Proof presentation with check for revocation, always invalid when requesting multiple credentials
mmoramartinez opened this issue · 17 comments
When doing more tests with revocable credentials (but not revoked), we have noticed that if we request more than one credential with a revocation check, the result is always invalid.
For the following requests we expected a valid proof, but they were invalid:
- 2 revocable credential, both not revoked, check for revocation on proof level
- 2 revocable credential, both not revoked, check for revocation on credential level
It appears that if more than one credential needs to be checked for revocation, the proof is invalid. We reported a similar issue when one of the credentials was non-revocable, #1651 .
Thanks for the report -- this a big deal if true. Do you have a test case that you can share? If not, we will build one up, but it would good to know if you had it in place already.
I'm hoping we can use Aries Agent Test Harness and BDD tests to cover the range of tests needed.
FYI -- @WadeBarnes reports that they have run tests with multiple revocable credentials with ACA-Py and have been successful at getting the presentations to verify when the credentials are not revoked.
Details here in this (bcgov/bc-wallet-mobile#762) ticket, specifically the Steps to reproduce - success scenario
.
thanks, I will check this. So far we have done manual tests with the Lissi agent to create the credentials and presentation requests, and as holder simply an ACA-Py instance that automatically accepts and responds to requests. This is what one of the requests looks like:
{
"version": "1.0",
"name": "2revocCheckRevocForAll",
"nonce": "988294151342830409375281",
"requested_attributes": {
"attrGrp_0": {
"names": [
"name"
],
"restrictions": [
{
"cred_def_id": "DR5iYD6jK6YXYfXZrq2rCs:3:CL:14187:revocable1"
}
]
},
"attrGrp_1": {
"names": [
"name"
],
"restrictions": [
{
"cred_def_id": "DR5iYD6jK6YXYfXZrq2rCs:3:CL:14187:revocable2"
}
]
}
},
"requested_predicates": {},
"non_revoked": {
"to": 1670236785
}
}
I also just tested it by requesting two credentials + non-revocation checks. Unfortunately, AcaPy is returning that the presentation is invalid. When requesting each credential + non-revocation check individually, the AcaPy reports two valid presentations.
The presentation result returned by the AcaPy is the following
{
"verified_msgs": [
"VERIFY_ERROR: :Invalid object handle"
],
"presentation_request": {
"nonce": "593780741447409929721944",
"name": "asdf",
"version": "1.0",
"requested_attributes": {
"attrGrp_0": {
"restrictions": [
{
"cred_def_id": "QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test2"
}
],
"names": [
"test"
],
"non_revoked": {
"to": 1670242693
}
},
"attrGrp_1": {
"restrictions": [
{
"cred_def_id": "QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test"
}
],
"names": [
"test"
],
"non_revoked": {
"to": 1670242693
}
}
},
"requested_predicates": {}
},
"initiator": "self",
"role": "verifier",
"state": "verified",
"presentation_exchange_id": "a75d061e-2a10-4526-bc0d-c5dbd9a222fd",
"thread_id": "f17835c6-56d6-4b91-8497-7149e3ff7459",
"presentation_request_dict": {
"@type": "did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/present-proof/1.0/request-presentation",
"@id": "f17835c6-56d6-4b91-8497-7149e3ff7459",
"request_presentations~attach": [
{
"@id": "libindy-request-presentation-0",
"mime-type": "application/json",
"data": {
"base64": "eyJ2ZXJzaW9uIjogIjEuMCIsICJuYW1lIjogImFzZGYiLCAibm9uY2UiOiAiNTkzNzgwNzQxNDQ3NDA5OTI5NzIxOTQ0IiwgInJlcXVlc3RlZF9hdHRyaWJ1dGVzIjogeyJhdHRyR3JwXzAiOiB7Im5hbWVzIjogWyJ0ZXN0Il0sICJub25fcmV2b2tlZCI6IHsidG8iOiAxNjcwMjQyNjkzfSwgInJlc3RyaWN0aW9ucyI6IFt7ImNyZWRfZGVmX2lkIjogIlFRQ1FwajltTkVLdUpmbTE0WXNyc3o6MzpDTDoxNDcxNDpUZXN0MiJ9XX0sICJhdHRyR3JwXzEiOiB7Im5hbWVzIjogWyJ0ZXN0Il0sICJub25fcmV2b2tlZCI6IHsidG8iOiAxNjcwMjQyNjkzfSwgInJlc3RyaWN0aW9ucyI6IFt7ImNyZWRfZGVmX2lkIjogIlFRQ1FwajltTkVLdUpmbTE0WXNyc3o6MzpDTDoxNDcxNDpUZXN0In1dfX0sICJyZXF1ZXN0ZWRfcHJlZGljYXRlcyI6IHt9fQ=="
}
}
],
"comment": "Proof Request"
},
