Merge pull request #50 from walt-id/feat/acdc-vlei

Add support to vLEI ecosystem and ACDC credentials

backend.Dockerfile

@@ -34,6 +34,12 @@ RUN apt install pip -y && \
     mkdir -p /usr/local/var/keri && \
     pip install -e .
 
+# vLEI spec leverage `did:keri` to make acdc schemas, credentials and OOBIs (through durls field) discoverable
+WORKDIR /vLEI
+RUN git clone -b dev https://github.com/WebOfTrust/vLEI.git . && \
+    git checkout ed982313dab86bfada3825857601a10d71ce9631 && \
+    pip install -e ./
+
 COPY --from=buildstage /work/build/install/ /
 WORKDIR /waltid-web-wallet
 

config/keri/acdc/credentials/attributes/child-test.json

@@ -0,0 +1,6 @@
+{
+  "requester": {
+    "customObjectAttribute": "Test"
+  },
+  "customAttribute": 2
+}

config/keri/acdc/credentials/attributes/parent-test.json

@@ -0,0 +1,3 @@
+{
+  "customAttribute": "test"
+}

config/keri/acdc/credentials/edges/child-edge.json

@@ -0,0 +1 @@
+{"d": "", "requester": {"n": "", "s": ""}}

config/keri/acdc/credentials/rules/child-rule.json

@@ -0,0 +1 @@
+{"d": "", "privacyDisclaimer": {"l": "It is the sole responsibility of Holders of a CustomChildCredential to present that credential in a privacy-preserving manner using the mechanisms provided in the Issuance and Presentation Exchange (IPEX) protocol specification and the Authentic Chained Data Container (ACDC) specification. https://github.com/WebOfTrust/IETF-IPEX and https://github.com/trustoverip/tswg-acdc-specification."}}

config/keri/acdc/schemas/custom-child-schema-wth-edges-and-rules.json

@@ -0,0 +1,176 @@
+{
+  "$id": "",
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Custom Child Credential",
+  "description": "A child custom schema means that it will have dependencies to the parent schema. It will also include rules to act as a Ricardian Contract",
+  "type": "object",
+  "credentialType": "CustomChildCredential",
+  "version": "1.0.0",
+  "properties": {
+    "v": {
+      "description": "Credential Version",
+      "type": "string"
+    },
+    "d": {
+      "description": "Credential SAID",
+      "type": "string"
+    },
+    "u": {
+      "description": "One time use nonce - optional",
+      "type": "string"
+    },
+    "i": {
+      "description": "Issuer AID",
+      "type": "string"
+    },
+    "ri": {
+      "description": "Credential Registry Identifier",
+      "type": "string"
+    },
+    "s": {
+      "description": "Schema SAID",
+      "type": "string"
+    },
+    "a": {
+      "oneOf": [
+        {
+          "description": "Attributes block SAID",
+          "type": "string"
+        },
+        {
+          "$id": "",
+          "description": "Attributes block",
+          "type": "object",
+          "properties": {
+            "d": {
+              "description": "Attributes block SAID",
+              "type": "string"
+            },
+            "i": {
+              "description": "Issuee AID",
+              "type": "string"
+            },
+            "dt": {
+              "description": "Issuance date time",
+              "type": "string",
+              "format": "date-time"
+            },
+            "requester": {
+              "description": "Defining tightly related attributes together in one object. This is helpful for SD and enhances IPEX protocol interactions depending on the use case!",
+              "type": "object",
+              "properties": {
+                "customObjectAttribute": {
+                  "description": "First custom attribute, it usually comes with",
+                  "type": "string"
+                }
+              },
+              "additionalProperties": false,
+              "required": [
+                "customObjectAttribute"
+              ]
+            },
+            "customAttribute": {
+              "customAttribute": "A custom attribute like we defined earlier",
+              "type": "integer"
+            }
+          },
+          "additionalProperties": false,
+          "required": [
+            "i",
+            "requester",
+            "customAttribute"
+          ]
+        }
+      ]
+    },
+    "e": {
+      "oneOf": [
+        {
+          "description": "Edges block SAID",
+          "type": "string"
+        },
+        {
+          "$id": "",
+          "description": "Edges block",
+          "type": "object",
+          "properties": {
+            "d": {
+              "description": "Edges block SAID",
+              "type": "string"
+            },
+            "exampleEdge": {
+              "description": "The custom parent schema which the authorizer is responding to.",
+              "type": "object",
+              "properties": {
+                "n": {
+                  "description": "SAID of the CustomParentCredential ACDC",
+                  "type": "string"
+                },
+                "s": {
+                  "description": "SAID of CustomParentCredential ACDC schema",
+                  "type": "string",
+                  "const": ""
+                }
+              },
+              "additionalProperties": false,
+              "required": [
+                "n",
+                "s"
+              ]
+            }
+          },
+          "additionalProperties": false,
+          "required": [
+            "d",
+            "exampleEdge"
+          ]
+        }
+      ]
+    },
+    "r": {
+      "oneOf": [
+        {
+          "description": "Rules block SAID",
+          "type": "string"
+        },
+        {
+          "$id": "",
+          "description": "Rules block",
+          "type": "object",
+          "properties": {
+            "d": {
+              "description": "Rules block SAID",
+              "type": "string"
+            },
+            "privacyDisclaimer": {
+              "description": "Privacy Disclaimer",
+              "type": "object",
+              "properties": {
+                "l": {
+                  "description": "Associated legal language",
+                  "type": "string",
+                  "const": "It is the sole responsibility of Holders of a CustomChildCredential to present that credential in a privacy-preserving manner using the mechanisms provided in the Issuance and Presentation Exchange (IPEX) protocol specification and the Authentic Chained Data Container (ACDC) specification. https://github.com/WebOfTrust/IETF-IPEX and https://github.com/trustoverip/tswg-acdc-specification."
+                }
+              }
+            }
+          },
+          "additionalProperties": false,
+          "required": [
+            "d",
+            "privacyDisclaimer"
+          ]
+        }
+      ]
+    }
+  },
+  "additionalProperties": false,
+  "required": [
+    "v",
+    "i",
+    "ri",
+    "s",
+    "d",
+    "a",
+    "e"
+  ]
+}

config/keri/acdc/schemas/custom-parent-schema.json

@@ -0,0 +1,81 @@
+{
+  "$id": "",
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Custom Parent Credential",
+  "description": "A parent custom schema that have no dependencies. All attributes are under key 'a'",
+  "type": "object",
+  "credentialType": "CustomParentCredential",
+  "version": "1.0.0",
+  "properties": {
+    "v": {
+      "description": "Credential Version",
+      "type": "string"
+    },
+    "d": {
+      "description": "Credential SAID",
+      "type": "string"
+    },
+    "u": {
+      "description": "One time use nonce - optional",
+      "type": "string"
+    },
+    "i": {
+      "description": "Issuer AID",
+      "type": "string"
+    },
+    "ri": {
+      "description": "Credential Registry Identifier",
+      "type": "string"
+    },
+    "s": {
+      "description": "Schema SAID",
+      "type": "string"
+    },
+    "a": {
+      "oneOf": [
+        {
+          "description": "Attributes block SAID",
+          "type": "string"
+        },
+        {
+          "$id": "",
+          "description": "Attributes block",
+          "type": "object",
+          "properties": {
+            "d": {
+              "description": "Attributes block SAID",
+              "type": "string"
+            },
+            "i": {
+              "description": "Issuee AID",
+              "type": "string"
+            },
+            "dt": {
+              "description": "Issuance date time",
+              "type": "string",
+              "format": "date-time"
+            },
+            "customAttribute": {
+              "description": "As d, i and dt are required properties, customAttribute is the one that we defined that actually make our ACDC unique. We can define multiple other attributes",
+              "type": "string"
+            }
+          },
+          "additionalProperties": false,
+          "required": [
+            "i",
+            "customAttribute"
+          ]
+        }
+      ]
+    }
+  },
+  "additionalProperties": false,
+  "required": [
+    "v",
+    "i",
+    "ri",
+    "s",
+    "d",
+    "a"
+  ]
+}

config/keri/scripts/vlei.sh

@@ -0,0 +1,7 @@
+#! /bin/bash
+
+# A vLEI server makes schemas, credentials and data OOBIs (added through durls field) discoverable by other entities
+
+CONFIG_DIR="config/keri/acdc"
+
+vLEI-server -p 7723 --schema-dir "${CONFIG_DIR}/schemas" --cred-dir "${CONFIG_DIR}/credentials" --oobi-dir "${CONFIG_DIR}/oobis"