2021-11-23 Aries Summit Session
Summary:
Mobile Infrastructure
Mobile Verifiers
Device Recovery (Backup/Restore/Sync/Rotation to new keys)
Secure Element usage
SDK / Embedding Agents into existing Mobile Apps
Note: This call was recorded and the recording and chat transcript are at the bottom of the page.
Date
Nov 23, 2021 (7AM-9AM Los Angeles)
Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
|---|
Anti-Trust Policy:
Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.
Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.
Dial-in link
Attendees
@Sam Curren <sam@indicio.tech>
@James Ebert <james.ebert@indicio.tech>
@Akiff Manji <amanji@petridish.dev>
@Clecio Varjao <clecio.varjao@gov.bc.ca>
@Darrell O'Donnell <darrell.odonnell@continuumloop.com>
@Stephen Curran (Cloud Compass Computing Inc.) <swcurran@cloudcompass.ca>
@Sai Ranjit Tummalapalli <sairanjit.tummalapalli@ayanworks.com>
@Jakub Koci <jakub.koci@gmail.com>
@Jason Leach (BC Gov) <jason.leach@fullboar.ca>
Welcome / Introductions
Focus
Mobile Infrastructure
Discussion Topics
Mobile Verifiers
We need them.
Flow
Holder displays QR, Verifier scans with mobile app and sees the result. - Common Model, assumed by those new to industry.
'presenting' the QR code feels natural when 'presenting' a credential.
QR is best as invitation, not requiring user to know in advance what to present.
Verifier can also display QR.
Speed of transaction
User prepares to have transaction happen fast
Preselect or preauthorize set of actions
Can be assisted by governance / trust registry to find common targets
build set of 'reapprovals' after done initially.
save my authorization
Unique Features
Offline Verifications
Can't use shortened QR codes
BLE Verification useful offline
Needs framework support
Machine Readable Governance - cached
Cache schemas
Cache public keys for verifiers?
Pass file? (Interaction)
NFC - Needs investigation
Common Hardware
Framework support required
Offline aware
UI Supports required
Cache Needed
Speed of local assets
Mechanisms
Trust Registry Protocols - https://wiki.trustoverip.org/display/HOME/ToIP+Trust+Registry+Protocol+Specification
Machine Readable Governance
Hard Coded
TTL
User Experience
Clear for Holder
Clear for Verifier
Clear indication of where in the flow they are. Universal progress bar?
Particularly for non-happy paths
Internationalization / Localization
Performance
Auditing verifications
reporting verifications back to main org
minimal disclosure auditing
knowing what is stored/passed
Actions Items
Framework Support
Caching
Transport (BLE, NFC)
Summary of existing state - Where are we?
BLE
NFC - how would it work? - Sebastian (Lissi)
Docs about Machine Readable Governance is currently being used.
Mike to provide overview in a few weeks, for now a presentation
Trust Registries from ToIP - Darrell provided, to link
How do verifiers get templates of presentation requests so they know what to ask.
UX of selecting which you want to verify and doing verifications
Use cases – e.g. Verifier is processing a line up going into an Event collecting Ticket+PoVaccination
UX for some use cases
Device Recovery (Backup/Restore/Recovery/Rotation to new keys)
Backup / Restore Formats?
Data Model + app specific in the same format?
Keep them separate?
Security of backups?
huge attack vector – e.g. family member restores backup to new device and uses data
Is it possible to disable an old phone when a restoration is done to a new phone?
Assumption is that encrypted backup goes one place, the recovery key goes elsewhere and the only come together for restore
Is there more that can be done? Other protections?
N of M recovery mechanism – e.g. Shamir's Secret Sharing (coolest algorithm ever!)
Can this be done with self-service? Is that safe enough?
Selective recovery – is that possible?
Some things that can't be backed up or restored
Example is a device-based keys – you can't back these up
If there is a credential somehow tied to a device key, that credential must be reissued (and that's OK)
How to do continuous backups (don't lose data)?
File format
File format for a full backup
Contents – connections, credentials, history
Will we have to do (more or less) continuous backup - full backup every time efficient enough vs. incremental? Classic backup issues.
Treat this as an optimization for now
An RFC to define such a protocol to be used with a backup service – perhaps supplied by a mediator (but could be any connection).
Setup backup – location, recovery key(s) (format – e.g. passphrase? biometrics?), restoration process
Make backup – ongoing – data format
Retrieve backup for restoration
Restore backup using recovery key(s)
How can Mobile OS features help with this?
E.g. Backup/Restore of app data
Secure Element usage
Provinces Project - diagram, markdown - decisions when making a wallet.
starting point for security framework oriented folks.
SDK / Embedding Agents into existing Mobile Apps
Action items