Skip to content

Commit

Permalink
Update to kli multisig join command work correctly for IPEX ADMIT mes…
Browse files Browse the repository at this point in the history
…sages (WebOfTrust#711)

* adding command for ipex

Signed-off-by: Kevin Griffin <[email protected]>

* return True in proper places for both join commands.

update multisig issuer interactive command to use join for all multisig events.

Signed-off-by: pfeairheller <[email protected]>

* Updates to migrate / quartet sample scripts for testing multisig migration and rotation.

Signed-off-by: pfeairheller <[email protected]>

* wip

Signed-off-by: Kevin Griffin <[email protected]>

* Updates to ipex kli commands and script to get `ipex join` working correctly for admit messages.

Signed-off-by: pfeairheller <[email protected]>

---------

Signed-off-by: Kevin Griffin <[email protected]>
Signed-off-by: pfeairheller <[email protected]>
Co-authored-by: Kevin Griffin <[email protected]>
  • Loading branch information
pfeairheller and m00sey authored Mar 17, 2024
1 parent 3f683b3 commit 6495a90
Show file tree
Hide file tree
Showing 17 changed files with 579 additions and 116 deletions.
21 changes: 11 additions & 10 deletions scripts/demo/basic/migrate-quadlet.sh
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
#!/bin/bash

kli migrate --name multisig1
kli migrate --name multisig2
kli migrate --name multisig3
kli migrate --name multisig4
kli migrate --name delegator --force
kli migrate --name multisig1 --force
kli migrate --name multisig2 --force
kli migrate --name multisig3 --force
kli migrate --name multisig4 --force

kli migrate --name wil
kli migrate --name wan
kli migrate --name wes
kli migrate --name wit
kli migrate --name wub
kli migrate --name wyz
kli migrate --name wil --force
kli migrate --name wan --force
kli migrate --name wes --force
kli migrate --name wit --force
kli migrate --name wub --force
kli migrate --name wyz --force
8 changes: 4 additions & 4 deletions scripts/demo/basic/rotate-new-quartet.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ kli query --name multisig1 --alias multisig1 --prefix EJccSRTfXYF6wrUVuenAIHzwcx

# Perform rotation of mulisig AID from local kli AIDs that roll themselves out and the new AIDs in
kli multisig rotate --name multisig1 --alias multisig \
--smids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4:2 \
--smids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1:2 \
--smids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4:1 \
--smids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1:1 \
--smids EBFg-5SGDCv5YfwpkArWRBdTxNRUXU8uVcDKNzizOQZc:0 \
--smids EBmW2bXbgsP3HITwW3FmITzAb3wVmHlxCusZ46vgGgP5:0 \
--smids EL4RpdS2Atb2Syu5xLdpz9CcNNYoFUUDlLHxHD09vcgh:0 \
Expand All @@ -22,8 +22,8 @@ kli multisig rotate --name multisig1 --alias multisig \
pid=$!
PID_LIST="$pid"
kli multisig rotate --name multisig2 --alias multisig \
--smids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4:2 \
--smids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1:2 \
--smids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4:1 \
--smids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1:1 \
--smids EBFg-5SGDCv5YfwpkArWRBdTxNRUXU8uVcDKNzizOQZc:0 \
--smids EBmW2bXbgsP3HITwW3FmITzAb3wVmHlxCusZ46vgGgP5:0 \
--smids EL4RpdS2Atb2Syu5xLdpz9CcNNYoFUUDlLHxHD09vcgh:0 \
Expand Down
141 changes: 141 additions & 0 deletions scripts/demo/credentials/multisig-grant-multisig-admit.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
#!/bin/bash
# To run this script you need to run the following command in separate terminals:
# > kli witness demo
# and from the vLEI repo run:
# > vLEI-server -s ./schema/acdc -c ./samples/acdc/ -o ./samples/oobis/
#

