Aries Framework Go Wallet

This page documents basic wallet implementation for aries-framework-go covering universal wallet 2020 interfaces. 

Some useful links

• Initial Proposal for Universal wallet 2020
• Presentation Exchange

High-level architecture

Aries framework go wallet has plugin based architecture which can be replaced to customize wallet implementations.

Initialize wallet: 

TODO

Wallet core features: 

Basic wallet features independent of wallet types (like VC wallet, currency wallet etc) will be part of core interface. 

• export produces serialized wallet representation which will be encrypted without leaking any information about wallet contents (not even count).
  The serialized output will be in the form of VC (refer: https://w3c-ccg.github.io/universal-wallet-interop-spec/contexts/wallet-v1.json)
  Sample:  exported-wallet.json
  
  
• import loads serialized representation into wallet. This operation should have the knowledge of key or password used to export wallet contents.
  Sample: imported-wallet-contents.json
  
  
• Lock: transforms wallet contents from plaintext to ciphertext. 
  Sample: locked-wallet.json
  
  
• Unlock: transforms wallet contents from ciphertext to plaintext. Needs knowledge of key/password used to lock the wallet.
  Sample: unlocked-wallet.json

API Dependencies: 

• KMS: use key plugin for cryptographic operations, if not provided then fallback to aries-framework-go kms api.
• VDRI: use DID plugin, if not provided then fallback to aries-framework-go vdri api.

Questions: 

• Does aries wallet really needs lock/unlock feature?

  Open question : Still investigating
• Should we provide password in each api call as given in specification? 

VC plugin:

VC plugin adds verifiable credential features to the wallet. By default aries-framework-go verifiable command features will be used for creating and verifying credentials/presentations.
The new interface 'presentationSubmission' can be used to submit presentation definitions to the wallet and to get presentation submission as response.

DID plugin & aries kms will be used for generating proofs.

• Verify: Takes a Verifiable Credential or Verifiable Presentation as input, returns a boolean verified, and an error if verified is false.
• Issue: Adds proof to verifiable credential provided. (options contains at least a verificationMethod, and proofPurpose.)
• Prove:  Takes an id of the verifiable credential and verifies the proof (options contains at least a challenge.)
• presentationSubmission: Produces presentation submission based on wallet contents.

API Dependencies: 

• KMS: use key plugin for cryptographic operations, if not provided then fallback to aries-framework-go kms api.
• VDRI: use DID plugin, if not provided then fallback to aries-framework-go vdri api.

Questions: 

• Why we need a new query interface for querying VCs using presentation exchange? Why can't we use existing 'query' interface from store plugin?
  'add' interface function from store plugin can be used to add any data model. Modifying 'query' interface to support presentation exchange may increase the complexity for non-VC data model users.

Key plugin:

Key plugin provides 2 interfaces : verifyRaw & signRaw. Framework will use aries kms api for these features.

This plugins can be injected to customize the wallet to use other kms implementations like webkms.

Store plugin: