Slack Archive

{"v":"KERI10JSON0001e7_","t":"icp","d":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","i":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","s":"0","kt":"2","k":["DNGW8-mK9gJUdIe75iZDopMKOyZTvwoM7nfOHFKzl2Xf","DI_VCGvq9G0p-Hko1h3-1Jxy60oCqGZpgHMO-rpRHTr7","DDZGak_BRJueyzxrXBejsDqtAgGhriN9lG-HZb9C4DIE"],"nt":"2","n":["EGNk3LJHkox4iGsj2MAu1OGZZAbfj4UuNA-4txCyH5rS","EBlimjpkreHaz3Y7D5taJhNYFK9FVkwSNaMwHu7Ew2VQ","EDAuXsx-4R6JgDR_dytf-qXRN_3Ei34JOfyq9Ffs1Uiw"],"bt":"0","b":[],"c":[],"a":[]}-VBD-AADAADh6JRLaiG6AYurdeqnfC2lxbAbDh4G3srBB_ZNqNDbXYmVy57BnhtSLAmNLA_8GnbJh2IDlYXwUs98irSK7WsBABCQZ9w6BWkqgoFi3GnfoRNYkzZMrXYDU4eWypSVWD9U0ZCG_nkEDg5EYwj4MldsW8TX3N75yQzMxTpPE7bJ5BINACB618hVBrLxxvc_GCRv4F5-1tXMPqpW4HDZ9NQtv4WyjRrxTwib4myP8yVVmGInQA0M82LRf00M7Kln4jcXiPIH
{"v":"KERI10JSON00013a_","t":"ixn","d":"ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL","i":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","s":"1","p":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","a":[{"i":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL","s":"0","d":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL"}]}-VBD-AADAADjzCtrIFlFALjbK5bsL9yF8HEJHBKJcSvBrrDuSGN77iUDDub_qv1GefpjAJ_uWbjAx11uwObDMOGFWDeOLN0HABAYlHYccKZWlMgrL7OhA9Qk_N-eR0hFc3dRgU1DV5bLf1s8gvjWynsJJW1LsPpyJomjvFHurI18bn8Dn9CJjtkCACDZ6jQcCv31nv09OUd4IqgXfpeOAqDoT_LtuxulOurk8URxL6W9NJvMIGnACrjXs3psaHDjUMwK8vlR9rouICgH
{"v":"KERI10JSON00013a_","t":"ixn","d":"ED27Rx7illu2NyaPzjrTmDLMrJ6AnqzZhGWZ7nd3UytE","i":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","s":"2","p":"ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL","a":[{"i":"EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt","s":"0","d":"EEC4SA2Sk0ViIfcIZGfeeIrLYnerJaOid_7n1sTZjyLB"}]}-VBD-AADAACXdIIUQvHxt2KAVeDZcLfENl2AZsQlAimjjW4Mf_XiM4VRiFXSuWZZ45unMiDqpXShDcqNZzJZyMxVcFSpMwcFABBbi-72kgciB5C7YdSEhGPGypLXufq_sHldpM5DcdJC98R9hK00YC0YaQB2mzRlkvnbl6_xOEHa4MCuYFEhW6IOACBkJ19npxT4GcKE80MsL9KNQ9C4bgQNIwX46LrgWUNdXa-CC-9Km7IcVWmvAfiBcGesx8c0uh4iIivLhDIu9OsN
{"v":"KERI10JSON0000e0_","t":"vcp","d":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL","i":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL","ii":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","s":"0","c":["NB"],"bt":"0","b":[]}-GAB0AAAAAAAAAAAAAAAAAAAAAABELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL
{"v":"KERI10JSON0000ed_","t":"iss","d":"EEC4SA2Sk0ViIfcIZGfeeIrLYnerJaOid_7n1sTZjyLB","i":"EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt","s":"0","ri":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL","dt":"2023-04-25T06:47:26.465245+00:00"}-GAB0AAAAAAAAAAAAAAAAAAAAAACED27Rx7illu2NyaPzjrTmDLMrJ6AnqzZhGWZ7nd3UytE
{"v":"ACDC10JSON000236_","d":"EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt","i":"ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ","ri":"EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL","s":"EGCb76QtyhQzCkZZLfvx-3vz4t5zy1z-OMJd_OOR5a6z","a":{"d":"EEzx73axJqvdhimViG3vLQrl1N4rgop4aTkazBTyNxme","i":"EBCIvVwH0l0bNXGZvIIGoEQohdKi3Vz00zTl0axkiF9M","dt":"2023-04-25T06:47:26.465139+00:00","holders":["Arthur S.","David M.","Ilkin N.","Peter M."],"shortDescription":"Qui devs are rockstars!","headerTitle":"We are rockstars!","logo":""}}-VBj-JAB6AABAAA--FABECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ0AAAAAAAAAAAAAAAAAAAAAAAECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ-AADAAC-h7hcsHYV3XWJfLiF_OWdHBCSMUmEmUwb2Irx-RaXjqbSCNJDJKMvFo1k6__luLaiyUJMnIJDT-usG8IQGA8NABB6b1_RU5WAXJ9ro6MqITHC7XXTuyG0YbafwuC6BL1BpcsN9qoO9lxiKE8N1s6gQtNDxvdn4CvjGL61RdGloT8DACBUyT0OdU90D18RT1SZlicfm4bQkblJpiwynQHBZSRBU9BKDBBdSXeyz4snpTzcNZokeGjZeNUwDHuQNR-Ibm8B
The ACDC should be valid, it worked for me:

❯ rm -rf ~/.keri
❯ kli init -n test --nopasscode                                                                         
KERI Keystore created at: /Users/jason/.keri/ks/test
KERI Database created at: /Users/jason/.keri/db/test
KERI Credential Store created at: /Users/jason/.keri/reg/test
❯ kli incept -n test -a test --transferable true --icount 1 --isith "1" --ncount 1 --nsith "1" --toad "0"
Prefix  EBCIvVwH0l0bNXGZvIIGoEQohdKi3Vz00zTl0axkiF9M
	Public key 1:  DM4zp1KO_mTs17GnepSFL2_8AqXTtShMchtHG1D-MOlT

❯ python test.py                                                                                         
keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' First seen ordinal 0 at 2023-04-25T06:48:12.979027+00:00
Event=
{
 "v": "KERI10JSON0001e7_",
 "t": "icp",
 "d": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "0",
 "kt": "2",
 "k": [
  "DNGW8-mK9gJUdIe75iZDopMKOyZTvwoM7nfOHFKzl2Xf",
  "DI_VCGvq9G0p-Hko1h3-1Jxy60oCqGZpgHMO-rpRHTr7",
  "DDZGak_BRJueyzxrXBejsDqtAgGhriN9lG-HZb9C4DIE"
 ],
 "nt": "2",
 "n": [
  "EGNk3LJHkox4iGsj2MAu1OGZZAbfj4UuNA-4txCyH5rS",
  "EBlimjpkreHaz3Y7D5taJhNYFK9FVkwSNaMwHu7Ew2VQ",
  "EDAuXsx-4R6JgDR_dytf-qXRN_3Ei34JOfyq9Ffs1Uiw"
 ],
 "bt": "0",
 "b": [],
 "c": [],
 "a": []
}

keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' Added to KEL valid event=
{
 "v": "KERI10JSON0001e7_",
 "t": "icp",
 "d": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "0",
 "kt": "2",
 "k": [
  "DNGW8-mK9gJUdIe75iZDopMKOyZTvwoM7nfOHFKzl2Xf",
  "DI_VCGvq9G0p-Hko1h3-1Jxy60oCqGZpgHMO-rpRHTr7",
  "DDZGak_BRJueyzxrXBejsDqtAgGhriN9lG-HZb9C4DIE"
 ],
 "nt": "2",
 "n": [
  "EGNk3LJHkox4iGsj2MAu1OGZZAbfj4UuNA-4txCyH5rS",
  "EBlimjpkreHaz3Y7D5taJhNYFK9FVkwSNaMwHu7Ew2VQ",
  "EDAuXsx-4R6JgDR_dytf-qXRN_3Ei34JOfyq9Ffs1Uiw"
 ],
 "bt": "0",
 "b": [],
 "c": [],
 "a": []
}

keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' First seen ordinal 1 at 2023-04-25T06:48:12.981352+00:00
Event=
{
 "v": "KERI10JSON00013a_",
 "t": "ixn",
 "d": "ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "1",
 "p": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "a": [
  {
   "i": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL",
   "s": "0",
   "d": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL"
  }
 ]
}

keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' Added to KEL valid event=
{
 "v": "KERI10JSON00013a_",
 "t": "ixn",
 "d": "ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "1",
 "p": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "a": [
  {
   "i": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL",
   "s": "0",
   "d": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL"
  }
 ]
}

keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' First seen ordinal 2 at 2023-04-25T06:48:12.982529+00:00
Event=
{
 "v": "KERI10JSON00013a_",
 "t": "ixn",
 "d": "ED27Rx7illu2NyaPzjrTmDLMrJ6AnqzZhGWZ7nd3UytE",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "2",
 "p": "ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL",
 "a": [
  {
   "i": "EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt",
   "s": "0",
   "d": "EEC4SA2Sk0ViIfcIZGfeeIrLYnerJaOid_7n1sTZjyLB"
  }
 ]
}

keri: Kever state: b'ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ' Added to KEL valid event=
{
 "v": "KERI10JSON00013a_",
 "t": "ixn",
 "d": "ED27Rx7illu2NyaPzjrTmDLMrJ6AnqzZhGWZ7nd3UytE",
 "i": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "2",
 "p": "ELaw_rkRuXpU21iEnXYVSj5fwxde6iUJwpH9s53J9raL",
 "a": [
  {
   "i": "EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt",
   "s": "0",
   "d": "EEC4SA2Sk0ViIfcIZGfeeIrLYnerJaOid_7n1sTZjyLB"
  }
 ]
}

keri: Tever state: b'EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL' Added to TEL valid event=
{
 "v": "KERI10JSON0000e0_",
 "t": "vcp",
 "d": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL",
 "i": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL",
 "ii": "ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ",
 "s": "0",
 "c": [
  "NB"
 ],
 "bt": "0",
 "b": []
}

keri: Tever state: b'EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt' Added to TEL valid event=
{
 "v": "KERI10JSON0000ed_",
 "t": "iss",
 "d": "EEC4SA2Sk0ViIfcIZGfeeIrLYnerJaOid_7n1sTZjyLB",
 "i": "EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt",
 "s": "0",
 "ri": "EHThFVgTY1anKaF7pvM3zrkpanrlJxGgdCUGpLx6iNKL",
 "dt": "2023-04-25T06:47:26.465245+00:00"
}

❯ kli vc list -n test
Current received credentials for test (EBCIvVwH0l0bNXGZvIIGoEQohdKi3Vz00zTl0axkiF9M):

Credential #1: EAj80gram4PjVcpLdMBil2aPxOhUAU63T1qOiizpsOZt
    Type: Shout Out Block
    Status: Issued ✔
    Issued by ECSkjQRsDs12z3pP916haJSLkp_hQh9g8YcO6BBVU4qJ
    Issued on 2023-04-25T06:47:26.465245+00:00
Here is the test code:

from  import habbing
from keri.vdr import (eventing, credentialing, verifying)

from keri import help

import logging

with habbing.openHab(name="test", temp=False) as (hby, hab):
    help.ogler.resetLevel(level=logging.DEBUG)
    
    rgy = credentialing.Regery(hby=hby, name='test', base='')
    vry = verifying.Verifier(hby=hby, reger=rgy.reger)
    vry.resolver.add('EGCb76QtyhQzCkZZLfvx-3vz4t5zy1z-OMJd_OOR5a6z', b'.. schema goes here ..')

    raw = (
        """
    .. messages go here ..
"""
    )

    hby.psr.vry = vry
    hby.psr.tvy = vry.tvy
    hby.psr.parse(bytearray(raw.replace('\n', '').encode("utf-8")))

keri: Parser msg non-extraction error: 'ri'
Traceback (most recent call last):
  File "/Users/jason/qui/src/ssi-sdk-rs/build/venv/keripy/lib/python3.11/site-packages/keri/core/parsing.py", line 467, in allParsator
    done = yield from self.msgParsator(ims=ims,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/jason/qui/src/ssi-sdk-rs/build/venv/keripy/lib/python3.11/site-packages/keri/core/parsing.py", line 1096, in msgParsator
    tvy.processEvent(serder=serder, seqner=seqner, saider=saider, wigers=wigers)
  File "/Users/jason/qui/src/ssi-sdk-rs/build/venv/keripy/lib/python3.11/site-packages/keri/vdr/eventing.py", line 1566, in processEvent
    regk = self.registryKey(serder)
           ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/jason/qui/src/ssi-sdk-rs/build/venv/keripy/lib/python3.11/site-packages/keri/vdr/eventing.py", line 2016, in registryKey
    return serder.ked["ri"]
           ~~~~~~~~~~^^^^^^
KeyError: 'ri'

        if ilk in (Ilks.vcp, Ilks.vrt):
            return serder.pre
        elif ilk in (Ilks.iss, Ilks.rev):
            return serder.ked["ri"]
        elif ilk in (Ilks.bis, Ilks.brv):
            rega = serder.ked["ra"]
            return rega["i"]
        else:
            raise ValidationError("invalid ilk {} for tevery event = {}".format(ilk, serder.ked))

use crate::error::{err, Error, Result};

use cesride::{
    common::{Identage, Ids, Serialage, Version, CURRENT_VERSION},
    data::{dat, Value},
    matter, Sadder, Saider,
};

#[derive(Clone, Debug, PartialEq)]
pub(crate) struct Creder {
    code: String,
    raw: Vec<u8>,
    ked: Value,
    ident: String,
    kind: String,
    size: u32,
    version: Version,
    saider: Saider,
}

fn validate_ident(ident: &str) -> Result<()> {
    if ident != Identage::ACDC {
        return err!(Error::Value);
    }

    Ok(())
}

#[allow(dead_code)]
impl Creder {
    pub fn new(
        code: Option<&str>,
        raw: Option<&[u8]>,
        kind: Option<&str>,
        ked: Option<&Value>,
        sad: Option<&Self>,
    ) -> Result<Self> {
        let code = code.unwrap_or(matter::Codex::Blake3_256);
        let creder = Sadder::new(Some(code), raw, kind, ked, sad)?;
        validate_ident(&creder.ident())?;

        Ok(creder)
    }

    pub fn new_with_ked(ked: &Value, code: Option<&str>, kind: Option<&str>) -> Result<Self> {
        Self::new(code, None, kind, Some(ked), None)
    }

    pub fn new_with_raw(raw: &[u8]) -> Result<Self> {
        Self::new(None, Some(raw), None, None, None)
    }

    pub fn crd(&self) -> Value {
        self.ked()
    }

    pub fn issuer(&self) -> Result<String> {
        self.ked()[Ids::i].to_string()
    }

    pub fn schema(&self) -> Result<String> {
        self.ked()[Ids::s].to_string()
    }

    pub fn subject(&self) -> Value {
        self.ked()[Ids::a].clone()
    }

    pub fn status(&self) -> Result<Option<String>> {
        let map = self.ked().to_map()?;

        if map.contains_key("ri") {
            Ok(Some(map["ri"].to_string()?))
        } else {
            Ok(None)
        }
    }

    pub fn chains(&self) -> Result<Value> {
        let map = self.ked().to_map()?;

        if map.contains_key("e") {
            Ok(map["e"].clone())
        } else {
            Ok(dat!({}))
        }
    }
}

impl Default for Creder {
    fn default() -> Self {
        Creder {
            code: matter::Codex::Blake3_256.to_string(),
            raw: vec![],
            ked: dat!({}),
            ident: Identage::ACDC.to_string(),
            kind: Serialage::JSON.to_string(),
            size: 0,
            version: CURRENT_VERSION.clone(),
            saider: Saider::default(),
        }
    }
}

