tue, 14 Jan 2020 10:52:20 GMT):
Hello team. Is it possible to retrieve a credential definition ID from a CredDef made in indy-cli ?

JavierVela (Tue, 14 Jan 2020 15:02:20 GMT):
Hi all. I have a use case where I would need to use a single Aries cloudagent to manage multiple identities (each one with its own wallet and keys). Currently we are thinking of starting a Docker container with the aca-py software but that would present problems as we have thousands of users and currently the mobile application cannot have native code to comunicate with the company cloud agents. There is any way to adapt the Aries Cloud Agent to run with multiple wallets instead of having hundreds (or thousands) of them? I have seen that in the Faber/Acme demo it starts a Cloud Agent per entity, and in the iiwbook demo they use the .NET aries framework for the mobile. Also I am seeing multiple commits around VCX in libindy. Would it make sense to use VCX for the users code instead of the Aries Cloud Agent? According to this VCX does not support messaging with the aca-py agent: https://jira.hyperledger.org/browse/IS-1377

swcurran (Tue, 14 Jan 2020 15:19:51 GMT):
No, don't use it. It's using very old code and while good for showing concepts, you don't want to build on it. It's definitely not Aries compatible. If you want to use node and aren't building a mobile agent, I recommend you use ACA-Py (https://github.com/hyperledger/aries-cloudagent-python) and create a node controller. We have a current pull request to the repo that provides examples of controllers in node, angular and .NET.

swcurran (Tue, 14 Jan 2020 15:23:57 GMT):
ACA-Py does not yet support that use case as you describe, but we are planning to do some work in that area for that exact use case. We have used ACA-Py for a single wallet/millions of credentials use case that showed it scales on Kubernetes quite nicely. We have some ideas on how to do that for the mobile mediator use case. We've started ACA-Pug (User Group) (announcement above ^^^^) and that's one of the topics at the first meeting. If you want to get a jump start, use the #aries-cloudagent-python channel to discuss.

troyronda (Tue, 14 Jan 2020 15:32:17 GMT):
Aries Framework Go weekly planning starting: https://wiki.hyperledger.org/display/ARIES/Framework+Go+Meetings

JavierVela (Tue, 14 Jan 2020 15:36:45 GMT):
Thanks for your prompt answer! For the moment I am going to write some custom container manager to fire and kill containers with aca-py on the fly until a better solution is available. Just to ensure I am in the right path, I assume is better to start multiple docker containers with aca-py than trying to write VCX code that works with aries cloud agent, no?

swcurran (Tue, 14 Jan 2020 15:42:32 GMT):
I think that's the right short term answer - please share when you do that. I would not recommend that you write the VCX code to be compatible, but I believe that Evernym has been working on that and it will be available Real Soon Now.

PatrikStas (Tue, 14 Jan 2020 16:40:39 GMT):
The mentioned jira ticket is in `unresolved` state but as far as I know VCX generally works with ACA-py ( Evernym demo-ed here https://youtu.be/OSpssHQXlOI?t=516 ). Just keep in mind the limitations mentioned in the ticket, I think those still apply.

Silona (Tue, 14 Jan 2020 16:48:59 GMT):
Help Us Help you! Attend the Developer Relationship Meeting with Myself and our Marketing Dept. tomorrow at 9:00am Pacific Time. For the agenda and Dial in info https://wiki.hyperledger.org/display/Marketing/2020-01-15+Meeting+notes

Silona (Tue, 14 Jan 2020 17:00:54 GMT):
Calling all Projects! We will have a special Kiosk setup at Hyperledger Global Forum for Projects. We are asking that all projects sign up to do 10 minute presentations. https://wiki.hyperledger.org/display/HGF/Projects+Kiosk We will close this page on Feb 28 for printing reasons.

Silona (Tue, 14 Jan 2020 17:02:24 GMT):
Calling all Projects, SIG, and WG!!! We will have a Video recording Studio setup at HGF (Hyperledger Global Forum). We are asking that all projects and groups help us create a 5 minute video about your group so that we can promote it afterward. Sign up Here!

Silona (Tue, 14 Jan 2020 17:03:37 GMT):
https://wiki.hyperledger.org/display/HGF/Video+Recording+Schedule

justformorefun (Wed, 15 Jan 2020 01:44:47 GMT):
hi, all. I have some stupid questions on decentalized identity foundation(DIF). DIF has no official channel like this one. So I post my question here. The following is my questions: As an organization, if want to join DIF to become a member, is there any fees to be paid? if needed, how much per year and what would be the benefit of this behaviour for an org? thanks for any replies.

swcurran (Wed, 15 Jan 2020 03:44:23 GMT):
They have a slack channel - not sure how access is provided. Yes, there are annuals fees to join that scale by the size of the organization. If you are interested in being a contributor to the DIDComm Working Group, you can also contribute as an individual if you sign the appropriate Intellectual Property release.

justformorefun (Wed, 15 Jan 2020 04:40:19 GMT):
I cannot find chat channel on DIF site, could you please post a slack link to me? @Stephen Curran

swcurran (Wed, 15 Jan 2020 04:51:19 GMT):
The slack channel is difdn.slack.com, but I don't know what is necessary to get an account. There is a web form to "ask about membership in DIF" that you can use to get in contact with those running it.

justformorefun (Wed, 15 Jan 2020 04:57:31 GMT):
yes. i will try. thanks a lot.

shubhamchaudhari (Wed, 15 Jan 2020 05:35:40 GMT):
Thanks @swcurran for your prompt reply.

shubhamchaudhari (Wed, 15 Jan 2020 05:52:41 GMT):
but if I want to develop an edge agent for an organisation in that scenario what you will suggest @swcurran ?

jljordan_bcgov (Wed, 15 Jan 2020 14:27:33 GMT):
Depending on what you mean by edge agent ... if you mean for an enterprise to be able to connect existing enterprise software (say like the software they use to issues insurance policy cards) then ACA-Py is designed for that. It is a full agent and has an API which can be used by existing enterprise software.

swcurran (Wed, 15 Jan 2020 14:47:03 GMT):
f you mean mobile agent - the only complete choice is to use aries-framework-dotnet with Xamarin. The OSMA agent is an open source mobile wrapper for Xamarin around aries-framework-dotnet (or perhaps it's predecessor - agent-framework from streetcred). https://github.com/mattrglobal/osma aries-framework-dotnet was contributed by Streetcred from the agent-framework code base. OSMA should be updated to use the contributed code.

swcurran (Wed, 15 Jan 2020 14:47:57 GMT):
If you want to do a native app (e.g. react native), there are components around Indy that AFAIK are not available in open source and so there is not a complete solution available yet.

esplinr (Wed, 15 Jan 2020 15:00:45 GMT):
Starting the Aries WG A call: https://zoom.us/j/244779296

domwoe (Wed, 15 Jan 2020 17:16:27 GMT):
The DIDcomm protocols in Aries are based on repudiable authenticated encryption. Assuming I'm a relying party and I've received two different proofs over the same connection. Am I able to prove to a third party that both presentations are provided by the same entity?

filip.burlacu (Wed, 15 Jan 2020 20:00:51 GMT):
Not if all you have are the messages - since you as the recipient could forge the messages. You would not be able to forge valid proofs from someone else without the relevant secrets however, so if the proofs you've been given provide an assertion of their origin then you could prove the proofs came from a particular source to a third party

jljordan_bcgov (Wed, 15 Jan 2020 20:12:30 GMT):
Verifiable credential exchange protocols (issuance, presentation requests, proofs) are separate from the DIDComm protocols

jljordan_bcgov (Wed, 15 Jan 2020 20:12:57 GMT):
It seems like this question is crossing those two sets of protocols over .. but perhaps I misunderstand the questino

jljordan_bcgov (Wed, 15 Jan 2020 20:12:57 GMT):
It seems like this question is crossing those two sets of protocols over .. but perhaps I misunderstand the question

jljordan_bcgov (Wed, 15 Jan 2020 20:15:47 GMT):
ZKP/Indy Proofs contain a blinded link secret which a verifier can make use of to verify that the holder is common across offered proofs, the issuer of the credentials.. if that is what is in question .. are these credentials from the same issuer .. then within the proofs there will be a reference to the credential definitions used to issue the credential, these definitions can be resolved from the ledger and the DID of the credential definition issuer can be used to determine the origin of the credentials .. hope that makes sense and is right :0

filip.burlacu (Wed, 15 Jan 2020 21:33:16 GMT):
@TelegramSam so, mental models! I'd like to hear about yours :)

swcurran (Wed, 15 Jan 2020 21:44:37 GMT):
I think the answer to the original question is no - you can't prove to a third party using just the proofs that they came from the same entity. Of course that assumes the claims in the proof are anonymous (the proof does not contain a claim that is a unique identifier). The connection across which the proof was received has no bearing on the the guarantees provided in the proof. Further, since the messages in which the proofs came are repudiable, they would not help you prove to a third party. Note - there is a capability to send a message that is non-repudiable in DIDComm, so with that, you could proof to a third party that the proofs came from the same party. The proofs themselves would have the same properties.

swcurran (Wed, 15 Jan 2020 21:46:22 GMT):
I'm not sure how in the currently used Aries messages if the non-repudiable message flag is exposed.

pknowles (Wed, 15 Jan 2020 22:01:06 GMT):
The word _encode_ is used for both _binary-to-text encoding_ (e.g. sha256) and _character encoding_ (e.g. utf-8). Having spoken to @kdenhartog , we decided that it would make sense to change the name of the current "encode overlay" to "character overlay" so that we have room to manoeuvre when we start working in the _binary-to-text encoding_ space. In other words, we will eventually have both a "character overlay" and a "binary-to-text overlay". Problem solved. Thanks, Kyle.

HLFPOC (Thu, 16 Jan 2020 04:41:06 GMT):
I also need to perform same functionality. Need some guidance around this. In my use case: 1. Govt issues cred_1 to Alice. Faber sends proof request (of cred_1 from Govt) to Alice in order to issue cred_2. 2. Alice responds to the proof request by sharing her cred_1. Faber verifies the proof. 3. After verification, Acme sends proof request to Faber (Acme needs cred_1 of Alice and some other value from Faber) in order to issue cred_3. 4. Faber responds to this proof request. Acme validates this request and issues cred_3 to Faber. 5. Faber then finally issues cred_2 to Alice. According to point 3, is it possible for Faber to share Alice's cred_1 on the proof request sent by Acme and can Acme verify the attached proofs? If not, what should be the recommended approach to handle such scenarios ? Basically, what I want is, Faber should be able to attach and present credentials on behalf of Alice (shared by Alice to Faber in proof req) to Acme's proof request. And Acme should be able to verify those credentials.

HLFPOC (Thu, 16 Jan 2020 04:41:06 GMT):
I also need to perform same functionality. Need some guidance around this. In my use case: 1. Govt issues `cred_1` to Alice. Faber sends proof request (of `cred_1` from Govt) to Alice in order to issue `cred_2`. 2. Alice responds to the proof request by sharing her `cred_1`. Faber verifies the proof. 3. After verification, Acme sends proof request to Faber (Acme needs `cred_1` of Alice and some other value from Faber) in order to issue `cred_3`. 4. Faber responds to this proof request. Acme validates this request and issues `cred_3` to Faber. 5. Faber then finally issues `cred_2` to Alice. According to point 3, is it possible for Faber to share Alice's `cred_1` on the proof request sent by Acme and can Acme verify the attached proofs? If not, what should be the recommended approach to handle such scenarios ? Basically, what I want is, Faber should be able to attach and present credentials on behalf of Alice (shared by Alice to Faber in proof req) to Acme's proof request. And Acme should be able to verify those credentials.

swcurran (Thu, 16 Jan 2020 05:28:08 GMT):
No, step 3 is not possible (cryptographically), and it goes against the principles of SSI. If Acme needs proof of cred1, they need to ask Alice - the holder. Faber should not be presenting credentials issued to Alice to anyone. Can you provide more more about why Acme needs the proof from Faber about a credential issued to Alice?

HLFPOC (Thu, 16 Jan 2020 05:38:33 GMT):
yes, agree with your points, but what I want to achieve is, Alice should be able to give consent to Faber to use her credentials (which I believe will be one time activity for her) and should not directly connect with other entities like Acme, XYZ etc and these entities can verify the proofs shared by Faber.

swcurran (Thu, 16 Jan 2020 05:49:31 GMT):
What you probably want is delegatable credentials (aka Chaining Credentials) - see aries-rfcs 0104. https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0104-chained-credentials This feature is not in Indy/Aries today, but is coming. It is scheduled to be in the next Ursa (very soon), but it will take longer to get into Indy/Aries. I still don't get what the use case (business case) is. I could envision a few, but your phrasing makes it seem that Alice is giving control away to Faber. With Delegatable Credentials, she would have revocation capabilities such that she could take back control when needed.

parthibanselvaraj (Thu, 16 Jan 2020 06:11:06 GMT):
Has joined the channel.

priyashankar (Thu, 16 Jan 2020 08:09:49 GMT):
Can anybody help me in understanding how to configure a mediator agent to enable mobile agent communication. I have this use case in mind when multiple mobile agents are tied to "one" mediator agent. Correct me if I'm wrong but I found the following links relevant to the same. https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0046-mediators-and-relays/README.md https://wiki.hyperledger.org/display/ARIES/DIDComm+MediatorRouter

Yoroitchi (Thu, 16 Jan 2020 08:54:03 GMT):
Hello everyone. Can someone explain to me what is the purpose of the Decorator Signature ?

Yoroitchi (Thu, 16 Jan 2020 08:54:03 GMT):
Hello everyone. Can someone explain to me what is the purpose of the Signature Decorator ?

shubhamchaudhari (Thu, 16 Jan 2020 10:22:17 GMT):
thanks @jljordan_bcgov and @swcurran for your guidance

priyashankar (Thu, 16 Jan 2020 12:10:43 GMT):
@shubhamchaudhari Here's a link to a video demonstrating the issuer-holder-verifier loop when considering aca-py agents. This might be helpful. https://drive.google.com/file/d/1bNBMf_zUJFA7glO1pUwvdncXTZU6toMq/view?usp=sharing

priyashankar (Thu, 16 Jan 2020 12:24:09 GMT):
Here's a link to a video demonstrating the ISSUER-HOLDER-VERIFIER Loop using the swagger interface when configuring aca-py agents. https://drive.google.com/file/d/1bNBMf_zUJFA7glO1pUwvdncXTZU6toMq/view?usp=sharing This might be helpful for beginners.

dbluhm (Thu, 16 Jan 2020 16:04:42 GMT):
Identity WG Implementer's call is starting now; join us on zoom at https://zoom.us/j/244779296

TelegramSam (Thu, 16 Jan 2020 17:22:56 GMT):
A few thoughts: First I think of Applications as Protocol Handlers.

TelegramSam (Thu, 16 Jan 2020 17:23:06 GMT):
Protocol handlers can relate to an agent in a few ways:

TelegramSam (Thu, 16 Jan 2020 17:23:27 GMT):
1. Be written into the agent directly. This is very useful for foundational protocols.

TelegramSam (Thu, 16 Jan 2020 17:23:58 GMT):
2. Be loaded at boot time from an external module into an agent. This allows new protocols to be supported without changing the core agent code.

TelegramSam (Thu, 16 Jan 2020 17:25:17 GMT):
Protocol handlers can relate to an agent in a few ways:

TelegramSam (Thu, 16 Jan 2020 17:25:24 GMT):
1. Be written into the agent directly. This is very useful for foundational protocols.

TelegramSam (Thu, 16 Jan 2020 17:25:30 GMT):
2. Be loaded at boot time from an external module into an agent. This allows new protocols to be supported without changing the core agent code.

TelegramSam (Thu, 16 Jan 2020 17:26:17 GMT):
3. Be 'registered' at runtime from an external process.

TelegramSam (Thu, 16 Jan 2020 17:26:40 GMT):
I think (3) is what you are thinking of. Is that correct?

TelegramSam (Thu, 16 Jan 2020 17:27:24 GMT):
1 and 2 are most useful for enterprise agents

TelegramSam (Thu, 16 Jan 2020 17:27:49 GMT):
3 is a model that could serve individuals well, particularly in the case of a mobile device.

filip.burlacu (Thu, 16 Jan 2020 17:28:01 GMT):
> Is that correct? More or less, yeah

TelegramSam (Thu, 16 Jan 2020 17:29:09 GMT):
There is another mode here worth exploring: in some cases, we think of a user having one and only one 'agent'

TelegramSam (Thu, 16 Jan 2020 17:29:40 GMT):
There is space for protocol specific agents: One for handling credentials, another for chat, etc.

filip.burlacu (Thu, 16 Jan 2020 17:30:04 GMT):
however I also see DIDComm as a communication mechanism that offers a lot of strengths, with agents managing the details Then if you want your apps to communicate with each other, and you want the communication to have the features of DIDComm, and you want the connection to be transacted in the way that Aries agents do, then why not use the agent to send/receive messages?

TelegramSam (Thu, 16 Jan 2020 17:30:16 GMT):
This is not unlike having a browser and an email client being separate applications. Both interact with the internet without relying on each other.

TelegramSam (Thu, 16 Jan 2020 17:32:43 GMT):
There are a few ways of using DIDComm for an Application. One can be through registering with an agent. This does require establishing trust between application and the agent. Another could be to just be an agent itself, but only support the protocols you need for the application uses. This is not unlike using an http library in an application.

TelegramSam (Thu, 16 Jan 2020 17:32:57 GMT):
Ultimately, all are workable models.

TelegramSam (Thu, 16 Jan 2020 17:34:25 GMT):
The basic concept is that the mediator needs to have an established connection to the mobile agent, and knows how to identify which mobile agent should be the recipient of a message it's asked to forward.

TelegramSam (Thu, 16 Jan 2020 17:35:38 GMT):
here are two early stage RFCs that describe protocols that can be of use in this scenario: https://github.com/hyperledger/aries-rfcs/blob/master/features/0211-route-coordination/README.md

TelegramSam (Thu, 16 Jan 2020 17:35:56 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/features/0212-pickup/README.md

filip.burlacu (Thu, 16 Jan 2020 17:38:11 GMT):
Exactly, and we wanted to introduce the first option (a way for an application to register with an agent) so you can build and deploy your application and agent separately - ideally, you could deploy your agent in front of your application without changing the application at all.

TelegramSam (Thu, 16 Jan 2020 17:39:42 GMT):
My question then (about the Purpose Decorator) is what advantage it gives over just the protocol message type?

TelegramSam (Thu, 16 Jan 2020 17:40:12 GMT):
(also, it might be useful to write an RFC describing the various ways of plugging in protocol handlers)

filip.burlacu (Thu, 16 Jan 2020 17:41:46 GMT):
hmm, if we support the idea of "external applications registering to receive certain messages" then we might be able to do without the purpose decorator, as long as we can do flexible-enough filtering on the protocol message type

filip.burlacu (Thu, 16 Jan 2020 17:43:38 GMT):
personally, I don't like relying on regex matching within a type string, I'd rather that the system be broken into tokens and matched precisely so you avoid all sorts of problems (two message types happen to repeat a substring you're matching against, for example)

TelegramSam (Thu, 16 Jan 2020 17:44:35 GMT):
the type string is designed with protocolfamily/version/msgtype to allow just that type of matching.

TelegramSam (Thu, 16 Jan 2020 17:45:01 GMT):
you can match all of a protocolfamily, or just specific versions, etc.

TelegramSam (Thu, 16 Jan 2020 17:47:50 GMT):
on external registration, you would specify a list of prefixes you want routed to you. That enables support of multiple protocols or versions to the same application.

filip.burlacu (Thu, 16 Jan 2020 17:55:22 GMT):
I guess the issue then is that a protocol could carry messages of the same format but for different targets for example, the current version of RFC 0335 (HTTP over DIDComm) defines a request type and response type. A request message incoming to an agent could be for any of its registered HTTP applications, and they should be able to specify, in more precision, which messages should go to them

TelegramSam (Thu, 16 Jan 2020 17:56:37 GMT):
in that case, more detail would be needed to filter.

TelegramSam (Thu, 16 Jan 2020 17:57:22 GMT):
you could use the URI of the forwarded request as a filter, but that is beyond the concept of general protocol forwarding.

filip.burlacu (Thu, 16 Jan 2020 17:57:57 GMT):
then we need to define a filtering mechanism which depends on the protocol I guess we can consider that the responsibility of the protocol's RFC

swcurran (Thu, 16 Jan 2020 18:28:41 GMT):
I'll leave @kdenhartog to respond to the question - I think what's in the RFC covers it well. I did want to note that I think the the consensus is that the signature decorator is going away in favour of using an attachment that is signed. Again, Kyle should comment on that - and possibly update the RFC if that is the case.

TelegramSam (Thu, 16 Jan 2020 20:12:19 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24781269

drummondreed (Sun, 19 Jan 2020 17:55:46 GMT):
@Silona Have the Indy and Aries projects signed up? If not, @esplinr should be able to coordinate.

AdrienViolet (Mon, 20 Jan 2020 09:26:36 GMT):
Hi, anyone here is working on a aries framework for Android native (java or kotlin)?

ShamGir (Mon, 20 Jan 2020 09:30:42 GMT):
If you find some solution, then kindly share it with me

gnarula (Mon, 20 Jan 2020 09:58:02 GMT):
I've had some success in invoking libindy over JNI using the Java wrapper. Would that help you?

AdrienViolet (Mon, 20 Jan 2020 10:00:19 GMT):
I had a similar success, however, as far as I understand, the aries protocol is not implemented as part of libIndy. So if you would be using this protocol you would have to re-implement the whole protocol which seems like a sizeable piece of work

gnarula (Mon, 20 Jan 2020 10:05:06 GMT):
that's true indeed. If you're fine with react-native then you might want to have a look at aries-framework-javascript and https://github.com/hyperledger/aries-framework-javascript/issues/12 in particular. aries-framework-javascript itself isn't as mature as the others but it's something that all mobile platforms can benefit from

AdrienViolet (Mon, 20 Jan 2020 10:05:54 GMT):
Unforthunately I have some technical limitation and can only integrate it in a native Android app

Silona (Mon, 20 Jan 2020 16:42:18 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=BZFtTxHuEdKBvaGLM) @drummondreed Not yet but I will start nagging next week if people haven't!

esplinr (Tue, 21 Jan 2020 00:38:36 GMT):
I have it on my todo list, but haven't got to it yet.

esplinr (Tue, 21 Jan 2020 00:39:43 GMT):
All the Aries frameworks except for the Aries-Framework-Go currently use LibIndy. It is expected that LibIndy can be replaced once there are Aries specific shared libraries.

SigmaS 1 (Tue, 21 Jan 2020 11:12:05 GMT):
hey @swcurran are there any predicted dates about the course "Become an Aries Developer" ?

filip.burlacu (Tue, 21 Jan 2020 15:39:56 GMT):
Could I get a recommendation from one of the aries RFCs regulars - should I squash my PR commits, and does the repo have any best practices for PR commit messages? (I noticed that almost all PR commit messages were _very_ short)

filip.burlacu (Tue, 21 Jan 2020 15:46:13 GMT):
@TelegramSam I took a look at removing the purpose decorator from my RFC, and it seems to me like removing it would be more trouble than benefit - if every protocol needs to define a custom mechanism for registering message listeners, rather than having a general mechanism

swcurran (Tue, 21 Jan 2020 16:15:16 GMT):
We're getting there. I think we have a date for release, but it's in the hands of the Linux Foundation. Thanks for asking -- keep pushing.

s.weidenbach (Tue, 21 Jan 2020 16:18:41 GMT):
Is it right that this general revocation issue is still existing? Is there anything we could do to help getting this fixed? Our customers would love to use revocation in our product in production.

drummondreed (Tue, 21 Jan 2020 16:24:23 GMT):
I have confidence that Richard the Great will get to it :-)

swcurran (Tue, 21 Jan 2020 16:24:45 GMT):
Yup...still no production ready implementations of revocation. A team in the States was working on it, but we've not heard progress. We have a branch in the ACA-Py that has the current state of where we are on it, but we've not had the time.

swcurran (Tue, 21 Jan 2020 16:25:08 GMT):
We'd love to see it created - we definitely need it.

s.weidenbach (Tue, 21 Jan 2020 16:33:12 GMT):
Thank you for the update, Stephen. Are you specifically talking about the missing functionality in ACA-Py or is it related to the buggy proof verification in Ursa that stops working after a second or more credentials have been issued for the same recocation registry?

swcurran (Tue, 21 Jan 2020 16:34:00 GMT):
I'm just talking ACA-Py. I don't know about the latter issue. That makes me sad :-(. Not good...

CHempel (Tue, 21 Jan 2020 16:36:12 GMT):
I've tested it with the indy-sdk without using an aries agent with the same problems as mentioned above. When all but one credentials are revoked, proofs are working again.

swcurran (Tue, 21 Jan 2020 16:37:05 GMT):
Odd. Stephen Klump did a lot on revocation in von-anchor and it was definitely working in his tests.

swcurran (Tue, 21 Jan 2020 16:37:20 GMT):
He hasn't worked on it in some time thought.

swcurran (Tue, 21 Jan 2020 16:37:20 GMT):
He hasn't worked on it in some time though.

sklump (Tue, 21 Jan 2020 17:40:35 GMT):
I may not have tested the same case - I can spend a bit of time trying to reproduce the problem with indy-sdk only.

swcurran (Tue, 21 Jan 2020 20:48:07 GMT):
A reminder that the first bi-weekly ACA-Pug (ACA-Py User Group) meeting will be in about 22 hours, Wednesday 11AM Pacific/2PM Easter (one hour before the Aries B Call). Join in if you are interested in using or contributing to the project. Zoom is: https://zoom.us/j/900111661 Meetings page with link to Agenda: https://wiki.hyperledger.org/display/ARIES/ACA-Pug+Meetings

sklump (Wed, 22 Jan 2020 11:10:52 GMT):
I haven't been able to reproduce this result. I will pare down the code I have to a minimum sample and post it, then we can compare where we diverge.

Yoroitchi (Wed, 22 Jan 2020 15:26:46 GMT):
Hello everyone, when issuing a credential, is it automatically signed by the issuer ? If so, where is the signature ?

sklump (Wed, 22 Jan 2020 15:30:01 GMT):
Sample credential JSON follows, signature is in `credential["signature"]`. ``` credential = { "schema_id": "WgWxqztrNooG92RXvxSTWv:2:sri-authz:1570547413.0", "cred_def_id": "WgWxqztrNooG92RXvxSTWv:3:CL:457:tag", "rev_reg_id": null, "values": { "businessNumber": { "raw": "1337", "encoded": "1337" }, "year": { "raw": "2019", "encoded": "2019" }, "limit": { "raw": "100000", "encoded": "100000" } }, "signature": { "p_credential": { "m_2": "41012351258507321181823608172362324674822005825802116280866995509121718572719", "a": "6195566298504952630622782625013341095142500711628988989435078597537142388159899087737483955463182380334368286798444921951940711350918108793122734098988513059417790458999856526115167008395477738934941146367177985725451152949709655170142174322308115784601615196035163281490742436533171355770285418016731924036854871079626341986873610640607211344589217101225931769457189415603872733551887967813257236596892998012660481637415310782286997962509641937957042454035970694436568926617164202678707020282094179918026754285230423021438399577517326060504682030827439792897167241774232030305165037519382796641273610136497911766649", "e": "259344723055062059907025491480697571938277889515152306249728583105665800713306759149981690559193987143012367913206299323899696942213235956742929827362296639687546828593969812577099", "v": "7952057611442218572638996197826571749269141126007550078733516189666875093538180083960613929322415051108401864162315486841863684163328212930611264947756278669753322186735038690753360437351989038985080030076365424899214686559355813016219799650657316812136200324572541368700190973142296717596330733429872736650178640020636863469812050002666840801875589043536383306621756014347899064664333871126985689774112542330419807992056267385919368579626735456741441382363089691609759598960823172708166137344032600377454961937707112063375612188200841313462132514565045652940428982585054268382909785298556809643913607225685531041990371641627656935731915599008494694911966964574946247860295232711012151726929336169404640517729630106147981889554061414323712726872817760074141884238651340768871507722116741044264246939543214757796613045742" }, "r_credential": null }, "signature_correctness_proof": { "se": "2055167028942324296372380848630661555169601506814478927291742200515961913124678356326446145633590831786702491292385765185281293348247751879055667898718627985332059548992112716004589216128654228976304175214825883125340031655391494257648094888329540325637368799149289711483309159860227763696241400612473069847270946198278756352744078246365242265655334365274760171182878367225308745249088394177933159523156022828629820729393020863811854602541209332470593437332628288038951784155267916599606955810788376246349614683531512627177060781149980707326025066029703264543132922283449205911074212866017615201782960442935077171239", "c": "27947613469590277634502105877376660139540411173610486352596736945722023405729" }, "rev_reg": null, "witness": null } ```

Yoroitchi (Wed, 22 Jan 2020 15:33:38 GMT):
Thank you ! So when using the method createCredentialAsync, the credential issued is automatically signed

sklump (Wed, 22 Jan 2020 15:35:47 GMT):
Yes - otherwise it wouldn't be much of a credential. The signature is a Camenisch-Lysanskaya signature. There is plenty of literature on the algorithm, but it is intense.

Yoroitchi (Wed, 22 Jan 2020 15:37:54 GMT):
You're right. Quick question, how can i retrieve the signature from the credentialRecord ?

sklump (Wed, 22 Jan 2020 15:47:35 GMT):
I need more context than that. No idea what you want here.

Yoroitchi (Wed, 22 Jan 2020 15:54:04 GMT):
When the holder receive the credential, is it possible for him to retrieve the ```signature_correctness_proof```, to print it on his screen for example ?

sklump (Wed, 22 Jan 2020 16:04:32 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/bb86a63d2c9a73f5be009e52c1cd31d6a2c1c29c/aries_cloudagent/protocols/issue_credential/v1_0/models/credential_exchange.py#L57 Get it out of the credential. But what is the user going to do, elliptic curve crypto with 300-digit numbers on a napkin to check? I cannot imagine a use case where showing the signature will provide a humane user experience.

sklump (Wed, 22 Jan 2020 16:04:32 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/bb86a63d2c9a73f5be009e52c1cd31d6a2c1c29c/aries_cloudagent/protocols/issue_credential/v1_0/models/credential_exchange.py#L57 Get it out of the credential. But what is the user going to do, elliptic curve crypto with 600+digit numbers on a napkin to check? I cannot imagine a use case where showing the signature will provide a humane user experience.

Yoroitchi (Wed, 22 Jan 2020 16:05:33 GMT):
I'm dying trying to explain this to my boss

sklump (Wed, 22 Jan 2020 16:07:28 GMT):
Show one to your boss then such as the sample above - maybe he doesn't know what a credential looks like.

sklump (Wed, 22 Jan 2020 16:22:28 GMT):
_update: OK, I've seen some odd things and I don't know what's going on._

s.weidenbach (Wed, 22 Jan 2020 16:25:21 GMT):
OK. So at least we are not alone right now. I filed an ursa bug yesterday. But we are still not sure if it is really ursa-related.

sklump (Wed, 22 Jan 2020 16:27:20 GMT):
I swear this used to work. It must be that von_anchor tests do not exercise this case. I am still flailing a bit in identifying what makes it fail. Yesterday I couldn't make it fail; today I can't make it succeed. Sing ho! for the life.

sklump (Wed, 22 Jan 2020 17:18:57 GMT):
OK, I see that my foray yesterday was off the mark. I am satisfied that you've found something genuinely puzzling. Here is some code to reproduce it. See Olga fail verification after any positive number of revocations until her cred is the only one left unrevoked, then succeed. Source file goes in directory `indy-sdk/wrappers/python/tests/interation/`. https://drive.google.com/open?id=1HY20iVK0Aah2U2dVHUqnN7nM0_jVMSCU

swcurran (Wed, 22 Jan 2020 17:21:23 GMT):
Thanks for creating this, Stephen. I'll open a ticket unless someone wants to jump in. I'll check with Richard on where they want it created.

swcurran (Wed, 22 Jan 2020 17:32:17 GMT):
Reported in JIRA - https://jira.hyperledger.org/browse/IS-1472

swcurran (Wed, 22 Jan 2020 17:36:35 GMT):
Very cool example @sklump! Very nice!

sklump (Wed, 22 Jan 2020 17:37:39 GMT):
I can't take credit for it - the bulk of it is already in the excellent wrapper test.

TelegramSam (Wed, 22 Jan 2020 18:41:45 GMT):
In my opinion, I think that need is far from every protocol.

ajayjadhav (Wed, 22 Jan 2020 19:02:19 GMT):
Hello everyone, AyanWorks is happy to announce our small contribution to the Aries community with the announcement of “ARNIMA”, an open-source React Native SDK for building Aries Mobile Agents. More details here - https://medium.com/@ayanworks/introducing-arnima-aries-react-native-mobile-agent-907c7af02049

swcurran (Wed, 22 Jan 2020 19:40:42 GMT):
Awesome stuff, and I love the name and reason you chose it. Nice!

filip.burlacu (Wed, 22 Jan 2020 21:30:28 GMT):
sorry- should have specified, every protocol that uses the relay-for-external-applications mechanism

swcurran (Wed, 22 Jan 2020 23:14:33 GMT):
Hey Folks, I posted a Status Change request for RFC 0302 Aries Interop Protocol. People should vote, including comments if they have any objection to the set of protocols and versions of protocols that are included in AIP 1.0.0. Once (if) this PR is merged, builders can self-assert adherence to AIP 1.0.0. The goal in future versions of AIP 1.0.0 is that there will be a test suite to demonstrate adherence. *Deadline is 2020.01.30* - we'll discuss in the call next week. PR: https://github.com/hyperledger/aries-rfcs/pull/388

swcurran (Wed, 22 Jan 2020 23:20:20 GMT):
Hey Folks, I posted a Status Change request for RFC 0348 Transition to HTTP-based Message Type. Per the upgrade plan, once this PR is merged, agent builders are expected to upgrade their agent deployments to accept either DID- or HTTP-based Message Type strings by the proposed deadline of 2020.02.29. No deployed agent will send out the new (HTTP) format until after we complete phase 1 of the process. *Deadline is 2020.01.30* for voting on this status change to start the transition. We'll discuss in the call next week. PR: https://github.com/hyperledger/aries-rfcs/pull/388

swcurran (Thu, 23 Jan 2020 16:39:03 GMT):
Folks, an issue has been raised about interop with AIP 1.0.0 regarding specifying the algorithm to use for attribute encoding in Indy credentials. If you are building an agent framework that issues credentials, please monitor and weigh in on https://github.com/hyperledger/aries-rfcs/issues/391.

TelegramSam (Thu, 23 Jan 2020 18:10:03 GMT):
I'm not opposed to the idea, but I do think it needs some name attention. `purpose` is pretty general, and I worry about unintended consequences.

filip.burlacu (Thu, 23 Jan 2020 18:45:19 GMT):
That's fair, I welcome ideas to make the term more specific. It's intended for (external) listeners to register, so maybe something to do with that

TelegramSam (Thu, 23 Jan 2020 19:41:45 GMT):
well, naming things is easy... so... :joy:

TelegramSam (Thu, 23 Jan 2020 19:42:15 GMT):
I'll post ideas here when I get them:

TelegramSam (Thu, 23 Jan 2020 22:23:05 GMT):
Calling for a volunteer: We have a few issues with the GitHub action that is supposed to generate the index.md file in the RFC repo. There are a variety of github configuration issues that have been giving me grief. If you want to help the community by figuring this out, let me know. I'll help you get oriented.

swcurran (Thu, 23 Jan 2020 22:46:31 GMT):
How about we back it out for a bit and leave it on the maintainers to generate and push the index.md after a merge?

swcurran (Thu, 23 Jan 2020 22:46:45 GMT):
Then we can sort out the github action issue separately.

swcurran (Thu, 23 Jan 2020 22:47:09 GMT):
We don't want to go back to everyone generating their own...

TelegramSam (Thu, 23 Jan 2020 22:47:22 GMT):
That's plan B. Plan A is for an excited volunteer.

shubhamchaudhari (Fri, 24 Jan 2020 05:58:39 GMT):
Hello all,``` 1) Can anyone guide me about the agency or how the agency works?``` 2) I think evernym is using the agency but my question is how the message/requests delivered to the mobile app as the mobile is not having persistent end point?``` 3) I checked the QR code data which is displayed for the connection in evernym demo the url is same for all then how it manages which request should be sent to which mobile phone?``` 4) Is it having single cloud agent with multiple wallets for all the mobile users? ``` ``` ``` ```

shubhamchaudhari (Fri, 24 Jan 2020 05:58:39 GMT):
Hello all, 1) Can anyone guide me about the agency or how the agency works? 2) I think evernym is using the agency but my question is how the message/requests delivered to the mobile app as the mobile is not having persistent end point? 3) I checked the QR code data which is displayed for the connection in evernym demo the url is same for all then how it manages which request should be sent to which mobile phone? 4) Is it having single cloud agent with multiple wallets for all the mobile users? 5) If yes then how it manages the keys and wallets?

TelegramSam (Fri, 24 Jan 2020 15:52:45 GMT):
Currently, there is no opensource codebase for an entire agency.

TelegramSam (Fri, 24 Jan 2020 15:53:56 GMT):
An agency typically comprises two things: a routing agent, and cloud agents for customers of the agency.

TelegramSam (Fri, 24 Jan 2020 15:55:02 GMT):
The routing portion could be done with open source codebases- the router itself doesn't hold any user keys itself, it's just a single agent representing the agency with the ability to route inbound messages to others.

TelegramSam (Fri, 24 Jan 2020 16:02:08 GMT):
there are a few conceptual ways to host cloud agents. One is to host actual processes for each user. Another is to swap out the storage layer of running code to represent a new user on demand. Yet another is to connect each inbound request to each user for processing, being careful to separate the data of each user in the backend storage. Note that none of the open source software packages are out of the box capable of any of these options. Custom development would be required for make it work, and make it work at scale.

TelegramSam (Fri, 24 Jan 2020 16:03:26 GMT):
If you are willing to forgo each user having a cloud agent, you can simply route messages for users, and their phone apps retrieve the messages from the routers. This is an active area of development right now. It isn't ideal for all situations, but it's a start.

TelegramSam (Fri, 24 Jan 2020 16:04:39 GMT):
I believe the QR code displayed initiates a connection that is unique, so the non-uniqueness of the QR code is not a concern. The unique relationship is set up which does include a unique key/endpoint situation.

TelegramSam (Fri, 24 Jan 2020 16:45:54 GMT):
Do my answers make sense? Any other questions I can answer?

gnarula (Fri, 24 Jan 2020 19:01:50 GMT):
Hi! I wonder what the reason is for having `64bit_integer_from_unix_epoch` in `sig_data`? My hunch is its a nonce of some sort. Am I missing something?

gnarula (Fri, 24 Jan 2020 19:02:42 GMT):
or perhaps a way of adding the signing timestamp into the signature?

priyashankar (Mon, 27 Jan 2020 08:17:49 GMT):
If I had to list all schemas and credential definitions registered on VON by multiple Cloud Agents, how do I proceed with that?

priyashankar (Mon, 27 Jan 2020 09:41:35 GMT):
Well, I got around with the following solution. The INDY_TXN_TYPE for SCHEMA & CRED_DEF are 101 & 102, respectively. Now, if I query the Ledger Browser at http://localhost:9000/DOMAIN?type=101, I get all available schemas posted on the Ledger.

priyashankar (Mon, 27 Jan 2020 09:41:35 GMT):
Well, I got around with the following solution. The INDY_TXN_TYPE for SCHEMA & CRED_DEF are 101 & 102, respectively. Now, if I query the Ledger Browser at http://localhost:9000/ledger/DOMAIN?type=101, I get all available schemas posted on the Ledger.

Yoroitchi (Mon, 27 Jan 2020 13:30:46 GMT):
Hello everyone, Which type of Message should I use if the holder want to correct a credential offer ? In my scenario, the issuer send a credentialOffer to the holder with attributes already set. In case their is a error in the offer, how the holder can correct it and notify the issuer ? Should i use an offerMessage or a requestMessage ? Or maybe something else?

swcurran (Mon, 27 Jan 2020 14:10:37 GMT):
There is a credential proposal message that should be used. The proposal allows the user to initiate an issue protocol instance and to counter an offer. Details are here: https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential

Yoroitchi (Mon, 27 Jan 2020 14:14:56 GMT):
As far as i know there is no methods in the framework to work with this type of message, is it on purpose ?

swcurran (Mon, 27 Jan 2020 14:18:35 GMT):
You mean in indy-sdk? That is correct. Indy doesn't have that capability. It's provided in Aries.

Yoroitchi (Mon, 27 Jan 2020 14:32:11 GMT):
Even in Aries, the CredentialProposalMessage (https://github.com/hyperledger/aries-framework-dotnet/blob/02617cfa24c796eedfdb9549f9200a92a714e1a2/src/Hyperledger.Aries/Features/IssueCredential/Models/CredentialProposalMessage.cs) is defined. But as i'm reading the rfc you provided, I don't understand in which field the correction should be made.

Yoroitchi (Mon, 27 Jan 2020 14:34:36 GMT):
The rfc mentionned the field `"credential_proposal"`, i guess it's here the correction should be made. But I don't see such a fields in Aries implementation

swcurran (Mon, 27 Jan 2020 14:35:34 GMT):
I'm not familiar with the .NET framework details.

gnarula (Mon, 27 Jan 2020 14:58:51 GMT):
what should be the endianness of this?

Silona (Mon, 27 Jan 2020 22:25:29 GMT):
The Linux Foundation’s CommunityBridge engineers are working on a tool to measure the health of critical open source projects and one of the key areas identified is QA Testing. They request that our communities provide honest and detailed information on testing tools and methodologies you use in your projects for us to come up with a detailed analysis, which they will share with all respondents and projects. https://www.surveymonkey.com/r/9H5G2GV. It’s only 5 questions long.

shubhamchaudhari (Tue, 28 Jan 2020 07:10:34 GMT):
Thanks @TelegramSam for your guidance

sklump (Tue, 28 Jan 2020 14:36:17 GMT):
Note that there are also admin API calls for this: `/schemas/created/`, `/credential-definitions/created`; users can poll each agent.

gnarula (Tue, 28 Jan 2020 16:08:28 GMT):
Is the protocol for routing defined somewhere? `aries-framework-dotnet` uses `did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/basic-routing/1.0/` and ACA-Py uses `did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/routing/1.0`. I'm working on the javascript framework and am confused about what message should my Edge Agent send to the agency to associate routing information? @tomislav @andrew.whitehead

gnarula (Tue, 28 Jan 2020 16:16:43 GMT):
pinging @TelegramSam as well since this is similar to 0211-route-coordination ^

tomislav (Tue, 28 Jan 2020 16:30:35 GMT):
The protocol is not defined. We are using custom protocol types currently that are not interoperable

tomislav (Tue, 28 Jan 2020 16:35:04 GMT):
Would be happy to participate in discussion to standardize this

gnarula (Tue, 28 Jan 2020 16:36:26 GMT):
great! Perhaps we can take this up in a meeting? Is there one scheduled this week?

andrew.whitehead (Tue, 28 Jan 2020 16:37:00 GMT):
The protocol ACA-py uses is documented here at the moment: https://github.com/andrewwhitehead/indy-hipe/tree/inbound-routing-update/text/agent-message-routing

TelegramSam (Tue, 28 Jan 2020 16:47:20 GMT):
This is an excellent topic for tomorrow's call. I'll get it on the agenda.

troyronda (Tue, 28 Jan 2020 16:55:45 GMT):
aries-framework-go used RFC 94 as the reference. (routing/1.0).

troyronda (Tue, 28 Jan 2020 16:55:56 GMT):
We do have an open gap documented here: https://github.com/hyperledger/aries-framework-go/issues/965

troyronda (Tue, 28 Jan 2020 16:55:56 GMT):
We do have a spec question documented here: https://github.com/hyperledger/aries-framework-go/issues/965

troyronda (Tue, 28 Jan 2020 16:55:56 GMT):
We do have a spec question documented here (and its current workaround): https://github.com/hyperledger/aries-framework-go/issues/965

tomislav (Tue, 28 Jan 2020 18:16:07 GMT):
RFC 94 defines just the forward message. I think we have few independent implementations now that is enough material to start talking about this topic. Aries .NET used types are defined here - https://github.com/hyperledger/aries-framework-dotnet/blob/master/src/Hyperledger.Aries.Routing/RoutingTypeNames.cs Implementation was made mostly with mobile edge agents in mind.

troyronda (Tue, 28 Jan 2020 18:21:26 GMT):
(we also used RFC 211 - Route Coordination).

tomislav (Tue, 28 Jan 2020 18:25:09 GMT):
Wasn't aware of that one. I need to up my RFC game. Looks like a good start. Do we need to extend it? Message retrieval types seem to be missing from it

troyronda (Tue, 28 Jan 2020 18:27:48 GMT):
One of the go contributors posted an issue (link above) trying to reconcile these RFCs.

troyronda (Tue, 28 Jan 2020 18:28:34 GMT):
We have completed enough of the implementation to run BDD tests with routers connected to each edge agent.

troyronda (Tue, 28 Jan 2020 18:28:34 GMT):
We have completed enough of the implementation of these RFCs to run BDD tests with routers connected to each edge agent.

TelegramSam (Tue, 28 Jan 2020 18:35:22 GMT):
one method for retrieval is proposed in https://github.com/hyperledger/aries-rfcs/blob/master/features/0212-pickup/README.md

TelegramSam (Tue, 28 Jan 2020 18:37:38 GMT):
This is also on topic for tomorrow's call.

troyronda (Tue, 28 Jan 2020 18:37:41 GMT):
Fresh out of the oven (BDD test description): https://github.com/hyperledger/aries-framework-go/blob/e75dea7c58e3b3d0ea308f21a689395d82016bd3/test/bdd/features/aries_router_e2e_sdk.feature

troyronda (Tue, 28 Jan 2020 18:37:41 GMT):
Fresh out of the oven (passing BDD test): https://github.com/hyperledger/aries-framework-go/blob/e75dea7c58e3b3d0ea308f21a689395d82016bd3/test/bdd/features/aries_router_e2e_sdk.feature

troyronda (Tue, 28 Jan 2020 18:37:41 GMT):
Fresh out of the oven (passing BDD test): https://github.com/hyperledger/aries-framework-go/blob/455855208ddf1e90de75d94352e6129a821c43e9/test/bdd/features/aries_router_e2e_sdk.feature

TelegramSam (Tue, 28 Jan 2020 18:38:58 GMT):
and also related: agents without endpoints: how they should be represented in DIDDocs.

swcurran (Tue, 28 Jan 2020 20:18:22 GMT):
@s.weidenbach @CHempel @sklump - Artem on the Indy team checked out Stephen's example code and found an issue in the parameters passed for the revocation state. See the update to the ticket: https://jira.hyperledger.org/browse/IS-1472. Looks like it's not a bug, but a clarification of how the params are intended to be used.

swcurran (Tue, 28 Jan 2020 20:18:22 GMT):
@s.weidenbach @CHempel @sklump - Artem on the Indy team checked out Stephen's example code about revocation and found an issue in the parameters passed for the revocation state. See the update to the ticket: https://jira.hyperledger.org/browse/IS-1472. Looks like it's not a bug, but a clarification of how the params are intended to be used.

priyashankar (Wed, 29 Jan 2020 08:12:46 GMT):
@sklump Thank you. What do you mean by admin API calls? The mentioned endpoints return schemas or credential definitions created by the agent, itself unlike all available on the ledger.

s.weidenbach (Wed, 29 Jan 2020 08:21:58 GMT):
@swcurran Thats Great! Thank you for the update.

sklump (Wed, 29 Jan 2020 13:51:23 GMT):
Yes, exactly. There is no intelligent way at present to search the whole ledger.

gnarula (Wed, 29 Jan 2020 14:45:30 GMT):
Hi everyone! Here's an edge-agent (made using aries-framework-javascript) that works via a mediator agent (made using aries-framework-dotnet) https://github.com/gnarula/edge-client. It supports real time communication over websockets using SignalR. Hope this helps folks looking to get edge agents working!

gnarula (Wed, 29 Jan 2020 14:46:24 GMT):
P.S. ^ Tested connection protocol and basic message with another ACA-Py agent (with https://github.com/hyperledger/aries-cloudagent-python/pull/240 merged)

gnarula (Wed, 29 Jan 2020 14:48:11 GMT):
PPS: It's a CLI for now. Next step is to get it working on Android

MALodder (Wed, 29 Jan 2020 15:23:43 GMT):
https://github.com/sovrin-foundation/aries-credx-framework-rs

MALodder (Wed, 29 Jan 2020 15:24:21 GMT):
https://lfscanning.org/reports/hyperledger/aries-2020-01-03-728c2729-ffae-467d-8afc-1eff996a3fbe.html

MALodder (Wed, 29 Jan 2020 15:25:53 GMT):
https://github.com/privacypass/challenge-bypass-extension

troyronda (Wed, 29 Jan 2020 20:13:36 GMT):
aries-framework-go v0.1.1 released and notes posted: https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.1

xfreeman (Wed, 29 Jan 2020 23:01:45 GMT):
@dbluhm I installed aries cloud agent(pip ..) and it started smoothly when i try to execute the cron.py example the cloud agent raise an error(). I have a few questions. 1- Do I have to configure an indy pool for the cloud agent? 2- do I need to configure an static connection for the ACA

xfreeman (Wed, 29 Jan 2020 23:01:45 GMT):
@dbluhm I installed aries cloud agent(pip ..) and it started smoothly when i try to execute the cron.py example the cloud agent raise an error(Private key not found for verkey: {}".format(verkey)) aries_cloudagent.wallet.error.WalletError: Private key not found for verkey: 6AxbDSzoDNbmhzs9ns4yYKSN4eufGGHUmcEfKNrvX264 ). I have a few questions. 1- Do I have to configure an indy pool for the cloud agent? 2- do I need to configure an static connection for the ACA

dbluhm (Thu, 30 Jan 2020 00:05:54 GMT):
A pool is not needed and a connection must be established between ACA-Py and the static agent

swcurran (Thu, 30 Jan 2020 00:06:11 GMT):
Hey folks, a notice that Aries Interop Profile (AIP) 1.0 has now been put into the Accepted status. Those implementing agents should follow the guidance in that RFC (and the included links to specific versions of other RFCs) to have the best chance of interoperating with other agent deployments. When you are ready to self-assert that your agent implements AIP 1.0, please submit a Pull Request to add the relevant information about your agent(s) to the "Builders" table in the RFC. Hopefully, when we update to the next AIP version, we'll have a conformance test suite that will enable the eliminate of the self-assertion. https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0302-aries-interop-profile

swcurran (Thu, 30 Jan 2020 00:12:37 GMT):
Hey folks, this is to notify all agent builders that Step 1 of the transition from using "did:sov..." to "https://didcomm.org" as the Aries Message Type prefix has begun. From now until the start of Step 2 of the process, every agent implementation and deployment should be updated to accept messages in either form, while still sending out messages only in the old ("did:sov...") form. When you have completed (and deployed as necessary) the changes for Step 1, please do a pull request to update the builders table. That will help us to decide when to move on to step 2. We'd like to start Step 2 on March 1, 2020. Details of the transition plan are here: https://github.com/hyperledger/aries-rfcs/tree/master/features/0348-transition-msg-type-to-https

dbluhm (Thu, 30 Jan 2020 00:14:14 GMT):
There is a currently disabled rest endpoint for creating a static connection in ACA-py (I can get you a patch to enable it) or you can use the toolbox to create a static connection. There's a bit of extra setup but having the toolbox is handy.

dbluhm (Thu, 30 Jan 2020 00:18:40 GMT):
Depending on what you're hoping to do, I can also suggest other options if you'd like

xfreeman (Thu, 30 Jan 2020 02:30:54 GMT):
i'll give a try to the issue.. Add Feature Discovery Support..but i havent find the information/doc how to setup a connection to the static agent in ACA-py...I will look for what you mentioned...

lauravuo-techlab (Thu, 30 Jan 2020 06:45:18 GMT):
Hello folks! We have been working on a mobile wallet app prototype that can show the received credentials in the UI and also use the credentials for proofs when using (different) credential-supporting services. Lately we’ve encountered some issues related to credential metadata. 1) When rendering the credential in the app UI, we would like to show the issuer logo in view. We would also like to sort (and possibly group) the credential attributes in the order the issuer defines. What we would like to get rid of is to hardcode these rules to the mobile app. 2) There are different kinds of credentials that need different level of security. For example, when verifying a passport (issued by national authority), it may be required that the user is (bio)authenticated by the mobile device when the proof is done to make sure that it is actually the same person using the credential that it was issued to. In the other hand, when a movie ticket is verified, this level of security may not be needed. Does anyone know if we have any way in the Aries/Indy-world to define and provide this kind of credential-related metadata? Thanks!

tomislav (Thu, 30 Jan 2020 13:45:07 GMT):
Indy provides a way to store custom data using the NonSecrets API. Aries implementations leverage this API to store any metadata in the wallet associated to a credential, connection, proof, etc. Aires Framework for .NET, for example, provides a way to attach any metadata to credential records using searchable Tags.

lauravuo-techlab (Thu, 30 Jan 2020 13:47:05 GMT):
But we don't have any schema or agreed convention for this metadata so that it would be compatible between different agents i.e. provers, issuers and verifiers?

TelegramSam (Thu, 30 Jan 2020 13:48:12 GMT):
we have not yet discussed standardizing those things.

TelegramSam (Thu, 30 Jan 2020 13:49:22 GMT):
On the topic of logos: We've been wary of logos as yet, because if done wrong they make phishing/spoofing much easier.

TelegramSam (Thu, 30 Jan 2020 13:50:58 GMT):
I'm hoping that we can end up with a verifiable credential that the issuer holds that contains a logo. The trust for those VCs would be rooted in orgs trusted to prevent copycat logos, etc.

lauravuo-techlab (Thu, 30 Jan 2020 13:55:28 GMT):
Ok, thanks for the answer :thumbsup:

TelegramSam (Thu, 30 Jan 2020 14:09:29 GMT):
Yesterday's B call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=29032776

TelegramSam (Thu, 30 Jan 2020 14:35:19 GMT):
In yesterday's meeting, @danielhardman mentioned that having a step that required acceptance of terms of service would be needed for them to use the protocol (in a bring-your-own-agent scenario). It got me thinking that in addition to the user accepting the mediators terms, it would be cool for the user to present terms the mediator would need to accept. To avoid the complexity of runtime terms evaluation, it seems likely that the mediator would have a list of user-terms they were willing to accept, and the user could indicate which they wished to be in force.

TelegramSam (Thu, 30 Jan 2020 14:35:53 GMT):
Terms would be useful to have in an immutable or content addressable location. As a first version, we may be able to get away with using URIs that link to those policies.

TelegramSam (Thu, 30 Jan 2020 14:36:41 GMT):
Also, it would be awesome if a mediator could get paid for their services. This may not need to be in the same protocol, but we should discuss how that plays.

TelegramSam (Thu, 30 Jan 2020 15:24:38 GMT):
Different Topic: We didn't get time to discuss this in our meeting yesterday, but I wrote up the discussion topic as an issue. How do we handle the URI in a DID Doc Service Block for an edge agent without a URI? https://github.com/hyperledger/aries-rfcs/issues/405

gnarula (Thu, 30 Jan 2020 15:54:59 GMT):
Curious if the endpoint could be the cloud agent's endpoint itself? aries-framework-dotnet does something similar while establishing a connection b/w a mediator and a mobile agent

swcurran (Thu, 30 Jan 2020 15:55:41 GMT):
I think the context is different in this case from what's we've been talking about with logos in the past (which is on connection). Agree that a verifiable credential from an authorized entity about the issuer would be nice, if you have decided to trust the issuer enough to get a credential, getting a logo/background for the credential directly them is likely not a stretch. An Aries protocol for that seems like a good idea. Likewise, we could define protocols that allow us to ask "What credentials do you offer?" via a connection we have made.

swcurran (Thu, 30 Jan 2020 15:55:41 GMT):
I think the context is different in this case from what's we've been talking about with logos in the past (which is on connection - when we know nothing about the entity). Agree that a verifiable credential from an authorized entity about the issuer would be nice, if you have decided to trust the issuer enough to get a credential, getting a logo/background for the credential directly them is likely not a stretch. An Aries protocol for that seems like a good idea. Likewise, we could define protocols that allow us to ask "What credentials do you offer?" via a connection we have made.

swcurran (Thu, 30 Jan 2020 15:55:41 GMT):
I think the context is different in this case from what's we've been talking about with logos in the past (which is on connection - when we know nothing about the entity). Agree that a verifiable credential from an authorized entity about the issuer would be nice and in the future, necessary, if you have decided to trust the issuer enough to get a credential, getting a logo/background for the credential directly them is likely not a stretch. An Aries protocol for that seems like a good idea. Likewise, we could define protocols that allow us to ask "What credentials do you offer?" via a connection we have made.

swcurran (Thu, 30 Jan 2020 15:55:41 GMT):
I think the context is different in this case from what's we've been talking about with logos in the past (which is on connection - when we know nothing about the entity). Agree that a verifiable credential from an authorized entity about the issuer would be nice (and in the future, necessary), if you have decided to trust the issuer enough to get a credential, getting a logo/background for the credential directly them is likely not a stretch. An Aries protocol for that seems like a good idea. Likewise, we could define protocols that allow us to ask "What credentials do you offer?" via a connection we have made.

sklump (Thu, 30 Jan 2020 16:35:27 GMT):
I think that's more of a message than a protocol (it's stateless), and it's already in place in aca-py - but it's by cred def id, which may not be what you have in mind here.

tomislav (Thu, 30 Jan 2020 16:36:15 GMT):
@swcurran I have thoughts on a possible solution

swcurran (Thu, 30 Jan 2020 16:38:58 GMT):
How about starting with a hackmd.io doc to start?

swcurran (Thu, 30 Jan 2020 16:38:58 GMT):
How about starting with a hackmd.io doc?

swcurran (Thu, 30 Jan 2020 16:46:41 GMT):
That would be what the Mobile Agent would use for connection with other agents. I think Sam is talking about between the Mobile Agent and its mediator - or perhaps a service that it wants to use as its mediator.

swcurran (Thu, 30 Jan 2020 16:46:41 GMT):
That would be what the Mobile Agent would use for connections with other agents. I think Sam is talking about between the Mobile Agent and its mediator - or perhaps a service that it wants to use as its mediator.

daveek (Thu, 30 Jan 2020 17:13:56 GMT):
raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host 127.0.0.1:9000 ssl:default [Connect call failed ('127.0.0.1', 9000)]

daveek (Thu, 30 Jan 2020 17:16:14 GMT):
In /demo, runners.faber is not running and showing me this error but runners.alice is running fine. raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host 127.0.0.1:9000 ssl:default [Connect call failed ('127.0.0.1', 9000)]

MALodder (Thu, 30 Jan 2020 17:35:23 GMT):
what is the RFC for establishing a new connection?

MALodder (Thu, 30 Jan 2020 17:35:48 GMT):
there are a lot of RFC's and trying to trace through the aries-rfcs repo isn't easy

andrew.whitehead (Thu, 30 Jan 2020 17:38:05 GMT):
@MALodder Yes, to be superceded by did-exchange at some point

swcurran (Thu, 30 Jan 2020 18:46:30 GMT):
Likely you are not running an instance of a ledger - e.g. von-network. Faber is issuing credentials so must write data to a ledger, while Alice is not.

swcurran (Thu, 30 Jan 2020 18:47:15 GMT):
At some point in the future. If you want to work with AIP 1.0 compatible clients, you need to use 0160.

daveek (Thu, 30 Jan 2020 19:13:24 GMT):
indy_pool is running... is von-network is also must?

daveek (Thu, 30 Jan 2020 19:14:46 GMT):
and also when i try to run postgres, it show me this error

daveek (Thu, 30 Jan 2020 19:14:49 GMT):
docker: Error response from daemon: Conflict. The container name "/some-postgres" is already in use by container "f02cbd47c47a1955df85a64b733b9c043c7831109614db4694b2b2c862c99b39". You have to remove (or rename) that container to be able to reuse that name.

daveek (Thu, 30 Jan 2020 19:37:00 GMT):
I cloned the von-network, install all the requirnments

daveek (Thu, 30 Jan 2020 19:37:21 GMT):
it gives me this error, when i'm trying to run it

daveek (Thu, 30 Jan 2020 19:37:32 GMT):
File "/home/mypc/Documents/von-network-master/server/server.py", line 52 async def index(request): ^ SyntaxError: invalid syntax

swcurran (Thu, 30 Jan 2020 19:37:41 GMT):
You can use a different pool by using an envrionment variable to indicate where the genesis file is. It defaults to assuming you are using von-network (hence the ":9000" reference). Format is something like: GENESIS_FILE= ./run_demo faber The second error is likely because you have it running multiple times. To check what docker things are happening use something like this: `docker ps;echo "";docker volume ls;echo "";docker network ls`

swcurran (Thu, 30 Jan 2020 19:39:20 GMT):
By using that environment variable, you don't have to use von-network.

andrew.whitehead (Thu, 30 Jan 2020 19:39:25 GMT):
I don’t think indy-pool will work as the demo agent registers its own DID. The von-network issue is due to running an old python version. It’s easier to use the docker deployment

daveek (Thu, 30 Jan 2020 20:08:37 GMT):
installed the docker-composer, build the ./manage in docker .... now, on ./manage.start .... it give me this error

daveek (Thu, 30 Jan 2020 20:08:42 GMT):
ERROR: for von_node1_1 Cannot start service node1: driver failed programming external connectivity on endpoint von_node1_1 (27b4e5ca519f30f683eb85b8877f818fdc2d443a66daa38f38d7c4b768a852ff): Bind for 0.0.0.0:9702 failed: port is already allocated

daveek (Thu, 30 Jan 2020 20:09:09 GMT):
and localhost:9000, is opening bu the message is 'Error initializing pool ledger'

swcurran (Thu, 30 Jan 2020 20:10:53 GMT):
You have something else running - likely the instance of indy-node you were running before.

daveek (Thu, 30 Jan 2020 20:31:54 GMT):
everything is working fine now, and sorry for being so annoying and asking too many questions

daveek (Thu, 30 Jan 2020 20:33:43 GMT):
if may i ask one thing more... I want to write a simple REST Api to Issue and Revoke Identity... What's the most easiest way to achieve this...

andrew.whitehead (Thu, 30 Jan 2020 20:50:48 GMT):
I'm not sure what you mean by identity. For managing ACA-py you can use the administration API: https://github.com/hyperledger/aries-cloudagent-python/blob/master/AdminAPI.md

daveek (Thu, 30 Jan 2020 21:01:28 GMT):
if i want to write my own Rest Api, then?

daveek (Thu, 30 Jan 2020 21:02:27 GMT):
don't want to rely on this... or i want to create a django site and from this I could add/remove User, Organization etc

andrew.whitehead (Thu, 30 Jan 2020 21:06:42 GMT):
Then you might need to import aries_cloudagent as a python library and go from there, but we don't currently support or document how to do that. Lots of the administration logic is contained in REST API handlers at the moment

daveek (Thu, 30 Jan 2020 21:09:35 GMT):
We are developing an application, in which devices would be able to store their identites, show the prove, organization would be able to add/remove identites...Is arries-cloudagent could handle this?

daveek (Thu, 30 Jan 2020 21:12:25 GMT):
* issuing a credentials, prove them and revoke them

swcurran (Thu, 30 Jan 2020 21:14:01 GMT):
Simple answer is yes. ACA-Py fits very well in an enterprise for managing credentials. The REST API it exposes makes it easy to integrate with existing systems. We've used it for a number of use cases in Government.

xfreeman (Thu, 30 Jan 2020 21:51:29 GMT):
if you could en-light me I would appreciate it, whether via toolbox or the patch or any other way...I installed the toolbox and i saw it has static conection file..i installed the vue visual component of it.. but not working so far(and I tested with dfft versions of node)

b1conrad (Thu, 30 Jan 2020 23:40:04 GMT):
I'm interpreting step 1 to mean that we "MUST update all agent code bases" and we "MUST update all deployments". The first part is easy. The second is surprisingly hard, as we do not have a relationship with whoever has deployed the code, and do not even know, in principle at least, who they are nor how to contact them. Does anyone have a plan for satisfying that last requirement?

swcurran (Thu, 30 Jan 2020 23:52:28 GMT):
Agree that it is difficult. Good idea to think about this now. Ideas: - define some announcement channels that you will use for updates - twitter, rocketchat, blog etc. - whatever is best for your community - document the announcement channels you will use in all the places from which folks get the package or access the documentation. It could be too late now for this instance of the process, but that's why we are trying this - to learn. You should definitely at least define the announcement channels and document them. FYI - github has the "watch" feature and that could be a place. Encourage people to watch for at least the "Releases Only", and use the github release feature as a mechanism.

b1conrad (Fri, 31 Jan 2020 17:20:48 GMT):
Many thanks for those suggestions, Stephen. We've done the code change and are notifying all owner/operators we know. Another question, for ideas about how to _test_ code changes? I took an invitation, modified the `c_i` parameter, and made sure it worked.

swcurran (Fri, 31 Jan 2020 17:26:41 GMT):
That sounds about right, but I would defer to our devs on that. I'll ask them what they did as soon as the work is done in ACA-Py.

TelegramSam (Fri, 31 Jan 2020 19:49:11 GMT):
@swcurran is correct: It cannot be the mediator (cloud agent) endpoint, because it doesn't have one yet.

TelegramSam (Fri, 31 Jan 2020 19:51:23 GMT):
After the agent arranges for routing services from a mediator, it would use that's mediator's endpoint as it makes connections with other agents.

swcurran (Fri, 31 Jan 2020 22:15:47 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.1 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.1. This release has a change that impacts interoperability with other agents in the handling of forward messages (RFC 0094). We'll upgrade our deployed instances of ACA-Py immediately after the public availability of the Streetcred mobile agents in the app stores to retain interoperability. Others should do the same. A list of other changes in the release are in the release notes. We're particularly pleased that the code base now has just a shade under 90% code coverage in unit tests. w00t! Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

b1conrad (Fri, 31 Jan 2020 23:23:20 GMT):
Yet another question. Does the signature type "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/signature/1.0/ed25519Sha512_single" also change? To become "https://didcomm.org/signature/1.0/ed25519Sha512_single". This looks forward to Step 2.

esplinr (Sat, 01 Feb 2020 01:10:49 GMT):
I finally posted the recording for last Wednesday's Aries Working Group A call. Sorry about the delay: https://wiki.hyperledger.org/pages/viewpage.action?pageId=24781339

daveek (Sat, 01 Feb 2020 05:30:17 GMT):
Hi, I have few questions 1- How to dynamically add the agents (users(e.g. alice), organization(e.g. Faber, Achme)), In demo/ there is alice.py, fabir.py, how to add new agent when user/organization signup to app? 2- How would they make connection, exchange credentials and issue identities e.t.c, in demo/ one have to do it manually, is there any option to do it automatically by interacting with frontend? 3- I don't need these too many REST API endpoints (Available in demo/ swagger UI), 3a- How to remove the unnecessary endpoints? 3b- How to add more endpoints? Regards

swcurran (Sun, 02 Feb 2020 22:33:54 GMT):
I've been away for a couple of days. Will respond, but probably not until tomorrow my time.

HLFPOC (Mon, 03 Feb 2020 06:21:02 GMT):
Hi Team, Can we connect and exchange messages between a mobile based agent (built with aries-dotnet-framework (osma app)) and a web based agent (ACA-Py)? I have my web based agent running locally (backed by von-network), so what will be the procedure to connect a mobile agent ( currently using osma app) with web agent? I tried accepting the connection created by web agent from mobile agent but got connection timeout error and it shows `negotiating` state in the app. Have already placed local indy pool genesis file under `osma/src/Osma.Mobile.App.Android/Assets/` directory.

HLFPOC (Mon, 03 Feb 2020 06:21:02 GMT):
@swcurran @tomislav Can we connect and exchange messages between a mobile based agent (built with aries-dotnet-framework (osma app)) and a web based agent (ACA-Py)? I have my web based agent running locally (backed by von-network), so what will be the procedure to connect a mobile agent ( currently using osma app) with web agent? I tried accepting the connection created by web agent from mobile agent but got connection timeout error and it shows `negotiating` state in the app. Have already placed local indy pool genesis file under `osma/src/Osma.Mobile.App.Android/Assets/` directory.

daveek (Mon, 03 Feb 2020 09:51:24 GMT):
Swagger Interface has only send message endpoint in /basicmessage section, is there any way to enable the receive message endpoint?

CyrilLeung (Tue, 04 Feb 2020 09:30:37 GMT):
Hi all, I am Cyril, which interested in aries project. I have play around with VON network and ACA-py. And want to go further on mobile side, I have similar case with @HLFPOC. And I am try to connect ACA-py by using libvcx, but not success, and error raise when finding agent info. Is it I should use the agent in aries framework dotnet to do so ? or Can I ask is coming aries framework go will support libvcx ? thank you very much.

pknowles (Tue, 04 Feb 2020 11:11:03 GMT):
Is there an Aries RFC or community white paper that looks at "Identity proofing" in the context of SSI onboarding?

CHempel (Tue, 04 Feb 2020 14:20:03 GMT):
I'm not sure if this really solves the problem. In my tests, I used the entire time span.

sklump (Tue, 04 Feb 2020 14:38:30 GMT):
I suggest starting with https://github.com/hyperledger/indy-sdk/blob/master/wrappers/python/tests/interation/test_interaction_several_credentials.py and incrementally changing toward your test to see where it goes awry.

swcurran (Tue, 04 Feb 2020 14:43:46 GMT):
There is an incompatibility on forward messages in libvcx with ACA-Py/Aries-Framework-Dotnet prior to the ACA-Py 0.4.1 release (not sure about the A-F-D version). There is work going on with OSMA that should be available fairly soon that brings it up to speed with A-F-D and the latest Aries RFCs (AIP 1.0). The current version is on the agent-framework predecessor of A-F-D.

swcurran (Tue, 04 Feb 2020 14:44:45 GMT):
1 - spin up more agents and connect them using the same techniques as Alice and Faber. There is a demo of adding ACME that talks with Alice and Faber.

swcurran (Tue, 04 Feb 2020 14:46:53 GMT):
2-Yes - build the controller into a GUI. A community member recently did that with the Alice Faber demo. https://github.com/petridishdev/aries-acapy-controllers - this will be soon be in a Hyperledger repo. We've built many web apps around ACA-Py.

swcurran (Tue, 04 Feb 2020 14:48:22 GMT):
3a - you will at sometime need all of those endpoints if you build a sufficiently complete app. But you can hack the ACA-Py code if you want to remove the endpoints.

swcurran (Tue, 04 Feb 2020 14:49:14 GMT):
3b - there is a command line parameter "--plugins" that you can use to add Python external modules to ACA-Py, and in those external modules you can add endpoints.

swcurran (Tue, 04 Feb 2020 14:50:25 GMT):
Events from messages come back to the controller via a webhook interface. Configure your app to receive HTTP requests there and you will receive the basic messages and all of the other events happening in ACA-Py.

TelegramSam (Tue, 04 Feb 2020 17:54:45 GMT):
Try #aries-cloudagent-python for a more focused group on ACApy.

daveek (Tue, 04 Feb 2020 20:25:15 GMT):
What I meant from the first question was, that, when ever a new agent register, will a new port be assigned to agent.. e.g. 5001, 1001.. just as in demo/, script/ with every agent, there is different ports e.g. inbound, outbound, administrated API Swagger UI... How will this be managed in Production with Unlimited User Base....

daveek (Tue, 04 Feb 2020 20:25:15 GMT):
What I meant from the first question was, that, when every a new agent is register, will a new port be assigned to agent.. e.g. 5001, 1001.. just in demo/, script/ with every agent, there is different ports e.g. inbound, outbound, administrated API Swagger UI... How will this be managed in Production with Unlimited User Base....

daveek (Tue, 04 Feb 2020 20:25:15 GMT):
What I meant from the first question was, that, when ever a new agent is register, will a new port be assigned to agent.. e.g. 5001, 1001.. just in demo/, script/ with every agent, there is different ports e.g. inbound, outbound, administrated API Swagger UI... How will this be managed in Production with Unlimited User Base....

daveek (Tue, 04 Feb 2020 20:27:47 GMT):
How the Authentication/Authorization Works? Is there any Document for it?

daveek (Tue, 04 Feb 2020 20:29:37 GMT):
and as you answered to @CyrilLeung, I have a same question, So, I want to create an app which work on web, desktop, mobile and as i'm more ok with python, How would I connect all of these devices and let them interact...?

daveek (Tue, 04 Feb 2020 20:32:13 GMT):
What I was thinking of is, my production code will be running in cloud (developed by ACA-PY), web controller will be connected with it, how about connecting mobile phones and they send/receive requests through HTTP in form of JSON via browser?

domwoe (Wed, 05 Feb 2020 09:36:21 GMT):
We are implementing certificates (not in the sense of x.509 certificates, but more in the sense of ISO or IATF certificates) as verifiable credentials. Those certificates will probably share a common schema, but will be different certificates and we are thinking about the best way to implement them - 1. Define different schemas although they are the same - 2. Specifiy the cerrtificate type as a credential definition tag - 3. Specificy the type of a certificate within the credential, i.e. specifiy a type attribute. We currently tend to implement the 2nd approach. Because it seems valuable to have the information which issuer issues which certificate on the ledger. However, the implementation does not allow to request a certificate of a specific type without specifying the issuer, since we would request by a list of credential definition ids. Has anybody thought about this?

swcurran (Wed, 05 Feb 2020 14:41:40 GMT):
When we think about the claims in a credential, we tend to think of how the holder would be likely to use them. What are the foreseen use cases (easy) and what are some possible ones that aren't intended but could be done. If the verifiers are only within a consortium, it's less of an issue, but if there is a general use for the holder, it's something to consider. Next I would look at what is the obvious pattern that verifiers would expect. On that, I'm torn between 2 or 3 and it's probably a coin toss. In 3, verifiers have to do a claim = value restriction in the proof request, while in 2, they have to know about all the cred defs and restrict on that. Which would you rather use when generating a proof request? Interesting question!

rileyphughes (Wed, 05 Feb 2020 15:37:32 GMT):
We usually do #2 with our use cases. Are you planning to use your own Indy network or a production one like Sovrin? If you're using Sovrin, Option #1 would be quite expensive :smiley:

daveek (Wed, 05 Feb 2020 15:53:54 GMT):
@swcurran how can i make a mobile app using python but not .net?

swcurran (Wed, 05 Feb 2020 16:03:33 GMT):
I've heard there might be a way, but that's a python/mobile question vs. SSI that I know about. Regards questions above: 1. In an enterprise system, you don't need an agent per user in the majority of use cases. Not sure of yours, but for what we do, there can be one agent that scales up as needed - e.g. instances of the agent that are all processing requests, much like a web server. All share a common database (agent storage); protocol state is persisted, so any instance of the agent can handle any request. The authn/authz question is too broad, but if you are looking for Open ID Connect auth with verifiable credentials, you can look at https://github.com/bcgov/vc-authn-oidc. In the /docs folder there is a "DemoInstructions" document that you can run. The multiple host app question is complex and depends on use cases. I would say there has been some theory provided on what to do, but no implementation of which I'm aware. The challenge with your approach (e.g. that the mobile agent is just a UI, with the agent and agent storage/wallet in the cloud) is that the keys are not in the control of the user, they are in the control of the vendor hosting the service. What you want is that the keys are in the direct control of the user and that's hard to do in the cloud service model. And that loss of control may compromise the SSI element of the solution. Something to think about.

daveek (Wed, 05 Feb 2020 16:13:20 GMT):
Thank you, it cleared many of my thoughts, but offcourse its a complex road.. I will love to share what we (with my team) achieve... Best of Luck :)

CyrilLeung (Thu, 06 Feb 2020 01:55:11 GMT):
Thank you @swcurran for explaination, and I had one more follow up question is how to use one agent to serve multiple user? And I should use libindy wrapper instead of libvcx wrapper to connect to the agent(ACA-PY) ? Thanks

domwoe (Thu, 06 Feb 2020 07:51:56 GMT):
Thx @swcurran and @rileyphughes. We are currently on our own testnet, but this might change. #3 is obviously the cheapest (only one schema def and one cred def per issuer) and most flexible solution. However we have to standardize the possible values of the type attribute somewhere else. AFAICT the claim=value restriction is not really implemented in ACA-PY today. The prover would have to set the attribute as a tag and the verifier would set a restriction using the wallet query language. So many things that can go wrong here... Another approach to restrict only on a specific type using #2 would be to match only the tag of the credential definition id. However, currently this also only works if the prover has set the credential definition id as a tag.

TimoGlastra (Thu, 06 Feb 2020 13:16:55 GMT):
Hi all, I've been working with Aries for the last months and are now going to do my thesis on Aries. The question I want to answer is how I can design (and later implement/contribute to) an open source and interoperable Aries Agency so that agents without an inbound route (public endpoint) can receive messages through an agency. Excited to see that in the Working Group meeting from last week this exact topic got discussed and taking inter-vendor edge-agent -> agency setup into account.

TimoGlastra (Thu, 06 Feb 2020 13:17:02 GMT):
Hopefully during (or otherwise afterwards) my thesis I can contribute to the Aries SDK Javascript project and create an Edge Agent (with ARNIMA) -> Agency setup

TelegramSam (Thu, 06 Feb 2020 13:22:37 GMT):
Hi! Awesome work, and your topic of interest is very high right now.

TelegramSam (Thu, 06 Feb 2020 13:23:33 GMT):
In a conversation yesterday I put together a string of RFCs and explanation. Let me transition that to a file I can share that describes how this process could work.

TelegramSam (Thu, 06 Feb 2020 13:39:23 GMT):
Here you are: https://hackmd.io/sdrSodbFRJ2z3ezKLL4f7w

TimoGlastra (Thu, 06 Feb 2020 13:46:30 GMT):
Thanks for the welcoming replies and the document. Will read the document and leave my comments

troyronda (Thu, 06 Feb 2020 14:24:14 GMT):
@TimoGlastra You can also see an agent (without an inbound endpoint) receiving messages via a mediator by running these BDD tests in aries-framework-go: https://github.com/hyperledger/aries-framework-go/blob/master/test/bdd/features/aries_router_e2e_sdk.feature.

troyronda (Thu, 06 Feb 2020 14:25:54 GMT):
BDD instructions are located here: https://github.com/hyperledger/aries-framework-go/blob/master/docs/test/bdd_tests.md

TimoGlastra (Thu, 06 Feb 2020 14:39:31 GMT):
Thanks. I see that in the BDD tests the router always creates the invitation, is this to overcome the problem of missing the serviceEndpoint at the Edge agent side?

MALodder (Thu, 06 Feb 2020 18:44:28 GMT):
I have started work on aries-credx-framework-rs

MALodder (Thu, 06 Feb 2020 18:44:42 GMT):
https://github.com/sovrin-foundation/aries-credx-framework-rs

MALodder (Thu, 06 Feb 2020 18:45:04 GMT):
so far I've mostly just done attribute encodings but I would like to move this to an aries repo for more collaboration

MALodder (Thu, 06 Feb 2020 18:45:26 GMT):
The encodings support both Anoncreds 1.0 from indy and the new anoncreds 2.0

MALodder (Thu, 06 Feb 2020 18:47:35 GMT):
The current encodings for now are: 1- Unsigned integer 2- Signed Integer 3- Floating Point 4- Date string to number of days since 1900 5- Date string to unix timestamp 6- UTF8 string to 32 byte hash

andrew.whitehead (Thu, 06 Feb 2020 20:10:27 GMT):
@MALodder I'm surprised it doesn't have ursa as a dependency, isn't there overlap?

andrew.whitehead (Thu, 06 Feb 2020 20:11:59 GMT):
Does that match the attribute encoding we've been using?

MALodder (Thu, 06 Feb 2020 20:13:04 GMT):
I have written it to be compatible with Anoncreds 1 and 2

MALodder (Thu, 06 Feb 2020 20:13:33 GMT):
This encoding now handles negative numbers

andrew.whitehead (Thu, 06 Feb 2020 20:14:55 GMT):
https://github.com/hyperledger/aries-rfcs/issues/391#issuecomment-578726117

andrew.whitehead (Thu, 06 Feb 2020 20:15:49 GMT):
It's in aca-py and von-anchor, and aries-framework-dotnet

andrew.whitehead (Thu, 06 Feb 2020 20:15:49 GMT):
It's in aca-py and von-anchor, and aries-framework-dotnet, and vcx

MALodder (Thu, 06 Feb 2020 20:16:22 GMT):
does it handle negative numbers for range proofs?

andrew.whitehead (Thu, 06 Feb 2020 20:17:16 GMT):
Not sure. I think the only comparison we have for range proofs is >

andrew.whitehead (Thu, 06 Feb 2020 20:17:16 GMT):
Not sure. I think the only comparison we have available for range proofs is >

MALodder (Thu, 06 Feb 2020 20:17:22 GMT):
mine is based on https://docs.google.com/document/d/1fNJ_gEUnoM0HapC8eu0oF9Zg1eyIA91ZVwmu7fQrMyI/edit

MALodder (Thu, 06 Feb 2020 20:18:07 GMT):
your scheme wouldn't allow 0.0 to be compared to 0

swcurran (Thu, 06 Feb 2020 20:20:47 GMT):
We all just agreed to use the existing scheme for now, so any new schema will have to be versioned with fallback to the existing scheme by default. In other words we'll have to make a community transition, with existing credentials handled using the old scheme.

swcurran (Thu, 06 Feb 2020 20:20:47 GMT):
We all just agreed to use the existing scheme for now, so any new scheme will have to be versioned with fallback to the existing scheme by default. In other words we'll have to make a community transition, with existing credentials handled using the old scheme.

MALodder (Thu, 06 Feb 2020 20:22:11 GMT):
the code is flexible enough to allow that

swcurran (Thu, 06 Feb 2020 20:22:32 GMT):
Here is the current scheme used by the community, including test cases: https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential#encoding-claims-for-indy-based-verifiable-credentials

swcurran (Thu, 06 Feb 2020 20:23:30 GMT):
The new encoding should likely be synchronized to the use of Rich Schemas - which is explicit about what the encoding is in the credential. Any other credential should use the current scheme.

MALodder (Thu, 06 Feb 2020 20:26:04 GMT):
the code I've written so far can incorporate the Anoncreds 1 quickly

swcurran (Thu, 06 Feb 2020 20:34:49 GMT):
Great conversation - good stuff. @troyronda - I saw the line in the meetings notes about the BDD tests you have and this is the second references I've seen since. Looking forward to using those!! Cool!

swcurran (Thu, 06 Feb 2020 20:34:49 GMT):
Great conversation - good stuff. @troyronda - I saw the line in the Aries WG meeting notes about the BDD tests you have and this is the second references I've seen since. Looking forward to using those!! Cool!

swcurran (Thu, 06 Feb 2020 20:34:49 GMT):
Great conversation - good stuff. @troyronda - I saw the line in the Aries WG meeting notes about the BDD tests your team has and this is the second references I've seen since. Looking forward to using those!! Cool!

swcurran (Thu, 06 Feb 2020 20:34:49 GMT):
Great conversation - good stuff. @troyronda - I saw the line in the Aries WG meeting notes about the BDD tests your team has and this is the second reference to those I've seen since. Looking forward to using those!! Cool!

swcurran (Thu, 06 Feb 2020 20:34:49 GMT):
Great conversation - good stuff. @troyronda - I saw the line in the Aries WG meeting notes about the BDD tests your team has and this is the second reference to those I've seen since. Looking forward to using them!! Cool!

smithbk (Fri, 07 Feb 2020 11:25:31 GMT):
Hi all, suppose I receive a request with a service decorator as shown at https://github.com/hyperledger/aries-rfcs/tree/527849ec3aa2a8fd47a7bb6c57f918ff8bcb5e8c/features/0056-service-decorator#tutorial and need to send a response message. What should be in the `~thread.received_orders` field of the response? It is supposed to be of the form `{"":1}`. It seems to me that the service decorator needs a `did` field also.

smithbk (Fri, 07 Feb 2020 11:25:31 GMT):
Hi all, suppose I receive a request with a service decorator as shown at https://github.com/hyperledger/aries-rfcs/tree/527849ec3aa2a8fd47a7bb6c57f918ff8bcb5e8c/features/0056-service-decorator#tutorial and need to send a response message. What should be in the `~thread.received_orders` field of the response as shown at https://github.com/hyperledger/aries-rfcs/tree/64e5e55c123b2efaf38f4b0911a71a1c40a7f29d/concepts/0008-message-id-and-threading#threaded-messages ? It is supposed to be of the form `{"":1}`. It seems to me that the service decorator needs a `did` field also.

smithbk (Fri, 07 Feb 2020 11:25:31 GMT):
Hi all, suppose I receive a request with a service decorator as shown at https://github.com/hyperledger/aries-rfcs/tree/527849ec3aa2a8fd47a7bb6c57f918ff8bcb5e8c/features/0056-service-decorator#tutorial and need to send a response message. What should be in the `~thread.received_orders` field of the response as shown at https://github.com/hyperledger/aries-rfcs/tree/64e5e55c123b2efaf38f4b0911a71a1c40a7f29d/concepts/0008-message-id-and-threading#threaded-messages ? It is supposed to be of the form `{"":1}`, so where do we get the sender's DID in this case?

smithbk (Fri, 07 Feb 2020 11:25:31 GMT):
Hi all, suppose I receive a request with a service decorator as shown at https://github.com/hyperledger/aries-rfcs/tree/527849ec3aa2a8fd47a7bb6c57f918ff8bcb5e8c/features/0056-service-decorator#tutorial and need to send a response message. What should be in the `~thread.received_orders` field of the response as shown at https://github.com/hyperledger/aries-rfcs/tree/64e5e55c123b2efaf38f4b0911a71a1c40a7f29d/concepts/0008-message-id-and-threading#threaded-messages ? It is supposed to be of the form `{"":1}`, so where do we get the sender's DID in this case since the service decorator does not have a DID?

jakubkoci (Fri, 07 Feb 2020 12:43:49 GMT):
I'm happy to announce an open-source React Native wrapper around indy library by Absa. It's for both iOS (Swift) and Android (Java). Any contributions are more than welcome. https://github.com/AbsaOSS/rn-indy-sdk

swcurran (Fri, 07 Feb 2020 17:39:14 GMT):
Good question. Not sure of the answer to that one... What do you think?

smithbk (Fri, 07 Feb 2020 21:00:03 GMT):
I was thinking that we should add a DID to the service decorator, unless someone can think of a better idea

shenoy (Sat, 08 Feb 2020 03:38:41 GMT):
@swcurran any updates on this? Eagerly waiting for LFS173x: Becoming an Aries Developer to come online

jakubkoci (Sat, 08 Feb 2020 10:08:26 GMT):
May I have a question regarding the storage of pairwise connections? I was considering to use pairwise methods in JS framework, but I went through dotnet and aca-py and it seems they use non_secrets instead of pairwise API (thanks @gnarula to pointing out that). Are there any specific reasons? Just to be aware :)

swcurran (Sun, 09 Feb 2020 22:28:08 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.2 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.2. This release improves handling of presentations and restores a route inadvertently dropped in 0.4.1 that handling ephemeral challenges (aka connection-less proof requests). Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

swcurran (Sun, 09 Feb 2020 22:28:08 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.2 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.2. This release improves handling of presentations and restores a route inadvertently dropped in 0.4.1 for handling ephemeral challenges (aka connection-less proof requests). Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

sklump (Mon, 10 Feb 2020 11:41:50 GMT):
>= actually: anoncreds 1.0 does not support range proofs, unless you count MAXINT32 as an upper bound

sklump (Mon, 10 Feb 2020 11:41:50 GMT):
`>=` actually: anoncreds 1.0 does not support range proofs, unless you count MAXINT32 as an upper bound

sklump (Mon, 10 Feb 2020 11:43:05 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/0b3cdc01df02de45831105ef828c5715bb6ac89a/aries_cloudagent/messaging/util.py#L106

Yoroitchi (Mon, 10 Feb 2020 16:43:28 GMT):
hello guys, I am a bit confused about the Credential Definition. Is it one per Issuer or is it one per Credential issued ?

swcurran (Mon, 10 Feb 2020 16:46:23 GMT):
One per issuer per credential type to be issued (schema).

ashlinSajan (Tue, 11 Feb 2020 04:44:43 GMT):
@swcurran @MALodder I was planning to put von network in one system and agent in another system All the node of the von network will be in one system only an agent will run seperately in another system for this do I have to modify the von network? Is it enough to modify the agents code in the demo folder

priyashankar (Tue, 11 Feb 2020 05:06:48 GMT):
Since you will be running VON remotely, in that case you need to pass LEDGER_URL while setting up the demo agents. For example, LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber

priyashankar (Tue, 11 Feb 2020 05:11:09 GMT):
@swcurran @sukalpomitra Good Morning. Is it possible for an aca-py agent to issue a credential to OSMA (Mobile) Agent without having a Mediator in between? The aca-py agent sends a credential offer, but the Mobile Agent does not react to the same. Thanks. What is going wrong here?

sukalpomitra (Tue, 11 Feb 2020 05:13:48 GMT):
Well without a mediator also it should work, just as connection request and response happened. When it comes to credential exchange, please check if the aca-py version that you are suing supports crdential exchange protocol 1.0. Again, I have not tested with the OSMA master branch

sukalpomitra (Tue, 11 Feb 2020 05:13:48 GMT):
Well without a mediator also it should work, just as connection request and response happened. When it comes to credential exchange, please check if the aca-py version that you are using supports credential exchange protocol 1.0. Again, I have not tested with the OSMA master branch

priyashankar (Tue, 11 Feb 2020 05:15:55 GMT):
I was using the /issue-credential/send endpoint and that failed partially. Although, it was successful in sending the offer. FYI, this is with OSMA Master Branch. The logs are down below. Faber | 2020-02-11 04:38:27,162 aries_cloudagent.core.dispatcher ERROR Message parsing failed: Unrecognized message type did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/protocol-discovery/1.0/query, sending problem report Faber | Credential: state = offer_sent , credential_exchange_id = c3714368-8c2d-45fa-b5dd-a9c950c242fe Faber | 2020-02-11 04:42:22,476 aries_cloudagent.core.dispatcher ERROR Handler error: ConnectionManager.get_connection_targets Faber | Traceback (most recent call last): Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 949, in get_connection_targets Faber | targets = await self.fetch_connection_targets(connection) Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 1016, in fetch_connection_targets Faber | did_doc, my_info.verkey, connection.their_label Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 1037, in diddoc_connection_targets Faber | raise ConnectionManagerError("No services defined by DIDDoc") Faber | aries_cloudagent.protocols.connections.manager.ConnectionManagerError: No services defined by DIDDoc Faber | 2020-02-11 04:42:22,479 aries_cloudagent.core.conductor ERROR Error preparing outbound message for transmission Faber | Traceback (most recent call last): Faber | File "/home/indy/aries_cloudagent/core/conductor.py", line 330, in queue_outbound Faber | mgr.get_connection_targets(connection_id=outbound.connection_id) Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 949, in get_connection_targets Faber | targets = await self.fetch_connection_targets(connection) Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 1016, in fetch_connection_targets Faber | did_doc, my_info.verkey, connection.their_label Faber | File "/home/indy/aries_cloudagent/protocols/connections/manager.py", line 1037, in diddoc_connection_targets Faber | raise ConnectionManagerError("No services defined by DIDDoc") Faber | aries_cloudagent.protocols.connections.manager.ConnectionManagerError: No services defined by DIDDoc

sukalpomitra (Tue, 11 Feb 2020 05:16:52 GMT):
Faber | raise ConnectionManagerError("No services defined by DIDDoc")

priyashankar (Tue, 11 Feb 2020 05:17:12 GMT):
I believe /issue-credential/send endpoint automates the entire flow only if --auto-aceept-requests is enabled. Is there a way to do that with OSMA?

sukalpomitra (Tue, 11 Feb 2020 05:17:44 GMT):
@andrew.whitehead can you check the logs once?

sukalpomitra (Tue, 11 Feb 2020 05:18:31 GMT):
I am guessing one error is because of the protocl-discovery is not supported and the other because there is no service endpoint.

priyashankar (Tue, 11 Feb 2020 05:22:13 GMT):
@sukalpomitra You mentioned a service endpoint. How to set that up for OSMA? I was also noticing that OSMA Mobile Agent was failing to create an invitation with the message "No Provisioning Endpoint." Are they somewhat connected?

andrew.whitehead (Tue, 11 Feb 2020 05:22:44 GMT):
Check logs on what? protocol-discovery was renamed to feature-discovery

priyashankar (Tue, 11 Feb 2020 05:24:24 GMT):
@andrew.whitehead Good Morning. @sukalpomitra meant this. https://chat.hyperledger.org/channel/aries?msg=GCXpRs5aZmaRgLQnz

sukalpomitra (Tue, 11 Feb 2020 05:24:30 GMT):
@andrew.whitehead it seems OSMA master branch still points to protocol discovery. Also this last error -- dont know if its a continuation of the service discovery or not - aries_cloudagent.protocols.connections.manager.ConnectionManagerError: No services defined by DIDDoc

sukalpomitra (Tue, 11 Feb 2020 05:24:49 GMT):
the logs are in this thread only

andrew.whitehead (Tue, 11 Feb 2020 05:36:01 GMT):
Looks like it's trying to return a problem report due to the unknown protocol. Not sure why it isn't using return routing, I guess the connection was dropped

andrew.whitehead (Tue, 11 Feb 2020 05:36:21 GMT):
There's no service endpoint in the DID doc, presumably because it doesn't have one

andrew.whitehead (Tue, 11 Feb 2020 05:36:21 GMT):
There's no service endpoint in the DID doc, presumably because the agent doesn't have one

priyashankar (Tue, 11 Feb 2020 05:57:54 GMT):
@andrew.whitehead The Mobile (OSMA) Agent, though was able to connect with aca-py without this service endpoint.

andrew.whitehead (Tue, 11 Feb 2020 06:05:35 GMT):
If it drops the connection while using return routing then the agent will try to route it according to the did doc. I'm not sure if that's what's happening there

priyashankar (Tue, 11 Feb 2020 06:06:16 GMT):
What do you mean by dropping the connection?

andrew.whitehead (Tue, 11 Feb 2020 06:06:40 GMT):
Return routing only works with a connected TCP socket

priyashankar (Tue, 11 Feb 2020 06:08:00 GMT):
Can you please provide me some docs for the same?

sukalpomitra (Tue, 11 Feb 2020 06:08:40 GMT):
https://github.com/hyperledger/aries-rfcs/blob/master/features/0092-transport-return-route/README.md

sukalpomitra (Tue, 11 Feb 2020 06:09:27 GMT):
@andrew.whitehead I will try to change the protocol to feature discovery

priyashankar (Tue, 11 Feb 2020 06:09:59 GMT):
So, an aca-py agent can issue a credential to Mobile Agent without a mediator. Can you please confirm?

sukalpomitra (Tue, 11 Feb 2020 06:10:17 GMT):
but as you can see its not reliable

andrew.whitehead (Tue, 11 Feb 2020 06:10:25 GMT):
@sukalpomitra I think the response format changed a little as well, but it's pretty similar

sukalpomitra (Tue, 11 Feb 2020 06:10:43 GMT):
i will compare with my version

priyashankar (Tue, 11 Feb 2020 06:11:40 GMT):
How to go about setting an aca-py agent as a Mediator? Where do I start?

ashlinSajan (Tue, 11 Feb 2020 07:40:13 GMT):
is it http://dev.greenlight.bcovrin.vonx.io/genesis

priyashankar (Tue, 11 Feb 2020 07:45:07 GMT):
No, you don't need to mention the genesis. Just pass in the url for the service running at PORT 9000 for VON.

priyashankar (Tue, 11 Feb 2020 07:45:07 GMT):
No, you don't need to mention the genesis. Just pass in the url for the service running at PORT 9000 (VON).

scottz (Tue, 11 Feb 2020 22:27:08 GMT):
I am fairly new to Indy and Aries, cloned the aries-framework-go, viewed the old indy screencast demo, and launched the openapi demo and played with the clients a few steps. Trying to run the bddtests, I get an error when I run "make checks":``` Running scripts/check_license.sh Examining working directory changes All files have SPDX-License-Identifier headers # unicode/utf8 compile: version "go1.13.7" does not match go tool version "go1.10.4" ... Makefile:139: recipe for target 'depend' failed make: *** [depend] Error 2 ```and also got an error when I tried to "make bdd-test" anyways - but there was no mention of datadog in any of the documentation of prerequisites. Did I miss a setup step, or how should I install it myself? Also, wondering about the current status of the go framework in terms of what we can and cannot do with it. Any pointers appreciated. As for the error, "make bdd-test" gives: ``` ... Running aries-framework-go integration tests... # github.com/hyperledger/aries-framework-go/test/bdd bddtests_test.go:18:2: cannot find package "github.com/DATA-DOG/godog" in any of: /usr/local/go/src/github.com/DATA-DOG/godog (from $GOROOT) /home/scott/go/src/github.com/DATA-DOG/godog (from $GOPATH) FAIL github.com/hyperledger/aries-framework-go/test/bdd [setup failed] ```

AliaksandrLipnitski (Wed, 12 Feb 2020 02:53:48 GMT):
Has joined the channel.

lauravuo-techlab (Wed, 12 Feb 2020 13:24:24 GMT):
Hi folks! We have been implementing Aries-compatible mobile app that can acquire credentials to the wallet. In our current flow, the mobile app user is reading a QR code in the issuer web page with her mobile app. This QR code contains both the pairwise information and the credential proposal data and thus, after the pairwise is established, the flow continues automatically with the credential issuance. i.e. the user doesn't need to read another QR code for the credential offer. I was wondering that does Aries actually support this kind of flow at all? And if so, do we have this kind of invitation example available somewhere? Or is the purpose in this situation to first establish the pairwise and after that the issuer continues (automatically) by sending the credential offer to holder?

troyronda (Wed, 12 Feb 2020 13:33:07 GMT):
Hi all - just a reminder that we will be presenting and demoing aries framework go in the morning call.

esplinr (Wed, 12 Feb 2020 15:01:34 GMT):
Starting now. Meeting invitation: https://zoom.us/j/244779296

esplinr (Wed, 12 Feb 2020 15:01:57 GMT):
Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=29033570

sukalpomitra (Wed, 12 Feb 2020 15:24:15 GMT):
This looks similar to VCOIDC flow developed by the people at BCGov. OSMA supports it. I am a little confused when you say the user don't have to scan another QR code for credential offer. For credential offer we generally dont scan any other QR codes.

rileyphughes (Wed, 12 Feb 2020 15:39:36 GMT):
MetaDigital built a demo with the Streetcred API that does this - just scan a QR to connect and then the credential is issued after. I believe they used webhooks to have the issuer wait for the connection establishment before sending a credential offer. https://www.metadigital.tech/demo/

scottz (Wed, 12 Feb 2020 16:01:34 GMT):
I missed it; was a recording saved and will be posted?

MALodder (Wed, 12 Feb 2020 19:24:01 GMT):
Question to this community if I want to make an update to an existing excepted RFC do I make a new RFC or do I raise a PR to an existing one?

MALodder (Wed, 12 Feb 2020 19:24:01 GMT):
Question to this community if I want to make an update to an existing accepted RFC do I make a new RFC or do I raise a PR to an existing one?

swcurran (Wed, 12 Feb 2020 19:28:37 GMT):
It depends on the change. If it is minor update (V1.0 to v1.1). You do an update to the RFC and put in a "Version Change Log" entry in. You can look at 0036 as an example, but notice that we changed in that one only a single message version and we should have changed ALL versions of the messages to 1.0. Side note - we'll soon have a new header where the version ID will go there.

swcurran (Wed, 12 Feb 2020 19:29:06 GMT):
FYI 2 - if the RFC is in "Proposed" state, I think you are OK to update without a version change.

swcurran (Wed, 12 Feb 2020 19:30:48 GMT):
FYI 3 - a change does not affect an existing AIP (Aries Interop Profile -- RFC 302) version. It would only be updated in an AIP with a new AIP version and agreement of the agent-builders.

kukgini (Wed, 12 Feb 2020 23:45:56 GMT):
Hi. I wander about the relation ship between indy-sdk vcx and aries implementations. Do they both play the same role?

MALodder (Thu, 13 Feb 2020 00:44:47 GMT):
I want to make updates to The connection protocol but am wondering if it’s worth it since we are moving to DIDComm

MALodder (Thu, 13 Feb 2020 00:45:14 GMT):
I believe my proposal will add more to forward secrecy

MALodder (Thu, 13 Feb 2020 00:50:16 GMT):
Maybe the DIDCommWG is the place for that. Thoughts?

tplooker (Thu, 13 Feb 2020 03:58:45 GMT):
@MALodder keen to chat about that too I have ideas about adding FS to the protocol too

swcurran (Thu, 13 Feb 2020 04:04:31 GMT):
If you are talking about the envelope protocol, yes, DIDComm is the place to do that.

swcurran (Thu, 13 Feb 2020 04:04:31 GMT):
If you are talking about the envelope protocol, yes, DIDComm WG at DIF is the place to do that.

MALodder (Thu, 13 Feb 2020 04:27:48 GMT):
Cool @tplooker maybe we can coauthor an update

lauravuo-techlab (Thu, 13 Feb 2020 07:48:37 GMT):
@sukalpomitra so I was basically interested how to handle that kind of flow where the holder initiates the process (both starting the pairwise and the issuance). But yes, now I see that it may be reasonable to change our flow so that issuer will make the first initiative in this case. And yes, of course, no additional QR-codes are needed if we know the connection in question :slight_smile:

lauravuo-techlab (Thu, 13 Feb 2020 07:49:11 GMT):
Thanks for helping me sort out my thoughts :thumbsup:

ashcherbakov (Thu, 13 Feb 2020 13:33:27 GMT):
The following RFC is created to address common details for all Rich Schema objects: https://github.com/hyperledger/aries-rfcs/pull/418 It was done in the scope of https://github.com/hyperledger/aries-rfcs/issues/398

ashcherbakov (Thu, 13 Feb 2020 13:33:27 GMT):
The following RFC is created to address common details for all Rich Schema objects: https://github.com/hyperledger/aries-rfcs/pull/420 It was done in the scope of https://github.com/hyperledger/aries-rfcs/issues/398

smithbk (Thu, 13 Feb 2020 14:22:32 GMT):
I just opened https://github.com/hyperledger/aries-rfcs/issues/421 to track this

smithbk (Thu, 13 Feb 2020 14:32:15 GMT):
Also https://github.com/hyperledger/aries-rfcs/issues/422

gnarula (Thu, 13 Feb 2020 16:30:58 GMT):
I tried interoperating aries-framework-go with aries-cloudagent-python and got stuck at a few places. Here are some of the differences I found: * Go framework expects Content-Type "application/didcomm-envelope-enc" while Python expects "application/json" || "application/ssi-agent-wire". .NET expects "application/ssi-agent-wire" * Go framework doesn't implement connection protocol which preceeds didexchange. The former is a part of AIP. * Service blocks in DIDDocs have references of public keys in routingKeys and recipientKeys fields. Other agents expect the base58 encoded value there * Service blocks in DIDDocs have type of did-communication whereas other agents expect "IndyAgent". * Connection Signature creator in Go uses (bytes(str(int64_timestamp))|connection) where | is actually used as a separator, as the message to be signed. Other implementations use bigendian(int64_timestamp)||connection as the message to be signed (no separator, 8 dedicated bytes for the timestamp) I'm not sure which implementation's correct, but it would certainly help to have all agents adhere to the same thing. @troyronda @swcurran @tomislav @jakubkoci

tomislav (Thu, 13 Feb 2020 17:05:55 GMT):
We should track this somehow, possibly in Github issues, as replying inline here will become unwieldy.

tomislav (Thu, 13 Feb 2020 17:07:33 GMT):
Some of this are leftovers from initial RFCs and may need updates. The content-type looks like a good candidate

b1conrad (Thu, 13 Feb 2020 17:20:31 GMT):
Pico Agents produce 'application/ssi-agent-wire' and accept 'application/json', 'application/octet-stream', or 'application/ssi-agent-wire'

troyronda (Thu, 13 Feb 2020 17:33:40 GMT):
For Go SDK, we used the mime type in RFC 25 (application/didcomm-envelope-enc)

troyronda (Thu, 13 Feb 2020 17:33:40 GMT):
For Go Framework, we used the mime type in RFC 25 (application/didcomm-envelope-enc)

troyronda (Thu, 13 Feb 2020 17:33:40 GMT):
For Go Framework, we used the mime type in RFC 25 (application/didcomm-envelope-enc). Correct: only DID exchange was implemented. We used RFC 67 (did-communication). Need to check on the signature.

TelegramSam (Thu, 13 Feb 2020 17:33:42 GMT):
FWIW, ACApy has a command line option to enable outbound queues. I've found this useful for connecting to edge agents with no endpoint. The messages stay in a queue until another return-routeable connection is made.

TelegramSam (Thu, 13 Feb 2020 17:37:12 GMT):
Part of the confusion here was uncertainty around the future of the DIDComm work over the last 4 months or so. We should definitely work to accept more, and potentially align on what we send.

TelegramSam (Thu, 13 Feb 2020 17:51:06 GMT):
post-post thought: it's possible we'll need to migrate to something else in the future. If your software doesn't accept multiple mime-types already, it might be a good idea to add it. (Yes, we should consolidate. No, it won't be instantaneous.)

TelegramSam (Thu, 13 Feb 2020 17:55:12 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=29034443

george.aristy (Thu, 13 Feb 2020 18:07:59 GMT):
@TelegramSam seems reasonable to long as the socket is dedicated to your agent. aries-framework-go spools up its own http inbound endpoint by default (unless a different one is provided by the user). I'm not sure how this affects other frameworks and deployments.

george.aristy (Thu, 13 Feb 2020 18:07:59 GMT):
@TelegramSam seems reasonable so long as the socket is dedicated to your agent. aries-framework-go spools up its own http inbound endpoint by default (unless a different one is provided by the user). I'm not sure how this affects other frameworks and deployments.

troyronda (Thu, 13 Feb 2020 18:09:38 GMT):
Signature is a bug - raised an issue in the repo.

troyronda (Thu, 13 Feb 2020 18:09:38 GMT):
Signature is a bug - raised an issue in the repo (#1257).

Silona (Thu, 13 Feb 2020 18:23:08 GMT):
Howdy Contributors and Maintainers! Are you wondering about tapping into Developer marketing for your group or project? Do you have a blog post idea? An awesome announcement? Please attend our Contributor/marketing meeting! https://wiki.hyperledger.org/display/Marketing/2020-02-19+Meeting+notes

jljordan_bcgov (Fri, 14 Feb 2020 00:57:56 GMT):
Good thread. Definitely would like broaden interop. Great that we can point to specific things that will make that happen.

scottz (Fri, 14 Feb 2020 13:58:33 GMT):
A question about the architecture. What is the current thinking on the secure storage, wallets, and sovereign domains? On this Indy presentation page 7 https://docs.google.com/presentation/d/1d35TtEAP-f1tTh88XSZ2uQ2qnuPh6JIPluIWno_P3b0/edit#slide=id.g3437d91afa_0_15 it talks about one wallet per device, with it being stored on each hardware device, and one owner with many wallets in their sovereign domain. That precludes something like LastPass storing someone's identity/credentials that are simply retrieved from each of their devices as needed, and requires duplicates of many things on every device they own. But this getting-started page https://github.com/hyperledger/aries-cloudagent-python/blob/master/docs/GettingStartedAriesDev/AriesBigPicture.md puts wallets and cloud agents in the blue circle - and then talks about agents embedding the SDK ... but doesn't that mean each agent contains a wallet? Seems contradictory. Also I see some go framework code which seems to have the kmsCreator for the wallet inside the Aries framework and thus inside the agent.

sukalpomitra (Fri, 14 Feb 2020 14:00:41 GMT):
@priyashankar @andrew.whitehead raised PR https://github.com/hyperledger/aries-framework-dotnet/pull/59

george.aristy (Fri, 14 Feb 2020 14:02:16 GMT):
Hi @scottz . re: aries-framework-go, the plan is to have pluggable KMS and LOX implementations, thus achieving both scenarios.

sklump (Fri, 14 Feb 2020 15:23:17 GMT):
As @gnarula has noted per https://github.com/hyperledger/aries-cloudagent-python/pull/369, the DIDDoc that the https://github.com/hyperledger/aries-rfcs/tree/9b0aaa39df7e8bd434126c4b33c097aae78d65bf/features/0160-connection-protocol connection protocol employs is not in line with the W3C DIDDoc specification, which has since solidified to v1.0. In particular, a key by reference in the Aries RFC looks like ``` { "type": "Ed25519SignatureAuthentication2018", "publicKey": "did:sov:QUmsj7xwB82QAuuzfmvhAi#1" } ``` whereas the W3C spec expects ``` "did:sov:QUmsj7xwB82QAuuzfmvhAi#1" ``` . The Aries Interop Profile v1.0 includes the Connection Protocol document. What is the best way forward, procedurally, toward the W3C standard? I'd be keen to know what we ought to do, when.

sklump (Fri, 14 Feb 2020 15:23:17 GMT):
As @gnarula has noted per https://github.com/hyperledger/aries-cloudagent-python/pull/369, the DIDDoc that the https://github.com/hyperledger/aries-rfcs/tree/9b0aaa39df7e8bd434126c4b33c097aae78d65bf/features/0160-connection-protocol connection protocol employs is not in line with the W3C DIDDoc specification, which has since solidified to v1.0. In particular, a key by reference in the Aries RFC looks like ``` { "type": "Ed25519SignatureAuthentication2018", "publicKey": "did:sov:QUmsj7xwB82QAuuzfmvhAi#1" } ``` whereas the W3C spec expects ``` "did:sov:QUmsj7xwB82QAuuzfmvhAi#1" ``` . The Aries Interop Profile v1.0 aligns with the (Aries RFC) Connection Protocol document, not the W3C specification - that's no surprise. What is the best way forward, procedurally, toward the W3C standard? I'd be keen to know what we ought to do, when.

brentzundel (Fri, 14 Feb 2020 15:26:51 GMT):
The W3C DID spec is currently going through some major changes. I don't think it makes sense to worry much about adhering to it before this summer, at which time there is supposed to be a "feature freeze"

sukalpomitra (Fri, 14 Feb 2020 15:27:09 GMT):
raised one more https://github.com/hyperledger/aries-framework-dotnet/pull/61 to bump up the version so that a new nuget is available. Once it is available , I will raise a OSMA PR

swcurran (Fri, 14 Feb 2020 17:40:26 GMT):
First - wallet's is confusing, so let's call it "agent storage" with it covering the KMS (keys) plus other agent storage - connections, credentials, protocol state objects and other things. "Wallets" should be reserved for the mainstream use - mobile agents with secure storage of credentials and keys. The cloud agent can hold encrypted blobs but should have no access to the keys - those should be held on devices. I think that is how LastPass works, so it is a bit cloudy. The important thing is that the keys for decrypting and doing things are not copied to a central store - they remain tied to the agent's device. Replication should be possible through the edge agents directly sharing data through Aries protocols. That's are expectation. While we never expect keys to be moved from one agent to another, the one thing that might in an Indy world is the "link secret" which enables proving a credential. We think that will need to be able to done from multiple devices, and so that is a quandry. There are some other proposed protections for that, but it's a tricky question.

swcurran (Fri, 14 Feb 2020 17:40:26 GMT):
First - wallet's is confusing, so let's call it "agent storage" with it covering the KMS (keys) plus other agent storage - connections, credentials, protocol state objects and other things. "Wallets" should be reserved for the mainstream use - mobile agents with secure storage of credentials and keys. The cloud agent can hold encrypted blobs but should have no access to the keys - those should be held on devices. I think that is how LastPass works, so it is a bit cloudy. The important thing is that the keys for decrypting and doing things are not copied to a central store - they remain tied to the agent's device. Replication should be possible through the edge agents directly sharing data through Aries protocols. That's our expectation. While we never expect keys to be moved from one agent to another, the one thing that might in an Indy world is the "link secret" which enables proving a credential. We think that will need to be able to done from multiple devices, and so that is a quandry. There are some other proposed protections for that, but it's a tricky question.

scottz (Fri, 14 Feb 2020 23:29:46 GMT):
Thanks @george.aristy and @swcurran ; some details are still elusive, but it is getting clearer. I read the DIDs are stored on the blockchain. How/When are they put there?

swcurran (Fri, 14 Feb 2020 23:32:57 GMT):
They are put there according to the DID method being used. For example, the Indy DID method has a client SDK that is embedded in agents. Other DID methods use similar techniques, but different details - different ledgers, different write mechanisms. They are usually put there when initializing an agent and configuring, but it somewhat depends on the DID method. For example, with Indy, only credential issuers generally have public DIDs (put on a ledger) and so only agents that issue credentials need to write a DID.

sukalpomitra (Sun, 16 Feb 2020 07:06:06 GMT):
https://github.com/mattrglobal/osma/pull/38 - OSMA PR raised @priyashankar

davidd (Sun, 16 Feb 2020 20:16:06 GMT):
Hi, I'm using windows 10 and trying to install OSMA but it's giving me a bundle of errors

davidd (Sun, 16 Feb 2020 20:16:06 GMT):
Hi, I'm using windows 10 and trying to install osma it is giving me a bundle of errors

davidd (Sun, 16 Feb 2020 20:16:52 GMT):
I followed the same steps as told to: Clone it locally, Run git lfs pull in order to pull the dependent native libraries with LFS. Open osma-mobile-app.sln and build!

davidd (Sun, 16 Feb 2020 20:16:52 GMT):
Clone it locally, Run git lfs pull in order to pull the dependent native libraries with LFS. Open osma-mobile-app.sln and build!

davidd (Sun, 16 Feb 2020 20:16:52 GMT):
Clone it locally, Run git lfs pull in order to pull the dependent native libraries with LFS. If you do not have this installed please refer to here Open osma-mobile-app.sln and build!

davidd (Sun, 16 Feb 2020 20:17:10 GMT):
Error Failed to download package 'System.Threading.Tasks.Extensions.4.4.0' from 'https://api.nuget.org/v3-flatcontainer/system.threading.tasks.extensions/4.4.0/system.threading.tasks.extensions.4.4.0.nupkg'. The HTTP request to 'GET https://api.nuget.org/v3-flatcontainer/system.threading.tasks.extensions/4.4.0/system.threading.tasks.extensions.4.4.0.nupkg' has timed out after 100000ms. Osma.Mobile.App.Android C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Android\Osma.Mobile.App.Android.csproj 1

davidd (Sun, 16 Feb 2020 20:17:10 GMT):
Severity Code Description Project File Line Suppression State Error Failed to download package 'System.Threading.Tasks.Extensions.4.4.0' from 'https://api.nuget.org/v3-flatcontainer/system.threading.tasks.extensions/4.4.0/system.threading.tasks.extensions.4.4.0.nupkg'. The HTTP request to 'GET https://api.nuget.org/v3-flatcontainer/system.threading.tasks.extensions/4.4.0/system.threading.tasks.extensions.4.4.0.nupkg' has timed out after 100000ms. Osma.Mobile.App.Android C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Android\Osma.Mobile.App.Android.csproj 1

davidd (Sun, 16 Feb 2020 20:17:22 GMT):
Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Services\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App.Services C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234

davidd (Sun, 16 Feb 2020 20:17:22 GMT):
Severity Code Description Project File Line Suppression State Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Services\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App.Services C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234

davidd (Sun, 16 Feb 2020 20:17:41 GMT):
Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234

davidd (Sun, 16 Feb 2020 20:17:41 GMT):
Severity Code Description Project File Line Suppression State Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234

davidd (Sun, 16 Feb 2020 20:18:55 GMT):
Error Failed to download package 'Newtonsoft.Json.11.0.2' from 'https://api.nuget.org/v3-flatcontainer/newtonsoft.json/11.0.2/newtonsoft.json.11.0.2.nupkg'. The HTTP request to 'GET https://api.nuget.org/v3-flatcontainer/newtonsoft.json/11.0.2/newtonsoft.json.11.0.2.nupkg' has timed out after 100000ms. Osma.Mobile.App.Android C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Android\Osma.Mobile.App.Android.csproj 1

davidd (Mon, 17 Feb 2020 12:38:50 GMT):
`Severity Code Description Project File Line Suppression State Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234 Error NETSDK1004 Assets file 'C:\Users\XEMO\Documents\aries-mobile\osma\src\Osma.Mobile.App.Services\obj\project.assets.json' not found. Run a NuGet package restore to generate this file. Osma.Mobile.App.Services C:\Program Files\dotnet\sdk\3.1.101\Sdks\Microsoft.NET.Sdk\targets\Microsoft.PackageDependencyResolution.targets 234 `

Silona (Mon, 17 Feb 2020 22:17:17 GMT):
Are you wondering about tapping into Developer marketing for your group or project? Do you have a blog post idea? An awesome announcement? Please attend TOMORROW! https://wiki.hyperledger.org/display/Marketing/2020-02-19+Meeting+notes

scottz (Mon, 17 Feb 2020 22:26:21 GMT):
Wait - does that mean theoretically we could run some "free agents" as edge agents and as cloud and router agents, that do nothing more than run application software to store and exchange items from their wallets - WITHOUT needing a blockchain? Would the underlying communication protocols allow them to find each other (assuming the agents all bind in and run the same protocols)?

swcurran (Mon, 17 Feb 2020 22:31:43 GMT):
Yes. Running DIDComm establishes secure peer-to-peer channels. On top of that you can do DID/Verifiable Credentials things that need blockchain. But the underlying messaging system doesn't need blockchain.

swcurran (Mon, 17 Feb 2020 22:32:37 GMT):
We're not really expecting the blockchain component to be the discovery mechanism (although it can be). We are counting on it for verifiable credentials.

priyashankar (Tue, 18 Feb 2020 04:57:43 GMT):
@swcurran What is the idea behind registering multiple aca-py agents with the same seed on the same network?

lmtriet (Tue, 18 Feb 2020 14:54:41 GMT):
Hi all, I have a question about the Faber-Alice demo. On startup, the Faber agent creates a new DID using the parameters `{"alias": "FaberAlias", "seed": "00000000000000000SomeSeed", "role": "*TRUST_ANCHOR*"}` But in the ledger, the NYM transaction role contains the value *ENDORSER*. As indicated in the https://github.com/hyperledger/indy-node/blob/master/docs/source/auth_rules.md, the role TRUST_ANCHOR do not exist. So I think that TRUST_ANCHOR is somewhat deprecated ? Is that correct ?

lmtriet (Tue, 18 Feb 2020 14:54:41 GMT):
Hi all, I have a question about the Faber-Alice demo. On startup, the Faber agent creates a new DID using the parameters `{"alias": "FaberAlias", "seed": "00000000000000000SomeSeed", "role": "TRUST_ANCHOR"}` But in the ledger, the NYM transaction role contains the value *ENDORSER*. As indicated in the https://github.com/hyperledger/indy-node/blob/master/docs/source/auth_rules.md, the role TRUST_ANCHOR do not exist. So I think that TRUST_ANCHOR is somewhat deprecated ? Is that correct ?

tomislav (Tue, 18 Feb 2020 14:56:35 GMT):
That's correct. `ENDORSER` is the new role name.

tomislav (Tue, 18 Feb 2020 14:56:35 GMT):
That's correct. `ENDORSER` is the new role name and is equivalent to `TRUST_ANCHOR`

davidd (Tue, 18 Feb 2020 16:02:24 GMT):
Hi, I'm trying to install OSMA but it isn't working.. In Error section, it says, can't download package from api.nuget.com

davidd (Tue, 18 Feb 2020 16:03:19 GMT):
I reinstalled Nuget Extension, Update all other Extensions.. No Luck..

davidd (Tue, 18 Feb 2020 16:44:06 GMT):
@sukalpomitra: https://github.com/mattrglobal/osma/issues/39

sukalpomitra (Tue, 18 Feb 2020 16:47:36 GMT):
are you using any ide? have you git cloned the repo and opened the solution/project using the ide?

swcurran (Tue, 18 Feb 2020 16:51:51 GMT):
Sorry - I can't help you on those details. Would really appreciate it if you keep a log of what's needed so we can create a "getting started" guide that works for everyone. I hate seeing people waste energy on this stuff vs. getting real things done.

davidd (Tue, 18 Feb 2020 23:25:48 GMT):
Clone it locally, Run git lfs pull in order to pull the dependent native libraries with LFS. Open src/osma-mobile-app.sln in Visual Studio (Xamarin)

davidd (Tue, 18 Feb 2020 23:26:18 GMT):
IDE?? I have only Visual Studio installed right now on my windows

davidd (Tue, 18 Feb 2020 23:26:23 GMT):
sorry. i'm GNU/Linux user, windows isn't my think.. Maybe it's because of some Configuration or any Proxy (by osma or visual studio)

davidd (Tue, 18 Feb 2020 23:28:36 GMT):
i also blocked firewalls, and check for all the inbound and outbound request.. no blockage by OS

tplooker (Wed, 19 Feb 2020 02:20:53 GMT):
@davidd this really appears to either be an OS level or visual studio issue for you, as you are unable to download the dependencies for OSMA when building

tplooker (Wed, 19 Feb 2020 02:21:27 GMT):
Do you have any trouble when building node projects or any other languages and downloading dependencies for them?

priyashankar (Wed, 19 Feb 2020 06:12:55 GMT):
Good Morning! Hope you're having a great day. I was actually registering two aca-py agents using the same seed. Turns out, both had the same public DID. In that case, how would I be able to differentiate between the two from the ledger?

davidd (Wed, 19 Feb 2020 08:03:14 GMT):
@tplooker noo.. everything is fine except OSMA

mtfk (Wed, 19 Feb 2020 08:18:39 GMT):
HI guys, during semantic call I presented our set of tools for dealing with OCA and how to conect it directly to the VC with concept of DRI (hashlinks). recording can be found here: https://drive.google.com/drive/u/0/folders/1zkXr--0DG7I1k62vaFuotEzIaTIUH0ou?ogsrc=32 What we showed: - web version of aries toolbox - building in resolver for OCA in aries toolbox (when VC is issued and include hashlink it resolves it and load the structure and data directly from data vault - repository for OCA - data transportaion within VC Due to lack of time I still didn't manage to get out proper RFCs for above topics sorry for that but will try to catch up with it. One of them would be the concept of DRI and another related with extending VC with "big" data structure If you would be interested to see the demo live and discuss those topics I am more then happy to show on one of the aries call.

mtfk (Wed, 19 Feb 2020 08:18:39 GMT):
HI guys, during semantic call I presented our set of tools for dealing with OCA and how to conect it directly to the VC with concept of DRI (hashlinks). recording can be found here: https://drive.google.com/drive/u/0/folders/1pCdQ_y51FQvFWnYao1jbjVBtk7tAtx36 What we showed: - web version of aries toolbox - building in resolver for OCA in aries toolbox (when VC is issued and include hashlink it resolves it and load the structure and data directly from data vault - repository for OCA - data transportaion within VC Due to lack of time I still didn't manage to get out proper RFCs for above topics sorry for that but will try to catch up with it. One of them would be the concept of DRI and another related with extending VC with "big" data structure If you would be interested to see the demo live and discuss those topics I am more then happy to show on one of the aries call.

TelegramSam (Wed, 19 Feb 2020 15:52:12 GMT):
We have some available time in today's Aries call. If you have a topic you'd like to lead a discussion on, or a demo you'd like to give, please let me know.

TelegramSam (Wed, 19 Feb 2020 15:52:28 GMT):
( @mtfk I'm reviewing your demo now )

davidd (Wed, 19 Feb 2020 16:41:38 GMT):
@tplooker @sukalpomitra any update regarding my issue? i spent more than 2-3 days on just that 'failed to install package form api.nuget.org'... I check firewalls, proxy, os/visual studio setting, osma config files, .nuget files, reinstall/update nuget pakage installer, install packages manually... did every possible thing but no luck. anyone, please?

sukalpomitra (Wed, 19 Feb 2020 16:42:39 GMT):
sorry @davidd I am unable to reproduce your issue

davidd (Wed, 19 Feb 2020 16:43:28 GMT):
i don't know why on my pc, it isn't working

davidd (Wed, 19 Feb 2020 16:43:42 GMT):
same setup, installation everything... but how?

davidd (Wed, 19 Feb 2020 16:45:13 GMT):
wait.. I'm posting pictures of error logs of build, package manager, xamarin... maybe it give u some hint

davidd (Wed, 19 Feb 2020 17:19:35 GMT):
https://www.dropbox.com/sh/n1bsskno1gcv8v0/AAC_XR8qepgphI6D_GU_JE9ea?dl=0

mtfk (Wed, 19 Feb 2020 17:34:42 GMT):
I could demo the aries modification and how we integrated OCA for data transportation and VC extension. Let me know how much time I could get so I can short the demo to the minimum if needed.

mtfk (Wed, 19 Feb 2020 17:34:42 GMT):
I could demo the aries toolbox modification and how we integrated OCA for data transportation and VC extension. Let me know how much time I could get so I can short the demo to the minimum if needed.

mtfk (Wed, 19 Feb 2020 17:35:39 GMT):
this could lead to the discussion how to split data between trust and how to start building connection towards Data Vault and its role in the system

davidd (Wed, 19 Feb 2020 17:48:05 GMT):
@sukalpomitra @tplooker Is there any possiblity that we create docker image of OSMA (on a pc which runs it properly) and then run it on my pc (which can't run it)?

swcurran (Wed, 19 Feb 2020 17:54:37 GMT):
A docker image for dev work would be great. Is that doable for mobile development?

TelegramSam (Wed, 19 Feb 2020 18:09:47 GMT):
we have Daniel Bluhm doing a quick update on the toolbox itself (basicmessage admin) and this would be a good followup demo and good conversation.

TelegramSam (Wed, 19 Feb 2020 18:10:54 GMT):
as far as time goes, How much would you like?

TelegramSam (Wed, 19 Feb 2020 18:11:14 GMT):
given the difference in concerns with the call, the focus could be on slightly different topics.

mtfk (Wed, 19 Feb 2020 18:11:53 GMT):
I think I can get it to 15-20 minutes will skip few obvious steps and get to the point

tplooker (Wed, 19 Feb 2020 20:12:00 GMT):
@davidd I haven't attempted to create a docker image for Xamarin before. It looks like you have an issue accessing nuget, are you sure you have no firewall or any other pieces of internet security that is blocking your install?

tplooker (Wed, 19 Feb 2020 20:12:00 GMT):
@davidd I haven't attempted to create a docker image for Xamarin before. It looks like you have an issue access nuget, are you sure you have no firewall or any other pieces of internet security that is blocking your install?

davidd (Thu, 20 Feb 2020 08:07:42 GMT):
i have checked all the settings also reset them, block firewall, match config files / vs settings, extensions with another pc (of my teammate) on which it works, but still no luck

davidd (Thu, 20 Feb 2020 08:08:23 GMT):
and as @swcurran asked, is docker image be possible for mobile development / osma ?

TelegramSam (Thu, 20 Feb 2020 15:17:03 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=29035077

shenoy (Sun, 23 Feb 2020 07:09:50 GMT):
@swcurran Is it possible to "self host" and run the IIWBook attendence verification and issuing service from the repository at https://github.com/bcgov/iiwbook ? I want to do the following 1. Download the Streetcred Identity Agent app from the Apple App Store 2. Get an email address veriable credential from https://email-verification.vonx.io/ 3. Run the IIW book demo from the repository at https://github.com/bcgov/iiwbook on my local machine 4. Get an IIW attendee verifiable credential from the IIW attendence verification and issuing service thats running on my local machine

shenoy (Sun, 23 Feb 2020 07:09:50 GMT):
@swcurran Is it possible to "self host" and run the IIWBook attendence verification and issuing service from the repository at https://github.com/bcgov/iiwbook ? I want to do the following ``` ``` 1. Download the Streetcred Identity Agent app from the Apple App Store ``` ``` 2. Get an email address veriable credential from https://email-verification.vonx.io/ ``` ``` 3. Run the IIW book demo from the repository at https://github.com/bcgov/iiwbook on my local machine ``` ``` 4. Get an IIW attendee verifiable credential from the IIW attendence verification and issuing service thats running on my local machine ``` ``` ``` Possible? ``` ``` Possible ```

shenoy (Sun, 23 Feb 2020 07:09:50 GMT):
@swcurran Is it possible to "self host" and run the IIWBook attendence verification and issuing service from the repository at https://github.com/bcgov/iiwbook ? I want to do the following ``` Step 1. Download the Streetcred Identity Agent app from the Apple App Store Step 2. Get an email address veriable credential from https://email-verification.vonx.io/ Step 3. Run the IIW book demo from the repository at https://github.com/bcgov/iiwbook on my local machine Step 4. Get an IIW attendee verifiable credential from the IIW attendence verification and issuing service thats running on my local machine. Possible?

shenoy (Sun, 23 Feb 2020 07:09:50 GMT):
@swcurran Is it possible to "self host" and run the IIWBook attendence verification and issuing service from the repository at https://github.com/bcgov/iiwbook ? I want to do the following Step 1. Download the Streetcred Identity Agent app from the Apple App Store Step 2. Get an email address veriable credential from https://email-verification.vonx.io/ Step 3. Run the IIW book demo from the repository at https://github.com/bcgov/iiwbook on my local machine Step 4. Get an IIW attendee verifiable credential from the IIW attendence verification and issuing service thats running on my local machine. Possible?

shenoy (Sun, 23 Feb 2020 07:28:57 GMT):
When I try running the demo I see errors like iiw-book-agent_1 | 2020-02-23 07:21:38,099 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: iiw-book-agent_1 | iiw-book-agent_1 | Node is not a validator iiw-book-agent_1 | iiw-book-agent_1 | Invalid library state } iiw-book-agent_1 | 2020-02-23 07:21:45,734 indy.libindy DEBUG _indy_callback: >>> command_handle: 28, err , args: () iiw-book-agent_1 | 2020-02-23 07:21:45,734 indy.libindy DEBUG _indy_callback: <<< iiw-book-agent_1 | 2020-02-23 07:21:45,735 indy.libindy DEBUG _indy_loop_callback: >>> command_handle: 28, err , args: () iiw-book-agent_1 | 2020-02-23 07:21:45,735 indy.libindy DEBUG _indy_loop_callback: Function returned None iiw-book-agent_1 | 2020-02-23 07:21:45,735 indy.libindy DEBUG _indy_loop_callback <<< iiw-book-agent_1 | 2020-02-23 07:21:45,735 indy.pool DEBUG close_pool_ledger: <<< res: None And then it just hangs there.

jljordan_bcgov (Sun, 23 Feb 2020 16:42:55 GMT):
I imagine that it is possible but the IIWBook running on the local host would need to be configure to point to the same ledger as the issuer services (email-verification)

jljordan_bcgov (Sun, 23 Feb 2020 16:43:40 GMT):
The error you are getting looks like iiwbook local can’t find the ledger ...

swcurran (Sun, 23 Feb 2020 20:17:11 GMT):
You need to run with the ledger being the BCovrin Test network, make sure that Streetcred is using that network, and you need to use something like ngrok to allow your service to be visible on the internet. But other than that...yes, it should work. We have another demo - identity-kit-poc that uses ngrok that way so that you can run it locally, but interact on a mobile agent. https://github.com/bcgov/identity-kit-poc

andrew.whitehead (Sun, 23 Feb 2020 20:29:01 GMT):
That error is just informational, not sure why indy logs it at the error level

swcurran (Sun, 23 Feb 2020 22:35:50 GMT):
We'd like to see @amanji 's repo of ACA-Py controllers pushed to the Hyperledger organization. Any objections? It's a great contribution, showing three examples of ACA-Py controllers using different tech stacks (nodejs/express, .NET and angular). Cool stuff! https://github.com/petridishdev/aries-acapy-controllers

swcurran (Sun, 23 Feb 2020 22:36:23 GMT):
The construction of the repo leaves space for other controller contributions.

shenoy (Mon, 24 Feb 2020 14:39:21 GMT):
@jljordan_bcgov : Thanks. I presume you mean BCovrin Test at http://138.197.138.255/. In docker-compose.yml this is used both in GENESIS_TRANSACTIONS as well as the --genesis-url keys. So that should take care of the ledger configuration?

shenoy (Mon, 24 Feb 2020 14:48:20 GMT):
@swcurran: I have configured Streetcred to use BCovrin Test. I also use ngrok (for good luck I run it from the same folder as iiwbook/docker though I am pretty sure that's not needed). I see the BCovrin test usl http://138.197.138.255/ in docker-compose.yml this is used both in GENESIS_TRANSACTIONS as well as the --genesis-url keys. This should configure iiwbook to point to the correct ledger isn't it? Line 13 of docker-compose.yml says SITE_URL: https://27d04647.ngrok.io I am not sure why this is configured to point to this particular url. Maybe this is the problem? I get the following error iiw-book-service_1 | urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='iiw-book-agent', port=4000): Max retries exceeded with url: /schemas (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) (Sorry about the badly formatted question. New to rocketchat. Don't know the tricks to pretty print the comments)

shenoy (Mon, 24 Feb 2020 14:48:20 GMT):
@swcurran: I have configured Streetcred to use BCovrin Test. I also use ngrok (for good luck I run it from the same folder as iiwbook/docker though I am pretty sure that's not needed). I see the BCovrin test url http://138.197.138.255/ in docker-compose.yml this is used both in GENESIS_TRANSACTIONS as well as the --genesis-url keys. This should configure iiwbook to point to the correct ledger isn't it? Line 13 of docker-compose.yml says SITE_URL: https://27d04647.ngrok.io I am not sure why this is configured to point to this particular url. Maybe this is the problem? I get the following error iiw-book-service_1 | urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='iiw-book-agent', port=4000): Max retries exceeded with url: /schemas (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) (Sorry about the badly formatted question. New to rocketchat. Don't know the tricks to pretty print the comments)

shenoy (Mon, 24 Feb 2020 14:48:20 GMT):
@swcurran, @andrew.whitehead : I have configured Streetcred to use BCovrin Test. I also use ngrok (for good luck I run it from the same folder as iiwbook/docker though I am pretty sure that's not needed). I see the BCovrin test url http://138.197.138.255/ in docker-compose.yml this is used both in GENESIS_TRANSACTIONS as well as the --genesis-url keys. This should configure iiwbook to point to the correct ledger isn't it? Line 13 of docker-compose.yml says SITE_URL: https://27d04647.ngrok.io I am not sure why this is configured to point to this particular url. Maybe this is the problem? I get the following error iiw-book-service_1 | urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='iiw-book-agent', port=4000): Max retries exceeded with url: /schemas (Caused by NewConnectionError(': Failed to establish a new connection: [Errno 111] Connection refused',)) (Sorry about the badly formatted question. New to rocketchat. Don't know the tricks to pretty print the comments)

swcurran (Mon, 24 Feb 2020 14:50:12 GMT):
Hmm...that looks to me like the IIW Book controller is not talking to the ACA-Py instance. Firewall problem?

shenoy (Mon, 24 Feb 2020 14:51:29 GMT):
I am running this on an Ubuntu machine and ufw status shows inactive.

shenoy (Mon, 24 Feb 2020 14:53:21 GMT):
So line 13 in docker-compose: SITE_URL: https://27d04647.ngrok.io is as it should be?

shenoy (Mon, 24 Feb 2020 14:53:21 GMT):
@swcurran line 13 in docker-compose: SITE_URL: https://27d04647.ngrok.io is as it should be?

swcurran (Mon, 24 Feb 2020 15:05:59 GMT):
Maybe worth trying to look at ID Kit and how it uses ngrok. It uses two URLs, but I couldn't be sure of the details without digging in.

shenoy (Mon, 24 Feb 2020 15:20:35 GMT):
ok. thanks for the tip. i'll look it up!

swcurran (Tue, 25 Feb 2020 05:41:52 GMT):
Based on recent discussions on Aries Working Group calls, several of us ( @andrew.whitehead @TelegramSam @george.aristy ) have been working on a HackMD doc about a new "Out of Band" protocol that will encompass the invitations in Connections/DID Exchange and the ephemeral challenge - things that are often displayed as QR codes. Please take a look. @esplinr @KitHat A big goal of this is to enable a connection to be reused vs. a new one created each time a QR code is scanned. Note that some changes to DID Exchange (and perhaps connections) will also be needed. https://hackmd.io/duAskli3QHSfx35yd3VDlw?view I'd like to move it into an aries-rfc PR soon - ideally later this week.

awais.ahmad (Tue, 25 Feb 2020 13:44:31 GMT):
hi guys, anyone know which one is the channel for the aries-framework-dotnet ?

awais.ahmad (Tue, 25 Feb 2020 15:09:51 GMT):
I am trying to run the tests in the aries-framework-dotnet and all the tests requiring indy.dll are not working

awais.ahmad (Tue, 25 Feb 2020 15:10:01 GMT):
even though i have it in my path

eduardosanzb (Tue, 25 Feb 2020 15:33:12 GMT):
Hello guys, does anyone have a up to date example? (preferably nodejs)

mboyd (Tue, 25 Feb 2020 18:18:11 GMT):
We try to give conceptual q&a for the framework in this thread. Given our bandwidth for support (we're a small team that helps maintain the dotnet framework), it is probably better to ask for any additional support on this channel. we can consider making a dotnet channel, but it's better to log your errors as an issue: https://github.com/hyperledger/aries-framework-dotnet/issues. Can you please post any additional error messages you have received as an issue, and we'll work through ti?

rileyphughes (Tue, 25 Feb 2020 20:00:36 GMT):
Hey all, not sure if this is the place for this kind of thing, but I thought I'd share for those who are interested. Streetcred just announced our 1. Updated developer portal, and 2. Cross-platform (incl Android) mobile app. I know a lot of folks have been asking for an Android app that works with other Aries codebases. All our stuff is based on the aries-framework-dotnet. Read about the story of this launch on our blog: https://streetcred.id/2020/02/24/launch/

rileyphughes (Tue, 25 Feb 2020 20:00:51 GMT):
iOS link: https://apps.apple.com/us/app/streetcred-identity-agent/id1475160728

rileyphughes (Tue, 25 Feb 2020 20:01:00 GMT):
Android link: https://play.google.com/store/apps/details?id=id.streetcred.apps.mobile

rileyphughes (Tue, 25 Feb 2020 20:02:13 GMT):
Dev portal link (Allows you to spin up cloud agents in Streetcred's agency for free, similar to ACA-py): https://developer.streetcred.id/

knagware9 (Wed, 26 Feb 2020 04:55:05 GMT):
Is the app available in India ? I tried but shows unavailable in your country

TelegramSam (Wed, 26 Feb 2020 15:01:53 GMT):
https://wiki.hyperledger.org/pages/viewpage.action?pageId=29034532

TelegramSam (Wed, 26 Feb 2020 19:59:52 GMT):
Aries B call happening now! https://wiki.hyperledger.org/pages/viewpage.action?pageId=29035452

mccown (Wed, 26 Feb 2020 22:02:02 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow. This is a chance to get updates on the WG calls you may have missed this week. Our guest, Daniel Bluhm (Sovrin), will be giving a demo on using the Aries Toolkit. Here is the calendar invite with times and Zoom details. https://tinyurl.com/yx754zxb

troyronda (Wed, 26 Feb 2020 23:21:49 GMT):
Aries Framework Go 0.1.2 released. Notes: https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.2

swcurran (Wed, 26 Feb 2020 23:34:51 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.3 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.3. Includes an update for the Transaction Author Agreement (TAA) handling, implements step 1 of the transition process from DID-based to http-based message types and other improvements. Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

davidd (Thu, 27 Feb 2020 02:01:57 GMT):
Hi, The issue is when i run ./start-web-agents.sh command and get the following errors. I have windows 10 and using linux containters. Here is screenshots of the errors : https://www.dropbox.com/sh/wzmmvb4rrint5wh/AACCftqvuM1TcPz7PMeldJ38a?dl=0

davidd (Thu, 27 Feb 2020 02:01:57 GMT):
Hi, The issue is when i run ./start-web-agents.sh command and we get the following errors. I have windows 10 and using linux containters. Here is screenshots of the errors : https://www.dropbox.com/sh/wzmmvb4rrint5wh/AACCftqvuM1TcPz7PMeldJ38a?dl=0

davidd (Thu, 27 Feb 2020 02:11:20 GMT):
Ngrok, docker, .NET everything is working fine.. also the required versions are installed. don't know why it returns this error.

davidd (Thu, 27 Feb 2020 13:02:45 GMT):
Step 7/16 : RUN dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json" ---> Running in ea3cb8f5afe5 A compatible installed .NET Core SDK for global.json version [3.1.101] from [/src/global.json] was not found Install the [3.1.101] .NET Core SDK or update [/src/global.json] with an installed .NET Core SDK: 3.0.101 [/usr/share/dotnet/sdk] ERROR: Service 'web-agent-1' failed to build: The command '/bin/sh -c dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json"' returned a non-zero code: 145

davidd (Thu, 27 Feb 2020 13:02:45 GMT):
`Step 7/16 : RUN dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json" ---> Running in ea3cb8f5afe5 A compatible installed .NET Core SDK for global.json version [3.1.101] from [/src/global.json] was not found Install the [3.1.101] .NET Core SDK or update [/src/global.json] with an installed .NET Core SDK: 3.0.101 [/usr/share/dotnet/sdk] ERROR: Service 'web-agent-1' failed to build: The command '/bin/sh -c dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json"' returned a non-zero code: 145`

davidd (Thu, 27 Feb 2020 13:03:40 GMT):
`Step 7/16 : RUN dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json" ---> Running in ea3cb8f5afe5 A compatible installed .NET Core SDK for global.json version [3.1.101] from [/src/global.json] was not found Install the [3.1.101] .NET Core SDK or update [/src/global.json] with an installed .NET Core SDK: 3.0.101 [/usr/share/dotnet/sdk] ERROR: Service 'web-agent-1' failed to build: The command '/bin/sh -c dotnet restore "WebAgent.csproj" -s "https://api.nuget.org/v3/index.json"' returned a non-zero code: 145`

davidd (Thu, 27 Feb 2020 13:05:18 GMT):
Is there anyone who works on aries-framework-dotnet / OSMA ? I'm getting these errors while running ./start-web-agents.sh !

sklump (Thu, 27 Feb 2020 15:04:18 GMT):
RFC 36 v1.x series includes indy-isms in the credential proposal. This is my beginning attempt at RFC 36 v2.0: https://github.com/sklump/aries-rfcs/tree/issue-cred-2.0/features/0036-issue-credential Github won't take it in a PR. It could be because of its status? Is it PROPOSED if it's a new major version, or should it retain ACCEPTED? Anyway, this version * relegates all indy-isms to attachments consistently * uses angle brackets to denote variable content consistently * introduces named states and a transition table between such. It doesn't address batch issue at the moment. @esplinr maybe take a look and comment?

sklump (Thu, 27 Feb 2020 15:04:18 GMT):
RFC 36 v1.x series includes indy-isms in the credential proposal. This is my beginning attempt at RFC 36 v2.0: https://github.com/sklump/aries-rfcs/tree/issue-cred-2.0/features/0036-issue-credential Github won't take it in a PR. It could be because of its status? Is it PROPOSED if it's a new major version, or should it retain ACCEPTED? Anyway, this version * relegates all indy-isms to attachments consistently (which breaks compatibility with v1.x series, necessitating v2.0) * uses angle brackets to denote variable content consistently * introduces named states and a transition table between such. It doesn't address batch issue at the moment. @esplinr maybe take a look and comment?

davidd (Thu, 27 Feb 2020 18:34:25 GMT):
Solved : https://github.com/hyperledger/aries-framework-dotnet/issues/72

davidd (Fri, 28 Feb 2020 15:54:53 GMT):
How to create a new credential type or customize credential definitions in OSMA / aries-framework-dotnet?

sukalpomitra (Fri, 28 Feb 2020 17:12:13 GMT):
Creating schema and credential definitions are done by issuers. OSMA is an edge agent that is used by holders. So OSMA wont have the features of doing such stuff. I am sure aries-framework-dotnet will have those capabilities. But I have used ACA-PY before to create schema and cred defs

davidd (Fri, 28 Feb 2020 17:20:54 GMT):
Thanks. Is there anyone you know, who works on aries-framework-dotnet and would answer my few questions?

sklump (Fri, 28 Feb 2020 18:38:40 GMT):
In preparation to make state formalisms explicit in RFC 37, I noticed slight discrepancies between the pics and the text. This PR https://github.com/hyperledger/aries-rfcs/pull/436 syncs them up to what is current.

rileyphughes (Fri, 28 Feb 2020 21:57:28 GMT):
@knagware9 it should be available in India, we have others in India using it regularly. Can you DM me more info (which OS are you using, etc?)

swcurran (Fri, 28 Feb 2020 23:39:28 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.4 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.4. Includes a fix for a bug in presentation verification introduced in 0.4.3. An update to Indy SDK 1.14.2 was made to the docker images used in the demos. Anyone running 0.4.3 should update to 0.4.4 as soon as possible. Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

smithbk (Sat, 29 Feb 2020 15:34:34 GMT):
This PR pertains to service decorators to make it more explicit for interoperability sake: https://github.com/hyperledger/aries-rfcs/pull/437

ayushmanss (Mon, 02 Mar 2020 09:02:30 GMT):
Hi all, I dont know if this question has been asked here or not, or if someone has tried it or not. As indy provides pluggable storage, is it possible to use google drive or dropbox as the storage. I want to run cloudagent for others with their respective clouds as storage. Basically I have trying to eliminate the need for an edge agent like smartphones without compromising privacy. Is it possible? I dont know where the master key that encrypts the wallet is stored though? Is it even possible to do this with just web agent?

sklump (Mon, 02 Mar 2020 14:50:41 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=xLfCy7WjLDjh7D7EF) I see I've made a mess of this in a few places. I will re-submit. My apologies - from a Monday point of view I have no idea what I was thinking. Does anyone have a guess what `reject-presentation` is in RFC37? Is it a dressed-up `problem report`? At present the pic cites both messages but the text only refers to `problem-report` as an import.

sklump (Mon, 02 Mar 2020 14:50:41 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=xLfCy7WjLDjh7D7EF) I see I've made a mess of this in a few places. I will re-submit. My apologies - from a Monday point of view I have no idea what I was thinking. Does anyone have a guess what `reject-presentation` is in RFC37? Is it a dressed-up `problem-report`? At present the pic cites both messages but the text only refers to `problem-report` as an import.

sklump (Mon, 02 Mar 2020 14:50:41 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=xLfCy7WjLDjh7D7EF) I see I've made a mess of this in a few places. I will re-submit. My apologies - from a Monday point of view I have no idea what I was thinking. Does anyone have a guess what `reject-presentation` is in RFC37? Is it a dressed-up `problem-report`? At present the pic cites both messages but the text only refers to `problem-report` as an import. A rejection is not necessarily a problem as such, so I could see both possibilities.

sklump (Mon, 02 Mar 2020 14:50:41 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=xLfCy7WjLDjh7D7EF) I see I've made a mess of this in a few places. I will re-submit. My apologies - from a Monday point of view I have no idea what I was thinking. Does anyone have a guess what `reject-presentation` is in RFC37? Is it a `problem-report`? At present the pic cites both messages but the text only refers to `problem-report` as an import. A rejection is not necessarily a problem as such, so I could see both possibilities.

ravitejasriram (Tue, 03 Mar 2020 09:26:43 GMT):
Hi all, I am trying to run the demo of agent-framework-dotnet using docker and accessing the given links(http://localhost:7000 and http://localhost:8000) throws error "InvalidOperationException: To render identicons the Jdenticon middleware must be registered, typically by calling app.UseJdenticon() in Startup.Configure.". I haven't changed any code and still getting the above error. Could anyone help me with this if you have faced a similar problem.

sklump (Tue, 03 Mar 2020 13:21:45 GMT):
I see in RFC 35 (Problems) "Report Problem Protocol": > "Problem" includes any deviation from the so-called "happy path" of an interaction So I will propose tweaks accordingly to RFC 37.

sklump (Tue, 03 Mar 2020 13:21:45 GMT):
I see in RFC 35 (Problems) "Report Problem Protocol": ``` "Problem" includes any deviation from the so-called "happy path" of an interaction ``` So I will propose tweaks accordingly to RFC 37.

sklump (Tue, 03 Mar 2020 13:21:45 GMT):
I see in RFC 35 "Report Problem Protocol": ``` "Problem" includes any deviation from the so-called "happy path" of an interaction ``` So I will propose tweaks accordingly to RFC 37.

TelegramSam (Tue, 03 Mar 2020 19:13:19 GMT):
Time open in the Aries call tomorrow. Any topic requests or volunteers to present on a topic?

biligunb (Wed, 04 Mar 2020 05:01:32 GMT):
Im sorry if I am wasting your time. But is there any pointer on Browser Extension using Aries-sdk or aries agent. (similar to Metamask)?

TelegramSam (Wed, 04 Mar 2020 13:19:38 GMT):
I am not yet aware of such a project. I'd love to see one though!

swcurran (Wed, 04 Mar 2020 14:18:01 GMT):
The ACA-Py User Group Meeting is cancelled this week due to the Hyperledger Global Forum. We'll return in 2 weeks.

troyronda (Wed, 04 Mar 2020 16:28:30 GMT):
I think it will be very helpful to have a version of issue credential without the Indyisms. Thanks for your efforts.

sklump (Wed, 04 Mar 2020 16:30:27 GMT):
No - I will have to reconstruct it. There is enough churn going on inside 1.x in any case.

sklump (Wed, 04 Mar 2020 16:31:08 GMT):
I think we can safely keep cred_def_id because the W3C spec has an identifier for cred defs too.

kenebert (Fri, 06 Mar 2020 15:55:16 GMT):
We will be doing the Hyperledger Global Forum training on Aries today using this channel.

kenebert (Fri, 06 Mar 2020 15:57:12 GMT):
Here are the initial setup instructions https://docs.google.com/document/d/1uC6TTcOz4saTm7ySgbPZq2dvEVZl5NVwH02iH_pKqWw/edit?usp=sharing

kenebert (Fri, 06 Mar 2020 15:59:02 GMT):
These are the instructions for setting up the docker containers and toolbox https://docs.google.com/document/d/1jxdt64wS1k6hrDE21VVRHsU7qtajX0hIVYp-BNiEeVE/edit?usp=sharing

mehulshahnj (Fri, 06 Mar 2020 16:03:33 GMT):
getting error messsge on prereqs

mehulshahnj (Fri, 06 Mar 2020 16:03:34 GMT):
Invalid library state } agent-alice_1 | 2020-03-06 16:02:51,268 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: agent-alice_1 | agent-alice_1 | Node is not a validator agent-alice_1 | agent-alice_1 | Invalid library state }

DarkJ24 (Fri, 06 Mar 2020 16:23:19 GMT):
The "Sovrin Agent" stays in the “Pending Invitations” and doesn't move to the “Active Connections” list

mjhbell (Fri, 06 Mar 2020 16:38:20 GMT):
I'm seeing '/bin/sh: 1: ./wait.sh: not found' for my Alice/Bob agents

swcurran (Fri, 06 Mar 2020 16:46:19 GMT):
This means that there is a node in the network that is listed but not participating. That's OK - as long as the rest of the ledger can achieve consensus. So think of these as warnings.

ecornell (Fri, 06 Mar 2020 16:48:19 GMT):
Seeing the same wait.sh not found error. Causing the alice and bob agents to exit with code 127

kenebert (Fri, 06 Mar 2020 17:14:34 GMT):
https://docs.google.com/document/d/1FwZuXWzi-iZpBA1JKIIAThb-S2dU18B1hXXAEPzQz3g/edit?usp=sharing This file contains the long strings that should be cut and pasted during training.

ecornell (Fri, 06 Mar 2020 17:28:15 GMT):
the wait.sh not found issue was a linefeed issue re-save the .sh files with unix linefeeds

sownak (Fri, 06 Mar 2020 17:29:52 GMT):
Windows user should have done git config --global core.autocrlf false

lynn.bendixsen (Fri, 06 Mar 2020 17:30:16 GMT):
I got the wait.sh not found on windows until I ran ```git config --global core.autocrlf false```

lynn.bendixsen (Fri, 06 Mar 2020 17:30:16 GMT):
I got the wait.sh not found on windows until I ran ```git config --global core.autocrlf false```. and then re-cloned the repo

lynn.bendixsen (Fri, 06 Mar 2020 17:30:16 GMT):
I got the wait.sh not found on windows until I ran ```git config --global core.autocrlf false``` and then re-cloned the repo

kulkarnikk (Fri, 06 Mar 2020 17:35:03 GMT):
getting following error after adding sovrin Agent for Bob's connections - indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: agent-bob_1 | agent-bob_1 | Node is not a validator agent-bob_1 | agent-bob_1 | Invalid library state }

Aaronhou (Fri, 06 Mar 2020 17:35:29 GMT):
how to move sovin agent from “Pending Invitations” to “Active Connections” ?

kulkarnikk (Fri, 06 Mar 2020 17:35:30 GMT):
I do not see the sovrin agent moving to active connections yet

sanchezcr (Fri, 06 Mar 2020 17:37:17 GMT):
agent-bob_1 | 2020-03-06 17:23:44,770 aries_cloudagent.core.conductor ERROR Exception in message handler: agent-bob_1 | Traceback (most recent call last): agent-bob_1 | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 169, in handle_message agent-bob_1 | await handler(context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/util.py", line 67, in _wrapped agent-bob_1 | return await func(handler, context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/holder.py", line 99, in handle agent-bob_1 | credential_definition_id = context.message.credential_definition_id agent-bob_1 | AttributeError: 'Model' object has no attribute 'credential_definition_id' agent-bob_1 | 2020-03-06 17:23:44,771 aries_cloudagent.core.dispatcher ERROR Handler error: Dispatcher.handle_message agent-bob_1 | Traceback (most recent call last): agent-bob_1 | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 169, in handle_message agent-bob_1 | await handler(context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/util.py", line 67, in _wrapped agent-bob_1 | return await func(handler, context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/holder.py", line 99, in handle agent-bob_1 | credential_definition_id = context.message.credential_definition_id agent-bob_1 | AttributeError: 'Model' object has no attribute 'credential_definition_id'

Aaronhou (Fri, 06 Mar 2020 17:37:57 GMT):
agent-bob_1 | 2020-03-06 17:21:18,213 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: agent-bob_1 | agent-bob_1 | Node is not a validator agent-bob_1 | agent-bob_1 | Invalid library state }

shubham_aggarwal (Fri, 06 Mar 2020 17:38:26 GMT):
ngrok-bob_1_f3d83a1731a2 | t=2020-03-06T17:37:17+0000 lvl=eror msg="heartbeat timeout, terminating session" obj=csess id=5f3019ad3e26 clientid=57c50566b5d9a244bb9ebb7b5c1e273c

nage (Fri, 06 Mar 2020 17:38:46 GMT):
@dbluhm or @lynn.bendixsen is Agent.sovrin.org accepting connections properly and issuing high fives?

qtle (Fri, 06 Mar 2020 17:41:02 GMT):
https://15481352.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiZTkxZDZmYTgtMGRkZi00OTI5LTllZjEtMmI2YzM4MzZiNDMyIiwgInNlcnZpY2VFbmRwb2ludCI6ICJodHRwczovLzE1NDgxMzUyLm5ncm9rLmlvIiwgImxhYmVsIjogIlF1YW5nIFR1IiwgInJlY2lwaWVudEtleXMiOiBbIkQ0QWNhZmtib2F2aDFlUWNaNVg5R1Y0d2NBeXF2a1NQZThRQThQRmZ1VUF1Il19

dbluhm (Fri, 06 Mar 2020 17:42:58 GMT):
I saw a couple of error messages that appeared to be messages not correctly packed for the Sovrin agent but it otherwise appears to be working as expected

dbluhm (Fri, 06 Mar 2020 17:44:43 GMT):
Also just tested both myself (with a different invitation granted) without issue

lynn.bendixsen (Fri, 06 Mar 2020 17:46:22 GMT):
When you get to the SelfServe part, please be patient. Each Endorser DID takes 5-10 seconds to write to the ledger, and each is sequentially queued so if 20 people try to do it at the same time, it could take a couple of minutes for the last person to complete the process. If you click `Submit` multiple times, the wait gets that much longer...

dbluhm (Fri, 06 Mar 2020 17:55:48 GMT):
https://agent.sovrin.org/?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiNzlmNDcxNjYtNTc5NS00MjYxLTgyMjEtYzBlYmNhOWI1MTc5IiwgImxhYmVsIjogIlNvdnJpbiBBZ2VudCIsICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cHM6Ly9hZ2VudC5zb3ZyaW4ub3JnLyIsICJyZWNpcGllbnRLZXlzIjogWyIzdjJrclZTOUFTaHFKczhyQUM5clBwTHZ0blVWYkdZOGdrZENzWWVRd2lZUyJdfQ==

burdettadam (Fri, 06 Mar 2020 18:18:43 GMT):
` AttributeError: 'Model' object has no attribute 'credential_definition_id'`

ckochenower (Fri, 06 Mar 2020 18:19:17 GMT):
@vitiko - I'm getting the same AttributeError

Aaronhou (Fri, 06 Mar 2020 18:19:48 GMT):
agent-bob_1 | AttributeError: 'Model' object has no attribute 'credential_definition_id'

kulkarnikk (Fri, 06 Mar 2020 18:21:26 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=K2K4a9LGf7qa5xGxA) Same error I am getting

qtle (Fri, 06 Mar 2020 18:22:44 GMT):
https://15481352.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiOWEwZmJmYTctMmQ2NS00ZDI5LTg5N2YtNTkwN2Y1OWY4OTNjIiwgInNlcnZpY2VFbmRwb2ludCI6ICJodHRwczovLzE1NDgxMzUyLm5ncm9rLmlvIiwgImxhYmVsIjogIlFUIGludml0ZSIsICJyZWNpcGllbnRLZXlzIjogWyIzUjRQeWtTYUI5aFZiSkVxd0NoR1RtTFR3NnFXM3laeTd0bktHSG53enFDUSJdfQ==

dbluhm (Fri, 06 Mar 2020 18:22:54 GMT):
Can you go to the message history item and look for a message with a type ending in `send-credential-proposal`?

dbluhm (Fri, 06 Mar 2020 18:22:54 GMT):
Can you go to the message history menu item and look for a message with a type ending in `send-credential-proposal`?

qtle (Fri, 06 Mar 2020 18:23:01 GMT):
anyone can connect with this URL invite pls

dbluhm (Fri, 06 Mar 2020 18:23:10 GMT):
The contents of that message will help diagnose

dbluhm (Fri, 06 Mar 2020 18:24:16 GMT):
Depending on how much you've clicked around, it may be further down in the history

theomarshanti (Fri, 06 Mar 2020 18:24:49 GMT):
This step is failing for me - ``` The credential should be issued by the Sovrin Agent automatically and will appear in your “Credentials” list. If it does not appear within a few seconds, click the refresh button. ```

bigpawz (Fri, 06 Mar 2020 18:24:52 GMT):
Jordan - https://8ca64ab2.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiMzU4YjUyZTMtYzk5ZC00YjdiLTg2NDItMmVhYjA5M2I1NTU4IiwgInJlY2lwaWVudEtleXMiOiBbIkVuVkZ2RWNVQXJ4MUp3dTd5ZFN5OW5HR2lidDJTMUVTVFd1RGdCNDdHdW5FIl0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cHM6Ly84Y2E2NGFiMi5uZ3Jvay5pbyIsICJsYWJlbCI6ICJEZWFuIn0=

kenebert (Fri, 06 Mar 2020 18:25:19 GMT):
https://5e75c2a0.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiZWZmNjI2MmMtMTEzMC00NzIxLTg4YjItMzRiODRlODg5OTZmIiwgImxhYmVsIjogIk9tYXItS2VuIiwgInJlY2lwaWVudEtleXMiOiBbIjl0YUhOR1oxRWZDSk02VWI4aHNZQjJucVR4dHVURmFNYVNiUlFpSlNrcnV4Il0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cHM6Ly81ZTc1YzJhMC5uZ3Jvay5pbyJ9

dbluhm (Fri, 06 Mar 2020 18:26:51 GMT):
Try sending a message to the sovrin agent (not "highfive") to verify that we get an echo back at least

ckochenower (Fri, 06 Mar 2020 18:27:59 GMT):
@dbluhm - Should I be seeing messages here after selecting Sovrin Agent? Looks like there are no messages...

dbluhm (Fri, 06 Mar 2020 18:28:54 GMT):
@ckochenower if you have multiple connections (one that errored, one that worked) try deleting the broken one

dbluhm (Fri, 06 Mar 2020 18:28:54 GMT):
@ckochenower if you have multiple connections to the sovrin agent (one that errored, one that worked) try deleting the broken one

bigpawz (Fri, 06 Mar 2020 18:29:09 GMT):
Dean - https://8ca64ab2.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiZWY1MmExMGEtMmNkZC00M2ExLTg0N2MtM2RmNTY4MTdlM2FjIiwgInJlY2lwaWVudEtleXMiOiBbIjhpelRTckpYSjFzc0xyVnR1UWFwUWY1M2k2a1A2UWZ3cHpURlFIM3RtOVcxIl0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cHM6Ly84Y2E2NGFiMi5uZ3Jvay5pbyIsICJsYWJlbCI6ICJKb3JkYW4ifQ==

qtle (Fri, 06 Mar 2020 18:29:12 GMT):
https://15481352.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiOWEwZmJmYTctMmQ2NS00ZDI5LTg5N2YtNTkwN2Y1OWY4OTNjIiwgInNlcnZpY2VFbmRwb2ludCI6ICJodHRwczovLzE1NDgxMzUyLm5ncm9rLmlvIiwgImxhYmVsIjogIlFUIGludml0ZSIsICJyZWNpcGllbnRLZXlzIjogWyIzUjRQeWtTYUI5aFZiSkVxd0NoR1RtTFR3NnFXM3laeTd0bktHSG53enFDUSJdfQ==

dbluhm (Fri, 06 Mar 2020 18:29:18 GMT):
From the connections view, expand the pending Sovrin agent connection, and click delete

tomaple2 (Fri, 06 Mar 2020 18:29:35 GMT):
http://e47150af.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiYmUzYWM2YjMtMDYzZS00ZDVmLTlkNjEtOWE4ZGI4ZGYxN2I5IiwgInJlY2lwaWVudEtleXMiOiBbIkduTFM4UTRmQ1dDRGV5UkRUNjY4S0M4RjRRd1l6N01HRTNxWlNyelVQc1RtIl0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cDovL2U0NzE1MGFmLm5ncm9rLmlvIiwgImxhYmVsIjogIlRvbS1PbWFyIn0=

dbluhm (Fri, 06 Mar 2020 18:30:00 GMT):
If you've sent messages, they should be recalled when you open it again

shubham_aggarwal (Fri, 06 Mar 2020 18:30:17 GMT):
https://5bfe29b5.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiNTg4YmRiNDQtYTE0My00NTE2LWJiOTMtZDg2NjVmNGUwZTYyIiwgInNlcnZpY2VFbmRwb2ludCI6ICJodHRwczovLzViZmUyOWI1Lm5ncm9rLmlvIiwgInJlY2lwaWVudEtleXMiOiBbIjg4b0ZCUTFxZlVnWFV4S2p4aFd1bjhxRlRrbW1mMW94OWlYSndpOHNGS0hRIl0sICJsYWJlbCI6ICJTb3ZyaW4xIn0=

shubham_aggarwal (Fri, 06 Mar 2020 18:30:17 GMT):
https://5bfe29b5.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiZDMxZGJkMDAtZDk2YS00OGE1LTlhYTgtNWUzMThhYzljZjQzIiwgInNlcnZpY2VFbmRwb2ludCI6ICJodHRwczovLzViZmUyOWI1Lm5ncm9rLmlvIiwgInJlY2lwaWVudEtleXMiOiBbIkhYRzNHcDZDcW9QbnJCNzhXOTg2dENweXF6SEhCMTZoUDR1ajk4WDNUSjVEIl0sICJsYWJlbCI6ICJzb3ZyaW4yIn0=

ckochenower (Fri, 06 Mar 2020 18:30:57 GMT):
@dbluhm - Will do. I will then restart the docker container and repeat the connection process with the new invite details.

ecornell (Fri, 06 Mar 2020 18:31:20 GMT):
Eli Multi - https://dd487e32.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiODg4ZTk1YjQtNzk2Ni00NWNmLWE5MmEtODM1YzVlMzg2OTE5IiwgInJlY2lwaWVudEtleXMiOiBbIkdleHpBM1MzOEt3eno1TmY1SnA4SHRlMkR2QTZhY3ZxU3dxeDJhVjQ3S2ViIl0sICJsYWJlbCI6ICJFbGkiLCAic2VydmljZUVuZHBvaW50IjogImh0dHBzOi8vZGQ0ODdlMzIubmdyb2suaW8ifQ==

SaphiraBjartskular (Fri, 06 Mar 2020 18:32:20 GMT):
Has joined the channel.

SaphiraBjartskular (Fri, 06 Mar 2020 18:32:22 GMT):
https://5c07a2a3.ngrok.io?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiMGM2MDY0NzQtNTMwYy00NTljLTk1NWYtOTdkZTlkNTU1MDk3IiwgInJlY2lwaWVudEtleXMiOiBbIkNHZnhzUHg5VVRKQngza2ZmREh2WlNqdXlBM3d5S1BRcjlpODZnZWFjRTZxIl0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cHM6Ly81YzA3YTJhMy5uZ3Jvay5pbyIsICJsYWJlbCI6ICJmb28ifQ==

dbluhm (Fri, 06 Mar 2020 18:36:49 GMT):
If any of you experience issues, tag me and I'll do my best to help :slightly_smiling_face:

ckochenower (Fri, 06 Mar 2020 18:40:50 GMT):
@dbluhm - I deleted Bob (admin) from the Aries toolbox, restarted the docker container, (re)added Bob to the Aires toolbox, and then retried steps D and E at https://docs.google.com/document/d/1jxdt64wS1k6hrDE21VVRHsU7qtajX0hIVYp-BNiEeVE/edit ... Same result

dbluhm (Fri, 06 Mar 2020 18:42:37 GMT):
You seem to be following different instructions than are in the slides

ckochenower (Fri, 06 Mar 2020 18:42:56 GMT):
@dbluhm - May we have the read-only link to the slide deck? The instructions found at https://docs.google.com/document/d/1jxdt64wS1k6hrDE21VVRHsU7qtajX0hIVYp-BNiEeVE/edit are different that the exercises.

ckochenower (Fri, 06 Mar 2020 18:43:36 GMT):
Yep. Moved a request for slide deck link to it's own thread.

ckochenower (Fri, 06 Mar 2020 18:44:34 GMT):
https://chat.hyperledger.org/channel/aries?msg=srTCFiooCSkoytSD8

dbluhm (Fri, 06 Mar 2020 18:45:55 GMT):
https://docs.google.com/presentation/d/1mtQ0X97sivo3NRVWTbVuCn29JJYgULsGlw-fqAbVp2Y/edit?usp=sharing

ckochenower (Fri, 06 Mar 2020 18:46:45 GMT):
For the record, I sourced instructions from this thread in Rocket.Chat: https://chat.hyperledger.org/channel/aries?msg=H5n3Yk2bGHC7jK4fM

dbluhm (Fri, 06 Mar 2020 18:52:10 GMT):
Worth noting that the Encryption Envelope being discussed is continuing to see refinement and standardization efforts within the DIF DIDComm WG

Aaronhou (Fri, 06 Mar 2020 18:54:57 GMT):
after restart docker, tool and add new connections, still AttributeError: 'Model' object has no attribute 'credential_definition_id'

ckochenower (Fri, 06 Mar 2020 19:01:52 GMT):
@dbluhm - I'm unblocked following the instructions in the slides instead of the instructions in the google doc referred to in Rocket.Chat at the beginning of the presentation. Thank you for your help!

dbluhm (Fri, 06 Mar 2020 19:02:54 GMT):
No problem! I'm quickly throwing together a corrected activity step doc to replace the original one with inconsistencies. I'll share here in a moment

airvin (Fri, 06 Mar 2020 19:13:19 GMT):
@kenebert is it possible for you to share the link to the slides that you just presented, with the details of what is stored on-chain vs off-chain, etc.?

dbluhm (Fri, 06 Mar 2020 19:14:12 GMT):
[Corrected detailed activity steps](https://docs.google.com/document/d/1TIrqQtoo4M4icsMsdAbcsOdDi7tcnHVm1f0Kg5MtgKs/edit?usp=sharing)

ckochenower (Fri, 06 Mar 2020 19:14:46 GMT):
@Aaronhou - I started from scratch and no longer have the AttributeError: 1. delete Alice and Bob from Aries Toolbox UI 2. ctrl-C both shells running docker container and Aries Toolbox UI 3. Delete both docker images created by docker-compose, just so we are indeed starting from scratch

Aaronhou (Fri, 06 Mar 2020 19:22:11 GMT):
after remove docker images, re-pulled and still the same error

Aaronhou (Fri, 06 Mar 2020 19:22:33 GMT):
agent-bob_1 | Invalid library state } agent-bob_1 | 2020-03-06 19:20:13,030 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: agent-bob_1 | agent-bob_1 | Node is not a validator agent-bob_1 | agent-bob_1 | Invalid library state } agent-bob_1 | 2020-03-06 19:20:56,015 aries_cloudagent.core.conductor ERROR Exception in message handler: agent-bob_1 | Traceback (most recent call last): agent-bob_1 | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 169, in handle_message agent-bob_1 | await handler(context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/util.py", line 67, in _wrapped agent-bob_1 | return await func(handler, context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/holder.py", line 99, in handle agent-bob_1 | credential_definition_id = context.message.credential_definition_id agent-bob_1 | AttributeError: 'Model' object has no attribute 'credential_definition_id' agent-bob_1 | 2020-03-06 19:20:56,017 aries_cloudagent.core.dispatcher ERROR Handler error: Dispatcher.handle_message agent-bob_1 | Traceback (most recent call last): agent-bob_1 | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aries_cloudagent/core/dispatcher.py", line 169, in handle_message agent-bob_1 | await handler(context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/util.py", line 67, in _wrapped agent-bob_1 | return await func(handler, context, responder) agent-bob_1 | File "/home/indy/acapy_plugin_toolbox/holder.py", line 99, in handle agent-bob_1 | credential_definition_id = context.message.credential_definition_id agent-bob_1 | AttributeError: 'Model' object has no attribute 'credential_definition_id'

kulkarnikk (Fri, 06 Mar 2020 19:22:57 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=rvn5GtiyHi6Cv7YeW) What version of python you have Aaron?

dbluhm (Fri, 06 Mar 2020 19:31:08 GMT):
Please make sure you are following the [corrected instructions here](https://docs.google.com/document/d/1TIrqQtoo4M4icsMsdAbcsOdDi7tcnHVm1f0Kg5MtgKs/edit?usp=sharing)

dbluhm (Fri, 06 Mar 2020 19:32:13 GMT):
The old instructions used to take us through a different path which just so happens to have a bug right now :slightly_smiling_face:

Aaronhou (Fri, 06 Mar 2020 19:33:03 GMT):
https://docs.google.com/document/d/1jxdt64wS1k6hrDE21VVRHsU7qtajX0hIVYp-BNiEeVE/edit

dbluhm (Fri, 06 Mar 2020 19:35:31 GMT):
Those instructions, unfortunately, contain a few small differences that lead to this particular problem; please follow the [corrected instructions here](https://docs.google.com/document/d/1TIrqQtoo4M4icsMsdAbcsOdDi7tcnHVm1f0Kg5MtgKs/edit?usp=sharing)

dbluhm (Fri, 06 Mar 2020 19:38:10 GMT):
For the record, however, we just merged a PR that should fix that particular error the old instructions lead to. A fresh git pull should retrieve those changes but, again, *this is not needed for the updated instructions.*

manuvarghese (Fri, 06 Mar 2020 21:34:03 GMT):
@dbluhm Can we have all presentations pls ? (Training Activity - 2,3,4 etc.) Thanks

RuiPanNewbie (Fri, 06 Mar 2020 22:05:54 GMT):
There seems to have an UI issue that I can't switch/activate DID from the dropdown at up right corner. Even if I activate from the DID list, the drop down won't update but the actual did is switched.

ckochenower (Fri, 06 Mar 2020 22:15:47 GMT):
Topic: Feedback on "Corrected Detailed Setup and Activity Steps" @dbluhm - FYI

ckochenower (Fri, 06 Mar 2020 22:16:15 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=AtHQR4rxCMqXitTLd)
Clipboard - March 6, 2020 3_14 PM.png

kulkarnikk (Fri, 06 Mar 2020 22:24:15 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=QjqXYsBTwySfQetDx) What I observed is, though the selected DID gets reset, I think it internally sets the one that you had selected. So should not be an issue other than the UX part

pknowles (Mon, 09 Mar 2020 05:39:55 GMT):
The latest draft of Kantara Initiative's "Distributed Identity Assurance Specification" is open for Hyperledger Aries/Indy community review. I've added the draft to the Hyperledger Indy Google Drive for aggregated comments to feedback to Kantara's FIRE (Federated Identifiers for Resilient Ecosystems) WG. Many thanks. https://drive.google.com/drive/u/0/folders/1cCZEZQPnlBQqmxM3SwBs7UAZ-ZfZL5oc

daveek (Mon, 09 Mar 2020 09:24:43 GMT):
Hi.. What Cryptographic Primitives are used in Indy & Aries?

