Description

The proof request object required by the Swagger-API is a large JSON object specifying the attributes their constraints that a verifier will accept. E.g. attribute x from schema y and issuer did z. Currently, the basic controller provides no support to help the application developer construct these proofs.

The design of a Builder class should be explored and developed to make this easier.

Are you interested in working on this improvement yourself?

• No, but I am happy to support someone who is.

Additional Context

If unfamiliar with the present proof protocol then the following tutorial notebook should help - https://github.com/OpenMined/PyDentity/blob/master/tutorials/aries-basic-controller/notebooks/alice/Part%206%20-%20Present%20Proof.ipynb

Running through the aries-fl project should give some more context to how this will add value - https://github.com/OpenMined/PyDentity/tree/master/projects/aries-fl

What?

We need to understand the space of open source mobile SSI aries agents. What libraries are available and what state are they in? Can we use any of them to create our own agent today? I know a number of projects in development:

• https://github.com/hyperledger/aries-mobileagent-xamarin which uses the dot-net framework.
• https://github.com/ayanworks/ARNIMA - a React Native project
• https://github.com/AbsaOSS/rn-indy-sdk - a different React Native project

I am slightly biased towards the react native solutions, however I know that the Xamarin is the most developed. It would be great to have an analysis of the different solutions and an understand of the steps we would need to take to create our own mobile agent using these tools.

How long?

This could take a long time. Lets say ~3 months initially.

Is your research related to a problem?

Currently the only mobile agents available are boring functional apps developed by a few organisations. We want to open up innovation in this space so that developers can start experimenting designing personal digital wallets. OM is well placed to be a big contributor in this area. PPML + personal digital wallets = :)

Description

We want to be able to use the payload of the basic message protocol. Right now this is printed but it is difficult to place into a persistent variable;

USER = "empty"

def messages_handler(payload):
    connection_id = payload["connection_id"]
    USER = payload["content"]
    print("USER RESPONSE:", payload["content"], "\nCONNECTION_ID: "+connection_id)

When we call this function and print USER we still contains 'empty'. We need a way to bridge the communications gap between messages_handler and the USER variable.

Are you interested in working on this improvement yourself?

• No, I am not.

Additional Context

Description

Unit test the simple behaviour of aries-basic-controller.
Create a tests folder to store them in

Type of Test

• Unit test (e.g. checking a loop, method, or function is working as intended)
• Integration test (e.g. checking if a certain group or set of functionality is working as intended)
• Regression test (e.g. checking if by adding or removing a module of code allows other systems to continue to function as intended)
• Stress test (e.g. checking to see how well a system performs under various situations, including heavy usage)
• Performance test (e.g. checking to see how efficient a system is as performing the intended task)
• Other...

Description

Use github actions to setup unit testing of branches

Type of Test

• [] Unit test (e.g. checking a loop, method, or function is working as intended)
• Integration test (e.g. checking if a certain group or set of functionality is working as intended)
• Regression test (e.g. checking if by adding or removing a module of code allows other systems to continue to function as intended)
• Stress test (e.g. checking to see how well a system performs under various situations, including heavy usage)
• Performance test (e.g. checking to see how efficient a system is as performing the intended task)
• Other... CI

Expected Behavior

When a branch is updated, unit tests should be automatically run by github actions

Additional Context

We currently have no tests (see #18)

What?

The tutorials are getting larger and the naming isn't always clear. I suggest we refactor as follows:

aries-basic-controller folder becomes 1. Learning Aries, ACA-Py and the Basic Controller
aries-staging-net becomes 2. Public ledger's and Mobile Wallet's

Open to suggestions on exact naming.

Additionally I suggest we consider refactoring the aries-basic-controller tutorial to have a subfolder or possibly multiple subfolders for advanced concepts. Mostly it frustrates me that Part 10 appears after Part 1 when you open the notebook, but I think this is a sensible refactor moving forwards.

