Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add did:onion #125

Merged
merged 1 commit into from
Apr 2, 2021
Merged

Add did:onion #125

merged 1 commit into from
Apr 2, 2021

Conversation

clehner
Copy link
Contributor

@clehner clehner commented Mar 29, 2021
edited
Loading

Uses spruceid/ssi#147

This should work, returning a DID document:

$ didkit did-resolve did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid

Note that we cannot use the resulting DID document as-is, due to spruceid/ssi#148. It might also be a problem that this particular DID document uses a property VerificationMethod instead of verificationMethod. The document is fixed: #125 (comment)

This should fetch and verify a VC (Thanks @gorazdko for the example VC):

curl -sx socks5h://127.0.0.1:9050/ http://fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid.onion/vc_sw2.json | didkit vc-verify-credential

Should we test this live in CI, connecting to an onion service over Tor? Won't be testing doing that, but may test with a mock interface, in spruceid/ssi#147

@wyc
Copy link
Contributor

wyc commented Mar 29, 2021
edited
Loading

  1. I suggest we request that the authors of did-onion revise the DID document to be conforming to the new W3C DID CR--I believe that did-onion was drafted against a previous version of the DID spec. The change from VerificationMethod to verificationMethod may be just correcting errata, but would be curious to hear if there was good reason for it.
  2. I feel that we should generally reduce our dependencies on external parties during our CI unless those parties are explicitly meant to be coordinating CI. I would prefer a mock onion interface.

cc @ChristopherA @gorazdko in case you have any thoughts. Thank you for your work on did-onion.

@gorazdko
Copy link

Thank you for the PR!

I've updated the DID document on our server and will open a PR to our spec too.

gorazd@gorazd-MS-7C37:~/Desktop/testing/spruceID/didkit$ cargo run --bin didkit did-resolve did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid
    Finished dev [unoptimized + debuginfo] target(s) in 0.08s
     Running `target/debug/didkit did-resolve 'did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid'`
{
  "@context": [
    "https://www.w3.org/ns/did/v1",
    {
      "@base": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid"
    }
  ],
  "id": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
  "verificationMethod": [
    {
      "id": "#g7r2t9G8dBBnG7yZkD8sly3ImDlrntB25s2pGuaD97E",
      "type": "JsonWebKey2020",
      "controller": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
      "publicKeyJwk": {
        "crv": "Ed25519",
        "kty": "OKP",
        "x": "LIUp9Jdi2R17QcZnbPFZOYyV5oyotNHU2J5dQUdTUa4"
      }
    },
    {
      "id": "#5CRqmSH-XbX2V1qysBH0vPWzgveQEZObyOrAiaOY9U8",
      "type": "JsonWebKey2020",
      "controller": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
      "publicKeyJwk": {
        "crv": "X25519",
        "kty": "OKP",
        "x": "785EYGRUOU2sNrWMZJgsCgQFs4lXpVWgvM9K6CyBogU"
      }
    },
    {
      "id": "#iFPG3dtLcg-0jI4CVa9b94g06KadgrpM8rC9EMI94nA",
      "type": "Ed25519VerificationKey2018",
      "controller": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
      "publicKeyBase58": "3zni9pmFAWvFvuGCnnMVSRxYkjv5gkFMKsMsAtqX1SJq"
    }
  ],
  "authentication": ["#g7r2t9G8dBBnG7yZkD8sly3ImDlrntB25s2pGuaD97E"],
  "assertionMethod": ["#iFPG3dtLcg-0jI4CVa9b94g06KadgrpM8rC9EMI94nA"],
  "capabilityInvocation": ["#g7r2t9G8dBBnG7yZkD8sly3ImDlrntB25s2pGuaD97E"],
  "capabilityDelegation": ["#g7r2t9G8dBBnG7yZkD8sly3ImDlrntB25s2pGuaD97E"],
  "keyAgreement": ["#5CRqmSH-XbX2V1qysBH0vPWzgveQEZObyOrAiaOY9U8"]
}