MALodder (Mon, 09 Mar 2020 13:38:50 GMT):
https://github.com/hyperledger/aries-rfcs/pull/440

MALodder (Mon, 09 Mar 2020 13:39:28 GMT):
New PR that describes a KMS covering keys, credentials, authentication, authorization, and auditing

MonicaMaged (Mon, 09 Mar 2020 13:43:21 GMT):
Hello, I am a graduating student hoping to use Aries to make an application for verifiable university certificates, but I kind of got lost on where to begin and how. I've tried starting with ACA-py but got overwhelmed and lost on how to start my own code. Any help or suggestions would be much appreciated.

TelegramSam (Mon, 09 Mar 2020 14:58:02 GMT):
I'd start with a vanilla example using an agent, and see how it currently works and plan how you want to use it. ACApy is a good one to start with.

Thomas.R (Mon, 09 Mar 2020 14:58:26 GMT):
Hi all, does somebody know if a proofrequest with multiple revocation credentials is supported? Greetings Thomas

swcurran (Mon, 09 Mar 2020 17:13:44 GMT):
There is an edX course about becoming an Aries developer. I'm a co-author can help with questions and would appreciate any feedback. https://www.edx.org/course/becoming-a-hyperledger-aries-developer

swcurran (Mon, 09 Mar 2020 17:16:32 GMT):
Not sure how much this has been tried, but an Indy Proof involves processing each claim individually, fully supporting claims coming from multiple credentials. It's very unlikely that this process would not include getting a proof of non-revocation for the credential that sourced each claim.

swcurran (Mon, 09 Mar 2020 21:53:35 GMT):
FYI: Aries Cloud Agent - Python Release 0.4.5 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.4.5. Includes a fix to the handling of self-attested attributes. And we now have a NOTICES file - the only Linux Foundation required file we were missing from the repo. Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/ NOTE: We have merged the "support anoncreds 1.0 revocation" PR into the master branch and will include that in the next ACA-Py release. Not too much in documentation, but for those interested, check it out! w00t!!

tomislav (Mon, 09 Mar 2020 21:58:36 GMT):
Awesome. Do you happen to have handy a link to a revocation definition on the BCovrin test network that uses this?

tomislav (Mon, 09 Mar 2020 21:59:37 GMT):
Nevermind, found a bunch http://test.bcovrin.vonx.io/browse/domain?page=3&query=&txn_type=113

tomislav (Mon, 09 Mar 2020 22:01:47 GMT):
A note on the tails location when going in production. URL's should be served over https, otherwise iOS will have issues fetching them. I'm assuming the production ones will be publicly available, the ones I found seem to be behind an internal network. http://192.168.65.3:8021/revocation/registry/95rEZ6fRujMXnM6CeH7qLy:4:95rEZ6fRujMXnM6CeH7qLy:3:CL:4239:default:CL_ACCUM:0ae3fd59-1f7f-4431-af18-6d41dcdefeef/tails-file

swcurran (Mon, 09 Mar 2020 22:02:59 GMT):
Yes, production ones will be publically available. We'll make sure they are HTTPS. We'll have to figure that out for demos :-)

Thomas.R (Tue, 10 Mar 2020 09:02:28 GMT):
Thank you very much for the answer!

esplinr (Wed, 11 Mar 2020 14:01:31 GMT):
Starting the Aries WG A call: https://zoom.us/j/244779296

daveek (Wed, 11 Mar 2020 14:36:46 GMT):
Where & How Aries .NET / OSMA stores Private Keys and Credentials on Device? And also if u could share the reference, it would be very nice of you. @swcurran @tomislav @mboyd @sukalpomitra

sukalpomitra (Wed, 11 Mar 2020 14:44:22 GMT):
@daveek these are stored in the wallet. And this is where the path of the wallet is defined https://github.com/mattrglobal/osma/blob/master/src/Osma.Mobile.App.Services/AgentContextService.cs#L49

daveek (Wed, 11 Mar 2020 14:47:31 GMT):
Thanks and what cryptographic libraries and primitives are used to secure them?

daveek (Wed, 11 Mar 2020 14:47:31 GMT):
Thanks and what cryptographic libraries or primitives are used to secure them?

daveek (Wed, 11 Mar 2020 14:54:37 GMT):
And and.. the credentials are stored in wallet and but the wallet is also encrypted, right? so, offcourse, the private keys to this wallet will be give to user, which in Application case, the developers will store it in somewhere on device (enclaves)?

daveek (Wed, 11 Mar 2020 14:54:37 GMT):
The credentials are stored in wallet and the wallet is also encrypted, right? The private keys to this wallet will be given to user, which in Application case, the developers of App will store it in somewhere on device (enclaves)? How does OSMA deals with it? like where on Android/iOS device they store and how they encrypt it (which cryptographic primitives are used)?

tomislav (Wed, 11 Mar 2020 14:58:02 GMT):
Indy uses a number of different crypto primitives, consult the indy sdk docs for that. OSMA uses Xamarin Essentials, which stores keys on in secure storage (iOS keychain) - https://docs.microsoft.com/en-us/xamarin/essentials/secure-storage?tabs=android

daveek (Wed, 11 Mar 2020 15:21:20 GMT):
Thanks @tomislav ... and I couldn't fine any proper reference for crypt primitives at indy sdk docs, that's why I asked for.. anyway Thanks alot :)

daveek (Wed, 11 Mar 2020 15:21:20 GMT):
Thanks @tomislav ... and I couldn't fine any proper reference for crypto primitives at indy sdk docs, that's why I asked for.. anyway Thanks alot :)

daveek (Wed, 11 Mar 2020 15:22:29 GMT):
And if u get time, have a look at this Issue: https://github.com/mattrglobal/osma/issues/40

tomislav (Wed, 11 Mar 2020 16:09:20 GMT):
Indy implements anoncreds 1.0 - whitepaper can be found here - https://github.com/hyperledger-archives/indy-anoncreds/tree/master/docs

daveek (Wed, 11 Mar 2020 18:39:27 GMT):
@tomislav In https://github.com/hyperledger-archives/indy-anoncreds/blob/master/docs/dev/anoncred.pdf, they are dealing with Factorization, really? But it isn't the right paper? and Indy use Post-Quantum Cryptography Algorithms like Elliptic Curve, Edward Curve, right?

george.aristy (Wed, 11 Mar 2020 18:57:38 GMT):
was the recording for the previous "B" call posted?

jljordan_bcgov (Thu, 12 Mar 2020 09:31:06 GMT):
You may want to refer to https://github.com/hyperledger/ursa for the crypto primitives used by Aries and Indy

TelegramSam (Thu, 12 Mar 2020 17:44:52 GMT):
Recording for the March 4th Aries WG Call Posted (https://wiki.hyperledger.org/pages/viewpage.action?pageId=31195177) Sorry I was very late posting this.

TelegramSam (Thu, 12 Mar 2020 17:46:02 GMT):
Recording posted for yesterday's call as well. (Thanks @kenebert ) https://wiki.hyperledger.org/pages/viewpage.action?pageId=31195503

troyronda (Thu, 12 Mar 2020 17:48:49 GMT):
The YouTube videos from Dmitry Barinov (SecureKey) were posted here: https://www.youtube.com/watch?v=p6btBnEoDsM&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=63 https://www.youtube.com/watch?v=RdVzbovIwCQ&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=72 (followup from yesterday's call).

troyronda (Thu, 12 Mar 2020 17:48:49 GMT):
The HLF Global Forum YouTube videos from Dmitry Barinov (SecureKey) were posted here: https://www.youtube.com/watch?v=p6btBnEoDsM&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=63 https://www.youtube.com/watch?v=RdVzbovIwCQ&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=72 (followup from yesterday's call).

troyronda (Thu, 12 Mar 2020 17:48:49 GMT):
The HLF Global Forum videos from Dmitry Barinov (SecureKey) were posted here: https://www.youtube.com/watch?v=p6btBnEoDsM&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=63 https://www.youtube.com/watch?v=RdVzbovIwCQ&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=72 (followup from yesterday's call).

TelegramSam (Thu, 12 Mar 2020 19:56:54 GMT):
PR For complete and reuse message types has been updated per meeting comments: https://github.com/hyperledger/aries-rfcs/pull/442

troyronda (Thu, 12 Mar 2020 22:31:18 GMT):
I created a status update about our Fabric-related work (including DIDs) that I posted to the Fabric folks. In case there is overlapping interest, here is the link: https://docs.google.com/document/d/1b5AHZyklexolzUIZ4Yz_Ma1atKM2mudpD6-SNplGJu0/

troyronda (Thu, 12 Mar 2020 22:31:18 GMT):
I created a status update about our Fabric-related work (including DID ledger) that I posted to the Fabric folks. In case there is overlapping interest, here is the link: https://docs.google.com/document/d/1b5AHZyklexolzUIZ4Yz_Ma1atKM2mudpD6-SNplGJu0/

HLFPOC (Fri, 13 Mar 2020 10:01:06 GMT):
Is there any open source implementation available which demonstrates connecting edge agent (mobile apps) with a web based agent apart from OSMA ?

swcurran (Fri, 13 Mar 2020 13:58:44 GMT):
I don't think so. There are two React Native projects that are getting close but I don't know how far they go. Both are in RocketChat, so better they reply, but I can point you to the repos - https://github.com/ayanworks/ARNIMA and https://github.com/AbsaOSS/rn-indy-sdk

kulkarnikk (Fri, 13 Mar 2020 14:40:22 GMT):
Thanks for giving a call here @swcurran about the ARNIMA agent. @HLFPOC - We already have open sourced base version of the React-Native agent and are working on next set of features as I write. There is potentially next update going to come in some time from now.

swcurran (Fri, 13 Mar 2020 16:56:10 GMT):
FYI - we are removing the 0.1 versions of the credential exchange (issue, presentation) APIs from ACA-Py. These were deprecated quite awhile ago when the Credential Exchange 1.0 (RFCs 0036 and 0037) were added. This will be part of the next release, which will be numbered 0.5.0.

nage (Fri, 13 Mar 2020 20:27:26 GMT):
https://chat.hyperledger.org/channel/indy?msg=q5X9yyWP5oY5sgFwe

TelegramSam (Fri, 13 Mar 2020 20:35:07 GMT):
There are a number of former Sovrin Staff that are now looking for work in the community. Please do reach out if you have opportunities for them.

sukalpomitra (Sat, 14 Mar 2020 06:02:56 GMT):
Anyone willing to relocate to Singapore can reach out to me. We are hiring in our company

tomislav (Sat, 14 Mar 2020 13:08:04 GMT):
https://github.com/hyperledger/aries-framework-dotnet/tree/master/samples/routing This routing samples runs two projects, and edge client and a remote mediator web agent, ready to do Aries communications.

tomislav (Sat, 14 Mar 2020 13:08:04 GMT):
https://github.com/hyperledger/aries-framework-dotnet/tree/master/samples/routing This routing sample runs two projects: and edge client and a remote mediator web agent, ready to do Aries communications. The edge client is setup as a console app, but that can be any edge client (mobile, iot, etc)

AnnaJ (Tue, 17 Mar 2020 01:42:00 GMT):
From the Sovrin Foundation Board of Trustees: Next Steps for the Sovrin Foundation https://sovrin.org/next-steps-for-the-sovrin-foundation/

HLFPOC (Tue, 17 Mar 2020 09:14:01 GMT):
Thanks for sharing it @tomislav , Is there any document/instructions available to try it out ? I tried running the solution after selecting MediatorAgentService as startup project, but got below exception: Loaded 'Anonymously Hosted DynamicMethods Assembly'. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Diagnostics.Debug.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Exception thrown: 'System.DllNotFoundException' in Hyperledger.Indy.Sdk.dll Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll The thread 223164 has exited with code 0 (0x0). Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Diagnostics.StackTrace.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Reflection.Metadata.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Collections.Immutable.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.IO.MemoryMappedFiles.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Unhandled exception. System.DllNotFoundException: Unable to load shared library 'indy' or one of its dependencies. In order to help diagnose loading problems, consider setting the DYLD_PRINT_LIBRARIES environment variable: dlopen(libindy, 1): image not found at Hyperledger.Indy.WalletApi.NativeMethods.indy_create_wallet(Int32 command_handle, String config, String credentials, IndyMethodCompletedDelegate cb) at Hyperledger.Indy.WalletApi.Wallet.CreateWalletAsync(String config, String credentials) at Hyperledger.Aries.Storage.DefaultWalletService.CreateWalletAsync(WalletConfiguration configuration, WalletCredentials credentials) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries/Storage/DefaultWalletService.cs:line 53 at Hyperledger.Aries.Configuration.DefaultProvisioningService.ProvisionAgentAsync(AgentOptions agentOptions) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries/Configuration/DefaultProvisioningService.cs:line 103 at Hyperledger.Aries.Agents.Edge.MediatorProvisioningService.StartAsync(CancellationToken cancellationToken) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries.Routing.Mediator/MediatorProvisioningService.cs:line 40 at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host) at MediatorAgentService.Program.Main(String[] args) in /Users/indy/Documents/GitHub/aries-framework-dotnet/samples/routing/MediatorAgentService/Program.cs:line 16 The program '[1845] Mediator.Web.dll' has exited with code 0 (0x0).

HLFPOC (Tue, 17 Mar 2020 09:14:01 GMT):
Thanks for sharing it @tomislav , Is there any document/instructions available to try it out ? I tried running the solution after selecting MediatorAgentService as startup project, but got below exception: Loaded 'Anonymously Hosted DynamicMethods Assembly'. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Diagnostics.Debug.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Exception thrown: 'System.DllNotFoundException' in Hyperledger.Indy.Sdk.dll Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll The thread 223164 has exited with code 0 (0x0). Exception thrown: 'System.DllNotFoundException' in System.Private.CoreLib.dll Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Diagnostics.StackTrace.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Reflection.Metadata.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.Collections.Immutable.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. Loaded '/usr/local/share/dotnet/shared/Microsoft.NETCore.App/3.0.1/System.IO.MemoryMappedFiles.dll'. Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled. *Unhandled exception. System.DllNotFoundException: Unable to load shared library 'indy' or one of its dependencies. In order to help diagnose loading problems, consider setting the DYLD_PRINT_LIBRARIES environment variable*: dlopen(libindy, 1): image not found at Hyperledger.Indy.WalletApi.NativeMethods.indy_create_wallet(Int32 command_handle, String config, String credentials, IndyMethodCompletedDelegate cb) at Hyperledger.Indy.WalletApi.Wallet.CreateWalletAsync(String config, String credentials) at Hyperledger.Aries.Storage.DefaultWalletService.CreateWalletAsync(WalletConfiguration configuration, WalletCredentials credentials) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries/Storage/DefaultWalletService.cs:line 53 at Hyperledger.Aries.Configuration.DefaultProvisioningService.ProvisionAgentAsync(AgentOptions agentOptions) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries/Configuration/DefaultProvisioningService.cs:line 103 at Hyperledger.Aries.Agents.Edge.MediatorProvisioningService.StartAsync(CancellationToken cancellationToken) in /Users/indy/Documents/GitHub/aries-framework-dotnet/src/Hyperledger.Aries.Routing.Mediator/MediatorProvisioningService.cs:line 40 at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host) at MediatorAgentService.Program.Main(String[] args) in /Users/indy/Documents/GitHub/aries-framework-dotnet/samples/routing/MediatorAgentService/Program.cs:line 16 The program '[1845] Mediator.Web.dll' has exited with code 0 (0x0).

gnarula (Tue, 17 Mar 2020 09:24:24 GMT):
Here's another one that can connect over Websocket using SignalR https://github.com/dedis/aries-mediator

sheldon.regular (Tue, 17 Mar 2020 15:20:25 GMT):
Hi Everyone, I’m wondering if someone here can help. I have the goal of comparing the approach of the aries-protocol-test-suite to the aries-agent-test-harness. While trying to run the aries-protocol-test-suite, I get a problem that looks like a bug in the code. I’m just following the [Quickstart Guide here](https://github.com/hyperledger/aries-protocol-test-suite), when I run ```protocoltest``` if give the following error. Maybe someone has a quick fix to save me time diving into it? Thanks. I believe I have narrowed it down to the line of code in the test suite project that causes the error. If you need to see the whole trace I can add an attachment. This code in question I believe was added in Nov. ``` % ./protocoltest Attempting to load configuration from file: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite/scripts/config.toml ========================================================= test session starts ========================================================= platform darwin -- Python 3.7.5, pytest-5.4.1, py-1.8.1, pluggy-0.13.1 rootdir: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite, inifile: pytest.ini plugins: asyncio-0.10.0 collected 17 items INTERNALERROR> Traceback (most recent call last): INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 191, in wrap_session INTERNALERROR> session.exitstatus = doit(config, session) or 0 INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 246, in _main INTERNALERROR> config.hook.pytest_collection(session=session) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/conftest.py", line 156, in pytest_collection_modifyitems INTERNALERROR> config.hook.pytest_deselected(items=deselected) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 431, in pytest_deselected INTERNALERROR> self._add_stats("deselected", items) INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 400, in _add_stats INTERNALERROR> self.stats.setdefault(category, []).extend(items[:]) INTERNALERROR> TypeError: 'set' object is not subscriptable ======================================================== 34 warnings in 1.21s ========================================================= ```

sheldon.regular (Tue, 17 Mar 2020 15:20:25 GMT):
Hi Everyone, I’m wondering if someone here can help. I have the goal of comparing the approach of the aries-protocol-test-suite to the aries-agent-test-harness. While trying to run the aries-protocol-test-suite, I get a problem that looks like a bug in the code. I’m just following the [Quickstart Guide here](https://github.com/hyperledger/aries-protocol-test-suite), when I run ```protocoltest``` it gives the following error. Maybe someone has a quick fix to save me time diving into it? Thanks. I believe I have narrowed it down to the line of code in the test suite project that causes the error. If you need to see the whole trace I can add an attachment. This code in question I believe was added in Nov. ``` % ./protocoltest Attempting to load configuration from file: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite/scripts/config.toml ========================================================= test session starts ========================================================= platform darwin -- Python 3.7.5, pytest-5.4.1, py-1.8.1, pluggy-0.13.1 rootdir: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite, inifile: pytest.ini plugins: asyncio-0.10.0 collected 17 items INTERNALERROR> Traceback (most recent call last): INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 191, in wrap_session INTERNALERROR> session.exitstatus = doit(config, session) or 0 INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 246, in _main INTERNALERROR> config.hook.pytest_collection(session=session) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/conftest.py", line 156, in pytest_collection_modifyitems INTERNALERROR> config.hook.pytest_deselected(items=deselected) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 431, in pytest_deselected INTERNALERROR> self._add_stats("deselected", items) INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 400, in _add_stats INTERNALERROR> self.stats.setdefault(category, []).extend(items[:]) INTERNALERROR> TypeError: 'set' object is not subscriptable ======================================================== 34 warnings in 1.21s ========================================================= ```

sheldon.regular (Tue, 17 Mar 2020 15:20:25 GMT):
Hi Everyone, I’m wondering if someone here can help. I have the goal of comparing the approach of the aries-protocol-test-suite to the aries-agent-test-harness. While trying to run the aries-protocol-test-suite, I get a problem that looks like a bug in the code. I’m just following the [Quickstart Guide here](https://github.com/hyperledger/aries-protocol-test-suite), when I run `protocoltest` it gives the following error. Maybe someone has a quick fix to save me time diving into it? Thanks. I believe I have narrowed it down to the line of code in the test suite project that causes the error. If you need to see the whole trace I can add an attachment. This code in question I believe was added in Nov. ``` % ./protocoltest Attempting to load configuration from file: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite/scripts/config.toml ========================================================= test session starts ========================================================= platform darwin -- Python 3.7.5, pytest-5.4.1, py-1.8.1, pluggy-0.13.1 rootdir: /Users/Shel/Projects/BC.gov/aries-protocol-test-suite, inifile: pytest.ini plugins: asyncio-0.10.0 collected 17 items INTERNALERROR> Traceback (most recent call last): INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 191, in wrap_session INTERNALERROR> session.exitstatus = doit(config, session) or 0 INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/main.py", line 246, in _main INTERNALERROR> config.hook.pytest_collection(session=session) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/conftest.py", line 156, in pytest_collection_modifyitems INTERNALERROR> config.hook.pytest_deselected(items=deselected) . . . INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 431, in pytest_deselected INTERNALERROR> self._add_stats("deselected", items) INTERNALERROR> File "/Users/Shel/Projects/BC.gov/aries-protocol-test-suite/env/lib/python3.7/site-packages/_pytest/terminal.py", line 400, in _add_stats INTERNALERROR> self.stats.setdefault(category, []).extend(items[:]) INTERNALERROR> TypeError: 'set' object is not subscriptable ======================================================== 34 warnings in 1.21s ========================================================= ```

dbluhm (Tue, 17 Mar 2020 16:03:12 GMT):
I suspect this is a version mismatch issue. I've been using pytest 4.6.3 without issue. The requirements file likely needs to specify an exact version instead of just `pytest`.

dbluhm (Tue, 17 Mar 2020 16:05:10 GMT):
Opening an issue on the aries-protocol-test-suite repo with a full stack trace would be appreciated :slightly_smiling_face:

sheldon.regular (Tue, 17 Mar 2020 16:13:51 GMT):
Thanks, Added the full trace. I'll try the version of pytest you mention.

davidd (Tue, 17 Mar 2020 17:02:59 GMT):
Hi, Is it Possible to Connect OSMA Agent with Cloud Agent (ACA-PY), any other web agent except Aries .Net?

sukalpomitra (Tue, 17 Mar 2020 17:45:53 GMT):
Hi @davidd osma can talk to ACA-py. We have demonstrated that in the connect book flow

davidd (Tue, 17 Mar 2020 17:47:02 GMT):
and one import question, How OSMA connects with Aries .Net Web Agent (like how it works on backend)?

davidd (Tue, 17 Mar 2020 17:48:30 GMT):
forexample if I want to use another agent, how will I connect with it? How Scanning QR Code works at core? Can u send me any reference for that too? I look at code of OSMA but didn't get it!

davidd (Tue, 17 Mar 2020 17:48:30 GMT):
How Scanning QR Code works at back on OSMA? Can u send me any doc or link to code? I look at code of OSMA but didn't get how it works?

swcurran (Tue, 17 Mar 2020 23:06:49 GMT):
An ACA-Py User Group meeting is planned for tomorrow, 11AM Pacific, 7PM CET, covering the recent merging of the revocation branch, an initial discussion of what might go in AIP 1.Next and more. We'll even cover some help wanted issues, in case you want to get involved at the code level. Please join us: https://wiki.hyperledger.org/display/ARIES/2020-03-18+Aries+Cloud+Agent+-+Python+Users+Group+Community+Meeting

davidd (Wed, 18 Mar 2020 00:59:20 GMT):
@sukalpomitra can u please send any reference to that?

sukalpomitra (Wed, 18 Mar 2020 10:41:01 GMT):
https://github.com/mattrglobal/osma/blob/master/src/Osma.Mobile.App/ViewModels/Connections/ConnectionsViewModel.cs#L78

davidd (Wed, 18 Mar 2020 10:52:10 GMT):
Thanks for the link, I actually looked into OSMA code once and also read this file, but what I mean by that asking was, how it communicate with Aries .NET Agent and how it knows that the provided QR Code is the right one? I didn't get that part from the Code!

davidd (Wed, 18 Mar 2020 10:52:10 GMT):
Thanks for the link, I actually looked into OSMA code once and also read this file, but what I meant by that was, how it communicate with Aries .NET Agent and how it knows that the provided QR Code is the right one? I didn't get that part from the Code!

sukalpomitra (Wed, 18 Mar 2020 10:52:35 GMT):
awhat do you mean by right one?

gnarula (Wed, 18 Mar 2020 10:54:58 GMT):
Your questions is probably answered by how the connection protocol works https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol

gnarula (Wed, 18 Mar 2020 10:54:58 GMT):
Your question is probably answered by how the connection protocol works https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol

davidd (Wed, 18 Mar 2020 10:55:12 GMT):
Osma Scan QR Code from Aries Web Agent.. That's the both parties are sure that the Agent is registered on Ledger

sukalpomitra (Wed, 18 Mar 2020 10:55:39 GMT):
they do a didpeer com, they dont go to ledger

davidd (Wed, 18 Mar 2020 10:56:29 GMT):
If I run Aca-py and scan QR Code from OSMA, will it connect with it too?

davidd (Wed, 18 Mar 2020 10:59:36 GMT):
The standard invitation format is a URL with a Base64URLEncoded json object as a query parameter. The Invitation URL format is as follows, with some elements described below: https:///?c_i=

davidd (Wed, 18 Mar 2020 10:59:52 GMT):
Source: https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol

davidd (Wed, 18 Mar 2020 11:01:25 GMT):
from where the osma is taking that URL to connect with web agent?

davidd (Wed, 18 Mar 2020 11:01:25 GMT):
from where the osma is taking the URL?

gnarula (Wed, 18 Mar 2020 11:01:56 GMT):
the URL is what's encoded in the QR code

davidd (Wed, 18 Mar 2020 11:02:28 GMT):
last question! If I run Aca-py (python web agent) and scan QR Code from OSMA, will it connect with it too?

davidd (Wed, 18 Mar 2020 11:02:28 GMT):
last question! If I run Aca-py and scan QR Code from OSMA, will it connect with it too?

gnarula (Wed, 18 Mar 2020 11:02:49 GMT):
it should if OSMA is up to date with the implementation of the connection protocol

gnarula (Wed, 18 Mar 2020 11:03:47 GMT):
also, make sure URLs inside the invitation string like service endpoints are accessible from the app

ajayjadhav (Wed, 18 Mar 2020 13:08:09 GMT):
Just curious, can a verifiable credential be tranferable like value tokens - e.g. transferable movie tickets Is there any RFC which relates this idea ?

ajayjadhav (Wed, 18 Mar 2020 13:08:09 GMT):
Just curious, can a verifiable credential be tranferable like value tokens - e.g. transferable movie tickets Is there any RFC which relates with this idea ?

swcurran (Wed, 18 Mar 2020 13:10:37 GMT):
No - credentials are issued to the holder and can only be proven by the holder. As such, VCs as defined today can't be transferred to anyone else.

ajayjadhav (Wed, 18 Mar 2020 13:11:29 GMT):
okay, so we will have probably look for a non-VC approach...

Audrius (Wed, 18 Mar 2020 13:54:56 GMT):
Credentials are not transferable, but I guess to implement mentioned ticket transfer case could be (or will be) possible with Chained Credentials approach (RFC0104)? @swcurran what is your opinion?

swcurran (Wed, 18 Mar 2020 14:01:38 GMT):
Funny -that was the reason for my caveat in my response. There might be a way with RFC104, particularly for a uniquely identified resource that might be used on a first come, first serve basis -- e.g. where there is not a strict double-spend prevention requirement.

swcurran (Wed, 18 Mar 2020 14:02:23 GMT):
I consider 104 to be a futures thing in that the crypto for it is not yet in Indy. I understand it's in Ursa (that's great), but it will be a bit before it is in Indy.

Audrius (Wed, 18 Mar 2020 14:17:29 GMT):
My thought was related to the car rental use case which is in RFC104. Delegation authority through issuing VC could be useful for enterprises. Shareholders->CEO->..etc. up to asset ownership at employee level. And again transfer such ownership...

swcurran (Wed, 18 Mar 2020 14:49:35 GMT):
Absolutely!!! That's why we are anxious for them to be available.

ashcherbakov (Thu, 19 Mar 2020 08:19:49 GMT):
An RFC for Rich Schema objects details: https://github.com/hyperledger/aries-rfcs/pull/446 FYI @brentzundel

TelegramSam (Thu, 19 Mar 2020 14:33:06 GMT):
Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31196076

sheldon.regular (Thu, 19 Mar 2020 14:52:06 GMT):
@dbluhm I seem to be through that error by using pytest 4.6.3. I'm wondering now if someone could help me understand the config.toml file? I'm not entirely sure what endpoints are for what. Are you starting an agent internally to the test suite or is the test suite pretending to be an agent? Where is that endpoint defined in the config (endpoint reported to other agents section)? Is that internal agent to connect to a ledger already running? What are the HTTP Server options for? The endpoint for the agent under test (one I already have running) I assume is in config.subject? Can you explain how the ManualBackchannel works and what are the other options for the backchannel? If some or all of these could be answered it would be greatly appreciated.

sheldon.regular (Thu, 19 Mar 2020 15:29:53 GMT):
or if it may be a quicker maybe highlight what I could have wrong in my config based on this output running connection tests.

KowcikRamachandran (Thu, 19 Mar 2020 18:58:39 GMT):
Has joined the channel.

daveek (Fri, 20 Mar 2020 10:19:03 GMT):
@gnarula @sukalpomitra, I have some questions, 1) How to setup the 'samples/aspnetcore' Aries .NET Web Agent on production server? or simply how to setup my own aries .net web agent on server/cloud? 2) Will there be any need for Ngrok? 3) And how will my Mobile Agent access the Aries .Net Web Agent? Will I also change the URL's for QR Code?

daveek (Fri, 20 Mar 2020 10:19:03 GMT):
@gnarula @sukalpomitra, I have some questions, 1) How to setup the 'samples/aspnetcore' Aries .NET Web Agent on production server? or simply how to setup my own aries .net web agent on server/cloud? 2) Will there be any need for Ngrok? 2) And how will my Mobile Agent access the Aries .Net Web Agent? Will I also change the URL's for QR Code?

wip-abramson (Fri, 20 Mar 2020 14:14:22 GMT):
Hi all, I recently wrote about how we are tackling including images into credentials using ipfs - https://hackmd.io/pwZVCvXnTAy2qtxJ2L2lJQ Be interested to hear peoples thoughts. Has anyone tried this before?

domwoe (Fri, 20 Mar 2020 14:55:24 GMT):
Interesting! What's the size limit of a credential attribute? I thought a simple hack would be to really just encode the image an interpret it is a string on the indy level. Then the hash of the string would be actually signed, and on the application level one could interpret the string as an image again.

pknowles (Fri, 20 Mar 2020 16:21:04 GMT):
#all The most important discussion regarding _DIDs for everything_ is in full flow. If anyone has any firm thoughts on DID spec inclusion/exclusion of resource identifiers, speak now or forever hold your peace. https://github.com/w3c/did-core/issues/233

pknowles (Fri, 20 Mar 2020 16:21:04 GMT):
The most important discussion regarding _DIDs for everything_ is in full flow. If anyone has any firm thoughts on DID spec inclusion/exclusion of resource identifiers, speak now or forever hold your peace. https://github.com/w3c/did-core/issues/233

pknowles (Fri, 20 Mar 2020 16:21:04 GMT):
The most important discussion regarding _DIDs for everything_ is in full flow. If anyone has any firm thoughts on DID spec inclusion/exclusion of object identifiers, speak now or forever hold your peace. https://github.com/w3c/did-core/issues/233

daveek (Sat, 21 Mar 2020 07:25:11 GMT):
`Step 11/11 : RUN apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1 ---> Running in 89b167171dcb Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package libindy E: Unable to locate package libsovtoken E: Unable to locate package dotnet-sdk-3.1 E: Couldn't find any package by glob 'dotnet-sdk-3.1' E: Couldn't find any package by regex 'dotnet-sdk-3.1' The command '/bin/sh -c apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1' returned a non-zero code: 100`

daveek (Sat, 21 Mar 2020 07:25:11 GMT):
Building a Docker File, returned this ``` Step 11/11 : RUN apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1 ---> Running in 89b167171dcb Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package libindy E: Unable to locate package libsovtoken E: Unable to locate package dotnet-sdk-3.1 E: Couldn't find any package by glob 'dotnet-sdk-3.1' E: Couldn't find any package by regex 'dotnet-sdk-3.1' The command '/bin/sh -c apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1' returned a non-zero code: 100 ```

daveek (Sat, 21 Mar 2020 07:25:11 GMT):
Building a Docker File, returned this ``` Step 9/9 : RUN apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1 ---> Running in 89b167171dcb Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package libindy E: Unable to locate package libsovtoken E: Unable to locate package dotnet-sdk-3.1 E: Couldn't find any package by glob 'dotnet-sdk-3.1' E: Couldn't find any package by regex 'dotnet-sdk-3.1' The command '/bin/sh -c apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1' returned a non-zero code: 100 ```

daveek (Sat, 21 Mar 2020 07:25:11 GMT):
Building a Docker File, returned this. Github Issue -> https://github.com/streetcred-id/docker/issues/2 ``` Step 9/9 : RUN apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1 ---> Running in 89b167171dcb Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package libindy E: Unable to locate package libsovtoken E: Unable to locate package dotnet-sdk-3.1 E: Couldn't find any package by glob 'dotnet-sdk-3.1' E: Couldn't find any package by regex 'dotnet-sdk-3.1' The command '/bin/sh -c apt-get install -y --allow-unauthenticated libindy libsovtoken dotnet-sdk-3.1' returned a non-zero code: 100 ```

tomislav (Sat, 21 Mar 2020 19:49:13 GMT):
Seems an issue with libindy deps in the stable stream. Switching to master I was able to build the dockerfile Change this line to `master` from `stable` - `RUN add-apt-repository "deb https://repo.sovrin.org/sdk/deb xenial master"`

tomislav (Sat, 21 Mar 2020 19:58:43 GMT):
1. You can use docker to host your asp.net core process that will run an agent. We use this strategy and it works pretty well 2. No need for ngrok, since your agent is hosted in the cloud. You just need to find a way to pass the hosting URL to the AgentOptions. You can configure this in appsettings.json. The actual Aries agent code doesn't care what host/IP you run your service on, it just wants to know what public host/IP is configured for them so it can pass that to invitations. 3. When your mobile agent scans an invitation generated from your WebAgent it will have an endpoint that points to your WebAgent URL. This is the same endpoint I mentioned in point 1.

daveek (Sat, 21 Mar 2020 20:01:00 GMT):
``` Step 5/9 : RUN add-apt-repository "deb https://repo.sovrin.org/sdk/deb xenial master" ---> Running in d51359ff2f52 Get:1 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB] Hit:2 http://archive.ubuntu.com/ubuntu bionic InRelease Get:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB] Get:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB] Get:5 https://repo.sovrin.org/sdk/deb xenial InRelease [28.5 kB] Get:6 https://repo.sovrin.org/sdk/deb xenial/master amd64 Packages [497 kB] Reading package lists... E: Release file for http://security.ubuntu.com/ubuntu/dists/bionic-security/InRelease is not valid yet (invalid for another 14h 5min 6s). Updates for this repository will not be applied. E: Release file for http://archive.ubuntu.com/ubuntu/dists/bionic-updates/InRelease is not valid yet (invalid for another 16h 9min 3s). Updates for this repository will not be applied. E: Release file for http://archive.ubuntu.com/ubuntu/dists/bionic-backports/InRelease is not valid yet (invalid for another 14h 7min 27s). Updates for this repository will not be applied. The command '/bin/sh -c add-apt-repository "deb https://repo.sovrin.org/sdk/deb xenial master"' returned a non-zero code: 100 ```

tomislav (Sat, 21 Mar 2020 20:03:30 GMT):
I just built it successfully using `docker build -t streetcred/dotnet-indy:latest -f dotnet-indy.dockerfile .`

daveek (Sat, 21 Mar 2020 20:05:23 GMT):
I was trying to follow the steps to create a custom AspNetCore web application as mentioned here (https://github.com/hyperledger/aries-framework-dotnet/blob/master/docs/gettingstarted.rst), but it took more than a day and I don't have more time for this and also this is same as streetcred/docker?

daveek (Sat, 21 Mar 2020 20:05:23 GMT):
Hi, I want to know about how aries agents works in Production e.g. Pools, Wallets etc. and how to scale them? Here is an example of our system and about our requirement. Banks (Issuer) will have Web Agent (aries-framework-dotnet) and Customers (Holder) will have Mobile Agent (e.g. osma). 1- Ledger: For now we want to use private ledger. In future we will likely to consider Sovirn network, but now for Pilot project we want to run our private network. How to setup private network/ledger? 2- Pool: Is the pool will be same for everyone (issuer & holder) and how to connect with it from production? 3- Wallet: Every issuer and holder will get their own wallet. 4- Issuer: How can we add multiple issuers (with steward role) that they are able to issue credentials for their customers? 5- Branches: Bank have hundreds of branches, Is there any possibility that all branches can work on behave of one bank (issuer)? 5- Scale: We have multiple issuers (bank) and every bank has millions of customers, how to scale this (things we should consider)? 6- How will mobile agents connect with web agents (making endpoints public)? If there is any doc or related resources which could help us to understand this, it will be very helpful! Thanks

daveek (Sat, 21 Mar 2020 20:06:07 GMT):
If I use anything else than streetcred/dotnet-indy:latest, will it work?

tomislav (Sat, 21 Mar 2020 20:06:38 GMT):
Yes, that's the same one. We provide pre-built images

tomislav (Sat, 21 Mar 2020 20:07:54 GMT):
In the docker command? Yes, ofc. Docker accepts anything

daveek (Sat, 21 Mar 2020 20:11:10 GMT):
It should, but it return a lot of errors (pasted above).. I will look for it, If couldn't resolve my own, would bother you :) , sorry for that in advance. And thanks for your response.

swcurran (Sat, 21 Mar 2020 23:30:23 GMT):
A couple of thoughts. First, the proposed hashlink protocol might be helpful for this. It combines a URL location and a hash of the contents -- which is kind of like what IPFS does implicitly. https://tools.ietf.org/html/draft-sporny-hashlink-04 But that doesn't help anyone with where to store the image, which is where IPFS helps.

swcurran (Sat, 21 Mar 2020 23:33:19 GMT):
The concern though is that once the verifier has the hash of IPFS content, they have the identifier for the image - the content, without (as I understand it) any access control. For general content that might be OK, but a bit concerning for biometrics such as a picture of the person.

swcurran (Sat, 21 Mar 2020 23:35:18 GMT):
The IPFS solution is great for a range of use cases where the issuer can attest to the content by putting the hash in the credential and the holder can prove the content via a hash to the full content.

wip-abramson (Sun, 22 Mar 2020 11:12:06 GMT):
Interesting, thanks Stephen. I guess it would depend on the trust placed on Verifiers within the domain. E.g. if all verifiers are inside a single organisation and only this org has access to the IPFS network this could mitigate some of these concerns

wip-abramson (Sun, 22 Mar 2020 11:28:44 GMT):
Also, what my understanding of decorators correct?

tomislav (Sun, 22 Mar 2020 12:29:51 GMT):
IPFS links (and now hashlinks) is a great way to express links to external resources in a credential where public access to the data isn't a concern.

swcurran (Sun, 22 Mar 2020 14:20:14 GMT):
Decorators don't really come into it. You are talking about a value inside a credentials (a claim) and decorators are at the DIDComm messaging layer. An IPFS reference is just a URL, and that is the value you will put in a claim.

swcurran (Sun, 22 Mar 2020 14:20:56 GMT):
Same as if you put the image in the credential via base64 encoding - that would be a string.

daveek (Sun, 22 Mar 2020 16:33:51 GMT):
It worked thanks, now want to use this docker image to run web agent but it returned this error message. https://github.com/hyperledger/aries-framework-dotnet/issues/72#issuecomment-602235560 If u could have a look, thanks :)

wip-abramson (Sun, 22 Mar 2020 18:00:44 GMT):
But as I understood it decorators are a suggestion for communicating images or more generally files along with proof (a hash) that this file was issued to you.

wip-abramson (Sun, 22 Mar 2020 18:03:25 GMT):
Also are you saying that it is possible to base64 an image and store it in an attribute. I was under the impression that this was not feasible because of the size. @domwoe I don't actually know the attribute size limit, perhaps @swcurran knows though?

swcurran (Sun, 22 Mar 2020 19:03:24 GMT):
It is definitely possible to put an image in a credential - we've done it. And use, with the attachment decorator, you can attach a document (or link to one) in an Aries message, but that doesn't get it in the credential. Credential attributes (claims) are just singleton data elements. So there is not really a connection between a decorator (something at the Aries level) and a claim within a credential.

domwoe (Mon, 23 Mar 2020 07:31:37 GMT):
I experimented a bit yesterday with base64 encoded images as attributes. Tiny images work without issues, but with reasonable images I get an error when trying to store the received credential in the wallet.

wip-abramson (Mon, 23 Mar 2020 09:08:16 GMT):
@swcurran yep I think I understand that. But if I was to use a decorator to send an attachment over a DIDComm channel, then over the same channel prove that I had been issued a credential with an attribute attesting to the hash of this attachement would that not be the same as proving the attachment was "issued" to me. Or at least vouched for by some other entity?

wip-abramson (Mon, 23 Mar 2020 10:03:57 GMT):
I also just published this - https://wip-abramson.dev/usable-credential-schema Would greatly appreciate hearing other peoples thoughts on defining credential schema and proof templates for a specific domain. I strongly believe the data model should be normalised, but open to be shown why this is not right. Cheers

jljordan_bcgov (Mon, 23 Mar 2020 13:47:23 GMT):
Yes I think we would absolutely agree that there will be many credential ecosystems ... and this is touched upon in the Trust over IP governance stack (RFC 0289). In fact, this RFC will be updated this week to make it even more explicit.

wip-abramson (Mon, 23 Mar 2020 18:28:14 GMT):
I think we are perhaps talking at cross purposes. I am discussing how to define credential schema within a single credential ecosystem. Which I mean as a set of credential schema defined to meet the needs of a specific domain. I imagine by this definition there are already many credential ecosystems deployed on Sovrin and other Indy variants

andrew.whitehead (Mon, 23 Mar 2020 18:36:07 GMT):
I think that looks reasonable. We do something similar in the OrgBook (now aries-vcr) where we start with 'foundational' credentials which include the basic identifying information, and related credentials which generally have a domain-specific ID field in common. FYI I find the text color a bit light on that site for comfortable reading

andrew.whitehead (Mon, 23 Mar 2020 18:40:02 GMT):
The rich schemas effort is largely about producing reusable schemas for particular domains of course

jljordan_bcgov (Mon, 23 Mar 2020 19:29:23 GMT):
and I think a real benefit of the Indy ledger is that it contains both the credential schema (after it is agreed upon by the trust community ideally :)) and it contains those that may be using the schema (credential definitions) ... so there can be discovery

jljordan_bcgov (Mon, 23 Mar 2020 19:29:45 GMT):
I recall talk of "proof templates" becoming a ledger object as well

MALodder (Mon, 23 Mar 2020 20:19:14 GMT):
@kenebert @brentzundel were calling them presentation requests

zossimov (Tue, 24 Mar 2020 06:43:35 GMT):
Hi, I'm defining custom Schemas and creating Credentials in Aca-Py and Aries .Net Agent. How to see if they successfully defined and created on indy ledger? How to retrieve the existing one? Thanks

zossimov (Tue, 24 Mar 2020 06:43:35 GMT):
Hi, I'm defining custom Schemas and creating Credentials in Aca-Py and Aries .Net Framework. How to see if they successfully defined and created on indy ledger? How to retrieve the existing one? Thanks

zossimov (Tue, 24 Mar 2020 06:43:35 GMT):
Hi, I'm defining custom Schemas and creating Credentials in Aca-Py and Aries .Net Framework. How to see if they are successfully defined and created on indy ledger? How to retrieve the existing one? Thanks

wip-abramson (Tue, 24 Mar 2020 08:29:24 GMT):
Interesting @jljordan_bcgov I heard talk that in the future it may no longer be necessary to have credential definitions on the ledger. But I agree having this information on the ledger provides some useful markers when making trust decisions

wip-abramson (Tue, 24 Mar 2020 08:31:16 GMT):
In the project I am working on we refer to templates and the object used to generate proof/presentation requests. And the requests themselves as the actual transaction sending that template to a specific holder

PatrikStas (Tue, 24 Mar 2020 10:54:24 GMT):
If you are creating it on Sovrin network, one way is to find them via https://indyscan.io

PatrikStas (Tue, 24 Mar 2020 10:55:20 GMT):
You can also easily deploy indyscan against your local network or AWS, there's a tutorial in github repo https://github.com/Patrik-Stas/indyscan/

zossimov (Tue, 24 Mar 2020 14:56:01 GMT):
@PatrikStas Checked it out, it's really amazing tool!!!

zossimov (Tue, 24 Mar 2020 15:00:26 GMT):
I want to run it on localhost. Installed the Docker. Now, trying to setup Indy Client -> https://github.com/Patrik-Stas/indyscan/tree/master/indypool-client

zossimov (Tue, 24 Mar 2020 15:01:33 GMT):
``` :~/Documents/indyscan/indypool-client$ npm run install npm ERR! missing script: install npm ERR! A complete log of this run can be found in: npm ERR! /home/x0axz/.npm/_logs/2020-03-24T14_54_20_647Z-debug.log ```

zossimov (Tue, 24 Mar 2020 15:06:40 GMT):
And in https://github.com/Patrik-Stas/indyscan/blob/cf851db69351efdec294f27422840abed8792238/indypool-client/package.json#L7 file, srcc is written instead of src, but still it return this error.

swcurran (Tue, 24 Mar 2020 15:34:36 GMT):
I can't see cred defs of some form not being on a ledger/trusted utility. They contain per-claim public keys for signing (tamper proofing the data) and a link to the Issuer (Issuer's DID). Those are necessary for a verifiable credential.

PatrikStas (Tue, 24 Mar 2020 16:31:06 GMT):
@zossimov thanks for catch! Fixed now, there was mistake in the readme. The actual command to run was `npm install`, not `npm run install`. Also fixed the package.json

domwoe (Tue, 24 Mar 2020 19:48:12 GMT):
What's the argument for requiring individual signing/verification keys per claim or even per cred def? If an issuer does not need this it could also add a global verification key to its DID document/

swcurran (Tue, 24 Mar 2020 19:51:55 GMT):
It's part of the AnonCreds mechanism. It's necessary for the ZKP tech and for the business needs of using ZKPs. It allows claims from multiple credentials and multiple issuers in a single proof. The "key per claim" also enables selective disclosure.

swcurran (Tue, 24 Mar 2020 19:52:52 GMT):
Just as a matter of interest, what is the objection to having cred defs?

domwoe (Tue, 24 Mar 2020 20:01:32 GMT):
ok, this might be out of my depth, but I imagined I could prove that I know an attribute under this schema with the signature corresponding to the following verkey which belong to this DID. And I could repeat that for different attributes part of different schemas signed by different DIDs.

domwoe (Tue, 24 Mar 2020 20:04:52 GMT):
I think it might make sense for an issuer to publish on the ledger which types of credential it issues and the credential definition might also be required for revocation, but in some cases it seemed to me like an unnecessary write to the ledher

swcurran (Tue, 24 Mar 2020 20:05:08 GMT):
A bit out of my depth as well, but The problem with that is that you can rotate your key for your DID and then there would be no way to verify the issued credentials.

swcurran (Tue, 24 Mar 2020 20:05:08 GMT):
A bit out of my depth as well, but one problem with that is that you can rotate your key for your DID and then there would be no way to verify the issued credentials.

swcurran (Tue, 24 Mar 2020 20:06:06 GMT):
But this goes deeper than I understand, so you have to start to look at the full anonymous credentials design.

domwoe (Tue, 24 Mar 2020 20:07:22 GMT):
yeah, but it would be the special key to sign credentials and not your authentication key. The same is true if you rotate the keys in the cred def. Ah, no, the cred defs are versioned, aren't they?

domwoe (Tue, 24 Mar 2020 20:10:11 GMT):
hm, no, only schemas are. Thanks anyway Stephen. I've still a long road ahead of me ;)

swcurran (Tue, 24 Mar 2020 22:14:57 GMT):
Cred Defs are tagged so they can be versioned.

zossimov (Wed, 25 Mar 2020 01:06:28 GMT):
@swcurran Can I use indy-cli to see what's on the ledger, being put on by Aries .Net or Aca-py? I tried on Aries .Net Web Agent, and it returned everything empty. indy> did list There is no opened wallet now indy> wallet list There are no wallets

thinhnnd (Wed, 25 Mar 2020 03:43:05 GMT):
Hi everyone. In the demo from this repository: https://github.com/hyperledger/aries-acapy-controllers. Can we replace Alice Controller with a mobile agent (like osma or streedcred)?

wip-abramson (Wed, 25 Mar 2020 08:55:44 GMT):
I wrote this a while back when I was grappling with CL Signatures - https://wip-abramson.dev/cl-signatures essentially a cred def is the public key for a CL Signature. This key requires a unique BIG number for each attribute in the credential

esplinr (Wed, 25 Mar 2020 14:01:34 GMT):
Starting the Aries WG call: https://zoom.us/j/244779296

tomislav (Wed, 25 Mar 2020 14:54:19 GMT):
Mobile apps don't expose a public endpoint, so they aren't candidates for controllers

ianco (Wed, 25 Mar 2020 14:58:42 GMT):
This doc describes how the Faber aca-py can talk to an Alice Streetcred: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo-mobile.md

ianco (Wed, 25 Mar 2020 15:00:13 GMT):
Faber needs to run on a publicly available port, so you run it on play-with-docker, or you mcguyver using ngrok

ianco (Wed, 25 Mar 2020 15:00:13 GMT):
Faber needs to run on a publicly available port, so you run it on play-with-docker, or you MacGyver using ngrok

swcurran (Wed, 25 Mar 2020 15:00:18 GMT):
I suppose you can, but you have to know how to interact with the wallet and open it first. What are you trying to do? Use indy-cli or just see the transactions?

ianco (Wed, 25 Mar 2020 15:08:16 GMT):
You use the `ledger` commands in indy-cli to see what's on the ledger

ianco (Wed, 25 Mar 2020 15:08:41 GMT):
Try using the cli's built-in help, try `help` at the command prompt, or `ledger help` for example

ianco (Wed, 25 Mar 2020 15:10:26 GMT):
https://github.com/hyperledger/indy-sdk/tree/master/docs/design/001-cli#commands

thinhnnd (Wed, 25 Mar 2020 15:37:49 GMT):
Thanks for replying. I've run the demo play-with-docker and it worked when using streetcred but osma is not work (May be streedcred have an cloud agent right?). With Streetcred, first we need to set the network same with the URL_Ledger (for me is BCovrin Test network) we run on acapy-controller demo. After that, on Faber Controller, I created a *connection invitation* and convert it to QR code for Streetcred to scan. The connection is set, but the *connection state* I checked on Faber Swagger is "*respone*" not "*active*". So that we can not issue credentials. Then I sent a "trust pinging" to connection-id we created and magically the state of the connection has changed to "*active*". Finally I can issue a credential from Faber Controller to Alice using Streetcred agent.

ianco (Wed, 25 Mar 2020 15:40:44 GMT):
Great, glad it's working! That's pretty much the same as our experience. We updated the Faber script to allow sending credentials when the connection status is "response", in case you don't have the latest code.

ianco (Wed, 25 Mar 2020 15:40:58 GMT):
I'm not sure about OSMA but there is a developer working on it!

thinhnnd (Wed, 25 Mar 2020 15:50:47 GMT):
Thanks a lot @ianco . I'll research on the doc above.

TelegramSam (Wed, 25 Mar 2020 21:05:59 GMT):
Discussion from our meeting re: ack vs protocol specific messages in DID Exchange: https://github.com/hyperledger/aries-rfcs/pull/455

zossimov (Thu, 26 Mar 2020 10:04:01 GMT):
@swcurran, I'm using Aries .Net Web Agent as an Issuer. For now, I'm defining Schemas and Creating Credentials and to see if they are defined/created on ledger or not?

mccown (Thu, 26 Mar 2020 12:29:23 GMT):
Just a reminder about the Identity Implementer's WG Call later today (9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest, Cam Parra (Kiva), will be giving an overview and demonstration of the Kiva platform. Here is the calendar invite with times and Zoom details. https://tinyurl.com/wmtosxn

zossimov (Thu, 26 Mar 2020 14:21:42 GMT):
Aries .Net Agent is running, but couldn't find `~/.indy_client/wallet`

TelegramSam (Thu, 26 Mar 2020 15:30:19 GMT):
Aries WG B Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31196283

esplinr (Fri, 27 Mar 2020 15:59:20 GMT):
This week's Evernym demo video shows: * The rich schema implementation in Indy Node and Indy VDR * Aries interoperability between LibVCX and Streetcred https://www.youtube.com/watch?v=lZ84bCxEKWo&list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF

mohammadhossein73 (Sun, 29 Mar 2020 05:50:05 GMT):
Has joined the channel.

zossimov (Mon, 30 Mar 2020 15:30:11 GMT):
Hi, Is there anyone who already defined schemas in Aries .Net? Is there any sample/code?

bricg (Tue, 31 Mar 2020 10:31:14 GMT):
Hi, to build a mobile agent using dotnet agent framework with xamarin, how does the mobile agent get a static endpoint so that other agents can reach it? Is a cloud agency required?

sukalpomitra (Tue, 31 Mar 2020 12:08:36 GMT):
well yes, it needs a cloud agent. But as of now the response is sent back through the same http connection

bricg (Tue, 31 Mar 2020 12:48:46 GMT):
Sorry, I don't follow. Can you elaborate please?

bricg (Tue, 31 Mar 2020 13:12:09 GMT):
If I deploy a mobile agent on an iPhone, what http endpoint is used for communicating with it? Can you explain what happens as of now versus what will happen when fully implemented. Thanks

sukalpomitra (Tue, 31 Mar 2020 13:17:50 GMT):
so if you want to talk to a verifier or an issuer, the mobile edge agent talks to the service endpoint of the verifier and the response to any request comes in the same live http connection. If somehow, the mobile gets switched off or it moves out of coverage, the message is lost. A cloud agent gives the guarantee of each message. The phone can pick up the message once it gets the coverage back. And if someone wants to send a message to an edge agent, it cannot happen without a cloud agent.

tomislav (Tue, 31 Mar 2020 19:04:21 GMT):
@bricg The mobile agent requires a web agent called Mediator to accept messages for delivery. Aries .NET provides a sample mediator agent that can be used in conjuction with an Edge agent. https://github.com/hyperledger/aries-framework-dotnet/tree/master/samples/routing Configuration is simple. Use `RegisterMediator` on your web service, and use `RegisterEdge` in your mobile device. During provisioning, the Edge will connect to the mediator and configure itself.

tomislav (Tue, 31 Mar 2020 19:06:01 GMT):
Also here's a xamarin forms sample with configuration. https://dev.azure.com/streetcred/Hyperledger.Aries/_git/aries-xamarin-forms-sample

HLFPOC (Tue, 31 Mar 2020 19:16:45 GMT):
Hi, is there any sample where RegisterMediator is used?

HLFPOC (Tue, 31 Mar 2020 19:16:45 GMT):
Hi, is there any sample where `RegisterMediator `is used?

tomislav (Tue, 31 Mar 2020 19:20:17 GMT):
https://github.com/hyperledger/aries-framework-dotnet/blob/41ddef46801ac1d1670b6408bc36311a269e6ba7/samples/routing/MediatorAgentService/Startup.cs#L22

YaswanthSorapalli (Wed, 01 Apr 2020 09:20:38 GMT):
Has joined the channel.

YaswanthSorapalli (Wed, 01 Apr 2020 09:21:07 GMT):
what is the difference among indy, aries and sovrin ?

jakubkoci (Wed, 01 Apr 2020 12:48:45 GMT):
@YaswanthSorapalli Look at this gread answer by Stephen Curran on StackOverflow https://stackoverflow.com/questions/58889992/key-differences-between-hyperledger-aries-and-hyperledger-indy I would add that Sovrin is a non-profit organization what runs an instance of Indy distributed ledger and provides governance and legal framework around (who can run node, who can write to the ledger and so on).

jakubkoci (Wed, 01 Apr 2020 12:48:45 GMT):
@YaswanthSorapalli Look at this great answer by Stephen Curran on StackOverflow https://stackoverflow.com/questions/58889992/key-differences-between-hyperledger-aries-and-hyperledger-indy I would add that Sovrin is a non-profit organization what runs an instance of Indy distributed ledger and provides governance and legal framework around (who can run node, who can write to the ledger and so on).

swcurran (Wed, 01 Apr 2020 17:55:25 GMT):
Join us for the ACA-Py User Group in 5 minutes. We'll covering the latest on revocation, a new tracing capability, interop testing and a Identity Proof of Concept tool. Zoom link will be: https://zoom.us/j/900111661; Link to meeting agenda page: https://wiki.hyperledger.org/display/ARIES/2020-04-01+Aries+Cloud+Agent+-+Python+Users+Group+Community+Meeting

jtwalker2000 (Wed, 01 Apr 2020 22:05:44 GMT):
Hi, just joining - currently working with the Fabric Healthcare SIG and looking to get up to speed on Aries . 1st question : Are there initiatives / projects kicking off that are investigating the leverage of Aries DID's to support Corona Virus resource and identity mapping projects? [ :worried: realize in advance that this is a very high level / abstract question, but ...]

esplinr (Wed, 01 Apr 2020 23:18:50 GMT):
This is a major topic it the Hyperledger Health Care Special Interest Group: https://wiki.hyperledger.org/display/HCSIG/2020.04.03+Special+Topic+Meeting+Agenda

esplinr (Wed, 01 Apr 2020 23:19:06 GMT):
My team at Evernym have also been working on this topic: https://www.evernym.com/covid19-creds/

esplinr (Wed, 01 Apr 2020 23:19:14 GMT):
I'm sure lots of other people have too.

wip-abramson (Thu, 02 Apr 2020 07:25:37 GMT):
Hi, I have just seen the hyperledger mentorship scheme - https://wiki.hyperledger.org/display/INTERN/Project+Proposal. I know I am slightly passed the deadline but does anyone know if I would be able to submit a proposal still? I have been collaborating with the OpenMined community and am currently planning to be a mentor on this proposed project - https://github.com/OpenMined/PyGrid/issues/495. I wonder if I could submit this in the format for a hyperledger mentorship scheme? Would be great to have the support of the aries community on this!

swcurran (Thu, 02 Apr 2020 13:49:24 GMT):
There are a number of initiatives happening in the community. You might check out this one - https://www.evernym.com/covid19-creds/. Evernym was the original creator/contributor of the Indy code base.

swcurran (Thu, 02 Apr 2020 13:50:49 GMT):
I'm not sure who is running the program at Hyperledger, but suggest you look in the Wiki for names associated with the program and contact them directly.

ekubilay (Thu, 02 Apr 2020 14:00:55 GMT):
Hi everyone, here is a newbie question; I am trying to play around with the administration API of aca-py. And I'm using the following; https://github.com/sovrin-foundation/sovrin/blob/master/sovrin/pool_transactions_sandbox_genesis as the genesis url. I am trying to make a "/ledger/taa/accept" call however I am not fully sure which "mechanism" value I should be using and which network. I played around but I keep getting "Ledger rejected transaction request, UnauthorizedClientRequest..." errors when I try to interact with the ledger. I would appreciate any help! Many thanks in advance.

TelegramSam (Thu, 02 Apr 2020 14:06:08 GMT):
@ekubilay welcome! ACApy has generated enough activity to warrent it's own channel: #aries-cloudagent-python is the spot to ask questions specific to ACApy.

mccown (Thu, 02 Apr 2020 21:03:13 GMT):
FYI, Blockstack just received a patent for their Auth / login protocol. I skimmed their patent and the process looks different than corresponding methods in the Indy / Aries world. Still, it's something that we'll need to be aware of and navigate around... https://www.coindesk.com/blockstack-wins-patent-for-its-dapp-single-sign-on-product

MALodder (Fri, 03 Apr 2020 12:21:59 GMT):
I read it and I’m not aware any work we’re doing here that would infringe on it. It’s based on dapps and server collaboration to generate unique sign on tokens

jljordan_bcgov (Fri, 03 Apr 2020 18:03:16 GMT):
Congrats on https://github.com/hyperledger/aries-mobileagent-xamarin @sukalpomitra @TelegramSam @tplooker BC Gov has been a contributor to supporting this work

TelegramSam (Fri, 03 Apr 2020 18:39:35 GMT):
You broke the news @jljordan_bcgov! The old repo will soon be archived.

zossimov (Sat, 04 Apr 2020 16:51:22 GMT):
To connect AriesWebApp Agent (https://github.com/Yoroitchi/AriesWebApp) and OSMA, required public endpoint (ngrok) else return 'Failed to accept invite!' and stuck there in Negotiating. It work fine when I run `dotnet run` but for public endpoint ngrok, it return this ``` web-agent-1_1 | crit: Hyperledger.Aries.Configuration.PoolConfigurationService[0] web-agent-1_1 | Couldn't create ledger configuration web-agent-1_1 | at WebAgent.Program.

(String[] args) aries-framework-dotnet_web-agent-2_1 exited with code 139 aries-framework-dotnet_web-agent-1_1 exited with code 139 ```

zossimov (Sat, 04 Apr 2020 16:52:16 GMT):
I want exactly like this https://github.com/mattrglobal/osma#a-quick-demo but to connect with https://github.com/Yoroitchi/AriesWebApp

zossimov (Sat, 04 Apr 2020 16:52:16 GMT):
I want exactly like this https://github.com/mattrglobal/osma#a-quick-demo, but to connect with https://github.com/Yoroitchi/AriesWebApp

jljordan_bcgov (Tue, 07 Apr 2020 03:55:25 GMT):
Interesting opportunity to get up to $200,000 US to provide innovative solutions to this set of challenges put out by Vale .. http://www.vale.com/canada/EN/sustainability/Pages/covid-19-challenge.aspx

newbiestat (Tue, 07 Apr 2020 09:41:33 GMT):
Has joined the channel.

swcurran (Tue, 07 Apr 2020 15:09:42 GMT):
Would anyone working on COVID-19 efforts in the Aries community be willing to talk on the Aries WG call about what you are doing? Please DM here and we can plan a session for tomorrow or next week. Thanks!

swcurran (Wed, 08 Apr 2020 00:18:23 GMT):
ACA-Py implementers: We are planning on removing the (long since) deprecated v0.1 Credential Exchange protocols and the related Admin interfaces. Is anyone using that functionality and would be affected by that change? The protocols for RFC 0036 and 0037 (Issue Credential and Present Proof) will of course remain. Speak now, please!

jcourt (Wed, 08 Apr 2020 04:31:57 GMT):
Has joined the channel.

thinhnnd (Wed, 08 Apr 2020 11:48:16 GMT):
@tomislav Execuse me sir... In the routing sample of aries dotnet framework. Now I want to expand the sample, so that Edge Agent can connect with an Issuer, and get a Credential from them. I tried with that edge agent

thinhnnd (Wed, 08 Apr 2020 11:55:55 GMT):
@tomislav Execuse me, sir. Please help me this stuff.... In the routing sample of aries-dotnet-framework. Now, I want to expand the sample so that Edge Agent can connect to an Issuer, and get a Credential from them. I tried but I faced error related to Pool config when calling *ProcessCredentialRequestAsync()* ... So, do we need to create a normal Agent ( I mean the agent is created *RegisterAgent()* ) and combine to the available Edge Agent?

tomislav (Wed, 08 Apr 2020 12:06:25 GMT):
`RegisterAgent` will create a regular agent that has ability to issue, verify and hold. `RegisterMediator` will create agent that can only forward messages.

tomislav (Wed, 08 Apr 2020 12:07:03 GMT):
The error you're getting is probably because the path to pool file genesis isn't specified. You need to pass a full path name to a valid genesis txn file

thinhnnd (Wed, 08 Apr 2020 13:13:42 GMT):
You mention that "*RegisterMediator* will create agent that can only forward messages". So does the *RegisterEdgeAgent* right?

tomislav (Wed, 08 Apr 2020 13:14:25 GMT):
No. RegisterEdge creates an agent that can do everything. In addition, it configures that agent with a mediator agent.

tomislav (Wed, 08 Apr 2020 13:14:25 GMT):
No. RegisterEdge creates an agent that can do everything. In addition, it configures that agent to receive messages from a mediator agent.

thinhnnd (Wed, 08 Apr 2020 13:15:54 GMT):
Ok, I got that. May be I config wrong for the genesis file as you said. Thank you

esplinr (Wed, 08 Apr 2020 14:02:08 GMT):
Starting Aries WG A call now: https://zoom.us/j/244779296

khalifa (Wed, 08 Apr 2020 14:17:06 GMT):
Has joined the channel.

YaswanthSorapalli (Wed, 08 Apr 2020 14:49:38 GMT):
How to connect to indy mainnet? So that I can do transactions on mainnet.

PradeepJaligama (Wed, 08 Apr 2020 16:19:42 GMT):
Has joined the channel.

PradeepJaligama (Wed, 08 Apr 2020 16:19:43 GMT):
@swcurran - Is it possible to use the Aries Agent as a standalone wallet? Like how this video describes it https://www.youtube.com/watch?v=Km4IoUdb3Lc

PradeepJaligama (Wed, 08 Apr 2020 16:20:02 GMT):
Is there an implementation we can look at ? Thanks alot

TelegramSam (Wed, 08 Apr 2020 16:22:47 GMT):
last week's call posted (sorry I was so slow this round): https://wiki.hyperledger.org/pages/viewpage.action?pageId=31197042

swcurran (Wed, 08 Apr 2020 16:26:47 GMT):
Yes. Right now, most Aries frameworks (ACA-Py, AF-.NET) use the indy sdk as the secure storage (aka wallet) layer. AF-Go uses only golang native dependencies so I'm not as sure, but would guess it has comparable capabilties. As such, the storage layer handles what (I think - I didn't listen to the whole thing, but know the context) is covered in that video. I believe that video describes that Indy implements.

PradeepJaligama (Wed, 08 Apr 2020 16:28:45 GMT):
ok.. Do you know if the ACA-Py has a REST interface to access the wallet?

PradeepJaligama (Wed, 08 Apr 2020 16:29:10 GMT):
We just want to use the core wallet functions, being able to store and retrieve secrets and search for them

swcurran (Wed, 08 Apr 2020 16:39:54 GMT):
Not sure for your use case. This demo describes how you can quickly spin up an instance and look at the rest interface in swagger. You don't have to do the whole process - just use the instructions to start up one of the agents (e.g. Faber) and look at the exposed API. https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo.md

PradeepJaligama (Wed, 08 Apr 2020 16:40:58 GMT):
we did look this and its more for issuing and sharing verifiable credentials..

PradeepJaligama (Wed, 08 Apr 2020 16:41:17 GMT):
we want to just the wallet part of the agent and not really the verifiable credential part

PradeepJaligama (Wed, 08 Apr 2020 16:41:22 GMT):
if thats possible

swcurran (Wed, 08 Apr 2020 16:41:41 GMT):
Yes - that's the main purpose for both Indy and Aries. If that's not your use case, then it may not be what you want.

PradeepJaligama (Wed, 08 Apr 2020 16:42:08 GMT):
we were wondering if we can just use the wallet portion of the agent

swcurran (Wed, 08 Apr 2020 16:43:30 GMT):
Sounds like you would want to use just the wallet portion of Indy. If so, I would look at what it does. Having said that, we hope to soon deprecate that and have an Aries secure storage component. However, that will be even more focused on Agent functions - connections, credential exchange, and use cases around that.'

PradeepJaligama (Wed, 08 Apr 2020 17:04:08 GMT):
can you point me to the wallet portion of Indy

PradeepJaligama (Wed, 08 Apr 2020 17:04:15 GMT):
any documentation?

jljordan_bcgov (Wed, 08 Apr 2020 18:33:23 GMT):
what do you mean by wallet? what is the use case you are thinking of? the purpose of storage in Aries is to have a place to store keys, store credentials and increasingly to store things like state of connections, protocol exchanges and so forth. each of these types of things that need to be stored have a bit different requirement around how the objects are handled for security. it is likely that trying to "just use the wallet" doesn't make sense separate from the other agent services

kengeo (Wed, 08 Apr 2020 19:02:46 GMT):
Hello team, currently working on a mobile app in react native and have tried using rn-indy-sdk + Indy.framework (generated from the iOS wrapper) but have been unable to get the framework to compile in Xcode. I've also tried aries-framework-javascript + indy-sdk but continue to get binding errors. I've been at it for two days straight. Does anyone have any suggestions on a way forward?

PradeepJaligama (Wed, 08 Apr 2020 22:11:34 GMT):
we were thinking of using the Aries as a general purpose wallet, for storing keys, signing transactions like a Key Management System

swcurran (Wed, 08 Apr 2020 22:27:16 GMT):
I don't think aries is likely going to fit your needs, but you can look at this - https://github.com/hyperledger/indy-sdk/tree/master/docs/design/003-wallet-storage The code and test for the wallet is in that same repo.

ultimo2020 (Thu, 09 Apr 2020 08:41:08 GMT):
Greetings everyone. I am going trough the Python samples in this url: https://github.com/hyperledger/indy-sdk/blob/master/docs/how-tos/write-did-and-query-verkey/python/utils.py I have seen that for the DID creation and all other ledger actions, the ledger interraction is bein local with DOCKER containers, the 4 ones. I have now got test tokens for the Sovrin Builder Net. Does anyone knows similar Python samples from Sovrin so that one can play around with the "pool" of Sovrin builder net or staging and to do writes there and not on the local indy Docker nodes? Thanks in advance,

PradeepJaligama (Thu, 09 Apr 2020 15:39:11 GMT):
thank you @swcurran .. does it support encryption natively or something that can be plugged in?

swcurran (Thu, 09 Apr 2020 15:41:48 GMT):
Not absolutely certain. My recollection is that the storage target is pluggable (e.g. sqllite, postgres) but the encryption is not.

PradeepJaligama (Thu, 09 Apr 2020 15:42:18 GMT):
can we use it to store secrets?

swcurran (Thu, 09 Apr 2020 15:44:46 GMT):
Yes - it has a "secrets" and "non-secrets" storage API, both of which result in the data going into encrypted storage. The data model is very simple - an "items" table, and a "tags" table that contains values and links to items. You can search tags to find items.

PradeepJaligama (Thu, 09 Apr 2020 15:45:47 GMT):
cool..thx..is it supposed to be used as an sdk or as an application?

TelegramSam (Thu, 09 Apr 2020 19:18:51 GMT):
OSMA (Open Source Mobile Agent) has been moved to Hyperledger as Aries MobileAgent Xamarin. The old Repo has been archived, with the current repo code submitted to the new repo to begin clean DCO history. If you have cloned the old repo. you'll need to clone the new one and migrate any fixes in the form of patches. Issues will similarly need to be re-opened on the new repo. Thanks for Mattr Global for the contribution and help! https://github.com/hyperledger/aries-mobileagent-xamarin

scottz (Thu, 09 Apr 2020 21:07:23 GMT):
Trying to follow. In this thread. Is "the wallet portion of Indy" (which is being deprecated and replaced by an Aries secure storage component) the same thing as "Indy SD" (which is built into the aries acapy/.net, but not go framework)?

scottz (Thu, 09 Apr 2020 21:07:23 GMT):
Trying to follow. In this thread. Is "the wallet portion of Indy" (which is being deprecated and replaced by an Aries secure storage component) the same thing as "indy-sdk" (which is built into the aries acapy/.net, but not go framework)?

scottz (Thu, 09 Apr 2020 21:25:40 GMT):
As was indicated, aries generates and stores its own keys, for example, for the didexchange protocol to handle messages being sent and received. Thus, there are methods to use the keys to encrypt with their public key and decrypt with my private key. For @PradeepJaligama to provide his own keys and use the KMS to store the private key, I think his external application/controller could (maybe through a new rest API function) call a new function in the storage level, to store his keys. And another call to the KMS to decrypt something upon demand and return it back up to the outside application. Does that seem doable? A good idea? It would allow reuse of a lot of great work being done here, but may require additional pkg and API.

daveek (Fri, 10 Apr 2020 11:49:19 GMT):
Hi, I want to know about how aries agents works in Production e.g. Pools, Wallets etc. and how to scale them? Here is an example of our system and about our requirement. Banks (Issuer) will have Web Agent (aries-framework-dotnet) and Customers (Holder) will have Mobile Agent (e.g. osma). 1- Ledger: For now we want to use private ledger. In future we will likely to consider Sovirn network, but now for Pilot project we want to run our private network. How to setup private network/ledger? 2- Pool: Is the pool will be same for everyone (issuer & holder) and how to connect with it from production? 3- Wallet: Every issuer and holder will get their own wallet. 4- Issuer: How can we add multiple issuers (with steward role) that they are able to issue credentials for their customers? 5- Branches: Bank have hundreds of branches, Is there any possibility that all branches can work on behave of one bank (issuer)? 5- Scale: We have multiple issuers (bank) and every bank has millions of customers, how to scale this (things we should consider)? 6- How will mobile agents connect with web agents (making endpoints public)? If there is any doc or related resources which could help us to understand this, it will be very helpful! Thanks

phuctu1901 (Fri, 10 Apr 2020 16:29:20 GMT):
Has joined the channel.

phuctu1901 (Fri, 10 Apr 2020 16:29:20 GMT):
Hello everybody,

phuctu1901 (Fri, 10 Apr 2020 16:30:50 GMT):
Hello everyone, I just have read about anoncreds-protocol in a document about anoncreds-protocol with the name "0109-anoncreds-protocol/README.html" and I noticed a line with content “unlinkability may be turned off to make credentials one-time use so that second and later presentations are detected”. I want to turn of unlinkability property because I want to build a voting app. But this document doesn't guide how to do it? Could someone help me? Thank you very much.

scottz (Fri, 10 Apr 2020 17:44:18 GMT):
@jljordan_bcgov , @swcurran : Is this usecase reasonable?

davidd (Fri, 10 Apr 2020 19:49:12 GMT):
Hi all, I am trying to make aries dotnet accessible through public url for mobile agent (i'm not using aries dotnet sample)!

davidd (Fri, 10 Apr 2020 19:50:28 GMT):
I want something like this!

davidd (Fri, 10 Apr 2020 19:50:28 GMT):
I want something like this something like this!

davidd (Fri, 10 Apr 2020 19:50:49 GMT):
and this!!

davidd (Fri, 10 Apr 2020 19:50:49 GMT):
same problem!

swcurran (Fri, 10 Apr 2020 19:53:34 GMT):
1. Just use an instance of von-network running on a private cloud/VM for the PoC. Or you could just use ours - http://test.bcovrin.vonx.io/. https://github.com/bcgov/von-network. If you are familiar with Fabric -- this is NOTHING like that. It's trivial to run a test/PoC ledger. Even a production one is orders of magnitude easier.

swcurran (Fri, 10 Apr 2020 19:54:06 GMT):
2 - Pool is just an agents way to connect to the ledger. Each loads the genesis file for the ledger all are using.

swcurran (Fri, 10 Apr 2020 19:54:43 GMT):
3 - yes. The issuer one will be large, because it has a connection to every holder. This is standard Enterprise scaling.

swcurran (Fri, 10 Apr 2020 19:55:48 GMT):
4. You would likely have just one issuer, no need for the Steward role. The Issuer would write (via a Steward) the need handful of ledger transactions. Every other participant can just read the transactions/cache them.

swcurran (Fri, 10 Apr 2020 19:57:42 GMT):
5. Yes. If they are using an enterprise system, there would be one agent for the bank - the issuer. Build it as a REST service and allow apps to connect for services - issue credential, prove presentations, etc. That needs to be a scalable service on an enterprise platform. We use OpenShift (K8S) with auto-scaling, postgres DB, etc. Standard enterprise configuration.

swcurran (Fri, 10 Apr 2020 19:59:02 GMT):
5 - The issuers are the element to be scaled. Think of them like a web app receiving requests from all of the customers. Scale them the same way - stateless requests, persist state, auto-scaled resources, etc.

swcurran (Fri, 10 Apr 2020 20:01:56 GMT):
6. Common model is a user goes to web site of the issuer (bank) and clicks a link that displays a QR code. The QR code is scanned to establish a connection and then an interaction (say, an issuance) happens. You can see this with these two demos: - ConfBook - chained Issuers - https://vonx.io/how_to/confbook - Once you have the ConfBook credentials, log into a simulated service using a Verifiable Credential IdP with OIDC to the service. - https://csb-audio.pathfinder.gov.bc.ca/

daveek (Fri, 10 Apr 2020 20:17:19 GMT):
@swcurran Thank you so much for your time :)

scottz (Mon, 13 Apr 2020 00:53:24 GMT):
Presentations show a nice design with a resolver interface to use aries with various blockchains. Unless I missed it, the go framework code and docs do not seem to have a resolver interface defined for implementing blockchain functions. Does ACAPY? Where can we find it?

ayushmanss (Mon, 13 Apr 2020 08:16:59 GMT):
Hi all, I am trying to solve a problem that requires both the blockchain network i.e. indy and fabric. Seeing that aries is blackchain agnostic with a resolver interface, I was wondering has anybody tried to use other blockchain with aries? I want to know if the road I am getting on is already walked on or not. Will be better if someone can give some pointers

MikeRichardson (Mon, 13 Apr 2020 08:23:32 GMT):
You should watch this presentation from Hyperledger Global Forum 2020; these guys are doing work with Aries/Fabric...https://www.youtube.com/watch?v=p6btBnEoDsM&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=62

MikeRichardson (Mon, 13 Apr 2020 08:23:32 GMT):
You should watch this presentation from Hyperledger Global Forum 2020; these guys are doing work with Aries/Fabric... https://www.youtube.com/watch?v=p6btBnEoDsM&list=PL0MZ85B_96CFY3isYUplorFSenn04WwBt&index=62

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to run the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' The Docker file contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the stuff to run node) so I don't see why this wouldn't work. Can anyone help?

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to run the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. Can anyone help?

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. Can anyone help?

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. My version of python is 3.7.3. Can anyone help?

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. My version of python is 3.7.3. Can anyone help? (something to do with missing setup-tools?)

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. My version of python is 3.7.3 (also tried with 3.6.9 get a different error but it still doesn't work) Can anyone help? (something to do with missing setup-tools?)

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. My version of python is 3.7.3 (also tried with 3.6.10 get a different error but it still doesn't work) Can anyone help? (something to do with missing setup-tools?)

MikeRichardson (Mon, 13 Apr 2020 08:29:20 GMT):
I am trying to write an Alice controller in nodejs; I need to spawn a python subprocess (the aca-py agent process) and I am getting an error when I try to call the python:- File "/aries_cloudagent/config/logging.py", line 8, in import pkg_resources ModuleNotFoundError: No module named 'pkg_resources' My dockerfile contains the exact same content as the dockerfile.demo used to run alice normally (I have just added the extra stuff to run node) so I don't see why this wouldn't work. My version of python is 3.7.3 (also tried with 3.6.10 get a different error but it still doesn't work) Can anyone help? (the python configuration seems messed up)

troyronda (Mon, 13 Apr 2020 12:32:29 GMT):
https://github.com/hyperledger/aries-framework-go/blob/master/pkg/framework/aries/api/vdri/vdri.go

rmscott (Tue, 14 Apr 2020 05:35:50 GMT):
Has joined the channel.

daveek (Tue, 14 Apr 2020 10:31:12 GMT):
Hi, anyone who works on Aries dot net framework?

ayushmanss (Tue, 14 Apr 2020 13:44:51 GMT):
I have recently dirtied my hands with using dotnet framework

daveek (Tue, 14 Apr 2020 13:47:34 GMT):
by using Aries .net framework, I made a web agent and now trying to connect it with mobile agent

daveek (Tue, 14 Apr 2020 13:48:12 GMT):
like holder web agent is able to connect with issuer web agent

daveek (Tue, 14 Apr 2020 13:48:12 GMT):
holder web agent is able to connect with issuer web agent

daveek (Tue, 14 Apr 2020 13:48:43 GMT):
but for now i'm using that osma mobile agent as an example to connect with it but can't

daveek (Tue, 14 Apr 2020 13:49:19 GMT):
`dotnet run` to run it locally

daveek (Tue, 14 Apr 2020 13:50:12 GMT):
`./ngrok http http://127.0.0.1:7000/ -host-header="127.0.0.1:70 00"` to make the URL publicly accessible

daveek (Tue, 14 Apr 2020 13:50:12 GMT):
` ./ngrok http http://127.0.0.1:7000/ -host-header="127.0.0.1:70 00" ` to make the URL publicly accessible

daveek (Tue, 14 Apr 2020 13:50:12 GMT):
``` ./ngrok http http://127.0.0.1:7000/ -host-header="127.0.0.1:70 00" ``` to make the URL publicly accessible

daveek (Tue, 14 Apr 2020 13:50:12 GMT):
```./ngrok http http://127.0.0.1:7000/ -host-header="127.0.0.1:7000"``` to make the URL publicly accessible

ayushmanss (Tue, 14 Apr 2020 14:37:13 GMT):
whats the error you are getting in the mobile agent?

daveek (Tue, 14 Apr 2020 14:38:56 GMT):
'Failed to accept invite!'

daveek (Tue, 14 Apr 2020 14:39:43 GMT):
State is 'Negotiating' in Osma

tomislav (Tue, 14 Apr 2020 14:56:49 GMT):
@daveek Osma is not yet updated with a mediator agent. We are planning this effort sometime soon.

daveek (Tue, 14 Apr 2020 14:57:42 GMT):
but how it works then https://github.com/mattrglobal/osma#a-quick-demo

daveek (Tue, 14 Apr 2020 14:57:42 GMT):
but how it works then? https://github.com/mattrglobal/osma#a-quick-demo

tomislav (Tue, 14 Apr 2020 14:58:12 GMT):
In the meantime, you can use any apps out there that will help you work with the web agent. Streetcred Identity Wallet (iOS and Android) is built with the Aries .NET and should work well

daveek (Tue, 14 Apr 2020 14:58:23 GMT):
by using this example it works but not with a customize web agent

daveek (Tue, 14 Apr 2020 14:58:48 GMT):
Is there anyway to implement by own

daveek (Tue, 14 Apr 2020 14:58:52 GMT):
like any guide?

tomislav (Tue, 14 Apr 2020 14:58:59 GMT):
Yes, you can use the example as a basis for it

tomislav (Tue, 14 Apr 2020 14:59:19 GMT):
One thing you may want to consider is clearing your wallet cache, since the agent may be provisioned with your old endpoint

tomislav (Tue, 14 Apr 2020 14:59:27 GMT):
Remove anything in ~/.indy_client/wallet

daveek (Tue, 14 Apr 2020 15:00:14 GMT):
do i need to that on osma and web agent, both side?

tomislav (Tue, 14 Apr 2020 15:09:46 GMT):
it's only for web agent, osma code is in the mobile app

daveek (Tue, 14 Apr 2020 15:11:41 GMT):
I removed from OSMA too, :innocent:

daveek (Tue, 14 Apr 2020 15:11:43 GMT):
Hyperledger.Indy.WalletApi.WalletNotFoundException: 'The wallet does not exist.'

daveek (Tue, 14 Apr 2020 15:26:41 GMT):
now, i'm getting this in VS

daveek (Tue, 14 Apr 2020 15:26:45 GMT):
The application is in a break mode System.Exception: 'Agent doesnt exist'

daveek (Tue, 14 Apr 2020 15:41:23 GMT):
any idea how to fix that?

daveek (Tue, 14 Apr 2020 15:41:23 GMT):
Hi, Can anyone please explain or share some docs about Indy/Aries Threat Model? a) What's the Threat Model for Hyperledger Indy/Aries? b) Where is Indy/Aries most vulnerable to attack? c) What are the most relevant threats? d) What do I need to do to safeguard against these threats?

janl (Tue, 14 Apr 2020 18:24:11 GMT):
Hi, Just demoed in the Aries semantics WG usage of Aries Toolbox that may be of interest to this group. These are some of the findings from implementing a demo COVIN-19 immunity proof using Aries Toolbox: - Complete reset should be done through “manage down” to reset ledger + in docker “Aries” container move to trash - To setup issuer for creating schema no simply troubleshooting. Need to perform very exact steps, easy to miss steps and no message what went wrong. - Verifiable Credential disappears from Issuer but can be found on Holder. Unclear why. - Creating proof request can ONLY be done with attributes and not predicates. Get error “Error deserializing message: Schema validation failed” when trying to use predicate. - Cannot perform complex proofs across multiple schemas, option blocked to select schema def in proof request. - Presentations option has no effect. Unclear if anything supported. ToDo - Add a 3rd agent. Plan to document some of these findings so others wanting to simulate using Aries Toolbox can do it with extra pain.

rileyphughes (Tue, 14 Apr 2020 23:26:56 GMT):
This may be of interest to developers building Aries agents: https://streetcred.id/2020/04/14/connectionless-credentials/

rileyphughes (Tue, 14 Apr 2020 23:28:00 GMT):
The approach behind the ephemeral challenge, or connectionless proof requests (as shown in https://github.com/bcgov/vc-authn-oidc/blob/master/docs/DemoInstructions.md) can also be applied to credential issuance

MikeRichardson (Wed, 15 Apr 2020 07:50:39 GMT):
It looks like the problem was my Dockerfile: I needed to install node into the bcgovimages/von-image image rather than fire up node as a seperate container which was never going to work (multistage build I think it's called). I can now fire up aca-py from my node program.

MikeRichardson (Wed, 15 Apr 2020 07:50:39 GMT):
It looks like the problem was my Dockerfile: I needed to install node into the bcgovimages/von-image image rather than build the node stuff as a seperate image which was never going to work (multistage build I think it's called). I can now fire up aca-py from my node program.

MikeRichardson (Wed, 15 Apr 2020 11:22:47 GMT):
If I fire up aca-py from the command line with the admin api enabled I am seeing an error. Anyone know what this means? The command line I am using is aca-py start --inbound-transport http 0.0.0.0 8030 --outbound-transport http --endpoint http://192.168.99.100:8030 --admin 0.0.0.0 8031 --admin-insecure-mode There is an error: aries_cloudagent.core.plugin_registry ERROR Error loading admin routes: Unable to import module aries_cloudagent.protocols.present_proof.routes: No module named 'indy'

ayushmanss (Wed, 15 Apr 2020 13:47:59 GMT):
didnt know about trustbloc. But i dont really need the sidetree protocol right now as the number of public dids will be very limited.

ayushmanss (Wed, 15 Apr 2020 13:49:24 GMT):
Will it be sufficient to implement the ILedgerService interface with rest calls that write the did, diddocs, schemas and cred defs to fabric ledger?

swcurran (Wed, 15 Apr 2020 14:39:21 GMT):
Should ask this on the ACA-Py channel. I think the issue is you haven't specified a wallet/storage capability.

MikeRichardson (Wed, 15 Apr 2020 14:49:34 GMT):
not sure: i get this even when i use the exact same parameters that are used in the alice controller code; ie aca-py start --inbound-transport http 0.0.0.0 8030 --outbound-transport http --endpoint http://192.168.99.100:8030 --admin 0.0.0.0 8031 --admin-insecure-mode --label "Alice Agent" --auto-ping-connection --auto-respond-messages --wallet-type indy --wallet-name aliceagent945475 --wallet-key "Alice Agent945475" --webhook-url http://192.168.99.100:8032/webhooks --auto-accept-invites --auto-accept-requests --auto-store-credential

MikeRichardson (Wed, 15 Apr 2020 14:49:53 GMT):
i will post across to the aca-py channel

MikeRichardson (Wed, 15 Apr 2020 14:50:41 GMT):
what is the ACA-py channel?

swcurran (Wed, 15 Apr 2020 15:03:34 GMT):
It's this one #aries-cloudagent-python

MikeRichardson (Wed, 15 Apr 2020 15:05:55 GMT):
ok thanks

MikeRichardson (Wed, 15 Apr 2020 15:06:11 GMT):
ok thanks

scottz (Wed, 15 Apr 2020 15:19:08 GMT):
ok, thanks

khalifa (Wed, 15 Apr 2020 15:36:40 GMT):
Hello everyone, I am new with indy and aries. I have just finished the two courses about aries and indy LFS172x and LFS173x in edx. I have few questions: 1) How to create a public did: Anyone could create it or it depends on the deployed indy network (in its configuration)? 2) Using the aca-py agent, how could you obtain the diddoc? 3)In order to get a list of credentitals or schemas published in the ledger, we will need their id? we could not get all the lists of schemas for example? 4) My main goal is to use a local indy network with a deployed fabric blockhain, we have to gaurantee the interoperability between these two BCs. Mainly, some chaincode deployed in fabric should check some claims for the user. Is it possible to use the indy sdk, or aries inside the chaincode? Thank you in advance for your help/responses

TelegramSam (Wed, 15 Apr 2020 18:58:18 GMT):
Aries WG call on now: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31197989

YaswanthSorapalli (Thu, 16 Apr 2020 11:36:28 GMT):
Can anyone tell me that where the credentials uploaded in server (which was hosted somewhere i.e. aws). Custom blockchain was deployed on that aws server. All the credentials uploaded by agents will be stored in server or not? If stored in which format (encoded or not)?

swcurran (Thu, 16 Apr 2020 17:02:32 GMT):
1) In general it depends on the configuration of the Indy network. On the "sandbox" networks (the ones based on the dev configuration in indy), there is an endorser with a known seed that can be used to create DIDs that in turn can be endorsers. On Sovrin Mainnet, there are a set of endorsers who have private keys that can be used to sign transactions for authors. No one can create a public DID on Sovrin without contacting an endorser and getting the transaction signed (endorsed).

swcurran (Thu, 16 Apr 2020 17:04:27 GMT):
2) When you create a connection in ACA-Py, a DIDDoc is created based on the configuration of the agent - e.g. the endpoint that is defined, if there is a mediator, etc. All of that is managed in the connections handling - both creating the DID for the agent and receiving/managing a DID/DIDDoc from another agent.

swcurran (Thu, 16 Apr 2020 17:07:45 GMT):
3) Simple answer is yes. The ledger does not inherently have a "search" or "discovery" mechanism. However, since the ledger is public and reads are free, people have created tools that connect with a ledger and download every transactions, classifying them, putting them in a database so that they can be searched. The result is a way to get a list of schema. See http://indyscan.io as an example. Deploying your own is easy, although there is not a lot of need.

swcurran (Thu, 16 Apr 2020 17:11:06 GMT):
4) I don't know that much about Fabric so can't really help. Claims/Credentials are held by individuals (not on the ledger), so the interactions that you describe would not be with chaincode connecting to an Indy ledger, but by a connection to the agent that is holding the claims. I suppose in chaincode you might be able to verify a signature of a participant against a public DID on the ledger. That would not be used from claims, but just control over the DID.

swcurran (Thu, 16 Apr 2020 17:11:11 GMT):
Hope that helped!

khalifa (Thu, 16 Apr 2020 18:38:35 GMT):
@swcurran : Thank you for the detailed responses. This will help me in our project :)

khalifa (Thu, 16 Apr 2020 19:28:50 GMT):
@swcurran: I have another question, if you could help me. In our project, we have a one use case where an entity A will receive a proof presentation of claim C1 from another agent B. Is there any possibility that the entity A provides this proof presentation about C1 for A to another agent D. Thanks is advance :)

swcurran (Thu, 16 Apr 2020 19:31:54 GMT):
Funny - I just asked a similar question on the Indy channel. Technically, they can do share the proof, but what it proves in re-sharing is the question. The issue for D is whether A just made up that proof themselves? I"m not sure of the answer for that. I'd be interested in the details you have about the use case - what you are trying to do.

ayushmanss (Thu, 16 Apr 2020 23:46:25 GMT):
Hi all, Can someone tell me the roadmap of untying aries-dotnet-framework from indy-sdk. I am still stuck at the question of using fabric ledger with aries-dotnet-framework. I looked at the go framework which seems to be written more modularly providing us with a interface to use any storage we want. But it doesnt seem to be production ready and has many bugs and lack implementation of schema and credential definitions. It is not a hard requirement to use fabric ledger but how much it is possible to do so with dotnet-framework

hynese (Fri, 17 Apr 2020 09:28:51 GMT):
Has joined the channel.

hynese (Fri, 17 Apr 2020 09:30:11 GMT):
Is anyone building a mobile agent?

tomislav (Fri, 17 Apr 2020 20:18:51 GMT):
Aries framework is built with the idea of using schemas and credential definitions for issuance. How would you represent this using a fabric ledger? If you do want to go to that length, it should be possible to provide your own implementation of ISchemaService, ILedgerService, ICredentialService that uses Fabric as a ledger

tomislav (Fri, 17 Apr 2020 20:20:10 GMT):
As far as roadmap, once we have another mature implementation of credential platform, we will add support for that in Aries. There are many efforts which are becoming very good candidates for this

karburator (Fri, 17 Apr 2020 22:25:43 GMT):
Has joined the channel.

RSeitzberg (Sat, 18 Apr 2020 04:04:47 GMT):
Has joined the channel.

TimoGlastra (Sat, 18 Apr 2020 12:45:20 GMT):
Hi all, I have a question regarding aries-framework-dotnet. I'm currently writing my thesis on agencies/mediators in Aries and one of the goals is to allow inter-vendor edge agent -> mediator relationships. While looking through the code of aries-framework-dotnet I found an implementation based on the `basic-routing` message family. (https://github.com/hyperledger/aries-framework-dotnet/blob/master/src/Hyperledger.Aries.Routing/RoutingTypeNames.cs ). The aries-rfcs have no reference of this protocol or message family. Is this protocol documented somewhere, and are there any plans on making this an Aries standard? Using a combination of existing protocols (routing/forward, mediator coordination, transport return route / pickup) a part of this is already achievable, some parts are not. I think it would be great if for example an edge agent based on aries-framework-javascript could use aries-framework-dotnet as a mediator.

tomislav (Sat, 18 Apr 2020 13:06:53 GMT):
This protocol is experimental and not part of an RFC. There have been some efforts to standardize edge/mediator protocols, but nothing specific. In general, edge/mediator transport is considered to be "vendor specific" and isn't required to be standardized. While it would be nice to have other codebases being able to hook up to any mediator, it also introduces another interop family to maintain across code bases. If someone is looking to champion this effort, I'll be more than happy to provide my help.

TimoGlastra (Sat, 18 Apr 2020 13:44:50 GMT):
It would indeed introduce another interop family, but I think this would be totally worth the trouble as it fits the interoperable nature of Aries. Aries-framework-dotnet already has an internal protocol and other implementations probably want to achieve approximately the same at some point. Maybe the inbox / device info could be an optional extension to the coordinatemediaton message family. As it fits great with the subject of my thesis, I would like to pick this up. I'm however relatively new to Aries and not fully confident i'm going to take the right approach. Thank you @tomislav, your answer was really helpful

swcurran (Sat, 18 Apr 2020 13:58:11 GMT):
@TimoGlastra - having an RFC created for this would be great - much appreciated.

jljordan_bcgov (Sat, 18 Apr 2020 19:21:02 GMT):
and the community will provide robust feedback I'm sure :)

daveek (Sat, 18 Apr 2020 20:32:48 GMT):
Hi, Can anyone please explain or share some docs about Indy/Aries Threat Model? a) What's the Threat Model for Hyperledger Indy/Aries? b) Where is Indy/Aries most vulnerable to attack? c) What are the most relevant threats? d) What do I need to do to safeguard against these threats?

KGiou (Sun, 19 Apr 2020 09:11:40 GMT):
Has joined the channel.

TimoGlastra (Sun, 19 Apr 2020 18:45:42 GMT):
I've tried to wrap my head around this issue today, but have some unresolved thoughts. It doesn't seem right to introduce a new protocol when there are already protocols in place to achieve most functionality. the `basic-routing` protocol in `aries-framework-dotnet` achieves the following: - Retrieving messages - Deleting messages - Add keys for which messages should be stored - Add device info (for push notifications I assume) The adding of keys for which to store messages could be achieved using the already existing Mediator Coordination Protocol. This allows to separate the storing of messages from the forwarding of messages. When an endpoint is available for the recipient the Mediator Coordination Protocol in itself is sufficient to setup mediation. When the recipient of a message does not have an endpoint a way is needed to retrieve messages. Currently the pickup protocol can be used for this. This is however only for picking up pending messages and doesn't have an inbox. Compare it to POP where messages are deleted after retrieval. As per PR 414 (https://github.com/hyperledger/aries-rfcs/pull/414#issuecomment-594466265) an error in the flow could introduce for lost messages. To solve this retrieval of messages could be separated from the deletion of messages . This is how the `basic-routing` protocol in `framework-dotnet` currently does this. In a comment on explicitly separating the pickup from the release-from-server-storage process, Daniel Hardman said that it would be so close to how IMAP works we maybe should abandon the pickup protocol all together and let agents use IMAP instead (https://github.com/hyperledger/aries-rfcs/pull/414#issuecomment-594689457). Although he makes a valid point, I think the complexity of integrating IMAP into agents is way above that of a simple message access protocol in Aries. Also the implementation of the `basic-routing` protocol shows the need for something like this. I created a quick 'Message Access Protocol' document based on the pickup protocol, inspired by the `basic-routing` protocol. It would replace the pickup protocol. It is nowhere near complete, but gives an idea of the goals: https://hackmd.io/BFh1ZQN4SNWxLgybqzazkA I did not add a the concept of an inbox. The implementation in `aries-framework-dotnet` where this design is partially based on does use an inbox. Would it be useful to introduce the concept of inboxes? It could also be implied that when an agent is granted mediation trough the Mediator Coordination Protocol an 'inbox' is automatically created. This would only leave the 'Add device info' functionality. For this maybe some metadata functionality could be added to the protocol. Or maybe something like out-of-band notification info that the mediator could use to notify the edge agent of new messages (e.g. device id for push notifications) I think the impact of not defining a protocol for this would be that interoperability between different code-bases would be harder. I would really appreciate some thoughts on this topic. If we can come to an agreement I will invest the time of creating an RFC. @swcurran @jljordan_bcgov @tomislav also pinging @danielhardman due to the comments on IMAP, and @TelegramSam as the author of the pickup protocol.

rahulsingh26 (Mon, 20 Apr 2020 08:13:16 GMT):
Has joined the channel.

rahulsingh26 (Mon, 20 Apr 2020 08:13:17 GMT):
Hello Everyone, could anyone please me, how can i create frontend and backend in Hyperledger Aries ? How to manage wallet on client side ? thanks,

philippede (Mon, 20 Apr 2020 08:35:50 GMT):
Has joined the channel.

philippede (Mon, 20 Apr 2020 08:35:50 GMT):
Hi! I want to create an edge agent, which is capable of generating a QR-Code with the aries connection protocol (https://github.com/hyperledger/aries-rfcs/tree/master/features/0160-connection-protocol) to establish a connection with an existing wallet app (eg. esatus wallet app). I started the aries cloudagent and a local Pool on my server. Does anyone know where I can find how to create an edge Agent with Aries? Or are there some samples that I could use?

RicardoPeixoto (Mon, 20 Apr 2020 10:59:28 GMT):
Has joined the channel.

ayushmanss (Mon, 20 Apr 2020 16:29:44 GMT):
Hi tom, isnt credential def and schema and Did are just key value pairs on the ledger? Say in case of indy ledger when i ask for a credential def lookup dont i just get the value and then use it? Maybe I am missing something. I havent really gone into the functioning of indy or how and why it does what it does. I just want to know if changing underlying key value pair storage will do the trick or it is going to take much molre than that

tplooker (Tue, 21 Apr 2020 02:44:47 GMT):
Hi all for those who are not connected over at DIF where I placed a similar message in the claims and credentials working group, we (Mattr) will be demoing a new digital signature approach to ZKP capable verifiable credentials at IIW that have the following properties. - Do not require credential definitions so hence are ledger agnostic i.e only require a did on a ledger - Assertion format agnostic (i.e you could render them as a JWS or linked data proofs) we will be showing how to use with linked data proofs (i.e JSON-LD) - More performant due to the underlying crypto used (ECC based rather than RSA) - Smaller in size also due to the change in crypto primitive used e.g (ECC based rather than RSA) - Verifiable credential spec compliant Following this we will be open sourcing a reference implementation along side a specification for the scheme

dileban (Tue, 21 Apr 2020 08:19:17 GMT):
I went through the Aries RFCs. To the contributors of the DIDComm protocol, was there a strong reason for preferring JSON (and related frameworks) over Protobufs (+gRPC)? This question isn't directly related to the Aries project, but rather keen to learn, in the general sense, the reasoning for preferring JSON for a messaging protocol over a fast and compact alternative like Protobuf. I've been evaluating the two for a cross-chain communication protocol and looking for a convincing case for why I would need to pick JSON instead of Protobufs+gRPC

philippede (Tue, 21 Apr 2020 11:18:59 GMT):
Or are there any ready-to-use Agents that I can use?

wip-abramson (Tue, 21 Apr 2020 13:16:48 GMT):
This sounds cool. Does the signature scheme allow for all anon cred goodness? I.e selective disclosure, composition of attributes from multiple credentials etc

TelegramSam (Tue, 21 Apr 2020 14:28:17 GMT):
It was a discussion of interoperability over efficiency. The main contender in the discussion was cbor vs json, but the same argument goes for protobufs.

TelegramSam (Tue, 21 Apr 2020 14:28:30 GMT):
DIDComm is message based (on purpose), so RPC approaches are not a great fit.

TelegramSam (Tue, 21 Apr 2020 14:30:44 GMT):
We didn't forever exclude other formats, but did want to start with a single one and get traction there first.

tomislav (Tue, 21 Apr 2020 14:31:28 GMT):
I think one argument for JSON over Protobuf in the early stages of discussion was the ability to work with human readable format.

TelegramSam (Tue, 21 Apr 2020 14:32:27 GMT):
That was certainly one of the 'developer friendliness' points.

tomislav (Tue, 21 Apr 2020 14:34:58 GMT):
I have worked with Protobuf quite a bit and I can say it worked very well to define the Sawtooth messaging protocol, so I personally prefer it over JSON. There are some nuances to keep in mind, like the Any type, inheritance, platform specific behaviors (nulls to empty strings, etc). Other than that, it's a great choice and combines with gRPC can be a great base for a messaging protocol

tomislav (Tue, 21 Apr 2020 14:34:58 GMT):
I have worked with Protobuf quite a bit and I can say it worked very well to define the Sawtooth messaging protocol, so I personally prefer it over JSON. There are some nuances to keep in mind, like the Any type, inheritance, platform specific behaviors (nulls to empty strings, etc). Other than that, it's a great choice and combined with gRPC can be a great base for a messaging protocol

tomislav (Tue, 21 Apr 2020 14:58:28 GMT):
@TelegramSam @tplooker - Can you guys please review this PR when you get a chance? https://github.com/hyperledger/aries-mobileagent-xamarin/pull/3

jljordan_bcgov (Tue, 21 Apr 2020 18:17:06 GMT):
Thanks for sharing this Tobias .. we on the BC Gov team are looking forward to collaborating on this and working to bring scaling and interoperability at the credential format level without compromising our legislative requirements to offer privacy respecting and personal agency enhancing digital trust capabilities to our citizens and organizations. This should fit very nicely into our modular Aries frameworks!

ultimo2020 (Tue, 21 Apr 2020 19:02:21 GMT):
Hi I am researching the code in the https://github.com/hyperledger/indy-sdk/blob/master/docs/how-tos/write-did-and-query-verkey/README.md and understand the actions, I was wondering if there is an mobile or web demo on github of an finished indy-sdk agent, would be also great that interacts with Sovrin builder net

MALodder (Tue, 21 Apr 2020 19:03:38 GMT):
@wip-abramson yes it does

swcurran (Tue, 21 Apr 2020 22:34:47 GMT):
This is a big question. I have put together a document that provides a summary of what I see as the various threats to different parts of the ecosystem. Please review and add comments and questions to the document. https://docs.google.com/document/d/1M1-Xi99-pkgDnFiYmoc12b3eMgkyBC_HqYZMrTrCkCI/edit?usp=sharing

daveek (Tue, 21 Apr 2020 22:36:32 GMT):
I will, Thanks :)

dileban (Tue, 21 Apr 2020 23:03:40 GMT):
Thanks @TelegramSam and @tomislav . @TelegramSam I would have thought a message-oriented protocol can be built quite easily over a general-purpose transport like gRPC, so long as the message semantics have nothing to do with the gRPC procedural semantics, i.e. each message is a self-contained unit that can, in theory, use any transport. From my readings of the Aries RFCs I get the impression this was one of the core design principles for the protocol. Decoupling the message from the transport protocol makes a lot of sense. I also agree on ease of debugging. Readability without having to rely on deserilaiztion code is a plus.

dileban (Tue, 21 Apr 2020 23:03:40 GMT):
Thanks @TelegramSam and @tomislav . @TelegramSam I would have thought a message-oriented protocol can be built quite easily over a general-purpose transport like gRPC, so long as the message semantics are independent of the gRPC procedural semantics, i.e. each message is a self-contained unit that can, in theory, use any transport to drive the broader protocol converstation. From my readings of the Aries RFCs I get the impression this was one of the core design principles for the protocol. Decoupling the message from the transport protocol makes a lot of sense. I also agree on ease of debugging. Readability without having to rely on deserilaiztion code is a plus.

dileban (Tue, 21 Apr 2020 23:04:13 GMT):
What transport and messaging framework does the Aries agent rely on currently?

dileban (Tue, 21 Apr 2020 23:07:30 GMT):
@tomislav Are you aware of any documentation that discusses the design principles behind the Sawtooth messaging protocol?

esplinr (Wed, 22 Apr 2020 14:02:25 GMT):
Starting the Aries WG A call: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31197639

swcurran (Wed, 22 Apr 2020 18:52:17 GMT):
@rjones could you create an "aries-agent-test-harness" channel for us? I can update the purpose and details about the channel.

rjones (Wed, 22 Apr 2020 18:52:17 GMT):
Has joined the channel.

swcurran (Wed, 22 Apr 2020 18:52:25 GMT):
Please :-)

rjones (Wed, 22 Apr 2020 18:53:20 GMT):
Done :)

TelegramSam (Wed, 22 Apr 2020 19:03:34 GMT):
Aries WG call on now: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31198460

mccown (Wed, 22 Apr 2020 20:51:01 GMT):
Implementer’s Call Invite Just a reminder about the Identity Implementer's WG Call tomorrow morning (April 23th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest will be Pico Labs (@sanbachs from BYU) who will present their research into Verifiable Credentials. They will be giving a system demonstration for how verifiable credentials can be used to conduct commerce. Here is the calendar invite with times and Zoom details. https://tinyurl.com/y7ntqd4n

amahera (Thu, 23 Apr 2020 11:26:47 GMT):
Has joined the channel.

amahera (Thu, 23 Apr 2020 11:26:48 GMT):
Hi all, I have a question regarding Aries MobileAgent Xamarin. What is the proper way to get a credential offer(issuer sends it) and process? There is a method called ListOffersAsync on ICredentialService but seems like it's not what I'm seeking or it does not work as I thought.

tomislav (Thu, 23 Apr 2020 12:33:45 GMT):
If the issuer sent it, you should see it using `ListOffersAsync`

tomislav (Thu, 23 Apr 2020 12:34:17 GMT):
Next step would be to send back request using `CreateRequestAsync`

tomislav (Thu, 23 Apr 2020 12:38:31 GMT):
@rjones @TelegramSam Can we add the members of the group - https://github.com/orgs/hyperledger/teams/aries-framework-dotnet-committers as commiters to `aries-mobileagent-xamarin`? We need to start reviewing and merging PR's as well as work with issues people have been reporting.

amahera (Thu, 23 Apr 2020 12:50:04 GMT):
@tomislav , I tried to make that works with https://email-verification.vonx.io/ and it sends credential offer to me but ListOffersAsync always return nothing. Does instance of IAgentContext requires some additional configuration?

amahera (Thu, 23 Apr 2020 12:50:04 GMT):
@tomislav, I tried to make that works with https://email-verification.vonx.io/ and it sends credential offer to me but ListOffersAsync always return nothing. Does instance of IAgentContext requires some additional configuration?

amahera (Thu, 23 Apr 2020 12:50:04 GMT):
@tomislav, I tried to make that works with https://email-verification.vonx.io/ and it sends credential offer to me but ListOffersAsync always returns nothing. Does the instance of IAgentContext requires some additional configuration?

HLFPOC (Thu, 23 Apr 2020 13:37:42 GMT):
Hello All, Wanted to understand how the below mentioned scenario can be handled in Aries/Indy ecosystem: a) Alice gets her Degree Credential from Faber University. b) Her Degree Credential has a `gpa` attribute and its value issued to Alice is `7`. c) Alice now applies for job at Acme and Acme sends proof request to validate Alice's Degree Credential. d) Acme has a strict criteria mentioned in the proof request that `gpa` of the candidate *must be greater or equal* than `7`. e) Alice fulfills the criteria from her Degree Credential and gets the Job at Acme. f) After few days, Faber university realizes some issues with the `gpa` of Alice and revokes her previous credential and issues her a new credential with a corrected `gpa`, which now is `6.5` Now the question is, as Alice has already got her job offer from Acme and also started working there, how Acme can be notified about the revoked/updated credential of Alice's Degree certificate ? This notification to Acme might be important because as per the new credential, Alice does not meet the required criteria for employment.

kh_touati (Thu, 23 Apr 2020 13:41:35 GMT):
Has joined the channel.

rjones (Thu, 23 Apr 2020 13:59:36 GMT):
@tomislav done

danielhardman (Thu, 23 Apr 2020 14:07:24 GMT):
If any of you are looking for funding opportunities, I was recently contacted by FundingBox, which is offering a series of grants focused on SSI. Here is info about how to apply: https://docs.google.com/document/d/1B_FodvXByY_watY__zhXpHe46JkJl6PYMRS4o0QsfRc/edit#heading=h.tb9oziu8rfpq

ultimo2020 (Thu, 23 Apr 2020 20:49:46 GMT):
Hi everyone. I am taking a look at the: https://github.com/hyperledger/indy-sdk/blob/master/README.md is there some good example of an already built agent on indy/Aries with sample code and demo?

swcurran (Thu, 23 Apr 2020 20:51:50 GMT):
There are several. Check out ACA-Py - https://github.com/hyperledger/aries-cloudagent-python It's in use in a few places and lots of demos in the /demo folder. The aries-framework-dotnet is the other mature Indy/Aries agent framework.

ultimo2020 (Thu, 23 Apr 2020 20:54:45 GMT):
Thanks. Those are cloud demos. Is there maybe a particular example of a local agent wallet demo with basic functionality, like did writes to Sovrin builder net maybe?

swcurran (Thu, 23 Apr 2020 20:57:48 GMT):
The ledger being written to/used is just a config for any of the agents. You just pass in a genesis file to connect to any network. By wallet, do you mean a mobile agent (which should be the only thing we call a wallet :-) ). If so, the most advanced is aries-mobileagent-xamarin. It is based on aries-framework-dotnet and can target Android or IOS. If so,

ultimo2020 (Thu, 23 Apr 2020 20:59:09 GMT):
OK. Thanks. Will check out the demos of the controller and start with cloud agent. Nice work btw

DavidSeoane (Fri, 24 Apr 2020 06:42:27 GMT):
Has joined the channel.

DavidSeoane (Fri, 24 Apr 2020 06:42:28 GMT):
Thx @danielhardman for sharing SSI Funding Opportunity, next deadline is 30th April. Here the access to the open calls with 5.6M€ available in funding. Next call will have available up to 106K€ per project: http://bit.ly/eSSIF-Lab

swcurran (Fri, 24 Apr 2020 19:10:26 GMT):
The short answer is that there is no mechanism for that except for Alice to notify Acme (aka "Do the Right Thing"), and that is OK. Consider the same scenario in the paper world - it's exactly the same (which is what we want). If Acme can monitor verified credentials without the holders permission, we wind up in a surveillance situation. - Since Faber has no idea where Alice used her credential, they don't know who to notify. - Since ACME got a trusted credential, they have no need to assume it is otherwise good. - If ACME later discovers the error, they might stop trusting Faber (since they are not authoritative, not trustworthy), but they aren't going to continually ping Alice or Faber to ask "Is that information I received still right?" - Faber could announce that they had a problem with the issuance of credentials, but that is use case specific. Might work for a ubiquitous issuer - e.g. the gov't or a credit card company.

swcurran (Sat, 25 Apr 2020 20:53:23 GMT):
For those going to IIW, I went to the orientation session today and it was worth the time. The platform is an IIW-style Open Space running on top of Zoom. If you have been to IIW and know Zoom it will make sense, but worth going to the orientation. The platform is pretty cool!

adamjlemmon (Mon, 27 Apr 2020 10:43:04 GMT):
Has joined the channel.

Siva_Kannan (Mon, 27 Apr 2020 14:34:22 GMT):
Has joined the channel.

EdEykholt (Mon, 27 Apr 2020 17:49:57 GMT):
Question about hyperledger-aries-dotnet tests: I'm getting "Hyperledger.Indy.InvalidStateException : The SDK library experienced an unexpected internal error." on many of the tests. Perhaps my underlying Indy version is not as expected? I'm running libindy_1.15.0. What version should I be running? Other clues?

EdEykholt (Mon, 27 Apr 2020 18:03:58 GMT):
Next question: I've seen the progress on migrating Osma to aries-mobileagent-xamarin, which is great. The demo video mentioned in the README was inspiring (although I'm also having trouble reproducing those steps). Is this new project intended to essentially replace the xamarin-forms example in hyperledger-aries-dotnet, or will both be maintained?

conanoc (Tue, 28 Apr 2020 07:24:40 GMT):
See this sample app. It generates QR-code for connection. https://github.com/hyperledger/aries-framework-dotnet/tree/master/samples/aspnetcore

shonjs (Tue, 28 Apr 2020 08:53:46 GMT):
I am getting error that the DLL "indy" cannot be found, when running the mediator in the

shonjs (Tue, 28 Apr 2020 09:07:08 GMT):
I am having a problem with running the mediator in aries xamarin agent. Getting an error that the DLL "indy" or one of its dependencies was not loaded because it was not found. I think it ran properly once before ( not entirely sure ). I saw there was a release yesterday in the routing.mediator nuget package and updated that.I reverted it to precut version but same result.

kh_touati (Tue, 28 Apr 2020 12:14:36 GMT):
internal error

tomislav (Tue, 28 Apr 2020 12:50:07 GMT):
What platform? Mac, windows?

thinhnnd (Tue, 28 Apr 2020 13:44:30 GMT):
Did you install the libindy on your computer? If not, you should check out this link: https://github.com/hyperledger/indy-sdk#installing-the-sdk

thinhnnd (Tue, 28 Apr 2020 13:59:17 GMT):
Can anyone explain or give me some docs about `restriction` field on the proof request message? As my understanding, it uses to restrict credentials can use to present proof. For example, proof request with "`issuer_did`" restriction only allow the credential that issued by the party has *did * same as the "issuer_did". Is it right? And what field can be restriction? On the aries-acapy-controllers sample, the `restriction` is `cred_def_id`.

sklump (Tue, 28 Apr 2020 14:03:18 GMT):
schema_id, schema_issuer_did, schema_name, schema_version, cred_def_id, issuer_did.

sklump (Tue, 28 Apr 2020 14:04:26 GMT):
To qualify, a credential must match the restriction(s). In a list of restriction dicts, match AND within dicts and OR between them. Clear?

thinhnnd (Tue, 28 Apr 2020 14:21:16 GMT):
It's totally clear. Thanks for your help

swcurran (Tue, 28 Apr 2020 14:40:57 GMT):
Also name and value can be specified.

sklump (Tue, 28 Apr 2020 14:42:33 GMT):
Are you sure? https://github.com/hyperledger/indy-sdk/blob/eb32486c4660b392db7b64643ae7a310eb158337/wrappers/python/indy/anoncreds.py#L1180

sklump (Tue, 28 Apr 2020 14:42:33 GMT):
Are you sure? https://github.com/hyperledger/indy-sdk/blob/eb32486c4660b392db7b64643ae7a310eb158337/wrappers/python/indy/anoncreds.py#L1180 You could specify name/value in extra WQL query parameter.

shonjs (Tue, 28 Apr 2020 14:44:24 GMT):
Windows

shonjs (Tue, 28 Apr 2020 14:49:24 GMT):
Ok will do. Do I need libindy installed for the xamarin agent or the mediator to run?

shonjs (Tue, 28 Apr 2020 14:50:16 GMT):
Ok will do. Do I need libindy installed for the xamarin agent or the mediator to run?

thinhnnd (Tue, 28 Apr 2020 15:08:36 GMT):
The link above is for the Windows, the Aries MobileAgent Xamarin have its own instruction for libindy. you should read this: https://github.com/hyperledger/aries-mobileagent-xamarin#getting-started

thinhnnd (Tue, 28 Apr 2020 15:08:36 GMT):
The link above is for the Windows (or another platforms). The Aries MobileAgent Xamarin have its own instruction for setup *libindy*. you should read this: https://github.com/hyperledger/aries-mobileagent-xamarin#getting-started

thinhnnd (Tue, 28 Apr 2020 15:08:36 GMT):
The link above is setup *libindy *on Windows for the Mediator. The Aries MobileAgent Xamarin have its own instruction for setup *libindy*. you should read this: https://github.com/hyperledger/aries-mobileagent-xamarin#getting-started

thinhnnd (Tue, 28 Apr 2020 15:08:36 GMT):
The link above is setup *libindy *on Windows for the *Mediator*. The Aries MobileAgent Xamarin have its own instruction for setup *libindy*. you should read this: https://github.com/hyperledger/aries-mobileagent-xamarin#getting-started

shonjs (Tue, 28 Apr 2020 16:16:08 GMT):
Ok got it. Yes it is working now.i dint have the libindy DLLs on the env path Thank you

zossimov (Tue, 28 Apr 2020 23:42:26 GMT):
Hi, anyone knows why the new osma version can't connect with web agent? it crashed my osma app and even Visual Studio? @tomislav ?

zossimov (Tue, 28 Apr 2020 23:42:26 GMT):
Hi, anyone knows why the new osma version can't connect with web agent? when scan the invitation, it crashed the osma app and even Visual Studio. @tomislav ?

tomislav (Wed, 29 Apr 2020 00:12:09 GMT):
There's a bug on Android with the scanner. I haven't had the time to fix it. Should be a small fix

SUSHOBHAN (Wed, 29 Apr 2020 06:28:32 GMT):
Has joined the channel.

zossimov (Wed, 29 Apr 2020 08:34:31 GMT):
ok

zossimov (Wed, 29 Apr 2020 08:34:31 GMT):
okay

tomislav (Wed, 29 Apr 2020 21:19:30 GMT):
@zossimov This is now fixed with latest commit.

ayushmanss (Wed, 29 Apr 2020 21:28:30 GMT):
Hi all, I have run into a blocker and been banging my head since. REQUIREMENT - I want to run postgres with the aries-dotnet framework SOLUTION - I figured it can be the same as it is done with python-cloudagent. Basically load the library before calling any wallet functions and indy-sdk will take care of the rest PROBLEM - I didnt find any dll for indystrgpostgres and decided to build from source. I followed the steps exactly for building libindy for windows and the image build out without any errors but I get "Unhandled exception. System.BadImageFormatException: Bad IL format." when I try to load the library using "AssemblyLoadContext.Default.LoadFromAssemblyPath". REASON - I want to run mediator for large number of users and hence need HA and thus need a better common wallet storage for multiple instances of dotnet mediator containers running Any solution to the problem will be really helpful

pknowles (Thu, 30 Apr 2020 06:53:46 GMT):
@mtfk and I hosted an IIW session on *OCA* [Overlays Capture Architecture] yesterday which included a demo using an Aries toolbox adaptation. Here is the link ... https://drive.google.com/file/d/13yuupet1o_oysdEjM99avsT5aPqs4DY9/view?usp=sharing

pknowles (Thu, 30 Apr 2020 06:53:46 GMT):
@mtfk and I hosted an IIW session on *OCA* [Overlays Capture Architecture] yesterday which included a demo using an Aries toolbox adaptation. Here is the link: https://drive.google.com/file/d/13yuupet1o_oysdEjM99avsT5aPqs4DY9/view?usp=sharing

pknowles (Thu, 30 Apr 2020 06:53:46 GMT):
@mtfk and I hosted an IIW session on *OCA* [Overlays Capture Architecture] yesterday which included a demo using the Aries toolbox. Here is the link: https://drive.google.com/file/d/13yuupet1o_oysdEjM99avsT5aPqs4DY9/view?usp=sharing

pknowles (Thu, 30 Apr 2020 06:53:46 GMT):
@mtfk and I hosted an IIW session on *OCA* [Overlays Capture Architecture] yesterday which included a demo using the Aries toolbox. Here is the link - https://drive.google.com/file/d/13yuupet1o_oysdEjM99avsT5aPqs4DY9/view?usp=sharing

pknowles (Thu, 30 Apr 2020 06:53:46 GMT):
@mtfk and I hosted an IIW session on *OCA* [Overlays Capture Architecture] yesterday which included a demo using the Aries toolbox. Here is the video link - https://drive.google.com/file/d/13yuupet1o_oysdEjM99avsT5aPqs4DY9/view?usp=sharing

HLFPOC (Thu, 30 Apr 2020 09:55:38 GMT):
Hi All, wanted to understand the flow of credential verification in a credential registry. I went through the OrgBook and this is my understanding so far: --An Issuer will issue credentials to a public registry --This public registry will receive credential and will have a mechanism populate the claims on a public website (using APIs) whenever a user search for it. --Once the claims are displayed to the user, verification of the claims can also be done from the website. How does this verification takes place? Which agent sends the proof request and which one validated the credentials? And how the verification result is displayed back to the user?

zossimov (Thu, 30 Apr 2020 13:00:29 GMT):
@tomislav didn't really helped. If it's working fine for you, then maybe I'm missing something? Any idea's what I'm doing wrong?

zossimov (Thu, 30 Apr 2020 13:00:29 GMT):
@tomislav didn't really helped. If it's working fine for you, then maybe I'm missing something? Any idea what I'm doing wrong?

tomislav (Thu, 30 Apr 2020 13:49:19 GMT):
What error are you seeing?

Moshe7 (Thu, 30 Apr 2020 20:51:15 GMT):
Has joined the channel.

zossimov (Thu, 30 Apr 2020 21:54:18 GMT):
sorry my bad, it's working fine. thanks

zossimov (Thu, 30 Apr 2020 21:55:34 GMT):
can I offer credentials to osma? Is the feature for credentials request/accept is in osma?

zossimov (Thu, 30 Apr 2020 21:56:15 GMT):
and if yes, where is the code for and no, how can I possible do that?

tomislav (Thu, 30 Apr 2020 21:56:18 GMT):
You should be able to. I personally haven't tested if it works.

zossimov (Thu, 30 Apr 2020 21:57:51 GMT):
I actually `SendTrustPing`, I get the successful message on web agent but nothing happens on osma side!

zossimov (Thu, 30 Apr 2020 21:58:12 GMT):
any reference to? if want to add

zossimov (Thu, 30 Apr 2020 21:58:12 GMT):
any reference to? if want to ad

tomislav (Thu, 30 Apr 2020 21:58:28 GMT):
Something must have happend since you got a response back. Just the UI doesnt reflect it

zossimov (Thu, 30 Apr 2020 21:58:42 GMT):
aah

zossimov (Thu, 30 Apr 2020 21:58:58 GMT):
u wrote the osma?

tomislav (Thu, 30 Apr 2020 22:00:05 GMT):
No, the team at Mattr did. I updated it to latest Aries .NET and added mediator capabilities

zossimov (Thu, 30 Apr 2020 22:01:18 GMT):
okay, and can u @ them here? so, I can ask them some questions, and thanks.

andrew.whitehead (Thu, 30 Apr 2020 22:27:29 GMT):
At the moment the public registry (which is an agent) simply sends itself a proof request, then fulfills it with a proof and validates it. It's not a great example of a proof because that's usually between a separate holder/prover and verifier

kdenhartog (Fri, 01 May 2020 01:47:33 GMT):
@tplooker or @Liam-Tait are people you'd want to ask. I'm also on the Mattr team, but wasn't at the time this was being built and actively maintained by us.

SUSHOBHAN (Fri, 01 May 2020 05:11:30 GMT):
Is there any example of Aries Agent implementation with Go Framework?

duynht (Fri, 01 May 2020 10:25:30 GMT):
Has joined the channel.

zossimov (Fri, 01 May 2020 14:42:53 GMT):
@kdenhartog thanks, my question for them is can I offer credentials to osma from web agent? Is the feature for credentials request/accept is in osma?

swcurran (Fri, 01 May 2020 14:50:04 GMT):
Yes, you can find it here: https://github.com/hyperledger/aries-framework-go

tomislav (Fri, 01 May 2020 15:51:08 GMT):
@zossimov Both OSMA and the Web Agent are open source. I invite you to look through the code and find answers what is supported there. A good starting point would also be to get familiar with Aries and its main protocols, issuance, did exchange, presentation, etc.

zossimov (Fri, 01 May 2020 15:51:41 GMT):
@tomislav thanks, I will.

EdEykholt (Sat, 02 May 2020 00:01:52 GMT):
In Hyperledger.MobileAgent.Xamarin (Osma), the implementations of an IAgentProvider and IEdgeProvisioningService are found through the magic of IoC and Autofac. These appear to be from Hyperledger.Aries.Agents.Edge. See https://github.com/hyperledger/aries-mobileagent-xamarin/blob/master/src/Osma.Mobile.App/ViewModels/RegisterViewModel.cs#L19 My C# solution is not using Autofac or ReactiveUi (but currently MvvmCross). How can an AgentProvider and EdgeProvisioningService be created or found explicitly?

jcourt (Sat, 02 May 2020 01:33:50 GMT):
Quick question, where is the appropriate place to discuss proposed RFCs ? RFC023 introduces the ~service decorator but then doesn't actually use it. Seems to be a case of not changing this from the superseded RFC0160 to use the decorator technique.

pknowles (Sat, 02 May 2020 11:50:17 GMT):
Best coined phrase of the week by @PhilippeP following random sleep patterns post the first online edition of IIW ... " _virtual jet lag_ " ... Love it!

PhilippeP (Sat, 02 May 2020 11:50:17 GMT):
Has joined the channel.

profae (Sat, 02 May 2020 13:43:45 GMT):
Has joined the channel.

tomislav (Sat, 02 May 2020 14:00:27 GMT):
MvvmCross has been largely lacking support for modern patterns. Aries .NET relies on the dependency injection packages using `IServiceCollection` and `IServiceProvider`. Most DI frameworks support these. MvvmCross still rolls their own thing. Having said that, you would have to register all services yourself to work with MvvmX. As someone who has used MvvmX in the past quite a lot, I would advise against it. It's a very opinionated framework that lacks good support. An alternative I can suggest is a framework designed and maintained by the Xamarin team which is very lightweight and open source. In fact, it's a copy/paste kind of solution - you pick the features you want and just add them to your code. https://github.com/xamcat/mobcat-library

swcurran (Mon, 04 May 2020 13:45:59 GMT):
Raise an issue on GitHub is best. There is a major change to DID-Exchange (0023) coming shortly that references the use of the Out of Band Protocol rather than the invitation that is in DID-Exchange. Suggest that you take a look at that - https://github.com/hyperledger/aries-rfcs/pull/454. I'll check on why that has not been merged as we have mostly got agreement on it.

SethiSaab (Mon, 04 May 2020 19:35:52 GMT):
Hi team , I have a requirement where i want some optional attributes in schema ....

SethiSaab (Mon, 04 May 2020 19:36:18 GMT):
indy.issuerCreateSchema(governmentDid, 'Job-Certificate', '0.2', ['first_name', 'last_name', 'salary', 'employee_status', 'experience']);

SethiSaab (Mon, 04 May 2020 19:36:30 GMT):
Here i want 'first_name', 'last_name' as null

SethiSaab (Mon, 04 May 2020 19:36:42 GMT):
I mean issuer can leave this values as blank at the time of schema creation

SethiSaab (Mon, 04 May 2020 19:36:42 GMT):
I mean issuer can leave this values as blank at the time of issuance of VC

swcurran (Mon, 04 May 2020 21:16:18 GMT):
@sklump could probably answer better. I would assume making the values an empty string would be fine, null, possibly OK as well. Do you care between those two?

spacemandev (Tue, 05 May 2020 01:43:40 GMT):
so before i make an issue on the github, i wanted to ask here in case this is a simple answer and i'm just missing something. Reading through RFC 104 (Chained Credentials) it seems to imply that there exists a way currently for a NON public DID holding entity to issue a credential to a connection. Is that possible with current aries tooling?

spacemandev (Tue, 05 May 2020 01:43:56 GMT):
https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0104-chained-credentials

swcurran (Tue, 05 May 2020 02:50:24 GMT):
AFAIK - no, there is not a way to do this in the anoncreds 1.0 implementation. I believe that it is in Ursa (not certain), and I'm not sure the effort/path to get it into Indy.

philippede (Tue, 05 May 2020 08:41:59 GMT):
Hi, when I start my Aries Cloudagent it can't connect to my Ledger. It says "Ledger instance not provided". I setup a pool with docker and started the Aries Cloudagent with the following command: aca-py start --inbound-transport http 0.0.0.0 8070 --outbound-transport http -e http:///endpoint --admin 8073 --admin-insecure-mode --genesis-file /var/sovrin/temp.txn --debug --log-level DEBUG I started the Pool with the IP adress of my domain. Does somebody know what the problem is? Thank you!

sklump (Tue, 05 May 2020 10:09:27 GMT):
All attributes are mandatory. In aca-py, null values come out as `"None"`. An empty string `""` is another possibility. Raw values must encode to some integer, and so attributes must have (string) values to encode.

SethiSaab (Tue, 05 May 2020 10:10:51 GMT):
ok ,thanks alot sir

SethiSaab (Tue, 05 May 2020 10:11:24 GMT):
i was fguring it out if there is any way where we can add validation at credential schema creation level

SethiSaab (Tue, 05 May 2020 10:11:40 GMT):
but its fine

SethiSaab (Tue, 05 May 2020 10:11:45 GMT):
it will work for me

sklump (Tue, 05 May 2020 10:12:54 GMT):
All attributes are mandatory in a schema/cred def. Rich schema may provide optional attributes - that spec continues to evolve: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0420-rich-schemas-common

kdenhartog (Tue, 05 May 2020 23:32:16 GMT):
I believe this is theoretically possible, but not implemented as @swcurran pointed out. I also think this would run into verification issues if the verifier couldn't resolve the issuing DID. In the case of an n-wise relationship this could be useful though.

shonjs (Wed, 06 May 2020 09:57:59 GMT):
Does the latest aries xamarin agent work with acapy. Anyone knows? Trying to debug. So far I am getting schema validation errors from acapy end for connection request messages and queries going through the mediator. Or is there any compatible versions. Using the latest acapy docker image from bcgov hub repo

shonjs (Wed, 06 May 2020 09:57:59 GMT):
Does the latest aries xamarin agent work with acapy. Anyone knows? Trying to debug. So far I am getting schema validation errors from acapy end for connection request messages and queries going through the mediator. Or is there any compatible versions. I am using the latest acapy docker image from bcgov hub repo

shonjs (Wed, 06 May 2020 11:05:10 GMT):
Resolved. Seems mobile client has to set "AgentName" in agent options, which is mapped to label name, which seems to be required (although the ConnectionRecords shows it as not required).

esplinr (Wed, 06 May 2020 14:02:59 GMT):
Let me know if you have any trouble hosting the Aries WG A call today.

swcurran (Wed, 06 May 2020 15:15:36 GMT):
It went really well - @mtfk did a great job! We missed you, @esplinr -- it wasn't quite the same -- but it went well.

esplinr (Wed, 06 May 2020 15:16:43 GMT):
I'm glad to hear that it went well, and it is always nice to be missed. I'll be attending off-and-on.

RicardoPeixoto (Thu, 07 May 2020 08:38:35 GMT):
Hi, in DID Exchange Protocol which messages should be signed by the sender?

troyronda (Thu, 07 May 2020 12:38:30 GMT):
We have tagged the 0.1.3 release of aries-framework-go. Please see release notes at https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.3. New features include OutOfBand protocol, Issue Credential & Present Proof protocols, did:key support. In addition there have been various bug fixes and improvements to the JSON-LD and Verifiable Credential packages.

troyronda (Thu, 07 May 2020 12:38:30 GMT):
We have tagged the 0.1.3 release of aries-framework-go. Please see release notes at https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.3. New features include OutOfBand protocol, Issue Credential & Present Proof protocols, did:key support, improved KMS features. In addition there have been various bug fixes and improvements to the JSON-LD and Verifiable Credential packages.

troyronda (Thu, 07 May 2020 12:38:30 GMT):
We have tagged the 0.1.3 release of aries-framework-go. Please see release notes at https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.3. New features include OutOfBand protocol, Issue Credential & Present Proof protocols, did:key support, improved KMS features. In addition there have been various bug fixes and improvements to the JSON-LD and Verifiable Credential packages. Docker images for the REST controller version and npm packages for the JavaScript/WASM version are available from GitHub packages.

TelegramSam (Thu, 07 May 2020 16:56:01 GMT):
Signed? Beyond the invitation (oob-invitation), the messages are sent with authenticated encryption. Signing is not necessary to validate the sender.

Alexi (Thu, 07 May 2020 16:56:09 GMT):
Hey all, Im trying to run the demo for the AMA-X https://github.com/hyperledger/aries-mobileagent-xamarin but I keep getting this error when building ``` System.DllNotFoundException: Unable to load shared library 'indy' or one of its dependencies. In order to help diagnose loading problems, consider setting the DYLD_PRINT_LIBRARIES environment variable: dlopen(libindy, 1): image not found ``` Im used to working on linux but currently find myself developing on a mac for the first time. I followed the instructions to download libindy on a mac https://github.com/hyperledger/indy-sdk#macos but do not know if I did something wrong as clearly the library is not being found. Has anyone run into this or know how to help me? I am running catalina in case that is relevant

RicardoPeixoto (Thu, 07 May 2020 17:17:43 GMT):
I think ACA-Py signs the "connection" field (did and did doc) in the response message of the connection exchange protocol. I was wondering why.

TelegramSam (Thu, 07 May 2020 17:18:35 GMT):
oh, the fields are signed to prove control of previous key.

TelegramSam (Thu, 07 May 2020 17:18:50 GMT):
the message itself is not signed. Sorry for the confusion.

rjones (Thu, 07 May 2020 17:19:17 GMT):
@TelegramSam could you look at https://github.com/hyperledger/indy-agent/pull/132 please?

TelegramSam (Thu, 07 May 2020 17:23:35 GMT):
Approved and merged. Thanks for helping clean this up.

Alexi (Thu, 07 May 2020 18:04:17 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=d64BQkvKDH8dSWm8y) Can anyone that is developing on a mac give me some guidance as to why libindy is not being found? I have set the environment variable of both DYDL_LIBRARY_PATH and the suggested on the install instructions LIBRARY_PATH to the path of the lib folder: ``` export DYLD_LIBRARY_PATH="/Library/libindy/lib/" export LIBRARY_PATH="/Library/libindy/lib/" ``` But it is still not being found Per some torubleshooting I also tried LD_LIBRARY_PATH but none seem to work

jljordan_bcgov (Thu, 07 May 2020 19:05:01 GMT):
some interested sort of related news ... https://keybase.io/blog/keybase-joins-zoom

jljordan_bcgov (Thu, 07 May 2020 19:05:01 GMT):
some interesting sort of related news ... https://keybase.io/blog/keybase-joins-zoom

mdoan (Sat, 09 May 2020 06:55:23 GMT):
Has joined the channel.

mdoan (Sat, 09 May 2020 06:56:36 GMT):
hi everyone, i'm new to aries - i was able to run pool of 4 indy nodes - where can i find tutorial/instruction to run faber example with aries ?

shonjs (Sat, 09 May 2020 07:37:18 GMT):
I have a question here. I am met with "pool config not found" error when trying to call `CreateRequestAsync`. I have added my genesis txn json to assets folder (android). I ama bit confused as to how to give the genesis file name in the agent options (since assets aren't quite like files in system). Tweaked different ways. Any pointers would be very helpful.

daveek (Sun, 10 May 2020 20:32:08 GMT):
Hi, I have few questions regarding Aries MobileAgent Xamarin: 1) Why is the wallet created on my laptop (where I build the osma)? 2) Is there any specific reason for using SQLite? Can I use other e.g. PostgreSQL? or which one you will prefer & why? 3) What Cryptographic Primitives are used to encrypt the data in database? Regards

madiazp (Mon, 11 May 2020 02:40:12 GMT):
Has joined the channel.

conanoc (Mon, 11 May 2020 02:54:01 GMT):
https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo

conanoc (Mon, 11 May 2020 03:03:16 GMT):
You need dependent libraries such as libsodium with matching version number. see https://github.com/hyperledger/indy-sdk/pull/2163

RicardoPeixoto (Mon, 11 May 2020 15:26:50 GMT):
Hi, is there a way to retrieve the master secret id from the indy wallet (indy-sdk javascript wrapper)? Or do i have to always try to create one and check if it exists already?

tomislav (Mon, 11 May 2020 17:55:06 GMT):
When you create it the first time, it gives you back an ID in a form of Guid. You can store this and reference it later. Most of the time, you want a single link secret

RicardoPeixoto (Mon, 11 May 2020 22:13:55 GMT):
But shouldn't the id be kept in secret?

priyashankar 1 (Tue, 12 May 2020 04:13:24 GMT):
Has joined the channel.

tomislav (Tue, 12 May 2020 11:36:25 GMT):
The wallet keys should. The master secret identifier is not secret on it's own, it's a random guid

RicardoPeixoto (Tue, 12 May 2020 12:10:48 GMT):
Yes but i thought the id was the seed to generate the master secret and anyone that had access to that seed could derive the same master secret. Can you point me to some, more detailed, explanation about the master secret?

tomislav (Tue, 12 May 2020 13:02:33 GMT):
It is not a seed. https://github.com/hyperledger/indy-crypto/blob/master/libindy-crypto/docs/anoncreds-design.md

RicardoPeixoto (Tue, 12 May 2020 13:50:27 GMT):
Thank you

tomislav (Tue, 12 May 2020 14:05:42 GMT):
Unfortunately, this doesn

tomislav (Tue, 12 May 2020 14:05:42 GMT):
Unfortunately, this doesn't fix the problem. There's a disconnect between `dlopen` and `otool` on Macs. `otool` can report that the library is linked against certain path, but `dlopen` may load it from a different location. This is what is currently happening, specifically with `libsodium` dependency. The packages are built against `libsodium.18.dylib`, but most of us have `libsodium.23.dylib` that is also installed with the Mac build script. One workaround I found is to copy the libsodium.23.dylib file directly in the same folder as the runtime application, but this adds a lot of friction. For the time being, I've moved to developing under Windows because of this specific issue. @Alexi I'm curious if you have a found a solution to this.

tomislav (Tue, 12 May 2020 14:11:29 GMT):
Currently, if you copy the lobsodium lib in your `bin/netcoreapp3.1/` folder where the compiled app is located, it should work.

tomislav (Tue, 12 May 2020 14:11:29 GMT):
Currently, if you copy the lobsodium lib in your `bin/[Debug|Release]/netcoreapp3.1/` folder where the compiled app is located, it should work.

RicardoPeixoto (Tue, 12 May 2020 14:14:38 GMT):
What is the standard for encoding attributes when creating a credential?

tomislav (Tue, 12 May 2020 14:16:26 GMT):
https://github.com/hyperledger/aries-rfcs/issues/391

RicardoPeixoto (Tue, 12 May 2020 14:36:54 GMT):
Is there any javascript implementation of that?

nileshv (Tue, 12 May 2020 15:54:24 GMT):
Has joined the channel.

RicardoPeixoto (Tue, 12 May 2020 21:16:29 GMT):
Should i use "None" for javascript null aswell? And the strings that are all numbers (i.e. "123456789") should be interpreted as integers?

swcurran (Wed, 13 May 2020 00:06:34 GMT):
Join us for the ACA-Py User Group tomorrow at 11AM Pacific (1 hour before the Aries WG Call). We'll be covering the latest on revocation - a tails server that anyone can use, an update on the Aries Agent Test Harness and what we thought was cool at IIW (hint - BBS+ and JSON-LD ZKPs). Zoom link will be: https://zoom.us/j/900111661; Link to meeting agenda page: https://wiki.hyperledger.org/display/ARIES/2020-05-13+Aries+Cloud+Agent+-+Python+Users+Group+Community+Meeting

swcurran (Wed, 13 May 2020 00:07:39 GMT):
To point to the RFC about this --- https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential#encoding-claims-for-indy-based-verifiable-credentials

conanoc (Wed, 13 May 2020 02:53:56 GMT):
I'm using symbolic link. ``cd /usr/local/opt/libsodium/lib; ln -s ln -s libsodium.23.dylib libsodium.18.dylib``

conanoc (Wed, 13 May 2020 02:53:56 GMT):
I'm using symbolic link. ``cd /usr/local/opt/libsodium/lib; ln -s libsodium.23.dylib libsodium.18.dylib``

RicardoPeixoto (Wed, 13 May 2020 09:44:41 GMT):
When i read the standard seems like "123456789" should be encoded as string but in the tests done in the raised issue (and in ACA-Py) it is encoded as integer

sklump (Wed, 13 May 2020 10:00:18 GMT):
* Encoding is a process mapping (raw) strings to (encoded) numeric strings. * "123456789" is encoded as a numeric string. It is not possible to encode to an integer because the encoding function outputs numeric strings. * Yes, use `None` for javascript null as well.

sklump (Wed, 13 May 2020 10:00:18 GMT):
* Encoding is a process mapping (raw) strings to (encoded) numeric strings. * `"123456789"` is encoded as a numeric string. It is not possible to encode to an integer because the encoding function outputs numeric strings. The first step of the encoding process is to stringify the input (hence `"None"` for null - yes it's python-centric but it's an artifact of history with too many years to open that up again). * Yes, use `"None"` for javascript `null` as well. Test vector treatment follows: https://github.com/hyperledger/aries-cloudagent-python/blob/2e874b905d8626151ec61c02c9a7b687174c8849/aries_cloudagent/messaging/tests/test_util.py#L74 Although now I see that the tests use the term `raw` where the input is not always truly an indy raw value. Indy raw values are stringified input. Sorry about that.

RicardoPeixoto (Wed, 13 May 2020 10:13:01 GMT):
I was assuming that it followed the json types

RicardoPeixoto (Wed, 13 May 2020 10:15:09 GMT):
For example, real booleans shoudn't be stringified right?

RicardoPeixoto (Wed, 13 May 2020 10:15:09 GMT):
For example, real booleans shouldn't be stringified right?

sklump (Wed, 13 May 2020 10:17:36 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/2e874b905d8626151ec61c02c9a7b687174c8849/aries_cloudagent/messaging/util.py#L106 Bools are 32-bit ints and so str(int()) turns them into "0", "1".

sklump (Wed, 13 May 2020 10:18:23 GMT):
However the string "True" is not a 32-bit int and so the process hashes it as-is.

RicardoPeixoto (Wed, 13 May 2020 10:19:21 GMT):
Yes, in JS i'm doing a workaround to get the same result. But is "True" and True have the same raw values and different encodes wouldn't that be be?

RicardoPeixoto (Wed, 13 May 2020 10:19:21 GMT):
Yes, in JS i'm doing a workaround to get the same result. But if "True" and True have the same raw values and different encodes wouldn't that be be?

sklump (Wed, 13 May 2020 10:20:05 GMT):
The purpose of encoding is to produce a numeric string for indy so that the Camenisch-Lyasanskaya algorithm can operate on it. It would use numbers but I don't think the underlying languages can handle numbers that big.

sklump (Wed, 13 May 2020 10:23:07 GMT):
`"True"` and `True` do not carry the same raw values. `"True"` carries a raw value of `"True"`, and `True` carries a raw value of `"1"`, into indy-sdk.

RicardoPeixoto (Wed, 13 May 2020 10:24:58 GMT):
So i should put "1" or "0" in the raw value when encoding booleans for the credential?

sklump (Wed, 13 May 2020 10:26:18 GMT):
This might be the sample of what you are seeking: https://github.com/hyperledger/aries-cloudagent-python/blob/2e874b905d8626151ec61c02c9a7b687174c8849/aries_cloudagent/issuer/indy.py#L200

sklump (Wed, 13 May 2020 10:27:35 GMT):
The raw value is the stringified input value. The encoded value is the encoded input value.

RicardoPeixoto (Wed, 13 May 2020 10:32:43 GMT):
I was following ACA-Py to implement the encoding in JS. But in python str(True) is equal to str("True"), which would collide with what i was saying above.

sklump (Wed, 13 May 2020 10:38:06 GMT):
Yes, but in python bools count as 32-bit ints: the encode() function takes bools and turns them into "0", "1".

sklump (Wed, 13 May 2020 10:39:19 GMT):
What indy calls a raw value is not the original input but necessarily a string.

sklump (Wed, 13 May 2020 10:39:19 GMT):
What indy calls a raw value is not necessarily the original input but necessarily a string.

sklump (Wed, 13 May 2020 10:40:03 GMT):
So (raw, encoded) = ("True", "1").

RicardoPeixoto (Wed, 13 May 2020 10:42:17 GMT):
Yes, but (raw encoded) = ("True", "27471875274925838976481193902417661171675582237244292940724984695988062543640") as well if the original value is the string "True". So there would be two encoded values for the same raw value. My question was if that was a problem or not.

RicardoPeixoto (Wed, 13 May 2020 10:42:32 GMT):
Yes, but (raw encoded) = ("True", "27471875274925838976481193902417661171675582237244292940724984695988062543640") as well if the original value is the string "True". So there would be two encoded values for the same raw value. My question was if that was a problem or not.

sklump (Wed, 13 May 2020 10:45:15 GMT):
Oh, the function is not invertible. "None" also ends up with the same encoding as null. There are other such cases (e.g., float 0.0 and string "0.0").

sklump (Wed, 13 May 2020 10:46:10 GMT):
It's OK because the (raw, encoded) pair are inseparable: display the raw, work on the encoded, and check for bait-and-switch on proof verification.

RicardoPeixoto (Wed, 13 May 2020 10:48:05 GMT):
I got it now. Thank you for the help :)

sklump (Wed, 13 May 2020 10:48:51 GMT):
This tiny corner of the process is way more complex than it first appears and it throws everyone. Years later I still have to check the implementation.

Alexi (Wed, 13 May 2020 22:00:35 GMT):
@tomislav I have not fixed this, I will try out @conanoc 's solution and report back. I appreciate the info guys!

Alexi (Wed, 13 May 2020 22:01:05 GMT):
@tomislav Love the beard on the ama-x tutorial btw! haha just thought it was worth a mention

tomislav (Thu, 14 May 2020 13:22:41 GMT):
LOL, thanks. It's gone now, I finally found a barber that's open :)

TelegramSam (Thu, 14 May 2020 13:29:47 GMT):
Yesterday's WG Call Recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31199948

filfwt (Thu, 14 May 2020 15:07:25 GMT):
Has joined the channel.

TelegramSam (Thu, 14 May 2020 21:14:41 GMT):
Is anybody interested in being a maintainer for the Aries Toolbox, and/or the ACA-py toolbox plugin? I have updates, and we have not adjusted maintainers to those still in the industry.

squeege (Thu, 14 May 2020 22:02:20 GMT):
Has joined the channel.

squeege (Thu, 14 May 2020 22:02:21 GMT):
Hi guys.

squeege (Thu, 14 May 2020 22:03:05 GMT):
Im getting the following error IndyException: An unmapped error with the code '307' was returned by the SDK. Anybody have an idea as to how I can get around this? It worked previously on another VM

shantsum (Sat, 16 May 2020 13:47:51 GMT):
Has joined the channel.

tomislav (Sat, 16 May 2020 20:24:32 GMT):
That's a ledger timeout error code. Your runtime can't access the ledger you're using. Could be for few reasons. If you're running a ledger in another container, perhaps the port aren't open.

cam-parra (Tue, 19 May 2020 14:11:59 GMT):
Is the WG call A canceled for today?

TelegramSam (Tue, 19 May 2020 19:38:43 GMT):
All: Last meeting we talked about URL Shortening for use in invitations, and that'd be a great topic to discuss. Any volunteers to lead that discussion?

daviddt (Tue, 19 May 2020 20:03:27 GMT):
Has joined the channel.

shantsum (Wed, 20 May 2020 10:53:47 GMT):
Hi all,

shantsum (Wed, 20 May 2020 10:58:48 GMT):
Hi all, I was running the aries xamarin agent on Windows. Managed to do the "dotnet run", however when I run the source code from Visual Studio, the following error appeared when I tried click "Create Wallet" (still using localhost:5000): [0:] System.Net.Http.HttpRequestException: Network subsystem is down ---> System.Net.Sockets.SocketException: Network subsystem is down at System.Net.Http.ConnectHelper.ConnectAsync (System.String host, System.Int32 port, System.Threading.CancellationToken cancellationToken) [0x000c8] in /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ConnectHelper.cs:65 Any idea what went wrong? Thanks!

shantsum (Wed, 20 May 2020 10:58:48 GMT):
Hi all, I was running the aries osma xamarin agent on Windows. Managed to do the "dotnet run", however when I run the source code from Visual Studio, the following error appeared when I tried click "Create Wallet" (still using localhost:5000): [0:] System.Net.Http.HttpRequestException: Network subsystem is down ---> System.Net.Sockets.SocketException: Network subsystem is down at System.Net.Http.ConnectHelper.ConnectAsync (System.String host, System.Int32 port, System.Threading.CancellationToken cancellationToken) [0x000c8] in /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/external/corefx/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ConnectHelper.cs:65 Any idea what went wrong? Thanks!

shonjs (Wed, 20 May 2020 12:45:53 GMT):
I think the issue might be connection to the mediator agent from your device/emulator. You can use ngrok to make a public ip like it is mentioned in the documentation (and the video ) in the repository. (You devices localhost is different from the localhost:5000 that the mediator is running on). But please confirm it by debug.

shonjs (Wed, 20 May 2020 12:50:56 GMT):
If you are using android emulator with Vstudio, there is a constant IP address that you can use that will route it to the machine localhost, but using ngrok is better to keep things consistent across.

shonjs (Wed, 20 May 2020 12:50:56 GMT):
If you are using android with Vstudio, there is a constant IP address that you can use that will route it to the machine localhost, but using ngrok is better to keep things consistent across.

shantsum (Wed, 20 May 2020 13:55:37 GMT):
Hi shonjs, I tried changing to the public ip from ngrok mentioned in the video.

shantsum (Wed, 20 May 2020 14:00:35 GMT):
Hi shojs, thanks for replying! I've changed the local host to the ip given by ngrok (both startup.cs and App.xaml.cs), I have a time-out error: [0:] System.Net.Http.HttpClient..ClientHandler: Information: Received HTTP response after 2162.2615ms - NotFound [0:] System.Net.Http.HttpClient..LogicalHandler: Information: End processing HTTP request after 2259.7867ms - NotFound what else could be wrong? any steps that I need to open the ports?

shonjs (Wed, 20 May 2020 14:03:33 GMT):
Any logs coming in the mediator?. Did you clear wallet files and did stuff mentioned in the video.

shonjs (Wed, 20 May 2020 14:03:33 GMT):
Any logs coming in the mediator?. Did you clear wallet files and did the other stuff mentioned in the video.

shantsum (Wed, 20 May 2020 14:32:25 GMT):
Hi @Alexi , did you manage to set the DYLD_LIBRARY_PATH? Im facing the same issue but with another environment variable DYLD_PRINT_VARIABLE on Mac. Tried seeing using export function but it doesn't register. I have tried the symbolic link but the error still persist.

Alexi (Wed, 20 May 2020 15:47:36 GMT):
@shantsum I have not gotten around to this, have been using docker containers for what ive been needing recently. But when i get to it ill report back

hamidm (Wed, 20 May 2020 17:52:47 GMT):
Has joined the channel.

hamidm (Wed, 20 May 2020 17:54:49 GMT):
Hi

hamidm (Wed, 20 May 2020 17:57:14 GMT):
HI, I jump in regarding the libindy not loading problem. After giving up making it work on Mac, I switched to Ubuntu, and it doesn't work as well, apt-get install returns the error the libindy is needing libsodium18 and it seems not listed anymore, hence the the not working. Does somebody have a workaround for ubuntu ? Thanks

hamidm (Wed, 20 May 2020 18:00:29 GMT):
Hi shantsum, I don't know if it'll help, but if you have macOS Catalina, the profile file in .zprofile instead of .bash_profile. If you add DYLD_LIBRARY_PATH=true, it should work.

mccown (Wed, 20 May 2020 18:15:57 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (May 22st @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest will be Mike Lodder who is a crypto expert and co-leader of Hyperledger Ursa. Mike will be presenting on the new ZKP Linked Data Signature work. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-05-21+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

mccown (Wed, 20 May 2020 18:15:57 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (May 21st @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest will be Mike Lodder who is a crypto expert and co-leader of Hyperledger Ursa. Mike will be presenting on the new ZKP Linked Data Signature work. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-05-21+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

TelegramSam (Wed, 20 May 2020 18:56:08 GMT):
Aries WG Call (B) in 5 min!

TelegramSam (Wed, 20 May 2020 20:35:11 GMT):
On Communicating with Mobile Agents with websockets (Thread)

TelegramSam (Wed, 20 May 2020 20:35:52 GMT):
I believe that using a websocket for mobile agent communication is an excellent idea. In fact, the toolbox is written to use websockets as a transport when supported.

TelegramSam (Wed, 20 May 2020 20:36:10 GMT):
There big question is, who hosts the other end of the websocket?

TelegramSam (Wed, 20 May 2020 20:37:17 GMT):
And related: That other end needs to queue messages when the mobile agent is disconnected.

TelegramSam (Wed, 20 May 2020 20:37:36 GMT):
One answer is a cloud agent: Your mobile agent connects to this cloud agent, who performs the routing functions for messages bound for the mobile agent.

TelegramSam (Wed, 20 May 2020 20:38:11 GMT):
Another more limited form is the use of a mediator: an agent that will receive messages on your behalf (but cannot decrypt them), and sends them to you when you connect.

TelegramSam (Wed, 20 May 2020 20:38:50 GMT):
The third, more generalized but less ideal form, is that any agent could support that sort of queue.

TelegramSam (Wed, 20 May 2020 20:39:54 GMT):
My general vote is the mediator approach. A mobile app has a direct connection (the last option I mentioned) with a mediator, and the mediator queues messages for retrieval (likely over a websocket connection).

TelegramSam (Wed, 20 May 2020 20:40:31 GMT):
Other agents are given that mediator as an endpoint: they don't need to know how the message gets to the mobile app.

TelegramSam (Wed, 20 May 2020 20:41:25 GMT):
Use of the mediator also provides some herd privacy. If many people use the same mediator, the party on the other side cannot use the serviceEndpoint or mediator to correlate me.

TelegramSam (Wed, 20 May 2020 20:41:58 GMT):
that does require that a mobile app has a mediator. This could be provided by the mobile app vendor, but may also be selected in a different way.

TelegramSam (Wed, 20 May 2020 20:42:39 GMT):
I believe we can make this process smooth for the user, to the point where the technical details are hidden and managed for them in a privacy respecting way.

george.aristy (Wed, 20 May 2020 20:45:21 GMT):
aries-framework-go has gone for approach 2 so far

RSeitzberg (Wed, 20 May 2020 21:15:41 GMT):
I am not the most technical person and this may be slightly off subject, but I had an idea that I think might be useful for this conversation about agents. Protonmail is opensource so I realized that you could use the same code base/technologies to make a cloud credential wallet instead of a cloud inbox. their mobile agent is open source as well so if you didn't want to completely re-invent the wheel you could create a cloud credentil wallet agent and mobile agent designed the same way as protonmail and you could piggyback off there technology and benefit from their community security updates. Does that sound like a good way of doing it?

shantsum (Thu, 21 May 2020 05:29:55 GMT):
Thank you so much, @shonjs! I did overlook the clearing of the wallet files. It's working now. Been at this for a few days.

mmassaad (Thu, 21 May 2020 08:42:43 GMT):
Has joined the channel.

TimoGlastra (Thu, 21 May 2020 09:19:01 GMT):
I don't think the options need to cancel each other out. Option 1 is a good option if you're willing to host your own agent. Option 2 I think is the best for a lot of people as they don't want to set up any infrastructure of their own. Option 3 is less desired in my opinion as picking up messages becomes increasingly more tedious as the number of connections grow.

TimoGlastra (Thu, 21 May 2020 09:19:19 GMT):
In aries-framework-javascript we are also aiming at the second approach. Maybe we could formalize how a websocket connection is created as just opening a websocket is not enough. Without the party that opened the connection sending a message to the mediator, the mediator has no way to identify who opened the websocket connection. In my propsal for framework-javascript (https://github.com/hyperledger/aries-framework-javascript/issues/40) I proposed to use the `noop` message from the pickup protocol with a `~transport` decorator for return routing. This indicates to the mediator that it can be used to send messages, authenticates the party that openend the connection, and also allows to determine which messages (from the sending did) should be send over the connection.

TimoGlastra (Thu, 21 May 2020 09:20:06 GMT):
@TelegramSam If we can agree on an approach I would be happy to add this to one of the RFCs.

TelegramSam (Thu, 21 May 2020 20:30:40 GMT):
Agree on not necessarily one or the other. Option 3 is usually best employed between the mobile app and the mediator. Other connections use option 2, enabled by option 3.

TelegramSam (Thu, 21 May 2020 20:31:59 GMT):
If this isn't already in an RFC, I'd love it to be. Note that this mechanism is not required in the strictest sense: it is optional if the mobile app and mediator are provided as a bundle by a vendor.

spacemandev (Fri, 22 May 2020 14:16:38 GMT):
on a aries call maybe two weeks ago i thought i heard something about e2e messaging for groups through DIDCOM but i don't know if that was an RFC or just a thought idea somenoe had and was wondering where to find more information about it

spacemandev (Fri, 22 May 2020 14:16:38 GMT):
on a aries call maybe two weeks ago i thought i heard something about e2e encrypted messaging for groups through DIDCOM but i don't know if that was an RFC or just a thought idea somenoe had and was wondering where to find more information about it

mattatkiva (Fri, 22 May 2020 14:46:29 GMT):
I would like to know how attachments work (https://github.com/hyperledger/aries-rfcs/tree/64e5e55c123b2efaf38f4b0911a71a1c40a7f29d/concepts/0017-attachments) in each of the frameworks for aries (python, go, dotnet). I'm particularly interested in knowing what happens with images attached to credential. Who is best contacts for each of these frameworks to answer my question?

spacemandev (Fri, 22 May 2020 14:55:37 GMT):
@tomislav for dotnet

swcurran (Fri, 22 May 2020 15:12:10 GMT):
@sklump has done a bunch of work with images in credentials using ACA-Py. A lot of work was put in to make sure that such values could be encoded. Note that ~attachments RFC has nothing to do with putting an image in a credential though. A claim in a credential is an encoded value and it's raw representation. To represent an image, the raw representation will be a string-encoded image (so you would likely use base64 encoding) and as just a string, the encoded value is the same as for any string. The ~attachment decorator is available to attach "documents" (however those are defined) into Aries messages. Examples of how those can be used can be seen in the issue credential RFCs (there are now 2 - v1 and v2), but not related to values within credentials.

sklump (Fri, 22 May 2020 15:29:07 GMT):
An image is an attribute like any other, it needs a non-null `mime_type` (e.g., `image/png`)and hence the encoding is base64.

esplinr (Fri, 22 May 2020 17:42:35 GMT):
I put together a project update video to help people track the progress of Aries, Indy, and Ursa: https://www.youtube.com/watch?v=CQ2PP4qmEL4&feature=youtu.be This mostly covers in-flight projects and why I am less visible in community meetings than previously.

tomislav (Fri, 22 May 2020 18:30:42 GMT):
Adding image attachments to any message, even existing credential exchange should work fine. They will just be ignored by the runtime. You can attach images as data or links, both are supported in the attachment decorator rfc

mattatkiva (Fri, 22 May 2020 18:46:30 GMT):
The reason I'm asking is our experience we could not save credentials with images into the wallet using indy sdk. Our solution was the credential contained a hash of the image and we retrieved/stored the image separately. It sounds like we will have this same problem using Aries agents .

mattatkiva (Fri, 22 May 2020 18:46:30 GMT):
The reason I'm asking is our experience we could not save credentials with images into the wallet using indy sdk. Our solution was the credential contained a hash of the image and we retrieved/stored the image separately. If I understand your reply correctly. It sounds like we will have this same problem using Aries agents . And the RFC did not address the problem of storing images.

jljordan_bcgov (Fri, 22 May 2020 19:14:41 GMT):
mmm .. I think @swcurran is saying that it is possible to store an image as a claim in a credential.

swcurran (Fri, 22 May 2020 19:16:54 GMT):
The RFC does not change anything. If you tried to store the binary representation of the image, that would not work. If you encoded the image as base64, that will definitely work.

swcurran (Fri, 22 May 2020 19:16:54 GMT):
The RFC does not change anything to do with credential storage/claim values. If you tried to store the binary representation of the image, that would not work. If you encoded the image as base64, that will definitely work.

swcurran (Fri, 22 May 2020 19:17:57 GMT):
What was blocker you had with the indy-sdk?

sklump (Fri, 22 May 2020 19:21:08 GMT):
Probably the size: attribute values are good to about 300K if I recall correctly

swcurran (Fri, 22 May 2020 19:23:42 GMT):
If that was the issue, agree that the hash+link (or hashlink) method is a good approach from an integrity perspective. The challenge is where to put the image such that privacy is preserved for use cases that require that. In those cases, simply knowing the hash should not be enough to access the image.

andrew.whitehead (Fri, 22 May 2020 19:59:27 GMT):
Hash + attachment :) not that the issue- credential protocol supports it

swcurran (Fri, 22 May 2020 20:00:47 GMT):
If you have the "attachment" in a claim, then you wouldn't need the hash. We just went in a circle.

swcurran (Fri, 22 May 2020 20:01:50 GMT):
Ah, you mean attachment as an external reference I'm guessing. But that wouldn't solve the access authentication, would it?

andrew.whitehead (Fri, 22 May 2020 20:01:59 GMT):
The claim is the hash. The attachment decorator holds or links to the data

swcurran (Fri, 22 May 2020 20:05:24 GMT):
So sent outside of the credential. Ah, got you. That's an interesting idea. So the holder has it and shares it as raw data attached to the proof (so it's not proven), but the hash in the proof is sufficient to proof the image was issued by the issuer. Cool idea. There should be an RFC for that :-). We could extend the v2 issue and include it in the "soon-to-be-written" v2 present proof RFC. That would add a new requirment to the storage.

andrew.whitehead (Fri, 22 May 2020 20:09:38 GMT):
Yeah it's not trivial to support

davidd (Sat, 23 May 2020 00:06:03 GMT):
Hi, I'm facing some issues regarding Aries Xamarin Framework and have some questions a) Osma & Mediator is dependent on each other, when u stopped mediator, osma crashed. Any solution? b) also when I restart Mediator (running on static IP), osma wouldn't work fine and sometime crashes. c) Is the wallet in phone and .indy_client (on system where Osma is build) is same? and dependent? d) Can I replace Mediator with API?

davidd (Sat, 23 May 2020 00:06:03 GMT):
Hi, I'm facing some issues regarding Aries Xamarin Framework a) Osma & Mediator is dependent on each other, when u stopped mediator, osma crashed. Any solution? b) also when I restart Mediator (running on static IP), osma wouldn't work fine and sometime crashes. c) Is the wallet in phone and .indy_client (on system where Osma is build) is same? and dependent? d) Can I replace Mediator with API?

hamidm (Sat, 23 May 2020 08:38:00 GMT):
Hi, is there a limit in size of the data that can be stored in a WalletRecord ? I was thinking about the hash link solution and use a WalletRecord to store binary docs.

tomislav (Sat, 23 May 2020 12:23:08 GMT):
If using sqlite wallets, the default is 10^9 bytes

hamidm (Sat, 23 May 2020 12:26:33 GMT):
Thanks

PatHuman (Sun, 24 May 2020 09:20:09 GMT):
Has joined the channel.

PatHuman (Sun, 24 May 2020 09:23:20 GMT):
Hi everyone, I'm tyring the verify-creds-samples, but it looks like I need an invitation on https://agency.verify-creds.com, can someone please help?

mattatkiva (Mon, 25 May 2020 15:12:24 GMT):
There was definitely an issue in Indy SDK with the size of images properly encoded

mattatkiva (Mon, 25 May 2020 15:12:24 GMT):
There was definitely an issue in Indy SDK with the size of images properly encoded when creating credentials

mattatkiva (Mon, 25 May 2020 15:13:00 GMT):
We are using postgres. I do not think problem had anything to do with the DB but had to do withindysdk itself

mattatkiva (Mon, 25 May 2020 15:13:00 GMT):
We are using postgres. I do not think problem had anything to do with the DB but had to do with indysdk itself

Moshe7 (Mon, 25 May 2020 22:33:46 GMT):
From the tutorial in edx: "The issuer will monitor the revocations through the period, track the IDs of the credentials to be revoked, calculate an update to the accumulator to revoke those credentials and write the new accumulator value to the ledger" Why does the issuer need to monitor? It's not better to create credentials with expired dates, and it's up to the verifier to decide if to accept the credentials? Like any ID paper or license card?

swcurran (Mon, 25 May 2020 22:44:43 GMT):
There is a difference between expiring a credential and revoking it and both can and should be used. As you note, an expiration can happen on a time schedule. However, what if something changes with the claims data on the credential before it expires? An example is a person moving to a new address. With paper, we get a sticker to go on our license with the new address (at least that's what happens in BC). With verifiable credentials we can revoke the credential with the old address and issue a new one. Revocation can also be used for when Bad Things happen, such as when a driver permit to drive is revoked because of a bad driving record. Another example is when a permit for something (for example, a building permit) is issued to a company, and later that company is dissolved. It would be good to be able to revoke the credential so that the permit cannot continue to be used.

sheru (Tue, 26 May 2020 03:16:50 GMT):

HimangshuPan - Tue May 26 2020 08:46:25 GMT+0530 (India Standard Time).txt

Moshe7 (Tue, 26 May 2020 16:42:13 GMT):
Thanks for your response. If I understand, it makes sense, only when you have another primary central system that saves all data of the issuer, for example, database with all address of holders, so when the holder updated his address in this system you need update credential of the holder, but if the data own only by the holder when the holder changes his address he needs to come back to issuer to update in his credential with his new address. So in this case, it's up to the issuer to make an investigation to find fraud (to save his reputation in front of verifier)?

swcurran (Tue, 26 May 2020 17:12:50 GMT):
I'm not sure exactly what you mean, but the issuer should be the authority for the information it issues, and if necessary, have a mechanism for retaining the accuracy of the data it issues. Usually, that does mean keeping information on matters of which they are the authority (e.g. a school issuing a degree, a Medical Authority tracking Doctors, etc.). The only case I can think of an issuer issuing data for which the holder is the authority would be that of a notary that is given some data, verifies it and then issues it back to the holder. In that case, they would not likely need to track the data or revoke it in the future. Their "authority is saying, "based on what I knew at the time, this information was accurate".

Moshe7 (Tue, 26 May 2020 18:47:44 GMT):
Your explanation was what I was looking for, the difference between notary and authority make it clear, thank you.

ker13530018 (Wed, 27 May 2020 09:52:42 GMT):
Has joined the channel.

TelegramSam (Wed, 27 May 2020 17:37:10 GMT):
That might have been me. No RFCs yet, just conversations.

rowanshedden (Thu, 28 May 2020 02:51:37 GMT):
Has joined the channel.

RimAbdallah (Thu, 28 May 2020 13:53:37 GMT):
Has joined the channel.

RimAbdallah (Thu, 28 May 2020 13:53:38 GMT):
When a holder receive an issued credential than can be later revoked, To present a prrof it must construct the revocation state and access the tail file, as a result when i attempt to present a proof i get "Error when constructing revocation state -Invalid len of bytes representation for PoingG2". how can the probe access the tail file and what are the steps required for a credential check of non-revocation

RimAbdallah (Thu, 28 May 2020 13:53:38 GMT):
Hello everyone,When a holder receive an issued credential than can be later revoked, To present a prrof it must construct the revocation state and access the tail file, as a result when i attempt to present a proof i get "Error when constructing revocation state -Invalid len of bytes representation for PoingG2". how can the probe access the tail file and what are the steps required for a credential check of non-revocation

RimAbdallah (Thu, 28 May 2020 13:53:38 GMT):
Hello everyone, I am new with indy and arise. I am trying to exchange a credential between an issuer,holder and a prover with enabled revocation. When a holder receive an issued credential than can be later revoked, how can he access the tail file. When attempting to present a proof to a verifier i get the following error "Error when constructing revocation state -Invalid len of bytes representation for PoingG2". how can the holder access the tail file and what are the steps required for a credential check of non-revocation that assure a proper revocation state construction.

sanbachs (Thu, 28 May 2020 22:15:29 GMT):

aries.png

sanbachs (Thu, 28 May 2020 22:16:16 GMT):
Wondering what people use to identify Aries agents? Is this usable? Cropped from the Hyperledger Aries RFCs logo

rjones (Thu, 28 May 2020 22:25:46 GMT):
I have vectors if it helps

rjones (Thu, 28 May 2020 22:26:08 GMT):
what's your github username, @sanbachs ?

sanbachs (Fri, 29 May 2020 01:16:15 GMT):
it's b1conrad

jljordan_bcgov (Fri, 29 May 2020 13:35:21 GMT):
Not sure if you will have seen this but there is a sequence in this demo https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md for revocation ...

swcurran (Fri, 29 May 2020 18:51:14 GMT):
Posting this notice on the Aries channel because the issue is relevant to Agent/Agent Framework Builders: This week's Indy Contributors call will mostly be about how we can enable dynamic access to multiple Indy ledgers --- allowing an agent (for example, a Mobile Wallet app) to access multiple Indy ledgers in a single session with minimal effort from the agent owner. An example for those that have used the Streetcred and esatus wallets: using both Sovrin Staging and Sovrin Mainnet without having to switch the settings over and over. We'll also cover the latest progress on Revocation 2.0 work. The call is Monday, June 1 at 8AM US Pacific, dial-in information: https://zoom.us/j/244779296 Agenda can be found here: https://wiki.hyperledger.org/display/indy/2020-06-01+Indy+Contributors+Call Join us!

crector (Mon, 01 Jun 2020 18:37:48 GMT):
Has joined the channel.

StevenTCramer (Tue, 02 Jun 2020 14:54:44 GMT):
Has joined the channel.

TelegramSam (Tue, 02 Jun 2020 18:49:43 GMT):
Was this recorded?

TelegramSam (Tue, 02 Jun 2020 18:50:35 GMT):
just found it.

AmolDeshpande (Wed, 03 Jun 2020 10:29:28 GMT):
Has joined the channel.

severus-sn4pe (Wed, 03 Jun 2020 11:49:34 GMT):
Has joined the channel.

severus-sn4pe (Wed, 03 Jun 2020 11:49:34 GMT):
Hi all. I'm trying to write an custom controller for aca-py and was wondering how to do self-asserted claims. I was thinking about creating a connection with myself and then issue a credential to myself, for which I then can send proofs to other agents. But this all requires that I publish a schema and CredDef on the ledger for each agent that wants to do that. Is that a good approach or is there a simpler way to do this?

Jintolus (Wed, 03 Jun 2020 13:49:01 GMT):
Has joined the channel.

ianco (Wed, 03 Jun 2020 16:03:01 GMT):
There's an example of a self attested attribute in the Alice/Faber demo, Faber asks for the attribute here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/faber.py#L298

ianco (Wed, 03 Jun 2020 16:03:56 GMT):
Alice provides it here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/alice.py#L144

ianco (Wed, 03 Jun 2020 16:04:46 GMT):
There's no credential involved, basically in the proof request you just ask for something with no restrictions and then the prover can provide whatever value they want

severus-sn4pe (Wed, 03 Jun 2020 16:20:18 GMT):
Thank you. I've already seen that in the code but wondered how that would work.

severus-sn4pe (Wed, 03 Jun 2020 16:20:27 GMT):
So basically I can just provide additional attributes in the proof than defined in the schema and the verifier can then handle that however he wants?

ianco (Wed, 03 Jun 2020 16:20:50 GMT):
Right

severus-sn4pe (Wed, 03 Jun 2020 16:20:55 GMT):
Is there a way to store such data in the wallet? Let say Alice has some claims she wants to make about herself and include that in future proofs. Or is that something that has to be stored in the controller application?

ianco (Wed, 03 Jun 2020 16:21:45 GMT):
For that you need to self-issue yourself a credential, as you originally described. Including registering a schema and cred def on the ledger

ianco (Wed, 03 Jun 2020 16:22:30 GMT):
The controller can deal with this separately, i.e. keep profile data that it uses to fill in proofs where there are no claims available

severus-sn4pe (Wed, 03 Jun 2020 16:22:57 GMT):
ok, so that approach wasn't that bad then? Also considering when I want to be able to revoke stuff, I basically have to go the credential way if I understand it correctly

ianco (Wed, 03 Jun 2020 16:23:20 GMT):
For self-issued credentials, the verifier would have to accept these, and would have to include the appropriate restriction for these claims in their proof request

ianco (Wed, 03 Jun 2020 16:23:48 GMT):
yes to revoke credentials you need to use the indy revocation

severus-sn4pe (Wed, 03 Jun 2020 16:28:32 GMT):
ok. now just one more thing: when I want to revoke a credential, I have to provide a cred_rev_id. when I issue a credential I get that information from the agent, but as far I've seen, that isn't stored in the agent itself. So if I want to handle such cases, I have to store all relevant credential information used for revocation in the controller in order to be abel to revoke that in the future. is that correct? or can I find information about issued credentials somewhere in the agent?

ianco (Wed, 03 Jun 2020 16:29:05 GMT):
That's right you need to store that info in the controller

severus-sn4pe (Wed, 03 Jun 2020 16:29:44 GMT):
ok. thank you very much. that helped me a lot!

mccown (Wed, 03 Jun 2020 19:39:03 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (June 4th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Matt Norton from Streetcred. Matt will be presenting on some of their new health-related credential work. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-06-04+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

MikeRichardson (Thu, 04 Jun 2020 07:38:18 GMT):
I was playing around with the Streetcred Swagger API because we needed to find a way to retrieve issued credentials in order to be able to revoke them at a later date (for any user using our service). If I do a GET /credentials I get all the credentials issued and offered across multiple connections going back several days. I assume these are stored in the Issuer agent's wallet. But this surprised me as I thought that only the holder stored credentials in their agent wallet. Am I misunderstanding something here?

MikeRichardson (Thu, 04 Jun 2020 07:38:18 GMT):
I was playing around with the Streetcred Swagger API because we needed to find a way to retrieve issued credentials in order to be able to revoke them at a later date (for any user using our service). If I do a GET /credentials I get all the credentials issued and offered across multiple connections going back several days. I assume these are stored in the Issuer agent's wallet (the issuer being us via our website acting as proxy issuer) But this surprised me as I thought that only the holder stored credentials in their agent wallet. Am I misunderstanding something here?

MikeRichardson (Thu, 04 Jun 2020 07:38:18 GMT):
I was playing around with the Streetcred Swagger API because we needed to find a way to retrieve issued credentials in order to be able to revoke them at a later date (for any user using our service). If I do a GET /credentials I get all the credentials issued and offered across multiple connections going back several days. I assume these are stored in the Issuer agent's wallet (the issuer being us via our website acting as proxy issuer). But this surprised me as I thought that only the holder stored credentials in their agent wallet. Am I misunderstanding something here?

MikeRichardson (Thu, 04 Jun 2020 07:38:18 GMT):
I was playing around with the Streetcred Swagger API because we needed to find a way to retrieve issued credentials in order to be able to revoke them at a later date (for any user using our service). If I do a GET /credentials I get all the credentials issued and offered across multiple connections going back several days. I assume these are stored in the Issuer agent's wallet (the issuer being us via our website acting as proxy issuer). But this surprised me as I thought that only the holder stored credentials in their agent wallet. Or is this just how streetcred do things as their default out-of-the-box controller for use by issuer client apps. Am I misunderstanding something here?

grossetti (Thu, 04 Jun 2020 08:36:20 GMT):
Has joined the channel.

grossetti (Thu, 04 Jun 2020 08:36:26 GMT):
Hi everyone

syngin (Thu, 04 Jun 2020 09:30:18 GMT):
Has joined the channel.

syngin (Thu, 04 Jun 2020 09:30:19 GMT):
Hi. I'm getting a stack overflow error whenever making any Pool calls using the aries framework. What could cause stack overflow errors. For reference, it happens for the aspnetcore sample but not in the edgeconsoleclient app, The Pool call is Pool.OpenPoolLedgerAsync. What am I missing?

karburator (Thu, 04 Jun 2020 16:03:57 GMT):
Hi all, I got very interested recently into the self-sovereign identity concept and find it fascinating, so I stumbled upon the Hyperledger Aries project. So if you don’t mind, I have a couple of questions and would be very grateful for some help. I would like to run my own Aries network so I can play with it and learn, but only managed to find instructions for Hyperledger Indy and I’m not grasping what the exact difference is. I managed to run the VON test network locally and probably could run it on dedicated servers, as a more realistic scenario, but don’t know where to start. Is there any „tutorial“ or manual that could you recommend? I bought a couple of books and „Introduction to Hyperledger Sovereign Identity Blockchain Solutions: Indy, Aries & Ursa“ course on EdX. So far I enjoy the theory, but I would also like to get my hands dirty and play with a live system. What is the current status of Aries SDK for Java? I’m senior Java developer and naturally feel most comfortable coding in Java, but if you suggest some other language for start, that’s fine too How would you suggest me to contribute to the community? As I mentioned, I really find the self-sovereign identities fascinating and would like to contribute. Thanks in advance!

swcurran (Thu, 04 Jun 2020 18:28:04 GMT):
Hi. Have you looked at the second edX course? That is the one for devs to run things: https://www.edx.org/course/becoming-a-hyperledger-aries-developer Java process has been slow - some, but not enough interest. ACA-Py (Python), aries-framework-dotnet and aries-framework-go are the most mature ones right now. Once you have a better idea of what project you would like to build with, we can help with some early tasks to get started.

swcurran (Thu, 04 Jun 2020 18:28:28 GMT):
I have lots of ideas about what could move things ahead :-)

karburator (Thu, 04 Jun 2020 21:52:25 GMT):
Hi Stephen, Thanks for your response, I am really enjoying your courses, big fan! J I just enrolled in the one you mentioned and I see it packs a lot of practical material, which is awesome, just what I needed!

spacemandev (Thu, 04 Jun 2020 23:10:30 GMT):
Hi, I’m unsure where exactly to post this question The VC standard specifies an issuance date on each credential. When building a presentation, is there anyway to include that date (which is *not* a credential value) as part of the proof? The workaround seems to be issuance_date to be duplicated as a credential value and then non standardized in it’s presentation (unix timestamp, month/date field/etc as up to the issuer) which would cause problems.

jakubkoci (Fri, 05 Jun 2020 07:43:10 GMT):
Hi. Is there any protocol spec how end-user app can get and show logo/avatar of the connection? Maybe something like `logoUrl` in connection invitation or `logo` link to attachement of connection invitation?

severus-sn4pe (Fri, 05 Jun 2020 10:46:03 GMT):
When I try to issue a credential to myself, the aca-py agents gets somehow stuck. I get the `credential_received` message in `handle_issue_credential`, but after that no `ack` is sent back. All future calls to the agents (for example calling `/credentials` to get all stored credentials) don't return anymore and the requests run into timeouts. When I issue the same credential to another agent, all works flawless (so the credential itself should be fine I guess). Is there anything I need to do/extend in the demo-implementations of the acapy-agent so that self-issued credentials can be accepted?

wip-abramson (Fri, 05 Jun 2020 13:01:57 GMT):
Happy Friday everyone. I have been hacking on a project recently to integrate aries capabilities into the OM (https://openmined.org/) stack. This is off the back of a paper we recently got accepted for publication - https://arxiv.org/abs/2006.02456. If anyone is interested in learning more or contributing just give us a shout!

swcurran (Fri, 05 Jun 2020 14:34:29 GMT):
Best to ask on the #aries-cloudagent-python channel. Did you use the /store_credential endpoint? I'm thinking it might be that. Depends also on start up parameters used.

m00sey (Fri, 05 Jun 2020 15:07:43 GMT):
Has joined the channel.

brentzundel (Fri, 05 Jun 2020 15:39:09 GMT):
The Verifiable Presentation contains an array of included VCs, so each VC would already include its issuanceDate. Are you asking specifically how this would work for a ZKP presentation?

spacemandev (Fri, 05 Jun 2020 16:02:26 GMT):
when doing a normal (non ZKP) presentation, the only information that shows up about VCs are: schema_id, cred_def_id, rev_reg_id, and timestamp It would make sense for timestamp to show up as the issuance date, but it only shows up as null so i'm unsure what timestamp refers to in the encoded VC in the presentation

ntonani (Fri, 05 Jun 2020 17:02:27 GMT):
As Aries is a toolkit for developing cred solutions, I'm wondering how many people are using only some tools rather than diving into the ecosystem head first. I would like to us it as a pluggable digital wallet, with potential for expanding to other uses, namely vc. l Would love to hear if others have done this.

spacemandev (Fri, 05 Jun 2020 17:03:17 GMT):
aries framework go implements only Aries and not the indy stack (yet)

ntonani (Fri, 05 Jun 2020 17:04:40 GMT):
sorry could you expand. do you mean it does not take a dependency on Indy (it is pluggable), or that the wallet isn't yet stripped? also thanks for quick response.

spacemandev (Fri, 05 Jun 2020 17:05:32 GMT):
it does not have a dependency on indy. it just manages connections and interchanges DIDCOM messages as far as i know

spacemandev (Fri, 05 Jun 2020 17:05:59 GMT):
https://github.com/hyperledger/aries-framework-go

ntonani (Fri, 05 Jun 2020 17:15:35 GMT):
right, i have glanced at this. some unknowns for me. 1) unclear if storage also includes credential storage (I.e. json-ld payload) storage or just kms. I see json-ld vc support but nothing around storage 2) unclear viability of go sdk on mobile platform. I see a js sdk but seems to be an Indy wrapper atm.

spacemandev (Fri, 05 Jun 2020 17:33:33 GMT):
Looking into it it seems like the timestamp field has to do with time of non revocation, so it still doesn't solve the problem of giving us issuance date from the VC

troyronda (Fri, 05 Jun 2020 18:54:03 GMT):
correct - aries-framework-go does not have dependencies on indy. This framework is capable of managing DIDComm messages and has support libraries for features needed by agents/wallets such as Verifiable Credentials, JSON-LD signatures, DIDs, DID Resolution, KMS, Basic storage, etc.

troyronda (Fri, 05 Jun 2020 18:55:14 GMT):
The Go framework currently has three methods of usage: as Go packages to be built into a Go application; as a daemon controlled by a REST API; as a WASM controlled by a JavaScript API.

troyronda (Fri, 05 Jun 2020 18:55:49 GMT):
Note: the WASM is runnable in browsers.

brentzundel (Fri, 05 Jun 2020 19:27:36 GMT):
Sorry, I'm not understanding. Are you talking about using indy-style credentials in a W3C verifiable presentation?

TelegramSam (Fri, 05 Jun 2020 19:29:36 GMT):
RFC PR: Adding id to allow for credential replacement: https://github.com/hyperledger/aries-rfcs/pull/495

spacemandev (Fri, 05 Jun 2020 20:20:41 GMT):
i was hoping that indy-style credentials matched up with the W3C spec, but it seems that is not the case

brentzundel (Fri, 05 Jun 2020 20:21:35 GMT):
they don't yet. Work is proceeding that direction, much of which is documented in the Indy HIPEs and Aries RFCs about Rich Schemas.

MikeRichardson (Sun, 07 Jun 2020 06:00:36 GMT):
I understand that revocation notifications are not yet implemented in Aries. Is this correct? If so are there plans to implement this in the near future? Thanks.

MikeRichardson (Sun, 07 Jun 2020 06:00:36 GMT):
I understand that revocation notifications are not yet implemented in Aries. By revocation notification I mean holders being notified that a credential was revoked. Is this correct? If so are there plans to implement this in the near future? Thanks.

swcurran (Sun, 07 Jun 2020 14:21:19 GMT):
This has been discussed in the context of issuing a credential - e.g. adding a flag/note to the Offer and/or Issue messages to inform the holder that the issue was triggered by a revocation. But that's not done yet. There is a proposed RFC 0183 Revocation Notification that you should look at, as it likely does what you want. I suggest checking that, evolving it and then promoting it's use in the community. With revocation support new in the community, we just haven't gotten there yet. https://github.com/hyperledger/aries-rfcs/tree/master/features/0183-revocation-notification

swcurran (Sun, 07 Jun 2020 14:21:42 GMT):
@smithbk ^^

Moshe7 (Sun, 07 Jun 2020 20:58:11 GMT):
Hi, I am learning about Aries, in the guide it says that Aries is using the Ursa project for Crypto Library, I was looking for a project that uses Ursa and did not find, is there an Aries project that uses Ursa? Or Ursa not mature enough to use?

MikeRichardson (Mon, 08 Jun 2020 05:30:20 GMT):
Thank you stephen. I would be happy to get involved in implementing this in conjunciton with others if there is sufficient interest. In the meantime, I suppose the issuer could just send a message to the holder notifiying them of revocation of credentials.

MikeRichardson (Mon, 08 Jun 2020 05:30:20 GMT):
Thank you Stephen. I would be happy to get involved in implementing this in conjunciton with others if there is sufficient interest. In the meantime, I suppose the issuer could just send a message to the holder notifiying them of revocation of credentials.

MikeRichardson (Mon, 08 Jun 2020 05:30:20 GMT):
Thank you Stephen. I would be happy to get involved in implementing this in conjunction with others if there is sufficient interest. In the meantime, I suppose the issuer could just send a message to the holder notifiying them of revocation of credentials.

ntonani (Mon, 08 Jun 2020 16:25:03 GMT):
Wondering if anyone here knows the cross-over between W3C CCG and Aries community? I'd love to know more about the Universal Wallet spec through the lens of Aries - https://transmute-industries.github.io/universal-wallet/. Does Aries not already provide "A portable, extensible, JSON-LD wallet supporting digital currencies and credentials."?

andrew.whitehead (Mon, 08 Jun 2020 16:28:21 GMT):
Haven't seen that spec, I'll have to go over it. I think the Go framework has a wallet/KMS for JSON-LD credentials, not aware of anybody focusing on currencies

ntonani (Mon, 08 Jun 2020 16:30:37 GMT):
Ya I suspected that was the difference. Doesn't seem outside Aries scope though.

ntonani (Mon, 08 Jun 2020 16:32:31 GMT):
Curious if there are technical limitations within Aries that'd force transmute to have written a wallet implementation themselves. Perhaps just lack of coordination.

andrew.whitehead (Mon, 08 Jun 2020 16:37:09 GMT):
There hasn't been as much focus on JSON-LD credentials yet, that's still building. Most implementers have been using Indy credentials which are not currently compatible

ntonani (Mon, 08 Jun 2020 16:45:32 GMT):
Right. I've seen JSON-LD activity in Go repo recently but could have been a timing thing. Easier said than done to extend an existing solution.

andrew.whitehead (Mon, 08 Jun 2020 16:51:38 GMT):
The Go framework doesn't depend on Indy, it only uses signed JSON-LD credentials

andrew.whitehead (Mon, 08 Jun 2020 17:00:00 GMT):
We're also actively working on supporting JSON-LD credentials in ACA-py and aries-vcr (the credential registry), especially with BBS+ signatures, and looking for good ways to store and index them

konsmosc (Wed, 10 Jun 2020 08:59:36 GMT):
Has joined the channel.

andrew_delta (Wed, 10 Jun 2020 12:45:44 GMT):
Has joined the channel.

andrew_delta (Wed, 10 Jun 2020 12:45:44 GMT):
Hi all - what is the status of the Postgres storage plugin with regards to the various language-specific wrappers? I'm specifically trying to get the dotnet library (https://github.com/hyperledger/aries-framework-dotnet) to use anything other than the default local disk storage.

PatrikStas (Wed, 10 Jun 2020 15:10:48 GMT):
@andrew_delta you don't need wrappers for postgres storage plugin. Postgres wallet plugin exposes API which is consumed only internally by IndySDK. You have to compile the rust code into library, load up that postgresql binary in your code and when creating/opening wallet, you need to express that you want to use postgresql storage instead. You would express that information in these parameters: https://github.com/hyperledger/indy-sdk/blob/master/libindy/src/api/wallet.rs#L226 https://github.com/hyperledger/indy-sdk/blob/master/libindy/src/api/wallet.rs#L229 Example of these parameters for postgres wallet is here (NodeJS wrapper for LibVCX, under the hood these parameters are passed to create/open wallet IndySDK APIs) https://github.com/hyperledger/indy-sdk/blob/master/vcx/wrappers/node/demo/faber.js#L48

PatrikStas (Wed, 10 Jun 2020 15:10:48 GMT):
@andrew_delta you don't need wrappers for postgres storage plugin. Postgres wallet plugin exposes API which is consumed only internally by IndySDK. You have to compile the postgres plugin rust code into library, load up that postgresql binary in your code and when creating/opening wallet, you need to express that you want to use postgresql storage instead. You would express that information in these parameters: https://github.com/hyperledger/indy-sdk/blob/master/libindy/src/api/wallet.rs#L226 https://github.com/hyperledger/indy-sdk/blob/master/libindy/src/api/wallet.rs#L229 Example of these parameters for postgres wallet is here (NodeJS wrapper for LibVCX, under the hood these parameters are passed to create/open wallet IndySDK APIs) https://github.com/hyperledger/indy-sdk/blob/master/vcx/wrappers/node/demo/faber.js#L48

PatrikStas (Wed, 10 Jun 2020 15:12:50 GMT):
Here's how we are loading postgres plugin binary dynamically https://github.com/hyperledger/indy-sdk/blob/master/vcx/wrappers/node/demo/common.js#L15 in runtime Not a dotnet guys I can't help with specifics, but you could use this as rough reference.

Joshua.o (Wed, 10 Jun 2020 17:42:14 GMT):
Has joined the channel.

RinkalBhojani (Thu, 11 Jun 2020 12:50:45 GMT):
Has joined the channel.

RinkalBhojani (Thu, 11 Jun 2020 12:50:45 GMT):
Where can I post doubts related to #aries-framework-dotnet ?

sheru (Thu, 11 Jun 2020 13:43:19 GMT):
Good Morning, Hope everyone doing well. I am trying to play around with aries-mobileagent-xamarin I have setup the mediator and successfully make a connection with cloud agent by scan the qr code. the cloud agent offer a credential to the mobile agent. When I am trying to request for accept the credential from the mobile agent I am getting the following error... ```**Hyperledger.Indy.PoolApi.PoolConfigNotCreatedException:** 'The requested pool cannot be opened because it does not have an existing configuration.'``` Can anyone please help me what I am missing , Thank you...

rjones (Thu, 11 Jun 2020 13:49:00 GMT):
@RinkalBhojani this is a good place

lijiachuan (Thu, 11 Jun 2020 15:04:49 GMT):
Hi all, may I know is there a channel for the Aries Framework(.NET)?

swcurran (Thu, 11 Jun 2020 16:01:47 GMT):
@rjones -- perhaps you can create an aries-framework-dotnet channel? And definitely invite @tomislav to it!!!

swcurran (Thu, 11 Jun 2020 16:02:16 GMT):
Tomislav or someone on the aries-framework-dotnet team should own/admin the channel.

rjones (Thu, 11 Jun 2020 16:12:39 GMT):
Done. Does the Xamarin stuff land there as well? I worry about channel proliferation

swcurran (Thu, 11 Jun 2020 16:49:30 GMT):
Yes, I think that makes sense, since it is Aries MAX is based on aries-framework-dotnet

swcurran (Thu, 11 Jun 2020 16:55:37 GMT):
BC Gov has announced a CDN$25k bounty for help with the Aries Agent Test Harness to build a backchannel (integration) with aries-framework-dotnet. Please look at the work and if you are interested, submit an application. The following is a link to the opportunity, which has details on the work to be done. Questions welcome! https://digital.gov.bc.ca/marketplace/opportunities/code-with-us/d359da07-d8e2-48eb-89bc-35f9f04aa09c

swcurran (Thu, 11 Jun 2020 16:55:37 GMT):
BC Gov has announced a *CDN$25k bounty *for help with the Aries Agent Test Harness to build a backchannel (integration) with aries-framework-dotnet. Please look at the work and if you are interested, submit an application. The following is a link to the opportunity, which has details on the work to be done. Questions welcome! https://digital.gov.bc.ca/marketplace/opportunities/code-with-us/d359da07-d8e2-48eb-89bc-35f9f04aa09c

victor.martinez (Thu, 11 Jun 2020 16:55:55 GMT):
Recently we have contributed to aca-py , adding JSON-LD signing and verif exposed via the administrative REST interface. Signing is done with keys in the wallet. Check this PR . https://github.com/hyperledger/aries-cloudagent-python/pull/540

RinkalBhojani (Thu, 11 Jun 2020 17:07:58 GMT):
Could you please check whether aries-mobileagent-xamarin and cloud agent both are using the same pool config(pool_genesis.txn file).

Alexi (Thu, 11 Jun 2020 21:10:43 GMT):
@TelegramSam having some trouble connecting a dockerized aca-py agent with the aries toolbox. Wondering if I could get some help, I have both aca-py and the toolbox running, but when I click connect on the toolbox nothing happens. I also ran the aca-py with the toolbox plugin but still connot get it to connect. For reference this is how I am starting the aca-py (I edited the dockerfile in the aries repo to install the plugin): ``` PORTS="3000:3000 3001:3001 5003:5003" ./scripts/run_docker start -it http 0.0.0.0 3000 -it ws 0.0.0.0 3001 -ot http --admin 0.0.0.0 5003 -e http://0.0.0.0:3000 ws://0.0.0.0:3001 --genesis-url https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_sandbox_genesis --admin-insecure-mode --auto-ping-connection --auto-accept-requests --wallet-type indy --label “holder” --log-level DEBUG --plugin acapy_plugin_toolbox ```

Alexi (Thu, 11 Jun 2020 21:10:43 GMT):
@TelegramSam having some trouble connecting a dockerized aca-py agent with the aries toolbox. Wondering if I could get some help, I have both aca-py and the toolbox running, but when I click connect on the toolbox nothing happens. I also ran the aca-py with the toolbox plugin but still connot get it to connect. For reference this is how I am starting the aca-py (I edited the dockerfile in the aca-py repo to install the plugin): ``` PORTS="3000:3000 3001:3001 5003:5003" ./scripts/run_docker start -it http 0.0.0.0 3000 -it ws 0.0.0.0 3001 -ot http --admin 0.0.0.0 5003 -e http://0.0.0.0:3000 ws://0.0.0.0:3001 --genesis-url https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_sandbox_genesis --admin-insecure-mode --auto-ping-connection --auto-accept-requests --wallet-type indy --label “holder” --log-level DEBUG --plugin acapy_plugin_toolbox ```

andrew.whitehead (Thu, 11 Jun 2020 22:11:38 GMT):
Only thing I notice is it might need another `-e` before the second endpoint

TimoGlastra (Fri, 12 Jun 2020 20:50:27 GMT):
That's awesome @swcurran . I'll definitely look into submitting an application with my team.

TelegramSam (Fri, 12 Jun 2020 20:59:22 GMT):
There are some conflicts between acapy master and the toolbox, as some work is needed to align with a recent refactor. That should be done in the next week. If you are in a hurry, there is a specific commit that the toolbox works currently with.

HichamTAHIRI (Sun, 14 Jun 2020 15:46:12 GMT):
Has joined the channel.

kostasmoschou (Mon, 15 Jun 2020 09:13:16 GMT):
Has joined the channel.

mtfk (Tue, 16 Jun 2020 18:41:41 GMT):
@ntonani @victor.martinez @andrew.whitehead Tomorrow on Morning Aries Call we would have Orie to talk about this initiative so feel free to join our discussion and bring some questions. Would would talk about how this this effort align with Aries project. Details on the meeting page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31203171

andrew.whitehead (Tue, 16 Jun 2020 18:58:57 GMT):
Sounds good. I'm discussing my wallet work on the noon call

m00sey (Wed, 17 Jun 2020 01:30:05 GMT):
I am currently implementing https://github.com/hyperledger/aries-rfcs/tree/master/features/0212-pickup in Aries https://github.com/hyperledger/aries-framework-go/pull/1926 and was hoping I could get some back story on the use case for the Message Query and Message List Response. As I look it these are protocol level messages and wouldn't ever have a "user interface" in place to select individual or multiple, message ids. Once the status request is made and the batch satisfied my thought was that would be the end of the interaction, the edge never really have "insight" into it messages waiting at the agent.

m00sey (Wed, 17 Jun 2020 01:30:05 GMT):
I am currently implementing https://github.com/hyperledger/aries-rfcs/tree/master/features/0212-pickup in Aries https://github.com/hyperledger/aries-framework-go/pull/1926 and was hoping I could get some back story on the use case for the Message Query and Message List Response. As I look it, these are protocol level messages that wouldn't ever have a "user interface" in place to select individual or multiple, message ids. Once the status request is made and the batch satisfied my thought was that would be the end of the interaction, the edge never really have "insight" into it messages waiting at the agent.

m00sey (Wed, 17 Jun 2020 01:30:34 GMT):
(If this is not the correct forum to ask these questions, I apologize and appreciate being pointed in the right direction :)

phuctu1901 (Wed, 17 Jun 2020 03:24:44 GMT):
Can I limit use time of credential verfication? I want a credential only can be used 1 times without reveal unique information?

m00sey (Wed, 17 Jun 2020 03:51:00 GMT):
@phuctu1901 are you referring to something like the prescription model `For example, in some prescription drug monitoring programs, usage monitoring is a requirement. Enforcement entities need to be able to confirm that individuals are not cheating the system to get multiple prescriptions for controlled substances. This statutory or regulatory need to correlate usage overrides individual privacy concerns.`

andrew.whitehead (Wed, 17 Jun 2020 03:55:07 GMT):
The one-time-use situation also occurs in an election, although you might allow multiple votes from the same identifier and only accept the latest one. E-currency transactions are another example. In both cases you generally need to coordinate with a central source like a blockchain/ledger, or the credential issuer

gpaliwal (Wed, 17 Jun 2020 07:01:38 GMT):
I am trying with https://github.com/bcgov/vc-authn-oidc and the DJango Demo application https://github.com/bcgov/vc-authn-oidc/tree/master/demo. I am able to run it till the Presentation verification at vc-authn-oidc side. At the DJango application playing the role of RP, it is getting redirected to OIDC_RP_AUTHENTICATION_FAILURE_REDIRECT_URI. In the mobile I get the notification that Proof is verified successfully, also in the vc-authn-oidc, I see no errors. Problems seems to at be DJango app side only. Any one faced similar issue ? Looking at the code of oidc-rp python package, it seems it is looking for bearer token. Any pointers what might be going wrong here ?

gpaliwal (Wed, 17 Jun 2020 08:44:00 GMT):
not sure what was the issue, but got it working from the repo https://github.com/swcurran/vc-authn-oidc/tree/master/demo

Diiaablo95 (Wed, 17 Jun 2020 09:47:56 GMT):
Has joined the channel.

MikeRichardson (Wed, 17 Jun 2020 11:08:20 GMT):
I would like to have a go at firing up Faber and Alice using the Sovrin Staging Net; I have registered a payment address, set up DIDs and wallets etc using indy-cli but I can't find any documentation on using the network. I understand I need to use https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_sandbox_genesis as the URL for the genesis. Is that correct?

MikeRichardson (Wed, 17 Jun 2020 11:08:51 GMT):
Also what else would I need to change in the agent config or code compared to using the VON network?

swcurran (Wed, 17 Jun 2020 13:24:08 GMT):
That's odd. I'll have to see the difference. I think my fork might be behind. @esune perhaps you can take a quick look?

Philser 1 (Wed, 17 Jun 2020 14:10:40 GMT):
Has joined the channel.

Philser 1 (Wed, 17 Jun 2020 14:10:40 GMT):
Hello everyone, short question regarding DIDComm. Regarding an exchange request, the RFC says "The Request message is encoded according to the standards of the Encryption Envelope, using the recipientKeys present in the invitation" (https://github.com/hyperledger/aries-rfcs/tree/master/features/0023-did-exchange#request-transmission) However, looking up the code in the indy aries .net framework, only creating and processing of exchange responses involve packing and unpacking. (https://github.com/hyperledger/aries-framework-dotnet/blob/master/src/Hyperledger.Aries/Features/DidExchange/DefaultConnectionService.cs#L181) I am a bit confused here. Should one always expect requests to be encrypted?

Philser 1 (Wed, 17 Jun 2020 14:11:19 GMT):
Especially in the case of implicit invitations

swcurran (Wed, 17 Jun 2020 15:26:40 GMT):
Yes -- all messages except the Out of Band (RFC 434) invitation message are encrypted. That message is not because there is not been a key exchange. A response to an implicit invitation (an unsolicited message sent based on a public DID) is encrypted using the information associated with the DID.

nc-crtr_linx (Wed, 17 Jun 2020 16:06:08 GMT):
Has joined the channel.

mccown (Wed, 17 Jun 2020 18:40:58 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (June 18th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Oliver Terbu from uPort & ConsenSys. Oliver will be presenting on the Self-Issued OpenID Connect technologies. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-06-18+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

Lucasemori (Wed, 17 Jun 2020 19:52:39 GMT):
Has joined the channel.

Lucasemori (Wed, 17 Jun 2020 19:52:40 GMT):
Hi guys, I have a big issue! Let me explain. I have two agents (Issuer, Holder). I created a credential scheme that contained some data, and I defined it so that my agent could receive and make proposals for credentials, so far so good. I decided to do a issuer credential offer test for the holder, using a json data different from the credential definition structure. And as incredible as it seems this one made an offer! I believe that it is not validating if the attribute data contains in the definition of the credential, I can access both the holder and the issuer the generated credential with a definition that does not match the data, the only thing I realized is that it cannot be issued / generated . I think this is a very important point of discussion

sklump (Wed, 17 Jun 2020 20:15:11 GMT):
You're right, it's a bug. I'll get on it tomorrow.

Lucasemori (Wed, 17 Jun 2020 20:17:49 GMT):
Great, thank you!

sklump (Wed, 17 Jun 2020 20:18:36 GMT):
Correction: it returns, but on the issuer side I get a stack trace that ends in ``` aries_cloudagent.issuer.base.IssuerError: Provided credential values are missing a value for the schema attribute 'score' ```

sklump (Wed, 17 Jun 2020 20:19:47 GMT):
with the credential exchange record in state "request_received". So it creates a hopeless offer, sends it to the holder, who makes a hopeless request. It should validate before making the offer.

m00sey (Thu, 18 Jun 2020 00:43:07 GMT):
@TelegramSam can you take a look at my question from the other day, I think you might be able to help. https://chat.hyperledger.org/channel/aries?msg=qicE52nEx58Cb7xYB

Philser 1 (Thu, 18 Jun 2020 05:36:30 GMT):
Thank you!

Philser 1 (Thu, 18 Jun 2020 05:39:58 GMT):
However, if requests based on implicit invitations are to be encrypted with the key in the DID document, in which case is there ever going to be a request for which there has not been a key exchange and thus the request message is unencrypted?

gpaliwal (Thu, 18 Jun 2020 08:36:56 GMT):
no worries, do we have any similar sample/reference implementation for the RP using reactjs or angular instead of DJango ?

x0axz (Thu, 18 Jun 2020 10:50:44 GMT):
Has joined the channel.

x0axz (Thu, 18 Jun 2020 10:53:40 GMT):
Hi all, I want to know are there any API for Aries to define schemas / credentials, create connection e.t.c. If not, any possibility that we can write APIs for that?

swcurran (Thu, 18 Jun 2020 12:28:10 GMT):
There are none in Aries. That said, the Aries frameworks that support Indy expose methods/APIs for those purposes -- ACA-Py and aries-framework-dotnet.

x0axz (Thu, 18 Jun 2020 12:29:01 GMT):
you mean ACA-Py and aries-framework-dotnet work like APIs?

x0axz (Thu, 18 Jun 2020 12:31:49 GMT):
I mean, if i want to write api in any language, and by accessing a specific route, one can define schema/credential or can get a url to connect with agent. any possibility?

swcurran (Thu, 18 Jun 2020 13:24:53 GMT):
ACA-Py yes. It exposes an HTTP interface and fires HTTP events to the controller (business logic). aries-framework-dotnet is a library embedded in an application.

RinkalBhojani (Thu, 18 Jun 2020 14:30:34 GMT):
Hi, I want to know whether aca-py and .net agent both can communicate with each other(for Credential issuance and verification flow)?

swcurran (Thu, 18 Jun 2020 15:28:41 GMT):
Yes they can.

swcurran (Thu, 18 Jun 2020 15:29:14 GMT):
We're still doing that verification manually, but soon to be automated via https://github.com/bcgov/aries-agent-test-harness

esune (Thu, 18 Jun 2020 16:44:06 GMT):
Sorry, I haven't yet had a chance to circle back - I'll try to see today if I can reproduce the issue.

esune (Thu, 18 Jun 2020 16:45:54 GMT):
We do not have a React or Angular implementation, but we have a VueJS implementation so it may help as it is still a browser-initiated authentication flow. A sample configuration can be found [here](https://github.com/esune/essential-services-delivery/blob/master/openshift/templates/issuer-web/config/esr1/dev/config.json#L9-L21). The code used by the service is the `issuer-web` component in https://github.com/bcgov/issuer-kit

esune (Thu, 18 Jun 2020 16:50:14 GMT):
Please be aware that there is additional configuration that needs to be set in `vc-authn-oidc` for the browser flow to work (e.g.: redirect URIs must be configured). Some of the changes in the latest code were implemented to ensure the proper headers were being applied to responses. For a reference of what needs to be set you can search the [IdentityServer4 docs](https://identityserver4.readthedocs.io/en/latest/).

esune (Thu, 18 Jun 2020 17:49:20 GMT):
I just ran the demo locally in docker and could not reproduce the issue - I can sign-in successfully to the demo app.

esune (Thu, 18 Jun 2020 17:49:20 GMT):
I just ran the demo locally in docker using the latest version from the bcgov repo and could not reproduce the issue - I can sign-in successfully to the demo app.

RicardoPeixoto (Thu, 18 Jun 2020 19:19:04 GMT):
Hi, when i was trying to use the tag features from the wallet records i got a problem. If i create a record with only one tag i can query it using that same tag with the wallet search. However, if i create a record with, for example, 4 tags and query it using only one of these tags, the wallet search isn't able to find the record. Is that normal or am i doing something wrong? If i create a record with 2 tags and use those 2 tags to search it is able to find the record as well.

swcurran (Thu, 18 Jun 2020 19:39:10 GMT):
Uggh...sorry about that. We need to remove/fix the tag feature. What you saw is unfortunately the way it works. There are indeed two tags per claim. One is to be able to see the claim at all (name) and the other is to be able to search the value (value). The tag feature removes both, but then you can't see the claim at all when using WQL. Our use case is that we never have to search for it, and hoped the tag feature would reduce storage, but not being able to see the claim at all is too restrictive.

swcurran (Thu, 18 Jun 2020 19:39:53 GMT):
I'll put in an issue to get that cleaned up. What was your use case? Is it worth trying to keep the name and remove the value to save space?

RicardoPeixoto (Thu, 18 Jun 2020 19:45:23 GMT):
My use case is when creating a record for the revocation registry. I want to be able to query by three distinct ways: revocation registry ID or credential definition ID or state of the revocation registry.

RicardoPeixoto (Thu, 18 Jun 2020 19:45:51 GMT):
I didn't felt this need in any other records.

swcurran (Thu, 18 Jun 2020 19:52:11 GMT):
Ah -- I'm probably talking about a different tagging feature. The one I mean is one that allows you to tune what tags are auto-created. I think you are trying to just add extra tags to a credential. I'm not sure about that. Sorry for the confusion.

swcurran (Thu, 18 Jun 2020 19:52:11 GMT):
Ah -- I'm probably talking about a different tagging feature. The one I mean is one that allows you to tune what tags are auto-created when storing a credential. I think you are trying to just add extra tags to a credential. I'm not sure about that. Sorry for the confusion.

RicardoPeixoto (Thu, 18 Jun 2020 21:15:47 GMT):
I guess i found the problem. I was using one of the tags with a boolean type. From the tests i did, i guess all tags must be strings. Even if i don't use the boolean tag in the search, the fact that i added her when creating the record makes the search not find the record.

andrew.whitehead (Thu, 18 Jun 2020 21:24:44 GMT):
That's odd, maybe it's silently failing and not adding any tags

jcourt (Thu, 18 Jun 2020 22:05:49 GMT):
In the "Preparing to Issue a Credential" section of the Aries Open API Demo, there is a comment about another tutorial being needed to walk through the steps using the Swagger Interface to create a DID etc. Did this ever get done as I seem to keep getting a 403 response whenever trying to use the ledger related endpoints with a localhost VON network, even just trying to get an existing DID is returning 403. It feels like I am missing something obvious but can't put my finger on it. Here is my aca-py startup command : PORTS="8000:8000 8001:8001" ./scripts/run_docker start --inbound-transport http 0.0.0.0 8000 \ --outbound-transport http \ --admin 0.0.0.0 8001 \ --admin-insecure-mode \ --log-level 'debug' \ --endpoint http://localhost:8000 \ --genesis-url http://192.168.65.3:9000/genesis \ --seed SecretKey00000000000000000000000

andrew.whitehead (Thu, 18 Jun 2020 22:23:47 GMT):
I think it needs an indy wallet configured, `--wallet-type indy`

jcourt (Thu, 18 Jun 2020 22:31:43 GMT):
Thanks Andrew, I looked at the Faber code but couldn't click to what I wasn't doing that it was.

jcourt (Thu, 18 Jun 2020 22:33:54 GMT):
At the very least that is now letting me get the taa so that was at least my initial issue

jcourt (Fri, 19 Jun 2020 01:55:38 GMT):
Another crazy question, am I correct in assuming that ACA-py has no way of updating a DID through the Admin interface ? I can create a DID with register-nym but there is no ability to specify an endpoint in that interface and no other ledger api that can update it as far as I can see ?

andrew.whitehead (Fri, 19 Jun 2020 02:08:29 GMT):
That's probably true, at the moment it expects you to pass in the endpoint for the public DID when it starts up, and it publishes that one if it has changed. It should probably store the endpoint as metadata on the DID record

jcourt (Fri, 19 Jun 2020 02:10:56 GMT):
I noticed it will happily update the existing public DID endpoint if it has changed, on startup. So it has the capability. I wonder though if a more generic solution would be to allow the metadata on the /ledger/register-nym and an update method as well since it has a get method for /ledger/did-endpoint

jcourt (Fri, 19 Jun 2020 02:11:42 GMT):
Thanks for clarifying

andrew.whitehead (Fri, 19 Jun 2020 02:12:00 GMT):
Would be good to add some functionality for that

jcourt (Fri, 19 Jun 2020 02:19:44 GMT):
I will see if we can carve out some time to look into this at some point if you don't get to it.

swcurran (Fri, 19 Jun 2020 12:37:12 GMT):
Great if you could add an issue with some details on the needs.

gpaliwal (Fri, 19 Jun 2020 13:16:41 GMT):
I think, I figured out what the problem is. I have setup the DJango project on the ubuntu machine and accessing the app using the machine IP. In the later stage of the overall flow when the URL http://XXXX//oidc/auth/cb/?code=YYYY tried to redirect it to the redirect URL, it is not able to setup the response headers. At this stage I don't see any errors in the DJango logs or in the vc-oidc logs.

gpaliwal (Fri, 19 Jun 2020 13:17:44 GMT):
I did one minor change in this setup, using the ngrok to access this application, and then everything works fine, I can see response headers are getting populated correctly

gpaliwal (Fri, 19 Jun 2020 13:18:26 GMT):
does it have any thing to do with django-oidc-rp configurations

gpaliwal (Fri, 19 Jun 2020 13:19:14 GMT):
I have ALLOWED_HOSTS = ["*"] in the DJnago settings

esune (Fri, 19 Jun 2020 16:13:51 GMT):
It's honestly hard to say without having the same setup to look at. It is likely some endpoint naming mismatch when using the machine IP address rather than the pre-defined docker networking and the service ports exposed on localhost by docker-compose

mboyd (Fri, 19 Jun 2020 18:15:49 GMT):
Hi all, I've made a first pass implementation of the [Propose Presentation](https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof#propose-presentation) message exchange for the Present Proof aries protocol. This will let wallet holders propose verification of their credentials to verifiers, and let verifiers to create a proof request from that proposal. Feel free to review [the PR](https://github.com/hyperledger/aries-framework-dotnet/pull/101) and leave feedback. Happy to chat more about it here or in the comments. Which other frameworks have implemented this message, if any? The implementor's section within is a little lonely right now. I've also made 2 additions in the Presentation Preview message format: - Added schema_id and issuer_did to each proposed_attribute and proposed_predicate object

mboyd (Fri, 19 Jun 2020 18:15:49 GMT):
Hi all, I've made a first pass implementation of the [Propose Presentation](https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof#propose-presentation) message exchange for the Present Proof aries protocol. This will let wallet holders propose verification of their credentials to verifiers, and let verifiers to create a proof request from that proposal. Feel free to review [the PR](https://github.com/hyperledger/aries-framework-dotnet/pull/101) and leave feedback. Happy to chat more about it here or in the comments. Which other frameworks have implemented this message, if any? The implementor's section within is a little lonely right now. I've also made 2 additions in the Presentation Preview message format: - Added `schema_id` and` issuer_did` to each `attribute` and `predicate` object - Added a referent to the predicate object to identify it in the proof request

mboyd (Fri, 19 Jun 2020 18:15:49 GMT):
Hi all, I've made a first pass implementation of the [Propose Presentation](https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof#propose-presentation) message exchange for the Present Proof aries protocol. This will let wallet holders propose verification of their credentials to verifiers, and let verifiers create a proof request from that proposal. Feel free to review [the PR](https://github.com/hyperledger/aries-framework-dotnet/pull/101) and leave feedback. Happy to chat more about it here or in the comments. Which other frameworks have implemented this message, if any? The implementor's section within is a little lonely right now. I've also made 2 additions in the Presentation Preview message format: - Added `schema_id` and` issuer_did` to each `attribute` and `predicate` object - Added a referent to the predicate object to identify it in the proof request

sklump (Fri, 19 Jun 2020 18:18:51 GMT):
There is no reason not to set the cred def id per attribute or predicate: the holder has the credentials with which to create proof, so there is no use in being coy.

sklump (Fri, 19 Jun 2020 18:20:07 GMT):
If the cred def id is not set, it means to propose a self-attested attribute

sklump (Fri, 19 Jun 2020 18:20:26 GMT):
If the cred def id is not set, it means to propose a self-attested attribute

mboyd (Fri, 19 Jun 2020 18:20:27 GMT):
I agree. However, not including the cred_def_id will imply to the verifier that it is a self-attested attribute. I think there could be a more clear way of specifying this, but it's at least concise

jugma (Fri, 19 Jun 2020 18:21:16 GMT):
Can Aries be hosted on Amazon Cloud

sklump (Fri, 19 Jun 2020 18:21:34 GMT):
Au contraire, it is less concise: it has extraneous info that is not the cred def id and implies self-assertion, hence with no need of schema id, issuer id, et al surely?

sklump (Fri, 19 Jun 2020 18:22:06 GMT):
Not trying to be obtuse but just not understanding why one would stray from a standard that has been steady for over a year

sklump (Fri, 19 Jun 2020 18:25:59 GMT):
Self-attested attributes do not need to come from any credentials after all

mboyd (Fri, 19 Jun 2020 18:28:25 GMT):
I'm confused - are you critiquing the spec or my implementation of it?

sklump (Fri, 19 Jun 2020 18:28:35 GMT):
As far as predicate referents go, there is no indy-sdk equivalent to the functionality in predicate referent specifications within proof-requests: https://github.com/hyperledger/indy-sdk/blob/master/wrappers/python/indy/anoncreds.py#L1151 contrast https://github.com/hyperledger/indy-sdk/blob/f5aca7b5699a7366b74cefa23bc4ab4d6b29dcdc/wrappers/python/indy/anoncreds.py#L1164 i.e., "names"

mboyd (Fri, 19 Jun 2020 18:28:35 GMT):
or both? 🙃

sklump (Fri, 19 Jun 2020 18:29:02 GMT):
It is possible I do not understand what you are talking about I suppose

sklump (Fri, 19 Jun 2020 18:31:11 GMT):
Two distinct items: * what good does specifying schema-id, issuer-id, or any other restriction content on a self-attested attribute? * the (optional) referent for a preview attribute ties back to indy-sdk functionality that is not present in predicate logic - so it can only present a distinction without a differenct

sklump (Fri, 19 Jun 2020 18:33:19 GMT):
(the 'referent' in attr spec made a distinction between e.g., 'I propose to prove a name and an address' vs. 'I propose to prove name and address from same credential'

sklump (Fri, 19 Jun 2020 18:33:19 GMT):
(Historical note: the 'referent' in attr spec made a distinction between e.g., 'I propose to prove a name and an address' vs. 'I propose to prove name and address from same credential')

sklump (Fri, 19 Jun 2020 18:33:19 GMT):
_(Historical note: the 'referent' in attr spec made a distinction between e.g., 'I propose to prove a name and an address' vs. 'I propose to prove name and address from same credential')_

tomislav (Fri, 19 Jun 2020 20:06:31 GMT):
I wasn't following the discussion when this proposal was created, so I'm wondering. Why not just allow the proposer to use the same proof request object, while the other party just fills in the nonce and verifies if they're ok with it? The proposal message would then use standard attachment decorator to remove the indy-isms from the spec.

tomislav (Fri, 19 Jun 2020 20:08:34 GMT):
Holder - prepares proof request per indy structure allowing to propose any combination of restrictions or non-revocations - sends that as attachment with mime type over Aries Verifier - unpacks, fills in challenge, sends back message.

swcurran (Fri, 19 Jun 2020 21:54:35 GMT):
If you look at the PR for the v2.0 format, that's the approach taken. At least the use of the attachment. I'm not solid on the exact format of an Indy Proof request, so not certain of what is in that. Either way, great if you can review the PR: https://github.com/hyperledger/aries-rfcs/pull/486

rjones (Fri, 19 Jun 2020 22:17:20 GMT):
Has left the channel.

x0axz (Sat, 20 Jun 2020 11:52:22 GMT):
@swcurran @tomislav hi, can I write api in python and connect it with aries-dotnet framework, through routes can perform actions such as define schemas (on ledger) or issue credentials (to holder) etc? if yes, then can u give a little idea? and is there any implementation or docs to follow?

tomislav (Sat, 20 Jun 2020 14:07:25 GMT):
Yes, both acapy and aries .net have samples of how to create an API inside the code repos. Additionally, acapy has a full swagger UI for invoking agent endpoints.

tomislav (Sat, 20 Jun 2020 14:25:39 GMT):
I started a comment on the PR about this. Thanks @swcurran

x0axz (Sat, 20 Jun 2020 16:30:48 GMT):
@tomislav thanks for response.. can u please send me the link of that 'samples of how to create an API' in .net?

tomislav (Sat, 20 Jun 2020 16:33:55 GMT):
APi's in .NET can be created using the ASP.NET MVC packages or Controllers. Here's some samples of endpoints that facilitate connection flows. https://github.com/hyperledger/aries-framework-dotnet/tree/master/samples/aspnetcore/Controllers Some docs on creating API's in .NET - https://docs.microsoft.com/en-us/aspnet/core/tutorials/first-web-api?view=aspnetcore-3.1&tabs=visual-studio

phuctu1901 (Sat, 20 Jun 2020 16:52:19 GMT):
Suppose the election requires information on the identity card: address, year of birth. The information is not unique so it is not known exactly who is voting, which protects the privacy of voters. I do not want voters to give information on ID numbers (A unique information) Because of that, I can not know that this person has conducted the election yet? I'm not sure I can do that :(

BlockMan (Mon, 22 Jun 2020 09:47:55 GMT):
Has joined the channel.

BlockMan (Mon, 22 Jun 2020 09:47:55 GMT):
How can we build peer to peer live chat messaging using hyperledger aries?

TimoGlastra (Mon, 22 Jun 2020 12:13:35 GMT):
At the moment there is only the basic message protocol (https://github.com/hyperledger/aries-rfcs/tree/master/features/0095-basic-message), which is a very simple protocol allowing two agents to exchange messages. You could build a simple chat application using this protocol. Because this protocol is so simple, it is implemented in almost all aries frameworks. However if you want to build a robust chat application you would probably be better of creating a new protocol which explicitly adds support for things such as read receipts, emoji-responses group messages, and other things as listed in the out of scope section of the basic message protocol (https://github.com/hyperledger/aries-rfcs/tree/master/features/0095-basic-message#out-of-scope)

TimoGlastra (Mon, 22 Jun 2020 12:13:35 GMT):
At the moment i'm only aware of the basic message protocol (https://github.com/hyperledger/aries-rfcs/tree/master/features/0095-basic-message), which is a very simple protocol allowing two agents to exchange messages. You could build a simple chat application using this protocol. Because this protocol is so simple, it is implemented in almost all aries frameworks. However if you want to build a robust chat application you would probably be better of creating a new protocol which explicitly adds support for things such as read receipts, emoji-responses group messages, and other things as listed in the out of scope section of the basic message protocol (https://github.com/hyperledger/aries-rfcs/tree/master/features/0095-basic-message#out-of-scope)

WadeBarnes (Mon, 22 Jun 2020 17:36:07 GMT):
We have a new channel for anyone working with Aries in the embedded space; #aries-embedded

x0axz (Mon, 22 Jun 2020 19:07:48 GMT):
hi @swcurran @tomislav, here are few questions: 1) Where does private and public key stores? in wallet? not on ledger? 2) What exactly stores in Wallets? 3) @swcurran, You once said "No data is sent to the Blockchain. Ever. It is only used for DIDs, schema/credential metadata and revocation information." What do u mean by metadata? 4) Can you please explain the credential verification flow, issuer-verifer-holder? 4a) Without having information about credentials (it isn't stored on ledger, only store in holder wallet), how will verifer confirms (verify) that these credentials are same as they were issued by issuer? I mean what if holder received credentials, changes later, how will verifer/issuer know that?

swcurran (Tue, 23 Jun 2020 00:23:27 GMT):
1. All that you create or receive go in your wallet. Public DIDs that you create also go in the ledger. DIDs you receive from others may be on a ledger or not. DIDs from VC issuers will be on a ledger (public) and your agent may or may not store them. 2. Indy wallets store: DIDs, the private keys associated with DIDs you create, other ledger transactions that you create (schema, credential definitions, revocation registries, revocation entries). 3. The "metadata" are the objects needed to prove and verify claims from credentials. That means in Indy -- schema, credentials definitions, RevRegs and RevEntries). 4. - Issuer creates DID, schema (or reuses an existing one), Credential Definition (public keys per claim, pointer to Issuers DID, pointer to Schema) - Issuer optionally creates a Revocation Registries (if creds will be revocable) which has a pointer to the CredDef. - Issuer offers a credential to the Holder; Holder requests the credential, providing a blinded link secret; Issuer issues credential to the Holder. - the credential references the CredDef (points to schema and Issuer DID), is signed by the Issuer DID private key, each claim is signed using the keys in the - CredDef, the Holder gets a credential ID (for revocation) - Verifier sends a proof request to the Holder with the list of claims they want proven. Claims have restrictions about the credentials they can come from (e.g. what schema, what Cred Def, what issuers, etc.) - Prover finds credentials that meet the criteria in the cred def and constructs a proof. - They prove they have the link secret that proves the credentials were issued to them. - The DID and signature on each claims prove they were issued by the issuer - The signing of each claim using the CredDef keys prove they were not tampered with. - If revocable, the Prover creates a "Proof of non-revocation" to show the claims are from credentials that are not revoked. - Verifier gets the Cred Def from the ledger, the schema from the ledger, the Issuer DID from the ledger and uses those to verify the proofs from the Prover. Revocation is a little more complicated and there is detail available here: https://github.com/hyperledger/indy-hipe/tree/master/text/0011-cred-revocation Hope that helps.

swcurran (Tue, 23 Jun 2020 00:26:41 GMT):
BTW - I don't say that once -- I've said it many times :-)

x0axz (Tue, 23 Jun 2020 03:19:16 GMT):
Thanks :)

seriousmountain (Tue, 23 Jun 2020 10:24:02 GMT):
Has joined the channel.

seriousmountain (Tue, 23 Jun 2020 11:41:27 GMT):
@swcurran : As you previously mentioned, the DID & signature on each claim prove they were issued by the issuer. Is my understanding right that the actual cryptographic verification of the signatures on the claims is implemented through Hyperledger Ursa and the CL signature schemes/ Anoncreds protocol?

swcurran (Tue, 23 Jun 2020 12:42:59 GMT):
Yes.

seriousmountain (Tue, 23 Jun 2020 12:49:39 GMT):
Thanks! :)

jangerritharms (Tue, 23 Jun 2020 13:57:48 GMT):
Has joined the channel.

jangerritharms (Tue, 23 Jun 2020 14:19:18 GMT):
HI all, I was wondering whether in Aries there is any specification on how an application's frontend (e.g. web or mobile) should interact with agents. I have seen the `Out-of-band` rfc for establishing the connection between the user's agent and the "enterprise" cloud agent. But how would the frontend be updated on changes in the relationship of the two agents for example after a presentation was sent and acknowledged or a verifiable credential has been received?

Alexi (Tue, 23 Jun 2020 16:18:07 GMT):
Hey all I was wondering if anyone knows if there is any issue with using an MIT license rather than the apache license if one wants to contribute a project to hyperledger aries?

BlockMan (Tue, 23 Jun 2020 16:20:26 GMT):
Thanks a lot.

swcurran (Tue, 23 Jun 2020 16:34:08 GMT):
@rjones --- can you answer this or do you know someone that can?

TelegramSam (Wed, 24 Jun 2020 13:59:20 GMT):
I agree. The list-pickup and list-response were messages advocated by another.

TelegramSam (Wed, 24 Jun 2020 14:00:45 GMT):
For an Agent with a UI, the same piece of software usually speaks 'agent' from one end and 'UI' from the other. It's the same piece of software, and not usually another module or app.

jangerritharms (Wed, 24 Jun 2020 15:21:47 GMT):
@TelegramSam Thanks for responding. Probably I had a wrong model in mind. I thought a web app would talk directly to a user's agent (similar to how a dApp communicates with MetaMask) where as the intended architecture is probably that a web app talks to an app's backend that integrates with that app's cloud agent. And that cloud agent communicates with a user's cloud/edge agent. So how the app's frontend communicates with the app's backend is outside the scope of Aries specifications. Does that sound right?

swcurran (Wed, 24 Jun 2020 15:32:30 GMT):
Yes. We (BC Gov) have a couple of apps that do that sort of interaction. Any agent has a controller component that is the business logic. In what we have done so far, that's been embedded in an API service that also talks to a frontend webapp and the controller interacts between the two -- and handles any backend persistence. So basically, you have an extended web service, a web frontend. The web service is also the controller part of the agent, that is talking to an agent framework. BC Gov's issuer kit and the email verification service are examples of that -- https://github.com/bcgov/issuer-kit https://github.com/bcgov/indy-email-verification

swcurran (Wed, 24 Jun 2020 15:32:30 GMT):
Yes. We (BC Gov) have a couple of apps that do that sort of interaction. Any agent has a controller component that is the business logic. In what we have done so far, that's been embedded in an API service that also talks to a frontend webapp and the controller interacts between the two -- and handles any backend persistence. So basically, you have an extended web service and a web frontend. The web service is also the controller part of the agent, that is talking to an agent framework (e.g. ACA-Py). BC Gov's issuer kit and the email verification service are examples of that -- https://github.com/bcgov/issuer-kit https://github.com/bcgov/indy-email-verification

x0axz (Wed, 24 Jun 2020 15:52:44 GMT):
hello @swcurran, can you please clear my thought on that; I (the verifier) wants to verify the credentials of holder, which was issued by Issuer. But I don't want to view/receive any credential from holder, but still be able to verify it that these credentials were issued by Issuer and the holder didn't change any credential.

TelegramSam (Wed, 24 Jun 2020 15:53:48 GMT):
it is, at least so far. The split between agent and UI is more common in the enterprise agent space, less common on the end-user (often mobile app) space.

jangerritharms (Wed, 24 Jun 2020 16:04:02 GMT):
Got it, thanks! @swcurran Very useful links, thanks a lot.

m00sey (Thu, 25 Jun 2020 00:36:02 GMT):
Once the PR is merged, my plan is to create a PR transitioning to demonstarted without these calls. should I create a pr against the rfcs removing these apis - they can always be added later if the need arises ?

m00sey (Thu, 25 Jun 2020 00:36:02 GMT):
Once the PR is merged, my plan is to create a PR transitioning to demonstrated without these calls. should I create a pr against the rfcs removing these apis - they can always be added later if the need arises ?

romeu (Thu, 25 Jun 2020 07:52:32 GMT):
Has joined the channel.

martinezg (Thu, 25 Jun 2020 07:58:44 GMT):
Has joined the channel.

raish (Thu, 25 Jun 2020 08:02:23 GMT):
Has joined the channel.

vela (Thu, 25 Jun 2020 08:15:08 GMT):
Has joined the channel.

c2bo (Thu, 25 Jun 2020 08:18:35 GMT):
Has joined the channel.

TelegramSam (Thu, 25 Jun 2020 15:26:28 GMT):
if you raise the PR it will prompt the discussion. :)

TelegramSam (Thu, 25 Jun 2020 15:27:01 GMT):
section was added by denizgunseli and dgunseli on github. Mention them in the PR?

TelegramSam (Thu, 25 Jun 2020 15:27:09 GMT):
or in an issue?

m00sey (Thu, 25 Jun 2020 16:05:41 GMT):
Yeah sounds good, thanks for digging out the info.

ianco (Thu, 25 Jun 2020 17:54:30 GMT):
Hi folks, just wondering what are the options for a mediator for a mobile agent? I know MAX includes a mediator based on the .NET framework (https://github.com/hyperledger/aries-mobileagent-xamarin), what other mediators are available as open source?

lohan.spies (Thu, 25 Jun 2020 18:49:32 GMT):
Here is another - https://github.com/AbsaOSS/vcxagencynode

TimoGlastra (Thu, 25 Jun 2020 20:02:22 GMT):
Framework Go can also be used as a mediator (https://github.com/hyperledger/aries-framework-go/blob/master/docs/didcomm_mediator.md)

anomepani (Fri, 26 Jun 2020 03:05:10 GMT):
Has joined the channel.

anomepani (Fri, 26 Jun 2020 03:07:31 GMT):
@tomislav Is there any documentation for aries dotnet framework. I have reviewed repository have lots of functionality but not able to understand which method to call which class to use. Could you suggest any documentation?

pablo-arribas-unicc (Fri, 26 Jun 2020 05:39:37 GMT):
Has joined the channel.

swcurran (Sun, 28 Jun 2020 14:05:31 GMT):
FYI: Aries Cloud Agent - Python Release 0.5.2 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.5.2. Lots to go over here: - Lots of new error handling to make it easier to understand what happened when errors occur. - New DID operations for local DIDs, and DID rotation - Updates and improvements to the credential exchange protocols, including improvements to revocation - Support for the new Out of Band protocol to support community migration away from the existing connection and ephemeral challenge methods. - Endpoints for signing and verifying JSON-LD credentials Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/

jugma (Sun, 28 Jun 2020 14:23:46 GMT):
How do I locate a particular Aries transaction in the von-network

WadeBarnes (Sun, 28 Jun 2020 14:58:08 GMT):
Using the agent's DID to search.

jugma (Sun, 28 Jun 2020 16:44:23 GMT):
In the Greenlight Dev Ledger if I select the "Domain" what do I select as the filter (NODE, NYM etc.). Thank you.

swcurran (Sun, 28 Jun 2020 16:51:51 GMT):
Depends what you are searching for on the ledger. "NYM" is the same as DID, so if you are looking for a DID, use that. If you are doing something like finding all the Schema created by a particular DID -- find the DID, copy the text of the DID, filter on Schema, paste the DID into the search and you find the schema created by the DID. The filtering by object type focuses on those, adding a search term looks at all the data attributes associated with a transaction.

jugma (Sun, 28 Jun 2020 17:38:21 GMT):
Thank you. That worked.

SethiSaab (Sun, 28 Jun 2020 20:02:10 GMT):
Hi Team , I want to achieve connection less receiving of credentials in my wallet . I don't want to accept invtitation req or create connection request everytime , in my use case i want issuer to directly send credentials to my wallet . How can i achieve that?

SethiSaab (Sun, 28 Jun 2020 20:02:31 GMT):
Thanks :)

swcurran (Sun, 28 Jun 2020 23:17:10 GMT):
The issuer has to offer the functionality, and the wallet you are using has to support it. I'm not sure where the entire flow is documented, but it uses the `~service` decorator that is documented in aries-rfcs. The Trinisic Issuer and Wallet support the functionality. I think that ACA-Py supports issuing, but does not have any deployments that I'm aware of that uses the functionality. To confirm support, please ask on the ACA-Py channel if you are interested. The new Out of Band RFC makes both using connection-less messages easier, and allows connections to be reused, which is a significant shortcoming in the currently used RFCs.

thinhnnd (Mon, 29 Jun 2020 01:32:14 GMT):
Does ZKP work with floating point. Suppose Faber issue for Alice a Degree Credential that has an attribute "*score*" with value "*7.5*". Acme Corp sends a poof request has a predicate that requires *score >= 7*. As I tried, the Trinsic Wallet app showed an error dialog "Invalid Proof Request - Some thing went wrong while trying to display the Proof Request" when I touch the Proof Request Notification.

thinhnnd (Mon, 29 Jun 2020 01:32:14 GMT):
Does ZKP work with floating point? Suppose Faber issue for Alice a Degree Credential that has an attribute "*score*" with value "*7.5*". Acme Corp sends a poof request has a predicate that requires *score >= 7*. As I tried, the Trinsic Wallet app showed an error dialog "Invalid Proof Request - Some thing went wrong while trying to display the Proof Request" when I touch the Proof Request Notification.

swcurran (Mon, 29 Jun 2020 02:42:37 GMT):
I would guess not, but am not certain. The encoding by the issuer must be known by the verifier for predicates to work, and I believe (others can check me) all the encodings must be integers. That means that the claim must be encoded as an integer. Further, that means that any non-integer must be encoded into an order integer matching the source. This means, for example, that dates can't be strings but instead have to be encoded as integers using something like Unix epoch. Strings are usually encoded by issuers as a hash of the string. For float to work, it would have to be converted to an integer in the same way by both the issuer and the verifier.

RimAbdallah (Mon, 29 Jun 2020 13:36:58 GMT):
hello, i hope you are doing welll, i have a question about the proof exchange process. When we send a proof request we have requested attributes and requested predicates to fill. If I fill both of those i can send a proof request and my holder can send a proof presentation even if in the proof presentation the requested predicate = {} otherwise if i only fill requested attributes and leave requested predicates = {} when sending the proof request from the verifier, the holder when he tries to share his proof presentation result in a predicate error. {"connection_id": "fcdf3d31-6f8b-46d4-ac91-288fc57907ed", "proof_request": { "name": "Proof request", "version": "1.0", "nonce": "1234567890", "requested_predicates": { "additionalProp1": { "p_value": 0, "name": "index", "p_type": ">=", "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } }, "requested_attributes": { "additionalProp1": { "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "name": "code", "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } } }, "comment": "string", "trace": true }

RimAbdallah (Mon, 29 Jun 2020 13:37:52 GMT):
hello, i hope you are doing welll, i have a question about the proof exchange process. When we send a proof request we have requested attributes and requested predicates to fill. If I fill both of those i can send a proof request and my holder can send a proof presentation even if in the proof presentation the requested predicate = {} otherwise if i only fill requested attributes and leave requested predicates = {} when sending the proof request from the verifier, the holder when he tries to share his proof presentation result in a predicate error. {"connection_id": "fcdf3d31-6f8b-46d4-ac91-288fc57907ed", "proof_request": { "name": "Proof request", "version": "1.0", "nonce": "1234567890", "requested_predicates": { "additionalProp1": { "p_value": 0, "name": "index", "p_type": ">=", "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } }, "requested_attributes": { "additionalProp1": { "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "name": "code", "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } } }, "comment": "string", "trace": true }

RimAbdallah (Mon, 29 Jun 2020 13:43:13 GMT):
hello, i hope you are doing welll, i have a question about the proof exchange process. example of proof request : {"connection_id": "fcdf3d31-6f8b-46d4-ac91-288fc57907ed", "proof_request": { "name": "Proof request", "version": "1.0", "nonce": "1234567890", "requested_predicates": { "additionalProp1": { "p_value": 0, "name": "index", "p_type": ">=", "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } }, "requested_attributes": { "additionalProp1": { "restrictions": [ { "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_name": "try", "schema_id": "A9A3zmbBnPT6RcrKvTf9q7:2:try:1.0", "issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "credential_definition_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default", "schema_issuer_did": "A9A3zmbBnPT6RcrKvTf9q7", "schema_version": "1.0" } ], "name": "code", "non_revoked": { "from_epoch": 1590659194, "to_epoch": 1590659194 } } } }, "comment": "string", "trace": true } example of presentation : { "requested_predicates":{}, "trace" : true, "self_attested_attributes:{} "requested_attributes":{ "additionalProp1":{ "revealed":true, "cred_def_id": "A9A3zmbBnPT6RcrKvTf9q7:3:CL:8:default" } } } When we send a proof request we have requested attributes and requested predicates to fill. If I fill both of those i can send a proof request and my holder can send a proof presentation even if in the proof presentation the requested predicate = {} as shown in the code above otherwise if i only fill requested attributes and leave requested predicates = {} when sending the proof request from the verifier, the holder when he tries to share his proof presentation result in a predicate error.

Alexi (Mon, 29 Jun 2020 14:33:26 GMT):
does anyone know what happened to the IOS wrappers? https://jenkins.hyperledger.org/ is not available anymore and the last build on https://repo.sovrin.org/ios/libindy/master/indy-objc/ is two years old

Alexi (Mon, 29 Jun 2020 14:34:15 GMT):
Hey @rjones just wanted to follow up on this. Thanks!

swcurran (Mon, 29 Jun 2020 16:51:22 GMT):
Hey folks, FYI that BC Gov maintains Docker images for VON-Network (indy-node) and Aries Cloud Agent (with the latest Indy SDK). These are maintained, updated with each release and are used as the basis for our deployments. Both have been updated recently for the latest Indy Node release (1.15) and ACA-Py (0.5.2). You can look at the tags to see the latest and the history of the images. If you want to use them, check out: - VON Image -- https://hub.docker.com/r/bcgovimages/von-image - Aries Cloud Agent -- https://hub.docker.com/r/bcgovimages/aries-cloudagent

andrew.whitehead (Mon, 29 Jun 2020 16:55:07 GMT):
I don't really understand the issue. Is it preventing you from doing something?

swcurran (Mon, 29 Jun 2020 18:31:05 GMT):
@jljordan_bcgov is away this week, but wanted to mention: Congratulations to the ANIMO team (including @TimoGlastra ) from the Netherlands on being selected for the BC Gov "Code With Us" opportunity to build an Aries Agent Test Harness backchannel for the Aries Framework .NET. A number of impressive applications were received, reflecting the maturing of this space. Thanks to all that applied. We look forward to the contributions from ANIMO to the project and repo.

swcurran (Mon, 29 Jun 2020 18:31:05 GMT):
@jljordan_bcgov is away this week, but I wanted to mention: Congratulations to the ANIMO team (including @TimoGlastra ) from the Netherlands on being selected for the BC Gov "Code With Us" opportunity to build an Aries Agent Test Harness backchannel for the Aries Framework .NET. A number of impressive applications were received, reflecting the maturing of this space. Thanks to all that applied. We look forward to the contributions from ANIMO to the project and repo.

TimoGlastra (Mon, 29 Jun 2020 18:48:37 GMT):
Thanks @swcurran , and hi everyone. Me, @AnaGoessens and @karimStekelenburg1 are excited to work with the Aries community and will start implementing in the coming week.

AnaGoessens (Mon, 29 Jun 2020 18:48:37 GMT):
Has joined the channel.

karimStekelenburg1 (Mon, 29 Jun 2020 18:48:37 GMT):
Has joined the channel.

mapa 5 (Tue, 30 Jun 2020 04:53:12 GMT):
Has joined the channel.

mapa 5 (Tue, 30 Jun 2020 04:53:12 GMT):
hhi guys can you guys point me to the right direction on how to get started

RimAbdallah (Tue, 30 Jun 2020 08:31:43 GMT):
Is it normal that the requested predicates in the proof request is different than what is given in the proof presentation ?

swcurran (Tue, 30 Jun 2020 13:05:12 GMT):
On Aries? That's a pretty open-ended question :-). If you are a dev, there is a course on Aries. https://www.edx.org/course/becoming-a-hyperledger-aries-developer

discoverer (Wed, 01 Jul 2020 00:55:17 GMT):
Has joined the channel.

x0axz (Wed, 01 Jul 2020 11:25:27 GMT):
Hi all, I followed this commit (https://github.com/hyperledger/aries-mobileagent-xamarin/commit/cb56d53f4e8a3da45cefa65503960b9e52e71099).. but still getting this error .. if u guide me where I'm missing something ```Hyperledger.Indy.PoolApi.PoolConfigNotCreatedException: 'The requested pool cannot be opened because it does not have an existing configuration.'``` but when I set `options.PoolName = "bcovrin-test";` or any pool in the list (4 pools).. then it returns this error ```Hyperledger.Indy.IndyException: 'An unmapped error with the code '309' was returned by the SDK.'```

x0axz (Wed, 01 Jul 2020 11:25:54 GMT):
but when I set `options.PoolName = "bcovrin-test";` or any pool in the list (4 pools).. then it returns this error ```Hyperledger.Indy.IndyException: 'An unmapped error with the code '309' was returned by the SDK.'```

x0axz (Wed, 01 Jul 2020 11:25:54 GMT):
but when I set `options.PoolName = "bcovrin-test";` or any pool in the list (4 pools).. then it return this error ```Hyperledger.Indy.IndyException: 'An unmapped error with the code '309' was returned by the SDK.'```

vela (Wed, 01 Jul 2020 12:46:34 GMT):
Hi all, We want to develop a mobile application to manage the user wallet and store its credentials and we are trying to do in ReactNative. We know there is a really mature .NET framework, but as we want to go ReactNative, it would be a problem to integrate it. We have also seen a javascript framework but it does not seem production ready, and it has Node dependencies, which is a problem for mobile development. Would it be possible to use vcx (https://github.com/hyperledger/indy-sdk/tree/master/vcx) to manage the mobile communications with the agencies Aries Cloud Agents (mobile -> vcx > Internet -> Organizations Aries Cloud Agent) or vcx does not support yet ACA-py? It is a recommended approach?

jugma (Wed, 01 Jul 2020 13:31:13 GMT):
Is there a way of changing the node names in the von Network i.e. instead of Node 1, Node 2, Node 3, Node 4 can I give different names. If so how can I do it. Thank you in advance.

TelegramSam (Wed, 01 Jul 2020 18:16:18 GMT):
I know that Indicio.tech has some early work going on in ReactNative. It's worth coordinating with @kenebert to avoid duplication of that effort.

mccown (Wed, 01 Jul 2020 18:49:21 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (July 2nd @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Oliver Terbu from uPort & ConsenSys. Oliver will be presenting on the Self-Issued OpenID Connect Provider (SIOP) DID Profile. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-07-02+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

TelegramSam (Wed, 01 Jul 2020 19:05:45 GMT):
WG meeting on now!

TelegramSam (Wed, 01 Jul 2020 19:05:51 GMT):
https://wiki.hyperledger.org/pages/viewpage.action?pageId=31204164

danielhardman (Wed, 01 Jul 2020 20:35:16 GMT):
@ngeorge asked questions about media in credentials during our last Aries community call. He wanted to know who might be working on it, and what their thinking has been. I'm attaching a doc that's a brain dump of where Evernym is.

ngeorge (Wed, 01 Jul 2020 20:35:16 GMT):
Has joined the channel.

danielhardman (Wed, 01 Jul 2020 20:35:36 GMT):

Copy of PoA_ Media in Credentials.pdf

discoverer (Thu, 02 Jul 2020 03:00:54 GMT):
thank you for creating those edx courses- you guys are doing great work. I went through both courses. I still haven't figured following. I believe these are documented somewhere but I am having trouble finding right document to refer - kindly advise when you have moment. 1. How are Aries Agent's private keys generated and managed? 2. Is there way to secure ACA-Py APIs?Currently it seems APIs can be accessed by anyone who knows the URLs 3. State (i.e. Framework is Production Ready or under development etc.) of various Aries Frameworks (SDKs, APIs, Python, Javascripts, Go etc.). All the labs use ACA-Py APIs. Is state of all these frameworks summerized somewhere? 4. Indy Ledger - based on the use case, is it advisable to Setup Private Ledger?If yes, where can I find documentation to setup Production private ledger?

romeu (Thu, 02 Jul 2020 06:21:53 GMT):
Thanks @TelegramSam . We will try to get in touch with @kenebert

sheru (Thu, 02 Jul 2020 08:20:58 GMT):
Hey everyone Good Morning. I am able to send basic message and receive the message in the cloud-agent via web-hook but trying to receive the basic message in the AMAX Mobile APP. But still fighting with this. I haven't found any test cases for this as of now. Can anyone please guide me on this. Thanks

mapa 5 (Thu, 02 Jul 2020 08:24:53 GMT):
hi guys im creating my own wallet in flutter and Rust FFI is their an implementation on rust interaction with aries cloud agent ?

mapa 5 (Thu, 02 Jul 2020 08:25:00 GMT):
if not can i create it. ?

AnneGoellnitz (Thu, 02 Jul 2020 08:33:54 GMT):
Has joined the channel.

jshim10 (Thu, 02 Jul 2020 12:58:42 GMT):
Has joined the channel.

jshim10 (Thu, 02 Jul 2020 12:58:42 GMT):
Hello guys, I have a question. Is there a standalone Aries mobile agent without cloud agent?

jshim10 (Thu, 02 Jul 2020 12:59:22 GMT):
Or can you have a mobile agent storing credentials and keys?

swcurran (Thu, 02 Jul 2020 13:54:18 GMT):
@jshim10 -- A mobile app (any mobile app) cannot receive messages from others. Mobile apps can only request data. As such, a "no cloud agent wallet" is not really practical except under extremely limited circumstances. Any agent with which the mobile app communicated would have to queue up any messages for wallet, and wait until the wallet asked for the messages using HTTP and the "Transport Return Route" protocol --- getting the messages in the response to an HTTP request. And no wallet could message other wallets. This is not scalable. It might work for an enclosed ecosystems --- all wallets message only messaging with known server-based agents.

jshim10 (Thu, 02 Jul 2020 14:43:47 GMT):
Then can (mobile) wallets share a cloud agent? When I try to implement, I found out that I would need to create a process (or docker) for a user. For ten thousand users, ten thousand cloud agents seems not scalable to me.

TelegramSam (Thu, 02 Jul 2020 17:59:19 GMT):
The definition of a 'cloud agent' in this case is a little fuzzy. The technical requirement is that you use a mediator (that can be shared among many mobile agents) that will receive messages and queue them for later pickup by a mobile device.

TelegramSam (Thu, 02 Jul 2020 17:59:28 GMT):
We call that a Mediator.

TelegramSam (Thu, 02 Jul 2020 18:00:20 GMT):
Cloud Agent typically refers to a cloud agent that is unique to the user. That mode does have some advantages to it, but it is not the only way.

jshim10 (Thu, 02 Jul 2020 19:02:54 GMT):
oh, so the mediator can work as a message queue right? while mobile agents have all the dkms

TelegramSam (Thu, 02 Jul 2020 19:03:30 GMT):
they can. That is not a required feature of mediators, but a really useful one for the situation you describe.

jshim10 (Thu, 02 Jul 2020 19:03:56 GMT):
Is the mediator implementation also available in JS?

TelegramSam (Thu, 02 Jul 2020 19:04:58 GMT):
I don't now which features the JS code supports.

swcurran (Thu, 02 Jul 2020 19:06:02 GMT):
I think a mediator for a set of mobile agents must queue messages.

swcurran (Thu, 02 Jul 2020 19:07:22 GMT):
There are several wallet (mobile agent) mediators - some open and some not. @ianco was asking the other day about what ones there are. They can be in any language -- independent of the mobile agent. But they do have to work together.

swcurran (Thu, 02 Jul 2020 19:07:29 GMT):
Wallet and mediator.

jshim10 (Thu, 02 Jul 2020 19:08:26 GMT):
Can you explain why we need cloud agents instead of just having mobile agents and mediators? It's hard for me to understand the necessity of cloud agents

swcurran (Thu, 02 Jul 2020 19:09:44 GMT):
An enterprise agent is a cloud agent - one that issues and verifies credentials.

TelegramSam (Thu, 02 Jul 2020 19:10:00 GMT):
cloud agents allow you to mask certain details of your internal message routing if you desire. They can also play a role in data sync between mulitple agents in use by a user.

TelegramSam (Thu, 02 Jul 2020 19:10:24 GMT):
(above statement in reference to a cloud agent for a human user)

jshim10 (Thu, 02 Jul 2020 19:11:02 GMT):
Can't they verify in the mobile agent?

jshim10 (Thu, 02 Jul 2020 19:13:36 GMT):
btw, thanks for your answers

jshim10 (Thu, 02 Jul 2020 19:14:35 GMT):
I'm just trying to explain aries protocol to SSI communities in Korea but I just can't find a good place to start digging..

TelegramSam (Thu, 02 Jul 2020 19:14:44 GMT):
mobile agents can verify, as well as enterprise agents.

TelegramSam (Thu, 02 Jul 2020 19:15:36 GMT):
mediators can also be used for enterprise agents behind firewalls or with intermittent connectivity.

jshim10 (Thu, 02 Jul 2020 19:17:46 GMT):
okay. So it is possible to have only mediators as relays on the server side (no cloud agents) and bunch of mobile (or edge) agents to issue/verify

swcurran (Thu, 02 Jul 2020 19:30:06 GMT):
Yes -- but there are muddy terms there as defined by the community. My suggestion: - don't use the term "cloud agent" -- it's confusing. - wallets -- mobile agents - mediators -- persistent presence for wallets. One mediator for many wallets. Primary purpose is just to queue and pass on messages. - relays -- an actual formal term in Aries that is a variation on a mediator, so shouldn't be used in reference to mediators. - Enterprise Agents - edge agents (wallets) that run on servers for an enterprise.

swcurran (Thu, 02 Jul 2020 19:30:55 GMT):
On cloud agent -- use it to mean "any agent that runs on a server for whatever purpose - mediator, relay or enterprise agent"

jshim10 (Thu, 02 Jul 2020 19:32:52 GMT):
okay, gotcha

swcurran (Thu, 02 Jul 2020 19:37:29 GMT):
A final caveat. There can be variations on all of those --- e.g. a mediator can do more for it's wallet clients. It's just software and pliable. But to get basic understanding -- stick with the common uses.

pablo-arribas-unicc (Fri, 03 Jul 2020 10:41:14 GMT):
as for the mediators, what open source implementations are there available?

pablo-arribas-unicc (Fri, 03 Jul 2020 10:42:14 GMT):
I believe aries-framework-dotnet has that part implemented under routing. Am I correct? Any option in python?

TelegramSam (Fri, 03 Jul 2020 12:24:50 GMT):
ACA-py has some built in support in python.

TelegramSam (Fri, 03 Jul 2020 12:25:13 GMT):
Go also has mediator support, but they don't support the connections protocol.

raymondfx (Fri, 03 Jul 2020 13:04:20 GMT):
Has joined the channel.

x0axz (Sun, 05 Jul 2020 09:25:22 GMT):
Hello @swcurran @tomislav, I want to verify a proof response, and the proof request wasn't created by me. Actually I want to be a third party Verifier but don't want to hold user data (sent in response to me for verification). How can I implement that (flow of proof verification for this specific scenario)?

x0axz (Sun, 05 Jul 2020 09:25:22 GMT):
Hi @swcurran @tomislav, I want to verify a proof response, and the proof request wasn't created by me. Actually I want to be a third party Verifier but don't want to hold user data (sent in response to me for verification). How can I implement that (flow of proof verification for this specific scenario)?

discoverer (Sun, 05 Jul 2020 12:29:19 GMT):
@danielhardman - reading RFC-0051: Decentralized Key Management. It states that master key is not cryptographically protected. Can we not use user's password (i.e. Alice's or Faber's password) to encrypt master key?

danielhardman (Sun, 05 Jul 2020 15:15:03 GMT):
Sure, we could. But that just makes the password the master key that unlocks everything else. And once again, the password itself is not encrypted (cryptographically protected). We could also write down the password on a piece of paper and put it in a vault. That would shift the root of trust so it's physically protected, making the password an indirection before cryptographic trust begins. Or we could unlock the password that guards the master key with a biometric, making the biometric the root of trust. Or we could come up with a fancy scheme that uses something you have, something you are, and something you know. But no matter what we do, the inescapable truth is that cryptographic trust is based on managing secrets, and unlocking a cryptographic trove of secrets has to be based on something that's not cryptographic, because if you base crypographic trust on cryptography, you are not increasing the security of the trove.

debumonty (Sun, 05 Jul 2020 16:22:57 GMT):
Has joined the channel.

debumonty (Sun, 05 Jul 2020 16:22:57 GMT):
Hi @swcurran & team, I got a query on Hyperledger Indy and Aries. I have worked with Indy for about 6 months. My question is that, every holder/user on the network is assigned a service endpoint which the user gets connected to. The service endpoint is a different port number for each user on the network. So would this architecture be scalable n future? We might be needing to assign identity to thousands, millions or billions of users at some later point of time. How Sovrin would be handling the IP address ranges to be assigned to the users/holders in future?

tomislav (Sun, 05 Jul 2020 17:36:40 GMT):
Not every user gets a dedicated host and IP. Most (non-issuers) and mobile users will share a common endpoint, generally managed by their mediator agent. Issuers, too, can share a same host/IP, although most issuers today are configured to have dedicated service, but this is definitely not a requirement. As Aries/Indy DID's are anchored to a blockchain, as opposed to web, the approach can scale, independent of any IP address range limitations.

swcurran (Sun, 05 Jul 2020 18:09:33 GMT):
Could you provide a little more detail of what you want to do? There is a plan to have pre-defined proof requests that can be referenced (like schema) vs. created and sent each time. In that scenario, you still need to provide a nonce to ensure the freshness of the proof and to prevent replay of a proof. But I'm not sure what you mean by a "third party verifier".

swcurran (Sun, 05 Jul 2020 18:16:24 GMT):
I'm wondering if you are talking about the IPs of the nodes of an Indy network - the validator nodes operated by, for example, Sovrin Stewards. If that is the case, there is a pretty low limit on the number of Stewards on an Indy network - currently 25, balancing about robustness/redundancy (supporting up to 8 simultaneous failures) and transaction processing speed. So either way you were asking, there are built in approaches to scale the system sufficiently.

x0axz (Sun, 05 Jul 2020 20:15:21 GMT):
Here is our system design: We have multiple Issuers and every Issuer has their own user base (Holders). We want to function as Verifier, to verify the Proof Request on behalf of Issuers. Issuer wants to verify a holder, the issuer will first sent a proof request to Verifier (us) (we won't store/hold it). We will then forward this request to holder, they in response will sent us the proof (again, we don't want to know anything about it, we want to apply ZKP). We will verify the proof request. As the Credentials are stored in Holder Wallets, when Issuer sent us request to verify the credentials of Holder, we (verifier) don't want to store/hold/log the credentials in any way.

x0axz (Sun, 05 Jul 2020 20:15:21 GMT):
@swcurran , Here is our system design: We have multiple Issuers and every Issuer has their own user base (Holders). We want to function as Verifier, to verify the Proof Request on behalf of Issuers. Issuer wants to verify a holder, the issuer will first sent a proof request to Verifier (us) (we won't store/hold it). We will then forward this request to holder, they in response will sent us the proof (again, we don't want to know anything about it, we want to apply ZKP). We will verify the proof request. As the Credentials are stored in Holder Wallets, when Issuer sent us request to verify the credentials of Holder, we (verifier) don't want to store/hold/log the credentials in any way.

AnneliPedersen (Mon, 06 Jul 2020 07:33:31 GMT):
Has joined the channel.

SethiSaab (Mon, 06 Jul 2020 07:58:31 GMT):
HI guys , I am working on Hyperledger Aires ... In my project workflow i have to do the VC verification twice ... due to which it is taking alot of time

SethiSaab (Mon, 06 Jul 2020 07:58:51 GMT):
Is there any way that i can reduce the Credential Verification time ?

tomislav (Mon, 06 Jul 2020 11:45:47 GMT):
Can you be more specific on what is taking a long time? Fetching data from ledger? Running the crypto verify method? What codebase are you using? etc.

HLFPOC (Mon, 06 Jul 2020 12:17:14 GMT):
Is it possible to verify the same presentation twice? I am using aca-py and presentation state is changed to `verified` after successful verification, after that it cannot be verified again.

sklump (Mon, 06 Jul 2020 12:21:01 GMT):
That is correct. https://www.brainyquote.com/quotes/jean_chretien_145285

SethiSaab (Mon, 06 Jul 2020 13:21:20 GMT):
@sklump I am doing cross verification .. 1 party A verify party B and than Party B verifies Party A

SethiSaab (Mon, 06 Jul 2020 13:21:32 GMT):
so as in my process there is VC verification twice

SethiSaab (Mon, 06 Jul 2020 13:21:45 GMT):
so it is taking alot of tim

sklump (Mon, 06 Jul 2020 13:24:45 GMT):
I'm not sure how or whether aca-py ought to support this. It may be as simple as relaxing the state machine, but I don't know if others might object on design principle.

swcurran (Mon, 06 Jul 2020 13:45:16 GMT):
The process makes sense. This is a missing component of TLS, that this verification is one sided, so a proof both ways makes sense. This raises lots of interesting questions: How often are you doing that? Is it just after establishing the initial connection, or more often? Also, what is a lot of time? How much human interaction is part of that? What is being proven?

sklump (Mon, 06 Jul 2020 17:27:46 GMT):
What happens with the ack logic on a repeat verification? The holder (agent) in the record already has an ack by this point, does it care if it gets verified again? What happens in the perverse case when it doesn't verify a second time (could happen with, for example, revocation publication bad luck)? This seems to open up a can of worms - might it be better to duplicate the record on demand somehow into a new pres ex record in some kind of new state and verify from there? _(Implicitly I would think this would not entail an ack on completion)._

swcurran (Mon, 06 Jul 2020 17:30:41 GMT):
I think the use case is two agents communicating and each is doing a proof request/verification. It's not a single agent verifying twice.

swcurran (Mon, 06 Jul 2020 17:30:41 GMT):
I think the use case is two agents communicating and each is doing a proof request/verification of the other. It's not a single agent verifying twice.

sklump (Mon, 06 Jul 2020 17:36:15 GMT):
In that case the record won't be in the verified state on agent B

sklump (Mon, 06 Jul 2020 17:36:15 GMT):
In that case the record won't be in the verified state on verifier agent B

sklump (Mon, 06 Jul 2020 17:37:50 GMT):
I'd need to see the work flow. If verifier agent A is a proxy then I don't see how agent B even got the pres ex record in the first place - the endpoints on this protocol are holder and verifier, not verifier and verifier.

SethiSaab (Mon, 06 Jul 2020 18:25:35 GMT):
Hi team

SethiSaab (Mon, 06 Jul 2020 18:25:40 GMT):
basically use case is that

SethiSaab (Mon, 06 Jul 2020 18:25:44 GMT):
there are 3 parties

SethiSaab (Mon, 06 Jul 2020 18:25:54 GMT):
Issuer (say Amazon)

SethiSaab (Mon, 06 Jul 2020 18:26:09 GMT):
Candidate coming for job

SethiSaab (Mon, 06 Jul 2020 18:26:13 GMT):
and security check

andrew.whitehead (Mon, 06 Jul 2020 18:50:57 GMT):
If it's slow at the moment, that might be because it's running the connection protocol twice and then a proof exchange each way, depending how the demo is set up. Perhaps present-proof could be extended to support a challenge sent to the verifier but that's not a feature at the moment. A new protocol could also be created to support this

swcurran (Mon, 06 Jul 2020 18:53:18 GMT):
We're on this. He's using ACA-Py. We're trying to figure out what's happening.

TelegramSam (Mon, 06 Jul 2020 23:23:31 GMT):
Our recent discussions about ‘enhancing’ the Connections/DID Exchange protocols with ‘profile’ information has brought up an issue I’ve been struggling with for a bit now. (thread)

TelegramSam (Mon, 06 Jul 2020 23:24:43 GMT):
As a community, we have placed a huge significance on the act of a user ‘accepting’ an invitation to connect. Our emphasis on placing the user in control of this interaction is good. I believe that our timing of this user action has some negative side effects. It is desirable for a user to have good, quality information available to allow them to make an informed decision. This becomes difficult when evaluating an Invitation to connect, because a secure connection has not yet been established. We therefore aspire to include more information in an invitation to allow the user to make a decision. I believe that keeping the security aspects of the protocol and the information aspects of the protocol separate is worth it in the long run. An analogy might be made here to visiting a website in the browser: TLS is leveraged to transfer information from a web server to a browser when a user first visits a website. After viewing the page, the user then chooses whether they will further engage, or discard the relationship (TLS connection work). I believe we should consider the exchange of DIDs to be similar: useful to establish a secure communication channel. If we move the user’s decision point on whether to ‘accept’ the connection further down the timeline, we have the ability to exchange credentials and pass other information along in a secure manner. In a practical sense, this means we label newly formed connections as ‘pending’ or ‘resolving’ or something similar. These connections might even be hidden from the user. When enough information is received over the connection, the user is then prompted to ‘accept’ the connection, alongside verified, rich information. Should the user decline, the relationship may be discarded. Perhaps the greatest benefit of this mental model switch is that we can align the moment of ‘connection’ and ‘trust’ in the user experience. A user is presented with enough information to make a quality decision, and perhaps also assign some level or type of trust to the relationship. As the error we’ve made is a mental model (which I’ve likely contributed substantially to), no protocol changes are necessary for this improvement in user experience. We must change how our apps work, and how they present choices to their owners. We should also engage in discussing what information is sufficient, as a baseline, for agents to require before involving the user. As this aspect of the process is likely to improve over time, we may safely choose an imperfect but expedient answer to this question. We will improve over time, and it is far less critical that we have only 'one' way to accomplish this.

EmmanuelMurairi (Tue, 07 Jul 2020 11:31:40 GMT):
Has joined the channel.

EmmanuelMurairi (Tue, 07 Jul 2020 11:35:18 GMT):
Hello everyone, I have been trying to implement an Identity authentication feature for my application using Hyperledger Indy, however, I haven't been able to get started. Is there any path you would recommend me to take?

sklump (Tue, 07 Jul 2020 12:10:09 GMT):
Hey, could someone with python installed on an iOS system tell me what comes back from python ``` import system ```

sklump (Tue, 07 Jul 2020 12:10:09 GMT):
Hey, could someone with python installed on an iOS system tell me what comes back from python ``` >>> import platform >>> platform.system() ``` within the python interpreter?

sklump (Tue, 07 Jul 2020 12:10:09 GMT):
Hey, could someone with python installed on an *iOS* and/or *android* system tell me what comes back from python ``` >>> import platform >>> platform.system() ``` within the python interpreter? I'm trying to get to the indy home directory and it varies a bit by platform.

debumonty (Tue, 07 Jul 2020 12:10:30 GMT):
Ok thanks

TimoGlastra (Tue, 07 Jul 2020 12:17:54 GMT):
You mean with a tool like Pyto?

TimoGlastra (Tue, 07 Jul 2020 12:18:06 GMT):
Then its ‘Darwin’ for me

TimoGlastra (Tue, 07 Jul 2020 12:18:30 GMT):
Then it’s ‘Darwin’ for me

debumonty (Tue, 07 Jul 2020 12:21:10 GMT):
Thanks @tomislav yes that's the answer I was looking for to understand how it would work in production. We had modelled it one user per one host & IP which was wrong. Need to redo some work. Thanks @swcurran for confirming max validator nodes to be 25. However most people perhaps would go to Sovrin for validator nodes and would not like to handle infra themselves.

sklump (Tue, 07 Jul 2020 12:25:09 GMT):
I don't know pyto. I'm just using the interactive shell via `python` at the command line. How about ``` >>> platform.system_alias() ``` ? Darwin could refer to MacOS, which doesn't put stuff in a Documents directory under the home dir? Maybe? All MacOS is a cloudy mystery to me and I could be wrong here.

sklump (Tue, 07 Jul 2020 12:25:09 GMT):
I don't know pyto. I'm just using the interactive shell via `python` at the command line. How about ``` >>> platform.system_alias() ``` ? Darwin could refer to MacOS, which doesn't put stuff in a Documents directory under the home dir? Maybe? All MacOS/iOS/watchOS is a cloudy mystery to me and I could be wrong here.

sklump (Tue, 07 Jul 2020 12:25:09 GMT):
I don't know pyto. I'm just using the interactive shell via `python` at the command line. How about ``` >>> platform.uname() ``` ? Darwin could refer to MacOS, which doesn't put stuff in a Documents directory under the home dir? Maybe? All MacOS/iOS/watchOS is a cloudy mystery to me and I could be wrong here.

omardib (Tue, 07 Jul 2020 12:46:42 GMT):
Has joined the channel.

tomislav (Tue, 07 Jul 2020 12:47:25 GMT):
Could be one of the values 'Linux', 'Darwin', 'Java', 'Windows' per docs.

sklump (Tue, 07 Jul 2020 12:47:47 GMT):
Thanks, I have read the docs.

tomislav (Tue, 07 Jul 2020 12:47:53 GMT):
Generally, mobile platforms have platform system implementation of those system methods.

sklump (Tue, 07 Jul 2020 12:48:27 GMT):
I see that the rust impl somehow knows if it's on ios specifically though - that's magic

tomislav (Tue, 07 Jul 2020 12:48:34 GMT):
And it all comes to wrapping one of the native (Java/Swift) capabilities

tomislav (Tue, 07 Jul 2020 12:49:34 GMT):
The static library must be specifically built for iOS target, so it can't run anywhere else

omardib (Tue, 07 Jul 2020 12:51:06 GMT):
Hello everyone, Is it possible to transform the result of /present-proof/create-request to a url as it is done with the invitation_url in the connection? I suppose it should look like endpointurl:8020?d_m..... . Any help please

omardib (Tue, 07 Jul 2020 12:51:06 GMT):
Hello everyone, Is it possible to transform the result of /present-proof/create-request to a url as it is done with the invitation_url in the connection invitation? I suppose it should look like endpointurl:8020?d_m..... . Any help please

sklump (Tue, 07 Jul 2020 12:52:14 GMT):
What does that mean for python trying to find indy home dir on iOS then?

sklump (Tue, 07 Jul 2020 12:52:43 GMT):
Rephrase: does MacOS also use a Documents/ in-between directory?

tomislav (Tue, 07 Jul 2020 12:54:34 GMT):
No

sklump (Tue, 07 Jul 2020 12:55:44 GMT):
That's annoying.

tomislav (Tue, 07 Jul 2020 12:56:02 GMT):
Python isn't finding the home dir, libindy does it

tomislav (Tue, 07 Jul 2020 12:56:30 GMT):
Maybe I'm not quite understanding what the issue is

tomislav (Tue, 07 Jul 2020 12:56:41 GMT):
https://docs.python.org/3/library/pathlib.html#pathlib.Path.home

sklump (Tue, 07 Jul 2020 12:57:10 GMT):
I have all python docs micro-tattooed into my DNA.

sklump (Tue, 07 Jul 2020 12:58:39 GMT):
I want to put tails files in $INDY_CLIENT/.tails/.../. But it's not that simple on iOS or android because the $INDY_CLIENT idea is not in the same place as any other OS, including the MacOS that gives back the same value from python system query.

sklump (Tue, 07 Jul 2020 12:58:39 GMT):
I want to put tails files in $INDY_CLIENT/.tails/.../ (à la von-anchor, sort of). But it's not that simple on iOS or android because the $INDY_CLIENT idea is not in the same place as any other OS, including the MacOS that gives back the same value from python system query.

sklump (Tue, 07 Jul 2020 12:59:35 GMT):
I suppose I can look for the directory of record and if present, use it. Some wag could always create one on the same name though.

tomislav (Tue, 07 Jul 2020 13:01:06 GMT):
Each app stores data in it's own dir, so it won't be static dir across the apps. You would have to get that directory at app runtime. Now how do you get that app dir, I'm sure you already know.

sklump (Tue, 07 Jul 2020 13:01:51 GMT):
That's new to me.

tomislav (Tue, 07 Jul 2020 13:02:58 GMT):
Yes, each app is installed under (I'm guessing for argument sake) /Library/AppData/(App Guid)/ which can be resolved as home dir with one of the python APIs

tomislav (Tue, 07 Jul 2020 13:03:53 GMT):
.indy_client will be somewhere in that path, most likely at the root

tomislav (Tue, 07 Jul 2020 13:04:07 GMT):
app can only read/store data within that directory

sklump (Tue, 07 Jul 2020 13:05:14 GMT):
indy-sdk itself uses $HOME/Documents/.indy_client as the indy home path (on iOS - again, it knows it's iOS as opposed to MacOS) and it doesn't seem to care what the app is

sklump (Tue, 07 Jul 2020 13:05:58 GMT):
(I paraphrase: $HOME defaults to /home/indy and it comes from a dirs::home_dir())

tomislav (Tue, 07 Jul 2020 13:06:27 GMT):
There's a reason for using Documents, and it has to syncing and backup.

tomislav (Tue, 07 Jul 2020 13:06:54 GMT):
$HOME defaults to /home/indy on iOS?

sklump (Tue, 07 Jul 2020 13:07:39 GMT):
Looks like: https://github.com/hyperledger/indy-sdk/blob/a872532d212147f685e8454c172fb37a6ce1c1b9/libindy/indy-utils/src/environment.rs#L5

tomislav (Tue, 07 Jul 2020 13:08:08 GMT):
well, that's a fallback path

sklump (Tue, 07 Jul 2020 13:08:24 GMT):
yes, aka a default

tomislav (Tue, 07 Jul 2020 13:08:30 GMT):
that won't return `/home/indy` on iOS

sklump (Tue, 07 Jul 2020 13:08:51 GMT):
oh! is the home dir relative to the current app then on iOS?

tomislav (Tue, 07 Jul 2020 13:09:02 GMT):
Yes

tomislav (Tue, 07 Jul 2020 13:09:29 GMT):
on mobile, in general

airskipper (Tue, 07 Jul 2020 13:10:16 GMT):
Has joined the channel.

sklump (Tue, 07 Jul 2020 13:12:28 GMT):
I could keep the directory outside indy-client home, but tails files _are_ indy-specific and I'd prefer to avoid clutter. It looks like there is no way to know whether python is operating on iOS specifically - which seems preposterous from a 2020 point of view

tomislav (Tue, 07 Jul 2020 13:17:30 GMT):
In my opinion, Rust `dirs::home_dir()` and Python `pathlib.Path.home` should return the same directory

tomislav (Tue, 07 Jul 2020 13:18:35 GMT):
This is iOS home dir when running in simulator btw `/Users/tomislav/Library/Developer/CoreSimulator/Devices/3B321A09-9E04-4730-B7CF-A176C99F5113/data/Containers/Data/Application/97044EA2-1AC5-4956-A6DC-E7B973C3F35B/Library`

sklump (Tue, 07 Jul 2020 13:18:56 GMT):
wow

sklump (Tue, 07 Jul 2020 13:19:02 GMT):
thanks Jobs

sklump (Tue, 07 Jul 2020 13:20:19 GMT):
But I think I can work with it, thanks

tomislav (Tue, 07 Jul 2020 13:21:46 GMT):
How are people running acapy on ios?

sklump (Tue, 07 Jul 2020 13:22:23 GMT):
I don't know if they are as such, but I want to avoid worsening platform lock-in if I can

sklump (Tue, 07 Jul 2020 13:23:22 GMT):
Support outside dockerized Linux is not great and we don't have enough bodies to do much of it

sklump (Tue, 07 Jul 2020 13:28:31 GMT):
Would you know about what android might return from python `platform.system()` or `platform.uname()`?

tomislav (Tue, 07 Jul 2020 13:55:41 GMT):
No, sorry. I also have no Android to test is with.

sklump (Tue, 07 Jul 2020 14:09:41 GMT):
Thanks anyway, from the docs it looks like `Linux` is almost certain

TelegramSam (Tue, 07 Jul 2020 14:24:16 GMT):
@swcurran @troyronda @tomislav @danielhardman

danielhardman (Tue, 07 Jul 2020 15:12:57 GMT):
I agree with all of the theory you articulate here, Sam. However, in discussing with our product management folks, I am running into friction. Because other products show the logo and name of the inviter, our product management people are unwilling to give up the UX. I told them they could have the same UX but do it a different way, and they pushed back. Part of the pushback is just "it will take longer," but a more interesting pushback is that there are currently no issuers of company logos and company names. Thus, if we replaced the simplistic and insecure approach with a secure one and decoupled the UX from the steps of a single protocol, we would have no basis for phishing-resistant logos. They'd lose the feature in practice, if not in theory. This makes me wonder if we ought to allow logo+name as they're requesting, but require that it be digitally signed. That would NOT guarantee that it is true, but it would commit the sender of the message to a non-repudiable assertion that could later be validated. Until we have issuers of org creds that attest to logos and company names, that may be the best we can do. I don't love it, though...

danielhardman (Tue, 07 Jul 2020 15:12:57 GMT):
I agree with all of the theory you articulate here, Sam. However, in discussing with our product management folks, I am running into friction. Because other products show the logo and name of the inviter, our product management people are unwilling to give up the UX. I told them they could have the same UX but do it a different way, and they pushed back. Part of the pushback is just "it will take longer to build the feature that way," but a more interesting pushback is that there are currently no issuers of company logos and company names. Thus, if we replaced the simplistic and insecure approach with a secure one and decoupled the UX from the steps of a single protocol, we would have no basis for phishing-resistant logos. They'd lose the feature in practice, if not in theory. This makes me wonder if we ought to allow logo+name as they're requesting, but require that it be digitally signed. That would NOT guarantee that it is true, but it would commit the sender of the message to a non-repudiable assertion that could later be validated. Until we have issuers of org creds that attest to logos and company names, that may be the best we can do. I don't love it, though...

TelegramSam (Tue, 07 Jul 2020 15:15:19 GMT):
> I told them they could have the same UX but do it a different way, and they pushed back. Part of the pushback is just "it will take longer to build the feature that way," That is the major resistance that I expect.

TelegramSam (Tue, 07 Jul 2020 15:21:53 GMT):
> Until we have issuers of org creds that attest to logos and company names... I think we may have a 3rd door / bootstrapping solution in the form of the Well Known DID Configuration. https://identity.foundation/.well-known/resources/did-configuration/ This is a narrow solution for companies with domains only, but does carry some amount of trust.

danielhardman (Tue, 07 Jul 2020 15:22:35 GMT):
I had forgotten about that. This is a hopeful idea. I'll go socialize it with our product folks and see what they think.

TelegramSam (Tue, 07 Jul 2020 15:23:44 GMT):
ideal: we pass a message after 'connection' established, before UX asking user to accept. mess contains link to well known DID, domain, and image. domain can be verified. Image won't, but that's far better than nothing.

danielhardman (Tue, 07 Jul 2020 15:24:41 GMT):
If we could get the logo from the favicon of the same website that holds the .wellknown stuff, we have something a bit better...

TelegramSam (Tue, 07 Jul 2020 15:25:11 GMT):
True.

hcsatish (Tue, 07 Jul 2020 16:38:33 GMT):
Has joined the channel.

tomislav (Tue, 07 Jul 2020 17:28:41 GMT):
As I was reading this thread form the top-down, I thought about the well known DID config, until Sam mentioned it. It's a great way to add some validity about the source of the invitation. It also looks good on the UI and adds element of trust: ``` Faber wants to connect with you. [Faber Logo] Verified domain: faber.com ```

tomislav (Tue, 07 Jul 2020 17:30:03 GMT):
Issuers can then publish a DID that they would use for invitations that would be verifiable. This would add one or two extra fields to the invitation payload, but nothing too complicated for implementors to adopt it.

TelegramSam (Tue, 07 Jul 2020 17:30:42 GMT):
@tomislav thoughts on pushing the 'accept' forward, till after the exchange is complete?

tomislav (Tue, 07 Jul 2020 17:31:47 GMT):
I'm okay with it. At present, I prefer a little better UX over slightly less phishing security.

TelegramSam (Tue, 07 Jul 2020 17:32:23 GMT):
Can you draw that out a little? I'm not sure I fully understand.

danielhardman (Tue, 07 Jul 2020 17:32:42 GMT):
Sam, I don't know what you mean by pushing the 'accept' forward.

TelegramSam (Tue, 07 Jul 2020 17:33:22 GMT):
I mean, complete the full did exchange protocol, then exchange protocol messages to 'prove stuff', then ask the user if they accept.

TelegramSam (Tue, 07 Jul 2020 17:33:55 GMT):
so, push user accept of new connection till after exchange etc. has been complete.

TelegramSam (Tue, 07 Jul 2020 17:35:11 GMT):
(my use of forward may be in error. push backward?)

tomislav (Tue, 07 Jul 2020 17:35:30 GMT):
Oh, I misunderstood that. Sounds like a good deal of message exchange before something can be considered valid. I'd rather just keep the invitation data as is, allow for name/profile, but not worry about phishing, and then add the public DID config, which can carry a signature as well.

TelegramSam (Tue, 07 Jul 2020 17:36:42 GMT):
I worry that the need to put a little more in the invitation will never end.

danielhardman (Tue, 07 Jul 2020 17:37:03 GMT):
I am *deeply* worried about phishing. I feel like allowing anybody to claim whatever name and logo they like, at the beginning of a relationship, dramatically subverts the entire ecosystem we're trying to create. Using .well-known gives us substantially better security with approximately the same UX, and not a lot of increased effort.

tomislav (Tue, 07 Jul 2020 17:37:33 GMT):
We talked previously about adding sigs to the invitation, now the DID configuation spec makes it a little more convenient to do that and add domain anchoring.

TelegramSam (Tue, 07 Jul 2020 17:37:35 GMT):
by changing the point of user 'accept' till later, we can engage rich (and gradually improving) protocols instead of creeping stuff into the invitation.

TelegramSam (Tue, 07 Jul 2020 17:38:17 GMT):
to be clear. use of .well-known and moving the point of UX are orthogonal.

danielhardman (Tue, 07 Jul 2020 17:38:19 GMT):
Like I said, Sam: the theory is right. But until we have issuers of instutional name+logo, it doesn't help us.

TelegramSam (Tue, 07 Jul 2020 17:39:14 GMT):
the well known did config can be use either as an addition to the invitation, or in a protocol message after dids are exchanged to the same effect on phishing.

danielhardman (Tue, 07 Jul 2020 17:40:05 GMT):
Hmm. I hadn't considered doing it later. It's true that it has the same effect on phishing. It doesn't have the same effort, though.

TelegramSam (Tue, 07 Jul 2020 17:40:28 GMT):
for sure - fixing the mental model is not the easy path.

danielhardman (Tue, 07 Jul 2020 17:40:41 GMT):
Let me attach the message I just sent to EV product management about this.

tomislav (Tue, 07 Jul 2020 17:41:28 GMT):
What is the benefit of using well known check later and not as part of the invitation?

TelegramSam (Tue, 07 Jul 2020 17:41:49 GMT):
I'm going to prep some diagrams for tomorrow's meeting addressing this. I'd like to discuss if (1) we think fixing it is worth the effort, and (2) what we might do to get there over time as work is required.

TelegramSam (Tue, 07 Jul 2020 17:42:40 GMT):
@tomislav it keeps the invitations simpler, and allows us to iterate on 'proving stuff' in protocols.

TelegramSam (Tue, 07 Jul 2020 17:43:48 GMT):
less passed unencrypted, fixes what I consider to be inevitable scope creep.

danielhardman (Tue, 07 Jul 2020 17:43:51 GMT):

Letter to EV prod mgmt about name+logo in invitation.pdf

tomislav (Tue, 07 Jul 2020 17:43:54 GMT):
it also restricts the entire exchange protocol to require a connection. If well know DID is a decorator, we can attach it to any message, connectionless presentations would be a lot more trusted as well.

TelegramSam (Tue, 07 Jul 2020 17:45:09 GMT):
my head has both didcomm v1 and v2 in mind. if things go as I expect, the ridged concept of a 'connection' will be far less a problem.

danielhardman (Tue, 07 Jul 2020 17:47:45 GMT):
Note: in my letter above, I'm suggesting two fields. Neither is "name" or "icon." One is "domain" and would use the .well-known mechanism. The other is "avatar", which inherently implies self-assertion and lower trust.

danielhardman (Tue, 07 Jul 2020 17:48:55 GMT):
I don't think I'm in favor of fighting the battle right now to decouple the UX from the protocol. It's too many moving parts too coordinate. Let's fight that after DIDComm v2 is out.

danielhardman (Tue, 07 Jul 2020 17:48:55 GMT):
I don't think I'm in favor of fighting the battle right now to decouple the UX from the protocol. It's too many moving parts to coordinate. Let's fight that after DIDComm v2 is out.

TelegramSam (Tue, 07 Jul 2020 17:49:44 GMT):
@danielhardman that might be the right answer.

TelegramSam (Tue, 07 Jul 2020 17:50:08 GMT):
I actually don't think this needs fully community support, necessarily.

TelegramSam (Tue, 07 Jul 2020 17:50:35 GMT):
the ux will vary more between agents, but I think it will be smooth enough.

danielhardman (Tue, 07 Jul 2020 17:51:34 GMT):
(While I agree that 'the ridged concept of a connection will be far less of a problem' with DIDComm v2, I also believe we need the concept of a relationship (!= connection). The move away from connections is only half of the puzzle; until we have something to represent the *real* thing we're after, removing the pseudo-thing will continue to generate friction. So I want to fight the UX decoupling as part of a more mature mental shift.

danielhardman (Tue, 07 Jul 2020 17:52:37 GMT):
I remain uncomfortable with what I perceive to be a strong push by Tobias and others to do away with connections, until we have the other thing in our mental model.

andrew.whitehead (Tue, 07 Jul 2020 17:55:23 GMT):
I like the idea of the .well-known configuration and linked domain, but I'm not sure what the benefit of using a VC would be there over a simple signature using the did doc's identity keys

danielhardman (Tue, 07 Jul 2020 17:59:33 GMT):
@andrew.whitehead : the signature over DID doc keys tells you that the sender is willing to risk the reputation of that DID on the assertion that they are described by a name and logo. That is not the same as saying they're willing to risk the reputation of a public website.

danielhardman (Tue, 07 Jul 2020 18:00:28 GMT):
@TelegramSam : re. ordering, if you put the .wellknown stuff after a connection is complete, you have a problem, because you can't use it with a private DID. If you keep the .wellknown stuff in step 1, you can still switch to a private DID later.

TelegramSam (Tue, 07 Jul 2020 18:04:01 GMT):
you can remember which public did was used initially, and/or prove ownership of the public did.

TelegramSam (Tue, 07 Jul 2020 18:04:39 GMT):
remembering the DID is used for connection reuse anyway.

tomislav (Tue, 07 Jul 2020 18:06:01 GMT):
doesn't that feel little unusual? Let me in your house first, and then I'll show you my badge.

TelegramSam (Tue, 07 Jul 2020 18:11:16 GMT):
It's what TLS does.

TelegramSam (Tue, 07 Jul 2020 18:11:43 GMT):
The mental model flat is that establishing a connection is letting you into the house.

TelegramSam (Tue, 07 Jul 2020 18:11:43 GMT):
The mental model flaw is that establishing a connection is letting you into the house.

TelegramSam (Tue, 07 Jul 2020 18:12:18 GMT):
We've said frequently that connection does not == trust, but have proceeded with a mental model around connections that implies that anyway.

danielhardman (Tue, 07 Jul 2020 18:13:31 GMT):
We should used the word "session" instead of "connection". You are comfortable establishing a session with a web server before you decide whether you want to log in.

troyronda (Tue, 07 Jul 2020 19:46:35 GMT):
Seems like the "session" thought and the relationship to DIDComm/0RTT might be useful on the recent DIDComm PR (73).

troyronda (Tue, 07 Jul 2020 19:46:35 GMT):
Seems like the "session" thought and the relationship to DIDComm might be useful on the recent DIDComm PR (73).

troyronda (Tue, 07 Jul 2020 19:46:35 GMT):
Seems like the "session" thought and the relationship to DIDComm might be useful on the recent DIF DIDComm PR (73).

TelegramSam (Tue, 07 Jul 2020 19:47:24 GMT):
Sessions are not quite perfect either.

TelegramSam (Tue, 07 Jul 2020 19:47:50 GMT):
but highlights the imperfectness of a 'connection' as we've been using it.

troyronda (Tue, 07 Jul 2020 19:50:39 GMT):
"session" could be in the same vein as the last PR comment about "if there are any generic aspects of a more established connection that end up in the spec"...

TelegramSam (Tue, 07 Jul 2020 19:50:56 GMT):
yes.

TelegramSam (Tue, 07 Jul 2020 19:51:26 GMT):
I anticipate a section of the impl guide that talks about relationship/connection management.

TelegramSam (Wed, 08 Jul 2020 19:04:52 GMT):
Aries WG call on now!

discoverer (Thu, 09 Jul 2020 03:10:01 GMT):
@MALodder I am new to Aries. I am trying to understand how Aries Wallet Master key can be managed and risks associated with it. In your RFC 0042 you have mentioned - "Wallets currently use a single key to access the wallet. The key is provided directly or derived from a password." But I am not able to find any implementation or documentation where the master key is derived from the password. -- would you be able to point me to implementation or documentation for this?

MALodder (Thu, 09 Jul 2020 03:13:19 GMT):
https://github.com/hyperledger/indy-sdk/blob/feac30423e7f36de19fc030c6f8af650323fdcbb/libindy/benches/wallet.rs#L59

MALodder (Thu, 09 Jul 2020 03:13:28 GMT):
Argon2id is usedd

MALodder (Thu, 09 Jul 2020 03:13:31 GMT):
in Indy

TelegramSam (Thu, 09 Jul 2020 15:14:07 GMT):
super early draft on an 'elevate trust' protocol. Note the extensive list of questions at the bottom. Feedback welcome: https://hackmd.io/5WNriZuZSAac1U24eu95ag

TelegramSam (Thu, 09 Jul 2020 15:18:45 GMT):
Yesterday's call recording posted. Contains tracing discussion and a discussion of a shift in UX around creating connections, and the basis of initial trust: https://wiki.hyperledger.org/pages/viewpage.action?pageId=31204695

swcurran (Thu, 09 Jul 2020 16:28:56 GMT):
Encourage folks to look at that document ^^^ @tomislav @george.aristy @sklump @andrew.whitehead @CHempel @esplinr @danielhardman Going in the right direction?

danielhardman (Thu, 09 Jul 2020 17:45:36 GMT):
I don't believe we need this. If we want to elevate trust based on VCs, we should just use the Present Proof protocol. If we want to elevant trust based on email verification, we should write an Email Verification protocol. We don't need a protocol to select protocols -- or if we do, it should be a generic "pick among these alternative protocols" protocol, not an "Elevate Trust" protocol.

tomislav (Thu, 09 Jul 2020 18:09:03 GMT):
I share Daniel's opinion. I'm concerned we're creating highly opinionated protocol with purpose to improve trust, and that in itself might be a dangerous promise. I'm also slightly worried about the implementation complexity of this protocol.

TelegramSam (Thu, 09 Jul 2020 20:32:45 GMT):
@danielhardman do we have a good way to indicate which of n different proofs we'd like presented?

TelegramSam (Thu, 09 Jul 2020 20:36:32 GMT):
I'm happy with a "please engage in one of these protocols" protocol. I felt like the urgency of needing some trust building might warrant it's own semantic importance.

nc-crtr_linx (Thu, 09 Jul 2020 21:00:32 GMT):
Hi Folks, I have been reading the aries git documentation for a couple of months now. Especially the Aries cloud agent. I'm still trying to understand how a controller code can be created/ modified for a specified use-case. Do any of you experts have any suggestions or tips for a non-developer?

TelegramSam (Thu, 09 Jul 2020 21:24:49 GMT):
@nc-crtr_linx The #aries-cloudagent-python channel is best for question specifically related to Aries Cloudagent Python.

CavitOzbay (Thu, 09 Jul 2020 22:28:37 GMT):
Has joined the channel.

CavitOzbay (Thu, 09 Jul 2020 23:04:41 GMT):
Hello everyone, I have read the documentation for the agent authorization policy from aries-rfc (https://github.com/hyperledger/aries-rfcs/blob/ea388dbf4d04dd1ae28ca387c5c8369d812e5f6f/concepts/0051-dkms/pdf/Agent%20Authorization%20Policy.pdf). Is there an implementation for this protocol completed or in development phase? Is there an any alternative implementation or more recent discussion on it?

nc-crtr_linx (Fri, 10 Jul 2020 01:28:25 GMT):
Thank you!

danielhardman (Fri, 10 Jul 2020 02:30:43 GMT):
There is an implementation in a branch of Indy. I don't remember the branch's name. It was written by Lovesh Harchandani, IIRC.

danielhardman (Fri, 10 Jul 2020 02:31:44 GMT):
I could be wrong about the author. It might have been Mike Lodder as well.

discoverer (Fri, 10 Jul 2020 03:11:03 GMT):
Seeking for High Level Component Diagram Indy & Aries together - which shows how all components in Indy & Aries i.e. Ledger, Indy-sdk, libindy, Storage / Wallet, Aries, Agent, Controller etc. fits together? if this doesn't exist, I can try creating one & send over to this group for review...

TelegramSam (Fri, 10 Jul 2020 03:17:17 GMT):
Realization: elevating trust shouldn't focus on protocols, but on governance frameworks.

m00sey (Fri, 10 Jul 2020 03:24:05 GMT):
just been reading along with the discussion but yeah I can't but feel like I agree wholeheartedly with this

m00sey (Fri, 10 Jul 2020 03:24:05 GMT):
just been reading along with the discussion, I can't help but feel like I agree wholeheartedly with this

naagii (Fri, 10 Jul 2020 07:39:45 GMT):
Has joined the channel.

CavitOzbay (Fri, 10 Jul 2020 08:36:08 GMT):
Thank you.

JelleFm (Fri, 10 Jul 2020 11:34:27 GMT):
Has joined the channel.

danielhardman (Fri, 10 Jul 2020 14:14:14 GMT):
Here is more info. Code that implements this is in the following three repos (each in a separate authz branch): https://github.com/hyperledger/indy-sdk/tree/authz-rc, https://github.com/lovesh/indy-node/tree/authz, https://github.com/hyperledger-archives/indy-crypto/tree/authz I think the indy-crypto code was written by Mike Lodder, not Lovesh.

CavitOzbay (Fri, 10 Jul 2020 19:45:38 GMT):
Thank you again. By the way, there is a related branch in indy-plenum also, but I realized that it is just used for testing purposes. I wanted to mention for the future readers.

danielhardman (Fri, 10 Jul 2020 21:01:10 GMT):
Have a look at: https://docs.google.com/presentation/d/1L5L4QcZOATrn9rj4bEMmlbvij9XWyqgQRoWO-HNiUGw/edit

danielhardman (Fri, 10 Jul 2020 21:02:47 GMT):
Please note that these diagrams are not gospel. In particular, since these diagrams were created, some frameworks have evolved a different perspective on how plugins ought to work (plugins specific to one framework, rather than plugins that can be used by multiple frameworks).

swcurran (Fri, 10 Jul 2020 22:05:24 GMT):
I think I disagree with @danielhardman / @tomislav on the need for this - but we need more discussion about it. On the one hand we agree we have no trust established when we establish a didcomm connection -- it's a higher level concern. Yes, we could just give guidance "Hey - don't trust the other side -- verify them" -- that what we say today. Responsibility is on both sides to figure out how to get that. I think we need a higher level abstraction that provides ways to do that. Sure, a proof is going to be a good way to do that (although there may be others), but a short form way to say what proofs might be acceptable would help. For example, we really want a way for a user get information about a service. We don't want the user to have to construct a proof on the fly to do that. Perhaps a similar set of standard proofs are needed when connecting with a person. I think this is something we should be exploring.

danielhardman (Fri, 10 Jul 2020 22:10:31 GMT):
I see two situations: 1. Alice invites Bob to connect because Alice has an intent that is obvious from the goal of her OOB invitation. Ex: goal = Issue Credential 1.0. In this case, the goal in OOB feels adequate to me. 2. Alice invites Bob to connect but her intent is not obvious. Ex: Bob is a consultant. Alice wants to connect; does she want to hire Bob, or network with him, or demand payment for his unpaid bill? In this case, asking how we elevate trust is the wrong question, because the trust we need is dependent on the context that exists only in Alice's brain. For either Alice or Bob to say, immediately after connecting, "Hey, here are 3 ways to build trust with me" makes no sense. What they should be saying is, "I propose to use this new channel to negotiation a contract with you as a contractor. GIVEN THAT CONTEXT, here's a trust framework we can use (which implies things about reasonable issuers and credentials, and maybe about protocols) -- and here are 2 or 3 protocols we could use to build trust up to "Level C" in the governance framework, which is the one the recommend for people signing contracts.

danielhardman (Fri, 10 Jul 2020 22:12:46 GMT):
This second scenario DOES feel very protocol-worthy to me -- but I think it would be an "establish context" protocol, not an "elevate trust" protocol.

tomislav (Fri, 10 Jul 2020 22:20:38 GMT):
Re @swcurran ` For example, we really want a way for a user get information about a service.` - I agree and this is one reason I advocate for adopting the DID Configuration to give "some" level of authenticity that will only make it easier for the party to make a decision on a trust level.

tomislav (Fri, 10 Jul 2020 22:20:38 GMT):
Re @swcurran ` For example, we really want a way for a user get information about a service.` - I agree and this is one reason I advocate for adopting the DID Configuration well known spec; to give "some" level of authenticity that will only make it easier for the party to make a decision on a trust level.

swcurran (Fri, 10 Jul 2020 22:20:40 GMT):
That's where I think Sam's suggestion is spot on. Alice wants to issue a credential to Bob, but with just OOB+DID Exchange complete, Alice does not know if she is connected to Bob or someone else that responded to the invitation (as we have said many times). I think what Sam is suggesting (and I'm agreeing with) is that the OOB intent happen AFTER a basis of trust is established - something beyond DID Exchange. And since some sort of basis of trust is needed with every connection, we want to make it easy/fast so that we can get on with the business at hand. In other words - DID Exchange is generally insufficient for having a meaningful exchange -- e.g. to carry out the intent. Just like you should not do anything with a website until you verify the TLS connection. With DIDComm this is further complicated because we want confirmation on both sides.

swcurran (Fri, 10 Jul 2020 22:21:53 GMT):
Yes - agree that well-known is a good method and example. Can we do more or are we just repeating TLS?

swcurran (Fri, 10 Jul 2020 22:21:53 GMT):
Yes - agree that well-known is a good method and example. Can we do more or are we just repeating DNS? Can we do other scenarios (people, things).

swcurran (Fri, 10 Jul 2020 22:21:53 GMT):
Yes - agree that well-known is a good method and example. Can we do more or are we just repeating DNS? Can we do other scenarios (people, things)?

TelegramSam (Fri, 10 Jul 2020 22:23:21 GMT):
well-known works well for connecting to a business or a company (with a domain, obviously) and is a good starting place.

TelegramSam (Fri, 10 Jul 2020 22:23:51 GMT):
I think we should focus on some verifiable piece easy for individuals. Since we have an email verification service, let's start with that one. VC of email ownership.

tomislav (Fri, 10 Jul 2020 22:24:17 GMT):
I see the well-known as a stepping stone, not the ultimate solution. I like the practicality and immediacy it offers.

TelegramSam (Fri, 10 Jul 2020 22:24:29 GMT):
on both sides we'll need improvement. If we carefully allow for movement forward, then we can get started now and learn a bit.

TelegramSam (Fri, 10 Jul 2020 22:27:19 GMT):
for businesses I'd like a gov. framework around business identity. Issuers that can verify logos names, etc.

TelegramSam (Fri, 10 Jul 2020 22:27:41 GMT):
But that'll take a while to establish. well-known we can use now, and covers the common case well.

discoverer (Sun, 12 Jul 2020 02:55:39 GMT):

Clipboard - July 12, 2020 8:24 AM

discoverer (Sun, 12 Jul 2020 02:55:53 GMT):
thanks a lot @danielhardman - this is very useful. I have expanded to this show Application Layer, Indy Components and Wallet Components

discoverer (Sun, 12 Jul 2020 02:57:37 GMT):
is this looking okay / correct?

rileyphughes (Sun, 12 Jul 2020 02:58:51 GMT):
The #aries-framework-dotnet reference cloud agent now comes with an OpenAPI, similar to to Swagger API you would find in aca-py. Check it out: https://github.com/hyperledger/aries-framework-dotnet/blob/master/samples/aspnetcore/README.md

rileyphughes (Sun, 12 Jul 2020 02:59:11 GMT):
Here is the blog post my company did to announce it: www.trinsic.id/aries-openapi

danielhardman (Sun, 12 Jul 2020 05:49:44 GMT):
yes

berserkr (Mon, 13 Jul 2020 05:31:31 GMT):
Has joined the channel.

berserkr (Mon, 13 Jul 2020 05:31:31 GMT):
Hi team, just getting started with this. DO we have something like the end-to-end examples Hyperledger Fabric has to help us get started?

swcurran (Mon, 13 Jul 2020 13:40:07 GMT):
There are quite a few examples depending on what you are trying to do and depend on the background you have on what Aries does and is used for. If you need background, this edX course is available: https://www.edx.org/course/becoming-a-hyperledger-aries-developer . Many of the examples use https://github.com/bcgov/von-network, which will give you a running network in about a minute, and there are a series of demos here: https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo.

raymondfx (Mon, 13 Jul 2020 14:51:41 GMT):
I am trying out revocation but I am getting this error `#28 Check if proof is valid Faber | Presentation: state = verified , presentation_exchange_id = ca75f625-ee39-4cde-8de2-1b9d6ffcdf52 Faber | Proof = true (1) Issue Credential (2) Send Proof Request (3) Send Message (4) Revoke Credential (5) Publish Revocations (6) Add Revocation Registry (T) Toggle tracing on credential/proof exchange (X) Exit? [1/2/3/4/5/6/T/X] 4 Enter revocation registry ID: 1 Enter credential revocation ID: 1 Publish now? [Y/N]: Y EVENT: Controller POST /issue-credential/revoke?publish=true&rev_reg_id=1&cred_rev_id=1 request to Agent Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/home/indy/demo/runners/support/agent.py", line 492, in admin_request resp.raise_for_status() File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/client_reqrep.py", line 946, in raise_for_status headers=self.headers) aiohttp.client_exceptions.ClientResponseError: 422, message='Unprocessable Entity', url=URL('http://127.0.0.1:8021/issue-credential/revoke?publish=true&rev_reg_id=1&cred_rev_id=1') The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/faber.py", line 462, in main(args.port, args.no_auto, args.revocation, args.timing) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/faber.py", line 361, in main "/issue-credential/revoke" File "/home/indy/demo/runners/support/agent.py", line 526, in admin_POST response = await self.admin_request("POST", path, data, text, params) File "/home/indy/demo/runners/support/agent.py", line 495, in admin_request raise Exception(f"Error: {resp_text}") from e Exception: Error: {"rev_reg_id": ["Value 1 is not an indy revocation registry identifier"]} [node2] (local) root@10.2.144.10 ~/aries-cloudagent-python/demo $ `

raymondfx (Mon, 13 Jul 2020 14:51:41 GMT):
I am trying out revocation but I am getting this error ```#28 Check if proof is valid Faber | Presentation: state = verified , presentation_exchange_id = ca75f625-ee39-4cde-8de2-1b9d6ffcdf52 Faber | Proof = true (1) Issue Credential (2) Send Proof Request (3) Send Message (4) Revoke Credential (5) Publish Revocations (6) Add Revocation Registry (T) Toggle tracing on credential/proof exchange (X) Exit? [1/2/3/4/5/6/T/X] 4 Enter revocation registry ID: 1 Enter credential revocation ID: 1 Publish now? [Y/N]: Y EVENT: Controller POST /issue-credential/revoke?publish=true&rev_reg_id=1&cred_rev_id=1 request to Agent Faber | Faber | Shutting down Faber | Exited with return code 0 Traceback (most recent call last): File "/home/indy/demo/runners/support/agent.py", line 492, in admin_request resp.raise_for_status() File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/aiohttp/client_reqrep.py", line 946, in raise_for_status headers=self.headers) aiohttp.client_exceptions.ClientResponseError: 422, message='Unprocessable Entity', url=URL('http://127.0.0.1:8021/issue-credential/revoke?publish=true&rev_reg_id=1&cred_rev_id=1') The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/faber.py", line 462, in main(args.port, args.no_auto, args.revocation, args.timing) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/faber.py", line 361, in main "/issue-credential/revoke" File "/home/indy/demo/runners/support/agent.py", line 526, in admin_POST response = await self.admin_request("POST", path, data, text, params) File "/home/indy/demo/runners/support/agent.py", line 495, in admin_request raise Exception(f"Error: {resp_text}") from e Exception: Error: {"rev_reg_id": ["Value 1 is not an indy revocation registry identifier"]} [node2] (local) root@10.2.144.10 ~/aries-cloudagent-python/demo $ ```

swcurran (Mon, 13 Jul 2020 14:56:13 GMT):
The revocation registry is a complex identifier that you need to find earlier in the flow. It's definitely not "1". Look in the events (webhooks) data, or earlier in the console messages for it.

raymondfx (Mon, 13 Jul 2020 15:11:14 GMT):
is it what i am seeing here ``` }, "tailsHash": "9V5XFFM3zESLAFHenFKdoSQYEJG9KQ3Ffa89Ey7zV8Qt", "tailsLocation": "https://18505d30a3a6.ngrok.io/B74BxMvS3vaWZ7X74hLYiq:4:B74BxMvS3vaWZ7X74hLYiq:3:CL:26922:default:CL_ACCUM:12824133-e79a-4e3e-8771-39f6ab293ccb" } }, "updated_at": "2020-07-13 15:09:03.799822Z", "revoc_reg_entry": { "ver": "1.0", "value": { "accum": "21 132C762BCEED04A4AFB65E81C44034BE901580A4B2A7EA1CB540BF7BBC07A5EDC 21 125AFB4DB1A1D53244BF510442F489EBA7F88099D6169AAD6D173C1AA4BC28325 6 7BFC582D7524BC5B8B340C9D087059727165A04057357F0F9F166F21F2EFFFFB 4 288C8A5816990FF66845BC5D64B1C0435B00ABD65DDBFB0B10835B54A69B7D3A 6 5E49320E0F6FE7AFA2B1614C08B2570A15AE55277F4C8C329882E9A563BFFEB9 4 335175FF48A1751AAC4D2C1138811A4F4A0AEF18C85037E4A9651400FECBC8D7" } }, "pending_pub": [], "revoc_reg_id": "B74BxMvS3vaWZ7X74hLYiq:4:B74BxMvS3vaWZ7X74hLYiq:3:CL:26922:default:CL_ACCUM:12824133-e79a-4e3e-8771-39f6ab293ccb", "created_at": "2020-07-13 15:08:57.876787Z", "state": "active", "tails_local_path": "/home/indy/.indy_client/tails/B74BxMvS3vaWZ7X74hLYiq:4:B74BxMvS3vaWZ7X74hLYiq:3:CL:26922:default:CL_ACCUM:12824133-e79a-4e3e-8771-39f6ab293ccb/9V5XFFM3zESLAFHenFKdoSQYEJG9KQ3Ffa89Ey7zV8Qt" } }```

sklump (Mon, 13 Jul 2020 15:15:30 GMT):
In this case, `...["revoc_reg_entry"]["revoc_reg_id"] = `B74BxMvS3vaWZ7X74hLYiq:4:B74BxMvS3vaWZ7X74hLYiq:3:CL:26922:default:CL_ACCUM:12824133-e79a-4e3e-8771-39f6ab293ccb`

sklump (Mon, 13 Jul 2020 15:15:30 GMT):
In this case, `...["revoc_reg_entry"]["revoc_reg_id"]` = `B74BxMvS3vaWZ7X74hLYiq:4:B74BxMvS3vaWZ7X74hLYiq:3:CL:26922:default:CL_ACCUM:12824133-e79a-4e3e-8771-39f6ab293ccb`

raymondfx (Mon, 13 Jul 2020 15:16:34 GMT):
@sklump is it same for both inputs?

sklump (Mon, 13 Jul 2020 15:20:27 GMT):
No: this is the revocation registry id. The credential revocation identifier (cred-rev-id) is something like "1": it's a monotonically increasing "1"-based stringified integer.

sklump (Mon, 13 Jul 2020 15:21:03 GMT):
(but just input `1` at the demo prompt, let the code interpret it as a string)

raymondfx (Mon, 13 Jul 2020 15:23:23 GMT):
Nice it worked perfect:raised_hands:

jacobsaur (Mon, 13 Jul 2020 16:06:14 GMT):
Has joined the channel.

discoverer (Tue, 14 Jul 2020 00:57:57 GMT):
Thread - Agents, Frameworks and SDKs

discoverer (Tue, 14 Jul 2020 00:58:24 GMT):
@danielhardman - from decks you shared earlier: https://docs.google.com/presentation/d/1L5L4QcZOATrn9rj4bEMmlbvij9XWyqgQRoWO-HNiUGw/edit#slide=id.g6f6594a78a_0_760

discoverer (Tue, 14 Jul 2020 00:58:55 GMT):
*Agent*: We call something an agent if its major built artifact is an installable package that provides an agent-like thing with usable features out of the box. *Framework*: We call it a framework if it is language-specific infrastructure for building multiple agents or agent-like things, with its own way(s) to give features to them. *SDK*: We don’t use the term “SDK” because it implies a huge amount of docs, developer tools, sample code, and so forth that help someone building from scratch. We’re not focused on helping people build from scratch, and we’re not mature enough for SDKs.

discoverer (Tue, 14 Jul 2020 00:58:55 GMT):
*Agent*: We call something an agent if its major built artifact is an installable package that provides an agent-like thing with usable features out of the box. *Framework*: We call it a framework if it is language-specific infrastructure for building multiple agents or agent-like things, with its own way(s) to give features to them. *SDK*: *_We don’t use the term “SDK” _*because it implies a huge amount of docs, developer tools, sample code, and so forth that help someone building from scratch. We’re not focused on helping people build from scratch, and we’re not mature enough for SDKs.

discoverer (Tue, 14 Jul 2020 01:00:21 GMT):
but i see many sdk repos available - such as aries-sdk-java or aries-sdk-javascript or aries-sdk-ruby

danielhardman (Tue, 14 Jul 2020 02:19:30 GMT):
Yes. Those repos predate the slides you were reading. I have advocated that they be renamed. People have agreed in principle, but have done nothing about it. And I haven't had time to change them either.

MichaelSchaefer (Tue, 14 Jul 2020 06:50:54 GMT):
Has joined the channel.

wangdong (Tue, 14 Jul 2020 09:45:35 GMT):
I want to provision a static agent against aries-cloudagent-python. Is there any hints for this? Thanks.

kulkarnikk (Tue, 14 Jul 2020 12:04:13 GMT):
You can try aries-staticagent-python

wangdong (Tue, 14 Jul 2020 12:50:35 GMT):
yes, but from the side of aries-cloudagent-py, how can I config it? The API is not clear. So little confused.

swcurran (Tue, 14 Jul 2020 14:13:37 GMT):
Have you go through the demos? Aries ToolBox is I think any example of what you are trying to do. In a nutshell: 1. Deploy an instance of ACA-Py with command line parms. That gives you an API for your controller. 2. Create a web app that talks to the controller - receives HTTP events, gets HTTP events. I don't know what you know, so not sure how to help beyond that. Would like to know your journey into this so we could improve the docs for new folks.

wangdong (Tue, 14 Jul 2020 14:44:57 GMT):
OK Thanks for replying. I just want to update the doc of aries-staticagent-python which uses indy-agent. Specifically this issue https://github.com/hyperledger/aries-staticagent-python/issues/43

wangdong (Tue, 14 Jul 2020 14:46:52 GMT):
Maybe I need to have a look at aries toolbox firstly.

wangdong (Tue, 14 Jul 2020 14:47:31 GMT):
Just have no idea what is the toolbox in the issue. Its name is aries toolbox. Ha. THanks.

lijiachuan (Wed, 15 Jul 2020 11:55:04 GMT):
Hi all, there is one question which I would like to hear more comments, is about the verifiable credentials, as my understanding, to verify a credential, we need to know the issuer's service endpoint to verify this credential was issued from the issuer, so what would be the advantage that each issuer has one exposed rest api to provide a result about whether the specified credential is issued from them? They may have their own database as a check basis, and if this passed in credential is valid in their database, then it will return true, otherwise will return false. So what are the advantages for verifiable credential approach, comparing with this tradition approach. Thanks.

kangme (Wed, 15 Jul 2020 19:02:33 GMT):
Has joined the channel.

mccown (Wed, 15 Jul 2020 19:23:27 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (July 16th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Horacio Nunez from Kiva. Horacio will be presenting on a new project and open source repo. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-07-16+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

TelegramSam (Wed, 15 Jul 2020 20:36:12 GMT):
Note about Aries WG call: We need a way for alice to ask "New DID, who dis?"

swcurran (Wed, 15 Jul 2020 20:56:27 GMT):
Your first sentence is not correct. When you verify a credential, you receive a DID that must be public (on a ledger) so you can access the associated public key to verify the credential. You do not have to contact the Issuer to verify the credential. For example, you may have a pre-defined list of DIDs that you know and trust, and you just make sure that the issuer is on the list. If you don't know the DID of the issuer, you will want to find out who the are. One way to do that would be to connect with the issuer and ask who they are (e.g. request a credential that shows they have authority to issue the credential you are verifying). There are other ways to do that as well. You don't need to contact the issuer to verify the credential. You may need to in deciding if you trust what the issuer has said in the credential.

danielhardman (Wed, 15 Jul 2020 21:41:53 GMT):
@TelegramSam , @swcurran , and others who talked about the gov framework negotiation protocol on today's Aries WG B call: I have created a doc that explores some scenarios. What I hope you will conclude if you review it is that we need to contextualize the governance framework idea more fully. I've given some examples of how I think that might be doable. Here's the doc: https://docs.google.com/spreadsheets/d/1hnU4xBcROTjlGEFZ3oYBtHpmhGrIgwXS83TERMwjzLc/edit?usp=sharing

danielhardman (Wed, 15 Jul 2020 22:37:41 GMT):
@TelegramSam and others who are interested: Here is my alternative proposal for an ultra-simple gov framework JSON. It's one line longer than the one Sam debuted today: https://hackmd.io/QMa08AfuQKy9WpqK-5zRrQ?view#EDIT-FROM-DANIEL. I can discuss in more detail next Wed.

JelleFm (Fri, 17 Jul 2020 08:44:17 GMT):
Hey everyone, I am new to Aries. I work for the IOTA Foundation, where we are implementing DID, VC and associated standards in Rust and would like to be compatible with Aries if possible. We are currently in the scoping phase and I was trying to find a particular component. I was wondering if there was a similar standard to DIDComm for the Verifiable Credentials/Presentations. Is their a proposed standard for the exchange of Verifiable Credentials / Presentations?

TimoGlastra (Fri, 17 Jul 2020 08:57:13 GMT):
Hi Jelle, Have your already looked at the Aries RFCs? There are the issue credential (https://github.com/hyperledger/aries-rfcs/blob/master/features/0036-issue-credential/README.md) and present proof (https://github.com/hyperledger/aries-rfcs/blob/master/features/0037-present-proof/README.md) DIDComm protocols which define the required steps for issuing credentials and presenting proof.

JelleFm (Fri, 17 Jul 2020 08:58:45 GMT):
Ah, those were the names I was looking for. Once you know the chosen naming, it becomes a lot easier to find the right RFCs. Thanks you! :)

TimoGlastra (Fri, 17 Jul 2020 09:03:36 GMT):
as you're not coming from an indy background it may be good to also take a look at v2 of the protocols, which removed some indy-specific things I think. Issue credential v2 just got propsed: https://github.com/hyperledger/aries-rfcs/blob/master/features/0453-issue-credential-v2/README.md . Present proof v2 proposal is still on the way.

JelleFm (Fri, 17 Jul 2020 09:06:42 GMT):
Thank you! Is DID Auth also merged with DID Comm within Aries?

TimoGlastra (Fri, 17 Jul 2020 09:21:49 GMT):
I'm not really familiar with DID Auth, so can't help you with that. sorry.

swcurran (Fri, 17 Jul 2020 14:00:26 GMT):
DID Authentication is built into DIDComm as every message other than (sometimes) the very first is peer-to-peer using DIDs for end-to-end encryption.

swcurran (Fri, 17 Jul 2020 14:01:52 GMT):
If you are getting started with Aries RFCs, the easiest way to find the relevant ones in use right now is the Aries Interop Profile - https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0302-aries-interop-profile

swcurran (Fri, 17 Jul 2020 14:02:42 GMT):
It in turn points to all in use RFCs for connecting through credential exchange.

JelleFm (Fri, 17 Jul 2020 14:04:17 GMT):
Ah nice, that is great to have. Thank you :)

AnneliPedersen (Fri, 17 Jul 2020 14:42:20 GMT):
Is there an example mediator for aca-py too?

AnneliPedersen (Fri, 17 Jul 2020 14:42:20 GMT):
Is there an example mediator for aca-py too? :thinking:

troyronda (Fri, 17 Jul 2020 17:59:37 GMT):
Discussion about DIF DIDComm OOB goal. https://github.com/decentralized-identity/didcomm-messaging/pull/73#discussion_r453994310

pknowles (Fri, 17 Jul 2020 20:50:17 GMT):
https://sovrin.org/advance-the-mission-of-identity-for-all-as-a-trustee-of-the-worlds-leading-ssi-community/

pknowles (Fri, 17 Jul 2020 20:50:17 GMT):
Sovrin Foundation is looking to expand the Board by electing a few more Trustees. https://sovrin.org/advance-the-mission-of-identity-for-all-as-a-trustee-of-the-worlds-leading-ssi-community/

pknowles (Fri, 17 Jul 2020 20:50:17 GMT):
Sovrin Foundation is looking to expand their Board by electing a few more Trustees. https://sovrin.org/advance-the-mission-of-identity-for-all-as-a-trustee-of-the-worlds-leading-ssi-community/

discoverer (Sat, 18 Jul 2020 02:07:00 GMT):
Is there any weekly / monthly newsletter on Aries one can subscribe to ? purpose is to keep myself updated with things happening in SSI / Identity / Aries world.

gaudelbiond (Sat, 18 Jul 2020 10:55:46 GMT):
Has joined the channel.

discoverer (Sat, 18 Jul 2020 11:34:16 GMT):

Clipboard - July 18, 2020 5:04 PM

discoverer (Sat, 18 Jul 2020 11:34:20 GMT):
found this one to be quite useful - this covers Indy side of components

lsm (Mon, 20 Jul 2020 14:27:39 GMT):
Has joined the channel.

lijiachuan (Mon, 20 Jul 2020 15:58:53 GMT):
Hi All, I am learning about webhook and how should I use it with Aries framework, here I have one question about this, hope can have your comments. Thanks. I think the webhook is one "push" model about information exchange between two systems/applications, we can call it trigger application and action application, and normally this could be one backend interaction. Image application A is the trigger app, and application B is the action app. When application A has one special event happened, then it will invoke application B's webhook. So here I would like to have your thoughts that, whether application B can use web socket to let user know that there is a new event/data received, and user can take related action accordingly? In other words, whether the webhook always work with web socket to let user know about the received event/data? Kindly advise. Thanks a lot.

SethiSaab (Mon, 20 Jul 2020 18:28:55 GMT):
Hi Team , I am looking for keycloak VC sso , Could someone please help me with that , by providing some references or any useful information

swcurran (Mon, 20 Jul 2020 18:33:36 GMT):
This is an implementation of an OIDC provider that uses OIDC tokens on the RP side, and gets the claims for the tokens from VC proof requests/proofs -- https://github.com/bcgov/vc-authn-oidc

andrew.whitehead (Mon, 20 Jul 2020 19:47:49 GMT):
The admin API does send events via websocket as well, although that’s not heavily tested

lijiachuan (Tue, 21 Jul 2020 01:18:02 GMT):
thanks @andrew.whitehead for your reply. So seems websocket is one different approach compare with webhook. May I know what is a normal approach that the backend service interact with front end when the action application received one event/data from the trigger application? So the user can know about this.

lsm (Tue, 21 Jul 2020 06:28:28 GMT):
Is there any implementation or work on [Aries RFC 0104: Chained Credentials](https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0104-chained-credentials#aries-rfc-0104-chained-credentials) going on?

rjain15 (Tue, 21 Jul 2020 17:58:38 GMT):
Has joined the channel.

rjain15 (Tue, 21 Jul 2020 17:58:39 GMT):
Hi, I am new to Aries, is there a place to get started with some tutorials. I don't have the infrastructure to run a hyperledger, so I believe I would need a public hyperledger. I want to create a end to end demo flow, where I can have a digital wallet, which has the identity, and I believe Aries can then distribute the identity in a hyperledger. And how does hyperledger indy fit in this scenario. Any end-to-end demo flow for getting started?

swcurran (Tue, 21 Jul 2020 18:13:36 GMT):
Lots :-). Good place to start is an edX course that I co-wrote: https://www.edx.org/course/becoming-a-hyperledger-aries-developer

swcurran (Tue, 21 Jul 2020 18:14:04 GMT):
It's published by the Linux Foundation

rjain15 (Tue, 21 Jul 2020 18:18:40 GMT):
@swcurran Thanks, I will take that course. Additionally would you recommend some github projects / examples/ demos. I want to get my hands dirty quickly.

swcurran (Tue, 21 Jul 2020 18:24:52 GMT):
The course has all the pointers you need. It's very hands on, so they will be dirty quickly :-).

swcurran (Tue, 21 Jul 2020 18:28:14 GMT):
Repos you will discover (in context): https://github.com/hyperledger/aries-rfcs, https://github.com/hyperledger/aries-cloudagent-python, https://github.com/hyperledger/aries-framework-dotnet, https://github.com/hyperledger/aries-framework-go, https://github.com/hyperledger/aries-mobileagent-xamarin and https://github.com/bcgov/aries-agent-test-harness

FarhanShafiq (Wed, 22 Jul 2020 08:32:19 GMT):
Has left the channel.

matteo (Wed, 22 Jul 2020 11:57:31 GMT):
Has joined the channel.

AnneliPedersen (Wed, 22 Jul 2020 15:12:51 GMT):
Thanks for sharing this solution. It helped me out to perform an aca-py+xamarin demo

AnneliPedersen (Wed, 22 Jul 2020 15:44:29 GMT):
Hi I was wondering if it is possible to accept credentials and for an agent to verify them on an instance of aries-mobileagent-xamarin?https://github.com/hyperledger/aries-mobileagent-xamarin So far I have managed to accept an invitation to connect from Faber and I can see that the list of credentials in the app is growing when I issue them, but they are all mock data and do not have any actions associated. Thanks in advance for any help.

WadeBarnes (Wed, 22 Jul 2020 16:39:48 GMT):
@sukalpomitra ^

swcurran (Wed, 22 Jul 2020 17:41:17 GMT):
ACA-Pug Meeting in 20 minutes and we will be talking about multi-tenant wallets (yay!) as well as some recent updates in ACA-Py --- readiness/liveliness checks, adventures in bug hunting (1 in 100000 transactions), and more. Zoom link will be: https://zoom.us/j/900111661; Link to meeting agenda page: https://wiki.hyperledger.org/display/ARIES/2020-07-22+Aries+Cloud+Agent+-+Python+Users+Group+Community+Meeting

Arsh-Sandhu (Wed, 22 Jul 2020 17:49:55 GMT):
Has joined the channel.

RicardoPeixoto (Thu, 23 Jul 2020 10:16:38 GMT):
Hi, what do you guys think is the best way for an holder's agent to check if one of holder's credentials is revoked?

swcurran (Thu, 23 Jul 2020 13:38:54 GMT):
I suspect that there might be an easier way if you are writing code within the indy-sdk (e.g. at the Rust level), but for now, I think the easiest way is to write a proof request and call the indy-sdk function to create a proof.

RicardoPeixoto (Thu, 23 Jul 2020 14:26:36 GMT):
I thought of attaching a field to a credential (in wallet anoncreds) indicating if it was revoked but i think that's not possible (correct me if i'm wrong). In case this is not possible, what is the best way to save a simple array in the wallet non secrets? Both this options would rely on issuer's agent communicating to the holder's agent that a given credential was revoked.

RicardoPeixoto (Thu, 23 Jul 2020 14:26:36 GMT):
I thought of adding a field to a credential (in wallet anoncreds) indicating if it was revoked but i think that's not possible (correct me if i'm wrong). In case this is not possible, what is the best way to save a simple array in the wallet non secrets? Both this options would rely on issuer's agent communicating to the holder's agent that a given credential was revoked.

sklump (Thu, 23 Jul 2020 17:34:55 GMT):
Wrong approach - it makes a non-cryptographically-verifiable data source the authority on credential acceptability, and assumes a pliant holder. The best way to put an array into a non-secrets record is to json-encode it into a string and set it as the (necessarily, string) value. Alternatively, the array is really a dict, you can use tag:value for each entry. But note that using tags for everything slows down performance.

sklump (Thu, 23 Jul 2020 17:34:55 GMT):
Wrong approach - it makes a non-cryptographically-verifiable data source the authority on credential acceptability, and assumes a pliant holder. Adding a field to a credential for revocation status is also a non-starter because changing its value wrecks any digital signature over it. The best way to put an array into a non-secrets record is to json-encode it into a string and set it as the (necessarily, string) value. Alternatively, the array is really a dict, you can use tag:value for each entry. But note that using tags for everything slows down performance.

sklump (Thu, 23 Jul 2020 17:35:54 GMT):
The way to prove non-revoked status is to verify a proof on the credential.

sklump (Thu, 23 Jul 2020 17:35:54 GMT):
The way to prove non-revoked status is to verify a proof on the credential. Note that the holder may delete the credential if he notices it's become garbage, but even a revoked credential can still be useful (e.g., proof request with non-revocation interval ending before credential revocation, for posterior proof).

RicardoPeixoto (Thu, 23 Jul 2020 20:32:29 GMT):
Thank you for the response @sklump Should the holder's agent always verify if a proof is valid before send it to a verifier and notify the holder in case it isn't? About the last point, I was waiting for the credential deletion api to become available in the nodejs wrapper. As of now i think it wasn't added yet.

sklump (Thu, 23 Jul 2020 21:44:50 GMT):
Oh! nodejs. Sorry. The W3C model doesn't call for the holder to act as a verifier, so at present I don't think anyone would expect the prover to verify before sending.

RicardoPeixoto (Thu, 23 Jul 2020 22:25:04 GMT):
Following aries capabilities on credentials, is it possible for an issuer to create a credential with expiration date?

sukalpomitra (Fri, 24 Jul 2020 07:25:35 GMT):
OSMA is a holder and does not have verification capabilities. It can however send the credentials to a verifier as proof for it to verify the credentials

AnneliPedersen (Fri, 24 Jul 2020 07:26:51 GMT):
How do you send credentials with OSMA?

sukalpomitra (Fri, 24 Jul 2020 07:27:45 GMT):
A verifier needs to send proof request to it. When the proof request comes you can then select each proof equest a credential. And then you can send the proof to the verifier

AnneliPedersen (Fri, 24 Jul 2020 07:35:50 GMT):
I was doing the "Alice Gets a Phone" demo with the OSMA app in place of the suggested apps. Faber can send credential offer and proof request but OSMA didn https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md

AnneliPedersen (Fri, 24 Jul 2020 07:35:50 GMT):
I was doing the "Alice Gets a Phone" demo with the OSMA app in place of the suggested apps. Faber can send credential offer and proof request but there was no way to respond to either of thesefrom the OSMA side. https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md

AnneliPedersen (Fri, 24 Jul 2020 07:35:50 GMT):
I was doing the "Alice Gets a Phone" demo with the OSMA app in place of the suggested apps. Faber can send credential offer and proof request but there was no way to respond to either of these from the OSMA side. https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md

sukalpomitra (Fri, 24 Jul 2020 07:37:39 GMT):
so on which step are you stuck?

AnneliPedersen (Fri, 24 Jul 2020 07:38:12 GMT):
Faber | Credential: state = offer_sent

sukalpomitra (Fri, 24 Jul 2020 07:38:59 GMT):
I will try to do from my side whenever I get some time. I have not done this for a long time.

sukalpomitra (Fri, 24 Jul 2020 07:39:29 GMT):
but there are a lot of videos of OSMA

sukalpomitra (Fri, 24 Jul 2020 07:39:38 GMT):
where it performs a lot of these steps

AnneliPedersen (Fri, 24 Jul 2020 07:41:01 GMT):
Just a heads up: Aca-py expects agents to have a name. so options.AgentName has to be assigned, which it is not in the github project.

sklump (Fri, 24 Jul 2020 11:14:48 GMT):
You can set an attribute for it, but aries neither reserves any attribute names nor assigns any special semantics to any attribute. So you can set `validFrom`/`validTo` fields or equivalent in a schema (hence its cred defs), but relying parties could choose to ignore them: they would be attributes like any other.

sklump (Fri, 24 Jul 2020 11:14:48 GMT):
You can set an attribute for it, but aries neither reserves any attribute names* nor assigns any special semantics to any attribute. So you can set `validFrom`/`validTo` fields or equivalent in a schema (hence its cred defs), but relying parties could choose to ignore them: they would be attributes like any other. _* do not call any attribute `master_secret` though - this is an indy-sdk restriction

zickau (Mon, 27 Jul 2020 14:31:57 GMT):
Has joined the channel.

sheru (Mon, 27 Jul 2020 14:34:41 GMT):
Hey all, I want to know if a Mobile agent can issue a self credential or not? If yes then please guide me to process to follow and if No then why? Thanks in advance.

swcurran (Mon, 27 Jul 2020 14:58:27 GMT):
There is no technical reason why it can't be done, but I don't think anyone has done it. For Indy, the agent would have to have a DID, schema and Cred Def on the ledger, which is not a feature of any mobile agents AFAIK. In Indy, a prover can include self-attested attributes in a proof. Would that work for your use case? Not sure of how well that is supported in mobile agents either...

sheru (Mon, 27 Jul 2020 15:00:40 GMT):
can you please share the docs for this.

sheru (Mon, 27 Jul 2020 15:04:03 GMT):
Thank you @swcurran , I haven't gone through the process of self attested attributes. @swcurran please refer me to a documentation for this Thanks

mtfk (Mon, 27 Jul 2020 19:22:39 GMT):
Hi everyone, looking for some interesting topics for next Aries WG call (Wednesday), if you have any interesting stuff which you have been working on recently or touching on subjects which are relevant for Aries community feel free to let me know.

danielhardman (Tue, 28 Jul 2020 01:28:10 GMT):
@TelegramSam and @swcurran : Can I have 10 min during Wednesday's B call to discuss this new PR about goal codes? https://github.com/hyperledger/aries-rfcs/pull/519

zickau (Tue, 28 Jul 2020 07:26:07 GMT):
Hi all, would it be possible - from the underlying maths - that an issuer could undo a revocation?

TimoGlastra (Tue, 28 Jul 2020 07:38:10 GMT):
Hi @zickau , Have you seen the indy doc about revocation? I don’t know how it would work in practice, but it states that “Revocation is reversible.” https://hyperledger-indy.readthedocs.io/projects/hipe/en/latest/text/0011-cred-revocation/README.html

zickau (Tue, 28 Jul 2020 07:39:20 GMT):
@TimoGlastra Thx

mtfk (Wed, 29 Jul 2020 12:25:36 GMT):
FYI: Today Aries morning call would be focusing around IoT, we would discuss what role SSI and digital wallets can play in IoT space and what value brings for the businesses. More info on meeting page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=36734160

tangelo1 (Wed, 29 Jul 2020 19:58:14 GMT):
Has joined the channel.

mccown (Wed, 29 Jul 2020 20:32:43 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (July 30th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Kyle Den Hartog from Mattr. Kyle will be presenting a new proposal to add DIDDoc support to indy-node and how that will benefit supporting applications. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-07-30+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

kukgini (Thu, 30 Jul 2020 02:35:17 GMT):
Hello everyone, I wonder if LOX is short for something. decribed in RFC-0042: LOX

andrew.whitehead (Thu, 30 Jul 2020 02:39:39 GMT):
letters obtained ex-nihilo

andrew.whitehead (Thu, 30 Jul 2020 02:39:39 GMT):
letters obtained ex-nihilo (no, not really)

alvinslee (Thu, 30 Jul 2020 06:58:38 GMT):
Has joined the channel.

kukgini (Thu, 30 Jul 2020 07:49:53 GMT):
After all, It means: 'obtained letters are totally unpredictable and nothing to do with anything, yes'?

kukgini (Thu, 30 Jul 2020 07:49:53 GMT):
After all, It means: 'obtained letters are totally unpredictable and nothing to do with anything'. yes?

kukgini (Thu, 30 Jul 2020 07:49:53 GMT):
After all, It means: 'obtained letters are totally unpredictable and nothing related with anything'. yes?

andrew.whitehead (Thu, 30 Jul 2020 08:35:06 GMT):
I don’t really know, that’s up to @MALodder

RicardoPeixoto (Thu, 30 Jul 2020 08:55:46 GMT):
Hi all, i was looking into signed attachments in Aries RFC 0017 in order to change the connection protocol request and response messages (like Aries RFC 0023), however i don't know how to generate the did_doc~attach field. Do you know some place that explains how to generate the jws field in these two messages?

sklump (Thu, 30 Jul 2020 10:14:29 GMT):
Generate the attach decorator from the dict: https://github.com/hyperledger/aries-cloudagent-python/blob/d6f5dfdcee9a2b3e4a1aa623d944b1afc64983f3/aries_cloudagent/messaging/decorators/attach_decorator.py#L554 Sign its data: https://github.com/hyperledger/aries-cloudagent-python/blob/d6f5dfdcee9a2b3e4a1aa623d944b1afc64983f3/aries_cloudagent/messaging/decorators/attach_decorator.py#L331

RicardoPeixoto (Thu, 30 Jul 2020 10:47:12 GMT):
Thank you @sklump

MALodder (Thu, 30 Jul 2020 12:47:16 GMT):
It’s an onomatopoeia for locks

MALodder (Thu, 30 Jul 2020 12:47:46 GMT):
Locking keys

IshaC 1 (Thu, 30 Jul 2020 12:52:13 GMT):
Has joined the channel.

IshaC 1 (Thu, 30 Jul 2020 12:52:13 GMT):
Hi, I am using the trinsic studio to set up connections and issue credentials on the mobile app. When I issue credentials, I only am issued dummy data. Does anyone know how to make it so you get the data that you typed in the feild?

rileyphughes (Thu, 30 Jul 2020 14:59:30 GMT):
@IshaC 1 What do you mean by "make it so you get the data that you typed in the field"?

rileyphughes (Thu, 30 Jul 2020 15:00:04 GMT):
If you're asking a Trinsic-specific question, you can feel free to ask it on the Trinsic forum at https://docs.trinsic.id/discuss

brentzundel (Thu, 30 Jul 2020 16:24:10 GMT):
he named it LOX so that everytime I read it I would get hungry for bagels.

MartinWainstein (Thu, 30 Jul 2020 20:00:15 GMT):
Has joined the channel.

Mahadevan 3 (Thu, 30 Jul 2020 20:08:56 GMT):
Has joined the channel.

kukgini (Thu, 30 Jul 2020 23:06:05 GMT):
Thank you all. I think i got it, It's not from a shorthand for something, but from a sound 'Locks'.

kukgini (Thu, 30 Jul 2020 23:06:05 GMT):
Thank you all. I think i got it, It's not from a shorthand for something, but from the sound 'Locks'.

dileban (Fri, 31 Jul 2020 22:39:01 GMT):
Is there any good documentation on using the Ursa library? Would like to propose a series of tutorials on the "hello-world" equivalents of using the various features of Ursa - could be really useful to the broader community (sorry for the selfish ask).

MALodder (Fri, 31 Jul 2020 23:56:20 GMT):
@dileban what parts of Ursa are you looking to use

MALodder (Fri, 31 Jul 2020 23:56:35 GMT):
I'm happy to help with documentation

dileban (Sat, 01 Aug 2020 08:36:13 GMT):
Hi @MALodder - documentation and perhaps some getting started guides on Set Membership would be helpful.

dileban (Sat, 01 Aug 2020 08:36:13 GMT):
Hi @MALodder - documentation and perhaps some getting started tutorials on Set Membership would be helpful.

MALodder (Sat, 01 Aug 2020 12:07:50 GMT):
Documentation on what specifically? Getting started? Ursa has a lot of features, which functions specifically

AlexanderHoughton (Sat, 01 Aug 2020 22:32:50 GMT):
Has joined the channel.

dileban (Sun, 02 Aug 2020 09:04:54 GMT):
Documentation on Set Membership. But since some of this crypto is not easily accessible by many a few simple examples/tutorials would be nice.

dileban (Sun, 02 Aug 2020 09:10:35 GMT):
For example, from reading the REAME its not clear what scheme Libzmix uses for set membership? An RSA Accumulator? Merkle Trees? Besides technical documentation on this, a simple tutorial of using such an accumulator / commitment scheme would be helpful.

DiAnh (Mon, 03 Aug 2020 01:20:41 GMT):
Has joined the channel.

Mahadevan 3 (Mon, 03 Aug 2020 18:43:37 GMT):
Hi, Does "aries-mobileagent-xamarin" provide a framework to build a mobile wallet and an edge agent in the mobile? Thanks.

swcurran (Mon, 03 Aug 2020 18:54:38 GMT):
I believe it just has the mobile wallet (aka a mobile agent). Not sure if that answers your question :-)

swcurran (Mon, 03 Aug 2020 22:40:53 GMT):
Anyone have any experience with mobile app integration testing willing to provide an overview on the topic? We're trying to understand how to do Aries RFC testing against mobile apps. For example -- running a test of a mobile wallet running against an instance of ACA-Py.

TimoGlastra (Tue, 04 Aug 2020 12:58:23 GMT):
@swcurran I'm no expert at it, but have some experience with testing mobile apps. Is this in context to AATH? In that case I think you’re up for a bit of a challenge as it differs from normal testing. But nothing that can’t be solved. If you want, I’ll be happy to share my views on this topic with you.

swcurran (Tue, 04 Aug 2020 13:53:00 GMT):
The perfect person to answer! :-) Yes, that's the context.

swcurran (Tue, 04 Aug 2020 13:53:47 GMT):
Would you be able to discuss (nothing formal) on the ACA-Pug meeting tomorrow on this?

TimoGlastra (Tue, 04 Aug 2020 14:49:36 GMT):
Yeah sure, that works for me

tommyjay (Wed, 05 Aug 2020 14:05:00 GMT):
@Mahadevan 3 the golang library has mobile bindings for Aries agents https://github.com/hyperledger/aries-framework-go/tree/master/cmd/aries-agent-mobile

tommyjay (Wed, 05 Aug 2020 14:05:00 GMT):
@Mahadevan the golang library has mobile bindings for Aries agents https://github.com/hyperledger/aries-framework-go/tree/master/cmd/aries-agent-mobile

tommyjay (Wed, 05 Aug 2020 14:05:00 GMT):
@Mahadevan 3 the golang library has mobile bindings for Aries agents https://github.com/hyperledger/aries-framework-go/tree/master/cmd/aries-agent-mobile

tommyjay (Wed, 05 Aug 2020 14:06:29 GMT):
@Mahadevan 3 the golang library has mobile bindings for Aries agents https://github.com/hyperledger/aries-framework-go/tree/master/cmd/aries-agent-mobile

Alexi (Wed, 05 Aug 2020 16:23:16 GMT):
Hello, we are working on a framework and are testing the didcomms with an aca-py agent. Currently we are getting an error trying to get a connection response from a request we send to the aca-py instance. This is the request that is being sent: ``` { "label":"John Doe", "connection":{ "DID":"did:sov:3TcwqrXyWfJDc6tn2TbXtU", "DIDDoc":{ "@context":"https://w3id.org/did/v1", "id":"did:sov:3TcwqrXyWfJDc6tn2TbXtU", "publicKey":[ { "id":"did:sov:3TcwqrXyWfJDc6tn2TbXtU#keys-1", "type":"Ed25519VerificationKey2018", "controller":"did:sov:3TcwqrXyWfJDc6tn2TbXtU", "publicKeyBase58":"2LjVWN4nURzEcW32cERhocRURyShpWAV1oD33a6VEQJE" } ], "authentication":[ ], "service":[ { "id":"did:sov:3TcwqrXyWfJDc6tn2TbXtU;indy", "type":"IndyAgent", "priority":0, "recipientKeys":[ "2LjVWN4nURzEcW32cERhocRURyShpWAV1oD33a6VEQJE" ], "routingKeys":[ ], "serviceEndpoint":"" } ] } }, "@id":"a676e91d-4efa-4f9f-a4a8-cba9a477b514", "@type":"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/request", "~transport":{ "return_route":"all" } } ``` aca-py responds with this error: ``` {"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/problem_report", "@id": "a79abc10-9b42-43ac-a955-2a511f82d547", "explain": "Connection DID does not match DIDDoc id", "problem-code": "ProblemReportReason.REQUEST_NOT_ACCEPTED"} ``` Which is odd as the DID and DIDDoc id do match. Does anyone have a possible solution to this?

andrew.whitehead (Wed, 05 Aug 2020 16:29:09 GMT):
Looks like it expects the DID field to be unqualified

Mahadevan 3 (Wed, 05 Aug 2020 16:32:49 GMT):
Thanks @tommyjay

Alexi (Wed, 05 Aug 2020 16:33:42 GMT):
so what should I put in the "DID" field?

Alexi (Wed, 05 Aug 2020 16:34:09 GMT):
just "" ? or "did:sov" ? Seems a bit odd to have to do this

andrew.whitehead (Wed, 05 Aug 2020 16:34:43 GMT):
Just the DID without did:sov:

Alexi (Wed, 05 Aug 2020 16:34:54 GMT):
gotcha, ill give it a try

Ramakrishnan (Wed, 05 Aug 2020 22:29:10 GMT):
Has joined the channel.

Ramakrishnan (Wed, 05 Aug 2020 22:29:10 GMT):
Hello Everyone, My Name is Ramakrishnan, I was hoping to understand if there is a working gaoling example that I can try, test & develop with, Not sure if this the right forum would appreciate if someone can point me to the right direction Thanks

Alexi (Thu, 06 Aug 2020 13:30:14 GMT):
It worked, thanks @andrew.whitehead !

NirajGadgilwar (Fri, 07 Aug 2020 15:07:21 GMT):
Has joined the channel.

NirajGadgilwar (Fri, 07 Aug 2020 15:07:21 GMT):
Hi. Does Aries latest release is still in Incubation? Any idea when it will be ready to use for Production?

esplinr (Fri, 07 Aug 2020 20:39:17 GMT):
Aries is a collection of projects. You need to be more specific about which one you are interested in.

swcurran (Sun, 09 Aug 2020 20:24:54 GMT):
FYI - upcoming virtual conference: *Indy Interop-athon - Making "Network of Networks" Real* (Sept. 1st and 2nd). This is a collaborative technical design event to bring Indy/Aries open source identity collaborators together for two days of focused effort to enable the following user story: > *As a prover, I want to be able to create a proof that includes claims from credentials rooted in different Indy networks that a verifier can verify so that I can easily interact with issuers using different Indy networks.* If you are deep into the DID Specification, Indy and Aries, with ideas about how to accomplish the user story, please join us. For more information and to register, please go here: https://bit.ly/indyinterop20

swcurran (Sun, 09 Aug 2020 20:24:54 GMT):
FYI - upcoming virtual conference: *Indy Interop-athon - Making "Network of Networks" Real* (Sept. 1st and 2nd). This is a collaborative technical design event to bring Indy/Aries open source identity collaborators together for two days of focused effort to enable the following user story: > > *As a prover, I want to be able to create a proof that includes claims from credentials rooted in different Indy networks that a verifier can verify so that I can easily interact with issuers using different Indy networks.* > If you are deep into the DID Specification, Indy and Aries, with ideas about how to accomplish the user story, please join us. For more information and to register, please go here: https://bit.ly/indyinterop20

blaz (Tue, 11 Aug 2020 13:55:30 GMT):
Has joined the channel.

JamesEbert (Wed, 12 Aug 2020 09:59:49 GMT):
Has joined the channel.

mccown (Wed, 12 Aug 2020 19:40:11 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (Aug 13th @ 9am MT). This is a chance to get updates on the WG calls you may have missed this week. Our guest presenter will be Sam Smith of ProSapien. Sam will be presenting an overview of the new KERI (Key Event Receipt Infrastructure) methodology. KERI creates a self-certifying identifier that provides the basis for a universal DID method (DID:uni). Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-08-13+Identity+WG+Implementers+Call Zoom: https://zoom.us/j/244779296

TelegramSam (Thu, 13 Aug 2020 15:09:33 GMT):
Yesterday's Aries WG Call B (US Afternoon) Posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=38142820

pleerock (Tue, 18 Aug 2020 10:23:32 GMT):
Hey guys. I'm trying to implement a basic Aries connection protocol with Alice and Bob. Can you please help me to understand its flow. Right now I'm doing "invitation" part

pleerock (Tue, 18 Aug 2020 10:24:07 GMT):
and trying to understand what "recipientKeys" are? From what I understand right now, its a verkey of newly created connection DID ? Am I right?

aditya520 (Tue, 18 Aug 2020 14:38:31 GMT):
Has joined the channel.

saanvijay (Tue, 18 Aug 2020 17:22:33 GMT):
Has joined the channel.

Koushik (Tue, 18 Aug 2020 18:58:17 GMT):
Has joined the channel.

Koushik (Tue, 18 Aug 2020 19:20:20 GMT):
Hey guys a noob here :) , I have a question regarding demo tutorial in regards to the invitation that faber generates, for some reason I seem to not find it in the faber terminal window. I was able to - Successfully run the VON-Network - Was able to Start Faber and Alice Networks I can see menu for Faber is generated but can not see the invitation key. I am running this demo through docker locally.

darkchylde (Wed, 19 Aug 2020 08:04:47 GMT):
Has joined the channel.

swcurran (Wed, 19 Aug 2020 16:00:20 GMT):
You should be seeing something like this on the Faber terminal: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/collateral/S-0-invitation-1.png

swcurran (Wed, 19 Aug 2020 16:01:23 GMT):
Are you using ACA-Py to do this? The demo here: https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo#the-alicefaber-python-demo

GuilhermeFunchal (Wed, 19 Aug 2020 16:55:56 GMT):
Has joined the channel.

GuilhermeFunchal (Wed, 19 Aug 2020 16:55:57 GMT):
Hello people, someone knows any work on integrating Aries with the OAuth protocol?

swcurran (Wed, 19 Aug 2020 16:59:59 GMT):
You can look at https://github.com/bcgov/vc-authn-oidc -- it implements an OIDC Identity Provider (IdP) that talks JWT Tokens to the Relying Party, and requests a proof from an Aries wallet. The claims from the returned proof are put into the JWT so that the Relying Party need not change -- just add a config to use the "Verifiable Credential IdP".

troyronda (Wed, 19 Aug 2020 17:11:11 GMT):
FYI: we are working on a project to enable a requesting party to interact with a wallet via an OIDC integration (WIP). https://github.com/trustbloc/edge-adapter/blob/master/docs/rp/README.md (note: this project uses CHAPI to select the wallet and bootstrap the DIDComm connection and DIF presentation exchange as the attachment format).

troyronda (Wed, 19 Aug 2020 17:11:11 GMT):
We are working on a project to enable a requesting party to interact with a wallet via an OIDC integration. https://github.com/trustbloc/edge-adapter/blob/master/docs/rp/README.md (note: this project uses CHAPI to select the wallet and bootstrap the DIDComm connection and DIF presentation exchange as the attachment format).

troyronda (Wed, 19 Aug 2020 17:11:11 GMT):
We are working on a project to enable a relying party to interact with a wallet via an OIDC integration. https://github.com/trustbloc/edge-adapter/blob/master/docs/rp/README.md (note: this project uses CHAPI to select the wallet and bootstrap the DIDComm connection and DIF presentation exchange as the attachment format).

GuilhermeFunchal (Wed, 19 Aug 2020 17:28:20 GMT):
Thanks guys, I will read the documentation

Koushik (Wed, 19 Aug 2020 20:04:26 GMT):
Hi @swcurran , Thanks for the response. I figured it out, it seems the code I was working on had the invitation disabled on the terminal so I had to get it from api. All good now.

bhasineeraj (Thu, 20 Aug 2020 02:03:17 GMT):
Has joined the channel.

bhasineeraj (Thu, 20 Aug 2020 02:03:18 GMT):
hello, How can I start building a production SSI application usign Aries?

thearhaam (Thu, 20 Aug 2020 10:31:18 GMT):
Has joined the channel.

HeMBaD (Thu, 20 Aug 2020 10:43:27 GMT):
Has joined the channel.

AlejandroCortesLeal (Fri, 21 Aug 2020 00:14:25 GMT):
Has joined the channel.

jcldnatv (Sat, 22 Aug 2020 17:22:20 GMT):
Has joined the channel.

arunprakashpj (Sun, 23 Aug 2020 18:44:25 GMT):
Has joined the channel.

Koushik (Mon, 24 Aug 2020 13:30:00 GMT):
Hi guys, last week I saw an ppt for Hyperledger Aires Architecture from a meetup but I forgot to book mark and can not find it? Could anyone please link it to me?

MarinaELias (Mon, 24 Aug 2020 14:15:53 GMT):
Has joined the channel.

MarinaELias (Mon, 24 Aug 2020 14:15:53 GMT):
Hi all, I am currently working on a project but I am confused in some concepts. First, where is the wallet that stores the credentials saved? Is it saved on a blockchain or just a local database? Secondly, I still don't get how the verifier entity verifies the correctness of the presented values? From what I understood, the personal data of the student or the holder of a transcript are not saved on the ledger, so what does the verifier compare against the ledger if the data is not there? I would appreciate your help, thank you in advance.

sklump (Mon, 24 Aug 2020 18:27:55 GMT):
* the wallet is a local database * the values are in the presented proof, which proves that the issuer issued the credentials. The issuer's DID is on the (public) ledger.

sklump (Mon, 24 Aug 2020 18:29:16 GMT):
https://hyperledger-indy.readthedocs.io/projects/sdk/en/latest/docs/getting-started/indy-walkthrough.html

swcurran (Mon, 24 Aug 2020 19:38:14 GMT):
The blockchain is used to verify the cryptography without needing the verifier to contact the issuer. The proof/verification interchange is done between the prover/verifier.

kdenhartog (Mon, 24 Aug 2020 20:04:53 GMT):
Was it SSI meetup? If so it’s probably this one. https://ssimeetup.org/hyperledger-aries-open-source-interoperable-identity-solutions-nathan-george-webinar-30/

MarinaELias (Mon, 24 Aug 2020 20:40:01 GMT):
In what form are credentials saved in the wallet then? And what else does the wallet save?

swcurran (Mon, 24 Aug 2020 23:25:37 GMT):
The credentials are stored in the form delivered to the holder. For Indy credentials, they are signed using CL Signatures. The wallet also stores DIDs (on and off ledger DIDs), ledger objects (for Indy, there are a couple of things beyond DIDs), connections (DID pairs between connected wallets) and protocol state objects. And anything else the wallet app wants to put in the wallet.

MarinaELias (Tue, 25 Aug 2020 00:13:17 GMT):
Okay last question though, what makes the wallet secure? I mean couldn't that wallet it self be stolen or someone, what makes sure who own this wallet?

MarinaELias (Tue, 25 Aug 2020 00:13:17 GMT):
Okay I understand now, last question though, what makes the wallet secure? I mean couldn't that wallet it self be stolen or someone, what makes sure who own this wallet?

Koushik (Tue, 25 Aug 2020 01:39:25 GMT):
@kdenhartog thanks for the response. It was this one, https://docs.google.com/presentation/d/1K7qiQkVi4n-lpJ3nUZY27OniUEM0c8HAIk4imCWCx5Q/edit#slide=id.p

thearhaam (Tue, 25 Aug 2020 10:53:45 GMT):
``` Hey guys, ```

thearhaam (Tue, 25 Aug 2020 11:03:36 GMT):
Hey guys, I have a few doubts regarding this demo (ACApy Alice Faber Acme Demo): https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo I know that the following repo https://github.com/petridishdev/aries-cloudagent-python is used for building the agents but I'm not able to pinpoint where the DID's are being created. Even in the demo, the invitation object for connection doesn't seem to have a DID (According to the structure of the invite a DID should be present in the invite). Could someone please help me out with where Indy comes into the picture in this particular demo?

avi23 (Tue, 25 Aug 2020 11:11:29 GMT):
Has joined the channel.

SamB (Wed, 26 Aug 2020 01:48:03 GMT):
Has joined the channel.

SamB (Wed, 26 Aug 2020 01:51:06 GMT):
Hello, Can anyone please help me find stable github repo for Aries Indy integration?

SamB (Wed, 26 Aug 2020 01:51:06 GMT):
Hello, Can anyone please help me to find stable Github repo for Aries Indy integration?

swcurran (Wed, 26 Aug 2020 02:55:02 GMT):
The invitation contains a "peer-did" (or something similar). It does not go on the ledger at all -- is just given to the other party in the connection. So it's not a DID, but contains the same data as a minimal DID - an identifier, a public key, an endpoint and for DIDComm support, routing information to get a message to the recipient.

swcurran (Wed, 26 Aug 2020 02:56:01 GMT):
In Indy, only verifiable credential issuers need to have DIDs and other data on the ledger. A verifier and holder does not need it. So in the demo -- only Faber is an issuer and has data on the ledger.

swcurran (Wed, 26 Aug 2020 02:56:37 GMT):
Suggest you look at ACA-Py - https://github.com/hyperledger/aries-cloudagent-python

swcurran (Wed, 26 Aug 2020 02:56:46 GMT):
The demo folder has lots of examples.

swcurran (Wed, 26 Aug 2020 02:57:00 GMT):
Latest release came out today.

SamB (Wed, 26 Aug 2020 02:57:07 GMT):
Thank You

thearhaam (Wed, 26 Aug 2020 04:30:11 GMT):
@swcurran Alright, thank you so much :D

kukgini (Wed, 26 Aug 2020 09:43:43 GMT):
Hi. all, I am reading about 0019: Encryption Envelope. I can check the message structure of `Agent Wire Message` there. But where can I find an explanation of the basic message structure of `Agent Plaintext Message`?

mccown (Wed, 26 Aug 2020 19:58:05 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (Aug 27th @ 9am MT). This is a chance to get updates on a variety of WG calls that you may have missed this week. Our guest presenter will be Sam Curren (Indicio). Sam will be presenting an overview of the DIDComm standards and technologies that enable agents to authenticate and communicate securely. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-08-27+Identity+Implementers+WG+Call Zoom: https://zoom.us/j/244779296

bjwswang (Thu, 27 Aug 2020 02:11:43 GMT):
Has joined the channel.

berserkr (Thu, 27 Aug 2020 09:33:42 GMT):
Hi All, can anyone point me in the right direction. I am trying to create a credential request (e.g., indy_prover_create_credential_req), however, not sure which module in the aries cloud agent such functionality is provided

darkchylde (Thu, 27 Aug 2020 14:33:41 GMT):
Can anyone list the set of RFC(s) covering mediator agent concepts ? Or is there any common place where mediator related discussion happen ? Anything would be helpful

TimoGlastra (Thu, 27 Aug 2020 14:38:23 GMT):
Although it is specific to aries-framework-javascript, I created a somewhat detailed description of how mediation should work. See: https://github.com/hyperledger/aries-framework-javascript/issues/40 This is not exhaustive, but some mediator related RFCs: - https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0046-mediators-and-relays/README.md - https://github.com/hyperledger/aries-rfcs/tree/master/features/0211-route-coordination - Pick up messages from mediator: https://github.com/hyperledger/aries-rfcs/blob/master/features/0212-pickup/README.md - useful when picking up message from mediator: https://github.com/hyperledger/aries-rfcs/blob/master/features/0092-transport-return-route/README.md - defines `forward` message: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0094-cross-domain-messaging

darkchylde (Thu, 27 Aug 2020 14:39:29 GMT):
Thanks. This is really helpful.

TelegramSam (Thu, 27 Aug 2020 15:18:29 GMT):
recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=39617285

darkchylde (Thu, 27 Aug 2020 16:18:18 GMT):
@TelegramSam Can you share the link for DIDComm v2 spec ?

valesken (Thu, 27 Aug 2020 17:02:44 GMT):
Has joined the channel.

TelegramSam (Thu, 27 Aug 2020 17:28:02 GMT):
DIDComm V2 Draft here: https://identity.foundation/didcomm-messaging/docs/spec/

TelegramSam (Thu, 27 Aug 2020 17:28:21 GMT):
Note: This is not quite ready for building. Expect changes before reaching a viable draft state.

arunprakashpj (Thu, 27 Aug 2020 20:51:34 GMT):
Hi ! I am a fresher here and exploring Hyperledger Aries . May I know where the schema of Hyperledger Aries is stored ?

berserkr (Fri, 28 Aug 2020 07:05:56 GMT):
Hi All, how are tail files maintained?

berserkr (Fri, 28 Aug 2020 07:05:56 GMT):
Hi All, how are tail files maintained? Or what are the guidelines for their maintenance.

berserkr (Fri, 28 Aug 2020 08:34:39 GMT):
One more thing, revocation registries need a ledger? I see only one revocation type being defined (`IndyRevocation`), when I try to create a revocation registry, I am getting an error as I do not have nor want to have a ledger instance, I am trying to run aries totally decoupled from a ledger

berserkr (Fri, 28 Aug 2020 08:52:55 GMT):
In order to open a wallet you need to provide it with a master key, as far as I know. Now the next question is where that master key is stored and who manages it :D

berserkr (Fri, 28 Aug 2020 09:46:16 GMT):
I guess the same can be said about a verifier. It looks like the only verifier supported by aries is an indy verifier, which also requires a ledger...

TimoGlastra (Fri, 28 Aug 2020 13:23:31 GMT):
Hi @berserkr have you seen the indy doc about revocation? https://github.com/hyperledger/indy-sdk/blob/master/docs/concepts/revocation/cred-revocation.md Most implementations of Aries only work with Indy at the moment. Aries framework Go is the exception here, it does not support Indy based credentials. However from what I know they also don’t support revocation at the moment. Running Aries completely decoupled from a ledger should be possible if you don’t use public DIDs, and use a credential method that doesn’t require you to store schemas and credential definitions on the ledger. This is not possible with Indy. However for revocation using a ledger is crucial. Without the revocation status being anchored in a ledger the verifier will need to talk directly to the issuer about revocation status. How else can we know for sure the credential hasn’t been revoked? This introduces some privacy concerns, and also makes the holder dependent on the infrastructure of the issuer. All things we can avoid when using a ledger.

swcurran (Fri, 28 Aug 2020 14:13:10 GMT):
The owner of the wallet holds it and stores it in a way that they define "safe". On a mobile app, it uses the OS provided protected storage - e.g. the place that requires biometrics, etc. to access.

pixelschnitzel (Fri, 28 Aug 2020 14:17:18 GMT):
Has joined the channel.

berserkr (Fri, 28 Aug 2020 15:27:17 GMT):
Thank you for the clarification, makes sense, This is something I have been wrestling with and making the argument for, which is, the need to run an indy ledger as it will simplify things for us. Rather than trying to re-invent the wheel

berserkr (Fri, 28 Aug 2020 16:57:08 GMT):
@TimoGlastra One thing that is not clear to me yet is the tails file, how is that managed?

TimoGlastra (Sat, 29 Aug 2020 12:22:03 GMT):
I'm assuming you've read the document about revocation from my previous message. Some information about the tails file is stored on the ledger (Hash and Uri), but tails files are otherwise managed separately from the ledger. The "tricky" part is that the tails file should be available to the holder. So the tails file should be hosted on a server somewhere so it can be downloaded by the holder. There is no standard for managing this but BCGov has created a very nice indy-tails-server (https://github.com/bcgov/indy-tails-server) that does exactly this.

TimoGlastra (Sat, 29 Aug 2020 12:22:54 GMT):
I think they even have a public instance running that is free to use (although I'm not 100% sure of this)

TimoGlastra (Sat, 29 Aug 2020 12:30:09 GMT):
@swcurran is it correct there is a public instance of the indy-tails-server?

danielhardman (Sat, 29 Aug 2020 18:24:10 GMT):
I want to make sure the Aries community is aware of this conversation happening in the W3C, in which it has been proposed to eliminate `serviceEndpoint` from the DID core spec. This would be disruptive to DIDComm. It appears that the proposal has been rejected (DIDComm is safe), but there are still some voices claiming that `serviceEndpoint` is useless nonsense. You might want to read the ticket or weigh in. HEre's a link: https://github.com/w3c/did-core/issues/382#issuecomment-683325040

swcurran (Sat, 29 Aug 2020 20:50:23 GMT):
Thanks, Daniel - I saw that yesterday, and thanks for the response you (and others) put in. I thought that the proposals put forth were terrible substitutes and indeed it would make DIDComm extremely difficult.

swcurran (Sat, 29 Aug 2020 20:51:23 GMT):
We have a version at BC Gov that is open to the world. @esune -- what is the URL? Not sure how much guidance we have on using it.

esune (Sat, 29 Aug 2020 20:57:17 GMT):
DEV: https://tails-server-dev.pathfinder.gov.bc.ca TEST: https://tails-server-test.pathfinder.gov.bc.ca PROD: https://tails.vonx.io

phuctu1901 (Sun, 30 Aug 2020 04:58:38 GMT):
Hi everyone, I want to build an anonymous social welfare service with the following steps. Step 1: They will receive a certificate called "ID card" including code, full name, address and some other information. Step 2: They access the another system to get benefits. The system will send a request to prove that they have "ID card" and a valid address. Step 3: The system will send them benefits in some way if the proof is valid. But I have problems checking the person that has ever been received. While I'm not asking for their ID number. Is there a way to solve it? Thanks very much.

avi23 (Sun, 30 Aug 2020 17:15:53 GMT):
Hello , can anyone please tell me how i can achieve below in Indy ? is there any concept of generating master secret key in Indy 1. Issuer will issue a certificate by reflecting the master secret that only the user knows. 2. Proof of ownership through proof of zero knowledge without revealing the master secret when submitting the certificate

kdenhartog (Mon, 31 Aug 2020 05:44:06 GMT):
Good thing DID Documents have a JSON-LD option so we could have just added a didcomm.org extension context and added them back in. :upside_down:

avi23 (Mon, 31 Aug 2020 07:33:03 GMT):
@swcurran could you please provide your inputs

mtfk (Mon, 31 Aug 2020 08:56:59 GMT):
Hi everyone I am looking for some information about support of DID resolution process for multiple did methods within agents spaces. Means is there any work already started to provide support for multiple did methods? Anyone build so far an agent which can handle more then one did method? I would really appreciate the input. As a test we are planning to add to aries toolbox support for did web to test few interoperable mechanisms and we are wondering if there is already a kind of "spec" or best practices to do so.

TelegramSam (Mon, 31 Aug 2020 14:22:07 GMT):
Re: Aries Wednesday B Call: This call will happen immediately after two days of the Indy Interopathon. Both Stephen and I will be occupied with that meeting. Is there a volunteer that wants to run the meeting? Without a volunteer, we'll need to cancel this week's meeting. Any volunteers?

swcurran (Mon, 31 Aug 2020 16:07:28 GMT):
I'm not really sure what the question is, but that is how Indy anoncreds work -- it's more of a statement than a question. The holder gives the issuer a blinded link (master) secret that the issuer embeds in the credential. When proving, the issuer unblinds the blinded link secret without revealing the link secret itself.

avi23 (Mon, 31 Aug 2020 16:28:14 GMT):
Thanks @swcurran , my question was around how the holder will generate that master secret key? what function or API we can use for that?

swcurran (Mon, 31 Aug 2020 17:01:27 GMT):
Ah...that I think happens automatically when you create the wallet. Confirmed by devs.

avi23 (Mon, 31 Aug 2020 17:08:37 GMT):
@swcurran ahh....do you mean i need to confirm with the devs for that? can you please give any devs reference so i can reach out to him?

phuctu1901 (Tue, 01 Sep 2020 07:12:52 GMT):
Excuse me, I have a question about anocreds. How to make credentials one-time use so that second and later run are detected but do not reveal exactly who I am?

pixelschnitzel (Tue, 01 Sep 2020 13:59:31 GMT):
You could revoke the credential immediately after first usage.

swcurran (Tue, 01 Sep 2020 17:59:25 GMT):
It's not obvious. The problem with revoke-after-first-use is that it is not a single transaction, and the verifier has to contact the issuer to request it be revoked. AFAIK - there is not a good answer to this with VCs. That is a "double-spend" issue and is probably better handled with more cryptocurrency-like handling.

tomislav (Tue, 01 Sep 2020 18:23:30 GMT):
"consumable credentials" would be the term we sometime use to describe these types of credentials. As @swcurran there's currently no implementation that supports this

VictorSyntez (Tue, 01 Sep 2020 18:32:41 GMT):
Has joined the channel.

VictorSyntez (Tue, 01 Sep 2020 21:21:22 GMT):
Hello, I'm interested in volunteering for Hyperledger Indy projects as a developer-beginner. If there are some tasks that don't require extensive coding knowledge or this knowledge might be gained using free available and known resources then I am willing to help. You can contact me using private message. Cheers, Victor.

pikvik (Wed, 02 Sep 2020 04:55:32 GMT):
Has joined the channel.

phuctu1901 (Wed, 02 Sep 2020 11:11:24 GMT):
Thank you @pixelschnitzel, @swcurran and @tomislav. Does this mean that I have to reveal a unique piece of information about myself to be able to determine if I have interacted with the verifie?. Also means the unlinkable has been turned-off in this case. What is the best way to deal with this at the moment? Thank you very much. I'm doing final-project and am struggling here.

TelegramSam (Wed, 02 Sep 2020 16:17:12 GMT):
No Aries call today.

larabisch (Wed, 02 Sep 2020 16:21:57 GMT):
Has joined the channel.

swcurran (Wed, 02 Sep 2020 19:02:54 GMT):
Yes, you would have to do that. There is some work going on in around something called a "domain proof". In that, a verifier can tell if they have/have not seen a credential before by comparing with proofs seen before. However, while the value repeats for the same verifier, it is different from each verifier so verifiers can't coorelate between them.

phuctu1901 (Thu, 03 Sep 2020 01:15:20 GMT):
@swcurran I think a domain proof is very useful. I have just tried requesting 5 proof requests from 1 verifer to a user's credential. The five requests were the same, but the results were different. Can you tell me where I am wrong? I. System: - Aries CloudAgent Python to use API for verifier. - Mobile Wallet. II. Working process: 1. Creating connection between user and agent. 2. Sending proof request. (use / present-proof / send-request) 3. Allowing send proof from mobile wallet. 4. Repeating step 2,3 five times. These are the proofs I received. https://www.dropbox.com/sh/6aqbyv4vu9hyqdl/AACjgFX0DaBqF-Vtk438wQ_la?dl=0

joanagomesrb (Fri, 04 Sep 2020 10:57:44 GMT):
Has joined the channel.

mccown (Fri, 04 Sep 2020 11:27:03 GMT):
Has anyone tried to rebuild the libindy library for iOS, lately? I'm trying to rebuild libindy.a (for iOS) using the latest source, the current version of rust, and the latest Xcode 11. However, while it all seems to build okay, it fails on linking -- it's trying to link the mac libs instead of the iOS libs and I'm not sure why. The relevant error message says, "building for iOS-arm64 but attempting to link with file built for macOS-x86_64"

TimoGlastra (Fri, 04 Sep 2020 11:37:03 GMT):
We just had a discussion about this on the aries-framework-javascript call 30 minutes ago. We're also having problems with building libindy for iOS. @karimStekelenburg1 and @ajayjadhav are going to look into it this week I think.

mccown (Fri, 04 Sep 2020 11:52:07 GMT):
@TimoGlastra thanks for looking at this. I think what's happening is a few of the libraries that indy requires (e.g., libsodium, libzmq, & OpenSSL) when installed as documented (brew install libsodium) don't install iOS-compatible libraries. I just tried to add libsodium to a simple test app in xcode and got a similar message "test.xcodeproj Building for iOS Simulator, but the linked library 'libsodium.a' was built for macOS."

chakshujain (Sun, 06 Sep 2020 14:33:37 GMT):
Has joined the channel.

thearhaam (Mon, 07 Sep 2020 10:52:14 GMT):
Hey guys just a quick question regarding the APIs in the AliceFaberAcme Demo (ACA-py Controllers Demo: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo) It's my understanding that calling the "/issue-credential/send" API should automatically save the issued credential in the Holders wallet, am I mistaken? Because I'm unable to get the credentials from the Holders wallet, it's empty. I thought maybe I'd have to call the "/issue-credential/records/{cred_ex_id}/store" API but that gives me an error and I haven't seen that API being used in the Demo either.

swcurran (Mon, 07 Sep 2020 17:05:06 GMT):
No -- the send is on the Issuers side, and it does automatic stuff for the issuer. No impact on the holder. I believe there is a command line parameter that might auto-handle things on the holder side, but that is not altered by the /send endpoint.

thearhaam (Tue, 08 Sep 2020 04:29:55 GMT):
@swcurran Oh i see, thank you for the info. I'll be looking into how to deal with it on the holders side but I'd greatly appreciate it if you could point me in the right direction. The holder has access to the credential records and the credential exchange ID, so I was hoping there was a way to use this information to save the credential to the holders wallet.

sklump (Tue, 08 Sep 2020 10:31:46 GMT):
The demo auto-stores: https://github.com/hyperledger/aries-cloudagent-python/blob/703288de7c5cf48bd6c624905ca0a01d8fc3f010/demo/runners/alice.py#L41

sklump (Tue, 08 Sep 2020 10:36:44 GMT):
If the operator invokes `(1) Issue Credential` on Faber then the issuer sends a credential, which Alice agent stores in its wallet. Use `/credentials` at port 8031 to list Alice's credentials: you may have been using port 8021 which would list the Issuer's credentials (none).

thearhaam (Tue, 08 Sep 2020 10:47:03 GMT):
@sklump Thank you for pointing that out, I've been using postman to send requests to the Agents. I have used the correct port which is 8031 for Alice. So my calls have basically been, Establish Connection: 1. 8031: /connection/create-invitation 2. 8021: /connection/receive-invitation Issue Credential (using connection_id from previous request) 3. 8021: /issue-credential/send Now at this point I can get the records using "/issue-credential/records" but the credential isn't present in the wallet Could you maybe let me know where I must be going wrong?

sklump (Tue, 08 Sep 2020 10:58:16 GMT):
What's in the `/issue-credential/send` body? One sure way to get the results you want is to run the demo on the command line with `--events` and retain the results for reproduction via Postman.

sklump (Tue, 08 Sep 2020 11:15:29 GMT):
On Faber (port 8021), `/issue-credential/send` content: ``` { "auto_remove": false, "connection_id": "43bc1a78-b887-43af-bcde-0fcbaefde8e0", "comment": "string", "credential_proposal": { "@type": "issue-credential/1.0/credential-preview", "attributes": [ { "name": "name", "value": "Alice Smith" }, { "name": "date", "value": "2018-05-28" }, { "name": "degree", "value": "Maths" }, { "name": "age", "value": "24" }, { "name": "timestamp", "value": "1599562440" } ] }, "schema_id": "ETRPT91DhaLGftj5HjBH9N:2:degree schema:68.76.19", "cred_def_id": "ETRPT91DhaLGftj5HjBH9N:3:CL:8:default", "trace": false } ``` On Alice (port 8031), `/credentials/` works fine

sklump (Tue, 08 Sep 2020 11:16:27 GMT):
with correct connection-id and schema-id, cred-def-id as demo shows.

thearhaam (Tue, 08 Sep 2020 11:22:42 GMT):
@sklump The body consists of all of these: schema_version,schema_id,connection_id,cred_def_id,credential_proposal: attributes I could send you the exact body I'm using but I've created new Schemas and Cred Defs so I don't think that would be of much help. Is there any attribute that I'm missing and that could be causing this issue?

sklump (Tue, 08 Sep 2020 11:29:44 GMT):
Send me the body - that's why I asked for it

paul.bastian (Tue, 08 Sep 2020 11:37:02 GMT):
Has joined the channel.

sklump (Tue, 08 Sep 2020 11:37:11 GMT):
Then we troubleshoot from there

etaleo (Tue, 08 Sep 2020 12:17:45 GMT):
Has joined the channel.

thearhaam (Tue, 08 Sep 2020 14:32:07 GMT):
@sklump Here is the body: { "schema_version": "1.0", "schema_id": "HMYiiQCkAumDSmBuV5SnJF:2:BPR:1.0", "connection_id": "56384b32-621a-4b1c-89f0-5957560c6167", "cred_def_id": "HMYiiQCkAumDSmBuV5SnJF:3:CL:34348:default", "credential_proposal": { "attributes": [ { "name": "Name", "value": "Arhaam" }, { "name": "Date", "value": "07-Sep-2020" }, { "name": "Certno", "value": "12345" }, { "name": "Age", "value": "21" } ] } }

thearhaam (Tue, 08 Sep 2020 14:32:07 GMT):
@sklump Here is the body: `{ "schema_version": "1.0", "schema_id": "HMYiiQCkAumDSmBuV5SnJF:2:BPR:1.0", "connection_id": "56384b32-621a-4b1c-89f0-5957560c6167", "cred_def_id": "HMYiiQCkAumDSmBuV5SnJF:3:CL:34348:default", "credential_proposal": { "attributes": [ { "name": "Name", "value": "Arhaam" }, { "name": "Date", "value": "07-Sep-2020" }, { "name": "Certno", "value": "12345" }, { "name": "Age", "value": "21" } ] } }`

thearhaam (Tue, 08 Sep 2020 14:32:07 GMT):
@sklump Here is the body: ``` { "schema_version": "1.0", "schema_id": "HMYiiQCkAumDSmBuV5SnJF:2:BPR:1.0", "connection_id": "56384b32-621a-4b1c-89f0-5957560c6167", "cred_def_id": "HMYiiQCkAumDSmBuV5SnJF:3:CL:34348:default", "credential_proposal": { "attributes": [ { "name": "Name", "value": "Arhaam" }, { "name": "Date", "value": "07-Sep-2020" }, { "name": "Certno", "value": "12345" }, { "name": "Age", "value": "21" } ] } } ```

sklump (Tue, 08 Sep 2020 14:35:54 GMT):
What is the result of `GET /connections/56384b32-621a-4b1c-89f0-5957560c6167` on port 8021?

sklump (Tue, 08 Sep 2020 14:36:09 GMT):
(issuer Faber admin API)

thearhaam (Tue, 08 Sep 2020 14:37:01 GMT):
@sklump ``` { "my_did": "Fs5St2zdxYr3SUNXxqz8EX", "state": "active", "request_id": "578ae4f4-05e9-4754-9469-5bfcf7af9a59", "their_label": "Alice Agent", "invitation_key": "C5Z8uYybmUcbRyQuESqGwzTrCAjRVsHPEZLgrPCoDZah", "initiator": "external", "routing_state": "none", "updated_at": "2020-09-08 14:12:00.438752Z", "their_did": "PTF19oQok3HcebiU7Dh9cZ", "accept": "auto", "created_at": "2020-09-08 14:12:00.196710Z", "invitation_mode": "once", "connection_id": "56384b32-621a-4b1c-89f0-5957560c6167" } ```

sklump (Tue, 08 Sep 2020 14:39:11 GMT):
OK, good, can you get the credential exchange record or is it gone?

sklump (Tue, 08 Sep 2020 14:40:00 GMT):
(it should still be there if you're running the demo)

thearhaam (Tue, 08 Sep 2020 14:40:37 GMT):
@sklump I'm able to get all the records from Alice (8031) by using `/issue-credential/records`

sklump (Tue, 08 Sep 2020 14:42:08 GMT):
How many?

sklump (Tue, 08 Sep 2020 14:42:14 GMT):
(About)

thearhaam (Tue, 08 Sep 2020 14:42:31 GMT):
@sklump I created 4 so I'm able to view all 4 records

thearhaam (Tue, 08 Sep 2020 14:42:31 GMT):
@sklump I issued 4 so I'm able to view all 4 records

sklump (Tue, 08 Sep 2020 14:43:10 GMT):
They're always failing as you describe?

thearhaam (Tue, 08 Sep 2020 14:44:07 GMT):
@sklump They don't show up in the wallet, I'm under the impression that if the credential record is available it's been successfully issued, am I wrong?

sklump (Tue, 08 Sep 2020 14:44:25 GMT):
Issue is not the same as acceptance

sklump (Tue, 08 Sep 2020 14:44:44 GMT):
There is no contradiction between issuer:issued and holder:not-stored

thearhaam (Tue, 08 Sep 2020 14:45:14 GMT):
@sklump So holder must accept this credential and save it in the wallet which is not happening in my case?

sklump (Tue, 08 Sep 2020 14:46:20 GMT):
I cannot speculate what is happening on your end without looking at records. I am asking if it always fails.

sklump (Tue, 08 Sep 2020 14:47:50 GMT):
If it always fails then it won't matter which one. If it does then we have to pick between the 4.

thearhaam (Tue, 08 Sep 2020 14:48:21 GMT):
@sklump I'm not exactly sure what you mean by always "fails". If you mean if none of the credentials are showing up in the wallet then yeah none of them show up. And as for the credential record, shall I attach a screenshot since it's too large to paste here?

sklump (Tue, 08 Sep 2020 14:48:46 GMT):
Pick one of them and post it please

thearhaam (Tue, 08 Sep 2020 14:52:30 GMT):

res.txt

thearhaam (Tue, 08 Sep 2020 14:52:35 GMT):
@sklump

sklump (Tue, 08 Sep 2020 15:00:14 GMT):
OK, the exchange is holding at `request_sent` from the issuer - can you pick one from the holder side and post that one?

sklump (Tue, 08 Sep 2020 15:00:14 GMT):
OK, the exchange is at state `request_sent` from the issuer - can you pick one from the holder side and post that one?

thearhaam (Tue, 08 Sep 2020 15:01:22 GMT):
@sklump This was from the holders side (8031)

sklump (Tue, 08 Sep 2020 15:02:16 GMT):
ah yes, of course - can you find one from the issuer side then?

sklump (Tue, 08 Sep 2020 15:02:33 GMT):
What we are trying to do is find where it got stuck

sklump (Tue, 08 Sep 2020 15:02:33 GMT):
What we are trying to do is to find where it got stuck

thearhaam (Tue, 08 Sep 2020 15:03:43 GMT):

record-issuer.txt

thearhaam (Tue, 08 Sep 2020 15:03:49 GMT):
@sklump

sklump (Tue, 08 Sep 2020 15:06:37 GMT):
So the issuer got the request but didn't act on it. You didn't see any logs on the Faber console? They might be in red?

thearhaam (Tue, 08 Sep 2020 15:07:27 GMT):
:thinking: Give me a couple of minutes to re-check

sklump (Tue, 08 Sep 2020 15:08:49 GMT):
No problem - there could be a mismatch against the schema attributes too, maybe. There are so many variables.

thearhaam (Tue, 08 Sep 2020 15:20:58 GMT):
``` Faber | 2020-09-08 14:11:13,185 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: Faber | Faber | Node is not a validator Faber | Faber | Invalid library state } ``` @sklump Yeah I think this is what's causing all the mess, any idea why this is happening?

sklump (Tue, 08 Sep 2020 15:22:12 GMT):
Well that's unexpected

thearhaam (Tue, 08 Sep 2020 15:23:04 GMT):
@sklump Btw, was creating my own schema a bad idea? Is the schema in the demo directly linked to the agents somehow?

sklump (Tue, 08 Sep 2020 15:25:27 GMT):
The agents use the schema & cred def hard-coded for proof presentation, but there is nothing special about the demo agents as such. You should be fine creating your own ledger items.

sklump (Tue, 08 Sep 2020 15:25:44 GMT):
"Node is not a validator" is freaky though and I don't know what it portends.

thearhaam (Tue, 08 Sep 2020 15:27:04 GMT):
@sklump Maybe I'll try to set up the agents again and see if that helps, although I've done it a couple of times already. Thanks for all your input so far though, I really appreciate it.

sklump (Tue, 08 Sep 2020 15:28:36 GMT):
Can you run it against a von_network locally? If so, maybe the test or prod indy ledger is in a bad way.

sklump (Tue, 08 Sep 2020 15:28:54 GMT):
"maybe" includes "maybe not" of course

thearhaam (Tue, 08 Sep 2020 15:29:09 GMT):
@sklump Alright, I'll give that a go as well :grin:

sklump (Tue, 08 Sep 2020 15:30:29 GMT):
Finally, if the issuer is getting stuck after the request (or any stage), you can poke the admin API's manual step to proceed from there to try again. In this case, `POST /issue-credential/records/{cred_ex_id}/issue`

thearhaam (Tue, 08 Sep 2020 15:31:02 GMT):
@sklump Alright :thumbsup:

AryamaI (Tue, 08 Sep 2020 15:41:17 GMT):
Has joined the channel.

thearhaam (Tue, 08 Sep 2020 15:45:26 GMT):
@sklump It's working, I cleared all the images and started the agents again and I can view the credentials in the wallet now. Thank you so much for your time :grin:

sklump (Tue, 08 Sep 2020 15:49:40 GMT):
Wow, that's a huge relief, thanks.

chakshujain (Tue, 08 Sep 2020 17:57:23 GMT):
Hey guys I have a question regarding the *Agent storage*. Can we put some data apart from DIDs, keys, ledger objects and credentials in the agent storage? This aries-rfcs has something in this regard: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets#tags-and-queries But I not sure how to do this?

thearhaam (Wed, 09 Sep 2020 04:52:36 GMT):
@sklump Hey, I've been facing another issue from before but it somehow resolves itself once I run it a bunch of times. ``` #7 Provision an agent and wallet, get back configuration details Alice | Alice | Shutting down Alice | 2020-09-09 04:48:58,785 aries_cloudagent.commands.start ERROR Exception during startup: Alice | Traceback (most recent call last): Alice | File "/home/indy/aries_cloudagent/commands/start.py", line 77, in init Alice | await startup Alice | File "/home/indy/aries_cloudagent/commands/start.py", line 26, in start_app Alice | await conductor.setup() Alice | File "/home/indy/aries_cloudagent/core/conductor.py", line 94, in setup Alice | if not await ledger_config(context, public_did): Alice | File "/home/indy/aries_cloudagent/config/ledger.py", line 66, in ledger_config Alice | async with ledger: Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 252, in __aenter__ Alice | await self._context_open() Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 221, in _context_open Alice | await self.open() Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 186, in open Alice | self.pool_handle = await indy.pool.open_pool_ledger(self.pool_name, "{}") Alice | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/pool.py", line 88, in open_pool_ledger Alice | open_pool_ledger.cb) Alice | concurrent.futures._base.CancelledError Alice | 2020-09-09 04:48:58,786 asyncio ERROR Task exception was never retrieved Alice | future: .done() done, defined at /home/indy/aries_cloudagent/commands/start.py:82> exception=RuntimeError('cannot reuse already awaited coroutine',)> Alice | RuntimeError: cannot reuse already awaited coroutine Alice | Exited with return code 0 Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/alice.py", line 336, in main(args.port, args.no_auto, args.timing) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/alice.py", line 236, in main await agent.start_process() File "/home/indy/demo/runners/support/agent.py", line 358, in start_process await self.detect_process() File "/home/indy/demo/runners/support/agent.py", line 539, in detect_process + f"Admin URL: {status_url}" Exception: Timed out waiting for agent process to start. Admin URL: http://192.168.65.3:8031/status ``` Just wondering what the reason behind this is and how do I prevent it from happening.

thearhaam (Wed, 09 Sep 2020 04:52:36 GMT):
@sklump Hey, I've been facing another issue from before but it somehow resolves itself once I run it a bunch of times. The agent containers keep exiting and the logs show the following error. (This holds true for all the agents that run) ``` #7 Provision an agent and wallet, get back configuration details Alice | Alice | Shutting down Alice | 2020-09-09 04:48:58,785 aries_cloudagent.commands.start ERROR Exception during startup: Alice | Traceback (most recent call last): Alice | File "/home/indy/aries_cloudagent/commands/start.py", line 77, in init Alice | await startup Alice | File "/home/indy/aries_cloudagent/commands/start.py", line 26, in start_app Alice | await conductor.setup() Alice | File "/home/indy/aries_cloudagent/core/conductor.py", line 94, in setup Alice | if not await ledger_config(context, public_did): Alice | File "/home/indy/aries_cloudagent/config/ledger.py", line 66, in ledger_config Alice | async with ledger: Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 252, in __aenter__ Alice | await self._context_open() Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 221, in _context_open Alice | await self.open() Alice | File "/home/indy/aries_cloudagent/ledger/indy.py", line 186, in open Alice | self.pool_handle = await indy.pool.open_pool_ledger(self.pool_name, "{}") Alice | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/pool.py", line 88, in open_pool_ledger Alice | open_pool_ledger.cb) Alice | concurrent.futures._base.CancelledError Alice | 2020-09-09 04:48:58,786 asyncio ERROR Task exception was never retrieved Alice | future: .done() done, defined at /home/indy/aries_cloudagent/commands/start.py:82> exception=RuntimeError('cannot reuse already awaited coroutine',)> Alice | RuntimeError: cannot reuse already awaited coroutine Alice | Exited with return code 0 Traceback (most recent call last): File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main "__main__", mod_spec) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/home/indy/demo/runners/alice.py", line 336, in main(args.port, args.no_auto, args.timing) File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/asyncio/base_events.py", line 484, in run_until_complete return future.result() File "/home/indy/demo/runners/alice.py", line 236, in main await agent.start_process() File "/home/indy/demo/runners/support/agent.py", line 358, in start_process await self.detect_process() File "/home/indy/demo/runners/support/agent.py", line 539, in detect_process + f"Admin URL: {status_url}" Exception: Timed out waiting for agent process to start. Admin URL: http://192.168.65.3:8031/status ``` Just wondering what the reason behind this is and how do I prevent it from happening.

thearhaam (Wed, 09 Sep 2020 06:16:16 GMT):
@sklump Also, an update on the previous issue, it's happening again :sweat_smile: I guess I'll have to reset the agents every single time :sweat_smile:

thearhaam (Wed, 09 Sep 2020 06:16:16 GMT):
@sklump An update on the issue, it's happening again :sweat_smile: I guess I'll have to reset the agents every single time :sweat_smile:

thearhaam (Wed, 09 Sep 2020 06:23:57 GMT):
Resetting isn't helping this time :sweat_smile:

thearhaam (Wed, 09 Sep 2020 06:50:09 GMT):
@sklump Now that we know the error, shall we jump to another thread to resolve it?

thearhaam (Wed, 09 Sep 2020 07:27:55 GMT):
Using https://labs.play-with-docker.com/ is also giving the same error in the logs, I thought maybe something was up in my docker.

sheru (Wed, 09 Sep 2020 11:27:19 GMT):
Hey everyone, Is it possible to update the agent name after create wallet on AMAX mobile application? Thanks in advance.

TelegramSam (Wed, 09 Sep 2020 13:47:54 GMT):
You can use the non-secrets api to store any data you wish. Note that it isn't designed for large volumes of data.

sklump (Wed, 09 Sep 2020 14:04:22 GMT):
I'm afraid I don't know much about this error. Anyone know about nodes?

thearhaam (Wed, 09 Sep 2020 15:09:47 GMT):
@sklump Alright, I'll put up another question on the channel. It would be of great help if you could maybe try running the demo once and see if you're able to get it running. I've run it on multiple systems and that error seems to persist everywhere.

thearhaam (Wed, 09 Sep 2020 16:42:48 GMT):
Hey guys, I was facing the following error while running the ACA-py Controllers Demo (AliceFaberAcme: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo) ``` Faber | Registering Faber Agent with seed d_000000000000000000000000365389 Faber | Got DID: LWXpVH8N8SexShy4t5EA5n Faber | 2020-09-09 16:39:14,830 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: Faber | Faber | Node is not a validator Faber | Faber | Invalid library state } ``` I would appreciate it if someone could tell me what's wrong and how to solve this. (I've run the demo in play in https://labs.play-with-docker.com/ as well)

thearhaam (Wed, 09 Sep 2020 16:42:48 GMT):
Hey guys, I was facing the following error while running the ACA-py Controllers Demo (AliceFaberAcme: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo) ``` Faber | Registering Faber Agent with seed d_000000000000000000000000365389 Faber | Got DID: LWXpVH8N8SexShy4t5EA5n Faber | 2020-09-09 16:39:14,830 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: Faber | Faber | Node is not a validator Faber | Faber | Invalid library state } ``` I would appreciate it if someone could tell me what's wrong and how to solve this. (I've run the demo in https://labs.play-with-docker.com/ to double check)

thearhaam (Wed, 09 Sep 2020 16:42:48 GMT):
Hey guys, I was facing the following error while running the ACA-py Controllers Demo (AliceFaberAcme: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo) ``` Faber | Registering Faber Agent with seed d_000000000000000000000000365389 Faber | Got DID: LWXpVH8N8SexShy4t5EA5n Faber | 2020-09-09 16:39:14,830 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: Faber | Faber | Node is not a validator Faber | Faber | Invalid library state } ``` I would appreciate it if someone could tell me what's wrong and how to solve this. (I've run the demo in https://labs.play-with-docker.com/ as well to double check)

swcurran (Wed, 09 Sep 2020 16:46:54 GMT):
@amanji ^^^

amanji (Wed, 09 Sep 2020 16:59:40 GMT):
Just to confirm did you set the `LEDGER _URL` or do you have a local VON Network set up when you were running the demo?

thearhaam (Wed, 09 Sep 2020 17:02:23 GMT):
@amanji I just did the following (in docker), ``` $ git clone https://github.com/hyperledger/aries-acapy-controllers.git $ cd aries-acapy-controllers/AliceFaberAcmeDemo $ LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo webstart ``` I've run it before and it has worked, just wondering what is going wrong this time.

thearhaam (Wed, 09 Sep 2020 17:02:23 GMT):
@amanji I just did the following (running in docker), ``` $ git clone https://github.com/hyperledger/aries-acapy-controllers.git $ cd aries-acapy-controllers/AliceFaberAcmeDemo $ LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo webstart ``` I've run it before and it has worked, just wondering what is going wrong this time.

mtfk (Wed, 09 Sep 2020 19:43:23 GMT):
hi everyone, during today Aries morning call I mentioned about the webinar which would be held tomorrow about Core public utility technologies for next generation internet, Here is the agenda and details https://humancolossus.foundation/blog/invitation-core-public-utility-technologies-for-a-next-generation-internet

esune (Wed, 09 Sep 2020 20:11:29 GMT):
The ledger was in an error state, this should be corrected by now so it should work as it did before

esune (Wed, 09 Sep 2020 20:11:29 GMT):
The ledger was in an error state, this should be corrected by now so it should work again as it did before

chakshujain (Thu, 10 Sep 2020 04:04:49 GMT):
Thanks @TelegramSam for the info. I checked about non-secrets api but when I start alice-faber demo agents then I not found any http endpoints(request) to use non-secret api on the swagger interface. Can you give some direction regarding how can I use non-secret api? I executed this command to start agent `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo webstart` and then open this swagger interface of alice `http://localhost:8031/api/doc#/action-menu`

thearhaam (Thu, 10 Sep 2020 04:49:45 GMT):
@esune I just checked, I'm still getting the same error

esune (Thu, 10 Sep 2020 05:15:03 GMT):
The ledger seems fine now, not really sure. Make sure all the containers are removed before you try again.

thearhaam (Thu, 10 Sep 2020 05:26:28 GMT):
@esune I cleared all the containers + images and tried again, I also tried on "https://labs.play-with-docker.com/", not sure what's going wrong, I'll try again though

amanji (Thu, 10 Sep 2020 05:27:08 GMT):
I’ll see if I can replicate the issue

thearhaam (Thu, 10 Sep 2020 05:27:29 GMT):
@amanji Alright, thank you for your time

amanji (Thu, 10 Sep 2020 05:50:14 GMT):
Hmm, I am getting a similar error for all 3 agents but was able to get through the demo. Did you have any trouble running through the demo with the error?

amanji (Thu, 10 Sep 2020 05:50:14 GMT):
Hmm, I am getting a similar error message for all 3 agents but was able to get through the demo. Did you have any trouble running through the demo with the error?

amanji (Thu, 10 Sep 2020 05:51:28 GMT):
Will try with a local instance of the VON Network

thearhaam (Thu, 10 Sep 2020 06:02:25 GMT):
@amanji I've been using POSTMAN to create new schemas and issue a credential as well, I'm facing an issue where the holder (Alice) isn't accepting & storing the credential but the credential is available in the records.

thearhaam (Thu, 10 Sep 2020 06:05:53 GMT):
You can find the details in this thread: https://chat.hyperledger.org/channel/aries?msg=jLTDEu74YFGFNPwqt

amanji (Thu, 10 Sep 2020 06:13:06 GMT):
Thanks, the context helps. So it seems like the same issue is happening with both the Open API demo and the ACA-py Controllers demo?

amanji (Thu, 10 Sep 2020 06:16:59 GMT):
The error message is showing up specifcally in the agent container console output. From the thread could be related to credentials not being stored in recipient wallets? Were you able to resolve the issue by running the agents manually?

amanji (Thu, 10 Sep 2020 06:16:59 GMT):
The error message is showing up specifcally in the agent container console output. From the thread context, this could be related to credentials not being stored in recipient wallets? Were you able to resolve the issue by running the agents manually?

thearhaam (Thu, 10 Sep 2020 06:19:05 GMT):
The agents use the openapi demo as a context so I'm guessing the same issue is happening there as well but I haven't checked. Honestly, I don't think there is an issue with the ledger, we set up our own agents and used the same ledger url and it's working :sweat_smile:

thearhaam (Thu, 10 Sep 2020 06:20:51 GMT):
@amanji Previously, all I had to do was clear all the images and containers and run everything, that let me issue the credentials and view the credentials in the wallet so I feel like there was nothing wrong with what I did but can't be certain :sweat_smile:

amanji (Thu, 10 Sep 2020 06:26:53 GMT):
I wonder if it's related to agent settings in the demos. I can't really speculate at this point unless I run the agents manually. Just to confirm you tried clearing all containers and images, which resolved the issue previously, but now doesn't.

thearhaam (Thu, 10 Sep 2020 06:27:47 GMT):
@amanji Yeah previously it did resolve the issue but that was just once, it never helped after that.

amanji (Thu, 10 Sep 2020 06:31:05 GMT):
Perhaps we can try running the demos using a local instance of the VON Network? However, if the test ledger is fine I doubt a local instance of the ledger will resolve the issue.

thearhaam (Thu, 10 Sep 2020 06:32:30 GMT):
@amanji Yeah I doubt that would help but no harm in trying :thinking:

sheru (Thu, 10 Sep 2020 08:23:22 GMT):
Thanks @mtfk

TelegramSam (Thu, 10 Sep 2020 13:43:03 GMT):
The non-secrets api is provided by the wallet in code, not via the REST API that ACA-Py provides.

TelegramSam (Thu, 10 Sep 2020 13:43:30 GMT):
Questions specific to ACA-Py can be asked on the #aries-cloudagent-python channel.

chakshujain (Thu, 10 Sep 2020 14:11:28 GMT):
I see, thanks for pointing this out. I will ask this on #aries-cloudagent-python

AryamaI (Thu, 10 Sep 2020 15:12:07 GMT):
Hello Everyone, I am quite new to Indy and Docker, just started with it. I have a doubt. Following this tutorial I was able to start faber agent with Revocation Registry https://github.com/iaryama/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md.. I would like to know can we enable the revocation history from the controllers repo code directly by calling any agent rest api to enable it. For starting both the controllers and agents I am following this tutorial: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo... But this tutorial doesnt provide any option to enable the revocation registry. How can I provide an option from controllers to enable it? Or should I have to run both the codes separately for agent to communcate with controller? What's the best approach?

amanji (Thu, 10 Sep 2020 15:41:04 GMT):
Hey @thearhaam so I ran the demos against a local instance of the VON Network and the error messages aren't showing up in the agent container consoles (the demo seems to run smoothly as well). I haven't confirmed whether the credentials are being stored in holder wallets so might be something you want to confirm. Check out the [instructions](https://github.com/bcgov/von-network/blob/master/docs/UsingVONNetwork.md) for setting up and using a local VON Network. When you re-run the demos from the terminal you don't need to pass the `LEDGER_URL`. So simply `./run_demo webstart --logs`.

esune (Thu, 10 Sep 2020 15:46:42 GMT):
It must be something related to the ledger state - even if it is up it may be throwing errors for some reason. Could also try using `LEDGER_URL=http://test.bcovrin.vonx.io` if you want to try yet another option

thearhaam (Fri, 11 Sep 2020 04:27:49 GMT):
Thank you @amanji & @esune I'll look into it, I appreciate all your help.

thearhaam (Fri, 11 Sep 2020 06:37:38 GMT):
@amanji @esune So the agents that I was using up till yesterday have stopped working today :sweat_smile: Here is the error: ``` MoW | 2020-09-11 06:36:05,097 aries_cloudagent.commands.start ERROR Exception during startup: MoW | Traceback (most recent call last): MoW | File "/home/indy/aries_cloudagent/commands/start.py", line 77, in init MoW | await startup MoW | File "/home/indy/aries_cloudagent/commands/start.py", line 26, in start_app MoW | await conductor.setup() MoW | File "/home/indy/aries_cloudagent/core/conductor.py", line 94, in setup MoW | if not await ledger_config(context, public_did): MoW | File "/home/indy/aries_cloudagent/config/ledger.py", line 66, in ledger_config MoW | async with ledger: MoW | File "/home/indy/aries_cloudagent/ledger/indy.py", line 252, in __aenter__ MoW | await self._context_open() MoW | File "/home/indy/aries_cloudagent/ledger/indy.py", line 221, in _context_open MoW | await self.open() MoW | File "/home/indy/aries_cloudagent/ledger/indy.py", line 186, in open MoW | self.pool_handle = await indy.pool.open_pool_ledger(self.pool_name, "{}") MoW | File "/home/indy/.pyenv/versions/3.6.9/lib/python3.6/site-packages/indy/pool.py", line 88, in open_poo l_ledger MoW | open_pool_ledger.cb) MoW | concurrent.futures._base.CancelledError MoW | 2020-09-11 06:36:05,099 asyncio ERROR Task exception was never retrieved MoW | future: .done() done, defined at /home/indy/aries_cloudagent/comma nds/start.py:82> exception=RuntimeError('cannot reuse already awaited coroutine',)> MoW | RuntimeError: cannot reuse already awaited coroutine ``` I'm going to try running a local VON Network but could you confirm whether this is an issue with the ledger or not?

kago (Fri, 11 Sep 2020 06:56:59 GMT):
Has joined the channel.

esune (Fri, 11 Sep 2020 15:24:33 GMT):
Revocation is enabled when you create a new credential definition. A credential definition will back a revocable or non-revocable credential depending on how it is created, it is not possible to switch between the two for an existing credential definition.

esune (Fri, 11 Sep 2020 15:26:40 GMT):
The ledger seems to be up: http://dev.dflow.bcovrin.vonx.io/

esune (Fri, 11 Sep 2020 15:26:40 GMT):
The ledger seems to be up: http://dev.dflow.bcovrin.vonx.io (I believe this is the one used in the demos, correct?)

esune (Fri, 11 Sep 2020 15:26:40 GMT):
The ledger seems to be up: http://dev.greenlight.bcovrin.vonx.io (I believe this is the one used in the demos, correct?)

amanji (Fri, 11 Sep 2020 16:05:31 GMT):
Yeah that's the ledger referenced in both demos.

amanji (Fri, 11 Sep 2020 16:11:56 GMT):
The ledger is up, still getting the same error messages though ``` alice-agent_1 | Alice | 2020-09-11 16:09:45,790 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: alice-agent_1 | Alice | alice-agent_1 | Alice | Node is not a validator alice-agent_1 | Alice | alice-agent_1 | Alice | Invalid library state } ```

amanji (Fri, 11 Sep 2020 16:11:56 GMT):
The ledger is up, still getting the same error messages though when running the demo with that particular one. ``` alice-agent_1 | Alice | 2020-09-11 16:09:45,790 indy.libindy.native.indy.services.pool.pool ERROR src/services/pool/pool.rs:701 | Error during retrieving nodes: IndyError { inner: alice-agent_1 | Alice | alice-agent_1 | Alice | Node is not a validator alice-agent_1 | Alice | alice-agent_1 | Alice | Invalid library state } ```

amanji (Fri, 11 Sep 2020 16:18:39 GMT):
Tested with `LEDGER_URL=http://test.bcovrin.vonx.io` and seeing the error messages.

AryamaI (Sat, 12 Sep 2020 13:46:57 GMT):
Hello @esune , I understand that. What I am asking is to enable revocation I only start the agent containers with this command in the aries-cloudagent-python repo: AILS_NETWORK=docker_tails-server *LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --revocation --events*...... But when I start the controllers from this repo *https://github.com/hyperledger/aries-acapy-controllers*, it automatically starts the agens along with controllers without revocation. I am asking, using the controllers repo can the agents that are being started have revocation enabled?

AryamaI (Sat, 12 Sep 2020 13:46:57 GMT):
Hello @esune , I understand that. What I am asking is to enable revocation I only start the agent containers with this command in the aries-cloudagent-python repo: AILS_NETWORK=docker_tails-server *LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --revocation --events*...... But when I start the controllers from this repo *https://github.com/hyperledger/aries-acapy-controllers*, it automatically starts the agents along with controllers without revocation. I am asking, using the controllers repo can the agents that are being started also have revocation enabled?

AryamaI (Sat, 12 Sep 2020 13:46:57 GMT):
Hello @esune , thank you for the explaination. I understand that. But what I am asking is to enable revocation, I only start the agent containers with this command in the aries-cloudagent-python repo: AILS_NETWORK=docker_tails-server *LEDGER_URL=http://test.bcovrin.vonx.io ./run_demo faber --revocation --events*...... But when I start the controllers from this repo *https://github.com/hyperledger/aries-acapy-controllers*. It automatically starts the agents along with controllers without revocation. I am asking, using the controllers repo can the agents that are being started also have revocation enabled?

thearhaam (Sat, 12 Sep 2020 18:05:28 GMT):
@amanji @esune Using a local VON network solved this issue. https://chat.hyperledger.org/channel/aries?msg=XQfhurWKCJ86EtLac

trustcerts (Sun, 13 Sep 2020 18:01:39 GMT):
Has joined the channel.

trustcerts (Sun, 13 Sep 2020 18:01:39 GMT):
Hello everyone, I wanted to play around with the aries sdk to use another blockchain than indy. I read about the resolver of the verifiable data registry, but I haven't found any specifications of the required endpoint yet. Is there any documentation about the protocol between the agent and the verifiable data registry or do I have to reverse engineer the SDKs?

swcurran (Sun, 13 Sep 2020 19:23:28 GMT):
At this point, no one has implemented an "aries-vdri" component that enables pluggable interfaces to other ledgers. The different frameworks support either Indy (aries-cloudagent-python, aries-framework-dotnet) or Hyperledger Fabric (aries-framework-go) and do so without a common interface. The Indy-based frameworks use the indy-sdk.

domwoe (Mon, 14 Sep 2020 05:46:06 GMT):
Aries Framework Go has implemented support for HTTP resolvers that provide the Universal resolver interface. If you start the rest agent (https://github.com/hyperledger/aries-framework-go/packages/69982) you can specify http resolvers with the startup option --http-resolver-url did-method@url

AryamaI (Mon, 14 Sep 2020 10:25:58 GMT):

Faber DID Registerd

AryamaI (Mon, 14 Sep 2020 10:26:51 GMT):

Alice DID Not registered

AryamaI (Mon, 14 Sep 2020 10:27:13 GMT):
Hello everyone, in the Alice Faber Acme Demo, why is the public did of Alice not being created and registered on the ledger. Only Faber and Acme Dids are being created and registerd on the Ledger. This is the tutorial I followed https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo Please help me understand why the holder DID is not registered on the Ledger, only Issuer and Verifier DID are registered.

swcurran (Mon, 14 Sep 2020 16:52:18 GMT):
With Indy Verifiable Credentials supporting ZKPs, there is no need for a Holder/Prover (Alice) or Verifier to have a public DID. For communication purposes (to exchange messages) they have peer DIDs (non-ledger) that they exchange with one another, but for credential exchange, only the Issuer needs to have a DID on a public ledger.

AryamaI (Tue, 15 Sep 2020 05:09:27 GMT):
Thank you @swcurran . So having a public did to the holder is optional and if needed we can have it else not needed. But it is possible ti have public did to holder also right?

AryamaI (Tue, 15 Sep 2020 05:09:27 GMT):
Thank you @swcurran . So having a public did to the holder is optional and if needed we can have it else not needed. But it is possible to have public did to holder also right?

AryamaI (Tue, 15 Sep 2020 05:47:08 GMT):
Hello Everyone, can anyone confirm in Indy while issuing the credentials, if there is a feature of setting an expiry date sort of thing to the credential issued, like after some 10 years of credential issuance, expire it. I know from the documentation what I understood and was able to implement credential revocation with a seperate api. But I am curious to know while issuing credential only we can set some sort of expiration date to the credentials. I checked the docs couldnt find any. Any help is appreciated, thank you

domwoe (Tue, 15 Sep 2020 06:05:32 GMT):
AFAIK, you'd need to do that on the "application level", .i.e you could specify an attribute "expiresAt" which a verifier can ask you to disclose. However, if you care about the anonymous credentials you should make sure that the issuer issues a lot of credentials with the same expiration date otherwise this would become a good correlator.

AryamaI (Tue, 15 Sep 2020 11:38:31 GMT):
Hello Everyone, I am trying to understand briefly how User/holder anonymity is maintained at the time of credential verification. I see that holder's wallet data is encrypted by a master key. So, is there any API that allows a user to know his wallet master key? As a response to the proof of request, I see a master_secret value in the API Response sent by the holder, what is it.? In the AliceFaber example, I see that some attribute values are revealed like name, degree at the point of verification. Only the age is kept hidden based on the predicate. So, cant we ensure complete anonymity by even hiding the other fields. Also, from my understanding, all encryption works internally work using URSA, but do we still need to do any extra enablement when running the ALiceFaberDemo for master key or anything? I haven't done anything differently. So, how does user anonymity works in here, and similarly, what is the purpose of the master key used for encrypting the wallet, in brief? Kindly help me understand these points

swcurran (Tue, 15 Sep 2020 16:45:29 GMT):
Yes - it is possible and could be used as a claim in an issued credential.

AryamaI (Wed, 16 Sep 2020 00:27:01 GMT):
Ok. Thank you. Got it

AryamaI (Wed, 16 Sep 2020 00:32:00 GMT):
Ok. Tq for the clarification

Vid201 (Wed, 16 Sep 2020 07:56:28 GMT):
Has joined the channel.

AryamaI (Wed, 16 Sep 2020 10:40:44 GMT):
Hello Everyone, I am trying to understand briefly how User/holder anonymity is maintained at the time of credential verification. I see that holder's wallet data is encrypted by a master key. So, is there any API that allows a user to know his wallet master key? As a response to the proof of request, I see a master_secret value in the API Response sent by the holder, what is it.? In the AliceFaber example, I see that some attribute values are revealed like name, degree at the point of verification. Only the age is kept hidden based on the predicate. So, cant we ensure complete anonymity by even hiding the other fields. Also, from my understanding, all encryption works internally work using URSA, but do we still need to do any extra enablement when running the ALiceFaberDemo for master key or anything? I haven't done anything differently. So, how does user anonymity works in here, and similarly, what is the purpose of the master key used for encrypting the wallet, in brief? Kindly help me understand these points

avi23 (Wed, 16 Sep 2020 12:05:34 GMT):
Hello Folks, swcurran can anyone please put some sight on how the master secret works in Indy to obtain the user anonymity? how can we hide user details like email , name etc using master secret key while presenting it for verification to verifier?

TelegramSam (Wed, 16 Sep 2020 19:07:45 GMT):
Meeting on now!

TelegramSam (Wed, 16 Sep 2020 19:17:10 GMT):
Meeting is deferred. Super low numbers.

phuctu1901 (Thu, 17 Sep 2020 00:45:03 GMT):
Thank for your support @swcurran . I have just do a temporary method. I edited the source code of ursa to solve the above problem. Instead of generating a random variable r value to calculate a_prime variable value, I use a fixed variable r value for some cases. This approach seems insecure because it depends on the prover side and the verifier cannot know if the a_prime value is computed from a given r value. But I think this is the easiest way for a graduate project. The results are quite feasible.

swcurran (Thu, 17 Sep 2020 13:00:33 GMT):
Good stuff. Sorry for the lack for reply. Domain proofs are not in Indy today, so the results you are seeing make sense.

swcurran (Thu, 17 Sep 2020 13:01:04 GMT):
Nice hack to show the concept!

haggis (Thu, 17 Sep 2020 13:57:33 GMT):
Has joined the channel.

haggis (Thu, 17 Sep 2020 14:06:14 GMT):
Hi guys! Would it be possible to create a proof in advance (since it's known what the question is) and send this proof to multiple independent agents that all want to know the same? The scenario would be, that a citizen wants to write something into a Fabric Blockchain which consists of a city consortium. The chaincodes however must validate, that the citizen is a registered, let's say taxi driver. So if the Fabric consortium exists of 3 organisations, the taxi driver's agent would need to connect and interact with all of them. It would be sexier, if she could create the proof in advance and just include it in her Fabric transaction so that each organisations chaincode can verify it directly. Is that possible or is there a smarter solution?

haggis (Thu, 17 Sep 2020 14:06:14 GMT):
Hi guys! Would it be possible to create a proof in advance (since it's known what the question is) and send this proof to multiple independent agents that all want to know the same? The scenario would be, that a citizen wants to write something into a Fabric Blockchain which consists of a city consortium. The chaincodes however must validate that the citizen is a registered, let's say taxi driver. So if the Fabric consortium exists of 3 organisations, the taxi driver's agent would need to connect and interact with all of them. It would be sexier, if she could create the proof in advance and just include it in her Fabric transaction so that each organisations chaincode can verify it directly. Is that possible or is there a smarter solution?

haggis (Thu, 17 Sep 2020 14:06:14 GMT):
Hi guys! Would it be possible to create a proof in advance (since it's known what the question is) and send this proof to multiple independent agents that all want to know the same? The scenario would be, that a citizen wants to write something into a Fabric Blockchain which consists of a city consortium. The chaincodes however must validate that the citizen is a registered, let's say taxi driver. So if the Fabric consortium exists of 3 organisations, the taxi driver's agent would need to connect and interact with all of them. It would be sexier if she could create the proof in advance and just include it in her Fabric transaction so that each organisations chaincode can verify it directly. Is that possible or is there a smarter solution?

esplinr (Thu, 17 Sep 2020 19:43:54 GMT):
Selective disclosure is the property by which you can choose which attributes of a credential you want to include in a proof, and which you want to withhold. If the credential was signed as a whole, then that signature would not be valid when sharing just a subset of fields.

esplinr (Thu, 17 Sep 2020 19:44:16 GMT):
The other feature the master secret provides is the ability to compose a compound proof with attributes from multiple credentials.

esplinr (Thu, 17 Sep 2020 19:44:42 GMT):
If the link secret is changed, credentials issued with the new link secret value cannot be correlated with credentials using the old link secret value.

esplinr (Thu, 17 Sep 2020 19:45:39 GMT):
https://github.com/hyperledger/indy-hipe/tree/master/text/0109-anoncreds-protocol

esplinr (Thu, 17 Sep 2020 19:47:48 GMT):
To preserve the privacy of the taxi driver, it is considered best practice for the driver to use a different peer DID with each connection. But this means a different proof would have to be generated to for each verifying party.

haggis (Thu, 17 Sep 2020 21:09:12 GMT):
Thanks esplinr! In this case the identity of the driver would need to be public because a token will be accounted to her identity. So each time the taxi driver interacts with Fabric, the same DID needs to be used. If I understand you correctly: when privacy doesn't need to be preserved (same DID for all "connections") and the same subset of fields has to be proofed, then it is possible to create the proof once and share it with each verifying party? I'm thinking about storing the proof itself in Fabric so that each verifying party can read the proof from the ledger without direct interaction with the taxi driver's agent (would be a bad UX if she needs to approve multiple connections for a single transaction).

phuctu1901 (Fri, 18 Sep 2020 01:19:13 GMT):
No problem. I hope the domain proof feature will be released soon. Thank you.

rileyphughes (Fri, 18 Sep 2020 01:45:41 GMT):
You can't have the same proof shared publicly because there is a challenge-response pattern in the protocol to prevent replay attacks. So you only generate a proof after you get a proof request from the verifier.

rileyphughes (Fri, 18 Sep 2020 01:46:12 GMT):
You can use something called verification proposals to solve this use case, which is supported in Aries .NET

avi23 (Fri, 18 Sep 2020 04:50:25 GMT):
thanks @esplinr for explanation, i understood that point, but also in the alice/faber demo using aca-py agents we saw that verifer used to prepare the proof request first and then holder used to accept that request and present the attributes asked by verifier..

avi23 (Fri, 18 Sep 2020 04:52:09 GMT):
i didn't found the process in any demo where holder used to generate the proof request first using selective disclosure..could you please provide some input here?

avi23 (Fri, 18 Sep 2020 04:52:33 GMT):
i believe that in demo that process might have skipped.. is that correct?

haggis (Fri, 18 Sep 2020 06:31:55 GMT):
Good point, thank you!

avi23 (Fri, 18 Sep 2020 09:16:35 GMT):
@esplinr thanks much for the explanation, so when we say "Selective disclosure is the property by which you can choose which attributes of a credential you want to include in a proof, and which you want to withhold" is that in respect to Holder or verifier? as we know that proof request is getting generated by verifier and Holder has no control to choose those attributes list...if i am not wrong..

avi23 (Fri, 18 Sep 2020 09:17:36 GMT):
so my question is how and at what point user can control what to share and what not to share with verifier ? could you please provide your inputs here?

esplinr (Fri, 18 Sep 2020 15:39:37 GMT):
That is really determined by the holder's agent. The holder can choose to reject the proof request, or can respond with a proof that is different from the one requested. Then the verifier has to decide whether or not to accept the supplied proof.

esplinr (Fri, 18 Sep 2020 15:40:31 GMT):
(See the Verification Proposals RFC for details on that.)

AryamaI (Sat, 19 Sep 2020 04:05:57 GMT):
@esplinr @MALodder can you please shed brief light on what are hidden attributes and known attributes in a credential as agreed between holder and issuer? Only at pts of verification only we can hide attribute value and prove it with a predicate rt?

AryamaI (Sat, 19 Sep 2020 04:05:57 GMT):
@esplinr @MALodder can you please shed brief light on what are hidden attributes and known attributes in a credential as agreed between holder and issuer? Only at the time of verification we can hide attribute value and prove it with a predicate rt?

AryamaI (Sat, 19 Sep 2020 04:05:57 GMT):
@esplinr @MALodder can you please shed brief light on what are hidden attributes and known attributes in a credential agreed between holder and issuer as mentioned above int the annual creds doc git link? Only at the time of verification we can hide attribute value and prove it with a predicate rt?

AryamaI (Sat, 19 Sep 2020 04:05:57 GMT):
@esplinr @MALodder can you please shed brief light on what are hidden attributes and known attributes in a credential agreed between holder and issuer as mentioned above in the anoncreds doc shared above? Only at the time of verification we can hide attribute value and prove it with a predicate rt?

MALodder (Sun, 20 Sep 2020 19:21:43 GMT):
Known attributes are those the issuer knows when signing. Hidden are those they agree to be signed but the issuer doesn’t know

AryamaI (Sun, 20 Sep 2020 19:43:29 GMT):
@MALodder so you mean to say that considering name, age to be two attributes in a credential then holder might be willing to let his name be known to the issuer but not his age. So the issuer issues a credential with the knowledge of holders name but not knowing what holders age is?

MALodder (Sun, 20 Sep 2020 19:56:53 GMT):
The issuer has to agree to do that.

MALodder (Sun, 20 Sep 2020 19:57:25 GMT):
Most issuers wouldn’t do that

MALodder (Sun, 20 Sep 2020 19:58:35 GMT):
In indys case they use hidden attributes to hide things like random secrets for linking credentials

AryamaI (Mon, 21 Sep 2020 03:07:38 GMT):
Ok, got it. @MALodder thank you for the explanation.

simnic (Mon, 21 Sep 2020 12:51:24 GMT):
Has joined the channel.

thearhaam (Wed, 23 Sep 2020 08:58:09 GMT):
Hey guys was having some trouble with the message API's for AliceFaberAcme Demo (https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo) The following API "/connections/{id}/send-message" is present for sending a message How do I retrieve this message at the receivers end?

adrijanrogan (Wed, 23 Sep 2020 13:17:04 GMT):
Has joined the channel.

mtfk (Wed, 23 Sep 2020 13:24:28 GMT):
Today Aries morning call would be devoted for Aries Architecture and better understanding how to introduce interoperability in all aries components. It would be rather technical discussion about current state and roadmap how to achieve those goals so I would invite everyone who is actively working on any implementation of existing components to join the call and the discussion. After the call materials would be shared here so those would not be able to join still would have a chance to provide feedback and comments. Thanks

blidd (Wed, 23 Sep 2020 14:34:40 GMT):
Has joined the channel.

Alexi (Wed, 23 Sep 2020 18:26:13 GMT):
Hey everyone throwing a question into the pit in case anyone has some insight. If there is a message that includes both a `~service` and `~transport` decorator is there one that should prioritized over the other?

brentzundel (Wed, 23 Sep 2020 18:38:34 GMT):
I logged on to say the same thing @rileyphughes did above. @rileyphughes can you point me to the rfc that describes verification proposals? I'd like to familiarize myself with them.

mccown (Wed, 23 Sep 2020 19:12:53 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (Sep 24th @ 9am MT). This is a chance to get updates on a variety of WG calls that you may have missed this week. Our guest presenters will be Kevin Griffin and Philip Feairheller from Scoir and they will be giving a presentation of Canis "The Extensible, RESTful Credentialing Hub". Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-09-24+Identity+Implementers+WG+Call Zoom: https://zoom.us/j/244779296

kdenhartog (Thu, 24 Sep 2020 01:14:29 GMT):
This question would be better to raise in the aries-rfc issues. You'll likely get a more robust discussion there. In any case @swcurran or @andrew.whitehead or @troyronda would be people who could weigh in on it.

haggis (Thu, 24 Sep 2020 07:01:30 GMT):
He means proof proposals, which are described here: https://github.com/hyperledger/aries-rfcs/tree/master/features/0037-present-proof#propose-presentation

haggis (Thu, 24 Sep 2020 07:04:09 GMT):
If we use those proposals as part of the Fabric transaction, each endorser will have to connect to the holder and request the proposal. So there might be multiple connection requests and a lot of chatter. Isn't there a more "elegant" solution?

haggis (Thu, 24 Sep 2020 16:59:15 GMT):
I got a lot of ideas from @rileyphughes (thx!) regarding integration of Indy and Fabric. Even though, I still don't understand it completely. So I've opened a SO with more explanations and a little diagram. I hope someone can shed some light on this: https://stackoverflow.com/questions/64050951/verify-indy-credential-from-within-fabric-chaincode

haggis (Thu, 24 Sep 2020 17:00:07 GMT):
Btw: no SO tag for hyperledger-aries yet? :zany_face:

DattaPatil (Thu, 24 Sep 2020 19:02:24 GMT):
Has joined the channel.

DattaPatil (Thu, 24 Sep 2020 19:06:16 GMT):
Hi There, Can i use aries with Corda? Does is support to Corda?

TelegramSam (Thu, 24 Sep 2020 19:24:01 GMT):
There is not currently support for Corda, but it may be possible to use Aries with a Corda ledger through development of Corda ledger plugins.

rileyphughes (Thu, 24 Sep 2020 21:48:14 GMT):
@DattaPatil I've heard of an effort called Cordentity, maybe there is something interesting for you to explore in that project? https://www.corda.net/blog/meet-cordentity/

avi23 (Fri, 25 Sep 2020 10:35:34 GMT):
Hi Folks, @rileyphughes can anyone suggest if we can use Trinsic and its recommended to build any Indy application which we want to deploy on production?

ldej (Fri, 25 Sep 2020 12:10:58 GMT):
Has joined the channel.

rileyphughes (Fri, 25 Sep 2020 13:22:12 GMT):
@avi23 yes you can use Trinsic in production!

rileyphughes (Fri, 25 Sep 2020 13:22:56 GMT):
@avi23 Trinsic is an Aries-level application, which means it's not used for creating the Indy layer. You can use Trinsic to connect to any indy network, including Sovrin, or you can use your own indy network

avi23 (Fri, 25 Sep 2020 13:36:15 GMT):
thanks @rileyphughes so what is the recommended way to connect to indy network for any prduction level APP? is it recommended to use https://sovrin-mainnet-browser.vonx.io/ ?

avi23 (Fri, 25 Sep 2020 13:36:55 GMT):
or its recommended to create a separate indy network and use thant in production?

WadeBarnes (Fri, 25 Sep 2020 13:49:13 GMT):
For a production level commercial application you're going to want to look at using the Sovrin ledger networks. They are secure, full distributed, and fully HA. Each node on each of the networks is hosted and maintained by a dedicated Steward (a company or organization with formal agreements with the Sovrin Foundation). A list of Stewards can be found on the [Sovrin](https://sovrin.org/) website. - For dev environments there is [BuilderNet](https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_builder_genesis) - For test/staging environments there is [StagingNet](https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_sandbox_genesis) - For production environments there is [MainNet](https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_live_genesis) You can register DIDs on BuilderNet and StagingNet here; https://selfserve.sovrin.org/

rileyphughes (Fri, 25 Sep 2020 13:54:04 GMT):
I agree with @WadeBarnes that for production you'll want to use Sovrin MainNet. The only thing I would mention is that the link that Wade provided above doesn't let you write to MainNet. To do that, you can create a MainNet issuer in Trinsic, which automatically writes your DID for you to MainNet

rileyphughes (Fri, 25 Sep 2020 13:54:30 GMT):
You can also use Trinsic to create issuers on StagingNet/BuilderNet as well

avi23 (Fri, 25 Sep 2020 14:12:01 GMT):
thanks @WadeBarnes @rileyphughes so does that sovrin mainnet network provide all the things like node validators, ledger to write etc?

avi23 (Fri, 25 Sep 2020 14:13:18 GMT):
Also, could you please provide some reference on how to connect to mainnet and deploy app to prodcution?

WadeBarnes (Fri, 25 Sep 2020 14:14:19 GMT):
`does that sovrin mainnet network provide all the things like node validators, ledger to write etc?` Yes

WadeBarnes (Fri, 25 Sep 2020 14:15:12 GMT):
The link above for MainNet is a link to the Genesis transaction file needed for agents to connect to the ledger.

WadeBarnes (Fri, 25 Sep 2020 14:15:12 GMT):
The links above contain the link to the Genesis transaction files needed for agents to connect to the given ledgers.

WadeBarnes (Fri, 25 Sep 2020 14:15:40 GMT):
A good place to start is here; https://github.com/hyperledger/aries-cloudagent-python

WadeBarnes (Fri, 25 Sep 2020 14:18:48 GMT):
There are frameworks for other languages too: https://github.com/hyperledger/aries-framework-go https://github.com/hyperledger/aries-framework-dotnet https://github.com/hyperledger/aries-framework-javascript

WadeBarnes (Fri, 25 Sep 2020 14:19:23 GMT):
You'll want to also look at agent testing using ; https://github.com/hyperledger/aries-agent-test-harness

WadeBarnes (Fri, 25 Sep 2020 14:21:27 GMT):
For local development and testing there is also [](https://github.com/bcgov/von-network)

WadeBarnes (Fri, 25 Sep 2020 14:21:27 GMT):
For local development and testing there is also [bcgov/von-network](https://github.com/bcgov/von-network), which is a provisional Indy Node network/ledger running in DOcker.

rileyphughes (Fri, 25 Sep 2020 16:18:22 GMT):
@WadeBarnes don't forget that, to write to Sovrin MainNet, you'll need to either 1. apply for a transaction endorser status with sovrin foundation, go through board approval, sign the legal agreement, etc. or 2. go through a service provider who already has an endorser.

rileyphughes (Fri, 25 Sep 2020 16:18:59 GMT):
The original question was about Trinsic, so I was answering about Trinsic (based on Aries .NET), but as Wade points out there are open source codebases you can use if you want to do more heavy lifting

rileyphughes (Fri, 25 Sep 2020 16:19:17 GMT):
There are also other "agent as a service" providers out there who would be happy to help.

WadeBarnes (Fri, 25 Sep 2020 16:20:35 GMT):
Good point @rileyphughes, @avi23 you need to take that all into consideration.

danielhardman (Fri, 25 Sep 2020 17:55:58 GMT):
I wanted to make the community aware of Stephen Curran's helpful PR that shifts message type URIs from being prefixed with a DID (did:sov:....) to being prefixed with https://didcomm.org/. We discussed it on our last Wednesday B call and agreed to it conceptually. Now the PR has been raised. I reviewed and approved it, but I didn't want to merge it until the community has a chance to take a look. Please do, when you get a chance: https://github.com/hyperledger/aries-rfcs/pull/541

avi23 (Sat, 26 Sep 2020 05:33:52 GMT):
@rileyphughes @WadeBarnes Thanks for all the inputs...so does that mean there is a cost invloved to write data into sovinn ledger using mainnet?

avi23 (Sat, 26 Sep 2020 05:34:15 GMT):
could you please provide some more input on that?

WadeBarnes (Sat, 26 Sep 2020 14:42:03 GMT):
@swcurran, would you be able to provide some links or information ^.

swcurran (Sat, 26 Sep 2020 19:20:21 GMT):
Here is the current price list for writes to the ledger: https://sovrin.org/issue-credentials/ Note that reads are free, so that issuing, proving and verifying credentials do not have ledger fees.

avi23 (Sun, 27 Sep 2020 05:53:29 GMT):
thanks @swcurran

EtricKombat (Mon, 28 Sep 2020 10:32:01 GMT):
Hi Team, is ther a guidelines for using the python script 'make_image.py' ? ( https://github.com/bcgov/aries-cloudagent-container/blob/master/make_image.py )

EtricKombat (Mon, 28 Sep 2020 10:32:18 GMT):
when i tired it out i got somethng like this ... make_image.py: error: the following arguments are required: implementation

EtricKombat (Mon, 28 Sep 2020 10:37:00 GMT):
the intention was to create a new docker image hosted on seperate docker hub registery

EtricKombat (Mon, 28 Sep 2020 10:42:55 GMT):
I just found out about similar issue/question and following it now : https://github.com/bcgov/aries-cloudagent-container/issues/23

WadeBarnes (Mon, 28 Sep 2020 13:28:45 GMT):
@EtricKombat, Did that resolve your issue?

WadeBarnes (Mon, 28 Sep 2020 13:32:43 GMT):
I'd recommend opening and issue and providing details and logs. That will allow us to better assist you. Are you building containers from custom code? If not the [bcgovimages/aries-cloudagent](https://hub.docker.com/r/bcgovimages/aries-cloudagent) image is kept up to date and is freely available.

nirupamjm (Mon, 28 Sep 2020 18:43:59 GMT):
Has joined the channel.

EtricKombat (Mon, 28 Sep 2020 18:51:32 GMT):
Hi @WadeBarnes ...I'm trying to build containers from custom code...will raise an issue like you suggested with more details and logs.

krgko (Tue, 29 Sep 2020 09:53:57 GMT):
Has joined the channel.

avi23 (Tue, 29 Sep 2020 11:44:58 GMT):
@swcurran @WadeBarnes could you please confirm one more point here...can we implement Ricardian contract with Indy?

haggis (Tue, 29 Sep 2020 11:53:56 GMT):
Hi guys, regarding the example of presenting a proof of age via the drivers licence in a bar: in theory, you have to establish a connection in each bar to the bar's agent first. Then you can start with the Proof Proposal or Proof Request. In practice, this takes too much time. If you're in a crowded bar the first time, all that should be necessary is the barkeeper scanning a QR code from your phone and getting an instant check- or cross mark. Is that possible today with Aries?

TimoGlastra (Tue, 29 Sep 2020 12:42:47 GMT):
Hi @haggis you are right that it is not always desired to make a connection before starting a proof exchange. This is already possible and generally called a "connectionless proof". ACA-Py and Aries Framework .NET support it. The current way to do this is using the out-of-band protocol (https://github.com/hyperledger/aries-rfcs/blob/master/features/0434-outofband/README.md) however current implementations (I think) make use of the `~service` decorator to initiate the present proof protocol without creating a connection first.

haggis (Tue, 29 Sep 2020 13:24:27 GMT):
Thanks, @TimoGlastra! I read about that RFC before but didn't know it's already implemented in some frameworks due to its PROPOSED status :thumbsup:

TimoGlastra (Tue, 29 Sep 2020 13:41:49 GMT):
AFAIK the out-of-band protocol method is not implemented yet. The current implementations still use the "old" method using the `~service` decorator.

TelegramSam (Tue, 29 Sep 2020 17:10:09 GMT):
Question re: website auth: https://github.com/hyperledger/aries-rfcs/issues/545

swcurran (Tue, 29 Sep 2020 18:30:43 GMT):
Indy does not have smart contract. All the business activities happen off ledger. The only thing that goes on ledger are the cryptographic material needed to issue, prove and verify credentials.

mtfk (Wed, 30 Sep 2020 06:44:23 GMT):
Next week on 07/10 I will not be available for Aries WG morrning call. Would anyone volunteer to lead that call that day?

TelegramSam (Wed, 30 Sep 2020 19:04:07 GMT):
Meeting on now: https://us02web.zoom.us/j/856588081

TelegramSam (Wed, 30 Sep 2020 19:06:19 GMT):
Please message here if you have trouble joining.

swcurran (Thu, 01 Oct 2020 22:39:56 GMT):
I can take it. A group of us want to do a discussion on Revocation 2.0 and so we thought we would use that meeting.

mtfk (Fri, 02 Oct 2020 06:04:11 GMT):
Perfect! Thanks

swcurran (Fri, 02 Oct 2020 13:16:22 GMT):
@rjones - can you please update the Aries morning call with a new Hyperledger Zoom call? We'll get it published. @TelegramSam -- we should probably do the same for the B call since the old URL doesn't work well.

dgt1nsty (Fri, 02 Oct 2020 13:44:06 GMT):
Has joined the channel.

TelegramSam (Fri, 02 Oct 2020 14:25:28 GMT):
recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41582775

sklump (Fri, 02 Oct 2020 14:27:41 GMT):
Has left the channel.

kangme (Sun, 04 Oct 2020 07:17:34 GMT):
Hi,guys,I am new to aries,Is there a way to create agents by myself? Am I only able to do this by modifying the alice/faber demo?

kangme (Sun, 04 Oct 2020 07:19:27 GMT):
I find arie's docs need to be gradually improved, and it doesn't seem to be very newbie friendly at the moment.

wip-abramson (Mon, 05 Oct 2020 09:50:47 GMT):
Hey, I feel you. I have been there :) I have recently worked with a few folks to create a jupyter notebook tutorial series that should hopefully get you the knowledge you are looking for. Assuming you know python etc. https://github.com/OpenMined/PyDentity/tree/master/tutorials/aries-basic-controller

wip-abramson (Mon, 05 Oct 2020 09:51:43 GMT):
It might be a bit rough around the edges so would love some feedback, P.Rs etc. Let me know how you get on

wip-abramson (Mon, 05 Oct 2020 13:05:34 GMT):
I also just pushed this - https://github.com/wip-abramson/aries-acapy-fullstack-starter which uses the tools in that repo to create a full stack aries application

ianco (Mon, 05 Oct 2020 15:15:21 GMT):
The standard way to setup an agent (as much as there are standards) is to use docker/docker-compose and then write a controller app using a language like python or javascript

ianco (Mon, 05 Oct 2020 15:15:49 GMT):
@kangme I believe you already have access to examples of a docker-compose setup

ianco (Mon, 05 Oct 2020 15:16:37 GMT):
There are some other examples here: https://github.com/hyperledger/aries-acapy-controllers

swcurran (Mon, 05 Oct 2020 18:51:43 GMT):
On this Wednesday's Aries Morning call we are going to talk about Indy/Aries Revocation 2.0 by looking at the different options that have been put forward for scaled ZKP revocation. I've put together a document (link below) that I'd like especially those that already understand the options to review and make sure that I have my facts correct. Others interested in the topic are encouraged to join and I'll provide a brief summary of the topic and approaches as the basis for the conversation. The call is this Wednesday, October 7 at 7AM Pacific / 4PM CET using the *NEW* Aries Morning Call Zoom Link: https://zoom.us/my/hyperledger.community?pwd=STZQd0xMZU9xRVVOVnpQM3JNQ2dqZz09 Document for prereading: https://docs.google.com/document/d/1QHTxCrv0HUwLaqbOMabVoIj1Rc_lpF5WCd2l3QZcq2w/edit?usp=sharing

swcurran (Mon, 05 Oct 2020 18:51:43 GMT):
On this Wednesday's Aries Morning call we are going to talk about Indy/Aries Revocation 2.0 by looking at the different options that have been put forward for scaled ZKP revocation. I've put together a document (link below) that I'd like especially those that already understand the options to review and make sure that I have my facts correct. Others interested in the topic are encouraged to join and I'll provide a brief summary of the topic and approaches as the basis for the conversation. The call is this Wednesday, October 7 at 7AM Pacific / 4PM CET using the *NEW* Aries Morning Call Zoom Link: Document for prereading: https://docs.google.com/document/d/1QHTxCrv0HUwLaqbOMabVoIj1Rc_lpF5WCd2l3QZcq2w/edit?usp=sharing

swcurran (Mon, 05 Oct 2020 18:51:43 GMT):
On this Wednesday's Aries Morning call we are going to talk about Indy/Aries Revocation 2.0 by looking at the different options that have been put forward for scaled ZKP revocation. I've put together a document (link below) that I'd like especially those that already understand the options to review and make sure that I have my facts correct. Others interested in the topic are encouraged to join and I'll provide a brief summary of the topic and approaches as the basis for the conversation. The call is this Wednesday, October 7 at 7AM Pacific / 4PM CET using the *NEW* Aries A Morning Call Zoom Link: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 Document for prereading: https://docs.google.com/document/d/1QHTxCrv0HUwLaqbOMabVoIj1Rc_lpF5WCd2l3QZcq2w/edit?usp=sharing

Sandeepk40 (Wed, 07 Oct 2020 04:31:55 GMT):
Has joined the channel.

Alexi (Wed, 07 Oct 2020 14:05:51 GMT):
^^ only me and one other person are in that zoom, is it the right link? @swcurran

Alexi (Wed, 07 Oct 2020 14:08:02 GMT):
correct link for anyone trying to join: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

swcurran (Wed, 07 Oct 2020 15:19:02 GMT):
@Alexi--strange. I think the issue is your RocketChat client. I edited that post to have the right info in it, but it looks like you might be looking at the pre-edit version. What I see on my screen is the same link in my message and yours :-).

Alexi (Wed, 07 Oct 2020 19:01:40 GMT):
oh that is odd, all good in the end :thumbup:

Alexi (Wed, 07 Oct 2020 19:01:40 GMT):
oh that is odd, all good in the end :thumbup: - you are right, a hard reload of the client fixed it

nage (Wed, 07 Oct 2020 19:01:52 GMT):
@TelegramSam is the wiki link for the Aries B call up to date?

nage (Wed, 07 Oct 2020 19:02:58 GMT):
I was just let into the meeting so it looks like it is up to date

nage (Wed, 07 Oct 2020 19:03:08 GMT):
https://zoom.us/j/856588081

mccown (Wed, 07 Oct 2020 19:52:17 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (Oct 8th @ 9am MT). In this call, we review updates from a variety of industry WGs that you may have missed this week. For our discussion this week, I am planning to describe some cryptographic primitives and then we can all discuss if / how they might be of use to identity. Here are links to the Wiki and the Zoom meeting. Wiki: https://wiki.hyperledger.org/display/IWG/2020-10-08+Identity+Implementers+WG+Call Zoom: https://zoom.us/j/244779296

vasantkk (Thu, 08 Oct 2020 10:35:46 GMT):
Has joined the channel.

vasantkk (Thu, 08 Oct 2020 10:36:33 GMT):
I am confused as some parts of indy-sdk are part of aries?

TelegramSam (Thu, 08 Oct 2020 14:46:36 GMT):
Only as a step until those libraries can be replaced.

TelegramSam (Thu, 08 Oct 2020 14:48:14 GMT):
Some Aries projects do not have that dependency, like Aries Framework Go.

TelegramSam (Thu, 08 Oct 2020 15:38:58 GMT):
Next week, the Aries B call has a new link. Update your calendars, or pull right form the HL calendar! Wiki has corrected link as well.

czar0 (Fri, 09 Oct 2020 11:11:29 GMT):
Has joined the channel.

raduke (Fri, 09 Oct 2020 11:14:51 GMT):
Has joined the channel.

ZappaBoy (Fri, 09 Oct 2020 13:04:22 GMT):
Has joined the channel.

ZappaBoy (Fri, 09 Oct 2020 13:04:23 GMT):
Hi all

Matt-Spence (Fri, 09 Oct 2020 15:37:28 GMT):
Has joined the channel.

Matt-Spence (Fri, 09 Oct 2020 15:37:28 GMT):
Howdy all. I'm relatively new to Aries and I have a fairly specific question: I'm building an implementation of the BasicMessage protocol from the aries RFC

Matt-Spence (Fri, 09 Oct 2020 16:26:32 GMT):
Howdy all

Matt-Spence (Fri, 09 Oct 2020 16:42:10 GMT):
So I'm relatively new to working with Aries protocols, and I'm working on implementing the basic message protocol from RFC 0095. The protocol doesn't call for any states, but I need to add some to my implementation to support things like threading. What do I need to do to ensure this doesn't break interoperability? I apologize if this is too broad a question, let me know if I need to be more specific

swcurran (Fri, 09 Oct 2020 17:35:47 GMT):
At lot depends on what you are doing -- e.g. building a framework from scratch, using an existing one, etc. There are three major frameworks (going on more...) that you can look at to see how things are handled -- python, go and .NET. Threading and protocol state object handling is largely an internal concern for an Aries agent, but all implementations are likely going to be pretty similar since the state defines the protocol sequence.

lijiachuan (Sat, 10 Oct 2020 00:36:21 GMT):
hi All, I have one issue about the connection establishment, the connection status is keep as `response` but not `active`, may I know might be the reason for that? Thanks.

andrew.whitehead (Sat, 10 Oct 2020 01:07:55 GMT):
It should move to active when a message is received from the other agent

lijiachuan (Sat, 10 Oct 2020 01:09:09 GMT):
May I know what type of message it should be?

andrew.whitehead (Sat, 10 Oct 2020 01:09:24 GMT):
Any agent message

andrew.whitehead (Sat, 10 Oct 2020 01:09:45 GMT):
We often use a trust ping

Nabil-oussa (Mon, 12 Oct 2020 08:51:16 GMT):
Has joined the channel.

Nabil-oussa (Mon, 12 Oct 2020 08:51:16 GMT):
Hi all: Currently I am on a project about SSI using hyperledger Indy platform, my question which is the mobile agent that you used to develop the holder part. My question is precisely what type of mobile agent I can use and which is functional Aries MAX (Aries Mobile Agent Xamarin) - Xamarin / .Net, Aries React-Native Mobile Agent (ARNIMA) - React Native or React Native Indy SDK (rn-indy-sdk) - React Native. Thanks in advance for your help

TimoGlastra (Mon, 12 Oct 2020 10:08:40 GMT):
Hi @Nabil-oussa , Aries Mobile Agent Xamarin is the most complete of all. It uses Aries Framework .NET where most of the current Holder wallets are build on top (Trinsic, Esatus, Lissi, ...). ARNIMA isn't updated for a while and doesn't have a lot of functionality yet. Finally, rn-indy-sdk in itself doesn't provide any Aries functionality -- it's just a wrapper around indy-sdk for Android and iOS exposed to Javascript to be used in react native. You can then use rn-indy-sdk in aries-framework-javascript instead of indy for NodeJS. However aries-framework-javascript is still in development and doesn't provide all of the the basic features yes (connect, issue, verify) so for now using Aries Framework .NET (Xamarin) would probably be the easiest / most ready choice. Does this answer you question?

TimoGlastra (Mon, 12 Oct 2020 10:08:40 GMT):
Hi @Nabil-oussa , Aries Mobile Agent Xamarin is the most complete of all. It uses Aries Framework .NET where most of the current Holder wallets are build on top (Trinsic, Esatus, Lissi, ...). ARNIMA isn't updated for a while and doesn't have a lot of functionality yet. Finally, rn-indy-sdk in itself doesn't provide any Aries functionality -- it's just a wrapper around indy-sdk for Android and iOS exposed to Javascript to be used in react native. You can then use rn-indy-sdk in aries-framework-javascript instead of indy for NodeJS. However aries-framework-javascript is still in development and doesn't provide all of the the basic features yet (connect, issue, verify) so for now using Aries Framework .NET (Xamarin) would probably be the easiest / most ready choice. Does this answer your question?

Nabil-oussa (Mon, 12 Oct 2020 11:33:42 GMT):
Yes, Thank you very much for all the explanations.

askemeline (Mon, 12 Oct 2020 14:49:01 GMT):
Has joined the channel.

askemeline (Mon, 12 Oct 2020 14:49:02 GMT):
HI there, I got a trouble when I installed indy-cli on ubuntu Unable to locate package indy-cli Some know how to solve it?

deas (Mon, 12 Oct 2020 16:21:31 GMT):
Has joined the channel.

haggis (Mon, 12 Oct 2020 18:14:11 GMT):
Is it possible to observe a connection until its state is connected in *dotnet*? I'm trying to get the current state of a `ConnectionRecord` by doing a ``` var (msg, rec) = await _connectionService.CreateRequestAsync(context, _invite); var result = await _connectionService.ListAsync(context, SearchQuery.Equal("Id", rec.Id)); Console.WriteLine(result.Count); // 0 ``` I suppose I'm using `SearchQuery` wrong. Any ideas?

tejgundavelli (Mon, 12 Oct 2020 22:34:00 GMT):
Has joined the channel.

askemeline (Tue, 13 Oct 2020 11:42:45 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=wyZfkEnwykaS7hagG) I got a problem when I did `sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88` it's returns `gpg: failure to receive from the key server: No data` Anyone can help please ?

pixelschnitzel (Wed, 14 Oct 2020 08:09:46 GMT):
Hi. It depends on your Ubuntu version. The documentation says, it only has binaries for 16.04 and 18.04.

anil_helvaci (Wed, 14 Oct 2020 11:37:45 GMT):
Has joined the channel.

anil_helvaci (Wed, 14 Oct 2020 11:37:46 GMT):
What is the best sdk choice for developing a mobile aries agent? Is it xamarin with dotnet sdk or react-native with javascript sdk or two native applications with libraries build from go sdk ?

anil_helvaci (Wed, 14 Oct 2020 11:38:02 GMT):
Any answer would be much appreciated

TimoGlastra (Wed, 14 Oct 2020 11:45:35 GMT):
I answered a similar question a couple days ago: https://chat.hyperledger.org/channel/aries?msg=Ei5QGWyGDGNy3F7yi . aries framework go doesn’t support indy based credentials (yet) and therefore isn’t interoperable with the other implementations. It really depends on your requirements

anil_helvaci (Wed, 14 Oct 2020 11:50:30 GMT):
Your answer is so helpful thank you so much

PatrikStas (Wed, 14 Oct 2020 11:54:44 GMT):
@anil_helvaci @TimoGlastra Especially for native development, there's one more option - libvcx https://github.com/AbsaOSS/libvcx/ Soon to be moved back under Hyperledger organization

anil_helvaci (Wed, 14 Oct 2020 12:07:58 GMT):
I work in a large defense company and we are trying to develop a ssi product. I am also a former native mobile developer. Do you think -libvcx is stable enough to build a product over it ? If not when do you think it will be? @PatrikStas

PatrikStas (Wed, 14 Oct 2020 12:19:13 GMT):
Indeed LibVCX is still somewhat turbulent, we are building app on top of it, but ever since we forked it we did not mind doing breaking changes to clean things up. I would say it can take a few more months till things settle. However the breaking changes we did so far, for someone who is using aries (we deleted most of the legacy code from libvcx) were not that changes. Some data structures changed, but our mobile guys did not have hard times to keep up

PatrikStas (Wed, 14 Oct 2020 12:20:45 GMT):
But for sure it's important to say, officially libvcx is not yet stable. We are bumping minor versions on releases and we do right now we do make some breaking change on almost every release

anil_helvaci (Wed, 14 Oct 2020 13:27:56 GMT):
All right @PatrikStas I will be watching libvcx. Thank you for your answer

askemeline (Wed, 14 Oct 2020 13:50:20 GMT):
Ok thank you

mmoram (Wed, 14 Oct 2020 15:05:36 GMT):
Has joined the channel.

mmoram (Wed, 14 Oct 2020 15:05:36 GMT):
Hi, we are trying to work with attachments between issuer and holder using ACA-Py, we would like to add an image for the icon of a credential when it is issued. I tried appending "~attach" to a basic message, but I am not able to see any reference to an attachment on the holder side. How can I test if the attachment is received?

swcurran (Wed, 14 Oct 2020 15:24:51 GMT):
GlobalID is currently contributing some mobile app options. @Alexi will have more details on that.

anil_helvaci (Wed, 14 Oct 2020 16:12:56 GMT):
More details would be great @Alexi

anil_helvaci (Wed, 14 Oct 2020 16:13:19 GMT):
Thank you :pray:

Adyy (Wed, 14 Oct 2020 17:14:38 GMT):
Has joined the channel.

Alexi (Wed, 14 Oct 2020 19:04:40 GMT):
aries call meeting for anyone that still has the old one: https://zoom.us/j/5184947650?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

Alexi (Wed, 14 Oct 2020 19:09:32 GMT):
@anil_helvaci yes, we are very excited and working on getting the repos transfered over to hyperledger. So, hopefully within the next week or so you will have access to native IOS and Android aries frameworks (swift and kotlin respectively). Of which we are doing some PRs to indy-sdk where we updated the IOS wrapper which hd some issues and will be adding an Android wrapper as well

omerfaruk 1 (Thu, 15 Oct 2020 00:26:35 GMT):
Has joined the channel.

haggis (Thu, 15 Oct 2020 16:07:54 GMT):
Hi! I'm working on a sample dotnet-agent, which should be able to publish a credential schema to the builder-net. It already has an issuer-DID and got tokens from https://selfserve.sovrin.org. However, when I call `await _schemaService.CreateSchemaAsync(context, _issuerDID, _schemaName, schemaVersion, schemaAttrNames)` it only throws an exception: ``` Hyperledger.Aries.AriesFrameworkException: Ledger operation rejected at Hyperledger.Aries.Ledger.DefaultLedgerService.EnsureSuccessResponse(String res) at Hyperledger.Aries.Ledger.DefaultLedgerService.SignAndSubmitAsync(IAgentContext context, String submitterDid, String request, TransactionCost paymentInfo) at Hyperledger.Aries.Ledger.DefaultLedgerService.RegisterSchemaAsync(IAgentContext context, String issuerDid, String schemaJson, TransactionCost paymentInfo) at Hyperledger.Aries.Features.IssueCredential.DefaultSchemaService.CreateSchemaAsync(IAgentContext context, String issuerDid, String name, String version, String[] attributeNames) ``` Do I need to publish a DIDDoc before, or do I need to become a Trust Anchor somehow?

haggis (Thu, 15 Oct 2020 16:32:11 GMT):
Ah, the problem may be I haven't accepted the `TxnAuthorAgreement` yet. There's a corresponding `TxnAuthorAcceptanceService`. And I tried to auto-accept the agreement by adding `builder.AcceptTxnAuthorAgreement();` to `Startup.cs`. However, this ends in a weird `System.ArgumentException: 'Cannot marshal: Encountered unmappable character.'`. Any idea how to accomplish this?

haggis (Thu, 15 Oct 2020 16:33:46 GMT):
StackTrace: ``` StackTrace: at System.Runtime.InteropServices.Marshal.StringToAnsiString(String s, Byte* buffer, Int32 bufferLength, Boolean bestFit, Boolean throwOnUnmappableChar) at System.StubHelpers.CSTRMarshaler.ConvertToNative(Int32 flags, String strManaged, IntPtr pNativeBuffer) at Hyperledger.Indy.NonSecretsApi.NativeMethods.indy_update_wallet_record_value(Int32 command_handle, Int32 wallet_handle, String type_, String id, String value, IndyMethodCompletedDelegate cb) at Hyperledger.Indy.NonSecretsApi.NonSecrets.UpdateRecordValueAsync(Wallet wallet, String type, String id, String value) at Hyperledger.Aries.Storage.DefaultWalletRecordService.d__4.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter.GetResult() at Hyperledger.Aries.Configuration.DefaultProvisioningService.d__4.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter.GetResult() at Hyperledger.Aries.Configuration.TxnAuthorAcceptanceService.d__6.MoveNext() at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Threading.Tasks.Task.<>c.b__139_1(Object state) at System.Threading.QueueUserWorkItemCallbackDefaultContext.Execute() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() ```

daidoji (Thu, 15 Oct 2020 17:30:06 GMT):
how close is https://github.com/hyperledger/aries-rfcs/blob/master/features/0036-issue-credential/README.md to W3C Issuer HTTP API?

daidoji (Thu, 15 Oct 2020 17:30:51 GMT):
with similar questions for W3C Verifier HTTP API or CHAPI? and are there open source implementaitons today?

swcurran (Thu, 15 Oct 2020 18:06:07 GMT):
There are several open source implementations in the Aries frameworks. It's a messaging spec that operates at a higher level than a transport running on DIDComm, so it is not just a simple HTTP Request/Response protocol. It allows for negotiation and different credential types, particularly ZKP. Several Aries frameworks implement it for Indy ZKPs, but others do not. V2 of the spec (a later RFC -- 453, I believe) removes the final Indy-isms in the protocol.

daidoji (Thu, 15 Oct 2020 18:26:18 GMT):
@swcurran thanks for that answer, however, maybe I'm not following it 100%. Maybe to rephrase the part I don't think I currently get:

daidoji (Thu, 15 Oct 2020 18:26:55 GMT):
any aries framework implementation (the python cloud agent or .Net or whatever), is there code that exists right now that implements say this REST interface (the spec seems to have moved under me in the past few days)? https://w3c-ccg.github.io/vc-http-api/

daidoji (Thu, 15 Oct 2020 18:26:55 GMT):
in any aries framework implementation (the python cloud agent or .Net or whatever), is there code that exists right now that implements say this REST interface (the spec seems to have moved under me in the past few days)? https://w3c-ccg.github.io/vc-http-api/

daidoji (Thu, 15 Oct 2020 18:27:07 GMT):
or is this an "exercise for the reader" kind of thing?

daidoji (Thu, 15 Oct 2020 18:34:59 GMT):
if it helps, we're engaged in a project where we need to interop with other teams and the W3C standards have been picked as "lowest common denominators" and we're trying to go about planning for how to do that.

daidoji (Thu, 15 Oct 2020 18:35:10 GMT):
which is the motivation of the question

swcurran (Thu, 15 Oct 2020 18:36:31 GMT):
Simple answer no. Any Aries framework implements an interface to allow a controller (business logic) to control an instance of the framework. Together the instance of the controller and framework are an Agent. The interface exposed is different per Aries framework -- e.g. .NET is a library embedded in the controller, ACA-Py (Python) and aries-framework-go expose a REST API for the controller to use. The framework's all send ping the controller when something happens ("Hey, I received a message for this protocol you started") so that the controller can tell the framework how to respond. As such, as a basis, all of the frameworks expose to the controller an interface to execute the whole protocol, which is more complex than a simple request/response. That said, some frameworks expose a simplified API endpoint to let the framework handle the whole protocols in some default way. For example, ACA-Py has a `credential-issue/send` endpoint that says "Send this credential to this connection and let me know when it is done". That is close to what the simple Issuer HTTP API is that you are talking about. BTW -- I don't think it is a "W3C Issuer API". It's talked about in the CCG, but is not a W3C standard. Finally, because DIDComm is inherently async messaging, a synchronous "request/response" HTTP protocol is not going to work in some (we think a lot) of use cases. But that's a deeper topic.

daidoji (Thu, 15 Oct 2020 18:40:18 GMT):
@swcurran okay, oh wow. I guess I was way off then in my understanding of various topics but thanks for that that answer. I think I understand now and thanks for the clarification as to where that lives (the specs and organizations all get kinda confusing for me). Hmmm.

daidoji (Thu, 15 Oct 2020 18:41:50 GMT):
In light of that answer, if you were working on a project where you wanted to use Aries but were required to interop with other teams who might not being using did methods that were based on Indy and DIDComm how would you go about it? I guess I assumed that "request/response" protocol was the lowest common denominator but maybe I'm wrong.

daidoji (Thu, 15 Oct 2020 18:42:58 GMT):
would you build a middleware instead for the workflows you wanted to support or is there some other kind of generalizable protocol one could use to do that? Or is DIDComm that protocol and I just don't understand it yet?

swcurran (Thu, 15 Oct 2020 18:52:12 GMT):
If you want to use Aries, you definitely need to understand the tao of DIDComm. I'd then look at the interfaces exposed by the frameworks to see what they do out of the box. Then I'd be looking at what the other teams are doing and hence what flexibility you have. Chances are an API could be built from what the other team is doing to the Aries agent with minimal effort. It might be done in the framework, or as a controller that "wraps" the framework. Tough to answer beyond that. :-)

daidoji (Thu, 15 Oct 2020 18:53:35 GMT):
roger, that's what I figured. Okay, well I'll dig back in then. Thanks for your help!

troyronda (Thu, 15 Oct 2020 21:48:30 GMT):
@daidoji We have a separate project that built a service exposing the CCG VC HTTP API using aries-framework-go. See here: https://github.com/trustbloc/edge-service/blob/master/docs/vc-rest/vc_interop_api_impl_status.md .

braduf (Thu, 15 Oct 2020 22:42:26 GMT):
Has joined the channel.

daidoji (Fri, 16 Oct 2020 03:12:19 GMT):
@troyronda thanks, will give it a look!

vineeta (Fri, 16 Oct 2020 09:32:53 GMT):
Has joined the channel.

swcurran (Fri, 16 Oct 2020 19:46:30 GMT):
FYI: Aries Cloud Agent - Python Release 0.5.5 has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.5.5. This release is has a lot on revocation -- making it much easier from the Controller's perspective: - Improvements to revocation registry creation in the face of errors/outages - Unified configuration handling using command line parameters, environment variables and (NEW!!!) YAML files. - An Admin endpoint to check the revocation status of a held credential - Configurable support for the use of unencrypted tags on records - New handling of credential issue records -- keep protocol record, keep minimal data after protocol completes (NEW), or delete Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/ A docker image has been posted to Docker Hub: https://hub.docker.com/r/bcgovimages/aries-cloudagent, tag py36-1.15-0_0.5.5

swcurran (Fri, 16 Oct 2020 19:46:30 GMT):
FYI: *Aries Cloud Agent - Python Release 0.5.5* has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.5.5. This release is has a lot on revocation -- making it much easier from the Controller's perspective: - Improvements to revocation registry creation in the face of errors/outages - Unified configuration handling using command line parameters, environment variables and (NEW!!!) YAML files. - An Admin endpoint to check the revocation status of a held credential - Configurable support for the use of unencrypted tags on records - New handling of credential issue records -- keep protocol record, keep minimal data after protocol completes (NEW), or delete Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/ A docker image has been posted to Docker Hub: https://hub.docker.com/r/bcgovimages/aries-cloudagent, tag py36-1.15-0_0.5.5

swcurran (Fri, 16 Oct 2020 19:46:30 GMT):
FYI: *Aries Cloud Agent - Python Release 0.5.5* has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.5.5. Highlights in this release: - Improvements to revocation registry creation in the face of errors/outages - Unified configuration handling using command line parameters, environment variables and (NEW!!!) YAML files. - An Admin endpoint to check the revocation status of a held credential - Configurable support for the use of unencrypted tags on records - New handling of credential issue records -- keep protocol record, keep minimal data after protocol completes (NEW), or delete Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/ A docker image has been posted to Docker Hub: https://hub.docker.com/r/bcgovimages/aries-cloudagent, tag py36-1.15-0_0.5.5

kim27 (Fri, 16 Oct 2020 21:39:22 GMT):
Has joined the channel.

Lucampelli (Mon, 19 Oct 2020 13:00:33 GMT):
Has joined the channel.

mtfk (Mon, 19 Oct 2020 17:26:38 GMT):
FYI: Due to IIW which starts tomorrow we would cancel Morning Aries Call on Wednesday. For everybody who is planning to take part in IIW looking forward to see you there and others we would meat on next call on 4th of Nov. Talk you soon!

daidoji (Mon, 19 Oct 2020 18:11:30 GMT):
Hi not sure where to ask about this, but I was doing this lab https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo.md

daidoji (Mon, 19 Oct 2020 18:12:06 GMT):
and I was at the step "The ledger browser should refresh and display the four (4) transactions on the ledger related to this DID:" however, I only found one transaction on the ledger

daidoji (Mon, 19 Oct 2020 18:12:16 GMT):
http://dev.greenlight.bcovrin.vonx.io/browse/domain?page=1&query=WgWxqztrNooG92RXvxSTWv&txn_type=

daidoji (Mon, 19 Oct 2020 18:15:21 GMT):
is this expected or did I do something wrong. All the other steps seem to have proceeded according to the Lab

daidoji (Mon, 19 Oct 2020 18:23:20 GMT):
hmm then I get a 400 on the next step

daidoji (Mon, 19 Oct 2020 18:25:29 GMT):

Clipboard - October 19, 2020 2:25 PM

daidoji (Mon, 19 Oct 2020 18:26:20 GMT):

Clipboard - October 19, 2020 2:26 PM

daidoji (Mon, 19 Oct 2020 18:26:21 GMT):
but then this is the id I was using

swcurran (Mon, 19 Oct 2020 23:47:48 GMT):
FYI: We're sad to report that *Aries Cloud Agent - Python Release 0.5.6* has been tagged and posted to PyPi. Release notes can be found here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.5.6. Highlights in this release: - Correction to an issue with a "read-only" agent instance trying to update an on ledger endpoint Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/latest/ A docker image has been posted to Docker Hub: https://hub.docker.com/r/bcgovimages/aries-cloudagent, tag py36-1.15-0_0.5.6

AdrienViolet (Tue, 20 Oct 2020 13:01:06 GMT):
Hi all, is there a channel to talk about the aries-framework-go and more specifically the mobile binding part of it?

c2bo (Tue, 20 Oct 2020 13:18:17 GMT):
#aries-go - i don't think there is a special chat for the mobile binding

daidoji (Tue, 20 Oct 2020 13:36:18 GMT):
Hello, a lot of you are probably at IIW but I was wondering if anyone could help with my problem above from yesterday. Still having trouble with it.

troyronda (Tue, 20 Oct 2020 14:19:34 GMT):
@AdrienViolet @c2bo that's right. aries-framework-go (including the mobile binding) discussions take place in #aries-go

swcurran (Tue, 20 Oct 2020 17:00:22 GMT):
Were you running in Docker or browser?

swcurran (Tue, 20 Oct 2020 17:06:28 GMT):
@ianco

daidoji (Tue, 20 Oct 2020 17:08:00 GMT):
@swcurran in docker. Whole thing worked perfectly up until the step I got an issue on (then there were issues afterwards)

swcurran (Tue, 20 Oct 2020 17:08:53 GMT):
Just ran it in the Browser (Play with Docker) and everything worked to that point -- the 4 transactions and the API call.

swcurran (Tue, 20 Oct 2020 17:08:59 GMT):
OK - I'll try on docker

daidoji (Tue, 20 Oct 2020 17:12:46 GMT):
@swcurran Thanks, I appreciate it. (also thanks for the course, its really great as a refresher)

ianco (Tue, 20 Oct 2020 17:13:06 GMT):
@daidoji regarding the ledger browser refresh, sometimes there is a delay between when the transactions are written to the ledger and when they are visible in the browser, you can try waiting and refreshing the ledger browser

swcurran (Tue, 20 Oct 2020 17:13:28 GMT):
Tried on Docker (running on Linux) and all worked

ianco (Tue, 20 Oct 2020 17:14:18 GMT):
You can also try running against a local ledger vs the BCovrin ledger, I don't recall if that's covered in the specific tutorial you're doing

daidoji (Tue, 20 Oct 2020 17:15:06 GMT):
@swcurran hmmm must be user error then. From that particular error do you know where I probably had the issue?

ianco (Tue, 20 Oct 2020 17:15:09 GMT):
Since Faber creates the schema and credential definition on startup, they *should* be there on the ledger, or else you'll see an error message in the Faber startup screem

daidoji (Tue, 20 Oct 2020 17:15:14 GMT):
@ianco roger, will try that.

daidoji (Tue, 20 Oct 2020 17:15:26 GMT):
I didn't see any errors that stood out but I'll try again

ianco (Tue, 20 Oct 2020 17:16:24 GMT):
the most straightforward way to test it out is to run locally, as described here: https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo#running-in-docker

ianco (Tue, 20 Oct 2020 17:16:40 GMT):
This just starts Alice and Faber connecting to a local ledger

ianco (Tue, 20 Oct 2020 17:17:08 GMT):
If this works then there's no reason why it shouldn't work connecting to BCovrin ledger as well

daidoji (Tue, 20 Oct 2020 17:17:17 GMT):
roger, yeah that one worked for me. I was just following the instructions in the edx course by connecting to the BC ledger. I'll try with a local ledger though.

ianco (Tue, 20 Oct 2020 17:20:32 GMT):
Are you behind a firewall?

daidoji (Tue, 20 Oct 2020 17:39:58 GMT):
ianco, nothing that should be blocking those ports. Also, what confused me is that I have that one ledger entry http://dev.greenlight.bcovrin.vonx.io/browse/domain?page=1&query=WgWxqztrNooG92RXvxSTWv&txn_type= but not the other three. If it were a firewall wouldn't all of them have failed?

ianco (Tue, 20 Oct 2020 17:41:56 GMT):
Right

ianco (Tue, 20 Oct 2020 17:42:11 GMT):
Remember that Faber generates a new random DID every time you run it

ianco (Tue, 20 Oct 2020 17:42:56 GMT):
If you look here for example: http://dev.greenlight.bcovrin.vonx.io/browse/domain?page=3854&query=&txn_type=

ianco (Tue, 20 Oct 2020 17:43:19 GMT):
... you can see the NYM, schema and cred def created by `U4mivYzDaDbRGvcCVvrtVp`

daidoji (Tue, 20 Oct 2020 17:49:20 GMT):
roger, that def looks like the lab said it would

ianco (Tue, 20 Oct 2020 17:49:48 GMT):
Probably the test that @swcurran just ran

daidoji (Tue, 20 Oct 2020 17:50:13 GMT):
@ianco okay, I'll try again. Likely there was some kind of user error on my part or some fluke I guess. Thanks for your help. These labs are incredibly informative and useful other than this small issue.

brentzundel (Wed, 21 Oct 2020 13:08:55 GMT):
are there Aries meetings today, or not because of IIW?

swcurran (Wed, 21 Oct 2020 13:28:28 GMT):
They are cancelled.

kh_touati (Wed, 21 Oct 2020 13:34:44 GMT):
te

Jonathancj (Wed, 21 Oct 2020 23:56:03 GMT):
Has joined the channel.

hwrdtm (Thu, 22 Oct 2020 04:00:53 GMT):
Has joined the channel.

hwrdtm (Thu, 22 Oct 2020 04:00:53 GMT):
Hello all! I am having trouble understanding the Action Menu API usage for aries agents. Where might be the best place for me to post my questions?

daidoji (Thu, 22 Oct 2020 18:40:14 GMT):
how do we find out what did methods the various Aries implementations support?

daidoji (Thu, 22 Oct 2020 18:42:27 GMT):
did:sov and did:peer, but are there others?

troyronda (Thu, 22 Oct 2020 20:07:02 GMT):
aries-framework-go currently supports out-of-the-box: did:peer, did:key and configuring a DID resolver URL (called httpbinding). you can also inject your own VDR implementation https://github.com/hyperledger/aries-framework-go/tree/master/pkg/vdr

troyronda (Thu, 22 Oct 2020 20:08:00 GMT):
We've tested the httpbinding against several additional DID methods.

troyronda (Thu, 22 Oct 2020 20:08:22 GMT):
e.g., did:sov, did:v1, did:elem, did:web

daidoji (Thu, 22 Oct 2020 20:08:25 GMT):
ahh, what does VDR stand for?

troyronda (Thu, 22 Oct 2020 20:09:09 GMT):
We've also tested injecting our own DID method code in our builds (did:trustbloc).

troyronda (Thu, 22 Oct 2020 20:09:25 GMT):
VDR = verifiable data registry

daidoji (Thu, 22 Oct 2020 20:09:51 GMT):
ahhh, cool. Do the other Aries agents have similar features or is that constrained to your agent so far?

troyronda (Thu, 22 Oct 2020 20:12:32 GMT):
Many of the aries projects started by building on top of indy libraries...

troyronda (Thu, 22 Oct 2020 20:13:13 GMT):
(so afaik many of the projects are currently for Indy).

daidoji (Thu, 22 Oct 2020 20:13:36 GMT):
ahhh, haha that's what I thought. The Go agent leads the way then

daidoji (Thu, 22 Oct 2020 20:14:30 GMT):
I'm new, but I've learned enough to ask 1. What does the spec say 2. What does the Aries RFCs say 3. Which RFCs have been implemented in which agents haha

daidoji (Thu, 22 Oct 2020 20:17:10 GMT):
is there any documentation that tracks that kind of information?

etaleo (Thu, 22 Oct 2020 20:36:45 GMT):
Hey there! When trying to run the REST OpenAPI-Demo of the aries-framework-go, I get the following error when trying to run https://localhost:8082/connections/create-invitation via the Swagger UI in Firefox: TypeError: NetworkError when attempting to fetch resource. (or "TypeError: Failed to fetch" via Chromium) Running the curl command in the terminal does work however.

etaleo (Thu, 22 Oct 2020 20:36:45 GMT):
Hey there! When trying to run the REST OpenAPI demo of the aries-framework-go, I get the following error when trying to run https://localhost:8082/connections/create-invitation via the Swagger UI in Firefox: TypeError: NetworkError when attempting to fetch resource. (or "TypeError: Failed to fetch" via Chromium) Running the curl command in the terminal does work however.

george.aristy (Thu, 22 Oct 2020 20:40:19 GMT):
@etaleo this fix was just put in: https://github.com/hyperledger/aries-framework-go/pull/2264

george.aristy (Thu, 22 Oct 2020 20:40:23 GMT):
are you testing on top of that?

sudeshrshetty (Thu, 22 Oct 2020 20:51:39 GMT):
@etaleo either have to import certs from `test/bdd/fixtures/keys/tls` to your system certpool/keychain. or go to ` https://localhost:8082/` in some other tab in your browser, import/accept cert manually. Once imported, try again it should work.

Bezalel (Fri, 23 Oct 2020 02:38:42 GMT):
Has joined the channel.

haggis (Fri, 23 Oct 2020 07:29:24 GMT):
Hi! I'm trying to create a schema with the dotnet framework at the builder net. However, the call `await _schemaService.CreateSchemaAsync(context, _issuerDID, _schemaName, schemaVersion, schemaAttrNames)` is always stuck and never proceeds and never fails. The issuer is funded with tokens. Any idea?

Bezalel (Fri, 23 Oct 2020 09:41:49 GMT):
is it possible to make a Bitcoin/Ethereum/EOS transaction without implementing custom wallet, only using Aries RFC standards?

Bezalel (Fri, 23 Oct 2020 09:52:12 GMT):
I'm starting to implement ToIP/Aries integration to EOS mainnet and our enterprise blockchain solution (https://infrablockchain.com) as DID registries.

Bezalel (Fri, 23 Oct 2020 09:54:14 GMT):
I hope ToIP-compatible user wallet can sign blockchain smart-contract(EOS) transactions

etaleo (Fri, 23 Oct 2020 10:31:22 GMT):
@george.aristy @sudeshrshetty Thank you, importing the certificates did the trick!

swcurran (Fri, 23 Oct 2020 14:34:54 GMT):
I'm not aware of anyone working on that in the Aries context.

Bezalel (Fri, 23 Oct 2020 14:50:56 GMT):
wallet interoperability with public blockchain (cryptocurrencies) is not yet considered in ToIP standard? sorry to hear that :)

etaleo (Fri, 23 Oct 2020 15:33:47 GMT):
@george.aristy @sudeshrshetty Thank you, importing the cert in Firefox did the trick! However, now when I run #2 of the Demo (executing receive-invitation at Bob), I get this error as a response: { "code": 2003, "message": "handleInvitation: failed from didexchange service handle: threadID not found" }

etaleo (Fri, 23 Oct 2020 15:33:47 GMT):
@george.aristy @sudeshrshetty Thank you, importing the cert in Firefox did the trick! However, now when I run #2 of the demo (executing receive-invitation at Bob Agent), I get this error as a response: { "code": 2003, "message": "handleInvitation: failed from didexchange service handle: threadID not found" }

swcurran (Fri, 23 Oct 2020 17:39:09 GMT):
The focus of the community has been on identity. There have been lots of discussion about what we need in wallets, and for the early use cases in identity, cryptocurrency capabilities have not been high on the list. I think there is an expectation that it will eventually come ("this my one wallet"), but that bridging is not seen as a priority.

Bezalel (Sun, 25 Oct 2020 02:09:23 GMT):
I see, thanks your explanation, I think DID integration to public blockchain networks (including support for smart contract transactions) is exciting topic, hope this topic will have more priority in the future :)

ColinClark (Sun, 25 Oct 2020 20:39:31 GMT):
Has joined the channel.

thearhaam (Mon, 26 Oct 2020 06:29:06 GMT):
Hey guys, had a question regarding Trinsic Studio. I'm guessing that "Organization" is basically an Agent, am I right? Also is there any way to dynamically create organizations by calling an API? or the only way to create an organization is through Trinsic studio?

Shyam_Pratap_Singh (Mon, 26 Oct 2020 07:33:16 GMT):
Has joined the channel.

etaleo (Mon, 26 Oct 2020 11:10:46 GMT):
Question about Sidetree: Aries aims to be blockchain agnostic. While the Python and .NET implementations of the Aries agent frameworks are dependent on Indy, the Go implementation is using Sidetree. Which role does Sidetree play in a broader sense? Are the Python and .NET implementations also aiming to use Sidetree in the future, or are they planning to go a different path?

etaleo (Mon, 26 Oct 2020 11:10:46 GMT):
Question about Sidetree: Aries aims to be blockchain agnostic. While the Python and .NET implementations of the Aries agent frameworks are dependent on Indy, the Go implementation is using Sidetree. Which role does Sidetree play in a broader sense? Are the Python and .NET (and other) implementations also aiming to use Sidetree in the future, or are they planning to go a different path?

troyronda (Mon, 26 Oct 2020 12:53:51 GMT):
@etaleo The Go implementation is compatible with multiple DID methods. You can inject a VDR into the framework or use the HTTP binding configuration to connect to a DID resolver service.

etaleo (Mon, 26 Oct 2020 13:05:28 GMT):
@troyronda Oh, that's interesting! Can you guide me to the responding documentation (if it exists) or location at the source code?

troyronda (Mon, 26 Oct 2020 14:04:47 GMT):
@etaleo When you instantiate the framework, you can use the WithVDR function to inject: https://godoc.org/github.com/hyperledger/aries-framework-go/pkg/framework/aries#WithVDR

troyronda (Mon, 26 Oct 2020 14:04:52 GMT):
The "httpbinding" VDR allows you to use a resolver endpoint: https://godoc.org/github.com/hyperledger/aries-framework-go/pkg/vdr/httpbinding#New

troyronda (Mon, 26 Oct 2020 14:06:23 GMT):
If you are using the docker image, you can pass an environment variable to set the http binding endpoint. e.g., https://github.com/hyperledger/aries-framework-go/blob/master/test/bdd/fixtures/agent-rest/docker-compose.yml#L22

troyronda (Mon, 26 Oct 2020 14:06:23 GMT):
If you are using the docker image, you can pass an environment variable to set the http binding endpoint. e.g., https://github.com/hyperledger/aries-framework-go/blob/51ab57d/test/bdd/fixtures/agent-rest/docker-compose.yml#L22

etaleo (Mon, 26 Oct 2020 14:09:53 GMT):
I'll look into it, thank you very much!

thwjanssen (Mon, 26 Oct 2020 14:56:26 GMT):
Has joined the channel.

thwjanssen (Mon, 26 Oct 2020 14:56:27 GMT):
Hi everyone, Me and my team are working on a solution in SSI to authorize and delegate other SSI holders. To this end we want to create an attribute. Which SDK do you guys recommend for integrating with existing sovrin/indy/evernym wallets and to create new credential schema's and definitions?

prakharsr (Mon, 26 Oct 2020 16:48:50 GMT):
Has joined the channel.

prakharsr (Mon, 26 Oct 2020 16:48:52 GMT):
Hi everyone, I am working on a project to integrate Blockchain and IoT using Hyperledger Aries, i found some existing relevant work at https://wiki.hyperledger.org/display/INTERN/Collaboration%3A+Raspberry+Pi+Indy+Agent and its repo at https://github.com/zzx02/Raspberry-Pi-Indy-Agent. Now, I want to bring this work upto date with the current branch of Aries Cloud Agent, can someone help me out with some points, steps and work required in relevant areas, places where I know where to make the changes so as to merge ?

swcurran (Mon, 26 Oct 2020 17:12:06 GMT):
@WadeBarnes ^^

WadeBarnes (Mon, 26 Oct 2020 17:19:33 GMT):
@prakharsr, There is some discussion over in #aries-embedded.

WadeBarnes (Mon, 26 Oct 2020 17:19:33 GMT):
@prakharsr, There is some discussion over in #aries-embedded

prakharsr (Mon, 26 Oct 2020 17:22:57 GMT):
Thanks @WadeBarnes @swcurran

HansHuber080883 (Tue, 27 Oct 2020 14:11:04 GMT):
Has joined the channel.

michawensveen (Wed, 28 Oct 2020 09:10:41 GMT):
Has joined the channel.

techragesh (Wed, 28 Oct 2020 09:10:46 GMT):
Has joined the channel.

mickra (Wed, 28 Oct 2020 10:18:09 GMT):
Has joined the channel.

Koushik (Wed, 28 Oct 2020 18:14:28 GMT):
Hi Everyone, I am new to Hyperledger aires but well acquainted with Hyperledger Fabric. If I want to integrate Hyperledger Aires with Fabric, would aires replace the fabric ca components and Aires will act as identity management solution?

george.aristy (Wed, 28 Oct 2020 19:02:45 GMT):
Weekly B call happening now: https://zoom.us/j/5184947650?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mickra (Thu, 29 Oct 2020 14:45:24 GMT):
Hey everyone, in Kiva’s session at IIW “Verifiable Photo and attachments in Aries” @cam-parra we had a short discussion about *credential gallery images* that can be displayed in the mobile wallet app. To be clear, I’m not talking about verifiable (holder-specific) images as credential attribute but credential-specific (usually not holder-specific) images to improve the user experience (e.g. picture of a driver's license.). The way I found out, the currently available wallet implementations do not support this feature or have/plan to implement a proprietary mechanism for that. In our opinion this is an important feature that should be part of an RFC to promote interoperability. We (Lissi) think the best way to implement this feature is to add an attachment (e.g. credential_image~attach) to the credential offer message. - should this be an optional part in the RFC 0036 issue-credential? - Is there already a discussion on this topic somewhere? - what do you think?

mgbailey (Fri, 30 Oct 2020 15:13:12 GMT):
Has joined the channel.

etaleo (Sun, 01 Nov 2020 12:19:51 GMT):
Follow-up question: How important/widespread is the Sidetree protocol in general? Are the other Aries frameworks aiming to support Sidetree in the future?

troyronda (Sun, 01 Nov 2020 12:25:19 GMT):
the sidetree did methods i know about: did:ion, did:elem, did:photon, did:trustbloc

swcurran (Sun, 01 Nov 2020 22:24:45 GMT):
Agree that it is a good idea and that it should be part of issue-credential. Make sure that you make it part of the V2 Issue Credential -- RFC 0453.

lukvad (Mon, 02 Nov 2020 12:40:49 GMT):
Has joined the channel.

mickra (Mon, 02 Nov 2020 14:12:29 GMT):
Thanks Stephen for your answer. We will take a look at this RFC and make a proposal.

redongjun (Mon, 02 Nov 2020 22:03:10 GMT):
Hi, everyone. I would like to contribute new aries-framework-kotlin project. What should I do if I try to make this?, Who can I ask for?

mickra (Tue, 03 Nov 2020 08:14:13 GMT):
I have opened a new Issue. RFC 0453 - Support credential gallery images, see https://github.com/hyperledger/aries-rfcs/issues/560 Please let us continue the discussion there. :slight_smile:

maddocche (Tue, 03 Nov 2020 15:46:07 GMT):
Has joined the channel.

maddocche (Tue, 03 Nov 2020 15:47:46 GMT):
Hi everyone, I'm just starting on SSI and Hyperledger Aries. I've read the docs and followed two online courses on edx, but things are still quite confusing! I'd like to make a POC with a mobile agent, but can't find a good tutorial on how to do it. Is there some "practical" resource on the topic? Also, to develop a mobile agent is it necessary to use the Xamarin framework? I looked up the agent-framework-javascript repository, but it seems to be in a very early stage of development. Can it be used for a POC to demonstrate the basic functionality of a SSI application (connection, request credential and present proof)? Thanks a lot in advance for any reply!

TelegramSam (Tue, 03 Nov 2020 17:55:26 GMT):
It is not necessary to use Xamarin, but that is the only codebase that exists in HL repos at this point. I do know there are multiple parties very close to open sourcing some mobile code.

TelegramSam (Tue, 03 Nov 2020 17:55:53 GMT):
Given that, your direction may depend heavily on how patient you can be for those codebases to be released.

TelegramSam (Tue, 03 Nov 2020 18:29:38 GMT):
Would you be interested in talking about this on the Aries B call tomorrow?

deas (Tue, 03 Nov 2020 18:40:54 GMT):
You can use a commercially available mobile app (Trinsic, Lissi, Connect.me, etc.) if the proof of concept doesn't need to include the actual development of the mobile app + cloud agent. You can do the "AliceGetsAMobile" demo using any of these, I think. https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AliceGetsAPhone.md Dunno if that's what you're hoping to do, but it definitely covers the basics.

mtfk (Tue, 03 Nov 2020 20:01:27 GMT):
Aries morning call reminder for tomorrow. Agenda: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41585068 We would talk about summary from IIW and show case KERI demo and discuss how we are planning to integrated it with aries ecosystem. See you there!

mtfk (Wed, 04 Nov 2020 14:57:04 GMT):
Reminder for those who miss it there is a new zoom link for our call: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mtfk (Wed, 04 Nov 2020 14:57:22 GMT):
The link is available as well on the wiki page.

TelegramSam (Wed, 04 Nov 2020 20:01:52 GMT):
WG B call starting now

TelegramSam (Wed, 04 Nov 2020 20:01:53 GMT):
https://wiki.hyperledger.org/pages/viewpage.action?pageId=41585062

TelegramSam (Wed, 04 Nov 2020 20:02:07 GMT):
https://zoom.us/j/5184947650?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mccown (Wed, 04 Nov 2020 20:19:50 GMT):
Just a reminder about the Identity Implementer's WG Call tomorrow morning (Nov 5th @ 9am MT). In this call, we review updates from a variety of industry WGs that you may have missed this week. For our presentation, Paul Knowles will give a presentation & demo of the Overlays Data Capture Architecture (OCDA) Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2020-11-5+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

andrew.whitehead (Wed, 04 Nov 2020 21:57:56 GMT):
Is there a recording?

TelegramSam (Wed, 04 Nov 2020 22:40:53 GMT):
Yes. I'll post it and send a link.

mickra (Thu, 05 Nov 2020 10:40:16 GMT):
@TelegramSam Sorry, I could not participate in the call yesterday. I saw in the protocol and the issue comments that you had a discussion about this. Is there a recording available?

adityasanth (Fri, 06 Nov 2020 05:42:22 GMT):
Has joined the channel.

adityasanth (Fri, 06 Nov 2020 05:42:22 GMT):
Hi, I am building an identity solution for my school and we want it to be following a common standard that is universally verifiable. I have a few questions, will be great if I can get a response - 1. Does using Indy also mean I am compliant with w3c VC standards? 2. We are planning to go ahead with sov which provides me with a did of type sov, should I be looking at aries implementation? 3. When Indy too has a concept of channels authcrypt and decrypt etc. Is there a reason why I should look at aries? 4. Can I monitor the transactions of did type sov in the Indy scan net?

Bezalel (Fri, 06 Nov 2020 10:19:24 GMT):
can anyone explain GADI from DID Alliance?

Bezalel (Fri, 06 Nov 2020 10:20:36 GMT):
can GADI really make interoperability among the DID systems possible?

TelegramSam (Fri, 06 Nov 2020 14:29:44 GMT):
recording for this week's B call posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41585062

TelegramSam (Fri, 06 Nov 2020 14:30:06 GMT):
@andrew.whitehead ^

etaleo (Fri, 06 Nov 2020 20:19:47 GMT):
I'm having trouble wrapping my head around DID resolution: As far as I understand, agents need some kind of resolver, and resolvers need to know how to resolve various DID methods, as there are a bunch of different ones that should all be interoperable. Does every resolver know every possible DID method? How is it decided which DID methods are valid/supported? Where and how does resolving happen exactly? (Locally on the client? Remotely on a trusted 3rd party?) And how, for example, would one add a new DID method (e.g. a new, custom blockchain) to the mix? I'm thankful for any answers and resources regarding this topic, both from a high level / theoretical view and from a technical view!

etaleo (Fri, 06 Nov 2020 20:19:47 GMT):
I'm having trouble wrapping my head around DID resolution: As far as I understand, agents need some kind of resolver, and resolvers need to know how to resolve various DID methods, as there are a bunch of different ones that should all be interoperable. Does every resolver know every possible DID method? How is it decided which DID methods are valid/supported? Where and how does resolving happen exactly? (Locally on the client? Remotely on a trusted 3rd party?) And how, for example, would one add support for a new DID method (e.g. a new, custom blockchain) to the mix? Would one need to implement custom resolving support for every relevant Aries agent in the wild? I'm thankful for any answers and resources regarding this topic, both from a high level / theoretical view and from a technical view!

etaleo (Fri, 06 Nov 2020 20:19:47 GMT):
I'm having trouble wrapping my head around DID resolution: As far as I understand, agents need some kind of resolver, and resolvers need to know how to resolve various DID methods, as there are a bunch of different ones that should all be interoperable. Does every resolver know every possible DID method? How is it decided which DID methods are valid/supported? Where and how does resolving happen exactly? (Locally on the client? Remotely on a "trusted" 3rd party?) And how, for example, would one add support for a new DID method (e.g. a new, custom blockchain) to the mix? Would one need to implement custom resolving support for every relevant Aries agent in the wild? I'm thankful for any answers and resources regarding this topic, both from a high level / theoretical view and from a technical view!

etaleo (Fri, 06 Nov 2020 20:19:47 GMT):
I'm having trouble wrapping my head around DID resolution: As far as I understand, agents need some kind of resolver, and resolvers need to know how to resolve various DID methods, as there are a bunch of different ones that should all be interoperable. Does every resolver know every possible DID method? How is it decided which DID methods are valid/supported? Where and how does resolving happen exactly? (Locally on the client? Remotely on a "trusted" 3rd party?) And how, for example, would one add support for a new DID method (e.g. a new, custom blockchain) to the mix? Would one need to implement custom resolving support for every relevant agent in the wild? I'm thankful for any answers and resources regarding this topic, both from a high level / theoretical view and from a technical view!

etaleo (Fri, 06 Nov 2020 20:19:47 GMT):
I'm having trouble wrapping my head around DID resolution: As far as I understand, agents need some kind of resolver, and resolvers need to know how to resolve various DID methods, as there are a bunch of different ones that should all be interoperable. Does every resolver know every possible DID method? How is it decided which DID methods are valid/supported? Where and how does resolving happen exactly? (Locally on the client? Remotely on a "trusted" 3rd party?) And how, for example, would one add support for a new DID method (e.g. a new, custom blockchain) to the mix? Would one need to implement custom resolving support for every relevant agent in the wild? I'm thankful for any answers and resources regarding this topic!

daidoji (Fri, 06 Nov 2020 20:35:13 GMT):
>Does every resolver know every possible DID method? no, I don't think so, however projects like "Universal Resolver" have that goal in mind I think https://dev.uniresolver.io/ >How is it decided which DID methods are valid/supported? I think this is decided by the implementing team of the client agents and resolving agents. >Where and how does resolving happen exactly? (Locally on the client? Remotely on a "trusted" 3rd party?) Depends on the did method I think. >And how, for example, would one add support for a new DID method (e.g. a new, custom blockchain) to the mix? Would have to get the method added to the spec (not sure how that process works but I think you just have to submit some forms somewhere. In your own agent you could just resolve things yourself. >Would one need to implement custom resolving support for every relevant agent in the wild? Not sure, maybe people with better knowledge can answer this one.

etaleo (Fri, 06 Nov 2020 20:45:36 GMT):
> Would have to get the method added to the spec So, is there something like an "official" / "chosen on" list of "valid"/"accepted" DID methods? (The ones listed here? https://w3c.github.io/did-spec-registries/#did-methods) > In your own agent you could just resolve things yourself. So, then my own agent would be able to resolve the DID. Isn't it more important that the agent of the opposite party is able to resolve the DID? So - in order to add support for a new DID method, would it need to be somehow integrated into the official Aries github repository? (And every agent implementation therein?)

seriousm 3 (Sat, 07 Nov 2020 14:37:02 GMT):
Has joined the channel.

daidoji (Sat, 07 Nov 2020 16:11:30 GMT):
Yeah those are the ones I think. Right, resolution is much more important for the verifier and credential holder than it is for the issuer in most scenarios I can imagine.

daidoji (Sun, 08 Nov 2020 22:54:02 GMT):
Why does aca-py have an option for a tails server? Do many people run their agents over tor?

daidoji (Sun, 08 Nov 2020 22:54:34 GMT):
and what purpose does that tails server have in the agent itself?

daidoji (Sun, 08 Nov 2020 22:59:53 GMT):
oh nevermind. Its used for revocation

Bezalel (Mon, 09 Nov 2020 06:32:02 GMT):
I found the DID resolution spec document being developed (currently W3C Draft Report..) https://w3c-ccg.github.io/did-resolution/

askolesov (Mon, 09 Nov 2020 10:43:21 GMT):
Has joined the channel.

purulalwani (Mon, 09 Nov 2020 12:13:21 GMT):
Has joined the channel.

daidoji (Mon, 09 Nov 2020 15:39:00 GMT):
Is there some type of "hello-world" application for aca-py that's a little more pared down compared to the alice/faber demos?

daidoji (Mon, 09 Nov 2020 15:39:24 GMT):
like the simplest example controller that can say connect to a ledger and is ready for various connections to other agents?

swcurran (Mon, 09 Nov 2020 15:52:53 GMT):
Not really. There are assorted controllers for various business purposes, but I'm not sure of a simpler one. We did a think called AgentBook awhile ago that has just connection, trust ping and basic message. Not sure where the code is. https://agentbook.vonx.io/

WadeBarnes (Mon, 09 Nov 2020 16:03:16 GMT):
@andrew.whitehead, You know where the code is for that?

etaleo (Mon, 09 Nov 2020 16:03:28 GMT):
Which role does the Universal Resolver play exactly? https://github.com/decentralized-identity/universal-resolver/ Is it planned that this is *the* way to resolve DIDs across various Aries Agents? (If not, ) how is DID resolution planned to be handled in general, given there are numerous different DID methods?

swcurran (Mon, 09 Nov 2020 17:13:53 GMT):
The expectation right now is that an agent might have one or several resolvers full implemented locally, including at least one with write capabilities -- e.g. an issuer would have write access to the ledger to which it anchors the verifiable credentials it issues. The local resolvers might be tied to a single ledger (e.g. Ethereum) or a type of ledger (e.g. Indy networks -- work has started on that). Where a local resolver is not available for a given DID to be resolved, the agent would have options (a) do nothing -- I don't support it and don't trust it, (b) use an instance of an external 3rd party universal resolver and resolve it that way.

andrew.whitehead (Mon, 09 Nov 2020 17:53:28 GMT):
Might be this? Or a fork of it: https://github.com/andrewwhitehead/catalyst-demo-ui

daidoji (Mon, 09 Nov 2020 20:02:07 GMT):
what is this line for? https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/support/utils.py#L241

daidoji (Mon, 09 Nov 2020 20:02:32 GMT):
is it just a failsafe check or is this `_cdll()` doing something?

andrew.whitehead (Mon, 09 Nov 2020 20:19:58 GMT):
It preloads the DLL to check that it is actually found: https://github.com/hyperledger/indy-sdk/blob/bafa3bbcca2f7ef4cf5ae2aca01b1dbf7286b924/wrappers/python/indy/libindy.py#L131

daidoji (Mon, 09 Nov 2020 20:20:49 GMT):
but is that necessary? Shouldn't the OS do that when called?

andrew.whitehead (Mon, 09 Nov 2020 20:21:21 GMT):
It would but then it might blow up later when it's first used

daidoji (Mon, 09 Nov 2020 20:21:27 GMT):
(assuming its installed correctly? and LD_LIBRARY_PATH and whatnot?)

andrew.whitehead (Mon, 09 Nov 2020 20:21:42 GMT):
Indy loads it lazily on first use

daidoji (Mon, 09 Nov 2020 20:22:24 GMT):
hmm, so how would it blow up? If it wasn't installed correctly?

andrew.whitehead (Mon, 09 Nov 2020 20:22:59 GMT):
Usually because the python wrapper was installed but not the separate DLL

daidoji (Mon, 09 Nov 2020 20:23:32 GMT):
so python3-indy doesn't install the DLL? Its just a wrapper around that dll?

andrew.whitehead (Mon, 09 Nov 2020 20:24:10 GMT):
Right

daidoji (Mon, 09 Nov 2020 20:25:26 GMT):
oh okay, so its necessary to install libindy as a separate step to use `python3-indy` and `aries-cloudagent`. (sorry to repeat the same thing so many times just trying to make sure I get it right)

daidoji (Mon, 09 Nov 2020 20:25:48 GMT):
I guess from that repo I got the idea that I could `pip install aries-cloudagent` and be up and running

daidoji (Mon, 09 Nov 2020 20:26:03 GMT):
but then the docker demo images looked a lot more complicated so I knew I was missing something

andrew.whitehead (Mon, 09 Nov 2020 20:30:43 GMT):
It should be possible to do some things without installing Indy, but not use an indy wallet or credentials

andrew.whitehead (Mon, 09 Nov 2020 20:30:43 GMT):
It should be possible to do some things without installing Indy, but not use an indy wallet or credentials, which the demos rely on

daidoji (Mon, 09 Nov 2020 20:31:30 GMT):
oh, what could I do without an indy wallet or credentials? Just make p2p connections with other agents?

andrew.whitehead (Mon, 09 Nov 2020 20:31:59 GMT):
Yes, pretty much, some other protocols like basic message

daidoji (Mon, 09 Nov 2020 20:32:15 GMT):
ahhh I see, thanks

daidoji (Mon, 09 Nov 2020 20:33:33 GMT):
Do you have any advice for writing my first controller (beyond the alice-faber demos?) I'm having some trouble.

daidoji (Mon, 09 Nov 2020 20:34:01 GMT):
short of copy/pasting that whole demo and all the associated scripts and docker images and modifying from there?

daidoji (Mon, 09 Nov 2020 21:08:51 GMT):
Another question, if I create a local-did with `wallet/did/create` in aca-py and then try to get the endpoint `wallet/get-did-endpoint` why isn't the endpoint set in the response when I set it at wallet provisioning via the `--endpoint` argument? I seem to be getting `null`

andrew.whitehead (Mon, 09 Nov 2020 21:08:54 GMT):
There's a repo here with a few sample controllers: https://github.com/hyperledger/aries-acapy-controllers/tree/master/AliceFaberAcmeDemo

daidoji (Mon, 09 Nov 2020 21:13:28 GMT):
I started with `(TrustScience) daidoji@worklaptop:~/aries-course/aries-cloudagent-python/demo$ aca-py start -it http 0.0.0.0 8020 -ot http --endpoint http://localhost:8020 --admin-insecure-mode --admin 0.0.0.0 8021 --genesis-url http://localhost:9000/genesis`

mickra (Tue, 10 Nov 2020 16:29:23 GMT):
Today, i will attend the call and can clarify some points

TelegramSam (Wed, 11 Nov 2020 21:17:03 GMT):
This RFC will be voted on next week. https://github.com/hyperledger/aries-rfcs/pull/564 Please read if you want to voice your opinion.

etaleo (Thu, 12 Nov 2020 14:27:42 GMT):
When I run "make bdd-test" in aries-framework-go, several errors are occuring. Some log output: https://zerobin.net/?66b1c9f98388009a#5S4vhwVP61cu657xmvVBOjxYnB/SZthjVAWkdA6kLHg= Near the end of the log excerpt it states that it cannot connect to the local sidetree instance, however, when I open this URL in Firefox, it does work

etaleo (Thu, 12 Nov 2020 14:27:42 GMT):
When I run "make bdd-test" in aries-framework-go, several errors are occuring. Some log output: https://zerobin.net/?66b1c9f98388009a#5S4vhwVP61cu657xmvVBOjxYnB/SZthjVAWkdA6kLHg= (Near the end of the log excerpt it states that it cannot connect to the local sidetree instance, however, when I open this URL in Firefox, it does work)

louisdedecker (Thu, 12 Nov 2020 14:36:47 GMT):
Has joined the channel.

louisdedecker (Thu, 12 Nov 2020 14:36:47 GMT):
Hello ! I'm looking for a solution to integrate Hyperledger Aries into a Flutter mobile project. I see there's only a Aries Framework - .NET available (for Xamarin). (https://github.com/hyperledger/aries) One solution would be to integrate native (swift-IOS, Java-Android) libraries and write mappers to Flutter but I couldn't find any native libraries too. (Native iOS/Android developer would actually have the same question). Do you forsee any solution for native apps? Thanks.

TelegramSam (Thu, 12 Nov 2020 14:38:04 GMT):
Soon, though not available yet. GlobalID has promised open source native app code.

louisdedecker (Thu, 12 Nov 2020 15:04:08 GMT):
cool thanks @TelegramSam . I actually wondered if we couldn't export native ios/android libraries from a Xamarin project in order to leverage the .NET code.

etaleo (Thu, 12 Nov 2020 15:10:43 GMT):
Thank you for your clarification on this!

Leila_M (Fri, 13 Nov 2020 19:51:31 GMT):
Has joined the channel.

Leila_M (Fri, 13 Nov 2020 19:51:32 GMT):
Hi, is there anyone who is expert in Sovrin and has time for a short interview for a master thesis regarding this subject and self-sovereign identities? I would appreciate it.

swcurran (Fri, 13 Nov 2020 21:51:20 GMT):
I can likely do that or connect you to someone. I'm a trustee in the Sovrin Foundation and handling the network operations. What types of questions?

Leila_M (Sat, 14 Nov 2020 01:01:01 GMT):
Woe. that would be great if I could have a short interview with you

Leila_M (Sat, 14 Nov 2020 01:01:41 GMT):
I need to clarify some questions regarding Sovrin to write in my master thesis

Leila_M (Sat, 14 Nov 2020 01:02:32 GMT):
I am writing my master thesis and the subject is comparison identity management methods using blockchain and one part of that is related to Sovrin

Leila_M (Sat, 14 Nov 2020 01:02:46 GMT):
Could we have a short interview via Zoom?

mikkov (Mon, 16 Nov 2020 16:21:17 GMT):
Has joined the channel.

adityasanth (Tue, 17 Nov 2020 13:07:54 GMT):
Hi, I am trying to run my own Indy network on a Ubuntu 16.04 ec2 instance using Indy SDK. This has created 4 nodes that runs in a separate VM. I have now created a steward and one trust anchor (Faber college) and I have on-boarded Alice. How do I now use the Aries agent and launch the APIs on top of the Indy structure I have built? I am trying to use ACA-Py. Kindly do help with any documentation? @swcurran - Kindly do assist us here.

swcurran (Tue, 17 Nov 2020 14:44:42 GMT):
The `demo` folder has lots of information on connecting and using an indy network. In short -- you need to get the pool genesis file from your Indy network and pass that as an argument to the ACA-Py instance, which will use it to create an internal "indy pool" through which it communicates with the network.

mtfk (Wed, 18 Nov 2020 10:51:15 GMT):
Would anybody like to present any topic during today Morning Aries Call and co-host the call? The plan for today was to discuss: - a bit about proposition for cleaning up a bit Aries RFCs (introduce better structure to the specs - currently from dev point of view it is a mess), - Update about work done in Aries Toolbox / Acapy in the context of the Digital Immunization Passport project and integration with Data Stores for storing the data. unfortunately due to illness I am not operative today and won't be able to join. Please let us know if you would like to use that call to pick any of the topic and help lead the call otherwise we would need to cancel today call.

anil_helvaci (Wed, 18 Nov 2020 14:08:21 GMT):
Hello, I can't seem to find a way to initiate a issue-credential operation from the holder. I am using dotnet libary with the xamarin mobile agent. I am using this RFC https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential as my reference when asking this question. The RFC states that there are two ways for Holder to initiate issue-credential protocol: 1) Holder sends proposal 2) Holder sends request There is no method about propose-credential in the ICredentialService interface of the dotnet library and CreateRequestAysnc method states that the credential has to be in the state "offer" in order to create the credential request. My question is this; How can we initiate a issue-credential process from the holder using dotnet library ?

anil_helvaci (Wed, 18 Nov 2020 14:08:28 GMT):
Thanks in advance

esplinr (Wed, 18 Nov 2020 16:23:38 GMT):
I haven't been able to attend the Aries WG calls recently, but I have been reviewing the agendas and sometimes the recordings. For the discussion of AIP 2.0, we should focus more on what user scenarios we want to enable instead of a laundry list of RFCs and features. Why does supporting the suggested RFCs matter to adopting organizations and people?

swcurran (Wed, 18 Nov 2020 18:51:45 GMT):
This is the same discussion from the session we had on this in Provo, and I'm good with continuing that. Do you have a proposal? But regardless of that, RFCs in AIP 1.0 have evolved and have been replaced by other versions (or other RFCs in some case), so even if we keep the same scenarios as were defined in Provo, AIP 2.0 will have have new RFCs and versions.

TelegramSam (Wed, 18 Nov 2020 20:04:45 GMT):
Aries WG B call on now: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41586269

mccown (Wed, 18 Nov 2020 20:26:30 GMT):
The Identity Implementer's WG is meeting tomorrow morning (Nov 19th @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. For our presentation, Stephen Curran (BCGov) will present on how libindy is evolving into multiple shared libraries. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2020-11-19+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

anil_helvaci (Wed, 18 Nov 2020 23:43:46 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=W77ttrubwoFE4qpo7) Hello again, I have to finish my issue regarding to this problem and I am running out of time. An answer would be much appreciated :pray:

anil_helvaci (Wed, 18 Nov 2020 23:43:46 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=wFqrBWX9rdbkAFqEu) Hello again, I have to finish my issue regarding to this problem and I am running out of time. An answer would be much appreciated :pray:

anil_helvaci (Wed, 18 Nov 2020 23:45:58 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=wFqrBWX9rdbkAFqEu) Hello again, I have to finish my issue regarding to this problem and I am running out of time. An answer would be much appreciated :pray:

sabir.aboobaker (Thu, 19 Nov 2020 10:30:03 GMT):
Has joined the channel.

sabir.aboobaker (Thu, 19 Nov 2020 10:30:04 GMT):
``` Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. For that I have created out-of-band invitation from aca-py and copied the response. ```

rrishmawi (Thu, 19 Nov 2020 10:34:51 GMT):
Has joined the channel.

rrishmawi (Thu, 19 Nov 2020 10:34:52 GMT):
Hello experts, I have a generic question, I am not sure if this is the right place to ask about it. In Verifiable Credentials, how a VC is correlated with an entity like a user? I read about Blinded Linked Secrets? but I could not find a lot of information about it anywhere? I am really surprised that such proving ownership is not talked about a lot in the documentation s and the W3C standards? Am I missing something? Does Hyperledger Indy have a different method for VC ownership? is there a documentation i am missing that explain those concepts?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. ` try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did:key:z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } ` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. ` try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } ` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. `' try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } `' Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. `' try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } `` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. `` try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } `` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. ` try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } ` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

sabir.aboobaker (Thu, 19 Nov 2020 10:51:28 GMT):
Hi. I was working for a solution, where I need to present proof from xamarin mobile agent to aca-py through out-of-band protocol. There is already issued credential in my mobile agent issued by aca-py. For presenting proof, I have created out-of-band invitation from aca-py and copied the response from which I derived the requestPresentationMessage. Then I provided the requestPresentationMessage and requestedCredential to 'CreatePresentationAsync()' in Dotnet framework. Now the issue that I am facing is that, the CreatePresentationAsync is hitting the following error while running. "An unknown crypto format has been used for a DID entity key." StackTrace : https://lh3.googleusercontent.com/-qRW7WIn96VY/X7UhVb9FmgI/AAAAAAAABWo/NqG8-K4nP58cjwRzxVyErGb1h-LuhDfZgCK8BGAsYHg/s0/2020-11-18.png Following is the code that I have used for out-of-band connection in xamarin mobile agent. ``` try { var reqMessage = "{ \"@type\": \"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation\", \"request_presentations~attach\": [ { \"@id\": \"libindy-request-presentation-0\", \"mime-type\": \"application/json\", \"data\": { \"base64\": \"eyJuYW1lIjogInNhYmlyLXJlcSIsICJ2ZXJzaW9uIjogIjEuMCIsICJyZXF1ZXN0ZWRfYXR0cmlidXRlcyI6IHsiYXR0cmlidXRlUHJvcDAiOiB7Im5hbWUiOiAibmFtZSIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX0sICJhdHRyaWJ1dGVQcm9wMSI6IHsibmFtZSI6ICJjZXJ0X251bWJlciIsICJyZXN0cmljdGlvbnMiOiBbeyJjcmVkX2RlZl9pZCI6ICJCUXEzakNQSjhrYllMMkF2UGZUZG1ROjM6Q0w6MzYwOnNhYmlyLWNvdXJzZSJ9XX19LCAicmVxdWVzdGVkX3ByZWRpY2F0ZXMiOiB7fSwgIm5vbmNlIjogIjIyNTM1MTkzNDEyODU2MTI0NzE4NjI5MiJ9\" } } ], \"comment\": \"not\" }"; var serviceDec = "{ \"id\": \"#inline\", \"type\": \"did-communication\", \"recipientKeys\": [ \"did: key :z6MkiiX9FhwoyJ98tw8XtLbTjZTnNJYPZvsYVvStN7wxELFv\" ], \"routingKeys\": [], \"serviceEndpoint\": \"http://agentipaddress\" }"; RequestedCredentials requestedCredentials = new RequestedCredentials(); requestedCredentials.RequestedAttributes.Add("attributeProp0", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); requestedCredentials.RequestedAttributes.Add("attributeProp1", new RequestedAttribute { CredentialId = "6b952db5-5c41-430c-90f5-4d855f775daf", Revealed = true }); RequestPresentationMessage requestPresentationMessage = JsonConvert.DeserializeObject(reqMessage); ServiceDecorator serviceDecorator = JsonConvert.DeserializeObject(serviceDec); requestPresentationMessage.SetDecorator(serviceDecorator, DecoratorNames.ServiceDecorator); var context = await _agentContextProvider.GetContextAsync(); var res = await _proofService.ListAsync(context); await _proofService.CreatePresentationAsync(context, requestPresentationMessage, requestedCredentials); } catch (Exception e) { Debug.WriteLine( e.Message); } ``` Can anyone please help me with this. Am I doing something wrong or is there any issue with the framework right now?

Nabil-oussa (Thu, 19 Nov 2020 11:02:02 GMT):
Hi, I want to install ACA-Py locally on windows 10. When I type the command aca-py --version, it returns me the following content:

Nabil-oussa (Thu, 19 Nov 2020 11:05:24 GMT):
I want to install ACA-Py locally on windows 10. When I type the command aca-py --version, it returns me the following content:``` ``` `$ aca-py --version Traceback (most recent call last): File "C:/Users/nghanmi/AppData/Local/Programs/Python/Python38/Scripts/aca-py", line 49, in run_command(command, args) File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\commands\__init__.py", line 34, in run_command module.execute(argv) File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\commands\help.py", line 24, in execute module = load_command(cmd["name"]) File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\commands\__init__.py", line 28, in load_command return import_module(module_path) File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\importlib\__init__.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1014, in _gcd_import File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "", line 783, in exec_module File "", line 219, in _call_with_frames_removed File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\commands\provision.py", line 7, in from ..config import argparse as arg File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\config\argparse.py", line 11, in from ..utils.tracing import trace_event File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\utils\tracing.py", line 12, in from ..transport.outbound.message import OutboundMessage File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\transport\outbound\message.py", line 5, in from ...connections.models.connection_target import ConnectionTarget File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\connections\models\connection_target.py", line 8, in from ...messaging.valid import INDY_DID, INDY_RAW_PUBLIC_KEY File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\messaging\valid.py", line 14, in from ..revocation.models.revocation_registry import RevocationRegistry File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\revocation\models\revocation_registry.py", line 12, in from ...indy.util import indy_client_dir File "C:\users\nghanmi\appdata\local\programs\python\python38\lib\site-packages\aries_cloudagent\indy\__init__.py", line 7, in import indy.blob_storage ModuleNotFoundError: No module named 'indy'```` can someone help me, thanks in advance:pray: ```

sabir.aboobaker (Thu, 19 Nov 2020 11:24:33 GMT):
I felt like some issue with the recipientKey in serviceDecorator. Does anyone have any idea about the issue.

sabir.aboobaker (Thu, 19 Nov 2020 11:43:33 GMT):

2020-11-18.png

daidoji (Thu, 19 Nov 2020 14:03:50 GMT):
Looks like indy module or libraries aren't installed

swcurran (Thu, 19 Nov 2020 14:52:58 GMT):
@ianco - can you give guidance? We need to get this added to the instructions -- it's being hit regularly. @Nabil-oussa -- what instructions are you following to do the installation?

Nabil-oussa (Thu, 19 Nov 2020 14:56:54 GMT):
Thank you very much, I follow your recommendation and I was successful this step by using these commands, pip install windows-curses and pip install python3_indy

Nabil-oussa (Thu, 19 Nov 2020 15:00:16 GMT):
1. using Python 3.8.6, 2.pip install aries-cloudagent, 3. pip install windows-curses, 4.pip install python3_indy

swcurran (Thu, 19 Nov 2020 15:02:13 GMT):
I was wondering if you were using the instructions here: https://github.com/hyperledger/aries-cloudagent-python/blob/master/DevReadMe.md#locally-installed

swcurran (Thu, 19 Nov 2020 15:02:54 GMT):
Looks like that is where we need to add the guidance about this: `pip install windows-curses` and `pip install python3_indy`

WadeBarnes (Thu, 19 Nov 2020 15:05:01 GMT):
Or should aca-py be specifying all of it's dependencies more explicitly so they are installed automatically when aca-py is installed?

WadeBarnes (Thu, 19 Nov 2020 15:06:42 GMT):
But that might cause issues with other image assembly/build processes.

swcurran (Thu, 19 Nov 2020 15:07:37 GMT):
For now we'll add the docs, and later look at the dependencies.

Nabil-oussa (Thu, 19 Nov 2020 15:11:33 GMT):
Yes we need to add this guidance

danielhardman (Thu, 19 Nov 2020 18:57:10 GMT):
I propose that we add Layer 2 peer DID support to AIP "next". This would require impls to parse DID docs but not to implement the synchronization protocol that allows peer DIDs to be updated. It is one step more sophisticated that did:key because it allows multiple keys and multiple key types. @telegramsam and @swcurran Are we having a community B call this coming Wed before US Thanksgiving? If yes, let's discuss then.

danielhardman (Thu, 19 Nov 2020 18:57:10 GMT):
I propose that we add Layer 2 peer DID support to AIP "next". This would require impls to parse DID docs but not to implement the synchronization protocol that allows peer DIDs to be updated. It is one step more sophisticated that did:key because it allows multiple keys and multiple key types. @TelegramSam and @swcurran Are we having a community B call this coming Wed before US Thanksgiving? If yes, let's discuss then.

swcurran (Thu, 19 Nov 2020 19:01:17 GMT):
There is no call this week. The next call we'll be talking about AIP 2.0 in general. Can you point me to a spec/document that outlines what you are proposing be supported -- ideally with notes on how that changes what is in use today.

swcurran (Thu, 19 Nov 2020 19:01:17 GMT):
There is no call next week. The next call we'll be talking about AIP 2.0 in general. Can you point me to a spec/document that outlines what you are proposing be supported -- ideally with notes on how that changes what is in use today.

swcurran (Thu, 19 Nov 2020 19:01:17 GMT):
There is no call next week. The next call (week after TGiving) we'll be talking about AIP 2.0 in general. Can you point me to a spec/document that outlines what you are proposing be supported -- ideally with notes on how that changes what is in use today.

rileyphughes (Fri, 20 Nov 2020 05:13:57 GMT):
You can ask this in the #aries-framework-dotnet channel as well, but I don't think the propose credential protocol is supported in the dot net library. However I know that the propose presentation protocol has been implemented

ishaanh (Mon, 23 Nov 2020 19:23:18 GMT):
Has joined the channel.

rishma (Mon, 23 Nov 2020 19:56:21 GMT):
Has joined the channel.

Bezalel (Tue, 24 Nov 2020 02:17:38 GMT):
I found edX Aries Developer course from Linux Foundation, seems like great starting point to dig into Aries tech. Great thanks to the course author @swcurran, Is this course up to date with current development of Aries project? https://www.edx.org/course/becoming-a-hyperledger-aries-developer

Bezalel (Tue, 24 Nov 2020 02:25:16 GMT):
How about mobile binding of aries-framework-go? https://github.com/hyperledger/aries-framework-go is this not usable code currently for mobile agent implementation? has anyone tried to build mobile agent using aries-framework-go?

Bezalel (Tue, 24 Nov 2020 02:47:10 GMT):
Evernym made their VC platform 'Verity' open-source. https://github.com/evernym Anyone can explain the relationship between Aries framework and Verity? Can Verity be a replacement of Aries frameworks (go, .net)?

anil_helvaci (Tue, 24 Nov 2020 07:33:31 GMT):
thank you :pray: I did not know such a channel existed

swcurran (Tue, 24 Nov 2020 14:48:55 GMT):
Hi Bazalel -- thanks for the note. The material is about 8 months old at this point, so it's reasonably up to date, but things are definitely changing. But I think the core of the material is reasonably current with what is happening today -- but things are starting to change! AIP 2.0 is being talked about, BBS+ Signatures, and evolution of frameworks.

deas (Tue, 24 Nov 2020 14:55:37 GMT):
I think Evernym said it'll be fully open sourced in 3 years' time. But it's on the "glide path" towards open source. I think it's still a commercial offering right now. Having said that, I'm also curious about this and would love to hear from someone at Evernym about it.

daidoji (Tue, 24 Nov 2020 15:02:04 GMT):
yeah, you might also ask at https://chat.sovrin.org/home

Bezalel (Wed, 25 Nov 2020 01:59:59 GMT):
Thanks again, my SSI professor @swcurran :), Before delving into the Aries rfcs and framework source code, I'm studying very hard your Aries course, already finished your HL SSI course thanks, good stuff!

piyushmaheshwari65 (Wed, 25 Nov 2020 04:20:42 GMT):
Has joined the channel.

Bezalel (Wed, 25 Nov 2020 06:11:12 GMT):
@esplinr could you please answer this question? (I heard @esplinr can answer this)

esplinr (Wed, 25 Nov 2020 06:37:05 GMT):
Verity is a Verification / Issuance platform built on Indy and Aries. The commercial product is a SaaS offering, and the source code is a ull solution, rather than a framework, more like Aries

esplinr (Wed, 25 Nov 2020 06:37:05 GMT):
Verity is a Verification / Issuance platform built on Indy and Aries. It's more of a solution than a framework, though the frameworks have evolved into full agents as well. The commercial product is a SaaS offering.

esplinr (Wed, 25 Nov 2020 06:38:30 GMT):
The source code is available for many uses without a commercial license, and in 3 years each commit is automatically relicensed as Apache.

esplinr (Wed, 25 Nov 2020 06:39:12 GMT):
More details are here: https://www.evernym.com/blog/evernym-commits-to-open-source/ And here: https://www.youtube.com/watch?v=YFpqHDUsi64

mapa 5 (Thu, 26 Nov 2020 11:26:19 GMT):
hi im also doing that currently :D libindy.so with dart ffi and rust

lbartekl (Fri, 27 Nov 2020 09:34:59 GMT):
Has joined the channel.

mengkang (Fri, 27 Nov 2020 18:38:19 GMT):
Has joined the channel.

mengkang (Fri, 27 Nov 2020 18:38:21 GMT):
Does anyone know that aries supports a proof request to request information from two credentials?

GuilhermeFunchal (Fri, 27 Nov 2020 18:59:27 GMT):
HI, I can use Fabric with Aries and ACA-Py to network ?

GuilhermeFunchal (Fri, 27 Nov 2020 19:02:51 GMT):
Yes, Its works.

saeveritt (Sat, 28 Nov 2020 09:48:37 GMT):
Has joined the channel.

MohitRakhade (Mon, 30 Nov 2020 02:43:32 GMT):
Has joined the channel.

marc0olo (Mon, 30 Nov 2020 04:49:01 GMT):
Has joined the channel.

marc0olo (Mon, 30 Nov 2020 05:03:23 GMT):
Hi, I finished the Aries Developer course yesterday and I am just getting started with Aries development. I see that there is no java-sdk right now. Do you know whether there are people interested in having a java sdk?

marc0olo (Mon, 30 Nov 2020 05:03:23 GMT):
Hi, I finished the Aries Developer course yesterday and I am just getting started with Aries development. I see that there is no java-framework right now. Do you know whether there are people interested in having a java framework?

GuilhermeFunchal (Mon, 30 Nov 2020 12:55:55 GMT):
Hello, Can I use Aries and Indy with Fabric ?

SubhadeepBanerjee (Mon, 30 Nov 2020 14:31:22 GMT):
Has joined the channel.

SubhadeepBanerjee (Mon, 30 Nov 2020 14:31:49 GMT):
Hi can anyone tell me some good sites where I can learn more about Aries, apart from edx?

swcurran (Mon, 30 Nov 2020 15:29:31 GMT):
I was given the assignment at the last Aries WG to generate a PR (or document) to start the discussion about what should be in AIP Next. I've done that initially as a Google Doc and plan on leading a discussion about the document and it's comments at the next US Afternoon Aries WG Call. For those that want to take a look ahead of that to prepare their "discussion points", the link to the document is below. Please read the initial section of the document so you have a bit of context of what's in the document and what I've already done. https://docs.google.com/document/d/1Gvv0VNEfnYjJXgscxYRJ38f_KRrojNKv5hrF2t-oESM/edit?usp=sharing Enjoy!

MajdT51 (Tue, 01 Dec 2020 09:56:13 GMT):
Has joined the channel.

kaijuneer (Tue, 01 Dec 2020 12:17:59 GMT):
Has joined the channel.

marc0olo (Tue, 01 Dec 2020 21:10:59 GMT):
I have a general question in regards to the state of the development tools and the general purpose of the different frameworks. as fair as I understood the frameworks should (ideally) support all Aries protocols that are defined in Aries Interop Profiles. is this assumption correct or have I missunderstood that? if I am right -> is this currently the case for one of the existing frameworks? is there any matrix where we can see which frameworks supports which protocols defined in the AIP ?

marc0olo (Tue, 01 Dec 2020 21:25:17 GMT):
I am just wondering what aspects should be covered within the framework (key management, storage, didcomm, ...) and which not? where e.g. do you see all the features and protocols being implemented? in separate, (hopefully) pluggable libraries or within the framework? I see that e.g. some protocols are implemented in this repository: https://github.com/hyperledger/aries-vcx

marc0olo (Tue, 01 Dec 2020 21:25:17 GMT):
I am just wondering what aspects should be covered by the framework (key management, storage, didcomm, ...) and which not? where e.g. do you see all the features and protocols being implemented? in separate, (hopefully) pluggable libraries or within the framework? I see that e.g. some protocols are implemented in this repository: https://github.com/hyperledger/aries-vcx

cmendoza (Tue, 01 Dec 2020 21:26:07 GMT):
Has joined the channel.

marc0olo (Tue, 01 Dec 2020 21:33:59 GMT):
ok I see the .NET framework supports a lot of features. so I guess it is desired to have that all covered by the framework which leads me back to my first question: is there any compatibility matrix to see what features and protocols are covered by each framework?

adamsc64 (Tue, 01 Dec 2020 22:33:56 GMT):
Has joined the channel.

mtfk (Tue, 01 Dec 2020 23:57:15 GMT):
On 2/12/2020 during Aries Morning call we would talk about two topics: - Architecture of Aries Verifiable Credentials Proof Formats - Ledgerless approach to VC Details on the meeting page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41587393 See you there!

GuilhermeFunchal (Wed, 02 Dec 2020 00:06:19 GMT):
Does anyone know alternatives for using von-network with Indy?

mtfk (Wed, 02 Dec 2020 00:07:05 GMT):
KERI ;)

GuilhermeFunchal (Wed, 02 Dec 2020 00:08:34 GMT):
Sorry, I don't understud you

mtfk (Wed, 02 Dec 2020 00:08:54 GMT):
just a joke. Why you are looking for alternative?

mtfk (Wed, 02 Dec 2020 00:08:54 GMT):
never mind, just a joke. Why you are looking for alternative?

mtfk (Wed, 02 Dec 2020 00:10:14 GMT):
and what do you mean by von-network with indy? von-network is indy

GuilhermeFunchal (Wed, 02 Dec 2020 00:10:39 GMT):
Is the von-network not used to develop?

mtfk (Wed, 02 Dec 2020 00:12:00 GMT):
the one which you are probably using is meant for demos and development. Is the easiest way to bootstrap a test net for development afaik

mtfk (Wed, 02 Dec 2020 00:12:14 GMT):
so you are looking for something more production ready, is that correct?

GuilhermeFunchal (Wed, 02 Dec 2020 00:12:42 GMT):
Yes, exact

GuilhermeFunchal (Wed, 02 Dec 2020 00:13:10 GMT):
What would be more appropriate?

GuilhermeFunchal (Wed, 02 Dec 2020 00:15:01 GMT):
Do you have any reference for me ?

mtfk (Wed, 02 Dec 2020 00:16:05 GMT):
You could easily build production network out of the examples of von. Basically is just matter of bootstrapping nodes and configuration. If you assume that you would control all nodes then should be relatively simple.

mtfk (Wed, 02 Dec 2020 00:18:10 GMT):
Unfortunately I don't know any public repository as a reference.

GuilhermeFunchal (Wed, 02 Dec 2020 00:20:03 GMT):
Could you help me with resource need information?

mtfk (Wed, 02 Dec 2020 00:20:16 GMT):
I am aware of 2 "production" deployment lissi and findy, where only findy actually puts something on github but so far as I checked the repo is empty

mtfk (Wed, 02 Dec 2020 00:21:43 GMT):
I would suggest to start here: https://wiki.hyperledger.org/display/indy/Documentation+Index

mtfk (Wed, 02 Dec 2020 00:22:25 GMT):
especially this one could be helpful: https://github.com/mwherman2000/indy-gsg-ea

mtfk (Wed, 02 Dec 2020 00:23:05 GMT):
not sure how up to date this would be but worth to look

GuilhermeFunchal (Wed, 02 Dec 2020 00:36:06 GMT):
Do you work with the infraestruture ?

GuilhermeFunchal (Wed, 02 Dec 2020 00:49:51 GMT):
thanks for all information...

mapa 5 (Wed, 02 Dec 2020 01:24:36 GMT):
hi anyone wants to work with me on flutter Aries ? implementation

mapa 5 (Wed, 02 Dec 2020 01:24:52 GMT):
i already created a wallet FFI with aries and rust

mapa 5 (Wed, 02 Dec 2020 01:25:31 GMT):
agent with mobile

marc0olo (Wed, 02 Dec 2020 09:49:22 GMT):
This might be slightly out of topic but I am trying to connect the dots as good as good as possible. I know that following initiatives exist which I consider most relevant in the SSI space: - W3C Credentials Community Group - Hyperledger Aries - Dezentralized Identity Foundation - Trust over IP Foundation I am currently figuring out how all these initiatives are related. I know that different working groups of the decentralized identity foundation are e.g. working on specifications for different topics and also provide some reference implementations. Can we expect that everything (or most things) specified in W3C and DIF working groups will eventually be reflected in Aries RFCs and then be included in new Aries Interop Profiles? Would be happy to get some background about all the initiatives. Maybe there is some diagramm that describes how they are related?

paul.bastian (Wed, 02 Dec 2020 11:10:43 GMT):
lissi testnet evolved into SSI4Germany, which is now targeting to be an european indy network under IDunion, the testnet is up and running and the production network launch is planned for Q2/21 as we are currently setting up governance&legal. If you are intrested, send me a message

GuilhermeFunchal (Wed, 02 Dec 2020 11:46:11 GMT):
Hello, I'm interested in meeting.

GuilhermeFunchal (Wed, 02 Dec 2020 11:47:50 GMT):
Yes, I do. I'm from Brazil. I'm working in Serpro Company and we we are thinking of setting up something similar.

TelegramSam (Wed, 02 Dec 2020 16:31:11 GMT):
@marc0olo that is a good question, and constantly evolving somewhat.

TelegramSam (Wed, 02 Dec 2020 16:32:21 GMT):
We lack a good map in the larger community, but I can give you a summary as it relates to Aries.

TelegramSam (Wed, 02 Dec 2020 16:36:32 GMT):
Aries work requires advancement in a few areas. That work has generally started within Aries, and has often moved to a different group as interest grows. DIDComm v1 born in Aries has led to the DIDComm WG at the DIF, working on v2. It is the intent of the Aries community to adopt and migrate to v2 as it becomes ready. Similar is the advancement of governance frameworks. ToIP is now focusing on that, and Aries will lean on any associated work there. W3C has the DID spec (obviously a dependency) and the Secure Data Storage WG, which is Orthogonally related.

swcurran (Wed, 02 Dec 2020 16:44:33 GMT):
My view -- * W3C Core specs for DIDs and Verifiable Credentials. Also does some development of other specs. to be standards. * DIF -- development of other specs to be standards for Decentralized Identity -- DIDComm, Presentation Exchange, Storage. * Trust over IP -- a way to formalize technical and governance stacks for "Trust" related ecosystems -- for example, FinTech, Education Credentials, Gov't ID, etc. For example, Aries might be a tech stack within ToIP. Note that the ToIP incubates the stacks, and then an ecosystem would have it's on Foundation/organization to maintain the standards -- templates for building ecosystems. * Aries -- Open Source implementations that define and use protocols to enable working code.

marc0olo (Wed, 02 Dec 2020 16:50:26 GMT):
thanks for your views @TelegramSam and @swcurran - really helps to get a better understanding

marc0olo (Wed, 02 Dec 2020 16:51:19 GMT):
did I miss any important initiative/group in my list?

swcurran (Wed, 02 Dec 2020 17:33:55 GMT):
I probably think that the DIF list should include KERI. There are more organizations, but in this style, I might be tempted to add MyData.

TelegramSam (Wed, 02 Dec 2020 20:06:56 GMT):
WG meeting on now: https://zoom.us/j/5184947650?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mtfk (Wed, 02 Dec 2020 20:17:47 GMT):
In reference to our today discussion about VC here is a nice resources about the vc spec map: https://github.com/decentralized-identity/vc-spec-map

thearhaam (Wed, 02 Dec 2020 20:42:32 GMT):
@mapa 5 Although my Flutter is a bit rusty, I would definitely be interested in that :D If possible could you share the link to your repository (assuming that it's public)

Bezalel (Thu, 03 Dec 2020 01:43:35 GMT):
I'm searching for DID/VC agent implementation not dependent only on Indy ledger. I found two projects currently : * Hyperledger Aries Framework Go : https://github.com/hyperledger/aries-framework-go * Uport DID Agent Framework : https://github.com/uport-project/daf Verity has plan to support other ledgers(blockchain) next year. are there any other options? welcome any advice, comment, hint :) My need is not to be locked in Indy ledger..

Bezalel (Thu, 03 Dec 2020 01:47:47 GMT):
Is there anyone/company/project using Aries Framework Go in production level (cloud agent and mobile agent)? is aries-frameowkr-go currently having mature code base?

mccown (Thu, 03 Dec 2020 04:39:33 GMT):
The Identity Implementer's WG is meeting tomorrow morning (Dec 3rd @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. For our presentation, Nicole Khor (Anonyome Labs; University of Queensland) will present a part of her research, which includes integrating SSI technologies with existing browser-based authentication protocols (e.g., WebAuthn). She will talk about browser integration, protocol requirements, etc. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2020-12-3+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

prakharsr (Thu, 03 Dec 2020 08:26:38 GMT):
Hi, can anybody help me debug me run alice-faber demo please? I run into this issue : ```Faber | aries_cloudagent.ledger.error.LedgerConfigError: Exception opening pool ledger default: Error: Invalid library state Faber | Caused by: Ledger merkle tree is not acceptable for current tree. ``` I understand that this caused by genesis-file mismatch. Now, I am running my indy ledger and von network webserver using von-network docker container on my host machine which gives me 0.0.0.0:9000 for webserver and fetching the genesis file from there, returns me nodes and clients having ip 172.17.0.1 which is standard for docker containers. Now, I want to run the alice faber demo and then find out a way to set GPIO pins on my beagleone black which has a gateway 192.168.6.1 and can be ssh'ed into throgh 192.168.6.2. So, I setup the aca-py installation and run the demo, using GENESIS_FILE=~/local-genesis.txt LEDGER_URL=http://192.168.6.1:9000 LOG_LEVEL=debug DEFAULT_POSTGRES=true python3 -m runners.faber --port 8020 . Also, I edited the local-genesis.txt to replace 172.17.0.1 with 192.168.6.1. Now, using this setup I get Caused by: Ledger merkle tree is not acceptable for current tree error and by using GENESIS_URL=http://192.168.6.1:9000/genesis LEDGER_URL=http://192.168.6.1:9000 LOG_LEVEL=debug DEFAULT_POSTGRES=true python3 -m runners.faber --port 8020, I get indy pool timeout error. (this shouldnot work as it will connect with the local docker 172.17.0.1 of beagleone black, not with my host's 172.17.0.1). So, I'm stuck here, not being able to run the demo. Any help will be appreciated.

prakharsr (Thu, 03 Dec 2020 08:26:38 GMT):
Hi, can anybody help me debug me run alice-faber demo please? I run into this issue : ```Faber | aries_cloudagent.ledger.error.LedgerConfigError: Exception opening pool ledger default: Error: Invalid library state Faber | Caused by: Ledger merkle tree is not acceptable for current tree. ``` I understand that this caused by genesis-file mismatch. Now, I am running my indy ledger and von network webserver using von-network docker container on my host machine which gives me 0.0.0.0:9000 for webserver and fetching the genesis file from there, returns me nodes and clients having ip 172.17.0.1 which is standard for docker containers. Now, I want to run the alice faber demo and then find out a way to set GPIO pins on my beagleone black which has a gateway 192.168.6.1 and can be ssh'ed into throgh 192.168.6.2. So, I setup the aca-py installation and run the demo, using ```GENESIS_FILE=~/local-genesis.txt LEDGER_URL=http://192.168.6.1:9000 LOG_LEVEL=debug DEFAULT_POSTGRES=true python3 -m runners.faber --port 8020``` . Also, I edited the local-genesis.txt to replace 172.17.0.1 with 192.168.6.1. Now, using this setup I get Caused by: Ledger merkle tree is not acceptable for current tree error and by using ```GENESIS_URL=http://192.168.6.1:9000/genesis LEDGER_URL=http://192.168.6.1:9000 LOG_LEVEL=debug DEFAULT_POSTGRES=true python3 -m runners.faber --port 8020```, I get indy pool timeout error. (this shouldnot work as it will connect with the local docker 172.17.0.1 of beagleone black, not with my host's 172.17.0.1). So, I'm stuck here, not being able to run the demo. Any help will be appreciated.

prakharsr (Thu, 03 Dec 2020 08:29:10 GMT):
P.S. I was able to build the von-image and aca-py for armhf in docker as well as I got aca-py installed locally in my bbb.

prakharsr (Thu, 03 Dec 2020 08:36:05 GMT):
BTW, I got aca-py to connect with von-network using ```docker run -P -p 8002:8002 -p 8000:8000 -p 8001:8001 fac8e9ecc061 start --inbound-transport http 0.0.0.0 8000 --inbound-transport ws 0.0.0.0 8001 --outbound-transport ws --outbound-transport http --genesis-file local-genesis.txt --genesis-url http://192.168.7.1:9000/ --wallet-storage-type postgres_storage --wallet-storage-config {"url":"192.168.7.1:5432"} --admin 0.0.0.0 8002 --admin-insecure-mode -e http://0.0.0.0:8000 ws://0.0.0.0:8001 --debug --log-level DEBUG``` So, if anbody can guide me on how to set/read GPIO pins using a message from the aries cloud agent, that would be good too cause then i won't have to rely on alice-faber demo

prakharsr (Thu, 03 Dec 2020 08:36:05 GMT):
BTW, I got aca-py to connect with von-network using ```docker run -P -p 8002:8002 -p 8000:8000 -p 8001:8001 fac8e9ecc061 start --inbound-transport http 0.0.0.0 8000 --inbound-transport ws 0.0.0.0 8001 --outbound-transport ws --outbound-transport http --genesis-file local-genesis.txt --genesis-url http://192.168.6.1:9000/ --wallet-storage-type postgres_storage --wallet-storage-config {"url":"192.168.6.1:5432"} --admin 0.0.0.0 8002 --admin-insecure-mode -e http://0.0.0.0:8000 ws://0.0.0.0:8001 --debug --log-level DEBUG``` So, if anbody can guide me on how to set/read GPIO pins using a message from the aries cloud agent, that would be good too cause then i won't have to rely on alice-faber demo

marc0olo (Thu, 03 Dec 2020 10:58:51 GMT):
In the recent meeting notes I discovered that there are some pending contributions from GlobalID. does anybody know about the state of that? it includes sdks and frameworks for Swift and Kotlin

daidoji (Thu, 03 Dec 2020 13:26:47 GMT):
what's GPIO pins?

prakharsr (Thu, 03 Dec 2020 13:39:50 GMT):
https://www.raspberrypi.org/documentation/usage/gpio/

daidoji (Thu, 03 Dec 2020 13:41:07 GMT):
oh its a rasberry pi thing.

daidoji (Thu, 03 Dec 2020 13:41:40 GMT):
Its weird you can connect via the docker run command but the alice/faber demo gives you that weird merkle tree error.

daidoji (Thu, 03 Dec 2020 13:43:13 GMT):
sorry I'll reply in this thread. Where are you deviating from the demo? In lieu of your `docker run` command below it looks like the ledger should be fine.

daidoji (Thu, 03 Dec 2020 13:43:24 GMT):
I can't quite parse all the steps in this text though.

prakharsr (Thu, 03 Dec 2020 13:48:17 GMT):
Hey, I was able to to follow up on the faber-alice demo manually, by running up two agents but now i am getting another error ``` aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://0.0.0.0:8010; Error: (, ClientConnectorError(ConnectionKey(host='0.0.0.0', port=8010, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('0.0.0.0', 8010)")), ); Re-queue failed message ... ```

prakharsr (Thu, 03 Dec 2020 13:52:16 GMT):
this error happens after i create a invitation on faber and then receive the invitation on alice and then when I accept invitation and request, I run into this error.

prakharsr (Thu, 03 Dec 2020 13:53:00 GMT):
Hey, I was able to to follow up on the faber-alice demo manually, by running up two agents but now i am getting another error aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://0.0.0.0:8010; Error: (, ClientConnectorError(ConnectionKey(host='0.0.0.0', port=8010, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('0.0.0.0', 8010)")), ); Re-queue failed message ... this error happens after i create a invitation on faber and then receive the invitation on alice and then when I accept invitation and request, I run into this error.

prakharsr (Thu, 03 Dec 2020 13:53:00 GMT):
Hey, I was able to to follow up on the faber-alice demo manually, by running up two agents but now i am getting another error ``` aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://0.0.0.0:8010; Error: (, ClientConnectorError(ConnectionKey(host='0.0.0.0', port=8010, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('0.0.0.0', 8010)")), ); Re-queue failed message ... ``` this error happens after i create a invitation on faber and then receive the invitation on alice and then when I accept invitation and request, I run into this error.

daidoji (Thu, 03 Dec 2020 13:55:39 GMT):
looks like they can't communicate with each other

daidoji (Thu, 03 Dec 2020 13:56:23 GMT):
err, the http call I mean

prakharsr (Thu, 03 Dec 2020 13:58:12 GMT):
yep, alice can't POST to faber acknowledging the invitation acceptance response, so I'm unable to get the connection id from which i'll be able to connect to faber from alice.

prakharsr (Thu, 03 Dec 2020 13:58:33 GMT):
saw this issue mentioned here also : https://github.com/hyperledger/aries-cloudagent-python/issues/444

andrew.whitehead (Thu, 03 Dec 2020 15:02:30 GMT):
Too many zeros.. your endpoints (-e) are not at 0.0.0.0 you need their public IP there (in docker you need the container IP)

daidoji (Thu, 03 Dec 2020 16:01:37 GMT):
why would alice be able to post to the faber agent? I think that's a manual step in the demo.

mccown (Thu, 03 Dec 2020 16:04:45 GMT):
The Identity Implementer's call is starting https://wiki.hyperledger.org/display/IWG/2020-12-3+Identity+Implementers+WG+Call

janpieterz (Thu, 03 Dec 2020 16:06:41 GMT):
Has joined the channel.

sklump (Thu, 03 Dec 2020 17:22:15 GMT):
Has joined the channel.

sklump (Thu, 03 Dec 2020 17:22:15 GMT):
Best practices for provers in (automated) credential selection and verifiers in presentation proof regarding non-revocation intervals, timestamps, credential revocability. https://github.com/hyperledger/aries-rfcs/pull/569

sklump (Thu, 03 Dec 2020 17:22:15 GMT):
I call it RFC 0441: best practices for provers in (automated) credential selection and verifiers in presentation proof regarding non-revocation intervals, timestamps, credential revocability. https://github.com/hyperledger/aries-rfcs/pull/569

TelegramSam (Thu, 03 Dec 2020 17:28:14 GMT):
recording posted for yesterday's B call, including AIP Next discussion: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41587389

tschulshuh (Thu, 03 Dec 2020 17:38:36 GMT):
Has joined the channel.

tschulshuh (Thu, 03 Dec 2020 18:11:18 GMT):
Hi there, I recently found this chart on compatibility --> https://hackmd.io/t1cotiReTXCnkpDG8k2tVA#LEGEND there the table lists "VC Creds" (LD-Proofs, VC-JWTs, AnonCreds, BBS+) to my understanding after reading the W3C conformance section (https://www.w3.org/TR/vc-data-model/#conformance) the correct naming should be "proof mechanism". I am a bit confused right now, could someone explain ?

tschulshuh (Thu, 03 Dec 2020 18:11:18 GMT):
Hi there, I recently found this chart on credential compatibility --> https://hackmd.io/t1cotiReTXCnkpDG8k2tVA#LEGEND there the table lists "VC Creds" (LD-Proofs, VC-JWTs, AnonCreds, BBS+) to my understanding after reading the W3C conformance section (https://www.w3.org/TR/vc-data-model/#conformance) the correct naming should be "proof mechanism". I am a bit confused right now, could someone explain ?

ultimo2020 (Thu, 03 Dec 2020 21:13:57 GMT):
Hi everyone. I know that Indy wallet is single threaded and has limitations if there is a need to process more VCs at the same time. But has this been solved in Aries?

Bezalel (Fri, 04 Dec 2020 02:39:08 GMT):
I have this question too, as an Aries newcomer. I think Evernym Verity, recently open-sourced (free only for small-size project though), is implemented using Scala Akka framework (distributed actor model) to solve the scalability issue of Aries 'Agents'. In my understanding, scalability issue of Aries Agent should be looked at from two perspectives : 1) one (enterprise) cloud agent handling large volume of DID/VC processing in parallel 2) large number of 'mediator/relay' cloud agent per end-user(mobile agent), new OS process per an agent seems not viable for achieving Agent scalability can existing Aries frameworks address these scalability issues? (especially I'm curious about Aries Go and Rust implementation)

ultimo2020 (Fri, 04 Dec 2020 05:52:53 GMT):
Hi Bezalel. Great that we are on the same page here. What I am also interested is exactly like you said, is handling large numbers of cloud agent processing. I have seen some queuing addons to evernym to try to solve this, but the question is the same, which and if they can, Aries frameworks can solve those important issues that enable large scale applications to be built?

prakharsr (Fri, 04 Dec 2020 06:52:44 GMT):
thanks its working now

kapster (Fri, 04 Dec 2020 09:18:15 GMT):
Has joined the channel.

o.terbu (Fri, 04 Dec 2020 09:26:36 GMT):
hi, does anyone know which Aries projects (besides Aries Go) have implemented a VDRI abstraction? Further, can someone please point me to the current VDRI proposal?

kapster (Fri, 04 Dec 2020 09:34:23 GMT):
mobile

kapster (Fri, 04 Dec 2020 09:40:33 GMT):
@Bezalel I have the same question. I'd prefer to develop app in native code instead of coding in xamarin but I am not sure if aries-go is usable for mobile

marc0olo (Fri, 04 Dec 2020 10:08:25 GMT):
what I personally would like to see is a compatibility/feature matrix for the different SDKs. it's really hard to figure out which SDK supports which protocols and VDRs in regards to the mobile agent I discovered in the notes of the recent group meeting call that their is a pending contribution of GlobalID for swift and kotlin frameworks. I already asked about the state of these in the chat

marc0olo (Fri, 04 Dec 2020 10:36:06 GMT):
@Bezalel I know the question was about production level deployments (which I don't know) - but if you search a mobile implementation using the go bindings you can take a look at this example: https://github.com/trustbloc/aries-examples

tschulshuh (Fri, 04 Dec 2020 10:41:30 GMT):

Clipboard - 4. Dezember 2020 11:41

tschulshuh (Fri, 04 Dec 2020 10:41:32 GMT):
I tried to illustrate my current understanding of the naming is this correct?

swcurran (Fri, 04 Dec 2020 15:02:59 GMT):
The BC Gov team is working on a new storage mechanism that is intended to address some of the limitations of the indy-wallet implementation, but at the same time retaining the core concepts.

swcurran (Fri, 04 Dec 2020 15:03:26 GMT):
Work is here -- https://github.com/andrewwhitehead/aries-askar

swcurran (Fri, 04 Dec 2020 15:03:55 GMT):
Soon to be moved to BC Gov open source repo and then to be offered as a contribution to Hyperledger

swcurran (Fri, 04 Dec 2020 15:05:15 GMT):
The storage layer is in rust. We'll be using it in ACA-Py and it is available for use in other frameworks.

ultimo2020 (Fri, 04 Dec 2020 18:04:51 GMT):
Thanks swcurran. Will check it out. Maybe another topic, is there any other online work to facilitate the security in the Custodian cloud wallets? Fot an example separation of the storage for the private keys, offline mode for signing transactions with private keys and maybe multiple signing?

swcurran (Fri, 04 Dec 2020 19:05:04 GMT):
There is certainly work going on that topic in the broader community -- e.g. the DIF "Confidential Storage" working group.

ultimo2020 (Fri, 04 Dec 2020 20:04:26 GMT):
Thanks swcurran, where can I find the DIF WG?

TelegramSam (Fri, 04 Dec 2020 20:18:16 GMT):
https://github.com/hyperledger/aries-rfcs/issues/570

TelegramSam (Fri, 04 Dec 2020 20:18:16 GMT):
Have you worked on an asset transfer protocol? https://github.com/hyperledger/aries-rfcs/issues/570

TelegramSam (Fri, 04 Dec 2020 20:25:24 GMT):
I believe ACA-Py does, or will soon with @andrew.whitehead's work.

swcurran (Fri, 04 Dec 2020 20:35:08 GMT):
Here are the details -- https://identity.foundation/working-groups/secure-data-storage.html

ultimo2020 (Fri, 04 Dec 2020 20:40:45 GMT):
Thanks a lot. Will dig into it. Seems like the WG is tackling the security aspect which is great

swcurran (Fri, 04 Dec 2020 21:23:51 GMT):
BTW - reread your message and the DIF group is more on the separation of the agent from the storage, vs. all being housed together. It might cover offline storage but not certain and I don't think (but might :-) ) cover multi-sig.

danielhardman (Sat, 05 Dec 2020 03:06:19 GMT):
I raised a PR that updates the MIME types RFC (0044) to explain how to detect DIDComm V1 vs. V2. My goal is to have this RFC included in our next AIP. See https://github.com/hyperledger/aries-rfcs/pull/571.

danielhardman (Sat, 05 Dec 2020 03:06:27 GMT):
@swcurran ^^

ultimo2020 (Sat, 05 Dec 2020 08:43:36 GMT):
@swcurran Thanks a lot. I was searching the security side of the cloud wallets (Aries, Indy) how to separate the private keys and make the user experience more secure and maybe offline. This is maybe a missing peace of the cloud wallets in general

Parthkm78 (Sat, 05 Dec 2020 12:40:13 GMT):
Has joined the channel.

pawel.kowalik (Mon, 07 Dec 2020 12:18:31 GMT):
Has joined the channel.

Alexandru-MihailAdam (Mon, 07 Dec 2020 16:01:26 GMT):
Has joined the channel.

domwoe (Mon, 07 Dec 2020 19:50:26 GMT):
Something I've keep wondering again and again but haven't asked yet :) Why do we not have a mechanism for abandoning a connection to indicate to the other party that we remove the connection?

daidoji (Mon, 07 Dec 2020 19:53:18 GMT):
@domwoe couldn't you do that with a regular message?

domwoe (Mon, 07 Dec 2020 19:57:32 GMT):
Sure, I could also ask someone to issue me a VC with a regular message ;) If we don't standardize the message it doesn't help much

TimoGlastra (Mon, 07 Dec 2020 22:21:25 GMT):
Only mention I’ve seen of it is an issue in the DIDComm repo, where they mention channel teardown: https://github.com/decentralized-identity/didcomm-messaging/issues/81. But this was closed without stating the reason, so maybe this is not that helpful 🤷‍♂️

marc0olo (Tue, 08 Dec 2020 09:16:40 GMT):
my head is currently struggling to understand how pairwise or n-wise DIDs (peer relationships using did:peer) can be combined with anywise DIDs? the main question I have is how can I present a proof of a VC that is e.g. linked to a public DID method in a peer relationship - if this is possible at all?

domwoe (Tue, 08 Dec 2020 10:24:13 GMT):
Depends on how subject authentication is achieved - IndyCreds typically don't use DIDs for subject authentication. You get a proof in a "DIDcomm channel", but subject authentication is done via a link secret - I guess (not sure) in LD VCs as used in Aries Go you transport a whole VP in the DIDcomm channel. The DIDcomm channel could be associated to another DID than the VP (@troyronda ?)

marc0olo (Tue, 08 Dec 2020 11:37:41 GMT):
thanks @domwoe, I just found this publication which describes that scenario also quite well: https://sovrin.org/wp-content/uploads/2019/01/How-DIDs-Keys-Credentials-and-Agents-Work-Together-in-Sovrin-131118.pdf it would be interesting to know how this is achieved for LD signature based VCs or if it is currently possible to achieve the same behavior using those

TelegramSam (Tue, 08 Dec 2020 15:38:44 GMT):
It would be possible to present a credential issued to one DID over a pairwise channel using another DID, along side proof of DID ownership for the subject DID.

TelegramSam (Tue, 08 Dec 2020 15:38:52 GMT):
That's never been designed, but is possible.

swcurran (Tue, 08 Dec 2020 18:49:30 GMT):
Join us for the ACA-Py User Group is tomorrow, Wednesday at 11AM Pacific (19:00 UTC/20:00 CET) -- the hour before the Aries WG Call Zoom link is: https://zoom.us/my/hyperledger.community?pwd=STZQd0xMZU9xRVVOVnpQM3JNQ2dqZz09 Link to meeting agenda page: https://wiki.hyperledger.org/display/ARIES/2020-11-25+Aries+Cloud+Agent+-+Python+Users+Group+Community+Meeting Busy and super interesting agenda for the meeting: - Business Partner Agent - https://github.com/hyperledger-labs/business-partner-agent - Aries Agent Test Harness Reporting Dashboard - Aries Cloud Agent Python using Aries Shared components Everyone is welcome!

yezi (Wed, 09 Dec 2020 06:26:30 GMT):
Has joined the channel.

yezi (Wed, 09 Dec 2020 06:26:31 GMT):
hi ， regarding Aries RFC 0075: Payment Decorators, I tried to write a process using it. I don’t know if this understanding is correct. 1. In merchant website, user confirms a VC order and selects preferred payment method. 2. Merchant website display a QR code with credential-offer message(with payment decorators--~payment_request). 3. User uses mobile wallet to scan The QR code. 4. mobile wallet creates connection with merchant, and then, mobile wallet deals with credential-offer message which has payment_request included. Mobile wallet call the corresponding payment application for payment. 5. The payment application prompts user to authenticate, complete payment process, and sends the payment result back to the user’s mobile wallet. 6. Mobile wallet generates the credential request message with ~payment_receipt included. 7. The merchant confirms the payment result from ~payment_receipt and creates credential. 8. The user’s mobile wallet receives the credential ,verifies and stores the credential.

PascalHeitz (Wed, 09 Dec 2020 10:15:09 GMT):
Has joined the channel.

TelegramSam (Wed, 09 Dec 2020 16:43:41 GMT):
The payment decorator has not been leveraged very much in the community.

neilbts (Wed, 09 Dec 2020 16:57:12 GMT):
Has joined the channel.

danielhardman (Wed, 09 Dec 2020 17:58:32 GMT):
@swcurran , I would like to formally propose that we include support for static pure did in the next AIP

danielhardman (Wed, 09 Dec 2020 17:59:19 GMT):
Hah. Peer DIDs, not pure did 😁

danielhardman (Wed, 09 Dec 2020 17:59:47 GMT):
Can we discuss the merits of that proposal for a minute on today's B call

TelegramSam (Wed, 09 Dec 2020 18:11:18 GMT):
Yep.

swcurran (Wed, 09 Dec 2020 18:12:49 GMT):
I'm revising my desk from last week to use as the basis for a conversation.

swcurran (Wed, 09 Dec 2020 18:12:49 GMT):
I'm revising my deck from last week to use as the basis for a conversation.

swcurran (Wed, 09 Dec 2020 18:13:26 GMT):
I'll add that to it in the DIDComm section.

TelegramSam (Wed, 09 Dec 2020 18:14:22 GMT):
Hey, on attachments. did we discuss an additional attribute for an attachment (in addition to mime-type) that could indicate the schema of what was attached?

TelegramSam (Wed, 09 Dec 2020 19:59:59 GMT):
Today on the Aries B call: AIP Next discussions: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41588229

yezi (Thu, 10 Dec 2020 00:53:18 GMT):
ok，thanks

yuvaraj-thanikachalam (Thu, 10 Dec 2020 12:26:03 GMT):
Has joined the channel.

yuvaraj-thanikachalam (Thu, 10 Dec 2020 12:26:03 GMT):
We are trying to create DID mobile wallet cloud agent using Aries-framework-Go mediator which can establish a connection to an existing python based indy agent using genesis file json as well as communication using Rest APIs; Can this be setup on AWS cloud? Please advise if someone had done this before.

newdev42 (Thu, 10 Dec 2020 12:27:12 GMT):
Has joined the channel.

awais.ahmad (Fri, 11 Dec 2020 09:00:55 GMT):
Hi Guys, Just a quick question, is there an example of revocation implemented in aries ? How do i go about implementing revocation in aries ? We are using aries .net

kaijuneer (Fri, 11 Dec 2020 12:51:47 GMT):
Hi guys, a very amateur question here. If I would like to use the ACA-PY framework (https://github.com/hyperledger/aries-cloudagent-python) to build an agent controller, where should I write the code for the controller? I saw the demo directory containing some files such as Alice.py which is basically the controller code, but if I want to build my own controller and set up my own agent, how should I get started?

domwoe (Fri, 11 Dec 2020 12:54:51 GMT):
You can can start a new project in whatever programming language/framework you like and communicate with ACA-PY via its REST and/or WebHook interface

rileyphughes (Fri, 11 Dec 2020 15:11:52 GMT):
Aries .net implements it, @tomislav can maybe point you in the right direction

zhenbing (Mon, 14 Dec 2020 08:55:55 GMT):
Has joined the channel.

devexplore2020 (Mon, 14 Dec 2020 16:45:02 GMT):
Has joined the channel.

devexplore2020 (Mon, 14 Dec 2020 16:47:13 GMT):
Greetings everyone. I was looking at the Aries Frameworks. I have seen there is an Aries-Framework-Javascript in the official Github. I was wondering if this framework could be used to build an Aries Cloud wallet-agent and connect it to the Sovrin stagingnet ? Has anyone tried something similar ?

jakubkoci (Tue, 15 Dec 2020 15:22:26 GMT):
Hi @devexplore2020 Aries JS framework is still under development. You can use it for DIDcomm and credential issuance so far. We're still missing proof presentation feature.

jakubkoci (Tue, 15 Dec 2020 15:26:20 GMT):
It should be possible to use it as cloud wallet agent eventually. Yesterday I connected to the Sovrin StagingNet with this framework from React Native app. The same functinality should be available also on the backend side with Node.js.

jakubkoci (Tue, 15 Dec 2020 15:26:20 GMT):
It should be possible to use it as cloud wallet agent eventually. Yesterday I connected to the Sovrin StagingNet with this framework from React Native app for example. The same functionality should be available also on the backend side with Node.js.

george.aristy (Tue, 15 Dec 2020 15:43:47 GMT):
Is there something analogous to jsonpath for CBOR? Or is it too early to ask? :)

daidoji (Wed, 16 Dec 2020 16:03:46 GMT):
Sorry for cross-posting but there aren't any implementations listed for https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0104-chained-credentials/README.md are there any examples of this code in an Aries or Indy implementation or how would one go about implementing this if there isn't?

TelegramSam (Thu, 17 Dec 2020 15:21:04 GMT):
WG B Call recording posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41588878

TelegramSam (Thu, 17 Dec 2020 15:21:11 GMT):
^ AIP Discussions

zossimov (Fri, 18 Dec 2020 12:10:32 GMT):
Hi, Aries .net Mediator is giving me this error on Credential Issuance. Credential is Issued successfully. State is Issued (2) on Web Agent, but on Mobile Agent, state is still stuck on 1 (requested). Anyone has any idea, why? ``` fail: Hyperledger.Aries.Agents.AgentBase[0] Failed to un-pack message fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1] An unhandled exception has occurred while executing the request. Hyperledger.Aries.AriesFrameworkException: Failed to un-pack message ---> Hyperledger.Indy.WalletApi.WalletItemNotFoundException: No value with the specified key exists in the wallet from which it was requested. at Hyperledger.Aries.Utils.CryptoUtils.UnpackAsync(Wallet wallet, Byte[] message) at Hyperledger.Aries.Agents.AgentBase.UnpackAsync(IAgentContext agentContext, PackedMessageContext message) --- End of inner exception stack trace --- at Hyperledger.Aries.Agents.AgentBase.UnpackAsync(IAgentContext agentContext, PackedMessageContext message) at Hyperledger.Aries.Agents.AgentBase.ProcessMessage(IAgentContext agentContext, MessageContext messageContext) at Hyperledger.Aries.Agents.AgentBase.ProcessAsync(IAgentContext context, MessageContext messageContext) at Hyperledger.Aries.AspNetCore.AgentMiddleware.Invoke(HttpContext httpContext, IAgentProvider agentProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) ```

RazaDen (Sat, 19 Dec 2020 10:43:31 GMT):
Has joined the channel.

marc0olo (Mon, 21 Dec 2020 18:32:48 GMT):
I just discovered the DIF specification for "Presentation Exchange". Do you see things like OIDC and the Credential Handler API resided? Do you think this will be implemented in the aries framework or do you expect these things to be built aside/on-top of the framework? https://identity.foundation/presentation-exchange/

marc0olo (Mon, 21 Dec 2020 18:32:48 GMT):
I just discovered the DIF specification for "Presentation Exchange". Where do you see things like OIDC and the Credential Handler API resided? Do you think this will be implemented in the aries framework or do you expect these things to be built aside/on-top of the framework? https://identity.foundation/presentation-exchange/

swcurran (Mon, 21 Dec 2020 18:55:36 GMT):
My expectation is that Aries Credential Exchange V2 protocols (RFC 0453/0454) will enable using appropriate credential/presentation types. DIF PE looks very promising for the "Present Proof". I've not really looked that much at CHAPI, but I think it is more a transport layer below DIDComm. For OIDC so far, we've only used it via a VC IdP that talks OIDC flow between the PR and the IdP, and the IdP uses Aries protocols to talk to the Wallet.

andrew.whitehead (Mon, 21 Dec 2020 19:12:29 GMT):
Looking at that spec again, I find it strange that the constraints are in the form of a JSON path (with options for different formats) and not written as RDF relationships to the credential or the subject

swcurran (Tue, 22 Dec 2020 21:53:58 GMT):
Hey folks -- BC Gov has launched a Code With Us (open source bounty) for adding W3C Standard VCs with ZKP and Selective Disclosure using BBS+ to ACA-Py. Please share this with folks you know that might be interested in applying for this work. https://digital.gov.bc.ca/marketplace/opportunities/code-with-us/3f9f0e86-b8bf-47ee-9f3d-5b272f9ec845

newdev42 (Sat, 26 Dec 2020 15:37:15 GMT):
hi there! I'm doing the LS173x course and trying to run this demo: https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo#run-the-alice-and-faber-controllersagents -- I skipped the step of running the VON network (actually because I wasn't able to run it successfully, and gave up the struggle of installing the python dependencies -- now it complains about plenum)... I tried to run the docker image of the von-webserver too, but I was getting init errors on docker logs... anyway, since its optional I just skipped... but it seems that the command `python3 -m runners.faber --port 8020` actually relies on port 9000 throwing the error: `aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:9000 ssl:None [Connect call failed ('127.0.0.1', 9000)]`

newdev42 (Sat, 26 Dec 2020 15:37:15 GMT):
hi there! I'm doing the LFS173x course and trying to run this demo: https://github.com/hyperledger/aries-cloudagent-python/tree/master/demo#run-the-alice-and-faber-controllersagents -- I skipped the step of running the VON network (actually because I wasn't able to run it successfully, and gave up the struggle of installing the python dependencies -- now it complains about plenum)... I tried to run the docker image of the von-webserver too, but I was getting init errors on docker logs... anyway, since its optional I just skipped... but it seems that the command `python3 -m runners.faber --port 8020` actually relies on port 9000 throwing the error: `aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:9000 ssl:None [Connect call failed ('127.0.0.1', 9000)]`

swcurran (Sat, 26 Dec 2020 16:00:47 GMT):
That is a dependency on von-network. In addition to running a 4 node Indy network, von-network runs a Network Browser web server for that Indy network that is exposed on port 9000 of your docket host. When the Alice Faber demo starts up, it uses the web server to get to the genesis file for the Indy Network. von-network and all of these are designed to run using Docker. They can all work outside docker, but you have to reconfigure them and run into many challenges that are not helpful to the goals of getting going with Aries. Using docker, it usually takes about 2 minutes to be running an Indy network, with most of that time spent downloading artifacts from the Internet.

newdev42 (Sat, 26 Dec 2020 16:03:22 GMT):
hey Stephen, thank you for the amazing course! I'm really really loving it! Hopefully I can get involved and collaborate with Aries soon! -- yeah I just gave up running everything locally and I was able to run the docker containers with `./manage start --logs` -- I can access the localhost:9000, create DIDs and so on... I will try to run the faber/alice demo again

newdev42 (Sat, 26 Dec 2020 16:27:39 GMT):
@swcurran now it looks better, the faber agent and alice agent are spinning up and I can see the DID trxs in the localhost:9000 domain explorer... the issue that I have now is that both agents throw pool timeout exceptions: ``` Faber | aries_cloudagent.ledger.error.LedgerConfigError: Exception opening pool ledger default: Error: Pool timeout Faber | Caused by: Pool timeout ```

newdev42 (Sat, 26 Dec 2020 16:28:56 GMT):
@swcurran now it looks better, the faber agent and alice agent are spinning up and I can see the DID trxs in the localhost:9000 domain explorer... the issue that I have now is that both agents throw pool timeout exceptions: ``` Faber | aries_cloudagent.ledger.error.LedgerConfigError: Exception opening pool ledger default: Error: Pool timeout Faber | Caused by: Pool timeout ``` any suggestions? I believe that if the genesis was wrong the did would not be created at all, right?

newdev42 (Sat, 26 Dec 2020 16:46:45 GMT):
interesting thing is that on troubleshooting page, I tried to run: `indy-cli > ledger get-validator-info` and I get the error `There is no opened pool now`

newdev42 (Sat, 26 Dec 2020 17:18:56 GMT):
doohh... nevermind.. I was trying to run a local python (alice/faber) against the docker von network.. im running the `run_demo` docker script to run alice and faber inside docker and now it works :P

swcurran (Sun, 27 Dec 2020 23:24:47 GMT):
I was thinking that was probably it. Docker fun...

albertobr (Mon, 28 Dec 2020 11:48:48 GMT):
Has joined the channel.

albertobr (Mon, 28 Dec 2020 11:48:49 GMT):
Hi all, I've been reading the LFS172x course contents about Agents and the cloud agent model using ACA-Py. In addition, I've tested the demos available on the official repository and I understand how it works for the simple architecture presented of three agents (Alice, Faber and Acme), running the agent and the controller in different ports. But, what about if we create an application that provides a service and we have 1000 users, so there will be 1000 agents. Each user will need to launch their agent or the application may have an agent instance on a port on which each user can connect and perform different agent tasks or some different mechanism? The question arises because the user application (controller) is separated from the agent instance in the demo, and I would like to see how a real application could be implemented without making the user launch the agent instance. Thanks!

newdev42 (Mon, 28 Dec 2020 14:42:36 GMT):
hi Alberto, I believe each user will have their own agent in their mobile wallets, or cloud agent etc.

newdev42 (Mon, 28 Dec 2020 14:42:47 GMT):
(I might be wrong since I'm studying as well)

newdev42 (Mon, 28 Dec 2020 14:43:02 GMT):
you as a web service, will have only one agent, eg. Faber Agent

swcurran (Mon, 28 Dec 2020 16:15:06 GMT):
If now have 1000 (or a billion) Alice agents that are mobile agents, you don't have a problem -- each is on their own device. You would need a mediator to serve those, but a single mediator can serve many mobile agents. If you do want to have 1000 Faber (or Alice) agents running in the cloud, the concept of a multi-tenant wallet was just implemented in ACA-Py. With that, you have one scalable instance of ACA-Py and as many wallets, one per agent in a single data store.

swcurran (Mon, 28 Dec 2020 16:15:06 GMT):
If you have 1000 (or a billion) Alice agents that are mobile agents, you don't have a problem -- each is on their own device. You would need a mediator to serve those, but a single mediator can serve many mobile agents. If you do want to have 1000 Faber (or Alice) agents running in the cloud, the concept of a multi-tenant wallet was just implemented in ACA-Py. With that, you have one scalable instance of ACA-Py and as many wallets, one per agent in a single data store.

albertobr (Mon, 28 Dec 2020 19:04:31 GMT):
Thank you @newdev42 and @swcurran. What I can understand from your comments and from what I read in the course it's the following, you can use Go and .NET frameworks to have the agent in the mobile device (as you both say), but it's not the case, so I'm focusing in the Cloud Agent Model (HTTP API using ACA-Py). If we extend the AliceFaberAcme demo to have 1000 Alices and I develop the application (controller in IP:port) for 1000 Alices, does the following make sense? - Faber: 1 agent / 1 controller (as in the demo) - 1000 Alices: How many ACA-Py instances? (agents) / 1 controller (I'm not sure)? - Acme: 1 agent / 1 controller (as in the demo) As @swcurran comments in the second paragraph, and probably is what I'm looking for, I guess the multi-tenant wallet needs Alice's signature and mine, right? Could be the best solution to my approximation? Thank you very much and sorry if I'm asking naive questions.

albertobr (Mon, 28 Dec 2020 19:04:31 GMT):
Thank you @newdev42 and @swcurran . What I can understand from your comments and from what I read in the course it's the following, you can use Go and .NET frameworks to have the agent in the mobile device (as you both say), but it's not the case, so I'm focusing in the Cloud Agent Model (HTTP API using ACA-Py). If we extend the AliceFaberAcme demo to have 1000 Alices and I develop the application (controller in IP:port) for 1000 Alices, does the following make sense? - Faber: 1 agent / 1 controller (as in the demo) - 1000 Alices: How many ACA-Py instances? (agents) / 1 controller (I'm not sure)? - Acme: 1 agent / 1 controller (as in the demo) As @swcurran comments in the second paragraph, and probably is what I'm looking for, I guess the multi-tenant wallet needs Alice's signature and mine, right? Could be the best solution to my approximation? Thank you very much and sorry if I'm asking naive questions.

EtricKombat (Tue, 29 Dec 2020 06:44:03 GMT):
Hi Team , is Indy Catalyst & Aries-vcr same thing?

newdev42 (Tue, 29 Dec 2020 11:01:10 GMT):
what is the most widely used ledger for verifiable credential as of today? (or maybe rephrasing my question: how do I choose a ledger to build my issuer app? in case I want to issue credentials to businesses?) -- I know of the existence of Sovrin, VON, and aside from multipurpose blockchains like (btc, eth, eos etc) I'm also seeing these new sidetrees projects (eg. ION).

newdev42 (Tue, 29 Dec 2020 11:01:10 GMT):
what is the most widely used ledger for verifiable credentials as of today? (or maybe rephrasing my question: how do I choose a ledger to build my issuer app? in case I want to issue credentials to businesses?) -- I know of the existence of Sovrin, VON, and aside from multipurpose blockchains like (btc, eth, eos etc) I'm also seeing these new sidetrees projects (eg. ION).

newdev42 (Tue, 29 Dec 2020 11:02:54 GMT):
also I'm not sure if my question makes a 100% sense. I'm imagining the verifiers will trust a single ledger... but it might be the case that the verifiers use universal resolvers?

newdev42 (Tue, 29 Dec 2020 11:03:16 GMT):
(sorry if the questions are dumb, still learning about the whole ssi/dif ecosystem)

daidoji (Tue, 29 Dec 2020 23:42:53 GMT):
I think that depends on how you measure it. ETH and BTC are probably more likely to be along in the long run because of their multi-purpose uses but those of us here think that identity centric ledgers and private ledgers have enough going for them that they'll be an option too. Something will eventually gain hegemony I bet (a la TLS and oauth2 federations being largely implemented in the same stacks) but the whole point of Aries and even Hyperledger Indy is allow those that need to run their own public/private chain to be able to do so.

zossimov (Wed, 30 Dec 2020 08:06:42 GMT):
Hello, I'm working on Credential Revocation. Everything is working fine, am able to Revoke the Credentials and the status changed to '4'. I have two questions. 1) On Issuer side, the Credential Status is 4 (Revoked), but on Holder/Prover side, it's still 3 (Issued). Why? 2) When Verifier Creates a Proof Request, I also added the `Nonrevoked` Time Interval. Like normally, Prover sends a Presentation Proof response, and the credentials verified normally. Why? ``` NonRevoked = new RevocationInterval { From = 0, To = now } ```

swcurran (Wed, 30 Dec 2020 14:58:42 GMT):
Revocation is a unilateral act by the issuer, and there is no notification to the holder -- that would have to be a separate step, and there is talk of an Aries protocol to do that.

zossimov (Wed, 30 Dec 2020 14:59:52 GMT):
But if I want to update the Holder, that his/her credentials are revoked, then how will I achieve this?

swcurran (Wed, 30 Dec 2020 15:01:54 GMT):
Not sure about the example you are trying and what went wrong. One thing you should do is change the interval to `from=now()` and `to=now()`, The semantics of interval is very tricky to understand.

zossimov (Wed, 30 Dec 2020 15:03:45 GMT):
`var now = (uint)DateTimeOffset.Now.ToUnixTimeSeconds();`

zossimov (Wed, 30 Dec 2020 15:04:19 GMT):
I'm working on aries .net framework. now() isn't working..

swcurran (Wed, 30 Dec 2020 15:04:20 GMT):
Yes --- that's what I meant -- set the from and to both to that value.

zossimov (Wed, 30 Dec 2020 15:04:48 GMT):
thanks and what do u mean by the above statement "that would have to be a separate step, and there is talk of an Aries protocol to do that."

zossimov (Wed, 30 Dec 2020 15:05:18 GMT):
which Protocol is used to update the Holder Credential State?

swcurran (Wed, 30 Dec 2020 15:05:49 GMT):
Re: intervals -- see this: https://github.com/hyperledger/indy-hipe/tree/master/text/0011-cred-revocation#proof-of-non-revocation-intervals

swcurran (Wed, 30 Dec 2020 15:08:36 GMT):
Currently, there is no protocol to update the Holder Credential State (AFAIK). This protocol has been proposed - -https://github.com/hyperledger/aries-rfcs/tree/master/features/0183-revocation-notification, but is not implemented.

swcurran (Wed, 30 Dec 2020 15:09:31 GMT):
One of the wallets (estatus, I believe) is checking the ledger to see if a credential has been revoked and flagging it. It is their own implementation, and AFAIK, no other agent is doing that yet.

swcurran (Wed, 30 Dec 2020 15:15:28 GMT):
Yes --multi-tenant wallets are what you want. That feature has recently (this month) been added to ACA-Py -- without a lot of docs. The Alice-Faber demo does support the multi-tenant option, so you can look at that code to see examples. More docs to come...

RazaDen (Wed, 30 Dec 2020 15:17:31 GMT):
Hello everyone! Is it possible to use Aries SDKs to do credential issuance and revocation without going through the ledger? I believe this relates to the whole correlatable vs uncorrelatable credentials discussion. If we look at simple use cases, such as the password-less login on a web site, I believe this makes sense. In this case, the "web site" owner gives you a credential for logging in to her web portal after you perform some kind of registration step etc. Hopefully my description makes sense. Can we do this with Aries SDKs or we need to develop it on our own?

swcurran (Wed, 30 Dec 2020 15:20:02 GMT):
I don't understand what you mean. If the website is the issuer and the verifier, you can just use DIDComm without verifiable credentials if you don't need to know anything about the user and just need to verify it's the same person each time.

zossimov (Wed, 30 Dec 2020 15:20:06 GMT):
thanks for helping. I'm looking into aries .net framework to see if they added anything to update the holder about revocation, but seems like nothing is done yet. any idea of how I can achieve it (with already available protocols?)

swcurran (Wed, 30 Dec 2020 15:22:49 GMT):
You can add a function in the framework to have the holder check the ledger to see if the credential is revoked. We've added that in ACA-Py. But it would basically be a polling solution, or a check-before-using -- not ideal. Basically, you have to call the indy-sdk function to get the revocation state for the cred-def on the ledger and check if the credential you have has been revoked from that data.

RazaDen (Wed, 30 Dec 2020 15:23:57 GMT):
Well, now that you put it that way it makes a lot of sense Stephen. Which DIDComm protocol could we use for that? I guess for the "registration step" we scan a QR code with a connection invitation to connect to the website's ACA-Py agent. Then, when a registered user wants to login, I guess the website displays a QR code with an OOB and checks whether it has a connection with the user's agent or not? If yes, the user can login? Am I on the right track?

swcurran (Wed, 30 Dec 2020 15:32:35 GMT):
Yes. Using OOB, the user's agent would respond with the "reuse" message.

swcurran (Wed, 30 Dec 2020 15:36:11 GMT):
Another idea I've had for this is that the site could issue the user a credential from the site (so you would need credential handling and ledger) and put a unique id in a cookie to the browser associated with the account. On return to the page, the service would see the cookie, find the account and send a proof request to the user for the login.

swcurran (Wed, 30 Dec 2020 15:36:40 GMT):
In theory, this could be done without a VC, but there has to be something that the user sees and responds to on their phone/agent.

swcurran (Wed, 30 Dec 2020 15:37:08 GMT):
Off-hand, I don't know a non-VC way to trigger that.

RazaDen (Wed, 30 Dec 2020 16:04:51 GMT):
This is an interesting thought exercise. Maybe it would be better to come up with a protocol, based on top of standard Aries messaging, to implement this use case. I think that via simple signatures and typical challenge-response we can make this work pretty well. Like, when the user registers on the website, the user gets back some kind of digitally signed token of some form that can be used as a type of "login credential" (not in the VC sense). Then, when a registered user wants to login, the website and the user (via their agents) do a challenge-response flow where the user has to prove that he was "issued" a token by the website. The website checks its database to see that the "login credential" of the user has not been revoked (for w/e reason) and acts accordingly. Seems like that would work :slight_smile:

vosrey (Wed, 30 Dec 2020 21:34:14 GMT):
Has joined the channel.

ghabxph (Thu, 31 Dec 2020 16:47:09 GMT):
Has joined the channel.

swcurran (Tue, 05 Jan 2021 00:57:12 GMT):
Hey folks -- a reminder that applications for this open source bounty close this Friday. BC Gov has launched a Code With Us (open source bounty) for adding W3C Standard VCs with ZKP and Selective Disclosure using BBS+ to ACA-Py for $60k CDN. Please apply if you are interested and share this with folks you know that might be interested in applying for this work. https://digital.gov.bc.ca/marketplace/opportunities/code-with-us/3f9f0e86-b8bf-47ee-9f3d-5b272f9ec845

alvaradojl (Tue, 05 Jan 2021 08:04:45 GMT):
Hello! I was wondering if someone of you folks could help me with this question? https://stackoverflow.com/questions/65574974/whats-the-method-in-libindy-to-create-a-credential-proposal basically I cannot find the method in libindy to create a credential-proposal in the same way I found the create credential-offer for example so I'm wondering what does it take to create this object, I'm using libindy sdk and a custom python wrapper on top of it, but i want to be aries-compliant

sklump (Tue, 05 Jan 2021 11:18:03 GMT):
The proposal is an optional part of Aries RFC 36, which came about after libindy, to accommodate the possibility of the (prospective) holder initiating the interaction as some systems might do. Indy does not use a proposal; the issuer always initiates. Since there is nothing cryptographic in the proposal, there is no need to visit libindy nor its libursa cryptographic library; e.g., https://github.com/hyperledger/aries-cloudagent-python/blob/2bcb075dc7f2d27a91234df5a15acc191eb971d9/aries_cloudagent/protocols/issue_credential/v1_0/messages/credential_proposal.py#L23

alvaradojl (Tue, 05 Jan 2021 13:39:29 GMT):
thanks @sklump

thomas_kim (Wed, 06 Jan 2021 04:27:12 GMT):
Has joined the channel.

ajayjadhav (Wed, 06 Jan 2021 10:40:32 GMT):
Hello all, I want to share another interesting news from AyanWorks about a tiny contribution from our mighty team - *We have open sourced the ARNIMA Flutter SDK (Aries Mobile Agent SDK for Google Flutter)*

ajayjadhav (Wed, 06 Jan 2021 10:40:48 GMT):
Find more details here: https://ayanworks.medium.com/announcing-arnima-fl-open-source-aries-flutter-mobile-agent-sdk-d3483744ffc8

ajayjadhav (Wed, 06 Jan 2021 11:42:03 GMT):
Look forward to your feedback and contributions.. :blush:

gagepoulson (Wed, 06 Jan 2021 15:19:40 GMT):
Has joined the channel.

cnokello (Thu, 07 Jan 2021 10:47:43 GMT):
Has joined the channel.

cnokello (Thu, 07 Jan 2021 10:47:44 GMT):
Hi @all. I'm new here and to Aries. I'm following this https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AriesOpenAPIDemo.md. I'm trying to establish a connection between `Faber` and `Alice`. I've executed `/out-of-band/create-invitation` from Faber successfully. Also executed `/out-of-band/receive-invitation` from Alice successfully. But I'm now stuck here. I've tried executing `/connections/{conn_id}/accept-invitation` from Alice with conn_id from previous step unsuccessfully. It seems I'm missing something. And from the look of it, it seems the documentation is out of date. Any idea how I can proceed from here? Thank you in advance. FYI: I'm running everything in docker in my local machine.

cnokello (Thu, 07 Jan 2021 11:44:28 GMT):
I made some noob mistakes; I didn't clear default payload when attempting to create a new invitation. Clearing the default payload got rid of the issues. So, this is now resolved.

ArdianAbazi (Fri, 08 Jan 2021 15:51:55 GMT):
Has joined the channel.

albertobr (Fri, 08 Jan 2021 18:10:46 GMT):
Hi, I'm reading about attachments on Aries and I would like to see an example or the specific code in where some data is attached. In the RFC doc: https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0017-attachments we can see two possible implementations, but I'm not able to find the specific part of code in the ACA-Py implementation. To sum up, I don't understand where to include the examples provided in the RFC since in the OpenAPI I don't see anything related to sending data. Can someone guide me on where to find a complete example or how and where to include the examples of the RFC? Thank you very much!

sklump (Fri, 08 Jan 2021 19:16:13 GMT):
https://github.com/hyperledger/aries-cloudagent-python/blob/04613473a993518aea9d8e024d7318e0583d92c7/aries_cloudagent/protocols/present_proof/v1_0/manager.py#L150 where it gets dumped on key `request_presentations~attach` because https://github.com/hyperledger/aries-cloudagent-python/blob/04613473a993518aea9d8e024d7318e0583d92c7/aries_cloudagent/protocols/present_proof/v1_0/messages/presentation_request.py#L65

albertobr (Sat, 09 Jan 2021 10:57:43 GMT):
Thank you @sklump. From what I can see in the code (probably I wouldn't be capable of integrating it in an application because I don't understand really well the code and I don't know if I need to import this code in my agent or something similar (sorry because I'm learning how Aries work in many aspects...)) and in the examples. The attachment is included in the presentation, so it's supposed to be small data like images or some kb of information, no? What about transferring more than 100mb of data, it is possible using Aries? It is better to consider alternative methods? From what I've read in the RFC doc I think so, because there are several privacy and security considerations, and probably the protocol is not prepared for such quantity of information. Thank you very much!

albertobr (Sat, 09 Jan 2021 10:58:24 GMT):
Thank you @sklump. From what I can see in the code (probably I wouldn't be capable of integrating it in an application because I don't understand really well the code and I don't know if I need to import this code in my agent or something similar (sorry because I'm learning how Aries work in many aspects...)) and in the examples. The attachment is included in the presentation, so it's supposed to be small data like images or some kb of information, no? What about transferring more than 100mb of data, it is possible using Aries? It is better to consider alternative methods? From what I've read in the RFC doc I think so, because there are several privacy and security considerations, and probably the protocol is not prepared for such quantity of information. Thank you very much!

albertobr (Sat, 09 Jan 2021 10:58:24 GMT):
Thank you @sklump . From what I can see in the code (probably I wouldn't be capable of integrating it in an application because I don't understand really well the code and I don't know if I need to import this code in my agent or something similar (sorry because I'm learning how Aries work in many aspects...)) and in the examples. The attachment is included in the presentation, so it's supposed to be small data like images or some kb of information, no? What about transferring more than 100mb of data, it is possible using Aries? It is better to consider alternative methods? From what I've read in the RFC doc I think so, because there are several privacy and security considerations, and probably the protocol is not prepared for such quantity of information. Thank you very much!

wip-abramson (Sat, 09 Jan 2021 14:47:03 GMT):
Hey @albertobr, this repo contains an example of a basic attachment protocol that can be used to send images. https://github.com/OpenMined/PyDentity. See libs/attachment-protocol for the code and tutorials/attachment for a notebook demo using it to send an image (or any file) between two agents. Not tested file sizes though

albertobr (Sun, 10 Jan 2021 10:49:22 GMT):
Thank you very much @wip-abramson . I will check the code and then try to test this repo.

albertobr (Sun, 10 Jan 2021 10:49:22 GMT):
Thank you very much @wip-abramson . I will check the code and then try to test this repo. I am afraid that probably, as I read, the recommendation it's to use this kind of attachment for small files.

wip-abramson (Mon, 11 Jan 2021 11:45:09 GMT):
Hey, I have been going over some literature on attribute based credentials which I consider aries/indy/ursa to be an instantiation of. It seems to me there is a clear divergence in the way pseudonyms are handled. Specifically the literature discusses being able to generate pseudonyms from the link secret and supports optional scope-binding (one pseudonym per a given domain) and key-binding (proving that the credential(s) you present have the same secret as the one used to generate the pseudonym you are known by) (See https://hal.inria.fr/hal-01470502/document section 3). Whereas aries uses peer DID's based on a public/private key pair. Have there been any discussions around this, I couldn't see any rfcs covering it. I am especially interested in how scope-binding can be achieved. Thanks

da3v21 (Mon, 11 Jan 2021 18:31:49 GMT):
Has joined the channel.

etaleo (Tue, 12 Jan 2021 16:00:22 GMT):
A few questions regarding https://www.w3.org/TR/did-core - What is the controller property in the verification method and why does it need to be there? (Why is the top level controller property not "sufficient"?) - How exactly is the controller property in the top level did document used? Can they change the whole DID document of the subject? (Only when they provide an authentication (?) verification relationship?)

albertobr (Tue, 12 Jan 2021 19:21:28 GMT):
Hi, I'm trying to modify the AcmeDemoWorkshop from: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AcmeDemoWorkshop.md, specifically the line: `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` (which I don't understand quite well), but I want to use the forms proposed here: https://github.com/hyperledger/aries-cloudagent-python/issues/175. I don't know if I'm doing something wrong, but when I do the following change in where I only want to verify the name in the proof as a requested attribute (same thing as the OP in the issue): `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` into: `"requested_attributes": [ { "name": "name", "value": "Alice Jones" } ],` I'm getting the error: `2021-01-12 19:03:46,233 aries_cloudagent.admin.server ERROR Handler error with exception: Unprocessable Entity ... Exception: Error: {"proof_request": {"requested_attributes": ["Not a valid mapping type."]}}` What I'm doing wrong? It is necessary to use f strings? What is the correct syntax to verify only one of the attributed and not all? Thank you very much!

albertobr (Tue, 12 Jan 2021 19:21:28 GMT):
Hi, I'm trying to modify the AcmeDemoWorkshop from: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AcmeDemoWorkshop.md, specifically the line: `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` (which I don't understand quite well), but I want to use the forms proposed here: https://github.com/hyperledger/aries-cloudagent-python/issues/175. I don't know if I'm doing something wrong, but when I do the following change in where I only want to verify the name in the proof as a requested attribute (same thing as the OP in the issue): `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` into: `"requested_attributes": [ { "name": "name", "value": "Alice Jones" } ],` I'm getting the error: `2021-01-12 19:03:46,233 aries_cloudagent.admin.server ERROR Handler error with exception: Unprocessable Entity` ... `Exception: Error: {"proof_request": {"requested_attributes": ["Not a valid mapping type."]}}` What I'm doing wrong? It is necessary to use f strings? What is the correct syntax to verify only one of the attributed and not all? Thank you very much!

albertobr (Tue, 12 Jan 2021 19:21:28 GMT):
Hi, I'm trying to modify the AcmeDemoWorkshop from: https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/AcmeDemoWorkshop.md, specifically the line: `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` (which I don't understand quite well), but I want to use the forms proposed here: https://github.com/hyperledger/aries-cloudagent-python/issues/175. I don't know if I'm doing something wrong, but when I do the following change in where I only want to verify the name in the proof as a requested attribute (same thing as the OP in the issue): `"requested_attributes": { f"0_{req_attr['name']}_uuid": req_attr for req_attr in req_attrs }` into: `"requested_attributes": [ { "name": "name", "value": "Alice Jones" } ],` I'm getting the error: `2021-01-12 19:03:46,233 aries_cloudagent.admin.server ERROR Handler error with exception: Unprocessable Entity` ... `Exception: Error: {"proof_request": {"requested_attributes": ["Not a valid mapping type."]}}` What I'm doing wrong? It is necessary to use f strings? What is the correct syntax to verify only one of the attributed and not all? I've been trying to modify the line in order to get a succesful result, but I've not been able. Thank you very much!

andrew.whitehead (Tue, 12 Jan 2021 19:27:22 GMT):
You are using a list instead of a dict there. You probably want something like `"requested_attributes": { "name_attr": { "name": "name", "value": "Alice Jones" } }`

albertobr (Tue, 12 Jan 2021 20:07:22 GMT):
Thank you @andrew.whitehead , now I see! Here I found the same as you wrote: https://github.com/hyperledger/aries-cloudagent-python/issues/420

albertobr (Tue, 12 Jan 2021 20:07:55 GMT):
Thank you @andrew.whitehead , now I see! Here I found the same as you wrote: https://github.com/hyperledger/aries-cloudagent-python/issues/420

albertobr (Tue, 12 Jan 2021 20:07:55 GMT):
Thank you @andrew.whitehead , now I see! Here I found the same syntax as you wrote: https://github.com/hyperledger/aries-cloudagent-python/issues/420

albertobr (Tue, 12 Jan 2021 20:07:55 GMT):
Thank you @andrew.whitehead , now I see it! Here I found the same syntax as you wrote: https://github.com/hyperledger/aries-cloudagent-python/issues/420

coffeethecup (Wed, 13 Jan 2021 10:29:11 GMT):
Has joined the channel.

mtfk (Wed, 13 Jan 2021 12:57:16 GMT):
Hello, everyone, Happy new year. We are back in new year with our Aries morning call, which would start today at 4pm CET. Today we would guests from https://source.network and we would talk about decentralized storage solutions. Hope you had enough time to recover from holiday mode and we would see each other on the call. Details as always on our wiki page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41590026

natamok (Wed, 13 Jan 2021 13:16:27 GMT):
Has joined the channel.

natamok (Wed, 13 Jan 2021 13:16:28 GMT):
Hi i am very new to Hyperledger indy and developing a identity verification system where i issue personal info from web application form and store in hyperledger indy and later will be verify through searching unique ID . If someone very kind to give the all necessary step too store parameter to indy..Thanks in advance

swcurran (Wed, 13 Jan 2021 16:22:23 GMT):
It sounds like you don't have a good handle on how Indy works. You might want to take a look at how Indy works -- what goes on the ledger and what goes to the credential holder and verifier. Perhaps check out this course -- chapter 1: https://www.edx.org/course/becoming-a-hyperledger-aries-developer

agrawalaman (Wed, 13 Jan 2021 18:56:41 GMT):
Has joined the channel.

agrawalaman (Wed, 13 Jan 2021 19:02:19 GMT):
Hey! I am new to all the SSI components using blockchain. I have taken up the course "Introduction to Hyperledger Sovereign Identity Blockchain Solutions: Indy, Aries & Ursa" on edx and now I am more interested in working on an actual project, i am possibly thinking to develop the transcript verification system shown in the demo. But i am little confused about how should i proceed. Do i need to know about how to build a blockchain like bitcoin/ethereum or any decentralised app or i can start with indy and aries right from the beginning? Also can someone guide me on how. do I actually start coding the software on my own? What resources can i refer and what programming knowledge would i require?

swcurran (Wed, 13 Jan 2021 20:38:48 GMT):
Best approach to start coding I think (since I'm a co-author) is:

swcurran (Wed, 13 Jan 2021 20:38:52 GMT):
https://www.edx.org/course/becoming-a-hyperledger-aries-developer

swcurran (Wed, 13 Jan 2021 20:39:19 GMT):
It has a pile of labs that walk through developer tasks.

jloureiro (Wed, 13 Jan 2021 21:36:03 GMT):
Has joined the channel.

mccown (Wed, 13 Jan 2021 21:37:34 GMT):
The Identity Implementer's WG is meeting tomorrow morning (Jan 14th @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. For our presentation, Patrik Stas (@PatrikStas) will provide an introduction to the Indyscan project and how it helps monitor the health and security of Indy-based ledgers. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2021-01-14+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

agrawalaman (Thu, 14 Jan 2021 04:58:26 GMT):
Thanks Stephen for the help. On my other question, do i actually need to know how to build a blockchain first?

HarshMultani (Thu, 14 Jan 2021 06:32:24 GMT):
Has joined the channel.

wip-abramson (Thu, 14 Jan 2021 11:25:42 GMT):
Have people read this - https://ieeexplore.ieee.org/abstract/document/9031545? Seems to me there are some misunderstandings/misrepresentations of the crypto. Especially around commitments to link secrets being decryptable at some point in the future. That said the proxy forwarding of proofs seems feasible under the current stack. Without linkage between a pseudonym and a presentation through the same secret what assurances does the Verifier have that the ZKP proof was generated by me and not my friend?

daidoji (Thu, 14 Jan 2021 14:18:12 GMT):
well their is a linkage isn't there? F(link secret) <-> did that your friend uses that you've verified out of band. where F is a function that takes a link secret and generates key pairs

daidoji (Thu, 14 Jan 2021 14:18:12 GMT):
well there is a linkage isn't there? F(link secret) <-> did that your friend uses that you've verified out of band. where F is a function that takes a link secret and generates key pairs

daidoji (Thu, 14 Jan 2021 14:19:22 GMT):
errr maybe I have that backwards, for some reason I thought you were asking about assuring your friends identity but you were asking about how your friend would assure yours

daidoji (Thu, 14 Jan 2021 14:25:04 GMT):
I didn't read the paper yet though so maybe I'm misunderstanding the question.

mccown (Thu, 14 Jan 2021 16:00:04 GMT):
The Identity Implementer's WG is starting (9am MT / 4pm UTC). Today, Patrik Stas will be giving an intro to the Indyscan project and how it helps monitor the health and security of Indy-based ledgers. Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

swcurran (Thu, 14 Jan 2021 16:06:27 GMT):
No -- definitely not. Start at the top of the stack -- building applications for digital identity/trust over IP. Understand why the ledger is there, and how to use it -- but no need to know how it works, unless (a) you really, really want to, or (b) you want to contribute to building the ledger.

wip-abramson (Thu, 14 Jan 2021 16:28:13 GMT):
Interesting, you understand correctly I think. So in the current implementation the keys used in did exchange are created from the link secret. And do all presentations of credentials also prove that the link secret within the credential is the same as the one used to create the key for the did? It is not clear to me that this happens, but would be great if it does

TelegramSam (Thu, 14 Jan 2021 16:32:54 GMT):
Call recording from yesterday's B call posted. Main topic was did:key's inability to present both an encryption key and a signing key, and what we ought to do about it. https://wiki.hyperledger.org/pages/viewpage.action?pageId=41590216

daidoji (Thu, 14 Jan 2021 16:33:51 GMT):
Right, from what I understand F(link secret) -> key pair. the key pair is associated with a did. Presentations are signed with that key pair. If someone compromises the key pair they could compromise that particular conversation, but if your friend holds the link secret they should be able to generate more key pairs that you can use to make sure they hold the link secret.

TelegramSam (Thu, 14 Jan 2021 16:35:18 GMT):
Here is a long-form response to that article, by @danielhardman : https://dhh1128.github.io/zkpcreds/trust-paradox-rebuttal.html

TelegramSam (Thu, 14 Jan 2021 16:36:08 GMT):
Section 4 will be relevant to your question. :)

wip-abramson (Thu, 14 Jan 2021 16:49:58 GMT):
Great thanks!

wip-abramson (Thu, 14 Jan 2021 16:52:25 GMT):
Although I am still interested in the question: Does the hyperledger stack prove binding between DIDs used for DIDComm and credential presentations?

danielhardman (Thu, 14 Jan 2021 17:42:06 GMT):
@wip-abramson One challenge with answering your final question is that there are many Hyperledger stacks, and they use different credential technologies and DID methods. I will speak to Hyperledger Indy, which is the Hyperledger Indy stack I know best. But my answer won't be accurate for Hyperledger stacks that use Ethereum and public DIDs for VCs, for example. What is embedded in a Hyperledger Indy ZKP-oriented credential, at issuance time, is a Pedersen Commitment (you can study these on Wikipedia) to a link secret. This is NOT an encryption of the link secret. Nor is it a key derived from the link secret. The commitment is represented by the formula g^x*h^r in a modular field, where g and h are generators, x is the link secret, and r is a randomly chosen blinding factor. When a credential is used later, part of the proof is to show that the holder of the credential knows the link secret. This is done by generating a new numeric expression that derived from the same link secret as the commitment in the issued credential. The original commitment is not simply revealed; rather, a mathematical relationship between the unrevealed commitment in the issued cred and the new expression chosen by the holder is proved. This binds the holder to the credential on the basis that the holder knows a secret that only the holder of the credential is supposed to know. This is quite similar to binding the holder to a DID in the credential (a technique that ZKP-oriented credentials support but that is rarely used because it adds no extra value). The similarity is that binding to DIDs is also based on knowledge of a secret -- the private key of the DID controller. In addition to the crypto of the actual proving, in Hyperledger Indy (all vendor stacks I know of) and most of the other Hyperledger stacks, the whole proving conversation takes place over DIDComm. This means that the prover has ALSO used authenticated encryption to prove that they are the owner of a DID. The net effect is that the prover is simultaneously bound to the credential(s) by link secrets, and to the relationship with the verifier by DIDs. HTH

daidoji (Thu, 14 Jan 2021 18:14:57 GMT):
@danielhardman oh thanks, that's a very helpful explanation. (even though I wasn't the original queryer)

wip-abramson (Thu, 14 Jan 2021 19:47:15 GMT):
Thanks Daniel, this is great and your rebuttal of the paper I linked is very thorough. Much appreciated. I actually know the cryptography behind privacy ABC's relatively well and am very much an advocate/admirer of what has been achieved in Indy over the years. I am just a bit confused about how DIDs in DIDComm diverge from pseudonyms in the literature. Pseudonyms are generated from the link secret as a commitment, they can be provable bound to a credential. I.e this nym you know me by was created from the same link secret as the secrets in the credentials I used to create the proof I am presenting. They also include mechanisms that ensure a link secret can only produce a single pseudonym per defined domain. DIDs in DIDComm are (I think) created from a key pair. Is this associated to the link secret as @daidoji mentions. I didn't think they were. These give you authenticated encryption but it is not entirely clear to me how they achieve credential or domain binding features. So in theory I could establish a connection using DIDComm using secrets in my wallet, but forward proof requests to a friend and respond using a proof they generated for me. I recognize this is hard and you discuss it in detail along with mitigations in your write up. I am more interested in the decision to move away from pseudonyms, because both credential binding and domain binding as described seem like useful features that are not obviously possible today. Or maybe I am still missing something. Thanks

prakharsr (Fri, 15 Jan 2021 07:38:08 GMT):
Hi everyone, I'm working on a project that focuses on blockchain and IoT integration using Hyperledger Aries and BeagleBone Black. I got everything working and my aries cloud agent deployed on my beaglebone and communicating with the host machine cloud agent and sending it sensor values. Now, I want to test the performance metrics of Aries Communication Protocol and Hyperledger Aries vs current communication protocols(MQTT, CoAP, XMPP, Matrix etc.) and blockchains (Public & Private). Can anybody help me with existing research in benchmarking Aries using Caliper or provide links that may help me. Any existing connector to Caliper?

prakharsr (Fri, 15 Jan 2021 07:38:08 GMT):
Hi everyone, I'm working on a research project that focuses on blockchain and IoT integration using Hyperledger Aries and BeagleBone Black. I got everything working and my aries cloud agent deployed on my beaglebone and communicating with the host machine cloud agent and sending it sensor values. Now, I want to test the performance metrics of Aries Communication Protocol and Hyperledger Aries vs current communication protocols(MQTT, CoAP, XMPP, Matrix etc.) and blockchains (Public & Private). Can anybody help me with existing research in benchmarking Aries using Caliper or provide links that may help me. Any existing connector to Caliper?

George_Sujarae (Fri, 15 Jan 2021 08:28:54 GMT):
Has joined the channel.

George_Sujarae (Fri, 15 Jan 2021 08:28:55 GMT):
Hi, it is probably a simple question but I cannot find a clear explaination on it. That is, in VC context, what is the different between a schema and a credential definition? Do we need both to create a credential?

wip-abramson (Fri, 15 Jan 2021 09:49:13 GMT):
A schema defines the structure of the credential, it's attributes & name. Wheras a credential definition is a public key enabling a specific entity to sign credentials based on the schema. One schema can have many cred_defs. I.e. many different entities can issue the same schema using their own unique issuance key.

wip-abramson (Fri, 15 Jan 2021 09:49:32 GMT):
I also always find this useful to actually see what these things look like on the ledger - https://indyscan.io/txs/SOVRIN_MAINNET/domain

George_Sujarae (Fri, 15 Jan 2021 13:05:50 GMT):
Thanks for the explaination...and is it also possible for a credential definition to contain many schemas too?

wip-abramson (Fri, 15 Jan 2021 13:26:38 GMT):
No. A credential def is a public key for a single schema. It is possible for presentations to contain attributes from multiple credential schema. To verify public keys (cred defs) for each schema would be required.

George_Sujarae (Fri, 15 Jan 2021 13:54:38 GMT):
Clear...thanks

TelegramSam (Sat, 16 Jan 2021 00:40:06 GMT):
Related to this week's B WG call: https://github.com/decentralized-identity/peer-did-method-spec/pull/26

TelegramSam (Sat, 16 Jan 2021 00:40:16 GMT):
@george.aristy ^

agrawalaman (Sat, 16 Jan 2021 16:40:27 GMT):
Aha thanks for this.

RicardoPeixoto (Sat, 16 Jan 2021 20:13:04 GMT):
Hi, can someone help me understand the need for mediators? What are the advantages of using a mediator over a relay (besides herd hosting)?

windley (Sun, 17 Jan 2021 16:53:51 GMT):
Has joined the channel.

swcurran (Mon, 18 Jan 2021 14:41:09 GMT):
For mobile wallet apps, mediators are needed as an endpoint for the mobile app, as you can't have a public endpoint on a mobile device. The mediator is also used to queue the messages for a mobile wallet when the wallet is offline.

etaleo (Mon, 18 Jan 2021 17:06:41 GMT):
A few questions regarding https://www.w3.org/TR/did-core (again, with an additional question) - What is the controller property in the verification method and why does it need to be there? (Why is the top level controller property not "sufficient"?) - How exactly is the controller property in the top level did document used? Can they change the whole DID document of the subject? (Only when they provide an authentication (?) verification relationship?) - How would you realize a scenario in which multiple controllers may only act *together*? (As far as I understand, every controller listed in the controller property may act on its own)

etaleo (Mon, 18 Jan 2021 17:06:41 GMT):
A few questions regarding https://www.w3.org/TR/did-core (again, with an additional question) - What is the controller property in the verification method and why does it need to be there? (Why is the top level controller property not "sufficient"?) - How exactly is the controller property in the top level did document used? Can they change the whole DID document of the subject? (Only when they provide an authentication (?) verification relationship?) - How would you realize a scenario in which multiple controllers may only act *together* (e.g. by 66% majority rule)? (As far as I understand, every controller listed in the controller property may act on its own)

action-sj (Tue, 19 Jan 2021 06:09:34 GMT):
Has joined the channel.

enroll7 (Tue, 19 Jan 2021 12:07:26 GMT):
Has joined the channel.

lijiachuan (Tue, 19 Jan 2021 14:42:12 GMT):
Hi Team, I have one question would like to have your suggestion, if I want to build one multi-tenancy agent which can create one wallet for one entity(Company/Individual/Thing), whether ACA-Py is one option I can choose? As I know ACA-Py is proper for an enterprise agent which only service for one entity. So any idea? Thanks in advance.

daidoji (Tue, 19 Jan 2021 14:56:54 GMT):
@lijiachuan I think multi-tenancy is being worked on in acapy and already exists in real world deployments. #aries-cloudagent-python can give you more details I'm sure.

lijiachuan (Tue, 19 Jan 2021 14:57:43 GMT):
Thanks for this information, I will raise this question in that channel.

zossimov (Tue, 19 Jan 2021 16:46:00 GMT):
Hi all, @swcurran, we are working on Credential Level feature. For which we want to add an attribute in Schema. We have some concerns: 1) Is adding more and more attributes in schema a good idea? Talking in sense of Scalability. 2) Of course, the levels will be updated with time-to-time, is doing transactions (adding, updating) makes a load on ledger? 3) And or these things stores directly on ledger? or just in wallet? Thanks

george.aristy (Tue, 19 Jan 2021 21:39:15 GMT):
@TelegramSam @swcurran @danielhardman do we need to set time on tomorrow's call to discuss this proposal?

swcurran (Tue, 19 Jan 2021 22:00:28 GMT):
i'm not available tomorrow for the call -- maybe there for the last half hour, but not the first. I would like to progress on AIP 2.0 definition -- ironing out the last issues.

george.aristy (Tue, 19 Jan 2021 22:01:30 GMT):
How do you propose we do that?

george.aristy (Tue, 19 Jan 2021 22:01:55 GMT):
We haven't talked about a common credential request language for interop, for example.

swcurran (Tue, 19 Jan 2021 22:49:25 GMT):
Someone with expertise in that needs to step up. Indy already has that, so that's a given. What other solutions are there? I think BBS+ has that. Is something more needed?

george.aristy (Tue, 19 Jan 2021 22:50:03 GMT):
You are probably confusing BBS+ for something else.

george.aristy (Tue, 19 Jan 2021 22:50:09 GMT):
BBS+ is more like a special VC format.

george.aristy (Tue, 19 Jan 2021 22:50:25 GMT):
I'm referring to credential *request* language

george.aristy (Tue, 19 Jan 2021 22:50:44 GMT):
or "proof request" language if you will

swcurran (Tue, 19 Jan 2021 22:51:08 GMT):
Proof request language is DIF PE

swcurran (Tue, 19 Jan 2021 22:51:44 GMT):
Using that as a prerequisite to being issued a credential is two transactions, which I think is OK.

swcurran (Tue, 19 Jan 2021 22:51:57 GMT):
But there is a 500 message W3C email chain about that :-)

george.aristy (Tue, 19 Jan 2021 22:52:32 GMT):
Correct. We have RFC0510 that makes use of it as an attachment format for present-proof V2.

george.aristy (Tue, 19 Jan 2021 22:52:38 GMT):
but it's not in AIP 2.0 yet.

swcurran (Tue, 19 Jan 2021 22:52:52 GMT):
OK - suggest you propose adding it.

swcurran (Tue, 19 Jan 2021 22:53:02 GMT):
Raise on the call tomorrow?

george.aristy (Tue, 19 Jan 2021 22:53:19 GMT):
I have - not added yet. In what format and venue shall I make a request to add it to the list?

swcurran (Tue, 19 Jan 2021 22:54:25 GMT):
The Aries WG Call

swcurran (Tue, 19 Jan 2021 22:54:40 GMT):
Add to my PR?

swcurran (Tue, 19 Jan 2021 22:54:47 GMT):
I've got DIF PE in already.

george.aristy (Tue, 19 Jan 2021 22:55:05 GMT):
RFCs 0510 and 0511 are considered in this presentation: https://docs.google.com/presentation/d/1trbAnVLomRr5TjUBC0U9N8bbiaahmPmTBeIYzWaDBj8/edit#slide=id.gae9f8356e0_0_133

george.aristy (Tue, 19 Jan 2021 22:55:21 GMT):
Yet they didn't make it to your PR for some reason: https://github.com/hyperledger/aries-rfcs/pull/579/files

swcurran (Tue, 19 Jan 2021 22:55:36 GMT):
Add a comment of how they should be added.

swcurran (Tue, 19 Jan 2021 22:56:12 GMT):
I referenced them indirectly, not directly. I didn't think about how vs. trying to keep them out.

george.aristy (Tue, 19 Jan 2021 22:57:41 GMT):
Comment added.

danielhardman (Tue, 19 Jan 2021 23:54:40 GMT):
We certainly could. I will be there and would be happy to discuss if people are willing.

mailgourav (Wed, 20 Jan 2021 07:17:45 GMT):
Has joined the channel.

mailgourav (Wed, 20 Jan 2021 09:07:31 GMT):
All,

mailgourav (Wed, 20 Jan 2021 09:38:29 GMT):
All, trying to do some performance testing credentials issuance with revocation registry size as 50K, It is taking approx 3 mins just to create the Credentials Definition and then 5 mins just to issue a single credential. So it is too slow. But with no revocation registry credential issuance is almost immediate. I am using aries-cloudagent:py36-1.14-1_0.5.1 and using 4 node Indy VON Network from https://github.com/bcgov/von-network. Wallet database being used here is SQLLite only. The CPU and memory utilization are all with in the limit, don't think it has any thing to do with infra. Any pointers on how to optimize this ?

sklump (Wed, 20 Jan 2021 12:08:59 GMT):
Be sure to compile libindy in release mode - it makes a difference.

swcurran (Wed, 20 Jan 2021 15:31:25 GMT):
Schema are written once per version to the ledger, so the size and number of versions is not really a concern (assuming the number of versions is relatively small in production -- e.g. changing over months or years). The actual issuing of credentials has very little load on the ledger -- reads to get the materials by the parties that haven't cached them, but nothing goes on the ledger as you issue. They are only stored in the wallet. Revocations do go on the ledger, but they can be done in bulk, so in many use cases, there is one per day (for example) vs. continuous.

danielhardman (Wed, 20 Jan 2021 16:36:40 GMT):
@wip-abramson : You are correct that current practice is to derive the DID value from a keypair, and to derive the keypair entirely from entropy in a SRNG. So today, it would be uncommon to have a mathematically provable relationship between a DID value and a link secret. However, deriving the keys of a DID from the link secret has *also* been explored (in conversations in Hyperledger Ursa). The conclusion of those conversations was that this binding could be done with only minor changes to the ecosystem. The DID controller/holder would have to modify how they create DID values, and anybody who wanted to know that the DID controller they're interacting with also knows a particular link secret would have to ask for proof of that fact -- but the basic protocols and data structures would remain the same. Because this was the conclusion of the exploration, we chose to make the stronger binding a roadmap feature rather than build it right away; we think we can introduce it later without a lot of pain.

zossimov (Thu, 21 Jan 2021 07:44:44 GMT):
Thanks for response. But issuing credentials with different levels of authentication, Will it increase the wallet size of the issuer too fast?

x0axz (Thu, 21 Jan 2021 12:29:29 GMT):
Hi, I wanted to run multiple issuers on different servers. The first server is working fine, where the **IssuerDid** is `Th7MpTaRZVRYnPiabds81Y`. For second server, I change the **IssuerDid** to `Th7MpTaRZVRYnPiyxwv92Z`, and when I try to create a schema, it return this msg. ``` { success: false, error: "Ledger operation rejected" } ``` When I change `Th7MpTaRZVRYnPiyxwv92Z` in Genesis file, it returns this msg on Schema creation time. ``` { success: false, error: "The SDK library experienced an unexpected internal error." } ```

x0axz (Thu, 21 Jan 2021 12:29:29 GMT):
Hi, I wanted to run multiple issuers on different servers. The first server is working fine, where the **IssuerDid** is `Th7MpTaRZVRYnPiabds81Y`. For second server, I changed the **IssuerDid** to `Th7MpTaRZVRYnPiyxwv92Z`, and when I try to create a schema, it return this msg. ``` { success: false, error: "Ledger operation rejected" } ``` When I change `Th7MpTaRZVRYnPiyxwv92Z` in Genesis file, it returns this msg on Schema creation time. ``` { success: false, error: "The SDK library experienced an unexpected internal error." } ```

wip-abramson (Fri, 22 Jan 2021 10:23:12 GMT):
Great, thats useful to know thanks Daniel. There is a lot of great ideas in the cryptography that haven't quite worked there way up the stack yet. I am interested to contribute in this area, I guess I should start attending the ursa calls again.

x0axz (Fri, 22 Jan 2021 10:31:46 GMT):
I have multiple issuers on different server, and I have Mobile App as holder, so I need to run mediator on every issuer's server? as I did for pool (add genesis file for every issuer).

x0axz (Fri, 22 Jan 2021 10:31:46 GMT):
I have multiple issuers on different servers, and I have Mobile App as holder. If Mobile has to talk to of these servers, do I need to run mediator on every issuer's server? and then the wallet will be created on every issuer server? as it does for single issuer.

kenty (Fri, 22 Jan 2021 11:30:13 GMT):
Has joined the channel.

mailgourav (Fri, 22 Jan 2021 14:05:01 GMT):
Got it working with the latest Aries release, I see the registry size is restricted to 1000 in the latest version. Thanks

sklump (Fri, 22 Jan 2021 14:48:40 GMT):
It shouldn't be: use `max_cred_num` in `POST /revocation/create-registry` request body. 1000 is the default. Note that tails file creation is expensive and increases with the rev reg size. You may be able to find a larger size you can live with.

sklump (Fri, 22 Jan 2021 14:48:40 GMT):
It shouldn't be: use `max_cred_num` in `POST /revocation/create-registry` request body. 1000 is the default. Note that tails file creation is expensive and increases with rev reg size. You may be able to find a larger size you can live with.

swcurran (Fri, 22 Jan 2021 15:07:38 GMT):
We think 10 to 20k is about the max you want to do. Note that when you run out, ACA-Py automagically rolls over to a new registry and creates a new one, so there is no delay in issuing.

dorinc 1 (Fri, 22 Jan 2021 16:23:03 GMT):
Has joined the channel.

windley (Fri, 22 Jan 2021 20:24:00 GMT):
Someone in my distributed systems class asked for recommendations on a good book or two on cryptography for developers (more about using it than implementing it). Any suggestions?

danielhardman (Fri, 22 Jan 2021 20:41:49 GMT):
@george.aristy : This is a question about the conversation you and @TelegramSam and I have been having re. did:key, extensions to did:peer, and the key-wrapping mechanism that you proposed in your recent PR. After our conversation this last Wednesday, I feel that some of the concerns you are raising need to be discussed with the authors of the did:key method, because they appear to invalidate some of what that method purports to solve. So either they should be alerted and need to address the concerns in some way, or there are aspects of did:key behavior that you and I may not be understanding fully. I think I could get the attention of Dave Longley (who I believe is the main inventor of did:key) and/or Manu Sporny (the method's more visible public proponent) to schedule such a meeting. Do you feel it would be helpful? Also, I believe you were going to write up a summary of your concerns? Have you done that? It might help frame such a discussion in an efficient way...

george.aristy (Fri, 22 Jan 2021 20:47:58 GMT):
@danielhardman I haven't put my concerns in a GitHub issue yet. I will try to do so over the weekend. Do I feel it would be helpful? I don't know - I'm skeptical. I really think the problem is self-evident. But I'm willing to have a quick call about it.

swcurran (Fri, 22 Jan 2021 20:49:44 GMT):
I did contact Manu and the team at Digital Bazaar, but really didn't get far. There was a bit of back and forth and then the chain stopped. We didn't get to it being an issue or not, or whether there was an approach or not.

george.aristy (Fri, 22 Jan 2021 20:51:11 GMT):
It would be nice if people start using curves other than Ed25519 or secp2k1

george.aristy (Fri, 22 Jan 2021 20:51:11 GMT):
It would be nice if people start using curves other than Ed25519 or secp256k1

george.aristy (Fri, 22 Jan 2021 20:51:21 GMT):
These kinds of issues would have come up a long time ago.

swcurran (Fri, 22 Jan 2021 20:52:57 GMT):
BTW - one answer that was mentioned in the response from Manu: ``` Hmm... ed25519 is NIST-approved as of the latest FIPS draft that is expected to be the new NIST-approved draft... but perhaps I'm missing something? ```

danielhardman (Fri, 22 Jan 2021 21:51:20 GMT):
>I'm skeptical. I really think the problem is self-evident. I understand the way that the mathematical transformation in the Edwards curve has allowed a short-cut in our thinking, where a single key can express all the state needed for every possible verification method in a DID doc. What I don't understand is why Sam's PR doesn't solve the problem. It should be possible to declare a secp256k1 did:key, expand the DID doc per its spec, and produce something that doesn't make sense for encryption, only for signing -- but then override the nonsensical encryption key by adding an additional key value that's an encryption key of a different type.

george.aristy (Fri, 22 Jan 2021 22:49:27 GMT):
Try it with P-256.

george.aristy (Fri, 22 Jan 2021 22:50:56 GMT):
I also dispute this: > expand the DID doc per its spec The `did:key` method is under-specified.

george.aristy (Fri, 22 Jan 2021 22:51:54 GMT):
Forget about all tribal knowledge you may have acquired while talking with folks. Just take the text in the spec and try to apply it to P-256, or even secp256k1.

george.aristy (Fri, 22 Jan 2021 22:55:41 GMT):
Can anyone point to normative text in `did:key` that explains in detail the rules of expanding an identifier into a document?

george.aristy (Fri, 22 Jan 2021 22:56:00 GMT):
There isn't any. This is all there is: https://w3c-ccg.github.io/did-method-key/#create

george.aristy (Fri, 22 Jan 2021 22:56:00 GMT):
There aren't any. This is all there is: https://w3c-ccg.github.io/did-method-key/#create

george.aristy (Fri, 22 Jan 2021 22:56:59 GMT):
We have an example showing an Ed25519 key inflated into a did document with its corresponding X25519 key. There is no requirement that the X5519 key needs to be included there.

george.aristy (Fri, 22 Jan 2021 22:57:05 GMT):
And so on and so forth....

swcurran (Fri, 22 Jan 2021 23:04:43 GMT):
So lets work on did:key instead of doing something else.

swcurran (Fri, 22 Jan 2021 23:05:36 GMT):
did:key may not have enough in the spec, but it has lots of recognition and agreement in many places that it's a Good Thing. We know it's incomplete, but use that good will to make it better.

lijiachuan (Sat, 23 Jan 2021 13:52:51 GMT):
Hi All, currently the credential schema is only defined for its claim name, but for each claim's value, I am not sure whether there is a way to define some rules like the value only can be a date type value, number or string. Whether all of this validation needs to be handled from application level. And in real work, if one authority created a new credential schema, how others would know there is a new schema which they can use to create new credential definition, is there any recommendation? Thanks.

sklump (Mon, 25 Jan 2021 14:37:40 GMT):
The credential exchange record gets removed unless `preserve-exchange-records` config setting says otherwise. The credential exchange record tracks the progress of the issue-credential protocol. The credential belongs at the holder, not the issuer: this is the crux of self-sovereign identity. In case of regime change and revanchism, for example, the issuer must not have cryptographically provable evidence of credential issue.

sklump (Mon, 25 Jan 2021 14:37:40 GMT):
The credential exchange record gets removed unless `preserve-exchange-records` config setting says otherwise. The credential exchange record tracks the progress of the issue-credential protocol. The credential belongs at the holder, not the issuer: this is the crux of self-sovereign identity. In case of regime change, for example, the issuer must not have cryptographically provable evidence of credential issue ("show me all your followers' home addresses").

lijiachuan (Mon, 25 Jan 2021 14:42:36 GMT):
thanks @sklump , but the credential is also one asset related to the issuer, right? So how issuer should track their issued credentials, and how they revoke it if they didn't have a record in issuer's system, is that one record out of the wallet?

swcurran (Mon, 25 Jan 2021 14:57:26 GMT):
The issuer is expected to keep a record of the issuance in their system of record -- e.g. the controller. The wallet is not the best place for that. As well, it's not the credential that gets deleted from the issuer, but rather then credential exchange record -- the protocol state object that tracks the sending of the messages in the issue credential protocol. And...using start up parameters, the issuer can choose to delete the record after successfully issuing, keep the entire record of the issuing, or keep a minimal amount of data about the issuance. The latter is a good choice when revocation is being used, and the issuer can reference the credential exchange record when revoking a credential.

lijiachuan (Mon, 25 Jan 2021 15:42:58 GMT):
thans @sklump and @swcurran for your comments, very useful. But I still would like to have your feedback about the other 2 questions as below, could you please share your thoughts? Thanks a lot!! Hi All, currently the credential schema is only defined for its claim name, but for each claim's value, I am not sure whether there is a way to define some rules like the value only can be a date type value, number or string. Whether all of this validation needs to be handled from application level. And in real work, if one authority created a new credential schema, how others would know there is a new schema which they can use to create new credential definition, is there any recommendation?

swcurran (Mon, 25 Jan 2021 16:28:43 GMT):
Current practices about data types are enumerated here: https://github.com/hyperledger/aries-rfcs/tree/master/features/0036-issue-credential#encoding-claims-for-indy-based-verifiable-credentials There was some work done in a couple of other places to improve this ("Rich Schema" and "Overlays"), but I think the future direction is much more likely to be towards JSON-LD and layered on that (perhaps Overlays -- not sure). The Indy approach is that the schema are on the ledger, visible to all and best practices would be to look first at existing schema before publishing a new one. Going the direction of JSON-LD in the future, the model is the same, although the lack of publishing on the ledger makes that more challenging. Things like "schema.org" become a possible home for schema.

kdenhartog (Mon, 25 Jan 2021 22:48:32 GMT):
What is the controller property in the verification method and why does it need to be there? It allows for explicit stating that a key is associated with a separate controller. This allows for greater fine grained authorization systems which become of greater value in ocap models. I believe this is only used in certain methods as a way for the VDR to check whether a particular proof submitted to the VDR to update the DID Document is authorized to perform the update. The only method I've seen relying on this property has been veres one and I think Orie may have dabbled with it in element. > How would you realize a scenario in which multiple controllers may only act together (e.g. by 66% majority rule)? We actually were just discussing this over in the indy-did-method channel. See this message: https://chat.hyperledger.org/channel/indy-did-method?msg=5ihb5yyLyvrZhp89X

kdenhartog (Mon, 25 Jan 2021 22:48:32 GMT):
> What is the controller property in the verification method and why does it need to be there? It allows for explicit stating that a key is associated with a separate controller. This allows for greater fine grained authorization systems which become of greater value in ocap models. > How exactly is the controller property in the top level did document used? I believe this is only used in certain methods as a way for the VDR to check whether a particular proof submitted to the VDR to update the DID Document is authorized to perform the update. The only method I've seen relying on this property has been veres one and I think Orie may have dabbled with it in element. >Can they change the whole DID document of the subject? yes > How would you realize a scenario in which multiple controllers may only act together (e.g. by 66% majority rule)? We actually were just discussing this over in the indy-did-method channel. See this message: https://chat.hyperledger.org/channel/indy-did-method?msg=5ihb5yyLyvrZhp89X

kdenhartog (Mon, 25 Jan 2021 22:49:05 GMT):
>What is the controller property in the verification method and why does it need to be there? It allows for explicit stating that a key is associated with a separate controller. This allows for greater fine grained authorization systems which become of greater value in ocap models. >How exactly is the controller property in the top level did document used? Can they change the whole DID document of the subject? I believe this is only used in certain methods as a way for the VDR to check whether a particular proof submitted to the VDR to update the DID Document is authorized to perform the update. The only method I've seen relying on this property has been veres one and I think Orie may have dabbled with it in element. > How would you realize a scenario in which multiple controllers may only act together (e.g. by 66% majority rule)? We actually were just discussing this over in the indy-did-method channel. See this message: https://chat.hyperledger.org/channel/indy-did-method?msg=5ihb5yyLyvrZhp89X

kdenhartog (Mon, 25 Jan 2021 22:50:49 GMT):
> What is the controller property in the verification method and why does it need to be there? It allows for explicit stating that a key is associated with a separate controller. This allows for greater fine grained authorization systems which become of greater value in ocap models. > How exactly is the controller property in the top level did document used? I believe this is only used in certain methods as a way for the VDR to check whether a particular proof submitted to the VDR to update the DID Document is authorized to perform the update. The only method I've seen relying on this property has been veres one and I think Orie may have dabbled with it in element. >Can they change the whole DID document of the subject? yes > How would you realize a scenario in which multiple controllers may only act together (e.g. by 66% majority rule)? We actually were just discussing this over in the indy-did-method channel. See this message: https://chat.hyperledger.org/channel/indy-did-method?msg=5ihb5yyLyvrZhp89X

kdenhartog (Mon, 25 Jan 2021 22:56:24 GMT):
It looks like you manually changed the second issuer DID based on how similar in entropy it is to the first one. If this is the case then the keys won't match and signatures will be invalid hence the ledger operation error. If you actually did generate this you might want to look at your source of entropy when generating keys because getting that much entropy matching is highly suspicious.

kdenhartog (Mon, 25 Jan 2021 22:59:27 GMT):
This is my favorite one: http://toc.cryptobook.us/ It covers the basics of everything you'd expect in a graduate level crypto course and does a good job of expanding on the basics to apply to modern day crypto. Here's an associated course to go with the book as well: https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/

kdenhartog (Mon, 25 Jan 2021 22:59:27 GMT):
This is my favorite one: http://toc.cryptobook.us/ It covers the basics of everything you'd expect in a graduate level crypto course and does a good job of expanding on the basics to apply to modern day crypto. Here's an associated course to go with the book as well from the author: https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/

kdenhartog (Mon, 25 Jan 2021 23:08:19 GMT):
@george.aristy I agree that did:key lacks in its description, but it goes a long way in keeping consistency without the requirement of defining a new identifier which is what appears to be proposed. In general I've had the greatest success getting Manu, Dave's, and Dmitry Z's attention by opening a PR and then emailing them about it to get a review. I'd suspect if you wrote up a PR that would likely move the ball forward more. At least then you don't have to define your own bespoke format that would only be supported by the Aries community and would introduce a point of contention in the future.

george.aristy (Tue, 26 Jan 2021 11:32:49 GMT):
The goals of the AFGO project w.r.t. crypto and AIP 2.0 are: * allow use of NIST curves and algorithms, beyond Ed25519/X25519 * separate authentication keys from key agreement keys We'd also like AIP 2.0 to be agreed upon within a month or two. I suspect lobbying for some changes to `did:key` will syphon significant time and energy that will delay those goals. I submitted a very simple proposal that fixed the issues and that requires minor tweaks to existing implementations.

x0axz (Tue, 26 Jan 2021 11:48:26 GMT):
Thank @kdenhartog for your response, I'll have a look..

x0axz (Tue, 26 Jan 2021 11:51:24 GMT):
I've another question for you, as u've worked on OSMA. Do u have any idea how to connect the mobile app (aries .net xamarin app) with multiple issuers on different servers? I mean mobile has to accept credentials from issuers running on different servers (different IPs). I have a running server with a mediator and issuer, both running on different port and mobile can accept credentials from that. Now, I add another issuer on different server (different IP), mobile can establish a connection with this new issuer server, but can't accept credentials as it returns `An unmapped error with the code '307' was returned by the SDK.`.

paul.bastian (Tue, 26 Jan 2021 17:57:09 GMT):
Whats the requirement/motivation for new curves? Aren't the 25519 curves cryptographically way stronger and more trustworthy than the NIST curves?

daidoji (Tue, 26 Jan 2021 18:07:09 GMT):
@paul.bastian, many government actors (especially the US gov't) have contractual requirements to only use NIST curves. There have been no public attacks against say p256 or the other NIST approved elliptic curves but the internet community trusts the 25519 curve because of potential NSA shenanigans in the creation of the NIST approved curves https://en.wikipedia.org/wiki/Curve25519#History

daidoji (Tue, 26 Jan 2021 18:07:35 GMT):
Although 25519 is a NIST approved draft (and should be fully certified any day now as far as I'm aware)

daidoji (Tue, 26 Jan 2021 18:12:53 GMT):
and its probably a good instinct to be able to switch stuff in and out in case some breakthrough happens the community wasn't prepared for

george.aristy (Tue, 26 Jan 2021 18:32:37 GMT):
@kdenhartog @TelegramSam @swcurran how did you guys envision this would work in V2?

george.aristy (Tue, 26 Jan 2021 18:32:52 GMT):
A proposal or an idea must have been drawn up somewhere.

george.aristy (Tue, 26 Jan 2021 19:36:44 GMT):
I'm also a bit confused here - are folks really pining for `did:key` specifically, or just generally DIDs to encode the keys?

george.aristy (Tue, 26 Jan 2021 19:36:54 GMT):
I assume it's the latter but would rather ask to be sure.

george.aristy (Tue, 26 Jan 2021 19:37:06 GMT):
So for instance would a `did:peer` DID work?

swcurran (Tue, 26 Jan 2021 20:45:41 GMT):
`did:peer` serves a different purpose. With `did:key`, you provide a public key (and maybe two if needed) and you do string manipulation to do a transformation to a DIDDoc. With `did:peer` you define a DID identifier and a complete DIDDoc containing whatever you want -- but most importantly including a DIDComm service endpoint. You can't just swap one for the other.

george.aristy (Tue, 26 Jan 2021 21:37:20 GMT):
@swcurran you didn't include that thesis in your comments to @TelegramSam 's PR to extend `did:peer` here: https://github.com/decentralized-identity/peer-did-method-spec/pull/26

george.aristy (Tue, 26 Jan 2021 21:37:52 GMT):
Still - `did:peer` are not required to have service endpoints.

swcurran (Tue, 26 Jan 2021 21:38:20 GMT):
No but they can. `did:key` cannot.

george.aristy (Tue, 26 Jan 2021 21:38:25 GMT):
Method0 of `did:peer` is deliberately just like `did:key`

swcurran (Tue, 26 Jan 2021 21:38:46 GMT):
Right, but useless for DIDComm.

george.aristy (Tue, 26 Jan 2021 21:38:51 GMT):
Nope.

george.aristy (Tue, 26 Jan 2021 21:38:58 GMT):
OOB messages have a serviceEndpoint.

george.aristy (Tue, 26 Jan 2021 21:39:10 GMT):
We can encode that information in the DID itself.

george.aristy (Tue, 26 Jan 2021 21:39:18 GMT):
We shouldn't go half-way here.

george.aristy (Tue, 26 Jan 2021 21:39:26 GMT):
DIDs all the way!

george.aristy (Tue, 26 Jan 2021 21:39:32 GMT):
Isn't that what folks want? :)

george.aristy (Tue, 26 Jan 2021 21:40:07 GMT):
It's actually how DIDComm v2 works from what I saw.

george.aristy (Tue, 26 Jan 2021 21:40:16 GMT):
The only thing left outside the DID are the routing keys.

george.aristy (Tue, 26 Jan 2021 21:42:13 GMT):
The troubling thing about `did:peer` is that work on `initial-state` has stalled: https://github.com/decentralized-identity/peer-did-method-spec/issues/24#issuecomment-760476523

kdenhartog (Tue, 26 Jan 2021 23:05:38 GMT):
definitely just generally DIDs to encode the keys. Not did:key only.

kdenhartog (Tue, 26 Jan 2021 23:12:49 GMT):
I'm not familiar enough with the OSMA code to be able to help with that sorry. @tomislav may be able to help on that

mtfk (Wed, 27 Jan 2021 08:41:04 GMT):
Hi everyone, reminder about today Aries Call where we would talk a bit about the idea of ID proofing through signals and artifacts from the perspective of ledgerless approach to VC. Detail about the agenda as always can be found here: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591336 Looking forward to seeing you there!

wip-abramson (Wed, 27 Jan 2021 12:00:27 GMT):
Hey, is the eventual goal to break down indy-sdk and move components of it under aries? Will anything stay under indy-sdk? Seems to me the architecture discussed here is misleading by not mentioning libindy which actually is the glue that binds everything together. https://www.hyperledger.org/blog/2019/05/14/announcing-hyperledger-aries-infrastructure-supporting-interoperable-identity-solutions

wip-abramson (Wed, 27 Jan 2021 12:03:14 GMT):

hyerledgerstack.png

daidoji (Wed, 27 Jan 2021 13:06:59 GMT):
yeah many things which were in indy-sdk (in regards to specs, protocols, etc...) are moving to Ursa, Aries, Askar as appropriate. The point is to remove Indy as a hard dependency and coupling

daidoji (Wed, 27 Jan 2021 13:07:18 GMT):
Aries-Go for example doesn't use any Indy code (or Ursa code) from what I understand

dbluhm (Wed, 27 Jan 2021 15:28:19 GMT):
Today at 12PM EST Indicio is hosting a Meetup event on Mediation and the Coordinate Mediation Protocol. This is a deep dive into both the concept as well as the messages and processes for using an Open Source Mediator supporting the Coordinate Mediation Protocol such as ACA-Py and for using hosted services like the Indicio Public Mediator to get up and going faster with your mobile (or otherwise) agents. All are welcome! To join, register for the zoom room here: https://us02web.zoom.us/meeting/register/tZwscu-przotEtWCV-ZYqz06x2sy4SnCsNM5

george.aristy (Wed, 27 Jan 2021 19:33:30 GMT):
Correct, aries-framework-go does not use any Indy components. A skeleton for an Indy plugin is being worked on in the extensions repo (aries-framework-go-ext)

yezi (Thu, 28 Jan 2021 07:25:28 GMT):
Excuse me, where can I see the roadmap of aries-cloudagent-python

dbluhm (Thu, 28 Jan 2021 18:49:07 GMT):
You can find a recording from the meetup here in case you missed it! https://www.youtube.com/watch?v=jXsELfUYrGM

mwherman2000 (Mon, 01 Feb 2021 10:20:41 GMT):
Are these the most recent versions of the Indy-Aries conceptual architecture diagrams? 1. https://www.hyperledger.org/blog/2019/05/14/announcing-hyperledger-aries-infrastructure-supporting-interoperable-identity-solutions 2. https://kctheservant.medium.com/exploring-agent-demonstration-in-hyperledger-indy-3e1e8278b3d1 Anything more detailed? Any more design/implementations details about the design of the agent's non-blockchain secure storage (bottom-right corner)?

mwherman2000 (Mon, 01 Feb 2021 10:20:41 GMT):
Are these the most recent versions of the Indy-Aries conceptual architecture diagrams? 1. https://www.hyperledger.org/blog/2019/05/14/announcing-hyperledger-aries-infrastructure-supporting-interoperable-identity-solutions 2. https://kctheservant.medium.com/exploring-agent-demonstration-in-hyperledger-indy-3e1e8278b3d1 Anything more detailed? Links? Any additional design/implementation details about the design of the agent's non-blockchain secure storage (bottom-right corner)?

mwherman2000 (Mon, 01 Feb 2021 10:20:41 GMT):
Are these the most recent versions of the Indy-Aries conceptual architecture diagrams? 1. https://www.hyperledger.org/blog/2019/05/14/announcing-hyperledger-aries-infrastructure-supporting-interoperable-identity-solutions 2. https://kctheservant.medium.com/exploring-agent-demonstration-in-hyperledger-indy-3e1e8278b3d1 Anything more detailed? Links? _In particular, any additional design/implementation details about the design of the agent's non-blockchain secure storage (bottom-right corner)?_

swcurran (Mon, 01 Feb 2021 14:07:52 GMT):
1 is more or less right, but it's a block diagram. I did a presentation at an Aries meeting in November using this slide deck that shows one path from that to now -- https://docs.google.com/presentation/d/1wn53YCFWxUrWPX3wQOxHRGqyCs3xjfl_rlluQbDmAfo/edit?usp=sharing On 2, there are several storage approaches being used. "Legacy" is the indy-wallet component of the indy-sdk. A newer version of that is aries-askar, referenced and linked in the presentation above. The Aries Framework Go team has used the storage solutions from the CCG -- at least the Encrypted Vault structure.

karthiksamaganam (Mon, 01 Feb 2021 14:40:35 GMT):
Has joined the channel.

mwherman2000 (Mon, 01 Feb 2021 19:41:03 GMT):
thk u

mwherman2000 (Mon, 01 Feb 2021 20:03:14 GMT):
I'm trying to 2 things: (a) map my Trusted Digital Assistant app conceptual architecture onto the Aries block diagram and (b) find a technology solution for the secure, non-blockchain credential store.

mwherman2000 (Mon, 01 Feb 2021 20:03:22 GMT):

Clipboard - February 1, 2021 1:03 PM

mwherman2000 (Mon, 01 Feb 2021 20:05:23 GMT):
For example, Windows/.NET Isolated Storage with some wrapper APIs is one answer (https://docs.microsoft.com/en-us/dotnet/standard/io/isolated-storage) is one answer for the latter.

srihari.sardena (Tue, 02 Feb 2021 06:37:30 GMT):
Has joined the channel.

ascatox (Wed, 03 Feb 2021 08:59:46 GMT):
Has joined the channel.

ascatox (Wed, 03 Feb 2021 09:07:51 GMT):
Hi All, I'm a perfect newbie in the Aries world, I wish to create an agent on Android platform. Can you suggest me some links or tutorials to start? Thanks in advance.

maddocche (Wed, 03 Feb 2021 15:53:47 GMT):
Hi everyone! I was exploring the multitenancy feature within ACA-py for a project I'm working on, but it seems it doesn't recognize any of --multitenant and --multitenant-admin options... I've tried switching between main and multitenancy branches, but nothing seems to work. The only references I found were in the demo code. Is this feature still in the works or am I missing something? Thanks a lot!

maddocche (Wed, 03 Feb 2021 15:57:07 GMT):
Hi ascatox, I've also been looking into that for quite some time. From what I found the only option right now is to use Xamarin (.NET hybrid mobile framework). Take a look here: https://github.com/hyperledger/aries-mobileagent-xamarin

swcurran (Wed, 03 Feb 2021 16:05:34 GMT):
There are a couple of other options to build on. @Alexi and @ajayjadhav might be able to point you at some other places to start. Aries MAX (the Xamarin one mentioned above) is another option.

TimoGlastra (Wed, 03 Feb 2021 16:27:57 GMT):
Hi @maddocche, it should be usable if you're working from the main branch in ACA-Py. Did you check out the documentation regarding multi-tenancy? See https://github.com/hyperledger/aries-cloudagent-python/blob/main/Multitenancy.md

maddocche (Wed, 03 Feb 2021 16:34:05 GMT):
Hi @TimoGlastra, thanks for the answer. I did, but neither "provision --help" nor "start --help" list any multitenancy option, and if I try to use them anyway it says that they are not recognized.

TimoGlastra (Wed, 03 Feb 2021 16:35:04 GMT):
How are you running acapy? using the `./scripts/run_docker` command?

maddocche (Wed, 03 Feb 2021 16:36:50 GMT):
Yes, I tried that way, then by manual building the docker image and then getting aca-py from PyPi through pip, but nothing worked...

TimoGlastra (Wed, 03 Feb 2021 16:38:44 GMT):
The version released on PyPi doesn't contain the multitenancy features yet

TimoGlastra (Wed, 03 Feb 2021 16:38:59 GMT):
However the run_docker script should work

TimoGlastra (Wed, 03 Feb 2021 16:39:20 GMT):
I just ran ``` PORTS="20000:20000 20001:20001 20002:20002" ./scripts/run_docker start --endpoint http://192.168.65.3:20000 --inbound-transport http 0.0.0.0 20000 --admin 0.0.0.0 20001 --admin-insecure-mode --outbound-transport http --no-ledger --multitenant --multitenant-admin --jwt-secret test ``` in main and it works fine

maddocche (Wed, 03 Feb 2021 16:46:18 GMT):
With the same command I get this: "aca-py start: error: unrecognized arguments: --multitenant --multitenant-admin --jwt-secret test"...

maddocche (Wed, 03 Feb 2021 16:49:53 GMT):
I'm using this repo, is this right?: https://github.com/hyperledger/aries-cloudagent-python.git

RazaDen (Wed, 03 Feb 2021 20:17:29 GMT):
Hi @swcurran you mentioned in the Aca-Py call that you are planning to change the status of Aries from incubation to active. I am planning on formally and strongly supporting Aries as the technology stack for SSI in PL in 2-3 weeks max. Just wondering if you believe it's possible to change the status in that time, or maybe I should wait, because you know business people like "active" more than incubating :)

RazaDen (Wed, 03 Feb 2021 20:22:38 GMT):
aaaaaaaaand, you just talked about it in the Aries call :)

swcurran (Wed, 03 Feb 2021 20:23:01 GMT):
I'll try to get the document/request submitted. I don't know how fast the TSC moves. I think it is possible, and they seemed very receptive.

Alexi (Thu, 04 Feb 2021 00:51:24 GMT):
Hey! we worked on a framework that is native on android we are still working on open sourcing it under hyperledger. Here is an example apk you can download (you will have to spin up a mediator as it asks for this when you start it up, I recommend using the dotnet framework mediator). https://drive.google.com/file/d/1Miv_c5Jy8G-bybwjDks731BathIhska_/view?usp=sharing If you want to play around with the code here is the jar files for the source code: https://drive.google.com/drive/folders/1dYLn2zQX6-G6A7eEI6if359_ZNmPzAXS If you are a newbie, I would recommend doing the tutorials and walkthroughs on the aries hyperledger github page first and get more acquainted with aries/indy

Alexi (Thu, 04 Feb 2021 00:51:50 GMT):
also here is some documentation to help our with the example app, but full disclosure it is not entirely up to speed

Alexi (Thu, 04 Feb 2021 00:52:35 GMT):

docs.zip

Alexi (Thu, 04 Feb 2021 00:53:10 GMT):
Also do note that currently it is only holder functionality

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussioned at the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from other Frameworks and Aries repos to add comments about their code base -- many of the responses in the document reference ACA-Py specifically. There is also a section about real world use cases and would appreciate if folks could add their use cases to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from other Frameworks and Aries repos to add comments about their code base -- many of the responses in the document reference ACA-Py specifically. There is also a section about real world use cases and would appreciate if folks could add their use cases to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from all Aries Frameworks and other Aries repos to add comments about their code base -- many of the responses in the document reference ACA-Py specifically. There is also a section about real world use cases and would appreciate if folks could add their use cases to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from all Aries Frameworks and other Aries repos to add comments about their code base -- many of the initial responses in the document reference ACA-Py specifically, because of my knowledge of it. There is also a section about real world use cases and would appreciate if folks could add their use cases to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from all Aries Frameworks and other Aries repos to add comments about their code base -- many of the initial responses in the document reference ACA-Py specifically, because of my knowledge of it. There is also a section about real world usage and would appreciate if folks could add their use cases to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from all Aries Frameworks and other Aries repos to add comments about their code base -- many of the initial responses in the document reference ACA-Py specifically, because of my knowledge of it. There is also a section about real world usage and would appreciate if folks could add their stories to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert I'd like to have this in the hands of the TSC for their meeting next week.

swcurran (Thu, 04 Feb 2021 04:19:24 GMT):
Hey Folks - as discussed on the Aries WG Call today, I've put together a draft document to propose that Aries exit "Incubation" status ASAP. I'd appreciate additions, changes, suggestions and for those agreeing to the idea to add their name to the document: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41591994 I've taken the TSC criteria document, added some context about Aries and then added point-by-point responses to the criteria. I would encourage maintainers and contributors from all Aries Frameworks and other Aries repos to add comments about their code base -- many of the initial responses in the document reference ACA-Py specifically, because of my knowledge of it. There is also a section about real world usage and would appreciate if folks could add their stories to that. Perhaps Kiva, Trinsic, SecureKey, ABSA, esatus, IDUnion/LISSI, Indicio, IDRamp, CPQD, SICPA, Anonyme, AyanWorks and so on. @TelegramSam @tomislav @mccown @dbluhm @ajayjadhav @TimoGlastra @nage @victor.martinez @george.aristy @troyronda @danielhardman @lynn.bendixsen @kulkarnikk @rileyphughes @mtfk @smithbk @Alexi @pfeairheller @m00sey @ianco @andrew.whitehead @CHempel @sebastian @JamesEbert @esplinr I'd like to have this in the hands of the TSC for their meeting next week.

pfeairheller (Thu, 04 Feb 2021 04:19:24 GMT):
Has joined the channel.

mtfk (Thu, 04 Feb 2021 07:10:02 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=6wW8rTEG2xWT7CbP7) What are the consequences of exiting the incubation phase?

luis.marado (Thu, 04 Feb 2021 10:49:43 GMT):
Has joined the channel.

swcurran (Thu, 04 Feb 2021 14:08:30 GMT):
It means the project has an "active" status, which indicates the maturity of the project. It is useful for newcomers arriving at the project to understand it is ready and in use for production applications.

Helen_Garneau (Thu, 04 Feb 2021 15:09:18 GMT):
Has joined the channel.

nage (Thu, 04 Feb 2021 15:18:49 GMT):
There are also some additional resources available for press releases and security audits that are helpful. So it is definitely worth the effort.

tomislav (Thu, 04 Feb 2021 22:01:14 GMT):
Let's crack that egg shell!

peacekeeper (Fri, 05 Feb 2021 00:01:15 GMT):
@andrew.whitehead @swcurran Does ACA-py support connections between agents if one agent has no endpoint URI and no mediator? I have an out-of-band invitation, but can't figure out how to accept it and establish a connection using an agent that doesn't have its own endpoint.

peacekeeper (Fri, 05 Feb 2021 00:01:43 GMT):
I think what I want is described here: https://github.com/hyperledger/aries-rfcs/issues/405

andrew.whitehead (Fri, 05 Feb 2021 00:09:51 GMT):
The agent without an endpoint may be able to use https://github.com/hyperledger/aries-rfcs/tree/master/features/0092-transport-return-route and/or a websocket connection

swcurran (Fri, 05 Feb 2021 00:44:50 GMT):
Hey Folks -- added the Hyperledger TSC Quarterly Report for Aries. Since the last one was submitted just a few weeks ago, this one has not changed much. Please review and update if there are any errors or ommissions. https://wiki.hyperledger.org/display/TSC/2021+Q1+Hyperledger+Aries

peacekeeper (Fri, 05 Feb 2021 08:19:00 GMT):
Thanks, that makes sense. One more question if you don't mind, is it possible to do this via tha ACA-py REST API / admin interface? To accept a connection invitation using return route and websocket?

swcurran (Fri, 05 Feb 2021 19:34:53 GMT):
@george.aristy -- a quick question for you. If `did:key` was changed to be able to have an optional two keys (verification and agreement), would that be sufficient for you? E.g. `did:key:[:]? The latter is optional and if absent either there would be no key agreement in the DIDDoc, or if possible, the key agreement key would be derived from the verkey. Or is there more to it then just the two keys issue?

swcurran (Fri, 05 Feb 2021 19:34:53 GMT):
@george.aristy -- a quick question for you. If `did:key` was changed to be able to have an optional two keys (verification and agreement), would that be sufficient for you? E.g. `did:key:[:]`? The latter is optional and if absent either there would be no key agreement in the DIDDoc, or if possible, the key agreement key would be derived from the verkey. Or is there more to it then just the two keys issue?

andrew.whitehead (Fri, 05 Feb 2021 19:53:06 GMT):
Not currently, ACA-py only handles return-route on incoming requests

RazaDen (Sat, 06 Feb 2021 01:40:29 GMT):
Apologies for jumping in, but I had a similar discussion about this today. The problem traces back to this discussion about Ed25519 being used for digital signatures *AND* encryption (the latter is not correct). Formally, such keys should only be used for EdDSA, i.e., dig. sigs. Now, in ECC, we need a key with which we can do encryption/decryption, since this is done via ECDH (which formally speaking is a key agreement). That said, if the multibase encoding (for both keys) in your message @swcurran has a "nested" multicodec which conveys information about the exact curve, then the only thing that is not *explicitly* specified is that "verkey" is EdDSA or even ECDSA and that, correspondingly, key aggr. is ECDH. Maybe that latter part being non-explicit is ok.

RazaDen (Sat, 06 Feb 2021 01:40:29 GMT):
Apologies for jumping in, but I had a similar discussion about this today. The problem traces back to this discussion about Ed25519 being used for digital signatures *AND* encryption (the latter is not correct). Formally, such keys should only be used for EdDSA, i.e., dig. sigs. Now, in ECC, we need a key with which we can do encryption/decryption, since this is done via ECDH (which formally speaking is a key agreement). That said, if the multibase encoding (for both keys - technically there is an implicit conversion here to the bilateral equivalent curve X25519) in your message @swcurran has a "nested" multicodec which conveys information about the exact curve, then the only thing that is not *explicitly* specified is that "verkey" is EdDSA or even ECDSA and that, correspondingly, key aggr. is ECDH. Maybe that latter part being non-explicit is ok.

RazaDen (Sat, 06 Feb 2021 01:40:29 GMT):
Apologies for jumping in, but I had a similar discussion about this today. The problem traces back to this discussion about Ed25519 being used for digital signatures *AND* encryption (the latter is not correct - technically there is an implicit conversion here to the bilateral equivalent curve X25519). Formally, such keys should only be used for EdDSA, i.e., dig. sigs. Now, in ECC, we need a key with which we can do encryption/decryption, since this is done via ECDH (which formally speaking is a key agreement). That said, if the multibase encoding (for both keys) in your message @swcurran has a "nested" multicodec which conveys information about the exact curve, then the only thing that is not *explicitly* specified is that "verkey" is EdDSA or even ECDSA and that, correspondingly, key aggr. is ECDH. Maybe that latter part being non-explicit is ok.

RazaDen (Sat, 06 Feb 2021 02:04:30 GMT):
Generally for encryption, there are other parameters that need to be conveyed as well. Key Agreement (ECDH in this case) is the first one. The other ones include: the key derivation function (KDF), MAC algorithm, and the symmetric encryption algorithm (ENC). I have no recollection if in practice all these information are conveyed in the encoding of the key (multibase + multicodec). I believe @george.aristy was referring to the inability of `did:key` conveying all this info.

swcurran (Sat, 06 Feb 2021 17:58:10 GMT):
To clarify, even if `did:key` was changed to allow the conveyance of two keys (encoded using multibase+multicodec), that would not be sufficient? Does that mean there is no point in multicodec, as I would guess that would mean it is insufficient at supplying the needed information. Apologizes that I'm not well-versed in this -- I'm just trying to understand the information needed, not why it is needed.

swcurran (Sat, 06 Feb 2021 17:58:10 GMT):
To clarify, even if `did:key` was changed to allow the conveyance of two keys (each encoded using multibase+multicodec), that would not be sufficient? Does that mean there is no point in multicodec, as I would guess that would mean it is insufficient at supplying the needed information. Apologizes that I'm not well-versed in this -- I'm just trying to understand the information needed, not why it is needed.

PrachiAdhikari (Sun, 07 Feb 2021 13:05:59 GMT):
Has joined the channel.

PrachiAdhikari (Sun, 07 Feb 2021 13:06:00 GMT):
Hi, I am using ACA-PY version 5.6 for credential issuances along with controller which is written in Spring boot. I am trying to issue ~250000 credentials with only one credential definition. The time taken to issue ~100000 credentials is 26 hours. I need to optimizing this time further. Any suggestions in this regard will be really helpful. Thanks and regards Prachi

swcurran (Sun, 07 Feb 2021 17:38:35 GMT):
Hi -- cool problem. Where do you want to folllow up on this. I feel like best to use the issue you created on GitHub -- I'll add my follow up note to that. https://github.com/hyperledger/aries-cloudagent-python/issues/947

etaleo (Mon, 08 Feb 2021 09:34:34 GMT):
Hey there! There is a universal resolver interface for DIDs - is there an equivalent universal interface for resolving Verifiable Credential Schemas / Cred Defs?

etaleo (Mon, 08 Feb 2021 09:35:25 GMT):
Thank you very much!

swcurran (Mon, 08 Feb 2021 14:14:54 GMT):
No, there isn't at this time.

swcurran (Mon, 08 Feb 2021 14:15:29 GMT):
We've talked about a verifier-as-a-service for some use cases.

peacekeeper (Mon, 08 Feb 2021 14:43:01 GMT):
But isn't this a super-common use case, i.e. connecting a client to an agent endpoint and sending some request? I'm trying to find some up-to-date documentation or example of that..

bruno_santos (Mon, 08 Feb 2021 15:59:27 GMT):
Has joined the channel.

bruno_santos (Mon, 08 Feb 2021 15:59:28 GMT):
Hello channel, is there a way to setup a webhook (https://github.com/hyperledger/aries-cloudagent-python/blob/main/AdminAPI.md#administration-api-webhooks) whilst using the docker ./run_demo agents?

Nizu (Mon, 08 Feb 2021 16:28:41 GMT):
Has joined the channel.

Nizu (Mon, 08 Feb 2021 16:29:22 GMT):

runningFaberResult1.JPG

Nizu (Mon, 08 Feb 2021 16:29:35 GMT):
i'm really confused, if i could get some help running the demos locally I would appreciate it

swcurran (Mon, 08 Feb 2021 17:09:49 GMT):
Are you running the von-network for the ledger? As you are running it, that is expected to also be running.

Nizu (Mon, 08 Feb 2021 17:28:38 GMT):
no i'm not. I will configure it so that I start using the von-network and check the result. But my objective was to run it only locally

paul.bastian (Mon, 08 Feb 2021 17:30:02 GMT):
hi everyone, as the SSI ecosystem grows, we feel there is a growing need for a standardized wallet security ecosystem and therefore a working group called "Wallet Security" is to be launched under DIF umbrella. In particular we think that: - we should get a common understanding, terminology about wallet security in the community - talk about wallet security architectures to analyze similarities - create a specification and interface to communicate about wallet capabilities, security, regulation-conformance and other points of interoperability - define mechanism to enable wallet security assertions, certification and ways to prove them - define specifications about wallet user authentication, ways how to ensure them and how to communicate them to issuers/verifiers If you are interested about this topic and like to comment, participate, criticize: - please review the Wallet Security WG Charter: https://docs.google.com/document/d/18H2hVjHZEBjbnzod8tLogJIEzySdecbk9d-QBJaqHP0/edit - subscribe to the mailing list: https://lists.identity.foundation/g/wallet-security After gathering initial feedback, we will have an open discussion meeting soon. I hope this is in the best interests of the community and will get the necessary feedback to make an impact. Best regards, Paul Bastian

swcurran (Mon, 08 Feb 2021 17:48:41 GMT):
von-network runs locally. You can't use Indy without a network somewhere.

Nizu (Mon, 08 Feb 2021 17:51:25 GMT):
ok thank you.. im going to follow your advices. Thank you for all the help :D

andrew.whitehead (Mon, 08 Feb 2021 19:05:21 GMT):
It's not common for an ACA-Py agent to be running without an endpoint, that's much more likely for a mobile agent.

karlo0 (Mon, 08 Feb 2021 23:57:28 GMT):
Has joined the channel.

karlo0 (Tue, 09 Feb 2021 00:00:37 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here!

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course \href{https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/}{Becoming a Hyperledger Aries Developer} and I am in Chapter 4 doing the _Lab: Using ACA-Py’s OpenAPI/Swagger Interface_. I started up Alice and Bob with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body which also succesfully gets executed. Now using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a 200 respnse, however, the terminal logs for the Alice agent show the folliwing error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can then not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the _Lab: Using ACA-Py’s OpenAPI/Swagger Interface_. I started up Alice and Bob with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body which also succesfully gets executed. Now using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a 200 respnse, however, the terminal logs for the Alice agent show the folliwing error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can then not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up Alice and Bob with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body which also succesfully gets executed. Now using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a 200 respnse, however, the terminal logs for the Alice agent show the folliwing error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can then not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up Alice and Faber with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body which also succesfully gets executed. Now using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a 200 respnse, however, the terminal logs for the Alice agent show the folliwing error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can then not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up Alice and Faber with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body which also succesfully gets executed. Now using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a 200 respnse, however, the terminal logs for the Alice agent show the folliwing error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can then not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up Alice and Faber with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on *Alice* side which also succesfully gets executed. Continuing on Alice side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTPP- response, however, the terminal logs for the Alice agent show the following error: ```sh 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up Alice and Faber with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on Faber's side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on *Alice* side which also succesfully gets executed. Continuing on Alice side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTPP- response, however, the terminal logs for the Alice agent show the following error: ``` 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up `Alice` and `Faber` with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on `Faber`'s side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on `Alice* side which also succesfully gets executed. Continuing on Alice side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTPP- response, however, the terminal logs for the Alice agent show the following error: ``` 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any idea and help would be much appreciated. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up `Alice` and `Faber` with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on `Faber`'s side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on `Alice` side which also succesfully gets executed. Continuing on `Alice` side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTTP-response, however, the terminal logs for the Alice agent show the following error: ``` 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any idea and help would be much appreciated 🙏. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md). I started up `Alice` and `Faber` with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on `Faber`'s side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on `Alice` side which also succesfully gets executed. Continuing on `Alice` side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTTP-response, however, the terminal logs for the Alice agent show the following error: ``` 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any ideas and help would be much appreciated 🙏. Kind regards, Karsten

karlo0 (Tue, 09 Feb 2021 00:16:34 GMT):
Hi there, thanks a lot for developing Aries and the support that you give here! I am currently taking the edX course [Becoming a Hyperledger Aries Developer](https://courses.edx.org/courses/course-v1:LinuxFoundationX+LFS173x+1T2020/course/) and I am in Chapter 4 doing the [_Lab: Using ACA-Py’s OpenAPI/Swagger Interface_](https://github.com/cloudcompass/ToIPLabs/blob/master/docs/LFS173x/OpenAPIController.md) and followed the [Docker instuctions](https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AriesOpenAPIDemo.md#running-in-docker) to setup the agents. I started up `Alice` and `Faber` with `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo alice --events --no-auto --bg` `LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber--events --no-auto --bg`, respectively, and can reach the Swagger-UI of both Agents. I succesfully created on `Faber`'s side a connection invitation by executing `POST` `/connections/create-invitation` , copied the "invitation" object from the response body into the `POST` `/connections/receive-invitation` request body on `Alice` side which also succesfully gets executed. Continuing on `Alice` side, using the `connection_id` from the response as parameter in the `POST` `/connections/{id}/accept-invitation` is successfully executed with a `200` HTTP-response, however, the terminal logs for the Alice agent show the following error: ``` 2021-02-08 23:48:00,493 aries_cloudagent.transport.outbound.manager ERROR >>> Error when posting to: http://192.168.56.102:8020; Error: (, ClientConnectorError(ConnectionKey(host='192.168.56.102', port=8020, is_ssl=False, ssl=None, proxy=None, proxy_auth=None, proxy_headers_hash=None), ConnectionRefusedError(111, "Connect call failed ('192.168.56.102', 8020)")) ``` Also Faber can not accept the connection request. Any ideas and help would be much appreciated 🙏. Kind regards, Karsten

swcurran (Tue, 09 Feb 2021 02:55:31 GMT):
@ianco -- any ideas?

ianco (Tue, 09 Feb 2021 03:48:58 GMT):
When you create the initial invitation, make sure you delete the "sample" json body of the invitation request, I suspect this is where the host IP is coming from (it's just a sample and doesn't reflect your actual IP)

ianco (Tue, 09 Feb 2021 03:49:30 GMT):
I just tested the connection between these agents on my local (using the same startup parameters) and everything worked

etaleo (Tue, 09 Feb 2021 08:53:51 GMT):
Hey there. In the example schema here, the list under "@context" is huge, but only "schema", "rdf" and "rdfs" are used. Why are there so many in the list when only 3 of them are used in the actual schema? https://github.com/hyperledger/aries-rfcs/tree/master/features/0281-rich-schemas#example-schema

karlo0 (Tue, 09 Feb 2021 13:53:35 GMT):
Many thanks, this solved the problem

george.aristy (Tue, 09 Feb 2021 13:55:22 GMT):
@swcurran `did:key` does not constrain a key's usage to a particular purpose when a key is suitable for several. (plus the issues that @RazaDen mentioned)

george.aristy (Tue, 09 Feb 2021 13:56:39 GMT):
For example, a P-256 key can be used for both key agreement and signatures. The `did:key` method as is currently written does not allow one to specify whether the sender would like to use it for one or the other. The spec is extremely ambiguous, but is commonly interpreted as "use the key for all technically possible purposes"

george.aristy (Tue, 09 Feb 2021 13:57:41 GMT):
So back to your proposal... you can see how multicodec/multiformat alone doesn't make much sense for separating keys for their usage.

george.aristy (Tue, 09 Feb 2021 14:02:08 GMT):
You can start to see why I took the approach I did with this proposal: https://github.com/hyperledger/aries-rfcs/pull/577 I'm just basically reusing standardized JOSE identifiers to specify the algorithm parameters, in addition to separating the signing keys from the key agreement keys in DIDComm invitations. The beauty of it is really in the reuse of the JOSE identifiers. Seemed like a much easier route at the time.

maddocche (Tue, 09 Feb 2021 14:51:40 GMT):
Hi everyone, I have a question about the present proof protocol as implemented in ACA-Py. I have a zero-knowledge proof request that's not satisfied by any credential (but I assume this is true even for other types of proof requests), so when I call "/present-proof/records/{pres_ex_id}/credentials" it returns an empty array. How can I reject the presentation from the prover side? To my understanding the right way to do it would be sending back a problem report message, but I can't find any suitable endpoint; there is only the issue credential problem report endpoint, and sending back an empty presentation return an error. Thanks a lot!

swcurran (Tue, 09 Feb 2021 20:23:30 GMT):
Could you add that as an issue? It sounds like something that needs to be there. Note that it might be, but if not, we can get it on the list to add.

george.aristy (Wed, 10 Feb 2021 19:42:26 GMT):
Apologies @swcurran @TelegramSam - in the last call I said I'll tweak my proposal for naked keys a bit but haven't managed to do so in time for the upcoming call

TelegramSam (Wed, 10 Feb 2021 19:56:21 GMT):
No worries @george.aristy

TelegramSam (Wed, 10 Feb 2021 19:56:37 GMT):
Aries WG call on in 4 minutes!

TelegramSam (Wed, 10 Feb 2021 19:56:46 GMT):
https://wiki.hyperledger.org/pages/viewpage.action?pageId=41592350

mccown (Wed, 10 Feb 2021 22:09:49 GMT):
The Identity Implementer's WG is meeting tomorrow (Feb 11th @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. For our presentation, Riley Hughes from Trinsic is presenting some of their new developments (https://trinsic.id). Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2021-02-11+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

kdenhartog (Mon, 15 Feb 2021 23:43:08 GMT):
having the additional short form identifiers in there don't have any effect. As to why they're included I can't say, but they'd be fine to remove without issue.

rileyphughes (Tue, 16 Feb 2021 02:54:02 GMT):
Hi all, for those interested we have an upcoming webinar/workshop covering building SSI solutions using ACA-py & Trinsic, and showing how they are interoperable. Courtesy of @mboyd and @dbluhm. Here's a link for anyone who is interested: https://trinsic.id/interoperability-between-aca-py-and-trinsic/

chrisconway (Tue, 16 Feb 2021 18:57:01 GMT):
Has joined the channel.

chrisconway (Tue, 16 Feb 2021 19:01:33 GMT):
Hi, I am curious about how to use Aries with Ethereum. I know it is possible to use Sovrin for this, but prefer open source solutions. How can I connect Aries with Ethereum using only open source tools?

daidoji (Tue, 16 Feb 2021 19:08:05 GMT):
hey Chris, I'm not sure if that's possible at the moment. I haven't heard of anyone doing that. However, I know that aries-go uses DIF's Sidetree protocol so it should be possible. Maybe you could ask them.

chrisconway (Tue, 16 Feb 2021 19:10:16 GMT):
thanks for the suggestion

Nizu (Wed, 17 Feb 2021 12:34:03 GMT):
Hello, I'm trying to run the aries demo locally (Alice and Faber) but I'm getting an error when I try to run Faber: "Error: invalid library state caused by: Ledger merkle tree is not acceptable for current tree". Does anyone have gone through this one? I'm a bit confused what I did wrong, does anyone knows what this error means? Thanks in advance :D

ianco (Wed, 17 Feb 2021 13:22:42 GMT):
It means your alice/faber agents are trying to connect to the ledger using the wrong IP. Likely you're running von network (?) which by default uses the docker IP. If you're running alice/faber locally they're trying to connect using the local IP. Try starting von network as follows:

ianco (Wed, 17 Feb 2021 13:22:57 GMT):
`./manage start --logs`

ianco (Wed, 17 Feb 2021 13:23:14 GMT):
... and then start the alice and faber agents

Nizu (Wed, 17 Feb 2021 14:01:33 GMT):
ok thank you, i will try

paul.bastian (Wed, 17 Feb 2021 14:21:42 GMT):
Sovrin uses Hyperledger Indy, which is open-source?

sklump (Wed, 17 Feb 2021 15:00:59 GMT):
Has left the channel.

Nizu (Wed, 17 Feb 2021 16:36:37 GMT):
I had to go to the von ledger and get the genesis file to update the local-genesis file in the demo folder, forgot about that. Now it gets to a point where it starts to listen and then it immediately shutsdown saying "timed out waiting for agent process to start. Admin URL:..."

ianco (Wed, 17 Feb 2021 16:40:56 GMT):
try setting local environment variable `GENESIS_URL=http://localhost:9000/genesis` and then running alice/faber (sorry forgot this step)

Nizu (Wed, 17 Feb 2021 16:45:22 GMT):
it is ok, i'm glad you are trying to help, I will try it. Thanks

Nizu (Wed, 17 Feb 2021 19:18:46 GMT):

questionFaberListening.JPG

Nizu (Wed, 17 Feb 2021 19:19:15 GMT):

faberRedWarnings.JPG

ianco (Wed, 17 Feb 2021 19:20:04 GMT):
Interesting ... I've never seen that error before

Nizu (Wed, 17 Feb 2021 19:20:27 GMT):
which one? the red or the white?

ianco (Wed, 17 Feb 2021 19:20:45 GMT):
Have you managed to successfully run the demo in docker? (i.e. using the `./run_demo faber` command?)

Nizu (Wed, 17 Feb 2021 19:23:27 GMT):
I haven't tried it yet, I have been using this command: GENESIS_FILE=/path/to/local-genesis.txt DEFAULT_POSTGRES=true python3 -m runners.faber --port 8020

Nizu (Wed, 17 Feb 2021 19:23:36 GMT):
from the Aries readme

Nizu (Wed, 17 Feb 2021 19:23:48 GMT):
I-m going to try it now

ianco (Wed, 17 Feb 2021 19:24:07 GMT):
Yes it's easier to use the `run_demo` command, which runs everything in Docker

ianco (Wed, 17 Feb 2021 19:24:37 GMT):
Getting it running locally is a bit more challenging and not really supported (due to all the potential issues with differences between local environments)

ianco (Wed, 17 Feb 2021 19:24:57 GMT):
... but if you can get it running in docker then you should be able to get it running locally too ...

Nizu (Wed, 17 Feb 2021 19:26:52 GMT):
looks like it is working

Nizu (Wed, 17 Feb 2021 19:27:00 GMT):
it-s waiting for a connection

ianco (Wed, 17 Feb 2021 19:34:00 GMT):
You manually copy the invitation from faber to alice and then the connection is auto-detected

Nizu (Wed, 17 Feb 2021 19:36:08 GMT):
yes, but i can only do that when alice is running correct? I get this now, when I try to run Alice

Nizu (Wed, 17 Feb 2021 19:36:17 GMT):

runningAliceError.JPG

Nizu (Wed, 17 Feb 2021 19:36:36 GMT):
sorry for bothering you with this, and thank you very much for the help you gave me so far

ianco (Wed, 17 Feb 2021 19:37:30 GMT):
are you running faber using `./run_demo faber`? you cal run alice using `./run_demo alice`

Nizu (Wed, 17 Feb 2021 20:12:56 GMT):
I'm running faber using `./run_demo faber` and it is waiting for a connection. I tried to run Alice using `./run_demo alice` and I got that error

haggis (Thu, 18 Feb 2021 08:58:01 GMT):
Hi guys! I know that an edge agent communicates with other agents via a mediator by packing the DIDComm messages into a DIDComm message of type `forward`. Fine. Can someone explain how an agent - also configured to use a mediator - with no internet access except to its mediator would communicate with the ledger nodes to write e.g. a schema definition? Is this communication also routed through the mediator? Automatically? Or would aca-py need special configuration for this?

maddocche (Thu, 18 Feb 2021 11:57:28 GMT):
Hi everyone! Just a quick question, does ACA-Py support CORS for request to the admin endpoint? Thanks!

RazaDen (Thu, 18 Feb 2021 12:04:32 GMT):
Agents that are strictly acting as mediators (and nothing more than that) do not facilitate this kind of functionality. In the scenario you are describing, this can be achieved by having the "edge agent/application w/e" act as a *controller* of a cloud agent. For instance, you can use the Admin API of ACA-Py to do ledger stuff and ACA-Py will do everything for you (the edge controller). From a conceptual point of view, these two cases are different. However, from a practical standpoint, ACA-Py is very powerful and can act both as a mediator *and* as a means for you to do ledger stuff in the limited connectivity setting you are describing.

haggis (Thu, 18 Feb 2021 12:40:02 GMT):
Thank you, @RazaDen . I'm going to discuss this with my colleagues. Spontaneously I would say this isn't possible because this would require having the private keys outside of the secured network. Maybe some kind of proxying mechanism might be helpful here

RazaDen (Thu, 18 Feb 2021 12:41:18 GMT):
Yeah it's very sloppy as it mixes two paradigms into one. Also, if you want to scale up to multiple mobile agents, it's going to get even messier. Glad to be of help!

Nizu (Thu, 18 Feb 2021 13:15:49 GMT):

runningAliceTypeError.JPG

haggis (Thu, 18 Feb 2021 14:52:38 GMT):
Another question: Is it somehow possible to get a published DID into a mobile agent? Or to publish a DID created on such a mobile device? Currently it seems like mobile agents (tested Trinsic and Lissi) are created a keypair under the hood and then creating pairwise DIDs from that keypair. And they're missing to provide something like a seed import. However, if I want to bind a mobile agent to a real world identity, I also like to publish a DIDDocument containing my public key - in order to be able to create verifiable digital signatures via direct messaging (not to confuse with verifiable credentials). So my question is currently just: How to get a published DID into my mobile agent?

haggis (Thu, 18 Feb 2021 14:52:38 GMT):
Another question: Is it somehow possible to get a published DID into a mobile agent? Or to publish a DID created on such a mobile device? Currently it seems like mobile agents (tested Trinsic and Lissi) are creating a keypair under the hood and then creating pairwise DIDs from that keypair. And they're missing to provide something like a seed import. However, if I want to bind a mobile agent to a real world identity, I also like to publish a DIDDocument containing my public key - in order to be able to create verifiable digital signatures via direct messaging (not to confuse with verifiable credentials). So my question is currently just: How to get a published DID into my mobile agent?

haggis (Thu, 18 Feb 2021 14:52:38 GMT):
Another question: Is it somehow possible to get a published DID into a mobile agent? Or to publish a DID created on such a mobile device? Currently it seems like mobile agents (tested Trinsic and Lissi) are creating a keypair under the hood and then deriving pairwise DIDs from that keypair. And they're missing to provide something like a seed import. However, if I want to bind a mobile agent to a real world identity, I also like to publish a DIDDocument containing my public key - in order to be able to create verifiable digital signatures via direct messaging (not to confuse with verifiable credentials). So my question is currently just: How to get a published DID into my mobile agent?

swcurran (Thu, 18 Feb 2021 15:40:44 GMT):
I think proxying would work fine. The isolated agent would sign the transaction and then hand it to the controller to interact with the ledger. The ledger doesn't care (AFAIK) who gives it the transaction, as long as it has the right signatures for the action to be taken.

swcurran (Thu, 18 Feb 2021 15:41:48 GMT):
The team at Danube Tech has done some work with a DIDComm connection to a Universal Resolver instance that would handle this type of activity.

haggis (Thu, 18 Feb 2021 15:43:22 GMT):
We had a look at Universal Resolver as well. However, it currently "only" does DIDDoc lookup (and later registration) - no node communication, doesn't it?

swcurran (Thu, 18 Feb 2021 15:44:49 GMT):
I'm not sure. I was pointing to the example more for the pattern than if it will do exactly what you want.

haggis (Thu, 18 Feb 2021 15:45:02 GMT):
Alright, thanks :)

swcurran (Thu, 18 Feb 2021 15:47:54 GMT):
What was the specific command that you ran? Probably best to put this in an issue in the repo.

Nizu (Thu, 18 Feb 2021 18:06:04 GMT):
Hello, ./run_demo Alice was the command I used

andrew.whitehead (Fri, 19 Feb 2021 02:28:34 GMT):
Yes, it should

haggis (Fri, 19 Feb 2021 14:57:32 GMT):
In the DID method specification the DID scheme is defined as `sovrin-did = "did:sov:" idstring *(":" subnamespace)` Hence a valid DID is `did:sov:2wJPyULfLLnYTEFyzByfUR`, with `2wJPyULfLLnYTEFyzByfUR` being the idstring. Another one would be `did:sov:2wJPyULfLLnYTEFyzByfUR:mynetwork` with `2wJPyULfLLnYTEFyzByfUR` being the idstring again and `mynetwork` being the (optional!) subnamespace. Two questions from this: 1) If the subnamespace is optional, is there any way to distinguish to which network a given DID belongs to (e.g. is it from Sovrin or is it from local von-network) 2) The `did-sov` driver for the `universal-resolver` has a regex in its code to parse the segments of a DID. This is ``` public static final Pattern DID_SOV_PATTERN = Pattern.compile("^did:sov:(?:(\\w[-\\w]*(?::\\w[-\\w]*)*):)?([1-9A-HJ-NP-Za-km-z]{21,22})$"); Matcher matcher = DID_SOV_PATTERN.matcher(identifier); String network = matcher.group(1); String targetDid = matcher.group(2); ``` This parsing logic recognizes `2wJPyULfLLnYTEFyzByfUR` as the (optional) network name. Are they using a wrong regex or do I have a misunderstanding?

haggis (Fri, 19 Feb 2021 14:57:32 GMT):
In the DID method specification the DID scheme is defined as `sovrin-did = "did:sov:" idstring *(":" subnamespace)` Hence a valid DID is `did:sov:2wJPyULfLLnYTEFyzByfUR`, with `2wJPyULfLLnYTEFyzByfUR` being the idstring. Another one would be `did:sov:2wJPyULfLLnYTEFyzByfUR:mynetwork` with `2wJPyULfLLnYTEFyzByfUR` being the idstring again and `mynetwork` being the (optional!) subnamespace. Two questions from this: 1) If the subnamespace is optional, is there any way to distinguish to which network a given DID belongs to (e.g. is it from Sovrin or is it from local von-network)? 2) The `did-sov` driver for the `universal-resolver` has a regex in its code to parse the segments of a DID. This is ``` public static final Pattern DID_SOV_PATTERN = Pattern.compile("^did:sov:(?:(\\w[-\\w]*(?::\\w[-\\w]*)*):)?([1-9A-HJ-NP-Za-km-z]{21,22})$"); Matcher matcher = DID_SOV_PATTERN.matcher(identifier); String network = matcher.group(1); String targetDid = matcher.group(2); ``` This parsing logic recognizes `2wJPyULfLLnYTEFyzByfUR` as the (optional) network name. Are they using a wrong regex or do I have a misunderstanding?

paul.bastian (Fri, 19 Feb 2021 18:43:16 GMT):
Hello folks, on March 1st, 6pm CET we will have an open call to kickoff the upcoming Wallet Security WG at DIF. I will present motivation, goals and a first roadmap. Very short summary: - standardized wallet security is necessary for sensitive credentials like id-cards, payment credentials or more - create a specification and interface to communicate about wallet capabilities, security, regulation-conformance and other points of security-relevant interoperability - define mechanism to enable wallet security assertions, certification and ways to prove them - define specifications about wallet user authentication, ways how to ensure them and how to communicate them to issuers/verifiers WG Charter:https://docs.google.com/document/d/18H2hVjHZEBjbnzod8tLogJIEzySdecbk9d-QBJaqHP0/edit Mailing list: https://lists.identity.foundation/g/wallet-security Topic: Wallet Security WG Kickoff Time: Mar 1, 2021 06:00 PM Amsterdam, Berlin, Rome, Stockholm, Vienna Join Zoom Meeting https://bundesdruckerei.zoom.us/j/88417582474?pwd=bXV1cE9udXNWK2VaYnFZdkNxaEx2UT09 Meeting ID: 884 1758 2474 Passcode: 391216 Join by Skype for Business https://bundesdruckerei.zoom.us/skype/88417582474

JamesEbert (Fri, 19 Feb 2021 20:41:54 GMT):
To add another potential data point, we've seen a use case utilize the Indy-VDR proxy server to provide a mobile agent with the capability of reading schemas/cred defs, etc, and posting requests via the RESTful API proxy server. https://github.com/hyperledger/indy-vdr#proxy-server

haggis (Sat, 20 Feb 2021 14:13:46 GMT):
Thank you, James! I didn't know that project. Will have a look :thumbsup:

daidoji (Sun, 21 Feb 2021 22:24:25 GMT):
In present-proof https://github.com/hyperledger/aries-rfcs/tree/4fae574c03f9f1013db30bf2c0c676b1122f7149/features/0037-present-proof should it be possible to pass a `names` array rather than individually in a referent?

daidoji (Sun, 21 Feb 2021 22:24:39 GMT):
ie something like

daidoji (Sun, 21 Feb 2021 22:24:52 GMT):
```"business_name_referrent": { "names": ["business_name","employee_name"], "restrictions": [{ "schema_id": "CHANGE:2:Some Schema:0.0.0" }], "revealed": true },```

daidoji (Sun, 21 Feb 2021 22:25:13 GMT):
For some reason I thought that was possible but when I'm looking at that RFC above it doesn't look like that's mentioned anywhere

daidoji (Sun, 21 Feb 2021 22:27:11 GMT):

Clipboard - February 21, 2021 5:27 PM

daidoji (Sun, 21 Feb 2021 22:27:12 GMT):
Oh, it looks like its documented that way in the openAPI example

daidoji (Sun, 21 Feb 2021 22:30:18 GMT):
(well in this acapy case, maybe this question would be better in that channel)

swcurran (Sun, 21 Feb 2021 23:03:57 GMT):
This is better covered in ACA-Py. The specific question is not at the RFC level, but instead at the attachments level for an AnonCreds format proof request. And the question has been answered there.

haggis (Wed, 24 Feb 2021 14:00:21 GMT):
Hi guys! I've got a security question: Is there a standardized way how mobile agents show the name of a verifier? Let's imagine next to a door is a printed static QR code. If you scan it, your mobile agent connects to the doors agent (Notice: the doors agent decides about its connection label presented to the user! In this case: "VIP Palace Inc."). Then the doors agent sends a presentation request which the user agrees to. If everything is ok, the door opens. Fine. Now imagine someone malicious prints a QR code and sticks it over the original one. When the user scans this malicious code, the mobile agent connects to the attackers agent. This time, the attackers agent also uses the label "VIP Palace Inc." and requests the same credential while the user has no idea who he is communicating to. If I don't miss anything, this is a way for phishing information presented via credentials, isn't it?

daidoji (Wed, 24 Feb 2021 14:04:28 GMT):
Seems like it. This is kinda why public DIDs on the ledger exist. Eventually, the users (or program agents acting on their behalf) will have to make sure the well reputed VIP Palace Inc. is the DID listed in the QRCode and not the nefarious VIP Palace.

daidoji (Wed, 24 Feb 2021 14:06:11 GMT):
MiTM attacks are hard to defeat though imo. Hopefully "web of trust" type ideas will help mitigate this threat insomuch as possible. That being said, the old style trust based systems on the Internet suffer the same issues so I think SSI projects like Aries are a step in the right direction.

haggis (Wed, 24 Feb 2021 14:12:32 GMT):
Ok, thank you. I think the public DID doesn't help much in case the non-technician John Doe would need to compare the DIDs. Maybe something like the OrgBook would help, by first providing an government issued VC to proof the identity of "VIP Palace Inc" and only after that allowing presentation requests from that DID. This, however, would require a lot of customization as no generic wallet supports such a workflow. Thanks for clarification, @daidoji !

daidoji (Wed, 24 Feb 2021 14:47:48 GMT):
yeah you got it, that's the gist of the ideas as I understand them.

TelegramSam (Wed, 24 Feb 2021 15:02:46 GMT):
Today is the first meeting of the *Aries Bifold* effort, announced last week in the Aries B call. Today we will be talking about community goals for this open source mobile app effort. Please join us, the hour before the Aries B call today: https://wiki.hyperledger.org/display/ARIES/Aries+Bifold+User+Group+Meetings

Nizu (Wed, 24 Feb 2021 17:09:56 GMT):
Hey guys, when running aries demos, have anyone ever faced an exception when registering a DID? "Exception: Error registering DID, response code 500"

daidoji (Wed, 24 Feb 2021 19:20:51 GMT):
Sometimes, but its hard to say without more context if its related to your 500 error.

george.aristy (Wed, 24 Feb 2021 20:05:11 GMT):
@TelegramSam @swcurran aries call...

swcurran (Wed, 24 Feb 2021 20:05:36 GMT):
On our way...

Nizu (Wed, 24 Feb 2021 22:09:57 GMT):
I was simply running a third agent besides Faber and Alice

daidoji (Thu, 25 Feb 2021 03:44:14 GMT):
Hmm, still hard to say.

mccown (Thu, 25 Feb 2021 05:36:20 GMT):
The Identity Implementer's WG is meeting on Thursday (Feb 25th @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. Lohan Spies (CEO, did:x) will provide a presentation of tools & methods for monitoring the health and security of Indy-based ledgers. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2021-02-25+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

nage (Thu, 25 Feb 2021 15:17:14 GMT):
Congratulations everyone on making Active status

TelegramSam (Thu, 25 Feb 2021 15:19:00 GMT):
Thank you @swcurran for leading this worthy effort!

b1conrad (Thu, 25 Feb 2021 15:51:14 GMT):
curiosity: brief summary of how active status benefits us? asking for those who don't know

TelegramSam (Thu, 25 Feb 2021 16:04:45 GMT):
It helps companies evaluating the project to be more confident in the project, as well as some minor marketing advantages.

helengarneau (Thu, 25 Feb 2021 16:55:15 GMT):
Any chance an announcement blog can be cranked out to make the newsletter?

swcurran (Fri, 26 Feb 2021 00:18:05 GMT):
*FYI: Aries Cloud Agent - Python Release Candidate 0.6.0 has been tagged and posted to PyPi!* Release notes are available here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.6.0. A new docker image will shortly be available here -- https://hub.docker.com/r/bcgovimages/aries-cloudagent/tags?page=1&ordering=last_updated This is a very large release with lots added, including: * Breaking changes - adjustments to startup options and changes to ACA-Py plugin integrations. * Multi-tenancy support * Mediator Support * Flexible Webhooks handling support for controllers * DID Exchange and OOB support * Issuer Credential V2 Support * Various fixes... Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/0.6.0/

swcurran (Fri, 26 Feb 2021 00:18:05 GMT):
*FYI: Aries Cloud Agent - Python Release 0.6.0 has been tagged and posted to PyPi!* Release notes are available here - https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.6.0. A new docker image will shortly be available here -- https://hub.docker.com/r/bcgovimages/aries-cloudagent/tags?page=1&ordering=last_updated This is a very large release with lots added, including: * Breaking changes - adjustments to startup options and changes to ACA-Py plugin integrations. * Multi-tenancy support * Mediator Support * Flexible Webhooks handling support for controllers * DID Exchange and OOB support * Issuer Credential V2 Support * Various fixes... Code reference documentation has been generated to ReadTheDocs - https://aries-cloud-agent-python.readthedocs.io/en/0.6.0/

swcurran (Fri, 26 Feb 2021 00:19:31 GMT):
@helengarneau -- Great if this could be included in the weekly /dev newsletter. Let me know if you need anything from me on that.

jabuaasnez (Fri, 26 Feb 2021 15:37:38 GMT):
Has joined the channel.

jabuaasnez (Fri, 26 Feb 2021 15:37:38 GMT):
Hi! I don't know if here is the right place, but I have some doubts regarding a user case I have. The user case will involve DID and credentials, which I've seen it could be solved in different ways. But the problem I'm facing now, to decide what I will use to design my architecture, is to solve how I could send messages from an agent (let's say a raspberry pi or a sensor sending data) to a mobil agent via bluetooth (without mediators or relays).

deas (Fri, 26 Feb 2021 16:07:20 GMT):
Unless I'm missing something, that sounds doable. What are your doubts?

jabuaasnez (Fri, 26 Feb 2021 16:17:19 GMT):
Hi! thaks for answering! What kind of agent would be a device sending data to a mobile agent? Would it be possible to authenticate communication, that is, the mobile agent being able to confirm that the data is comming from a, e,g,. an IoT device, and send data (from the IoT device) as message; all via bluetooth?

b1conrad (Fri, 26 Feb 2021 17:50:22 GMT):
we naturally use HTTP as a transport mechanism, but other transport mechanisms such as BLE are totally workable as well

jabuaasnez (Sun, 28 Feb 2021 21:51:02 GMT):
Yeah, it is also stated in the _Aries RFC 0004: Agents_, that Bluetooth can be use as communication transport. But I became confused when reading that the communicaton between mobile agents has to happen via mediators involving the use of internet. I need edge agents (let's get back to teh sensor example), which won't rely on internet (more that maybe during a ID registration process), able to send their data to mobile agents via bluetooth. Would this be possible? Which repo or example should I be looking at? Apologies if this is a basic question/problem but I'm completely new with hyperldger.

PabloRomeu (Mon, 01 Mar 2021 07:13:28 GMT):
Has joined the channel.

haggis (Mon, 01 Mar 2021 10:29:07 GMT):
According to https://github.com/hyperledger/aries-cloudagent-python/blob/0.6.0/Mediation.md outbound messages (see last action in the diagram) are sent directly from Alice (using the mediator) to Bob. Is it somehow possible to configure acy-py to use the mediator also for those outbound messages? Use case: Agent is located in a very restricted network and has no internet access. Only mediator has internet access.

etaleo (Mon, 01 Mar 2021 10:39:52 GMT):
Regarding https://www.w3.org/TR/did-core/#did-recovery: How is the recovery meant to be explicitly specified as such in the DID document? As far as I understand, there is no explicit "recovery" verification relationship, and it seems you cannot specify something like a "recovery use case" for the capabilityInvocation/-Delegation relationship property

etaleo (Mon, 01 Mar 2021 10:39:52 GMT):
Regarding https://www.w3.org/TR/did-core/#did-recovery: How is the recovery key meant to be explicitly specified as such in the DID document? As far as I understand, there is no explicit "recovery" verification relationship, and it seems you cannot specify something like a "recovery use case" for the capabilityInvocation/-Delegation relationship property

etaleo (Mon, 01 Mar 2021 10:39:52 GMT):
Regarding https://www.w3.org/TR/did-core/#did-recovery: "It is considered a best practice to never reuse a verification method or key material associated with recovery for any other purposes. " How is the recovery key meant to be explicitly specified as such in the DID document? As far as I understand, there is no explicit "recovery" verification relationship, and it seems you cannot specify something like a "recovery use case" for the capabilityInvocation/-Delegation relationship property

daidoji (Mon, 01 Mar 2021 13:11:43 GMT):
>How is the recovery key meant to be explicitly specified as such in the DID document? I think that's open to interpretation within the spec. I'm not actually sure I've even seen a did doc with a recovery use case specified myself to be honest. I'm not sure about your second comment though, what did you mean?

swcurran (Mon, 01 Mar 2021 16:26:30 GMT):
Yes -- at least that is intended functionality. Not done yet, I suspect. The mediator would be a relay for the outbound messages. The sending agent would prepare the message for the recipient based on the recipient's needs (what's in their DIDDoc), and then wrap that in a "forward" message and send the forward to the "outbound relay" to process. Not sure you build that into the mediator or create another aca-py instance that is the relay. Logically, they are separate components -- an inbound mediator and an outbound relay.

dev-d (Tue, 02 Mar 2021 09:05:47 GMT):
Has joined the channel.

dev-d (Tue, 02 Mar 2021 09:05:49 GMT):
Hi Experts .. We have our own centralised identity platform and we have a vision to make our platform interoperable with the outside world by using DIDs standard, our system saving Identities and Claims in RDMS . *Our expectation after developing this vision are:* Be able to create new DIDs and save it in our DB. Be able to resolve our DIDs by fetching the data from our APIs which are connected to our DB. Be able to resolve SD Request and preparing the SD Response from our APIs. *So my questions are:* Can Arise framework help us in achieving our goal? If yes , - then what is the steps we should take - what kind of plugins we need to use or modify or will we have to build new Plugin to achieve the expectations mentioned above? If we are going to create new DID in our system, then should we have new method eg. did:xxx? or should we use already existing Method Specification?

T_aanna (Tue, 02 Mar 2021 09:46:52 GMT):
Has joined the channel.

etaleo (Tue, 02 Mar 2021 14:29:04 GMT):
Ah, alright, thank you. The thought process for the second comment was as follows: If there is a recovery key for a DID, it should be specified somewhere in the DID document, but I didn't find a proper place for that (neither as a verification relationship as its own, nor by marking a specific CapabilityInvocation VR as 'this shall be used for recovery')

daidoji (Tue, 02 Mar 2021 14:31:49 GMT):
yeah I'm not sure. Seems like a question other people with more familiarity with the specs should be able to answer. That diddoc WG might be a good place to start. I've seen a lot of talk about recovery mechanisms but few implementations in the wild myself.

etaleo (Tue, 02 Mar 2021 14:34:26 GMT):
Alright, thank you :)

daidoji (Tue, 02 Mar 2021 14:45:45 GMT):
np

b1conrad (Wed, 03 Mar 2021 00:52:08 GMT):
That's interesting, using self-sovereign identity technology in a centralized platform. Since anyone can use public code to create DIDs, so can you. Since you are going to store them (and their docs) on your DB, then yes, you would want a new method. Because that's what a method is for, to be a way to resolve a DID into its document. My two ¢

kapster (Wed, 03 Mar 2021 13:58:37 GMT):
@Alexi how it the progress..? :)

etaleo (Wed, 03 Mar 2021 14:41:07 GMT):
A question regarding key rotation as described in https://www.w3.org/TR/did-core/#verification-method-rotation One quote in 9.7: "Proofs or signatures that rely on verification methods that are not present in the latest version of a DID Document are not impacted by rotation, and might require additional information to mitigate compromise. " => So, VCs issued with old keys (before the rotation) are still valid, no problem Then, another quote in 9.7: "Frequent rotation of a verification method might be frustrating for parties that are forced to continuously renew or refresh associated credentials. " => So, VCs issued with old keys are frustrating, as they aren't valid anymore and the affected VCs have to be renewed/refreshed These two interpretations seem to contradict each other, so which one is true?

swcurran (Wed, 03 Mar 2021 15:40:35 GMT):
That's a better question asked of the W3C VC Maintenance Working Group. Basically, if the verifier can get the value of the signing key at the time of issueance, all is well. But that ability might be dependent on how that key is published -- e.g. if you using a DID, whether or not the DID Method supports getting earlier version of the DIDDoc. I think the latter is saying, it might be frustrating for the verifiers if they have to try multiple keys to see if any of them work on a given presentation.

kdenhartog (Thu, 04 Mar 2021 06:57:32 GMT):
normatively, neither. Since that's a portion of the security considerations section, the purpose is not to state how something must be done, but to rather say here's some things you should consider while designing. Ultimately this is not a decision that should be made at this layer, but what you do at this layer will affect the layers which depend on this decision. For example, vc-js takes a document loader in and in that document loader you define a strategy for how you plan to resolve a DID. So if your VC proof contains did:example:123?version=4 and the resolver that's used in that document loader returns a valid JSON-LD document with a ldp key (the JSON object like Ed25519VerificationKey2018) and it's in the appropriate verification method it will validate for you. However, if you built a document loader that doesn't resolve did:example:123?version=4 (say because example did method doesn't support resolving old versions) then it won't validate because no did document is able to be resolved and therefore no public key can be found to validate the VC. In other words, this is up to the VC validation logic you choose until a protocol spec is written on how the VC MUST be processed in which case some did methods may not be able to comply with the that spec because they will have made design choices at the DID layer which impact that processing logic.

