aries-cloudagent-python icon indicating copy to clipboard operation
aries-cloudagent-python copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Error when receiving a JSON-LD VC with multiple proofs

Open pstuermlinger opened this issue 2 years ago • 1 comments

According to ProofSet.add() (see here) ACA-Py allows to create VCs with multiple proofs.

Current Behavior I setup two ACA-Py agents (0.7.4), enable a connection between them and then issue the following VC from Alice to Bob:

POST /issue-credential-2.0/send

{
  "connection_id":"abc...",
  "filter":{
    "ld_proof":{
      "credential":{
        "@context":[
          "https://www.w3.org/2018/credentials/v1",
          "https://essif-lab.pages.grnet.gr/interoperability/eidas-generic-use-case/contexts/cades-signature.jsonld",
          "https://w3id.org/citizenship/v1",
          "https://w3id.org/security/bbs/v1"
        ],
        "credentialSubject":{
          "familyName":"Doe",
          "gender":"Male",
          "givenName":"John",
          "type":[
            "PermanentResident",
            "Person"
          ]
        },
        "proof":{
          "type":"CAdESRSASignature2020",
          "proofPurpose":"assertionMethod",
          "created":"2019-08-23T20:21:34Z",
          "verificationMethod":"did:factom:5d0dd58757119dd437c70d92b44fbf86627ee275f0f2146c3d99e441da342d9f#MIIEEzCCAvugAwIBAgIUJ0hTJswF5BBreQgbEQL8FTLXwHAwDQYJKoZIhvcNAQELBQAwgZgxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHDAlBbXN0ZXJkYW0xFDASBgNVBAoMC1Rlc3RDb21wYW55MQswCQYDVQQLDAJJVDEVMBMGA1UEAwwMU2NvdHQgTWFsbGV5MSMwIQYJKoZIhvcNAQkBFhRzbWFsbGV5QHNwaGVyZW9uLmNvbTAeFw0yMDEyMDIxNDMxMDVaFw0zMDExMzAxNDMxMDVaMIGYMQswCQYDVQQGEwJOTDEWMBQGA1UECAwNTm9vcmQtSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVyZGFtMRQwEgYDVQQKDAtUZXN0Q29tcGFueTELMAkGA1UECwwCSVQxFTATBgNVBAMMDFNjb3R0IE1hbGxleTEjMCEGCSqGSIb3DQEJARYUc21hbGxleUBzcGhlcmVvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkZfqj459pkdt5GLelamSySQP3owkyYOXW1NLTLr3dC_RzE8x3SRpHQwaRErm0VYvV35JVvubGZgatm5SNsTUHw7Ywrwy-hGFCXo2JOabL0lj3EpkpRPpVS7GXAlMxTvfZihw8IgmA3ZEnhnCYbyfKiCAOmVGLc_dViFTUuk2O6t6gkAdL0MhzU6nCBBariqlwWQxXf7z-nFubBrBio2l_GL6Pf6orvB_67V2PQEYnYlf24VtfdV34_QcU3T9bQjN2RhSzT9HYrYZtEXEmS4ARaN4mSoCnkITNsrGUz3LpX0ozxk2kQCUe89v8TUd-uYzA_sHXJXa7oHqTA1ZJVrtDAgMBAAGjUzBRMB0GA1UdDgQWBBT2b43zVAuqVWwFIZLSTSOdI3n5IDAfBgNVHSMEGDAWgBT2b43zVAuqVWwFIZLSTSOdI3n5IDAPBgNVHRMBAf8EBTADAQH_MA0GCSqGSIb3DQEBCwUAA4IBAQBnKynE3w04FyEHpYJs94eYrvKAgH6lvavHlDbiZxq1YgPwQN7lbFKIyZxsfcx1QGu1Rk_e-B7D-peIYGtL0-lQxbC88ogh03CaPqrJEhhmSxLEN-L3HQl-pItVUTKH8kaxHeC86ym2pOEJW2y7mVtPYkrgMiTjmOJj60hJEQE87VT_TB_soAXOm8oVXy1Ha3HwHZ4vouG_SwYhXWaqnOUDOifR579Cy53sMkuG0m7SuXxOZp20jnX7TaR8ElH8mZifTSBjkT2RNj1QhFG-Tl5nR_Q63j4xIw9f2Sj-jVclsuIcEQh00bo8pfdMhA-sMX1zCsOvG3sDnsfsqLmL7guV",
          "cades":"-----BEGIN PKCS7----- iG9w0BCRABCaB0MHICAQAwDQYLK... -----END PKCS7-----"
        },
        "description":"Government of Example Permanent Resident Card.",
        "identifier":"83627465",
        "issuanceDate":"2019-12-03T12:19:52Z",
        "issuer":"did:key:xxx",
        "name":"Permanent Resident Card",
        "type":[
          "VerifiableCredential",
          "PermanentResidentCard"
        ]
      },
      "options":{
        "proofType":"BbsBlsSignature2020"
      }
    }
  },
  "trace":true
}

From Alice's log I see that the following gets send over to Bob:

{
  "@context":[
    "https://www.w3.org/2018/credentials/v1",
    "https://essif-lab.pages.grnet.gr/interoperability/eidas-generic-use-case/contexts/cades-signature.jsonld",
    "https://w3id.org/citizenship/v1",
    "https://w3id.org/security/bbs/v1"
  ],
  "type":[
    "VerifiableCredential",
    "PermanentResidentCard"
  ],
  "issuer":"did:key:zUC76c9wqNc7Ce3Zbjd7aWLPNBbfLa7H1Ur4PRWEpFFDKf6MCzAATWvdYDsuSk7fApnVZRdTS1JZB1o4ck4hVRQswcmqWYf9ZfrYs5waTdZi97uuRf7x7QfbXvpvQP3MYWdzBTM",
  "issuanceDate":"2019-12-03T12:19:52Z",
  "credentialSubject":{
    "familyName":"Doe",
    "gender":"Male",
    "givenName":"John",
    "type":[
      "PermanentResident",
      "Person"
    ]
  },
  "proof":[
    {
      "type":"CAdESRSASignature2020",
      "proofPurpose":"assertionMethod",
      "verificationMethod":"did:factom:5d0dd58757119dd437c70d92b44fbf86627ee275f0f2146c3d99e441da342d9f#MIIEEzCCAvugAwIBAgIUJ0hTJswF5BBreQgbEQL8FTLXwHAwDQYJKoZIhvcNAQELBQAwgZgxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHDAlBbXN0ZXJkYW0xFDASBgNVBAoMC1Rlc3RDb21wYW55MQswCQYDVQQLDAJJVDEVMBMGA1UEAwwMU2NvdHQgTWFsbGV5MSMwIQYJKoZIhvcNAQkBFhRzbWFsbGV5QHNwaGVyZW9uLmNvbTAeFw0yMDEyMDIxNDMxMDVaFw0zMDExMzAxNDMxMDVaMIGYMQswCQYDVQQGEwJOTDEWMBQGA1UECAwNTm9vcmQtSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVyZGFtMRQwEgYDVQQKDAtUZXN0Q29tcGFueTELMAkGA1UECwwCSVQxFTATBgNVBAMMDFNjb3R0IE1hbGxleTEjMCEGCSqGSIb3DQEJARYUc21hbGxleUBzcGhlcmVvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkZfqj459pkdt5GLelamSySQP3owkyYOXW1NLTLr3dC_RzE8x3SRpHQwaRErm0VYvV35JVvubGZgatm5SNsTUHw7Ywrwy-hGFCXo2JOabL0lj3EpkpRPpVS7GXAlMxTvfZihw8IgmA3ZEnhnCYbyfKiCAOmVGLc_dViFTUuk2O6t6gkAdL0MhzU6nCBBariqlwWQxXf7z-nFubBrBio2l_GL6Pf6orvB_67V2PQEYnYlf24VtfdV34_QcU3T9bQjN2RhSzT9HYrYZtEXEmS4ARaN4mSoCnkITNsrGUz3LpX0ozxk2kQCUe89v8TUd-uYzA_sHXJXa7oHqTA1ZJVrtDAgMBAAGjUzBRMB0GA1UdDgQWBBT2b43zVAuqVWwFIZLSTSOdI3n5IDAfBgNVHSMEGDAWgBT2b43zVAuqVWwFIZLSTSOdI3n5IDAPBgNVHRMBAf8EBTADAQH_MA0GCSqGSIb3DQEBCwUAA4IBAQBnKynE3w04FyEHpYJs94eYrvKAgH6lvavHlDbiZxq1YgPwQN7lbFKIyZxsfcx1QGu1Rk_e-B7D-peIYGtL0-lQxbC88ogh03CaPqrJEhhmSxLEN-L3HQl-pItVUTKH8kaxHeC86ym2pOEJW2y7mVtPYkrgMiTjmOJj60hJEQE87VT_TB_soAXOm8oVXy1Ha3HwHZ4vouG_SwYhXWaqnOUDOifR579Cy53sMkuG0m7SuXxOZp20jnX7TaR8ElH8mZifTSBjkT2RNj1QhFG-Tl5nR_Q63j4xIw9f2Sj-jVclsuIcEQh00bo8pfdMhA-sMX1zCsOvG3sDnsfsqLmL7guV",