"updated_at": "2022-12-05T12: 18: 28.167510Z",
"auto_verify": True,
"presentation": {
"proof": {
"proofs": [
{
"primary_proof": {
"eq_proof": {
"revealed_attrs": {
"test": "559724291912345840706199426233202135177187251912100367391451049609752637212"
},
"a_prime": "86333307172936036283120981665829472100424924662477788424246964911793007302717050567218436046563661134892684054726915909379352745550101914199262155995970020260349148349023332468111892904674553098572193147331489589131917346085700090588216342531780728268879297660520253649159850610723777346515608092970730394691403223229706031990305242060451451086196801288130975284645976829678737771046602810486344012885733155154068486576388534024328160785714602300722646333025278378295721020240707970855407474527768889925657952445792889945209495718445482381338444426565897393022311018846598599233735025386314669146668958709822944387795",
"e": "85418688223361281436002253784946511355911830953398916213471545044872288250994453451208190979228573922558951253562528029444352591540216007",
"v": "616650795867102570458124532222355740656321218280951224637778300217469526670469450800002452892026016846512589281538434042958983455924412390016379966129526838775109371777875593279464430468108751153742187952623991598795875616527722822405811941569329915498422687687485710977232975651522281508133340775797629044183606265633184918426882650558096341894004224914867052751735503681586523253277605709045437882959282042638525532681874025448916549832976313034291740770947124065540098218646835323384095799485287858771169194636821747190983739548765973021863243652823623243531913503573153174047908249121641293202770971125710707087323796651001162061200955241846226171369694020555035235607810574464174084133688473775571641481141863552537965718503360348671176092562091577418026925415310593457918967935970963523438485896307606499377684604294773965322209219560378109033677367656565755310238110752445918192628067456508432092686009345895975948",
"m": {
"master_secret": "12888439206942528952853342075873875576553005629259640922930241809402909801600728153891140164832328503432536483920760825893732467680808181414928799773627415704565347063482002084558"
},
"m2": "9057568051224137630187359171062153647848001292938667201955322339527423050708024056384213834547450466012396192172629731172184760935904282150247161399235473"
},
"ge_proofs": []
},
"non_revoc_proof": {
"x_list": {
"rho": "18520601CE4488D6FCEA9D8E30518BB086A9E781A9E70A82771E5224F7EDC62D",
"r": "0F552C031B8BC64EBC8ED6C964625DD9E044A8EFA2C1DCCBC9F60A83FB2FED32",
"r_prime": "0BDD0DBDD82F1817DBC4BA1199782F3B7894E2A2A4CCE2F41E7E0BA803AD0EB4",
"r_prime_prime": "014DD66423569F8B52A334CF13E75B5FB7B9E79EAD7F52E9F332AD5308690B46",
"r_prime_prime_prime": "1CC33C996D03F41B581F1946E63AF4422419DA93D5540845DDD3961C0711A9F1",
"o": "0B06FC9285FCA44CF4CDFD890909EE6CABE2B1961C751EC5538BCDCB7EA76197",
"o_prime": "189843BE4B2A51ECDA3FC702765302B32CA1A9168076DB46DDAB5E7731E5683A",
"m": "0EFA1BE4102FA78248EF682853946535C50CCFDB3A89622F2F0B68E73E010768",
"m_prime": "1A2788FF59E82E934607584AC8A9E097461A7B2205BEA2929937E54125FE0CF5",
"t": "200E9411FAC58131190CBC7677FE1FF018B6ADCBB96728DC7B5F8ACDA11C8CCC",
"t_prime": "207DF10646222E7BFDBB5BA169C1D92AF9158796F96466EBF013024359B8C790",
"m2": "0210C8F42B6BE6B57FCE0D9806677C5331EDA9157490582F21B2D7A3294E7D04",
"s": "1F28B733FC31C43186F9FF27A64C1B426B1323F908AE04E36A1819D589C14948",
"c": "0AC3C46D76F19C5D99A2296589E08C8C9CA49347E300EF1151E7EF43517511E0"
},
"c_list": {
"e": "6 44A64EEF5BCCB8BF322622F43451DD7AF5F33FCC488DE840386F98FA50C595E0 4 1CB0FB90EC83A057176B167AA7B3E7052E4FB26172828B1467F2A04744E5597E 4 26A7872C911D09821B3DC347F82C81880C5FF0C2DDF2C4EAC7DBC2878641E2D9",
"d": "6 62A6C43394C63615398C3F5887DC3C94FA4584295B0AC35B4846FA145F39025D 4 1CE8EF651142831853AC354E438912532B28A8BF44AE11777F631ECF6BC48332 4 3A2254C221BCFE3B1F32AD1488F13012182531F183C4345DE20B976C697217F6",
"a": "6 38391CC974AC2CAEBB09D2347E6026ACED6D0C80E1160677682395A5EE06277B 4 3C40923087D631E27F0096EDD450EFACEA38489D92FF09647863C9779485FC66 4 2816E42EFAA1B25E93C78970A7F15F58EAE821D84D5DEF33C1FBA12977A6752E",
"g": "6 485B95B6E8A681B6A33A13A8EE87FCE98408BF1F4924F1C9A381DD4F3F9DBD25 4 290EB5C673382CC7D327CE766025EEF1FFE4A4041BB1D1CBC979357BE38D3DFA 4 3A8B20402BDFD05B3114292A2DD0D5BC709AA81871E1CFE1FB36AF9EF708ACA9",
"w": "21 123E5D0979F6D44363761B2C2AAA6DC6AC32D4A82C0EF13161F88B1EDCBE99BF0 21 119DDD03EB79E0CC84F56613FD6078B4E6B54AA68AFF1E94FC7CA71377C5406B3 6 635C9DA5AA293B3DF63EAE73507D3DFF96BAAC3A06B8C8090D6552E72D965265 4 1CA5CF784CAF9047AB34C472FD8EC48BA384C823B0DA5F1086109644E4B695D2 6 5F7FC8A54F9B042C6DB09810ED46D8351AB76DEB045DFA2D69ACE2094B2F6766 4 31441D712A605FB3304DF9DB64CFD06DE73CD4FC95CD41DAB7A693031E0143B2",
"s": "21 131EC54DFC5F8118C505353B338ABDD257597A568327561B3230B38151FEC0BDD 21 132A7C9C1529555E775762463FDF3FE6DA366040773841791209ACE8F941C9BCB 6 6E2FDC5ECFF0D6C18F136C5FC745EA10761C078D1186221A7855D2BCA882FD8B 4 12C14A6E132A943BD82611532826410E933A1E625694806DD906A65021D6AA17 6 6319D6F853FA5E4CA53D71A1F2E13C2FD6E2C334298E7EF325FFDFAF4628A6F8 4 17FC8B425E84C2D39D5C1A691856220F0083CBBB69C17874293DF551EE513092",
"u": "21 13702782CF097CB039D0B5B14E5962A7477BFE76F1E3E62B60E6BA912A83C9D56 21 10E13301C824DB77146147435DF9D47B9383C3687A3F1CDE23736AD5740EC4BE7 6 6E6350AF7DA8F7C7D38B93298A281E4C7DAF4C16197D35F235CA1A6A8308BA44 4 303ED6BB04BA1C15738D256D6E40CECDA1EAB54B253EF9801769BC5083D40948 6 4FD034C1528B28922910CB436FAD4425EEC61452569192A557017B353766A46D 4 1F7D14E6CCA648EB2AF4B27E8AC5D153580B0686899103EB14CEC79DB9FE811F"
}
}
},
{
"primary_proof": {
"eq_proof": {
"revealed_attrs": {
"test": "66462239542460791898155259503102767165757637622612705294848629465626581613557"
},
"a_prime": "40502641672239933864720562802557962598518486848332774937371847172150014243339249706944721669037896146241528282882940368396821489255823263928553202183095686447207198709268865141679768701610733136129150136866189258843804397851597452199926257556015895462930508543905614412776545094665377550558901517126619205079389574536357695454448530024414391110485516341797981842466001845272498518199480074619680297497972558257131694313681541247476039697226807316547807385506144404456256271831934659011976585848580220062543746600692032893271373066854095017146495677798243709587469121885732397828459369671364597579685575672570507329485",
"e": "66010484976270436759241842915273968818203751565508241757942178210657214377170151328113744875399685563202404676847483666791401238545043682",
"v": "994214138237738411011028664068398155669673201209736802689574317251599798246796364162348836927639186947374478338763733114032874604872519222701013625794385748047996975001665187126159649972223743736543154593552240750332822836205326776877226296467070109539022569155969281404184512804183327651761483140646161562697867998122016839483114310202137740805641827050820735742175964484105535655838932940110104491894105725171794535413868917819804566545551354436830185140971037201473652201685385742168850441114715510102470406539545619304350287078436679774535212940598108230884292569384474595893146106912737958306409662224779535757111977980595398503472713315384024376358400111055283406861086452633789999446757996604503103137375292570118593100993263645395593096151257595919445697623312730115781161304531730205509654867303536419244855367860977953928460125083474401549263741979007983114416168993878274145526017435306636084157072067801777421",
"m": {
"master_secret": "12888439206942528952853342075873875576553005629259640922930241809402909801600728153891140164832328503432536483920760825893732467680808181414928799773627415704565347063482002084558"
},
"m2": "9057568051224137630187359171062153647848001292938667201955322339527423050708031955584488978477044386922455809361333814366738560835965498563619077305708109"
},
"ge_proofs": []
},
"non_revoc_proof": {
"x_list": {
"rho": "0B62158BFFB6ADE278E0802E727FBEEA4D2E0427E35EB13CC9BC63914365A59D",
"r": "0FF85211B6D60F5C5B20847A44C8C2E5325730E4BE57149F9A4A36304A7E6E5E",
"r_prime": "0AFB3B3AF37EAC06E468CA706D8C4D89F5F9640CDE56AAF2C2626D04809FC555",
"r_prime_prime": "0E6DF3F8CAB4CB2447E8FBABF3C731FB20D38DD6EE24011934AA81767FDFCDDF",
"r_prime_prime_prime": "12B85C12578F7E4CA8044191F848CDD270B57AB13E4DBA9C8113AAA03941B7E6",
"o": "0C9018FDD9E5DA249F388F6EAE0EBE4361F2DD06AD3E6E9DE795A7D5EC168530",
"o_prime": "1EA6D1AE8D64C9D800B8A05A89405D6A3F0B04A5828EC9C10FB7AC77910D6786",
"m": "036E411392F187DE6B4553DF4DEFB12DA6727592F803CC777C9F7BE717F4A239",
"m_prime": "0390BE01A07CBB8E5D8DE577773291B1AD25BA7497A0067F81497A43D277828B",
"t": "027359CA0D58DA1781A731F1BAB122D1524450C1C13EE42BFF1544068B6908AC",
"t_prime": "03280867263CBA9E8BD88A9817B15E2EAEE757B4C34A4D5507670F502684F033",
"m2": "138792EAA16007837F43B2906C9D7E09AADE12ABF0450108D7521F3A0D88D7C0",
"s": "0115F8BD95E2C62A0435E78F2E25F292F3AE61E359BDF9E3DCB77D141D83D8DE",
"c": "0CDA71358E136624FB09480A1C771B2E2B3D3CFDF5C31F3008A31EB8F8F2E1D2"
},
"c_list": {
"e": "6 5C229B67255BB7D08FA407BC0B2694BEB354D1E9123984FAAE1578ADA3646AE4 4 261BFEC2E84617C9EDFD9FFA7C914B7978C4E03826703530F1CF3FEDD31245F3 4 1573A096D83FD72F5FC2388FEDA14FD27BCDF4E21C487CDB584EE80ACA0388C5",
"d": "6 4D9FB8112598567BFA6019630AA37B332162C4531326050C695361A04200C171 4 132D2AFCC265FAFEEAB43B6D0BFE893A9026C81C9A6485930A49F8C1811988AB 4 25BA7B4FABF9DE1DC54E63286AC56B6E0BD1C6348E14085D2113368334A8AB75",
"a": "6 3EEC93736CFB382AFACC625F094DB10BF16DDE2C9F2E8B17E96C8F60A7503F34 4 2E5103A957CF5DABC01DEED3CF87A2030A47B8D6C555E86FF75BC317DF16C5CC 4 3273E917323E4CF9BC1075BC16F15E6247834A1CECE0F77278CEC8856BF64C0E",
"g": "6 35929FFDCBDECB85661C56873EAE71540B0F76FD827607A8078AB2BA726E606C 4 3980F1CB1478DD90961DDB999D2355136DB46878EF5D16AE54E62B800BA6B5DB 4 2C14F0E74C09941AED2D8CFAFB0C649235E22EBFA89770425E91A1375C378814",
"w": "21 126C86B1362F117AA3638C8C1C93F8D1411A8737BA6507BF1687E378BD2EB7C7F 21 1369068052905DE32B7846EAABC317E7CB691A9EDC1297827C42C2A41669BA712 6 862E3A9A7394B632CC91C4002DE0AAAF556C56051E6D3EEA2BAD5BA517FDD2E1 4 3C5119F97727F3F99A450CC11671482C2668EE8180431A34B2C5A39EFB0DD873 6 744EB40179F2D87D5D8919EFF05D13E43C8F7BFC5B2B0EA808312CCFCB3A5181 4 1AC5F6AFB17DA57016AEAF5E4CBE48AF388F8C59332C2782C0DC3DB9FC7A7786",
"s": "21 137FC9D854715B0A0D48381A607A3A0AF769144984D9F351EAB35749D4FF1E9D8 21 12D57DEE66F17611C5525EA79235CF8CC953F47CC3A25F9D07D4BC794B2D09635 6 8C607C67F58F1786C5E60EDAE4B37D1F850DA4999AD97462BAD68CBEF1B6A848 4 0E0C252F4C9B61E7B98A5DB5F8E6AB36B6C9137DAFA204C644791E750AF8EB0E 6 69B438CDCBA5394F1BCE7895F7BF895825CE85473C587772922CE787B43670DB 4 1B5D402CDECD595494EC1B5FCD22961E10173F88F4644E882DA12C79EE5AC601",
"u": "21 12C44A6232409A4D893EA391757AA451365BBDB9CEDB849A9D70FB52CA0C3ADD7 21 143B4A7297D63A0FDAA405E3AD196E9089310BF43BEB38587B56E0291C3291EBE 6 5EB667E643BA4405C60F475FA249A03808D01D0274D503620B470D510D0ECAEA 4 253B5954542B28E53E461E6CBDA2DD54E2EDC6ABE4C9346DEB676625248A1A6E 6 7DBB7BC0965FFF097A30EACAE74385D3A06506331A292EED8ECE7DAF76A7B1EB 4 1FF6B1539529A8499070B557DDE9D43E11FA0C0148F5D5C5203D9376875CE98A"
}
}
}
],
"aggregated_proof": {
"c_hash": "83629348022353869695363921069214727609538528834067511575919625166823787368943",
"c_list": [
[
4, 11, 246, 84, 252, 129, 173, 13, 57, 43, 103, 60, 201, 177, 179, 101, 152, 52, 77, 70, 50, 158, 140, 211, 107, 224, 187, 206, 128, 124, 115, 138, 204, 7, 49, 86, 115, 150, 145, 238, 9, 207, 206, 127, 6, 128, 227, 97, 28, 196, 232, 107, 163, 32, 40, 141, 148, 122, 19, 125, 184, 100, 215, 216, 18, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 20, 74, 20, 91, 194, 239, 67, 216, 160, 120, 222, 76, 215, 51, 215, 192, 221, 237, 12, 107, 0, 180, 7, 146, 213, 244, 31, 252, 205, 251, 241, 19, 14, 83, 92, 190, 92, 212, 211, 24, 22, 49, 191, 231, 164, 235, 64, 65, 163, 180, 192, 76, 202, 163, 127, 95, 210, 205, 215, 218, 154, 249, 10, 24, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 15, 41, 1, 33, 75, 10, 100, 189, 78, 70, 130, 176, 45, 241, 164, 204, 237, 153, 8, 243, 107, 189, 42, 131, 163, 49, 22, 247, 194, 57, 56, 182, 29, 10, 115, 202, 218, 17, 133, 14, 239, 12, 250, 214, 254, 92, 53, 70, 113, 147, 133, 196, 58, 210, 173, 73, 196, 199, 204, 144, 77, 22, 198, 170, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 6, 61, 186, 215, 75, 71, 184, 219, 171, 84, 136, 85, 12, 70, 151, 144, 49, 238, 147, 109, 4, 211, 4, 233, 59, 104, 95, 245, 217, 76, 149, 197, 28, 223, 54, 201, 68, 65, 134, 124, 42, 36, 135, 96, 79, 219, 222, 190, 184, 206, 235, 208, 179, 110, 200, 174, 65, 27, 227, 111, 187, 211, 76, 189, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