PabloRomeu (Fri, 05 Mar 2021 09:01:57 GMT):
Hi all, I have been reviewing the credentials attributes, and I have not found a way of adding a "user friendly" name to a credential attribute. Say we have "first_name", "last_name", etc. Is there a way of including a User-friendly name like "First Name", "Last Name", etc?

Nizu (Fri, 05 Mar 2021 13:48:19 GMT):

Alicerunning.JPG

swcurran (Fri, 05 Mar 2021 16:31:06 GMT):
There is not at the indy level. There is a whole ecosystem around that called "overlays" that provide a ton of data.

swcurran (Fri, 05 Mar 2021 16:32:22 GMT):
Here's an initial link that you can look it if you want to dig deeper: https://wiki.colossi.network/en/Technologies/OCA/Developer/Adopt

swcurran (Fri, 05 Mar 2021 16:33:23 GMT):
In general, it's left to the agents to do what they can with the attrib names.

da3v21 (Sat, 06 Mar 2021 11:40:57 GMT):
are agent authorization registries implemented yet. Can anyone share any references for it?

b1conrad (Sat, 06 Mar 2021 16:09:36 GMT):
I think that you would need to set up a mediator agent that was A) within BLE range of the sensor and B) connected to the Internet so that it could relay messages over HTTP to Aries cloud agents, etc.

b1conrad (Sat, 06 Mar 2021 16:09:36 GMT):
I think that you would need to set up a mediator agent that was 1) within BLE range of the sensor and 2) connected to the Internet so that it could relay messages over HTTP to Aries cloud agents, etc.

b1conrad (Sat, 06 Mar 2021 16:15:14 GMT):
In our lab, we use a Raspberry Pi to receive messages from our sensors and from there into the Internet. We don't use BLE yet, but there's probably a hat for that. We run a pico-engine on the Pi and Pico Agents would run nicely therein. https://github.com/Picolab/G2S and includes code for mediating (called "router")

swcurran (Sat, 06 Mar 2021 18:43:35 GMT):
No -- they have never been implemented. I'm not sure if the idea is viable.

daidoji (Sat, 06 Mar 2021 19:20:07 GMT):
what are they if you don't mind me asking?

swcurran (Sat, 06 Mar 2021 20:23:10 GMT):
Off the top of my head: The idea is that on the ledger you have a registry on which you can have an identifier for each device you have. At any time, you can activate a new device and revoke an existing device. With each proof, you send a ZKP that proves that (a) the device sending the proof is in the registry and (b) has not been revoked. It operates much like the AnonCreds revocation registry. I don't know exactly how it would work and how your device would be anonymous, but I'm sure it was thought out. The tricky part of it is getting other components (verifiers) to understand the proof that would be included. There is no other discussion AFAIK in any other VC community about this concept, and the concept is not included in the VC data model

swcurran (Sat, 06 Mar 2021 20:24:18 GMT):
I believe it is documented here: https://github.com/hyperledger/indy-hipe/tree/49fcd78883d38babe9c95a4e1d150969797cffa2/design/dkms

rpobulic (Sun, 07 Mar 2021 05:14:09 GMT):
Has joined the channel.

daidoji (Sun, 07 Mar 2021 14:11:56 GMT):
ahh, thanks!

etaleo (Tue, 09 Mar 2021 09:11:53 GMT):
Alright, thank you very much for your elaboration! :)

Cleverence (Tue, 09 Mar 2021 09:31:29 GMT):
Has joined the channel.

mtfk (Wed, 10 Mar 2021 13:42:16 GMT):
Announcment: Today at WG Aries Cal A we would take a look closer on the verifiable credential data model, revocation mechanism based on VDR and how to solve problems of key rotation without need to revoke all VC issued by that key. See you on the call. Meeting page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=41594777

JamesEbert (Wed, 10 Mar 2021 18:34:05 GMT):
Join us later today for the Aries Bifold User Group call, the hour before the Aries B call today. We will be discussing out the community's goals around this open source React Native mobile app. https://wiki.hyperledger.org/display/ARIES/Aries+Bifold+User+Group+Meetings

mccown (Wed, 10 Mar 2021 20:59:41 GMT):
The Identity Implementer's WG is meeting on Thursday (Mar 11th @ 9am MT / 4pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. Renata Toktar (Evernym) will give a presentation / demo on a new process called "ledger freeze" and how that works with Indy ledgers. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2021-03-11+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

danielhardman (Wed, 10 Mar 2021 21:46:51 GMT):
PR from today's Aries B call: minor tweak to RFC 0044 to say that the more specific mime type for plaintext, rather than the more generic mime type, is preferred. https://github.com/hyperledger/aries-rfcs/pull/606

ye_zi (Fri, 12 Mar 2021 03:40:18 GMT):
Has joined the channel.

ye_zi (Fri, 12 Mar 2021 03:40:20 GMT):
Hi,all. I have a question about cross-domain-messaging. Both Alice and Bob's cloud agent belong to the same Agency. When Alice needs to send a message to Bob's cloud agent, which way is correct? 1. Alice constructs an encrypted envelope with Bob's cloud agent, and sends it directly to Bob's cloud agent through Alice's cloud agent. 2. In addition to constructing an encrypted envelope with Bob's cloud agent, Alice also needs to construct an encrypted envelope with Agency, and the message is forwarded through Agency。

ye_zi (Fri, 12 Mar 2021 03:44:24 GMT):
Both Alice and Bob's cloud agents belong to the same Agency. The cross-domain message here refers to the message between the Alice domain, the Agency domain and the Bob domain, or the message between the Alice and Bob domains? Whether agency encryption is required depends on whether Bob or Alice need to route through the agency in the did doc provided to the other party, right?

danielhardman (Fri, 12 Mar 2021 04:25:06 GMT):
Some musings about didcomm: https://daniel-hardman.medium.com/security-silos-and-sovereignty-522e30bb8eb4

sairanjit (Fri, 12 Mar 2021 05:47:00 GMT):
Has joined the channel.

swcurran (Fri, 12 Mar 2021 20:47:18 GMT):
In DIDComm, the relative location of Alice and Bob don't enter into the picture. Bob constructs in the DID he gives Alice the "encryption route" (e.g. a series of keys that Alice uses to wrap the message) and an endpoint to which to send the message. Alice, just does whatever Bob says to do. Bob could get fancy and detect somehow that Alice was in the in the same Agency as he was in adjust the encryption route and endpoint accordingly (e.g. skip having the message go to the external Agency endpoint). However, from Alice's perspective, there the process is the same --- encrypt per the encryption route and send to the endpoint.

BrianK7978 (Fri, 12 Mar 2021 23:06:54 GMT):
Has joined the channel.

HighBrow (Sun, 14 Mar 2021 08:14:26 GMT):
Has joined the channel.

mengkang (Sun, 14 Mar 2021 20:44:04 GMT):
Hello，all. I have a question. Is it possible to know the issuer's public key when only have the credential denfination id?

andrew.whitehead (Mon, 15 Mar 2021 01:49:29 GMT):
Yes, the cred def ID includes their DID. For an indy DID can use that to resolve their public key with a GET_NYM transaction (`key_for_did` in the SDK I think)

JSedlmeir (Tue, 16 Mar 2021 00:33:38 GMT):
Has joined the channel.

JSedlmeir (Tue, 16 Mar 2021 00:33:38 GMT):
Hey everyone, I was wondering what the standard behaviour of the Aries Cloudagent with respect to the pool config is. Will queries be sent to two random but fixed nodes and compared (at least I thought this is the default config for the indy-sdk)? Will the respective nodes be chosen randomly or does the agent prefer specific nodes (for example, one that runs with the same DID as the agent because they use the same seed)?

kukgini (Tue, 16 Mar 2021 04:15:30 GMT):
When issuing a VC, what is the recommended way to add image information such as a photograph of a face as a claim?

ytebb (Tue, 16 Mar 2021 09:59:59 GMT):
Has joined the channel.

ytebb (Tue, 16 Mar 2021 10:00:00 GMT):
Hello, I got a issue when I run docker-compose up for my project that includes aries agent ; the error is the following : verifier_1 | aries_cloudagent.core.error.ProfileNotFoundError: Wallet 'VaxCertVerifier' not found: Error: Wallet not found verifier_1 | Caused by: No wallet database exists Any idea how to solve this problem ?

asadhayat (Tue, 16 Mar 2021 11:49:00 GMT):
Has joined the channel.

da3v21 (Tue, 16 Mar 2021 13:09:26 GMT):
can anyone explain why the need for credential definition is removed in bbs+ signature scheme implementation, I read the anoncreds 2.0 whitepaper, the holder and verifier still need the issuer's public key from the ledger

swcurran (Tue, 16 Mar 2021 18:34:35 GMT):
I'm not a cryptographer.... :-) My understanding is that using BBS+ the set of keys to be used for signing the claims of the credential can be derived programmaticlly from the issuer key such that there is no need for the CredDef object on the ledger. Basically, each participant gets the issuer public key and from that derives the keys of the CredDef, which allows creating the credential, the presentation and verifying both. Note that the schema is not needed because of the use of JSON-LD for the VC. This does not get to full semantic understanding of the schema, but it is sufficient to remove the need for the schema on the ledger. Note that one might want a schema (and some argue, a cred_def) on the ledger but those are different topics. Indy AnonCreds chose to have all the objects on the ledger, and with BBS+, you don't have to use them.

kukgini (Wed, 17 Mar 2021 09:14:15 GMT):
@swcurran Thanks for the good explanation. Can you explain this sentence in more detail: `This does not get to full semantic understanding of the schema`?

da3v21 (Wed, 17 Mar 2021 10:06:25 GMT):
@swcurran thank you. The ursa library mentions about the deterministic public in this \url{https://github.com/hyperledger/ursa/tree/main/libzmix/bbs}

da3v21 (Wed, 17 Mar 2021 10:06:25 GMT):
@swcurran thank you. The ursa library mentions about the deterministic public in this link https://github.com/hyperledger/ursa/tree/main/libzmix/bbs

da3v21 (Wed, 17 Mar 2021 10:06:25 GMT):
@swcurran thank you. The ursa library mentions about the deterministic public key in this link https://github.com/hyperledger/ursa/tree/main/libzmix/bbs

da3v21 (Wed, 17 Mar 2021 10:12:58 GMT):
thanks @swcurran , can you explain the policy address attribute in anoncreds. It is mentioned in anoncreds 2.0 paper that agents should specify authorization to use a credential by including a policy address in the credentials. How does this work?, how can an attribute specify agent authorization, and how could we add a new agent to authorize that credential

pranav_kirtani (Wed, 17 Mar 2021 11:09:00 GMT):
Has joined the channel.

swcurran (Wed, 17 Mar 2021 16:20:10 GMT):
JSON-LD can give you more information about the claims in the credential than just a name for the claim as is in the AnonCreds `schema` object. However, I've been admonished in the past by those deep into the semantics that it might not give you all the machine readable details -- is it PII data? What label should be used for the data? What transalations for the label should be used? What is the precise format of the data? And so on. AFAIK -- JSON-LD goes a long way on those things, but I don't have a lot of experience in applying JSON-LD.

swcurran (Wed, 17 Mar 2021 16:21:02 GMT):
I'm not the right person to answer that. @brentzundel may have an answer.

brentzundel (Wed, 17 Mar 2021 17:36:30 GMT):
Agent authorization would use the same proof mechanisms as a revocation registry. The policy address attribute described in anoncreds 2.0 would point to the user's authorization policy on a verifiable data registry. Changes to the authorization policy would be included in a common agent authorization accumulator. It has never been implemented and it is not clear now if it will ever be.

PabloRomeu (Thu, 18 Mar 2021 06:44:22 GMT):
Thanks :)

HakanTUB (Thu, 18 Mar 2021 17:25:13 GMT):
Has joined the channel.

HakanTUB (Fri, 19 Mar 2021 09:01:48 GMT):
Hello, I'm working on the IDunion project, which is an Indy/Aries based SSI-Network, being built in Germany and there is a scalability question that occured to me, which I think is very important for the technology being ready for daily usage: Has the Stack been tested for: 1) One cloud agent processing 10 presentations per second? or 20, or 100? What would be the limit there? 2) Same for mass revocations 3) To a certain degree same question above for issuing credentials I would like to know whether anyone tested this before or if it even makes sense to take a look at it. I am a research assistant and it would be a very interesting research question for me. Thank you

JSedlmeir (Fri, 19 Mar 2021 10:54:57 GMT):
@HakanTUB, I did some experiments last year; let's have a call if you want. =)

HakanTUB (Fri, 19 Mar 2021 11:25:12 GMT):
Hi, yes that would be great. Could you share with me your email address so we can organize a call?

HakanTUB (Fri, 19 Mar 2021 11:25:12 GMT):
Hi @JSedlmeir, yes that would be great. Could you share with me your email address so we can organize a call?

marvinehaus42 (Fri, 19 Mar 2021 13:29:55 GMT):
Has joined the channel.

pranav_kirtani (Mon, 22 Mar 2021 04:21:42 GMT):
where can i get architecture diagram of aries cloud agent?

HakanTUB (Mon, 22 Mar 2021 09:07:28 GMT):
Are there any desktop or web wallets which is open source and using aries?

troyronda (Mon, 22 Mar 2021 13:22:45 GMT):
https://github.com/trustbloc/edge-agent is a Web Wallet using aries-framework-go

sumit9935 (Tue, 23 Mar 2021 06:50:34 GMT):
Has joined the channel.

sumit9935 (Tue, 23 Mar 2021 07:17:41 GMT):
Hi all Do we receive any webhook for connectionless proof request verification ?

sumit9935 (Tue, 23 Mar 2021 07:17:41 GMT):
Hi all Do we receive any webhook for "connection-less proof request" after verification ? I am using version 0.6.0 of acapy-agent. I do receive web-hook for proof req with connection creation.

HakanTUB (Tue, 23 Mar 2021 12:12:20 GMT):
Thank you, giving it a try. It's a bit hard to set it up correctly :)

AzazHassan (Tue, 23 Mar 2021 19:08:31 GMT):
Has joined the channel.

kdenhartog (Wed, 24 Mar 2021 04:46:21 GMT):
That will depend on what the requirements are. You'll need to consider the credential size, the bandwidth of transmission, and internet availability on verification for your use case.

JSedlmeir (Wed, 24 Mar 2021 08:37:04 GMT):
You mean after the proof was sent back to the agent? According to my experience with 0.6.0 (and also 0.5.6), there should be two webhooks; one when the proof arrives at the agent, and one after it has been verified. The webhook endpoint for that you mean is topic/present_proof, right?

sumit9935 (Wed, 24 Mar 2021 09:50:35 GMT):
yes end point is topic/present_proof when I create a proof , I do get a webhook, but when its verified its not sending any webhook.

mtfk (Wed, 24 Mar 2021 14:10:28 GMT):
I need to cancel today morning Aries Working Group Call - A since we do not have anything on the agenda for this week and invite you for Aries Working Group Call - B US afternoon otherwise we would speak in two weeks time on 7th of April. Reminder for everyone if you would like to propose specific topic, or presentation feel free to suggest the items directly to me or on the wiki. For next call (7th of April) we would plan to have some updates about ongoing activities at CEN and a vision how Aries can help to build Trustworthy Data Mesh. Stay tune!

mccown (Wed, 24 Mar 2021 19:30:50 GMT):
The Identity Implementer's WG is meeting tomorrow (Mar 25th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. Steve McCown (Anonyome Labs) will give a presentation on how to simplify creating language wrappers for Rust libraries to more easily support multiple platforms. Here are links to the Wiki and Zoom meeting: Wiki: https://wiki.hyperledger.org/display/IWG/2021-03-25+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

Alexi (Wed, 24 Mar 2021 20:02:58 GMT):
@kapster we are hoping that they will finally be fully under the hyperledger umbrella within the next month or so. With that said if you need something soon DM me and we can see what we can do to give you access to play around with the code priot to it being open source

JSedlmeir (Wed, 24 Mar 2021 21:29:48 GMT):
All right, do you get errors in the agent logs?

sumit9935 (Thu, 25 Mar 2021 06:37:19 GMT):
"aries_cloudagent.core.dispatcher ERROR Message parsing failed: Message does not contain '@type' parameter, sending problem report" This is I get on acaly-cloud agent console

JSedlmeir (Thu, 25 Mar 2021 08:06:42 GMT):
Can you maybe share the connectionless proof or the base64 link that encodes it?

JSedlmeir (Thu, 25 Mar 2021 08:06:42 GMT):
Can you maybe share the connectionless proof request or the base64 link that encodes it?

kukgini (Thu, 25 Mar 2021 10:07:15 GMT):
@kdenhartog Thanks for letting us know what to consider. If there is no restriction (size of the credential or bandwidth etc...), is it possible to issue VC embed an image data as a claim in Json-LD format? It was possible to put an image inside a HTML in the following format. So, I would like to know if this is possible with json-ld as well. ``` ``` In schema.org, suitable type seems to be ImageObject. I would like to know if this is possible with it as well.

kukgini (Thu, 25 Mar 2021 10:07:15 GMT):
@kdenhartog Thanks for letting us know what to consider. If there is no restriction (size of the credential or bandwidth etc...), is it possible to issue VC embed an image data as a claim in Json-LD format? It was possible to put an image inside a HTML in the following format. ``` ``` So, I would like to know if this is possible with Json-LD as well. In schema.org, suitable type seems to be ImageObject.

kukgini (Thu, 25 Mar 2021 10:07:15 GMT):
@kdenhartog Thanks for letting us know what to consider. If there is no restriction (size of the credential or bandwidth etc...), is it possible to issue VC embed an image data as a claim in Json-LD format? It was possible to put an image inside a HTML in the following format. ``` ``` So, I would like to know if this is possible with Json-LD as well. In schema.org, suitable type seems to be ImageObject. but I can't find the attribute to put base64 encoded data.

AzazHassan (Thu, 25 Mar 2021 16:01:55 GMT):
Hi, I am actually new so, I am just collecting new pieces of information to make a system. So, I wanted to ask that can the javascript framework work for React.js? Can I embed it into my web app using react.js? Thanks,

TimoGlastra (Thu, 25 Mar 2021 16:04:23 GMT):
Sadly no, that's not possible at the moment. We depend on libraries that don't support WASM, and thus can't run in the browser. However the Aries Framework Go project has WASM bindings so it an be used in a browser environment

sumit9935 (Fri, 26 Mar 2021 06:45:39 GMT):
ewogICAgImNvbW1lbnQiOiAic3RyaW5nIiwKICAgICJwcm9vZl9yZXF1ZXN0IjogewogICAgICAibmFtZSI6ICJMb2dpbiIsCiAgICAgICJ2ZXJzaW9uIjogIjEuMCIsCiAgICAgICJub25jZSI6ICI2Mzc0ODQ3Njc2NzI0ODgyMzAiLAogICAgICAicmVxdWVzdGVkX2F0dHJpYnV0ZXMiOiB7CiAgICAgICAgImFkZGl0aW9uYWxQcm9wMSI6IHsKICAgICAgICAgICJuYW1lIjogIkVtYWlsIiwKICAgICAgICAgICJyZXN0cmljdGlvbnMiOiBbXQogICAgICAgIH0sCiAgICAgICAgImFkZGl0aW9uYWxQcm9wMiI6IHsKICAgICAgICAgICJuYW1lIjogIklEIiwKICAgICAgICAgICJyZXN0cmljdGlvbnMiOiBbXQogICAgICAgIH0KICAgICAgfSwKICAgICAgInJlcXVlc3RlZF9wcmVkaWNhdGVzIjoge30KICAgIH0sCiAgICAidHJhY2UiOiBmYWxzZQogIH0=

asadhayat (Fri, 26 Mar 2021 10:08:35 GMT):
Hi I am trying to understand the general flow of hyperledger indentity apps. I am currently working with this tutorial *https://kctheservant.medium.com/demonstration-of-hyperledger-aries-cloud-agent-6e476a5426b0* 1. I create a connection invitation using *POST /connections/create-invitation* on Node 1. 2. I receive connection invitation at Node 2, using *POST /connections/receive-invitation* by passing invitation object in payload. According to tutorial, at this point an active connection should be established between Node 1 and Node 2, as shown by *state: activr*, in the data. But when i query connection using the connection id on Node 1, i get *state: response*, and when i try to query on Node 2, i get 404.

wip-abramson (Fri, 26 Mar 2021 11:43:58 GMT):
That is a pretty old tutorial :) You need to send trust ping I believe to move the state to active now.

wip-abramson (Fri, 26 Mar 2021 11:45:54 GMT):
Also if you want some newer tutorials I think we have developed some nice ones in this repo - https://github.com/OpenMined/PyDentity. Basically use jupyter notebooks to write business logic that interacts with the agents swagger-api. Let me know if you have any questions

JSedlmeir (Fri, 26 Mar 2021 20:47:13 GMT):
I wonder how the wallet can handle this; it does not seem like a proper connectionless proof request to me. Maybe try the following form (and encode it to base64 as you did for your json): `{ "@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation", "@id": "THE PRESENTATION_EXCHANGE_ID THAT YOU GOT AS RESPONSE WHEN CALLING /present-proof/create-request WITH YOUR BODY", "request_presentations~attach": [ { "@id": "libindy-request-presentation-0", "mime-type": "application/json", "data": { "base64": "THE BASE64 ENCODING OF THE PROOF REQUEST, I.E., WHAT YOU SENT ABOVE" } } ], "~service": { "recipientKeys": [ "A VERKEY OF THE RECEIVING AGENT" ], "routingKeys": [], "serviceEndpoint": "http://TARGET_AGENT_IP:11000" }, "~thread": { "thid": "THE PRESENTATION_EXCHANGE_ID THAT YOU GOT AS RESPONSE WHEN CALLING /present-proof/create-request WITH YOUR BODY", "sender_order": 0, "received_orders": {} } }`

jabuaasnez (Sun, 28 Mar 2021 14:15:17 GMT):
Hi everyone, according to your experiences or available related works (that I might be missing)... which type of agent will be the most suitable for an IoT device holding a credential (used for the device's authentication)? The device has to be able to prove its credentials and communicate (send data) without using Internet.... which git repo should I focus on for this?

nao (Mon, 29 Mar 2021 15:40:20 GMT):
Has joined the channel.

asadhayat (Tue, 30 Mar 2021 02:09:18 GMT):
@wip-abramson thank you so much for your response. A little confusion is that, even though the tutorial is old, shouldn;t it run fine as i am using the same docker environment?

wip-abramson (Tue, 30 Mar 2021 14:28:16 GMT):
Hmm interesting. Not sure, in theory it should I suppose if you are using the same version of ACA-Py. But this sounds a lot like the protocol has changed.

asadhayat (Wed, 31 Mar 2021 09:13:06 GMT):
So i think i was missing the GENESIS_URL env variable when running `./manage start` :blush:

asadhayat (Wed, 31 Mar 2021 09:14:25 GMT):
`GENESIS_URL=http://greenlight.bcovrin.vonx.io/genesis ./manage start` starts the network.

asadhayat (Wed, 31 Mar 2021 09:29:16 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=fkMYZXM6uZJMEiCEi) So `GENESIS_URL=http://greenlight.bcovrin.vonx.io/genesis ./manage start` starts the network. Now the problem is i don't see any node under *Validator Node Status*, while http://greenlight.bcovrin.vonx.io/ shows four nodes. When i do `docker ps` i see four nodes running, ``` CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES df4f3aaede4a von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9705-9706->9705-9706/tcp von_node3_1 62248ce8f426 von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9707-9708->9707-9708/tcp von_node4_1 d4aa31602c97 von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9701-9702->9701-9702/tcp von_node1_1 0dcc35872178 von-network-base "bash -c 'sleep 10; …" 8 seconds ago Up 5 seconds 0.0.0.0:9000->8000/tcp von_webserver_1 c75e472b1b43 von-network-base "bash -c './scripts/…" 8 seconds ago Up 5 seconds 0.0.0.0:9703-9704->9703-9704/tcp von_node2_1 ``` But I don;t see any node on ledger Browser

asadhayat (Wed, 31 Mar 2021 09:29:16 GMT):
So `GENESIS_URL=http://greenlight.bcovrin.vonx.io/genesis ./manage start` starts the network. Now the problem is i don't see any node under *Validator Node Status*, while http://greenlight.bcovrin.vonx.io/ shows four nodes. When i do `docker ps` i see four nodes running, ``` CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES df4f3aaede4a von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9705-9706->9705-9706/tcp von_node3_1 62248ce8f426 von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9707-9708->9707-9708/tcp von_node4_1 d4aa31602c97 von-network-base "bash -c './scripts/…" 8 seconds ago Up 4 seconds 0.0.0.0:9701-9702->9701-9702/tcp von_node1_1 0dcc35872178 von-network-base "bash -c 'sleep 10; …" 8 seconds ago Up 5 seconds 0.0.0.0:9000->8000/tcp von_webserver_1 c75e472b1b43 von-network-base "bash -c './scripts/…" 8 seconds ago Up 5 seconds 0.0.0.0:9703-9704->9703-9704/tcp von_node2_1 ``` But I don;t see any node on ledger Browser

asadhayat (Wed, 31 Mar 2021 09:35:16 GMT):

Clipboard - March 31, 2021 2:35 PM

ascatox (Thu, 01 Apr 2021 14:29:55 GMT):
Hi All, In my ecosystem I'm trying to create a Presentation Request, *using attributes Restrictions* by the .NET framework. I've encountered the big problem *to retrieve the Schema ID from Indy* in order to create the Restriction. Is it a possible way to accomplish this in Aries ecosystem? Can you give me some further info? Thanks in advance!

WadeBarnes (Thu, 01 Apr 2021 14:36:48 GMT):
@asadhayat, The part of your question regarding the ledger browser is best posted as an issue on https://github.com/bcgov/von-network The second part of your question is best posted on the #aries-cloudagent-python channel. As for tutorials, the most up-to-date ones for `aries-cloudagent-python` will be found here; https://github.com/hyperledger/aries-cloudagent-python/blob/main/docs/GettingStartedAriesDev/README.md

iammatrix (Thu, 01 Apr 2021 15:35:36 GMT):
Has joined the channel.

iammatrix (Thu, 01 Apr 2021 15:39:47 GMT):
Hello guys, I am trying to add oidc login feature with keycloak in my website, but I am getting that error constantly and I am not able to find a solution for this, "{"error":"unknown_presentation_record_id","error_description":"Cannot find respective record id"}", If any one can help It'd be highly appreciated

fhmarino (Thu, 01 Apr 2021 16:57:22 GMT):
Hi guys!!! We're looking for tom use Aries Go embedded with mobile applications and connect it with an agent cloud that uses ACA-PY.

fhmarino (Thu, 01 Apr 2021 16:57:22 GMT):
Hi guys!!! We're trying to use Aries Go embedded with mobile applications and connect it with an agent cloud that uses ACA-PY. We'd like to know if exists an example of how to connect an Aries Go with ACA-PY, and more specifically, whether we have to use the connection method or outbound-connection. At this point, we're receiving the status "abandoned" while we're accepting an invitation into Aries go from ACA-Py Thanks, Fernando.

tnunes (Thu, 01 Apr 2021 19:19:40 GMT):
Has joined the channel.

jmason900 (Thu, 01 Apr 2021 20:44:24 GMT):
Do we have any "demo" applications for Aries that show a client app on a phone using a mobile wallet? I looked at the getting started doc for VON network and that seems to be API, browser only unless I missed a mobile client in there .. Thanks for your help!

da3v21 (Fri, 02 Apr 2021 11:48:19 GMT):

Clipboard - April 2, 2021 5:17 PM

da3v21 (Fri, 02 Apr 2021 11:48:19 GMT):
hello everyone!, according to the anoncreds 2.1 paper *Pairwise DIDs* are generated from the master secret as mentioned in this picture, I am not sure if this is implemented, and also the proof mentioned at the last line is also not used right. Can someone explain this
Clipboard - April 2, 2021 5:17 PM

wip-abramson (Fri, 02 Apr 2021 12:52:50 GMT):
Hey @da3v21, I am also very much interested in this. But you are correct, currently, this is not supported. This was a helpful answer I got about this previously https://chat.hyperledger.org/channel/aries?msg=cCwPQoJkjhnkaxedQ I do think ursa has the cryptographic primitives available so it could be implemented, just hasn't bubbled up the stack yet.

swcurran (Fri, 02 Apr 2021 20:22:14 GMT):
Hi Jim -- for a tutorial, you can look at this -- https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AliceGetsAPhone.md Is that what you are looking for?

swcurran (Fri, 02 Apr 2021 20:23:18 GMT):
We're still working on getting Aries Go and ACA-Py talking. There has been some progress, but still not working. Glad to get some help on that -- especially if you know the AFGo side.

swcurran (Fri, 02 Apr 2021 20:23:55 GMT):
What are using for the OIDC part? ACA-Py and the vc-authn-oidc?

mahiuddinalkamal (Sat, 03 Apr 2021 20:20:48 GMT):
Has joined the channel.

iamgollum (Sun, 04 Apr 2021 20:33:01 GMT):
Has joined the channel.

luanafrattini (Mon, 05 Apr 2021 12:46:06 GMT):
Has joined the channel.

iammatrix (Mon, 05 Apr 2021 15:53:57 GMT):
yes aca-py and vc-authn-oidc

swcurran (Tue, 06 Apr 2021 13:12:58 GMT):
@esune knows that library pretty well and should help. I haven't looked at that in a while, but it sounds like you haven't loaded the presentation request into the service. Take a look at the summary here, and notably the "updatePresentation" script that loads the presentation request: https://github.com/bcgov/vc-authn-oidc/blob/master/demo/Running-In-Play-With-Docker.md

surajsingla333 (Wed, 07 Apr 2021 06:29:01 GMT):
Has joined the channel.

breno.medeiros (Wed, 07 Apr 2021 12:14:37 GMT):
Has joined the channel.

mtfk (Wed, 07 Apr 2021 13:02:08 GMT):
Announcement: Today at WG Aries Cal A we would talk about the future of data sharing and why it is important to bootstrap it from the Agent right away (authentic data flow). The presentation would be about Trustworthy Data Mesh, what it is, and why we need it. We start in 1h see you there. https://wiki.hyperledger.org/pages/viewpage.action?pageId=50135424

Hanboo (Wed, 07 Apr 2021 17:35:34 GMT):
Has joined the channel.

esune (Wed, 07 Apr 2021 18:12:34 GMT):
what @swcurran pointed out is what I would have suggested as well: you need to have a record stored in `vc-authn` using its API that describes what will be requested in the proof request. The value of `pres_req_conf_id` in the OIDC authentication request needs to match one of the configuration ids stored in `vc-authn`, otherwise the controller will not know what to request for the proof.

esune (Wed, 07 Apr 2021 18:12:34 GMT):
what @swcurran pointed out is what I would have suggested as well: you need to have a record stored in `vc-authn` using its API that describes what will be requested in the proof request. The value of `pres_req_conf_id` in the OIDC authentication request needs to match the id of ne of the configurations stored in `vc-authn`, otherwise the controller will not know what to request for the proof.

esune (Wed, 07 Apr 2021 18:16:05 GMT):
The main readme in the repository has an example showing what the configuration payload looks like, you will obviously need to adapt it to your needs. The keycloak configuration guide shows how to setup `vc-authn` ad IdP: please note that you need to set the `forwarded parameter` to include `pres_req_conf_id` or the request will fail (no proof-request configuration is provided and processable if the parameter is missing).

mccown (Wed, 07 Apr 2021 20:29:26 GMT):
The Identity Implementer's WG is meeting tomorrow (Apr 8th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. Daniel Bachenheimer (Principal Director at Accenture) will be presenting on the Known Traveler Digital Identity (KTDI; World Economic Forum initiative) and how it uses SSI / Hyperledger Indy stack. Wiki: https://wiki.hyperledger.org/display/IWG/2021-04-8+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

AkankshaM (Thu, 08 Apr 2021 08:47:59 GMT):
Has joined the channel.

AkankshaM (Thu, 08 Apr 2021 08:51:32 GMT):
Hello Everyone, I am trying to understand why we need a private connectionID as well as private DID for a single private connection. I also want to know when are the private DIDs created in create-invitation process. I am familiar with why we need a pair-wise private connection, but I want to know more technically. Can I get some sequence diagram kind of thing to know the exact flow of connections between two agents?

swcurran (Thu, 08 Apr 2021 14:42:39 GMT):
Best/easiest thing to do is to walk through the first part of the ACA-Py API demo to go through it yourself. https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AriesOpenAPIDemo.md You have a DID per connection to prevent correlation across channels. You don't want a single identifier for yourself that share with everyone in the world.

GuilhermeFunchal (Thu, 08 Apr 2021 19:43:19 GMT):
Hello! I'm start to use ACA-PY in "shell" mode with --multitenant option. How could I get the Wallet Token for use Swagger UI with Bearer API key ?

GuilhermeFunchal (Thu, 08 Apr 2021 19:43:19 GMT):
Hello! I'm start to use ACA-PY in "shell" mode with --multitenant option. aca-py start --endpoint "https://8855ae10cbe3.ngrok.io" \ --genesis-url http://192.168.2.12:9000/genesis \ --inbound-transport http 0.0.0.0 8020 \ --outbound-transport http \ --auto-respond-credential-proposal \ --auto-respond-credential-request \ --auto-respond-presentation-proposal \ --auto-respond-credential-offer \ --auto-respond-presentation-request \ --auto-accept-invites \ --auto-accept-requests \ --auto-store-credential \ --auto-verify-presentation \ --preserve-exchange-records \ --auto-store-credential \ --auto-ping-connection \ --seed d_000000000000000000000000583070 \ --admin 0.0.0.0 8021 \ --enable-undelivered-queue \ --webhook-url http://192.168.2.33:8022/webhooks \ --multitenant \ --jwt-secret very_secret_secret \ --auto-respond-messages \ --wallet-type indy \ --storage-type indy \ --wallet-name serpro.agent12345 \ --wallet-key serpro.agent583070 \ --wallet-storage-type 'postgres_storage' \ --wallet-storage-config "{\"url\":\"192.168.2.16:5432\"}" \ --wallet-storage-creds "{\"account\":\"postgres\",\"password\":\"79inVct\",\"admin_account\":\"postgres\",\"admin_password\":\"79inVct\"}" \ --auto-provision \ --trace \ --log-file aca-py.log \ --log-level debug \ --trace-target log \ --trace-tag acapy.events \ --label serpro.agent \ --trace-label serpro.agent.trace \ --enable-undelivered-queue \ --auto-respond-messages \ --tails-server-base-url https://8855ae10cbe3.ngrok.io \ --multitenant-admin \ --jwt-secret very_secret_secret \ --admin-insecure-mode How could I get the Wallet Token for use in Bearer API key Swagger UI with ?

esune (Thu, 08 Apr 2021 21:58:02 GMT):
You will need to provision a sub-wallet by using the `multitenancy` API in the ACA-Py admin interface. Provisioning a sub-wallet should respond with the token to be used in the header to have reuests routed to the right wallet.

mr_comm (Fri, 09 Apr 2021 06:01:42 GMT):
Has joined the channel.

mr_comm (Fri, 09 Apr 2021 06:01:44 GMT):
Hi everyone. I hope someone can help me on some doubts: with my team we have developed agents to manage our own did method, whose did documents are stored on a Ledger. At a certain point we wondered how to achieve interoperability with other agents: for example, how to communicate with an agent that handles sov methods. In this regard, could someone indicate me a source of information about this? Another thing we have asked ourselves is if we could use aries go framework https://github.com/hyperledger/aries-framework-go to realize our own agent that treats our method, in order to inherit all the structure and the functionalities already realized, endpoints included. Again if someone could give me some information that would be great. Thanks for any help.

YoungjoonLee (Fri, 09 Apr 2021 08:17:34 GMT):
Has joined the channel.

YoungjoonLee (Fri, 09 Apr 2021 08:17:35 GMT):
Hi all, I'm trying to develop an agent for my own DID method, using https://github.com/hyperledger/aries-framework-go. However, I couldn't find detail examples about how to use the aries-framework-go. I have studies the OpenAPI demo of ACA-Py. So, I understood how DIDcomm and VerifiableCredential/Presentation work. But, I would like to implement the same flow using aries-framework-go. Could someone provide some examples or articles with me? Thank you!

GuilhermeFunchal (Fri, 09 Apr 2021 11:49:00 GMT):
Ok, but What is the main wallet token? How can I get it?

GuilhermeFunchal (Fri, 09 Apr 2021 14:26:17 GMT):
I found out how to use it, thanks.

esune (Fri, 09 Apr 2021 16:14:06 GMT):
The instances of Tails Server hosted by BCGov are in the process of moving to a new domain. This will be for the most part transparent, however if you have been using the `dev` or `test` instances of the server you will need to update the URLs as follows: DEV: `https://tails-dev.vonx.io` TEST: `https://tails-test.vonx.io` PROD: `https://tails.vonx.io` (same as before) The old instances will be available until Friday April 16th at roughly 9am PDT - after this time they will be switched off. The new instances re already available, so we encourage you to switch over to using them as soon as possible.

ianco (Fri, 09 Apr 2021 16:24:20 GMT):
Are the new domains available now? We've got references in our repositories all over the place ...

esune (Fri, 09 Apr 2021 16:25:17 GMT):
They are. We have been updating the references (in BCGov projects) as we migrate the services to the new cluster/domain. The demos in aca-py might need to be updated though.

ianco (Fri, 09 Apr 2021 16:27:06 GMT):
:+1:

albertobr (Mon, 12 Apr 2021 12:45:38 GMT):
Hi, I've been reading about the proof verification process and I've done some code and scripts to test the python runners. But I want to understand something, what's the mechanism that prevents an attacker to present a false proof, saying for example he has an age over 18 years old. What mechanism prevents an attacker to generate its own presentation JSON file. Is the presentation derived from the credential stored on a wallet signed by the Issuer? I've read the 0037 RFC from Aries, but it is not specified what I want to know. In the OpenAPI demo I don't see any value in the presentation related to a public key from the Issuer or similar, just the schema IDs and Cred_def_id. Thank you very much!

AkankshaM (Mon, 12 Apr 2021 14:38:20 GMT):
Thank you @swcurran. I have checked out this demo. You are right, we need pair wise DID for avoiding correlation of data/identity. What I don't understand is the "connection_id". It is obvious that an agent need to send invitation to other agents for establishing connection, alone public DID cannot suffice the connection right now (I didn't find any demo about establishing connection purely with Public DID). connection_id is pair-wise unique as well just like pair-wise DIDs. Is it that connection_id is used only by controllers and private DIDs is used only by agents? If not, why do we have connection_id if we have pair-wise DID? And, we require connection_id while issuing credentials, presenting proofs and messaging. What I have noticed is that private DIDs are not used in this OpenAPIDemo after establishing connection. Is it that agents communicate behind the scenes with pair-wise DID? Please correct me if I am wrong.

AkankshaM (Mon, 12 Apr 2021 14:46:19 GMT):
Hi, The proof includes attributes signed by the private key of the issuer. So, in order to verify the proof, public/ver key of the issuer is used. May be this is the piece you are missing. Please correct me if this is wrong.

Welbert2019 (Mon, 12 Apr 2021 16:02:03 GMT):
Has joined the channel.

swcurran (Mon, 12 Apr 2021 18:45:11 GMT):
A connection object is represents the relationship between (usually/always for now) a pair of agents. The connection includes the DIDs being used by the two parties, and other information -- for example the labels used by the controller for the two agents. There is also an extension mechanism so that extra protocol specific data can be stored with the connection. The connection id is known to the controller and the controller uses it to say -- "hey, I want to start a protocol with this connection". The controller often links the connection with the entity in the domain-specific database. For example, a user in their system has a connection id for agent-y things.

albertobr (Tue, 13 Apr 2021 08:14:21 GMT):
Thank you @AkankshaM, do you know where i can find such explanation? What attributes are signed? Probably the ver key has an important role that I'm missing!

albertobr (Tue, 13 Apr 2021 08:14:21 GMT):
Thank you @AkankshaM, do you know where can I find such explanation? What attributes are signed? Probably the ver key has an important role that I'm missing!

agrawalaman (Tue, 13 Apr 2021 13:45:47 GMT):
Hey, is there anyone who runs aca-py on a macos without docker? can they please guide me on how to do it?

deas (Tue, 13 Apr 2021 15:24:09 GMT):
You can just install it via pip if you want to leverage it directly. Will likely need python3_indy too. But most folks probably use docker. Dunno if this is up-to-date, but maybe take a look. https://github.com/hyperledger/aries-cloudagent-python/blob/main/DevReadMe.md#locally-installed

agrawalaman (Tue, 13 Apr 2021 15:55:49 GMT):
I did that, but on provisioning an agent, it gives a long list of errors. I use the ledger at http://test.bcovrin.vonx.io/

byron1st (Wed, 14 Apr 2021 07:54:22 GMT):
Has joined the channel.

byron1st (Wed, 14 Apr 2021 07:54:23 GMT):
`verifiable.generatePresentation` function returns an error `aries wasm: code: 6006, message: prepare vp: failed to sign vp: failed to add linked data proof: add linked data proof: invalid JSON-LD context`. My code is like below: ``` await aries.verifiable.generatePresentation({ verifiableCredential: vcs, did: action.MyDID, created: new Date(), skipVerify: true, signatureType: 'Ed25519Signature2018', }) ``` `vcs` is an array of verifiable credential objects that has one element: ``` { "@context": [ "https://www.w3.org/2018/credentials/v1" ], "credentialSubject": { "Authorization": "b70390fb-1da9-4c74-9222-b87a425e8149", "email": "c1", "id": "did:peer:1zQmYwNmGNKPkxikgbYw2Z1jJacs5bA27vfckJofrLDtP59W", "name": "c1", "userID": "test" }, "expirationDate": "2022-04-14T06:46:04.533Z", "issuanceDate": "2021-04-14T06:46:04.533Z", "issuer": { "id": "did:peer:1zQmPh1QBRytksJPsVHzj6gocjQVABXgZ3U6SRRfitsXyuR3", "name": "..." }, "type": [ "VerifiableCredential", "..." ] } ``` Is there any idea about the problem? Thanks!

EdCurran (Wed, 14 Apr 2021 09:14:25 GMT):
hi, could anybody point me in the right direction for the current state of credential schemas in aries? I've seen RFCs for rich schemas but can't see to what extent its implemented, nor a definition for what preceded it, thanks.

AkankshaM (Wed, 14 Apr 2021 12:57:34 GMT):
Introduction to hyperledger Indu-Urse-Aries LFS172x on edx is very good resource for the overview of how things are working (schemas, credential definitions, DIDs..) https://www.edx.org/course/identity-in-hyperledger-aries-indy-and-ursa "Verifiable credentials" is the keyword you should look for. The credential definition attributes are signed by the one who (issuer) has it on ledger. Thank you

AkankshaM (Wed, 14 Apr 2021 12:57:34 GMT):
Introduction to hyperledger Indy-Ursa-Aries LFS172x on edx is very good resource for the overview of how things are working (schemas, credential definitions, DIDs..) https://www.edx.org/course/identity-in-hyperledger-aries-indy-and-ursa "Verifiable credentials" is the keyword you should look for. The credential definition attributes are signed by the one who (issuer) has it on ledger. Thank you

AkankshaM (Wed, 14 Apr 2021 13:19:21 GMT):
Thank you. Also, I am curious to know if multiple private DIDs can be created with same connectionID? Or, if multiple private DIDs can be linked to same connectionID? The later seems impossible for out-of-band connection because for every invite, there is a new connection ID , and hence a new pair of DID.

GuilhermeFunchal (Wed, 14 Apr 2021 15:52:52 GMT):
Hello, Whem Im use the option --multitenant, do I necessarily need to use one agent for each person and one for each organization or can i use the same?

swcurran (Thu, 15 Apr 2021 15:51:17 GMT):
I'm sure it would be possible, but don't know of a use case. It would mean changes to the API for the controller to tell the framework which DID to use for messaging. There would have to be a really compelling reason to add that complexity.

esune (Thu, 15 Apr 2021 21:19:11 GMT):
That would probably be best defined by your business processes and governance, technically you could do either way, however it would likely defeat the purpose of having a multi-tenant agency in the first place if you only use one agent

swcurran (Thu, 15 Apr 2021 22:25:30 GMT):
A third Curr[ae]n in this space? Wow! Rich Schema evolution has largely stopped. In stead, the community is moving towards the use of BBS+ Signatures which provide W3C Standard VC format, ZKP (no inherent unique identifier for the holder) and selective disclosure, and JSON-LD format credentials. BBS+ is still being rolled out, and the feature set is not as complete as the Indy AnonCreds (no predicates, and no ZKP-Revocation -- although coming...), but it moves the Indy/Aries community closer to the other VC communities that are more focused on JSON-LD -- without losing ZKP and selective disclosure.

egidio.casati (Sat, 17 Apr 2021 18:53:26 GMT):
Has joined the channel.

GuilhermeFunchal (Mon, 19 Apr 2021 13:52:55 GMT):
So do I need to have an agent running for each user I use?

esune (Mon, 19 Apr 2021 15:34:07 GMT):
In a multi-tenant setup you would have as many sub-wallets as different users you have. Whether that maps 1 to 1 to your users or not, that is a business decision, that's what I was saying.

ascatox (Tue, 20 Apr 2021 12:04:41 GMT):
Hi All! I'm exploring the aries mobile xamarin project! I've found in the .indy-client folder a wallet for the Mediator and some EdgeXX wallets for mobile applications connected to the mediator! I suppose that each mobile app has on own wallet. I can't understand the function of a wallet for the mediator. Someone can help me to better understand better this. Thanks in advance.

mtfk (Tue, 20 Apr 2021 22:46:07 GMT):
Reminder The Morning Aries call 21.04 is canceled due to ongoing IIW. We would get back in 2 weeks. See you around at IIW!

GuilhermeFunchal (Thu, 22 Apr 2021 12:07:53 GMT):
Hello, I am trying to create a DID for a sub wallet using multitenant option. curl -X POST "http://161.148.151.17:8021/wallet/did/create" -H "accept: application/json" -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3YWxsZXRfaWQiOiI5YmFiNmZiNy0zYjhiLTQxODMtYmY0Yy04OWM1ZmM3ZWE2NzEifQ.qGoAGbLUZ0gHaBpiYuLplficjhjQEe7U2E-UAntkV7I" curl -X POST "http://161.148.151.17:8021/wallet/did/public?did=TRM73xVHaf8X7Zwx69vCgB" -H "accept: application/json" -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ3YWxsZXRfaWQiOiI5YmFiNmZiNy0zYjhiLTQxODMtYmY0Yy04OWM1ZmM3ZWE2NzEifQ.qGoAGbLUZ0gHaBpiYuLplficjhjQEe7U2E-UAntkV7I" Whem I'm try to set the DID to public Im receive error : DID TRM73xVHaf8X7Zwx69vCgB is not posted to the ledger ========================================================================================== Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/admin/server.py", line 164, in ready_middleware return await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/admin/server.py", line 201, in debug_middleware return await handler(request) File "/usr/local/lib/python3.6/dist-packages/aiohttp_apispec/middlewares.py", line 45, in validation_middleware return await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/admin/server.py", line 317, in check_multitenant_authorization return await handler(request) File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/admin/server.py", line 362, in setup_context return await task File "/usr/local/lib/python3.6/dist-packages/aries_cloudagent/wallet/routes.py", line 311, in wallet_set_public_did raise web.HTTPNotFound(reason=f"DID {did} is not posted to the ledger") =======================================================================================================

daniel-s 1 (Thu, 22 Apr 2021 13:43:12 GMT):
Has joined the channel.

Maltex (Thu, 22 Apr 2021 17:03:34 GMT):
Has joined the channel.

Maltex (Thu, 22 Apr 2021 17:05:38 GMT):
Hi guys, I'm trying to use the aries framework go mobile binds to establish connection between two agents but when I accept the invitation I get this error "id exchange client - accept exchange invitation: failed to execute state action 'requested': outboundDispatcher.Send: no transport found for serviceEndpoint: didcomm: transport / queue] " does anyone have any idea what it could be?

iammatrix (Thu, 22 Apr 2021 17:09:26 GMT):
I have got a question, about vc-authn-oidc, so after the email cred is verified, it redirects/shows us what is inside Authorize.cshtml, is there any way where I can change the redirection to any other page. This is really important for my projects, any sort of help will be appreciated.

spilling (Thu, 22 Apr 2021 18:20:52 GMT):
I am pretty sure that project uses the aries-framework-dotnet project. If so, it uses the mediator included in that project. In that case, the wallet for the mediator holds the connections with the wallet in the mobile application. When the mobile agent requests its messages from the mediator, that request happens via a connection stored in the mediator wallet. The EdgeXX wallets are used only as at rest storage for messages bound for the wallet in the mobile agent.

spilling (Thu, 22 Apr 2021 18:27:10 GMT):
I have not read through the code for the Aries framework go, but my guess would be that there is no route defined in the connection offer where the second mobile agent should send its reply. In an edge/ mobile use case, this would typically include use of a mediator.

daniel-s 1 (Thu, 22 Apr 2021 22:31:31 GMT):
I'm getting this error when trying to issue a credential: "Issuer has no operable cred def for proposal spec {'cred_def_id': ...." I'm trying to understand just how Aries works. My model may be incorrect, but I believe that there are types of credentials that are defined on the blockchain, like "driver's licence" then an instance of Aries will be told which of the credentials it is able to issue. If I'm wrong I'm not sure what to read to understand this more concretely.

daniel-s 1 (Thu, 22 Apr 2021 22:32:38 GMT):
Anyway, when trying to issue a credential the field cred_def_id is sent in the payload from the controller to Aries. Aries will use that DID to filter through credentials it can issue and if it is not available in the list of credentials that this instance of Aries can issue, it returns the above error.

daniel-s 1 (Thu, 22 Apr 2021 22:33:25 GMT):
Is my understanding correct? Any suggestions on what to read to better/perfectly understand this process?

daniel-s 1 (Thu, 22 Apr 2021 22:33:45 GMT):
Is it possible to query an instance of Aries to get the DIDs of all the types of credentials that the instance issues?

spilling (Fri, 23 Apr 2021 14:49:52 GMT):
Yes, the name for a type of credential is a "Schema". These define the attributes which the credential will contain. In the driver's license example, the Schema says "all credentials created based on this schema will have first name, last name, driver's license number, ..." and so on. These can be used by anyone. A verifiable credential contains data for one instance. Using the driver's license as an example, this would contain the user's actual first name, last name driver's number. Between the credential and the Schema lives another layer. This is the credential definition. The simplest explanation is that this is a set of signing keys created by a specific issuer related to a specific schema. This can only be used by the issuer which created the credential definition. What this error appears to be indicating (I assume it is from ACA.py, which I have not used much) is that you have not used the issuer to create a credential definition.

daniel-s 1 (Fri, 23 Apr 2021 14:52:44 GMT):
Thanks for your reply. I was partially confused about the difference between schema and credential definition, which you helped clarify.

daniel-s 1 (Fri, 23 Apr 2021 14:55:07 GMT):
So, just to repeat what you said. A scheme defines the template for the credential and the credential definition is almost analogous to someone posting onto the public ledger, "I'm the DMV in XYZ jurisdiction", publishing their public key, and saying that you're going to issue this credential.

daniel-s 1 (Fri, 23 Apr 2021 14:55:39 GMT):
*schema

spilling (Fri, 23 Apr 2021 14:56:16 GMT):
That sounds correct.

daniel-s 1 (Fri, 23 Apr 2021 14:58:29 GMT):
I guess it then makes sense why I would be getting this message from an issuer that wants to issue a credential but has not previously created the credential definition with this agent. I believe in this case that the issuer had previously created the definition, but the agent application was reinitialised and the state (wallet) was lost.

spilling (Fri, 23 Apr 2021 14:58:51 GMT):
That would do it. :)

mgbailey (Fri, 23 Apr 2021 18:25:43 GMT):
Is one of the Aries repos developed and stable enough to use for production development of a mobile wallet app (both iOS and Android)?

CSewell (Fri, 23 Apr 2021 19:39:15 GMT):
Has joined the channel.

CSewell (Fri, 23 Apr 2021 19:39:15 GMT):
Hi all, I represent a well funded startup looking to build some identity technology with hyperledger aries. I have a IOS app that need to implement the mediator RFC

CSewell (Fri, 23 Apr 2021 19:39:15 GMT):
Hi all, I represent a well funded startup looking to build some identity technology with hyperledger aries. I have a IOS app that needs to implement the mediator RFC

CSewell (Fri, 23 Apr 2021 19:39:29 GMT):
Does anyone know of a developer that may be able to help?

TimoGlastra (Fri, 23 Apr 2021 19:52:54 GMT):
I'd say .NET is the most production ready. We're working on Aries framework JavaScript / React Native. It's not quite ready yet -- however we're making good progress. Otherwise the Go framework may be a good first. I'm not sure however on the progress and features yet

swcurran (Fri, 23 Apr 2021 20:52:12 GMT):
I'd say none are quite there yet, but there is a definite movement to get a production quality open source one available.

swcurran (Fri, 23 Apr 2021 20:52:56 GMT):
The Go framework itself is solid, but focused on AIP 2 and non-Indy use cases, so that might be a constraint, depending on what you are doing.

swcurran (Fri, 23 Apr 2021 20:53:25 GMT):
I'm seeing more activity on the two others that Timo mentioned.

mgbailey (Fri, 23 Apr 2021 20:59:29 GMT):
I'm aiming for an Indy use case. I am a little leary of committing to Xamarin long term, but could be persuaded if it was well advanced of the other alternatives. The React Native would be very interesting, depending on the time line.

swcurran (Fri, 23 Apr 2021 21:00:56 GMT):
I agree -- check out the repo -- https://github.com/hyperledger/aries-mobile-agent-react-native and https://github.com/hyperledger/aries-framework-javascript We think those are solid components to build on.

swcurran (Fri, 23 Apr 2021 21:01:20 GMT):
Community meetings held weekly on both.

mgbailey (Fri, 23 Apr 2021 21:02:16 GMT):
Thanks for the input, Stephan & TImo!

mgbailey (Fri, 23 Apr 2021 21:02:16 GMT):
Thanks for the input, Sam & TImo!

mgbailey (Fri, 23 Apr 2021 21:02:16 GMT):
Thanks for the input, Stephan & TImo!

TimoGlastra (Fri, 23 Apr 2021 21:04:09 GMT):
I'm maintainer of both the JS and React Native repo's. Let me know if you want to have a chat about what's already supported and how you can get started

daniel-s 1 (Sun, 25 Apr 2021 23:35:47 GMT):
How/where is Aries' wallet stored?

AkankshaM (Mon, 26 Apr 2021 05:07:25 GMT):
Does proof also really reveal the attributes to the proof requestor or just "yes/no" answer of the proof? In the play with docker OpenAPI demo, the http response of proof just shows status as "verified". No attributes of schema are visible in the response.

LukaszSawicki (Mon, 26 Apr 2021 23:38:50 GMT):
Has joined the channel.

spilling (Tue, 27 Apr 2021 01:00:57 GMT):
I am not sure of the demo you are referencing, but proofing itself can return the values in addition to the verification state.

avi23 (Tue, 27 Apr 2021 09:06:39 GMT):
Hi @swcurran , i have a question regarding DIDcomm protocol used in INdy for peer to peer communication, can we use DIDcomm anywhere outside the Indy as well for peer to peer ?

swcurran (Tue, 27 Apr 2021 13:52:23 GMT):
Yes. There is no dependency on Indy in DIDComm -- it can be used in many scenarios, even just secure messaging.

opleno (Tue, 27 Apr 2021 14:44:52 GMT):
Has joined the channel.

opleno (Tue, 27 Apr 2021 15:11:09 GMT):
hi, has anyone tried to integrate Aries with EBSI? Or at least with some blockchain different than Indy

JamesSchulte (Tue, 27 Apr 2021 16:14:05 GMT):
Has joined the channel.

knagware9 (Wed, 28 Apr 2021 05:12:20 GMT):
I am also interested know. I have created one mentorship project to use Aries in Hyperledger fabric

kukgini (Wed, 28 Apr 2021 09:47:43 GMT):
In `0360-use-did-key`, In the first paragraph of summary section: ``` A number of RFCs that have been defined reference what amounts to a "naked" public key ``` what do you mean by naked?

TimoGlastra (Wed, 28 Apr 2021 11:00:42 GMT):
I think with naked key is meant the raw public key string. Previously keys were always ed25519 keys so a naked key was sufficient because you knew that it would be a base58 encoded ed25519 public key (aka verkey). Now did keys are used because they allow you to detect which key type and encoding you're dealing with

opleno (Wed, 28 Apr 2021 15:17:21 GMT):
I hope someone can guide us on separating Aries from Indy, or forward us to the correct place to look at

avi23 (Thu, 29 Apr 2021 06:43:07 GMT):
Thanks @swcurran , could you please help in providing some links for reference on how to implement it?

swcurran (Thu, 29 Apr 2021 15:39:43 GMT):
Easiest is probably by looking at (or even using) the implementations that exist in the various Frameworks -- Python, C#/.NET, Go, Rust and JavaScript.

swcurran (Thu, 29 Apr 2021 15:41:22 GMT):
If you look at the set of RFCs in AIP 1.0 (https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0302-aries-interop-profile#aries-interop-profile-version-10) and ignore the ones about Credential Exchange, you are left with the ones about DIDComm and protocols.

sbirky (Fri, 30 Apr 2021 21:02:42 GMT):
Has joined the channel.

Mark_Spencer (Sun, 02 May 2021 15:25:38 GMT):
Has joined the channel.

HakanTUB (Tue, 04 May 2021 14:00:37 GMT):
I do have an acapy related question:Is there a reason why the order of claim fields in credential definitions (Name, Last_Name, DoB etc.) are not coming in the same order they are put in for credential definition? I end up having a random order for the claim fields. So to recap: If I put the following claim fields in the schema definition: 1. Name 2. Last Name 3. DoB I end up getting it in a random order in indy i.E: 1. Last Name 2. DoB 3. Name This is particularly problematic, when you are creating a diploma for example which also includes school grades. In that case the overview is non-existent... A colleague of mine is a developer for a solution, which is using Acapy. His remarks were that The JavaScript JSON Arrays are actually specified as ordered lists. If that's the case, is this somehow not implemented in Anoncreds / Indy? Thanks in advance for any remarks

dcspinho (Tue, 04 May 2021 14:25:56 GMT):
Has joined the channel.

dcspinho (Tue, 04 May 2021 14:25:57 GMT):
.

spilling (Tue, 04 May 2021 14:32:45 GMT):
I have seen this behavior in projects other than aca.py, so most likely it is something at the rust indy-sdk level.

dcspinho (Tue, 04 May 2021 14:32:55 GMT):
HI. For Issue Credential Protocol 2.0: In Hyperledger Indy, where the `request-credential` message can **only** be sent in response to an `offer-credential` message, the `propose-credential` message is the only way for a potential Holder to initiate the workflow. Is this meaning that (?): 1. the holder send to issuer `propose-credential` message to start the workflow 2. the issuer send to holder `offer-credential` message' 3. the holder send to issuer `request-credential` message' I think that my understanding is wrong.

dcspinho (Tue, 04 May 2021 14:32:55 GMT):
HI. For Issue Credential Protocol 2.0: In Hyperledger Indy, where the `request-credential` message can **only** be sent in response to an `offer-credential` message, the `propose-credential` message is the only way for a potential Holder to initiate the workflow. https://github.com/hyperledger/aries-rfcs/tree/master/features/0453-issue-credential-v2#aries-rfc-0453-issue-credential-protocol-20 Is this meaning that (?): 1. the holder send to issuer `propose-credential` message to start the workflow 2. the issuer send to holder `offer-credential` message' 3. the holder send to issuer `request-credential` message' I think that my understanding is wrong.

dcspinho (Tue, 04 May 2021 14:32:55 GMT):
HI. For Issue Credential Protocol 2.0: In Hyperledger Indy, where the `request-credential` message can **only** be sent in response to an `offer-credential` message, the `propose-credential` message is the only way for a potential Holder to initiate the workflow. https://github.com/hyperledger/aries-rfcs/tree/master/features/0453-issue-credential-v2#aries-rfc-0453-issue-credential-protocol-20 Is this meaning that (?): 1. the holder send to issuer `propose-credential` message to start the workflow 2. the issuer send to holder `offer-credential` message' 3. the holder send to issuer `request-credential` message' Is my understanding right?

dcspinho (Tue, 04 May 2021 14:32:55 GMT):
HI. For Issue Credential Protocol 2.0: In Hyperledger Indy, where the `request-credential` message can **only** be sent in response to an `offer-credential` message, the `propose-credential` message is the only way for a potential Holder to initiate the workflow. https://github.com/hyperledger/aries-rfcs/tree/master/features/0453-issue-credential-v2#aries-rfc-0453-issue-credential-protocol-20 Is this meaning that in **hyperledger indy the only way is** (?): 1. the holder send to issuer `propose-credential` message to start the workflow 2. the issuer send to holder `offer-credential` message' 3. the holder send to issuer `request-credential` message' Is my understanding right?

spilling (Tue, 04 May 2021 14:40:19 GMT):
This means that if your process requires the *holder* to initiate, then their only starting point is `propose-credential`. It is possible to start the process from the *issuer* with the `offer-credential` message. I believe the doc was trying to say, because of how Indy works, it is not possible for the *holder* to initiate this process using any other message.

dcspinho (Tue, 04 May 2021 14:54:04 GMT):
thanks

smithbk (Tue, 04 May 2021 15:31:32 GMT):
Hi, I have a couple of questions for the Out-Of-Band protocol. Thanks in advance. 1) When the receiver of an OOB message which contains an "requests~attach" field as defined at https://github.com/hyperledger/aries-rfcs/tree/master/features/0434-outofband#messages, the OOB message receiver begins the protocol by sending the attached message with a "@id" field which it (the receiver) generates dynamically on-the-fly. Is this correct? In other words, it seems to me that the message in the OOB attachment should not have an "@id" field and that we require the sender to generate their own, since they are starting the protocol. 2) Towards the end of the same section (athttps://github.com/hyperledger/aries-rfcs/tree/master/features/0434-outofband#messages), the RFC references a `please-play-the-role` message, but I don't see this message defined in any RFC and the link just goes back to the top of the OOB RFC. Is this message defined somewhere? If yes, where?

smithbk (Tue, 04 May 2021 15:31:32 GMT):
Hi, I have a couple of questions for the Out-Of-Band protocol. Thanks in advance. 1) When the receiver of an OOB message which contains an "requests~attach" field as defined at https://github.com/hyperledger/aries-rfcs/tree/master/features/0434-outofband#messages, the OOB message receiver begins the protocol by sending the attached message with a "@id" field which it (the receiver) generates dynamically on-the-fly. Is this correct? In other words, it seems to me that the message in the OOB attachment should not have an "@id" field and that we require the sender to generate their own, since they are starting the protocol. 2) Towards the end of the same section (at https://github.com/hyperledger/aries-rfcs/tree/master/features/0434-outofband#messages), the RFC references a `please-play-the-role` message, but I don't see this message defined in any RFC and the link just goes back to the top of the OOB RFC. Is this message defined somewhere? If yes, where?

Nizu (Tue, 04 May 2021 17:03:26 GMT):
Hello, I hope i find you well. On Aries Cloudagent python, how do I keep Alice's DID the same on different runs of the program for testing purposes? Do i have to touch alice's seed? right now it has the value "none", what should I change it to?

spilling (Tue, 04 May 2021 17:08:42 GMT):
Yes, setting the seed will keep the DID consistent. Seeds are 32 characters. I am not certain of the restrictions, but commonly alpha numeric (0-9a-z).

Nizu (Tue, 04 May 2021 17:09:20 GMT):
ok thank you!

andrew.whitehead (Tue, 04 May 2021 17:14:17 GMT):
I don't think please-play-the-role is a real RFC, but it's odd that it links to the same page. For the response to the OOB message, I think it uses the attachment's ID as the thread ID to help the initiator coordinate?

smithbk (Tue, 04 May 2021 17:28:20 GMT):
Thanks Andrew. So what wasn't clear to me is if the receiver (a) is receiving the attachment message or (b) supposed to send the attachment message back to the sender (i.e. the creator of the OOB invitation). From what you said, it appears to be "a" rather than "b". In that case, the "@id" field in the attachment MUST indeed be unique for each receiver of the OOB invitation, which means if I want to generate a QRCode which can be scanned by multiple receivers, then the generation of the "@id" in the attachment MUST be delayed until the short-url-resolution time. Am I understanding this correctly?

smithbk (Tue, 04 May 2021 17:28:20 GMT):
@andrew.whitehead Thanks Andrew. So what wasn't clear to me is if the receiver (a) is receiving the attachment message or (b) supposed to send the attachment message back to the sender (i.e. the creator of the OOB invitation). From what you said, it appears to be "a" rather than "b". In that case, the "@id" field in the attachment MUST indeed be unique for each receiver of the OOB invitation, which means if I want to generate a QRCode which can be scanned by multiple receivers, then the generation of the "@id" in the attachment MUST be delayed until the short-url-resolution time. Am I understanding this correctly?

andrew.whitehead (Tue, 04 May 2021 17:59:40 GMT):
The wording seems a little unclear in the RFC about responding to requests~attach messages, possibly because an earlier version was a bit more flexible there. In the current version I believe the requests are always treated as messages from the initiator to the responder, and the responder must assemble the next message in the relevant protocol

mtfk (Wed, 05 May 2021 11:25:43 GMT):
After long break Aries A call is back, starting in 2,5h at 16 CET. Today on the agenda: - IIW32 recap - summary of the event and interesting topics - Why W3C VC data model is not "secure" See you there, details of the meeting as always https://wiki.hyperledger.org/pages/viewpage.action?pageId=51610792

Nizu (Wed, 05 May 2021 11:27:31 GMT):
Hello again, On Aries Cloudagent python, I'm trying to keep Alice's DID the same on different runs of the program, I tried to set the seed to a value but the program is rejecting every try... I have tried an alpha numeric seed of 32 characters but it hasn't worked. Does anyone know what is the rules or formats that a seed can take? Thanks in advance

swcurran (Wed, 05 May 2021 14:03:31 GMT):
Pretty sure alphanumeric 32 is right. How are you passing it in? You can try creating a DID with seed on http://test.bcovrin.vonx.io/

Nizu (Wed, 05 May 2021 15:59:15 GMT):
hi!, right now im using "seed = None," and it is working but the DID changes every run. I tried "seed = em5uw1c3tyccnkg1rdticll0t8666jba,"

Nizu (Wed, 05 May 2021 15:59:20 GMT):
but it didn't work

Nizu (Wed, 05 May 2021 16:01:51 GMT):

Clipboard - May 5, 2021 5:01 PM

Nizu (Wed, 05 May 2021 16:32:14 GMT):
nevermind, I was not using "" *facepalm* now it says that verkey cannot be found, I assume that it is because the DID is not registered on the ledger

Nizu (Wed, 05 May 2021 16:38:43 GMT):
problem solved! thanks!

Nizu (Wed, 05 May 2021 16:39:21 GMT):
just had to register the DID on the greenlight dev ledger

dcspinho (Wed, 05 May 2021 16:44:27 GMT):
Dumb questions: what is pairwise DID?

swcurran (Wed, 05 May 2021 18:28:43 GMT):
Nice!

TelegramSam (Wed, 05 May 2021 18:58:42 GMT):
It is a DID created for just one relationship.

swcurran (Wed, 05 May 2021 19:04:07 GMT):
Here is a quick backgrounder video on this: https://www.youtube.com/watch?v=EKH7vjp_P9o

mccown (Wed, 05 May 2021 20:15:27 GMT):
The Identity Implementer's WG is meeting tomorrow (May 6th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. This week, James Ebert (Indicio) will be giving a presention on the new Aires Bifold project. Wiki: https://wiki.hyperledger.org/display/IWG/2021-05-06+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

kukgini (Fri, 07 May 2021 01:43:08 GMT):
@swcurran This explanation is confusing with peer DID.

AkankshaM (Fri, 07 May 2021 06:50:28 GMT):
Hello all, I am trying to set up aries without docker container. I can start von-ledger on docker. For the below command, (including --wallet-type indy), it throws the error that wallet not found. $ aca-py start -it http '0.0.0.0' 10000 -ot http --admin '0.0.0.0' 5000 -e http://localhost:8080 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000faber1 --wallet-name "My Wallet" --wallet-key "somekey" How do I set up that? I checked https://github.com/hyperledger/aries-cloudagent-python/issues/150 $ aca-py start -it http '0.0.0.0' 10000 -ot http --admin '0.0.0.0' 5000 -e http://localhost:8080 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000faber1 --wallet-name "My Wallet" --wallet-key "somekey"

AkankshaM (Fri, 07 May 2021 06:58:40 GMT):
Hello all, I am trying to set up aries without docker container. I can start von-ledger on docker. For the below command, (including --wallet-type indy), it throws the error that wallet not found. $ aca-py start -it http '0.0.0.0' 10000 -ot http --admin '0.0.0.0' 5000 -e http://localhost:8080 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000faber1 --wallet-name "My Wallet" --wallet-key "somekey" $ aca-py start -it http '0.0.0.0' 10001 -ot http --admin '0.0.0.0' 5001 -e http://localhost:8081 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000alice1 --wallet-name "Other Wallet" --wallet-key "somekey" How do I set up that? I checked https://github.com/hyperledger/aries-cloudagent-python/issues/150. I am getting almost same error, but the solution is confusing me. How do I register DID without starting aca-py. Without --wallet-type parameter, I am able to start agents. But, while accept-request API call, agent to agent communication is not happening. In the terminal, it throws this error: ''' raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:8081 ssl:default [Connect call failed ('127.0.0.1', 8081)] ''' I tried to on ngrok port on 8080 and 8081 as well, but it did not make any difference. PS: ngrok ports on 10000 and 10001 are up. What am I missing? Also, can anyone tell if I am doing it correctly? Thank you in advance

AkankshaM (Fri, 07 May 2021 06:58:40 GMT):
Hello all, I am trying to set up aries without docker container. I can start von-ledger on docker. For the below command, (including --wallet-type indy), it throws the error that wallet not found. $ aca-py start -it http '0.0.0.0' 10000 -ot http --admin '0.0.0.0' 5000 -e http://localhost:8080 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000faber1 --wallet-name "My Wallet" --wallet-key "somekey" $ aca-py start -it http '0.0.0.0' 10001 -ot http --admin '0.0.0.0' 5001 -e http://localhost:8081 --genesis-url http://0.0.0.0:9000/genesis --label 'My agent' --admin-insecure-mode --log-level info --wallet-type indy --seed 00000000000000000000000000alice1 --wallet-name "Other Wallet" --wallet-key "somekey" How do I set up that? I checked https://github.com/hyperledger/aries-cloudagent-python/issues/150. I am getting almost same error, but the solution is confusing me. How do I register DID without starting aca-py. Without --wallet-type parameter, I am able to start agents. But, while accept-request API call, agent to agent communication is not happening. In the terminal, it throws this error: ''' raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:8081 ssl:default [Connect call failed ('127.0.0.1', 8081)] ''' I tried to on ngrok port on 8080 and 8081 as well, but it did not make any difference. PS: ngrok ports on 10000 and 10001 are up. What am I missing? Is there any way to set this up on local machine without ngrok and docker? Also, can anyone tell if I am doing it correctly? Thank you in advance

esune (Fri, 07 May 2021 15:49:34 GMT):
you might want to post in #aries-cloudagent-python

madhugoundla (Fri, 07 May 2021 19:33:32 GMT):
Has joined the channel.

madhugoundla (Fri, 07 May 2021 19:35:12 GMT):
Hi, is there a limit on how many tenants can a agent run when multitenancy is enabled?

AkankshaM (Mon, 10 May 2021 03:45:23 GMT):
Thanks

avi23 (Tue, 11 May 2021 09:02:03 GMT):
Thanks @swcurran actually i need to establish the connection between mobile app and browser for peer t peer communication using DIDcomm... but i couldn't find any reference for similar case .... could you please share something on how to implement same?

Vid201 (Tue, 11 May 2021 09:31:46 GMT):
Has left the channel.

swcurran (Tue, 11 May 2021 18:57:52 GMT):
We don't have any examples of that. Generally we have the web service behind the web app talking to both the browser (one channel) and on a separate (DIDComm) channel, talking to an Aries Agent. We've never had an agent in a browser talking to a mobile agent.

avi23 (Wed, 12 May 2021 05:44:48 GMT):
@swcurran so you mean there is no way to establish a secure msging with mobile app and cloud agent? i heard that we need to use a mediator in between for that and there currently some work going on aries framework - javascript to support the official mediator stuff

SahilK 6 (Wed, 12 May 2021 13:00:51 GMT):
Has joined the channel.

SahilK 6 (Wed, 12 May 2021 13:00:51 GMT):
I want to make the Xamarin Edge Agent an **Issuer** so that it can create Schema and Issue Credentials. Can anyone guide me on the process, please? If I try to create a Schema using the below code, I get the error **Ledger operation rejected** ``` string schemaId = await SchemaService.CreateSchemaAsync(AgentContext, provisioningRecord.IssuerDid, "Template Name", "1.0", new[] { "Full Name", "Address"}); ```

A few points worth noting - Once the Edge Agent wallet is created, I'm able to get the IssuerDid and IssuerVerKey from the `ProvisioningService` ``` await provisioningService.GetProvisioningAsync(agentContext.Wallet) ``` - The `IssuerDid` of the Edge Agent is assigned the role of an `Endorser` on the Ledger. There is an entry for that on the Ledger. *I have not got any relevant response on the `aries-framework-dotnet` channel*

swcurran (Wed, 12 May 2021 14:00:30 GMT):
There is between a mobile agent and cloud agent -- that is done all the time. I interpreted your question as being between a browser and a mobile agent.

rohitthukral (Thu, 13 May 2021 16:40:52 GMT):
Has joined the channel.

rohitthukral (Thu, 13 May 2021 16:40:52 GMT):
Hello Everyone! we are developing Aries + Xamarin based mobile application, where we want to store user credentials, and public & private key associated with DID. i explored over the google but didn't found any way to retrieve private key for user wallet. It would be really helpful, if you can suggest how to retrieve private key and store that in wallet? Any help would be really appreciated, Thanks

spilling (Thu, 13 May 2021 16:50:33 GMT):
If you are using the [indy-sdk](https://github.com/hyperledger/indy-sdk/) it is not possible to retrieve the private key from the wallet. I believe it was a conscious security decision. There are projects made recently to break out some of the features in the indy-sdk. For example, there is a project for wallet storage named [aries-askar](https://github.com/hyperledger/aries-askar). However, I have not had a chance to determine if this uses the same wallet format as the libindy.

spilling (Thu, 13 May 2021 16:55:13 GMT):
Since the did is already an endorser, you may be missing the Transaction Author Agreement (TAA) which may be required depending on the ledger in use. Adding the TAA is not a feature built into the aries-framework-dotnet project. It is recommended to add it by creating a custom ILedgerSigningService, and use the `IndyLedger.AppendTxnAuthorAgreementAcceptanceToRequestAsync(...)` method to append the TAA.

ksanjayk (Sat, 15 May 2021 13:39:54 GMT):
Has joined the channel.

karolinagorna (Mon, 17 May 2021 15:53:26 GMT):
Has joined the channel.

karolinagorna (Mon, 17 May 2021 15:53:27 GMT):
Hello Everyone! We are developing an Aries + Indy web application for identity management in a factory. We have followed the "Become an Aries Developer" MOOC and we now try to create a new schema using the Ariestool Box. Once we have selected the "Create" button after adding the variable for the new schema, it doesn't appear in the list of available schemes. Does anyone cope with the same issue ?

CryptoMuck (Tue, 18 May 2021 13:21:22 GMT):
Has joined the channel.

CryptoMuck (Tue, 18 May 2021 13:21:23 GMT):
Hello all! I allready scrolled a little through the channel in the search for the best way to start with an open source mobile wallet for an indy use case. Is MAX what im looking for?

spilling (Tue, 18 May 2021 14:27:19 GMT):
Either https://github.com/hyperledger/aries-mobileagent-xamarin or https://github.com/hyperledger/aries-mobile-agent-react-native

mtfk (Wed, 19 May 2021 13:39:56 GMT):
Due to conflict on my side and lack of presenters, I am canceling today's Aries Morning call. We'll pick up the baton again in two weeks time, Jun 2nd. If you have any specific topics which you would love to hear or would like to present, please reach to me and we would organize a slot. If nothing new would come, topic for next call would be centralized registry with decentralized control - the way how to go VC registry and goes beyond that - with some examples and demos.

etaleo (Wed, 19 May 2021 13:51:19 GMT):
Hey there :wave: I'm not quite sure how to phrase the question, but: What is the "equivalent/alternative" to root certificate authorities in the SSI world? For example: In theory, anyone could issue a university degree credential and sign it. How does a verifier determine who is a authorized/trusted university and thus whether to accept the credential or not? How is the chain of trust going to be determined and how will it look like?

spilling (Wed, 19 May 2021 14:04:16 GMT):
With Aries/Indy when proofing you could limit by Issuer DID. So limited to only supported Aries/Indy RFCs, it would be up to the verifier to maintain a list of trusted issuers. I know that there are groups working on this question. One that comes to mind is [Trust over IP (ToIP)](https://trustoverip.org)

CryptoMuck (Wed, 19 May 2021 16:33:27 GMT):
Thank You!

mccown (Wed, 19 May 2021 22:03:36 GMT):
The Identity Implementer's WG is meeting tomorrow (May 20th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. This week, Ivan Temchenko will be giving a presentation on DIDComm-RS and how Jolocom is leveraging it for SSI solutions. Wiki: https://wiki.hyperledger.org/display/IWG/2021-05-20+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

jaqo (Thu, 20 May 2021 02:51:45 GMT):
Has joined the channel.

jaqo (Thu, 20 May 2021 11:35:39 GMT):
Hi all, happy to join the channel. I am nearing completion of the Aries Developer program from Linux. Best,

Nizu (Thu, 20 May 2021 12:29:50 GMT):
Hi all, on the aries demos, when we are talking about predicates and required attributes on claim presentation requests, can someone tell me what exactly is exchanged between 2 agents? Thanks in advanced!

jkrstic (Sat, 22 May 2021 18:10:05 GMT):
Has joined the channel.

Nizu (Mon, 24 May 2021 18:29:11 GMT):

Clipboard - May 24, 2021 7:26 PM

andrew.whitehead (Mon, 24 May 2021 20:30:31 GMT):
The agent generally establishes a 'peer' DID when creating a connection, ie. a new DID that is only used for that purpose

mhenniges (Tue, 25 May 2021 09:25:07 GMT):
Has joined the channel.

mhenniges (Tue, 25 May 2021 09:29:17 GMT):
Hi All, hope you're all doing well. I've been thinking about a solution to a problem and couldn't find an RFC for this. Perhaps someone here has an additional opinion: Problem: As a Verifier, I want to know what the public DID(s) of "Firm X" is (are). Solution: We may know the WWW-URL of Firm X. We could standardize an endpoint, e.g. firmx.com/dids which will return the DIDs in a certain format. The reply should also contain a checksum of something, which the Verifier enters together with the URL to avoid misspelling problems etc. In this way we would leverage existing DNS in order to obtain DNS. Does something like that exist already? Thanks in advance

mhenniges (Tue, 25 May 2021 09:29:17 GMT):
Hi All, hope you're all doing well. I've been thinking about a solution to a problem and couldn't find an RFC for this. Perhaps someone here has an additional opinion: Problem: As a Verifier, I want to know what the public DID(s) of "Firm X" is (are). Solution: We may know the WWW-URL of Firm X. We could standardize an endpoint, e.g. firmx.com/dids which will return the DIDs in a certain format. The reply should also contain a checksum of something, which the Verifier enters together with the URL to avoid misspelling problems etc. In this way we would leverage existing DNS in order to obtain DIDs. Does something like that exist already? Thanks in advance

domwoe (Tue, 25 May 2021 09:42:39 GMT):
There's the well known did configuration proposal at DIF: https://identity.foundation/specs/did-configuration/ Furthermore, we are exploring working with a public profile/self-description endpoint: https://hackmd.io/4oZOgwFOQDSFUuu3ruN-_g Third, there is/was proposal on DIDs over DNS: https://tools.ietf.org/id/draft-mayrhofer-did-dns-03.html

domwoe (Tue, 25 May 2021 09:42:39 GMT):
There's the well known did configuration proposal at DIF: https://identity.foundation/specs/did-configuration/ Furthermore, we are exploring working with a public profile/self-description endpoint: https://hackmd.io/4oZOgwFOQDSFUuu3ruN-_g Third, there is/was a proposal on DIDs over DNS: https://www.ietf.org/archive/id/draft-mayrhofer-did-dns-04.txt

Nizu (Tue, 25 May 2021 10:45:46 GMT):
is there a way to avoid that? or at least make it so that the "peer" DID that is generated is always the same if the agent trying to connect is always the same?

Nizu (Tue, 25 May 2021 10:45:57 GMT):
thanks for your reply!

mhenniges (Tue, 25 May 2021 11:37:09 GMT):
Wonderful, thank you!

ArturPhilipp (Tue, 25 May 2021 12:45:50 GMT):
Has joined the channel.

PaulWen (Wed, 26 May 2021 18:55:15 GMT):
Has joined the channel.

TelegramSam (Thu, 27 May 2021 00:38:40 GMT):
Aries Interop Profile v2 Lives! https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0302-aries-interop-profile#aries-interop-profile-version-20

mhenniges (Thu, 27 May 2021 12:26:48 GMT):
You will find more information on your question here: https://www.goodhealthpass.org/wp-content/uploads/2021/03/GHPC-Interoperability-Blueprint-Outline-v2.pdf (page 25: "Trust Registries") Additionally, that problem can be addressed (a bit) in the future, using chained credentials: https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0104-chained-credentials/README.md

tgalal (Fri, 28 May 2021 14:53:18 GMT):
Has joined the channel.

genaris (Sun, 30 May 2021 19:55:35 GMT):
Has joined the channel.

swcurran (Sun, 30 May 2021 20:58:25 GMT):
FYI - Arnaud (Chair of the Hyperledger TSC) requested a "top story" about each Hyperledger project. I've sent this in for Aries: ``` The top story in Hyperledger Aries has been the success of the now year old Aries Interop Profile 1.0 in creating an ecosystem of at least 8 open and closed source Aries implementations and countless interoperable deployments of Aries Agents exchanging verifiable credentials, including those for "proof of vaccination" use cases. The next chapter of the Aries Interop story started on May 26, 2021 with formal acceptance by the community of Aries Interop Profile 2.0, which expands that interoperability across more DID methods and verifiable credential formats. ``` Feel free to provide feedback -- we can adjust as needed before the Hyperledger Global Forum.

waqaswahid1 (Mon, 31 May 2021 05:51:29 GMT):
Has joined the channel.

waqaswahid1 (Mon, 31 May 2021 05:51:30 GMT):
Hi .

da3v21 (Tue, 01 Jun 2021 02:19:59 GMT):
hello everyone. How do add a protocol such that we can send attachments(images/pdf) to another agent in the same way we send the basic messages between agents

da3v21 (Tue, 01 Jun 2021 02:19:59 GMT):
hello everyone. How do add a protocol such that we can *send attachments*(images/pdf) to another agent in the same way we send the *basic messages* between agents in *acapy*

da3v21 (Tue, 01 Jun 2021 02:19:59 GMT):
hello everyone. How to create a protocol which can *send attachments*(images/pdf) to another agent in the same way we send the *basic messages* between agents in *acapy*

da3v21 (Tue, 01 Jun 2021 02:19:59 GMT):
hello everyone. Q1. How to create a protocol which can *send attachments*(images/pdf) to another agent in the same way we send the *basic messages* between agents in *acapy*

da3v21 (Tue, 01 Jun 2021 02:23:38 GMT):
*MATTR* proposed a way to implement onetime usable credentials using BBS+ signatures(*Domain proofs*). Is this implemented anywhere?

da3v21 (Tue, 01 Jun 2021 02:23:38 GMT):
Q2. *MATTR* proposed a way to implement onetime usable credentials using BBS+ signatures(*Domain proofs*). Is this implemented anywhere?

swcurran (Tue, 01 Jun 2021 02:46:17 GMT):
A thing to try would be to use a basic message, but the an attachment decorator. That in theory should get the attachment sent. Of course the controller has to know what to do with it. A protocol specific for attachment sending might be useful though. It would probably be just like basic message, but with goal codes instead of the plain text message.

da3v21 (Tue, 01 Jun 2021 04:37:01 GMT):
Thanks!. Ya this will be more useful when combining with the signature decorator to send a signed attachment.

TelegramSam (Tue, 01 Jun 2021 21:05:38 GMT):
Alright folks, With AIP 2.0 Ratified (last week), we finally have agenda time for other topics relevant to the Aries community. What would you like to discuss?

swcurran (Tue, 01 Jun 2021 23:48:09 GMT):
Without hijacking the topics, there are a few Indy/Aries topics that would be nice to discuss. * The handling of resolving identifiers across multiple Indy networks by checking them all to see where the identifier is -- and to how to handle collisions. Wallet experience, verifier handling, etc. * The did:sov "universal resolver" does not currently return a DIDComm service block for an ATTRIB endpoint. Ideas on how to address that? Where could/should a change go to enable that in AIP 2.0? I don't have presentations on those, but could start a conversation.

mtfk (Wed, 02 Jun 2021 12:30:10 GMT):
I am very sorry that again in such short notice but I overlooked the calendar and due to conflicts we would need again to cancel morning Aries call. There is ongoing even about Fair Data Economy which I am attending and won't be able to lead today call. In exchange I would invite you to the live event which is about summarizing IHAN project: Dawn of the Fair Data Economy: https://event.prospectumlive.com/dawn-of-the-fair-data-economy For those who would not be able to attend would prepare short summary for next call to keep you up to date. See you at the event and we would speak at 16th.

danielhardman (Wed, 02 Jun 2021 19:01:15 GMT):
I'm in a TOIP call the conflicts with the Wed afternoon Aries B WG call. Ping me here if topics get discussed where my absence is a problem, and I'll try to monitor.

swcurran (Wed, 02 Jun 2021 21:02:09 GMT):
You missed a good discussion -- lots of interesting things. Universal Wallet, what to do about RFCs that use attachments when we go to DIDComm v2, some Indy DID resolution issues (handling the "endpoint" ATTRIB in the DIDComm world, checking multiple ledgers for an object), and a great question about how a holder should handle a presentation request they don't want to answer (at least not as asked).

mccown (Thu, 03 Jun 2021 12:59:13 GMT):
The Identity Implementer's WG is cancelled for today (6/3). Please join us when we reconvene in 2 weeks on 17 June 2021.

wip-abramson (Thu, 03 Jun 2021 21:18:30 GMT):
We had a little go at writing a plugin for attachments. Might be useful for you https://github.com/OpenMined/PyDentity/tree/master/libs/attachment-protocol. Signed attachments was always the plan but got distracted with other things.

vosrey (Sat, 05 Jun 2021 17:42:01 GMT):
when we revoke and reissue new credential. is it possible to trace back and forth between those credentials? e.g. Let's say we have a holder H, we issue c0 for H. Later on, we revoke c0, and issue c1 to H. Then revoke c1, and issue c2 and so on, until we revoke c2 and issue c4 for H. Is it possible if we start from c4, and trace back the history of the credentials that we have issued and revoked for H. (start from c4 trace back to c3 -> c2 -> c1 -> c0)? Similarly, if we start from credential c2, can we trace forward to find the current valid (non-revoked) credential c4? I guess, the data modelling of my question is that if we treat credential like a doubly linkedlist, which we can traverse back and forth of the ledger? e.g. i0 <-> i1 <-> i2 <-> i3 <-> i4?

vosrey (Sat, 05 Jun 2021 17:42:01 GMT):
when we revoke and reissue new credential. is it possible to trace back and forth between those credentials? e.g. Let's say we have a holder H, we issue c0 for H. Later on, we revoke c0, and issue c1 to H. Then revoke c1, and issue c2 and so on, until we revoke c2 and issue c4 for H. Is it possible if we start from c4, and trace back the history of the credentials that we have issued and revoked for H. So, we know that H currently holds c4, and H used to hold c3, c2, c1 and c0. (start from c4 trace back to c3 -> c2 -> c1 -> c0)? Similarly, if we start from credential c2, can we trace forward to find the current valid (non-revoked) credential c4? I guess, the data modelling of my question is that if we treat credential like a doubly linkedlist, which we can traverse back and forth of the ledger? e.g. i0 <-> i1 <-> i2 <-> i3 <-> i4?

vosrey (Sat, 05 Jun 2021 17:42:01 GMT):
when we revoke and reissue new credential. is it possible to trace back and forth between those credentials? e.g. Let's say we have a holder H, we issue c0 for H. Later on, we revoke c0, and issue c1 to H. Then revoke c1, and issue c2 and so on, until we revoke c2 and issue c4 for H. Is it possible if we start from c4, and trace back the history of the credentials that we have issued and revoked for H. So, we know that H currently holds c4, and H used to hold c3, c2, c1 and c0. (start from c4 trace back to c3 -> c2 -> c1 -> c0)? Similarly, if we start from credential c2, can we trace forward to find the current valid (non-revoked) credential c4? So, we know that H used to hold c2 at one point in the past, but, c2, was revoked, and c3 was issued once, but was also revoked, and the current credential that H is holding is c4. I guess, the data modelling of my question is that if we treat credential like a doubly linkedlist, which we can traverse back and forth of the ledger? e.g. i0 <-> i1 <-> i2 <-> i3 <-> i4?

vosrey (Sat, 05 Jun 2021 17:42:01 GMT):
when we revoke and reissue new credential. is it possible to trace back and forth between those credentials? e.g. Let's say we have a holder H, we issue c0 for H. Later on, we revoke c0, and issue c1 to H. Then revoke c1, and issue c2 and so on, until we revoke c2 and issue c4 for H. Is it possible if we start from c4, and trace back the history of the credentials that we have issued and revoked for H. So, we know that H currently holds c4, and H used to hold c3, c2, c1 and c0. (start from c4 trace back to c3 -> c2 -> c1 -> c0)? Similarly, if we start from credential c2, can we trace forward to find the current valid (non-revoked) credential c4? So, we know that H used to hold c2 at one point in the past, but, c2, was revoked, and c3 was issued once, but was also revoked, and the current credential that H is holding is c4. I guess, the data modelling of my question is that if we can treat (or if there's a way we can make it happens) credentials like a doubly linkedlist, which we can traverse back and forth of the ledger? e.g. c0 <-> c1 <-> c2 <-> c3 <-> c4?

swcurran (Sat, 05 Jun 2021 22:35:02 GMT):
If "we" in this case is the issuer, then you could keep a history. If "we" is the holder, you can likewise can keep the history. No one else in the ecosystem knows anything about the history. A verifier that verifies every one of the credentials and notes the differences in the data presented might be able to tell that the credentials are different if (a) they know the prover is the same entity and (b) the data (claims) they request be proven included the differences that triggered the revocation events. From the sounds of your last paragraph, it seems you might think the credentials are put on a ledger. To be clear -- with Indy/Aries and VCs in general -- no data/VC goes on the ledger.

akakream (Mon, 07 Jun 2021 10:51:40 GMT):
Has joined the channel.

akakream (Mon, 07 Jun 2021 11:00:31 GMT):
Hello everyone, we are developing a distributed voting app where we identify voters using the Hyperledger services. We already have a working setup of Indy, aca-py and wallet apps. We would like to move the aries agent to user side, which is in our case the browser. Is it in any way possible to run an agent in the browser?

b1conrad (Mon, 07 Jun 2021 13:29:29 GMT):
At Pico Labs we did some work in this direction a year ago. You can find a brief report of Session 22C of IIW here: https://iiw.idcommons.net/IIW_30_Session_Notes#Session_22 and slides here: https://bruceatbyu.com/s/ManifoldSSI

dmendivil (Mon, 07 Jun 2021 18:06:44 GMT):
Has joined the channel.

dmendivil (Mon, 07 Jun 2021 18:06:45 GMT):
Hi all, I have some doubts. Unless Aries RFC 0231: Biometric Service Provider is implemented in an Agent, a person can illegaly "lend" his wallet to a friend, in order to attest, for example that he has the green vaccine passport. His friend only needs to know the wallet password, pin or passphrase, that is because the authentication method is something he knows instead of something he is (e.g. with biometrics), thank you.

PaulWen (Wed, 09 Jun 2021 15:54:55 GMT):
Hi everyone, I was wondering if you believe that (A) each holder will end up with one wallet for all of his credentials or (B) each holder will have multiple wallet apps that are optimised for certain use cases?

PaulWen (Wed, 09 Jun 2021 15:56:22 GMT):
I currently see arguments for both models but am wondering in particular how credentials from different wallets could be combined to answer one proof request?

daidoji (Wed, 09 Jun 2021 16:03:12 GMT):
That seems to be a big open question. It seems like logistically one wallet to hold most of the credentials is the only way to manage and transmit those credentials. Multi-wallet scenarios (and onerous transfers of credentials between wallets for the users) seem like they're less than ideal.

chetanhere (Wed, 09 Jun 2021 17:13:32 GMT):
Has joined the channel.

dmendivil (Wed, 09 Jun 2021 18:57:02 GMT):
The problem is that depending on the information to protect, there may be different security requirement and regulatory compliance, is not the same to protect your expiration's drivers licence than your health records

dmendivil (Wed, 09 Jun 2021 18:58:11 GMT):
So, may be some wallets don't need to comply with all the needed requirements

daidoji (Wed, 09 Jun 2021 19:03:46 GMT):
that's true, but that'll be way more hassle imo. Seems like the market has to eventually coalesce around a set of wallets that provide a range of security features. Kinda like browsers.

iammatrix (Thu, 10 Jun 2021 10:30:59 GMT):
Hey guys, is there any example of Revocation registry, been working on it, getting some errors, would be good if I get any articles or documentations.

karli0 (Thu, 10 Jun 2021 14:54:58 GMT):
Has joined the channel.

karli0 (Thu, 10 Jun 2021 14:59:22 GMT):
Hi everyone, we are conceptually working on the transfer of non-VC digitial credentials to VCs. A particular question is on how X.509 certificates can be either interfaced with the SSI ecosystem or how they can be transfered to VCs. Any thoughts, ideas, comments are much appreciated, thank you!

swcurran (Thu, 10 Jun 2021 19:30:25 GMT):
There have been some use of that with Aries. I believe @fhmarino knows about this -- he presented the topic at the Hyperledger Global Forum this week.

aito (Fri, 11 Jun 2021 02:28:24 GMT):
Has joined the channel.

aito (Fri, 11 Jun 2021 02:28:24 GMT):
Hi everyone. I've recently been introduced to Hyperledger Indy/Aries and was wondering if ACA-py's /jsonld/{sign,verify} API can be used to sign arbitrary data (non-credential app-specific data signatures)?+

karli0 (Fri, 11 Jun 2021 07:53:50 GMT):
@swcurran Many thanks! I found the slides

fhmarino (Fri, 11 Jun 2021 12:21:56 GMT):
Hi @karli0! We have developed a few concepts here where we're using X.509 both to make the onboarding of new users --towards issuing base identity VCs, and to eventually signing documents and even the content of VCs. (when it's needed by the law).

ianco (Fri, 11 Jun 2021 13:52:26 GMT):
Yes that's the intent (although we haven't actually tried yet)

akakream (Sun, 13 Jun 2021 15:56:14 GMT):
Thank you very much

TimoGlastra (Sun, 13 Jun 2021 19:04:21 GMT):
Yes that's definitely possible

TimoGlastra (Sun, 13 Jun 2021 19:04:44 GMT):
I just tried with a non-VC JSON-LD object and it worked just fine

TimoGlastra (Sun, 13 Jun 2021 19:05:09 GMT):
The `credential` key should probably be renamed to `document` or something

aito (Sun, 13 Jun 2021 23:40:43 GMT):
Thanks!

aito (Mon, 14 Jun 2021 04:26:53 GMT):
Where can I find more information about `options` for `sign` and `proof` for `verify`?

aito (Mon, 14 Jun 2021 04:26:53 GMT):
Where can I find more information about `options` for `sign` and `proof` for `verify`?　 I assume this corresponds to the proof of the vc-data-model (https://www.w3.org/TR/vc-data-model/#proofs-signatures) , but is there any documentation of possible values for the current implementation of aca-py/indy?

aito (Mon, 14 Jun 2021 04:26:53 GMT):
Where can I find more information about `options` for `sign` and `proof` for `verify`?　 I assume this corresponds to "Linked Data Proofs"(https://w3c-ccg.github.io/ld-proofs/), but is there any documentation of possible values for the current implementation of aca-py/indy?

aito (Mon, 14 Jun 2021 08:30:30 GMT):
Hi everyone. Is it possible to manage "data DIDs" in aca-py/indy? This means that the DID controller and subject are different, and the DID controller is an existing did that represents a person.

TimoGlastra (Mon, 14 Jun 2021 13:04:02 GMT):
Not that I'm aware of. @dbluhm you probably know more :)

dbluhm (Mon, 14 Jun 2021 13:39:11 GMT):
``` class SignatureOptionsSchema(Schema): """Schema for LD signature options.""" type = fields.Str(required=False) verificationMethod = fields.Str(required=True) proofPurpose = fields.Str(required=True) challenge = fields.Str(required=False) domain = fields.Str(required=False) ``` These values are passed mostly verbatim to the `proof` section of the resulting signed document. The biggest exception is the `verificationMethod` which is obviously used to perform verification on verify. So yes, the possible values are largely dictated by the "Linked Data Proofs" spec you linked to and what you fill into these values and whether it's valid is left to the caller since these endpoints are currently very loosely coupled with ACA-Py.

swcurran (Mon, 14 Jun 2021 14:29:17 GMT):
I wouldn't say such concepts are used in ACA-Py. ACA-Py generally only has DIDs on a ledger for the issuer, and for the purpose of issuing, with the only data in the DIDDoc being the public key for the DID and an endpoint.

mateussousa (Mon, 14 Jun 2021 19:24:20 GMT):
Has joined the channel.

aito (Mon, 14 Jun 2021 23:34:37 GMT):
Thank you!

aito (Tue, 15 Jun 2021 02:54:53 GMT):
Thanks! I tried a few myself to get a feel for it.

MichaelWiles (Tue, 15 Jun 2021 07:33:41 GMT):
Has joined the channel.

MichaelWiles (Tue, 15 Jun 2021 07:33:42 GMT):
So please excuse this question if it's a "noob" question... We are building an api on top of aca-py to facilitate our use cases... This question is in the context of ACA-Py... I am just keen to know why there is a concept of "wallet endpoint" and what it is used for? It does not appear to be the same as the more general endpoints for communicating between agents. I'd assume it has something to do with giving external parties the ability to interact directly with wallet? Not entirely sure what external party that would be... When you create a wallet you can set the endpoint, this can also be read and updated.

MichaelWiles (Tue, 15 Jun 2021 07:46:48 GMT):
moved my question to #aries-cloudagent-python

aito (Tue, 15 Jun 2021 10:05:57 GMT):
additional questions in #Indy

aito (Tue, 15 Jun 2021 10:06:46 GMT):
additional questions in #indy

mtfk (Wed, 16 Jun 2021 13:34:37 GMT):
After long break Aries A call is back, starting in less then 30 minutes at 16 CET. Today on the agenda: - Authentic Chain Data Containers work update and roadmap - Centralized registry with decentralized control - how to use concept of verifiable credential to establish control authority over human readable identifier. See you there, details of the meeting as always https://wiki.hyperledger.org/pages/viewpage.action?pageId=51610792

mccown (Wed, 16 Jun 2021 20:48:23 GMT):
The Identity Implementer's WG is meeting tomorrow (June 17th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. This week, Bruce Conrad will be presenting on implementing Self-Sovereign Identity in IoT environments. Wiki: https://wiki.hyperledger.org/display/IWG/2021-06-17+:+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

fethbita (Fri, 18 Jun 2021 12:15:30 GMT):
Has joined the channel.

lwyatt (Sun, 20 Jun 2021 08:09:52 GMT):
Has joined the channel.

lwyatt (Sun, 20 Jun 2021 08:12:40 GMT):
Hi everyone, in the "present-proof" protocol, is it possible for a verifier to share the proof presentation submitted by the holder with a third-party so that the third-party can also verify the proof? This might be required in cases when there is some legal conflict between a holder and a verifier.

swcurran (Sun, 20 Jun 2021 14:15:33 GMT):
There is not a technical barrier to that. There might be a legal one, and a question of consent. It's roughly equivalent to a bartender taking a picture of your ID at a pub and keeping it "just in case". Definitely a murky legal area -- especially if PII is involved.

lwyatt (Sun, 20 Jun 2021 14:23:59 GMT):
So in the bartender scenario, is it possible for the bartender to prove to a third-party that the picture in discussion is actually binded to some Verifiable Credential? 1. I'm not sure how the third-party will verify (cryptographically) that the picture is binded to some credential. 2. Is the same also possible even the CL-Signatures based credentials?

swcurran (Sun, 20 Jun 2021 15:10:36 GMT):
The third party could verify the same cryptography as the verifier -- who the issuer was, that the claims had not been tampered with/forged, and the proof of non-revocation, if provided. Using CL Signatures, they could also that the proof was created by the holder -- e.g. the same party to whom the credential was issued. To get deeper into the specifics of the cryptography, you'll have need a cryptographer to explain beyond that.

lwyatt (Sun, 20 Jun 2021 19:17:47 GMT):
I see. Thanks for your response @swcurran. After checking out a few details, I could gather the following: Verifier creates a nonce (which binds the proof presentation by a holder to the given verifier). If the verifier shares this nonce with the third-party, along with the proof presentation data, the third-party should be able to verify this proof.

lwyatt (Sun, 20 Jun 2021 19:17:47 GMT):
I see. Thanks for your response @swcurran After checking out a few details, I could gather the following: Verifier creates a nonce (which binds the proof presentation by a holder to the given verifier). If the verifier shares this nonce with the third-party, along with the proof presentation data, the third-party should be able to verify this proof.

lwyatt (Sun, 20 Jun 2021 19:18:57 GMT):
Also, is any functionality implemented in any of the Agent Frameworks?

lwyatt (Sun, 20 Jun 2021 19:18:57 GMT):
Also, is any such functionality implemented in any of the Agent Frameworks?

lwyatt (Sun, 20 Jun 2021 19:18:57 GMT):
Also, is such functionality implemented in any of the Agent Frameworks?

kukgini (Mon, 21 Jun 2021 01:32:13 GMT):
Hello everyone. I have a question about how to verify verifiable presentations made with json-ld / bbs +. When the verifier verifies the presentation presented by the holder, does it verify (i) the proof of the verifiable presentation, verifying all one or more derived credentials attached to the presentation? Otherwise, (ii) after verifying the proof of the presentation, the verifier have to verify each derived credential again?

kukgini (Mon, 21 Jun 2021 01:32:13 GMT):
Hello everyone. I have a question about how to verify verifiable presentation made with json-ld / bbs +. When the verifier verifies the presentation presented by the holder, does it verify (i) the proof of the verifiable presentation, verifying all one or more derived credentials attached to the presentation? Otherwise, (ii) after verifying the proof of the presentation, the verifier have to verify each derived credential again?

kukgini (Mon, 21 Jun 2021 01:32:13 GMT):
Hello everyone. I have a question about how to verify verifiable presentation made with json-ld / bbs +. When the verifier verifies the presentation presented by the holder (proof type is BbsBlsSignatureProof2020), does it verify (i) the proof of the verifiable presentation, verifying all one or more derived credentials attached to the presentation? Otherwise, (ii) after verifying the proof of the presentation, the verifier have to verify each derived credential again?

kukgini (Mon, 21 Jun 2021 01:32:13 GMT):
Hello everyone. I have a question about how to verify verifiable presentation made with json-ld / bbs +. When the verifier verifies the presentation presented by the holder (proof type is BbsBlsSignatureProof2020) does it verify (i) the proof of the verifiable presentation, verifying all one or more derived credentials attached to the presentation? Or, (ii) after verifying the proof of the presentation, the verifier have to verify each derived credential again?

RHYTHMSETHI (Mon, 21 Jun 2021 06:25:56 GMT):
Has joined the channel.

RHYTHMSETHI (Mon, 21 Jun 2021 06:26:23 GMT):
I want to understand how multi tenancy is implemented on lower levels

Mark_Spencer (Mon, 21 Jun 2021 07:36:43 GMT):
Hi everyone, I wanted to know if "auto-ping" and "auto-verify-presentation" tags work with agent version 0.6.0 and Edge agent ? ( I tried creating connection and tried to establish an active connection between Edge agent and acapy (0.6.0) , but the state on the acapy was on "response" . Ideally it should be active if these tags are given to acapy.

akakream (Mon, 21 Jun 2021 12:41:36 GMT):
I was also wondering this. When I send the presentation to a third party agent, it cant re-verify the presentation, (I get an error stating that the presentation exchange is not in state "presentation_received".) Is there any workaround to this using the agent API?

esune (Mon, 21 Jun 2021 15:38:18 GMT):
I believe whether the connection is set to `active` or not is a result of `aca-py receiving a ping back from the other agent. Especially when sending a connection invitation, the inviting agent is unaware of the connection being established until it receives something (a ping or any other type of message) from the invited agent.

knibals (Tue, 22 Jun 2021 11:00:13 GMT):
Has joined the channel.

kukgini (Wed, 23 Jun 2021 04:32:46 GMT):
Hello everyone. I would like to understand the content of this link more clearly. From this: https://github.com/hyperledger/aries-rfcs/tree/b3a3942ef052039e73cd23d847f42947f8287da2/features/0510-dif-pres-exch-attach There is no mention here of `BBS+ Bound Signature Suite 2020` and `BBS+ Bound Signature Proof Suite 2020`, which enable private holder binding via blind signature. Has it not been established yet?

andrew.whitehead (Wed, 23 Jun 2021 04:36:35 GMT):
Not yet, I think that was only merged in the last week

kukgini (Wed, 23 Jun 2021 04:41:37 GMT):
thank you @andrew.whitehead :grinning:

tarou.y6666 (Wed, 23 Jun 2021 05:31:15 GMT):
Has joined the channel.

swcurran (Wed, 23 Jun 2021 14:38:50 GMT):
But we would REALLY love to see it...

Mark_Spencer (Wed, 23 Jun 2021 15:08:19 GMT):
The other agent in this case is an .net Edge Agent. Although this works fine with Acapy(v0.6.0)-Acapy(v0.6.0) when the agents are started with *-auto-ping* tag And the same scenario used to work with Acapy agent 0.5.6 and .net edge agent

Baha-sk (Wed, 23 Jun 2021 17:02:46 GMT):
@swcurran @kdenhartog @TelegramSam @troyronda, @danielhardman updated Aries RFCs 334 and 587 based on ECDH-1PU draft4 update: https://github.com/hyperledger/aries-rfcs/pull/684

lwyatt (Wed, 23 Jun 2021 17:18:12 GMT):
@akakream I don't think it would work like that. You ideally need to create a separate proof request for each presentation that you expect from a holder. I don't think we can forward proof presentations for verification by a third-party with the current set of APIs.

EtricKombat (Thu, 24 Jun 2021 12:22:29 GMT):
Will there be Aries certification backed by linux foundation in future just like CHFD,CHFA?

cam-parra (Thu, 24 Jun 2021 17:16:47 GMT):
Anyone know Keith Smith's username on rocketchat?

swcurran (Thu, 24 Jun 2021 17:18:26 GMT):
@smithbk is Keith.

kukgini (Fri, 25 Jun 2021 04:39:20 GMT):
As far as i know. trust over ip (ToIP) has a plan about this in here: https://trustoverip.org/blog/2020/10/19/trust-over-ip-foundation-introduces-a-new-tool-for-interoperable-digital-trust/

EtricKombat (Fri, 25 Jun 2021 09:30:05 GMT):
@kukgini ...thank you for sharing this with us

swcurran (Fri, 25 Jun 2021 18:13:53 GMT):
FYI - ToIP is a Linux Foundation organization.

kukgini (Fri, 25 Jun 2021 22:25:07 GMT):
@EtricKombat Sorry. Preaps you were looking for an answer like this: https://www.edx.org/professional-certificate/linuxfoundationx-developing-blockchain-based-identity-applications

kukgini (Fri, 25 Jun 2021 22:25:07 GMT):
@EtricKombat Sorry. Perhaps you were looking for an answer like this: https://www.edx.org/professional-certificate/linuxfoundationx-developing-blockchain-based-identity-applications

gmi12 (Sun, 27 Jun 2021 09:21:39 GMT):
Has joined the channel.

gmi12 (Sun, 27 Jun 2021 09:21:39 GMT):
Hello everyone, I have a problem, I send a proof of request to my Lissi Wallet and if I have only one predicate or attribute request, the presentation afterwards can be verified in my Verifier agent, but if I request two or more predicates/attributes, the verified status always ends up as false. A colleague of mine found out that it works, if you use an old version of Lissi(0.12), do you have any insights to this problem?

swcurran (Sun, 27 Jun 2021 13:53:26 GMT):
@sebastian ^^^

ArdianAbazi (Mon, 28 Jun 2021 14:38:38 GMT):
Hi :wave: ,``` I'm new to Aries and I'm trying to run the open-api-demo from the aries-framework-go repo on github. ```

santidediego (Mon, 28 Jun 2021 14:56:21 GMT):
Has joined the channel.

santidediego (Mon, 28 Jun 2021 14:56:23 GMT):
Hi, I am trying to implement a quick PoC of the section C of the W3C standard (https://www.w3.org/TR/vc-data-model/#subject-holder-relationships) which implies for a Holder to store a Verifiable Credential whose subject is not him, but the SDK raises an error when I try to do that (storing a different-subject credential). Is there any way to implement this with the current version of the SDK? is it in the roadmap to add support for this? T

swcurran (Mon, 28 Jun 2021 15:45:57 GMT):
What are you using -- ACA-Py? If so, suggest that you open an issue with a detail of what you think is needed. I'm not sure what is supported. Quite frankly, I don't understand how the W3C Spec. actually supports Subject is not Holder -- how can that be cryptographically verified? I think that "subject is not holder" is not a VC issue, but a schema/semantics/VC ecosystem issue. The only thing about the holder that can be crytpographically tied is that the holder was issued the credential by the issuer. I don't think anything can be cryptographically proven about a subject that is not the holder. Also interested in your use case.

sebastian (Tue, 29 Jun 2021 07:28:34 GMT):
That is a known bug, which should soon be fixed in the next release

TimoGlastra (Tue, 29 Jun 2021 08:07:58 GMT):
@swcurran the `holder` key allows to specify a different holder

TimoGlastra (Tue, 29 Jun 2021 08:08:02 GMT):
https://www.w3.org/TR/vc-data-model/#issuer-authorizes-holder

santidediego (Tue, 29 Jun 2021 09:12:40 GMT):
Yes, I posted it here but it might be in another channel, maybe in aca-py... C6 effectively describes a situation where the holder has no know relationship with the subject. Also, the W3C proposes in C5, which requires that the holder stores two Verifiable Credentials (the original and the other one) and generates a Verifiable Presentation based on these two Verifiable Credentials. This also adds extra complexity to the verifier, who would need to take this into account for verifying the VP. The example provided is a patient who is too ill to get a prescription and sends a friend on his behalf.

santidediego (Tue, 29 Jun 2021 09:12:40 GMT):
Yes, I posted it here but it might be in another channel, maybe in aca-py... C6 effectively describes a situation where the holder has no known relationship with the subject. Also, the W3C proposes in C5, which requires that the holder stores two Verifiable Credentials (the original and the other one) and generates a Verifiable Presentation based on these two Verifiable Credentials. This also adds extra complexity to the verifier, who would need to take this into account for verifying the VP. The example provided is a patient who is too ill to get a prescription and sends a friend on his behalf.

santidediego (Tue, 29 Jun 2021 09:12:40 GMT):
Yes, I posted it here but it might be in another channel, maybe in aca-py... C6 effectively describes a situation where the holder has no known relationship with the subject. Also, the W3C proposes sth similar in C5, which requires that the holder stores two Verifiable Credentials (the original and the other one) and generates a Verifiable Presentation based on these two Verifiable Credentials. This also adds extra complexity to the verifier, who would need to take this into account for verifying the VP. The example provided is a patient who is too ill to get a prescription and sends a friend on his behalf.

Nizu (Tue, 29 Jun 2021 12:29:07 GMT):
Hi guys, I'm trying to create a file and write in the file the time that it takes for Faber.py to initialize and make connections but I can't seem to find that file, no error is given... I checked the directory that the code is being run and it says it is being run in the folder home/indy/... I dont have that directory and when i try to change it to a directory that actually exists on my computer it says it doesn't (it gives me the errno 2 file or directory doesnt exist.. does anyone have any idea about what is going on? Thanks in advance

ianco (Tue, 29 Jun 2021 16:52:10 GMT):
Faber is dunning in a docker container so that is where the file is getting created

TelegramSam (Tue, 29 Jun 2021 17:58:02 GMT):
There is not an Aries standard for how it's done within codebases. The most advanced implementation that I know of is in ACAPy. That code will reveal their choices, and questions can be asked in #aries-cloudagent-python for more detail.

Nizu (Tue, 29 Jun 2021 18:47:50 GMT):
ofc!!! i totally forgot about it.. thanks for the reply!

mtfk (Wed, 30 Jun 2021 06:59:48 GMT):
Hi everyone, on last Aries A call we talked a bit about ACDC (Authentic Chained Data Container) and today we would see how it works in action. HCF are happy to present the work which was done over past year in collaboration with multiple communities presenting the vision of authentic data flows within Dynamic Data Economy. We would show how OCA helps to harmonize the data and link different ontology (data model), then through ACDC it is digest into the system and how components like Data Sharing Engine can make use of that in discoverability mechanism for criteria search. All that with consent driven flow and privacy preserve mechanism. See you on the call! Details on the meeting page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=54657685

mtfk (Wed, 30 Jun 2021 07:00:04 GMT):
We starting as always 4pm CET.

swcurran (Wed, 30 Jun 2021 16:54:54 GMT):
Please post the recording -- couldn't make the call but would love to watch this.

mccown (Wed, 30 Jun 2021 19:34:13 GMT):
The Identity Implementer's WG is meeting tomorrow (July 1st @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed this week. This week, Steve McCown (Anonyome Labs) will present on automatically-generating language wrappers for Rust libraries, such as didcomm_rs. Language wrappers include: Swift, Kotlin, Python, and C++. Wiki: https://wiki.hyperledger.org/display/IWG/2021-07-01+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mtfk (Thu, 01 Jul 2021 06:39:54 GMT):
Already uploaded, happy to hear your feedback! https://wiki.hyperledger.org/pages/viewpage.action?pageId=54657685

agrawalaman (Thu, 01 Jul 2021 08:58:20 GMT):
Hey everyone, can someone explain to me how the proof presentation protocol is working in aries controller demo on github? The Acme agent is sending a proof request to Alice using the API /present-proof/send-request but what API is alice using to send the proofs?

rafaelandradegs (Thu, 01 Jul 2021 13:59:14 GMT):
Has joined the channel.

andrew.whitehead (Thu, 01 Jul 2021 16:21:57 GMT):
Oops, I thought it was 9 PST. I’ll watch the recording when it’s up

gaberasturi (Fri, 02 Jul 2021 11:31:01 GMT):
Has joined the channel.

Nizu (Fri, 02 Jul 2021 17:17:44 GMT):
hey guys, im trying to copy a txt that i created with some timers from the alice and faber demos. These demos are being run in docker containers.. when i try to copy the txt it gives me an error: "open [path/file]: permission denied... is there a way to give it permission? does anyone know what is going on? Thanks in advance

rjones (Fri, 02 Jul 2021 23:11:24 GMT):

pmn2090 (Sat, 03 Jul 2021 01:08:19 GMT):
Has joined the channel.

vakster (Sat, 03 Jul 2021 07:01:02 GMT):
Has joined the channel.

BravoNatalie (Sat, 03 Jul 2021 10:55:01 GMT):
Has joined the channel.

AsifMesbah (Sun, 04 Jul 2021 01:00:44 GMT):
Has joined the channel.

IoanSlavu (Sun, 04 Jul 2021 17:21:29 GMT):
Has joined the channel.

agrawalaman (Sun, 04 Jul 2021 17:41:12 GMT):
Hi, while starting the aca-py instance, how do we start the instance with the agent who has registered his public DID?

sg1408 (Sun, 04 Jul 2021 19:01:33 GMT):
Has joined the channel.

bphan (Mon, 05 Jul 2021 05:00:24 GMT):
Has joined the channel.

mturetchi (Mon, 05 Jul 2021 10:53:36 GMT):
Has joined the channel.

mturetchi (Mon, 05 Jul 2021 11:09:59 GMT):
Hello, I'm trying to implement a Web and Mobile Agent (aries-dotnet-framework). I've a requirement when issuing a document to be able to transmit a file (for example the image of the real document). Is there any way I can do this?

etaleo (Mon, 05 Jul 2021 14:30:03 GMT):
As I see, there are 3 main ways to encode a VC (which is what we try): 1) JSON + JWT 2) JSON-LD + JWT 3) JSON-LD + LD-Proof In 3), you provide the signature/proof via the proof attribute. Then, within 2), you can either a) provide the proof/signature as a ordinary JWT signature as part of the JWT – or, you can/should also add an additional proof property (e.g. for more sophisticated signature algorithms or proofPurpose), as described in https://w3c.github.io/vc-data-model/#jwt-encoding How does the proof attribute of the JWT has to look like, and how (if at all) does it differ from a JSON-LD Proof?.

mateussousa (Mon, 05 Jul 2021 15:37:42 GMT):
Hi all It is possible to enable https transport in aca-py?

mateussousa (Mon, 05 Jul 2021 15:37:42 GMT):
Hi all Is it possible to enable https transport in aca-py?

swcurran (Mon, 05 Jul 2021 15:42:17 GMT):
@WadeBarnes -- opinion on that? I assume this would not be an issue.

mateussousa (Mon, 05 Jul 2021 15:43:19 GMT):
I agree but I didnt find any tutorial about it. Thats should be my first question

mateussousa (Mon, 05 Jul 2021 15:44:49 GMT):
If you know any docs related Ill appreciate it

esune (Mon, 05 Jul 2021 15:46:27 GMT):
aca-py itself does not support handling the SSL certificates for HTTPs. What we usually do is put it behind a reverse proxy that handles SSL and terminates the HTTPs conenction so that external traffic is under HTTPS while internal (between reverse proxy and aca-py) is HTTP

esune (Mon, 05 Jul 2021 15:46:27 GMT):
I believe aca-py itself does not support handling the SSL certificates for HTTPs. What we usually do is put it behind a reverse proxy that handles SSL and terminates the HTTPs conenction so that external traffic is under HTTPS while internal (between reverse proxy and aca-py) is HTTP

mateussousa (Mon, 05 Jul 2021 15:47:30 GMT):
Thats makes all sense

mateussousa (Mon, 05 Jul 2021 15:47:44 GMT):
Thanks a lot

mateussousa (Mon, 05 Jul 2021 15:47:58 GMT):
guys

esune (Mon, 05 Jul 2021 15:48:09 GMT):
no problem

WadeBarnes (Mon, 05 Jul 2021 15:50:02 GMT):
@esune beat me to it.

WadeBarnes (Mon, 05 Jul 2021 15:51:54 GMT):
This allows us to scale and balance the number of aca-py instances serving the requests without having to deal with the TLS settings on each aca-py instance.

WadeBarnes (Mon, 05 Jul 2021 15:53:35 GMT):
We (the team from the BC Government) run our applications on OpenShift, which does a nice job of handling all the TLS termination, routing, load balancing and scaling for all our aca-py insatnce.

WadeBarnes (Mon, 05 Jul 2021 15:55:05 GMT):
Example OpenShift configurations for https://orgbook.gov.bc.ca/ can be found here; https://github.com/bcgov/orgbook-configurations

sharkrit (Mon, 05 Jul 2021 18:20:50 GMT):
Has joined the channel.

QuasiStellar (Mon, 05 Jul 2021 19:00:35 GMT):
Has joined the channel.

LikithS (Mon, 05 Jul 2021 19:51:40 GMT):
Has joined the channel.

agrawalaman (Mon, 05 Jul 2021 21:08:40 GMT):
Can someone tell me why am I getting this error {'connection_id': ['Missing data for required field.'], 'credential_proposal': ['Missing data for required field.']} My credential object has all the required fields.

sakthi.raju (Tue, 06 Jul 2021 04:39:14 GMT):
Has joined the channel.

mahendraswain (Tue, 06 Jul 2021 05:15:07 GMT):
Has joined the channel.

shanest (Tue, 06 Jul 2021 05:25:59 GMT):
Has joined the channel.

yujinpark (Tue, 06 Jul 2021 05:50:18 GMT):
Has joined the channel.

vshawn (Tue, 06 Jul 2021 07:06:54 GMT):
Has joined the channel.

chhokra (Tue, 06 Jul 2021 09:38:57 GMT):
Has joined the channel.

gaberasturi (Tue, 06 Jul 2021 09:55:51 GMT):
Hello newbie to Indy/Aries If I'm using a default wallet with sqlite in a Web Agent, its possible to attach to an Indy-cli this wallet if I have (acces to) the files and their key? ``` -rw-r--r-- 1 root root 57344 Jul 6 08:52 sqlite.db -rw-r--r-- 1 root root 32768 Jul 6 08:52 sqlite.db-shm -rw-r--r-- 1 root root 90672 Jul 6 08:52 sqlite.db-wal ``` If storage is Postgresql I think is posibble to do an export/import but if the storage is sqlite I don't know. I haven't Indy-sdk in the Web Agent. Reviewing the https://github.com/hyperledger/indy-sdk/tree/master/docs/design/001-cli#wallet-attach documentation there is a file `storage_config` but I havent found documentation about the content of it. https://github.com/hyperledger/indy-sdk/blob/master/cli/src/commands/wallet.rs "storage_config", "The list of key:value pairs defined by storage type." The purpose is to do a backup of the wallet. Thanks in advanced.

cpsatav (Tue, 06 Jul 2021 10:14:16 GMT):
Has joined the channel.

vasile135 (Tue, 06 Jul 2021 15:36:44 GMT):
Has joined the channel.

CalebLiu (Wed, 07 Jul 2021 02:48:52 GMT):
Has joined the channel.

drewmattic (Wed, 07 Jul 2021 04:58:03 GMT):
Has joined the channel.

Urko (Wed, 07 Jul 2021 10:44:42 GMT):
Has joined the channel.

gt88 (Wed, 07 Jul 2021 11:40:04 GMT):
Has joined the channel.

tychobrailleur (Wed, 07 Jul 2021 12:26:05 GMT):
Has joined the channel.

alanveloso (Wed, 07 Jul 2021 12:52:14 GMT):
Has joined the channel.

ReufRujevic (Wed, 07 Jul 2021 14:08:44 GMT):
Has joined the channel.

ianco (Wed, 07 Jul 2021 14:10:41 GMT):
Yes you can use the indy cli to import/export a sqlite wallet (in fact you can export from sqlite and import to postgres or the other way around)

ianco (Wed, 07 Jul 2021 14:12:00 GMT):
Postgres has a bunch of extra parameters in the storage config and credentials (there is an example ehre: https://github.com/hyperledger/indy-sdk/blob/master/experimental/plugins/postgres_storage/cli_ps_test.txt)

ianco (Wed, 07 Jul 2021 14:12:40 GMT):
For sqlite I don't think you need to provide any extra config or credentials

ianco (Wed, 07 Jul 2021 14:12:47 GMT):
(just off the top of my head)

ianco (Wed, 07 Jul 2021 14:13:41 GMT):
The only issue may be where the indy-cli looks for the sqlite database. Try creating a new wallet using indy-cli and then see where it creates the wallet.db file ...

TimoGlastra (Thu, 08 Jul 2021 08:43:48 GMT):
It seems like the recordings for the Aries WG B haven't been posted for a while. Am I looking at the right place (bottom of the wiki page)?

TimoGlastra (Thu, 08 Jul 2021 08:43:56 GMT):
@TelegramSam

AndreEsteves (Thu, 08 Jul 2021 10:56:17 GMT):
Has joined the channel.

mkm 14 (Thu, 08 Jul 2021 14:00:03 GMT):
Has joined the channel.

Cryptohash (Thu, 08 Jul 2021 16:11:07 GMT):
Has joined the channel.

Najetbh83 (Thu, 08 Jul 2021 19:33:56 GMT):
Has joined the channel.

hoang-innomizetech (Fri, 09 Jul 2021 03:56:49 GMT):
Has joined the channel.

pranavkirtani88 (Fri, 09 Jul 2021 07:14:35 GMT):
how do we horizontally scale aries? i understand that the indy wallet is an sql file, is it mapped to it db if we want to scale horizontally? how doe aries manage this?

ianco (Fri, 09 Jul 2021 13:34:39 GMT):
We use postgres for wallet storage when we horizontally scale aries. (Note this is for aca-py or any indy-based aries agent, other agents may use a different backend database)

AndrewStarling (Sat, 10 Jul 2021 03:58:53 GMT):
Has joined the channel.

shanest (Sat, 10 Jul 2021 07:14:13 GMT):

shanest (Sat, 10 Jul 2021 07:14:13 GMT):
Hi. I'm very new to Aries and Indy. I'm trying to run Alice demo for Faber --revocation but I keep getting "trying to detect ngrok service endpoint & jq not found" . I have project directory setup as alice >demo> indy-tails-server>docker. i have jq-osx-amd64 file placed at both >demo and > docker yet still failed. Did i miss anything out? and sorry if I bring this up at the wrong channel. thank you.

shanest (Sat, 10 Jul 2021 07:16:11 GMT):
indy-tails-server output `tails-server_1 | ======== Running on http://0.0.0.0:6543 ========`

ritikbhandari (Sat, 10 Jul 2021 09:48:21 GMT):
Has joined the channel.

atirikt (Sat, 10 Jul 2021 09:54:10 GMT):
Has joined the channel.

CopyBilla (Sat, 10 Jul 2021 14:18:07 GMT):
Has joined the channel.

danielszego (Sat, 10 Jul 2021 18:47:00 GMT):
Has joined the channel.

AkshatCy2012sn (Sat, 10 Jul 2021 21:14:31 GMT):
Has joined the channel.

tim-trutech (Sat, 10 Jul 2021 21:27:39 GMT):
Has joined the channel.

TomRobertson1 (Sun, 11 Jul 2021 17:11:48 GMT):
Has joined the channel.

mtfk (Sun, 11 Jul 2021 19:17:53 GMT):
Announcement: Due to the summer vacation period we are doing a break with Aries Working Group Call - A - we would get back on 4th of August. I wish you all great time with your family and happy summer for all!

mtfk (Sun, 11 Jul 2021 19:17:53 GMT):
Announcement: Due to the summer vacation period we are doing a break with Aries Working Group Call - A - we would get back on 11th of August. I wish you all great time with your family and happy summer for all!

eharris128 (Sun, 11 Jul 2021 23:03:06 GMT):
Has joined the channel.

gaberasturi (Mon, 12 Jul 2021 06:42:59 GMT):
Thank you for the response @ianco , I know that I can use Indy-cli to import/export. But my question is if I can import having only the wallet files, no exported wallet with indy-cli. The wallet is not storaged in postgres but in sqlite.

davidviejopomata (Mon, 12 Jul 2021 14:20:50 GMT):
Has joined the channel.

IV12 (Mon, 12 Jul 2021 15:09:54 GMT):
Has joined the channel.

jmaric (Mon, 12 Jul 2021 15:47:58 GMT):
Has joined the channel.

piyushap (Mon, 12 Jul 2021 16:21:48 GMT):
Has joined the channel.

Aurelio 8 (Mon, 12 Jul 2021 20:21:13 GMT):
Has joined the channel.

NancyL 4 (Mon, 12 Jul 2021 20:24:03 GMT):
Has joined the channel.

mfrodriguezc (Mon, 12 Jul 2021 23:36:18 GMT):
Has joined the channel.

gaberasturi (Tue, 13 Jul 2021 08:50:07 GMT):
Hi @ianco Finally I have found that having access to sqlite files (sqlite.db) and wallet key (WALLET_KEY) you can import into Indy-cli. I'm using Indy-cli from Von-Network in container mode. And two terminal (T_INDY_CLI, T_INDY_CLI_CONTAINER) Steps: 1. From T_INDY_CLI_CONTAINER copy sqlit.db in a directory (f.e Imported_Wallet) 2. From T_INDY_CLI start Indy-cli. From vont-network directory (`./manage indy-cli`) and wait until you have indy promt (indy>). 2. From T_INDY_CLI_CONTAINER copy the directory inside Indy-cli container wallet home directory (`docker cp Imported_Wallet/ INDY_CLI_CONTAINER_NAME:/home/indy/.indy_client/wallet/`). 2. From T_INDY_CLI_CONTAINER Enter into the indy_cli container (`docker exec -ti INDY_CLI_CONTAINER_NAME /bin/bash`) 3. From T_INDY_CLI_CONTAINER in /home/indy/.indy_client/wallets/ create a file with name "Imported_Wallet.json" (same name as the directory where the wallet is) and content {"id":"Imported_Wallet","storage_config":null,"storage_type":null} 4. From T_INDY_CLI list all wallets typing `wallet list`. 5. From T_INDY_CLI open the wallet `wallet open Inported_wallet key=WALLET_KEY` If we have the wallet in postgresql we have an example on how to backup the wallet (export/import) at https://github.com/bcgov/von-network/blob/master/docs/Writing%20Transactions%20to%20a%20Ledger%20for%20an%20Un-privileged%20Author.md#backing-up-indy-agent-storage

c2bo (Tue, 13 Jul 2021 10:56:31 GMT):
No idea where to ask this so I will put it here: With the introduction of BBS+ Signatures and present-proof-v2, is there a standardized way for self-attested attributes (e.g. I prove some attributes from my digital ID card and add my telephone number as a self-attested attribute - this was doable in the indy/CL + present-proof-v1 world)? From my current understanding, this is part of the proof Attachment Format (e.g. via subject_is_issuer in DIF presentation exchange and a of 'self-issued credential/proof')? Are there any examples how this would look like with the DIF presentation-exchange format and bbs+ based proofs (especially the response to such a request)?

c2bo (Tue, 13 Jul 2021 10:56:31 GMT):
No idea where to ask this so I will put it here: With the introduction of BBS+ Signatures and present-proof-v2, is there a standardized way for self-attested attributes (e.g. I prove some attributes from my digital ID card and add my telephone number as a self-attested attribute - this was doable in the indy/CL + present-proof-v1 world)? From my current understanding, this is part of the proof Attachment Format (e.g. via subject_is_issuer in DIF presentation exchange and a 'self-issued credential/proof')? Are there any examples how this would look like with the DIF presentation-exchange format and bbs+ based proofs (especially the response to such a request)?

bt333 (Tue, 13 Jul 2021 11:42:30 GMT):
Has joined the channel.

swcurran (Tue, 13 Jul 2021 12:45:40 GMT):
Good question. I think that the DIF working group might be the best place to ask, but perhaps @shaanjot.gill or @TimoGlastra might not since they have the most experience with PE. My guess is that is not supported, but not certain.

swcurran (Tue, 13 Jul 2021 12:46:10 GMT):
I'll post in the DIF working group channel.

swcurran (Tue, 13 Jul 2021 13:24:44 GMT):
Posted the question and received this back from one of the spec authors: we talked about this and thought that you could do this by requesting a schema URI of a Self Attested type But to simply state the Holder must be self attesting, there's the subject_is_issuer flag If you set that, it will tell the Holder they need to be the source https://identity.foundation/presentation-exchange/spec/v1.0.0/#note-32

c2bo (Tue, 13 Jul 2021 14:02:14 GMT):
Okay than that part about subject_is_issuer works the way I thought, so basically in a presentation_submission/verifiableCredential array I would have another field for some form of vc where e.g. my own did:peer is the issuer (which then would need to match with the did:peer I exchanged) ? I basically have a VerifiableProof part that looks like this: ` { "@context": "https://www.w3.org/2018/credentials/v1", "id": "https://eu.com/claims/PhoneNumber", "type": [ "PhoneNumber" ], "issuer": "did:example:ebfeb1f712ebc6f1c276e12ec21", "issuanceDate": "2021-01-01T19:73:24Z", "credentialSubject": { "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", "number": "0049123457" }, "proof": { "type": "RsaSignature2018", "created": "2017-06-18T21:19:10Z", "proofPurpose": "assertionMethod", "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1", "jws": "..." } }`

c2bo (Tue, 13 Jul 2021 14:02:14 GMT):
Okay than that part about subject_is_issuer works the way I thought, so basically in a presentation_submission/verifiableCredential array I would have another field for some form of vc where e.g. my own did:peer is the issuer (which then would need to match with the did:peer I exchanged) ? I basically have a VerifiableProof part that looks like this? ` { "@context": "https://www.w3.org/2018/credentials/v1", "id": "https://eu.com/claims/PhoneNumber", "type": [ "PhoneNumber" ], "issuer": "did:example:ebfeb1f712ebc6f1c276e12ec21", "issuanceDate": "2021-01-01T19:73:24Z", "credentialSubject": { "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", "number": "0049123457" }, "proof": { "type": "RsaSignature2018", "created": "2017-06-18T21:19:10Z", "proofPurpose": "assertionMethod", "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1", "jws": "..." } } `

c2bo (Tue, 13 Jul 2021 14:02:14 GMT):
Okay than that part about subject_is_issuer works the way I thought, so basically in a presentation_submission/verifiableCredential array I would have another field for some form of vc where e.g. my own did:peer is the issuer (which then would need to match with the did:peer I exchanged) ? I basically have a VC part that looks like this (next tot the normal ones that come from normal VCs)? ` { "@context": "https://www.w3.org/2018/credentials/v1", "id": "https://eu.com/claims/PhoneNumber", "type": [ "PhoneNumber" ], "issuer": "did:example:ebfeb1f712ebc6f1c276e12ec21", "issuanceDate": "2021-01-01T19:73:24Z", "credentialSubject": { "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", "number": "0049123457" }, "proof": { "type": "RsaSignature2018", "created": "2017-06-18T21:19:10Z", "proofPurpose": "assertionMethod", "verificationMethod": "did:example:ebfeb1f712ebc6f1c276e12ec21#keys-1", "jws": "..." } } `

ArdianAbazi (Tue, 13 Jul 2021 14:24:55 GMT):
Hi guys, is there an Aries Framework Go channel?

troyronda (Tue, 13 Jul 2021 14:26:12 GMT):
#aries-go

ArdianAbazi (Tue, 13 Jul 2021 14:27:27 GMT):
Thanks

lfrattini (Tue, 13 Jul 2021 19:26:12 GMT):
Has joined the channel.

alebaffa (Wed, 14 Jul 2021 05:15:47 GMT):
Has joined the channel.

TuureLainen (Wed, 14 Jul 2021 06:25:32 GMT):
Has joined the channel.

MartinAulich (Wed, 14 Jul 2021 07:14:56 GMT):
Has joined the channel.

PatrickHerbke-TUBerlin (Wed, 14 Jul 2021 08:22:49 GMT):
Has joined the channel.

umeraqeel (Wed, 14 Jul 2021 10:36:01 GMT):
Has joined the channel.

haggis (Wed, 14 Jul 2021 12:21:43 GMT):
Hi guys! With aca-py I'm creating an invitation-url by calling POST /create-invitation (no multi_use). An example response of this is: ``` ```

haggis (Wed, 14 Jul 2021 12:21:43 GMT):
Hi guys! With aca-py I'm creating an invitation-url by calling POST /create-invitation (no multi_use). An example response of this is: ``` { "invitation":{ "did":"did:sov:WSJLpW7o4AgdNWfTwmGbwV", "imageUrl":null, "label":"ITSI Agent", "recipientKeys":null, "routingKeys":null, "serviceEndpoint":null, "@id":"53733975-ad8b-4bd4-8ba8-2e65b909a0a4", "@type":"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/connections/1.0/invitation" }, "connection_id":null, "invitation_url":"?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiNTM3MzM5NzUtYWQ4Yi00YmQ0LThiYTgtMmU2NWI5MDlhMGE0IiwgImxhYmVsIjogIklUU0kgQWdlbnQiLCAiZGlkIjogImRpZDpzb3Y6V1NKTHBXN280QWdkTldmVHdtR2J3ViJ9" } ``` Once the other agent uses this invitation to establish a connection, my controller webhook receives an event, i.e: ``` { "accept":"auto", "state":"request", "rfc23_state":"request-sent", "invitation_key":"H3Y63bBHsyeopWcTEZkABsYQxcWJoXXCBJuBcjaQHfcr", "their_label":"Verein Agent", "their_role":"inviter", "invitation_mode":"once", "connection_id":"b18c361f-41a0-4bb9-848e-78a4096368af", "my_did":"LBdzjqt9BHgs6ar3XbfhVo", "updated_at":"2021-07-13 14:16:44.580315Z", "routing_state":"none", "their_did":"4GR7fysWXmWmpbmSBKGX5g", "created_at":"2021-07-13 14:16:44.580315Z" } ``` My problem is, that there seems to be no relation between the invitation and the resulting connection event. Any idea how my controller could link those together?

haggis (Wed, 14 Jul 2021 12:27:09 GMT):
Basically, I'm sending an invitation to a specific user. When he or she uses this invitation I need to link the "SSI connection" to that specific user.

jkbpvsc (Wed, 14 Jul 2021 12:41:08 GMT):
Has joined the channel.

tonybka (Wed, 14 Jul 2021 14:03:54 GMT):
Has joined the channel.

XINGYUZHU (Wed, 14 Jul 2021 14:37:01 GMT):
Has joined the channel.

janrockdev (Wed, 14 Jul 2021 15:53:07 GMT):
Has joined the channel.

janrockdev (Wed, 14 Jul 2021 15:54:42 GMT):
Has left the channel.

AniketDhar (Wed, 14 Jul 2021 19:21:02 GMT):
Has joined the channel.

mccown (Wed, 14 Jul 2021 23:10:30 GMT):
The Identity Implementer's WG is meeting tomorrow (July 15th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Timo Glastra (Co-Founder, Animo Solutions) will present their OSS & SSI work and how it drives their national collaboration to facilitate citizen volunteers during emergency situations. Wiki: https://wiki.hyperledger.org/display/IWG/2021-07-01+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mccown (Wed, 14 Jul 2021 23:11:17 GMT):
The Identity Implementer's WG is meeting tomorrow (July 15th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Timo Glastra (Co-Founder, Animo Solutions) will present their OSS & SSI work and how it drives their national collaboration to facilitate citizen volunteers during emergency situations. Wiki: https://wiki.hyperledger.org/display/IWG/2021-07-01+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

rcraswell (Wed, 14 Jul 2021 23:13:00 GMT):
Has joined the channel.

TIMO_ReDWit (Thu, 15 Jul 2021 05:42:03 GMT):
Has joined the channel.

bharathkumar_m (Thu, 15 Jul 2021 14:13:58 GMT):
Has joined the channel.

alextrafimau (Thu, 15 Jul 2021 14:24:46 GMT):
Has joined the channel.

mccown (Thu, 15 Jul 2021 14:42:08 GMT):
The Identity Implementer's WG is starting at the top of the hour (9am MT / 3pm UTC). Today, Timo Glastra (Co-Founder, Animo Solutions) is presenting on their OSS & SSI work and how they are using that in a national collaboration to help citizen volunteers during emergencies. Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09 Wiki: https://wiki.hyperledger.org/display/IWG/2021-07-15+%3A+Identity+Implementers+WG+Call

swcurran (Thu, 15 Jul 2021 15:08:52 GMT):
The ACA-Py team is happy to announce that Release 0.7.0 became official today. This is a huge upgrade with a significant list of big, new capabilities: * Support for W3C Standard Verifiable Credentials based on JSON-LD using LD-Signatures and BBS+ Signatures, contributed by Animo Solutions - #1061 * Present Proof V2 including support for DIF Presentation Exchange - #1125 * Pluggable DID Resolver (with a did:web resolver) with fallback to an external DID universal resolver, contributed by Indicio - #1070 * Alpha support for the Indy/Aries Shared Components (indy-vdr, indy-credx and aries-askar), which enable running ACA-Py without using Indy-SDK, while still supporting the use of Indy as a ledger, and Indy AnonCreds verifiable credentials #1267 * Updates and extensions to ledger transaction endorsement via the Sign Attachment Protocol, contributed by AyanWorks - #1134, #1200 * Upgrades to Demos to add support for Credential Exchange 2.0 and W3C Verifiable Credentials #1235 Thanks to all the maintainers and contributors -- there was a lot of community participation in this one! Release notes are here: https://github.com/hyperledger/aries-cloudagent-python/releases/tag/0.7.0 Documentation is here: https://aries-cloud-agent-python.readthedocs.io/en/0.7.0/

TelegramSam (Thu, 15 Jul 2021 15:44:05 GMT):
Recording of yesterday's WG call about Interaction Documents posted: https://wiki.hyperledger.org/pages/viewpage.action?pageId=54658628

sgpokala (Thu, 15 Jul 2021 16:44:24 GMT):
Has joined the channel.

brett7297 (Thu, 15 Jul 2021 17:35:49 GMT):
Has joined the channel.

lynn.bendixsen (Thu, 15 Jul 2021 18:49:54 GMT):
Has anyone here begun the effort of incorporating the Author/Endorser workflow into the Aries Toolbox? I have some engineers who are just about ready to begin some coding to do just that, but thought I would check to see if anyone else has either started that work, or would like to collaborate or contribute to the design or coding efforts.

WadeBarnes (Thu, 15 Jul 2021 18:58:54 GMT):
@esune, @amanji ^

pranjal23 (Thu, 15 Jul 2021 19:04:08 GMT):
Has joined the channel.

pranjal23 (Thu, 15 Jul 2021 19:08:12 GMT):
hello, I need some help using the command "./network.sh down" , I'm facing some issues while running this command in git bash

pranjal23 (Thu, 15 Jul 2021 19:08:28 GMT):

Screenshot (45).png

daidoji (Thu, 15 Jul 2021 19:09:55 GMT):
might have better luck in #fabric

esune (Thu, 15 Jul 2021 20:12:44 GMT):
We have incorporated endorsing into this project: https://github.com/bcgov/aries-vcr-issuer-agency: there is an agency and endorser controller driving both agents. You will need to look in both services for the `aries-agent` class and the `webhooks` class, which will contain the endorsement stuff.

esune (Thu, 15 Jul 2021 20:14:04 GMT):
[This](https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/features/0586-sign-transaction.feature) BDD test has all the steps required to endorse transactions, including scenarios supporting revocation.

esune (Thu, 15 Jul 2021 20:14:48 GMT):
One thing to be aware of is, though, that some of the endorsement functionality is subject to change to some extent as we will be rewriting it to be more efficient/user friendly (scope is not yet 100% defined though)

lynn.bendixsen (Thu, 15 Jul 2021 20:51:40 GMT):
Thanks @esune! I appreciate you sharing the link to what you have done. Are you willing to show us a quick demo of what you have?

lynn.bendixsen (Thu, 15 Jul 2021 20:54:58 GMT):
We have our own non-gui implementation (linked below), so we are familiar with most of the steps, but it would be great to see it in action in a "more GUI" implementation. https://github.com/Indicio-tech/author-endorser-wizards

swcurran (Fri, 16 Jul 2021 06:35:47 GMT):
Regards the update that Emiliano mentions. What we want is for it all to be handled within ACA-Py -- the ACA-Py instance is configured to be an author with an endorser, or an endorser, and all the ledger writes are handled accordingly. The only need to contact the Controller is for the endorser to decide if it will endorser a given request. We'd love some help on that. We can help with the definition -- we have that pretty well ready. Just need to get it done.

richarde 7 (Fri, 16 Jul 2021 06:51:34 GMT):
Has joined the channel.

dominichawton (Fri, 16 Jul 2021 10:20:33 GMT):
Has joined the channel.

Sowjanya_Segu (Fri, 16 Jul 2021 10:45:50 GMT):
Has joined the channel.

DmitryHalahayeu (Fri, 16 Jul 2021 13:23:57 GMT):
Has joined the channel.

mdhasan (Fri, 16 Jul 2021 13:48:06 GMT):
Has joined the channel.

Lupusalix (Fri, 16 Jul 2021 13:57:20 GMT):
Has joined the channel.

esune (Fri, 16 Jul 2021 16:06:34 GMT):
@lynn.bendixsen I could guide you through the code - mostly. We have implemented the protocol on both ends, however for our use case we are making it transparent to the users (it is handled automatically by the agents/controllers)

Laichonious (Fri, 16 Jul 2021 16:20:03 GMT):
Has joined the channel.

pSchlarb (Fri, 16 Jul 2021 16:43:32 GMT):
Has joined the channel.

ChandramouliMaduri (Fri, 16 Jul 2021 20:58:23 GMT):
Has joined the channel.

mostafafares (Fri, 16 Jul 2021 21:46:55 GMT):
Has joined the channel.

hackerunet (Sat, 17 Jul 2021 01:51:08 GMT):
Has joined the channel.

phamhung (Sat, 17 Jul 2021 02:00:11 GMT):
Has joined the channel.

ederro (Sat, 17 Jul 2021 02:08:49 GMT):
Has joined the channel.

noe305 (Sat, 17 Jul 2021 02:10:53 GMT):
Has joined the channel.

itsbalamurali (Sat, 17 Jul 2021 08:45:48 GMT):
Has joined the channel.

piratesmile (Sat, 17 Jul 2021 12:28:05 GMT):
Has joined the channel.

RajanHarshit (Sat, 17 Jul 2021 15:37:36 GMT):
Has joined the channel.

otfreetime (Sun, 18 Jul 2021 06:37:28 GMT):
Has joined the channel.

kaushambi (Sun, 18 Jul 2021 06:40:33 GMT):
Has joined the channel.

KetanChaturvedi (Sun, 18 Jul 2021 06:59:51 GMT):
Has joined the channel.

KetanChaturvedi (Sun, 18 Jul 2021 07:01:50 GMT):
Hi! Can I share documents between agents using aca-py?

igorkrupczynski (Sun, 18 Jul 2021 08:31:50 GMT):
Has joined the channel.

fghiasy (Mon, 19 Jul 2021 00:59:58 GMT):
Has joined the channel.

bhavesh.c (Mon, 19 Jul 2021 04:58:02 GMT):
Has joined the channel.

grim 37 (Mon, 19 Jul 2021 08:27:10 GMT):
Has joined the channel.

grim 37 (Mon, 19 Jul 2021 08:44:33 GMT):
Has left the channel.

Steit (Mon, 19 Jul 2021 09:59:16 GMT):
Has joined the channel.

GuntherWalden (Mon, 19 Jul 2021 13:13:15 GMT):
Has joined the channel.

MatthiasGeihs.Perun (Mon, 19 Jul 2021 15:07:59 GMT):
Has joined the channel.

lynn.bendixsen (Mon, 19 Jul 2021 16:13:04 GMT):
@esune Thanks for the information! Sounds like you have a "hands-free" approach implemented where an Endorser representative does not actually look at any of the transactions and "approve" them. Is that true? While this will not work for our production workflow, a quick intro to how your code is setup would be awesome!

esune (Mon, 19 Jul 2021 16:14:26 GMT):
Yes, at least for now that is the approach we have taken - in our use case the "approval" process is when onboarding a new author to the platform and connecting it to the endorser (basically just shifting the agreement so we can automate everything)

swcurran (Mon, 19 Jul 2021 16:16:30 GMT):
FYI -- there will have to be UI for the endorser in a production workflow to enable decisions to be made -- endorse or not. The plan is for the UI to be able to apply rules for automation of future requests from the author -- endorser always, never endorse, endorse for x days, endorse for x transactions, manual approval always, etc.

AtulPandeySaw (Tue, 20 Jul 2021 05:31:44 GMT):
Has joined the channel.

Prerana72 (Tue, 20 Jul 2021 05:43:25 GMT):
Has joined the channel.

JohnWick2704 (Tue, 20 Jul 2021 06:16:59 GMT):
Has joined the channel.

RositsaKrasteva (Tue, 20 Jul 2021 08:34:03 GMT):
Has joined the channel.

MaternaDev (Tue, 20 Jul 2021 08:48:12 GMT):
Has joined the channel.

RyanEckersfield (Tue, 20 Jul 2021 08:52:57 GMT):
Has joined the channel.

indisateesh (Tue, 20 Jul 2021 11:05:20 GMT):
Has joined the channel.

DeepaliGupta (Tue, 20 Jul 2021 12:54:28 GMT):
Has joined the channel.

jakubkoci (Tue, 20 Jul 2021 14:56:03 GMT):
It's my pleasure to announce that Absa donated React Native Indy SDK wrapper to Hyperledger. The code has been transferred from https://github.com/AbsaOSS/rn-indy-sdk to https://github.com/hyperledger/indy-sdk-react-native preserving all contributions. Although it’s just a wrapper, if you combine it with Aries Framework JavaScript you’ll get the power to build an Aries agent mobile app. If you were a contributor to the rn-indy-sdk, please create a new fork from the new repository to continue the development. Thanks for understanding, and looking forward to collaboration with all of you.

Nizu (Tue, 20 Jul 2021 16:06:20 GMT):
Hey guys, is there a way to transfer a file from the docker container where the agents are being run and the host? it is giving me permission denied when I try to use Docker CP even if i use sudo... Also, I wanted to be able to run the demo between all agents automatically, but programming is not my strong suit, any ideas on how I can automate initializing the agents and exchanging invites and going through the demo many times? I'm stuck on trying to figure out how I can automate the exchanging invites part... any kind of help is appreciated! thanks in advance!

gautamarora24 (Tue, 20 Jul 2021 16:14:53 GMT):
Has joined the channel.

dhoffman32 (Tue, 20 Jul 2021 18:11:38 GMT):
Has joined the channel.

mateussousa (Tue, 20 Jul 2021 18:39:43 GMT):
Hey guys! I'm facing a error on using aries-mobile-agent-react-native

mateussousa (Tue, 20 Jul 2021 18:39:59 GMT):
DEBUG DEBUG: Setting ledger protocol version to 2 DEBUG DEBUG: Opening pool test-183 WARN Possible Unhandled Promise Rejection (id: 0): Object { "indyBacktrace": "", "indyCode": 307, "indyMessage": "Error: Pool timeout Caused by: Pool timeout ", "indyName": "PoolLedgerTimeout", "message": "PoolLedgerTimeout", "name": "IndyError", }

mateussousa (Tue, 20 Jul 2021 18:40:31 GMT):
I've configured the .env

mateussousa (Tue, 20 Jul 2021 18:41:18 GMT):
Can someone help me to solve this?

lynn.bendixsen (Tue, 20 Jul 2021 22:01:36 GMT):
Sounds like it might be a networking issue. The pool times out if it cannot connect to one of the IP addresses of one of the nodes in the pool (or the genesis file) within a certain amount of time.

romenon2703 (Wed, 21 Jul 2021 05:43:58 GMT):
Has joined the channel.

ashishtripathi (Wed, 21 Jul 2021 06:03:40 GMT):
Has joined the channel.

nehajain20683 (Wed, 21 Jul 2021 07:19:54 GMT):
Has joined the channel.

yaozhaoyuan (Wed, 21 Jul 2021 07:57:05 GMT):
Has joined the channel.

bhaaratkhatri (Wed, 21 Jul 2021 08:22:16 GMT):
Has joined the channel.

Maginaro (Wed, 21 Jul 2021 10:02:23 GMT):
Has joined the channel.

mateussousa (Wed, 21 Jul 2021 12:16:07 GMT):
Yes, I agree! However the app and the ledger are running on the same network

mateussousa (Wed, 21 Jul 2021 12:16:30 GMT):
They should reach each other

WadeBarnes (Wed, 21 Jul 2021 12:21:23 GMT):
What's the IP address of the client getting the timeout, and what are the IP addresses of the nodes in the genesis file?

WadeBarnes (Wed, 21 Jul 2021 12:21:43 GMT):
Are things running in Docker, or on bare metal?

mateussousa (Wed, 21 Jul 2021 12:45:42 GMT):
Docker 192.168.1.***

mateussousa (Wed, 21 Jul 2021 12:45:47 GMT):
same subnet

mateussousa (Wed, 21 Jul 2021 12:46:05 GMT):
the ports are exposed

mateussousa (Wed, 21 Jul 2021 12:46:42 GMT):
I can access the genesis from smartphone's browser

WadeBarnes (Wed, 21 Jul 2021 13:01:11 GMT):
The addresses in the genesis file are in the `192.168.1.***` range?

WadeBarnes (Wed, 21 Jul 2021 13:01:31 GMT):
Both the Nodes and the client are running in Docker?

WadeBarnes (Wed, 21 Jul 2021 13:02:44 GMT):
What are you using to run the Nodes, `von-network`?

mateussousa (Wed, 21 Jul 2021 13:46:46 GMT):
Yes

mateussousa (Wed, 21 Jul 2021 13:46:56 GMT):
Sorry for my delay

WadeBarnes (Wed, 21 Jul 2021 14:01:53 GMT):
Are you ale to browse to the ledger browser at `http://192.168.1.***:9000`?

mateussousa (Wed, 21 Jul 2021 14:02:17 GMT):
Sure!

mateussousa (Wed, 21 Jul 2021 14:03:03 GMT):
the genesis url: http://192.168.1.110/genesis

mateussousa (Wed, 21 Jul 2021 14:03:17 GMT):
Even with ngrok

mateussousa (Wed, 21 Jul 2021 14:03:26 GMT):
i got the same timeout

mateussousa (Wed, 21 Jul 2021 14:03:31 GMT):
http://74f52d3bdf8e.ngrok.io/genesis

WadeBarnes (Wed, 21 Jul 2021 14:04:48 GMT):
When you open the ledger browser does the Status section look something like this:

WadeBarnes (Wed, 21 Jul 2021 14:04:49 GMT):

Clipboard - July 21, 2021 7:04 AM

WadeBarnes (Wed, 21 Jul 2021 14:07:13 GMT):
The url would be `http://192.168.1.110:9000/genesis` for the genesis file by default, unless you started `von-network` with the IP address of your machine.

mateussousa (Wed, 21 Jul 2021 14:13:08 GMT):
That's right. I've set the correct genesis url at .env file

mateussousa (Wed, 21 Jul 2021 14:13:41 GMT):
I can reach it using the browser in the device

mateussousa (Wed, 21 Jul 2021 14:13:59 GMT):
But somehow indy doenst

WadeBarnes (Wed, 21 Jul 2021 14:33:30 GMT):
Sometimes you have to do the following in order for a docker container to see services exposed by the host; https://github.com/bcgov/aries-vcr/blob/master/docker/manage#L3 https://github.com/bcgov/aries-vcr/blob/master/docker/manage#L338

indirajith (Wed, 21 Jul 2021 14:34:19 GMT):
Has joined the channel.

yo-va-ni (Wed, 21 Jul 2021 18:06:54 GMT):
Has joined the channel.

ideree (Thu, 22 Jul 2021 11:41:43 GMT):
Has joined the channel.

septcinquante (Thu, 22 Jul 2021 15:21:41 GMT):
Has joined the channel.

mianko (Thu, 22 Jul 2021 15:52:29 GMT):
Has joined the channel.

faizulbari (Thu, 22 Jul 2021 16:00:29 GMT):
Has joined the channel.

AmarSrivastava1 (Thu, 22 Jul 2021 16:16:52 GMT):
Has joined the channel.

AmarSrivastava1 (Thu, 22 Jul 2021 16:18:33 GMT):
How Can I get to know that my aries agents are connected to eact other?

AmarSrivastava1 (Thu, 22 Jul 2021 16:19:30 GMT):
I am a new comer in aries.

KetanChaturvedi (Thu, 22 Jul 2021 18:23:34 GMT):
In the ACA-Py admin interface use GET /connections and check the status for the connection id.

cpux07 (Thu, 22 Jul 2021 18:49:09 GMT):
Has joined the channel.

playswithblocks (Thu, 22 Jul 2021 19:06:31 GMT):
Has joined the channel.

allysonugarte (Thu, 22 Jul 2021 19:21:05 GMT):
Has joined the channel.

LucyLow (Fri, 23 Jul 2021 01:10:07 GMT):
Has joined the channel.

ManojTaleka (Fri, 23 Jul 2021 06:29:27 GMT):
Has joined the channel.

ManojTaleka (Fri, 23 Jul 2021 06:34:34 GMT):
Hi i have some queries related to running and connecting hyperledger aries agents on multiple hosts. How do we set the GENESIS_URL, LEDGER_URL through ACA-Py Demo python code? How do we connect and exchange messages between aries agents running on different hosts but same network?

ManojTaleka (Fri, 23 Jul 2021 06:37:41 GMT):
If any one has the sample of connecting aries agents across the system kindly share it

GrahamLeach (Fri, 23 Jul 2021 08:17:28 GMT):
Has joined the channel.

Shania-xian (Fri, 23 Jul 2021 10:28:15 GMT):
Has joined the channel.

swcurran (Fri, 23 Jul 2021 14:44:58 GMT):
Have you gone through the examples in the /demo folder for ACA-Py? There are a number of examples there.

Jess_Hurwitz (Fri, 23 Jul 2021 22:42:49 GMT):
Has joined the channel.

Alameenb (Sat, 24 Jul 2021 00:15:36 GMT):
Has joined the channel.

ashutoshsharma01 (Sat, 24 Jul 2021 07:02:25 GMT):
Has joined the channel.

ashutosh1 (Sat, 24 Jul 2021 12:35:39 GMT):
Has joined the channel.

db2127 (Sat, 24 Jul 2021 15:04:14 GMT):
Has joined the channel.

slsanc (Sat, 24 Jul 2021 16:32:12 GMT):
Has joined the channel.

mirshahzad (Sat, 24 Jul 2021 16:33:57 GMT):
Has joined the channel.

mengxi123 (Sun, 25 Jul 2021 05:17:02 GMT):
Has joined the channel.

qiqo (Sun, 25 Jul 2021 05:17:10 GMT):
Has joined the channel.

NajetBENHAMOUDA (Sun, 25 Jul 2021 11:15:46 GMT):
Has joined the channel.

lavaicer (Sun, 25 Jul 2021 12:04:59 GMT):
Has joined the channel.

chetanhere (Sun, 25 Jul 2021 12:07:55 GMT):
Hi, I am glad to be a part of this community of Aries Developers. We are building a product where our usecase is to issue credentials against a skill. Think about HackerRank is issuing certificate to someone for Python and same candidate is getting Python verification for HackerEarth. Can we have some pre-build agent to explore for this usecase? Issuer can be multiple and it will be a M x N relationship between issuer and holder. Any help or reference will be much appreciated.

Nizu (Sun, 25 Jul 2021 23:30:38 GMT):
Hey guys! I hope i find you well.. Can someone explain to me the difference between greenlight ledger indy network (http://greenlight.bcovrin.vonx.io) and BCovrin test Indy Network (http://dev.greenlight.bcovrin.vonx.io)? And are there anymore Indy testing ledgers out there?

shumpeishimizu (Mon, 26 Jul 2021 04:21:04 GMT):
Has joined the channel.

SahilK 6 (Mon, 26 Jul 2021 05:42:09 GMT):
Hi, I'm exploring the VC AuthN Demo (https://github.com/bcgov/vc-authn-oidc/tree/master/demo). Below is the workflow of the demo - The Angular demo website (https://github.com/bcgov/vc-authn-oidc/tree/master/demo/oidc-angular) redirects to Keycloak - The user clicks on "Verified Credential Access" - Keycloak redirects to the Auth Controller (https://github.com/bcgov/vc-authn-oidc/tree/master/oidc-controller) - The Auth Controller generates and presents a Proof Request QR code - The user scans the Proof Request QR code and submits the Proof Presentation - The Auth Controller generates a token and redirects to the demon website (Angular) *I'm not sure what exactly happens in the last step. I believe the Auth Controller generates a token and redirects back to the demo web with the token. However, I don't know how the token, (if any) is being generated!* Can anyone guide me with it, please?

SahilK 6 (Mon, 26 Jul 2021 05:42:09 GMT):
Hi, I'm exploring the VC AuthN Demo (https://github.com/bcgov/vc-authn-oidc/tree/master/demo). Below is the workflow of the demo - The Angular demo website (https://github.com/bcgov/vc-authn-oidc/tree/master/demo/oidc-angular) redirects to Keycloak - The user clicks on "Verified Credential Access" - Keycloak redirects to the Auth Controller (https://github.com/bcgov/vc-authn-oidc/tree/master/oidc-controller) - The Auth Controller generates and presents a Proof Request QR code - The user scans the Proof Request QR code and submits the Proof Presentation - The Auth Controller generates a token and redirects to the demo website (Angular) *** *I'm not sure what exactly happens in the last step. I believe the Auth Controller generates a token and redirects back to the demo web with the token. However, I don't know how the token, (if any) is being generated!* Can anyone guide me with it, please?

DirkT (Mon, 26 Jul 2021 08:48:47 GMT):
Has joined the channel.

amarnadh (Mon, 26 Jul 2021 10:53:22 GMT):
Has joined the channel.

aspannag (Mon, 26 Jul 2021 11:41:04 GMT):
Has joined the channel.

aspannag (Mon, 26 Jul 2021 11:50:01 GMT):
Hello everyone, I am new to aries/indy development and want to assess which aries framework to use. I plan to build an ios mobile agent that talks to a cloud mediator agent. I am intersted in the usecases around issuing, holding and presenting credentials. I feel overwhelmed by the amount of aries frameworks and I don't understand the advantages and disadvantages. Here are the frameworks that I consider: - ACA-Py (Production ready, supports mediator agents) - Aries-Framework-Go (can it be used as a mediator agent on Indy? If so how?) - Aries-Framework-Javascript (Is this only for react-native mobile apps or also for nodejs servers?) - Aries-VCX for ios + Aries VCX to be used inside python or node server for mediation, e.g. NodeVCX Agency (what's the difference to the other frameworks?) How do I decide where to get started?

WadeBarnes (Mon, 26 Jul 2021 12:11:49 GMT):
@esune ^

swcurran (Mon, 26 Jul 2021 14:43:09 GMT):
You are only looking for a mediator agent, right? Assuming so: - the only functionality issue is whether the AIP 2.0 Mediation RFCs are supported. You will want to use RFCs 0211 and 0212, so if the framework is not using those, it's probably not a good choice. So a quick summary of the information available on each mediator is needed to understand that. - I would then likely order them into which one I would want to use, all things being equal. - Then I'd go through them in that order looking at how to deploy them and try out. It should be pretty easy to spin up a mediator and if you hit friction (lack of docs, not easy to run, etc.), I would move on. For such a constrained use case (mediation), it should be pretty easy to get started, so if it is not, look at the next.

HelliHell (Mon, 26 Jul 2021 14:56:24 GMT):
Has joined the channel.

esune (Mon, 26 Jul 2021 15:16:45 GMT):
`vc-authn-oidc` is built on top of IdentityServer4. When Keycloak request authentication, `vc-authn` generates a jwt that is sent back to Keycloak which in turn generates a new jwt and redirects to the client (the Angular app).

sukrutsathaye (Mon, 26 Jul 2021 16:24:15 GMT):
Has joined the channel.

Alexi (Mon, 26 Jul 2021 17:52:45 GMT):
Hey everyone, I was wondering if anyone has any good technical HOW-TO's or tutorials out there for BBS+ signatures / JSON LD credential implementation? Trying to get people up to speed to be able to implement via articles, and github repos is not the easiest.

swcurran (Mon, 26 Jul 2021 17:56:11 GMT):
What layer of the stack are you talking about? Adding support for BBS+ to an Aries Framework, or using BBS+ credentials after they have been added?

Alexi (Mon, 26 Jul 2021 17:59:51 GMT):
Primarily on the framework layer but both would be great. We are working on adding BBS+ support to our frameworks. But tutorials for using BBS+ after they have been added as well would be very useful for spreading general understanding.

Alexi (Mon, 26 Jul 2021 17:59:51 GMT):
Primarily on the framework layer but both would be great. We are working on adding BBS+ support to our frameworks (where our teams are currently working on research to then be able to add the support). But tutorials for using BBS+ after they have been added as well would be very useful for spreading general understanding.

Alexi (Mon, 26 Jul 2021 17:59:51 GMT):
Primarily on the framework layer but both would be great. We are working on adding BBS+ support to our frameworks (where our teams are currently doing the research needed to then be able to add the support). But tutorials for using BBS+ after they have been added as well would be very useful for spreading general understanding.

swcurran (Mon, 26 Jul 2021 18:30:57 GMT):
ACA-Py has an implementation in it, but not a too much documentation on how it was done. Here is the PR if that helps - https://github.com/hyperledger/aries-cloudagent-python/pull/1061 and @TimoGlastra has a HackMD document that was used to guide the implementation -- https://hackmd.io/AtgNvApsQ1OAlhnn3Xfetw As far as using the functionality, ACA-Py has a demo implementation that does VC exchange with BBS+ credentials. From a controller perspective, once ACA-Py has the functionality, there is not much difference between issuing Indy and BBS+ credentials from a coding perspective. Data formats change, but not too much in the coding. Demo guide: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AliceWantsAJsonCredential.md Remember for the implementation, you also have to do DIF Presentation Exchange. Here is the ACA-Py PR for that: https://github.com/hyperledger/aries-cloudagent-python/pull/1125

cel (Mon, 26 Jul 2021 19:37:54 GMT):
Has joined the channel.

Alexi (Mon, 26 Jul 2021 21:35:16 GMT):
this is great, thank you so much Stephen!

aspannag (Tue, 27 Jul 2021 08:47:19 GMT):
Thanks so much for the detailed getting started guide :slight_smile: Besides ease of setup and documentation, do you see any other tradeoffs that I have to consider? Eventually this should become mediator agent that is depoyed to production and has good scaling. Also I don't understand the difference between the frameworks that are based on libindy vs. libvcx. Should I care?

aymankhan (Tue, 27 Jul 2021 10:36:19 GMT):
Has joined the channel.

swcurran (Tue, 27 Jul 2021 13:54:00 GMT):
libindy in the lower level Indy library for connecting to Indy ledger, using AnonCreds (Indy verifiable credentials) and an implementation of storage. Not sure if you meant libvcx, but if so, that would be a higher level Aries library for running DIDComm and Aries protocols. I've not heard of it. If you mean indy-vdr, that is a replacement for the Indy SDK for connecting to the Indy Ledger. There are two other libraries related to it -- indy-shared-rs (AnonCreds) and aries-askar (storage and key management). Together, the three are replacements for the libindy (Indy -SDK). They are newer, and we think they will scale better than the indy-sdk, but they have not had nearly as much use -- they are new.

aspannag (Tue, 27 Jul 2021 14:09:09 GMT):
I actually meant libvcx and aries-vcx the higher level aries library. I don't understand the tradeoffs of why I should use it over a standard and proven aries framework. I also read about the efforts of replacing libindy with other libraries to improve scaling. Do you have resources to read up here?

swcurran (Tue, 27 Jul 2021 14:12:44 GMT):
OK -- "VCX" means Verifiable Credential eXchange, so it is a library built on top of the Indy SDK to do Aries things -- protocols. It was initially within the Indy-SDK, and has recently been extracted. It is a Rust library and all the goodness that entails -- allowing it to be wrapped in other languages and used both server side and mobile. Evernym did a lot of the original development of it, and a team from ABSA (and others) are carrying it forward.

ueesha (Tue, 27 Jul 2021 14:15:30 GMT):
Has joined the channel.

aspannag (Tue, 27 Jul 2021 14:40:22 GMT):
Ok. That clears things up, thank you. Maybe I am overthinking this and I should rather get started and eventually I will see the advantages and disadvantages quickly. We need something to transform an ios app into a wallet that can manage credentials. And we need a mediator agent that talks to the ios app. I guess for ios we would use vcx (because it's c-callable) and for the mediator agent we can use anything that respects the protocolls. Is that about right?

ShashankKulkarni1 (Tue, 27 Jul 2021 14:41:48 GMT):
Has joined the channel.

swcurran (Tue, 27 Jul 2021 14:42:08 GMT):
Yup. BTW -- for getting started, you could probably even use the Indicio public mediator - https://indicio-tech.github.io/mediator/ - as you work on the iOS wallet.

aspannag (Tue, 27 Jul 2021 15:50:14 GMT):
Yes. That's a great option, too. Alright. Thank you very much. I got a lot out of your explanations.

DecentralLabs (Tue, 27 Jul 2021 19:41:05 GMT):
Has joined the channel.

robnik911 (Tue, 27 Jul 2021 21:10:20 GMT):
Has joined the channel.

knagware (Wed, 28 Jul 2021 04:38:44 GMT):
Has joined the channel.

pranavkirtani88 (Wed, 28 Jul 2021 05:52:11 GMT):
Can I customise ACA-py to use another ledger instead of Indy?

swcurran (Wed, 28 Jul 2021 14:31:05 GMT):
There is a DID Resolver that makes it straight forward to read DIDs off other ledgers and that's been done. Writing to another ledger is doable, but has not yet been done. What ledger are you interested in using?

ChristosPaschalidis (Wed, 28 Jul 2021 14:48:58 GMT):
Has joined the channel.

zenilvaghasiya (Wed, 28 Jul 2021 22:40:55 GMT):
Has joined the channel.

mccown (Thu, 29 Jul 2021 03:53:45 GMT):
The Identity Implementer's WG is meeting today / tomorrow (July 28th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Horacio Nunez (Kiva) will present an overview of Kiva’s SSI work and how it drives their innovative products. Wiki: https://wiki.hyperledger.org/display/IWG/2021-07-29+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

nedaa2020 (Thu, 29 Jul 2021 07:19:48 GMT):
Has joined the channel.

LeslytH (Thu, 29 Jul 2021 08:01:25 GMT):
Has joined the channel.

joarder97 (Thu, 29 Jul 2021 09:14:14 GMT):
Has joined the channel.

Drilmo (Thu, 29 Jul 2021 11:58:15 GMT):
Has joined the channel.

Drilmo (Thu, 29 Jul 2021 12:09:59 GMT):
Hello :) I want to set up a push notification for a mobile agent but I don't know how to do it. Can you help me? Is there a tutorial that explains how to do it? Should I use the c# mediator or the Python mediator? Thanks in advance for your feedback My question in github : https://github.com/hyperledger/aries-framework-dotnet/issues/181

Nizu (Thu, 29 Jul 2021 12:45:45 GMT):
Hey guys, where can i see the hyperledger aries software version i'm using? cant seem to find it anywhere on my files.. Thanks in advanced!

daidoji (Thu, 29 Jul 2021 12:54:21 GMT):
I think it depends on what Aries implementation you're using so it would be specific to that install.

daidoji (Thu, 29 Jul 2021 12:55:07 GMT):
Aries is a set of specifications and protocols, things like Aries Cloudagent Python (acapy) or Aries-go-client are implementations of those specifications and protocols

Nizu (Thu, 29 Jul 2021 12:59:42 GMT):
im using Aries Cloudagent Python, so if it is a set of specifications, im assuming that those and their version are specified on the requeriments.txt

Nizu (Thu, 29 Jul 2021 13:01:25 GMT):
thank you for the reply!

SuneetBendre (Thu, 29 Jul 2021 14:23:29 GMT):
Has joined the channel.

filip.burlacu (Thu, 29 Jul 2021 14:35:19 GMT):
If you're looking for version information that helps you understand what protocols the agent supports, how it behaves, etc, then you should look at https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0302-aries-interop-profile/README.md#aries-interop-profile-version-10 ACA-Py supports aries interop profile 1.0, and is moving towards supporting AIP 2.0 as well.

thongtran (Thu, 29 Jul 2021 15:57:18 GMT):
Has joined the channel.

agentcooper75 (Thu, 29 Jul 2021 18:31:00 GMT):
Has joined the channel.

AnuragChauhan (Fri, 30 Jul 2021 03:29:17 GMT):
Has joined the channel.

JuanEstrada (Fri, 30 Jul 2021 03:36:38 GMT):
Has joined the channel.

rsharmajp (Fri, 30 Jul 2021 07:59:53 GMT):
Has joined the channel.

pp371 (Fri, 30 Jul 2021 09:42:26 GMT):
Has joined the channel.

zossimov (Fri, 30 Jul 2021 10:37:42 GMT):
hi, Is it possible to add images in schema for identity issuance e.g. passport picture?

dbluhm (Fri, 30 Jul 2021 12:29:47 GMT):
ACA-Py does not currently have any built in push notification functionality coupled with mediation. This would have to be implemented as a plugin or feature of your controller by processing webhooks/events for the forward message sent event

janathraveendra (Fri, 30 Jul 2021 15:07:49 GMT):
Has joined the channel.

SelvamaniGovindaraj (Fri, 30 Jul 2021 16:01:55 GMT):
Has joined the channel.

proberge (Fri, 30 Jul 2021 19:34:05 GMT):
Has joined the channel.

Minnu (Fri, 30 Jul 2021 20:15:38 GMT):
Has joined the channel.

akash242891 (Sun, 01 Aug 2021 12:35:50 GMT):
Has joined the channel.

smfk (Sun, 01 Aug 2021 18:52:58 GMT):
Has joined the channel.

fboris (Sun, 01 Aug 2021 19:07:49 GMT):
Has joined the channel.

udaya.rkrish (Sun, 01 Aug 2021 21:44:55 GMT):
Has joined the channel.

KentBull (Mon, 02 Aug 2021 01:54:03 GMT):
Has joined the channel.

NgugsJohn (Mon, 02 Aug 2021 02:32:03 GMT):
Has joined the channel.

maurolionp (Mon, 02 Aug 2021 06:39:07 GMT):
Has joined the channel.

Drilmo (Mon, 02 Aug 2021 06:53:03 GMT):
ho ok, and for the C# mediator how can i implement push notification ?

wcc19840827 (Mon, 02 Aug 2021 07:55:33 GMT):
Has joined the channel.

oreg (Mon, 02 Aug 2021 12:08:13 GMT):
Has joined the channel.

DanielHaren (Mon, 02 Aug 2021 14:20:47 GMT):
Has joined the channel.

AlessandraC (Mon, 02 Aug 2021 14:33:10 GMT):
Has joined the channel.

GabrieleVitae (Mon, 02 Aug 2021 14:53:19 GMT):
Has joined the channel.

cod3rfabric (Mon, 02 Aug 2021 16:35:01 GMT):
Has joined the channel.

unnati (Mon, 02 Aug 2021 17:32:16 GMT):
Has joined the channel.

dbluhm (Mon, 02 Aug 2021 18:26:10 GMT):
I don't have an answer for that one, unfortunately, but you might find your answer by asking in #aries-framework-dotnet

praveenkpandu (Mon, 02 Aug 2021 22:40:58 GMT):
Has joined the channel.

rubix982 (Tue, 03 Aug 2021 02:30:46 GMT):
Has joined the channel.

areyal (Tue, 03 Aug 2021 05:06:06 GMT):
Has joined the channel.

pavithra8895 (Tue, 03 Aug 2021 05:49:09 GMT):
Has joined the channel.

pavithra8895 (Tue, 03 Aug 2021 06:06:57 GMT):
someone please help me I am getting this error on windows 10 and the command I am using is "./network.sh deployCC -ccn basic -ccp ../asset-transfer-basic/chaincode-javascript/ -ccl javascript" and the error I am getting is : Error: chaincode install failed with status: 500 - failed to invoke backing implementation of 'InstallChaincode': could not build chaincode: docker build failed: docker image inspection failed: cannot connect to Docker endpoint Chaincode installation on peer0.org1 has failed Deploying chaincode failed Docker version 20.10.7, build f0df350 docker-compose version 1.29.2, build 5becea4c I am new to hyledger-fabric

AboliShinde (Tue, 03 Aug 2021 08:34:03 GMT):
Has joined the channel.

Bandana 1 (Tue, 03 Aug 2021 13:08:30 GMT):
Has joined the channel.

BrunoMartins3 (Tue, 03 Aug 2021 13:48:04 GMT):
Has joined the channel.

swcurran (Tue, 03 Aug 2021 14:45:55 GMT):
Please ask in the #fabric channel.

PedroBranco (Tue, 03 Aug 2021 16:44:32 GMT):
Has joined the channel.

LAYLeangsros (Tue, 03 Aug 2021 17:01:18 GMT):
Has joined the channel.

rud9321 (Tue, 03 Aug 2021 19:32:31 GMT):
Has joined the channel.

LuisaB 2 (Wed, 04 Aug 2021 05:19:24 GMT):
Has joined the channel.

mcourtin (Wed, 04 Aug 2021 07:41:46 GMT):
Has joined the channel.

jlochman (Wed, 04 Aug 2021 09:03:13 GMT):
Has joined the channel.

pavithra8895 (Wed, 04 Aug 2021 10:41:13 GMT):
ok

amitpadmani-awts (Wed, 04 Aug 2021 12:39:19 GMT):
Has joined the channel.

amunoz (Wed, 04 Aug 2021 19:53:23 GMT):
Has joined the channel.

cmstonecse (Thu, 05 Aug 2021 03:29:31 GMT):
Has joined the channel.

woodymk (Thu, 05 Aug 2021 09:33:02 GMT):
Has joined the channel.

sagaracharya (Thu, 05 Aug 2021 10:28:18 GMT):
Has joined the channel.

abraxasccs (Thu, 05 Aug 2021 11:02:57 GMT):
Has joined the channel.

rsebastiany (Thu, 05 Aug 2021 11:27:48 GMT):
Has joined the channel.

MithunH 3 (Thu, 05 Aug 2021 12:17:28 GMT):
Has joined the channel.

merakh (Thu, 05 Aug 2021 17:39:31 GMT):
Has joined the channel.

oussema.gharsallaoui (Thu, 05 Aug 2021 17:48:40 GMT):
Has joined the channel.

patricioibarrag (Thu, 05 Aug 2021 18:56:28 GMT):
Has joined the channel.

swcurran (Fri, 06 Aug 2021 22:45:14 GMT):
My cut of the Aries 2021 Q3 Quarterly Report can be found here: https://wiki.hyperledger.org/display/TSC/2021+Q3+Hyperledger+Aries Comments, questions, corrections and additions are welcome! Bottom line -- Aries is an extremely active project!

swcurran (Fri, 06 Aug 2021 22:45:14 GMT):
My cut of the Aries 2021 Q3 Quarterly Report fir the :Hyperledger TSC can be found here: https://wiki.hyperledger.org/display/TSC/2021+Q3+Hyperledger+Aries Comments, questions, corrections and additions are welcome! Bottom line -- Aries is an extremely active project!

swcurran (Fri, 06 Aug 2021 22:45:14 GMT):
My cut of the Aries 2021 Q3 Quarterly Report for the Hyperledger TSC can be found here: https://wiki.hyperledger.org/display/TSC/2021+Q3+Hyperledger+Aries Comments, questions, corrections and additions are welcome! Bottom line -- Aries is an extremely active project!

DanteCullari (Sat, 07 Aug 2021 07:09:31 GMT):
Has joined the channel.

wifimarketingsolutions (Sat, 07 Aug 2021 09:34:54 GMT):
Has joined the channel.

JesusMG (Sat, 07 Aug 2021 15:42:02 GMT):
Has joined the channel.

vova777 (Sat, 07 Aug 2021 18:57:30 GMT):
Has joined the channel.

IshanChowdhury (Sun, 08 Aug 2021 10:04:34 GMT):
Has joined the channel.

luisabrunhosa (Sun, 08 Aug 2021 21:55:45 GMT):
Has joined the channel.

ahmedalsalih (Mon, 09 Aug 2021 03:32:47 GMT):
Has joined the channel.

nskishore1993 (Mon, 09 Aug 2021 07:13:15 GMT):
Has joined the channel.

anhduck (Mon, 09 Aug 2021 08:41:24 GMT):
Has joined the channel.

Mr.S (Mon, 09 Aug 2021 09:43:29 GMT):
Has joined the channel.

Amit18 (Tue, 10 Aug 2021 07:00:59 GMT):
Has joined the channel.

PuneetSivananda (Tue, 10 Aug 2021 11:36:50 GMT):
Has joined the channel.

mtfk (Tue, 10 Aug 2021 14:37:11 GMT):
Hello everyone, welcome after holidays! Due to some other commitment I won't be able to lead tomorrow Aries morning call and wonder if anyone would like to help to kick out the calls after summer break? Or if we should have 2 weeks more to relax? Let me know if anyone would be interested to co-chair those calls as my schedule getting really tied and would appreciate help on that.

nmoskaleva (Tue, 10 Aug 2021 18:56:53 GMT):
Has joined the channel.

swcurran (Tue, 10 Aug 2021 21:15:10 GMT):
@TelegramSam @danielhardman -- perhaps we can use this time slot for more collaboration between Europe and NA on Aries -- a time when Daniel can join the meeting?

nmoskaleva (Tue, 10 Aug 2021 21:38:18 GMT):
Hello! I was wondering if there is any tool for decoding messages similar to https://jwt.io/, that would decode JWM. Thank you!

roshan.joseph (Tue, 10 Aug 2021 22:00:31 GMT):
Has joined the channel.

fernandobender (Tue, 10 Aug 2021 22:48:10 GMT):
Has joined the channel.

kkaur01 (Tue, 10 Aug 2021 23:48:31 GMT):
Has joined the channel.

VikiAnand (Wed, 11 Aug 2021 04:14:57 GMT):
Has joined the channel.

danielhardman (Wed, 11 Aug 2021 07:30:35 GMT):
I could attend the Wed call that is US morning. I have some concepts related to DIDComm that I would love to discuss. But I don't know if that's the right meeting to bring them up. Would today's call be well attended -- or do you think people are still in summer vacation mode?

mtfk (Wed, 11 Aug 2021 09:12:13 GMT):
in EU a lot of people are still in vacation mode so hard to say, But if we properly facilitate the call I think we can couple couple of people.

mtfk (Wed, 11 Aug 2021 09:12:13 GMT):
in EU a lot of people are still in vacation mode so hard to say, But if we properly facilitate the call I think we can have couple of people.

danielhardman (Wed, 11 Aug 2021 10:18:20 GMT):
I think I would like to skip today, if the audience is only a couple of people. Try for next week?

mtfk (Wed, 11 Aug 2021 10:24:37 GMT):
This call is every second week according to schedule

mtfk (Wed, 11 Aug 2021 10:24:49 GMT):
so we can book that for 25th if you like

mtfk (Wed, 11 Aug 2021 10:25:24 GMT):
then I can help to facilitate that, just shoot me the exact topic which you would like to talk about

danielhardman (Wed, 11 Aug 2021 10:26:19 GMT):
@nmoskaleva : No. However, that's a great idea. Let me propose it.

danielhardman (Wed, 11 Aug 2021 10:30:07 GMT):
@nmoskaleva : https://github.com/sicpa-dlab/didcomm-gemini/issues/74

AndreyShevchenko (Wed, 11 Aug 2021 11:35:09 GMT):
Has joined the channel.

SandeepVankala (Wed, 11 Aug 2021 12:30:45 GMT):
Has joined the channel.

SandeepVankala (Wed, 11 Aug 2021 12:34:47 GMT):
Has left the channel.

mtfk (Wed, 11 Aug 2021 13:56:31 GMT):
Reminder today Aries Morning Call is canceled we would meet in 2 weeks!

TelegramSam (Wed, 11 Aug 2021 14:38:46 GMT):
It has been suggested that we re-evaluate the regular time for the Aries B call. Here's a link to indicate when you are able to regularly attend. https://whenisgood.net/ariesb/calltime

TelegramSam (Wed, 11 Aug 2021 14:39:29 GMT):
Be sure and select your timezone before selecting your times. ^

TimoGlastra (Wed, 11 Aug 2021 14:42:55 GMT):
I'd be a proponent of this, always a bit late for European time zones! :)

swcurran (Wed, 11 Aug 2021 16:23:19 GMT):
Sorry for the lack of response. We had some personal difficulties around here and my availability changed for this morning and the next couple of days. May miss some more meetings yet.

nmoskaleva (Wed, 11 Aug 2021 16:53:58 GMT):
thanks, @danielhardman !

BrianRani (Wed, 11 Aug 2021 19:13:50 GMT):
Has joined the channel.

bentoumia (Wed, 11 Aug 2021 21:53:59 GMT):
Has joined the channel.

manfredmeyer (Thu, 12 Aug 2021 09:21:25 GMT):
Has joined the channel.

arjanvaneersel (Thu, 12 Aug 2021 09:54:25 GMT):
Hello. Could someone tell me if there are guidelines for the development of Aries mobile agents? I'm interested to develop a mobile agent for Dart/Flutter. For as far as I could see there isn't none yet.

sairanjit (Thu, 12 Aug 2021 11:02:31 GMT):
@arjanvaneersel you can check this out https://github.com/ayanworks/ARNIMA-flutter-sdk

sairanjit (Thu, 12 Aug 2021 11:03:21 GMT):
Currently, SDK supports our custom build mediator agent

marcocomo (Thu, 12 Aug 2021 11:16:31 GMT):
Has joined the channel.

mccown (Thu, 12 Aug 2021 13:45:38 GMT):
Just a reminder that the Identity Implementer’s WG call is cancelled for today (Aug 12th). Please join us for our next meeting on Aug 26th. Thanks!

andreolf1 (Thu, 12 Aug 2021 16:49:11 GMT):
Has joined the channel.

phalves (Thu, 12 Aug 2021 17:08:11 GMT):
Has joined the channel.

PavelMinenkov (Thu, 12 Aug 2021 22:40:17 GMT):
Has joined the channel.

PavelMinenkov (Thu, 12 Aug 2021 22:40:19 GMT):
@arjanvaneersel you may have issues with Mobile OS power save modes, you may use Firebase cloud messaging and this mediator project may helps you https://github.com/Sirius-social/didcomm

phearaeun (Fri, 13 Aug 2021 02:26:03 GMT):
Has joined the channel.

phearaeun (Fri, 13 Aug 2021 02:30:16 GMT):
I am trying to create schema and cred def with multitenancy but I receive only Unauthorized. I also tried to create default sub wallet to get the token so that I can submit schema and create cred def for the next purpose but I received the following: ```Created new profile Profile backend: indy Profile name: mysubwallet No public DID``` Error: cannot submit schema without public did. Any help is appreciated!

phearaeun (Fri, 13 Aug 2021 02:30:16 GMT):
I am trying to create schema and cred def with multitenancy but I receive only Unauthorized. I also tried to create default sub wallet to get the token so that I can submit schema and create cred def for the next purpose but I received the following: ``` Created new profile Profile backend: indy Profile name: mysubwallet No public DID ``` Error: cannot submit schema without public did. Any help is appreciated!

danielhardman (Fri, 13 Aug 2021 06:52:56 GMT):
https://github.com/sicpa-dlab/didcomm-gemini/issues/74

ahmetcakmak606 (Fri, 13 Aug 2021 08:19:02 GMT):
Has joined the channel.

ataberkozek (Fri, 13 Aug 2021 08:30:39 GMT):
Has joined the channel.

schlagtim (Fri, 13 Aug 2021 10:28:48 GMT):
Has joined the channel.

OzodbekXomidbekov (Fri, 13 Aug 2021 12:02:21 GMT):
Has joined the channel.

phearaeun (Fri, 13 Aug 2021 12:17:27 GMT):
heara?01021989

sebaleoperez (Fri, 13 Aug 2021 14:59:08 GMT):
Has joined the channel.

phearaeun (Sat, 14 Aug 2021 02:01:59 GMT):
With multitenancy, how can we connect base wallet to mediator?

surya7 (Sat, 14 Aug 2021 14:17:58 GMT):
Has joined the channel.

nishantchandla (Sat, 14 Aug 2021 15:02:30 GMT):
Has joined the channel.

nits2k (Sun, 15 Aug 2021 02:44:41 GMT):
Has joined the channel.

ApoorvSingal (Sun, 15 Aug 2021 17:08:03 GMT):
Has joined the channel.

jeaninejue1 (Sun, 15 Aug 2021 21:54:05 GMT):
Has joined the channel.

fftkim (Mon, 16 Aug 2021 04:30:18 GMT):
Has joined the channel.

esther_pan (Mon, 16 Aug 2021 07:39:18 GMT):
Has joined the channel.

mklarmann (Mon, 16 Aug 2021 08:31:19 GMT):
Has joined the channel.

aditya.21991 (Mon, 16 Aug 2021 09:43:26 GMT):
Has joined the channel.

luandt1809 (Tue, 17 Aug 2021 04:08:57 GMT):
Has joined the channel.

N_Mizuki (Tue, 17 Aug 2021 05:12:47 GMT):
Has joined the channel.

hoily.dev (Tue, 17 Aug 2021 07:09:27 GMT):
Has joined the channel.

atodorov_kiwi (Tue, 17 Aug 2021 07:53:28 GMT):
Has joined the channel.

GuoshenKuang (Tue, 17 Aug 2021 09:14:36 GMT):
Has joined the channel.

samie (Tue, 17 Aug 2021 11:18:37 GMT):
Has joined the channel.

KevinKerkhoven (Tue, 17 Aug 2021 11:24:11 GMT):
Has joined the channel.

bharadwajambati172 (Tue, 17 Aug 2021 12:19:54 GMT):
Has joined the channel.

GereonHinz (Tue, 17 Aug 2021 13:34:45 GMT):
Has joined the channel.

mateussousa (Tue, 17 Aug 2021 13:53:39 GMT):
Hey guys! Is it possible to force aca-py to use ws outbound transport instead of http?

HamzaHijazi (Tue, 17 Aug 2021 17:14:28 GMT):
Has joined the channel.

kevinhill (Tue, 17 Aug 2021 19:55:51 GMT):
Has joined the channel.

BouXez (Wed, 18 Aug 2021 09:35:01 GMT):
Has joined the channel.

seriousm 3 (Wed, 18 Aug 2021 13:27:28 GMT):
I have a question concering the intersection of verifiable credentials and DIDs. Suppose I employ a pairwise unique DiD for communication with another entity. Now, does the VC that I want to present need to be issued to the keypair associated with the pairwise unique DID? Or is it only the link/master secret that is required to prove that I am in posession of a credential, which can then solely be proven through the public key of the issuer? Thank you very much in advance :)

deas (Wed, 18 Aug 2021 17:03:08 GMT):
I think it's the latter, not the former. (Public DID, not pairwise unique DID.) But I also think that there might be work out there in trying to prove that the VC was truly issued to the entity presenting proof based on it. Is that what you're getting at?

TelegramSam (Wed, 18 Aug 2021 17:45:00 GMT):
Reminder: Fill out the Aries B call timeslot questionaire! https://whenisgood.net/ariesb/calltime

bsustudent (Wed, 18 Aug 2021 19:39:15 GMT):
Has joined the channel.

sudng (Wed, 18 Aug 2021 21:49:59 GMT):
Has joined the channel.

swcurran (Wed, 18 Aug 2021 23:24:10 GMT):
The pair-wise DIDs for Comms in Aries should be unrelated to the DID of the issuer of a VC. Further, in Indy AnonCreds, the holder is bound to the VC by the link secret, not the pairwise DID. So, it's the latter of your options. In AnonCreds: - The Holder gives the Issuer a "Blinded link Secret" - The Issuer inserts that into and their own DID in the the VC - They sign the VC and the claims in the VC using the private keys in the CredDefinition (on the Indy ledger). - The Holder proves (in zero knowledge) they have the link secret (without revealing it) in providing the presentation. - The verifier can verify the Issuer's DID and signature on the claims using the objects on the ledger, and that the correct link secret was proven using the blinded link secret. Hope that helps!

swcurran (Wed, 18 Aug 2021 23:25:35 GMT):
Note that the model changes with the W3C Standard VCs. At this point, the Holder must have an identifier in the VC from the issuer, and must prove to the verifier they control the private key related to that identifier. There is no ZKP/link secret capability.

hiroyukihonda (Thu, 19 Aug 2021 01:08:28 GMT):
Has joined the channel.

HUOH 1 (Thu, 19 Aug 2021 02:15:59 GMT):
Has joined the channel.

aravindrajck (Thu, 19 Aug 2021 07:51:51 GMT):
Has joined the channel.

lauravuo-techlab (Thu, 19 Aug 2021 08:20:37 GMT):
Since the B call is in quite challenging time for us European folks, we have been listening to the call recordings :slightly_smiling_face: However, I noticed that there hasn't been recordings for a while. Have you stopped recording the meetings for good?

kaveri (Thu, 19 Aug 2021 08:28:34 GMT):
Has joined the channel.

seriousm 3 (Thu, 19 Aug 2021 08:46:15 GMT):
@deas Yes, that is what I am getting at! @swcurran Thank you for the short deep dive! I understand how it works in Anoncreds using CL signatures and that the issuer basically signs a commitment to the link secret as the first message of the message block which also contains the holders attributes. I guess when you are referring to the current W3C VC standard and proving that you are in control of a private key, you are referring to the utilization of BBS+ signatures rather than CL signatures, as they do not demand for a link secret anymore, but rather allow for one keypair per credential? Could you provide some resources on the mechanism where the Holder must have an "identifier in the VC from the issuer"? I don't understand this part yet :)

seriousm 3 (Thu, 19 Aug 2021 08:47:08 GMT):
And I also can't seem to find that in the VC specification, maybe i just overlooked something...

tuyendev (Thu, 19 Aug 2021 09:48:01 GMT):
Has joined the channel.

swcurran (Thu, 19 Aug 2021 14:26:39 GMT):
You have it. I agree on the lack of coverage of that in the VC spec, and I've raised an issue #789 and a PR #795 about binding a VC to it's Holder. You can read about my view on that in the issue and PR, and the response from others. https://github.com/w3c/vc-data-model

DianaTique (Thu, 19 Aug 2021 17:36:54 GMT):
Has joined the channel.

mona15 (Thu, 19 Aug 2021 22:12:40 GMT):
Has joined the channel.

huangxiaoqi (Fri, 20 Aug 2021 01:48:24 GMT):
Has joined the channel.

AnuragKumar10 (Fri, 20 Aug 2021 04:08:24 GMT):
Has joined the channel.

MatanNahmani (Fri, 20 Aug 2021 05:06:58 GMT):
Has joined the channel.

norswap (Fri, 20 Aug 2021 08:53:23 GMT):
Has joined the channel.

yigemaser (Fri, 20 Aug 2021 10:42:58 GMT):
Has joined the channel.

hishmad (Fri, 20 Aug 2021 11:10:38 GMT):
Has joined the channel.

bsu (Fri, 20 Aug 2021 11:45:15 GMT):
Has joined the channel.

w1g0 (Fri, 20 Aug 2021 13:28:40 GMT):
Has joined the channel.

Crispin-Sharkaroo (Fri, 20 Aug 2021 18:04:34 GMT):
Has joined the channel.

elman27 (Fri, 20 Aug 2021 19:11:10 GMT):
Has joined the channel.

kangme (Fri, 20 Aug 2021 21:57:30 GMT):
Hi! I am Meng Kang, a Master’s student in Electrical Engineering supervised by Dr.Victria Lemieux. We are looking for people with a background in blockchain, cryptography, or software engineering to volunteer for an anonymous survey. You will first watch a presentation video of our software design research project ‘A Decentralized Identity-Based Blockchain Solution for Privacy-Preserving Licensing of Individual-Owned Data to Prevent Unauthorized Secondary Data Usage’, and then provide your feedback by filling out an online questionnaire. Here is the link for the presentation video: https://drive.google.com/file/d/1X7epdOwUB0SvDOlKrDeGU8l8eKwWSiLd/view?usp=sharing Here is the link to the survey: https://ubc.ca1.qualtrics.com/jfe/form/SV_3C4Yp2FPiHufmM6 Here is the PDF version of the video: https://docs.google.com/presentation/d/1pbjmTVxWe6HQ4Jge-qR0-xS3nn2rIRAW/edit?usp=sharing&ouid=105944806570308548495&rtpof=true&sd=true The video will take you 20 minutes to watch, and the survey will take you another 20 minutes to complete. Thank you for your time and feedback on our research. Please contact me via meng.kang@ubc.ca if you have further interest in this study.

TimoGlastra (Sat, 21 Aug 2021 13:20:21 GMT):
Hi @kangme it seems I don't have permission to access the video. I've sent a request to get access

TimoGlastra (Sat, 21 Aug 2021 13:20:30 GMT):
Sounds very interesting!

yogesh.yadav (Sun, 22 Aug 2021 17:12:21 GMT):
Has joined the channel.

mikexiour (Mon, 23 Aug 2021 06:39:14 GMT):
Has joined the channel.

Anasalamin (Mon, 23 Aug 2021 07:00:24 GMT):
Has joined the channel.

malarflower23 (Mon, 23 Aug 2021 07:37:24 GMT):
Has joined the channel.

cinhtw (Mon, 23 Aug 2021 09:45:20 GMT):
Has joined the channel.

wonderwoman11 (Mon, 23 Aug 2021 12:40:04 GMT):
Has joined the channel.

ffendt (Mon, 23 Aug 2021 13:02:02 GMT):
Has joined the channel.

svitzebec (Mon, 23 Aug 2021 13:43:53 GMT):
Has joined the channel.

biswa1 (Mon, 23 Aug 2021 18:24:07 GMT):
Has joined the channel.

kangme (Mon, 23 Aug 2021 19:06:19 GMT):
Hi,you can access it now

TimoGlastra (Mon, 23 Aug 2021 19:07:01 GMT):
Awesome, thanks! I'm going to take a look

kangme (Mon, 23 Aug 2021 19:13:24 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=iuuobiSGAZuwd92iG) Just changed the permission of the video, anyone interested can view it.

no_one13 (Mon, 23 Aug 2021 20:13:35 GMT):
Has joined the channel.

Oliver_Tahir (Tue, 24 Aug 2021 05:02:40 GMT):
Has joined the channel.

Matannah 1 (Tue, 24 Aug 2021 05:17:41 GMT):
Has joined the channel.

mirgaon (Tue, 24 Aug 2021 06:46:36 GMT):
Has joined the channel.

tinkerbell (Tue, 24 Aug 2021 07:26:58 GMT):
Has joined the channel.

Jianglh (Tue, 24 Aug 2021 08:50:40 GMT):
Has joined the channel.

hfjohann (Tue, 24 Aug 2021 08:55:47 GMT):
Has joined the channel.

RuiYang (Tue, 24 Aug 2021 10:03:03 GMT):
Has joined the channel.

deathgod86 (Tue, 24 Aug 2021 10:42:31 GMT):
Has joined the channel.

fdiarra (Tue, 24 Aug 2021 11:04:45 GMT):
Has joined the channel.

drewmarshburn (Tue, 24 Aug 2021 12:00:04 GMT):
Has joined the channel.

Anasalamin (Tue, 24 Aug 2021 14:34:22 GMT):
hello everyone, i'm new to hyperledger and i'm trying to use aries-mobile-agent-react-native but i couldn't seem to understand to how to work with the mediator thing or where i should set it up!! any articles you provide could be super helpful

mateussousa (Tue, 24 Aug 2021 14:53:51 GMT):
I do not recommend to use the suggested mediator. It seems to be very unstable.

kirstygoodary (Tue, 24 Aug 2021 15:25:48 GMT):
Has joined the channel.

swcurran (Tue, 24 Aug 2021 18:12:53 GMT):
That's not good. Have you shared your concerns/findings? @JamesEbert ^^

swcurran (Tue, 24 Aug 2021 18:13:37 GMT):
Also, the #aries-bifold channel is specific to to Aries Mobile Agent React Native, so is a good place to collaborate.

anuragsingh (Tue, 24 Aug 2021 18:31:42 GMT):
Has joined the channel.

jjordan-quantum (Tue, 24 Aug 2021 19:49:38 GMT):
Has joined the channel.

j-s (Tue, 24 Aug 2021 20:46:22 GMT):
Has joined the channel.

prathampatil8119 (Wed, 25 Aug 2021 04:24:32 GMT):
Has joined the channel.

VisheshRaj (Wed, 25 Aug 2021 07:37:36 GMT):
Has joined the channel.

Anasalamin (Wed, 25 Aug 2021 09:29:32 GMT):
alright thank you very much, i might find the answer from the chat there

AlkaidCC (Wed, 25 Aug 2021 10:11:46 GMT):
Has joined the channel.

mtfk (Wed, 25 Aug 2021 11:42:21 GMT):
Hi Everyone today on Aries A WG we would like to discuss the topics related with DIDComm, we would start with high level introduction for those who are not familiar with it and then dive into the far future how this could be shaped into something which we could call "fat protocols" and applicationless ecosystem. Details of the meeting as always on the wiki page: https://wiki.hyperledger.org/pages/viewpage.action?pageId=56723948 We starting at 4pm CET - in about 2h. See you there!

huzhiyang (Wed, 25 Aug 2021 12:29:30 GMT):
Has joined the channel.

balaji7777 (Wed, 25 Aug 2021 15:22:33 GMT):
Has joined the channel.

ShubhamUmate (Wed, 25 Aug 2021 17:01:13 GMT):
Has joined the channel.

mccown (Wed, 25 Aug 2021 19:46:59 GMT):
The Identity Implementer's WG is meeting today / tomorrow (Aug 26th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Horacio Nunez (Kiva) will present a new open source desktop tool that will connect secure biometrics with SSI-powered backend services. Wiki: https://wiki.hyperledger.org/display/IWG/2021-08-26+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

mccown (Wed, 25 Aug 2021 19:46:59 GMT):
The Identity Implementer's WG is meeting tomorrow (Aug 26th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Horacio Nunez (Kiva) will present a new open source desktop tool that will connect secure biometrics with SSI-powered backend services. Wiki: https://wiki.hyperledger.org/display/IWG/2021-08-26+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

NimiCorp (Wed, 25 Aug 2021 20:55:19 GMT):
Has joined the channel.

ashishspg (Thu, 26 Aug 2021 05:22:22 GMT):
Has joined the channel.

AskarAlmabek (Thu, 26 Aug 2021 06:02:22 GMT):
Has joined the channel.

Hasib_Linux (Thu, 26 Aug 2021 07:28:01 GMT):
Has joined the channel.

JongHyunPark (Thu, 26 Aug 2021 08:38:03 GMT):
Has joined the channel.

SatyamGupta1 (Thu, 26 Aug 2021 13:56:49 GMT):
Has joined the channel.

ElhamShammar (Thu, 26 Aug 2021 15:30:45 GMT):
Has joined the channel.

Princekumar4812 (Fri, 27 Aug 2021 03:02:21 GMT):
Has joined the channel.

bhuwanupadhyay (Fri, 27 Aug 2021 06:37:11 GMT):
Has joined the channel.

mohsinanees (Fri, 27 Aug 2021 09:51:06 GMT):
Has joined the channel.

sashankh (Fri, 27 Aug 2021 18:58:04 GMT):
Has joined the channel.

ShafiqIslam (Fri, 27 Aug 2021 22:34:38 GMT):
Has joined the channel.

kangme (Fri, 27 Aug 2021 22:52:52 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=iuuobiSGAZuwd92iG) We are seeking more volunteers to participate in this study

thonexin (Sat, 28 Aug 2021 04:41:21 GMT):
Has joined the channel.

TrishPat (Sat, 28 Aug 2021 07:55:35 GMT):
Has joined the channel.

jk-tonycui (Sun, 29 Aug 2021 02:14:52 GMT):
Has joined the channel.

samson9993 (Sun, 29 Aug 2021 08:19:53 GMT):
Has joined the channel.

ksanjayk (Sun, 29 Aug 2021 17:15:07 GMT):
when will the "Hyperledger Aries Developer" course start on edx, what changes can we expect from the last course, is there any other source where i can follow or get material

swcurran (Sun, 29 Aug 2021 19:35:12 GMT):
I believe the course will launch on Sept. 1, 2021 — this Tuesday. The course follows the same flow as the last version, but is updated with all that has happened in the last year and half. Everything in it is based on Open Source code, and all the labs point to open source.

swcurran (Sun, 29 Aug 2021 19:35:12 GMT):
I believe the course will launch on Sept. 1, 2021 — this Wednesday. The course follows the same flow as the last version, but is updated with all that has happened in the last year and half. Everything in it is based on Open Source code, and all the labs point to open source activities, with full code access.

maurosala (Mon, 30 Aug 2021 07:09:49 GMT):
Has joined the channel.

dsam82 (Mon, 30 Aug 2021 08:53:39 GMT):
Has joined the channel.

rroman 1 (Mon, 30 Aug 2021 09:12:34 GMT):
Has joined the channel.

peppelinux (Mon, 30 Aug 2021 14:04:26 GMT):
Has joined the channel.

WillimJames (Tue, 31 Aug 2021 05:56:25 GMT):
Has joined the channel.

pipscobie (Tue, 31 Aug 2021 11:16:04 GMT):
Has joined the channel.

giorgiomecca (Tue, 31 Aug 2021 12:31:16 GMT):
Has joined the channel.

ksanjayk (Tue, 31 Aug 2021 14:13:49 GMT):
Thank you, I am looking forward to start it as soon as it is available.

JJeffrey (Tue, 31 Aug 2021 14:35:26 GMT):
Has joined the channel.

TelegramSam (Tue, 31 Aug 2021 16:05:25 GMT):
PSA: The Aries B call has moved to the A call time on a regular basis. If you have copied the calendar event it likely won't update, and you'll need to re-copy it from the HL Community Calendar.

TelegramSam (Tue, 31 Aug 2021 16:05:42 GMT):
(The HL Community Calendar has been updated)

TelegramSam (Tue, 31 Aug 2021 16:05:52 GMT):
See you earlier tomorrow!

b1conrad (Tue, 31 Aug 2021 16:32:45 GMT):
Would you be so kind as to post a link to that page?

swcurran (Tue, 31 Aug 2021 20:47:45 GMT):
Meeting page is here: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group

b1conrad (Tue, 31 Aug 2021 21:06:10 GMT):
Thanks, Stephen!

birjoossh (Wed, 01 Sep 2021 00:53:18 GMT):
Has joined the channel.

clemhumb (Wed, 01 Sep 2021 06:20:01 GMT):
Has joined the channel.

roviso (Wed, 01 Sep 2021 07:05:06 GMT):
Has joined the channel.

sunchiye (Wed, 01 Sep 2021 07:46:34 GMT):
Has joined the channel.

ohthemboats (Wed, 01 Sep 2021 08:03:49 GMT):
Has joined the channel.

ManojTaleka (Wed, 01 Sep 2021 08:09:30 GMT):
Yes now I am able to run ACA-Py on multiple hosts and even on Pi 3 device

MahaQahtani (Wed, 01 Sep 2021 08:38:23 GMT):
Has joined the channel.

TelegramSam (Wed, 01 Sep 2021 13:48:29 GMT):
PSA: Aries A Call starts in 12 minutes, at a new time!

TelegramSam (Wed, 01 Sep 2021 14:00:58 GMT):
warning: we may have new zoom room conflicts to work out. please be kind and patient.

TelegramSam (Wed, 01 Sep 2021 14:03:53 GMT):
Aries Call on now!

TimoGlastra (Wed, 01 Sep 2021 16:43:48 GMT):
Dammit forgot it was moved

SheharYar (Wed, 01 Sep 2021 20:43:21 GMT):
Has joined the channel.

swcurran (Wed, 01 Sep 2021 21:38:26 GMT):
Nice! The Pi3 device is super interesting. There is an #aries-embedded channel that you might want to share what you did for that.

ManojTaleka (Thu, 02 Sep 2021 04:41:21 GMT):
Yes definitely

Harsh_Vekariya (Thu, 02 Sep 2021 05:31:49 GMT):
Has joined the channel.

ShekharGuptaEN (Thu, 02 Sep 2021 05:47:21 GMT):
Has joined the channel.

martinmaurer (Thu, 02 Sep 2021 06:11:08 GMT):
Has joined the channel.

ArchitaDasgupta (Thu, 02 Sep 2021 11:45:25 GMT):
Has joined the channel.

smyyihvn (Thu, 02 Sep 2021 15:08:15 GMT):
Has joined the channel.

ramu450 (Fri, 03 Sep 2021 05:12:52 GMT):
Has joined the channel.

Omen 8 (Fri, 03 Sep 2021 05:34:42 GMT):
Has joined the channel.

AdityaGupta150 (Fri, 03 Sep 2021 12:15:59 GMT):
Has joined the channel.

anil8753 (Fri, 03 Sep 2021 15:21:54 GMT):
Has joined the channel.

leebradley (Fri, 03 Sep 2021 15:42:06 GMT):
Has joined the channel.

FoamCactus (Fri, 03 Sep 2021 15:54:09 GMT):
Has joined the channel.

alagiesellu (Fri, 03 Sep 2021 20:27:03 GMT):
Has joined the channel.

kangme (Fri, 03 Sep 2021 22:10:53 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=iuuobiSGAZuwd92iG) We are seeking more volunteers to participate in this study

kangme (Fri, 03 Sep 2021 22:14:17 GMT):
Thank for those people who have already responded and provided helpfu feedback on my solution architecture. I really appreciate it!

rlnrajesh (Sat, 04 Sep 2021 03:27:10 GMT):
Has joined the channel.

frank-student (Sat, 04 Sep 2021 03:41:46 GMT):
Has joined the channel.

kutya (Sat, 04 Sep 2021 09:47:06 GMT):
Has joined the channel.

MiryangJung (Sat, 04 Sep 2021 14:41:21 GMT):
Has joined the channel.

pseudoyu (Sat, 04 Sep 2021 15:10:22 GMT):
Has joined the channel.

rohitcha (Sun, 05 Sep 2021 09:05:42 GMT):
Has joined the channel.

RahulRajBarnwal (Sun, 05 Sep 2021 16:21:29 GMT):
Has joined the channel.

DenverNaicker (Sun, 05 Sep 2021 16:43:23 GMT):
Has joined the channel.

DenverNaicker (Sun, 05 Sep 2021 16:45:36 GMT):
Hi, is there a schedule for aries call events that one can access?

DenverNaicker (Sun, 05 Sep 2021 16:47:14 GMT):
Experiencing an Error 403: Ledger not found when von-network running on localhost:9000 and previously accepted posts. Has anyone experienced this error? I have checked on github issues and the one related to pi connection was not resolved https://github.com/bcgov/von-network/issues/140

bhathiya (Sun, 05 Sep 2021 17:58:03 GMT):
Has joined the channel.

MiryangJung (Sun, 05 Sep 2021 18:53:39 GMT):
I am trying to issue a VC. Both agents have autoAcceptCredentials.Always, but vc does not seem to be issued properly. ` const connection = await agent.connections.receiveInvitationFromUrl(url, { autoAcceptConnection: true, }) const record = { name: `Name-${new Date}`, age: '26', }; const attributes = Object.entries(record).map( ([name, value]) => new CredentialPreviewAttribute({ name, mimeType: 'text/plain', value, }) ) const credentialPreview = new CredentialPreview({ attributes} ); let credentialRecord = await agent.credentials.proposeCredential(connection.id, { credentialProposal: credentialPreview, credentialDefinitionId: 'Th7MpTaRZVRYnaiabds81Y:3:CL:60:TAG1', }) await sleep(10000) console.log(credentialRecord.getCredentialInfo()) ` *output!* I don't know why metadata is underdefined. `CredentialInfo { metadata: { credentialDefinitionId: undefined, schemaId: undefined }, claims: { name: ' Name-Mon Sep 06 2021 03:47:44 GMT+0900 (Korean Standard Time)', age: '26' }, attachments: undefined } `

MiryangJung (Sun, 05 Sep 2021 18:53:39 GMT):
I am trying to issue a VC. Both agents have autoAcceptCredentials.Always, but vc does not seem to be issued properly. ` const connection = await agent.connections.receiveInvitationFromUrl(url) const record = { name: `Name-${new Date}`, age: '26', }; const attributes = Object.entries(record).map( ([name, value]) => new CredentialPreviewAttribute({name,mimeType: 'text/plain',value,}) ) const credentialPreview = new CredentialPreview({ attributes} ); let credentialRecord = await agent.credentials.proposeCredential(connection.id, { credentialProposal: credentialPreview, credentialDefinitionId: 'Th7MpTaRZVRYnaiabds81Y:3:CL:60:TAG1', }) await sleep(10000) console.log(credentialRecord.getCredentialInfo()) ` *output!* I don't know why metadata is underdefined. `CredentialInfo { metadata: { credentialDefinitionId: undefined, schemaId: undefined }, claims: { name: ' Name-Mon Sep 06 2021 03:47:44 GMT+0900 (Korean Standard Time)', age: '26' }, attachments: undefined } `

MiryangJung (Sun, 05 Sep 2021 18:53:39 GMT):
I am trying to issue a VC. Both agents have autoAcceptCredentials.Always, but vc does not seem to be issued properly. ``` const connection = await agent.connections.receiveInvitationFromUrl(url) const record = { name: `Name-${new Date}`, age: '26', }; const attributes = Object.entries(record).map( ([name, value]) => new CredentialPreviewAttribute({name,mimeType: 'text/plain',value,}) ) const credentialPreview = new CredentialPreview({ attributes} ); let credentialRecord = await agent.credentials.proposeCredential(connection.id, { credentialProposal: credentialPreview, credentialDefinitionId: 'Th7MpTaRZVRYnaiabds81Y:3:CL:60:TAG1', }) await sleep(10000) console.log(credentialRecord.getCredentialInfo()) ` *output!* I don't know why metadata is underdefined. `CredentialInfo { metadata: { credentialDefinitionId: undefined, schemaId: undefined }, claims: { name: ' Name-Mon Sep 06 2021 03:47:44 GMT+0900 (Korean Standard Time)', age: '26' }, attachments: undefined } ```

MiryangJung (Sun, 05 Sep 2021 18:53:39 GMT):
I am trying to issue a VC. Both agents have autoAcceptCredentials.Always, but vc does not seem to be issued properly. ``` const connection = await agent.connections.receiveInvitationFromUrl(url) const record = { name: `Name-${new Date}`, age: '26', }; const attributes = Object.entries(record).map( ([name, value]) => new CredentialPreviewAttribute({name,mimeType: 'text/plain',value,}) ) const credentialPreview = new CredentialPreview({ attributes} ); let credentialRecord = await agent.credentials.proposeCredential(connection.id, { credentialProposal: credentialPreview, credentialDefinitionId: 'Th7MpTaRZVRYnaiabds81Y:3:CL:60:TAG1', }) await sleep(10000) console.log(credentialRecord.getCredentialInfo()) ` *output!* I don't know why metadata is underdefined. CredentialInfo { metadata: { credentialDefinitionId: undefined, schemaId: undefined }, claims: { name: ' Name-Mon Sep 06 2021 03:47:44 GMT+0900 (Korean Standard Time)', age: '26' }, attachments: undefined } ```

scnale (Sun, 05 Sep 2021 23:39:03 GMT):
Has joined the channel.

taccatisid (Mon, 06 Sep 2021 03:30:43 GMT):
Has joined the channel.

BovTricera (Mon, 06 Sep 2021 04:11:43 GMT):
Has joined the channel.

XINGYUZHU (Mon, 06 Sep 2021 06:44:23 GMT):
Has left the channel.

ShaharinAhmed (Mon, 06 Sep 2021 09:52:57 GMT):
Has joined the channel.

iffathossain (Mon, 06 Sep 2021 09:53:01 GMT):
Has joined the channel.

omerabbas (Mon, 06 Sep 2021 11:09:05 GMT):
Has joined the channel.

Junior22 (Mon, 06 Sep 2021 11:48:05 GMT):
Has joined the channel.

Junior22 (Mon, 06 Sep 2021 11:48:41 GMT):
Hi, how can i create a user with aries?

DenverNaicker (Mon, 06 Sep 2021 15:17:21 GMT):
Has left the channel.

kangme (Tue, 07 Sep 2021 01:22:23 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=iuuobiSGAZuwd92iG) We are seeking more volunteers to participate in this study

michael1203 (Tue, 07 Sep 2021 01:46:39 GMT):
Has joined the channel.

sasikanuri (Tue, 07 Sep 2021 03:15:10 GMT):
Has joined the channel.

voutasaurus (Tue, 07 Sep 2021 09:58:38 GMT):
Has joined the channel.

MarcoOliveira (Tue, 07 Sep 2021 10:06:36 GMT):
Has joined the channel.

regiseloi (Tue, 07 Sep 2021 18:25:34 GMT):
Has joined the channel.

BGerb27 (Wed, 08 Sep 2021 11:29:49 GMT):
Has joined the channel.

bfrech (Wed, 08 Sep 2021 12:00:08 GMT):
Has joined the channel.

fangxin (Wed, 08 Sep 2021 13:12:44 GMT):
Has joined the channel.

danilp (Wed, 08 Sep 2021 15:04:09 GMT):
Has joined the channel.

TelegramSam (Wed, 08 Sep 2021 16:11:18 GMT):
I've updated the Hyperledger Calendar to combine the A and B calls. If you are a regular on the A call, the time and link are the same, but now the call happens weekly. If you are a regular on the B call, the time is the same as the A call, now 60 minutes, and weekly. Robert and I will share meeting hosting.

WadeBarnes (Wed, 08 Sep 2021 16:52:36 GMT):
`von-network` now has a set of tagged releases so you can reference stable versions; https://github.com/bcgov/von-network/releases

mccown (Wed, 08 Sep 2021 17:52:21 GMT):
The Identity Implementer's WG is meeting tomorrow (Sep 9th @ 9am MT / 3pm UTC). In this call, we will review updates from several industry WGs, which you may have missed. This week, Jim StClair (Lumedic.io) will present an overview of how SSI technologies are progressing through ISO/TC 307 to become a part of ISO standards. Wiki: https://wiki.hyperledger.org/display/IWG/2021-09-9+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

jan-law (Wed, 08 Sep 2021 21:36:36 GMT):
Has joined the channel.

Jason.Leach (Wed, 08 Sep 2021 22:06:04 GMT):
Has joined the channel.

MarcoOliveira (Wed, 08 Sep 2021 22:56:37 GMT):
Has left the channel.

kangme (Wed, 08 Sep 2021 23:25:03 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=iuuobiSGAZuwd92iG) We are seeking more volunteers to participate in this study

Kharvok (Thu, 09 Sep 2021 00:43:08 GMT):
Has joined the channel.

subashnair (Thu, 09 Sep 2021 05:21:41 GMT):
Has joined the channel.

gseront (Thu, 09 Sep 2021 08:19:42 GMT):
Has joined the channel.

mianhammad (Thu, 09 Sep 2021 08:47:42 GMT):
Has joined the channel.

mianhammad (Thu, 09 Sep 2021 09:08:40 GMT):
Hi Everyone! I want to benchmark our ethereum private network and would like to use the caliper for this. I have the configuration file for it but it's giving me error "You must provide the json interface of the contract when instantiating a contract object" I have pasted my network configuration file code and command. Can you please help me out in solving this. `{ "caliper": { "blockchain": "ethereum", "command" : {} }, "ethereum": { "url": "ws://localhost:7545", "contractDeployerAddress": "0x5B14D7452573edB2ABe4941286618Fc09F1Ae085", "contractDeployerAddressPassword": "a0969bdb33adfb905d0d94cf4d6b1f63ebee447a17b80972f16e178bd0b219df", "fromAddress": "0x5B14D7452573edB2ABe4941286618Fc09F1Ae085", "fromAddressPassword": "a0969bdb33adfb905d0d94cf4d6b1f63ebee447a17b80972f16e178bd0b219df", "transactionConfirmationBlocks": 2, "contracts": { "simple": { "path": "../../../src/ethereum/simple/simple.json", "estimateGas": true, "gas": { "query": 100000, "transfer": 70000 } } } } } ` Command caliper launch manager --caliper-workspace ./ --caliper-networkconfig ./networks/ethereum/1node-clique/networkconfig.json --caliper-benchconfig benchmarks/scenario/simple/config.yaml --caliper-flow-only-test --caliper-fabric-gateway-enabled

akankshadixit (Thu, 09 Sep 2021 10:31:26 GMT):
Has joined the channel.

justiny (Fri, 10 Sep 2021 01:27:50 GMT):
Has joined the channel.

Fang.Fang (Fri, 10 Sep 2021 02:13:31 GMT):
Has joined the channel.

Anasalamin (Fri, 10 Sep 2021 08:37:42 GMT):
hello everyone, i was wondering if php is one of the languages that Aries supports, if so, is there any docs about it? because i couldn't find any documents about how we can use Aries in php

conanoc (Fri, 10 Sep 2021 10:17:12 GMT):
PHP is not supported for now.

DenverNaicker (Fri, 10 Sep 2021 10:39:32 GMT):
Has joined the channel.

DenverNaicker (Fri, 10 Sep 2021 10:39:32 GMT):
I was trying to setup Aries Dotnet Xamarin and one of the requirements was the static libraries for iOS and Android. The link is broken on the github repo and there is a pre-existing issue opened for 15 days, was wondering if anyone has an alternative link? https://github.com/hyperledger/aries-mobile-agent-xamarin#working-with-public-endpoint https://hyperledger-org.bintray.com/aries/ The actual error says 'Forbidden'

LakshmanPalli (Fri, 10 Sep 2021 15:40:44 GMT):
Has joined the channel.

ricc.zappoli (Fri, 10 Sep 2021 16:16:02 GMT):
Has joined the channel.

JamesEbert (Fri, 10 Sep 2021 17:45:53 GMT):
Hi @Anasalamin, sorry for the delayed response, but we've recently updated the Bifold app to allow it to use ACA-Py as a mediator, which should help with your concerns of stability for mediation. You are also welcome to use Indicio's Public Mediator for testing if you find that helpful: https://indicio-tech.github.io/mediator/

regiseloi (Fri, 10 Sep 2021 19:37:24 GMT):
I'm running into some unexpected and inconsistent issues with the Aries test harness (AATH). I'm testing using several mobile wallets on iOS (Lissi among others), but I keep having problems accepting the connection request from Faber when executing @T001.5-RFC0037. I have no problem with T001-RFC0160, so I'm not sure what is different about this connection request (I can also execute @T003-RFC0036 without a problem). The mobile agent gets the connection request, but it's unable to accept it. FYI, here's the command I use (this is using ACA-Py 0.7.1RC0): `LEDGER_URL_CONFIG=http://test.bcovrin.vonx.io TAILS_SERVER_URL_CONFIG=https://tails.vonx.io ./manage run -d acapy-main -b mobile -n -r allure -t @T001.5-RFC0037` And more details on what is happening at the time: `/steps/0160-connection.py:272 62.928sonnection_id, state'} Assertion Failed: FAILED SUB-STEP: And "Faber" sends a connection response to "Bob" Substep info: Assertion Failed: resp_status 500 is not 200; Expected state request but note recevied Traceback (of failed substep): File "/usr/local/lib/python3.7/site-packages/behave/model.py", line 1329, in run match.run(runner.context) File "/usr/local/lib/python3.7/site-packages/behave/matchers.py", line 98, in run self.func(context, *args, **kwargs) File "features/steps/0160-connection.py", line 161, in step_impl assert resp_status == 200, f'resp_status {resp_status} is not 200; {resp_text}'` I'd welcome any suggestions to troubleshoot this further!

Charly88554 (Fri, 10 Sep 2021 20:41:02 GMT):
Has joined the channel.

gameprofits (Fri, 10 Sep 2021 22:17:35 GMT):
Has joined the channel.

swcurran (Fri, 10 Sep 2021 23:11:00 GMT):
We have a channel for the Aries Agent Test Harness, so best to take it there: #aries-agent-test-harness And I see you have done that. Good stuff!

BlockchainTrainer (Sat, 11 Sep 2021 02:58:26 GMT):
Has joined the channel.

Pankil_Patel (Sat, 11 Sep 2021 06:27:52 GMT):
Has joined the channel.

fernandosilvap96 (Sun, 12 Sep 2021 00:14:48 GMT):
Has joined the channel.

HarithKza (Sun, 12 Sep 2021 03:47:23 GMT):
Has joined the channel.

IbrahimBroachwala (Sun, 12 Sep 2021 11:28:00 GMT):
Has joined the channel.

Tkonno (Mon, 13 Sep 2021 00:58:08 GMT):
Has joined the channel.

takehypotenuses (Mon, 13 Sep 2021 01:12:41 GMT):
Has joined the channel.

rsayon (Mon, 13 Sep 2021 04:05:56 GMT):
Has joined the channel.

SahilK 6 (Mon, 13 Sep 2021 04:56:38 GMT):
Can anyone suggest what build settings should I use to generate an iOS app for the Hyperledger Aries Xamarin project? I am able to run the app on a simulator, but get errors while release-build for a device. ``` Error MT5201: Native linking failed. Please review the build log and the user flags provided to gcc: -L../libs/ios -lcrypto -L../libs/ios -lindy -L../libs/ios -lsodium -L../libs/ios -lssl -L../libs/ios -lzmq (MT5201) (SSI.iOS) ```

mianhammad (Mon, 13 Sep 2021 06:35:29 GMT):
Hi Everyone! How can I setup hyperledger caliper for ethereum? Can anyone guide me?

vlaca (Mon, 13 Sep 2021 08:56:34 GMT):
Has joined the channel.

siladu (Mon, 13 Sep 2021 12:45:23 GMT):
Has joined the channel.

Anasalamin (Mon, 13 Sep 2021 13:07:37 GMT):
Hello everyone, i'm trying to issue credential from the latest version of ACA-Py Faber demo but it's not issuing... i have tweaked everything i can trying to get it to work but i couldn't. can the maintainers take this under consideration?

swcurran (Mon, 13 Sep 2021 17:28:43 GMT):
We'll need a lot more detail. We have automated tests that ensure basics like issuing are working, so we'll need details on your setup. Have you submitted an issue related to this?

SargisDudaklyan (Mon, 13 Sep 2021 17:44:12 GMT):
Has joined the channel.

SargisDudaklyan (Mon, 13 Sep 2021 17:46:44 GMT):
Hello :) I am new to the project and I am exploring possibilities. To my understanding Aries can connect to Etherium / Fabric. Are there other supported blockchains that I can consider? I couldn't find docs on this

mukulverm4 (Mon, 13 Sep 2021 18:50:43 GMT):
Has joined the channel.

conanoc (Tue, 14 Sep 2021 01:22:36 GMT):
I wonder why do you think Aries can connect to Ethereum or Fabric. Aries is a framework for Hyperledger Indy.

SargisDudaklyan (Tue, 14 Sep 2021 02:56:34 GMT):
ah. ok i need to do a bit more research before I ask dumb questions :)

ajitspendse (Tue, 14 Sep 2021 04:03:56 GMT):
Has joined the channel.

SahilK 6 (Tue, 14 Sep 2021 06:09:52 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=DENMDQWf73uDCfzub) Can anyone help me with this, please?

Anasalamin (Tue, 14 Sep 2021 06:47:28 GMT):
i have submitted an issue. and i provided details there git clone https://github.com/hyperledger/aries-cloudagent-python cd aries-cloudagent-python/demo LEDGER_URL=http://dev.greenlight.bcovrin.vonx.io ./run_demo faber

Anasalamin (Tue, 14 Sep 2021 06:47:28 GMT):
i have submitted an issue. and i provided details there https://github.com/hyperledger/aries-cloudagent-python/issues/1410

fabio.henriques (Tue, 14 Sep 2021 08:33:39 GMT):
Has joined the channel.

lauravuo-techlab (Tue, 14 Sep 2021 11:34:11 GMT):
Hi all! Our development team at OP Lab has been working with a Hyperledger Aries compatible agency, and we have published the source codes during this summer. The agency has a microservice architecture implemented with GoLang and it includes a WebAuthn enabled web wallet. Communication internally and between agent and client follows gRPC protocol. You can find more information about the project from our announcement post: https://findy-network.github.io/blog/2021/08/11/announcing-findy-agency/ Also documentation and getting started instructions can be found from the project site: https://findy-network.github.io/ Take a peek if you are interested and feedback is of course welcome!

gfunchal (Tue, 14 Sep 2021 12:28:33 GMT):
Has joined the channel.

blessingkp (Tue, 14 Sep 2021 17:15:16 GMT):
Has joined the channel.

hjpn (Tue, 14 Sep 2021 19:10:07 GMT):
Has joined the channel.

troyronda (Tue, 14 Sep 2021 20:34:31 GMT):
AFG 0.1.7: https://github.com/hyperledger/aries-framework-go/releases/tag/v0.1.7

asif123 (Wed, 15 Sep 2021 02:24:24 GMT):
Has joined the channel.

claracavalcante (Wed, 15 Sep 2021 07:46:45 GMT):
Has joined the channel.

fkossiaras (Wed, 15 Sep 2021 09:27:00 GMT):
Has joined the channel.

hjpn (Wed, 15 Sep 2021 09:41:43 GMT):
Has left the channel.

moisesjaramillo (Wed, 15 Sep 2021 16:28:31 GMT):
Has joined the channel.

bobbh (Wed, 15 Sep 2021 16:57:52 GMT):
Has joined the channel.

Alexi (Wed, 15 Sep 2021 19:02:32 GMT):
is the aries working group call happening?

b1conrad (Wed, 15 Sep 2021 19:04:23 GMT):
as I understand, it has been moved 5 hours earlier

Alexi (Wed, 15 Sep 2021 19:06:21 GMT):
oh. So there is no more A and B group? its just one call now? Anyone know why?

Alexi (Wed, 15 Sep 2021 19:06:54 GMT):
thanks for the heads up @b1conrad

CherryHsu (Thu, 16 Sep 2021 02:55:52 GMT):
Has joined the channel.

mnill2 (Thu, 16 Sep 2021 06:21:38 GMT):
Has joined the channel.

kingstenzzz (Thu, 16 Sep 2021 07:04:06 GMT):
Has joined the channel.

smbkd6 (Thu, 16 Sep 2021 15:00:06 GMT):
Has joined the channel.

fabio.henriques (Thu, 16 Sep 2021 15:42:51 GMT):
Has left the channel.

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not accepted by the other agent. `const credentialRecord = await agent.credentials.offerCredential(connectionId, { preview: credentialPreview, credentialDefinitionId: credDefId, comment, }); console.log(credentialRecord.state); // OUTPUT: offer-sent ` When propose from the other agent, I receive a message. What am I doing wrong?

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not accepted by the other agent. `const credentialRecord = await agent.credentials.offerCredential(connectionId, { preview: credentialPreview, credentialDefinitionId: credDefId, comment, }); console.log(credentialRecord.state); // OUTPUT: offer-sent` When propose from the other agent, I receive a message. What am I doing wrong?

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not accepted by the other agent. When propose from the other agent, I receive a message. What am I doing wrong?

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not accepted by the other agent. `const credentialRecord = await agent.credentials.offerCredential(connectionId, { preview: credentialPreview, credentialDefinitionId: credDefId, comment, }); console.log(credentialRecord.state); // OUTPUT: offer-sent` When propose from the other agent, I receive a message. What am I doing wrong?

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not accepted by the other agent. ```const credentialRecord = await agent.credentials.offerCredential(connectionId, { preview: credentialPreview, credentialDefinitionId: credDefId, comment, }); console.log(credentialRecord.state); // OUTPUT: offer-sent``` When propose from the other agent, I receive a message. What am I doing wrong?

MiryangJung (Thu, 16 Sep 2021 15:50:23 GMT):
I'm going to send offer, but it's not reached on the other agent. ```const credentialRecord = await agent.credentials.offerCredential(connectionId, { preview: credentialPreview, credentialDefinitionId: credDefId, comment, }); console.log(credentialRecord.state); // OUTPUT: offer-sent``` When propose from the other agent, I receive a message. What am I doing wrong?

swcurran (Thu, 16 Sep 2021 17:47:00 GMT):
Main reason is that we've had more interest from Europe and no one coming from APAC/NZ/Aus, so we felt the earlier time was better.

aaronrbg (Thu, 16 Sep 2021 18:28:04 GMT):
Has joined the channel.

Jason.Leach (Thu, 16 Sep 2021 23:15:38 GMT):
Hey. Anyone using AFJ? I'm looking for some Agent examples that use the most recent version of AFJ.

Jason.Leach (Thu, 16 Sep 2021 23:16:01 GMT):
I can accept an invitation. I'd like to see the logic to accept a message now.

Jason.Leach (Thu, 16 Sep 2021 23:16:10 GMT):
Pretty new to this.

TimoGlastra (Fri, 17 Sep 2021 07:49:51 GMT):
Hi @jleach 1 are you looking to receive a basic message?

TimoGlastra (Fri, 17 Sep 2021 07:50:17 GMT):
We don't really have examples for that, but I can post some code examples here

vberg 2 (Fri, 17 Sep 2021 08:48:16 GMT):
Has joined the channel.

sharukh (Fri, 17 Sep 2021 11:21:58 GMT):
Has joined the channel.

OscarTBallester (Fri, 17 Sep 2021 13:07:44 GMT):
Has joined the channel.

MullaAlmas (Fri, 17 Sep 2021 14:41:12 GMT):
Has joined the channel.

chikai (Fri, 17 Sep 2021 14:57:07 GMT):
Has joined the channel.

Jason.Leach (Fri, 17 Sep 2021 15:24:10 GMT):
Would be great.

Jason.Leach (Fri, 17 Sep 2021 15:24:32 GMT):
I can receive messages fine. Haven't quite figured out how to accept 'em.

javieronishi (Fri, 17 Sep 2021 16:08:32 GMT):
Has joined the channel.

mollayii (Fri, 17 Sep 2021 16:32:04 GMT):
Has joined the channel.

Jason.Leach (Fri, 17 Sep 2021 16:51:45 GMT):
@TimoGlastra ^

TimoGlastra (Fri, 17 Sep 2021 16:52:45 GMT):
Could you give some extra context on what you’re trying to do?

TimoGlastra (Fri, 17 Sep 2021 16:53:09 GMT):
What do you mean exactly by message? A basic message?

Jason.Leach (Fri, 17 Sep 2021 17:00:45 GMT):
I'm learning about AFJ. Trying the von-network Faber/Alice demo and I can accept the invite, send a message to the Faber agent (basic). Now I'd like to work on receiving a message (basic) and receiving creds.

Jason.Leach (Fri, 17 Sep 2021 17:03:29 GMT):
Struggling a bit to figure out where my logic goes to hook into inbound events like "you've got a message" or "someone sent you creds".

sanskarkhare (Fri, 17 Sep 2021 18:08:04 GMT):
Has joined the channel.

Clippo 2 (Sat, 18 Sep 2021 04:26:19 GMT):
Has joined the channel.

Nufail (Sat, 18 Sep 2021 06:00:23 GMT):
Has joined the channel.

handao (Sat, 18 Sep 2021 06:30:13 GMT):
Has joined the channel.

iros75 (Sat, 18 Sep 2021 20:37:23 GMT):
Has joined the channel.

bardia (Sun, 19 Sep 2021 05:39:03 GMT):
Has joined the channel.

littlemouse (Sun, 19 Sep 2021 05:55:21 GMT):
Has joined the channel.

MrChainBlockz (Sun, 19 Sep 2021 06:52:42 GMT):
Has joined the channel.

arrey_damn (Sun, 19 Sep 2021 09:32:25 GMT):
Has joined the channel.

MiryangJung (Sun, 19 Sep 2021 11:00:07 GMT):
I made an app agent using React Native. Is an mediator essential to receive inbound messages?

TimoGlastra (Sun, 19 Sep 2021 11:21:32 GMT):
Generally yes. It is possible to receive messages without a mediator, but you will only be able to receive messages as a response to messages you send to other agents. The other agent should then also support return routing, so it can respond with a message. So I’d advise you to definitely use a mediator

MiryangJung (Sun, 19 Sep 2021 11:22:46 GMT):
Thank you for your answer.

MiryangJung (Sun, 19 Sep 2021 11:23:06 GMT):
https://github.com/hyperledger/aries-framework-javascript/blob/main/samples/mediator.ts Can I use this?

TimoGlastra (Sun, 19 Sep 2021 11:24:06 GMT):
Yes, if you’re using the latest version of AFJ from NPM you can use it

MiryangJung (Sun, 19 Sep 2021 11:24:42 GMT):
You've helped me too much. Thank you.

TimoGlastra (Sun, 19 Sep 2021 11:25:08 GMT):
Happy to help

TimoGlastra (Sun, 19 Sep 2021 11:25:34 GMT):
I do want to note that I wouldn’t call the mediator production ready yet, as it queues messages in memory

TimoGlastra (Sun, 19 Sep 2021 11:25:51 GMT):
If the agent shuts down all mediated messages are lost

MiryangJung (Sun, 19 Sep 2021 11:26:50 GMT):
Oh, it's a very important fact. I'll keep that in mind.

AmshumaanVarma (Sun, 19 Sep 2021 13:14:41 GMT):
Has joined the channel.

TimoGlastra (Sun, 19 Sep 2021 18:59:57 GMT):
Responding to messages works based on events. You can listen to specific events (such as the `BasicMessageReceived` event). See the example below: ``` agent.events.on(BasicMessageEventTypes.BasicMessageReceived, (event) => { // event.payload.message contains received message console.log(event.payload.message) // event.payload.basicMessageRecord contains the record for the stored message console.log(event.payload.basicMessageRecord) }) ```

jcarlosusa (Mon, 20 Sep 2021 02:47:47 GMT):
Has joined the channel.

cattanep (Mon, 20 Sep 2021 12:44:02 GMT):
Has joined the channel.

Noc0r (Mon, 20 Sep 2021 12:51:47 GMT):
Has joined the channel.

Jason.Leach (Mon, 20 Sep 2021 15:59:31 GMT):
Ty.

chesta0703 (Mon, 20 Sep 2021 18:09:10 GMT):
Has joined the channel.

gravin10 (Mon, 20 Sep 2021 19:36:12 GMT):
Has joined the channel.

Zarquan314 (Tue, 21 Sep 2021 05:23:02 GMT):
Has joined the channel.

gaberasturi (Tue, 21 Sep 2021 07:11:28 GMT):
Hello We are trying to work with revocable credentials. Our environmet is: - VON-NETWORK - Indy-tails-server - ASP CORE Issuer Web Agent - Android Holder Agent When the issuer is registering the schema, credential definition and revocation registry definition in the ledger, we see that at REVOC_REG_DEF on "Tails file location" the URL is done using Issuer Web Agent URL + RevocationRegistryUriPath (/tails) + hash f.e `Tails file location: http://localhost:5010/tails/93kMFCLjSxor5R1V2sAT4vSNfApwsuE9U1FfPLwLrF6s` When we run Indy tails server tests (./manage test) the "Tails file location" in REVOC_REG_DEF records at ledger are, RevocationRegistryUriPath /tails + hash f.e `Tails file location:: tails/G92Lei9p8EiBinjdDguigQDLP4PHGVjz6KqHfJPDTZL7` Whe have two doubts 1. What is the correct URL of "Tails file location"? 2. We see hash files created at Issuer agent filesystem but NOT on the STORAGE-PATH of the Tails Server. We are suppossing that the tails files need to uploaded to Tails Server. Thanks in advanced.

F4NES (Tue, 21 Sep 2021 08:16:36 GMT):
Has joined the channel.

MiryangJung (Tue, 21 Sep 2021 09:43:11 GMT):
The PC(node.js, express.js) agent creates an invitation with http '/invite' and app(RN) agent make connection by open url . The app agent is using an mediator. How can I connect between app agents?

WadeBarnes (Tue, 21 Sep 2021 11:46:34 GMT):
@esune ^

TejaBanton (Tue, 21 Sep 2021 13:50:19 GMT):
Has joined the channel.

hiromaily (Tue, 21 Sep 2021 15:10:46 GMT):
Has joined the channel.

esune (Tue, 21 Sep 2021 15:49:36 GMT):
When creating a creddef that supports revocation, the issuer agent will also create a revocation registry file and an entry to be published on the ledger. You are correct saying that the revocation registry should be uploaded to the tails server: this process should be automatic in aca-py if you have set the `--tails-server-base-url` argument to the base url for the tails server. It sounds like you might be using the .net Aries agent and I am not sure on whether this is handled automatically though.

JonathanScialpi (Tue, 21 Sep 2021 17:42:48 GMT):
Has joined the channel.

MiryangJung (Tue, 21 Sep 2021 18:15:18 GMT):
how can i get schema list and definition list? I try `getDidMetadata[schemas]` but not exist function in aries and indy-sdk.

MiryangJung (Tue, 21 Sep 2021 18:15:18 GMT):
how can i get schema list and definition list? I try `getDidMetadata[schemas]` but not exist function in aries and indy-sdk. > https://github.com/hyperledger/indy-sdk/blob/113b79cd64a238130d20e19b972326f72047c550/wrappers/nodejs/README.md#getdidmetadata--wh-did----metadata

MiryangJung (Tue, 21 Sep 2021 18:18:55 GMT):
how can i get schema list and definition list? I try `getDidMetadata[schemas]` but not exist function in aries and indy-sdk. > https://github.com/hyperledger/indy-sdk/blob/113b79cd64a238130d20e19b972326f72047c550/wrappers/nodejs/README.md#getdidmetadata--wh-did----metadata

scaraclette (Tue, 21 Sep 2021 21:43:44 GMT):
Has joined the channel.

a-i-to (Wed, 22 Sep 2021 06:19:38 GMT):
Has joined the channel.

IgorSim (Wed, 22 Sep 2021 08:22:33 GMT):
Has joined the channel.

kongwu 2 (Wed, 22 Sep 2021 08:50:33 GMT):
Has joined the channel.

bardia (Wed, 22 Sep 2021 09:08:03 GMT):
How do I fix the following error? :tears: This happens when I fail to login 20 times failed to enroll user: enroll failed: enroll failed: Response from server: Error Code: 73 - Incorrect password entered 10 times, max incorrect password limit of 10 reached

kosarlatif (Wed, 22 Sep 2021 10:26:27 GMT):
Has joined the channel.

oding (Wed, 22 Sep 2021 14:21:00 GMT):
Has joined the channel.

CollinMeese (Wed, 22 Sep 2021 16:16:02 GMT):
Has joined the channel.

Andre_Augusto (Wed, 22 Sep 2021 16:27:21 GMT):
Has joined the channel.

PowellAndy (Wed, 22 Sep 2021 17:31:30 GMT):
Has joined the channel.

SamKrew (Wed, 22 Sep 2021 17:52:56 GMT):
Has joined the channel.

mccown (Wed, 22 Sep 2021 20:06:54 GMT):
The Identity Implementer's WG is meeting tomorrow (Sep 23rd @ 9am MT / 3pm UTC). In this call, we will review updates from several SSI industry WGs. This week, Xavier Vila (SICPA) will present an overview of SICPA and their efforts to create and launch new identity solutions. Wiki: https://wiki.hyperledger.org/display/IWG/2021-09-23+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

ssmxmss (Thu, 23 Sep 2021 07:52:49 GMT):
Has joined the channel.

Rafailk (Thu, 23 Sep 2021 08:00:03 GMT):
Has joined the channel.

vonpmg (Thu, 23 Sep 2021 08:31:17 GMT):
Has joined the channel.

gaberasturi (Thu, 23 Sep 2021 10:47:13 GMT):
Thank you very much fot the answer esune.``` Finally we were able to upload the file to the Tails Server but we still don't know the purpose of the "Tails file location" URL in the ledger, i.e., does the prover agent use the URL for revocation worflow, f.e. for "proof of non-revocation"? or is that URL used by someone? ```

gaberasturi (Thu, 23 Sep 2021 10:47:13 GMT):
Thank you very much fot the answer esune. Finally we were able to upload the file to the Tails Server but we still don't know the purpose of the "Tails file location" URL in the ledger, i.e., does the prover agent use the URL for revocation worflow, f.e. for "proof of non-revocation"? or is that URL used by someone?

Anasalamin (Thu, 23 Sep 2021 12:24:42 GMT):
hey there, i'm trying to establish a connection between the mobile agent and ACA-Py using Aries-toolbox. i'm not able to get the credentials notification that were issued from the toolbox. inside the connection object and exactly in raw_repr ` "raw_repr": { "their_did": "PqTuCzVXbA9Sp1ajvguybL", "their_role": "invitee", "updated_at": "2021-09-23 11:56:22.112568Z", "state": "response", "accept": "auto", "created_at": "2021-09-23 11:56:14.797998Z", "their_label": "Aries Bifold", "alias": "", "invitation_key": "E1VXCXpcK2CHp1AcsZ3VXJXwF8pNqkHA6znFaHSmZaoo", "my_did": "Dn5kgCxdw9hF4Uoon6Rqy1", "connection_id": "5ef4a0b0-4640-45d6-95f6-bd15a2a9dbfa", "rfc23_state": "response-sent", "routing_state": "none", "invitation_mode": "once" }`

Anasalamin (Thu, 23 Sep 2021 12:24:42 GMT):
hey there, i'm trying to establish a connection between the mobile agent and ACA-Py using Aries-toolbox. i'm not able to get the credentials notification that were issued from the toolbox. inside the connection object and exactly in "raw_repr" i keep seeing the "state" as "response" do you have any idea what does that mean or how to solve it? `"raw_repr": { "their_did": "PqTuCzVXbA9Sp1ajvguybL", "their_role": "invitee", "updated_at": "2021-09-23 11:56:22.112568Z", "state": "response", "accept": "auto", "created_at": "2021-09-23 11:56:14.797998Z", "their_label": "Aries Bifold", "alias": "", "invitation_key": "E1VXCXpcK2CHp1AcsZ3VXJXwF8pNqkHA6znFaHSmZaoo", "my_did": "Dn5kgCxdw9hF4Uoon6Rqy1", "connection_id": "5ef4a0b0-4640-45d6-95f6-bd15a2a9dbfa", "rfc23_state": "response-sent", "routing_state": "none", "invitation_mode": "once" }`

Anasalamin (Thu, 23 Sep 2021 12:24:42 GMT):
hey there, i'm trying to establish a connection between the mobile agent and ACA-Py using Aries-toolbox. i'm not able to get the credentials notification that were issued from the toolbox. inside the connection object and exactly in "raw_repr" i keep seeing the "state" as "response" do you have any idea what does that mean or how to solve it? ``` json "raw_repr": { "their_did": "PqTuCzVXbA9Sp1ajvguybL", "their_role": "invitee", "updated_at": "2021-09-23 11:56:22.112568Z", "state": "response", "accept": "auto", "created_at": "2021-09-23 11:56:14.797998Z", "their_label": "Aries Bifold", "alias": "", "invitation_key": "E1VXCXpcK2CHp1AcsZ3VXJXwF8pNqkHA6znFaHSmZaoo", "my_did": "Dn5kgCxdw9hF4Uoon6Rqy1", "connection_id": "5ef4a0b0-4640-45d6-95f6-bd15a2a9dbfa", "rfc23_state": "response-sent", "routing_state": "none", "invitation_mode": "once" } ```

Anasalamin (Thu, 23 Sep 2021 12:24:42 GMT):
hey there, i'm trying to establish a connection between the mobile agent and ACA-Py using Aries-toolbox. i'm not able to get the credentials notification that were issued from the toolbox. inside the connection object and exactly in "raw_repr" i keep seeing the "state" as "response" do you have any idea what does that mean or how to solve it? ``` json "raw_repr": { "their_did": "PqTuCzVXbA9Sp1ajvguybL", "their_role": "invitee", "updated_at": "2021-09-23 11:56:22.112568Z", "state": "response", "accept": "auto", "created_at": "2021-09-23 11:56:14.797998Z", "their_label": "Aries Bifold", "alias": "", "invitation_key": "E1VXCXpcK2CHp1AcsZ3VXJXwF8pNqkHA6znFaHSmZaoo", "my_did": "Dn5kgCxdw9hF4Uoon6Rqy1", "connection_id": "5ef4a0b0-4640-45d6-95f6-bd15a2a9dbfa", "rfc23_state": "response-sent", "routing_state": "none", "invitation_mode": "once" } ``` PS: it's perfectly working between two ACA-Py agents and the "state" usually is "active"

Anasalamin (Thu, 23 Sep 2021 12:24:42 GMT):
hey there, i'm trying to establish a connection between the mobile agent and ACA-Py using Aries-toolbox. i'm not able to get the credentials notification that were issued from the toolbox. inside the connection object and exactly in "raw_repr" i keep seeing the "state" as "response" do you have any idea what does that mean or how to solve it? ``` json "raw_repr": { "their_did": "PqTuCzVXbA9Sp1ajvguybL", "their_role": "invitee", "updated_at": "2021-09-23 11:56:22.112568Z", "state": "response", "accept": "auto", "created_at": "2021-09-23 11:56:14.797998Z", "their_label": "Aries Bifold", "alias": "", "invitation_key": "E1VXCXpcK2CHp1AcsZ3VXJXwF8pNqkHA6znFaHSmZaoo", "my_did": "Dn5kgCxdw9hF4Uoon6Rqy1", "connection_id": "5ef4a0b0-4640-45d6-95f6-bd15a2a9dbfa", "rfc23_state": "response-sent", "routing_state": "none", "invitation_mode": "once" } ``` PS: it's perfectly working between two ACA-Py agents and the "state" is "active"

GiovanniZanol (Thu, 23 Sep 2021 12:41:37 GMT):
Has joined the channel.

Nabil-oussa (Thu, 23 Sep 2021 15:33:16 GMT):
Hi all,How are you? I trust all is well. Our goal is to replace the signature type in aries-cloudagent-python, i.e. replace CL with BBS+ Signature. After several research, we have seen that there are code implementations of the BBS+ Signature in "aries-cloudagent-python". Could you tell me more? Is there a way to do this subtitution ? If yes, how ? Thank you very much in advance !

Nabil-oussa (Thu, 23 Sep 2021 15:33:16 GMT):
Hi all. Our goal is to replace the signature type in aries-cloudagent-python, i.e. replace CL with BBS+ Signature. After several research, we have seen that there are code implementations of the BBS+ Signature in "aries-cloudagent-python". Could you tell me more? Is there a way to do this subtitution ? If yes, how ? Thank you very much in advance !

JamesEbert (Thu, 23 Sep 2021 15:38:24 GMT):
The would mean that it's correctly sending the connection response to the mobile agent, however if the mobile agent doesn't receive it and reply with a trust ping or other message then the connection will remain inactive from the Aries Toolbox POV. The issue I've ran into here the most is not receiving the message appropriately from the mediator. If your mobile agent is Bifold I'd be happy to help offer additional guidance :)

danielpenagos (Thu, 23 Sep 2021 15:38:31 GMT):
Has joined the channel.

swcurran (Thu, 23 Sep 2021 17:04:15 GMT):
It's there and supported. Today, there are no wallets that support it, but you can do it ACA-Py to ACA-Py and ACA-Py to AF-Go. Work is beginning on support for BBS+ in Aries Framework JavaScript, and from there into wallets. To try it out in ACA-Py, take a look at the demo using this guidance: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AliceWantsAJsonCredential.md

swcurran (Thu, 23 Sep 2021 17:05:14 GMT):
Are you able to share what you are working on?

raushan.kumar (Thu, 23 Sep 2021 17:10:54 GMT):
Has joined the channel.

esune (Thu, 23 Sep 2021 17:15:24 GMT):
Verifier agents need access to the tails file in order to check the revocation state of the credential. The URL on the ledger tells verifiers where to go get the tails file for that revocation registry: the URL on the ledger should match the URL you would use to download the tails file from the tails server (or other hosting mechanism of choice).

Anasalamin (Fri, 24 Sep 2021 06:51:19 GMT):
yes it's BiFold. i'm using the public mediator from https://indicio-tech.github.io/mediator/

lcc 3 (Fri, 24 Sep 2021 06:51:23 GMT):
Has joined the channel.

Bertho (Fri, 24 Sep 2021 10:23:54 GMT):
Has joined the channel.

lainio (Fri, 24 Sep 2021 11:47:07 GMT):
Has joined the channel.

lainio (Fri, 24 Sep 2021 11:57:38 GMT):
Hi! If anyone listens who could add missing recordings to Aries Working Group Calls, it would be superb. Several of this year's meetings are missing them.

alvarodelaiglesia (Fri, 24 Sep 2021 13:40:38 GMT):
Has joined the channel.

t3x (Fri, 24 Sep 2021 13:48:28 GMT):
Has joined the channel.

ArnoldsBogdanovs (Fri, 24 Sep 2021 14:06:53 GMT):
Has joined the channel.

Nabil-oussa (Fri, 24 Sep 2021 14:15:03 GMT):
@swcurran Think you very much for your response and help. Our purposes is to have BBS+ in ACA–Py instead CL signature as in credential-definitions function as in this JSON { "credential_definition_id": "4kfmXB6jB2jB5Knt7uskb6:3:CL:8326:Vacc 1" } The question how we can configure the wallet’s ACA-Py to support the BBS+ signature. Thanks!

spandolfi (Fri, 24 Sep 2021 14:32:00 GMT):
Has joined the channel.

swcurran (Fri, 24 Sep 2021 14:38:51 GMT):
You can read how ACA-Py supports JSON-LD VCs in general and BBS+ support in this document: https://github.com/hyperledger/aries-cloudagent-python/blob/main/JsonLdCredentials.md With BBS+ VCs, there is no Credential Definition object per se as it is dynamically generated as needed.

JNeedham (Fri, 24 Sep 2021 15:05:16 GMT):
Has joined the channel.

morticianmili (Fri, 24 Sep 2021 16:58:48 GMT):
Has joined the channel.

morticianmili (Fri, 24 Sep 2021 16:58:48 GMT):
nonce

shadownetz (Sat, 25 Sep 2021 01:32:11 GMT):
Has joined the channel.

mohammed.alzuharey (Sat, 25 Sep 2021 11:11:57 GMT):
Has joined the channel.

chesta (Sat, 25 Sep 2021 13:34:38 GMT):
Has joined the channel.

PeterSkogh (Sat, 25 Sep 2021 20:33:01 GMT):
Has joined the channel.

GergelyLengyel (Sat, 25 Sep 2021 21:49:32 GMT):
Has joined the channel.

GergelyLengyel (Sat, 25 Sep 2021 21:54:28 GMT):
Has left the channel.

sasschicken69 (Sun, 26 Sep 2021 11:36:44 GMT):
Has joined the channel.

brandongomezsanchez (Mon, 27 Sep 2021 00:45:04 GMT):
Has joined the channel.

Adisa123 (Mon, 27 Sep 2021 04:38:33 GMT):
Has joined the channel.

Anasalamin (Mon, 27 Sep 2021 06:41:29 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=icr6AQ6pBA77zhM5k) ..

karayel (Mon, 27 Sep 2021 07:35:19 GMT):
Has joined the channel.

gaberasturi (Mon, 27 Sep 2021 09:47:40 GMT):
Thank you very much for your explanation @esune !

adn-misa (Mon, 27 Sep 2021 09:58:22 GMT):
Has joined the channel.

adn-misa (Mon, 27 Sep 2021 11:16:57 GMT):
Hi everyone, I’m trying to implement the following use case: A prover generates a QR code from any verifiable credential to present a proof to others. Verifiers scans the QR code and verify the validity of the verifiable credential. This use case is useful for places that have doors with QR scanner implemented (train, airports) and it would make it easier for people with physical contact to show proof (e.g. entry of a club for age or vaccination verification). For usability, it should be possible for users to present proof either over a connection for case like authentication on web services but also a connectionless one for physical interaction with other where verifiers only need to scan the QR code of the prover. I thought to use the Out Of Band protocol with an attached Propose-Presentation message but I am not sure if that is possible. Or could it be envisioned to only send a Presentation message?

sapthasurendran (Mon, 27 Sep 2021 12:51:28 GMT):
Has joined the channel.

swcurran (Mon, 27 Sep 2021 13:33:33 GMT):
I agree with you on the Proposal -- I think that is the way to go. It does mean that there are 3 messages flowing, but I think it is the "right" way to do that use case. Very interested in how it goes.

adn-misa (Mon, 27 Sep 2021 14:12:36 GMT):
I will see how it goes but i think there should also be a possibility for a prover to present their proofs while being offline (no internet connection, etc.). There is also the concern of speed of verification which needs to be acceptable but i will see it during my tests.

swcurran (Mon, 27 Sep 2021 14:24:05 GMT):
Yup...same thoughts. We've not tried just sending presentation without a request, but something to be considered. Not sure how the nonce would be handled.

weiiv (Mon, 27 Sep 2021 15:00:56 GMT):
Has joined the channel.

Nabil-oussa (Mon, 27 Sep 2021 15:05:07 GMT):
@swcurran, Think you very much for your response and help!

srihari.r (Mon, 27 Sep 2021 15:38:03 GMT):
Has joined the channel.

HokitTang (Tue, 28 Sep 2021 02:18:02 GMT):
Has joined the channel.

Oznfc (Tue, 28 Sep 2021 08:33:26 GMT):
Has joined the channel.

XM.Jin (Tue, 28 Sep 2021 08:47:37 GMT):
Has joined the channel.

SamRutten (Tue, 28 Sep 2021 10:09:16 GMT):
Has joined the channel.

ranjan_paul (Tue, 28 Sep 2021 13:16:15 GMT):
Has joined the channel.

fethbita (Tue, 28 Sep 2021 14:36:33 GMT):
Using von network browser, how can I query 1 record by record number? https://github.com/bcgov/von-network

fethbita (Tue, 28 Sep 2021 14:56:48 GMT):
I ended up using `/schemas/{schema_id}` from aca-py instead

andrew.whitehead (Tue, 28 Sep 2021 15:10:25 GMT):
You can actually, for example fetching `/ledger/domain/5` returns transaction ID 5 in JSON

fethbita (Tue, 28 Sep 2021 15:11:10 GMT):
Ah that's awesome, I've been looking at the queries but that's great. Thank you Andrew

kylegrobinson (Tue, 28 Sep 2021 17:28:47 GMT):
Has joined the channel.

weiiv (Wed, 29 Sep 2021 14:20:01 GMT):
Has left the channel.

matheus27 (Wed, 29 Sep 2021 20:14:39 GMT):
Has joined the channel.

Parthavs (Thu, 30 Sep 2021 01:01:58 GMT):
Has joined the channel.

barnold (Thu, 30 Sep 2021 13:43:27 GMT):
Has joined the channel.

Junior22 (Thu, 30 Sep 2021 17:35:14 GMT):
Hi everyone, please i need you help. I'm using the demos (alice, faber) with docker and i was trying to do a get (using requests in python) to a server using rest services (localhost:3000) in the alice agent code. I get a ConnectionError exception (Failed to establish a new connection: [Errno 111] Connection refused',)). I think the problem is that i'm trying to use requests inside the docker container, what should i modify to solve this error?

Junior22 (Thu, 30 Sep 2021 17:36:51 GMT):
Probably docker doesn't let me connect to localhost:3000, because if i run a simple python program or i use curl it works perfectly

NkNs (Thu, 30 Sep 2021 18:23:32 GMT):
Has joined the channel.

AdrianAvila (Thu, 30 Sep 2021 21:32:58 GMT):
Has joined the channel.

JagannathAlur (Fri, 01 Oct 2021 01:11:21 GMT):
Has joined the channel.

JamesEbert (Fri, 01 Oct 2021 05:29:26 GMT):
We've helped with some work for offline verification--the biggest challenge is with the transport from my POV, with Bluetooth being likely a good mechanism here. So this ideally would allow you to still exchange multiple messages, which would allow you to use the presentation protocols as we traditionally do.

lainio (Fri, 01 Oct 2021 07:07:20 GMT):
I wrote a blog post about our team's work with SSI technology. Check it out! You might find it interesting if you are onto gRPC, WebAuthn, polyglot, microservices, cloud-first, Docker, and DIDComm. https://findy-network.github.io/blog/2021/09/08/travelogue/

bardia (Fri, 01 Oct 2021 10:10:49 GMT):
Has left the channel.

AnuragKumar_10 (Fri, 01 Oct 2021 11:16:53 GMT):
Has joined the channel.

anilhelvaci (Fri, 01 Oct 2021 11:23:28 GMT):
Has joined the channel.

dmckay (Fri, 01 Oct 2021 14:11:13 GMT):
Has joined the channel.

geekcharming (Fri, 01 Oct 2021 16:45:31 GMT):
Has joined the channel.

azhang919 (Fri, 01 Oct 2021 17:26:38 GMT):
Has joined the channel.

mahnoormmalik (Fri, 01 Oct 2021 17:32:26 GMT):
Has joined the channel.

CrystalChun (Fri, 01 Oct 2021 17:35:32 GMT):
Has joined the channel.

imchaves10 (Fri, 01 Oct 2021 19:10:33 GMT):
Has joined the channel.

Leeyoungone (Fri, 01 Oct 2021 23:09:16 GMT):
Has joined the channel.

elenipartakki (Fri, 01 Oct 2021 23:24:02 GMT):
Has joined the channel.

guri (Sat, 02 Oct 2021 04:10:58 GMT):
Has joined the channel.

Z3R0097 (Sat, 02 Oct 2021 06:22:58 GMT):
Has joined the channel.

RakshitaKaulgud (Sat, 02 Oct 2021 18:42:24 GMT):
Has joined the channel.

fallenvalkyrie17 (Sat, 02 Oct 2021 19:14:15 GMT):
Has joined the channel.

OmarKhodr (Sun, 03 Oct 2021 06:52:57 GMT):
Has joined the channel.

quyenld176859 (Sun, 03 Oct 2021 08:39:27 GMT):
Has joined the channel.

DanielHaren1 (Sun, 03 Oct 2021 11:42:34 GMT):
Has joined the channel.

Pankaj_1 (Mon, 04 Oct 2021 06:31:48 GMT):
Has joined the channel.

glehmann (Mon, 04 Oct 2021 07:05:34 GMT):
Has joined the channel.

Priyadaharan107 (Mon, 04 Oct 2021 17:20:07 GMT):
Has joined the channel.

analia_meira (Mon, 04 Oct 2021 18:17:47 GMT):
Has joined the channel.

ringo156 (Tue, 05 Oct 2021 04:18:42 GMT):
Has joined the channel.

sbyits (Tue, 05 Oct 2021 05:04:25 GMT):
Has joined the channel.

shanest (Tue, 05 Oct 2021 06:26:06 GMT):
i'm running VON by checkout into von_network repo and ./manage start; all 4 nodes are up and running on my localhost:9000 but load seemed to take few minutes on every page / mouse click. Is this normal?

swcurran (Tue, 05 Oct 2021 14:50:06 GMT):
@WadeBarnes -- any ideas on this?

swcurran (Tue, 05 Oct 2021 14:50:24 GMT):
Definitely not anything I've seen, but I don't often use the web page.

WadeBarnes (Tue, 05 Oct 2021 15:24:49 GMT):
The web pages are responsive for me. I don't have that same issue. The only time I've seem, minor, delays on the pages is when scrolling through transactions when connected to a large remove ledger.

WadeBarnes (Tue, 05 Oct 2021 15:24:49 GMT):
The web pages are responsive for me. I don't have that same issue. The only time I've seen, minor, delays on the pages is when scrolling through transactions when connected to a large remove ledger.

WadeBarnes (Tue, 05 Oct 2021 15:25:44 GMT):
@shanest, what sort of resources does your docker setup have allocated to it?

shanest (Tue, 05 Oct 2021 16:16:21 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=55E37o3KKvKhmJGLW) I'm running Native Ubuntu 20.04, AMD Ryzen 5000 with 16GB ram machine. No VM.

WadeBarnes (Tue, 05 Oct 2021 16:17:30 GMT):
Are the resources allocated to docker being limited?

shanest (Tue, 05 Oct 2021 16:22:12 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=RG5xXevwdmq5MyYdu) I'll check on that and get back to you.

michaelblack117 (Tue, 05 Oct 2021 16:45:41 GMT):
When doing apt-get install libindy I’m getting an error here: RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 RUN add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic rc" With this error message: E: The repository 'https://repo.sovrin.org/sdk/deb bionic Release' no longer has a Release file. Any ideas on how to fix this?

shanest (Tue, 05 Oct 2021 17:05:17 GMT):

docker stats

shanest (Tue, 05 Oct 2021 17:07:14 GMT):
it's the default installation. I have not changed any limit. The situation has improved slightly but still took around 20-30 seconds on refresh

shivamraj6288 (Tue, 05 Oct 2021 19:51:47 GMT):
Has joined the channel.

conanoc (Wed, 06 Oct 2021 00:56:13 GMT):
Try "stable" instead of "rc".

guidam (Wed, 06 Oct 2021 08:22:46 GMT):
Has joined the channel.

hugebing (Wed, 06 Oct 2021 09:05:33 GMT):
Has joined the channel.

guidam (Wed, 06 Oct 2021 09:51:52 GMT):
Hi, I have some interrogations regarding the visibility of the fields in the different exchanged objetcs. Indeed, i have a scenario where i send a proof request with "{{VERIFIER_HOST_URL}}/present-proof/send-request", then I check the proof requests of the verifier with "{{VERIFIER_HOST_URL}}/present-proof/records". As the proof request was not yet "accepted" I would expect the "requested_attributes" not to be visible but it turns out that they are visible. Is it a normal behaviour?

Oznfc (Wed, 06 Oct 2021 11:24:43 GMT):
i'm running Von but ı have error. ``` Error Initializing pool ledger ```

mtfk (Wed, 06 Oct 2021 12:59:59 GMT):
Today on Aries call we would like to take a look on the topic related with data provenance log which gains more traction in different communities to address not only key provenance logs (DID) but as well any data flows including systems like git or event sourcing. The call starts in ~1h. https://wiki.hyperledger.org/display/ARIES/2021-10-06+Aries+Working+Group+Call

x6ein (Wed, 06 Oct 2021 20:52:18 GMT):
Has joined the channel.

CristianLorenzetto (Thu, 07 Oct 2021 06:05:40 GMT):
Has joined the channel.

damianlluch (Thu, 07 Oct 2021 08:56:44 GMT):
Has joined the channel.

Aneesha (Thu, 07 Oct 2021 08:59:11 GMT):
Has joined the channel.

WadeBarnes (Thu, 07 Oct 2021 11:36:53 GMT):
Can you try increasing the memory allocated to Docker?

eugenluft (Thu, 07 Oct 2021 12:08:36 GMT):
Has joined the channel.

eugenluft (Thu, 07 Oct 2021 12:10:04 GMT):
Hi all - I'm just wondering if an agent needs a connection to the ledger as an author. When trying to create a schema with the Author agent, I get an error message that "No ledger available". I expected the author would work with --no-ledger

mccown (Thu, 07 Oct 2021 13:38:44 GMT):
The Identity Implementer's WG for today (Oct 7th) has been cancelled. Enjoy IIW next week and I look forward to seeing you in our next meeting on Oct 21st!

ianco (Thu, 07 Oct 2021 17:08:22 GMT):
You need a ledger to create a schema (or credential definition or revocation registry). Even once the data is written to the ledger, if you want to issue or verify credentials you need a ledger connection to read the appropriate information from the ledger

ianco (Thu, 07 Oct 2021 17:09:23 GMT):
An `author` role (vs `endorser`) just means the agent can't write to the ledger, unless they get the transaction endorsed by an endorser

ianco (Thu, 07 Oct 2021 17:10:07 GMT):
PS this all relates to Indy credentials. If you are using json-ld then you don't need a ledger

swcurran (Thu, 07 Oct 2021 17:29:28 GMT):
Further -- the common model is that the author create the transaction, send it for endorsement, get it back signed and then execute the transaction. That way, the author knows when the transaction is written to the ledger.

ianco (Thu, 07 Oct 2021 17:32:43 GMT):
(Although there is the option for the author to ask the endorser to write the ledger transaction)

jyfregramer (Thu, 07 Oct 2021 17:45:05 GMT):
Has joined the channel.

swcurran (Thu, 07 Oct 2021 20:26:38 GMT):
On today's AFJ Weekly call there was a discussion about the need for "a mediator for AFJ" for deploying an AFJ-based wallet. I've talked to a few people about this and I think the requirement is that we create a new repo "aries-mediator-service" that would work kind of like VON Network -- e.g. it is basically a configurable dockerfile with a mediator configuration for a released version of framework, some "manage" scripts to make it easy to build and deploy, especially for development/testing and (going further than VON Network) scripts/guidance for deploying in production. What shouldn't matter to those deploying the mediator is what Aries Framework is built upon. That is an internal detail that should be based on the technical goals of creating this new repo, notably (in order of importance): - Scalable and performant for large use cases -- ideally supporting millions of wallets. - Easy to implement - Capable of supporting additional services that might be added to mediators -- e.g. backup storage for example. Based on the discussions I've had over the last little while, I think (but am open to discussion) ACA-Py is likely the most ready to start with, based on these assumptions. - Long term, the performance is likely to be as good as any other. - ACA-Py is the most complete today -- e.g. the least amount to be needed (e.g. ability to run in k8s for scalability, scalable persistence support, etc.) - As long as the API to the mediator remains consistent, internal changes can be made to swap in a better solution (e.g. a mediator specific code base) - It would take just a couple of days to have this repo created and available for use with documentation for anyone to deploy and use. Please reply to this with your thoughts on this. Is there a better solution? Are the assumptions above wrong? Are there more requirements? Is there a good reason to have a per framework mediator solution? Thanks @TimoGlastra @andrew.whitehead @ianco @JamesEbert @dbluhm @TelegramSam @victor.martinez @tomislav @CHempel @moosops @darrell.odonnell @dave.mckay

swcurran (Thu, 07 Oct 2021 20:26:38 GMT):
On today's AFJ Weekly call there was a discussion about the need for "a mediator for AFJ" for deploying an AFJ-based wallet. I've talked to a few people about this and I think the requirement is that we create a new repo "aries-mediator-service" that would work kind of like VON Network -- e.g. it is basically a configurable dockerfile with a mediator configuration for a released version of an Aries framework, some "manage" scripts to make it easy to build and deploy, especially for development/testing and (going further than VON Network) scripts/guidance for deploying in production. What shouldn't matter to those deploying the mediator is what Aries Framework is as the basis of the aries-mediator-service. That is an internal detail that should be based on the technical goals of creating this new repo, notably (in order of importance): - Scalable and performant for large use cases -- ideally supporting millions of wallets. - Easy to implement - Capable of supporting additional services that might be added to mediators -- e.g. backup storage for example. Based on the discussions I've had over the last little while, I think (but am open to discussion) ACA-Py is likely the most ready to start with, based on these assumptions. - Long term, the performance is likely to be as good as any other. - ACA-Py is the most complete today -- e.g. the least amount to be needed (e.g. ability to run in k8s for scalability, scalable persistence support, etc.) - As long as the API to the mediator remains consistent, internal changes can be made to swap in a better solution (e.g. a mediator specific code base) - It would take just a couple of days to have this repo created and available for use with documentation for anyone to deploy and use. Please reply to this with your thoughts on this. Is there a better solution? Are the assumptions above wrong? Are there more requirements? Is there a good reason to have a per framework mediator solution? Thanks @TimoGlastra @andrew.whitehead @ianco @JamesEbert @dbluhm @TelegramSam @victor.martinez @tomislav @CHempel @moosops @darrell.odonnell @dave.mckay

swcurran (Thu, 07 Oct 2021 20:26:38 GMT):
On today's AFJ Weekly call there was a discussion about the need for "a mediator for AFJ" for deploying an AFJ-based wallet. I've talked to a few people about this and I think the requirement is that we create a new repo "aries-mediator-service" that would work kind of like VON Network -- e.g. it is basically a configurable dockerfile with a mediator configuration for a released version of an Aries framework, some "manage" scripts to make it easy to build and deploy, especially for development/testing and (going further than VON Network) scripts/guidance for deploying in production. What shouldn't matter to those deploying the mediator is what Aries Framework is the basis of the aries-mediator-service. That is an internal detail that should be based on the technical goals of creating this new repo, notably (in order of importance): - Scalable and performant for large use cases -- ideally supporting millions of wallets. - Easy to implement - Capable of supporting additional services that might be added to mediators -- e.g. backup storage for example. Based on the discussions I've had over the last little while, I think (but am open to discussion) ACA-Py is likely the most ready to start with, based on these assumptions. - Long term, the performance is likely to be as good as any other. - ACA-Py is the most complete today -- e.g. the least amount to be needed (e.g. ability to run in k8s for scalability, scalable persistence support, etc.) - As long as the API to the mediator remains consistent, internal changes can be made to swap in a better solution (e.g. a mediator specific code base) - It would take just a couple of days to have this repo created and available for use with documentation for anyone to deploy and use. Please reply to this with your thoughts on this. Is there a better solution? Are the assumptions above wrong? Are there more requirements? Is there a good reason to have a per framework mediator solution? Thanks @TimoGlastra @andrew.whitehead @ianco @JamesEbert @dbluhm @TelegramSam @victor.martinez @tomislav @CHempel @moosops @darrell.odonnell @dave.mckay

moosops (Thu, 07 Oct 2021 20:26:38 GMT):
Has joined the channel.

dave.mckay (Thu, 07 Oct 2021 20:26:38 GMT):
Has joined the channel.

nataliasofia (Thu, 07 Oct 2021 20:29:22 GMT):
Has joined the channel.

timbl (Thu, 07 Oct 2021 20:58:47 GMT):
Has joined the channel.

swcurran (Thu, 07 Oct 2021 21:28:02 GMT):
Andrew wrote a HacMD doc with some background on mediators and deeper technical requirements. https://hackmd.io/0Hv6ZezVT960sZHwJNpDZw?view

swcurran (Thu, 07 Oct 2021 21:28:02 GMT):
Andrew wrote a HackMD doc with some background on mediators and deeper technical requirements. https://hackmd.io/0Hv6ZezVT960sZHwJNpDZw?view

yianco (Thu, 07 Oct 2021 22:28:22 GMT):
Has joined the channel.

ThinCrusts (Fri, 08 Oct 2021 01:37:33 GMT):
Has joined the channel.

stephaneJ (Fri, 08 Oct 2021 07:50:44 GMT):
Has joined the channel.

eugenluft (Fri, 08 Oct 2021 10:25:20 GMT):
Thanks @swcurran @ianco !

eugenluft (Fri, 08 Oct 2021 10:25:23 GMT):
My expectation was that the author could outsource all communication to the ledger to the "endorser". If I understand correctly, this is not the model, however, the author currently always needs a connection to the ledger. What exactly does it have to do with the flag "Create Transaction For Endorser's signature" when creating the schema? And POST /transactions/create-request "Endorser will write the transaction after endorsing it" ?

eugenluft (Fri, 08 Oct 2021 10:45:58 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=Ho94J46Ah22aLTeZh) Right - why does the author need to Ledger in this flow?

stephaneJ (Fri, 08 Oct 2021 13:49:43 GMT):
Hi everyone ! I'm testing Alice/Faber's demo with docker and I try to running the following request: /request-presentation-2.0/{pres_ex_id}/send-presentation But it return this reponse : 404: pres_ex_v20 record not found: XXX WalletItemNotFound. I take the pres_ex_id from the Faber's request /send-request and it doesn't work. Thanks !

Camilo12987 (Fri, 08 Oct 2021 15:21:30 GMT):
Has joined the channel.

andrew.whitehead (Fri, 08 Oct 2021 15:52:34 GMT):
@s.weidenbach

jackmacloud (Sat, 09 Oct 2021 06:35:59 GMT):
Has joined the channel.

jackmacloud (Sat, 09 Oct 2021 06:38:33 GMT):
Hi everyone! I'm compiling aries-framework-go using the “make all“ command。But I had a problem：

jackmacloud (Sat, 09 Oct 2021 06:39:06 GMT):
----> executing aries-js-worker tests > aries-js-worker-test@0.1.0 test /root/aries-framework-go/test/aries-js-worker > bash scripts/setup_assets.sh && node init.js && karma start cp: cannot stat ‘node_modules/@hyperledger/aries-framework-go/dist/assets/*’: No such file or directory gzip: public/aries-framework-go/assets/aries-js-worker.wasm.gz: No such file or directory

jackmacloud (Sat, 09 Oct 2021 06:46:04 GMT):
Because In the file "aries-framework-go\test\aries-js-worker\scripts\setup_assets.sh", There is such a line of code： "cp -Rp node_modules/@hyperledger/aries-framework-go/dist/assets/* public/aries-framework-go/assets" But there is no "@hyperleger" in my "node_modules" path。 Who can tell me what to do?

jackmacloud (Mon, 11 Oct 2021 02:05:34 GMT):
hi there！I have a doubt: Two agents: agentA and agentB. How does agentA find agentB during DIDComm? Is it through other P2P networks?

Bhawikchawda (Mon, 11 Oct 2021 06:49:17 GMT):
Has joined the channel.

OmarSaad (Mon, 11 Oct 2021 07:07:52 GMT):
Has joined the channel.

Sa_Block98 (Mon, 11 Oct 2021 14:01:59 GMT):
Has joined the channel.

chris2222 (Mon, 11 Oct 2021 14:07:16 GMT):
Has joined the channel.

moorada (Mon, 11 Oct 2021 15:38:16 GMT):
Has joined the channel.

MANARKASSOU (Mon, 11 Oct 2021 20:17:03 GMT):
Has joined the channel.

JoseeeM (Mon, 11 Oct 2021 22:04:27 GMT):
Has joined the channel.

zero0097 (Tue, 12 Oct 2021 04:50:24 GMT):
Has joined the channel.

PrasadKatkar (Tue, 12 Oct 2021 07:23:56 GMT):
Has joined the channel.

prasadmnd (Tue, 12 Oct 2021 09:49:02 GMT):
Has joined the channel.

WeCanBeFriends (Tue, 12 Oct 2021 14:38:02 GMT):
Has joined the channel.

frostyfrog (Tue, 12 Oct 2021 20:23:39 GMT):
Has joined the channel.

conanoc (Wed, 13 Oct 2021 01:40:49 GMT):
You'd better use aries-go channel.

conanoc (Wed, 13 Oct 2021 01:44:23 GMT):
You are asking how agentA know the endpoint of agentB. Take a look at this: https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0005-didcomm#rough-overview

shanest (Wed, 13 Oct 2021 03:13:39 GMT):
@WadeBarnes I figured the issue could have been browser related. A colleague of mine resolved the issue by updating Chrome browser while I fixed mine by switching to Firefox. Thanks!

axays007 (Wed, 13 Oct 2021 05:22:53 GMT):
Has joined the channel.

FrancescoUrbano (Wed, 13 Oct 2021 08:01:18 GMT):
Has joined the channel.

s.weidenbach (Wed, 13 Oct 2021 09:30:22 GMT):
Thanks for picking up that topic! Andrews summary is very helpful. The missing mobile notification (Firebase / APNs) feature was the main reason that prevented us from using ACAPy as a medation agent and so we are going with AF for .net. Because AF for .net does not make use of Askar yet (afaik) we are bound to the experimental postgres feature in Indy. There are 4 strategies that we tested: DatabasePerWallet (load scaling is good but postgres initial db size is 8 MB. Not reliable for multi-million edge wallets) MultiWalletSingleTable (bad load scaling with increasing connections), MultiWalletSingleTableSharedPool (bad load sclaing with increasing connections), MultiWalletMultiTable (not implemented) We are currently evaluating our own implementation of "MultiWalletMultiTable" that keeps all tables in the same DB but puts the edge wallet name as suffix. If that works good, we will prepare a PR for that. Thoughts and feedback very welcome.

WadeBarnes (Wed, 13 Oct 2021 12:30:57 GMT):
Thanks for following up.

Ilikecodes (Wed, 13 Oct 2021 17:04:56 GMT):
Has joined the channel.

priamv (Wed, 13 Oct 2021 18:11:35 GMT):
Has joined the channel.

Dazpel (Wed, 13 Oct 2021 18:19:00 GMT):
Has joined the channel.

rolandtyler (Wed, 13 Oct 2021 20:43:37 GMT):
Has joined the channel.

bs (Wed, 13 Oct 2021 21:07:42 GMT):
Has joined the channel.

shanest (Thu, 14 Oct 2021 06:28:12 GMT):
I'm still new and trying to figure things out. What is the best way to include aca-py inside Docker? adding 'aries-cloudagent' inside requirements.txt or using docker image from https://github.com/bcgov/aries-cloudagent-container? sorry if my question doesn't make sense but my understanding that this is the "clone" of original framework which will be pulled from docker hub while the former is pulled from pip :/

alekseishcherbin (Thu, 14 Oct 2021 07:22:56 GMT):
Has joined the channel.

iorveth (Thu, 14 Oct 2021 08:51:06 GMT):
Has joined the channel.

FrancescoMemola (Thu, 14 Oct 2021 09:50:57 GMT):
Has joined the channel.

thejas.pavithran (Thu, 14 Oct 2021 14:35:31 GMT):
Has joined the channel.

EC983 (Thu, 14 Oct 2021 19:02:10 GMT):
Has joined the channel.

hyper-curious (Fri, 15 Oct 2021 02:06:15 GMT):
Has joined the channel.

spaturu2305 (Fri, 15 Oct 2021 02:47:16 GMT):
Has joined the channel.

natedl98 (Sat, 16 Oct 2021 03:22:50 GMT):
Has joined the channel.

NaufalAlexander (Sat, 16 Oct 2021 04:26:33 GMT):
Has joined the channel.

kondo (Sat, 16 Oct 2021 05:05:52 GMT):
Has joined the channel.

ThomasTeo (Sat, 16 Oct 2021 08:09:32 GMT):
Has joined the channel.

AyhanSunar (Sat, 16 Oct 2021 14:12:31 GMT):
Has joined the channel.

hellboy03 (Sat, 16 Oct 2021 18:18:02 GMT):
Has joined the channel.

kdahya (Sun, 17 Oct 2021 02:50:45 GMT):
Has joined the channel.

sagarmylavarapu (Sun, 17 Oct 2021 10:26:43 GMT):
Has joined the channel.

manvendra (Sun, 17 Oct 2021 19:19:42 GMT):
Has joined the channel.

lfklupp (Mon, 18 Oct 2021 03:15:52 GMT):
Has joined the channel.

John.Greenan (Mon, 18 Oct 2021 04:38:47 GMT):
Has joined the channel.

indong (Mon, 18 Oct 2021 06:08:00 GMT):
Has joined the channel.

starjara (Mon, 18 Oct 2021 08:10:16 GMT):
Has joined the channel.

lev_jac (Mon, 18 Oct 2021 09:50:26 GMT):
Has joined the channel.

hossein.namazian (Mon, 18 Oct 2021 15:30:32 GMT):
Has joined the channel.

lawrenceabeyta (Mon, 18 Oct 2021 21:53:11 GMT):
Has joined the channel.

Vanderscycle (Mon, 18 Oct 2021 22:30:20 GMT):
Has joined the channel.

multijik (Tue, 19 Oct 2021 03:18:18 GMT):
Has joined the channel.

pattycode (Tue, 19 Oct 2021 05:03:11 GMT):
Has joined the channel.

indongkim (Tue, 19 Oct 2021 06:29:53 GMT):
Has joined the channel.

amitchandra01 (Tue, 19 Oct 2021 08:08:24 GMT):
Has joined the channel.

mateokurti (Tue, 19 Oct 2021 08:41:26 GMT):
Has joined the channel.

Luis_Manuel_Cortes_Tirado (Tue, 19 Oct 2021 10:43:46 GMT):
Has joined the channel.

EliasKim (Tue, 19 Oct 2021 13:57:36 GMT):
Has joined the channel.

david.liu (Tue, 19 Oct 2021 16:47:32 GMT):
Has joined the channel.

OsamaAzmy (Tue, 19 Oct 2021 22:48:02 GMT):
Has joined the channel.

ralvarezalvarez (Wed, 20 Oct 2021 03:25:43 GMT):
Has joined the channel.

subin8899 (Wed, 20 Oct 2021 04:34:00 GMT):
Has joined the channel.

nbAmit (Wed, 20 Oct 2021 04:52:25 GMT):
Has joined the channel.

DarshilPatel (Wed, 20 Oct 2021 11:19:50 GMT):
Has joined the channel.

deepakgerawipro (Wed, 20 Oct 2021 12:13:08 GMT):
Has joined the channel.

dbluhm (Wed, 20 Oct 2021 14:58:52 GMT):
We've started a project that has several parallels to a dedicated mediator service. As this has been a topic of discussion across various Aries calls recently, we wanted to share some of our work for the sake of comparison at least. We find the simplicity and flexibility to specialize an agent like this proxy mediator service to be quite compelling. Spec: https://hackmd.io/@dbluhm/aries-proxy-mediator Repo: https://github.com/Indicio-tech/proxy-mediator

TelegramSam (Wed, 20 Oct 2021 19:11:42 GMT):
Aries Mobile Summit Calling all Aries Mobile Agent developers! We have a growing number of issues related specifically to Mobile Agents. Topics include: * RFC 496 - Transition to OOB and DID Exchange * HTTP Mobile exemptions * UX of Invitations * SVG Cred Display * Consequences of Machine Readable Governance on UX * Embedding Agents into existing Mobile Apps * Exposing errors / details to users & power users (404 and 503 like errors) * Unsupported DID Method * Revocation implications for Mobile * Mobile Verifiers * How are we really going to do deep-links? * Secure Element usage * Device Recovery (Backup/Restore/Sync/Rotation to new keys) We want to organize our efforts around these topics. The first meeting on this topic will be Wed, Oct 27th during the regular Aries WG call at 7am Pacific. During this first meeting, we will discuss: - Ideal meeting times and format - Priority of related topics - Outlining steps to resolve highest priority issues We'll decide there how best to accomplish the work of addressing these issues. If you develop mobile apps, please arrange for a member of your team to attend. While recordings will be available, we need your input on these topics. Thanks!

webspeller (Wed, 20 Oct 2021 19:44:54 GMT):
Has joined the channel.

webspeller (Wed, 20 Oct 2021 19:47:19 GMT):
Hi All!

alieghmazi (Wed, 20 Oct 2021 21:07:40 GMT):
Has joined the channel.

webspeller (Wed, 20 Oct 2021 21:27:00 GMT):
Hi, I am trying to make an open source Authentication System which will be used as an authentication tool for a crypto-currency based private project. I am confused whether I should be using the Kadena chain (as it supports more transactions) or should I be using Aries or Indy? As the summary of explanation says that Aries is a tool, could it be used with Kadena as a blockchain?

jason_jaan (Wed, 20 Oct 2021 22:54:52 GMT):
Has joined the channel.

TimoGlastra (Thu, 21 Oct 2021 05:55:05 GMT):
Really great you're starting this initiative!

leonfrank (Thu, 21 Oct 2021 07:24:13 GMT):
Has joined the channel.

tpluck (Thu, 21 Oct 2021 07:56:07 GMT):
Has joined the channel.

garthr (Thu, 21 Oct 2021 08:34:40 GMT):
Has joined the channel.

SubhadeepBanerjee (Thu, 21 Oct 2021 09:30:43 GMT):
Hello guys, been facing this error for a while, - {"error":"acapy_call_failed","error_description":"Cannot fetch ACAPy wallet public did"} any help will be really appreciated. PS - our mediator service is running properly

CristianLorenzetto (Thu, 21 Oct 2021 10:05:37 GMT):
hi cai i talk with the developer that integrated sovrin framework in aries?

CristianLorenzetto (Thu, 21 Oct 2021 10:05:37 GMT):
hi can i talk with the developer that integrated sovrin framework in aries?

sjana0 (Thu, 21 Oct 2021 10:34:40 GMT):
Has joined the channel.

outsidethecode (Thu, 21 Oct 2021 13:20:11 GMT):
Has joined the channel.

mccown (Thu, 21 Oct 2021 14:34:19 GMT):
Quick Reminder (due to time changes): The Identity Implementer's WG is meeting at the top of the hour. Wiki: https://wiki.hyperledger.org/display/IWG/2021-10-21+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

swcurran (Thu, 21 Oct 2021 16:48:05 GMT):
@amanji @jleach 1 @ianco ^^^

ianco (Thu, 21 Oct 2021 16:50:05 GMT):
:+1:

swcurran (Thu, 21 Oct 2021 16:51:37 GMT):
So this is not based on ACA-Py or any other Framework?

swcurran (Thu, 21 Oct 2021 16:53:06 GMT):
Is it worth the distraction of spending time on something that we can provide with less effort? I really think we need to focus on AFJ AIP functionality and not spend cycles on something we can have with little effort.

swcurran (Thu, 21 Oct 2021 16:54:04 GMT):
That said, I've not read the proposal (I'm on vacation :-). ) and if this will be less effort than an Aries Framework, I'm not against it.

swcurran (Thu, 21 Oct 2021 17:40:16 GMT):
@Jason.Leach ^^^

weihong.ou (Thu, 21 Oct 2021 18:00:10 GMT):
Has joined the channel.

amanji (Thu, 21 Oct 2021 18:38:18 GMT):
Thanks for this, noted!

lukasgem (Thu, 21 Oct 2021 20:46:15 GMT):
Has joined the channel.

cvarjao (Thu, 21 Oct 2021 22:24:45 GMT):
Has joined the channel.

sfiguereo (Fri, 22 Oct 2021 01:11:55 GMT):
Has joined the channel.

andra1996 (Fri, 22 Oct 2021 08:25:46 GMT):
Has joined the channel.

andra1996 (Fri, 22 Oct 2021 08:28:03 GMT):
Hi everyone, i was wondering if it would be possible to use Aries agents on an Ethereum ledger with an already existing solution. And, if it does not exist yet, how much work would you think it would require?thx in advance

NikunjPurohit (Fri, 22 Oct 2021 13:47:05 GMT):
Has joined the channel.

khamdb (Fri, 22 Oct 2021 13:47:56 GMT):
Has joined the channel.

GeluUngur (Fri, 22 Oct 2021 18:05:31 GMT):
Has joined the channel.

acantrell (Fri, 22 Oct 2021 19:12:44 GMT):
Has joined the channel.

palacios (Fri, 22 Oct 2021 19:48:36 GMT):
Has joined the channel.

swcurran (Fri, 22 Oct 2021 22:31:30 GMT):
It really depends on what you want to do. If you are just resolving (reading) DIDs off the ledger, that should be either trivial using a universal resolver, or easy by adding code in to resolve such DIDs. Writing is likely a little harder as you have to add functionality into writing. Once you have that, you the other protocols should work. You would not be able to use AnonCreds, but the support for W3C JSON-LD credentials in some libraries (ACA-Py and AF-Go) should be straight forward. So not available today, but doable.

BrianBauska (Sat, 23 Oct 2021 05:16:31 GMT):
Has joined the channel.

marchelbudi.k (Sat, 23 Oct 2021 05:47:39 GMT):
Has joined the channel.

KiranLakhotia (Sat, 23 Oct 2021 08:49:55 GMT):
Has joined the channel.

webzest (Sat, 23 Oct 2021 12:29:03 GMT):
Has joined the channel.

jrojek (Sun, 24 Oct 2021 05:27:44 GMT):
Has joined the channel.

jrd10 (Sun, 24 Oct 2021 06:04:32 GMT):
Has joined the channel.

lincyaw (Sun, 24 Oct 2021 08:03:37 GMT):
Has joined the channel.

amankr1619 (Sun, 24 Oct 2021 20:21:37 GMT):
Has joined the channel.

JorgeLuisAcosta (Mon, 25 Oct 2021 07:00:46 GMT):
Has joined the channel.

dovanan95 (Mon, 25 Oct 2021 08:26:33 GMT):
Has joined the channel.

mateokurti (Mon, 25 Oct 2021 09:05:37 GMT):
Hi everyone. I've just started learning about SSI and Hyperledger project. I wanted to take you suggestions about the right framework to choose, for having two mobile agents, Kotlin and UI Kit, a mediator and an enterprise agent. I've read a lot, and still I'm finding it hard to decide. Maybe someone could help or suggest me to some good reference about the pros and cons. Thank you!

jceb 3 (Mon, 25 Oct 2021 09:33:53 GMT):
Has joined the channel.

AtlasSMT (Mon, 25 Oct 2021 10:11:08 GMT):
Has joined the channel.

SubhadeepBanerjee (Mon, 25 Oct 2021 11:21:20 GMT):
Hello guys, been facing this error for a while, - {"error":"acapy_call_failed","error_description":"Cannot fetch ACAPy wallet public did"} any help will be really appreciated. PS - our mediator service is running properly

shadiayoub (Mon, 25 Oct 2021 11:24:53 GMT):
Has joined the channel.

jean-claudedalot (Mon, 25 Oct 2021 13:50:08 GMT):
Has joined the channel.

flaviocal (Mon, 25 Oct 2021 14:24:36 GMT):
Has joined the channel.

spunkymandar (Mon, 25 Oct 2021 16:50:38 GMT):
Has joined the channel.

dmimaz (Mon, 25 Oct 2021 17:36:09 GMT):
Has joined the channel.

Tenno (Tue, 26 Oct 2021 03:42:20 GMT):
Has joined the channel.

kamalraj2000 (Tue, 26 Oct 2021 07:17:43 GMT):
Has joined the channel.

dheerajbudhiraja (Tue, 26 Oct 2021 08:09:02 GMT):
Has joined the channel.

dheerajbudhiraja (Tue, 26 Oct 2021 08:38:59 GMT):
Hi everyone, I am new to Hyperledger Aries and Indy . I was exploring Hyperledger aries for DI and from performance perspective . I am facing some issues in perfomance. Like with auto issue and auto accept enabled, one request takes almost 6 seconds to complete. With lot of parallel requests (Let's say 1000) triggered at same time, agent is taking more than 10 mins to process these 1000 transactions. How can I get better performance and what are current bottlenecks in aries framework?

Luis_Manuel_Cortes_Tirado (Tue, 26 Oct 2021 10:12:15 GMT):
Has left the channel.

andra1996 (Tue, 26 Oct 2021 10:26:49 GMT):
thx!

daidoji (Tue, 26 Oct 2021 14:09:24 GMT):
I think that would depend mostly upon which implementation you were using. Are you using acapy?

webspeller (Tue, 26 Oct 2021 17:21:47 GMT):
how to find out the implementations?

webspeller (Tue, 26 Oct 2021 17:21:59 GMT):
And where are other implementations available?

ianco (Tue, 26 Oct 2021 17:40:36 GMT):
https://github.com/hyperledger?q=aries&type=&language=&sort=

artemgorev (Tue, 26 Oct 2021 18:18:07 GMT):
Has joined the channel.

trilawney (Tue, 26 Oct 2021 19:08:54 GMT):
Has joined the channel.

swcurran (Tue, 26 Oct 2021 19:12:07 GMT):
If you are using ACA-Py, you can scale up the number of ACA-Py instances on a platform like Kubernetes. While there should not be limitations to the parallelism that is possible -- credential generation and the necessary cryptographic operations consume processing power.

tomaspozo (Tue, 26 Oct 2021 21:55:29 GMT):
Has joined the channel.

Eric.Lin (Tue, 26 Oct 2021 23:27:04 GMT):
Has joined the channel.

dheerajbudhiraja (Wed, 27 Oct 2021 05:38:12 GMT):
@daidoji @swcurran Thanks for replying. Yes I am using ACA-py, forgot to mention. I scaled aries agents instances to 8 and distributed load using load balancer. CPU% used in each is less than 50%, but even after scaling to 8 instances (of aries issuer agent), performance is only 2x. I am not able to identify what is causing bottleneck here. I tried multiple aries holder instances also (But these were on same machine).

lyc9702 (Wed, 27 Oct 2021 06:36:20 GMT):
Has joined the channel.

dheerajbudhiraja (Wed, 27 Oct 2021 08:21:51 GMT):
Also with aca-py, what is the performance I should expect with only one instance of agent without scaling?

Ferdinand.wittmann (Wed, 27 Oct 2021 09:39:25 GMT):
Has joined the channel.

Ferdinand.wittmann (Wed, 27 Oct 2021 10:00:15 GMT):
Sovrin Transaction Endorser. Hi we are a swiss based non profit organization, that has been working with aca-py for the last year. We are looking for an organization that can endorse our DID and credential definitions. For aca-py we see that there is a new endorser protocol, which we would be happy to use with any endorser that offers this functionality. Does anybody now of someone who is working on providing endorsing functionality or even better has implemented it already? (We are obviously able to provide legal proof of our organization)

Ferdinand.wittmann (Wed, 27 Oct 2021 10:08:16 GMT):
@swcurran do you know of any endorser, that we can request for signing our DID?

MontassarNAGHMOUCHI (Wed, 27 Oct 2021 11:35:53 GMT):
Has joined the channel.

Jason.Leach (Wed, 27 Oct 2021 14:15:58 GMT):
Anyone in the Aries Summit call? Have a link?

TimoGlastra (Wed, 27 Oct 2021 14:16:31 GMT):
https://us02web.zoom.us/w/84218154744?tk=N2sgeb3nmlA9OUbBouQMrbFB8nbN4-3xLpCfrpKScco.DQMAAAATm8sO-BZEYUlJUjVOTlJwNnhNR3JKRGRxOUtBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&pwd=dHlLcjBUT0RqckdyY2hpcHlhYTFJQT09&uuid=WN_65D7yXQHRsmvGXB9jd9i2w

Jason.Leach (Wed, 27 Oct 2021 14:40:51 GMT):
Sorry. When I used the link I asked a question and it showed up as you. :man_shrugging_medium_light_skin_tone:

Jason.Leach (Wed, 27 Oct 2021 14:41:01 GMT):
I'll switch links.

TimoGlastra (Wed, 27 Oct 2021 14:42:01 GMT):
Oh that's weird. I didn't knew these links were tied to me

TimoGlastra (Wed, 27 Oct 2021 14:42:32 GMT):
However the meeting ended early

TimoGlastra (Wed, 27 Oct 2021 14:42:59 GMT):
The Aries Mobile Summit is delayed to probably next week

Jason.Leach (Wed, 27 Oct 2021 14:53:57 GMT):
Am I listening to a recording of it then?

Jason.Leach (Wed, 27 Oct 2021 14:54:25 GMT):
I do see "Rec" in the corder. Assumed it was being recorded - not a recording.

Jason.Leach (Wed, 27 Oct 2021 14:54:25 GMT):
I do see "Rec" in the corner. Assumed it was being recorded - not a recording.

TimoGlastra (Wed, 27 Oct 2021 14:55:02 GMT):
Oh damn it, I sent you the wrong link...

Jason.Leach (Wed, 27 Oct 2021 14:55:12 GMT):
No worries.

TimoGlastra (Wed, 27 Oct 2021 14:55:14 GMT):
there was another event happening at the same time

Jason.Leach (Wed, 27 Oct 2021 14:55:36 GMT):
This one is pretty good. Learning a lot.

Jason.Leach (Wed, 27 Oct 2021 14:56:31 GMT):
That's where I asked the question. :)

viktor.pulyak (Wed, 27 Oct 2021 15:31:36 GMT):
Has joined the channel.

rolandw (Wed, 27 Oct 2021 17:09:36 GMT):
Has joined the channel.

swcurran (Thu, 28 Oct 2021 00:03:29 GMT):
You can become an Endorser through Sovrin. As well, some companies offer Endorsing -- I think Indicio and perhaps Trinsic.

swcurran (Thu, 28 Oct 2021 00:04:21 GMT):
Are you able to share your configuration? Is it easy to reproduce?

dheerajbudhiraja (Thu, 28 Oct 2021 05:51:58 GMT):
It is manually created on Azure:

dheerajbudhiraja (Thu, 28 Oct 2021 05:51:58 GMT):
It is manually created on Azure: One springboot controller application(production grade), 8 Aries issuer agents, 5 Aries identity holder agents, auto issuance and auto offer is enabled, revocation is enabled. I am able to issue around 80 creds per min without any bottleneck, Issuing more than that results in Aries agent lagged behind the controller application.

Jotenks (Thu, 28 Oct 2021 10:16:27 GMT):
Has joined the channel.

jackmacloud (Thu, 28 Oct 2021 11:01:41 GMT):
Hi guys, I want to experience the function of Router, and when I practice according to this document： https://github.com/hyperledger/aries-framework-go/blob/main/test/bdd/features/aries_mediator_e2e_controller.feature

important (Thu, 28 Oct 2021 11:05:10 GMT):
Has joined the channel.

jackmacloud (Thu, 28 Oct 2021 11:07:07 GMT):
And i used the restful API , when I get to the last step(# DIDExchange between Carl and Dave through routers), Dave does this: /accept-request It reported an error: { "code": 2005, "message": "did exchange client - accept exchange request: failed to execute state action 'responded': outboundDispatcher.Send: no transport found for destination: &{RecipientKeys:[did:key:z6MkrdZnDF23vJzoac4HMMBwDBqhKCbgkagpvCCzHhJ8S2bM] ServiceEndpoint:didcomm:transport/queue RoutingKeys:[] TransportReturnRoute: MediaTypeProfiles:[didcomm/aip2;env=rfc19] DIDDoc:0xc00043a7e0}" } I don't know how to solve it? Can anyone help me? I use Aries-framework-go

yukesong (Thu, 28 Oct 2021 12:20:46 GMT):
Has joined the channel.

Acarcan (Thu, 28 Oct 2021 14:17:47 GMT):
Has joined the channel.

AlessandroPagliaro (Thu, 28 Oct 2021 15:06:02 GMT):
Has joined the channel.

Mellywins (Thu, 28 Oct 2021 15:28:17 GMT):
Has joined the channel.

TaylorBelk1 (Thu, 28 Oct 2021 16:57:52 GMT):
Has joined the channel.

chadmott (Thu, 28 Oct 2021 20:49:49 GMT):
Has joined the channel.

swcurran (Thu, 28 Oct 2021 22:49:02 GMT):
Hmm....we got a lot faster than that on a Kubernetes (OpenShift) environment we had -- around 2000 issuances per minute. It would be great if you could create a repo with the configuration and so others could try it, and tweak it. It would also be good to run it with tracing on.

KaranKulwal (Fri, 29 Oct 2021 05:07:15 GMT):
Has joined the channel.

hblockchain (Fri, 29 Oct 2021 05:50:01 GMT):
Has joined the channel.

BabitaBisht1 (Fri, 29 Oct 2021 07:54:34 GMT):
Has joined the channel.

MikaLammi (Fri, 29 Oct 2021 08:01:00 GMT):
Has joined the channel.

marcus.schoeller (Fri, 29 Oct 2021 10:17:04 GMT):
Has joined the channel.

hailx (Fri, 29 Oct 2021 12:59:32 GMT):
Has joined the channel.

Natinasss (Fri, 29 Oct 2021 13:07:38 GMT):
Has joined the channel.

RajeshNavagare (Fri, 29 Oct 2021 16:39:54 GMT):
Has joined the channel.

deoalade (Fri, 29 Oct 2021 17:16:53 GMT):
Has joined the channel.

robinrob (Fri, 29 Oct 2021 19:35:47 GMT):
Has joined the channel.

omago123 (Sat, 30 Oct 2021 06:56:59 GMT):
Has joined the channel.

Kazuya.N (Sat, 30 Oct 2021 07:31:27 GMT):
Has joined the channel.

efrain (Sat, 30 Oct 2021 09:28:40 GMT):
Has joined the channel.

edouardfrance (Sat, 30 Oct 2021 14:40:05 GMT):
Has joined the channel.

Santiagotwm99 (Sat, 30 Oct 2021 21:18:54 GMT):
Has joined the channel.

JeremyChou0314 (Sun, 31 Oct 2021 11:12:35 GMT):
Has joined the channel.

tleonard1941 (Sun, 31 Oct 2021 17:06:14 GMT):
Has joined the channel.

rohan333 (Mon, 01 Nov 2021 03:55:24 GMT):
Has joined the channel.

szbalazs (Mon, 01 Nov 2021 11:12:11 GMT):
Has joined the channel.

szbalazs (Mon, 01 Nov 2021 11:13:57 GMT):
Hi guys! I want to try the ACAPY demo, but building the VON network already fails with the following error: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',)': /simple/pyyaml/ Could not find a version that satisfies the requirement pyyaml~=5.1.1 (from -r server/requirements.txt (line 1)) (from versions: ) No matching distribution found for pyyaml~=5.1.1 (from -r server/requirements.txt (line 1))

szbalazs (Mon, 01 Nov 2021 11:13:57 GMT):
Hi guys! I want to try the ACAPY demo, but building the VON network (./manage build) already fails with the following error: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary failure in name resolution',)': /simple/pyyaml/ Could not find a version that satisfies the requirement pyyaml~=5.1.1 (from -r server/requirements.txt (line 1)) (from versions: ) No matching distribution found for pyyaml~=5.1.1 (from -r server/requirements.txt (line 1)) Could you please help how to resolve this issue?

pperez (Mon, 01 Nov 2021 11:23:58 GMT):
Has joined the channel.

WadeBarnes (Mon, 01 Nov 2021 11:53:20 GMT):
Looks like you were having a connection issue. I just rebuild `von-network` without any problems.

shanest (Mon, 01 Nov 2021 14:34:57 GMT):
Hi, i am trying to create invitation json similar to Faber like follows on my custom agent `{"@type": "https://didcomm.org/connections/1.0/invitation", "@id": "cfdd5215-9ca0-4d10-be3d-66af2f07d0d2", "recipientKeys": ["3xRJ3XiDDLVDes24Sk43kgr3k8xv2pY6nVhCVLLs7wV8"], "label": "faber.agent", "serviceEndpoint": "http://192.168.0.14:8020"}` i went through Faber parameters but it doesn't seemed to have used any. Any guidancce is pretty much appreciated.

keithyweethy (Mon, 01 Nov 2021 16:52:11 GMT):
Has joined the channel.

szbalazs (Mon, 01 Nov 2021 17:16:04 GMT):
I've tried again now and it works now. Thanks!

teerakiat (Tue, 02 Nov 2021 05:00:40 GMT):
Has joined the channel.

Rigwarl (Tue, 02 Nov 2021 06:26:36 GMT):
Has joined the channel.

vinodhini (Tue, 02 Nov 2021 06:32:40 GMT):
Has joined the channel.

Rigwarl (Tue, 02 Nov 2021 06:37:25 GMT):
Has left the channel.

y8l (Tue, 02 Nov 2021 11:57:15 GMT):
Has joined the channel.

rafaadan6 (Tue, 02 Nov 2021 18:08:34 GMT):
Has joined the channel.

TelegramSam (Tue, 02 Nov 2021 18:57:40 GMT):
Reminder: Tomorrow during the normal Aries WG call we are addressing mobile agent focused issues. List of topics for discussion are listed in the agenda for tomorrow: https://wiki.hyperledger.org/display/ARIES/2021-11-03+Aries+Working+Group+Call

TelegramSam (Tue, 02 Nov 2021 18:58:11 GMT):
If you develop mobile agents, we need you! Please try and attend and contribute your voice and experience.

imillar99 (Tue, 02 Nov 2021 20:43:53 GMT):
Has joined the channel.

aarjav (Tue, 02 Nov 2021 20:54:47 GMT):
Has joined the channel.

ElisJacobson (Tue, 02 Nov 2021 23:06:13 GMT):
Has joined the channel.

terexitarius (Wed, 03 Nov 2021 02:45:43 GMT):
Has joined the channel.

Howie001 (Wed, 03 Nov 2021 02:48:24 GMT):
Has joined the channel.

frankliawesome (Wed, 03 Nov 2021 03:37:57 GMT):
Has joined the channel.

jaysonr (Wed, 03 Nov 2021 03:39:30 GMT):
Has joined the channel.

SriniGovindaswamy (Wed, 03 Nov 2021 06:01:00 GMT):
Has joined the channel.

SriniGovindaswamy (Wed, 03 Nov 2021 06:02:49 GMT):
Could you share the Hyperledger Aries Roadmap for 2022....?

hhgfgg (Wed, 03 Nov 2021 12:05:55 GMT):
Has joined the channel.

veerendrab (Wed, 03 Nov 2021 14:04:06 GMT):
Has joined the channel.

JiriPeinlich (Wed, 03 Nov 2021 14:35:25 GMT):
Has joined the channel.

TelegramSam (Wed, 03 Nov 2021 16:37:34 GMT):
# Aries Mobile Agent Workshop We met and organized our efforts today around the mobile relevant topics We decided on weekly 2 hour sessions, with agendas for each meeting created in advance. Meetings will be recorded. Summary information will be shared during the regular weekly Aries calls. Please indicate which times you will be able to attend the workshop: https://whenisgood.net/amasw Please share this link and instructions with everybody in the community. We plan to start next week with the first selection of topics. Thanks for your involvement and help!

Stevedimaras (Wed, 03 Nov 2021 17:05:20 GMT):
Has joined the channel.

alfahami (Wed, 03 Nov 2021 17:55:32 GMT):
Has joined the channel.

hellipps (Wed, 03 Nov 2021 18:03:46 GMT):
Has joined the channel.

swcurran (Wed, 03 Nov 2021 18:44:50 GMT):
That's a decentralized question -- different groups have different priorities. That said, I think the question is great and one that we will work on. I have write the first cut of the Aries report to the Hyperledger TSC and will try to cover that. A quick cut will be: - AIP 2.0 completion, particularly on the Wallet side (server side is much further ahead) - A strong focus on an Aries Mobile Wallet UX -- including collaboration on open source wallets that can be used to produce mobile apps suitable for publication in app stores. A (somewhat arbitrary) goal is to have about 90% of the code in producing a wallet be shared and open source. - Building out implementations of machine readable governance frameworks that can be easily integrated into mobile wallets. - Continuing to reduce the effort of deploying issuers and verifiers.

mccown (Wed, 03 Nov 2021 19:50:50 GMT):
The Identity Implementer's WG is meeting tomorrow (Nov 4th @ 9am MT / 3pm UTC). We will review a number of updates and milestones from several SSI industry WGs. I will also be giving a presentation on how to auto-generate language wrappers from Rust libraries (e.g., DIDComm_rs, indy-sdk, etc.). Wiki: https://wiki.hyperledger.org/display/IWG/2021-11-04+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

cemmurphy (Wed, 03 Nov 2021 21:59:32 GMT):
Has joined the channel.

minsecprisoner (Thu, 04 Nov 2021 09:53:48 GMT):
Has joined the channel.

CarlosGarcia.Briones (Thu, 04 Nov 2021 10:26:27 GMT):
Has joined the channel.

mafer_027 (Thu, 04 Nov 2021 15:38:06 GMT):
Has joined the channel.

deathdealer007 (Fri, 05 Nov 2021 03:11:15 GMT):
Has joined the channel.

ksgr5566 (Fri, 05 Nov 2021 04:30:16 GMT):
Has joined the channel.

alvone01 (Fri, 05 Nov 2021 06:58:44 GMT):
Has joined the channel.

lwyatt (Fri, 05 Nov 2021 07:17:50 GMT):
@swcurran Does Aries support non-repudiable proofs as of now? How can a Verifier prove to a third-party (let's say some legal body) that a Holder (say Alice) actually presented proofs to the Verifier? Also, is there a recommended way using which a verifier can prove to the third-party that the Holder indeed was Alice?

surabhi17 (Fri, 05 Nov 2021 08:45:59 GMT):
Has joined the channel.

tperes (Fri, 05 Nov 2021 10:56:14 GMT):
Has joined the channel.

Makabongwe (Fri, 05 Nov 2021 14:39:29 GMT):
Has joined the channel.

swcurran (Fri, 05 Nov 2021 14:55:37 GMT):
Good questions. The proofs in Aries are just picked up from credential formats, so it is not so much as Aries as the supported credential formats. That means Indy AnonCreds (CL Signatures) and the two W3C JSON-LD formats/signatures -- LD Signatures and BBS+ Signatures. AFAIK (but I'm not expert), I don't think the proofs are non-repudiable. But I recommend that you look at those signatures schemes to be sure. For the verifier to prove the Holder is Alice, they must collect enough information to know that. For example, in many business context "knowing Alice is Alice" is based on a gov't ID, and so enabling Alice to have that in a trusted way is needed. For example, in BC, to get such a digital ID, you have to do an online live session or record a video that is both reviewed by a human and checked against the ID database held by the province -- basically a Level 3 Assurance process. Once you have that, the process is to have the holder prove that credential to the verifier. Of course it doesn't have to be gov't ID -- it's really up to the verifier to decide what they think is sufficient to know Alice the Holder really is Alice. The verifier needs to know what the Issuer did to verify Alice before they issued a credential. The governance framework as the basis for issuing a credential is really important.

elDanielain (Fri, 05 Nov 2021 15:59:55 GMT):
Has joined the channel.

SySagar (Sun, 07 Nov 2021 04:25:26 GMT):
Has joined the channel.

suisingLai (Sun, 07 Nov 2021 14:07:21 GMT):
Has joined the channel.

ceejaymi (Sun, 07 Nov 2021 18:42:13 GMT):
Has joined the channel.

Ezzah 1 (Mon, 08 Nov 2021 01:10:36 GMT):
Has joined the channel.

Jangto (Mon, 08 Nov 2021 03:27:46 GMT):
Has joined the channel.

ThinhPhan (Mon, 08 Nov 2021 07:28:00 GMT):
Has joined the channel.

sristhiassudani (Mon, 08 Nov 2021 09:22:21 GMT):
Has joined the channel.

deoalade (Mon, 08 Nov 2021 11:36:00 GMT):
HI all, I’ve recently been working with Hyperledger Aries (versions 0.6.0 & 0.7.1) & have generally found it to be a really amazing framework. However I notice there seems to be some inconsistencies resulting in errors when executing some of the API calls for the Acapy agents. For instance I was able to successfully run a full sequence of schema/credential definition, credential request/issuance & credential verification on a new instance with my Issuer, holder & verifier nodes. However, when attempting to run the same sequence again for a brand new set of credentials I get the following error t the send presentation API call: `Error when constructing revocation state: Error: Invalid structure. Caused by: UrsaCryptoError: Invalid len of bytes representation for PoingG2. CommonInvalidStructure.` The API Request was constructed using the following details: Type: `POST` Endpoint: `http://{{Verifier_IP}}:{{AcaPy_Port}}/present-proof/send-request` Body: `{ "comment": "string", "connection_id": "{{Verifier_Holder_Conn}}", "proof_request": { "name": "Proof request", "non_revoked": { "to": 1636122004 }, "nonce": "1234567890", "requested_attributes": { "additionalProp1": { "name": "companyname" } }, "requested_predicates": { "additionalProp2": { "name": "grade", "p_type": ">=", "p_value": 10, "restrictions": [ {} ] } }, "version": "1.0" }, "trace": false }` Could you kindly advise on why this could be happening especially given that the same request has been successful on previous occasions. Thanks P.S. I am running this on the sovrin dev network without a Postgres database

NSagar (Mon, 08 Nov 2021 12:25:57 GMT):
Has joined the channel.

RyanJJones10 (Mon, 08 Nov 2021 17:13:45 GMT):
Has joined the channel.

swcurran (Mon, 08 Nov 2021 22:56:43 GMT):
Hmm...is the `restrictions[]` array needed on the requested attributes? I'm not up on the Indy AnonCreds proof request format, but it doesn't look quite right. @ianco -- any other ideas on that error messa?

ianco (Tue, 09 Nov 2021 01:43:39 GMT):
I think the predicate has to have *some* restriction on it. An unrestricted (revealed) attribute is self-attested, but I don't think there's a corresponding rule for a predicate to not have restrictions

TelegramSam (Tue, 09 Nov 2021 04:08:34 GMT):
-- Aries Mobile Summit -- Reminder: please fill out the time survey (https://whenisgood.net/amasw) So far, it looks like Tuesday 8-10AM (US/Mountain) is the best time. Your input is needed! Please spread the word!

swcurran (Tue, 09 Nov 2021 04:14:19 GMT):
I've done a pass at the TSC Quarterly Report on Aries for this past quarter. Please review and adjust as necessary on the Hyperledger Wiki: https://wiki.hyperledger.org/display/TSC/2021+Q4+Hyperledger+Aries

shin1yama (Tue, 09 Nov 2021 07:02:16 GMT):
Has joined the channel.

LakshmiMurali (Tue, 09 Nov 2021 07:50:21 GMT):
Has joined the channel.

Aljone (Tue, 09 Nov 2021 15:58:35 GMT):
Has joined the channel.

rockson (Tue, 09 Nov 2021 17:02:09 GMT):
Has joined the channel.

knguyenBC (Tue, 09 Nov 2021 17:17:59 GMT):
Has joined the channel.

ghastly (Tue, 09 Nov 2021 17:32:50 GMT):
Has joined the channel.

sdunstan (Tue, 09 Nov 2021 20:47:43 GMT):
Has joined the channel.

LEOISHere (Wed, 10 Nov 2021 00:03:22 GMT):
Has joined the channel.

ffabregas (Wed, 10 Nov 2021 03:56:07 GMT):
Has joined the channel.

DeepromSomkiadcharoen (Wed, 10 Nov 2021 03:56:07 GMT):
Has joined the channel.

Strohhut (Wed, 10 Nov 2021 17:27:06 GMT):
Has joined the channel.

cvarjao (Wed, 10 Nov 2021 22:58:59 GMT):
@TelegramSam, internationalization is becoming a hot topic for us ... I was wondering if there is a place in the Aries Mobile Summit? I guess there is one proposal on the table. https://github.com/hyperledger/aries-rfcs/blob/main/features/0043-l10n/README.md

loziniak (Thu, 11 Nov 2021 00:32:27 GMT):
Has joined the channel.

ChangmingLiu (Thu, 11 Nov 2021 01:38:01 GMT):
Has joined the channel.

newbieTech (Thu, 11 Nov 2021 02:56:28 GMT):
Has joined the channel.

uguroney (Thu, 11 Nov 2021 08:38:29 GMT):
Has joined the channel.

Monavari (Thu, 11 Nov 2021 11:18:16 GMT):
Has joined the channel.

Oznfc (Thu, 11 Nov 2021 11:22:34 GMT):
hi . does any opensource mobile app for testing creditials ?

leostereo (Thu, 11 Nov 2021 13:42:39 GMT):
Has joined the channel.

anuj-kh (Thu, 11 Nov 2021 14:01:40 GMT):
Has joined the channel.

sebposselt (Thu, 11 Nov 2021 14:44:53 GMT):
Has joined the channel.

swcurran (Thu, 11 Nov 2021 14:59:19 GMT):
There are two in the community: Aries Bifold -- https://github.com/hyperledger/aries-mobile-agent-react-native which is built on React Native and the Aries Framework JavaScript. Aries MAX -- https://github.com/hyperledger/aries-mobileagent-xamarin which is built on Xamarin and Aries Framework .NET.

swcurran (Thu, 11 Nov 2021 14:59:44 GMT):
Aries Bifold is newer and lots of activity happening in that community right now.

fab-10 (Thu, 11 Nov 2021 15:10:10 GMT):
Has joined the channel.

arner (Thu, 11 Nov 2021 15:40:31 GMT):
One of the greatest strengths of Aries is the large amount of organizations implementing solutions - and the promise of interoperability between them. But that argument would be much stronger if we'd be able to quantify it. Does anyone know if there's a list or a trustworthy count of companies or products?

ricc.zappoli (Thu, 11 Nov 2021 16:03:05 GMT):
Has left the channel.

ArhangelSky999 (Thu, 11 Nov 2021 16:47:21 GMT):
Has joined the channel.

swcurran (Thu, 11 Nov 2021 21:12:41 GMT):
Check out the https://aries-interop.info and the underlying Aries Agent Test Harness. It shows the interop of the various Frameworks, and limited information on those using them.

swcurran (Thu, 11 Nov 2021 21:14:07 GMT):
Great idea to collect a list of those companies actively using the frameworks. @TelegramSam @rjones @troyronda -- we should think about how to collect that information beyond those contributing to the repos.

TelegramSam (Thu, 11 Nov 2021 21:53:46 GMT):
-= Aries Mobile Summit =- First session will be Tuesday, Nov 16th at 7AM US/Pacific. Agenda here: https://wiki.hyperledger.org/display/ARIES/2021-11-16+Aries+Summit+Session Topic is QR Codes and Invitations. Check back for updated meeting info - I need to make sure we have a non-conflicting zoom room to meet.

knichols (Thu, 11 Nov 2021 21:59:13 GMT):
Has joined the channel.

deoalade (Fri, 12 Nov 2021 00:08:56 GMT):
I've tried setting both the attribute and predicate to have values for restrictions as specified in the repository (open_api & proof_request.py) as well as swagger ui. Unfortunately after iterating over a variety of combinations I ultimately still had no luck. Could there be something else i'm missing? Here's a sample of what my restrictions object looks like: ``` "restrictions": [ { "cred_def_id": "{{Cred_Def_ID}}", "issuer_did": "{{Issuer_DID}}", "schema_id": "{{Schema_ID}}", "schema_issuer_did": "{{Issuer_DID}}", "schema_name": "{{Schema_Name}}", "schema_version": "0.1" } ] ```

deoalade (Fri, 12 Nov 2021 00:27:48 GMT):
In addition I would like to understand why we include a timestamp in the requested predicates object when sending presentation, given that we would have checked the non-revoked status already if requested in proof request? ``` { "requested_attributes": { "additionalProp1": { "cred_id": "{{Referent}}", "revealed": true } }, "requested_predicates": { "additionalProp2": { "cred_id": "{{Referent}}", "timestamp": 1636649578 } }, "self_attested_attributes": {}, "trace": false } ```

maurorambo (Fri, 12 Nov 2021 00:34:02 GMT):
Has joined the channel.

ChrisPaterson (Fri, 12 Nov 2021 02:35:32 GMT):
Has joined the channel.

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: Alice creates invitation. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: alice-agent creates invitation. alice-agent sends invitation to Bob Bob receives invite. Bob uses connection ID from received Invite and then uses that to accept connection alice-agent prints error log: `*| aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} alice-agent_1 | alice-agent_1 | During handling of the above exception, another exception occurred: alice-agent_1 | alice-agent_1 | Traceback (most recent call last): alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle alice-agent_1 | mediation_id=mediation_metadata.get("id"), alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request alice-agent_1 | "No invitation found for pairwise connection "*` However, connection gets created ok for alice and eventually gets to active state. But Bob's connection remains in request state Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: Issuer-agent creates invitation. Issuer-agent sends invitation to Holder Holder receives invite. Holder uses connection ID from received Invite and then uses that to accept connection `Issuer-agent prints error log: | aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} issuer-agent_1 | issuer-agent_1 | During handling of the above exception, another exception occurred: issuer-agent_1 | issuer-agent_1 | Traceback (most recent call last): issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle issuer-agent_1 | mediation_id=mediation_metadata.get("id"), issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request issuer-agent_1 | "No invitation found for pairwise connection "` However, connection gets created ok. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: Issuer-agent creates invitation. Issuer-agent sends invitation to Holder Holder receives invite. Holder uses connection ID from received Invite and then uses that to accept connection ` Issuer-agent prints error log: | aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} issuer-agent_1 | issuer-agent_1 | During handling of the above exception, another exception occurred: issuer-agent_1 | issuer-agent_1 | Traceback (most recent call last): issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle issuer-agent_1 | mediation_id=mediation_metadata.get("id"), issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request issuer-agent_1 | "No invitation found for pairwise connection " ` However, connection gets created ok. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: Issuer-agent creates invitation. Issuer-agent sends invitation to Holder Holder receives invite. Holder uses connection ID from received Invite and then uses that to accept connection _*Issuer-agent prints error log: | aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} issuer-agent_1 | issuer-agent_1 | During handling of the above exception, another exception occurred: issuer-agent_1 | issuer-agent_1 | Traceback (most recent call last): issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle issuer-agent_1 | mediation_id=mediation_metadata.get("id"), issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request issuer-agent_1 | "No invitation found for pairwise connection " *_ However, connection gets created ok. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: Issuer-agent creates invitation. Issuer-agent sends invitation to Holder Holder receives invite. Holder uses connection ID from received Invite and then uses that to accept connection Issuer-agent prints error log: *| aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} issuer-agent_1 | issuer-agent_1 | During handling of the above exception, another exception occurred: issuer-agent_1 | issuer-agent_1 | Traceback (most recent call last): issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle issuer-agent_1 | mediation_id=mediation_metadata.get("id"), issuer-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request issuer-agent_1 | "No invitation found for pairwise connection "* However, connection gets created ok and is in correct state. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: alice-agent creates invitation. alice-agent sends invitation to Bob Bob receives invite. Bob uses connection ID from received Invite and then uses that to accept connection alice-agent prints error log: *| aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} alice-agent_1 | alice-agent_1 | During handling of the above exception, another exception occurred: alice-agent_1 | alice-agent_1 | Traceback (most recent call last): alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle alice-agent_1 | mediation_id=mediation_metadata.get("id"), alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request alice-agent_1 | "No invitation found for pairwise connection "* However, connection gets created ok and is in correct state. Has anyone encountered this issue when setting up connection?

SargisDudaklyan (Fri, 12 Nov 2021 06:09:28 GMT):
Establishing connection issue: alice-agent creates invitation. alice-agent sends invitation to Bob Bob receives invite. Bob uses connection ID from received Invite and then uses that to accept connection alice-agent prints error log: `*| aries_cloudagent.storage.error.StorageNotFoundError: ConnRecord record not found for {'invitation_key': 'HqWz2GPwmvpFYLPSG6CdvjeYdT7PcRpocUYYwun5jC2n'}, {'state': 'invitation', 'their_role': 'invitee'} alice-agent_1 | alice-agent_1 | During handling of the above exception, another exception occurred: alice-agent_1 | alice-agent_1 | Traceback (most recent call last): alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/handlers/connection_request_handler.py", line 43, in handle alice-agent_1 | mediation_id=mediation_metadata.get("id"), alice-agent_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/protocols/connections/v1_0/manager.py", line 495, in receive_request alice-agent_1 | "No invitation found for pairwise connection "*` However, connection gets created ok and is in correct state. Has anyone encountered this issue when setting up connection?

sekinosekai (Fri, 12 Nov 2021 09:17:01 GMT):
Has joined the channel.

deoalade (Fri, 12 Nov 2021 09:50:25 GMT):
Hi all, I would like to understand why we include a timestamp in the requested predicates object when sending presentation, given that we would have checked the non-revoked status already if requested in proof request? ``` { "requested_attributes": { "additionalProp1": { "cred_id": "{{Referent}}", "revealed": true } }, "requested_predicates": { "additionalProp2": { "cred_id": "{{Referent}}", "timestamp": 1636649578 } }, "self_attested_attributes": {}, "trace": false } ```

RomanBorisov (Fri, 12 Nov 2021 14:04:59 GMT):
Has joined the channel.

somaningp (Fri, 12 Nov 2021 14:29:25 GMT):
Has joined the channel.

loziniak (Fri, 12 Nov 2021 15:39:06 GMT):
Has left the channel.

Andrewval (Fri, 12 Nov 2021 16:46:22 GMT):
Has joined the channel.

ChheunPhearaeun (Fri, 12 Nov 2021 17:48:40 GMT):
Has joined the channel.

Clippo 3 (Fri, 12 Nov 2021 17:56:22 GMT):
Has joined the channel.

arner (Fri, 12 Nov 2021 20:11:12 GMT):
If we can find a good way to do this, I'd be happy to help with the leg work. There's strength in numbers, and even just knowing who's all out there can help the community get even more traction. I have a feeling we're going to need it!

matt.nelson.csi (Fri, 12 Nov 2021 20:56:06 GMT):
Has joined the channel.

luoyu 1 (Fri, 12 Nov 2021 22:32:26 GMT):
Has joined the channel.

swcurran (Sat, 13 Nov 2021 00:28:28 GMT):
I don't think it is needed. Here is an example from the ACA-Py demo of a fully formed (and working!!) Proof Request with a predicate. There is no timestamp there. https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AriesOpenAPIDemo.md#faber-sends-a-proof-request A proof request that asks for a "proof of non-revocation" if the proof request can be satisfied by a revocable credential asks for timestamps, but the name of the field is "non_revoked". I'm not sure where "Timestamp" is from in your example.

swcurran (Sat, 13 Nov 2021 00:30:05 GMT):
Ah...wait -- you are showing something from the Presentation -- not from the presentation request. I'm not sure about that. That would be in Indy and it's handling.

chandra100100 (Sat, 13 Nov 2021 06:58:25 GMT):
Has joined the channel.

Beshir (Sat, 13 Nov 2021 08:44:54 GMT):
Has joined the channel.

VladimirRadeski (Sat, 13 Nov 2021 09:32:26 GMT):
Has joined the channel.

manolaz (Sun, 14 Nov 2021 04:51:26 GMT):
Has joined the channel.

xeon123 (Mon, 15 Nov 2021 08:54:54 GMT):
Has joined the channel.

xeon123 (Mon, 15 Nov 2021 08:58:44 GMT):
Hi all, I am studying Decentralized Identity, and I am trying to put one example running. I have tried to put frameworks like Microsoft Ion running, so that I could set up one small example. I know that Hyperledger Aries allow to store verifiable credentials (I am assuming that it is the same as DIDs), but I can't find one example where I could setup an environment to see DIDs working. Does anyone can provide me some guidance on this?

arner (Mon, 15 Nov 2021 09:37:03 GMT):
DIDs and Verifiable Credentials (VC) are not the same. The VC is the document that contains the claims that can be stored in the user's wallet. The wallet can generate a proof based on the attributes in its VCs. The verifier can then verify these proofs using the public key of the issuers of the credentials. The DID is a way for all the parties to retrieve some public information like public keys of verifiers. The communication between the parties is underpinned by a protocol called DIDComm, which uses DIDs for security and routing. If you have a technical background and are serious about learning, I recommend the following courses: https://www.edx.org/course/identity-in-hyperledger-aries-indy-and-ursa and the second one also includes examples https://www.edx.org/course/becoming-a-hyperledger-aries-developer.

Salt4f (Mon, 15 Nov 2021 09:46:53 GMT):
Has joined the channel.

ybuser (Mon, 15 Nov 2021 12:06:47 GMT):
Has joined the channel.

matijasipek (Mon, 15 Nov 2021 12:21:34 GMT):
Has joined the channel.

amit1nayak (Mon, 15 Nov 2021 12:33:31 GMT):
Has joined the channel.

RajaDhanushkodi (Mon, 15 Nov 2021 12:48:59 GMT):
Has joined the channel.

sidharthan.j (Mon, 15 Nov 2021 14:08:36 GMT):
Has joined the channel.

MarioMichel (Mon, 15 Nov 2021 14:19:46 GMT):
Has joined the channel.

arner (Mon, 15 Nov 2021 14:31:32 GMT):
I'm trying to work out a solution to use an Aries (edge) agent a little bit differently then for normal SSI. I'd like to have the ability for the user to sign some text in a way that's non-repudiable and can be verified by others (so not just the counterpart in a DIDComm connection). Obvious problem here is that the user has no persistent public key like an issuer has in a static DID document. So I have a feeling I'm stretching it too far. Or is there a clever other solution that would accomplish this?

arner (Mon, 15 Nov 2021 14:31:32 GMT):
I'm trying to work out a solution to use an Aries (edge) agent a little bit differently than for normal SSI. I'd like to have the ability for the user to sign some text in a way that's non-repudiable and can be verified by others (so not just the counterpart in a DIDComm connection). Obvious problem here is that the user has no persistent public key like an issuer has in a static DID document. So I have a feeling I'm stretching it too far. Or is there a clever other solution that would accomplish this?

TimoGlastra (Mon, 15 Nov 2021 14:53:40 GMT):
Could you go into a bit more depth into why you want to do this and for what use case? That would make it easier to see the possiblities

TimoGlastra (Mon, 15 Nov 2021 14:54:44 GMT):
If you're using JSON-LD credentials what you could do is using the same `did:key` for the `issuer` and `credentialSubject.id`. Basically you're making a claim about yourself in this case

TimoGlastra (Mon, 15 Nov 2021 14:55:02 GMT):
That you could prove to others (`did:key:xxx` said `x` about `did:key:xxx`)

TimoGlastra (Mon, 15 Nov 2021 14:55:48 GMT):
You can either issue it to yourself and use it for proving using presentation exchange

TimoGlastra (Mon, 15 Nov 2021 14:56:21 GMT):
Or you could use the jsonld endpoints to create the VC and share it how you would like

TimoGlastra (Mon, 15 Nov 2021 14:57:20 GMT):
This however doesn't take into account any privacy considerations, but as you want the statement to be non-repudiable and linked to a specific DID maybe that's not needed for this use case

matejstern (Mon, 15 Nov 2021 14:57:24 GMT):
Has joined the channel.

arner (Mon, 15 Nov 2021 15:43:17 GMT):
The cloud agent of a company wants the user (using an edge agent) to sign a simple agreement. If they end up in court, they want to be able to prove that that particular person (or a person representing a particular company) agreed to the terms. There's also a second use case I'm thinking of, where there is proof that someone in possession of a VC that says they work for a certain company agreed to certain terms - and that proof can immediately be verified by three others and then discarded (more specifically; getting multiple peers to endorse a transaction with a verifiable presentation in a Hyperledger Fabric network - without needing 3 connections and 3 approvals and with explicit consent about the content of the transaction. And without changing the fundamentals of Aries...).

arner (Mon, 15 Nov 2021 15:53:29 GMT):
So if I issue a credential to myself, it would use the link secret to help me prove (in 1:1 presentations) that it was me who made that statement in a non-correlatable way, right? But for non-repudiation, you're saying I should include the peer did in the credential? So that the counterparty can say: I had this connection with this person, and previously they identified to me with a proof, and now they confirmed their agreement with my terms. In my second use case, this would be bad for privacy because this user is now correlatable by the others. In the first, it might be good enough.

elenaizaguirre (Mon, 15 Nov 2021 15:54:06 GMT):
Has joined the channel.

matisalimba (Mon, 15 Nov 2021 17:24:38 GMT):
Has joined the channel.

RyanKoch (Mon, 15 Nov 2021 19:51:01 GMT):
Has joined the channel.

Jason.Leach (Mon, 15 Nov 2021 20:30:06 GMT):
Just created this issue in AFJ. Looking to implement the ability to lookup who issued a credential a bit better (for human readable purposes). Any feedback welcome, especially if its going to be overly complicated (maybe not supported in Indy SDK): https://github.com/hyperledger/aries-framework-javascript/issues/538

AlexTran (Mon, 15 Nov 2021 20:58:47 GMT):
Has joined the channel.

TelegramSam (Mon, 15 Nov 2021 23:56:07 GMT):
-= Aries Mobile Summit Tomorrow! =- First session will be Tuesday, Nov 16th at 7AM US/Pacific. Agenda here: https://wiki.hyperledger.org/display/ARIES/2021-11-16+Aries+Summit+Session Topic is QR Codes and Invitations. Check back for updated meeting info - I need to make sure we have a non-conflicting zoom room to meet.

TelegramSam (Mon, 15 Nov 2021 23:57:45 GMT):
Note: Same meeting link!

panicstyle (Tue, 16 Nov 2021 01:02:10 GMT):
Has joined the channel.

mamba2017 (Tue, 16 Nov 2021 02:24:05 GMT):
Has joined the channel.

PHAGUNJAIN (Tue, 16 Nov 2021 08:43:43 GMT):
Has joined the channel.

MiguelCabeza (Tue, 16 Nov 2021 10:17:07 GMT):
Has joined the channel.

Helsonkumar (Tue, 16 Nov 2021 13:49:35 GMT):
Has joined the channel.

TelegramSam (Tue, 16 Nov 2021 14:57:45 GMT):
Aries Mobile Summit starting now. Agenda and dial in link here: https://wiki.hyperledger.org/display/ARIES/2021-11-16+Aries+Summit+Session

xlswirlds (Tue, 16 Nov 2021 15:31:16 GMT):
Has joined the channel.

smannathan (Tue, 16 Nov 2021 17:11:28 GMT):
Has joined the channel.

hegde.rahul (Wed, 17 Nov 2021 01:20:10 GMT):
Has joined the channel.

Bert (Wed, 17 Nov 2021 01:53:41 GMT):
Has joined the channel.

conanoc (Wed, 17 Nov 2021 02:19:59 GMT):
VCs and signatures signed by DIDs don't have any legal effects by themselves. It is also true for the static DID of an issuer. You'll need a legal document that guarantees that the static DID belongs to the issuer. And you can also prepare a legal document that guarantees that a key belongs to a user of the company. Then the user could sign documents with the key or could issue VCs to the company.

conanoc (Wed, 17 Nov 2021 02:53:06 GMT):
An iOS agent has added to the indy-sample-agents repo: https://github.com/conanoc/indy-sample-agents This is just a prototype of a mobile agent for iOS. Take a look around if you are looking for a reference implementation written in Swift.

Arjen (Wed, 17 Nov 2021 09:23:29 GMT):
Has joined the channel.

Oznfc (Wed, 17 Nov 2021 10:43:24 GMT):
thank you . I tried it but ı couldn't add credintials.

beeraaron81 (Wed, 17 Nov 2021 13:01:11 GMT):
Has joined the channel.

beeraaron81 (Wed, 17 Nov 2021 13:03:46 GMT):
Has left the channel.

samsonlarsson (Wed, 17 Nov 2021 14:02:08 GMT):
Has joined the channel.

deoalade (Wed, 17 Nov 2021 15:37:45 GMT):
@swcurran Thanks for clarifying this. Do you know if anyone on here can provide clarity around how indy handles this. I would like to have. a better understanding to help us understand how to properly implement it in our solution.

swcurran (Wed, 17 Nov 2021 20:28:30 GMT):
Best is to ask on the #indy or #indy-sdk channel. Not sure who can help. The other approach that we've had to fall back on a few times is to go through the Indy tests cases and code. :-(

EmilioFL (Wed, 17 Nov 2021 22:13:16 GMT):
Has joined the channel.

deoalade (Thu, 18 Nov 2021 09:39:55 GMT):
Thanks @swcurran

joymondal (Thu, 18 Nov 2021 10:34:15 GMT):
Has joined the channel.

lwyatt (Thu, 18 Nov 2021 10:52:31 GMT):
*Topic - Wallet backups and portability* Hi everyone, I was wondering about various possibilities in which a Holder might want to transfer/migrate credentials from one wallet to the other. I'm stuck with what all is possible for the following scenario in the current Aries ecosystem - Scenario: A Holder owns two wallets - wallet-A (4 credentials) and wallet-B (3 credentials). The Holder now wants to add (or merge) the credentials from wallet-B to wallet-A. In my current understanding of one of the Aries framework (Dotnet to be precise), on doing so, all the credentials of wallet-A would now be overwritten with credentials of wallet-B. So, basically wallet-A would now become almost identical to wallet-B. Is there a way in the Aries ecosystem using which the Holder can get all the 7 credentials in one wallet (A, B or a new C)?

mccown (Thu, 18 Nov 2021 12:48:57 GMT):
The Identity Implementer’s WG meeting for today (11/18) has been cancelled. Please join us in our next meeting on Dec 2nd (9am MT / 4pm UTC).

ArneGebert (Thu, 18 Nov 2021 14:31:05 GMT):
Has joined the channel.

swcurran (Thu, 18 Nov 2021 14:49:15 GMT):
For Indy AnonCreds, I don't think that would work -- at least today. Indy AnonCreds uses a "link secret" for Holder Bind that is generated per wallet. Thus, each wallet instance would have it's own link secret for the set of credentials held. It might be possible for a wallet to track a link secret per credential, which would enable the use case you are thinking about. I'm not certain of the proof generation process to be certain -- e.g. if a proof is sourced from multiple credentials, do they have to have the same link secret? That would have to be understood.

ayushraj8271 (Thu, 18 Nov 2021 15:52:47 GMT):
Has joined the channel.

hitesh.sharma.06 (Thu, 18 Nov 2021 17:03:45 GMT):
Has joined the channel.

ianco (Thu, 18 Nov 2021 17:09:43 GMT):
I believe that all credentials presented in the same proof have to come from the same wallet (i.e. same link secret)

AshokkumarMdx (Thu, 18 Nov 2021 17:46:21 GMT):
Has joined the channel.

Adyntec (Thu, 18 Nov 2021 20:09:37 GMT):
Has joined the channel.

lwyatt (Fri, 19 Nov 2021 05:28:56 GMT):
@swcurran Is it possible to somehow have the same "link secret" for two wallets (in a case where both the wallets are owned by the same holder)? I am talking about the case where a Holder can somehow seed the link secret. I do understand that it might not be recommended but is that still possible?

lwyatt (Fri, 19 Nov 2021 05:32:13 GMT):
@ianco If we are somehow able to manage the same link secret in two wallets (assuming the link secret generation wouldn't be random and would be controlled by the holder), can we present credentials in the same proof from different wallets?

SanjayRS (Fri, 19 Nov 2021 07:44:05 GMT):
Has joined the channel.

maciej_ol (Fri, 19 Nov 2021 10:41:31 GMT):
Has joined the channel.

bondasoup (Fri, 19 Nov 2021 12:43:12 GMT):
Has joined the channel.

ianco (Fri, 19 Nov 2021 15:50:58 GMT):
I think the link secret is created within Indy SDK so we don't have any control over what is created. However I suppose you could create a wallet, export it, and import it into another wallet/database, and then you would have 2 wallets with the same link secret

ianco (Fri, 19 Nov 2021 15:52:22 GMT):
I don't know what would happen if you did this (copied credentials from one wallet to the other (if there was any way to do that), and then tried to present the credentials together on one proof), either it would work or it wouldn't :-P

swcurran (Fri, 19 Nov 2021 18:28:45 GMT):
What he said ^^^ :-). I suspect that would work.

Tim98390383 (Fri, 19 Nov 2021 20:53:22 GMT):
Has joined the channel.

uvdsl (Fri, 19 Nov 2021 22:24:46 GMT):
Has joined the channel.

uvdsl (Fri, 19 Nov 2021 22:30:35 GMT):
Hi all, I was wondering how a proof for a VC is derived when not all of the credentials attributes are presented to a verifier. So, e.g. I have a credential with my postal adress (street, house number, postal code, city, country) but I only need to disclose the city and country. I was not able to find any particular method in the W3C VC spec... Does anyone have some pointers or know this off-hand? I appreciate any hints :)

swcurran (Fri, 19 Nov 2021 22:57:34 GMT):
The W3C VC spec doesn't address this issue. If they did it would be in the VP section. Rather it is left to signature scheme -- BBS+ (sort of) supports it, and CL-Signatures (although not in W3C VC format). Basic technique is to canonicalize the data into an array of messages, one message per item that can be selectively disclosed, and then sign each item. When presenting, present only the items to be disclosed. The signature on each can be checked. You'd have to go further into the signature schemes to get into the details of the canonicalization, signing and verification.

Kanishk-Kumar24 (Sat, 20 Nov 2021 05:45:19 GMT):
Has joined the channel.

uvdsl (Sat, 20 Nov 2021 09:20:47 GMT):
Thank you very much for your answer and your pointers! That helps alot. I am assuming that Aries implements BBS+?

uvdsl (Sat, 20 Nov 2021 09:23:33 GMT):
(or CL-Sigs?)

lonis (Sat, 20 Nov 2021 18:09:02 GMT):
Has joined the channel.

swcurran (Sun, 21 Nov 2021 01:06:22 GMT):
Some implementations of Aries support W3C credentials including BBS+ and most support CL-Signatures (aka Indy AnonCreds). Support for AnonCreds is much richer and easier to implements -- the ecosystem around it is much more mature. JSON-LD makes using BBS+ a lot more complicated, and a bunch of the CL-Signature features are missing.

swcurran (Sun, 21 Nov 2021 01:06:22 GMT):
Some implementations of Aries support W3C credentials including BBS+ and most support CL-Signatures (aka Indy AnonCreds). Support for AnonCreds is much richer and easier to implement -- the ecosystem around it is much more mature. JSON-LD makes using BBS+ a lot more complicated, and a bunch of the CL-Signature features are missing.

swcurran (Sun, 21 Nov 2021 01:06:22 GMT):
Some implementations of Aries support W3C credentials including BBS+ and most support CL-Signatures (aka Indy AnonCreds). Support for AnonCreds is much richer and easier to implement -- the ecosystem around it is much more mature. JSON-LD makes using BBS+ a lot more complicated, and a bunch of the CL-Signature features are missing from BBS+.

uvdsl (Sun, 21 Nov 2021 14:20:11 GMT):
Ah, I see! Thank you alot for your help. Much appreciated. I think I know now where to look for more detail :)

ShumanCapote (Mon, 22 Nov 2021 05:12:12 GMT):
Has joined the channel.

ThomasRitter (Mon, 22 Nov 2021 05:28:23 GMT):
Has joined the channel.

saurabhSAG (Mon, 22 Nov 2021 08:31:14 GMT):
Has joined the channel.

Sharonmunyao (Mon, 22 Nov 2021 09:46:40 GMT):
Has joined the channel.

lwyatt (Mon, 22 Nov 2021 14:58:08 GMT):
Thanks for the details :slight_smile: @swcurran @ianco

Joesv (Mon, 22 Nov 2021 16:24:44 GMT):
Has joined the channel.

krishnabayanna (Mon, 22 Nov 2021 17:14:52 GMT):
Has joined the channel.

TheoKneen (Mon, 22 Nov 2021 17:25:27 GMT):
Has joined the channel.

RobinBeltran (Mon, 22 Nov 2021 18:49:35 GMT):
Has joined the channel.

jfbourque (Mon, 22 Nov 2021 19:18:55 GMT):
Has joined the channel.

TelegramSam (Mon, 22 Nov 2021 21:32:10 GMT):
Aries Mobile Summit tomorrow. Agenda with meeting link: https://wiki.hyperledger.org/display/ARIES/2021-11-23+Aries+Summit+Session

LeonQiao (Tue, 23 Nov 2021 02:08:25 GMT):
Has joined the channel.

bjwswangmail (Tue, 23 Nov 2021 03:24:15 GMT):
Has joined the channel.

g.mishra-blockgemini (Tue, 23 Nov 2021 05:21:26 GMT):
Has joined the channel.

Prasad8 2 (Tue, 23 Nov 2021 08:58:22 GMT):
Has joined the channel.

Prasad8 2 (Tue, 23 Nov 2021 09:07:00 GMT):
Hi All, I have a question . Does Aries agent cloud python implementation also acts as mediator service that can store message when the mobile is offline and delivers when the mobile is online. How this is being achieved ? Sorry I am not able to find the instructions on this specific question in the docs. Please help me

ffendt (Tue, 23 Nov 2021 10:00:53 GMT):
Hi @Prasad8 2 , there's a channel for [aries-cloudagent-python](https://chat.hyperledger.org/channel/aries-cloudagent-python) in which this question would be better suited. On your question: There's a flag `--enable-undelivered-queue` that might help, but I'm not into the details of how exactly this works.

GoreTushar (Tue, 23 Nov 2021 11:24:47 GMT):
Has joined the channel.

skenaja (Tue, 23 Nov 2021 11:56:45 GMT):
Has joined the channel.

TelegramSam (Tue, 23 Nov 2021 14:53:06 GMT):
Aries Mobile Agent Summit on in 7 minutes!

TelegramSam (Tue, 23 Nov 2021 14:53:08 GMT):
https://wiki.hyperledger.org/display/ARIES/2021-11-23+Aries+Summit+Session

TelegramSam (Tue, 23 Nov 2021 14:53:36 GMT):
Topic: Mobile infrastructure. Zoom link in the agenda linked above!

TelegramSam (Tue, 23 Nov 2021 15:01:25 GMT):
Reminder: New Link is in use, not the same one as last week!

jyoti.patel (Tue, 23 Nov 2021 15:31:25 GMT):
Has joined the channel.

JamesEbert (Tue, 23 Nov 2021 16:11:53 GMT):
@ianco, within the Indy SDK we have access to the anoncreds.prover_create_master_secret() call--which I believe _might_ give us a mechanism for generating the link secret. I _think_ we've been using the behavior that if no argument is provided then the secret is auto generated by Indy. Am I thinking along the right lines, or am I missing something?

JamesEbert (Tue, 23 Nov 2021 16:11:53 GMT):
@ianco, within the Indy SDK we have access to the anoncreds.prover_create_master_secret() call--which I believe _ might _ give us a mechanism for generating the link secret. I _think_ we've been using the behavior that if no argument is provided then the secret is auto generated by Indy. Am I thinking along the right lines, or am I missing something?

JamesEbert (Tue, 23 Nov 2021 16:11:53 GMT):
@ianco, within the Indy SDK we have access to the anoncreds.prover_create_master_secret() call--which I believe might give us a mechanism for generating the link secret. I _think_ we've been using the behavior that if no argument is provided then the secret is auto generated by Indy. Am I thinking along the right lines, or am I missing something?

JamesEbert (Tue, 23 Nov 2021 16:11:53 GMT):
@ianco, within the Indy SDK we have access to the anoncreds.prover_create_master_secret() call-which I believe _might_ give us a mechanism for generating the link secret. I _think_ we've been using the behavior that if no argument is provided then the secret is auto generated by Indy. Am I thinking along the right lines, or am I missing something?

ianco (Tue, 23 Nov 2021 16:22:27 GMT):
The secret is auto-generated using an ursa library, there's no ability to pass in a parameter to generate the secret (the parameter is for the `id` of the master secret record in the wallet)

JamesEbert (Tue, 23 Nov 2021 16:23:21 GMT):
Ah duh, thanks for the correction :thumbsup:

anipaul2 (Tue, 23 Nov 2021 19:08:23 GMT):
Has joined the channel.

dantetti (Tue, 23 Nov 2021 23:55:00 GMT):
Has joined the channel.

Prasad8 2 (Wed, 24 Nov 2021 04:24:12 GMT):
OK Thanks

hacke (Wed, 24 Nov 2021 07:34:00 GMT):
Has joined the channel.

KurosakiIchigo (Wed, 24 Nov 2021 09:14:58 GMT):
Has joined the channel.

vasile135 (Wed, 24 Nov 2021 10:12:28 GMT):
Hello everyone! Sorry for bothering you. Have the following issue: When calling the AnonCreds.VerifierVerifyProofAsync to check if a presentation that was provided with a revoked credential is valid, it always returns "True". I use the following proof request: ``` "name":"Test Verification", "version":"1.0", "nonce":"483754409945318649274168", "requested_attributes":{ "test-verification":{ "names":[ "FirstName" ] } }, "requested_predicates":{ }, "non_revoked":{ "from":0, "to":1637675098 } } ``` I also check if the credential was revoked at the holder side, by calling the IsRevokedAsync method from the .Net Aries library, and, on this side, it sees the credential as revoked. Also opened a github issue https://github.com/hyperledger/aries-framework-dotnet/issues/206. Does anybody have any idea? Would appreciate any suggestion. Thank you!

Kmm 4 (Wed, 24 Nov 2021 13:49:10 GMT):
Has joined the channel.

ShengChillie (Wed, 24 Nov 2021 14:05:45 GMT):
Has joined the channel.

john.h.o.mantaring (Wed, 24 Nov 2021 15:02:17 GMT):
Has joined the channel.

shinnosuke.sonoda (Thu, 25 Nov 2021 01:12:32 GMT):
Has joined the channel.

RitikaKakkar (Thu, 25 Nov 2021 04:53:49 GMT):
Has joined the channel.

dheerajbudhiraja (Thu, 25 Nov 2021 04:54:46 GMT):
Aries performance testing bottlenecks

abhisheksavaliya (Thu, 25 Nov 2021 06:03:02 GMT):
Has joined the channel.

Haniff (Thu, 25 Nov 2021 09:33:10 GMT):
Has joined the channel.

gurkhaman (Thu, 25 Nov 2021 11:02:06 GMT):
Has joined the channel.

neves 2 (Thu, 25 Nov 2021 11:19:28 GMT):
Has joined the channel.

deetho (Thu, 25 Nov 2021 11:49:03 GMT):
Has joined the channel.

atsveloso (Thu, 25 Nov 2021 12:08:49 GMT):
Has joined the channel.

zhengxilong (Thu, 25 Nov 2021 12:21:09 GMT):
Has joined the channel.

ap13 (Thu, 25 Nov 2021 15:28:50 GMT):
Has joined the channel.

krishna2752 (Thu, 25 Nov 2021 15:40:15 GMT):
Has joined the channel.

SiddharthGupta (Fri, 26 Nov 2021 01:13:45 GMT):
Has joined the channel.

csum112 (Fri, 26 Nov 2021 08:20:05 GMT):
Has joined the channel.

Kayaba.Keita (Fri, 26 Nov 2021 10:38:47 GMT):
Has joined the channel.

ankitsaurabh (Fri, 26 Nov 2021 21:47:21 GMT):
Has joined the channel.

iamchris1688 (Mon, 29 Nov 2021 03:43:53 GMT):
Has joined the channel.

SubashAnbazhagan (Mon, 29 Nov 2021 04:49:37 GMT):
Has joined the channel.

laolao (Mon, 29 Nov 2021 05:27:07 GMT):
Has joined the channel.

amithkk (Mon, 29 Nov 2021 06:05:41 GMT):
Has joined the channel.

vasile135 (Mon, 29 Nov 2021 10:19:25 GMT):
Checked also with restrictions, same result

s.vahidi (Mon, 29 Nov 2021 12:14:35 GMT):
Has joined the channel.

FotisMichalopoulos (Mon, 29 Nov 2021 13:51:49 GMT):
Has joined the channel.

darrell.odonnell (Mon, 29 Nov 2021 13:56:48 GMT):
As discussed in one of the Mobile Summit meetings Ontario has added some security guidance documentation to Bifold. PR: https://github.com/hyperledger/aries-mobile-agent-react-native/pull/153

MohammadHT (Mon, 29 Nov 2021 14:27:03 GMT):
Has joined the channel.

TelegramSam (Tue, 30 Nov 2021 04:38:07 GMT):
-= Reminder: Mobile Summit Tuesday 8am US/Mountain =- Topic: Credential UX Agenda: https://wiki.hyperledger.org/display/ARIES/2021-11-30+Aries+Summit+Session Zoom link on Agenda. See you there!

dalan 2 (Tue, 30 Nov 2021 10:07:28 GMT):
Has joined the channel.

RouteSagar (Tue, 30 Nov 2021 12:08:10 GMT):
Has joined the channel.

TelegramSam (Tue, 30 Nov 2021 15:00:56 GMT):
Anyone else getting a meeting passcode prompt on the Aries summit link?

TelegramSam (Tue, 30 Nov 2021 15:01:02 GMT):
Trying to work it through...

TelegramSam (Tue, 30 Nov 2021 15:02:28 GMT):
Updated Summit Link:" https://us02web.zoom.us/my/telegramsam

TelegramSam (Tue, 30 Nov 2021 15:08:10 GMT):
https://zoom.us/my/hyperledger.community.backup?pwd=dkJKdHRlc3dNZEdKR1JYdW40R2pDUT09

TelegramSam (Tue, 30 Nov 2021 15:09:10 GMT):
updated meeting room^

TelegramSam (Tue, 30 Nov 2021 15:09:16 GMT):
(sorry for the hassle)

caglayan45 (Tue, 30 Nov 2021 20:00:07 GMT):
Has joined the channel.

JunkF (Wed, 01 Dec 2021 02:58:09 GMT):
Has joined the channel.

lventi (Wed, 01 Dec 2021 12:41:31 GMT):
Has joined the channel.

joey_gogo (Wed, 01 Dec 2021 13:50:13 GMT):
Has joined the channel.

BigmoneyJoe (Wed, 01 Dec 2021 15:52:38 GMT):
Has joined the channel.

TelegramSam (Wed, 01 Dec 2021 16:59:31 GMT):
Aries WG call with Findy recording posted: https://wiki.hyperledger.org/display/ARIES/2021-12-01+Aries+Working+Group+Call

TelegramSam (Wed, 01 Dec 2021 17:52:12 GMT):
Yesterday's Summit Session Credential UX recording posted: https://wiki.hyperledger.org/display/ARIES/2021-11-30+Aries+Summit+Session

JosephPotts (Wed, 01 Dec 2021 19:36:11 GMT):
Has joined the channel.

thusithathilina (Wed, 01 Dec 2021 23:27:49 GMT):
Has joined the channel.

Rp27 (Thu, 02 Dec 2021 03:52:55 GMT):
Has joined the channel.

Bhemeswararaoxcubelabs.com (Thu, 02 Dec 2021 06:27:15 GMT):
Has joined the channel.

kalyankonda (Thu, 02 Dec 2021 07:19:20 GMT):
Has joined the channel.

kalyankonda (Thu, 02 Dec 2021 07:19:21 GMT):
Hi, is there any good link/resources for Aries-askar? I see very less description on Github link (https://github.com/andrewwhitehead/aries-askar )

kalyankonda (Thu, 02 Dec 2021 07:42:46 GMT):
I mean, documentation for Aries-Askar

BoJacobs (Thu, 02 Dec 2021 13:29:52 GMT):
Has joined the channel.

kudzaishezana (Thu, 02 Dec 2021 15:45:47 GMT):
Has joined the channel.

swcurran (Thu, 02 Dec 2021 15:55:22 GMT):
The link you should be using is https://github.com/hyperledger/aries-askar Although it's likely the same target. When using ACA-Py, you can switch to

swcurran (Thu, 02 Dec 2021 15:55:31 GMT):
Not great docs yet -- we'll look at that.

The_Science (Thu, 02 Dec 2021 18:28:15 GMT):
Has joined the channel.

F.Florian (Thu, 02 Dec 2021 23:11:39 GMT):
Has joined the channel.

kalyankonda (Fri, 03 Dec 2021 04:16:52 GMT):
Thanks Stephen.

kalyankonda (Fri, 03 Dec 2021 04:19:18 GMT):
It would be good if more documentation can be added.

PalanisamyChellappan (Fri, 03 Dec 2021 05:17:09 GMT):
Has joined the channel.

ipepoi (Fri, 03 Dec 2021 07:07:26 GMT):
Has joined the channel.

ipepoi (Fri, 03 Dec 2021 07:08:34 GMT):
:woo:

rohitsaikrishnan (Fri, 03 Dec 2021 08:22:32 GMT):
Has joined the channel.

NB-PrasadKatkar (Fri, 03 Dec 2021 08:57:12 GMT):
Has joined the channel.

kalyankonda (Fri, 03 Dec 2021 11:46:38 GMT):
Guys, one blind question. Does agent support more than one controller (I mean, *before/without Multi-Tenant feature*)? I believe, the answer is "No" If it supports, is it possible to configure more controller's urls in WEBHOOK_URL variable? I can't think about any scenario where agent should support multiple controllers in non-multi-tenant scenario. Please throw some light on this.

ripulbd (Fri, 03 Dec 2021 12:06:41 GMT):
Has joined the channel.

ripulbd (Fri, 03 Dec 2021 12:06:42 GMT):
Hi, I have two questions. I have been experimenting with the aca-py Faber Demo. I already have a seed and registered the DID at BCOVRIN test network. I would like to pass the seed from the command prompt. But I could not find any way to pass a seed into the Faber agent. Can someone let me know what would be the approach to handle this scenario? Second question, how to make the wallet persistent so that it does not create a wallet every time the agent is run? Thank you very much.

cmalbas (Fri, 03 Dec 2021 14:06:03 GMT):
Has joined the channel.

KodeKamper (Fri, 03 Dec 2021 14:15:39 GMT):
Has joined the channel.

ianco (Fri, 03 Dec 2021 15:13:51 GMT):
1. passing a seed to faber isn't currently supported. However it would be straightforward to add a new parameter to pass in this information. The parameters are defined here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/runners/agent_container.py#L988

ianco (Fri, 03 Dec 2021 15:18:58 GMT):
2. by default the agent uses a sqlite (file-based) database for the wallet. This database is located inside the docker container and will be removed when the container shuts down. However you can run the agent using postgres for the back-end database, in which case the wallet will persist in the database when the agent shuts down. There are some instructions for running with postgres here: https://github.com/hyperledger/aries-cloudagent-python/tree/main/demo#run-a-local-postgres-instance

ianco (Fri, 03 Dec 2021 15:21:08 GMT):
You can use more than one controller with a single agent, but IMHO that's an anti-pattern (although some people have been looking at this approach for certain use cases). I think you can specify multiple webhook url's using the `--webhook_url` parameter.

x4v13r (Fri, 03 Dec 2021 15:44:29 GMT):
Has joined the channel.

SudeshBanskota (Fri, 03 Dec 2021 15:45:04 GMT):
Has joined the channel.

swcurran (Fri, 03 Dec 2021 17:11:16 GMT):
On the first question. The idea of passing a seed has been proposed before and rejected because of the security risk. We think it is a very bad idea to pass what amounts to a private key across a REST interface.

kalyankonda (Sat, 04 Dec 2021 04:58:36 GMT):
Thank you Ianco. I will check.

lazaridis.com (Sat, 04 Dec 2021 07:08:56 GMT):
Has joined the channel.

SargisDudaklyan (Sun, 05 Dec 2021 04:09:32 GMT):
Hi all. I recently got the demo working using Von-Network. Pretty cool. I am wondering what it would take (if it would be possible) to swap out von-network for an etherium node. I have local ethereum dev (ganache-cli) set up, I am wondering how easy would it be to start using that. Could someone point to docs / guide on that?

SargisDudaklyan (Sun, 05 Dec 2021 04:09:32 GMT):
Hi all. I recently got the demo working using Von-Network. Pretty cool. I am wondering what it would take (if it would be possible) to swap out von-network for an etherium. I understand that Aries is meant to work with Indy, are other ledgers supported? I keep reading different posts and keep getting different answers. Many mentioned that it is not possible, while others say that it is under development to add different ledger support to aries.

SargisDudaklyan (Sun, 05 Dec 2021 04:14:39 GMT):
i found an answer https://github.com/hyperledger/aries-framework-javascript/issues/132 that it is impossible to do. Is this still true?

SargisDudaklyan (Sun, 05 Dec 2021 04:16:22 GMT):
it would be nice if we could pass in etherium address to "ledger-url" when starting up Aries ACA-PY agent.

SargisDudaklyan (Sun, 05 Dec 2021 04:16:22 GMT):
I am using ACA-PY agent. I thought it would be nice to include etherium address in the genesis file.. not sure if that is possible

SargisDudaklyan (Sun, 05 Dec 2021 04:36:25 GMT):
What I am doing right now is writing a schema to the ledger, writing credential definition, issuing VCs, and then verifying it. I assume it wouldn't be trivial to just swap out von-network for ethereum and see it work.

SargisDudaklyan (Sun, 05 Dec 2021 04:36:25 GMT):
What I am doing right now is writing a schema to the ledger (von network), writing credential defs, issuing VCs, and then verifying it. I assume it wouldn't be trivial/possible to swap out von-network for ethereum (at least not now)

SargisDudaklyan (Sun, 05 Dec 2021 04:36:25 GMT):
What I am doing right now is using ACA-PY agent to write a schema to the ledger (von network), write credential defs, issue VCs, and then verify it. I assume it wouldn't be trivial/possible to swap out von-network for ethereum (at least not now)

SargisDudaklyan (Sun, 05 Dec 2021 04:36:25 GMT):
What I am doing right now is using ACA-PY agent, I write a schema to the ledger (von network), write credential defs, issue VCs, and then verify it. I assume it wouldn't be trivial/possible to swap out von-network for ethereum (at least not now)

saibot940 (Sun, 05 Dec 2021 14:38:29 GMT):
Has joined the channel.

bhupatbheda (Sun, 05 Dec 2021 17:52:18 GMT):
Has joined the channel.

SargisDudaklyan (Mon, 06 Dec 2021 03:29:28 GMT):
another noob question. when credentials are issued, for example, age, where is it stored? Encrypted on the blockchain (Indy) or wallet?

babamatmat (Mon, 06 Dec 2021 04:21:50 GMT):
Has joined the channel.

Prasad8 2 (Mon, 06 Dec 2021 12:44:18 GMT):
Hi All, Can someone pls help me to understand this. How in agent-agent communication the mediator components keeps track of mobile devices ? What is the driving factor and the attribute that the issuer or mediator component understands that a particular device is registered to send and receive message ? What happens if the mobile wallet holder, reinstalls the Indy wallet app in new device and restores from backup ? How the mediator component keeps track of the devices ?

Prasad8 2 (Mon, 06 Dec 2021 12:44:18 GMT):
Hi All, Can someone pls help me to understand this. How in agent-agent communication the mediator components keeps track of mobile devices ? What is the driving factor and the attribute that the issuer or mediator component understands that a particular device is registered to send and receive message ? What happens if the mobile wallet holder, reinstalls the Indy wallet based mobile app in new device and restores from backup ? How the mediator component keeps track of the devices ?

JOHNNYDOE (Mon, 06 Dec 2021 13:49:26 GMT):
Has joined the channel.

tkuhrt (Mon, 06 Dec 2021 16:18:42 GMT):
Credentials are not stored on the blockchain. Credentials are exchanged peer-to-peer between the issuer and the holder.

binodpandey (Mon, 06 Dec 2021 16:25:52 GMT):
Has joined the channel.

gustavosales (Mon, 06 Dec 2021 17:45:42 GMT):
Has joined the channel.

SargisDudaklyan (Mon, 06 Dec 2021 17:49:38 GMT):
got it. thanks!

TelegramSam (Mon, 06 Dec 2021 21:15:31 GMT):
Reminder: Aries Mobile Summit Session tomorrow at 7am US\Pacific: https://wiki.hyperledger.org/display/ARIES/2021-12-07+Aries+Summit+Session Focus is Credential UX (part 2) including revocation implications, auto approval, role of governance, etc.

aaronr (Mon, 06 Dec 2021 23:22:04 GMT):
Hi all, I'm debugging an incompatibility between two agents I'm trying to connect. IBM Verify Credentials and AF .NET. It seems to be an issue where the format of the forward message from the invitee isn't correct OR the inviter agent isn't handling the format correctly. So I guess I'm asking if there is any way through the Aries Test Harness to look at message flows through the various agents and see what is being processed. Or if examples are available anywhere. In my specific case, what is a https://didcomm.org/routing/1.0/forward message supposed to look like? Any pointers would be appreciated!

ianco (Tue, 07 Dec 2021 00:19:27 GMT):
There's nothing in AATH itself - the messages are secure and private between agents (peer-to-peer) so you will need to debug on each of the agents to see what is going on

tuan072090 (Tue, 07 Dec 2021 02:56:51 GMT):
Has joined the channel.

aaronr (Tue, 07 Dec 2021 05:15:52 GMT):
@ianco sure, that is what I'm doing. But my problem is I don't know what it is supposed to look like. I was hoping that if both agents were run by AATH then AATH could retrieve logs from each agent after a test run to show the results. But maybe I'm misunderstanding how AATH works. I'll try to look more into it this week

YeMyint (Tue, 07 Dec 2021 05:22:48 GMT):
Has joined the channel.

jainamsha (Tue, 07 Dec 2021 07:31:49 GMT):
Has joined the channel.

jandaman (Tue, 07 Dec 2021 08:57:31 GMT):
Has joined the channel.

TejaSatyanarayana (Tue, 07 Dec 2021 09:31:34 GMT):
Has joined the channel.

ashritha2410 (Tue, 07 Dec 2021 10:06:29 GMT):
Has joined the channel.

Ivanaa9 (Tue, 07 Dec 2021 10:13:47 GMT):
Has joined the channel.

urahara (Tue, 07 Dec 2021 10:17:31 GMT):
Has joined the channel.

ripulbd (Tue, 07 Dec 2021 11:05:34 GMT):
Thanks a lot @ianco for the suggestions and the pointers. These have been really helpful. @swcurran, yes I understand the risk but just the testing and playing around with the demo. Thanks for your comment though!

carlosalca94 (Tue, 07 Dec 2021 14:14:31 GMT):
Has joined the channel.

ianco (Tue, 07 Dec 2021 14:25:52 GMT):
The log files for the agents are captured to the `.logs` directory (I think)

ianco (Tue, 07 Dec 2021 14:26:47 GMT):
AATH runs the agents as docker images, so doesn't have any visibility into the internals of what each agent is doing (including message formats)

ianco (Tue, 07 Dec 2021 14:27:26 GMT):
Re message formats you can check out the relevant Aries RFC here: https://github.com/hyperledger/aries-rfcs

TelegramSam (Tue, 07 Dec 2021 14:59:34 GMT):
Updated Room (again): https://us02web.zoom.us/my/telegramsam

TelegramSam (Tue, 07 Dec 2021 15:03:29 GMT):
Aries Mobile Summit on now! Agenda: https://wiki.hyperledger.org/display/ARIES/2021-12-07+Aries+Summit+Session Zoom link: https://us02web.zoom.us/my/telegramsam

swcurran (Tue, 07 Dec 2021 15:32:37 GMT):
Yup -- good. I just wanted to be clear why it isn't/won't be in the API

hacke (Tue, 07 Dec 2021 16:00:09 GMT):
Hi all, I'm quite new to aries-framework-go and a have a simple question: - how can I create a proof of a a credential (let's say a RSA signature for the sake of simplicity) ? - and how can the receiver or the verifier of the credential verify the signature? Any hint is very welcome, thank you in advance Hartmut

vasiksim (Tue, 07 Dec 2021 20:06:35 GMT):
Has joined the channel.

kukgini (Wed, 08 Dec 2021 01:02:25 GMT):
Hi here. I'm curious about the relationship between Aries RFC 453 (issue-credential-v2), RFC 454 (present-proof-v2) and DIF WACI PEx . Does WACI PEx inherit protocol from Aries ? Or a competitor? Or can eventually WACI PEx and Aries RFCs above would be the same thing?

kukgini (Wed, 08 Dec 2021 01:02:25 GMT):
Hi here. I'm curious about the relationship between Aries RFC 453 (issue-credential-v2), RFC 454 (present-proof-v2) and DIF WACI PeX . Does WACI PeX inherit protocol from Aries RFCs? Or a competitor? Or can eventually WACI PeX and Aries RFCs would be the same thing?

kennylau89 (Wed, 08 Dec 2021 01:27:05 GMT):
Has joined the channel.

AJAR (Wed, 08 Dec 2021 05:31:44 GMT):
Has joined the channel.

bajerm (Wed, 08 Dec 2021 08:40:13 GMT):
Has joined the channel.

StrangeDays (Wed, 08 Dec 2021 09:19:24 GMT):
Has joined the channel.

SujithSu 2 (Wed, 08 Dec 2021 12:18:46 GMT):
Has joined the channel.

darrell.odonnell (Wed, 08 Dec 2021 12:55:20 GMT):
Folks - I chair the Technology Stack Working Group at the Trust Over IO Foundation. Where can I attend a meeting about Aries Interop and perhaps bring some DIF folks to see what's going on?

MateC89 (Wed, 08 Dec 2021 13:30:45 GMT):
Has joined the channel.

mdshahbazalam (Wed, 08 Dec 2021 17:33:10 GMT):
Has joined the channel.

george.patterson (Thu, 09 Dec 2021 01:37:44 GMT):
Has joined the channel.

Jerry.Bach (Thu, 09 Dec 2021 03:22:18 GMT):
Has joined the channel.

JamesYL (Thu, 09 Dec 2021 05:38:09 GMT):
Has joined the channel.

nathanbn (Thu, 09 Dec 2021 11:48:02 GMT):
Has joined the channel.

TimoGlastra (Thu, 09 Dec 2021 13:11:24 GMT):
I think the weekly Aries WG call is a good place for these discussions

regiseloi (Thu, 09 Dec 2021 13:11:40 GMT):
The Aries working group's meeting agenda and minutes can be found here: https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group There are other working groups for specific implementation framework (such as ACA-Py and AFJ), but the main Aries working group is probably the right place to start. I believe there's a call planned for Wednesday next week, but I believe this will be the last meeting of what started as the "Aries mobile summit". @TelegramSam could you confirm?

murilo_silva (Thu, 09 Dec 2021 15:07:10 GMT):
Has joined the channel.

KMM 6 (Thu, 09 Dec 2021 15:13:09 GMT):
Has joined the channel.

swcurran (Thu, 09 Dec 2021 16:18:36 GMT):
That said, the interop work is done in code mostly. The tools for demonstrating interop are here: https://aries-interop.info and here: https://github.com/hyperledger/aries-agent-test-harness. We'd be glad to set up a meeting to discuss the details.

swcurran (Thu, 09 Dec 2021 16:19:03 GMT):
Please let me know what you need @darrell.odonnell

diane.lockhart2 (Thu, 09 Dec 2021 16:26:07 GMT):
Has joined the channel.

nikusingh (Thu, 09 Dec 2021 18:01:55 GMT):
Has joined the channel.

mahdiabdian (Thu, 09 Dec 2021 20:40:22 GMT):
Has joined the channel.

BoranCar (Thu, 09 Dec 2021 21:45:50 GMT):
Has joined the channel.

mvasavi (Fri, 10 Dec 2021 03:07:24 GMT):
Has joined the channel.

SargisDudaklyan (Fri, 10 Dec 2021 03:31:12 GMT):
Hi all. In the demo, there is an example with age verification. I am thinking of a solution that could work for moving age. Assume that you are 20 and you got were issued VC. Tomorrow you turned 21 and you would like to use your VCs to prove to a bartender that youre over 21. What is the best way to accomplish this without reissueing new VCs?

SargisDudaklyan (Fri, 10 Dec 2021 03:31:12 GMT):
Hi all. In the demo, there is an example with age verification. I am thinking of a solution that could work for moving age. Assume that you are 20 and you were issued VCs. Tomorrow you turned 21 and you would like to use your VCs to prove to a bartender that youre over 21. What is the best way to accomplish this without reissueing new VCs?

SargisDudaklyan (Fri, 10 Dec 2021 03:34:38 GMT):
i was thinking we could issue you're dob in unix timestamp and then when verifying if youre over 21, we will use todays date (in unix ts) minus 21 years (in unix ts) and compare that with your dob.

SargisDudaklyan (Fri, 10 Dec 2021 03:35:11 GMT):
would a solution like this work? or is there another preferred approach?

Aqusa (Fri, 10 Dec 2021 03:42:38 GMT):
Has joined the channel.

conanoc (Fri, 10 Dec 2021 07:22:01 GMT):
Your approach sounds good to me. It will definitely work.

rmdnsd (Fri, 10 Dec 2021 11:29:45 GMT):
Has joined the channel.

nebucaz (Fri, 10 Dec 2021 12:24:43 GMT):
Has joined the channel.

wlhowell (Fri, 10 Dec 2021 14:40:39 GMT):
Has joined the channel.

tabouzid (Fri, 10 Dec 2021 15:19:06 GMT):
Has joined the channel.

swcurran (Fri, 10 Dec 2021 15:35:12 GMT):
With AnonCreds, predicates only work with integers. As such, a Unix epoch (timestamp) can be used, but has the downside of being pretty ugly to display to the user. A clever solution that is used in the community is to have the DoB as an integer such as 20011013 (for 2001.10.13) and provide the argument for the predicate in the same way. Works well for dates, not so well for date time. This is part of Aries RFC 441 -- https://github.com/hyperledger/aries-rfcs/tree/main/concepts/0441-present-proof-best-practices#dates-and-predicates

swcurran (Fri, 10 Dec 2021 15:36:38 GMT):
We're also working on a separate way to enable proper display of data encoded in different ways, and if that approach proves viable, the Unix epoch approach might become more viable. We'll be talking about that at some of the upcoming Aries WG Calls if you are interesting.

AutoMAttic (Fri, 10 Dec 2021 19:10:31 GMT):
Has joined the channel.

SargisDudaklyan (Fri, 10 Dec 2021 20:13:09 GMT):
thanks all!

HyperledgerNewbie (Sat, 11 Dec 2021 23:52:04 GMT):
Has joined the channel.

brnhrd89 (Sun, 12 Dec 2021 03:18:25 GMT):
Has joined the channel.

sairanjitaw (Sun, 12 Dec 2021 13:47:07 GMT):
Has joined the channel.

PaulHaynes (Mon, 13 Dec 2021 12:55:48 GMT):
Has joined the channel.

arshdebian (Mon, 13 Dec 2021 14:44:02 GMT):
Has joined the channel.

talgar (Mon, 13 Dec 2021 23:33:21 GMT):
Has joined the channel.

TelegramSam (Tue, 14 Dec 2021 01:06:49 GMT):
Aries mobile summit tomorrow: UX and wrap-up! https://wiki.hyperledger.org/display/ARIES/2021-12-14+Aries+Summit+Session

kalyankonda (Tue, 14 Dec 2021 04:44:40 GMT):
Hello, I see that very old indy-sdk (1.11.1) (https://github.com/hyperledger/aries-cloudagent-python/blob/main/requirements.indy.txt) being used in even latest version of ACA-Py. If am I referring to right place, any specific reason to use older version of indy-sdk? Aprreciate your inputs. Thank you.

andrew.whitehead (Tue, 14 Dec 2021 05:16:03 GMT):
That’s a minimum version (for the python wrapper). We might want to increase that though

AutoMAttic (Tue, 14 Dec 2021 06:50:00 GMT):
Hey guys, Im quite new to this. I have been trying to create a new schema on http://dev.greenlight.bcovrin.vonx.io/ however, I get an AriesFrameworkException: Ledger operation rejected exception. I assume this is because my agent doesnt have the assigned role of an Endorser on the network? My question is how does one assign that role to an agent if that is the problem I am having?

kalyankonda (Tue, 14 Dec 2021 07:15:12 GMT):
Got confused...Is that python version or indy-sdk version? How do I know that which indy-sdk version is being used in latest aca-py version?

kbyokin (Tue, 14 Dec 2021 07:22:31 GMT):
Has joined the channel.

MehdiIda (Tue, 14 Dec 2021 08:12:14 GMT):
Has joined the channel.

fabric (Tue, 14 Dec 2021 12:40:25 GMT):
Has joined the channel.

whcjst (Tue, 14 Dec 2021 13:34:17 GMT):
Has joined the channel.

swcurran (Tue, 14 Dec 2021 15:01:53 GMT):
I believe it's picking up the latest, with the minimum set to 1.11.1, but we'll confirm. Certainly should be the latest.

TelegramSam (Tue, 14 Dec 2021 15:06:09 GMT):
Aries mobile summit tomorrow: UX and wrap-up! On NOW! https://wiki.hyperledger.org/display/ARIES/2021-12-14+Aries+Summit+Session

TarsoQueiroz (Tue, 14 Dec 2021 16:52:33 GMT):
Has joined the channel.

MattProto (Tue, 14 Dec 2021 22:34:58 GMT):
Has joined the channel.

AshwiniD 1 (Wed, 15 Dec 2021 05:14:59 GMT):
Has joined the channel.

baron0426 (Wed, 15 Dec 2021 08:47:45 GMT):
Has joined the channel.

kalyankonda (Wed, 15 Dec 2021 09:28:34 GMT):
Yes, it should pick up the latest indy-sdk only. Curious to know, when I can set/config that indy-sdk version I want to use.

TelegramSam (Wed, 15 Dec 2021 22:05:31 GMT):
Call to Participate - DIDComm User Group Now that the DIDComm v2 spec is nearing completion, and there are robust libraries in multiple programming languages, we are starting a user group to share learnings as we put DIDComm into production. We will organize community resources, produce a handbook, foster application-level protocol creation, maintain the didcomm.org website and repo, and recommend best practices. We invite anyone who's interested to register in the user group's email list or discord channel: Discord Invite: https://discord.gg/F4Qw7h6Sr9 Mailing list: https://lists.identity.foundation/g/didcomm-usergroup The first regular meeting will be held in January (10-14), with meeting selection to happen prior on the above communication methods. Although this UG is sponsored by DIF, this is not an IP-protected context. We won't be developing specs or working on standards. Thus, you don't have to be a member of any particular org to join, and there are no legal terms to review or paperwork to sign. Please join us!

mccown (Thu, 16 Dec 2021 00:24:53 GMT):
The final Identity Implementer's WG of 2021 is (tomorrow) Thurs Dec 16th @ 9am MT / 3pm UTC. In addition to reviewing several updates from some key SSI industry WGs, Daniel Hardman (SICPA) will be presenting on the new Gossyp Protocol. Wiki: https://wiki.hyperledger.org/display/IWG/2021-12-16+%3A+Identity+Implementers+WG+Call Zoom: https://zoom.us/my/hyperledger.community.3?pwd=UE90WHhEaHRqOGEyMkV3cldKa2d2dz09

Anthony022 (Thu, 16 Dec 2021 02:50:23 GMT):
Has joined the channel.

beifangfazhanlu (Thu, 16 Dec 2021 08:33:00 GMT):
Has joined the channel.

StepniowskiP (Thu, 16 Dec 2021 08:52:14 GMT):
Has joined the channel.

leonardoPereira (Thu, 16 Dec 2021 14:08:15 GMT):
Has joined the channel.

tdiesler (Thu, 16 Dec 2021 17:24:25 GMT):
Has joined the channel.

grzegorz.drozda (Thu, 16 Dec 2021 18:54:11 GMT):
Has joined the channel.

daiki.nakashima (Fri, 17 Dec 2021 04:18:29 GMT):
Has joined the channel.

Abcold (Fri, 17 Dec 2021 06:11:55 GMT):
Has joined the channel.

Amits1 (Fri, 17 Dec 2021 11:10:59 GMT):
Has joined the channel.

UnparagonedWisdom (Fri, 17 Dec 2021 13:02:27 GMT):
Has joined the channel.

ThreeJam (Fri, 17 Dec 2021 18:02:54 GMT):
Has joined the channel.

barcellosrod (Fri, 17 Dec 2021 21:24:19 GMT):
Has joined the channel.

deas (Fri, 17 Dec 2021 23:44:19 GMT):
Hey @TelegramSam @lynn.bendixsen @dbluhm et al - I missed the boat on signing up for this workshop https://wiki.hyperledger.org/display/events/Build+Your+Identity+Solution+Using+Hyperledger+Aries and have filled out the Google form for future interest, but would love to know if there's a way to waitlist myself. :pray: Thanks! (Wish I'd been tuned in earlier!)

TheRealJimShady (Sat, 18 Dec 2021 15:33:55 GMT):
Has joined the channel.

EdditLemons (Sat, 18 Dec 2021 17:43:11 GMT):
Has joined the channel.

JeenaDevasia (Sun, 19 Dec 2021 13:23:35 GMT):
Has joined the channel.

ayushridhar (Sun, 19 Dec 2021 18:02:22 GMT):
Has joined the channel.

samih 5 (Sun, 19 Dec 2021 18:04:25 GMT):
Has joined the channel.

jkvargas (Sun, 19 Dec 2021 18:52:01 GMT):
Has joined the channel.

sbohanlf (Mon, 20 Dec 2021 14:06:18 GMT):
Has joined the channel.

FabienFF (Mon, 20 Dec 2021 16:35:30 GMT):
Has joined the channel.

lynn.bendixsen (Mon, 20 Dec 2021 23:40:00 GMT):
Hi @deas! Thanks for your interest in the training. I don't think that there is a waitlist, but you can sign up for the next training(if there's enough interest) by followi9ng a link from here: https://chat.hyperledger.org/channel/indy

lynn.bendixsen (Mon, 20 Dec 2021 23:40:00 GMT):
Hi @deas! Thanks for your interest in the training. I don't think that there is a waitlist, but you can sign up for the next training(if there's enough interest) by following a link from here: https://chat.hyperledger.org/channel/indy

MBurnes (Mon, 20 Dec 2021 23:42:47 GMT):
Has joined the channel.

Yangshuangxi (Tue, 21 Dec 2021 06:57:19 GMT):
Has joined the channel.

nskishore1993 (Tue, 21 Dec 2021 08:03:01 GMT):
postgres

elchastro (Tue, 21 Dec 2021 10:46:26 GMT):
Has joined the channel.

skbalahere (Tue, 21 Dec 2021 16:49:35 GMT):
Has joined the channel.

a-p-petrosyan (Wed, 22 Dec 2021 08:11:42 GMT):
Has joined the channel.

ammaarpatel99 (Wed, 22 Dec 2021 10:07:16 GMT):
Has joined the channel.

Abhi-Mynam (Wed, 22 Dec 2021 11:34:09 GMT):
Has joined the channel.

DinuraSeneviratne1 (Wed, 22 Dec 2021 12:16:11 GMT):
Has joined the channel.

TimoGlastra (Wed, 22 Dec 2021 15:04:53 GMT):
Aries call not happening today?

swcurran (Wed, 22 Dec 2021 19:13:46 GMT):
BC Gov has posted a funded "Code With Us" Challenge for individuals/teams interested in updating Hyperledger Indy to support the new `did:indy` DID Method, specified [here](https://hyperledger.github.io/indy-did-method/). The opportunity and response guidelines are [posted here](https://digital.gov.bc.ca/marketplace/opportunities/code-with-us/e3dd1605-cc1d-4c30-a9ee-245940bccd0d). The total funding for the challenge is $70,000CDN and is divided into 4 phases. The first 3 phases require the use of Python working on the [Indy Node](https://github.com/hyperledger/indy-node) and [Indy Plenum](https://github.com/hyperledger/indy-plenum) repos, while the 4th phase requires Rust development in the [Indy VDR](https://github.com/hyperledger/indy-vdr) repo. Those responding may choose to apply for only the Python work, only the Rust work or both. Questions can be asked here or on the website hosting the opportunity. Applications for the challenge will be accepted up to January 10, 2022. and the work is expected to begin shortly after that date, with completion expected by March 31, 2022.

p.amrith (Thu, 23 Dec 2021 05:18:54 GMT):
Has joined the channel.

krishna1982 (Thu, 23 Dec 2021 06:20:21 GMT):
Has joined the channel.

Dixit 13 (Thu, 23 Dec 2021 07:06:44 GMT):
Has joined the channel.

KavyaR (Thu, 23 Dec 2021 11:44:40 GMT):
Has joined the channel.

sheldon.regular (Thu, 23 Dec 2021 15:55:14 GMT):
@RyanJJones 1 @WadeBarnes The [Aries Mobile Test Harness](https://github.com/bcgov/aries-mobile-test-harness) repo is ready to be moved from BCGov to the Hyperledger. At either of your earliest convenience, can you help with that?

WadeBarnes (Thu, 23 Dec 2021 15:56:48 GMT):
I'll scan it for any DCO issue first. cc @rjones

WadeBarnes (Thu, 23 Dec 2021 16:03:22 GMT):
It checks out

WadeBarnes (Thu, 23 Dec 2021 16:07:17 GMT):
@rjones, I've set you as an admin on the repo so you can transfer it. The name will remain the same.

WadeBarnes (Thu, 23 Dec 2021 16:09:10 GMT):
@sheldon.regular, once transferred please update any references to `https://github.com/bcgov/aries-mobile-test-harness` => `https://github.com/hyperledger/aries-mobile-test-harness`. I see at least one in the main README.md

sheldon.regular (Thu, 23 Dec 2021 16:09:52 GMT):
yes, roger that!

tahyonline (Thu, 23 Dec 2021 16:40:53 GMT):
Has joined the channel.

SkandaGurunathanR (Thu, 23 Dec 2021 19:10:44 GMT):
Has joined the channel.

mgrant (Fri, 24 Dec 2021 12:14:53 GMT):
Has joined the channel.

nandrews283 (Fri, 24 Dec 2021 13:59:04 GMT):
Has joined the channel.

zossimov (Sat, 25 Dec 2021 07:18:36 GMT):
I was trying to upload my app to Google Play Store, but they weren't allowing me to publish it. ``` Your app currently targets API level 29 and must target at least API level 30 to ensure it is built on the latest APIs optimized for security and performance. Change your app's target API level to at least 30. ``` **Changes in Manifest File** I then removed these permissions from Manifest File. ``` ``` **GetExternalFilesDirs()** And also used to `GetExternalFilesDirs()` to create folder, as per [android documentation][1] **Starting in Android 11, apps cannot create their own app-specific directory on external storage. To access the directory that the system provides for your app, call `getExternalFilesDirs()`.** So, I changed in code: `Path.Combine(FileSystem.CacheDirectory, config.Value);` **to** `Path.Combine(Android.App.Application.Context.GetExternalFilesDir(FileSystem.CacheDirectory).AbsolutePath, config.Value);` **Run time Permissions to Read & Write** When I removed Read & Write Permissions from Manifest file, I couldn't create folder, I enabled the run time permissions, without adding Read & Write permissions in manifest file, now I'm able to create folder. ``` await CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Camera); await CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Storage); ``` **Changes in MainActivity.cs** I also used `GetExternalFilesDir` in `MainActivity.cs`. ``` var host = App.BuildHost(typeof(PlatformModule).Assembly) .UseContentRoot(Android.App.Application.Context.GetExternalFilesDir(System.Environment.GetFolderPath( System.Environment.SpecialFolder.Personal)).AbsolutePath).Build(); // Android requires that we set content root. ``` And according to this [comment][2]: ``` var version = CrossDeviceInfo.Current.Version; if (int.Parse(version) >= 11) { Android.Systems.Os.Setenv("EXTERNAL_STORAGE", GetExternalFilesDir(null).AbsolutePath, true); } ``` **Action Required: Your app is not compliant with Google Play Policies** After all these changes, I'm unable to publish app on Play store. Received an email: **Issue: Need to use Media Store API or No Access to Files** *You have requested access to All Files Access permission but it appears that your app's core feature requires access to only Media Files or does not need access to any Files. In case your app needs access to Media Files, with the MediaStore API, apps can contribute and access media that's available on an external storage volume without the need for the access all files permission.* *Please update your app so that the feature uses Media Store APIs and remove All Files Access (MANAGE_EXTERNAL_STORAGE) permission.* [1]: https://developer.android.com/about/versions/11/privacy/storage#app-specific-external [2]: https://github.com/hyperledger/aries-framework-dotnet/issues/195#issuecomment-947378147

zossimov (Sat, 25 Dec 2021 07:18:36 GMT):
I was trying to upload my app to Google Play Store, but they weren't allowing me to publish it. ``` Your app currently targets API level 29 and must target at least API level 30 to ensure it is built on the latest APIs optimized for security and performance. Change your app's target API level to at least 30. ``` **Changes in Manifest File** I then removed these permissions from Manifest File. ``` ``` **GetExternalFilesDirs()** And also used to `GetExternalFilesDirs()` to create folder, as per android documentation (https://developer.android.com/about/versions/11/privacy/storage#app-specific-external) **Starting in Android 11, apps cannot create their own app-specific directory on external storage. To access the directory that the system provides for your app, call `getExternalFilesDirs()`.** So, I changed in code: `Path.Combine(FileSystem.CacheDirectory, config.Value);` **to** `Path.Combine(Android.App.Application.Context.GetExternalFilesDir(FileSystem.CacheDirectory).AbsolutePath, config.Value);` **Run time Permissions to Read & Write** When I removed Read & Write Permissions from Manifest file, I couldn't create folder, I enabled the run time permissions, without adding Read & Write permissions in manifest file, now I'm able to create folder. ``` await CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Camera); await CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Storage); ``` **Changes in MainActivity.cs** I also used `GetExternalFilesDir` in `MainActivity.cs`. ``` var host = App.BuildHost(typeof(PlatformModule).Assembly) .UseContentRoot(Android.App.Application.Context.GetExternalFilesDir(System.Environment.GetFolderPath( System.Environment.SpecialFolder.Personal)).AbsolutePath).Build(); // Android requires that we set content root. ``` And according to this comment (https://github.com/hyperledger/aries-framework-dotnet/issues/195#issuecomment-947378147): ``` var version = CrossDeviceInfo.Current.Version; if (int.Parse(version) >= 11) { Android.Systems.Os.Setenv("EXTERNAL_STORAGE", GetExternalFilesDir(null).AbsolutePath, true); } ``` **Action Required: Your app is not compliant with Google Play Policies** After all these changes, I'm unable to publish app on Play store. Received an email: **Issue: Need to use Media Store API or No Access to Files** *You have requested access to All Files Access permission but it appears that your app's core feature requires access to only Media Files or does not need access to any Files. In case your app needs access to Media Files, with the MediaStore API, apps can contribute and access media that's available on an external storage volume without the need for the access all files permission.* *Please update your app so that the feature uses Media Store APIs and remove All Files Access (MANAGE_EXTERNAL_STORAGE) permission.*

lvillar (Sun, 26 Dec 2021 03:30:53 GMT):
Has joined the channel.

friendlyhacker (Sun, 26 Dec 2021 07:12:36 GMT):
Has joined the channel.

skittlez1522 (Mon, 27 Dec 2021 03:32:38 GMT):
Has joined the channel.

conanoc (Mon, 27 Dec 2021 09:23:14 GMT):
You could use `GetFilesDir` which locates the android internal storage path instead of `GetExternalFilesDir`. And then the storage permissions will not be needed.

sudharsan.s (Mon, 27 Dec 2021 09:42:17 GMT):
Has joined the channel.

yogi-cw (Mon, 27 Dec 2021 12:07:41 GMT):
Has joined the channel.

marya1 (Mon, 27 Dec 2021 14:19:56 GMT):
Has joined the channel.

GrzegorzDrozda (Mon, 27 Dec 2021 19:18:55 GMT):
Has joined the channel.

omkar-mohanty (Tue, 28 Dec 2021 04:07:33 GMT):
Has joined the channel.

hejte (Tue, 28 Dec 2021 11:00:16 GMT):
Has joined the channel.

EmSpireInc (Tue, 28 Dec 2021 11:52:59 GMT):
Has joined the channel.

Xcerla (Tue, 28 Dec 2021 21:24:50 GMT):
Has joined the channel.

Ranbowhu (Wed, 29 Dec 2021 14:25:51 GMT):
Has joined the channel.

IraqReshi (Thu, 30 Dec 2021 07:27:29 GMT):
Has joined the channel.

ayushraj8271 (Thu, 30 Dec 2021 08:26:53 GMT):
Hey everyone ! This is Ayush .I want to contribute to the hyperledger Aries codebase where can I get started understand it ?? Can anyone help me??

dev2020 (Thu, 30 Dec 2021 09:09:04 GMT):
Has joined the channel.

SeanBohan (Thu, 30 Dec 2021 15:58:44 GMT):
hi @ayushraj8271 you can start here with the wiki page: https://wiki.hyperledger.org/display/aries then check out the "Becoming and Aries Developer": https://www.edx.org/course/becoming-a-hyperledger-aries-developer then check out the github: https://github.com/hyperledger/aries Next week the community calls will be restarting. There is also a workshop happening Jan 20, but registration is closed. You can signup on this page to register for the next one if there is enough interest: https://wiki.hyperledger.org/display/events/Build+Your+Identity+Solution+Using+Hyperledger+Aries

SeanBohan (Thu, 30 Dec 2021 15:59:00 GMT):
WELCOME!

gaurav471 (Thu, 30 Dec 2021 19:06:16 GMT):
Has joined the channel.

MojoCoderBo (Fri, 31 Dec 2021 07:11:55 GMT):
Has joined the channel.

Ojas365 (Fri, 31 Dec 2021 09:16:25 GMT):
Has joined the channel.

parnika24 (Fri, 31 Dec 2021 10:59:12 GMT):
Has joined the channel.

kareemikassab (Fri, 31 Dec 2021 12:33:00 GMT):
Has joined the channel.

MaximeBarbet (Fri, 31 Dec 2021 15:16:54 GMT):
Has joined the channel.

vp10905353 (Fri, 31 Dec 2021 19:14:17 GMT):
Has joined the channel.

jsolderitsch (Fri, 31 Dec 2021 21:49:56 GMT):
Has joined the channel.

manjinder98 (Sat, 01 Jan 2022 14:36:47 GMT):
Has joined the channel.

bshada (Sat, 01 Jan 2022 20:36:04 GMT):
Has joined the channel.

kma-blockchain (Sun, 02 Jan 2022 09:20:05 GMT):
Has joined the channel.

yangzifeng1995 (Sun, 02 Jan 2022 10:14:14 GMT):
Has joined the channel.

ManjinderSingh (Sun, 02 Jan 2022 10:43:32 GMT):
Has joined the channel.

zossimov (Sun, 02 Jan 2022 10:56:28 GMT):
Thanks, I'll try this and my current Manifest File looks like this. I haven't added Storage Permissions in that. ``` ```

Nishantsharma12 (Sun, 02 Jan 2022 13:25:13 GMT):
Has joined the channel.

zossimov (Sun, 02 Jan 2022 17:04:59 GMT):
There isn't any function available in C#: `Android.App.Application.Context.GetFilesDir();`. Instead these are available: ``` Android.App.Application.Context.GetDir(); Android.App.Application.Context.GetExternalFilesDir(); Android.App.Application.Context.GetExternalFilesDirs(); ```

conanoc (Mon, 03 Jan 2022 03:00:10 GMT):
I would use `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` in Xamarin. https://docs.microsoft.com/en-us/xamarin/android/platform/files/

HackyCoder0951 (Mon, 03 Jan 2022 08:24:19 GMT):
Has joined the channel.

kalyankonda (Mon, 03 Jan 2022 09:44:37 GMT):
Hello All,

kalyankonda (Mon, 03 Jan 2022 11:30:34 GMT):
I understand that Aries is supporting string/text data type alone currently. Any idea on supporting complex data types (such as documents, images etc.) along with other common data types ( such as date, bool, decimal numbers etc.). Thank you.

zossimov (Mon, 03 Jan 2022 12:09:59 GMT):
Yes, that's what I was using earlier.. same issue.. please have a look on this GitHub Issue: https://github.com/hyperledger/aries-mobile-agent-xamarin/issues/53

tanujdev (Mon, 03 Jan 2022 16:22:38 GMT):
Has joined the channel.

kinagimanju (Mon, 03 Jan 2022 16:42:30 GMT):
Has joined the channel.

richardspeter (Mon, 03 Jan 2022 19:05:44 GMT):
Has joined the channel.

loganb 6 (Mon, 03 Jan 2022 21:45:18 GMT):
Has joined the channel.

skittlez1522 (Mon, 03 Jan 2022 22:12:11 GMT):
Hey all, I am trying to figure out the differences between Indy and Aries and the correlation they have. Can anyone explain that to me?

WadeBarnes (Mon, 03 Jan 2022 22:18:11 GMT):
The short version: Aries was (originally) built on Indy and incorporates several layers of abstraction that hide many of the technical complexities of Indy and allow a developer to concentrate on developing the business logic for their application.

skittlez1522 (Mon, 03 Jan 2022 22:23:07 GMT):
Is Aries still built on indy?

WadeBarnes (Mon, 03 Jan 2022 23:07:07 GMT):
It still uses Indy, but there are separate shared RUST libraries being developed to overcome some scaling limitations of the indy-sdk. The one of which is https://github.com/hyperledger/aries-askar that Aries can now optionally use.

haruharu (Tue, 04 Jan 2022 01:10:29 GMT):
Has joined the channel.

zondervan.v.calvez (Tue, 04 Jan 2022 01:43:37 GMT):
Has joined the channel.

micoferdinand (Tue, 04 Jan 2022 01:50:08 GMT):
Has joined the channel.

conanoc (Tue, 04 Jan 2022 01:50:11 GMT):
According to the issue you linked, you are using `Android.App.Application.Context.GetExternalFilesDir(FileSystem.CacheDirectory)` which use the external storage not the internal storage.

aldous.arvin.alvarez (Tue, 04 Jan 2022 01:53:10 GMT):
Has joined the channel.

charellesandig (Tue, 04 Jan 2022 02:09:52 GMT):
Has joined the channel.

zossimov (Tue, 04 Jan 2022 07:17:03 GMT):
So, I should use `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` ?

suomea (Tue, 04 Jan 2022 08:36:08 GMT):
Has joined the channel.

conanoc (Tue, 04 Jan 2022 08:55:35 GMT):
Sorry. I'm confused that I may need permission to use external storage, but I don't need permission to use external storage just for app-specific dirs. So, you can use external storage without permission. The problem seems to be this: `GetExternalFilesDir(FileSystem.CacheDirectory)`

conanoc (Tue, 04 Jan 2022 08:57:02 GMT):
`GetExternalFilesDir` takes `type` as a parameter, but you used the wrong one.

conanoc (Tue, 04 Jan 2022 09:03:42 GMT):
Cache dir should be `FileSystem.CacheDirectory` as before, and the content root should be `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` instead of `Android.App.Application.Context.GetExternalFilesDir(System.Environment.GetFolderPath( System.Environment.SpecialFolder.Personal)).AbsolutePath`

conanoc (Tue, 04 Jan 2022 09:03:42 GMT):
Cache dir should be `FileSystem.CacheDirectory` as before, and the content root should be `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` instead of `Android.App.Application.Context.GetExternalFilesDir(System.Environment.GetFolderPath(System.Environment.SpecialFolder.Personal)).AbsolutePath`

mr3e (Tue, 04 Jan 2022 09:23:40 GMT):
Has joined the channel.

zossimov (Tue, 04 Jan 2022 10:16:11 GMT):
`System.Environment.GetFolderPath(FileSystem.CacheDirectory)` Connot convert `string` to `System.Environment.SpecialFolder`

zossimov (Tue, 04 Jan 2022 10:38:52 GMT):
These are some of the folders I'm accessing in the app. Should I use this `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` for all of them? `Android.App.Application.Context.GetExternalFilesDir(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)).AbsolutePath` `Android.App.Application.Context.GetExternalFilesDir(FileSystem.CacheDirectory).AbsolutePath` `Android.App.Application.Context.GetExternalFilesDir(FileSystem.AppDataDirectory).AbsolutePath`

vborisik (Tue, 04 Jan 2022 11:18:11 GMT):
Has joined the channel.

AlaeEddineLahlali (Tue, 04 Jan 2022 14:04:33 GMT):
Has joined the channel.

zossimov (Tue, 04 Jan 2022 14:54:26 GMT):
``` var filesDir = Xamarin.Essentials.FileSystem.CacheDirectory; var genesisFile = Path.Combine(filesDir, "genesis.txn"); ``` On Android 11, it gave an IO Exception on Pool Creation.

