Summary:
| Excerpt |
|---|
Topics:
|
...
Call Time: 8:00 Pacific / 16:00 CET
Recordings From the Call: 20230110 ACA-Pug Community Call Recording.mp4
- Full Meeting: Aries Cloud Agent Python User Group Meeting Call Recording.mp4
- Topics:
|
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Welcome, Introductions and Announcements
Attendees
- Stephen Curran (BC Gov/Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>,Announcements
- Warren Gallagher (AffinitiQuest.io) <warren@affinitiquest.io>
Agenda
- Update on BC Gov Code With Us – ACA-Py Indy-SDK to Askar conversion script - Indicio
- Started from Andrew's script, SQLite only though
- Adding Postgres support
- Upgraded the per database wallet and adding tests
- Repo is
- Drawing: https://hackmd.io/dj-ZYA6NSAiEbq0vMFvlrw?view
- Discussion about the requirements for general use
- How mobile notifications should be used in conjunction with websockets, but not as a replacement
- Could use HTTP "return-pickup", where a wallet makes an HTTP request, and in the response receives queued messages – Aries RFC 0092
- github.com/Indicio-tech/acapy-wallet-upgrade; open question as to where it will live in the end – ACA-Py or external? Leaning to leaving it outside.
- Current branch: https://github.com/Indicio-tech/acapy-wallet-upgrade/tree/feature/psql-support
- From Timo Glastra – AFJ issue: From Chat:
- WS connections are sticky to a mediator instance, but are subject to being disconnected, such as when you move from wifi to cell network.
- From Colton Wolkins Or if the IP changes, you're not guaranteed to hit the same mediator
- From Clecio : So, 1 queue for incoming messages? Multiple queues for outgoing messages? The processor is really just listening for incoming messages, and adding to the right queue? From Dave McKay : Sequence diagrams here:https://github.com/hyperledgerIndicio-tech/ariesacapy-cloudagentwallet-pythonupgrade/blobtree/main/Mediation.md
- From Jason Leach : I made the assumption that “Wallets” was a mobile device thus WebSocket were needed.
- From Jason Leach : There are few other cases I can think of where a mediator is needed.
- From Clecio : I think all incoming messages are queue for resilience and fault tolerance. Each instance of the mediator may then process that queue and either add to the web socket queue or immediately send (http) to the target destination
- From Clecio : I am assuming that we need to support web sockets at least for now, is that correct?
- From Clecio : The push notification can be added later and reuse the http post strategy feature/psql-support
- Issue: #2044 in ACA-Py is about the ledger-agnostic AnonCreds interface
- Hack MD Document: https://hackmd.io/Ailjb-WDTeC48EjF0gjrGA
- DID Registration interface from DIF: https://identity.foundation/did-registration/ – basis of the API
- Bottom line – a new endpoint /anoncreds will be added to the Admin API for handling AnonCreds
- Will handle the differences in the ledgers
- Tricky will be handling endorsing within Indy – and possibly other ledgers that need similar (but not the same) support
- RootsID working on Cardano AnonCreds implementation
- https://github.com/roots-id/cardano-anoncreds
- AnonCreds Method Registry entry: https://hyperledger.github.io/anoncreds-methods-registry/#cardano-anoncreds-method
- Question from Alex in chat: What would be the process to add cheqd and cardano anoncreds in acapy 1.0? Is the driver to write to the ledger enough?
- From Timo Glastra : Alex, there's some work that needs to be done on the did registrar module, as you need to have the key in the wallet to publish to the ledgers
- Adding a Documentation site for ACA-Py - as nice as the AFJ one - https://aries.js.org/
- AIP 2.0 Support
- Legacy Peer DIDs / Peer DIDs / DID Key / Encryption Envelope
- Please Ack
- Other activities:
- Cluster Support - PQs and Shared Cache - Documentation and Testing
- OCA for Aries – Issuer support, plus holder for testing
- Ledger Agnostic DIDs
- Ledger Agnostic AnonCreds
- Drop indy-sdk support in 1.0?
- OK if we have the upgrade script and do some patch releases if really needed.
- Agents with different underlying features can interop – indy-sdk and shared-components
- Drop indy-sdk support in 1.0?
- Need a release roadmap, as that is a long list for 1.0.0.
- Encryption Envelope for DIDComm V2, issues
- Issue to discuss:
- Encryption envelope in Askar - how do we proceed to get that created?
- Other libraries are available (Python, Rust, others)
- Question: Should the ACA-Py architecture remain with the envelope in Askar or use an external.
Next Meeting
- - e.g., SICPA – should we use one of those are keep working on Askar's implementation?
- Askar – somethings are still missing
- SICPA Python library is more complete - suggestion is to use that - donated to the OWF - contact SICPA to find out development status
- Indicio also looking at it.
- Use authlib – private keys are being called to a library – makes it harder to use an HSM for handling secrets
- 2 or 3 others available - Rust, Go
- Decision: Go with SICPA library for now.
- - e.g., SICPA – should we use one of those are keep working on Askar's implementation?
- Python upgrade
- Completing the upgrade away from 3.6. What is needed?
- Creating images for 3.9 as the target - Daniel Bluhm has started, but if others want to pick it up, he'll review.
- Why are 3.7 and 3.10 failing? Could be a dependency issue away from 3.6.
- First important step is 3.9 images.
- Completing the upgrade away from 3.6. What is needed?
Next Meeting
- Does anyone use/see a use case for Web Sockets and Return Route beyond ACA-Py as a mobile agent mediator
- Encryption Envelope for DIDComm V2
- What gets ACA-Py to v1.0
- Mediators, Redis and Horizontal Scaling
- Adding DIDComm V2 to ACA-Py – the encryption envelope. What is the best path forward?
- Issue 2029: Additional security controls for webhooks for multi-tenancyOther topics TBD