openwallet-foundation / acapy

ACA-Py is a foundation for building decentralized identity applications and services running in non-mobile environments.
https://aca-py.org
Apache License 2.0
421 stars 514 forks source link

Add option to prevent writes to the ledger #362

Closed swcurran closed 4 years ago

swcurran commented 4 years ago

Add a start up option that would disable the ability of the agent to write to the ledger.

This can be used in an operational agent that should not be writing to the ledger.

Please suggest a behaviour for handling a request to write to the ledger when the option is used.

swcurran commented 4 years ago

@andrewwhitehead and @ianco please discuss if this makes sense and how to apply it.

@WadeBarnes has details on the urgency.

ianco commented 4 years ago

Adding a "--ledger-read-only" parameter to prevent any ledger writes.

Two comments on this one:

  1. I don't think preventing ledger writes will solve the problem, because there will still be one agent with an incorrect endpoint

  2. Aca-py will throw an exception if a ledger write is attempted when in "read only" mode, so the calling controller will still have to handle the scenario of connecting to a read-only ledger

swcurran commented 4 years ago

The point is not to solve this problem - it has to be solved a different way. The point is to not do unexpected ledger writes. The provisioning app should do all of the writes to make things ready, the operational app can operate with everything in place.

When things aren't in place, we have to solve how to make them right.

On Thu, Feb 6, 2020 at 11:02 AM Ian Costanzo notifications@github.com wrote:

Adding a "--ledger-read-only" parameter to prevent any ledger writes.

Two comments on this one:

1.

I don't think preventing ledger writes will solve the problem, because there will still be one agent with an incorrect endpoint 2.

Aca-py will throw an exception if a ledger write is attempted when in "read only" mode, so the calling controller will still have to handle the scenario of connecting to a read-only ledger

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/hyperledger/aries-cloudagent-python/issues/362?email_source=notifications&email_token=AAHYRQVTLSJ3675TZORE3PTRBRNDHA5CNFSM4KQUAVT2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELAMNUA#issuecomment-583059152, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHYRQU5WTDL5WB7LDR4WA3RBRNDHANCNFSM4KQUAVTQ .

--

Stephen Curran Principal, Cloud Compass Computing, Inc. (C3I) Technical Governance Board Member - Sovrin Foundation (sovrin.org)

*Schedule a Meeting: *https://calendly.com/swcurran https://calendly.com/swcurran

ianco commented 4 years ago

Aca-py updates are done, to separate the provisioning steps into "aca-py provision" and to make "aca-py start" by default "read-only" (with respect to the ledger) https://github.com/hyperledger/aries-cloudagent-python/pull/364

Corresponding updates to the docker-compose files for indy-catalyst and BC Reg agent are in PR's in their respective repo's

Note that I added a "--dev-provision" flag (i.e. aca-py start --dev-provision) to override the ledger read-only so that we can write schemas and cred defs in "start" mode. This is for development. It can probably be re-factored so that this is done in "provision" mode but will require changes to the controllers as well. I suggest we put this in a separate ticket if we want to do it ...

swcurran commented 4 years ago

This was completed using the "--read-only-ledger" flag added to the startup parameters.