2020-01-22-B Aries Working Group Call (US afternoon)

Summary:

Note: This call is being recorded.

Date

Jan 22, 2020 (12PM Los Angeles, 3PM New York, Tuesday at 7AM Sydney)

Remember the Hyperledger Code of Conduct

Anti-Trust Policy:

Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.

Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy . If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.

Attendees

• Name (Organization) <email>

• Daniel Bluhm (Sovrin Foundation) <daniel.bluhm@sovrin.org>

• @Stephen Curran (Cloud Compass/BC Gov) <swcurran@cloudcopass.ca>

• @George Aristy (SecureKey) <george.aristy@securekey.com>

• @Troy Ronda (SecureKey) <troy.ronda@securekey.com>

• @Steve McCown (Anonyome Labs) <smccown@anonyome.com>

• @Richard Esplin (Evernym) <richard.esplin@evernym.com>

• @Paul Knowles (Dativa) <paul.knowles@dativa.com>

Welcome / Introductions

Announcements

• Updated Hyperledger Calendar: Calendar of Public Meetings

• React Native Mobile Agent SDK  https://medium.com/@ayanworks/introducing-arnima-aries-react-native-mobile-agent-907c7af02049 (Ajay / AyanWorks)

Related Meetings Review

• Ursa - No calls since the last Aries meeting.

• Semantics - yesterday's call: Handling big data in an Indy Credential - workaround - Hashlink. Link to Paper

• DID UX Call - Slack/Mailing list - details in the shared document as well minutes and additional information, currently focus on Purpose Based Services

• SSI in IoT WG

• Indy Contributors - @Richard Esplin (Mon) - Notes

• Identity WG / Identity WG Implementer calls (Wed / Thurs) - no calls since last Aries meeting

• DIF DIDComm WG - Monday's at Noon US/Pacific Outline happening next week.

Upcoming Releases and Work Updates

• Aries Protocol Test Suite

  • Feature Discovery protocol tests now in test suite thanks to the efforts of @Keith Smith

  • Moving on to Issue Credential; first targeting Indy ledger specific tests with the hope of informing design of ledger agnostic tests.

• Aries Shared:

  • Aries KMS

  • Verifiable Data Registry Interface (VDRI) library: indy-aries-vdr (@Andrew Whitehead) https://github.com/andrewwhitehead/indy-ledger-client

  • Other Core Libraries (pack / unpack)

• Aries-CloudAgent-Python (bc.gov) - Latest is Release 0.4.0 on PyPi. Some small updates. Big contribution of a set of three sample controllers using different tech stacks.

  • ACA-Pug (User Group) starting, with first meeting next Wednesday, 1 hour before this meeting. ACA-Pug page is here.

• Aries-Framework-Go (Troy) #aries-go

  • 2020-01-21 Framework Go Weekly Planning

  • RFC implementation status and Wishlist (Dec/2019)

  • Initial scaffolding completed for JS Worker interface for Aries Framework Go WASM.

  • Continuing efforts on routing & relays, crypto/kms, WebAssembly, verifiable credentials, generic message handlers (and external registration), JWE envelopes.

• Aries-SDK-Ruby (Jack)

• Aries-Framework-DotNet (Tomislav)

• Aries-StaticAgent-Python - Now up to 0.6.1; more details

• Aries-Toolbox

  • Official repo moved to aries-toolbox

  • Preparing for a new release based on the latest ACA-Py

• Aries-SDK-Python - Wrapper from JeromK and SBCA?

• Aries-SDK-Java

• Aries-Framework-JavaScript / Aries-SDK-JavaScript

  • As agreed in the connect-a-thon, planning efforts on merging the aries-sdk-javascript codebase into a single framework repo - aries-framework-javascript

  • Starting with the efforts on the React-Native Mobile Agent.

• Rich Schemas and W3C Verifiable Credentials (Brent & Ken)

  • HIPEs/RFCs

    • overview https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0250-rich-schemas

    • context https://github.com/hyperledger/aries-rfcs/tree/master/features/0249-rich-schema-contexts

    • schema processing feedback https://github.com/hyperledger/aries-rfcs/tree/master/features/0281-rich-schemas 

  • Next HIPEs/RFCs for

    • encoding

    • mapping

    • credential definition 

  • Node implementation of

    • context (merged)

    • schema PR in progress https://github.com/hyperledger/indy-node/pull/1513

• Ursa 0.3.1 release in January

  • Delegate-able credentials

  • Flexible configuration options

  • ZMix 0.1.0 expected in January

    • Ursa and ZMix will be separate releases. ZMix is the proving code, and Ursa is everything else.

Agenda

• Issue Game: Can we close this? (15 min -) -  issues (as time permits): 290, 77, 225, 122

  • Decisions 122 closed, 290 BCGov will pursue, 77 and 225

• Should the ~service decorator be part of AIP 1.0.0? PR link. @Richard Esplin

  • Evernym reviewed the RFC and discussed the ACApy implementation. Our concerns are resolved.

    • New ACApy test showing how a return response endpoint would be routed through two or more mediators.

• Proposal for adding RFC 348 to AIP 1.0

  • Advantages:

    • Would start a transition period to the new approach.

    • Reduces pressure on the next version of Aries Interop Profile

  • Concerns:

    • Doesn't seem to fit the scope of AIP 1.0 (define credential exchange in practice today)

    • What does it mean to require support of a transitional feature from a compliance perspective?

• Connection Blues - Continued - @Sam Curren/ @Stephen Curran

  • Using DIDs to use existing invitation

    • When an invitation starts from a Public DID, this should be retained by the agent. 

    • Future invitation Public DIDs can be looked up to see if an existing relationship exists.

    • New DID Exchange Message from invitee saying "I'm going to use this existing connection, but exercise a new invitation"

  • Connect→Then Invitations

    • How to best compose messages?

    • Nicely accommodate connectionless messages.

    • The Then is more semantically important than the Connection

  • Safe URL redirectors

    • What to avoid

    • Is there a way to do this safely?

    • Can we do this with DIDComm? (An Expand Message Protocol?)

    • Attachment? (Can fetch from place x), with integrity check and possibly decryption key

• ACApy/Credential F2 Registry HighVolume Performance Testing - @Stephen Curran

• Open Discussion / Next Week Topics

Next Week

• AIP 1.0.0 

Future Topics

• DIF Interop Project - Project is proceeding, connect the communities at IIW

• DKMS status

• Credential Fraud:  Example how in ACA-Py to verify same link secret across multiple credentials in presentation

• Schema interop - how to reused schema across different networks @Robert Mitwicki(RFC in progress)

• Using WebSocket as a way to communicate back to the mobile/desktop wallet (Agent (services or user) as a proxy for communication between service and digital wallet) @Robert Mitwicki 

• Formal protocol verification techniques

  • https://github.com/SvenHammann90/SSI/blob/master/RWOT_9/Topic_Paper_RWOT.md (using ProVerif)

  • https://github.com/johncallahan/needham_shroeder_spin (non-Aries example using SPIN/Promela)

• What's left for DID Exchange protocol?

  • Some discussion in: https://github.com/hyperledger/aries-rfcs/pull/366

Action items

Call Recording