From f2cf0f27629df46ae26085a77404e270f073b14f Mon Sep 17 00:00:00 2001 From: Kevin Griffin Date: Fri, 31 May 2024 11:26:03 -0400 Subject: [PATCH 01/10] fixes some usages of coring.Serder to use serdering.SerderKERI (#788) * fixes some usages of coring.Serder to use serdering.SerderKERI Signed-off-by: Kevin Griffin * fixes import Signed-off-by: Kevin Griffin --------- Signed-off-by: Kevin Griffin --- src/keri/app/cli/commands/multisig/notice.py | 4 ++-- src/keri/db/basing.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/keri/app/cli/commands/multisig/notice.py b/src/keri/app/cli/commands/multisig/notice.py index a442eab0c..70902b2fb 100644 --- a/src/keri/app/cli/commands/multisig/notice.py +++ b/src/keri/app/cli/commands/multisig/notice.py @@ -11,8 +11,8 @@ from keri.app import habbing, forwarding, grouping from keri.app.cli.common import existing -from keri.core import coring from keri.core.coring import Ilks +from keri.core import serdering logger = help.ogler.getLogger() @@ -86,7 +86,7 @@ def noticeDo(self, tymth, tock=0.0): (smids, rmids) = hab.members() serder = hab.kever.serder rot = hab.makeOwnEvent(sn=hab.kever.sn) - eserder = coring.Serder(raw=rot) + eserder = serdering.SerderKERI(raw=rot) del rot[:eserder.size] ilk = serder.ked['t'] diff --git a/src/keri/db/basing.py b/src/keri/db/basing.py index c652646a8..cd2193062 100644 --- a/src/keri/db/basing.py +++ b/src/keri/db/basing.py @@ -1262,7 +1262,7 @@ def cloneEvtMsg(self, pre, fn, dig): count=1).qb64b) atc.extend(couple) elif self.kevers[pre].delegated: - if coring.SerderKERI(raw=raw).estive: + if serdering.SerderKERI(raw=raw).estive: raise kering.MissingEntryError("Missing delegator anchor seal for dig={}.".format(dig)) # add trans receipts quadruples to attachments From 6c8e86bc11eddeaeda331ebbb02cba737727ca37 Mon Sep 17 00:00:00 2001 From: Kevin Griffin Date: Fri, 31 May 2024 14:06:35 -0400 Subject: [PATCH 02/10] 1.1.15 bump Signed-off-by: Kevin Griffin --- Makefile | 8 ++++---- README.md | 2 +- setup.py | 2 +- src/keri/__init__.py | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 2cd8fedda..be762a272 100644 --- a/Makefile +++ b/Makefile @@ -1,13 +1,13 @@ .PHONY: build-keri build-keri: - @docker buildx build --platform=linux/amd64 -f images/keripy.dockerfile --tag weboftrust/keri:1.1.14 . - @docker buildx build --platform=linux/arm64 -f images/keripy.dockerfile --tag weboftrust/keri:1.1.14-arm64 . + @docker buildx build --platform=linux/amd64 -f images/keripy.dockerfile --tag weboftrust/keri:1.1.15 . + @docker buildx build --platform=linux/arm64 -f images/keripy.dockerfile --tag weboftrust/keri:1.1.15-arm64 . .PHONY: build-witness-demo build-witness-demo: - @@docker buildx build --platform=linux/amd64 -f images/witness.demo.dockerfile --tag weboftrust/keri-witness-demo:1.1.14 . - @@docker buildx build --platform=linux/arm64 -f images/witness.demo.dockerfile --tag weboftrust/keri-witness-demo:1.1.14-arm64 . + @@docker buildx build --platform=linux/amd64 -f images/witness.demo.dockerfile --tag weboftrust/keri-witness-demo:1.1.15 . + @@docker buildx build --platform=linux/arm64 -f images/witness.demo.dockerfile --tag weboftrust/keri-witness-demo:1.1.15-arm64 . .PHONY: publish-keri publish-keri: diff --git a/README.md b/README.md index 8a822defa..3ca1486ac 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ to get a version string similar to the following: ### Local installation - Docker build Run `make build-keri` to build your docker image. -Then run `docker run --pull=never -it --entrypoint /bin/bash weboftrust/keri:1.1.14` and you can run `kli version` from within the running container to play with KERIpy. +Then run `docker run --pull=never -it --entrypoint /bin/bash weboftrust/keri:1.1.15` and you can run `kli version` from within the running container to play with KERIpy. Make sure the image tag matches the version used in the `Makefile`. We use `--pull=never` to ensure that docker does not implicitly pull a remote image and relies on the local image tagged during `make build-keri`. diff --git a/setup.py b/setup.py index 1888e20bd..31eefb692 100644 --- a/setup.py +++ b/setup.py @@ -31,7 +31,7 @@ from setuptools import find_packages, setup setup( name='keri', - version='1.1.14', # also change in src/keri/__init__.py + version='1.1.15', # also change in src/keri/__init__.py license='Apache Software License 2.0', description='Key Event Receipt Infrastructure', long_description="KERI Decentralized Key Management Infrastructure", diff --git a/src/keri/__init__.py b/src/keri/__init__.py index c6de5e617..b50cdd361 100644 --- a/src/keri/__init__.py +++ b/src/keri/__init__.py @@ -1,5 +1,5 @@ # -*- encoding: utf-8 -*- -__version__ = '1.1.14' # also change in setup.py +__version__ = '1.1.15' # also change in setup.py From 9f433178a1122a27fdf7b0cace271e97047d26ef Mon Sep 17 00:00:00 2001 From: Kevin Griffin Date: Mon, 3 Jun 2024 07:25:41 -0400 Subject: [PATCH 03/10] updates dockerfile to new alpine (#792) * updates dockerfile to new alpine Signed-off-by: Kevin Griffin * updates dockerfile to new alpine Signed-off-by: Kevin Griffin --------- Signed-off-by: Kevin Griffin --- images/keripy.dockerfile | 41 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/images/keripy.dockerfile b/images/keripy.dockerfile index ca12837fc..3c2a5924b 100644 --- a/images/keripy.dockerfile +++ b/images/keripy.dockerfile @@ -1,18 +1,21 @@ -# Builder layer -FROM python:3.10-alpine as builder +ARG BASE=python:3.10.14-alpine3.20 -# Install compilation dependencies -RUN apk --no-cache add \ - bash \ +FROM ${BASE} as builder + +RUN apk add --no-cache bash + +SHELL ["/bin/bash", "-c"] + +RUN apk add --no-cache \ + curl \ + build-base \ alpine-sdk \ libffi-dev \ libsodium \ - libsodium-dev - -SHELL ["/bin/bash", "-c"] + libsodium-dev -# Setup Rust for blake3 dependency build -RUN curl https://sh.rustup.rs -sSf | bash -s -- -y +RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +ENV PATH="/root/.cargo/bin:${PATH}" WORKDIR /keripy @@ -20,19 +23,16 @@ RUN python -m venv venv ENV PATH=/keripy/venv/bin:${PATH} -RUN pip install --upgrade pip && \ - mkdir /keripy/src +RUN pip install --upgrade pip +RUN mkdir /keripy/src -# Copy Python dependency files in COPY requirements.txt setup.py ./ -# Set up Rust environment and install Python dependencies -# Must source the Cargo environment for the blake3 library to see -# the Rust intallation during requirements install -RUN . ${HOME}/.cargo/env && \ - pip install -r requirements.txt + +RUN . ${HOME}/.cargo/env +RUN pip install -r requirements.txt # Runtime layer -FROM python:3.10.13-alpine3.18 +FROM ${BASE} RUN apk --no-cache add \ bash \ @@ -44,7 +44,6 @@ WORKDIR /keripy COPY --from=builder /keripy /keripy COPY src/ src/ -ENV PATH=/keripy/venv/bin:${PATH} - +ENV PATH="/keripy/venv/bin:${PATH}" ENTRYPOINT [ "kli" ] From 1d2e76662a0c28cf5f3968896751ad33dc2d773b Mon Sep 17 00:00:00 2001 From: Kevin Griffin Date: Mon, 3 Jun 2024 17:46:21 -0400 Subject: [PATCH 04/10] adds bytes cast (#795) * fix vc list from a delegated aid Signed-off-by: Kevin Griffin * Revert "fix vc list from a delegated aid" This reverts commit 139b7d5b6f340ba93ffb8e20e24e623b1da55f7b. * fixes vc list for delegated aids Signed-off-by: Kevin Griffin --------- Signed-off-by: Kevin Griffin --- src/keri/db/basing.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/keri/db/basing.py b/src/keri/db/basing.py index cd2193062..0f808a8d4 100644 --- a/src/keri/db/basing.py +++ b/src/keri/db/basing.py @@ -1262,7 +1262,7 @@ def cloneEvtMsg(self, pre, fn, dig): count=1).qb64b) atc.extend(couple) elif self.kevers[pre].delegated: - if serdering.SerderKERI(raw=raw).estive: + if serdering.SerderKERI(raw=bytes(raw)).estive: raise kering.MissingEntryError("Missing delegator anchor seal for dig={}.".format(dig)) # add trans receipts quadruples to attachments From 5b626abb0eb31dac6c9c11d6b0a08b4fae5d284d Mon Sep 17 00:00:00 2001 From: Kent Bull <65027257+kentbull@users.noreply.github.com> Date: Wed, 12 Jun 2024 15:13:52 -0600 Subject: [PATCH 05/10] fix: correct short arg for --group from -a to -g (#801) --- src/keri/app/cli/commands/multisig/join.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/keri/app/cli/commands/multisig/join.py b/src/keri/app/cli/commands/multisig/join.py index 4617022cd..ea4132aa2 100644 --- a/src/keri/app/cli/commands/multisig/join.py +++ b/src/keri/app/cli/commands/multisig/join.py @@ -25,7 +25,7 @@ parser.add_argument('--name', '-n', help='keystore name and file location of KERI keystore', required=True) parser.add_argument('--base', '-b', help='additional optional prefix to file location of KERI keystore', required=False, default="") -parser.add_argument('--group', '-a', help='human-readable name for the multisig group identifier prefix', required=False, default=None) +parser.add_argument('--group', '-g', help='human-readable name for the multisig group identifier prefix', required=False, default=None) parser.add_argument('--passcode', '-p', help='22 character encryption passcode for keystore (is not saved)', dest="bran", default=None) # passcode => bran parser.add_argument("--auto", "-Y", help="auto approve any delegation request non-interactively", action="store_true") From 07834b1d5ef20eb506d6a07abef0cc93999f6e3a Mon Sep 17 00:00:00 2001 From: Kent Bull Date: Mon, 13 May 2024 11:28:52 -0600 Subject: [PATCH 06/10] test: working multisig join script --- scripts/demo/basic/multisig-join.sh | 104 +++- .../basic/multisig-rotate-three-stooges.sh | 213 ++++++++ scripts/demo/basic/script-utils.sh | 22 + scripts/demo/basic/stooges-join-rotate.sh | 509 ++++++++++++++++++ scripts/demo/data/multisig-join-sample.json | 7 +- scripts/demo/data/multisig-stooge.json | 10 + scripts/demo/data/multisig-three-aids.json | 16 + scripts/demo/data/multisig-three-stooges.json | 12 + scripts/demo/data/multisig-two-stooges.json | 11 + .../stooges-start-with-one-then-join.json | 14 + 10 files changed, 894 insertions(+), 24 deletions(-) create mode 100755 scripts/demo/basic/multisig-rotate-three-stooges.sh create mode 100644 scripts/demo/basic/script-utils.sh create mode 100755 scripts/demo/basic/stooges-join-rotate.sh create mode 100644 scripts/demo/data/multisig-stooge.json create mode 100644 scripts/demo/data/multisig-three-aids.json create mode 100644 scripts/demo/data/multisig-three-stooges.json create mode 100644 scripts/demo/data/multisig-two-stooges.json create mode 100644 scripts/demo/data/stooges-start-with-one-then-join.json diff --git a/scripts/demo/basic/multisig-join.sh b/scripts/demo/basic/multisig-join.sh index dc32a4bb3..42e0bdfc5 100755 --- a/scripts/demo/basic/multisig-join.sh +++ b/scripts/demo/basic/multisig-join.sh @@ -4,58 +4,120 @@ # To run the following scripts, open another console window and run: # $ kli witness demo -kli init --name multisigj1 --salt 0ACDEyMzQ1Njc4OWxtbm9aBc --nopasscode --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis -kli incept --name multisigj1 --alias multisigj1 --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-1-sample.json - -kli init --name multisigj2 --salt 0ACDEyMzQ1Njc4OWdoaWpsaw --nopasscode --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis -kli incept --name multisigj2 --alias multisigj2 --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-2-sample.json - -kli oobi resolve --name multisigj1 --oobi-alias multisigj2 --oobi http://127.0.0.1:5642/oobi/EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha -kli oobi resolve --name multisigj2 --oobi-alias multisigj1 --oobi http://127.0.0.1:5642/oobi/EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +# EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG +MS1=EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG +kli init --name multisigj1 --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis +kli incept --name multisigj1 --alias multisigj1 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-1-sample.json + +# EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3 +MS2=EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3 +kli init --name multisigj2 --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis +kli incept --name multisigj2 --alias multisigj2 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-2-sample.json + +# EKxxKVNmC3M_u3eDF6Nw6MjRlRx1s_9Y-DV234UtkqAF +MS3=EKxxKVNmC3M_u3eDF6Nw6MjRlRx1s_9Y-DV234UtkqAF +kli init --name multisigj3 --salt 0ADR4R9kW_3ZvbwWGnA5YVah \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis +kli incept --name multisigj3 --alias multisigj3\ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-3-sample.json + +kli oobi resolve --name multisigj1 --oobi-alias multisigj2 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS2/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name multisigj1 --oobi-alias multisigj3 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS3/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name multisigj2 --oobi-alias multisigj1 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS1/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name multisigj2 --oobi-alias multisigj3 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS3/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name multisigj3 --oobi-alias multisigj2 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS2/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name multisigj3 --oobi-alias multisigj1 \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MS1/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha PID_LIST="" -kli multisig incept --name multisigj1 --alias multisigj1 --group multisig --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-join-sample.json & +kli multisig incept --name multisigj1 --alias multisigj1 --group multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-join-sample.json & +pid=$! +PID_LIST+=" $pid" + +kli multisig join --name multisigj2 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & pid=$! PID_LIST+=" $pid" -kli multisig join --name multisigj2 --auto & +kli multisig join --name multisigj3 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & pid=$! PID_LIST+=" $pid" wait $PID_LIST -kli status --name multisigj1 --alias multisig +kli status --name multisigj1 --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" + +kli rotate --name multisigj1 --alias multisigj1 --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name multisigj2 --alias multisigj2 --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name multisigj3 --alias multisigj3 --passcode "DoB26Fj4x9LboAFWJra17O" -kli rotate --name multisigj1 --alias multisigj1 -kli query --name multisigj2 --alias multisigj2 --prefix EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG -kli rotate --name multisigj2 --alias multisigj2 -kli query --name multisigj1 --alias multisigj1 --prefix EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3 +kli query --name multisigj1 --alias multisigj1 --prefix $MS2 --passcode "DoB26Fj4x9LboAFWJra17O" +kli query --name multisigj1 --alias multisigj1 --prefix $MS3 --passcode "DoB26Fj4x9LboAFWJra17O" +kli query --name multisigj2 --alias multisigj2 --prefix $MS1 --passcode "DoB26Fj4x9LboAFWJra17O" +kli query --name multisigj2 --alias multisigj2 --prefix $MS3 --passcode "DoB26Fj4x9LboAFWJra17O" +kli query --name multisigj3 --alias multisigj3 --prefix $MS1 --passcode "DoB26Fj4x9LboAFWJra17O" +kli query --name multisigj3 --alias multisigj3 --prefix $MS2 --passcode "DoB26Fj4x9LboAFWJra17O" PID_LIST="" -kli multisig rotate --name multisigj1 --alias multisig --smids EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3 --smids EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG --isith '["1/2", "1/2"]' --nsith '["1/2", "1/2"]' --rmids EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3 --rmids EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG & +kli multisig rotate --name multisigj1 --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $MS2 --smids $MS1 --smids $MS3 \ + --isith '["1/2", "1/2", "1/2"]' \ + --nsith '["1/2", "1/2", "1/2"]' \ + --rmids $MS2 --rmids $MS1 --rmids $MS3 & pid=$! PID_LIST+=" $pid" -kli multisig join --name multisigj2 --auto & +kli multisig join --name multisigj2 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & +pid=$! +PID_LIST+=" $pid" + +kli multisig join --name multisigj3 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & pid=$! PID_LIST+=" $pid" wait $PID_LIST -kli status --name multisigj1 --alias multisig +kli status --name multisigj1 --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" PID_LIST="" -kli multisig interact --name multisigj1 --alias multisig --data '{"d": "potato"}' & +kli multisig interact --name multisigj1 --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" --data '{"d": "potato"}' & +pid=$! +PID_LIST+=" $pid" + +kli multisig join --name multisigj2 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & pid=$! PID_LIST+=" $pid" -kli multisig join --name multisigj2 --auto & +kli multisig join --name multisigj3 --passcode "DoB26Fj4x9LboAFWJra17O" --auto & pid=$! PID_LIST+=" $pid" wait $PID_LIST -kli status --name multisigj1 --alias multisig +kli status --name multisigj1 --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" diff --git a/scripts/demo/basic/multisig-rotate-three-stooges.sh b/scripts/demo/basic/multisig-rotate-three-stooges.sh new file mode 100755 index 000000000..7d2dbb931 --- /dev/null +++ b/scripts/demo/basic/multisig-rotate-three-stooges.sh @@ -0,0 +1,213 @@ +#!/bin/bash +# three stooges + +source ${KERI_SCRIPT_DIR}/demo/basic/script-utils.sh + +# WITNESSES +# To run the following scripts, open another console window and run: +# $ kli witness demo + +print_yellow "Multisig rotation with three AIDs" +echo + +kli init --name larry \ + --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +# Prefix EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U +kli incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-1-sample.json + +kli init --name moe \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +# Prefix ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW +kli incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-2-sample.json + +kli init --name curly \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +# Prefix EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu +kli incept --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-3-sample.json + +# OOBI resolution does the initial discovery of key state +echo +print_yellow "Resolve OOBIs" +kli oobi resolve --name larry --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name larry --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +kli oobi resolve --name moe --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name moe --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +kli oobi resolve --name curly --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name curly --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +# Multisig Inception +echo +print_yellow "Multisig Inception" +# Follow commands run in parallel +kli multisig incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group multisig \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-aids.json & +pid=$! +PID_LIST+=" $pid" +kli multisig incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group multisig \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-aids.json & +pid=$! +PID_LIST+=" $pid" +kli multisig incept --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group multisig \ + --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-aids.json & +pid=$! +PID_LIST+=" $pid" + +echo +print_yellow "Multisig Inception - wait" +wait $PID_LIST + +echo +print_green "Multisig Inception - status" +kli status --name larry --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" + +# Rotate keys for each multisig - required before rotating the multisig +echo +print_yellow "Rotate keys for each multisig" +kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" + +# Pull key state in from other multisig group participant identifiers so they have the next digest +echo +print_yellow "Pull key state in from other multisig group participant identifiers" +# 2 about 1 +kli query --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U +# 2 about 3 +kli query --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu +# 1 about 2 +kli query --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW +# 1 about 3 +kli query --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu +# 3 about 1 +kli query --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U +# 3 about 2 +kli query --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW + + +echo +print_yellow "Multisig rotation" + +PID_LIST="" + +kli multisig rotate --name larry --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --smids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --smids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu \ + --nsith '["1/2", "1/2", "1/2"]' \ + --rmids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --rmids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --rmids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu & +pid=$! +PID_LIST+=" $pid" +kli multisig rotate --name moe --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --smids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --smids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu \ + --nsith '["1/2", "1/2", "1/2"]' \ + --rmids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --rmids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --rmids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu & +pid=$! +PID_LIST+=" $pid" +kli multisig rotate --name curly --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --smids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --smids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu \ + --nsith '["1/2", "1/2", "1/2"]' \ + --rmids EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U \ + --rmids ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW \ + --rmids EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu & +pid=$! +PID_LIST+=" $pid" + +echo +print_yellow "Multisig rotation - wait" +wait $PID_LIST + +echo +print_green "Multisig rotation - status" +kli status --name larry --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" + +echo +print_yellow "Multisig interact" + +PID_LIST="" + +kli multisig interact --name larry --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "{\"tagline\":\"three lost souls\"}" & +pid=$! +PID_LIST+=" $pid" +kli multisig interact --name moe --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "{\"tagline\":\"three lost souls\"}" & +pid=$! +PID_LIST+=" $pid" +kli multisig interact --name curly --alias multisig \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "{\"tagline\":\"three lost souls\"}" & +pid=$! +PID_LIST+=" $pid" + +echo +print_yellow "Multisig interact - wait" +wait $PID_LIST + +echo +print_green "Multisig interact - status" +kli status --name larry --alias multisig --passcode "DoB26Fj4x9LboAFWJra17O" +print_lcyan "Multisig rotate three stooges - done." + diff --git a/scripts/demo/basic/script-utils.sh b/scripts/demo/basic/script-utils.sh new file mode 100644 index 000000000..f0585afdc --- /dev/null +++ b/scripts/demo/basic/script-utils.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# Utility functions +print_green() { + text=$1 + printf "\e[32m${text}\e[0m\n" +} + +print_yellow(){ + text=$1 + printf "\e[33m${text}\e[0m\n" +} + +print_red() { + text=$1 + printf "\e[31m${text}\e[0m\n" +} + +print_lcyan() { + text=$1 + printf "\e[96m${text}\e[0m\n" +} \ No newline at end of file diff --git a/scripts/demo/basic/stooges-join-rotate.sh b/scripts/demo/basic/stooges-join-rotate.sh new file mode 100755 index 000000000..c990ab6e3 --- /dev/null +++ b/scripts/demo/basic/stooges-join-rotate.sh @@ -0,0 +1,509 @@ +#!/bin/bash +# three stooges join a multisig rotate + +source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh + +# WITNESSES +# To run the following scripts, open another console window and run: +# $ kli witness demo + +# create keystores and AIDs for larry, moe, and curly +LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV + +members_incept() { + INCEPT_CONFIG_FILE=$1 + echo + print_yellow "Individual AID creation with file: ${INCEPT_CONFIG_FILE}" + # Larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe + kli init --name larry \ + --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis + kli incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "$INCEPT_CONFIG_FILE" + + # Moe Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR + kli init --name moe \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis + kli incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "$INCEPT_CONFIG_FILE" + + # Curly Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV + kli init --name curly \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis + kli incept --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "$INCEPT_CONFIG_FILE" + echo +} + +# OOBI resolution does the initial discovery of key state +members_oobi_resolve() { + echo + print_yellow "Resolve OOBIs" + kli oobi resolve --name larry --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + kli oobi resolve --name larry --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + + kli oobi resolve --name moe --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + kli oobi resolve --name moe --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + + kli oobi resolve --name curly --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + kli oobi resolve --name curly --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + echo +} + +# Multisig Inception +multisig_incept() { + MULTISIG_ALIAS=${1:-"default alias"} + MULTISIG_ICP_CONFIG_FILE=$2 + echo + print_yellow "Multisig Inception for alias: ${MULTISIG_ALIAS}" + print_yellow "Multisig Inception with file: ${MULTISIG_ICP_CONFIG_FILE}" + # Follow commands run in parallel + kli multisig incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "${MULTISIG_ALIAS}" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + pid=$! + PID_LIST+=" $pid" + kli multisig incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "${MULTISIG_ALIAS}" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + pid=$! + PID_LIST+=" $pid" + kli multisig incept --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "${MULTISIG_ALIAS}" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig Inception - wait" + echo + wait $PID_LIST +} + +multisig_incept_join() { + MULTISIG_ALIAS=${1:-"default alias"} + MULTISIG_ICP_CONFIG_FILE=$2 + echo + print_yellow "Multisig Inception with join for alias: ${MULTISIG_ALIAS}" + print_yellow "Multisig Inception with file: ${MULTISIG_ICP_CONFIG_FILE}" + kli multisig incept --name larry --alias larry --group "$MULTISIG_ALIAS" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig Inception with join - wait" + wait $PID_LIST + echo +} + +multisig_incept_join_two() { + MULTISIG_ALIAS=${1:-"default alias"} + MULTISIG_ICP_CONFIG_FILE=$2 + echo + print_yellow "Multisig Inception with join for alias: ${MULTISIG_ALIAS}" + print_yellow "Multisig Inception with file: ${MULTISIG_ICP_CONFIG_FILE}" + kli multisig incept --name larry --alias larry --group "$MULTISIG_ALIAS" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig Inception with join - wait" + wait $PID_LIST + echo +} + +# Multisig Inception - status +multisig_status() { + KEYSTORE=$1 + MULTISIG_ALIAS=$2 + echo + print_green "Multisig status for ${KEYSTORE} on