# issuer 1
# EEVlFHcMWAQNwezHjyKK5cKKzF6zgLlnrLyi_CcAEXCs
# issuer 2
# EFJtDtSoE6XOOqLoLvYoB7ctCzMtJDiAJltnXiK_EdlM
# issuee 1
# EI0IoYyHxXc7_uQyaN2WocSC3lRZsvrDAPbREOw7fM0_
# issuee 2
# EPw5WQAFcNXXSbg_pTKgh8-K_rfXnD1uDKS13OeNHkKE
# issuer group
# ELrnb8aI_wy2q_sSbCAwkgy2kOdMpRI1urFrhQiMJGLW
# issuee group
# ELkmm28zQEyxkryJZQ4WVT4fjukklM4dR91l2DQfQHZK

# Create local environments for issuer group
kli init --name issuer1 --salt 0ACDEyMzQ1Njc4OWxtbm9aBc --nopasscode --config-dir ${KERI_SCRIPT_DIR} --config-file demo-witness-oobis
kli incept --name issuer1 --alias issuer1 --file ${KERI_DEMO_SCRIPT_DIR}/data/issuer-1-sample.json

# Incept both local identifiers for issuer group
kli init --name issuer2 --salt 0ACDEyMzQ1Njc4OWdoaWpsaw --nopasscode --config-dir ${KERI_SCRIPT_DIR} --config-file demo-witness-oobis
kli incept --name issuer2 --alias issuer2 --file ${KERI_DEMO_SCRIPT_DIR}/data/issuer-2-sample.json

# Exchange OOBIs between issuer group
kli oobi resolve --name issuer1 --oobi-alias issuer2 --oobi http://127.0.0.1:5642/oobi/EFJtDtSoE6XOOqLoLvYoB7ctCzMtJDiAJltnXiK_EdlM/witness
kli oobi resolve --name issuer2 --oobi-alias issuer1 --oobi http://127.0.0.1:5642/oobi/EEVlFHcMWAQNwezHjyKK5cKKzF6zgLlnrLyi_CcAEXCs/witness

# Create the identifier to which the credential will be issued
kli init --name issuee1 --salt 0ACDEyMzQ1Njc4OWxtbm9qWc --nopasscode --config-dir ${KERI_SCRIPT_DIR} --config-file demo-witness-oobis
kli incept --name issuee1 --alias issuee1 --file ${KERI_DEMO_SCRIPT_DIR}/data/issuee-1-sample.json

# Create the identifier to which the credential will be issued
kli init --name issuee2 --salt 0ACDEyMzQ1Njc4OWxtbm9qWc --nopasscode --config-dir ${KERI_SCRIPT_DIR} --config-file demo-witness-oobis
kli incept --name issuee2 --alias issuee2 --file ${KERI_DEMO_SCRIPT_DIR}/data/issuee-2-sample.json

# Exchange OOBIs between issuee group
kli oobi resolve --name issuee1 --oobi-alias issuee2 --oobi http://127.0.0.1:5642/oobi/EPw5WQAFcNXXSbg_pTKgh8-K_rfXnD1uDKS13OeNHkKE/witness
kli oobi resolve --name issuee2 --oobi-alias issuee1 --oobi http://127.0.0.1:5642/oobi/EI0IoYyHxXc7_uQyaN2WocSC3lRZsvrDAPbREOw7fM0_/witness

# Introduce issuer to issuee
kli oobi resolve --name issuee1 --oobi-alias issuer1 --oobi http://127.0.0.1:5642/oobi/EEVlFHcMWAQNwezHjyKK5cKKzF6zgLlnrLyi_CcAEXCs/witness
kli oobi resolve --name issuee2 --oobi-alias issuer1 --oobi http://127.0.0.1:5642/oobi/EEVlFHcMWAQNwezHjyKK5cKKzF6zgLlnrLyi_CcAEXCs/witness
kli oobi resolve --name issuee1 --oobi-alias issuer2 --oobi http://127.0.0.1:5642/oobi/EFJtDtSoE6XOOqLoLvYoB7ctCzMtJDiAJltnXiK_EdlM/witness
kli oobi resolve --name issuee2 --oobi-alias issuer2 --oobi http://127.0.0.1:5642/oobi/EFJtDtSoE6XOOqLoLvYoB7ctCzMtJDiAJltnXiK_EdlM/witness

# Introduce the issuee to issuer
kli oobi resolve --name issuer1 --oobi-alias issuee1 --oobi http://127.0.0.1:5642/oobi/EI0IoYyHxXc7_uQyaN2WocSC3lRZsvrDAPbREOw7fM0_/witness
kli oobi resolve --name issuer2 --oobi-alias issuee1 --oobi http://127.0.0.1:5642/oobi/EI0IoYyHxXc7_uQyaN2WocSC3lRZsvrDAPbREOw7fM0_/witness
kli oobi resolve --name issuer1 --oobi-alias issuee2 --oobi http://127.0.0.1:5642/oobi/EPw5WQAFcNXXSbg_pTKgh8-K_rfXnD1uDKS13OeNHkKE/witness
kli oobi resolve --name issuer2 --oobi-alias issuee2 --oobi http://127.0.0.1:5642/oobi/EPw5WQAFcNXXSbg_pTKgh8-K_rfXnD1uDKS13OeNHkKE/witness

## Load Data OOBI for schema of credential to issue
kli oobi resolve --name issuer1 --oobi-alias vc --oobi http://127.0.0.1:7723/oobi/EBfdlu8R27Fbx-ehrqwImnK-8Cm79sqbAQ4MmvEAYqao
kli oobi resolve --name issuer2 --oobi-alias vc --oobi http://127.0.0.1:7723/oobi/EBfdlu8R27Fbx-ehrqwImnK-8Cm79sqbAQ4MmvEAYqao
kli oobi resolve --name issuee1 --oobi-alias vc --oobi http://127.0.0.1:7723/oobi/EBfdlu8R27Fbx-ehrqwImnK-8Cm79sqbAQ4MmvEAYqao
kli oobi resolve --name issuee2 --oobi-alias vc --oobi http://127.0.0.1:7723/oobi/EBfdlu8R27Fbx-ehrqwImnK-8Cm79sqbAQ4MmvEAYqao

# Run the follow in parallel and wait for the issuer group to be created:
kli multisig incept --name issuer1 --alias issuer1 --group issuer --file ${KERI_DEMO_SCRIPT_DIR}/data/issuer-multisig-sample.json &
pid=$!
PID_LIST+=" $pid"

kli multisig join --name issuer2
pid=$!
PID_LIST+=" $pid"

wait $PID_LIST

# Run the follow in parallel and wait for the issuee group to be created:
kli multisig incept --name issuee1 --alias issuee1 --group issuee --file ${KERI_DEMO_SCRIPT_DIR}/data/issuee-multisig-sample.json &
pid=$!
PID_LIST+=" $pid"

kli multisig join --name issuee2
pid=$!
PID_LIST+=" $pid"

wait $PID_LIST

# Introduce issuer issuer issuer to issuees
kli oobi resolve --name issuer1 --oobi-alias issuee --oobi http://127.0.0.1:5642/oobi/ELkmm28zQEyxkryJZQ4WVT4fjukklM4dR91l2DQfQHZK/witness
kli oobi resolve --name issuer2 --oobi-alias issuee --oobi http://127.0.0.1:5642/oobi/ELkmm28zQEyxkryJZQ4WVT4fjukklM4dR91l2DQfQHZK/witness

kli oobi resolve --name issuee1 --oobi-alias issuer --oobi http://127.0.0.1:5642/oobi/ELrnb8aI_wy2q_sSbCAwkgy2kOdMpRI1urFrhQiMJGLW/witness
kli oobi resolve --name issuee2 --oobi-alias issuer --oobi http://127.0.0.1:5642/oobi/ELrnb8aI_wy2q_sSbCAwkgy2kOdMpRI1urFrhQiMJGLW/witness