      "created":"2019-08-23T20:21:34Z",
      "cades":"-----BEGIN PKCS7----- iG9w0BCRABCaB0MHICAQAwDQYLK... -----END PKCS7-----"
    },
    {
      "type":"BbsBlsSignature2020",
      "verificationMethod":"did:key:zUC76c9wqNc7Ce3Zbjd7aWLPNBbfLa7H1Ur4PRWEpFFDKf6MCzAATWvdYDsuSk7fApnVZRdTS1JZB1o4ck4hVRQswcmqWYf9ZfrYs5waTdZi97uuRf7x7QfbXvpvQP3MYWdzBTM#zUC76c9wqNc7Ce3Zbjd7aWLPNBbfLa7H1Ur4PRWEpFFDKf6MCzAATWvdYDsuSk7fApnVZRdTS1JZB1o4ck4hVRQswcmqWYf9ZfrYs5waTdZi97uuRf7x7QfbXvpvQP3MYWdzBTM",
      "created":"2022-07-01T14:50:23.684691+00:00",
      "proofPurpose":"assertionMethod",
      "proofValue":"iJ+GRVw32Fi6ijUh0unSa1FFArGJXk7Ee+dBjudk8fLw7ue1k+i6lGf2ttBvOF8JLENo0oeF6+ivtFlZ0Wb3LbeJE/MwJXts+eI0/X1pkLFrZcMD0FmwVL9j/usXgeO2ZdX9MJz7eeN99rbYDcQDUA=="
    }
  ],
  "description":"Government of Example Permanent Resident Card.",
  "identifier":"83627465",
  "name":"Permanent Resident Card"
}

This is as expected. At Bob however, the following error is thrown:

2022-07-01 14:50:23,770 aries_cloudagent.messaging.models.base ERROR V20CredIssue message validation error:
Traceback (most recent call last):
  File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/messaging/models/base.py", line 137, in deserialize
    return schema.loads(obj) if isinstance(obj, str) else schema.load(obj)
  File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/marshmallow/schema.py", line 723, in load
    data, many=many, partial=partial, unknown=unknown, postprocess=True
  File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/marshmallow/schema.py", line 904, in _do_load
    raise exc
marshmallow.exceptions.ValidationError: {'proof': {'_schema': ['Invalid input type.']}}
2022-07-01 14:50:23,770 aries_cloudagent.core.dispatcher ERROR Message parsing failed: Error deserializing message: V20CredIssue schema validation failed, sending problem report

Expected behavior: When you are able to issue multi-proof VCs with ACA-Py (which is in line with W3C) then you should be able to receive them, too.

pstuermlinger avatar Jul 04 '22 09:07 pstuermlinger

Indeed, it looks like this should be supported.

andrewwhitehead avatar Jul 09 '22 18:07 andrewwhitehead