-
Notifications
You must be signed in to change notification settings - Fork 204
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DIDCommMessaging Service Endpoint is in the wrong format #1789
Comments
The structure was changed in the DIDComm spec, but never in Credo. A pr is welcome! |
This issue is noticeable only when rendering a did:peer:2's DID Document, right? (e.g. when we call If it's just a matter of did:peer:2 parsing I guess it will not be that hard to fix. In our model we currently have a |
The way did:peer:2 works is, each service block is packaged up and sent to the other party. So if an invalid service block is created for a did, then the other party will receive the same exact service block and may not be able to parse the service correctly. I have asked another person who is more knowledgeable as to what's happening to weigh in on the matter. I'm just the one of the team did experts. |
Initially I thought the resulting service encoding within the did:peer:2 would be the same, but you are right: the resulting encoded service will not be compatible with other agents that have updated their code to the latest spec which, as this issue mentions, introduced breaking changes. So I think it would be nice to address this before releasing 0.5.0. I have to check but IIRC this wouldn't affect interop with AFJ <= 0.4.2 (as we were using did:peer:1 and sharing DID Document with DIDComm V1 services). |
From what discussion me and @frostyfrog have had on this matter it seems it would be a good thing for any agent to ignore any service blocks that they do not recognize the format of, with that though it is on the other party to potentially include more service formats in the did (or didDoc in the case of did:peer:1). Another option that would be cleaner but require more processing in the didExchange handlers would be to check the context array on the didExchange request message and send the services formatted for the older spec if the version is 1 or the updated service format if the version is 2, the draw back here would be that you would potentially have to have two dids associated with the agent that is responding. The later option would help maintain compatibility with older versions of Credo. I will also note that currently even with did:peer:1 the service type to format is not inline with the updates, I have seen didDocs come with did:peer:1 that use the |
The issue with interop that we are facing is that any agent that develops against the updated spec that states the shape of |
@KolbyRKunz could you elaborate a bit more in regards to compatibility issues with did:peer:1? In DID Exchange, when using did:peer:1 we are sharing DID Documents that contain DIDComm services with type The only conflicting case I can think of is DID Exchanges using did:peer:2, since any So a quick fix for this (yet compliant with specs) would be Credo to not abbreviate A better approach of course would be to use the new |
@genaris You are correct with the did:peer:1. I thought when doing testing that I saw the did:peer:1 document had the same issue but I was wrong. Sorry for the confusion. What you are suggesting sounds like a reasonable fix to me. Thank you. |
Well good to know that it didn't happen there! I was inspecting a bit the code and running the DID Exchange numalgo tests and when exchanging using did:peer:2 I see these DIDs exchanged between our friends Alice the Faber:
Inspecting their services token and base64-decoding them I see:
So it looks like Credo is properly encoding the DIDComm V1 service, which makes me think that the 'quick fix' I previously mentioned is not needed. But we will still need to fix the reception of did:peer:2, since if we receive a |
Right. I got this error when I sent a did:peer:2 to a Credo agent:
You are partly right. Other peer-did libraries would ignore other fields than t and s. And the agents using those libraries will not be able to get routingKeys. |
And why is that? As of today, the spec still mentions "r" as one of the possible abbreviated terms: https://identity.foundation/peer-did-method-spec/#common-string-abbreviations |
"r" is parsed when it is inside "s". Check out the below example in the spec: {
"t": "dm",
"s": {
"uri": "http://example.com/didcomm",
"a": [
"didcomm/v2"
],
"r": [
"did:example:123456789abcdefghi#key-1"
]
}
} |
Well, I think that's just an example. In the same section, the spec states that to encode a service we should "recursively replace common strings in key names and type value with abbreviations from the abbreviations table". I don't see any indication saying that some of those values are only valid within a certain map structure. I tried to find what changed in decentralized-identity/peer-did-method-spec#62 in regards to this, and I see in the comments from @dbluhm that he "added clarification that common string abbreviation should recursively descend through the service object.", which is somewhat consistent with my reasoning. IMHO, if some libraries are ignoring those abbreviated keys because they are basing their implementation only on the examples shown in the specs, they are not properly doing it. Can you mention the libraries you are referring to? Are they supporting the old |
I think abbreviation is not the issue. The problem is the structure of the "service" object. According to the spec, a service object has only three fields, id, type and serviceEndpoint. Other fields in the service object will be ignored or throw an error depending on the implementation. I'm currently testing with https://github.com/beatt83/peerdid-swift, |
My understanding from did-core spec is that the service object must have those three fields but may define other extra fields:
Anyway, I think this is something we cannot modify at this point, since those old service types do rely on those fields. Surely we'll all agree as soon as we properly support this new DIDCommMessaging endpoint (hopefully soon!!). |
It was recently brought to my attention that the DIDComm services being generated from AFJ are either using the wrong service type (DIDCommMessaging vs did-communication) or that the service block isn't structured according to the spec of it's type. Upon closer inspection, I believe the situation to be the latter case.
It's been observed that when generating DIDs for did:peer:2 with a service endpoint type of DIDCommMessaging, the
serviceEndpoint
follows the format of thedid-communication
endpoint type instead of theDIDCommMessaging
endpoint type.Current service block format:
Expected service block format:
The text was updated successfully, but these errors were encountered: