esune
commented
1 month ago Open loneil opened 1 month ago
esune
commented
1 month ago 
cvarjao
commented
1 month ago The error message is raised from: https://github.com/search?q=repo%3Aopenwallet-foundation%2Fcredo-ts+%22Handshake+protocols%22&type=code
esune
commented
1 month ago The error message is raised from: https://github.com/search?q=repo%3Aopenwallet-foundation%2Fcredo-ts+%22Handshake+protocols%22&type=code
Thanks @cvarjao. Do you think we could expect an empty array to be handled/treated as if the option was not set (this is what ACA-Py seems to do), or do we need to gather consensus on what "optional" attribute means first? Trying to figure out where to route this issue next, since VC-AuthN is just a "consumer".
cvarjao
commented
1 month ago I do not understand the protocol at the level to provide any meaningful feedback, but sounds like credo/aca-py need to have some alignment on how it is implemented though.
wadeking98
commented
1 month ago I'm running into this after my fix for the _url deeplink issue (https://github.com/bcgov/bc-wallet-mobile/issues/2053). I can fix the original error but after that I run into this error because the handshake_protocols is just an empty array in the message body
esune
commented
1 month ago I'm running into this after my fix for the
_urldeeplink issue (bcgov/bc-wallet-mobile#2053). I can fix the original error but after that I run into this error because the handshake_protocols is just an empty array in the message body
Please pull/use the latest vc-authn code, the change adding the handshake protocols was temporarily reverted until we sort out what needs to be done to fix it fully. This should hopefully unblock you for now.
genaris
commented
1 month ago The error message is raised from: https://github.com/search?q=repo%3Aopenwallet-foundation%2Fcredo-ts+%22Handshake+protocols%22&type=code
Thanks @cvarjao. Do you think we could expect an empty array to be handled/treated as if the option was not set (this is what ACA-Py seems to do), or do we need to gather consensus on what "optional" attribute means first? Trying to figure out where to route this issue next, since VC-AuthN is just a "consumer".
As per Aries RFC 0434 I don't see any meaningful case where handshake_protocols contains an empty array. I guess ACA-Py tries to not send anything because your flow is a connection-less one (i.e. no connection reuse is expected, as I see in #513).
Although this can be fixed in ACA-Py and also in Credo's invitation acceptance method, I think your suggestion about considering an empty array from ACA-Py response as None is correct (and maybe faster to implement).
In any case, I'll create a PR in Credo to handle this situation properly.
swcurran
commented
1 month ago So the protocol problem is that in the RFC, handshake_protocols is marked as optional, and ACA-Py is always including it, but leaving the array as empty for connectionless, while Credo is assuming that optional means it will not be included at all if it is not relevant. The fix that is being done in the code is that either is valid.
The clarification in the protocol should be that by optional, either is valid and mean the same thing -- not including handshake_protocols or including it as an empty array [] when there are no handshake_protocols needed.
Not ideal -- the protocol should have been clear from the start in saying that "optional" means don't include it when it is not needed. I think that was intended, but obviously others interpreted it differently.
loneil
commented
1 month ago Thanks @genaris !
For this, unless anyone has a better idea I think we can leave this issue open, once there ends up being a BC Wallet release that integrates the Credo change reimplement the fix in VCAuth-N that will allow handshake protocols back into the OOB message.
(other option is config that toggles it if someone needs the handshake protocols and is using this codebase in the meantime)
swcurran
commented
1 month ago I got some help from ChatGPT on clarifying the protocol — including what a sender SHOULD do and what a recipient MUST do. What do you think?
Certainly! Here is the protocol description in Markdown:
The out-of-band protocol consists of a single message that is sent by the sender.
https://didcomm.org/out-of-band/%VER/invitation{
"@type": "https://didcomm.org/out-of-band/%VER/invitation",
"@id": "<id used for context as pthid>",
"label": "Faber College",
"goal_code": "issue-vc",
"goal": "To issue a Faber College Graduate credential",
"accept": [
"didcomm/aip2;env=rfc587",
"didcomm/aip2;env=rfc19"
],
"handshake_protocols": [
"https://didcomm.org/didexchange/1.0",
"https://didcomm.org/connections/1.0"
],
"requests~attach": [
{
"@id": "request-0",
"mime-type": "application/json",
"data": {
"json": "<json of protocol message>"
}
}
],
"services": ["did:sov:LjgpST2rjsoxYegQDRm7EL"]
}accept is not specified, the receiver uses its preferred choice to respond to the message. RFC 0044 provides a general discussion of media types.handshake_protocols and requests~attach MUST be included in the message.handshake_protocols and requests~attach MUST be included in the message.
Important: If an optional field is not needed, it should be omitted from the message entirely. Including an optional field with a value set to null or an empty value is not compliant with the protocol. The absence of the field is the correct way to indicate that it is not needed.
Including an Optional Field:
{
"@type": "https://didcomm.org/out-of-band/%VER/invitation",
"@id": "<id used for context as pthid>",
"label": "Faber College",
"goal_code": "issue-vc",
"goal": "To issue a Faber College Graduate credential",
"services": ["did:sov:LjgpST2rjsoxYegQDRm7EL"]
}Omitting an Optional Field:
{
"@type": "https://didcomm.org/out-of-band/%VER/invitation",
"@id": "<id used for context as pthid>",
"services": ["did:sov:LjgpST2rjsoxYegQDRm7EL"]
}null){
"@type": "https://didcomm.org/out-of-band/%VER/invitation",
"@id": "<id used for context as pthid>",
"label": null,
"goal_code": null,
"goal": null,
"services": ["did:sov:LjgpST2rjsoxYegQDRm7EL"]
}While the sender should omit optional fields that are not needed, those receiving such messages should be prepared to accept null or empty values for these optional fields. Receivers should not consider the message invalid solely based on the presence of null or empty values in optional fields. They should instead treat these fields as if they were omitted entirely.
By following these guidelines, both senders and receivers can ensure they correctly handle optional fields, enhancing protocol consistency and interoperability.
Wow @swcurran , it seems that Chat GPT is learning fast :smile: . I think it gave some good definitions about what 'optional' means. Maybe Aries RFC 0003 and DIDComm Book or could be a good place for them.
OOB proofs are working to the BC Wallet provided we do not put anything in
handshake_protocolsThe call to ACA-Py to make the OOB includes the handshake_protocols in the response, but we were not including that in our model (by mistake!) so it does not end up in the QR Code/Deep Link payload. Fixing that and having it go through as
[]causes an invalid QR code with an error in the walletSetting content in there, didcomm or connections causes the wallet to spin.
Some context here: https://github.com/bcgov/vc-authn-oidc/pull/582
I don't know if we are missing some other fields in our OOB invitation creation in order to be using handshake_protocols as a blank, or filled array (or which of those cases we'd want for sure) Or not sure if this is an issue on the BC Wallet side, or Credo or something... need some investigation then can add back in handshake_protocols to our model.