Issues with 'did:key' compatibilty

klemenzagar91 commented 1 year ago

I successfully run the mediator and connect it to iOS agent.

Then I connect iOS agent with ACA-py Faber agent. Once the agents are connected and I send some DIDComm message from Faber to iOS, I run into an error that is caused because routingKeys is using did:key prefix that Faber doesn't know how to parse.

Here is the error:

Faber      | 2023-05-25 13:42:01,147 aries_cloudagent.core.dispatcher ERROR Handler error: PackWireFormat.pack
Faber      | Traceback (most recent call last):
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/tasks.py", line 182, in _step
Faber      |     result = coro.throw(exc)
Faber      |   File "/home/indy/aries_cloudagent/transport/pack_format.py", line 208, in pack
Faber      |     message = await wallet.pack_message(fwd_msg.to_json(), recip_keys)
Faber      |   File "/home/indy/aries_cloudagent/wallet/askar.py", line 684, in pack_message
Faber      |     None, pack_message, to_verkeys, from_key, message
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 327, in __iter__
Faber      |     yield self  # This tells Task to wait for completion.
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/tasks.py", line 250, in _wakeup
Faber      |     future.result()
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 243, in result
Faber      |     raise self._exception
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/concurrent/futures/thread.py", line 56, in run
Faber      |     result = self.fn(*self.args, **self.kwargs)
Faber      |   File "/home/indy/aries_cloudagent/askar/didcomm/v1.py", line 36, in pack_message
Faber      |     KeyAlg.ED25519, b58_to_bytes(target_vk)
Faber      |   File "/home/indy/aries_cloudagent/wallet/util.py", line 72, in b58_to_bytes
Faber      |     return base58.b58decode(val)
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/base58/__init__.py", line 124, in b58decode
Faber      |     acc = b58decode_int(v, alphabet=alphabet, autofix=autofix)
Faber      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/base58/__init__.py", line 106, in b58decode_int
Faber      |     ) from None
Faber      | ValueError: Invalid character <:>

My question: Is there a way to set this mediator to user 'raw keys' for routingKeys parameter?

Or on the other hand - how should I upgrade Faber agent to support did:key prefix?

swcurran commented 1 year ago

Unfortunately, I’m not sure of the state of did:key usage. What mediator are you using? Definitely using did:key in a DIDComm message for routing should be possible. We’ll look at where this is in the backlog and see if we can push it up.

codespree commented 1 year ago

I am also facing some issues using the code here as a mediator. The issue may be related to did:key used in routing_keys. I have compared the requests and responses with those from the Indicio public mediator.

The attached PDF contains a log of the messages exchanged (on mobile agent - aries-framework-kotlin): Protocol Debug.pdf

Also, on the ACA-Py side. When using this mediator:

