Versions Compared

Old Version 6

changes.mady.by.user Ian Costanzo

Saved on

compared with

New Version 7

changes.mady.by.user Troy Ronda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Aries Framework .NET is a .NET implementation that implements AIP 1.0 that powers both major enterprise deployments (e.g. Trinsic, estatus AG, IDRamp, etc.) and a number of mobile wallets (Trinsic, estatus, LISSI and many of others). Aries Framework .NET currently implements support for Indy ledgers and Indy's AnonCreds verifiable credential format.
  • Aries Cloud Agent Python (ACA-Py) is a Python implementation of AIP 1.0 that powers a number of major Aries enterprise deployments, including those at BC Gov, SICPA, Bosch, BMW and others. ACA-Py currently implements support for Indy ledgers and Indy's AnonCreds verifiable credential format.
  • Aries Framework Go is a pure Go implementation of (the to be finalized) AIP 2.0. Aries Framework Go maintainers (SecureKey and others) choose not to implement a ledger-agnostic approach without support for Indy features (and hence, do not support AIP 1.0), but do support other DID methods (including Hyperledger Fabric-based TrustBloc and Sidetree DIDs) and W3C Standard JSON-LD verifiable credentials.

...

  • Legal

    • All code has been made available under the Apache License and is free of incompatible dependencies

      • Response: All Hyperledger Aries frameworks are Apache 2.0 Licenses.

    • Project name has been checked for trademark issues

      • Response: Checking was done at proposal time, and changes made accordingly. TO BE CONFIRMED.

  • Community support

    • The project must have an active and diverse set of contributing members representing various constituencies

      • Response: From the Aries Activity Dashboard, in the last 6 months, 9 different organizations made substantial contributions (by commit), with another 10% of the 1,493 commits coming from "Other" and "Unknown" organizations. 
      • Response: The Aries WG calls continue to draw a good crowd, remain at 1.5 hours per week, with each meeting filled with discussion from start to finish.
      • Response: There are many, many non-contributing organizations building on Aries protocols and open source projects.

    • The project is not highly dependent on any single contributor (there are at least 3 legally independent committers and there is no single company or entity that is vital to the success of the project)

      • Response: There is a solid base and a growing number of organizations involved in Aries development. 

    • Release plans are developed and executed in public by the community.

      • Response: The ongoing work in the Aries Working Group calls, in the Aries RFC, in the implemented AIP 1.0, and in the upcoming AIP 2.0 target demonstrates the release plans that have been made, executed and continue to be defined for 2021 and beyond. 

  • Sufficient test coverage
    The project must include a comprehensive unit and integration test suite and document its coverage. Additional performance and scale test capability is desirable.

    • Response: Aries Cloud Agent Python currently has (per a recent commit CI run) 2437 unit tests and coverage hovering around 99%. As well, Aries Agent Test Harness runs on demand and daily against main to run RFC protocol level test cases that cover all of AIP 1.0.
    • Response: The BC Gov team has a scalable infrastructure (built on Kubernetes) using multiple ACA-Py instances to issues millions of verifiable credentials in as short a time as possible. The most recent execution of that test demonstrated sustained performance of 1200/credentials per minute. The full test has not been run since new shared components (such as Aries Askar) have been available, but preliminary results suggest that the sustained performance will improve.
    • Response: Aries Framework Go has 89% unit test coverage (as reported by codecov) and additionally has a suite of integration/bdd tests. AFG also includes tests against specification test suites (currently Verifiable Credential Data Model): Aries Framework Go Test Reports.

  • Sufficient user documentation
    The project must including enough documentation for anyone to test or deploy any of the modules.

    • Response: Aries Cloud Agent Python has sufficient documentation and documented demonstration scenarios that developers can have running code in a matter of minutes at the command line and API level. Demonstrations can be run using docker in the browser (using Play-With-Docker) to include ACA-Py to ACA-Py tests and tests using 3rd-party Aries mobile wallets downloaded from The App Store and Google Play.
    • Response: The Linux Foundation edX course "Becoming an Aries Developer" provides a sound grounding in the Aries development.
    • Response: There are a number of example Aries apps available for demonstration from organizations like BC Gov, Trinsic, Evernym.

  • Alignment

    • Requirements fulfillment
      The project must document what requirements and use cases it addresses.

      • Response: The Aries RFCs repository, clearly documents the use case and protocols Aries addresses. As well, there are a number of resources on the Internet that describes at a full range of levels the goals of Trust over IP, Self-Sovereign Identity (SSI) and related uses of Aries Agents. The COVID-19 pandemic and the need for trust information about testing and vaccine has brought Aries use cases to the mainstream.