alias: ${MULTISIG_ALIAS}" + kli status --name "${KEYSTORE}" --alias "${MULTISIG_ALIAS}" --passcode "DoB26Fj4x9LboAFWJra17O" + echo +} + +# Rotate keys for each multisig - required before rotating the multisig +rotate_individual_keys() { + echo + print_yellow "Rotate keys for each multisig" + kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" + echo +} + +# Pull key state in from other multisig group participant identifiers so they have the next digest +query_individual_keystate() { + echo + print_yellow "Pull key state in from other multisig group participant identifiers" + # 1 about 2 + print_yellow "Larry queries Moe" + kli query --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $MOE + # 1 about 3 + print_yellow "Larry queries Curly" + kli query --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $CURLY + # 2 about 1 + print_yellow "Moe queries Larry" + kli query --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $LARRY + # 2 about 3 + print_yellow "Moe queries Curly" + kli query --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $CURLY + # 3 about 1 + print_yellow "Curly queries Larry" + kli query --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $LARRY + # 3 about 2 + print_yellow "Curly queries Moe" + kli query --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --prefix $MOE + echo +} + +# Does a multisig rotate where all members prepare the same rotation event +multisig_rotate_three() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig rotation with alias: ${MULTISIG_ALIAS}" + + PID_LIST="" + + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & + pid=$! + PID_LIST+=" $pid" + kli multisig rotate --name moe --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & + pid=$! + PID_LIST+=" $pid" + kli multisig rotate --name curly --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation ${ALIAS} - wait" + wait $PID_LIST +} + +# Does a multisig rotate where one member prepares the rotation event and sends it to the others +# to which they respond through multisig join +multisig_rotate_join_three() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig rotation" + + PID_LIST="" + + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation - wait" + wait $PID_LIST +} + +multisig_rotate_join_two() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig rotation" + + PID_LIST="" + + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $LARRY \ + --smids $MOE \ + --isith '["1/2", "1/2"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' & +# --nsith '["1/2", "1/2"]' & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation - wait" + wait $PID_LIST +} + +multisig_interact() { + MULTISIG_ALIAS=${1:-"default alias"} + data=$2 + echo + print_yellow "Multisig interact" + + PID_LIST="" + + kli multisig interact --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "$data" & + pid=$! + PID_LIST+=" $pid" + kli multisig interact --name moe --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "$data" & + pid=$! + PID_LIST+=" $pid" + kli multisig interact --name curly --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "$data" & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig interact - wait" + wait $PID_LIST + +} + +multisig_interact_join() { + MULTISIG_ALIAS=${1:-"default alias"} + DATA=$2 + echo + print_yellow "Multisig interact with join" + + PID_LIST="" + + kli multisig interact --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --data "${DATA}" & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig interact with join - waiting on group" + wait $PID_LIST +} + +rotate_larry_out() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig Rotate - Larry out - alias: ${MULTISIG_ALIAS}" + + PID_LIST="" + + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' & +# kli multisig rotate --name moe --alias "${MULTISIG_ALIAS}" \ +# --passcode "DoB26Fj4x9LboAFWJra17O" \ +# --smids $MOE \ +# --smids $CURLY \ +# --isith '["1/2", "1/2"]' \ +# --rmids $MOE \ +# --rmids $CURLY \ +# --rmids $LARRY \ +# --nsith '["1/3", "1/3", "1/3"]' & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation - Larry out - alias: ${MULTISIG_ALIAS} - wait" + wait $PID_LIST +} + +main_three_stooges() { + print_yellow "Multisig rotation via join with three AIDs, one to start, two join later" + MULTISIG_ALIAS="multisig" + # Setup members + members_incept "${KERI_DEMO_SCRIPT_DIR}/data/multisig-stooge.json" + members_oobi_resolve + + # Setup multisig + # multisig_incept "${MULTISIG_ALIAS}" "${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-stooges.json" + multisig_incept_join "${MULTISIG_ALIAS}" "${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-stooges.json" + multisig_status larry "${MULTISIG_ALIAS}" + + # Prepare individual AIDs for multisig rotation + rotate_individual_keys + query_individual_keystate + + # Rotate Multisig with join + # multisig_rotate "${MULTISIG_ALIAS}" + multisig_rotate_join_three "${MULTISIG_ALIAS}" + multisig_status larry "${MULTISIG_ALIAS}" + + # Interact with multisig + # multisig_interact "${MULTISIG_ALIAS}" "{\"tagline\":\"three lost souls\"}" + multisig_interact_join "${MULTISIG_ALIAS}" "{\"tagline\":\"three lost souls\"}" + multisig_status larry "${MULTISIG_ALIAS}" + + # rotate individual keys again, query key state, prep for rotation + rotate_individual_keys + query_individual_keystate + + multisig_status larry "${MULTISIG_ALIAS}" + + print_green "Ready for citadel rotation" + print_lcyan "Multisig rotate three stooges - done." +} + +main_two_stooges_rotate_in_and_out() { + print_yellow "Multisig rotation via join with three AIDs, two to start, one joins later" + MULTISIG_ALIAS="multisig" + # Setup members + members_incept "${KERI_DEMO_SCRIPT_DIR}/data/multisig-stooge.json" + members_oobi_resolve + + # Setup multisig + multisig_incept_join_two \ + "${MULTISIG_ALIAS}" \ + "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" + multisig_status larry "${MULTISIG_ALIAS}" + + # Prepare individual AIDs for multisig rotation + rotate_individual_keys + query_individual_keystate + + print_green "Exiting early" + exit 0 + + # Rotate Multisig with join + multisig_rotate_join_two "${MULTISIG_ALIAS}" + multisig_status larry "${MULTISIG_ALIAS}" + + # Interact with multisig +# multisig_interact_join "${MULTISIG_ALIAS}" "{\"tagline\":\"three lost souls\"}" +# multisig_status larry "${MULTISIG_ALIAS}" + +# rotate individual keys again, query keystate, prep for rotation + rotate_individual_keys + query_individual_keystate + + rotate_larry_out ${MULTISIG_ALIAS} + multisig_status larry "${MULTISIG_ALIAS}" + multisig_status moe "test alias" + + print_green "Ready for citadel rotation" + print_lcyan "Multisig rotate three stooges - done." +} +#main_three_stooges +main_two_stooges_rotate_in_and_out \ No newline at end of file diff --git a/scripts/demo/data/multisig-join-sample.json b/scripts/demo/data/multisig-join-sample.json index 1e9201cf4..576d61e6d 100644 --- a/scripts/demo/data/multisig-join-sample.json +++ b/scripts/demo/data/multisig-join-sample.json @@ -1,7 +1,8 @@ { "aids": [ + "EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG", "EKJ6tNVUGbdaiwx2nWDCFXG-_PY_AzESOcoKlm0kRNP3", - "EFY7MixHb0so4WFFHw6btOPc5qeeWfPm7v5MJWcdcbyG" + "EKxxKVNmC3M_u3eDF6Nw6MjRlRx1s_9Y-DV234UtkqAF" ], "transferable": true, "wits": [ @@ -10,6 +11,6 @@ "BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX" ], "toad": 2, - "isith": "2", - "nsith": "2" + "isith": "3", + "nsith": "3" } diff --git a/scripts/demo/data/multisig-stooge.json b/scripts/demo/data/multisig-stooge.json new file mode 100644 index 000000000..823fc8d86 --- /dev/null +++ b/scripts/demo/data/multisig-stooge.json @@ -0,0 +1,10 @@ +{ + "transferable": true, + "wits": ["BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha"], + "toad": 1, + "icount": 1, + "ncount": 1, + "isith": "1", + "nsith": "1" +} + diff --git a/scripts/demo/data/multisig-three-aids.json b/scripts/demo/data/multisig-three-aids.json new file mode 100644 index 000000000..0e32072dd --- /dev/null +++ b/scripts/demo/data/multisig-three-aids.json @@ -0,0 +1,16 @@ +{ + "aids": [ + "EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U", + "ED7yk9oUIe5qRh8ILfTuT_sNHidrxwJ9Bl-tLPoAXbqW", + "EEHyoLseuHa0nuhDj9tBv6N6nU1PILwv4jTt5x8A8uLu" + ], + "transferable": true, + "wits": [ + "BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha", + "BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM", + "BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX" + ], + "toad": 3, + "isith": "3", + "nsith": "3" +} \ No newline at end of file diff --git a/scripts/demo/data/multisig-three-stooges.json b/scripts/demo/data/multisig-three-stooges.json new file mode 100644 index 000000000..ae00751ca --- /dev/null +++ b/scripts/demo/data/multisig-three-stooges.json @@ -0,0 +1,12 @@ +{ + "aids": [ + "EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe", + "EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR", + "EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV" + ], + "transferable": true, + "wits": ["BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha"], + "toad": 1, + "isith": "3", + "nsith": "3" +} \ No newline at end of file diff --git a/scripts/demo/data/multisig-two-stooges.json b/scripts/demo/data/multisig-two-stooges.json new file mode 100644 index 000000000..41716726c --- /dev/null +++ b/scripts/demo/data/multisig-two-stooges.json @@ -0,0 +1,11 @@ +{ + "aids": [ + "EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe", + "EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR" + ], + "transferable": true, + "wits": ["BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha"], + "toad": 1, + "isith": "2", + "nsith": "2" +} \ No newline at end of file diff --git a/scripts/demo/data/stooges-start-with-one-then-join.json b/scripts/demo/data/stooges-start-with-one-then-join.json new file mode 100644 index 000000000..415c4cb8d --- /dev/null +++ b/scripts/demo/data/stooges-start-with-one-then-join.json @@ -0,0 +1,14 @@ +{ + "aids": [ + "EA5g3RMwkjcr_M4fI3k2ShCYlQMpgk3HD9mHhx7ZJs4U" + ], + "transferable": true, + "wits": [ + "BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha", + "BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM", + "BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX" + ], + "toad": 3, + "isith": "1", + "nsith": "1" +} \ No newline at end of file From dd3e044fe545dc73c634d78931817b28b9820570 Mon Sep 17 00:00:00 2001 From: Kent Bull Date: Mon, 13 May 2024 12:35:22 -0600 Subject: [PATCH 07/10] test: add multisig-rotate-out-and-in.sh script shows commands to try to rotate larry out and curly in --- .../demo/basic/multisig-rotate-out-and-in.sh | 231 ++++++++++++++++++ scripts/demo/basic/stooges-join-rotate.sh | 195 +++++++++++++-- 2 files changed, 411 insertions(+), 15 deletions(-) create mode 100755 scripts/demo/basic/multisig-rotate-out-and-in.sh diff --git a/scripts/demo/basic/multisig-rotate-out-and-in.sh b/scripts/demo/basic/multisig-rotate-out-and-in.sh new file mode 100755 index 000000000..2d0d30725 --- /dev/null +++ b/scripts/demo/basic/multisig-rotate-out-and-in.sh @@ -0,0 +1,231 @@ +#!/bin/bash +# Creates three AIDs, larry, moe, and curly. +# Then, creates a multisig AID, threestooges, with larry and moe. +# Later, curly is rotated into the threestooges AID. +# Finally, larry is rotated out of the threestooges AID. + +# Pull in colored text +source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh + +# create keystores and AIDs for larry, moe, and curly +export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV + +# Witness prefix +export WAN_WITNESS_PREFIX=BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + + +# Step 1/5 Create AIDs + +# store multisig-stooge.json as a variable +read -r -d '' STOOGE_ICP_CONFIG_JSON << EOM +{ + "transferable": true, + "wits": ["$WAN_WITNESS_PREFIX"], + "toad": 1, + "icount": 1, + "ncount": 1, + "isith": "1", + "nsith": "1" +} +EOM + +print_lcyan "Using AID config file:" +print_lcyan "${STOOGE_ICP_CONFIG_JSON}" + +# create temporary file to store json +temp_icp_config=$(mktemp) + +# write JSON content to the temp file +echo "$STOOGE_ICP_CONFIG_JSON" > "$temp_icp_config" + +echo +print_yellow "Individual AID creation with file: ${KERI_DEMO_SCRIPT_DIR}/data/multisig-stooge.json" +# Larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +kli init --name larry \ + --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +kli incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${temp_icp_config}" + +# Moe Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +kli init --name moe \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +kli incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${temp_icp_config}" + +# Curly Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +kli init --name curly \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +kli incept --name curly --alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${temp_icp_config}" +echo + +rm "$temp_icp_config" + + +# Step 2/5 Add contacts with OOBIs +echo +print_yellow "Resolve OOBIs" +kli oobi resolve --name larry --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name larry --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +kli oobi resolve --name moe --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name moe --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +kli oobi resolve --name curly --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +kli oobi resolve --name curly --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +echo + + +# Step 3/5 Create multisig AID +echo +print_yellow "Multisig Inception for alias: threestooges with Larry and Moe" +print_yellow "Multisig Inception with file: ${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" + +# store multisig-two-stooges.json as a variable +read -r -d '' MULTISIG_ICP_CONFIG_JSON << EOM +{ + "aids": [ + "$LARRY", + "$MOE" + ], + "transferable": true, + "wits": ["$WAN_WITNESS_PREFIX"], + "toad": 1, + "isith": "2", + "nsith": "2" +} +EOM + +print_lcyan "Using multisig config file:" +print_lcyan "${MULTISIG_ICP_CONFIG_JSON}" + +# create temporary file to store json +temp_multisig_config=$(mktemp) + +# write JSON content to the temp file +echo "$MULTISIG_ICP_CONFIG_JSON" > "$temp_multisig_config" + +# Follow commands run in parallel +print_yellow "Multisig Inception for Larry: ${LARRY}" +kli multisig incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "threestooges" \ + --file "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" & +pid=$! +PID_LIST+=" $pid" +sleep 1 + +echo +print_yellow "Multisig Inception for Moe: ${MOE}" +kli multisig incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "threestooges" \ + --file "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" & +pid=$! +PID_LIST+=" $pid" +sleep 1 + +echo +print_yellow "Multisig Inception - wait" +echo +wait $PID_LIST + +rm "$temp_multisig_config" + +# Check status for larry +print_yellow "Check multisig status for Larry" +kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" + + +# Step 4/5 rotate each individual keystore - required prior to performing rotation +echo +print_yellow "Rotate each individual keystore" +kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" +kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" + + +# Step 5/5 Pull the latest keystate so each participant knows each other participant's key state +echo +print_yellow "Pull key state in from other multisig group participant identifiers" +kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE +kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY +kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY +kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY +kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY +kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE +echo + + +# Step 6/6 Rotate Curly into the threestooges AID +echo +print_yellow "Multisig rotation with alias: threestooges" + +PID_LIST="" + +print_yellow "Larry rotates - curly in" +kli multisig rotate --name larry --alias "threestooges" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $LARRY \ + --smids $MOE \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & +pid=$! +PID_LIST+=" $pid" +sleep 1 + +print_yellow "Moe rotates - curly in" +kli multisig rotate --name moe --alias "threestooges" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $LARRY \ + --smids $MOE \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & +pid=$! +PID_LIST+=" $pid" +sleep 1 + +echo +print_yellow "Multisig rotation ${ALIAS} - wait" +wait $PID_LIST + +# Check status for larry +kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for moe +kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for curly +kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" + +print_green "Multisig rotation - complete" \ No newline at end of file diff --git a/scripts/demo/basic/stooges-join-rotate.sh b/scripts/demo/basic/stooges-join-rotate.sh index c990ab6e3..7f3dc6e29 100755 --- a/scripts/demo/basic/stooges-join-rotate.sh +++ b/scripts/demo/basic/stooges-join-rotate.sh @@ -8,9 +8,9 @@ source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh # $ kli witness demo # create keystores and AIDs for larry, moe, and curly -LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe -MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR -CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV members_incept() { INCEPT_CONFIG_FILE=$1 @@ -75,8 +75,8 @@ members_oobi_resolve() { echo } -# Multisig Inception -multisig_incept() { +# Multisig Inception with three AIDs +multisig_incept_three() { MULTISIG_ALIAS=${1:-"default alias"} MULTISIG_ICP_CONFIG_FILE=$2 echo @@ -108,7 +108,37 @@ multisig_incept() { wait $PID_LIST } -multisig_incept_join() { +multisig_incept_two() { + MULTISIG_ALIAS=${1:-"default alias"} + MULTISIG_ICP_CONFIG_FILE=$2 + echo + print_yellow "Multisig Inception for alias: ${MULTISIG_ALIAS} with Larry and Moe" + print_yellow "Multisig Inception with file: ${MULTISIG_ICP_CONFIG_FILE}" + + # Follow commands run in parallel + print_yellow "Multisig Inception for Larry" + kli multisig incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "${MULTISIG_ALIAS}" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + pid=$! + PID_LIST+=" $pid" + + print_yellow "Multisig Inception for Moe" + kli multisig incept --name moe --alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "${MULTISIG_ALIAS}" \ + --file "${MULTISIG_ICP_CONFIG_FILE}" & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig Inception - wait" + echo + wait $PID_LIST +} + +multisig_incept_join_three() { MULTISIG_ALIAS=${1:-"default alias"} MULTISIG_ICP_CONFIG_FILE=$2 echo @@ -264,6 +294,44 @@ multisig_rotate_three() { wait $PID_LIST } +# rotates two of the members and pulls in the third, curly +multisig_rotate_two() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig rotation with alias: ${MULTISIG_ALIAS}" + + PID_LIST="" + + print_yellow "Larry rotates - curly in" + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $LARRY \ + --smids $MOE \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & + pid=$! + PID_LIST+=" $pid" + print_yellow "Moe rotates - curly in" + kli multisig rotate --name moe --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $LARRY \ + --smids $MOE \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation ${ALIAS} - wait" + wait $PID_LIST +} + # Does a multisig rotate where one member prepares the rotation event and sends it to the others # to which they respond through multisig join multisig_rotate_join_three() { @@ -315,7 +383,6 @@ multisig_rotate_join_two() { --rmids $MOE \ --rmids $CURLY \ --nsith '["1/3", "1/3", "1/3"]' & -# --nsith '["1/2", "1/2"]' & pid=$! PID_LIST+=" $pid" @@ -323,9 +390,10 @@ multisig_rotate_join_two() { pid=$! PID_LIST+=" $pid" - kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & - pid=$! - PID_LIST+=" $pid" + # Third not needed due to prior signing threshold being met? +# kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & +# pid=$! +# PID_LIST+=" $pid" echo print_yellow "Multisig rotation - wait" @@ -389,7 +457,60 @@ multisig_interact_join() { wait $PID_LIST } -rotate_larry_out() { +multisig_rotate_larry_out() { + MULTISIG_ALIAS=${1:-"default alias"} + echo + print_yellow "Multisig Rotate - Larry out - alias: ${MULTISIG_ALIAS}" + + PID_LIST="" + + kli multisig rotate --name larry --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' & + pid=$! + PID_LIST+=" $pid" + +# kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + kli multisig rotate --name moe --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --rmids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' & + pid=$! + PID_LIST+=" $pid" + +# kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --auto & + kli multisig rotate --name curly --alias "${MULTISIG_ALIAS}" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --rmids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' & + pid=$! + PID_LIST+=" $pid" + + echo + print_yellow "Multisig rotation - Larry out - alias: ${MULTISIG_ALIAS} - wait" + wait $PID_LIST +} + +multisig_join_rotate_larry_out() { + # + # Run all of these commands one by one + # MULTISIG_ALIAS=${1:-"default alias"} echo print_yellow "Multisig Rotate - Larry out - alias: ${MULTISIG_ALIAS}" @@ -439,7 +560,7 @@ main_three_stooges() { # Setup multisig # multisig_incept "${MULTISIG_ALIAS}" "${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-stooges.json" - multisig_incept_join "${MULTISIG_ALIAS}" "${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-stooges.json" + multisig_incept_join_three "${MULTISIG_ALIAS}" "${KERI_DEMO_SCRIPT_DIR}/data/multisig-three-stooges.json" multisig_status larry "${MULTISIG_ALIAS}" # Prepare individual AIDs for multisig rotation @@ -466,7 +587,7 @@ main_three_stooges() { print_lcyan "Multisig rotate three stooges - done." } -main_two_stooges_rotate_in_and_out() { +main_two_stooges_rotate_in_and_out_join() { print_yellow "Multisig rotation via join with three AIDs, two to start, one joins later" MULTISIG_ALIAS="multisig" # Setup members @@ -483,11 +604,50 @@ main_two_stooges_rotate_in_and_out() { rotate_individual_keys query_individual_keystate + # Rotate Multisig with join + multisig_rotate_join_two "${MULTISIG_ALIAS}" + multisig_status larry "${MULTISIG_ALIAS}" + + # Interact with multisig +# multisig_interact_join "${MULTISIG_ALIAS}" "{\"tagline\":\"three lost souls\"}" +# multisig_status larry "${MULTISIG_ALIAS}" + +# rotate individual keys again, query keystate, prep for rotation + rotate_individual_keys + query_individual_keystate + print_green "Exiting early" exit 0 + multisig_join_rotate_larry_out ${MULTISIG_ALIAS} + multisig_status larry "${MULTISIG_ALIAS}" + multisig_status moe "test alias" + + print_green "Ready for citadel rotation" + print_lcyan "Multisig rotate three stooges - done." +} + +main_two_stooges_rotate_in_and_out() { + print_yellow "Multisig rotation with three AIDs, two to start, one rotated later" + echo + + MULTISIG_ALIAS="multisig" + # Setup members + members_incept "${KERI_DEMO_SCRIPT_DIR}/data/multisig-stooge.json" + members_oobi_resolve + + # Setup multisig + multisig_incept_two \ + "${MULTISIG_ALIAS}" \ + "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" + multisig_status larry "${MULTISIG_ALIAS}" + + # Prepare individual AIDs for multisig rotation + rotate_individual_keys + query_individual_keystate + # Rotate Multisig with join - multisig_rotate_join_two "${MULTISIG_ALIAS}" + multisig_rotate_two "${MULTISIG_ALIAS}" multisig_status larry "${MULTISIG_ALIAS}" # Interact with multisig @@ -498,12 +658,17 @@ main_two_stooges_rotate_in_and_out() { rotate_individual_keys query_individual_keystate - rotate_larry_out ${MULTISIG_ALIAS} + print_green "Exiting early" + exit 0 + + multisig_rotate_larry_out ${MULTISIG_ALIAS} multisig_status larry "${MULTISIG_ALIAS}" multisig_status moe "test alias" print_green "Ready for citadel rotation" print_lcyan "Multisig rotate three stooges - done." } + #main_three_stooges +#main_two_stooges_rotate_in_and_out_join main_two_stooges_rotate_in_and_out \ No newline at end of file From 1c40a99855311b581b79c1d57cb7f4c1d748ac86 Mon Sep 17 00:00:00 2001 From: Kent Bull Date: Tue, 14 May 2024 10:27:42 -0600 Subject: [PATCH 08/10] test: finish off rotate-out-and-in script --- .../demo/basic/multisig-rotate-out-and-in.sh | 355 +++++++++++++++--- .../demo/basic/multisig-rotation-in-third.sh | 15 +- scripts/demo/basic/stooges-join-rotate.sh | 4 +- 3 files changed, 311 insertions(+), 63 deletions(-) diff --git a/scripts/demo/basic/multisig-rotate-out-and-in.sh b/scripts/demo/basic/multisig-rotate-out-and-in.sh index 2d0d30725..f9619d33e 100755 --- a/scripts/demo/basic/multisig-rotate-out-and-in.sh +++ b/scripts/demo/basic/multisig-rotate-out-and-in.sh @@ -1,8 +1,22 @@ #!/bin/bash -# Creates three AIDs, larry, moe, and curly. -# Then, creates a multisig AID, threestooges, with larry and moe. -# Later, curly is rotated into the threestooges AID. -# Finally, larry is rotated out of the threestooges AID. +# multisig-rotate-out-and-in.sh +# This file is self contained except for the keystore initialization config file. +# The inception configuration and multisig configuration files are included in the script +# as here docs. +# +# Required services: +# - KERI witness demo nodes running. +# Use the `kli witness demo` command +# - vLEI schema server running. +# Use the `vLEI-server -s ./schema/acdc -c ./samples/acdc/ -o ./samples/oobis/` command. + + +# This script creates four AIDs, larry, moe, curly, and alfred. +# Next, creates a multisig AID, threestooges, with larry and moe. +# curly is then rotated into the threestooges AID. +# larry is rotated out of the threestooges AID. +# alfred is rotated into the threestooges AID. + # Pull in colored text source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh @@ -11,12 +25,14 @@ source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +export ALFRED=ECl8nwhRYub9Se_Caes40ex0vJXi9v84CaydEalEZgH3 # Witness prefix export WAN_WITNESS_PREFIX=BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha - -# Step 1/5 Create AIDs +echo +print_yellow "Step 1/9 Create AIDs larry, moe, curly, and alfred" +echo # store multisig-stooge.json as a variable read -r -d '' STOOGE_ICP_CONFIG_JSON << EOM @@ -31,7 +47,7 @@ read -r -d '' STOOGE_ICP_CONFIG_JSON << EOM } EOM -print_lcyan "Using AID config file:" +print_lcyan "Using temporary AID config file heredoc:" print_lcyan "${STOOGE_ICP_CONFIG_JSON}" # create temporary file to store json @@ -41,8 +57,9 @@ temp_icp_config=$(mktemp) echo "$STOOGE_ICP_CONFIG_JSON" > "$temp_icp_config" echo -print_yellow "Individual AID creation with file: ${KERI_DEMO_SCRIPT_DIR}/data/multisig-stooge.json" -# Larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +print_yellow "Individual AID creation with temp config file." +print_green "larry: ${LARRY}" +# larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe kli init --name larry \ --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ --passcode "DoB26Fj4x9LboAFWJra17O" \ @@ -52,7 +69,8 @@ kli incept --name larry --alias larry \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" -# Moe Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +# moe Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +print_green "moe: ${MOE}" kli init --name moe \ --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ --passcode "DoB26Fj4x9LboAFWJra17O" \ @@ -62,7 +80,8 @@ kli incept --name moe --alias moe \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" -# Curly Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +# curly Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +print_green "curly: ${CURLY}" kli init --name curly \ --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ --passcode "DoB26Fj4x9LboAFWJra17O" \ @@ -73,41 +92,82 @@ kli incept --name curly --alias curly \ --file "${temp_icp_config}" echo +# alfred Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +print_green "alfred: ${ALFRED}" +kli init --name alfred \ + --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}" \ + --config-file demo-witness-oobis +kli incept --name alfred --alias alfred \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${temp_icp_config}" +echo + rm "$temp_icp_config" +echo +print_yellow "Step 2/9 Add contacts with OOBIs using 'wan' as the witness" +echo -# Step 2/5 Add contacts with OOBIs echo -print_yellow "Resolve OOBIs" +print_yellow "Resolve OOBIs between all participants (8 total)" +print_yellow "larry -> {moe, curly, alfred}" kli oobi resolve --name larry --oobi-alias moe \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX kli oobi resolve --name larry --oobi-alias curly \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name larry --oobi-alias alfred \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX +print_yellow "moe -> {larry, curly, alfred}" kli oobi resolve --name moe --oobi-alias larry \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX kli oobi resolve --name moe --oobi-alias curly \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name moe --oobi-alias alfred \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX +print_yellow "curly -> {larry, moe, alfred}" kli oobi resolve --name curly --oobi-alias larry \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX kli oobi resolve --name curly --oobi-alias moe \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$MOE/witness/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name curly --oobi-alias alfred \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX + +print_yellow "alfred -> {larry, moe, curly}" +kli oobi resolve --name alfred --oobi-alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name alfred --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name alfred --oobi-alias curly \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX + echo -# Step 3/5 Create multisig AID echo -print_yellow "Multisig Inception for alias: threestooges with Larry and Moe" -print_yellow "Multisig Inception with file: ${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" +print_yellow "Step 3/9 Create multisig AID with larry and moe as participants" +echo + +echo +print_yellow "Multisig Inception for alias: threestooges with larry and moe" # store multisig-two-stooges.json as a variable +print_yellow "Multisig Inception temp config file." read -r -d '' MULTISIG_ICP_CONFIG_JSON << EOM { "aids": [ @@ -122,7 +182,7 @@ read -r -d '' MULTISIG_ICP_CONFIG_JSON << EOM } EOM -print_lcyan "Using multisig config file:" +print_lcyan "Using temporary multisig config file as heredoc:" print_lcyan "${MULTISIG_ICP_CONFIG_JSON}" # create temporary file to store json @@ -132,69 +192,103 @@ temp_multisig_config=$(mktemp) echo "$MULTISIG_ICP_CONFIG_JSON" > "$temp_multisig_config" # Follow commands run in parallel -print_yellow "Multisig Inception for Larry: ${LARRY}" +print_yellow "Multisig Inception from larry: ${LARRY}" kli multisig incept --name larry --alias larry \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --group "threestooges" \ - --file "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" & + --file "${temp_multisig_config}" & pid=$! PID_LIST+=" $pid" -sleep 1 echo -print_yellow "Multisig Inception for Moe: ${MOE}" -kli multisig incept --name moe --alias moe \ - --passcode "DoB26Fj4x9LboAFWJra17O" \ - --group "threestooges" \ - --file "${KERI_DEMO_SCRIPT_DIR}/data/multisig-two-stooges.json" & + + +kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & pid=$! PID_LIST+=" $pid" -sleep 1 + +# Uncomment when running by hand (and comment out the above join command): +#print_lcyan "Run: " +#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" +#read -r -p "Press enter to continue after moe joins the inception" echo -print_yellow "Multisig Inception - wait" +print_yellow "Multisig Inception {larry, moe} - wait for signatures" echo wait $PID_LIST rm "$temp_multisig_config" # Check status for larry -print_yellow "Check multisig status for Larry" +echo +print_yellow "Check multisig status for larry" kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +print_yellow "Check multisig status for moe" +kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +echo -# Step 4/5 rotate each individual keystore - required prior to performing rotation echo -print_yellow "Rotate each individual keystore" -kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" -kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" -kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" +print_yellow "Step 4/9 rotate each individual keystore and update keystate - required prior to performing rotation" +echo + +function rotate_individual_aids() { + echo + print_yellow "Rotate each individual keystore" + kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" + echo +} +function query_keystate_all_participants() { + echo + print_yellow "Pull key state in from other multisig group participant identifiers" + print_yellow "Key State Query: larry -> {moe, curly, alfred}" + kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE + kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY + kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED + + print_yellow "Key State Query: moe -> {larry, curly, alfred}" + kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY + kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY + kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED + + print_yellow "Key State Query: curly -> {larry, moe, alfred}" + kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY + kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE + kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED + + print_yellow "Key State Query: alfred -> {larry, moe, curly}" + kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY + kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE + kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY + echo +} + +rotate_individual_aids +query_keystate_all_participants -# Step 5/5 Pull the latest keystate so each participant knows each other participant's key state echo -print_yellow "Pull key state in from other multisig group participant identifiers" -kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE -kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY -kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY -kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY -kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY -kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE +print_yellow "Step 5/9 Rotate curly into the threestooges AID" echo +MULTISIG_AID=EGRRbB0Heh3rbyfCnf7vdbYWbKwWASZboMrMtAnGkDDA + -# Step 6/6 Rotate Curly into the threestooges AID -echo print_yellow "Multisig rotation with alias: threestooges" PID_LIST="" -print_yellow "Larry rotates - curly in" +print_yellow "larry proposes rotation - bring curly in" kli multisig rotate --name larry --alias "threestooges" \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --isith '["1/2", "1/2"]' \ + --isith '["1/3", "1/3", "1/3"]' \ --smids $LARRY \ --smids $MOE \ + --smids $CURLY \ --nsith '["1/3", "1/3", "1/3"]' \ --rmids $LARRY \ --rmids $MOE \ @@ -203,22 +297,92 @@ pid=$! PID_LIST+=" $pid" sleep 1 -print_yellow "Moe rotates - curly in" -kli multisig rotate --name moe --alias "threestooges" \ +kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" + +# Tell curly about the new multisig AID with OOBI resolve +print_yellow "Resolve threestooges multisig OOBI for curly" +kli oobi resolve --name curly --oobi-alias threestooges \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MULTISIG_AID/witness/$WAN_WITNESS_PREFIX +echo + +kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" + +# Uncomment when running by hand (and comment out the above join commands): +#print_lcyan "Run: " +#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "and: " +#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" +#print_lcyan "and then delete any non-rotation notifications." +#print_lcyan "Then join the multisig rotation proposed by larry" +#read -r -p "Press enter to continue after moe and curly join" + +echo +print_yellow "Multisig rotation threestooges - wait for signatures" +wait $PID_LIST + + +# Check status of multisig AIDs +# Check status for larry +kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for moe +kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for curly +kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" + +echo +print_yellow "Step 6/9 rotate each individual keystore and update keystate - required prior to rotating larry out" +echo + +rotate_individual_aids +query_keystate_all_participants + + +echo +print_yellow "Step 7/9 Rotate larry out of the threestooges AID" +echo + +echo +print_yellow "Multisig Rotate - larry out - alias: threestooges" + +PID_LIST="" + +kli multisig rotate --name larry --alias threestooges \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --isith '["1/2", "1/2"]' \ --smids $LARRY \ --smids $MOE \ - --nsith '["1/3", "1/3", "1/3"]' \ - --rmids $LARRY \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ --rmids $MOE \ - --rmids $CURLY & + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' & pid=$! PID_LIST+=" $pid" -sleep 1 + +kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" +kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" + +# Uncomment when running by hand (and comment out the above join commands): +#print_lcyan "Run: " +#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "and: " +#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" +#print_lcyan "and then delete any non-rotation notifications." +#print_lcyan "Then join the multisig rotation proposed by larry" +#read -r -p "Press enter to continue after moe and curly join" echo -print_yellow "Multisig rotation ${ALIAS} - wait" +print_yellow "Multisig rotation - larry out - alias: threestooges - wait for signatures" wait $PID_LIST # Check status for larry @@ -228,4 +392,75 @@ kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" # Check status for curly kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -print_green "Multisig rotation - complete" \ No newline at end of file + +echo +print_yellow "Step 8/9 rotate each individual keystore and update keystate - required prior to rotating alfred in" +echo + +rotate_individual_aids +query_keystate_all_participants + + +echo +print_yellow "Step 9/9 Rotate alfred into the threestooges AID" +echo + +# Tell curly about the new multisig AID with OOBI resolve +print_yellow "Resolve threestooges multisig OOBI for curly" +kli oobi resolve --name alfred --oobi-alias threestooges \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi http://127.0.0.1:5642/oobi/$MULTISIG_AID/witness/$WAN_WITNESS_PREFIX +echo + +print_yellow "Multisig rotation with alias: threestooges" + +PID_LIST="" + +print_yellow "moe proposes rotation - bring curly in" +kli multisig rotate --name moe --alias "threestooges" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids $MOE \ + --smids $CURLY \ + --smids $ALFRED \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --rmids $ALFRED & +pid=$! +PID_LIST+=" $pid" +sleep 1 + +kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" +kli multisig join --name alfred --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +pid=$! +PID_LIST+=" $pid" + +# Uncomment when running by hand (and comment out the above join commands): +#print_lcyan "Run: " +#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "and: " +#print_green " kli multisig join --name alfred --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" +#print_lcyan "and then delete any non-rotation notifications." +#print_lcyan "Then join the multisig rotation proposed by larry" +#read -r -p "Press enter to continue after curly and alfred join" + +echo +print_yellow "Multisig rotation threestooges - wait for signatures" +wait $PID_LIST + + +# Check status of multisig AIDs +# Check status for moe +kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for curly +kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for alfred +kli status --name alfred --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" + +echo +print_green "Multisig rotation - complete" +echo \ No newline at end of file diff --git a/scripts/demo/basic/multisig-rotation-in-third.sh b/scripts/demo/basic/multisig-rotation-in-third.sh index 55d384a43..6e06628d5 100755 --- a/scripts/demo/basic/multisig-rotation-in-third.sh +++ b/scripts/demo/basic/multisig-rotation-in-third.sh @@ -3,13 +3,15 @@ # WITNESSES # To run the following scripts, open another console window and run: # $ kli witness demo - +MS1=EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4 kli init --name multisig1 --salt 0ACDEyMzQ1Njc4OWxtbm9aBc --nopasscode --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis kli incept --name multisig1 --alias multisig1 --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-1-sample.json +MS2=EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1 kli init --name multisig2 --salt 0ACDEyMzQ1Njc4OWdoaWpsaw --nopasscode --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis kli incept --name multisig2 --alias multisig2 --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-2-sample.json +MS3=ENkjt7khEI5edCMw5qugagbJw1QvGnQEtcewxb0FnU9U kli init --name multisig3 --salt 0ACDEyMzQ1Njc4OWdoaWpsaw --nopasscode --config-dir "${KERI_SCRIPT_DIR}" --config-file demo-witness-oobis kli incept --name multisig3 --alias multisig3 --file ${KERI_DEMO_SCRIPT_DIR}/data/multisig-3-sample.json @@ -32,6 +34,17 @@ wait $PID_LIST kli status --name multisig1 --alias multisig +kli rotate --name multisig1 --alias multisig1 +kli rotate --name multisig2 --alias multisig2 +kli rotate --name multisig3 --alias multisig3 + +kli query --name multisig1 --alias multisig1 --prefix $MS2 +kli query --name multisig1 --alias multisig1 --prefix $MS3 +kli query --name multisig2 --alias multisig2 --prefix $MS1 +kli query --name multisig2 --alias multisig2 --prefix $MS3 +kli query --name multisig3 --alias multisig3 --prefix $MS1 +kli query --name multisig3 --alias multisig3 --prefix $MS2 + PID_LIST="" kli multisig rotate --name multisig1 --alias multisig --smids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4 --smids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1 --smids ENkjt7khEI5edCMw5qugagbJw1QvGnQEtcewxb0FnU9U --isith '["1/3", "1/3", "1/3"]' --nsith '["1/2", "1/2", "1/2"]' --rmids EKYLUMmNPZeEs77Zvclf0bSN5IN-mLfLpx2ySb-HDlk4 --rmids EJccSRTfXYF6wrUVuenAIHzwcx3hJugeiJsEKmndi5q1 --rmids ENkjt7khEI5edCMw5qugagbJw1QvGnQEtcewxb0FnU9U & diff --git a/scripts/demo/basic/stooges-join-rotate.sh b/scripts/demo/basic/stooges-join-rotate.sh index 7f3dc6e29..1f0023f80 100755 --- a/scripts/demo/basic/stooges-join-rotate.sh +++ b/scripts/demo/basic/stooges-join-rotate.sh @@ -670,5 +670,5 @@ main_two_stooges_rotate_in_and_out() { } #main_three_stooges -#main_two_stooges_rotate_in_and_out_join -main_two_stooges_rotate_in_and_out \ No newline at end of file +main_two_stooges_rotate_in_and_out_join +#main_two_stooges_rotate_in_and_out \ No newline at end of file From 8f5caa84a3e07aa5a3ee28a7494e06a6dd5a005b Mon Sep 17 00:00:00 2001 From: Kent Bull Date: Mon, 8 Jul 2024 09:55:23 -0600 Subject: [PATCH 09/10] add rootgar witnesses --- rootgartest/keri/cf/main/wan.json | 9 + rootgartest/keri/cf/main/wes.json | 9 + rootgartest/keri/cf/main/wil.json | 9 + rootgartest/keri/cf/main/wit.json | 9 + rootgartest/keri/cf/main/wub.json | 9 + rootgartest/keri/cf/main/wyz.json | 9 + rootgartest/keri/cf/rootgar-test-oobis.json | 8 + scripts/demo/basic/rootgar-stooges-create.sh | 91 ++++++++ .../basic/rootgar-stooges-multisig-opts.sh | 214 ++++++++++++++++++ 9 files changed, 367 insertions(+) create mode 100755 rootgartest/keri/cf/main/wan.json create mode 100755 rootgartest/keri/cf/main/wes.json create mode 100755 rootgartest/keri/cf/main/wil.json create mode 100755 rootgartest/keri/cf/main/wit.json create mode 100755 rootgartest/keri/cf/main/wub.json create mode 100755 rootgartest/keri/cf/main/wyz.json create mode 100755 rootgartest/keri/cf/rootgar-test-oobis.json create mode 100755 scripts/demo/basic/rootgar-stooges-create.sh create mode 100755 scripts/demo/basic/rootgar-stooges-multisig-opts.sh diff --git a/rootgartest/keri/cf/main/wan.json b/rootgartest/keri/cf/main/wan.json new file mode 100755 index 000000000..6fd199881 --- /dev/null +++ b/rootgartest/keri/cf/main/wan.json @@ -0,0 +1,9 @@ +{ + "wan": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5632/", "http://192.168.1.4:5642/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/main/wes.json b/rootgartest/keri/cf/main/wes.json new file mode 100755 index 000000000..6edaa1434 --- /dev/null +++ b/rootgartest/keri/cf/main/wes.json @@ -0,0 +1,9 @@ +{ + "wes": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5634/", "http://192.168.1.4:5644/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/main/wil.json b/rootgartest/keri/cf/main/wil.json new file mode 100755 index 000000000..a77df098a --- /dev/null +++ b/rootgartest/keri/cf/main/wil.json @@ -0,0 +1,9 @@ +{ + "wil": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5633/", "http://192.168.1.4:5643/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/main/wit.json b/rootgartest/keri/cf/main/wit.json new file mode 100755 index 000000000..c4f751dd0 --- /dev/null +++ b/rootgartest/keri/cf/main/wit.json @@ -0,0 +1,9 @@ +{ + "wit": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5635/", "http://192.168.1.4:5645/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/main/wub.json b/rootgartest/keri/cf/main/wub.json new file mode 100755 index 000000000..1be86e36e --- /dev/null +++ b/rootgartest/keri/cf/main/wub.json @@ -0,0 +1,9 @@ +{ + "wub": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5636/", "http://192.168.1.4:5646/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/main/wyz.json b/rootgartest/keri/cf/main/wyz.json new file mode 100755 index 000000000..3d468094c --- /dev/null +++ b/rootgartest/keri/cf/main/wyz.json @@ -0,0 +1,9 @@ +{ + "wyz": { + "dt": "2022-01-20T12:57:59.823350+00:00", + "curls": ["tcp://192.168.1.4:5637/", "http://192.168.1.4:5647/"] + }, + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + ] +} diff --git a/rootgartest/keri/cf/rootgar-test-oobis.json b/rootgartest/keri/cf/rootgar-test-oobis.json new file mode 100755 index 000000000..6ee5fcd81 --- /dev/null +++ b/rootgartest/keri/cf/rootgar-test-oobis.json @@ -0,0 +1,8 @@ +{ + "dt": "2022-01-20T12:57:59.823350+00:00", + "iurls": [ + "http://192.168.1.4:5642/oobi/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha/controller?name=Wan&tag=witness", + "http://192.168.1.4:5643/oobi/BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM/controller?name=Wes&tag=witness", + "http://192.168.1.4:5644/oobi/BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX/controller?name=Wil&tag=witness" + ] +} \ No newline at end of file diff --git a/scripts/demo/basic/rootgar-stooges-create.sh b/scripts/demo/basic/rootgar-stooges-create.sh new file mode 100755 index 000000000..8b528f337 --- /dev/null +++ b/scripts/demo/basic/rootgar-stooges-create.sh @@ -0,0 +1,91 @@ +#!/bin/bash +# multisig-rotate-out-and-in.sh +# This file is self contained except for the keystore initialization config file. +# The inception configuration and multisig configuration files are included in the script +# as here docs. +# +# Required services: +# - KERI witness demo nodes running. +# Use the `kli witness demo` command + + +# This script creates four AIDs, larry, moe, curly, and alfred. +# Next, creates a multisig AID, threestooges, with larry and moe. +# curly is then rotated into the threestooges AID. +# larry is rotated out of the threestooges AID. +# alfred is rotated into the threestooges AID. + + +# Pull in colored text +source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh + +# create keystores and AIDs for larry, moe, and curly +export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +export ALFRED=ECl8nwhRYub9Se_Caes40ex0vJXi9v84CaydEalEZgH3 + +# Witness prefix +export WAN_WITNESS_PREFIX=BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha +export WIT_HOST="http://192.168.1.4" + +echo +print_yellow "Step 1/9 Create AIDs larry, moe, curly, and alfred" +echo + +# store multisig-stooge.json as a variable +read -r -d '' STOOGE_ICP_CONFIG_JSON << EOM +{ + "transferable": true, + "wits": ["$WAN_WITNESS_PREFIX"], + "toad": 1, + "icount": 1, + "ncount": 1, + "isith": "1", + "nsith": "1" +} +EOM + +print_lcyan "Using temporary AID config file heredoc:" +print_lcyan "${STOOGE_ICP_CONFIG_JSON}" + +# create temporary file to store json +temp_icp_config=$(mktemp) + +# write JSON content to the temp file +echo "$STOOGE_ICP_CONFIG_JSON" > "$temp_icp_config" + +echo +print_yellow "Individual AID creation with temp config file." +print_green "larry: ${LARRY}" +# larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +kli init --name larry \ + --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --config-dir "${KERI_SCRIPT_DIR}/../rootgartest" \ + --config-file rootgar-test-oobis +kli incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --file "${temp_icp_config}" + +rm "$temp_icp_config" + +echo +print_yellow "Step 2/9 Add contacts with OOBIs using 'wan' as the witness" +echo +read -r -p "Press [Enter] to resolve OOBIs..." + +echo +print_yellow "Resolve OOBIs between all participants (8 total)" +print_yellow "larry -> {moe, curly, alfred}" +kli oobi resolve --name larry --oobi-alias moe \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --oobi "$WIT_HOST:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX" +#kli oobi resolve --name larry --oobi-alias curly \ +# --passcode "DoB26Fj4x9LboAFWJra17O" \ +# --oobi "$WIT_HOST:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX" +#kli oobi resolve --name larry --oobi-alias alfred \ +# --passcode "DoB26Fj4x9LboAFWJra17O" \ +# --oobi "$WIT_HOST:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX" + +echo diff --git a/scripts/demo/basic/rootgar-stooges-multisig-opts.sh b/scripts/demo/basic/rootgar-stooges-multisig-opts.sh new file mode 100755 index 000000000..2eeffa4e7 --- /dev/null +++ b/scripts/demo/basic/rootgar-stooges-multisig-opts.sh @@ -0,0 +1,214 @@ +#!/bin/bash +# multisig-rotate-out-and-in.sh +# This file is self contained except for the keystore initialization config file. +# The inception configuration and multisig configuration files are included in the script +# as here docs. +# +# Required services: +# - KERI witness demo nodes running. +# Use the `kli witness demo` command + + +# Next, creates a multisig AID, threestooges, with larry and moe. +# curly is then rotated into the threestooges AID. +# larry is rotated out of the threestooges AID. +# alfred is rotated into the threestooges AID. + +trap 'echo "Exiting due to Ctrl+C..."; exit 0;' SIGINT + + +# Pull in colored text +source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh + +# create keystores and AIDs for larry, moe, and curly +export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +export ALFRED=ECl8nwhRYub9Se_Caes40ex0vJXi9v84CaydEalEZgH3 + +# Witness prefix +export WAN_WITNESS_PREFIX=BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha + +# store multisig-two-stooges.json as a variable +print_yellow "Multisig Inception temp config file." +read -r -d '' MULTISIG_ICP_CONFIG_JSON << EOM +{ + "aids": [ + "$LARRY", + "$MOE" + ], + "transferable": true, + "wits": ["$WAN_WITNESS_PREFIX"], + "toad": 1, + "isith": "2", + "nsith": "2" +} +EOM + +print_lcyan "Using temporary multisig config file as heredoc:" +print_lcyan "${MULTISIG_ICP_CONFIG_JSON}" + +# create temporary file to store json +temp_multisig_config=$(mktemp) + +# write JSON content to the temp file +echo "$MULTISIG_ICP_CONFIG_JSON" > "$temp_multisig_config" + +function incept() { + echo + print_yellow "Step 3/9 Create multisig AID with larry and moe as participants" + echo + + echo + print_yellow "Multisig Inception for alias: threestooges with larry and moe" + # Follow commands run in parallel + print_yellow "Multisig Inception from larry: ${LARRY}" + kli multisig incept --name larry --alias larry \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --group "threestooges" \ + --file "${temp_multisig_config}" + +# rm "$temp_multisig_config" + + # Check status for larry + echo + print_yellow "Check multisig status for larry" + kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +} + +function rotate_individual_aids() { + echo + print_yellow "Rotate each individual keystore" + kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" + echo +} + +function query_keystate_all_participants() { + echo + print_yellow "Pull key state in from other multisig group participant identifiers" + print_yellow "Key State Query: larry -> {moe, curly, alfred}" + kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE +# kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY +# kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED + echo +} + +function rotate_threestooges() { + # just rotate + print_yellow "larry proposes multisig rotation - larry and moe" + read -r -p "Press enter to continue" + kli multisig rotate --name larry --alias "threestooges" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $LARRY \ + --smids $MOE \ + --nsith '["1/2", "1/2"]' \ + --rmids $LARRY \ + --rmids $MOE +} + +function rotate_curly_in() { + print_yellow "Multisig rotation with alias: threestooges" + + print_yellow "larry proposes rotation - bring curly in" + kli multisig rotate --name larry --alias "threestooges" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/3", "1/3", "1/3"]' \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --nsith '["1/3", "1/3", "1/3"]' \ + --rmids $LARRY \ + --rmids $MOE \ + --rmids $CURLY + + echo + # Check status of multisig AIDs + kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +} + +function rotate_larry_out() { + echo + print_yellow "Step 7/9 Rotate larry out of the threestooges AID" + echo + read -r -p "Press enter to continue" + + echo + print_yellow "Multisig Rotate - larry out - alias: threestooges" + + kli multisig rotate --name larry --alias threestooges \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --smids $LARRY \ + --smids $MOE \ + --smids $CURLY \ + --isith '["1/3", "1/3", "1/3"]' \ + --rmids $MOE \ + --rmids $CURLY \ + --nsith '["1/2", "1/2"]' + + echo + # Check status for larry + kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +} + +main() { + read -n 1 -r -p "Press any key to rotate AIDs" + rotate_individual_aids + read -n 1 -r -p "Press any key to query key state" + query_keystate_all_participants + + incept + + rm "$temp_multisig_config" + + echo + print_yellow "Step 4/9 rotate each individual keystore and update keystate - required prior to performing rotation" + echo + read -n 1 -r -p "Press any key to rotate AIDs" + rotate_individual_aids + read -n 1 -r -p "Press any key to query key state" + query_keystate_all_participants + + print_red "early exit" + exit 0 + + echo + print_yellow "Step 4/9 and 1/2 rotate threestooges - larry and moe" + rotate_threestooges + + read -n 1 -r -p "Press any key to rotate AIDs" + rotate_individual_aids + read -n 1 -r -p "Press any key to query key state" + query_keystate_all_participants + + echo + print_yellow "Step 5/9 Rotate curly into the threestooges AID" + echo + read -r -p "Press enter to continue" + rotate_curly_in + + echo + print_yellow "Step 6/9 rotate each individual keystore and update keystate - required prior to rotating larry out" + echo + + read -n 1 -r -p "Press any key to rotate AIDs" + rotate_individual_aids + read -n 1 -r -p "Press any key to query key state" + query_keystate_all_participants + + rotate_larry_out + + echo + print_yellow "Step 8/9 rotate each individual keystore and update keystate - required prior to rotating alfred in" + echo + + read -n 1 -r -p "Press any key to rotate AIDs" + rotate_individual_aids + read -n 1 -r -p "Press any key to query key state" + query_keystate_all_participants + + echo + print_green "Multisig rotation - use other computers to rotate alfred in" + echo +} +main \ No newline at end of file From c1aa61069a9b867c35943f6b97166ec6b701c390 Mon Sep 17 00:00:00 2001 From: Kent Bull Date: Mon, 8 Jul 2024 09:55:40 -0600 Subject: [PATCH 10/10] use rootgar multisig scripts and demo.py config param --- keri/cf/demo-witness-oobis.json | 0 .../basic/keri/cf/demo-witness-oobis.json | 0 .../demo/basic/multisig-rotate-out-and-in.sh | 355 +++++++++--------- src/keri/app/cli/commands/witness/demo.py | 18 +- 4 files changed, 194 insertions(+), 179 deletions(-) delete mode 100755 keri/cf/demo-witness-oobis.json delete mode 100755 scripts/demo/basic/keri/cf/demo-witness-oobis.json diff --git a/keri/cf/demo-witness-oobis.json b/keri/cf/demo-witness-oobis.json deleted file mode 100755 index e69de29bb..000000000 diff --git a/scripts/demo/basic/keri/cf/demo-witness-oobis.json b/scripts/demo/basic/keri/cf/demo-witness-oobis.json deleted file mode 100755 index e69de29bb..000000000 diff --git a/scripts/demo/basic/multisig-rotate-out-and-in.sh b/scripts/demo/basic/multisig-rotate-out-and-in.sh index f9619d33e..be2851ec3 100755 --- a/scripts/demo/basic/multisig-rotate-out-and-in.sh +++ b/scripts/demo/basic/multisig-rotate-out-and-in.sh @@ -11,27 +11,27 @@ # Use the `vLEI-server -s ./schema/acdc -c ./samples/acdc/ -o ./samples/oobis/` command. -# This script creates four AIDs, larry, moe, curly, and alfred. -# Next, creates a multisig AID, threestooges, with larry and moe. -# curly is then rotated into the threestooges AID. -# larry is rotated out of the threestooges AID. -# alfred is rotated into the threestooges AID. +# This script creates four AIDs, rootgar1, rootgar2, rootgar3, and rootgar4. +# Next, creates a multisig AID, rootgarmulti, with rootgar1 and rootgar2. +# rootgar3 is then rotated into the rootgarmulti AID. +# rootgar1 is rotated out of the rootgarmulti AID. +# rootgar4 is rotated into the rootgarmulti AID. # Pull in colored text source "${KERI_SCRIPT_DIR}"/demo/basic/script-utils.sh -# create keystores and AIDs for larry, moe, and curly -export LARRY=EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe -export MOE=EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR -export CURLY=EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV -export ALFRED=ECl8nwhRYub9Se_Caes40ex0vJXi9v84CaydEalEZgH3 +# create keystores and AIDs for rootgar1, rootgar2, and rootgar3 +export rootgar1=EBiezHEM0j2kfb58M4kbd3fG1lTg0crLmmfis_UXdn41 +export rootgar2=EAn0ufTdhwHvQNWw-PBdz-jHAYC5_Ic3ndHGqRfodG0m +export rootgar3=EMTLiOHsiz8JfTW7g0FSFoqGcHFSaVTFGCsoJaI0OBeC +export rootgar4=EL-S2jdZag7vG6aqnVXJr_Krzd00g0aN2WOJ2ALy46XF # Witness prefix export WAN_WITNESS_PREFIX=BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha echo -print_yellow "Step 1/9 Create AIDs larry, moe, curly, and alfred" +print_yellow "Step 1/9 Create AIDs rootgar1, rootgar2, rootgar3, and rootgar4" echo # store multisig-stooge.json as a variable @@ -58,48 +58,48 @@ echo "$STOOGE_ICP_CONFIG_JSON" > "$temp_icp_config" echo print_yellow "Individual AID creation with temp config file." -print_green "larry: ${LARRY}" -# larry Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe -kli init --name larry \ +print_green "rootgar1: ${rootgar1}" +# rootgar1 Prefix EKZYoeLcSpoBn7DdD0Rugk3xGy6in8zJvhJpMhZ23ETe +kli init --name rootgar1 \ --salt 0ACDEyMzQ1Njc4OWxtbm9aBc \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --config-dir "${KERI_SCRIPT_DIR}" \ --config-file demo-witness-oobis -kli incept --name larry --alias larry \ +kli incept --name rootgar1 --alias rootgar1 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" -# moe Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR -print_green "moe: ${MOE}" -kli init --name moe \ +# rootgar2 Prefix EJ__4LOcMfGRU0V65ywo9GgczMkqTZtgjmCKWU06MDQR +print_green "rootgar2: ${rootgar2}" +kli init --name rootgar2 \ --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --config-dir "${KERI_SCRIPT_DIR}" \ --config-file demo-witness-oobis -kli incept --name moe --alias moe \ +kli incept --name rootgar2 --alias rootgar2 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" -# curly Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV -print_green "curly: ${CURLY}" -kli init --name curly \ +# rootgar3 Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +print_green "rootgar3: ${rootgar3}" +kli init --name rootgar3 \ --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --config-dir "${KERI_SCRIPT_DIR}" \ --config-file demo-witness-oobis -kli incept --name curly --alias curly \ +kli incept --name rootgar3 --alias rootgar3 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" echo -# alfred Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV -print_green "alfred: ${ALFRED}" -kli init --name alfred \ +# rootgar4 Prefix EItXS2M_iaQvYRex9swUaCWLETsxFdQbQD0XZmbukKOV +print_green "rootgar4: ${rootgar4}" +kli init --name rootgar4 \ --salt 0ACDEyMzQ1Njc4OWdoaWpsaw \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --config-dir "${KERI_SCRIPT_DIR}" \ --config-file demo-witness-oobis -kli incept --name alfred --alias alfred \ +kli incept --name rootgar4 --alias rootgar4 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --file "${temp_icp_config}" echo @@ -112,67 +112,67 @@ echo echo print_yellow "Resolve OOBIs between all participants (8 total)" -print_yellow "larry -> {moe, curly, alfred}" -kli oobi resolve --name larry --oobi-alias moe \ +print_yellow "rootgar1 -> {rootgar2, rootgar3, rootgar4}" +kli oobi resolve --name rootgar1 --oobi-alias rootgar2 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name larry --oobi-alias curly \ + --oobi http://127.0.0.1:5642/oobi/$rootgar2/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar1 --oobi-alias rootgar3 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name larry --oobi-alias alfred \ + --oobi http://127.0.0.1:5642/oobi/$rootgar3/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar1 --oobi-alias rootgar4 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX + --oobi http://127.0.0.1:5642/oobi/$rootgar4/witness/$WAN_WITNESS_PREFIX -print_yellow "moe -> {larry, curly, alfred}" -kli oobi resolve --name moe --oobi-alias larry \ +print_yellow "rootgar2 -> {rootgar1, rootgar3, rootgar4}" +kli oobi resolve --name rootgar2 --oobi-alias rootgar1 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name moe --oobi-alias curly \ + --oobi http://127.0.0.1:5642/oobi/$rootgar1/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar2 --oobi-alias rootgar3 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name moe --oobi-alias alfred \ + --oobi http://127.0.0.1:5642/oobi/$rootgar3/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar2 --oobi-alias rootgar4 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX + --oobi http://127.0.0.1:5642/oobi/$rootgar4/witness/$WAN_WITNESS_PREFIX -print_yellow "curly -> {larry, moe, alfred}" -kli oobi resolve --name curly --oobi-alias larry \ +print_yellow "rootgar3 -> {rootgar1, rootgar2, rootgar4}" +kli oobi resolve --name rootgar3 --oobi-alias rootgar1 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name curly --oobi-alias moe \ + --oobi http://127.0.0.1:5642/oobi/$rootgar1/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar3 --oobi-alias rootgar2 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name curly --oobi-alias alfred \ + --oobi http://127.0.0.1:5642/oobi/$rootgar2/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar3 --oobi-alias rootgar4 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$ALFRED/witness/$WAN_WITNESS_PREFIX + --oobi http://127.0.0.1:5642/oobi/$rootgar4/witness/$WAN_WITNESS_PREFIX -print_yellow "alfred -> {larry, moe, curly}" -kli oobi resolve --name alfred --oobi-alias larry \ +print_yellow "rootgar4 -> {rootgar1, rootgar2, rootgar3}" +kli oobi resolve --name rootgar4 --oobi-alias rootgar1 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$LARRY/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name alfred --oobi-alias moe \ + --oobi http://127.0.0.1:5642/oobi/$rootgar1/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar4 --oobi-alias rootgar2 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$MOE/witness/$WAN_WITNESS_PREFIX -kli oobi resolve --name alfred --oobi-alias curly \ + --oobi http://127.0.0.1:5642/oobi/$rootgar2/witness/$WAN_WITNESS_PREFIX +kli oobi resolve --name rootgar4 --oobi-alias rootgar3 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --oobi http://127.0.0.1:5642/oobi/$CURLY/witness/$WAN_WITNESS_PREFIX + --oobi http://127.0.0.1:5642/oobi/$rootgar3/witness/$WAN_WITNESS_PREFIX echo echo -print_yellow "Step 3/9 Create multisig AID with larry and moe as participants" +print_yellow "Step 3/9 Create multisig AID with rootgar1 and rootgar2 as participants" echo echo -print_yellow "Multisig Inception for alias: threestooges with larry and moe" +print_yellow "Multisig Inception for alias: rootgarmulti with rootgar1 and rootgar2" # store multisig-two-stooges.json as a variable print_yellow "Multisig Inception temp config file." read -r -d '' MULTISIG_ICP_CONFIG_JSON << EOM { "aids": [ - "$LARRY", - "$MOE" + "$rootgar1", + "$rootgar2" ], "transferable": true, "wits": ["$WAN_WITNESS_PREFIX"], @@ -192,10 +192,10 @@ temp_multisig_config=$(mktemp) echo "$MULTISIG_ICP_CONFIG_JSON" > "$temp_multisig_config" # Follow commands run in parallel -print_yellow "Multisig Inception from larry: ${LARRY}" -kli multisig incept --name larry --alias larry \ +print_yellow "Multisig Inception from rootgar1: ${rootgar1}" +kli multisig incept --name rootgar1 --alias rootgar1 \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --group "threestooges" \ + --group "rootgarmulti" \ --file "${temp_multisig_config}" & pid=$! PID_LIST+=" $pid" @@ -203,29 +203,29 @@ PID_LIST+=" $pid" echo -kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" # Uncomment when running by hand (and comment out the above join command): #print_lcyan "Run: " -#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar2 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" -#read -r -p "Press enter to continue after moe joins the inception" +#read -r -p "Press enter to continue after rootgar2 joins the inception" echo -print_yellow "Multisig Inception {larry, moe} - wait for signatures" +print_yellow "Multisig Inception {rootgar1, rootgar2} - wait for signatures" echo wait $PID_LIST rm "$temp_multisig_config" -# Check status for larry +# Check status for rootgar1 echo -print_yellow "Check multisig status for larry" -kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -print_yellow "Check multisig status for moe" -kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +print_yellow "Check multisig status for rootgar1" +kli status --name rootgar1 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +print_yellow "Check multisig status for rootgar2" +kli status --name rootgar2 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" echo @@ -236,35 +236,35 @@ echo function rotate_individual_aids() { echo print_yellow "Rotate each individual keystore" - kli rotate --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" - kli rotate --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" - kli rotate --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" - kli rotate --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name rootgar1 --alias rootgar1 --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name rootgar2 --alias rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name rootgar3 --alias rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" + kli rotate --name rootgar4 --alias rootgar4 --passcode "DoB26Fj4x9LboAFWJra17O" echo } function query_keystate_all_participants() { echo print_yellow "Pull key state in from other multisig group participant identifiers" - print_yellow "Key State Query: larry -> {moe, curly, alfred}" - kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE - kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY - kli query --name larry --alias larry --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED - - print_yellow "Key State Query: moe -> {larry, curly, alfred}" - kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY - kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY - kli query --name moe --alias moe --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED - - print_yellow "Key State Query: curly -> {larry, moe, alfred}" - kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY - kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE - kli query --name curly --alias curly --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $ALFRED - - print_yellow "Key State Query: alfred -> {larry, moe, curly}" - kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $LARRY - kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $MOE - kli query --name alfred --alias alfred --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $CURLY + print_yellow "Key State Query: rootgar1 -> {rootgar2, rootgar3, rootgar4}" + kli query --name rootgar1 --alias rootgar1 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar2 + kli query --name rootgar1 --alias rootgar1 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar3 + kli query --name rootgar1 --alias rootgar1 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar4 + + print_yellow "Key State Query: rootgar2 -> {rootgar1, rootgar3, rootgar4}" + kli query --name rootgar2 --alias rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar1 + kli query --name rootgar2 --alias rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar3 + kli query --name rootgar2 --alias rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar4 + + print_yellow "Key State Query: rootgar3 -> {rootgar1, rootgar2, rootgar4}" + kli query --name rootgar3 --alias rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar1 + kli query --name rootgar3 --alias rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar2 + kli query --name rootgar3 --alias rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar4 + + print_yellow "Key State Query: rootgar4 -> {rootgar1, rootgar2, rootgar3}" + kli query --name rootgar4 --alias rootgar4 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar1 + kli query --name rootgar4 --alias rootgar4 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar2 + kli query --name rootgar4 --alias rootgar4 --passcode "DoB26Fj4x9LboAFWJra17O" --prefix $rootgar3 echo } @@ -272,71 +272,71 @@ rotate_individual_aids query_keystate_all_participants echo -print_yellow "Step 5/9 Rotate curly into the threestooges AID" +print_yellow "Step 5/9 Rotate rootgar3 into the rootgarmulti AID" echo -MULTISIG_AID=EGRRbB0Heh3rbyfCnf7vdbYWbKwWASZboMrMtAnGkDDA +#MULTISIG_AID=EGRRbB0Heh3rbyfCnf7vdbYWbKwWASZboMrMtAnGkDDA +MULTISIG_AID=EAvWXlkDgUMdyqceYKfIbhMBVicc741ORI00itkrRtx6 - -print_yellow "Multisig rotation with alias: threestooges" +print_yellow "Multisig rotation with alias: rootgarmulti" PID_LIST="" -print_yellow "larry proposes rotation - bring curly in" -kli multisig rotate --name larry --alias "threestooges" \ +print_yellow "rootgar1 proposes rotation - bring rootgar3 in" +kli multisig rotate --name rootgar1 --alias "rootgarmulti" \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --isith '["1/3", "1/3", "1/3"]' \ - --smids $LARRY \ - --smids $MOE \ - --smids $CURLY \ + --smids $rootgar1 \ + --smids $rootgar2 \ + --smids $rootgar3 \ --nsith '["1/3", "1/3", "1/3"]' \ - --rmids $LARRY \ - --rmids $MOE \ - --rmids $CURLY & + --rmids $rootgar1 \ + --rmids $rootgar2 \ + --rmids $rootgar3 & pid=$! PID_LIST+=" $pid" sleep 1 -kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" -# Tell curly about the new multisig AID with OOBI resolve -print_yellow "Resolve threestooges multisig OOBI for curly" -kli oobi resolve --name curly --oobi-alias threestooges \ +# Tell rootgar3 about the new multisig AID with OOBI resolve +print_yellow "Resolve rootgarmulti multisig OOBI for rootgar3" +kli oobi resolve --name rootgar3 --oobi-alias rootgarmulti \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --oobi http://127.0.0.1:5642/oobi/$MULTISIG_AID/witness/$WAN_WITNESS_PREFIX echo -kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" # Uncomment when running by hand (and comment out the above join commands): #print_lcyan "Run: " -#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar2 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "and: " -#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar3 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" #print_lcyan "and then delete any non-rotation notifications." -#print_lcyan "Then join the multisig rotation proposed by larry" -#read -r -p "Press enter to continue after moe and curly join" +#print_lcyan "Then join the multisig rotation proposed by rootgar1" +#read -r -p "Press enter to continue after rootgar2 and rootgar3 join" echo -print_yellow "Multisig rotation threestooges - wait for signatures" +print_yellow "Multisig rotation rootgarmulti - wait for signatures" wait $PID_LIST # Check status of multisig AIDs -# Check status for larry -kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for moe -kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for curly -kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar1 +kli status --name rootgar1 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar2 +kli status --name rootgar2 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar3 +kli status --name rootgar3 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" echo -print_yellow "Step 6/9 rotate each individual keystore and update keystate - required prior to rotating larry out" +print_yellow "Step 6/9 rotate each individual keystore and update keystate - required prior to rotating rootgar1 out" echo rotate_individual_aids @@ -344,57 +344,61 @@ query_keystate_all_participants echo -print_yellow "Step 7/9 Rotate larry out of the threestooges AID" +print_yellow "Step 7/9 Rotate rootgar1 out of the rootgarmulti AID" echo + +print_red "early exit" +exit 0 + echo -print_yellow "Multisig Rotate - larry out - alias: threestooges" +print_yellow "Multisig Rotate - rootgar1 out - alias: rootgarmulti" PID_LIST="" -kli multisig rotate --name larry --alias threestooges \ +kli multisig rotate --name rootgar1 --alias rootgarmulti \ --passcode "DoB26Fj4x9LboAFWJra17O" \ - --smids $LARRY \ - --smids $MOE \ - --smids $CURLY \ + --smids $rootgar1 \ + --smids $rootgar2 \ + --smids $rootgar3 \ --isith '["1/3", "1/3", "1/3"]' \ - --rmids $MOE \ - --rmids $CURLY \ + --rmids $rootgar2 \ + --rmids $rootgar3 \ --nsith '["1/2", "1/2"]' & pid=$! PID_LIST+=" $pid" -kli multisig join --name moe --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar2 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" -kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" # Uncomment when running by hand (and comment out the above join commands): #print_lcyan "Run: " -#print_green " kli multisig join --name moe --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar2 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "and: " -#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar3 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" #print_lcyan "and then delete any non-rotation notifications." -#print_lcyan "Then join the multisig rotation proposed by larry" -#read -r -p "Press enter to continue after moe and curly join" +#print_lcyan "Then join the multisig rotation proposed by rootgar1" +#read -r -p "Press enter to continue after rootgar2 and rootgar3 join" echo -print_yellow "Multisig rotation - larry out - alias: threestooges - wait for signatures" +print_yellow "Multisig rotation - rootgar1 out - alias: rootgarmulti - wait for signatures" wait $PID_LIST -# Check status for larry -kli status --name larry --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for moe -kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for curly -kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar1 +kli status --name rootgar1 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar2 +kli status --name rootgar2 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar3 +kli status --name rootgar3 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" echo -print_yellow "Step 8/9 rotate each individual keystore and update keystate - required prior to rotating alfred in" +print_yellow "Step 8/9 rotate each individual keystore and update keystate - required prior to rotating rootgar4 in" echo rotate_individual_aids @@ -402,64 +406,73 @@ query_keystate_all_participants echo -print_yellow "Step 9/9 Rotate alfred into the threestooges AID" +print_yellow "Step 9/9 Rotate rootgar4 into the rootgarmulti AID" echo -# Tell curly about the new multisig AID with OOBI resolve -print_yellow "Resolve threestooges multisig OOBI for curly" -kli oobi resolve --name alfred --oobi-alias threestooges \ +# Tell rootgar3 about the new multisig AID with OOBI resolve +print_yellow "Resolve rootgarmulti multisig OOBI for rootgar3" +kli oobi resolve --name rootgar4 --oobi-alias rootgarmulti \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --oobi http://127.0.0.1:5642/oobi/$MULTISIG_AID/witness/$WAN_WITNESS_PREFIX echo -print_yellow "Multisig rotation with alias: threestooges" +print_yellow "Multisig rotation with alias: rootgarmulti" PID_LIST="" -print_yellow "moe proposes rotation - bring curly in" -kli multisig rotate --name moe --alias "threestooges" \ +kli multisig rotate --name rootgar2 --alias "rootgarmulti" \ + --passcode "DoB26Fj4x9LboAFWJra17O" \ + --isith '["1/2", "1/2"]' \ + --smids $rootgar2 \ + --smids $rootgar3 \ + --nsith '["1/2", "1/2"]' \ + --rmids $rootgar2 \ + --rmids $rootgar3 + +print_yellow "rootgar2 proposes rotation - bring rootgar4 in" +kli multisig rotate --name rootgar2 --alias "rootgarmulti" \ --passcode "DoB26Fj4x9LboAFWJra17O" \ --isith '["1/3", "1/3", "1/3"]' \ - --smids $MOE \ - --smids $CURLY \ - --smids $ALFRED \ + --smids $rootgar2 \ + --smids $rootgar3 \ + --smids $rootgar4 \ --nsith '["1/3", "1/3", "1/3"]' \ - --rmids $MOE \ - --rmids $CURLY \ - --rmids $ALFRED & + --rmids $rootgar2 \ + --rmids $rootgar3 \ + --rmids $rootgar4 & pid=$! PID_LIST+=" $pid" sleep 1 -kli multisig join --name curly --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar3 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" -kli multisig join --name alfred --passcode "DoB26Fj4x9LboAFWJra17O" --group threestooges --auto & +kli multisig join --name rootgar4 --passcode "DoB26Fj4x9LboAFWJra17O" --group rootgarmulti --auto & pid=$! PID_LIST+=" $pid" # Uncomment when running by hand (and comment out the above join commands): #print_lcyan "Run: " -#print_green " kli multisig join --name curly --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar3 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "and: " -#print_green " kli multisig join --name alfred --passcode \"DoB26Fj4x9LboAFWJra17O\" --group threestooges" +#print_green " kli multisig join --name rootgar4 --passcode \"DoB26Fj4x9LboAFWJra17O\" --group rootgarmulti" #print_lcyan "in a terminal from 'keripy/scripts/demo' that has run 'source ./demo-scripts.sh'" #print_lcyan "and then delete any non-rotation notifications." -#print_lcyan "Then join the multisig rotation proposed by larry" -#read -r -p "Press enter to continue after curly and alfred join" +#print_lcyan "Then join the multisig rotation proposed by rootgar1" +#read -r -p "Press enter to continue after rootgar3 and rootgar4 join" echo -print_yellow "Multisig rotation threestooges - wait for signatures" +print_yellow "Multisig rotation rootgarmulti - wait for signatures" wait $PID_LIST # Check status of multisig AIDs -# Check status for moe -kli status --name moe --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for curly -kli status --name curly --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" -# Check status for alfred -kli status --name alfred --alias threestooges --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar2 +kli status --name rootgar2 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar3 +kli status --name rootgar3 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" +# Check status for rootgar4 +kli status --name rootgar4 --alias rootgarmulti --passcode "DoB26Fj4x9LboAFWJra17O" echo print_green "Multisig rotation - complete" diff --git a/src/keri/app/cli/commands/witness/demo.py b/src/keri/app/cli/commands/witness/demo.py index dd83dc849..678b904da 100644 --- a/src/keri/app/cli/commands/witness/demo.py +++ b/src/keri/app/cli/commands/witness/demo.py @@ -17,24 +17,26 @@ parser = argparse.ArgumentParser(description="Run a demo collection of witnesses") parser.set_defaults(handler=lambda args: demo(args)) +parser.add_argument("--config-dir", "-c", dest="configDir", help="directory override for configuration data") help.ogler.level = logging.INFO logger = help.ogler.getLogger() -def demo(_): +def demo(args): """ Run set of three witnesses for demo """ - - wancf = configing.Configer(name="wan", headDirPath="scripts", temp=False, reopen=True, clear=False) - wilcf = configing.Configer(name="wil", headDirPath="scripts", temp=False, reopen=True, clear=False) - wescf = configing.Configer(name="wes", headDirPath="scripts", temp=False, reopen=True, clear=False) - witcf = configing.Configer(name="wit", headDirPath="scripts", temp=False, reopen=True, clear=False) - wubcf = configing.Configer(name="wub", headDirPath="scripts", temp=False, reopen=True, clear=False) - wyzcf = configing.Configer(name="wyz", headDirPath="scripts", temp=False, reopen=True, clear=False) + configDir = args.configDir if args.configDir is not None else "scripts" + + wancf = configing.Configer(name="wan", headDirPath=configDir, temp=False, reopen=True, clear=False) + wilcf = configing.Configer(name="wil", headDirPath=configDir, temp=False, reopen=True, clear=False) + wescf = configing.Configer(name="wes", headDirPath=configDir, temp=False, reopen=True, clear=False) + witcf = configing.Configer(name="wit", headDirPath=configDir, temp=False, reopen=True, clear=False) + wubcf = configing.Configer(name="wub", headDirPath=configDir, temp=False, reopen=True, clear=False) + wyzcf = configing.Configer(name="wyz", headDirPath=configDir, temp=False, reopen=True, clear=False) wanHby = habbing.Habery(name="wan", salt=Salter(raw=b'wann-the-witness').qb64, temp=False, cf=wancf) wilHby = habbing.Habery(name="wil", salt=Salter(raw=b'will-the-witness').qb64, temp=False, cf=wilcf)