2023-10-03 13:11:31,422 aries_cloudagent.resolver.default.legacy_peer DEBUG Fetched doc DIDDoc(2mgEZkg4zPo3DqLvv9Lonu)
2023-10-03 13:11:31,422 aries_cloudagent.resolver.did_resolver DEBUG Valid resolvers for DID did:sov:2mgEZkg4zPo3DqLvv9Lonu: [<aries_cloudagent.resolver.default.legacy_peer.LegacyPeerDIDResolver object at 0x106bc3e50>, <aries_cloudagent.resolver.default.indy.IndyDIDResolver object at 0x106ee0cd0>]
2023-10-03 13:11:31,422 aries_cloudagent.resolver.did_resolver DEBUG Resolving DID did:sov:2mgEZkg4zPo3DqLvv9Lonu with <aries_cloudagent.resolver.default.legacy_peer.LegacyPeerDIDResolver object at 0x106bc3e50>
2023-10-03 13:11:31,427 aries_cloudagent.connections.base_manager DEBUG Resolved DID document: context=['https://w3id.org/did/v1'] id='did:sov:2mgEZkg4zPo3DqLvv9Lonu' also_known_as=None controller=None verification_method=[Ed25519VerificationKey2018(id='did:sov:2mgEZkg4zPo3DqLvv9Lonu#1', type='Ed25519VerificationKey2018', controller='did:sov:2mgEZkg4zPo3DqLvv9Lonu', public_key_hex=None, public_key_base58='xxogc3yxaoHmGHvHHxtNa3nRqa8L78Fkgfz4DpH14k2', public_key_pem=None, public_key_multibase=None, blockchain_account_id=None, ethereum_address=None, public_key_jwk=None)] authentication=['did:sov:2mgEZkg4zPo3DqLvv9Lonu#1'] assertion_method=None key_agreement=None capability_invocation=None capability_delegation=None service=[UnknownService(id='did:sov:2mgEZkg4zPo3DqLvv9Lonu#didcomm-0', type='did-communication', service_endpoint=AnyUrl('https://devmediator.sensecrypt.com', scheme='https', host='devmediator.sensecrypt.com', tld='com', host_type='domain'), recipientKeys=['did:sov:2mgEZkg4zPo3DqLvv9Lonu#1'], routingKeys=['did:key:z6Mko2LnynhGbkPQdZ3PQBUgCmrzdH9aJe7HTs4LKontx8Ge'])]
2023-10-03 13:11:31,428 aries_cloudagent.connections.base_manager DEBUG Resolved DIDComm services: []
2023-10-03 13:11:31,428 aries_cloudagent.connections.base_manager DEBUG Caching connection targets
2023-10-03 13:11:31,428 aries_cloudagent.core.conductor WARNING Cannot queue message for delivery, no supported transport
2023-10-03 13:11:31,428 aries_cloudagent.core.event_bus DEBUG Notifying subscribers: <Event topic=acapy::outbound-message::waiting_for_pickup, payload=<OutboundMessage(connection_id='43c09b8e-0669-4498-a62e-c783e886f8de', enc_payload=None, _endpoint=None, payload='{"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/basicmessage/1.0/message", "@id": "40213030-e799-443f-bb01-154d082f3dac", "sent_time": "2023-10-03T05:11:31.406773Z", "content": "Hello"}', reply_session_id=None, reply_thread_id='40213030-e799-443f-bb01-154d082f3dac', reply_to_verkey=None, reply_from_verkey=None, target=None, target_list=[], to_session_only=False)>>
2023-10-03 13:11:31,429 aiohttp.access INFO 127.0.0.1 [03/Oct/2023:05:11:31 +0000] "POST /connections/43c09b8e-0669-4498-a62e-c783e886f8de/send-message HTTP/1.1" 200 309 "http://localhost:8031/api/doc" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15

When using the Indicio public mediator:

2023-10-03 13:28:02,307 aries_cloudagent.resolver.default.legacy_peer DEBUG Fetched doc DIDDoc(YBD11RGcWWqDkaxvhbVKXd)
2023-10-03 13:28:02,308 aries_cloudagent.resolver.did_resolver DEBUG Valid resolvers for DID did:sov:YBD11RGcWWqDkaxvhbVKXd: [<aries_cloudagent.resolver.default.legacy_peer.LegacyPeerDIDResolver object at 0x106bc3e50>, <aries_cloudagent.resolver.default.indy.IndyDIDResolver object at 0x106ee0cd0>]
2023-10-03 13:28:02,308 aries_cloudagent.resolver.did_resolver DEBUG Resolving DID did:sov:YBD11RGcWWqDkaxvhbVKXd with <aries_cloudagent.resolver.default.legacy_peer.LegacyPeerDIDResolver object at 0x106bc3e50>
2023-10-03 13:28:02,309 aries_cloudagent.connections.base_manager DEBUG Resolved DID document: context=['https://w3id.org/did/v1'] id='did:sov:YBD11RGcWWqDkaxvhbVKXd' also_known_as=None controller=None verification_method=[Ed25519VerificationKey2018(id='did:sov:YBD11RGcWWqDkaxvhbVKXd#1', type='Ed25519VerificationKey2018', controller='did:sov:YBD11RGcWWqDkaxvhbVKXd', public_key_hex=None, public_key_base58='HzXz7g6pfdjibnDqKJNLprq7EKw9rkgF517nG3QsSaNH', public_key_pem=None, public_key_multibase=None, blockchain_account_id=None, ethereum_address=None, public_key_jwk=None)] authentication=['did:sov:YBD11RGcWWqDkaxvhbVKXd#1'] assertion_method=None key_agreement=None capability_invocation=None capability_delegation=None service=[DIDCommV1Service(id='did:sov:YBD11RGcWWqDkaxvhbVKXd#didcomm-0', type='did-communication', service_endpoint=AnyUrl('https://public.mediator.indiciotech.io', scheme='https', host='public.mediator.indiciotech.io', tld='io', host_type='domain'), recipient_keys=['did:sov:YBD11RGcWWqDkaxvhbVKXd#1'], routing_keys=['did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA#z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA'], accept=None, priority=0)]
2023-10-03 13:28:02,310 aries_cloudagent.connections.base_manager DEBUG Resolved DIDComm services: [DIDCommV1Service(id='did:sov:YBD11RGcWWqDkaxvhbVKXd#didcomm-0', type='did-communication', service_endpoint=AnyUrl('https://public.mediator.indiciotech.io', scheme='https', host='public.mediator.indiciotech.io', tld='io', host_type='domain'), recipient_keys=['did:sov:YBD11RGcWWqDkaxvhbVKXd#1'], routing_keys=['did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA#z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA'], accept=None, priority=0)]
2023-10-03 13:28:02,310 aries_cloudagent.resolver.default.legacy_peer DEBUG Checking if resolver supports DID did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA
2023-10-03 13:28:02,310 aries_cloudagent.resolver.did_resolver DEBUG Valid resolvers for DID did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA: [<aries_cloudagent.resolver.default.key.KeyDIDResolver object at 0x106ee0b80>]
2023-10-03 13:28:02,310 aries_cloudagent.resolver.did_resolver DEBUG Resolving DID did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA with <aries_cloudagent.resolver.default.key.KeyDIDResolver object at 0x106ee0b80>
2023-10-03 13:28:02,312 aries_cloudagent.connections.base_manager DEBUG Caching connection targets
2023-10-03 13:28:02,313 aries_cloudagent.core.event_bus DEBUG Notifying subscribers: <Event topic=acapy::outbound-message::queued_for_delivery, payload=<OutboundMessage(connection_id='d8faea0e-c5bd-420b-8a7c-e1b6459ebc26', enc_payload=None, _endpoint=None, payload='{"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/basicmessage/1.0/message", "@id": "1dea24bb-ba85-4b73-b85e-8628291fc550", "sent_time": "2023-10-03T05:28:02.288367Z", "content": "Hello"}', reply_session_id=None, reply_thread_id='1dea24bb-ba85-4b73-b85e-8628291fc550', reply_to_verkey=None, reply_from_verkey=None, target=None, target_list=[<ConnectionTarget(did='did:sov:YBD11RGcWWqDkaxvhbVKXd', endpoint='https://public.mediator.indiciotech.io', label='SenseCrypt Wallet', recipient_keys=['HzXz7g6pfdjibnDqKJNLprq7EKw9rkgF517nG3QsSaNH'], routing_keys=['DGYY31KpABLT4ydNHw11rRneEL8a41X4s6xqre2cAEbn'], sender_key='CrTK4aTeBCkgTK69Mk8wgkfsY3uTTZDcF2HJTB7VacKV')>], to_session_only=False)>>
2023-10-03 13:28:02,314 aiohttp.access INFO 127.0.0.1 [03/Oct/2023:05:28:02 +0000] "POST /connections/d8faea0e-c5bd-420b-8a7c-e1b6459ebc26/send-message HTTP/1.1" 200 309 "http://localhost:8031/api/doc" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15"
2023-10-03 13:28:02,314 aries_askar.native.aries_askar.ffi.store INFO   src/ffi/store.rs:528 | Started session SessionHandle(58) on store StoreHandle(1) (txn: false)
2023-10-03 13:28:02,315 aries_askar.native.aries_askar.backend.db_utils INFO    src/backend/db_utils.rs:103 | Acquire pool connection
...
2023-10-03 13:28:02,320 aries_cloudagent.transport.outbound.http DEBUG Posting to https://public.mediator.indiciotech.io; Data: b'{"protected": "eyJlbmMiOiAieGNoYWNoYTIwcG9seTEzMDVfaWV0ZiIsICJ0eXAiOiAiSldNLzEuMCIsICJhbGciOiAiQW5vbmNyeXB0IiwgInJlY2lwaWVudHMiOiBbeyJlbmNyeXB0ZWRfa2V5IjogImZtSmgwd0RzODVVVTdCb0Fjd0dkY1NmNkdmNEFGVzlVZTFRMjMwS3FoMWpUTTQ4TXk2Mld6QWp3dU9hMFJaNjJES1EzS2ozUDBQcXlYVnhJUVBzUy1ydjhFOUs0SzViemloemQ1RFM4WlNvIiwgImhlYWRlciI6IHsia2lkIjogIkRHWVkzMUtwQUJMVDR5ZE5IdzExclJuZUVMOGE0MVg0czZ4cXJlMmNBRWJuIn19XX0", "iv": "05JXC2doH97p0YjT", "ciphertext": "tev6cGT4nxu2zBjTzz6JgnTwWS6bPiVRdVEIkTGZxLDUKfm4BcwSBZ0eGxjPAbmjCsdCO4xFRFjxBp6S_A9-16deBPvreCyG2kL9Ix7iLrC4gIEGUXt2qe5DAFWrYagdNjUuGX5FvISb_CPfUgxDaPeV_59dqkfbpnXSAtvecaJ44CpObQN97r-UBMIrWd6G9sAH9-7As_0vCn_J2bHatpZahtwu8NQ55bY_m4exZL5AMYrtXRzBzZv-c6GKx6fKCbjJYROIf3ZQIgHW6OqEeac5JofUKfqVSbixhzr_xrJgi-CdN4CcC-AaBRqRQo2HqW13xNT0hVwkJFrROyDvMhWOjqxV0uX3F05P72vOVPlKxMK1ERK46q9b-FZZWnpb0lQ0ZIyQ45OnfIww0cdXnymZHrC8euK8iF3BKRQWudKCgXWxHk13YfBzH2wGEHSBNNQudqRV2WQmvLIEbyFbdHyuTfvwnNHRVim7ULwKpRNWeOkGqXhixrwruye7Fvi0a_UUnXOpqDOv5n6VCzKYf3JvUQHpWGV37xeAoDDg8P8gEAVkz3vgLfU-39PkitPSJe306HUwVsZJzbFGJp-XGV0taIwWoVGEEs5hxh6AoZSAW8JunlgFe87wk13RnEna_3YK3BhLfYtzikfTHLhfsZu68yh4MTBFJ_2Qg9m62CAZezD4AQwsh_8lBmNvaWmRh1_feKn8560yxLHjtZe5YSG6b3PifOCBJd6MQi8SDWP3_hHG7bqbzOloWXZ9ddHA9Nnn3BqB462NM-YqWYN6MSBTuo72mwddCSUXBFXJYedMrfBIxk9ZK6aNYhJEZXlfljqt5UmCQ425g4UdWs11plxGDw_rBk7ssnv3VTa8fMJnbRH3teK2obVVNdEa-m5YbAc0cDsqQ--W53hHfQCxd7v-BQrRWgegsEGE8uOggHceQXxKu6i6ST_XDa81LQzp7dNaqXnALNuYY3gNqLNqp6j1GCIrUpTNwkKU5vihxCcxz_uPqAINeKkBUtnTG6ERwfyoeVQ1pZad_oUu87ag_3qbYx0xqf8HeT0bpH0q99fF53qJn3_L8EihauD0CLbyQLWxhIwEw9vCqDTVuJleP925GI7SaeZT63OD3U6mqZgQXJQymTwS1YC5WDj6AVDH-BssBl0aDGUMTA7LTwL9VfNNvZFWaHy_65umEHnj_CRAjyG9i8JEtZJTotH3ws2Gv_QBb4g6EQxDpktrnOx43sl-emh4vR3487e5E_CugAQwc3fmNzn8QueZZzuAupVhaJkB0E_Wl5F3lNrih32EWJUhxyP6Z8IquqjzqdVrc9KTysbHddNO39oE3TulMElAfiLyUkclatzcJq_KgtTbeppcAIXNiEyzrOozmuaLPpCZsfFivDAoE06HqQXatXkb7fIwwUtCW9djUw6IFgJ8av8X1sQw-A", "tag": "e-qzWoW37J3OXcnMm3l7Ug"}'; Headers: {'Content-Type': 'application/ssi-agent-wire'}

As a further observation, when using the Indicio public mediator, the DID Doc is:

{'@context': 'https://w3id.org/did/v1', 'id': 'did:sov:KB2RsV9fX8bejz8XDLJ5oN', 'authentication': ['did:sov:KB2RsV9fX8bejz8XDLJ5oN#1'], 'service': [{'id': 'did:sov:KB2RsV9fX8bejz8XDLJ5oN#didcomm-0', 'type': 'did-communication', 'recipientKeys': ['did:sov:KB2RsV9fX8bejz8XDLJ5oN#1'], 'routingKeys': ['did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA#z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA'], 'serviceEndpoint': 'https://public.mediator.indiciotech.io'}], 'verificationMethod': [{'id': 'did:sov:KB2RsV9fX8bejz8XDLJ5oN#1', 'type': 'Ed25519VerificationKey2018', 'controller': 'did:sov:KB2RsV9fX8bejz8XDLJ5oN', 'publicKeyBase58': 'AuUoCiZTnPfU2t1Rb73HiR8xYnHh9fLYQHFs7ebLUhqq'}]}

Importing pydid and deserialising the above results in:

pydid.deserialize_document(a, strict=True)

DIDDocument(context=['https://w3id.org/did/v1'], id='did:sov:KB2RsV9fX8bejz8XDLJ5oN', also_known_as=None, controller=None, verification_method=[Ed25519VerificationKey2018(id='did:sov:KB2RsV9fX8bejz8XDLJ5oN#1', type='Ed25519VerificationKey2018', controller='did:sov:KB2RsV9fX8bejz8XDLJ5oN', public_key_hex=None, public_key_base58='AuUoCiZTnPfU2t1Rb73HiR8xYnHh9fLYQHFs7ebLUhqq', public_key_pem=None, public_key_multibase=None, blockchain_account_id=None, ethereum_address=None, public_key_jwk=None)], authentication=['did:sov:KB2RsV9fX8bejz8XDLJ5oN#1'], assertion_method=None, key_agreement=None, capability_invocation=None, capability_delegation=None, service=[DIDCommV1Service(id='did:sov:KB2RsV9fX8bejz8XDLJ5oN#didcomm-0', type='did-communication', service_endpoint=AnyUrl('https://public.mediator.indiciotech.io', scheme='https', host='public.mediator.indiciotech.io', tld='io', host_type='domain'), recipient_keys=['did:sov:KB2RsV9fX8bejz8XDLJ5oN#1'], routing_keys=['did:key:z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA#z6MkrioadFaFVipvBUU4yVxrhXLe3uQRTtmRZ7smguzd5TPA'], accept=None, priority=0)])

Note that the service is DIDCommV1Service.

With this mediator, it results in unknown service. Here is the doc:

{'@context': 'https://w3id.org/did/v1', 'id': 'did:sov:NcScdy74tuUNRk7JG1YNuM', 'authentication': ['did:sov:NcScdy74tuUNRk7JG1YNuM#1'], 'service': [{'id': 'did:sov:NcScdy74tuUNRk7JG1YNuM#didcomm-0', 'type': 'did-communication', 'recipientKeys': ['did:sov:NcScdy74tuUNRk7JG1YNuM#1'], 'routingKeys': ['did:key:z6Mko2LnynhGbkPQdZ3PQBUgCmrzdH9aJe7HTs4LKontx8Ge'], 'serviceEndpoint': 'https://devmediator.sensecrypt.com'}], 'verificationMethod': [{'id': 'did:sov:NcScdy74tuUNRk7JG1YNuM#1', 'type': 'Ed25519VerificationKey2018', 'controller': 'did:sov:NcScdy74tuUNRk7JG1YNuM', 'publicKeyBase58': 'CnAm8d4ebAXiDNZcbERX7ytMAVt5JhBEbu8Z1E5pGwBW'}]}

And here is the result from pydid, note that service is UnknownService:

>>> pydid.deserialize_document(b, strict=True)
DIDDocument(context=['https://w3id.org/did/v1'], id='did:sov:NcScdy74tuUNRk7JG1YNuM', also_known_as=None, controller=None, verification_method=[Ed25519VerificationKey2018(id='did:sov:NcScdy74tuUNRk7JG1YNuM#1', type='Ed25519VerificationKey2018', controller='did:sov:NcScdy74tuUNRk7JG1YNuM', public_key_hex=None, public_key_base58='CnAm8d4ebAXiDNZcbERX7ytMAVt5JhBEbu8Z1E5pGwBW', public_key_pem=None, public_key_multibase=None, blockchain_account_id=None, ethereum_address=None, public_key_jwk=None)], authentication=['did:sov:NcScdy74tuUNRk7JG1YNuM#1'], assertion_method=None, key_agreement=None, capability_invocation=None, capability_delegation=None, service=[UnknownService(id='did:sov:NcScdy74tuUNRk7JG1YNuM#didcomm-0', type='did-communication', service_endpoint=AnyUrl('https://devmediator.sensecrypt.com', scheme='https', host='devmediator.sensecrypt.com', tld='com', host_type='domain'), recipientKeys=['did:sov:NcScdy74tuUNRk7JG1YNuM#1'], routingKeys=['did:key:z6Mko2LnynhGbkPQdZ3PQBUgCmrzdH9aJe7HTs4LKontx8Ge'])])

Both the mediator and the cloud agent are running aca-py 0.10.3 @swcurran / @dbluhm could you advise?

dbluhm commented 1 year ago

I'm looking into this. This has some ties to work I've already started in https://github.com/hyperledger/aries-cloudagent-python/pull/2516

openwallet-foundation / didcomm-mediator-service

Issues with 'did:key' compatibilty #79