# Create a credential registry owned by the issuer issuer
kli vc registry incept --name issuer1 --alias issuer --registry-name vLEI --usage "Issue vLEIs" --nonce AHSNDV3ABI6U8OIgKaj3aky91ZpNL54I5_7-qwtC6q2s &
pid=$!
PID_LIST=" $pid"

echo "issuer2 looking to join credential registry creation"
kli multisig join --name issuer2

wait $PID_LIST

# Issue Credential
kli vc create --name issuer1 --alias issuer --registry-name vLEI --schema EBfdlu8R27Fbx-ehrqwImnK-8Cm79sqbAQ4MmvEAYqao --recipient ELkmm28zQEyxkryJZQ4WVT4fjukklM4dR91l2DQfQHZK --data @${KERI_DEMO_SCRIPT_DIR}/data/credential-data.json &
pid=$!
PID_LIST+=" $pid"

echo "issuer2 looking to join credential creation"
kli multisig join --name issuer2

wait $PID_LIST

SAID=$(kli vc list --name issuer1 --alias issuer --issued --said)

kli ipex grant --name issuer1 --alias issuer --said "${SAID}" --recipient ELkmm28zQEyxkryJZQ4WVT4fjukklM4dR91l2DQfQHZK &
pid=$!
PID_LIST="$pid"

kli ipex join --name issuer2

wait ${PID_LIST}

echo "Polling for issuee1's IPEX message..."
SAID=$(kli ipex list --name issuee1 --alias issuee1 --poll --said | sed -n '1 p')

echo "Polling for issuee2's IPEX message..."
kli ipex list --name issuee2 --alias issuee2 --poll --said

echo "Issuee1 Admitting GRANT ${SAID}"
kli ipex admit --name issuee1 --alias issuee --said "${SAID}" &
pid=$!
PID_LIST="$pid"

echo "Issuee2 Admitting GRANT ${SAID}"
kli ipex join --name issuee2

wait ${PID_LIST}

kli vc list --name issuee1 --alias issuee

echo "Issuer1 checking for ADMIT"
kli ipex list --name issuer1 --alias issuer --poll
11 changes: 7 additions & 4 deletions scripts/demo/credentials/multisig-issuer-interactive.sh
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,12 @@ kli multisig incept --name multisig1 --alias multisig1 --group multisig --file $
pid=$!
PID_LIST+=" $pid"

kli multisig incept --name multisig2 --alias multisig2 --group multisig --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-sample.json &
pid=$!
PID_LIST+=" $pid"
#kli multisig incept --name multisig2 --alias multisig2 --group multisig --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-sample.json &
#pid=$!
#PID_LIST+=" $pid"
#
echo "Multisig2 looking to join inception event"
kli multisig join --name multisig2

wait $PID_LIST
kli oobi resolve --name holder --oobi-alias multisig --oobi http://127.0.0.1:5642/oobi/EC61gZ9lCKmHAS7U5ehUfEbGId5rcY0D7MirFZHDQcE2/witness
Expand Down Expand Up @@ -77,7 +80,7 @@ kli ipex grant --name multisig1 --alias multisig --said "${SAID}" --recipient EL
pid=$!
PID_LIST="$pid"

kli multisig join --name multisig2
kli ipex join --name multisig2

wait ${PID_LIST}

Expand Down
2 changes: 1 addition & 1 deletion scripts/demo/credentials/multisig-issuer.sh
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ echo "Polling for holder's IPEX message..."
SAID=$(kli ipex list --name holder --alias holder --poll --said)

echo "Admitting GRANT ${SAID}"
kli ipex admit --name holder --alias holder --said "${SAID}"
kli ipex admit --name holder --alias holder --said "${SAID}" --time "${TIME}"

kli vc list --name holder --alias holder --poll

Expand Down
14 changes: 14 additions & 0 deletions scripts/demo/data/issuee-1-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 2,
"icount": 1,
"ncount": 1,
"isith": "1",
"nsith": "1"
}

14 changes: 14 additions & 0 deletions scripts/demo/data/issuee-2-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 2,
"icount": 1,
"ncount": 1,
"isith": "1",
"nsith": "1"
}

15 changes: 15 additions & 0 deletions scripts/demo/data/issuee-multisig-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"aids": [
"EI0IoYyHxXc7_uQyaN2WocSC3lRZsvrDAPbREOw7fM0_",
"EPw5WQAFcNXXSbg_pTKgh8-K_rfXnD1uDKS13OeNHkKE"
],
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 3,
"isith": "2",
"nsith": "2"
}
13 changes: 13 additions & 0 deletions scripts/demo/data/issuer-1-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 2,
"icount": 1,
"ncount": 1,
"isith": "1",
"nsith": "1"
}
13 changes: 13 additions & 0 deletions scripts/demo/data/issuer-2-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 2,
"icount": 1,
"ncount": 1,
"isith": "1",
"nsith": "1"
}
15 changes: 15 additions & 0 deletions scripts/demo/data/issuer-multisig-sample.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"aids": [
"EEVlFHcMWAQNwezHjyKK5cKKzF6zgLlnrLyi_CcAEXCs",
"EFJtDtSoE6XOOqLoLvYoB7ctCzMtJDiAJltnXiK_EdlM"
],
"transferable": true,
"wits": [
"BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha",
"BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM",
"BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX"
],
"toad": 3,
"isith": "2",
"nsith": "2"
}
25 changes: 18 additions & 7 deletions src/keri/app/cli/commands/ipex/admit.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
parser.add_argument("--said", "-s", help="SAID of the exn grant message to admit", required=True)
parser.add_argument("--message", "-m", help="optional human readable message to "
"send to recipient", required=False, default="")
parser.add_argument("--time", help="timestamp", required=False, default=None)


def handler(args):
Expand All @@ -39,15 +40,17 @@ def handler(args):
base=args.base,
bran=args.bran,
said=args.said,
message=args.message)
message=args.message,
timestamp=args.time)
return [ed]


class AdmitDoer(doing.DoDoer):

def __init__(self, name, alias, base, bran, said, message):
def __init__(self, name, alias, base, bran, said, message, timestamp ):
self.said = said
self.message = message
self.timestamp = timestamp
self.hby = existing.setupHby(name=name, base=base, bran=bran)
self.hab = self.hby.habByName(alias)
self.rgy = credentialing.Regery(hby=self.hby, name=name, base=base)
Expand Down Expand Up @@ -118,31 +121,36 @@ def admitDo(self, tymth, tock=0.0):
yield self.tock

recp = grant.ked['i']
exn, atc = protocoling.ipexAdmitExn(hab=self.hab, message=self.message, grant=grant)
exn, atc = protocoling.ipexAdmitExn(hab=self.hab, message=self.message, grant=grant, dt=self.timestamp)
msg = bytearray(exn.raw)
msg.extend(atc)

parsing.Parser().parseOne(ims=bytes(msg), exc=self.exc)

sender = self.hab
if isinstance(self.hab, habbing.GroupHab):
sender = self.hab.mhab
wexn, watc = grouping.multisigExn(self.hab, exn=msg)

smids = self.hab.db.signingMembers(pre=self.hab.pre)
smids.remove(self.hab.mhab.pre)

for recp in smids: # this goes to other participants only as a signaling mechanism
postman = forwarding.StreamPoster(hby=self.hby, hab=self.hab.mhab, recp=recp, topic="multisig")
for part in smids: # this goes to other participants only as a signaling mechanism
postman = forwarding.StreamPoster(hby=self.hby, hab=self.hab.mhab, recp=part, topic="multisig")
postman.send(serder=wexn,
attachment=watc)
doer = doing.DoDoer(doers=postman.deliver())
self.extend([doer])

while not self.exc.complete(said=wexn.said):
while not self.exc.complete(said=exn.said):
yield self.tock

if self.exc.lead(self.hab, said=exn.said):
print(f"Sending admit message to {recp}")
postman = forwarding.StreamPoster(hby=self.hby, hab=self.hab, recp=recp, topic="credential")
postman = forwarding.StreamPoster(hby=self.hby, hab=sender, recp=recp, topic="credential")

atc = exchanging.serializeMessage(self.hby, exn.said)
del atc[:exn.size]
postman.send(serder=exn,
attachment=atc)

Expand All @@ -152,4 +160,7 @@ def admitDo(self, tymth, tock=0.0):
while not doer.done:
yield self.tock

print(f"... admit message sent")
self.remove([doer])

self.remove(self.toRemove)
Loading

0 comments on commit 6495a90

Please sign in to comment.