billet75 (Tue, 04 Jan 2022 15:14:29 GMT):
Has joined the channel.

arvieira (Tue, 04 Jan 2022 15:41:51 GMT):
Has joined the channel.

damiandennis (Tue, 04 Jan 2022 18:46:56 GMT):
Has joined the channel.

swcurran (Tue, 04 Jan 2022 19:31:52 GMT):
Indy AnonCreds supports strings and integers. All strings are hashed into an integer, and it is the integer that is actually signed - as defined here: https://github.com/hyperledger/aries-rfcs/tree/main/features/0036-issue-credential#encoding-claims-for-indy-based-verifiable-credentials As such, it is possible (and has been done) to encode different data types into strings -- e.g. base64 images to text. To do that, both the issuer and the verifier (at least) and usually the holder have to agree about the format of the strings -- how to decode them. We are currently looking at the possibility of using Overlays Capture Architecture (OCA) as a way for the issuer to express what they are issuing. We're primarily looking at OCA for localization (multi-language support of labels on data), but data formats would also be supported. https://humancolossus.foundation/blog/cjzegoi58xgpfzwxyrqlroy48dihwz

swcurran (Tue, 04 Jan 2022 19:36:26 GMT):
Generically, Aries protocols support multiple DID Methods (including Indy DIDs/ledgers, but also did:key, did:orb, etc.) and verifiable credential formats (including AnonCreds which is in the Indy SDK and W3C VCs). Different Aries deployments support a range of DID Methods and VC formats -- most support Indy DIDs and AnonCreds, some support other DID Methods and W3C VCs and some support both.

Nocturne (Wed, 05 Jan 2022 00:22:10 GMT):
Has joined the channel.

conanoc (Wed, 05 Jan 2022 02:28:07 GMT):
I cannot imagine any of the two lines above could throw IOException. Can you show the details of the IOException? Beside that, why do you use cache dir for the genesis file?

conanoc (Wed, 05 Jan 2022 02:28:07 GMT):
Can you show the details of the IOException? Beside that, why do you use cache dir for the genesis file?

zossimov (Wed, 05 Jan 2022 07:07:02 GMT):
``` Couldn't create pool config: Hyperledger.Indy.IOException: An IO error occurred. at Hyperledger.Aries.Ledger.DefaultPoolService.CreatePoolAsync (System.String poolName, System.String genesisFile) [0x00072] in :0 at Osma.Mobile.App. Services.PoolConfigurator.ConfigurePoolsAsync() [0x00241] in :0 ```

zossimov (Wed, 05 Jan 2022 07:33:04 GMT):
https://github.com/hyperledger/aries-mobile-agent-xamarin/blob/main/src/Hyperledger.Aries.Max/Services/PoolConfigurator.cs#L42 `var filename = Path.Combine(FileSystem.CacheDirectory, "genesis.txn");`

zossimov (Wed, 05 Jan 2022 07:33:24 GMT):
What will u recommend then?

PunleuChomnan (Wed, 05 Jan 2022 09:22:18 GMT):
Has joined the channel.

conanoc (Wed, 05 Jan 2022 10:09:41 GMT):
I see. It could be treated as a cache file, but it could also be treated as an application resource and you could use `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)` if `FileSystem.CacheDirectory` has some issues.

zossimov (Wed, 05 Jan 2022 10:26:27 GMT):
do I need to add `android:requestLegacyExternalStorage="true"` in Manifest file?

zossimov (Wed, 05 Jan 2022 10:39:23 GMT):
Hi, we've been trying to implement https on our mediator/issuer/verifier/mobile agent. We also enabled [UseMessageTypesHttps](https://github.com/hyperledger/aries-framework-dotnet/blob/e06398d3c2c16d43d0ca0e64ce3d5180d7904f15/src/Hyperledger.Aries/Configuration/AgentOptions.cs#L178) in agent configuration. Our agents are deployed on AWS EC2 servers with SSL enabled. Is there anything else we have to change in the code? or in the configuration? any resources on that? Regards

zossimov (Wed, 05 Jan 2022 10:46:00 GMT):
Hi, we've been trying to implement https on our mediator/issuer/verifier/mobile agent. We also enabled [UseMessageTypesHttps](https://github.com/hyperledger/aries-framework-dotnet/blob/e06398d3c2c16d43d0ca0e64ce3d5180d7904f15/src/Hyperledger.Aries/Configuration/AgentOptions.cs#L178) in agent configuration. Our agents are deployed on AWS EC2 servers with SSL enabled. Still not working. Is there anything else we have to change in the code? or in the configuration? any resources on that? @troyronda [asks] (https://github.com/hyperledger/aries-framework-go/pull/2655#discussion_r598255549) for https prefix for PIURI as the default in dotnet framework. any update on that? cc: @swcurran @andrew.whitehead @tomislav Regards

zossimov (Wed, 05 Jan 2022 10:46:00 GMT):
Hi, we've been trying to implement https on our mediator/issuer/verifier/mobile agent. We also enabled [UseMessageTypesHttps](https://github.com/hyperledger/aries-framework-dotnet/blob/e06398d3c2c16d43d0ca0e64ce3d5180d7904f15/src/Hyperledger.Aries/Configuration/AgentOptions.cs#L178) in agent configuration. Our agents are deployed on AWS EC2 servers with SSL enabled. Still not working. Is there anything else we have to change in the code? or in the configuration? any resources on that? @troyronda [asks](https://github.com/hyperledger/aries-framework-go/pull/2655#discussion_r598255549) for https prefix for PIURI as the default in dotnet framework. any update on that? @swcurran @andrew.whitehead @tomislav Regards

zossimov (Wed, 05 Jan 2022 10:46:00 GMT):
Hi, we've been trying to implement https on our mediator/issuer/verifier/mobile agent. We also enabled [UseMessageTypesHttps](https://github.com/hyperledger/aries-framework-dotnet/blob/e06398d3c2c16d43d0ca0e64ce3d5180d7904f15/src/Hyperledger.Aries/Configuration/AgentOptions.cs#L178) in agent configuration. Our agents are deployed on AWS EC2 servers with SSL enabled. Still not working. Is there anything else we have to change in the code? or in the configuration? any resources on that? @troyronda [asks](https://github.com/hyperledger/aries-framework-go/pull/2655#discussion_r598255549) for https prefix for PIURI as the default in dotnet framework. any update on that? @swcurran @andrew.whitehead @tomislav

hacke (Wed, 05 Jan 2022 10:52:38 GMT):
Hi everybody how can I retrieve the private/public key of a DIDconnection using 'myDID' ? I need the keys for signing a Presentation thanks for supporting

zossimov (Wed, 05 Jan 2022 11:47:25 GMT):
I used `System.Environment.GetFolderPath(System.Environment.SpecialFolder. ApplicationData)`. and removed the `android:requestLegacyExternalStorage="true"` in Manifest file. Same Pool error.

tomislav (Wed, 05 Jan 2022 12:35:48 GMT):
Are you asking about `https` in the message type names or network communication? To my understanding, switching the UseMessageTypesHttps will enable it for the type names.

tomislav (Wed, 05 Jan 2022 12:38:05 GMT):
As far as using it for network communication, that's dependent on your agent and server communication. Most commonly this is done by intercepting traffic using a proxy (like nginx or envoy), terminate TLS and route it to your agent. As far as TLS setups, this is dependent on your cloud/dns provider.

zossimov (Wed, 05 Jan 2022 13:07:36 GMT):
For both. If I switch to `UseMessageTypesHttps`, do I have to make changes in the Controllers (Connections, Credentials, Proof)?

tomislav (Wed, 05 Jan 2022 13:09:07 GMT):
Based on the comment on that property, I would say no. ``` /// Gets or sets the value for UseMessageTypesHttps. /// Only affects messages created by the default services, /// if you create additional messages you have to set the useMessageTypesHttps via ctor too ```

kalyankonda (Wed, 05 Jan 2022 13:45:48 GMT):
Inconsistent behavior when issuing multiple credentials in sequential. Some of the issuances are failing with error "400 Revocation registry metadata not found". Agent version: 0.7.2 Wallet-type: askar Agent API invoking from Controller: /issue-credential/records/{credential_exchange_id}/issue Note that issue is not consistent and happening only when we use wallet type as askar (when we tested with indy as wallet type then no errors). Let’s say when we issue 10 credentials, sometimes all 10 are getting succeeded and sometimes few requests are failing with above error. The error rate is proportional when we go for bulk runs. Recently, we have upgraded agent to 0.7.2 version and wanted to understand if we are missing anything. Below are the command line parameters (values are masked for security reasons). [ "/bin/bash", "-c", " aca-py start -it http 0.0.0.0 10000 -ot http --admin 0.0.0.0 5000 -e http://abcagent:10000 --wallet-type askar --auto-provision --log-level debug --seed --genesis-url http://test.bcovrin.vonx.io/genesis --label 'Example label' --admin-insecure-mode --auto-respond-messages --wallet-storage-type postgres_storage --wallet-storage-config '{"url":"abcpostgresserver:5432","wallet_scheme":"DatabasePerWallet"}' --wallet-storage-creds '{"account":"abcuser","password":"abcpassword","admin_account":"abcuser","admin_password":"abcpassword"}' --wallet-name wallet-askar --wallet-key dicept_key --tails-server-base-url http://abctailserver:6543" ] Issue raised in github: https://github.com/hyperledger/aries-cloudagent-python/issues/1586 Let me know if I can provide more info. Any pointers are highly appreciated. Thank you.

zossimov (Wed, 05 Jan 2022 13:52:47 GMT):
Thanks for the help. Will try this and let you know.

bruno.hivert (Wed, 05 Jan 2022 14:31:30 GMT):
Has joined the channel.

bruno.hivert (Wed, 05 Jan 2022 14:31:30 GMT):
Hello ! First, happy new year 2022 to all of you and your relatives, wishing your the best health. There is an aries working group supposedly scheduled today https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings Is is still on ?

VenessaK (Wed, 05 Jan 2022 14:38:11 GMT):
Has joined the channel.

TelegramSam (Wed, 05 Jan 2022 14:39:26 GMT):
Reminder: No Aries WG call today. Next week is our first one back after the holiday break.

hacke (Wed, 05 Jan 2022 15:06:39 GMT):
Solved: - receive the did.DocResolution by calling VDRegistry().Resolve(myDID) - create the kid (Key-ID) by calling localkms.CreateKID(didDoc.VerificationMethod[0].Value, kms.ED25519Type) - receive the keyHandler by calling KMS().Get(kid) - create a singer struct similiar to pkg/controller/command/verifiable/command.go

Zeddrich (Wed, 05 Jan 2022 15:59:11 GMT):
Has joined the channel.

sheldon.regular (Wed, 05 Jan 2022 20:51:56 GMT):
@WadeBarnes @rjones Any update on the move of AMTH to Hyperledger? Thanks.

PureBlack (Thu, 06 Jan 2022 01:07:47 GMT):
Has joined the channel.

esainty (Thu, 06 Jan 2022 01:20:07 GMT):
Has joined the channel.

pvsmagbojos (Thu, 06 Jan 2022 04:37:42 GMT):
Has joined the channel.

ntlm (Thu, 06 Jan 2022 05:38:38 GMT):
Has joined the channel.

obioram (Thu, 06 Jan 2022 06:36:50 GMT):
Has joined the channel.

ayush5936 (Thu, 06 Jan 2022 06:38:39 GMT):
Has joined the channel.

conanoc (Thu, 06 Jan 2022 08:17:08 GMT):
I tried it myself and I could reproduce the same io error. But, the error did not occur when I added `Android.Systems.Os.Setenv("EXTERNAL_STORAGE", GetExternalFilesDir(null).AbsolutePath, true);` CacheDirectory was not a problem. I suspect the version checking using the `CrossDeviceInfo` is the culprit. And you don't have to check the version. That env variable is preferred for any version of android.

Teharjula (Thu, 06 Jan 2022 09:59:20 GMT):
Has joined the channel.

zossimov (Thu, 06 Jan 2022 11:45:37 GMT):
I set the `EXTERNAL_STORAGE` in `MainActivity.cs` to: `Android.Systems.Os.Setenv("EXTERNAL_STORAGE", System.Environment.GetFolderPath(System.Environment.SpecialFolder.ApplicationData), true);` and removed the `requestLegacyExternalStorage` from `AndroidMainfest.xml` file. Now, on Android 9, 10, 11, the Wallet & Pool is being created. No `indy_client` folder in external storage anymore. And Credential Issuance, Revocation and Verification is working perfectly fine. But still can't upload on `Play Store`, same issue. I analyzed the `.apk` using `Analyze APK` feature in Android Studio, and in that, `AndroidMainfest.xml` has `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE`, while in my project's `AndroidMainfest.xml` file there isn't any `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions. Though, I ask for `CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Storage)` on run time, but when I removed it and Analyzed the APK, still it includes `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions in Manfiest file.

zossimov (Thu, 06 Jan 2022 11:45:37 GMT):
I set the `EXTERNAL_STORAGE` in `MainActivity.cs` to: `Android.Systems.Os.Setenv("EXTERNAL_STORAGE", System.Environment.GetFolderPath(System.Environment.SpecialFolder.ApplicationData), true);` and removed the `requestLegacyExternalStorage` from `AndroidMainfest.xml` file. Now, on `Android 9`, `10`, `11`, the `Wallet` & `Pool` is being created. No `indy_client` folder in external storage anymore. And Credential Issuance, Revocation and Verification is working perfectly fine. But still can't upload on `Play Store`, same issue. I analyzed the `.apk` using `Analyze APK` feature in Android Studio, and in that, `AndroidMainfest.xml` has `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE`, while in my project's `AndroidMainfest.xml` file there isn't any `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions. Though, I ask for `CrossPermissions.Current.CheckPermissionStatusAsync(Permission.Storage)` on run time, but when I removed it and Analyzed the APK, still it includes `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions in Manifest file.

DIBYENDUBAG (Thu, 06 Jan 2022 11:51:23 GMT):
Has joined the channel.

zossimov (Thu, 06 Jan 2022 12:03:38 GMT):
@tomislav @TimoGlastra

zossimov (Thu, 06 Jan 2022 12:03:38 GMT):
any thoughts @tomislav @TimoGlastra?

Paul_Tabled (Thu, 06 Jan 2022 12:09:11 GMT):
Has joined the channel.

WadeBarnes (Thu, 06 Jan 2022 13:04:14 GMT):
The repo is ready for @rjones to move.

DIBYENDUBAG (Thu, 06 Jan 2022 13:53:38 GMT):
Facing problems while issuing credentials in a sequential manner. Some of the transactions is resulting in below error and credentials are not getting issued successfully ERROR:asyncio:Task exception was never retrieved future: exception=KeyError('state',)> Traceback (most recent call last): File "/home/indy/demo/runners/agent_container.py", line 144, in handle_issue_credential state = message["state"] KeyError: 'state' Please note that issue is seen sporadically while using wallet type as askar. It can be considered like 2 out of 10 transaction is resulting in this error. Agent version: 0.7.2 Wallet-type: askar Agent API invoking from Controller: /issue-credential/records/{credential_exchange_id}/issue Issue raised in github: https://github.com/hyperledger/aries-cloudagent-python/issues/1588 Please let me know incase more information is required. Any suggestions/solution will be highly helpful.

jas191 (Thu, 06 Jan 2022 14:12:47 GMT):
Has joined the channel.

WadeBarnes (Thu, 06 Jan 2022 15:10:07 GMT):
@sheldon.regular, the repo has been transferred. @rjones will be updating the permissions on the repo later today.

sheldon.regular (Thu, 06 Jan 2022 15:10:33 GMT):
Wonderful! Thank you!

MyeongheeJoung (Thu, 06 Jan 2022 18:37:47 GMT):
Has joined the channel.

Sergioco 2 (Thu, 06 Jan 2022 19:50:04 GMT):
Has joined the channel.

Tenno (Fri, 07 Jan 2022 01:57:15 GMT):
Has left the channel.

kalyankonda (Fri, 07 Jan 2022 01:59:34 GMT):
Just to add more info.... This error is coming from Alice controller. We have Alice as Holder from Alice Faber Demo.

conanoc (Fri, 07 Jan 2022 02:02:17 GMT):
Check your AssemblyInfo.cs file. https://github.com/xamarin/Xamarin.Forms/issues/8780

zossimov (Fri, 07 Jan 2022 06:12:35 GMT):
yes. I removed it from `AssemblyInfo.cs` too.. Same Issue.. Maybe they can be merged from the dependent library. Is there any way to check if the library used have those permissions in their Manifest file.

conanoc (Fri, 07 Jan 2022 08:03:10 GMT):
I don't think the libraries can affect the manifest file. How about try a clean build and make sure that it's a release build.

zossimov (Fri, 07 Jan 2022 11:21:36 GMT):
I looked into it and found this article *[How Libraries can silently add permissions to your Android App][https://medium.com/glucosio-project/how-libraries-can-silently-add-permissions-to-your-android-app-620911d7de6c]* and the *[Fix][https://github.com/Glucosio/glucosio-android/commit/2f48b314b82a252df2ca20cd2811c464e965887b]*. **It Worked**. But I'm using camera, and I was storing these pictures in the `Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)`. Which requires `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions. So, I replace the path with `FileSystem.CacheDirectory` and it worked (Intenral Storage doesn't requires Read and Write Permissions in Manifest file).

zossimov (Fri, 07 Jan 2022 11:21:36 GMT):
I looked into it and found this article https://medium.com/glucosio-project/how-libraries-can-silently-add-permissions-to-your-android-app-620911d7de6c and the https://github.com/Glucosio/glucosio-android/commit/2f48b314b82a252df2ca20cd2811c464e965887b. **It Worked**. But I'm using camera, and I was storing these pictures in the `Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)`. Which requires `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions. So, I replace the path with `FileSystem.CacheDirectory` and it worked (Intenral Storage doesn't requires Read and Write Permissions in Manifest file).

zossimov (Fri, 07 Jan 2022 11:21:36 GMT):
I looked into it and found this Article: https://medium.com/glucosio-project/how-libraries-can-silently-add-permissions-to-your-android-app-620911d7de6c and the Fix: https://github.com/Glucosio/glucosio-android/commit/2f48b314b82a252df2ca20cd2811c464e965887b. **It Worked**. But I'm using camera, and I was storing these pictures in the `Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)`. Which requires `WRITE_EXTERNAL_STORAGE` and `READ_EXTERNAL_STORAGE` permissions. So, I replace the path with `FileSystem.CacheDirectory` and it worked (Intenral Storage doesn't requires Read and Write Permissions in Manifest file).

zossimov (Fri, 07 Jan 2022 11:25:16 GMT):
@conanoc thank a lot for helping :) .. this is the Issue I opened: https://github.com/hyperledger/aries-mobile-agent-xamarin/issues/53 .. I document everything there, in case you need it.. thanks again :)

mzago (Fri, 07 Jan 2022 16:04:36 GMT):
Has joined the channel.

pawlak (Fri, 07 Jan 2022 17:12:47 GMT):
Has joined the channel.

gouthamdk (Sat, 08 Jan 2022 07:03:23 GMT):
Has joined the channel.

iraq17 (Sat, 08 Jan 2022 09:47:37 GMT):
Has joined the channel.

neetusharma (Sat, 08 Jan 2022 11:26:00 GMT):
Has joined the channel.

mjs19780 (Sat, 08 Jan 2022 20:14:40 GMT):
Has joined the channel.

SAYED94 (Sat, 08 Jan 2022 20:33:45 GMT):
Has joined the channel.

wifisunset94 (Sat, 08 Jan 2022 22:06:03 GMT):
Has joined the channel.

sayraj (Sun, 09 Jan 2022 08:49:21 GMT):
Has joined the channel.

Tushar199 1 (Sun, 09 Jan 2022 13:26:11 GMT):
Has joined the channel.

conanoc (Mon, 10 Jan 2022 05:53:03 GMT):
I'm glad to hear that you found the solution. I also learned a lot from this issue.

akhmad_219 (Mon, 10 Jan 2022 08:27:50 GMT):
Has joined the channel.

iamit-singh (Mon, 10 Jan 2022 09:18:23 GMT):
Has joined the channel.

arieger (Mon, 10 Jan 2022 10:44:51 GMT):
Has joined the channel.

amitgarg12 (Mon, 10 Jan 2022 11:44:30 GMT):
Has joined the channel.

Anasalamin (Mon, 10 Jan 2022 13:30:25 GMT):
hello everyone, is there any example implementation of cloud mediators for mobile wallets? i searched everywhere but i couldn't seem to find one.

antauloglou (Mon, 10 Jan 2022 15:38:19 GMT):
Has joined the channel.

swcurran (Mon, 10 Jan 2022 15:46:04 GMT):
There is a new repo called "aries-mediator-service" that is to be used as a mediator. It is a pre-configured version of ACA-Py. It should be useful for both developers wanting to spin up their own, or as the basis for a production mediator. https://github.com/hyperledger/aries-mediator-service

TelegramSam (Mon, 10 Jan 2022 16:23:01 GMT):
On this Wed Aries WG call, we will be discussing the OOB Community Coordinated Update, please come prepared to share your progress and plans!

TimoGlastra (Mon, 10 Jan 2022 16:26:08 GMT):
@jakubkoci

inttrading (Mon, 10 Jan 2022 17:11:44 GMT):
Has joined the channel.

samyakjain (Tue, 11 Jan 2022 04:42:54 GMT):
Has joined the channel.

KodeCracker (Tue, 11 Jan 2022 04:52:15 GMT):
Has joined the channel.

tongYuSir (Tue, 11 Jan 2022 06:49:37 GMT):
Has joined the channel.

hrishiballal (Tue, 11 Jan 2022 08:54:28 GMT):
Has joined the channel.

prashantr (Tue, 11 Jan 2022 09:26:11 GMT):
Has joined the channel.

Rahul11132133 (Tue, 11 Jan 2022 10:29:42 GMT):
Has joined the channel.

p10010 (Tue, 11 Jan 2022 12:10:09 GMT):
Has joined the channel.

samyak314 (Tue, 11 Jan 2022 12:35:59 GMT):
Has joined the channel.

Ammar1974 (Tue, 11 Jan 2022 18:20:46 GMT):
Has joined the channel.

raghunathanp95 (Tue, 11 Jan 2022 20:17:40 GMT):
Has joined the channel.

JeffCantores (Wed, 12 Jan 2022 02:56:07 GMT):
Has joined the channel.

skittlez1522 (Wed, 12 Jan 2022 05:30:44 GMT):
When having a proof presented to a verifier, does the verifier save that or does it just check the proof for whatever it needs then "forget about it"?

skittlez1522 (Wed, 12 Jan 2022 05:37:59 GMT):
The same question with issuers. Does an issuer keep the actual data correlated with the DID it issued or just an identifier for that credential?

skittlez1522 (Wed, 12 Jan 2022 05:37:59 GMT):
When issuing a credential, does an issuer keep the actual data correlated with the DID it issued or just an identifier for that credential?

lbradley (Wed, 12 Jan 2022 14:29:30 GMT):
Has joined the channel.

TelegramSam (Wed, 12 Jan 2022 15:03:21 GMT):
WG Meeting on now!

akshitgoyal (Wed, 12 Jan 2022 17:26:12 GMT):
Has joined the channel.

StefanBratanov93 (Wed, 12 Jan 2022 19:26:57 GMT):
Has joined the channel.

skittlez1522 (Wed, 12 Jan 2022 21:21:50 GMT):
Is there an API reference for ACA-Py?

WadeBarnes (Wed, 12 Jan 2022 23:42:14 GMT):
https://github.com/hyperledger/aries-cloudagent-python/tree/main/open-api

WadeBarnes (Wed, 12 Jan 2022 23:45:20 GMT):
Also if you spin up an instance and browse to the agent-admin url and append `/api/doc` you'll get an interactive swagger page.

WadeBarnes (Wed, 12 Jan 2022 23:45:55 GMT):
Example; https://agent-admin-dev.orgbook.gov.bc.ca/api/doc

skittlez1522 (Thu, 13 Jan 2022 02:46:44 GMT):
Thank you

HaBerber (Thu, 13 Jan 2022 07:59:20 GMT):
Has joined the channel.

Anasalamin (Thu, 13 Jan 2022 08:01:19 GMT):
Thank you!!

shaikh47 (Thu, 13 Jan 2022 10:12:00 GMT):
Has joined the channel.

zossimov (Thu, 13 Jan 2022 13:43:30 GMT):
@tomislav we successfully enabled HTTPS on all of our agents I wrote the notes and steps on how to achieve it: https://github.com/hyperledger/aries-framework-dotnet/issues/211 .. thanks for helping out

zossimov (Thu, 13 Jan 2022 13:43:30 GMT):
@tomislav we successfully enabled HTTPS on all of our agents. I wrote the notes and steps on how to achieve it: https://github.com/hyperledger/aries-framework-dotnet/issues/211 .. thanks for helping out

mccown (Thu, 13 Jan 2022 14:15:07 GMT):
The Identity Implementer’s WG meeting for today (Jan 13th) has been cancelled. Please join us in our next meeting on Jan 27th (9am MT / 4pm UTC).

SeanBohan (Thu, 13 Jan 2022 15:06:39 GMT):
FinCEN, FDIC to Hold 'Tech Sprint' for Digital Identity Tools The proliferation of scams, information leaks and synthetic identity fraud is presenting a major challenge to the online financial services industry, federal regulators said. https://www.coindesk.com/policy/2022/01/12/fincen-fdic-to-hold-tech-sprint-for-digital-identity-tools/

rfleschenberg (Thu, 13 Jan 2022 16:01:53 GMT):
Has joined the channel.

skittlez1522 (Thu, 13 Jan 2022 22:13:05 GMT):
When a presentation is received from a verifier, is there a way to keep that presentation "open" so the verifier can always have access to that presentation?

swcurran (Thu, 13 Jan 2022 22:42:42 GMT):
I assume you mean "received by a verifier". From a general a general Aries coding perspective, the verifier can keep the presentation and recheck it if they want. From a specific implementation -- it would depend on what the the framework you are using has implemented. I think in any framework, the controller could save the presentation. Some frameworks may hang on to the presentation in secure storage, and so in theory you could re-process it - others may not. In either case, you would need a way to invoke the "verify presentation" on the saved data. I suspect that few frameworks include a way to do that directly -- it would have to be added. In ACA-Py, that could be done via a Plugin, or if it really makes sense, could be added to the core. Is there a good use case for using this as a general feature?

skittlez1522 (Thu, 13 Jan 2022 22:45:05 GMT):
Yeah, that's what I mean. I feel like this would be a good use case for companies to be able to display user profiles on their application without the need for a separate database.

ianco (Thu, 13 Jan 2022 22:46:25 GMT):
This is an example of an aca-py plug-in that can "re-verify" a received proof: https://github.com/AnonSolutions/aca-py-audit-plugin

ianco (Thu, 13 Jan 2022 22:46:49 GMT):
The verifier is responsible for saving the proof and proof request though

skittlez1522 (Thu, 13 Jan 2022 22:46:59 GMT):
My thought was that you could use a secure connection and an ID to a presented credential to be able to access that credential again without having to request it again.

skittlez1522 (Thu, 13 Jan 2022 22:47:58 GMT):
That would work, but is there a possibility to implement a feature that allows you to use the ID of the presented credential to access it from the users wallet?

swcurran (Thu, 13 Jan 2022 22:50:31 GMT):
Our policy has been to not save protocol objects in the wallet (aka secure storage) after use as (in our opinion) is the responsibility of the business logic -- the controller. That keeps the secure storage smaller (things are deleted), only necessary items are kept in the wallet long term (e.g. private keys, connection records, etc.).

swcurran (Thu, 13 Jan 2022 22:51:26 GMT):
Not required, but that works well in our environment where Agents are provided as a service to business apps. Agents are then holding less PII -- only transient holding.

swcurran (Thu, 13 Jan 2022 22:52:01 GMT):
Of course...then the controllers are holding more PII -- which is what you are proposing to avoid.

skittlez1522 (Thu, 13 Jan 2022 22:54:59 GMT):
Exactly. If an agent of a company was to keep the info of agents, it would, in a way, ruin the no central storage idea that seems to be promoted by SSI. So I was wondering what the best way to do that is.

skittlez1522 (Thu, 13 Jan 2022 22:55:47 GMT):
I was thinking that you could use something like a connection ID to have access to certain aspects of a verified credential to be able to display on an application

swcurran (Thu, 13 Jan 2022 22:59:33 GMT):
What we have used in the "issue credential" model is to allow three options for the protocol state object -- keep in full (lots of data, all the back and forth messages), keep minimal (minimal info kept about issuance) and delete. The same could be done for presentations. Keeping the entire state is a lot, but keep just the minimal might be useful. it's a reasonable option. If this is using ACA-Py, could you capture some of this and put it in an issue for discussion? Perhaps a discussion on the ACA-Py User Group meeting would be a good idea. Those with high volume experience could weigh in.

swcurran (Thu, 13 Jan 2022 23:00:39 GMT):
If you need it Real Soon Now, you could do a plugin, get some discussion going and community agreement, and then do a PR.

skittlez1522 (Fri, 14 Jan 2022 00:53:32 GMT):
Thank you. I will see if I can put this in as an issue. Also, when is the next ACA-Py User Group meeting?

iliketurtles69 (Fri, 14 Jan 2022 05:09:12 GMT):
Has joined the channel.

huonghope (Fri, 14 Jan 2022 08:48:14 GMT):
Has joined the channel.

veaceslav.dimitroglo (Fri, 14 Jan 2022 10:07:17 GMT):
Has joined the channel.

kimzter (Fri, 14 Jan 2022 12:58:17 GMT):
Has joined the channel.

Cassius87 (Fri, 14 Jan 2022 13:23:53 GMT):
Has joined the channel.

SeanConnolly (Fri, 14 Jan 2022 17:39:19 GMT):
Has joined the channel.

dhruvsharma (Fri, 14 Jan 2022 19:22:13 GMT):
Has joined the channel.

AdamEikman (Fri, 14 Jan 2022 19:45:20 GMT):
Has joined the channel.

dakata (Sat, 15 Jan 2022 13:56:52 GMT):
Has joined the channel.

luisnaranjo733 (Sat, 15 Jan 2022 15:34:28 GMT):
Has joined the channel.

g4gekkouga (Sun, 16 Jan 2022 07:36:04 GMT):
Has joined the channel.

boozden (Sun, 16 Jan 2022 10:11:09 GMT):
Has joined the channel.

roberto.porfiro (Sun, 16 Jan 2022 11:11:38 GMT):
Has joined the channel.

HuzMS (Sun, 16 Jan 2022 22:42:30 GMT):
Has joined the channel.

shanest (Mon, 17 Jan 2022 07:21:41 GMT):
this maybe a silly question but how do I pass arguments using ACAPY_INBOUND_TRANSPORT= inside docker compose, it requires 3 arguments. e.g http 0.0.0.0 8080 I tried to wrap it with "" but doesn't seemed to work as well

shanest (Mon, 17 Jan 2022 07:23:32 GMT):
I have been using command: http 0.0.0.0 3000 for now and thinking to tidy up the whole thing

tdiesler (Mon, 17 Jan 2022 13:24:13 GMT):
Has left the channel.

ianco (Mon, 17 Jan 2022 14:21:03 GMT):
Hi @shanest , I don't know the answer offhand, but the underlying library being used is https://pypi.org/project/ConfigArgParse/, so that documentation may help

ianco (Mon, 17 Jan 2022 14:21:41 GMT):
The inbound transport is a complicated parameter, because it has multiple values and there can be multiple inbound transports

ianco (Mon, 17 Jan 2022 14:22:02 GMT):
You can also specify it in a yaml config file, there i an example here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/local-indy-args.yaml#L17

ianco (Mon, 17 Jan 2022 14:22:02 GMT):
You can also specify it in a yaml config file, there is an example here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/local-indy-args.yaml#L17

ianco (Mon, 17 Jan 2022 14:22:35 GMT):
(this might also give some hints as to what the env var syntax may be, for example try `"[http, 0.0.0.0, 8030]"`)

ianco (Mon, 17 Jan 2022 14:22:35 GMT):
(this might also give some hints as to what the env var syntax may be, for example try `"[http, 0.0.0.0, 3000]"`)

AAlzaabi (Mon, 17 Jan 2022 14:41:17 GMT):
Has joined the channel.

shanest (Mon, 17 Jan 2022 16:50:15 GMT):
okay i will try to find a workaround on this. thanks for the advice.

newbusybee (Tue, 18 Jan 2022 01:01:56 GMT):
Has joined the channel.

sudojhill (Tue, 18 Jan 2022 05:37:15 GMT):
Has joined the channel.

DevalShah (Tue, 18 Jan 2022 07:05:12 GMT):
Has joined the channel.

adaephonben (Tue, 18 Jan 2022 08:40:16 GMT):
Has joined the channel.

christianatmueller (Tue, 18 Jan 2022 14:10:19 GMT):
Has joined the channel.

Affin-Ajanthan (Tue, 18 Jan 2022 14:35:03 GMT):
Has joined the channel.

nglf (Tue, 18 Jan 2022 15:23:35 GMT):
Has joined the channel.

HariN 35 (Wed, 19 Jan 2022 03:44:49 GMT):
Has joined the channel.

harikrishnashk (Wed, 19 Jan 2022 06:29:39 GMT):
Has joined the channel.

sumiteshnaithani (Wed, 19 Jan 2022 07:18:44 GMT):
Has joined the channel.

seancm69 (Wed, 19 Jan 2022 07:24:45 GMT):
Has joined the channel.

Tipu_Singh (Wed, 19 Jan 2022 07:41:33 GMT):
Has joined the channel.

sergedh (Wed, 19 Jan 2022 07:57:50 GMT):
Has joined the channel.

souksou (Wed, 19 Jan 2022 10:06:12 GMT):
Has joined the channel.

ouyangwenli (Wed, 19 Jan 2022 13:46:59 GMT):
Has joined the channel.

robbesettlemint (Wed, 19 Jan 2022 16:15:05 GMT):
Has joined the channel.

Gluwa_DavidLebee (Wed, 19 Jan 2022 17:42:11 GMT):
Has joined the channel.

ManishReddyN (Wed, 19 Jan 2022 18:03:16 GMT):
Has joined the channel.

norbertrogers (Wed, 19 Jan 2022 18:19:00 GMT):
Has joined the channel.

CharHowland (Wed, 19 Jan 2022 18:52:38 GMT):
Has joined the channel.

mgdotonl (Thu, 20 Jan 2022 01:20:36 GMT):
Has joined the channel.

JacquesBikoundou (Thu, 20 Jan 2022 03:07:56 GMT):
Has joined the channel.

regy14 (Thu, 20 Jan 2022 05:34:18 GMT):
Has joined the channel.

fl0x (Thu, 20 Jan 2022 06:32:13 GMT):
Has joined the channel.

sung-il (Thu, 20 Jan 2022 07:35:18 GMT):
Has joined the channel.

daohan (Thu, 20 Jan 2022 07:59:47 GMT):
Has joined the channel.

fsatsuki (Thu, 20 Jan 2022 08:00:18 GMT):
Has joined the channel.

guodadada (Thu, 20 Jan 2022 08:41:12 GMT):
Has joined the channel.

ESiat (Thu, 20 Jan 2022 09:03:41 GMT):
Has joined the channel.

SebastianKe (Thu, 20 Jan 2022 09:53:18 GMT):
Has joined the channel.

skbalahere (Thu, 20 Jan 2022 11:11:17 GMT):
This may be a problem of understanding. I have a scenario where multiple persons will come to my portal and exchange credentials

skbalahere (Thu, 20 Jan 2022 11:11:48 GMT):
Lets say in College sample, there will be 100 students

skbalahere (Thu, 20 Jan 2022 11:12:24 GMT):
It is practically impossible to run endpoints for all the students at the same time

skbalahere (Thu, 20 Jan 2022 11:12:35 GMT):
in the web

skbalahere (Thu, 20 Jan 2022 11:13:01 GMT):
Is there any alternative to use same end points for multiple students

skbalahere (Thu, 20 Jan 2022 11:14:12 GMT):
College will have one endpoint

prasanthdotv (Thu, 20 Jan 2022 11:17:16 GMT):
Has joined the channel.

richzhao (Thu, 20 Jan 2022 11:42:43 GMT):
I am following the instruction of Hyperledger Aries Training Workshop Prerequisites, but got problem when running "npm run dev". The error message says, Electron failed to install. I re-installed all packages, but it doesn't work

richzhao (Thu, 20 Jan 2022 11:52:48 GMT):

Clipboard - 2022年1月20日晚上7点52分

richzhao (Thu, 20 Jan 2022 11:53:10 GMT):
anyone can give me a hand?

ShubhamShukla31752 (Thu, 20 Jan 2022 13:07:58 GMT):
Has joined the channel.

nikolas (Thu, 20 Jan 2022 15:13:54 GMT):
Has joined the channel.

nikolas (Thu, 20 Jan 2022 15:13:54 GMT):
Hi, will the workshop today (Build Your Identity Solution Using Hyperledger Aries) be recorded?

JamesSchulte (Thu, 20 Jan 2022 15:38:15 GMT):
Hi Nikolas, yes, it will be recorded and accessible on Hyperledger Foundation's website within the coming days.

TelegramSam (Thu, 20 Jan 2022 15:47:57 GMT):
Hey folks! We are running a Hyperledger Aries workshop today, and will be directing deeper questions to this channel to help folks gain some familiarity with Aries community channels. Several of us working with the workshop will be monitoring to help folks with questions. The workshop starts in 15min, and will last 4 hours. Thanks!

TelegramSam (Thu, 20 Jan 2022 15:49:36 GMT):
@richzhao Did you find a resolution to this issue?

TelegramSam (Thu, 20 Jan 2022 15:51:24 GMT):
Most NPM module install issues are due to conflict with other modules. For once, the provided instructions of clearing `node_modules/electron` is the most likely solution.

ScottHarris (Thu, 20 Jan 2022 15:51:37 GMT):
Has joined the channel.

matisalimba (Thu, 20 Jan 2022 15:53:10 GMT):
Can anyone post the link to the workshop here? (zoom/meet, etc) Thanks

TelegramSam (Thu, 20 Jan 2022 15:54:07 GMT):
You should have received a zoom invite, sent on the 17th. If you can't find it, I'll have it resent.

matisalimba (Thu, 20 Jan 2022 15:55:00 GMT):
Oh I didn't, can you please send it to me msalimbene@homelendingpal.com

devisions (Thu, 20 Jan 2022 15:55:23 GMT):
Has joined the channel.

adipata (Thu, 20 Jan 2022 15:55:27 GMT):
Has joined the channel.

TelegramSam (Thu, 20 Jan 2022 15:56:52 GMT):
Did you register under a different email?

TelegramSam (Thu, 20 Jan 2022 15:57:38 GMT):
If not registered, we can share a youtube livestream link when it starts in a minute.

matisalimba (Thu, 20 Jan 2022 15:57:53 GMT):
yes, I found it, I had user a different email, sorry

TelegramSam (Thu, 20 Jan 2022 15:58:28 GMT):
No worries! Glad you found it.

Smalviya (Thu, 20 Jan 2022 16:00:42 GMT):
Has joined the channel.

ffuentes (Thu, 20 Jan 2022 16:00:49 GMT):
Has joined the channel.

rlnrajesh (Thu, 20 Jan 2022 16:01:44 GMT):
hi

mks4343 (Thu, 20 Jan 2022 16:02:24 GMT):
Has joined the channel.

Audrius (Thu, 20 Jan 2022 16:02:34 GMT):
Hi for workshop participants

shehanp72 (Thu, 20 Jan 2022 16:02:58 GMT):
Has joined the channel.

Helen_Garneau (Thu, 20 Jan 2022 16:03:03 GMT):
Welcome to the Hyperledger Aries community workshop everyone!

tdiesler (Thu, 20 Jan 2022 16:04:16 GMT):
Has joined the channel.

singhhp1069 (Thu, 20 Jan 2022 16:04:33 GMT):
Has joined the channel.

paulyp (Thu, 20 Jan 2022 16:05:00 GMT):
Has joined the channel.

sbohanlf (Thu, 20 Jan 2022 16:05:24 GMT):
YouTube livestream is at: https://www.youtube.com/watch?v=dj_VyVyWuu8

deas (Thu, 20 Jan 2022 16:05:38 GMT):
@MabelOza asked in the workshop zoom about getting Indy setup on macOS. I'm in the same boat. The more recent versions which lock down install capabilities quite a bit. I'm working through these steps (I realize they're #indy material), but want to keep it in #aries per the workshop guidelines. https://github.com/hyperledger/indy-sdk/blob/master/cli/README.md#binaries Any better / more recent instructions I should try?

MabelOza (Thu, 20 Jan 2022 16:05:38 GMT):
Has joined the channel.

richzhao (Thu, 20 Jan 2022 16:06:06 GMT):
alice_bob_demo failed

richzhao (Thu, 20 Jan 2022 16:06:07 GMT):
agent-alice_1 | 2022-01-20 14:33:34,179 aries_cloudagent.commands.start ERROR Exception during startup: agent-alice_1 | Traceback (most recent call last): agent-alice_1 | File "/home/indy/.venv/lib/python3.6/site-packages/aiohttp/connector.py", line 969, in _wrap_create_connection agent-alice_1 | return await self._loop.create_connection(*args, **kwargs) # type: ignore # noqa agent-alice_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/base_events.py", line 798, in create_connection agent-alice_1 | raise exceptions[0] agent-alice_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/base_events.py", line 785, in create_connection agent-alice_1 | yield from self.sock_connect(sock, address) agent-alice_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/selector_events.py", line 439, in sock_connect agent-alice_1 | return (yield from fut) agent-alice_1 | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/selector_events.py", line 469, in _sock_connect_cb agent-alice_1 | raise OSError(err, 'Connect call failed %s' % (address,)) agent-alice_1 | ConnectionRefusedError: [Errno 111] Connect call failed ('0.0.0.0', 443)

rz (Thu, 20 Jan 2022 16:06:26 GMT):
Has joined the channel.

awuttke (Thu, 20 Jan 2022 16:07:45 GMT):
Has joined the channel.

lynn.bendixsen (Thu, 20 Jan 2022 16:10:50 GMT):
Because of the large number of attendee's today we chose to have everyone use linux for the "hands-on" portions. There are instructions available for Mac, but we will not be supporting those during the workshop (happy to help after the training). This site has some MAC install instructions for indy-cli https://docs.google.com/document/d/18-8MiRRuxVHn-FFWyd8LHukPNl_WNzo-tJtXK9bmZfY

TelegramSam (Thu, 20 Jan 2022 16:12:35 GMT):
Which OS are you using? This may be a firewall configuration issue.

TelegramSam (Thu, 20 Jan 2022 16:12:55 GMT):
We'll do our best to work with you to solve problems with the prerequisites. We had hoped that most of these issues would have been found and addressed during our office hours earlier this week where one-on-one help was available. If you get stuck, you may find it useful to just follow along with the presentation and pursue the hands-on portion via the recording after you are able to solve the issues you encounter.

richzhao (Thu, 20 Jan 2022 16:13:10 GMT):
ubuntu 20.04

frostyfrog (Thu, 20 Jan 2022 16:14:33 GMT):
From the looks of that error message, it appears that a connection is being made to '0.0.0.0'. This makes sense for binding, but not for connecting. Is there any more context as to when this is happening?

Torben.Zick (Thu, 20 Jan 2022 16:14:57 GMT):
Has joined the channel.

malfaris (Thu, 20 Jan 2022 16:17:17 GMT):
Has joined the channel.

richzhao (Thu, 20 Jan 2022 16:18:25 GMT):
yes, I use Chain local npm registry & re-install npm packages to solve this issue

danielhardman (Thu, 20 Jan 2022 16:20:34 GMT):
Call to Participate - DIDComm User Group Now that the DIDComm v2 spec is nearing completion, and there are robust libraries in multiple programming languages, we are starting a user group to share learnings as we put DIDComm into production. We will organize community resources, produce a handbook, foster application-level protocol creation, maintain the didcomm.org website and repo, and recommend best practices. We invite anyone who's interested to register in the user group's email list or discord channel: Discord Invite: https://discord.gg/F4Qw7h6Sr9 Mailing list: https://lists.identity.foundation/g/didcomm-usergroup The first regular meeting will be held in January, with meeting selection to happen prior. Please fill out our survey: http://whenisgood.net/d8dkhgi Although this UG is sponsored by DIF, this is not an IP-protected context. We won't be developing specs or working on standards. Thus, you don't have to be a member of any particular org to join, and there are no legal terms to review or paperwork to sign. Please join us!

richzhao (Thu, 20 Jan 2022 16:21:55 GMT):
[ ](https://chat.hyperledger.org/channel/aries?msg=mpgeL9jeDdY6bf6Ys) good to hear, I'd like join the user group

Rabax55 (Thu, 20 Jan 2022 16:22:01 GMT):
Has joined the channel.

devisions (Thu, 20 Jan 2022 16:25:02 GMT):
Will we have the recording available on YouTube afterwards, please?

tdiesler (Thu, 20 Jan 2022 16:26:22 GMT):
@devisions "the slides from today’s session are being recorded and will be available in the coming days on Hyperledger Foundation’s workshop page for access."

sbohanlf (Thu, 20 Jan 2022 16:26:22 GMT):
recording will be available @devisions

sbohanlf (Thu, 20 Jan 2022 16:30:46 GMT):
https://wiki.hyperledger.org/display/events/Hyperledger+Aries+Workshop+-+Handout

sbohanlf (Thu, 20 Jan 2022 16:30:59 GMT):
workshop handout

bp99 (Thu, 20 Jan 2022 16:33:15 GMT):
Has joined the channel.

sanjikumar (Thu, 20 Jan 2022 16:39:22 GMT):
Has joined the channel.

richzhao (Thu, 20 Jan 2022 16:55:51 GMT):
what's pool?

alfonsogovela (Thu, 20 Jan 2022 16:56:39 GMT):
Has joined the channel.

lynn.bendixsen (Thu, 20 Jan 2022 16:57:08 GMT):
A pool is a grooup of nodes that makes up the ledger

lynn.bendixsen (Thu, 20 Jan 2022 16:57:08 GMT):
A pool is a group of nodes that makes up the ledger

lynn.bendixsen (Thu, 20 Jan 2022 16:57:51 GMT):
or the network. The "pool" referred to in indy-cli is really a pool handle pointing to a network

richzhao (Thu, 20 Jan 2022 16:59:40 GMT):
can a node join more pools?

lynn.bendixsen (Thu, 20 Jan 2022 17:00:17 GMT):
A node can only be in one network (pool)

richzhao (Thu, 20 Jan 2022 17:01:16 GMT):
thanks Lynn

aymanejabrane (Thu, 20 Jan 2022 17:04:32 GMT):
Has joined the channel.

sanjikumar (Thu, 20 Jan 2022 17:07:15 GMT):
how to add the nym we created to the testnet, who can i create a transaction for my nym and get it endorsed

TelegramSam (Thu, 20 Jan 2022 17:08:18 GMT):
The handout contains instructions to anchor a did via selfserve.indiciotech.io

sanjikumar (Thu, 20 Jan 2022 17:08:58 GMT):
thank you, i will check them

lynn.bendixsen (Thu, 20 Jan 2022 17:09:11 GMT):
You can do it yourself for TestNet using selfserve.indiciotech.io!

Mahadevan 3 (Thu, 20 Jan 2022 17:17:20 GMT):
Can the trustee DID be added to the ledger from indy-cli using ledger command?

lynn.bendixsen (Thu, 20 Jan 2022 17:18:43 GMT):
Yes. Adding a trustee requires a "signature" from one or more other trustees, but can be done from the ledger command in indy-cli

Mahadevan 3 (Thu, 20 Jan 2022 17:19:15 GMT):
Thanks

JamesSchulte (Thu, 20 Jan 2022 17:26:58 GMT):
Here is a link to the Aries Bifold wallet, the open source Aries wallet that @TelegramSam mentioned: https://github.com/hyperledger/aries-mobile-agent-react-native

JamesSchulte (Thu, 20 Jan 2022 17:28:06 GMT):
"Can 2 Aries agents with 2 different languages communicate with each other?"

TelegramSam (Thu, 20 Jan 2022 17:28:55 GMT):
Yes, using DIDComm Protocols.

CharlesDS (Thu, 20 Jan 2022 17:29:38 GMT):
Has joined the channel.

TelegramSam (Thu, 20 Jan 2022 17:32:13 GMT):
IOT represents a spectrum of capabilities - at the capable end of the spectrum devices can use DIDComm directly. At the lower end, they are often better reporting to a more capable device that bridges to DIDComm protocols.

aymanejabrane (Thu, 20 Jan 2022 17:35:07 GMT):
Can you please take us through the DIDCOM flow between in the agents when pairing and sharing VCs? We would like to understand how it works under the hood. Thank you for the informative session.

TelegramSam (Thu, 20 Jan 2022 17:35:33 GMT):
Daniel & Char's presentation walks directly through that flow. Stay tuned.

aymanejabrane (Thu, 20 Jan 2022 17:35:53 GMT):
@TelegramSam ! Great! Thank you!

aymanejabrane (Thu, 20 Jan 2022 17:41:54 GMT):
Are DID's assigned to each agent? or actor ?

TelegramSam (Thu, 20 Jan 2022 17:42:23 GMT):
Each Agent can have one or more DIDs.

TelegramSam (Thu, 20 Jan 2022 17:43:07 GMT):
Issuers and Verifiers typically have one published DID, and most Aries agents switch to Peer DIDs for communication with other agents.

TelegramSam (Thu, 20 Jan 2022 17:48:37 GMT):
DIDComm Protocols can be created by anybody without any required permission.

TelegramSam (Thu, 20 Jan 2022 17:49:12 GMT):
If you wish to promote for broad adoption, you can share the documentation within whatever community you wish.

aymanejabrane (Thu, 20 Jan 2022 17:50:12 GMT):
Thank you for the explanation. If I share my Peer DID, would it be possible for it to be spoofed by a bad actor ?

TelegramSam (Thu, 20 Jan 2022 17:51:04 GMT):
no - the peer DID is bound to the private key used to create it. Without that private key, a bad actor is unable to use your peer DID.

aymanejabrane (Thu, 20 Jan 2022 17:51:42 GMT):
Thank you @TelegramSam

frostyfrog (Thu, 20 Jan 2022 17:54:22 GMT):
I have been unable to reproduce this

richzhao (Thu, 20 Jan 2022 17:55:07 GMT):
what's nym?

lynn.bendixsen (Thu, 20 Jan 2022 17:56:16 GMT):
"Nym" is short for pseudonym and is simply another name for the DID. (It's the name used on the network/ledger)

Mahadevan 3 (Thu, 20 Jan 2022 18:02:05 GMT):
Can a mediator agent for mobile connect to any number of devices?

TelegramSam (Thu, 20 Jan 2022 18:06:36 GMT):
Yes - a mediator can serve many edge agents.

TelegramSam (Thu, 20 Jan 2022 18:07:20 GMT):
The mediator itself is untrusted - it doesn't have the keys to decrypt the message being sent to the edge agent.

matisalimba (Thu, 20 Jan 2022 18:07:28 GMT):
I was able to add Bob and Alice to the toolbox, but got an Invitation Error (504 gateway timeout) after a few moments.

tdiesler (Thu, 20 Jan 2022 18:07:41 GMT):
Could you perhaps say a few words on how all this relates to Indy?

Mahadevan 3 (Thu, 20 Jan 2022 18:08:06 GMT):
Thanks

TelegramSam (Thu, 20 Jan 2022 18:08:22 GMT):
Indy is just the ledger portion of the architecture. Aries agents talk with each other to exchange Indy based credentials.

TelegramSam (Thu, 20 Jan 2022 18:08:53 GMT):
Indy itself contains no support for parties to talk directly to each other, only register public keys, schemas, and other credential related information on the ledger.

shehanp72 (Thu, 20 Jan 2022 18:09:10 GMT):
is it possible to run the "aries-toolbox" using Ubuntu 20.04 LTS, within WSL2? I have tried using VcXsrv as the redirect for UI.

TelegramSam (Thu, 20 Jan 2022 18:09:19 GMT):
During the live portion now, the process will exchange indy based credentials.

tdiesler (Thu, 20 Jan 2022 18:09:37 GMT):
Lovely thanks

The_Science (Thu, 20 Jan 2022 18:09:41 GMT):
Im using Ubuntu 20.04 and im seeing this error when I do a npm run dev Watching file changes for main script... The futex facility returned an unexpected error code.

The_Science (Thu, 20 Jan 2022 18:09:48 GMT):
The window doesnt pop up

TelegramSam (Thu, 20 Jan 2022 18:10:50 GMT):
Try just an npm run. The dev argument is mostly useful when changing the toolbox code itself.

newbusybee (Thu, 20 Jan 2022 18:10:51 GMT):
cd ~/git-hltraining/aries-acapy-plugin-toolbox/demo docker-compose -f docker-compose.alice-bob.yml up --build this throws poetry not found, I'm using ubuntu 18.04

aymanejabrane (Thu, 20 Jan 2022 18:11:22 GMT):
So is Alice and Bob considered an ACA-pay agents ?

aymanejabrane (Thu, 20 Jan 2022 18:11:22 GMT):
So is Alice and Bob considered an ACA-Py agents ?

aymanejabrane (Thu, 20 Jan 2022 18:11:27 GMT):
or are they wallets ?

newbusybee (Thu, 20 Jan 2022 18:11:49 GMT):
I think they are aca-py agents

TelegramSam (Thu, 20 Jan 2022 18:11:51 GMT):
Alice and Bob are Agents. Each Agent has a wallet.

aymanejabrane (Thu, 20 Jan 2022 18:12:20 GMT):
Even issuers have wallets?

TelegramSam (Thu, 20 Jan 2022 18:13:05 GMT):
Everybody has a wallet, as everybody has keys they need to store.

TelegramSam (Thu, 20 Jan 2022 18:14:03 GMT):
The term 'wallet' is often used in the community to mean different things. Sometimes a mobile app, sometimes just the key and credential storage mechanism.

The_Science (Thu, 20 Jan 2022 18:14:10 GMT):
toolbox still doesnt run

The_Science (Thu, 20 Jan 2022 18:14:20 GMT):
typing npm run returns a list of possible commands

burdettadam (Thu, 20 Jan 2022 18:14:48 GMT):
yes. I have not seen it used with VcXsrv. have you run into any errors?

TelegramSam (Thu, 20 Jan 2022 18:15:49 GMT):
In the Aries community, 'wallet' refers to the key and credential storage mechanism. Each agent needs a wallet.

burdettadam (Thu, 20 Jan 2022 18:16:58 GMT):
Hmm, do you have any other errors in your logs?

lynn.bendixsen (Thu, 20 Jan 2022 18:17:31 GMT):
This could be an issue with the version of npm that you have

matisalimba (Thu, 20 Jan 2022 18:17:47 GMT):
some warning on the aries-toolbox terminal

matisalimba (Thu, 20 Jan 2022 18:18:16 GMT):
unrecognized manifest key "browser_action"

matisalimba (Thu, 20 Jan 2022 18:18:22 GMT):
unrecognized manifest key "update_url"

The_Science (Thu, 20 Jan 2022 18:18:30 GMT):
npm@6.14.4

matisalimba (Thu, 20 Jan 2022 18:18:41 GMT):
Permission "contextMenus" is unknown or URL pattern is malformed

The_Science (Thu, 20 Jan 2022 18:18:54 GMT):
what version is needed for the demo?

Mahadevan 3 (Thu, 20 Jan 2022 18:19:13 GMT):
Is the connection between Alice and Bob persistent? Is there always a connection open?

burdettadam (Thu, 20 Jan 2022 18:19:16 GMT):
changes/caveats on Xubuntu 20.04 `sudo apt -y install libgconf2-4` libgconf2-4 should be libgconf-2-4

TelegramSam (Thu, 20 Jan 2022 18:19:48 GMT):
There is a logical connection and a transport connection.

TelegramSam (Thu, 20 Jan 2022 18:20:09 GMT):
The logical connection (each party knows the other's DID) persists, but the transport connection is only open during message transmission.

jje (Thu, 20 Jan 2022 18:20:46 GMT):
Has joined the channel.

jje (Thu, 20 Jan 2022 18:20:47 GMT):
Can I use the Aries Toolbox directly with Aries Framework Go?

Mahadevan 3 (Thu, 20 Jan 2022 18:20:50 GMT):
Thanks @TelegramSam

frostyfrog (Thu, 20 Jan 2022 18:21:05 GMT):
Where is the 504 gateway timeout? Is it in the terminal, or the Toolbox app?

TelegramSam (Thu, 20 Jan 2022 18:21:38 GMT):
You can in some ways - Aries Framework Go doesn't support all the same DIDComm protocols as ACA-Py does with a plugin.

TelegramSam (Thu, 20 Jan 2022 18:22:06 GMT):
The Toolbox 2.0 will increase the support by adding DID Exchange Protocol support.

jje (Thu, 20 Jan 2022 18:22:22 GMT):
ok, thx!

burdettadam (Thu, 20 Jan 2022 18:23:42 GMT):
can you paste some more logs before this error?

The_Science (Thu, 20 Jan 2022 18:24:12 GMT):
That was already installed so it may be a dependency issue but its not that one.

The_Science (Thu, 20 Jan 2022 18:24:34 GMT):
I will continue with google-fu

matisalimba (Thu, 20 Jan 2022 18:26:32 GMT):
Toolbox App

aymanejabrane (Thu, 20 Jan 2022 18:28:31 GMT):
How is DID generated in a unique way for each agent? how is that managed ?

aymanejabrane (Thu, 20 Jan 2022 18:28:31 GMT):
Q1. Only issuers can revoke a credentional? Q2. Can a holder revoke a credential issued to a verfier ?

lynn.bendixsen (Thu, 20 Jan 2022 18:29:00 GMT):
looks like we used node 16 when we were doing our testing: `curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash -`

frostyfrog (Thu, 20 Jan 2022 18:31:22 GMT):
So, one of the things we are using is a proxy on the web to route traffic. I don't know if it will help, but if you restart the container and re-add the agents to the toolbox (you will need to delete the old connections), that may fix your issue.

TelegramSam (Thu, 20 Jan 2022 18:32:28 GMT):
The agent keeps track of which DID is used with which connection.

TelegramSam (Thu, 20 Jan 2022 18:33:03 GMT):
Generating uinque DIDs is done automatically for each new connection - it isn't something you have to manage yourself.

frostyfrog (Thu, 20 Jan 2022 18:33:59 GMT):
Sam, isn't the DID based off of the encryption keys, or did I misunderstand during the recent Indy Node meeting?

burdettadam (Thu, 20 Jan 2022 18:36:23 GMT):
I am not sure I understand your question. Are you asking about the crypto or managing Identity vs did comm connections with 'dids'?

frostyfrog (Thu, 20 Jan 2022 18:37:22 GMT):
I believe what's being asked is, "How do you guarantee that a newly created DID is unique?"

TelegramSam (Thu, 20 Jan 2022 18:37:34 GMT):
DIDs are based and bound to keys. New keys are created for each connection.

aymanejabrane (Thu, 20 Jan 2022 18:37:57 GMT):
Hey Burd, it is to guarantee the uniqueness of DID

aymanejabrane (Thu, 20 Jan 2022 18:44:45 GMT):
Sorry for troubling you @TelegramSam . So there are 2 types of DIDs. 1. DID for agents which is static 2. Peer DID which is generated for each connection and thats what is presented in the Indyscan. Please correct my understanding if I got it wrong..

aymanejabrane (Thu, 20 Jan 2022 18:44:45 GMT):
Sorry for troubling you @TelegramSam . So there are 2 types of DIDs. 1. DID for agents which is static by agent 2. Peer DID which is generated for each connection and thats what is presented in the Indyscan. Please correct my understanding if I got it wrong..

Mahadevan 3 (Thu, 20 Jan 2022 18:46:52 GMT):
When a credential is issued, does the holder wallet contain the private key of the credential definition which the agent uses to sign for verification?

TelegramSam (Thu, 20 Jan 2022 18:48:32 GMT):
the credential def contains the public keys for issuance, and is recorded on the ledger

TelegramSam (Thu, 20 Jan 2022 18:48:55 GMT):
the private key couterparts for issuance are held in the issuer wallet, and are used to issue credentials.

The_Science (Thu, 20 Jan 2022 18:51:40 GMT):
Thanks Lynn, I had thought I had node16 installed properly, but a repository issue was preventing it and I was using a different version

burdettadam (Thu, 20 Jan 2022 18:52:17 GMT):
yes. you can learn more here. https://www.w3.org/TR/did-core/#introduction

frostyfrog (Thu, 20 Jan 2022 18:52:24 GMT):
In order to connect to another agent, you need to connect to them with a DID. In demos, we automatically create an invitation which, in turn, creates a new DID. An agent can create as many DIDs as they want to. For credentials, an agent can create a DID which is not used for a connection, but the basics are the same. There aren't really 2 types of DIDs. A DID represents a cryptographic key and that key can be used for a variety of things. From agent-agent communication to signing and verifying credentials.

aymanejabrane (Thu, 20 Jan 2022 18:55:26 GMT):
Thank you @frostyfrog !

Mahadevan 3 (Thu, 20 Jan 2022 19:13:22 GMT):
Thanks

Mahadevan 3 (Thu, 20 Jan 2022 19:16:56 GMT):
Is it the edge agent in a mobile device connecting to the ledger to get the credential definition?

devisions (Thu, 20 Jan 2022 19:37:33 GMT):
I would like Bob to automatically approve the presentation requests sent from Alice, same as Daniel showed before. The two agents are successfully connected ("Connections" section in both Toolbox are fine, "Messages" are also), no error in the terminal (where the toolbox and the services were started), but in Bob's toolbox's "Presentations" section, the presentations requested from Alice are listed with a `state: request_received` and that's it (a looping icon keeps rotating on both). Should I do something to troubleshoot this?

devisions (Thu, 20 Jan 2022 19:38:08 GMT):

Clipboard - January 20, 2022 9:38 PM

devisions (Thu, 20 Jan 2022 19:38:38 GMT):
And that's concretely on Bob's side, [Agent to Agent] "Presentations" section.

MabelOza (Thu, 20 Jan 2022 19:41:35 GMT):
How does the revocation registry work? Does it delete the record (attribute) off the ledger or is it not finalized until a certain point in time?

frostyfrog (Thu, 20 Jan 2022 19:43:13 GMT):
q

frostyfrog (Thu, 20 Jan 2022 19:49:37 GMT):
As far as I know, things aren't deleted off of the ledger. Revocation happens at the credential level. When a credential is revoked, it is added to the revocation registry where it is then compared against when credentials are being verified (as far as I know)

frostyfrog (Thu, 20 Jan 2022 19:51:43 GMT):
Are all attributes and predicates correctly spelled? The last time I tested (months ago), if an attribute does not match up, or if your predicates do not pass validation, then the proving agent will not respond automatically.

burdettadam (Thu, 20 Jan 2022 19:54:37 GMT):
aca-py has configuration that allows automating did_comm interactions. I am not sure of the issue here though. I will ask around about the looping icon.

devisions (Thu, 20 Jan 2022 19:54:50 GMT):
I got it. Let me share the details here :blush:

devisions (Thu, 20 Jan 2022 19:57:00 GMT):

Clipboard - January 20, 2022 9:56 PM

devisions (Thu, 20 Jan 2022 19:59:35 GMT):
The problem was that Bob does not "hold" some of the attributes that were included in the presentation requests. Bob has only "name", which he got as part of a received credential from Alice. Now, the 3rd presentation request included only the "name" attribute, and now this got automatically approved and it's all good on both sides, as illustrated in the last screenshot.

regiseloi (Thu, 20 Jan 2022 19:59:42 GMT):
I'd recommend checking out https://github.com/hyperledger/indy-hipe/tree/master/text/0011-cred-revocation, this is still a solid explanation of how revocations work today.

devisions (Thu, 20 Jan 2022 20:00:21 GMT):
@frostyfrog & @burdettadam Thanks for the quick feedback! :pray:

devisions (Thu, 20 Jan 2022 20:00:48 GMT):
I'm happy that I have it solved. Today was a nice workshop! :blush:

frostyfrog (Thu, 20 Jan 2022 20:00:54 GMT):
Thank you for asking! I'm just glad we could get it figured out

jackiepeters (Fri, 21 Jan 2022 02:02:21 GMT):
Has joined the channel.

shashwot2 (Fri, 21 Jan 2022 04:55:58 GMT):
Has joined the channel.

GiorgosSiachamis (Fri, 21 Jan 2022 08:05:19 GMT):
Has joined the channel.

AnanayNarang (Fri, 21 Jan 2022 08:10:42 GMT):
Has joined the channel.

VNCheck (Fri, 21 Jan 2022 08:19:23 GMT):
Has joined the channel.

MinMail (Fri, 21 Jan 2022 09:32:24 GMT):
Has joined the channel.

JonasKreusch (Fri, 21 Jan 2022 12:02:42 GMT):
Has joined the channel.

Nischitha (Fri, 21 Jan 2022 13:22:25 GMT):
Has joined the channel.

p10010 (Fri, 21 Jan 2022 13:52:17 GMT):
Hello, I have been trying to send a credential with an attachment for a while, but to no avail. My setup is the following: I have two ACAPy instances running in parallel and I am able to create a connection and send credentials normally. However, whenever I try to send a credential with a base64 encoded attachment in the field`offers~attach` with one agent, the credential and its attributes are received by the other agent, but the attachment is nowhere to be found. I am currently checking in the docker logs, the response body and the `issue-credential-2.0/records/` endpoint. Does anybody know what I am doing wrong? How can I get the attachments to the other side?

p10010 (Fri, 21 Jan 2022 13:53:08 GMT):
My request body looks something like this ```json { "auto_remove": true, "comment": "this is a comment", "connection_id": "", "filter": { "indy": { "cred_def_id": ":3:CL:8:1.0", "issuer_did": "", "schema_id": ":2:id card:1.0", "schema_issuer_did": "", "schema_name": "id card", "schema_version": "1.0" } }, "credential_preview": { "@type": "issue-credential/2.0/credential-preview", "attributes": [] }, "formats" : [{ "attach_id" : "" "format" : "dif/credential-manifest@v1.0" }], "offers~attach": [{ "@id": "", "mime-type": "application/pdf", "data": { "base64": "" } }], "trace": false } ```

p10010 (Fri, 21 Jan 2022 13:53:08 GMT):
My request body looks something like this ```json { "auto_remove": true, "comment": "this is a comment", "connection_id": "", "filter": { "indy": { "cred_def_id": ":3:CL:8:1.0", "issuer_did": "", "schema_id": ":2:id card:1.0", "schema_issuer_did": "", "schema_name": "id card", "schema_version": "1.0" } }, "credential_preview": { "@type": "issue-credential/2.0/credential-preview", "attributes": [] }, "formats" : [{ "attach_id" : "", "format" : "dif/credential-manifest@v1.0" }], "offers~attach": [{ "@id": "", "mime-type": "application/pdf", "data": { "base64": "" } }], "trace": false } ```

RodrigoGarcia1 (Fri, 21 Jan 2022 14:18:10 GMT):
Has joined the channel.

mpg (Fri, 21 Jan 2022 14:40:27 GMT):
Has joined the channel.

Gag 131 (Fri, 21 Jan 2022 17:07:25 GMT):
Has joined the channel.

angmunoz (Fri, 21 Jan 2022 19:02:22 GMT):
Has joined the channel.

ramkapoor (Fri, 21 Jan 2022 19:47:14 GMT):
Has joined the channel.

ebaldivias (Fri, 21 Jan 2022 21:16:05 GMT):
Has joined the channel.

Vamsikn (Fri, 21 Jan 2022 21:26:43 GMT):
Has joined the channel.

himanisingla (Fri, 21 Jan 2022 21:29:50 GMT):
Has joined the channel.

mgamal (Sat, 22 Jan 2022 09:42:06 GMT):
Has joined the channel.

pratikc (Sun, 23 Jan 2022 13:46:53 GMT):
Has joined the channel.

rtatton (Sun, 23 Jan 2022 15:58:22 GMT):
Has joined the channel.

dave-beck (Sun, 23 Jan 2022 17:17:47 GMT):
Has joined the channel.

rtatton (Sun, 23 Jan 2022 19:33:09 GMT):
Hello. I'm looking into use ACA-Py to send/receive verifiable credentials between mobile agents, possibly using multi-tenancy and in a serverless environment (e.g., AWS Lambda). The ACA-Py cloud agent would only act as a message mediator between the sender and receiver, and would not be responsible for issuing or verifying credentials. While I have tried to get up to speed on the ACA-Py project, I am new so I apologize for any ignorance in my questions. From my understanding, the ACA-Py cloud agent does not have persistent wallet storage, only in-memory. If I wanted to implement a persistent storage backend for the cloud agent, what all would require implementation? I see there is an [abstract BaseStorage class](https://github.com/hyperledger/aries-cloudagent-python/blob/main/aries_cloudagent/storage/base.py). Beyond implementing a concrete persistent storage class, what else would need to be "swapped out" or "injected" to use this new storage backend? My assumption here is that, because the cloud agent would be in a serverless environment, a persistent storage backend is required to persist the peer DIDs that are established to allow for communication between the sender and receiver mobile agents. In this case, I believe the sender and receiver would act as the controller, where the messages that they send between each other would ultimately stem from a user interacting with the mobile agent. The multi-tenancy would be used so that there would only need to be a single "instance" (i.e., Lambda function endpoint) that could manage the communication between different sender-receiver pairs. Thank you in advance!

anilraj27 (Sun, 23 Jan 2022 20:09:17 GMT):
Has joined the channel.

swcurran (Sun, 23 Jan 2022 21:02:02 GMT):
ACA-Py definitely has persistent storage -- not very useful without :-). It can be setup to use SQLite or Postgres, depending on your needs. On the serverless front, I'm not aware of anyone that has implemented that. Interested in how that progresses. Finally -- ACA-Py currently has in-memory queues for inbound and outbound messages. There is a WIP PR on adding persistent queues via reddis or kafka (or add your own) that you might be interested in.

bweymouth (Mon, 24 Jan 2022 01:53:56 GMT):
Has joined the channel.

jaymhc (Mon, 24 Jan 2022 03:46:27 GMT):
Has joined the channel.

jjlee (Mon, 24 Jan 2022 07:22:44 GMT):
Has joined the channel.

jechae (Mon, 24 Jan 2022 08:04:13 GMT):
Has joined the channel.

Tipu_Singh (Mon, 24 Jan 2022 11:33:45 GMT):
Hello, I setup two aries agents and i establish connection between then using swagger UI now i just want to learn (on hand practice) how issue-credential v1.0 works for those agents , so is there any documentation for that I'm new to this

ianco (Mon, 24 Jan 2022 13:28:19 GMT):
Assuming you're using aca-py there is documentation here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AriesOpenAPIDemo.md

ianco (Mon, 24 Jan 2022 13:28:29 GMT):
The API calls for other aries agents should be similar

pbusch42 (Mon, 24 Jan 2022 16:50:11 GMT):
Has joined the channel.

ftrsau (Tue, 25 Jan 2022 03:15:59 GMT):
Has joined the channel.

errorfourten (Tue, 25 Jan 2022 03:25:46 GMT):
Has joined the channel.

ravip.singh (Tue, 25 Jan 2022 06:29:02 GMT):
Has joined the channel.

kalyankonda (Tue, 25 Jan 2022 08:23:59 GMT):
Hello, on Aries Wiki site (https://wiki.hyperledger.org/display/ARIES), I used to see the proposals/work that is proposed/planned for each year (one example proposal is that integration Aries with Fabric ledger). Somehow, I am not able to navigate to those pages now and not sure if page structure is modified or I am missing some. Can someone provide the link/path please?

aj3 (Tue, 25 Jan 2022 09:06:33 GMT):
Has joined the channel.

Tipu_Singh (Tue, 25 Jan 2022 12:58:04 GMT):
how can i create a frontend web application for aca-py agents(fetch the APIs of agents from UI and perform basic operations like GET and PUT), any documentation or resources available?

dantetti (Tue, 25 Jan 2022 14:14:30 GMT):
Hey, I am wondering for what reason a wallet can have non-public DIDs?

kalyankonda (Tue, 25 Jan 2022 14:29:42 GMT):
As per the design (and more importantly for security reasons), Pairwise/Private DIDs are stored in individual agent's wallet. All public DIDs get stored on Ledger.

kalyankonda (Tue, 25 Jan 2022 14:35:52 GMT):
Aegnt exposes its APIs on thier admin port (as an example: 8031 in case of Alice agent in faber-alice-demo example) and you can call those APIs from your UI.

kalyankonda (Tue, 25 Jan 2022 14:36:45 GMT):
You can refer this link for OpenAPI/Swagger specifications: https://github.com/hyperledger/aries-cloudagent-python/tree/main/open-api

dantetti (Tue, 25 Jan 2022 15:44:00 GMT):
yeah, I mean I don't see use cases for non-public DIDs in wallet

swcurran (Tue, 25 Jan 2022 15:50:40 GMT):
It depends what you are thinking of as "wallet". If you mean the mobile app and that non-Public DIDs would be surfaced in the UI, then no -- not needed. However, if you just mean storage, and that the Aries Agent will use the non-Public DIDs under the covers for managing connections and providing a secure communication channel with DIDComm, they are needed. Fundamental to the use of DIDComm and enabling the higher level Aries Protocols

dantetti (Tue, 25 Jan 2022 15:54:52 GMT):
so you mean in the storage case it can be used for peer-to-peer communication?

dantetti (Tue, 25 Jan 2022 15:54:52 GMT):
so you mean in the storage case it can be used for secure peer-to-peer communication?

rtatton (Tue, 25 Jan 2022 20:06:20 GMT):
That makes sense. Actually, in the case of a serverless function, it's okay that the queues are not persistent as this can be external to the cloud agent's functionality. However, because state is not guaranteed to be persisted across function invocations, the wallet would need a storage implementation that is external to the agent. For example, if using AWS Lambda, the wallet could be persisted using S3, DynamoDB, or one of their SQL databases. Perhaps this could be as simple as saving the SQLite or Postgres DB file to S3 such that it's loaded upon function invocation and just before finishing the invocation.

conanoc (Wed, 26 Jan 2022 01:50:21 GMT):
Yes. It is used to encrypt peer-to-peer message. (https://github.com/hyperledger/indy-sdk/blob/master/samples/nodejs/src/gettingStarted.js#L177) It is also used in creating credential request, though I'm not sure what's its internal usage.(https://github.com/hyperledger/indy-sdk/blob/master/samples/nodejs/src/gettingStarted.js#L195)

AravindVoruganti (Wed, 26 Jan 2022 14:16:16 GMT):
Has joined the channel.

dantetti (Wed, 26 Jan 2022 18:01:36 GMT):
Okay, thank you!

dantetti (Wed, 26 Jan 2022 18:14:28 GMT):
Here is another question. If I create a DID in wallet (storage), make it public and push to the ledger. After that If restart my server it'll not run because: "New seed provided which doesn't match the registered public did". How can I get around in this situation? Don't ask why I'm doing this I am just trying to understand how it works)) @swcurran

swcurran (Wed, 26 Jan 2022 22:01:53 GMT):
It depends on how you are creating the DID in the ledger. Your wallet and the ledger have to be in sync (same DID, verkey, private key), so if you destroy your wallet between reboots, you have to make sure you can reproduce the same DID. You do that by using the same seed. It sounds like when you are starting, you are using a random seed and so it is different any time. If you do want to be able to continue running after reboots, you should be making sure you are persisting your secure storage (wallet) across reboots. Note that while you can recreate an identical DID by using a seed, you cannot do that with a Claim Def, so if you delete your storage and recreate it, any Claim Def you create will NOT match the Claim Def on the ledger.

mccown (Wed, 26 Jan 2022 22:05:27 GMT):
The Identity Implementer’s WG meeting for tomorrow (Jan 27th) has been cancelled. Please join us in our next meeting on Feb 10th (9am MT / 4pm UTC).

dantetti (Wed, 26 Jan 2022 23:27:44 GMT):
Thank you for the reply! First, I am registering a DID on the ledger (manualy) and starting acypy by providing the seed of the DID in command line. After I am creating new DID with the help of /wallet/did/create (I am not passing any seed here, I guess acapy uses some random seed) and storing it on the ledger with /ledger/register-nym. Then I am making created DID public (in acapy only one DID can be public) with /wallet/did/public and rebooting my acapy without destroying the wallet. Here obviously I get the error "seed doesn't match the registered public" because I am providing a seed of the old DID. So, how can I start my acapy with new public DID in this case? How keep DIDs of the ledger and wallet in sync in general. Thank you.

swcurran (Thu, 27 Jan 2022 01:09:35 GMT):
I'm not 100% on the start up params, but I believe if you use the `--seed` parameter, along with the Public DID parameter, the ACA-Py instance should: - create the wallet if needed - create the DID in the wallet if needed - create the DID on the ledger if needed. If those things are already done -- things just proceed.

swcurran (Thu, 27 Jan 2022 01:10:32 GMT):
The "provision" vs. "start" mode might impact the wallet creation, but the latter two should happen regardless.

dantetti (Thu, 27 Jan 2022 01:15:01 GMT):
So, if I create new DID, push it to the ledger and make it public I have to start acapy with that DID (because I don't know the seed when I create it with /wallet/did/create)

sandeep20 (Thu, 27 Jan 2022 04:32:35 GMT):
Has joined the channel.

Alen_Sebastian (Thu, 27 Jan 2022 09:14:31 GMT):
Has joined the channel.

winterking (Thu, 27 Jan 2022 09:50:12 GMT):
Has joined the channel.

StefanBratanov (Thu, 27 Jan 2022 09:52:26 GMT):
Has joined the channel.

rejnol93 (Thu, 27 Jan 2022 10:01:21 GMT):
Has joined the channel.

dantetti (Thu, 27 Jan 2022 11:08:58 GMT):
Can we get seed when we rotate key pair for public DID?

isavelli (Thu, 27 Jan 2022 14:27:07 GMT):
Has joined the channel.

danielhardman (Thu, 27 Jan 2022 18:05:20 GMT):
Re. the call to participate in a new DIDComm Users Group that I posted last week: We had a nice set of respondents to this survey. Unfortunately, the general consensus was that it is impossible to get us together! Almost every proposed timeslot had at least ¾ of the respondents saying they couldn’t come. We are busy! I’m going to try again, but with the following changes: * I’ve extended the calendar time until Feb 11, in case the early parts of a month are better for us than the end parts. * I’ve decided to look for 30 minute slots instead of 60. I think this might be better – the commitment to attend is less heavy, and perhaps calendars will be a little more flexible. I believe we can still get a lot done in 30 minutes, if we’re well organized. So, can we try again? http://whenisgood.net/d8dkhgi

Mahadevan 3 (Thu, 27 Jan 2022 19:30:45 GMT):
Hi Lynn, I am working on installing indy node and have a question. Can you please answer when you get a chance?

Mahadevan 3 (Thu, 27 Jan 2022 19:31:06 GMT):
https://github.com/hyperledger/indy-node/blob/master/docs/source/installation-and-configuration.md#3.5.2.-Enable-the-Service

Mahadevan 3 (Thu, 27 Jan 2022 19:31:35 GMT):
Section 3.5 says "DO NOT proceed further with this document until your Steward DID and verkey (the public key) is on the ledger."

Mahadevan 3 (Thu, 27 Jan 2022 19:35:06 GMT):
How are Trustee DID and Steward DID added to the ledger?

Mahadevan 3 (Thu, 27 Jan 2022 19:35:47 GMT):
@lynn.bendixsen

Mahadevan 3 (Thu, 27 Jan 2022 19:42:05 GMT):
Is Steward DID added when running init_indy_node command?

Mahadevan 3 (Thu, 27 Jan 2022 19:42:05 GMT):
Is Steward DID added when running init_indy_node command? Can the Trustee DID be added after the node is started?

dci (Thu, 27 Jan 2022 20:36:06 GMT):
Has joined the channel.

alamin25 1 (Thu, 27 Jan 2022 20:53:14 GMT):
Has joined the channel.

LunarM 1 (Thu, 27 Jan 2022 21:44:15 GMT):
Has joined the channel.

brettd (Fri, 28 Jan 2022 01:21:56 GMT):
Has joined the channel.

heysatya (Fri, 28 Jan 2022 07:01:53 GMT):
Has joined the channel.

kaijuneer (Fri, 28 Jan 2022 09:01:43 GMT):
Just a question: is credential presentation susceptible to replay attack? For example, if the verifier has malicious intent, can it publish publicly a credential presentation it receives, such that it is still verifiable who the holder and issuer of the credential is?

rejnol93 (Fri, 28 Jan 2022 10:15:05 GMT):
Has left the channel.

Avijeet_15 (Fri, 28 Jan 2022 13:35:22 GMT):
Has joined the channel.

romanr (Fri, 28 Jan 2022 14:51:38 GMT):
Has joined the channel.

swcurran (Fri, 28 Jan 2022 14:56:15 GMT):
A verifier could publish the data -- they have that. Such abuse is a legal vs. technical issue. So if the plaintext data identifies the Holder, that is possible. That is why the data minimization is so important -- providing as little data as possible through selective disclosure and predicates. A replay is not possible -- that would be detected. Each presentation request has a nonce that makes it unique. So a malicious verifier receiving a presentation request from another verifier could not replay a presentation they received. If the malicious verifier published a presentation, the issuer would be known from the identifiers in the presentation. The holder would not be known by the identifiers in the presentation, unless (as stated above), the data presented had PII.

skittlez1522 (Fri, 28 Jan 2022 18:39:06 GMT):
Hey there,``` I have been running into an error when trying to accept a mediation request. This is the problem I run into ```

skittlez1522 (Fri, 28 Jan 2022 18:45:47 GMT):

skittlez1522 - Fri Jan 28 2022 11:45:10 GMT-0700 (MST).txt

skittlez1522 (Fri, 28 Jan 2022 18:46:13 GMT):
Is there anyone that knows a solution to this problem?

ianco (Fri, 28 Jan 2022 18:54:52 GMT):
I think the error is in your webhook config

ianco (Fri, 28 Jan 2022 18:54:54 GMT):
`http://localhost:3008//topic/connections/`

ianco (Fri, 28 Jan 2022 18:55:02 GMT):
notice `//topic`

skittlez1522 (Fri, 28 Jan 2022 18:57:09 GMT):
I just tried that. I am still running into the same error.

ianco (Fri, 28 Jan 2022 18:58:08 GMT):
Can you attach an updated log file?

skittlez1522 (Fri, 28 Jan 2022 19:39:10 GMT):
It won't let me attach a log file, so here is the link to the Mediator Log: https://drive.google.com/file/d/1qYWZREjhc5hTj0m87HfKealE_3xBCX_g/view?usp=sharing

skittlez1522 (Fri, 28 Jan 2022 19:39:35 GMT):
Multitenant Log: https://drive.google.com/file/d/1KNYcRzCxlZeKNM8dkL3Q7MhvesP5Gau8/view?usp=sharing

ianco (Fri, 28 Jan 2022 19:41:30 GMT):
For the web hook, you're getting a `405 Method Not Allowed`, so make sure your endpoint is accessible to your agent and accepting `POST` requests

ianco (Fri, 28 Jan 2022 19:41:31 GMT):
Outbound message could not be delivered to http://localhost:3005/topic/connections/

ianco (Fri, 28 Jan 2022 19:41:31 GMT):
`Outbound message could not be delivered to http://localhost:3005/topic/connections/`

ianco (Fri, 28 Jan 2022 19:41:45 GMT):
`localhost` may be an issue

ianco (Fri, 28 Jan 2022 19:43:00 GMT):
This error (`AttributeError: 'NoneType' object has no attribute 'services'`) could be an issue with the format of the invitation you are trying to accept

ianco (Fri, 28 Jan 2022 19:44:11 GMT):
On the mediator side it looks like the webhook endpoint is missing, you're getting a `404`: `Error when posting to: http://localhost:3008/webhooks/topic/connections/`

skittlez1522 (Fri, 28 Jan 2022 21:02:41 GMT):
Alright, so I've tried a few different alterations to the script and none of them are working. But, when I replaced the local mediator connection url in the multitenant script with a development indicia-tech mediator url, I only get the `AttributeError` error.

ianco (Fri, 28 Jan 2022 21:08:10 GMT):
Can you describe your setup? I.e. are you running locally, using docker, etc .. ?

skittlez1522 (Fri, 28 Jan 2022 21:12:10 GMT):
I am running locally. I have the aca-py cli installed and that is what I am using to run the scripts. For the ledger, I am connecting to the sovrin buildernet.

ianco (Fri, 28 Jan 2022 21:12:51 GMT):
Can you share your aca-py startup commands?

skittlez1522 (Fri, 28 Jan 2022 21:13:49 GMT):
Here is my multitenant agent startup command: ``` aca-py start \ --endpoint "http://localhost:8001/" \ --label flexAdmin \ --inbound-transport http 0.0.0.0 8000 \ --outbound-transport http \ --webhook-url "http://localhost:8001" \ --admin 0.0.0.0 8002 \ --admin-insecure-mode \ --genesis-url "https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_builder_genesis" \ --wallet-type indy \ --wallet-name flexIdentityAdmin \ --wallet-key flexKey \ --auto-provision \ --multitenant \ --multitenant-admin \ --jwt-secret test \ --mediator-invitation "http://mediator3.test.indiciotech.io:3000?c_i=eyJAdHlwZSI6ICJkaWQ6c292OkJ6Q2JzTlloTXJqSGlxWkRUVUFTSGc7c3BlYy9jb25uZWN0aW9ucy8xLjAvaW52aXRhdGlvbiIsICJAaWQiOiAiYjE5YTM2ZjctZjhiZi00Mjg2LTg4ZjktODM4ZTIyZDI0ZjQxIiwgInJlY2lwaWVudEtleXMiOiBbIkU5VlhKY1pzaGlYcXFMRXd6R3RtUEpCUnBtMjl4dmJMYVpuWktTU0ZOdkE2Il0sICJzZXJ2aWNlRW5kcG9pbnQiOiAiaHR0cDovL21lZGlhdG9yMy50ZXN0LmluZGljaW90ZWNoLmlvOjMwMDAiLCAibGFiZWwiOiAiSW5kaWNpbyBQdWJsaWMgTWVkaWF0b3IifQ==" ```

skittlez1522 (Fri, 28 Jan 2022 21:14:17 GMT):
Here is my mediator startup command: ``` aca-py start \ --endpoint "http://localhost:3008/" \ --label flexMediator \ --inbound-transport http 0.0.0.0 8020 \ --outbound-transport http \ --webhook-url "http://localhost:3008" \ --admin 0.0.0.0 3008 \ --admin-insecure-mode \ --genesis-url "https://raw.githubusercontent.com/sovrin-foundation/sovrin/master/sovrin/pool_transactions_builder_genesis" \ --wallet-type indy \ --wallet-name flexMediator \ --wallet-key flexKey \ --auto-provision \ --open-mediation \ --invite \ --invite-multi-use \ --invite-label mediationInvite \ --auto-accept-invites \ --auto-accept-requests \ --seed kQKZX3UR5c7zmWi28oXlBnTlHYwIt3N1 ```

skittlez1522 (Fri, 28 Jan 2022 21:15:20 GMT):
First I run the mediator agent. I copy the invitation URL it gives me. Then I paste that url into the --mediator-invitation argument and run the multitenant agent

ianco (Fri, 28 Jan 2022 21:16:12 GMT):
And then you create a tenant wallet (aka sub-wallet) in the multitenant instance?

skittlez1522 (Fri, 28 Jan 2022 21:17:17 GMT):
yeah. Then I try to connect to it and use the wallet through the api endpoints, but it every time I try to run something, an error returns saying I need a mediator.

ianco (Fri, 28 Jan 2022 21:17:51 GMT):
Ah ok, I'm not sure the tenant wallet automatically connects to the mediator

ianco (Fri, 28 Jan 2022 21:18:20 GMT):
I.e. I don't know if the `--mediator-invite` param gets picked up for a new tenant instance

ianco (Fri, 28 Jan 2022 21:18:56 GMT):
Try explicitly connecting your tenant to the mediator after you create it

skittlez1522 (Fri, 28 Jan 2022 21:19:31 GMT):
That's what I thought at first, but here https://github.com/hyperledger/aries-cloudagent-python/blob/main/Multitenancy.md#mediation it says that you can do just that, which is what I have been trying to do, but I'm about to just go ahead and connect a sub-wallet to a mediator manually.

ianco (Fri, 28 Jan 2022 21:20:35 GMT):
Yah it looks like the docs say "it should work"

ianco (Fri, 28 Jan 2022 21:20:53 GMT):
If it works when you connect the tenant manually I suggest to log an issue

ianco (Fri, 28 Jan 2022 21:21:11 GMT):
... then someone will take a look at the aca-py functionality

skittlez1522 (Fri, 28 Jan 2022 21:21:37 GMT):
Alright. I will go ahead and make sure that works first

ianco (Fri, 28 Jan 2022 21:21:44 GMT):
:+1:

skittlez1522 (Fri, 28 Jan 2022 21:21:50 GMT):
Thanks a lot

heysatya (Sat, 29 Jan 2022 14:31:58 GMT):
Upon executing npm run dev, I get the following error: "error while loading shared libraries: libgdk_pixbuf-2.0.so.0: cannot open shared object file: No such file or directory". The aries-toolbox window does not open. Any ide how to solve this?

Trisham_Bharat_Patil (Sat, 29 Jan 2022 16:57:36 GMT):
Has joined the channel.

aminst (Sat, 29 Jan 2022 19:03:00 GMT):
Has joined the channel.

rajan-31 (Sat, 29 Jan 2022 19:20:17 GMT):
Has joined the channel.

cxk934 (Sun, 30 Jan 2022 13:42:46 GMT):
Has joined the channel.

skittlez1522 (Mon, 31 Jan 2022 05:08:44 GMT):
When using the swagger api and trying to accept a connection request, I get this error: `404: Record not found.` Is there any reason or this or anyway to fix it.

Junior-nitcheu (Mon, 31 Jan 2022 11:36:29 GMT):
Has joined the channel.

rameshmiriyala (Mon, 31 Jan 2022 12:45:56 GMT):
Has joined the channel.

lynn.bendixsen (Mon, 31 Jan 2022 15:21:53 GMT):
Sorry for slow response, this message got a bit lost in all of the previous replys. The instructions you are viewing are for adding a Node to an existing network. The Steward DID must be added to the ledger by an existing Trustee. The Steward DID is not added to the ledger during the init_indy_node command. Trustee's can be added to an existing ledgerr at any time and are not at all related to addins or removing Nodes or Stewards. Trustees, (the role) are network administrators, not node operators. If you are trying to start a new network, (and only if it's the initial time you are starting it with the genesis nodes) then the specific instruction you are referring to is something you can skip since the initial Trustees and Stewards are in the genesis files and will not need added to the brand new network separately.

hamoT (Mon, 31 Jan 2022 15:25:05 GMT):
Has joined the channel.

Mahadevan 3 (Mon, 31 Jan 2022 17:46:50 GMT):
Ok. Thanks @lynn.bendixsen

sudarsan.immadi (Tue, 01 Feb 2022 01:30:45 GMT):
Has joined the channel.

SobhikaR (Tue, 01 Feb 2022 08:59:55 GMT):
Has joined the channel.

MathiasBaumgartinger (Tue, 01 Feb 2022 10:53:02 GMT):
Has joined the channel.

Biradi (Tue, 01 Feb 2022 13:01:56 GMT):
Has joined the channel.

yusakrabin (Tue, 01 Feb 2022 14:09:36 GMT):
Has joined the channel.

dovidkopel (Tue, 01 Feb 2022 14:48:39 GMT):
Has joined the channel.

skittlez1522 (Tue, 01 Feb 2022 14:52:32 GMT):
I have logged an issue in the aries-cloudagent-python repository about the /accept-request issue I was getting. If this is an actual issue and not just my error, could it be possible that this issue could have resulted in the multitenant agent's mediator not connecting on startup?

jacobgorman613 (Tue, 01 Feb 2022 20:57:20 GMT):
Has joined the channel.

BalarajuBalu (Wed, 02 Feb 2022 06:08:42 GMT):
Has joined the channel.

chetanambi (Wed, 02 Feb 2022 07:52:31 GMT):
Has joined the channel.

EduOliveira (Wed, 02 Feb 2022 10:40:26 GMT):
Has joined the channel.

GiacomoDisalvo (Wed, 02 Feb 2022 11:01:23 GMT):
Has joined the channel.

ripulbd (Wed, 02 Feb 2022 12:52:23 GMT):
Hi, I would like to transform the Faber/Alice/Acme use-case within the ACA-py framework into a web-based use-case. I would like to know what would be the best approach for doing this. If someone knows of any pointer regarding this, I would be grateful if you could share those pointers. Thanks in advance.

devratapuri (Wed, 02 Feb 2022 13:41:16 GMT):
Has joined the channel.

jayzhan (Wed, 02 Feb 2022 14:40:12 GMT):
Has joined the channel.

chetanhanda (Wed, 02 Feb 2022 16:24:09 GMT):
Has joined the channel.

ksl2europe (Wed, 02 Feb 2022 18:20:39 GMT):
Has joined the channel.

skittlez1522 (Wed, 02 Feb 2022 19:08:15 GMT):
In this object when creating an invitation, what is the service endpoint for and what should it be? Like, does it need to be the agent endpoint or the webhook? ``` { "my_label": "Bob", "recipient_keys": [ "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" ], "routing_keys": [ "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV" ], "service_endpoint": "http://host.docker.internal:8022" } ```

skittlez1522 (Wed, 02 Feb 2022 19:08:47 GMT):
Also, is the recipient key the key of the recipient wallet and if so, how do you get that key?

mayurthosar11 (Wed, 02 Feb 2022 19:20:43 GMT):
Has joined the channel.

wontondon (Wed, 02 Feb 2022 19:59:38 GMT):
Has joined the channel.

swcurran (Wed, 02 Feb 2022 22:41:47 GMT):
It is the agent endpoint and it must be accessible to whomever the invitation is going to. It is the physical address (including the protocol) to which the entity receiving the invitation will send the follow up message (whatever that might be). It may be direct to the agent creating the invite, or may be to a mediator that has been setup to handle receiving and forwarding the message so that it gets to the inviting agent. It is never the webhook address, and might be the agent endpoint if that is exposed publicly.

kakaupke (Thu, 03 Feb 2022 00:01:39 GMT):
Has joined the channel.

dioxis (Thu, 03 Feb 2022 01:05:00 GMT):
Has joined the channel.

skittlez1522 (Thu, 03 Feb 2022 02:45:29 GMT):
Thank you! And, I'm sorry to be such a bother, but is there anyway we could schedule a Zoom call within the next week or so? I keep running into connection issues, whether it be running my own agents or running on a demo and I cannot seem to figure out what I am doing wrong.

vsh1982 (Thu, 03 Feb 2022 02:59:35 GMT):
Has joined the channel.

drichard2 (Thu, 03 Feb 2022 10:06:52 GMT):
Has joined the channel.

makikato (Thu, 03 Feb 2022 13:08:31 GMT):
Has joined the channel.

kaissfr (Thu, 03 Feb 2022 13:08:36 GMT):
Has joined the channel.

sohansamant (Thu, 03 Feb 2022 14:39:21 GMT):
Has joined the channel.

devg (Thu, 03 Feb 2022 15:09:53 GMT):
Has joined the channel.

Smalviya (Thu, 03 Feb 2022 15:14:11 GMT):
the last pytest . under ../indy_node is taking forever (over 30 mins) wihtout any error/warning on ubuntu 18.4 with 30 gigs disk

Siltes (Thu, 03 Feb 2022 15:17:33 GMT):
Has joined the channel.

swcurran (Thu, 03 Feb 2022 15:56:52 GMT):
I've created and published the Hyperledger TSC Aries Quarterly Report here: https://wiki.hyperledger.org/display/TSC/2022+Q1+Hyperledger+Aries Please review and let me know if I have missed anything or have anything wrong. Thanks!

agiove (Thu, 03 Feb 2022 15:57:35 GMT):
Has joined the channel.

grittyronin (Thu, 03 Feb 2022 16:06:59 GMT):
Has joined the channel.

adambabs (Thu, 03 Feb 2022 16:10:23 GMT):
Has joined the channel.

sergm (Thu, 03 Feb 2022 16:11:39 GMT):
Has joined the channel.

kyilintun (Thu, 03 Feb 2022 16:11:50 GMT):
Has joined the channel.

gosankar (Thu, 03 Feb 2022 16:13:26 GMT):
Has joined the channel.

senthil.akshay27 (Thu, 03 Feb 2022 16:15:02 GMT):
Has joined the channel.

mepeltier (Thu, 03 Feb 2022 16:15:06 GMT):
Has joined the channel.

devin007 (Thu, 03 Feb 2022 16:23:20 GMT):
Has joined the channel.

ngwlf (Thu, 03 Feb 2022 16:23:38 GMT):
Has joined the channel.

sanjichained (Thu, 03 Feb 2022 16:26:36 GMT):
Has joined the channel.

Ben208N (Thu, 03 Feb 2022 17:03:03 GMT):
Has joined the channel.

swcurran (Thu, 03 Feb 2022 17:06:39 GMT):
Ping @ianco -- he said he would be happy to do a Zoom session. He'd be way better than I would be :-)

ianco (Thu, 03 Feb 2022 17:07:26 GMT):
Sure PM me and we can setup a call.

ianco (Thu, 03 Feb 2022 17:08:43 GMT):
FYI the endpoint in your above example is for an internal docker network, so you will only be able to connect with other agents on the same docker network (on your local host). If you want to connect with agents running elsewhere, you need to setup public endpoints. There is an example here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/AliceGetsAPhone.md

kwollo (Thu, 03 Feb 2022 18:07:33 GMT):
Has joined the channel.

DurgaKVS (Thu, 03 Feb 2022 19:55:02 GMT):
Has joined the channel.

devg (Fri, 04 Feb 2022 05:46:55 GMT):
@heysatya Were you able to resolve it?

JonasRasmussen (Fri, 04 Feb 2022 08:20:18 GMT):
Has joined the channel.

ThomasFR89 (Fri, 04 Feb 2022 08:20:26 GMT):
Has joined the channel.

LucasCanaro (Fri, 04 Feb 2022 08:29:03 GMT):
Has joined the channel.

iamchirag45 (Fri, 04 Feb 2022 12:18:56 GMT):
Has joined the channel.

freddylarag (Fri, 04 Feb 2022 16:39:07 GMT):
Has joined the channel.

LucasCosta (Fri, 04 Feb 2022 19:16:52 GMT):
Has joined the channel.

rizy (Sat, 05 Feb 2022 03:21:39 GMT):
Has joined the channel.

DeepakMuthekar (Sat, 05 Feb 2022 11:48:50 GMT):
Has joined the channel.

alih27140 (Sat, 05 Feb 2022 15:53:04 GMT):
Has joined the channel.

VasileiosK (Sat, 05 Feb 2022 17:19:54 GMT):
Has joined the channel.

jmb (Sat, 05 Feb 2022 19:15:48 GMT):
Has joined the channel.

gaganbabber (Sun, 06 Feb 2022 01:01:24 GMT):
Has joined the channel.

Rafeu (Sun, 06 Feb 2022 08:03:42 GMT):
Has joined the channel.

siddhantprateek (Sun, 06 Feb 2022 09:28:57 GMT):
Has joined the channel.

degex (Sun, 06 Feb 2022 10:31:26 GMT):
Has joined the channel.

govindlahoti (Sun, 06 Feb 2022 12:42:13 GMT):
Has joined the channel.

YU.I (Sun, 06 Feb 2022 13:52:22 GMT):
Has joined the channel.

png_savvy (Sun, 06 Feb 2022 19:40:48 GMT):
Has joined the channel.

PhilippThater (Sun, 06 Feb 2022 22:25:30 GMT):
Has joined the channel.

rramon (Sun, 06 Feb 2022 22:41:17 GMT):
Has joined the channel.

abwh2 (Mon, 07 Feb 2022 03:19:20 GMT):
Has joined the channel.

cacaocal (Mon, 07 Feb 2022 09:28:28 GMT):
Has joined the channel.

AntonYamkovoy (Mon, 07 Feb 2022 12:16:33 GMT):
Has joined the channel.

AhmadKh (Mon, 07 Feb 2022 14:08:44 GMT):
Has joined the channel.

jonathan1204 (Mon, 07 Feb 2022 15:02:12 GMT):
Has joined the channel.

salikzquidz (Mon, 07 Feb 2022 16:54:17 GMT):
Has joined the channel.

gabrielsdev (Mon, 07 Feb 2022 17:17:01 GMT):
Has joined the channel.

bfrech (Mon, 07 Feb 2022 18:10:52 GMT):
Hello, I am trying to connect a mobile android agent without inbound with a mediator using aries-framework-go. Since the documentation from here (https://wiki.hyperledger.org/display/ARIES/DIDComm+MediatorRouter) is already 2 years old I was wondering how the flow needs to be adapted when using DIDComm V2. Do I still need to perform a DIDExchange between the Router and the Mobile Agent? Or how else will they connect? Is there a pre-built mediator that uses DIDComm v2 and is compatible with aries-framework-go? Thank you in advance for the help!

swcurran (Mon, 07 Feb 2022 18:22:17 GMT):
The Aries community is still using DIDComm v1.0, as v2.0 is still under development in DIF. You are probably better to ask the question in that context -- e.g. in the DIF Slack channel. @TelegramSam -- anything to add to this?

TimoGlastra (Mon, 07 Feb 2022 19:53:11 GMT):
AFAIK Aries Framework Go already supports DIDComm v2 (at least an initial version) and supports multiple protocols using DIDComm v2. I'm not sure however what their exact progress is and whether mediation using DIDComm v2 is already supported

khushalkunjir (Tue, 08 Feb 2022 05:51:44 GMT):
Has joined the channel.

devg (Tue, 08 Feb 2022 09:10:24 GMT):
Hi @The_Science, Even I am stuck with the same futex facility error. I tried re-installing the same node and npm versions but still facing same. Any suggestions on how it could be resolved would be much appreciated.

devg (Tue, 08 Feb 2022 09:12:38 GMT):
Hi, I am stuck with the same futex facility error. I tried re-installing the same node and npm versions that are used while the demonstration but still facing same. Any suggestions on how it could be resolved would be much appreciated.

devg (Tue, 08 Feb 2022 09:12:38 GMT):
Hi, I am stuck with the same futex facility error. I tried re-installing the same node and npm versions that are used while the demonstration but still facing the same. Any suggestions on how it could be resolved would be much appreciated. Below is the error snap attached.

devg (Tue, 08 Feb 2022 09:12:53 GMT):

Clipboard - February 8, 2022 2:42 PM

SwapnilDeshmukh (Tue, 08 Feb 2022 11:17:37 GMT):
Has joined the channel.

Cai 238 (Tue, 08 Feb 2022 11:32:34 GMT):
Has joined the channel.

santmukh (Tue, 08 Feb 2022 11:43:29 GMT):
Has joined the channel.

The_Science (Tue, 08 Feb 2022 12:33:35 GMT):
Hi Devg, my issue was the wrong version of node. I guess the question is, do you have multiple versions of node installed and is it possible the incorrect version is being used with the script?

kalyankonda (Tue, 08 Feb 2022 13:22:38 GMT):
Hello, We are planning to migrate from Aries agent 1.0 APIs to 2.0 APIs in our controller. Before we proceed for impact analysis and analysis of required changes, I would like to check with forum here if somebody is already done this analysis and migrated to 2.0 APIs. If there is guide/material on this exists already. Any references/pointers will save our time.

devg (Tue, 08 Feb 2022 13:46:38 GMT):
Yeah, I tried with version 16 individually as well but no luck. Not sure what might be the issue. If I may ask, what is the specific version that you have used for node and npm?

The_Science (Tue, 08 Feb 2022 14:04:03 GMT):
Hope this helps: $ npm version { npm: '8.1.2', node: '16.13.2', v8: '9.4.146.24-node.14', uv: '1.42.0', zlib: '1.2.11', brotli: '1.0.9', ares: '1.18.1', modules: '93', nghttp2: '1.45.1', napi: '8', llhttp: '6.0.4', openssl: '1.1.1l+quic', cldr: '39.0', icu: '69.1', tz: '2021a', unicode: '13.0', ngtcp2: '0.1.0-DEV', nghttp3: '0.1.0-DEV' }

devg (Tue, 08 Feb 2022 14:20:28 GMT):
Sure Thanks, let me try with these details.

lynn.bendixsen (Tue, 08 Feb 2022 17:23:59 GMT):
Hi @devg What operating system are you trying to do this on? Do you have GUI capability in the ENV you are running in?

bruno_evaristo (Tue, 08 Feb 2022 19:58:25 GMT):
Has joined the channel.

HamidTariq (Tue, 08 Feb 2022 23:50:34 GMT):
Has joined the channel.

ankitkamra (Wed, 09 Feb 2022 04:40:21 GMT):
Has joined the channel.

MuteMan (Wed, 09 Feb 2022 07:59:41 GMT):
Has joined the channel.

harikishantk (Wed, 09 Feb 2022 09:22:36 GMT):
Has joined the channel.

theNatassa (Wed, 09 Feb 2022 12:34:36 GMT):
Has joined the channel.

sbohanlf (Wed, 09 Feb 2022 15:08:14 GMT):
Here is the IEEE Spatial Web session Sam mentioned on the call https://sagroups.ieee.org/2874/meeting/ieee-p2874-spatial-web-working-group-meeting-7/

SwapnilPakhare (Wed, 09 Feb 2022 16:55:54 GMT):
Has joined the channel.

LiXu 17 (Wed, 09 Feb 2022 18:06:50 GMT):
Has joined the channel.

devg (Wed, 09 Feb 2022 19:16:24 GMT):
Hi @lynn.bendixsen , I am trying it on linux based ubuntu 18.04. It does not have the GUI capability.

lynn.bendixsen (Wed, 09 Feb 2022 19:43:00 GMT):
The script that you are running when you see the error requires a GUI. Try installing the "desktop" version of 18.04, or just add all of the GUI items required. I was going to provide a link, but there are many options available if you google search for "https://www.google.com/search?client=safari&rls=en&q=installing+a+GUI+on+ubuntu+server+18.04&ie=UTF-8&oe=UTF-8"

mccown (Wed, 09 Feb 2022 21:30:54 GMT):
The Identity Implementer’s WG meeting for tomorrow (Feb 10th) has been cancelled. Please join us in our next meeting on Feb 26th (9am MT / 4pm UTC).

joseucarvajal (Wed, 09 Feb 2022 23:16:07 GMT):
Has joined the channel.

lynn.bendixsen (Thu, 10 Feb 2022 00:14:53 GMT):
Hello @heysatya, This appears to obe a similar issue that devg had, which is that you might have tried to run in an environment without GUI capabilities. If you have installed a server without a GUI (minimal, etc.) then please try again with a "desktop" version of Ubuntu 18.04.

lynn.bendixsen (Thu, 10 Feb 2022 00:14:53 GMT):
Hello @heysatya, This appears to be a similar issue that devg had, which is that you might have tried to run in an environment without GUI capabilities. If you have installed a server without a GUI (minimal, etc.) then please try again with a "desktop" version of Ubuntu 18.04.

kaushikkumarbora (Thu, 10 Feb 2022 06:25:59 GMT):
Has joined the channel.

kalyankonda (Thu, 10 Feb 2022 07:05:31 GMT):
Appreciate if you have any references here.

kalyankonda (Thu, 10 Feb 2022 07:05:41 GMT):
To provide more context: we are planning to migrate from 5.6 version agent to 7.3 (which I belive it latest stable one). We have migrated agent to 7.3 without any issues/changes from our controller. We are using 1.0 APIs in our controller. Now, we are planning to migrate to 2.0 APIs. We are planning to migrate our an agent (and controller to 2.0 APIs) which acts as both Issuer and Verifer. Currenly, we are using Trinsic as Holder wallet.

eeeeegik (Thu, 10 Feb 2022 07:38:30 GMT):
Has joined the channel.

Koraycill (Thu, 10 Feb 2022 11:49:56 GMT):
Has joined the channel.

jann2005 (Thu, 10 Feb 2022 12:07:43 GMT):
Has joined the channel.

devg (Thu, 10 Feb 2022 12:43:10 GMT):
Sure Lynn, Thanks. I'll try this out. Could you please share the timings and details for our Aries community weekly call.

AngelEscudero (Thu, 10 Feb 2022 12:58:13 GMT):
Has joined the channel.

devg (Thu, 10 Feb 2022 13:14:56 GMT):
Hey @lynn.bendixsen I was able to run it. Thanks again!

lynn.bendixsen (Thu, 10 Feb 2022 17:12:09 GMT):
I think this link has the call information you are wanting. There is a hyperledger calendar also, that is likely the best way to get a copy of the meeting on your calendar: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings Tuesday, February 15 is the next Aries Workgroup meeting.

lynn.bendixsen (Thu, 10 Feb 2022 17:12:09 GMT):
I think this link has the call information you are wanting. https://wiki.hyperledger.org/display/ARIES/Aries+Working+Group There is a hyperledger calendar also, that is likely the best way to get a copy of the meeting on your calendar: https://wiki.hyperledger.org/display/HYP/Calendar+of+Public+Meetings Tuesday, February 15 is the next Aries Workgroup meeting.

kukgini (Fri, 11 Feb 2022 00:20:10 GMT):
Hi here. Is this channel moved on to discord like other hyperledger projects? The reason for asking this is that the rest of the channels such as aries-go are not in discord.

devg (Fri, 11 Feb 2022 04:36:18 GMT):
That's great. Thanks for sharing the info @lynn.bendixsen . Looking forward to contributing to Aries.

mgmgwi (Fri, 11 Feb 2022 09:22:19 GMT):
Has joined the channel.

ethereal1m (Fri, 11 Feb 2022 09:38:56 GMT):
Has joined the channel.

swcurran (Fri, 11 Feb 2022 14:49:42 GMT):
We'll get them created. I just created the aries-cloudagent-python and will get the rest created over the weekend.

swcurran (Fri, 11 Feb 2022 14:59:53 GMT):
All the Aries and Indy channels from RocketChat have been created on Discord.

ianco (Fri, 11 Feb 2022 15:23:07 GMT):
When is HLRC shutting down?

swcurran (Fri, 11 Feb 2022 16:40:27 GMT):
@rjones should answer that, but I sure hope the answer is "never" (or at least a very long time). Lots of info to find here...

rjones (Fri, 11 Feb 2022 16:40:27 GMT):
Has joined the channel.

TimoGlastra (Fri, 11 Feb 2022 16:41:22 GMT):
How can I join the discord?

ianco (Fri, 11 Feb 2022 16:42:46 GMT):
There's an invite at: https://chat.hyperledger.org/home

rjones (Fri, 11 Feb 2022 16:52:59 GMT):
@swcurran we will be exporting this as a static website, like we did for slack.

rjones (Fri, 11 Feb 2022 21:49:19 GMT):
this chat has moved to https://discord.gg/hyperledger

rjones (Fri, 11 Feb 2022 23:27:08 GMT):
Has left the channel.

cKurz (Mon, 14 Feb 2022 09:50:46 GMT):
Has joined the channel.

moonspore (Fri, 25 Feb 2022 03:55:10 GMT):
Has joined the channel.

hanscj1 (Mon, 07 Mar 2022 21:41:43 GMT):
Has joined the channel.

djyalu (Tue, 15 Mar 2022 13:51:54 GMT):
Has joined the channel.

SheraliInamdar (Tue, 22 Mar 2022 08:37:27 GMT):
Has joined the channel.

parrhesiajoe (Tue, 29 Mar 2022 00:29:12 GMT):
Has joined the channel.