Shared Rust libraries for Hyperledger Indy.

Overview

indy-shared-rs

Shared Rust libraries for Hyperledger Indy.

  • indy-credx: Indy verifiable credential issuance and presentation (aka Anoncreds)

  • indy-data-types: Data type definitions for Schemas, Credential Definitions and other types related to credential issuance and processing

  • indy-test-utils: Utilities for use in integration tests.

  • indy-utils: Standard wrappers around binary data encodings and Ursa-provided cryptography functions. Includes support for representing WQL (wallet query language) expressions, normalizing transactions for signing, deriving DIDs and verification keys, and packing and unpacking agent messages using the DIDComm v1 envelope format.

Credit

The initial implementation of indy-shared-rs was developed by the Verifiable Organizations Network (VON) team based at the Province of British Columbia, and derives largely from the implementations within Hyperledger Indy-SDK. To learn more about VON and what's happening with decentralized identity in British Columbia, please go to https://vonx.io.

Contributing

Pull requests are welcome! Please read our contributions guide and submit your PRs. We enforce developer certificate of origin (DCO) commit signing. See guidance here.

We also welcome issues submitted about problems you encounter in using indy-shared-rs.

License

Apache License Version 2.0

Comments
  • Update the identifier validation in the anoncreds-data-types module

    Update the identifier validation in the anoncreds-data-types module

    The anoncreds-data-types module contains an identifiers directory with logic around creation, splitting and validation of the identifiers in anoncreds objects.

    The AnonCreds specification has updated identifiers to allow both the legacy indy style identifiers (different per object type) and URIs.

    As identifiers don't contain specific elements anymore, but just an URI we need to determine how much validation is still needed.

    These are the identifiers that should be updated:

    • [ ] CredentialDefinitionId
    • [ ] RevocationRegistryId
    • [ ] SchemaId

    This task only focusses on adding validation support for the URI type, but doesn't remove logic related to handling the legacy identifier type, this will be handled in separate tasks.

    For each of the identifiers the following should happen:

    • [ ] Update the Validatable implementation for the identifier type to accept both the legacy indy style (currently implemented) and the new URI style according to the AnonCreds specification.
    • [ ] Remove the Qualifiable implementation for the identifier as it isn't needed for the anoncreds implementation
    • [ ] Add utility methods to determine if the identifier is of type legacy indy identifier or URI. Can be either through something like an identifier type (uri, legacy_indy), or just adding two methods is_legacy_indy_identifier() and is_uri_identifier() (thinks the second is simplest).
    • [ ] Rename .parts() to .legacy_indy_identifier_parts(). This should throw an error if the type of the identifier is not a legacy indy identifier
    opened by TimoGlastra 14
  • Revocation List Model

    Revocation List Model

    This is the first PR introducing RevocationList model outlined in https://github.com/hyperledger/anoncreds-spec/issues/108 and #24.

    • introduce RevocationList struct with serde to match outlined json, with tests
    • update create_or_update_revocation_state function for prover and FFI. This now takes in either 1 RevocationList to create or optionally an old one, does a comparison and update the revocation state.
    • initial end to end test in anoncreds_demo

    Additional documentation is added to highlight the unchecked interval, which I am looking into for #36 and #41

    opened by whalelephant 12
  • No id creation

    No id creation

    closes #4 closes #13 closes #23

    It also picks up some tasks from other tickets. Mainly with regards to the "remove to_unqualified...".

    Might have to do some clean up (most String can be converted to &str).

    There are two major TODOs which I need some help with.

    Right now we have some presentation filter, like: schema issuer, schema name, etc. Before we could derive this from the schema id, but not anymore. How will we deal with this? As the schema id has no guarantee of being "qualified" we can not use it.

    I believe we can do these from the filters without changing anything:

        Ok(Filter {
            schema_id,         // YES
            schema_name,       // NO
            schema_issuer_did, // NO
            schema_version,    // NO
            cred_def_id,       // YES
            issuer_did,        // NO
        })
    

    We can allow for more data to be passed in which can be gotten from an object resolution on the ledger or whatever.

    The second one is the wrappers. I did not update them, but updating them would be trivial as they are just FFI-wrappers without complex logic build atop. I can create an issue for that if there is none.

    opened by blu3beri 7
  • Rename indy-credx to anoncreds

    Rename indy-credx to anoncreds

    We need to rename the indy-credx module to the anoncreds module

    • [ ] Rename indy-credx directory to anoncreds
    • [ ] Update Cargo.toml and remove indy terms, add anoncreds naming/terms
    • [ ] Rename impl_indy_object to impl_anoncreds_object
    • [ ] Rename impl_indy_object_from_json to impl_anoncreds_object_from_json
    • [ ] Rename IndyObject to AnonCredsObject
    • [ ] Rename AnyIndyObject to AnyAnonCredsObject
    • [ ] Rename IndyObjectId to AnonCredsObjectId
    • [ ] Rename IndyObjectList to AnonCredsObjectList
    opened by TimoGlastra 7
  • build: Add build for ios and android

    build: Add build for ios and android

    Depends on #43

    closes #45 closes #46

    • I had to patch openssl-src-rs, nothing functional, https://github.com/alexcrichton/openssl-src-rs/compare/release/111...blu3beri:openssl-src-rs:release/111 as it did not provide a build script for the target aarch64-apple-ios-sim. Since they do not accept non-security fixes for this branch we can not get this upstream, unless we depend upon openssl 3.

    Work funded by the Government of Ontario.

    Signed-off-by: blu3beri [email protected]

    opened by blu3beri 6
  • Update schema methods to not generate id based on schema values

    Update schema methods to not generate id based on schema values

    As the identifiers can now be any URI, we should update the methods in the AnonCreds library to not generate the id values, but rather allow the user to generate the IDs themselves based on the AnonCreds method they're using.

    • [ ] Update the credx_create_schema ffi method based on the chosen approach
      • remove origin_did as parameter
      • remove the seq_no parameter from the schema creation (but keep it in the data model for now to not break cred def flow)
      • based on the chosen approach, add an schema_id parameter or not
    • [ ] Update the create_schema issuer.rs method based on the choses approach
      • remove origin_did parameter
      • remove the seq_no parameter from the schema creation (but keep it in the data model for now to not break cred def flow)
      • based on the chosen approach, add a schema_id parameter or not
      • remove the generation of the schema_id based on the schema values
    • [ ] If the frist approach is taken, we need to update all validation logic and make the schema_id optional (but only in some cases). This requires some refactoring probably

    One things to figure out is how we want to approach the generation of the ID, and whether it already needs to be present when we call the methods that create the objects. There's two approaches we can take:

    Approach 1

    Call the creation method (e.g. create_schema) without any identifier and then return the created object (the schema) without the id property. The schema is now created and the id property can be added later when the object is written to the ledger.

    The advantage of this appraoch is that it allows the id generation process to be based on the contents of the object (schema), or it allows the id to be known after the object has been written to the ledger (if e.g. the ledger generates some identifier).

    Approach 2

    Call the creation method (e.g. create_schema) with the identifier and return the created object (the schema) with the id property.

    The advantage of this appraoch is that is allows the anoncreds library to validate the identifier to be a valid URI / legacy indy identifier and we don't have a in-between representation of the model (all fields except the id).

    opened by TimoGlastra 6
  • Moved indy-data-types into anoncreds module data_types

    Moved indy-data-types into anoncreds module data_types

    Moved indy-data-types inside of anoncreds crate. In this process I removed "serde", "cl" and "cl_native" features (because they are mandatory for the anoncreds code). Other features are moved.

    opened by dkulic 5
  • Rename indy-data-types to anoncreds-data-types

    Rename indy-data-types to anoncreds-data-types

    We need to rename the indy-data-types module to the anoncreds-data-types module

    • [ ] Rename indy-data-types directory to anoncreds-data-types
    • [ ] Update Cargo.toml and remove indy terms, add anoncreds naming/terms
    opened by TimoGlastra 2
  • Figure out what to do with indy-wql

    Figure out what to do with indy-wql

    The indy-shared-rs repository contains an implementation of the wallet query language (WQL). It seems the wql module is used currently used by Aries Askar and Indy CredX. The new AnonCreds library will also need to support .

    As Aries Askar now depends on indy_wql, it may make sense to make both AnonCreds and Aries Askar depend on WQL. Need to gather some feedback on this approach.

    • [ ] Determine where the wql code will live (indy-shared-rs, anoncreds, aries-askar)
    • [ ] Determine whether the WQL needs to be standardized as part of AnonCreds
      • It could also be a separate specification, with separate implementation

    If we keep it in here, we should rename it to anoncreds-wql (or maybe even just wallet_query_language)

    Discussed:

    • Move implementation to Aries Askar (ask Andrew Whitehead)
    • Interface in anoncreds(-utils) that is only used for validation in proof request (can be really simple)
    opened by TimoGlastra 2
  • docs: update maintainers file

    docs: update maintainers file

    This PR updates the MAINTAINERS.md file to follow the outline from the Besu repo.

    I added the current AnonCreds maintainers as active maintainers (@WadeBarnes, @andrewwhitehead, @swcurran, @TimoGlastra).

    In addition I added two new maintainers that will start working on the implementation and reviews:

    • Darko Kulic (@dkulic) from SICPA will start with the changes to the AnonCreds library (as described in the board): https://github.com/orgs/hyperledger/projects/16. Adding him a maintainers makes sure he can manage issues, add new items to the project board and merge pull request.
    • Berend Sliedrecht (@blu3beri) from Animo will not start contributing right away but will be mostly involved in PR reviews and merging PRs for now. Adding him as a maintainer makes sure he can review and merge PRs, and manage issues in the repos.

    To finalize this:

    • @blu3beri, @dkulic if you want to be added as a maintainer please reply in this PR that you are willing to become a maintainer of this project
    • @WadeBarnes, @andrewwhitehead, @swcurran, @TimoGlastra if you agree with the changes from this PR please approve this PR. If you don't agree please let us know why and how to change it. Once we have three approvals (one of which is mine, so two to go) and no vetos we can go ahead and merge and add the new maintainers.
    • @dkulic, @andrewwhitehead, @swcurran, @WadeBarnes could you share your LFID so it can be added to the maintainers file
    opened by TimoGlastra 2
  • add comment about openssl dependency

    add comment about openssl dependency

    @andrewwhitehead I am not sure why it was a dependency, but if we have to keep it for some reason we can of course keep it in.

    Signed-off-by: blu3beri [email protected]

    opened by blu3beri 1
  • Serde `RevocationStatusList` field name

    Serde `RevocationStatusList` field name

    The proposed RevocationStatusList field name that contains the current accumulator value is currentAccumulator.

    As the accumulator is in the RevocationRegisty struct in libursa, the accum field is private and serde with the same field name.

    Current situation is to keep the field name accum but we will need to either update the specs or find a workaround for serde.

    opened by whalelephant 0
  • Added `issuerId` to the `schema` and `cred_def` anoncreds objects

    Added `issuerId` to the `schema` and `cred_def` anoncreds objects

    Partially closes #34

    • Adds IssuerId property to the Schema and CredentialDefinition.

    This is reflects the PR for adding the issuerId to anoncreds objects.

    (revocation needs to be done but is omitted here for conflicts with #37.

    Signed-off-by: blu3beri [email protected]

    opened by blu3beri 0
  • Support for mixed proof with revocable/non-revocable credentials

    Support for mixed proof with revocable/non-revocable credentials

    This is an issue with existing anoncreds implementations (indy-sdk and credx) and is illustrated in an aca-py integration test:

    https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/features/0454-present-proof.feature#L120

    When a proof includes both revocable and non-revocable credentials, and the request includes the revocation timestamp at the REQUEST level, then the proof will fail (even though it should pass).

    Note that when the revocation interval is requested at the ATTRIBUTE level, the proof will pass (see integration test https://github.com/hyperledger/aries-cloudagent-python/blob/main/demo/features/0454-present-proof.feature#L100)

    opened by ianco 8
  • Unchecked revocation interval between Presentation and PresRequest

    Unchecked revocation interval between Presentation and PresRequest

    The NonRevocationInterval in the PresentationRequest on the request or the attribute/predicate level are not compared with the timestamp of which the prover has updated the RevocationState to in creating the Presentation.

    Given the verifier only provides RevocationRegistry (aka Accumulator value) for the timestamps in the NonRevocationInterval, the required RevocationRegistry for the timestamp given in the Presentation will be missing and would not cause a revoked credential during that interval to be verified. However, if the verifier provides RevocationRegistry mapped to timestamps outside of the interval, a revoked credential can be verified.

    This might also be related to the issued in #36, i.e. if the RevocationState is for a timestamp that is outside of the one defined in the PresentationRequest, then regardless if it has been revoked, the verifier might not supply the Accumulator value for such a timestamp.

    opened by whalelephant 9
  • Integrate indy-utils into anoncreds

    Integrate indy-utils into anoncreds

    closes #33

    Draft PR for removing / integrating the indy-utils within the anoncreds package

    • NOTE: indy-vdr relies on the indy-utils package so there will some minor duplicate code. (e.g. base64/58)

    Work funded by the Government of Ontario.

    Signed-off-by: blu3beri [email protected]

    opened by blu3beri 0
A CLI for extracting libraries from Apple's dyld shared cache file

dyld-shared-cache-extractor As of macOS Big Sur, instead of shipping the system libraries with macOS, Apple ships a generated cache of all built in dy

Keith Smiley 238 Jan 4, 2023
Sets of libraries and tools to write applications and libraries mixing OCaml and Rust

Sets of libraries and tools to write applications and libraries mixing OCaml and Rust. These libraries will help keeping your types and data structures synchronized, and enable seamless exchange between OCaml and Rust

Meta 36 Jan 28, 2023
A simple made in Rust crack, automatic for Winrar, activated from shared virtual memory, for studies.

Simple Winrar Crack in Rust What does it do ? A simple project that allows you to modify the license check used by WinRaR, "RegKey" from virtual memor

João Vitor 7 Jan 2, 2023
A safe and idiomatic wrapper over shared memory APIs in rust with proper cleanups.

shmem-bind A safe and idiomatic wrapper over shared memory APIs in rust with proper cleanups. Quick start: check the message-passing example for bette

ArshiA Akhavan 3 Apr 6, 2024
This repo contains crates that are used to create the micro services and keep shared code in a common place.

MyEmma Helper Crates This repo contains crates that can are reused over different services. These crate are used in projects at MyEmma. But these crat

MyEmma 1 Jan 14, 2022
Shared execution environment for constructing 3D virtual spaces from the inside.

Hearth Hearth is a shared, always-on execution environment for constructing 3D virtual spaces from the inside. Come join our Discord server! The Histo

null 6 Jan 31, 2023
Shared k-mer content between two genomes

skc skc is a simple tool for finding shared k-mer content between two genomes. Installation Prebuilt binary curl -sSL skc.mbh.sh | sh # or with wget w

Michael Hall 16 Jun 26, 2023
Work-in-progress Rust application that converts C++ header-only libraries to single self-contained headers.

unosolo Work-in-progress Rust application that converts C++ header-only libraries to single self-contained headers. Disclaimer This is my first Rust p

Vittorio Romeo 26 Jul 9, 2021
Collection of immutable and persistent data structures written in Rust, inspired by the standard libraries found in Haskell, Closure and OCaml

PRust: (P)ersistent & Immutable Data Structures in (Rust) This library houses a collection of immutable and persistent data structures, inspired by th

Victor Colombo 13 Aug 13, 2023
Transform jsx/tsx files to reactive views in js/ts to use in Web Components, insert into DOM or integrate with other libraries/frameworks

viewmill Features | Installation | Getting Started | Notes | Examples viewmill is aimed to create complex UIs from a simple form of JSX. It statically

apleshkov 6 Sep 4, 2023
Rust-advent - Learning Rust by solving advent of code challenges (Streaming live on Twitch every Monday)

Rust advent ?? ?? Learning Rust by implementing solutions for Advent of Code problems. ?? HEY, we are live-streaming our attempts to solve the exercis

Luciano Mammino 20 Nov 11, 2022
Rust-clippy - A bunch of lints to catch common mistakes and improve your Rust code

Clippy A collection of lints to catch common mistakes and improve your Rust code. There are over 450 lints included in this crate! Lints are divided i

The Rust Programming Language 8.7k Dec 31, 2022
Rust-battery - Rust crate providing cross-platform information about the notebook batteries.

battery Rust crate providing cross-platform information about the notebook batteries. Table of contents Overview Supported platforms Install Examples

svartalf 326 Dec 21, 2022
A Rust-based shell script to create a folder structure to use for a single class every semester. Mostly an excuse to use Rust.

A Rust Course Folder Shell Script PROJECT IN PROGRESS (Spring 2022) When completed, script will create a folder structure of the following schema: [ro

Sebastián Romero Cruz 1 Apr 10, 2022
Rust Imaging Library's Python binding: A performant and high-level image processing library for Python written in Rust

ril-py Rust Imaging Library for Python: Python bindings for ril, a performant and high-level image processing library written in Rust. What's this? Th

Cryptex 13 Dec 6, 2022
FTL Rust Demangler is a command-line tool for demangling symbol names that are mangled with the Rust convention

FTL Rust Demangler is a command-line tool for demangling symbol names that are mangled with the Rust convention. It takes a mangled symbol name as input and returns the demangled name

timetravel3 7 Mar 30, 2023
rpm (Rust project manager) is a tool that helps you to manage your rust projects

rpm rpm (Rust project manager) is a open source tool for managing your rust project in an organized way Installation # make sure you have rust install

Dilshad 4 May 4, 2023
auto-rust is an experimental project that aims to automatically generate Rust code with LLM (Large Language Models) during compilation, utilizing procedural macros.

Auto Rust auto-rust is an experimental project that aims to automatically generate Rust code with LLM (Large Language Models) during compilation, util

Minsky 6 May 14, 2023
Rusty Shellcode Reflective DLL Injection (sRDI) - A small reflective loader in Rust 4KB in size for generating position-independent code (PIC) in Rust.

Shellcode Reflective DLL Injection (sRDI) Shellcode reflective DLL injection (sRDI) is a process injection technique that allows us to convert a given

null 242 Jul 5, 2023