2019-09-09 Indy Contributors Call

Summary

  • Move PostgreSQL wallet storage out of experimental state when the wallet is moved to Aries
  • Start cross-organization PR reviews after PBFT View Change is shipped, as an experiment
  • We want to move quickly with the Indy / Aries split and avoid long term maintenance of Indy SDK if possible.
  • Incomplete request format refactor
  • Trade-offs of new pack/unpack versus msgpack

Timezone: US morning and Europe afternoon

We intend to record this call.

Remember the Hyperledger Code of Conduct

Anti-Trust Policy

Linux Foundation meetings involve participation by industry competitors, and it is the intention of the Linux Foundation to conduct all of its activities in accordance with applicable antitrust and competition laws. It is therefore extremely important that attendees adhere to meeting agendas, and be aware of, and not participate in any activities that are prohibited under applicable US state, federal or foreign antitrust and competition laws.

Examples of types of actions that are prohibited at Linux Foundation meetings and in connection with Linux Foundation activities are described in the Linux Foundation Antitrust Policy available at http://www.linuxfoundation.org/antitrust-policy. If you have questions about these matters, please contact your company counsel, or if you are a member of the Linux Foundation, feel free to contact Andrew Updegrove of the firm of Gesmer Updegrove LLP, which provides legal counsel to the Linux Foundation.

Attendees

Announcements

  • Hyperledger Maintainers Conference: Minneapolis in October.
  • Bootcamp Russia: Event Location
  • IIW

Summary of Prior Call

Release Status

  • Indy Node
    • August: 1.9.2
    • September: 1.10.0
      • PBFT view change
      • Indy Node and Indy Plenum support for Ubuntu 18.04
  • Indy SDK
    • August: 1.11.1
      • Finish Authors vs Endorsers
      • Finish proof of possession of payment address
      • Platform Updates: Ubuntu 18.04
    • September: 1.12.0
      • Fully qualified DIDs
        • Dependent on DIDDoc support? (Daniel's document and David Huseby's work)
      • Platform Updates: MacOS, CentOS
    • Future
      • GitLab migration alongside Jenkins (Foundation)?
      • Aries / Indy split
      • Anoncreds 2.0 (Sovrin Foundation, BC.gov?)
  •  Ursa
    •  Working on release of 0.2.0 (September / October)
      • ZKP  / ZKLang improvements
      • Debian packages
      • Refactor internal plumbing for anoncreds 2.0, shouldn't impact external interfaces
      • Refactor multi-signature BLS in addition to aggregated signature
  •  Aries
    • Lots of progress on language libraries, frameworks, and agents.
  • Indy Catalyst
    • Production deployment testing: volume loads.
    • Won't go live in production at BC.gov until October.
    • Not yet migrated to Hyperledger. Needs more documentation.

Work Updates

  • Documentation improvements: Michael B and Stephen C
    • Need to review and prune out-of-date documentation (Alice / Faber treatment of pairwise DIDs is a key pain point)
    • Michael is working on Indy Agent walkthrough using C#
    • Finishing work on ReadTheDocs (2 more weeks?)
    • Cloud Compass is building the Linux Foundation EdX courses for Indy and Aries
  • SDK 2.0 architecture / Indy-Aries split (Sergey)
    • Anxious to start moving, and iterating.
  • GitLab migration (Mike and Steve G)
    • Demos in the Identity Implementers WG calls
    • Issues with Jenkins machines because Rust builds run out of memory—workaround increased build time but is a temporary solution
  • Advanced Schemas and W3C creds (Ken)
  • Warnings from rust cargo clippy (Mike and Axel)
    • IS-1270 through IS-1274
  • New design for revocation / Anoncreds 2.0 (Mike)
  • Getting Ursa artifacts published that can be used by Indy Node and Indy SDK (Mike and Cam)

Other Business

  • PostgreSQL leaving experimental status (see previous discussion)
    • Would like to update existing issues first.
    • Ian will be going on vacation.
    • Kiva is interested in helping.
    • Want to see this happen this year, but maybe wait for the Aries Wallet repo? (Kiva prefers to do it in Aries.)
  • Maintainership requirements for Indy Node and Indy SDK
    • Don't worry about new maintainers for Indy SDK now, wait for Aries decisions.
    • Need for cross organizational review.
      • Should define the process, including how we handle exceptions (emergency fixes shouldn't be blocked, but would require notification)
      • After PBFT view change (middle of October).
      • Ken and Cam can do the reviews of Evernym work.
      • For now, Alex will continue reviewing everything.
      • Alex should train other reviewers on how to do good reviews.
  • How long should we maintain Indy SDK after we start work on Aries core libraries?
    • Will need to understand the Aries plan first.
  • Partially completed refactoring of the Request format: INDY-1375 and IS-567
  • New pack / unpack requires disclosure of recipient
    • Cannot hide the receiver of the message like we could with msg_pack
    • Allows having multiple recipients of the same message
    • Should list the drawback in the Aries-RFC? Is there an alternative way that preserves the capability to selectively disclose the recipient?
    • From Kyle Den Hartog
      msg_pack presents problems when dealing with an agent that maintains more than one relationship. For example, if I receive a message, I don't know which key in my agent I should be using to decrypt the message. We can get sender anonymity or receiver anonymity, but I don't believe it's possible to get both and still determine who the message is for.
    • Pack/unpack only exposes the Verkey of the recipients. It does not do forward secrecy.

Future Calls

  • Define pull request review process for Indy Node.
    • Should define the process, including how we handle exceptions (emergency fixes shouldn't be blocked, but would require notification)
    • What is important in a good review?
  • Fully Qualified DID support in Indy SDK
  • fuzzing libindy https://github.com/AxelNennker/indy-sdk/tree/fuzzing/
    `cargo +nightly fuzz run fuzz_target_1 -- -only_ascii=1`
    Worried about unsafe code in libindy
    ```
    ignisvulpis@namenlos:~/development/hyperledger/indy-sdk/libindy$ find src -name \*\.rs -exec fgrep unsafe {} \; | wc -l
    61
    ```
  • Ursa and AMCL:  Discussed in the Ursa call (August 21), but no decision yet.
  • Architecture questions for Indy SDK:
  • How to handle old pull requests that failed DCO Checks? Close?
  • How to handle pull requests for IOS / Swift wrappers? Close and encourage the move to Aries?
  • How to handle pull requests for LibVCX? Deprecate?
  • Close PR https://github.com/hyperledger/indy-sdk/pull/1048 as something that will be replaced by the advanced schema work?
  • HIPE pull requests: https://github.com/hyperledger/indy-hipe/pulls

Action items

  • HIPE #138, Issue #144 (Ken and Brent)
    • Create a PR for changing status to ACCEPTED
    • Check for an Aries RFC

Call Recording