search

hyperledger-labs / business-partner-agent

The Business Partner Agent is a SSI wallet and controller based on aries cloud agent python.
https://labs.hyperledger.org/business-partner-agent/
Apache License 2.0
56 stars 49 forks source link

Request Proof with specified attribute values #12

Closed domwoe closed 3 years ago

domwoe commented 4 years ago

A partner might have shared with us more than one credential of a specific type (e.g. more than one bank account). If we just request a proof with a given credDefId there is ambiguity which bank account is meant. For this reason we need to be able to request a proof with specified attribute values.

According to the "requested_attributes" model, this seems to be supported by ACA-PY: image

domwoe commented 4 years ago

Notify @etschelp

etschelp commented 3 years ago

Answer from the Hyperledger Chat on how to handle these attributes:

Specify restrictions as a JSON object with each key satisfying regular expression ^schema_id|schema_issuer_did|schema_name|schema_version|issuer_did|cred_def_id|attr::.+::value$

and each value a string. The .+ in between the pairs of double-colons is the attribute name in a name-value pair to match as a restriction. See https://github.com/hyperledger/indy-sdk/blob/d8c68d7894be07ef50f5d1c4aa6326a201da030f/wrappers/python/indy/anoncreds.py#L1180 and https://github.com/hyperledger/indy-sdk/blob/d8c68d7894be07ef50f5d1c4aa6326a201da030f/wrappers/python/indy/anoncreds.py#L843

etschelp commented 3 years ago

Working example JSON:

{
  "proof_request": {
    "requested_attributes": {
      "iban": {
        "name": "iban",
        "restrictions": [
          {
             "attr::iban::value": "1"
          }
        ]
      }
    },
    "requested_predicates": {}
  }
}
etschelp commented 3 years ago

I added this feature to the aca-py client lib. How should the rest request look like?

Generic?

{
    "credentialDefinitionId": "...",
    "attrs": {
        "attr1": "value1",
        "attr2": "value2"
    }
}

Here the backend does not care.

Or specific?

{
    "credentialDefinitionId": "...",
    "bankAccount": {
        "iban": "value1",
        "bic": "value2"
    }
}
Echsecutor commented 3 years ago

I would like to vote for implementing this feature request!

We are currently using the BPA in a prototyping project and we are having exactly this problem: The holder has a couple of VCs with the same cred_def, but we want to request the presentation of the one with a specific value for a specific attribute.

Can I somehow help with the implementation?

etschelp commented 3 years ago

Good point. So this ticket has been replaced by https://github.com/hyperledger-labs/business-partner-agent/issues/411 which we just started working on. The plan is to first implement proof templates in a separate UI, and once that is done you can select from a template in the proof request flow.