Both Alice and Bob could have subfolder's for advanced concepts and also potentially for helper functions such as those described in issues #60 #59 #58.

For now revocation could move under the advanced concepts, and in the future tutorials on Mediation - #41 and mutli wallets could go under here too.

There are also still a few floating notebooks that cover the basic API under a misc folder that I think should be removed.

Why?

The refactor should not take too long, it is a renaming of the folder structure for our tutorials so they are more intuitive for students.

Description

The current docker-compose/manage/create_connection.py setup spins-up two agents. We should generalise this process so that any number of agents can be created and connected with each other. To add a new agent manually requires duplicating the code N times, which doesn't scale easily for large environments and is prone to mistakes.

A sandbox controller should have to define ports for each agent, but inter-agent connections (create_connection.py) should be automated. Automating the process in docker-compose would be great as well, if possible

Are you interested in working on this improvement yourself?

Yes, I am.

Additional Context

This is necessary for the PryVote sandbox, in which we may need a minimum of six agents (3 vote counters and at least 3 voters)

What?

There are a number of efforts to implement Single Sign on using decentralised identifiers and/or Verifiable Credentials. It would be great to have an understanding of the different design choices involved, including example implementations of them if possible utilising the basic controller package.

Here is research paper on the topic: https://arxiv.org/abs/2006.04754

BC Gov have a repo around one of the flows which would be a good place to start: https://github.com/bcgov/vc-authn-oidc

@lohanspies also has experience in this area.

How long?

No more than a couple of weeks.

Is your research related to a problem?

We want to provide simple, easy to implement flows for developers to leverage these more secure identification and authentication procedures in their applications.

Where?

The connections_controller.py needs a notebook that demonstrates it's full functionality

Who?

Any developer looking to learn how to control a Hyperledger Aries aca-py agent

What?

A working notebook with relevant markdown explainations

What?

Keri stands for Key Event Receipt Infrastructure that seems promising. It enables the creation of public and private identifiers that do not necessarily have to be rooted to a distributed ledger. It may be more flexible and hence desirable for OM usecases.

Looking for someone to really dive into this, ideally attending this weekly call - https://identity.foundation/working-groups/identifiers-discovery.html at 4pm CET.

Code is currently in development in a number of different languages and it would be great to get a sense of what Keri is capable of both today and as the project progresses.

How long?

Initially 3-6 months

Is your research related to a problem?

To be able to leverage public-key cryptography we need a key management solution that is scalable and secure, providing a means for identifiers correlated to entities and trusted. Keri seems like a promising solution.

Additional Context

There are plenty of resources to get started, this is a pretty comprehensive list:

• https://keri.one/keri-resources/

Libraries in development:

• Python
• Rust

Feature Description

The current manage and compose files for the Opus demo environment are based on the 'alice' and 'bob' dockerfiles. It'd be great if it was 'opus' and 'alice'.

The containers needed in the environment are;

• Opus Business Logic Notebook:8889
• Opus Agent:8051
• Alice Notebook:8888
• Alice Agent:8021
• Ledger Browser:9000

Is your feature request related to a problem?

This will make the Opus tutorials more complete

What alternatives have you considered?

At the moment i'm just using the default env.

Additional Context

Add any other context or screenshots about the feature request here.

Feature Description

The current manage and compose files for the PryVote demo environment are based on the 'alice' and 'bob' dockerfiles. We need more agents to demonstrate voting

The containers needed in the environment are;

Red vote counter notebook:8889      (better names than Red, Blue, Yellow??)
Red Agent:8051
Blue vote counter notebook:8888
Blue Agent:8021
Yellow vote counter:8900
Yellow Agent:8071
Alice (voter 1) notebook:8901
Alice Agent: 8091
Bob (voter 2) notebook:8092
Bob Agent: 8111
Ledger Browser:9000

Is your feature request related to a problem?

The current setup (Alice and Bob) does not provide enough agents to demonstrate PryVote

What alternatives have you considered?

The voters and vote counters don't necessarily need to be agents; however, we still need some way of communicating across notebooks

Additional Context

Could be integrated with Opus demo environment (#14)

Feature Description

Enable attachments to be sent using a custom aries protocol over DIDComm. Extend the controller to handle this new protocol.

Is your feature request related to a problem?

This is related to work exploring DIDComm for ML messages

Feature Description

Create a generic PyDentity Dockerfile that can be copied to any repository without breaking functionality.
This Dockerfile should have the basic controller installed.

Is your feature request related to a problem?

The current Dockerfile in libs/aries-basic-controller installs the controller as a local pip install. Therefore, it must remain in the basic controller directory.

What alternatives have you considered?

None

Additional Context

Blocked by #11 (publish v0.1 to pypi)

Description

Currently if the webhook handler functions the user of this library defines throw an error, this breaks the entire application stack including the agent.

This is bad. Probably the agent should also not break like this, but we can and should handle this in the basic controller by wrapping this in a try, except code block. This is probably something we should look at throughout the code.

How to Reproduce

1. Run any of the docker compose setups in tutorial or projects
2. Open one of the notebooks
3. Define a handler function that intentionally errors
4. Cause that handler function to be triggered (most easiest is the connection handler which is triggered through the create_invitation() function)

Expected Behavior

We should handle the error gracefully, this is an easy but important fix.

Description

The introduction protocol as defined here - https://github.com/hyperledger/aries-rfcs/tree/master/features/0028-introduce. Is implemented in aca-py. We just need to extend basic controller api to include the endpoints aca-py defines. Specifically /connections/{conn_id}/start-introduction

Should be fairly straightforward.

A notebook tutorial for this protocol should be added to the aries-basic-controller tutorial.

Description

We should add a get_listeners() function to the controller. We should also return the list of listeners when registering and perhaps when adding listeners individually?

Are you interested in working on this improvement yourself?

• No but I think Mortiz might be

Feature Description

Aca-py agents allow the admin api that is used to control it to secured - https://github.com/hyperledger/aries-cloudagent-python#security. This feature needs to be enabled in the controller.

Is your feature request related to a problem?

Currently the controller only works with the admin-api in unsecured mode.

What?

ACA-Py is a aries cloudagent developed by BC Gov and includes the capability to generate DIDs (public and private key pairs). What is not immediately clear to me is how we use these agents with the aries-basic-controller to create arbitary digital signatures on information that can be publically verified. And is there a way to publish these signatures indepndently from a DIDComm connection? There is also the problem of how does the DID used to sign statements get correlated to a physical entity. Signatures from public DIDs seems to be a sensible place to start experimenting.

ACA-Py currently creates signatures using decorators - see SigningDecorator.

The aim of this research would be to suggest a protocol and swagger API to include this functionality into ACA-Py.

How long?

Hopefully not too long, around a month.

Is your research related to a problem?

There is currently no easy mechanism to sign statements from an application point of view using ACA-Py despite having a key store and the capability to create signatures built into the agent. This is a useful primitive we would like to enable using these agents.

Additional Context

If unsure about some of the terminology in this issue but you are still interested, we recommend you start with our tutorials highlighting what is possible now using ACA-Py and the aries-basic-controller.

https://github.com/OpenMined/PyDentity/tree/master/tutorials/aries-basic-controller

What?

Currently, our tutorials all use aca-py v0.5.1, but the latest is 0.5.6. It would be great to upgrade, check all api endpoints are configured and also to refactor our docker configuration so that upgrading in the future is easier.

Why?

We should be using the latest version.

Breakdown

Provide a bulleted or numbered list of how you might break this refactor down into smaller issues.

• Refactor to follow a common approach for spinning up docker images.
  • Look into the yaml agent configuration update included in ACA-Py 0.5.6
  • ENV variables configured in manage should pass into a common yml file. E.g. AGENT_NAME:BOB_AGENT_NAME
• Ensure all tutorials and projects use the latest config approach
• Check all endpoints in the swagger UI and implement any new ones in the basic controller
  • Except revocation which is considered a separate issue #21
• Document the approach to spinning up a new agent configuration using docker & yml

It would be great to simplfy our repo and condense all configuration files in a single place.

Description

Currently the .terminate() function returns None. This is not very useful, lets make it better. Probably a boolean? Not sure, open to ideas.

Release pipeline

We currently don't really have a process for this. Whenever new features are added to the aries-basic-controller I bump the versioning as needed. We have no process around this and we don't tag releases.

We should explore and develop a much more robust process for releasing new versions.

Who?
This is to make it easier for anyone using our library

Description

running ./manage up spams the terminal with a lot of information which, while useful, hides links to localhost needed to run the demos.

We should either reduce the amount of information being logged, or otherwise post the links in a more permanent and obvious position (through I mechanism I am yet to determine)

Are you interested in working on this improvement yourself?

Sure

Additional Context

N/A

Description

ACA-Py recently released version 0.6.0. We should bump to this but it will require some substantial refactor. This is worth it because support multi-wallet functionality.

Are you interested in working on this improvement yourself?

• No, but I think @lohanspies or @frogman might be able to take this on. Happy to support.

Additional Context

Add any other context or screenshots.

Feature Description

The aries basic controller library needs extending to cover the Proofs Api.

Is your feature request related to a problem?

No

What alternatives have you considered?

A clear and concise description of any alternative solutions or features you've considered.

Additional Context

If you run ./manage start in libs/aries-basic-controller then navigate to http://localhost:8021/api/doc you will see the swagger API for an aries agent. Most of this api has been implemented in the controller already but a reasonable amount of work remains to implement the proofs api.

What?

Secure data storage is a key component of any SSI or PPML system. Entities need a mechanism to store private and personally identifiable information in a way that can be easily accessed, searched and operated on.

There are many interested secure storage mechanisms under development, this is a research project to explore and understand the current best practice in the space and give a recommendation around engineering steps that OM should be taking to improve capability within this important area.

A good place to start is probably here - https://identity.foundation/secure-data-store/ although if you have other good ideas feel free to explore.

How long?

Not sure how long this should take. I don't have a good grasp of this area. No more than 3 months I would hope.

Additional Context

This will be an important component for anyone wishing to develop secure, privacy-preserving applications. It will be important to develop some knowledge in this area.

Feature Description

Multi wallet supports allows a single ACA-Py agent to manage sub wallets on behalf of others. This is a key feature, not everyone will be able to or want to manage their own wallets all the time.

We need to implement the API and write a tutorial that explores these flows. I think this should be a separate folder in tutorials.

See the docs here -
https://github.com/hyperledger/aries-cloudagent-python/blob/main/Multitenancy.md

What?

Currently focus has been on developing credential exchange flows that are functional, but very little work has gone into designing the user experience for this new paradigm digital interaction.

• What does it look like to display a credential that has been cryptographically verified?
• What information does an individual need to be shown to have assurance with the entities they are interacting with over DIDComm?
• What information does a Verifier need to determine a credential was issued by an entity with the approapriate authority?

This is largely unexplored territory and should be an exiting place for UI/UX folks to shape best practice within the identity space and make sure that all the great cryptography being developed is usable and understandable to the end user.

How long?

This could be quite a long project and I am no designer, so lets say ~6 months. It is an evolving space with tools only just getting to the point where we can experiment with interfaces.

Additional Context

If unsure about SSI interactions then I recommend starting here - https://github.com/OpenMined/PyDentity/tree/master/tutorials/aries-basic-controller

Feature Description

Revocation enables an issuer to revoke credentials they have issued at some point in the future. The ACA-Py folks have done a lot of work to harden this API and it will be included in v0.5.5 which is being released very soon.

All endpoints should be implemented and a notebook tutorial is written to document how to use the API to issue revocable credentials and then revoke them.