I wasn't able to verify a vc:

gorazd@gorazd-MS-7C37:~/Desktop/testing/spruceID/didkit$ cargo run --bin didkit  vc-verify-credential -v did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid -p assertionMethod < /home/gorazd/Desktop/testing/spruceID/didkit/vc.json
    Finished dev [unoptimized + debuginfo] target(s) in 0.08s
     Running `target/debug/didkit vc-verify-credential -v 'did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid' -p assertionMethod`
{"checks":[],"warnings":[],"errors":["No applicable proof"]}

The content of vc.json is (http://fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid.onion/vc_sw2.json):

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    {
      "creator": "https://schema.org/creator",
      "programmingLanguage": "https://schema.org/programmingLanguage",
      "version": "https://schema.org/version",
      "codeRepository": "https://schema.org/codeRepository",
      "SoftwareSourceCode": "https://schema.org/SoftwareSourceCode"
    }
  ],
  "id": "urn:uuid:7e74d3a1-5600-4c9d-82e6-0624db65b1ac",
  "type": [
    "VerifiableCredential",
    "SoftwareSourceCode"
  ],
  "credentialSubject": {
    "id": "urn:uuid:146a4794-9b81-42a8-bbf5-4a7504150cab",
    "version": "6b5b64afd16db4b075bfe68d06f6d58f3189f13a",
    "codeRepository": "https://github.com/BlockchainCommons/bc-seedtool-cli.git",
    "creator": {
      "id": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
      "type": "Person|Organization"
    },
    "programmingLanguage": "C++"
  },
  "issuer": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid",
  "issuanceDate": "2021-01-10T19:23:24Z",
  "proof": {
    "type": "Ed25519Signature2018",
    "proofPurpose": "assertionMethod",
    "verificationMethod": "did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid#iFPG3dtLcg-0jI4CVa9b94g06KadgrpM8rC9EMI94nA",
    "created": "2021-01-27T02:56:23.546Z",
    "jws": "eyJhbGciOiJFZERTQSIsImNyaXQiOlsiYjY0Il0sImI2NCI6ZmFsc2V9..WjMNO55D9TLK9CRjesNknradBTTox494TbCKd5PxxhM6TnuCFOxgzHgLZdJE9P9UlmCivf0rINRdsnJAPHtVDQ"
  }
}

cc: @OR13

@clehner
Copy link
Contributor Author

clehner commented Mar 30, 2021
edited
Loading

@gorazdko

The value for the -v (verification method) option should match the value of the verificationMethod property of the proof:

didkit vc-verify-credential -v 'did:onion:fscst5exmlmr262byztwz4kzhggjlzumvc2ndvgytzoucr2tkgxf7mid#iFPG3dtLcg-0jI4CVa9b94g06KadgrpM8rC9EMI94nA' -p assertionMethod < vc_sw2.json

The -v option can also be omitted to get the default behavior of allowing any verificationMethod listed in the DID document (of the issuer) according to the proof purpose. The -p (proof purpose) option can also be omitted to use assertionMethod which is the default for verifiable credentials. So this should work as well:

didkit vc-verify-credential < vc_sw2.json

@gorazdko
Copy link

Thanks!

@clehner clehner mentioned this pull request Mar 31, 2021
Merged
3 tasks
@clehner clehner changed the title [WIP] Add did:onion Add did:onion Apr 1, 2021
@wyc
Copy link
Contributor

wyc commented Apr 1, 2021

If we update the SSI ref or add it as a cargo dep, we should be able to merge this!

@clehner
Copy link
Contributor Author

clehner commented Apr 1, 2021

Rebased

@clehner clehner marked this pull request as ready for review April 1, 2021 21:51
@clehner clehner merged commit e801ce2 into main Apr 2, 2021
@clehner clehner deleted the feat/did-onion branch April 2, 2021 19:26
@clehner clehner mentioned this pull request Apr 2, 2021
Merged
@wyc wyc mentioned this pull request Apr 8, 2021
Closed
@clehner clehner mentioned this pull request Apr 8, 2021
Open
@gorazdko gorazdko mentioned this pull request May 28, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@clehner @wyc @gorazdko