How do you issue credential with custom Context?

[astanciu]

I am trying to issue credentials using a custom context and I can't figure out how to get this to work. It seems veramo is using @digitalcredentials/vc under the hood and that specifies that if you want a custom context, you need to set a documentLoader:

https://github.com/digitalcredentials/vc#custom-documentLoader

As for the custom context, I'm actually just taking the existing example one used everywhere from: https://www.w3.org/2018/credentials/examples/v1 and serving it from my own server, with the correct application/ld-json content type. And that fails with

jsonld.InvalidUrl: Dereferencing a URL did not result in a valid JSON-LD object. Possible causes are an inaccessible URL perhaps due to a same-origin policy (ensure the server uses CORS if you are using client-side JavaScript), too many redirects, a non-JSON response, or more than one HTTP Link Header was provided for a remote context.
    at ContextResolver._fetchContext (/project/test/node_modules/jsonld/lib/ContextResolver.js:173:13)
    at async ContextResolver._resolveRemoteContext (/project/test/node_modules/jsonld/lib/ContextResolver.js:117:34)
    at async ContextResolver.resolve (/project/test/node_modules/jsonld/lib/ContextResolver.js:50:22)
    at async api.process (/project/test/node_modules/jsonld/lib/context.js:65:20)
    at async api.expand (/project/test/node_modules/jsonld/lib/expand.js:211:17)
    at async Function.jsonld.expand (/project/test/node_modules/jsonld/lib/jsonld.js:325:18)
    at async Function.jsonld.toRDF (/project/test/node_modules/jsonld/lib/jsonld.js:671:16)
    at async Function.jsonld.normalize.jsonld.canonize (/project/test/node_modules/jsonld/lib/jsonld.js:580:19) {
  details: {
    code: 'loading remote context failed',
    url: 'http://localhost:3000/api/view/339709073577476172',
    cause: Error: Document loader unable to load URL "http://localhost:3000/api/view/339709073577476172".
        at documentLoader (/project/test/node_modules/@digitalcredentials/vc/lib/documentLoader.js:18:9)
        at Object.<anonymous> (/project/test/node_modules/@digitalcredentials/jsonld-signatures/lib/documentLoader.js:48:12)
        at LdCredentialModule.<anonymous> (/project/test/node_modules/@veramo/credential-ld/src/ld-credential-module.ts:91:17)
        at Generator.next (<anonymous>)
        at /project/test/node_modules/@veramo/credential-ld/build/ld-credential-module.js:31:71
        at new Promise (<anonymous>)
        at __awaiter (/project/test/node_modules/@veramo/credential-ld/build/ld-credential-module.js:27:12)
        at /project/test/node_modules/@veramo/credential-ld/src/ld-credential-module.ts:37:54
        at /project/test/node_modules/@digitalcredentials/jsonld-signatures/lib/documentLoader.js:48:12
        at /project/test/node_modules/@digitalcredentials/jsonld-signatures/lib/documentLoader.js:48:12

Am I doing something wrong? How are others using custom contexts?

[astanciu]

Digging into this a little deeper, I found the root cause, but I still don't understand the reasoning. I've traced the code execution to this spot: https://github.com/uport-project/veramo/blob/next/packages/credential-ld/src/ld-credential-module.ts#L68

The credential I'm trying to issue does have proofType: 'lds', so it ends up here. At this spot, attemptToFetchContexts is false and cannot be anything else because when this function is called, it doesn't pass an argument for this variable: https://github.com/uport-project/veramo/blob/next/packages/credential-ld/src/ld-credential-module.ts#L103

So the questions I have is why is it this way? Even this comment suggests this shouldn't be happening: // attempt to fetch the remote context!!!! MEGA FAIL for JSON-LD.

Why is this a mega fail, and what are you supposed to do otherwise?

[mirceanis]

That comment is my bias against the JSON-LD side of verifiable credentials :).

The fact that these context files need to be downloaded is a privacy issue because the host can see when credentials are being verified.

The counter argument to this is that these files should be pre-loaded in the verifier application. This is possible with veramo during setup. Even preloading or caching doesn't sound like a good enough fix because if the host of the context file changes it, this will lead to the same credentials being verifiable by some verifiers(that preloaded a good version) and not by others.

Combine all that with the fact that not all context URIs lead to actual context files and it paints a picture of a house of cards built on a table of jelly.

Rant aside, the JSON-LD stack is fairly new in Veramo so I really appreciate this kind of feedback. The fact that the fetchRemoteContexts param is false is not a design feature, but more likely a mistake, so thank you for flagging it.

[mirceanis]

To pre-load your context, add it to the context maps at config time, like this: https://github.com/uport-project/veramo/blob/3a7eb0cccb1ed51dde19ae31602971ac930f24ae/tests/localAgent.test.ts#L225

These are maps from context-URL to context document or to a Promise resolving to a context document

[astanciu]

Thank you for the explanation. Preloading context maps might solve the issue temporarily but don't think it's feasible long term. There are many cases where the agent is setup once ahead of time and context/vcs are defined and issued after the fact. Would be great to be able to turn set the fetchRemoteContexts flag as an option.