Description

The notebook demonstrating Shamir Secret Sharing used quick-and-dirty code to en/decrypt the votes. This process should be made more robust and general by turning it into functions which sit outside of notebooks (in .py files within the pryvote subfolder) and are imported into the notebooks. Unit tests should be added for these functions. Alternatively, use a pre-existing python package if one exists.

Are you interested in working on this improvement yourself?

• Yes, I am

Currently, all examples use the default wallet storage, an sqlite database.

It would be good to create a docker-compose tutorial setup that experiments with postgres database for wallet storage instead. This is recommended in production use cases.

Description

The proof object is another complex JSON constructed by searching the storage for credentials that could be used to respond to a particular proof request. The best approach for this might take some experimentation but it should abstract away the complexity of this code from an application developer, providing a friendly API to programmatically construct proofs.

Things to consider include the different types of proof attributes - self_attested, revealed, predicates. The fact that there might be multiple credentials to match a proof request and the need to let the application decide which to use.

The first task is to create a proposal for how to develop this class.

Are you interested in working on this improvement yourself?.

• No, but happy to support. This is a key feature.

Additional Context

An example can be found under the present proof tutorial - https://github.com/OpenMined/PyDentity/blob/master/tutorials/aries-basic-controller/notebooks/bob/Part%206%20-%20Present%20Proof.ipynb

Feature Description

The OOB protocol is currently implemented and demonstrated for the exchange of a connection invitation. It should also be possible to issue a credential and request a proof in this OOB manner.

Before this can be implemented the ACA-Py OOB protocol must be extended to handle these pathways at the agent level. We could create a P.R for this ourselves for this capability.

See this if block https://github.com/hyperledger/aries-cloudagent-python/blob/653a4c2c4d19e1e3a0b6b89467affcea81827434/aries_cloudagent/protocols/out_of_band/v1_0/manager.py#L258

Description

Currently the only way to configure handlers that listen for specific webhooks from the ACA-Py agent is through the register_listeners function. It would be useful to have an additional method that adds a handler for a single topic to the pubsub.

This should be a straightforward fix.

Are you interested in working on this improvement yourself?

• Happy to, unless someone else wants to take it.

Description

Change the default token issuing by jupyter with a password as described in the jupyter docs in order to enable predictable links. This way Alice's notebook can be linked to Bob's properly and reliably and vice verse. This also renders running get_URLS.sh redundant, and hence improves simplicity.

Are you interested in working on this improvement yourself?

• Yes, I am.
• Happy for anyone else to pick it up

Additional Context

Currently, it is necessary to run ./scripts/get_URLS.sh from the root folder to access the notebooks. The URLs are different every time the jupyter server is started. This also makes it impossible to but links from to Bob's notebook in Alice's notebook and vice verse. With a set password this should be possible.

Considerations

Is this compromising any safety aspects? I currently don't think it does since this is meant as a playground to explore. If it does, please, comment on why. And maybe it is then possible to make this optional so that when starting this on local it uses the password and when run on a remote machine it doesn't. However, will the have much benefit then since the links will be broken when running on remote?

Should publish as V0.1.0

Description

The revocation API is now implemented and a tutorial created under the aries-basic-controller folder. In this example the tails server is run locally within a docker contianer. We should create a tutorial that shows how you can use the BCGov hosted tails server. This will also server to test how revocation works on mobile. As the credential will be issued from an ACA-Py agent to a mobile, presented from the to another ACA-Py agent, then revoked, then attempt to represent the credential

See the current aries-stagingnet tutorial for an example of this mobile flow.
See the Part 10 Revocation notebooks in the basic-controller tutorials for an example of revocation

Are you interested in working on this improvement yourself?

• Not right now, but I think it makes a nice first issue

What?

DIDComm is a protocol under standardisation at DIF - https://github.com/decentralized-identity/didcomm-messaging

Using aries-basic-controller we can easily spin up agents and communicate over DIDComm. It would be good to use WireShark or similar to see exactly what is getting sent over the wire and evaluate the privacy, security and usability implications of this.

