2025-09-23 Indy Contributors Call

Summary

Zoom: https://zoom-lfx.platform.linuxfoundation.org/meeting/97572546272?password=5da46f0a-57dc-4de9-8831-708ba60d97ae

Recording:

Welcome, Introductions, and Announcements

Attendees

• @Char Howland (Indicio PBC) <char@indicio.tech>

• @Lynn Bendixsen (Indicio PBC) <lynn@indicio.tech>
  
  

Agenda

• Ubuntu 22.04 Upgrade: Updates from Kim

  • Kim completed a build

  • Branch that includes a docker image: https://github.com/Indicio-tech/indy-node-container/blob/indynode-1.13.3-rc4/build/Dockerfile.ubuntu22

    Indy plenum: https://github.com/hyperledger/indy-plenum/compare/main...Indicio-tech:indy-plenum:ubuntu-22.04?expand=1

    Indy node: https://github.com/hyperledger/indy-node/compare/main...Indicio-tech:indy-node:ubuntu-22.04?expand=1

    Indy-share-gha: https://github.com/hyperledger/indy-shared-gha/compare/main...Indicio-tech:indy-shared-gha:v2?expand=1

    The builds deploy to

    https://indicio.jfrog.io/ui/native/indy/pool/jammy/rc/

    https://indicio.jfrog.io/ui/native/indy-static/pool/

    The indy-static pool has four files that aren't part of my build process at this time. libindy, libssl, and ursa.

• Indy Besu

  • Continuing work on the revocation feature with CPQD

  • PR is approved, very close to merging

• DID Web VH

  • Credo work completed, expecting Bifold/BCWallet version and demo available shortly; waiting for next release

  • Indy-like endorsement is complete: can configure an issuer that works with a did:webvh server that requires endorsement like on an Indy network

  • September 28th is the deadline for the DIF-recommended PR; no objections so far!

Release Status and Work Updates

• Indy Node/plenum – PR needed to replace Ursa with the indy-blssignatures-rs implementation. Issue https://github.com/hyperledger/indy-plenum/issues/1641

• Indy-Besu - https://github.com/hyperledger/indy-besu

• Indy-test-automation

• Indy-Node test-automation integration next step after cleaning up the dependencies issues and getting the sovrin-test-automation finished.

• Indy SDK – to be deprecated

• Indy Monitoring - https://github.com/hyperledger/indy-node-monitor

• Indy Node Container - https://github.com/hyperledger/indy-node-container

• Indy/Aries Shared Libraries - Hyperledger (indy-vdr, indy-shared-rs, aries-askar, anoncreds-rs)

  • Small update to Indy VDR to update the dynamic network discovery URL; needs to be published

• Indy DID Method – https://hyperledger.github.io/indy-did-method/

• AnonCreds Specification: https://anoncreds-wg.github.io/anoncreds-spec/

Overview of Ubuntu 22.04 upgrade

• Coordinating Ubuntu-22.04 release

  • Update CI/CD workflows to support Ubuntu 22.04; https://github.com/hyperledger/indy-node/issues/1896

  • Next steps, in order, that could be done concurrently to the above:

    • Indy VDR upgrade for plenum; https://github.com/hyperledger/indy-plenum/issues/1507

      • Adam opening a PR with changes

      • Getting the unit tests to pass, 10,000 passing out of 14,000

      • Next: build new release of plenum; then update node

    • Indy VDR upgrade for node; https://github.com/hyperledger/indy-node/issues/1644

    • Upgrade indy-test-automation to support Ubuntu 22.04; https://github.com/hyperledger/indy-test-automation/issues/153

      • This is mostly done

    • Replace Ursa; https://github.com/hyperledger/indy-plenum/issues/1641 - likely a fairly light lift

  • The bulk of the work has been completed, it's a matter of fixing the tests. After completing this work with plenum, it will be easier in node. 

• Links from Kim

  • https://github.com/Indicio-tech/indy-plenum/tree/ubuntu-22.04

  • https://github.com/Indicio-tech/indy-node/tree/ubuntu-22.04

  • https://github.com/Indicio-tech/indy-shared-gha

  • https://github.com/Indicio-tech/indy-test-automation

  • https://indicio.jfrog.io/artifactory/indy/pool/jammy/

  • https://indicio.jfrog.io/artifactory/indy/dists/jammy/

  • https://github.com/Indicio-tech/indy-plenum/actions/runs/15100854401

  • https://github.com/Indicio-tech/indy-node/actions/runs/15101308676

  • https://github.com/Indicio-tech/indy-node/actions/runs/15122043553

• GitHub Organization

  • Complete after removing obsolete dependencies

  • Could start moving over some of the more independent repos

Future Calls

• GDPR and the right to be forgotten – mitigations and approaches.

• The Indy "Corporate Firewall Problem" and the idea of a Proxy Server on Nodes? @Kim Ebert

  • Core issue: A mobile wallet user using a Corporate WiFi may find that they can't get to an Indy ledger because all but 80/443 ports and HTTP/S protocols are blocked

  • Discussion/Options paper: https://hackmd.io/@n5FW6jwuRfCgchBDNWR3VQ/H1kNlKpmo

  • Question: Is it viable to have each Indy Node also listen on port 80/443 for HTTP/S requests and arrange to have them processed?

    • Option: Receive on HTTP(S) and send on to local ZMQ instance as if coming from outside.

  • Answer: We think it is probably not viable, as mobile agents require HTTPS. As such, each Steward would have to get a IP-based SSL Certificate. Technically doable, but getting everyone through that is really not practical. The cost of the certificates and maintaining them would be ugly.
    
    

    • Option: Add a DIDComm agent to every node, and use DIDComm to send the messages

    • Similar to using HTTP(S), but use a DIDComm message. Since Mobile Agents would be using a mediator, the DIDComm message would flow through that, and the HTTPS issue would not matter.  This is almost easy, but... There is no encryption public key in the genesis file, so that needs to be retrieved from somewhere else...

Action items

• Indy-Besu
  
  

  • Continue discussion about open questions https://github.com/hyperledger/indy-node/issues/1826#issuecomment-1868609236