9, 208, 58, 237, 173, 237, 204, 157, 195, 253, 254, 178, 127, 139, 237, 100, 164, 173, 118, 136, 55, 238, 140, 50, 155, 87, 214, 109, 116, 33, 150, 20, 13, 28, 2, 14, 23, 9, 51, 79, 8, 31, 94, 245, 206, 156, 243, 226, 46, 127, 2, 124, 173, 161, 170, 243, 68, 197, 131, 222, 52, 167, 172, 150, 32, 197, 208, 251, 113, 141, 25, 61, 135, 216, 82, 79, 233, 206, 253, 237, 62, 241, 53, 231, 133, 249, 28, 247, 213, 43, 116, 43, 24, 160, 238, 142, 5, 203, 120, 146, 106, 219, 219, 202, 247, 105, 101, 65, 237, 115, 129, 191, 133, 135, 81, 133, 184, 209, 239, 212, 9, 197, 101, 138, 193, 132, 65, 115
],
[
26, 238, 5, 36, 195, 220, 24, 222, 234, 154, 206, 247, 231, 48, 62, 83, 162, 64, 231, 200, 42, 70, 205, 173, 192, 52, 150, 2, 158, 158, 19, 224, 34, 152, 180, 168, 94, 254, 113, 58, 50, 254, 165, 195, 82, 138, 33, 14, 88, 154, 177, 169, 16, 132, 200, 148, 54, 253, 167, 46, 34, 68, 55, 138, 10, 148, 232, 108, 173, 18, 147, 56, 161, 118, 16, 223, 92, 61, 109, 237, 170, 9, 247, 26, 109, 212, 183, 146, 10, 132, 101, 178, 175, 218, 154, 13, 22, 85, 118, 6, 42, 47, 239, 208, 178, 211, 157, 136, 13, 50, 15, 38, 38, 149, 113, 154, 140, 177, 4, 220, 171, 224, 1, 142, 22, 51, 207, 111
],
[
6, 68, 229, 66, 30, 190, 5, 126, 202, 211, 27, 120, 34, 197, 77, 255, 115, 195, 157, 30, 154, 155, 22, 110, 218, 197, 174, 170, 78, 11, 241, 242, 29, 140, 179, 161, 176, 188, 207, 62, 113, 54, 208, 96, 119, 44, 201, 69, 104, 235, 20, 190, 248, 115, 179, 118, 21, 130, 229, 107, 201, 50, 111, 244, 13, 201, 13, 58, 71, 82, 222, 245, 77, 46, 250, 76, 106, 70, 141, 159, 187, 39, 178, 74, 228, 193, 16, 69, 170, 10, 113, 247, 32022-12-05T12: 18: 28.189574482Z 1, 65, 53, 88, 4, 16, 96, 111, 80, 121, 242, 237, 6, 130, 210, 156, 153, 139, 38, 218, 167, 172, 214, 102, 77, 255, 21, 211, 206, 168, 30, 89, 139, 225, 206, 23
],
[
2, 171, 228, 59, 32, 54, 118, 136, 71, 18, 68, 242, 9, 229, 128, 53, 118, 224, 43, 152, 103, 112, 97, 53, 164, 128, 138, 37, 93, 201, 104, 160, 112, 103, 163, 140, 111, 31, 0, 245, 33, 252, 167, 22, 183, 129, 7, 153, 68, 227, 5, 77, 121, 24, 142, 102, 223, 132, 113, 88, 234, 218, 234, 208, 54, 158, 16, 251, 83, 164, 214, 250, 168, 228, 123, 231, 227, 21, 141, 52, 67, 195, 113, 139, 215, 224, 211, 100, 65, 31, 134, 245, 11, 130, 32, 4, 43, 128, 95, 181, 119, 213, 185, 180, 56, 40, 65, 137, 118, 215, 229, 133, 113, 115, 122, 108, 23, 151, 108, 137, 93, 137, 189, 45, 200, 8, 185, 67, 17, 216, 2, 145, 147, 249, 195, 24, 60, 126, 209, 207, 195, 96, 109, 85, 142, 15, 196, 85, 114, 118, 164, 210, 20, 71, 2, 226, 110, 211, 161, 177, 254, 38, 246, 237, 161, 84, 7, 117, 71, 53, 97, 234, 87, 52, 36, 179, 126, 175, 22, 119, 162, 181, 250, 136, 201, 8, 232, 216, 223, 165, 210, 88, 15, 239, 69, 1, 55, 5, 141, 122, 169, 145, 78, 93, 56, 238, 84, 181, 98, 28, 56, 211, 77, 205, 222, 224, 78, 67, 52, 177, 169, 214, 72, 107, 2, 149, 60, 212, 108, 179, 157, 91, 221, 124, 125, 75, 44, 188, 24, 92, 77, 115, 46, 219, 124, 40, 49, 123, 17, 146, 248, 245, 115, 180, 119, 34, 211
],
[
4, 25, 127, 149, 213, 240, 176, 220, 74, 129, 175, 202, 50, 135, 70, 159, 98, 204, 186, 180, 11, 94, 131, 2, 56, 80, 191, 63, 36, 27, 180, 201, 112, 0, 155, 81, 245, 167, 215, 186, 134, 228, 64, 33, 33, 180, 159, 186, 100, 248, 71, 38, 43, 188, 40, 189, 166, 254, 42, 150, 156, 19, 186, 163, 152, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 17, 131, 0, 72, 75, 58, 118, 39, 236, 234, 192, 139, 6, 142, 10, 100, 151, 223, 169, 219, 194, 212, 0, 53, 38, 151, 222, 231, 25, 255, 147, 248, 25, 137, 153, 80, 18, 243, 50, 127, 150, 181, 234, 159, 119, 217, 100, 196, 2, 49, 225, 222, 252, 18, 6, 180, 56, 52, 27, 29, 251, 55, 145, 79, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 26, 10, 241, 127, 14, 132, 27, 196, 71, 121, 123, 146, 6, 217, 41, 160, 141, 33, 26, 248, 80, 28, 38, 139, 158, 172, 22, 74, 118, 174, 136, 34, 16, 25, 141, 22, 134, 114, 246, 54, 34, 10, 31, 91, 129, 238, 13, 134, 124, 93, 217, 161, 160, 101, 28, 121, 95, 13, 106, 78, 233, 246, 36, 91, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
4, 2, 210, 207, 122, 207, 73, 222, 192, 82, 168, 74, 85, 186, 211, 4, 111, 133, 186, 47, 89, 30, 120, 112, 183, 37, 166, 13, 59, 48, 47, 56, 69, 29, 21, 241, 242, 71, 135, 160, 7, 24, 151, 52, 92, 181, 168, 16, 64, 139, 47, 98, 2, 115, 147, 182, 97, 185, 244, 162, 115, 191, 226, 93, 171, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
],
[
23, 227, 79, 201, 65, 38, 200, 168, 42, 101, 127, 133, 143, 95, 25, 118, 10, 169, 134, 93, 153, 230, 67, 132, 131, 146, 251, 242, 252, 217, 116, 130, 34, 236, 77, 18, 26, 63, 186, 109, 253, 71, 2, 97, 140, 153, 237, 54, 99, 51, 66, 249, 60, 34, 54, 39, 97, 86, 242, 241, 244, 195, 48, 114, 12, 158, 181, 13, 207, 93, 193, 126, 199, 54, 186, 22, 160, 27, 240, 252, 128, 139, 6, 219, 211, 33, 60, 198, 60, 76, 39, 211, 110, 161, 175, 153, 17, 250, 183, 216, 200, 244, 181, 191, 82, 92, 149, 228, 50, 192, 224, 49, 110, 230, 137, 123, 240, 254, 66, 96, 67, 56, 180, 155, 170, 99, 31, 52
],
[
2, 0, 188, 161, 231, 40, 212, 52, 63, 0, 218, 239, 34, 98, 117, 250, 157, 63, 4, 177, 121, 9, 56, 213, 224, 60, 103, 39, 5, 82, 209, 106, 1, 39, 46, 252, 4, 3, 231, 190, 101, 71, 54, 185, 215, 60, 144, 48, 83, 77, 205, 25, 19, 31, 225, 206, 238, 211, 194, 129, 54, 68, 242, 49, 5, 11, 80, 70, 78, 186, 110, 82, 201, 203, 226, 140, 79, 172, 141, 79, 43, 182, 175, 14, 99, 208, 170, 252, 112, 0, 151, 14, 142, 109, 193, 179, 35, 18, 127, 59, 216, 204, 56, 230, 187, 202, 37, 60, 119, 165, 122, 186, 201, 219, 118, 165, 239, 215, 90, 176, 83, 250, 193, 126, 40, 22, 200, 221
],
[
21, 195, 6, 96, 152, 231, 97, 225, 10, 170, 44, 225, 163, 15, 126, 173, 163, 36, 51, 106, 39, 19, 209, 92, 133, 127, 168, 238, 6, 189, 63, 87, 14, 43, 129, 50, 36, 63, 97, 63, 11, 248, 131, 242, 63, 13, 140, 155, 90, 207, 49, 45, 107, 206, 17, 222, 231, 214, 158, 82, 178, 78, 75, 120, 33, 204, 159, 113, 215, 244, 86, 187, 205, 155, 148, 105, 93, 86, 181, 182, 161, 5, 13, 35, 176, 225, 172, 97, 56, 117, 86, 128, 235, 190, 132, 25, 0, 98, 0, 156, 224, 73, 152, 12, 182, 72, 108, 13, 71, 212, 41, 142, 50, 88, 225, 251, 75, 124, 195, 130, 183, 202, 165, 90, 91, 52, 198, 46
],
[
1, 64, 215, 188, 199, 17, 19, 225, 62, 99, 154, 191, 154, 127, 206, 66, 24, 209, 92, 16, 89, 197, 233, 31, 81, 65, 79, 182, 39, 162, 193, 219, 64, 199, 12, 173, 65, 243, 182, 142, 5, 6, 84, 97, 57, 249, 237, 49, 249, 209, 7, 129, 175, 154, 60, 157, 121, 205, 8, 102, 12, 140, 27, 187, 218, 60, 87, 243, 57, 237, 143, 39, 5, 156, 152, 115, 75, 21, 236, 7, 102, 29, 210, 244, 196, 231, 164, 32, 5, 211, 202, 102, 6, 193, 84, 234, 104, 17, 184, 159, 206, 120, 214, 106, 4, 92, 158, 199, 112, 201, 157, 192, 197, 104, 162, 195, 54, 7, 171, 28, 177, 86, 148, 79, 184, 105, 121, 243, 146, 29, 214, 169, 137, 186, 55, 14, 121, 222, 99, 69, 125, 249, 39, 137, 205, 64, 146, 102, 4, 123, 57, 116, 168, 129, 183, 231, 143, 95, 52, 142, 154, 223, 190, 30, 203, 115, 213, 99, 24, 63, 129, 232, 135, 214, 191, 66, 129, 254, 113, 142, 137, 233, 102, 121, 239, 70, 164, 89, 57, 32, 91, 131, 92, 179, 125, 137, 182, 166, 55, 90, 104, 235, 150, 20, 98, 253, 103, 110, 199, 118, 200, 107, 109, 242, 160, 208, 118, 87, 6, 135, 249, 70, 205, 202, 64, 24, 97, 227, 125, 218, 66, 18, 232, 118, 190, 215, 177, 101, 212, 234, 169, 130, 14, 62, 226, 229, 163, 213, 218, 10, 51, 51, 62, 159, 122, 127, 205
]
]
}
},
"requested_proof": {
"revealed_attrs": {},
"revealed_attr_groups": {
"attrGrp_0": {
"sub_proof_index": 0,
"values": {
"test": {
"raw": "jlkj",
"encoded": "559724291912345840706199426233202135177187251912100367391451049609752637212"
}
}
},
"attrGrp_1": {
"sub_proof_index": 1,
"values": {
"test": {
"raw": "njn",
"encoded": "66462239542460791898155259503102767165757637622612705294848629465626581613557"
}
}
}
},
"self_attested_attrs": {},
"unrevealed_attrs": {},
"predicates": {}
},
"identifiers": [
{
"schema_id": "QQCQpj9mNEKuJfm14Ysrsz: 2:test: 1.0",
"cred_def_id": "QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test2",
"rev_reg_id": "QQCQpj9mNEKuJfm14Ysrsz: 4:QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test2:CL_ACCUM: 2fc867db-e288-4734-ad4f-212f52d248fb",
"timestamp": 1670242504
},
{
"schema_id": "QQCQpj9mNEKuJfm14Ysrsz: 2:test: 1.0",
"cred_def_id": "QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test",
"rev_reg_id": "QQCQpj9mNEKuJfm14Ysrsz: 4:QQCQpj9mNEKuJfm14Ysrsz: 3:CL: 14714:Test:CL_ACCUM: 1c1330b1-c249-482c-b99b-0b938ab1794d",
"timestamp": 1670242436
}
]
},
"verified": "false",
"created_at": "2022-12-05T12: 18: 13.416155Z",
"connection_id": "570ef3a4-44fb-4164-a2c2-16d26eebfded",
"trace": False,
"auto_present": False
}
@ianco -- I think this has to bump in priority vs. the mediator testing this week.
I think the best approach to resolve this is probably what I proposed in Aries Agent Test Harness Issue 605, so we can debug what is happening and see if the problem has always been there or was added in a specific version. And we can test other Frameworks for the same issue. @nodlesh -- heads up on this and the priority of that test.
@ianco -- I think this has to bump in priority vs. the mediator testing this week.
ok
Timestamp parameters are things I don't understand fully. So, I'm not sure but the fact that the timestamp in the proof request was 1670242693
and the timestamps in the proof.identifiers
are 1670242504
and 1670242436
makes me suspicious. (I'm referring to this comment)
I suppose the timestamps of the proof should be larger values than the requested timestamp for non-revocation.
ACA-py is using delta_timestamp
when it creates revocation_states here: https://github.com/hyperledger/aries-cloudagent-python/blob/22f8d4f79d55da2d5d0f307646f299dc991d15a4/aries_cloudagent/protocols/present_proof/indy/pres_exch_handler.py#L188
I think the timestamp used here should be larger than the requested timestamp for non-revocation and we could use the current time which is obviously larger than the requested timestamp.
AFJ is using the timestamp in the proof request message for this.
Ah.. I found out where the error comes.
The items in proof.requested_proof.revealed_attr_groups
must contain timestamp attributes or the verify function throws an error. https://github.com/hyperledger/indy-sdk/blob/main/libindy/src/services/anoncreds/verifier.rs#L253
proof.requested_proof.revealed_attr_groups
is not containing timestamps. I don't know why. Maybe there is something missing because the proof has revealed_attr_groups
not revealed_attrs
.
Sorry. I was wrong.
verifier.rs checks the timestamps in proof.identifiers
, not those in proof.requested_proof.revealed_attr_groups
.
proof.identifiers
contains timestamps which are 1670242504
and 1670242436
.
My previous comment about creating revocation state was also incorrect, so please ignore that too. 😞
I've added some integration tests to cover the multi-credential-proof scenarios, here is a summary, let me know if you think there are other scenarios we need to include in the tests:
@T003-RFC0454.1
- multiple credentials in proof (1 revocable, 1 not), no revocation check
@T003-RFC0454.1f
- multiple credentials in proof (1 revocable, 1 not), revocation check is at the request level, verification fails (this is the scenario which is not handled properly, I think by anoncreds)
@T003-RFC0454.2
- multiple credentials in proof (1 revocable, 1 not), revocable cred is revoked, revocation check at the attribute level, verification fails
@T003-RFC0454.3
- same as *.2
but with no revocation check, verification passes
These tests are all aca-py to aca-py, it sounds like you're testing with the Lissi wallet (?) ... It would be great if you could replicate using aca-py (or let me know the specific scenario and I can try to tweak the integration tests) as this is easier for us to verify/automate.
We tested as well using aca-py to make sure it was not an issue of the wallet.
Apart from the scenario of @T003-RFC0454.1f
, other tests that were failing were the ones mentioned in the original post:
- multiple credentials in proof, both revocable but not revoked, revocation check either at attribute or request level, verification fails
I've add this scenario like this:
@T003-RFC0454.4 @GHA
Scenario Outline: Present Proof for multiple credentials where both are revocable, neither credential is revoked
Given we have "4" agents
| name | role | capabilities |
| Acme1 | issuer1 | <Acme1_capabilities> |
| Acme2 | issuer2 | <Acme2_capabilities> |
| Faber | verifier | <Acme1_capabilities> |
| Bob | prover | <Bob_cap> |
And "<issuer1>" and "Bob" have an existing connection
And "Bob" has an issued <Schema_name_1> credential <Credential_data_1> from "<issuer1>"
And "<issuer2>" and "Bob" have an existing connection
And "Bob" has an issued <Schema_name_2> credential <Credential_data_2> from "<issuer2>"
And "Faber" and "Bob" have an existing connection
When "Faber" sends a request for proof presentation <Proof_request> to "Bob"
Then "Faber" has the proof verified
Examples:
| issuer1 | Acme1_capabilities | issuer2 | Acme2_capabilities | Bob_cap | Schema_name_1 | Credential_data_1 | Schema_name_2 | Credential_data_2 | Proof_request |
| Acme1 | --revocation --public-did | Acme2 | --revocation --public-did | | driverslicense_v2 | Data_DL_MaxValues | health_id | Data_DL_MaxValues | DL_age_over_19_v2_with_health_id |
And I ran the test like this:
LEDGER_URL=http://test.bcovrin.vonx.io PUBLIC_TAILS_URL=https://tails.vonx.io ./run_bdd -t @T003-RFC0454.4
The test failed with the following error logs:
#27 Process the proof provided by X
#28 Check if proof is valid
Faber.agent | 2023-01-09 10:08:36,611 aries_cloudagent.indy.credx.verifier ERROR Validation of presentation on nonce=47974977077717778770600 failed with error
Faber.agent | Traceback (most recent call last):
Faber.agent | File "/home/indy/aries_cloudagent/indy/credx/verifier.py", line 74, in verify_presentation
Faber.agent | rev_reg_entries,
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 327, in __iter__
Faber.agent | yield self # This tells Task to wait for completion.
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/tasks.py", line 250, in _wakeup
Faber.agent | future.result()
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 243, in result
Faber.agent | raise self._exception
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/concurrent/futures/thread.py", line 56, in run
INFO:aiohttp.access:172.17.0.1 [09/Jan/2023:10:08:36 +0000] "POST /webhooks/topic/present_proof_v2_0/ HTTP/1.1" 200 149 "-" "Python/3.6 aiohttp/3.8.3"
Faber.agent | result = self.fn(*self.args, **self.kwargs)
Faber.agent | Presentation: state = done, pres_ex_id = f6d73799-31b4-4e10-9f35-00f1382a7fcf
Faber.agent | Proof = false
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/types.py", line 473, in verify
Faber.agent | reg_entries or None,
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/bindings.py", line 711, in verify_presentation
Faber.agent | byref(verify),
Faber.agent | File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/bindings.py", line 370, in do_call
Faber.agent | raise get_current_error(True)
Faber.agent | indy_credx.error.CredxError: Invalid object handle
Is there a way to print out debug messages from indy-sdk? I tried adding RUST_LOG=debug
with no difference.
I also ran the test @T003-RFC0454.4
with wallet type "indy" and the test passed. So, it must be an issue related to indy-credx.
Hi, has there been any evolution regarding this issue?
I'm doing some tests with two non-revoked revocable credentials and I have the problem of which I attach below the stack trace.
I used two Aca-py askar
and tested versions
0.7.4
0.7.5
0.8.0
and they all have the same problem.
Thanks for any kind of support you can give me.
2023-06-23 10:19:11,202 aries_cloudagent.indy.credx.verifier ERROR Validation of presentation on nonce=82000675796637021791301 failed with error
Traceback (most recent call last):
File "/home/indy/aries_cloudagent/indy/credx/verifier.py", line 86, in verify_presentation
rev_reg_entries,
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 327, in iter
yield self # This tells Task to wait for completion.
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/tasks.py", line 250, in _wakeup
future.result()
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/asyncio/futures.py", line 243, in result
raise self._exception
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/concurrent/futures/thread.py", line 56, in run
result = self.fn(*self.args, **self.kwargs)
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/types.py", line 472, in verify
reg_entries or None,
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/bindings.py", line 715, in verify_presentation
byref(verify),
File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/indy_credx/bindings.py", line 374, in do_call
raise get_current_error(True)
indy_credx.error.CredxError: Invalid object handle
2023-06-23 10:19:11,204 aries_askar.native.aries_askar.ffi.store INFO src/ffi/store.rs:528 | Started session SessionHandle(220) on store StoreHandle(1) (txn: false)
2023-06-23 10:19:11,206 aries_askar.native.aries_askar.backend.db_utils INFO src/backend/db_utils.rs:103 | Acquire pool connection
2023-06-23 10:19:11,206 aries_askar.native.aries_askar.backend.db_utils INFO src/backend/db_utils.rs:280 | Start transaction
2023-06-23 10:19:11,207 aries_askar.native.sqlx.query DEBUG None:0 | BEGIN; rows affected: 0, rows returned: 0, elapsed: 947.787µs
2023-06-23 10:19:11,209 aries_askar.native.sqlx.query DEBUG None:0 | UPDATE items SET value=$5, …; rows affected: 0, rows returned: 1, elapsed: 1.757ms
The issue was found to be in Indy CredX, part of the indy-shared-rs repo (https://github.com/hyperledger/indy-shared-rs). The issue is fixed in Release 0.3.3.
Updating the ACA-Py requirements should address this.