-
Notifications
You must be signed in to change notification settings - Fork 516
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Indy DID Method spec (NYM transaction version 2) is not supported by ACA-Py #3224
Comments
Something I'd like to clarify
The same way that:
There's the concept of qualified/unqualified DID, but I strongly disagree with this as the did core specification has a strict representation that a DID MUST be a URI: Unqualified DIDs are NOT DIDs, they are just an identifier. This term is misleading. Now with this out of the way, what is the difference between did:sov and did:indy when resolving? DID sov is just this, the did prefix DID indy adds the concept of namespaces in the did prefix: This sort of addresses the issue, but the problem still remains that the resolver will need to have a list (or directory structure) of known Indy networks. Both of these DID methods require a resolver which has existing knowledge of which networks it knows and their labels.
There's currently no way to provision aca-py with a seed resulting in something else than a sov provisioned identifier. However, a resolver will still be able to resolve this DID registered on the network using a What the did indy method adds is a specified method to refer to other published objects such as anoncreds object through paths. @JoLuPuma my first question would be, what do you look to achieve by using the For the backwards compatibility part, yes I think this is something that should be included in aca-py. Is this something your team can look into? |
@PatStLouis
|
This makes sense yes, so theres 2 things I could see happening:
|
First, it’s know that for the self-certifying Did’s, the namespace identifier or DID identifier is derived from the public key (Verkey). So for a same SEED value the DID identifier is different if we use the did:sov or did:indy approach (the Verkey remains the same in both cases). https://hyperledger.github.io/indy-did-method/#nym-transaction-version
For example , for a given SEED I generated this:
did:indy approach
DID: NLe9bFbaNs1Eareg4eCXky and Verkey: 2EDa4DdtBVSVthbjP7S4p6u8tPZpasV9ywc9xLn1SkpA
did:sov approach
DID: 3FfZB8jq8kch5qddakysA2 and Verkey: 2EDa4DdtBVSVthbjP7S4p6u8tPZpasV9ywc9xLn1SkpA
My use case:
DID: NLe9bFbaNs1Eareg4eCXky and Verkey: 2EDa4DdtBVSVthbjP7S4p6u8tPZpasV9ywc9xLn1SkpA
indy_vdr.error.VdrError: Request failed: client request invalid: could not authenticate, verkey for 3FfZB8jq8kch5qddakysA2 cannot be found
3FfZB8jq8kch5qddakysA2
published in the ledgerIs it planned to replace did:sov by did:indy in ACA-Py or support both as described here?
The text was updated successfully, but these errors were encountered: