nickreynolds
commented
3 months ago We discussed this in the User Group and it seems like a good idea. Do you have bandwidth to implement this @0x62 ?
Open 0x62 opened 3 months ago
nickreynolds
commented
3 months ago We discussed this in the User Group and it seems like a good idea. Do you have bandwidth to implement this @0x62 ?
0x62
commented
2 months ago @nickreynolds Sure, will create a PR
stale[bot]
commented
2 weeks ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Is your feature request related to a problem? Please describe. When building a multi-tenant and/or multi-user system using Veramo, it's likely you'll need to store private keys which can be accessed/used by multiple parties. For example, an organization might have a private key associated with
did:web:organization.com. You'd want this key to be owned by the organization itself rather than a specific user, so that in the event that the underlying organization ownership is transferred the key can follow without additional changes.There are likely other use-cases where you'd want to attach metadata to the private key outside of authz. At the moment there is no way to pass metadata to an
AbstractPrivateKeyStore.Describe the solution you'd like We already have the
KeyMetadatainterface onManagedKeyInfo. Themetaobject could also be added to theManagedPrivateKeyinterface.Describe alternatives you've considered You can currently work around this by implementing a custom
AbstractKeyManagementSystem, but this either requires a non-compliantAbstractPrivateKeyStoreclass (to receive the metadata), or separately associating the metadata after creating the key (which is also not ideal).Additional context It's worth considering how the existing
algorithmsproperty ofKeyMetadatashould be handled. Generating it dynamically (currently viaasManagedKeyInfo) is probably preferable to storing alongside the key.