    • Architecture
      The project must document how it fits within the Hyperledger Architecture

      • Response: To be determined.

    • Compatibility with other Hyperledger projects
      Where applicable, the project should be compatible with other active projects.

      • Response: ACA-Py, Aries Framework .NET and several other frameworks integrate closely with Hyperledger Indy and Ursa. Aries Framework Go enables pluggable DID methods and has integrated a DID method implementation that uses Hyperledger Fabric as its public ledger. In theory, Aries is agnostic to the ledger (other mechanism) on which is stored the necessary DIDs and cryptographic material to support verifiable credential exchange.
      • Response: Aries Framework Go is ledger-agnostic. Users of the framework can bring their own DID methods (and underlying ledgers) and the framework features such as Verifiable Credentials are also agnostic to the DID method (and underlying ledgers). We have also demonstrated integration with a DID method implementation that uses Hyperledger Fabric as its public ledger.

    • Release numbering: the project should use the Hyperledger standard release taxonomy, once that is agreed upon.

      • Response: All major Aries frameworks use semvar versioning schemes, with a long history of appropriately numbered releases. For example, Aries Cloud Agent Python had 11 releases in calendar 2020 and has had 5 minor releases since launch. Aries Framework Go had 5 releases in calendar 2020.
      • Response: The achievement and demonstration of AIP 1.0 conformance by multiple implementers was (in retrospect) sufficient to be declared "1.0".

    • Project must make a release, even a “developer preview”, before graduation.

      • Response: Each Aries framework will consider this and decide on how to transition to release 1.0.0.

  • Infrastructure

    • Gerrit or Github repo has been created

      • Done.

    • Mailing lists have been created and are archived

      • Done and active.

    • Other communication means used, such as slack channels, are set up

      • Done and extremely active.

    • Project is set up with Continuous Integration

      • Response: The major Aries frameworks all have full CI/CD and generate 

    • All information necessary for someone to join the community and be able to start contributing is duly documented (location of repo, list of maintainers, mailing lists addresses, slack channels if used, etc) following the Hyperledger Project standard practice (CONTRIBUTING.md, MAINTAINERS.txt, etc)

      • Response: Most of the repolinter information is there for ACA-Py. Updates to ensure everything is there.

  • CII Badge 
    A team seeking to graduate from incubation shall have started the CII Badge application and be nearly complete with incomplete badge requirements referenced in their graduation proposal. 100% of the applicable criteria for the CII Badge is a requirement for releasing a 1.0 of the project. That does not mean the project must have 100% of all criteria, just 100% of the applicable criteria. This is to allow for projects such as test harnesses, that have “N/A” answers for questions that don't offer that as an option.

    • Response: ACA-Py has a full CI/CD implementation. Will verify that it meets the needs.

...

  • Sufficient real world use
    The project should be used in real applications and not just in demos. Because not all real applications may be discussed publicly, in such cases statements providing as much details as possible should be made.

    • Response: Government of British Columbia's OrgBook is in production using multiple instances of ACA-Py to issue verifiable credentials to an enterprise holder (wallet).
    • Response: <More to be added>SecureKey uses aries-framework-go in several TrustBloc projects as a verifiable credential agent & wallet framework and for verifiable credential handling. Aries Framework Go is used within servers, within mobile (via gomobile build) and within the browser (via WASM build). SecureKey has also built DID method integration for Hyperledger Fabric, used the framework with other DID methods, and are also working towards a new ledger-agnostic DID method (did:orb) that we plan to integrate to aries-framework-go. We have also included components that consume Aries-Framework-Go in an interoperability plugfest (example: w3c ccg). 

  • Sufficient scalability
    The project must demonstrate sufficient scalability and document its scalability over various dimensions such as:

    • Maximum number of transactions per second

      • Response: Current highest transactions rate is 1200 issued verifiable credentials per minute, however, multiple options for scaling are available.

    • Maximum number of transactions per chain

      • Response: N/A

    • Maximum size of a block

      • Response: N/A

  • Minimum test code coverage expected, such as, for example:

    • Minimum coverage for Security & cryptography

      • Response: Some Aries frameworks embed Hyperledger Ursa for cryptography. Other cryptographic components are embedded libraries. No cryptographic components are developed in Aries implementations.
      • Response: A great deal of the focus of the lowest level Aries protocols (DIDComm) was built based on security best practices using guidance from a number of experts in a variety of organizations.

    • Minimum coverage for other functionality

      • Response: As noted, ACA-Py has about 99% unit test coverage and a full integration test library at the Aries protocols level covering AIP 1.0.

    • Minimum coverage for Business logic/smart contract

      • Response: N/A