How long?

A month

Additional Context

Some useful RFCs - https://hackmd.io/KwogAummQM-fOOBBnjZ32w

Description

Now we have the multitenant API we need to extend the AriesAgentController to be able to speak to the ACA-Py agent as that wallet. ACA-Py creates a JWT Bearer token for each subwallet that must be passed into the API.

We need to be able to set this token in our class. Either through the constructor, or just a getter or probably both.

Are you interested in working on this improvement yourself?

• No but I think @morrieinmaas is going to take it on

Additional Context

Add any other context or screenshots.

Description

Hi.
During the ./manage start testing of the aries-basic-controller I came accross an error with the package tools:
Step 6/12 : RUN conda install jupyter notebook=5.7.8
---> Running in 36c6eb8c464c
Collecting package metadata (current_repodata.json): ...working... done
Solving environment: ...working... failed with initial frozen solve. Retrying with flexible solve.
Collecting package metadata (repodata.json): ...working... done
Solving environment: ...working... failed with initial frozen solve. Retrying with flexible solve.

Found conflicts! Looking for incompatible packages.
This can take several minutes. Press CTRL-C to abort.
failed

UnsatisfiableError: The following specifications were found to be incompatible with each other:

Output in format: Requested package -> Available versions

Package notebook conflicts for:
jupyter -> notebook
notebook=5.7.8

Package setuptools conflicts for:
python=3.8 -> pip -> setuptools
notebook=5.7.8 -> jinja2 -> setuptools

How to Reproduce

1. Inside tutorials/aries-basic-controller#
2. /tutorials/manage start

Expected Behavior

Docker build should went trough

Screenshots

If applicable, add screenshots to help explain your problem.

System Information

• OS: Ubuntu 20.04
• OS Version: focal
• Language Version: Python 3.8.5
• Docker Engine - Community Version: 20.10.1

Description

The doctors in training flow is implemented in notebooks under projects/doctors-in-training but there is currently no UI. It would be great to pick one of the agents in this flow and develop a full stack application for this agent that includes verification and issuance of credentials.

Why?

This would test out the aries fullstack starter repository we are currently developing and gives a chance to get Vineeth up to speed with React

Breakdown

A doctor mobile agent that has already gone through the doctors in training flow receiving credentials from all the agents should then be able to interact with this UI for an employing hospital that verifies the credentials necessary before onboarding a doctor.

• Extend the aries-fullstack-starter project
  • Needs endpoints for verification of proofs
  • Needs to display the verification results
• Extend to include Single Sign

Description

A presentation of a proof once received is left to the application to parse, checking it's status and retrieving the presented attributes. Currently, this involves having knowledge of the exact structure of the verification object which adds complexity for an application developer.

We should again abstract this behind some helper class and friendly API.

verify = await agent_controller.proofs.verify_presentation(presentation_exchange_id)

I imagine some class taking the verify object here. E.g.

presentation = Presentation(verify)
presentation.get_self_attested()
presentation.get_revealed()
etc...

Defining this API should be the first task. Note this should also include understanding any errors in the presentation.

Are you interested in working on this improvement yourself?

• No but happy to support

Additional Context

The present proof part 11 shows this parsing happening

https://github.com/OpenMined/PyDentity/blob/master/tutorials/aries-basic-controller/notebooks/alice/Part%206%20-%20Present%20Proof.ipynb

Where?

Currently the attachments tutorial isn't that comprehensive but it actually demonstrates some pretty important features.

• How to extend the AriesAgentController class
• How to write a plugin for ACA-Py
• How to run ACA-Py using a plugin.
• How to use that plugin from a controller

It would be great to get this better reflected in the tutorial.

We should especially aim to teach people how to write plugins (DIDComm protocols essentially), which would be a useful skill for all to learn.

Not urgent, just wanted to capture this.

Where?

Additional notebooks need to be added. Demo should be converted to tutorial. Attempt similar to the PySyft style.

What?

The tutorial should take someone with no understanding of SSI through to being able to use the aries-basic-controller library in there own projects.

Feature Description

The protocol is described here - https://github.com/hyperledger/aries-rfcs/tree/master/features/0434-outofband and is currently implemented in ACA-Py. We just need to extend the api in the controller to include this.

A notebook to demonstrate this working would be good.

Is your feature request related to a problem?

Currently, there is no way to scan a QrCode for an agent that I already have an established. It currently just creates a new connection.

What?

A DIDComm mediator is used in routing messages between agents. It is not always required, but in situations where recipients are not always online such as mobile phones, a mediator is necessary.

Mediators are starting to get attention within the identity space as DIDComm v2 becomes standardised. It would be great to understand what is out there for us to use either to run our own mediator or connect to a mediator hosted by another party.

How long?

2 months

Is your research related to a problem?

Before we will be able to run our own mobile agents we will require a mediator they can connect to - #37

Additional Context

This is a good resource on mediators - https://github.com/hyperledger/aries-framework-go/blob/master/docs/didcomm_mediator.md

Currently the go framework does not work with ACA-Py agents but this is supposed to be coming very soon.

I am also expecting the release of specific mediator libraries very soon.

This demo from ACA-Py uses a RoutingAgent that might be worth looking into - https://github.com/hyperledger/aries-cloudagent-python/blob/master/demo/runners/performance.py. This could be used to create a nice notebook tutorial on mediators.

I also know these two projects claim to support mediators:

• https://github.com/Picolab/aries-cloudagent-pico
• https://github.com/hyperledger/aries-framework-dotnet

Description

We'd like to extend the Baseworker class to use the basic messaging service in the Aries controller. We are beginning this below. The plan is to turn the binary into a string so that it can be communicated over the Aries Basic Message protocol. We're trying to send a syft tensor, x, over the channel. If the other side receives it, itll be able to interpret it with it's own Baseworker.

How to Reproduce

1. Run through the README instructions
2. Once you get to the Syft experiment stage.

what we need

We need AriesWorker send/rcv messages to be sent over the aries controller channel.

Screenshots

If applicable, add screenshots to help explain your problem.

System Information

• Docker

What?

Digging into this codebase - https://github.com/AbsaOSS/libvcx. Which eventually has plans to become a rust package for aries agents. If/when this happens it could make embedding aries capabilities into Syft a lot easier.

How long?

No more than a month.

Description

The action menu protocol - https://github.com/hyperledger/aries-rfcs/tree/master/features/0509-action-menu has been implemented in ACA-Py. We need to extend the basic controller to cover these endpoints so the basic controller can use this protocol if required.

Extending the tutorial to demonstrate this protocol in use should also be included.

The endpoints can by navigating to the swagger api interface once you have spun up an instance of the ACA-py agent. http://localhost:8021/api/doc#/

Feature Description

Incorporate SSI from PyDentity to the PryVote notebooks (prioritise Shamir Secret Sharing, as it is the more robust voting protocol), to verify that voters have the right to vote. A voter with incorrect credentials should be included in the notebooks to demonstrate what happens in that scenario.

Is your feature request related to a problem?

The PryVote notebooks currently only demonstrating vote encryption protocols.
identity management (through SSI) is a key piece missing from the PryVote notebooks for PryVote to be an end-to-end voting demo we can show off.

What alternatives have you considered?

N/A

Additional Context

The idea for incorporating SSI is to have each potential voter verify their right to vote with an independent vote arbitrator. If correct credentials are provided, the arbitrator assigns the voter a random, unique key, and sends this key to each vote counter.
When a voter votes, they send their encrypted vote and their key to each vote counter. If the key is not verified by the vote counter, the vote is visibly (to the voter) not included by the vote counter; otherwise it is visibly accepted.

Do not worry about mitigating attacks which attempt to learn a voter's identity from the unique key; that is later work.