impl Sadder for Creder {
    fn code(&self) -> String {
        self.code.clone()
    }

    fn raw(&self) -> Vec<u8> {
        self.raw.clone()
    }

    fn ked(&self) -> Value {
        self.ked.clone()
    }

    fn ident(&self) -> String {
        self.ident.clone()
    }

    fn kind(&self) -> String {
        self.kind.clone()
    }

    fn size(&self) -> u32 {
        self.size
    }

    fn version(&self) -> Version {
        self.version.clone()
    }

    fn saider(&self) -> Saider {
        self.saider.clone()
    }

    fn set_code(&mut self, code: &str) {
        self.code = code.to_string();
    }

    fn set_raw(&mut self, raw: &[u8]) {
        self.raw = raw.to_vec();
    }

    fn set_ked(&mut self, ked: &Value) {
        self.ked = ked.clone();
    }

    fn set_ident(&mut self, ident: &str) {
        self.ident = ident.to_string();
    }

    fn set_kind(&mut self, kind: &str) {
        self.kind = kind.to_string();
    }

    fn set_size(&mut self, size: u32) {
        self.size = size;
    }

    fn set_version(&mut self, version: &Version) {
        self.version = version.clone();
    }

    fn set_saider(&mut self, saider: &Saider) {
        self.saider = saider.clone();
    }
}

            for (i, diger) in pserder.digers()?.iter().enumerate() {
                if !diger.verify(&verfers[i].raw())? {
                    return err!(Error::Verification);
                }
            }
needs to be added I believe.

# Use the official Python base image
FROM python:3.10

# Install required system packages
RUN apt-get update && \
    apt-get install -y git libsodium-dev curl

# Install Rust and Cargo
RUN curl --proto '=https' --tlsv1.2 -sSf  | sh -s -- -y

# Update the PATH environment variable to include Cargo
ENV PATH="/root/.cargo/bin:${PATH}"

# Clone the KERI repository
RUN git clone  /keripy

# Set the working directory to the KERI repository
WORKDIR /keripy

# Install KERI package and its dependencies using setup.py
RUN python -m pip install -e ./

# Set the working directory to /app
WORKDIR /app

# Copy api specific requirements.txt into the container
COPY app_requirements.txt ./

# Install Python dependencies from api specific requirements.txt
RUN pip install --no-cache-dir -r app_requirements.txt

# Make port 5050 available to the world outside this container
EXPOSE 5050

# Copy the current directory contents into the container at /app
COPY . .

# Set the ENTRYPOINT for the container
ENTRYPOINT ["sh", "entrypoint.sh"]

keri: Kever state: b'EJnwGc6EDoCrwqOy0KuQirScW9DJH9LFcmkxjEbhfAXY' Added to KEL valid event=
{
 "v": "KERI10JSON000234_",
 "t": "rot",
 "d": "EFipheqOSlqw3e6me_P1MiJ1wMUWQjA4vFSEn3BVv1Cv",
 "i": "EJnwGc6EDoCrwqOy0KuQirScW9DJH9LFcmkxjEbhfAXY",
 "s": "2",
 "p": "EGBlaW8bsmrm5MmgTSXKGFcVglKfPUn-LkNYwnM8a99B",
 "kt": [
  "0",
  "0",
  "1/2",
  "1/2"
 ],
 "k": [
  "DPFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
  "DPE9fWVXKz3eLDFN0YqSFeO2TS2teI7lW1x14ye3k9pR",
  "DIT638f_Ph1gLg9RhCiDbPj62Qp1NF3MVvXYsrbIgtyF",
  "DPgrQmeG7qQt1UnpjWmBaNpAPhvHf93rbrEEtQ1pSzKI"
 ],
 "nt": [
  "1",
  "1"
 ],
 "n": [
  "EIkIx_uZ5w1DVIdwWdbiRRCTsj14-F1kuGL81xb05GSX",
  "EA5t2o71moYZNvKVQ3RCaLmOacQXl3RgwWn7ib77eTea"
 ],
 "bt": "0",
 "br": [],
 "ba": [],
 "a": []
}
It should be clear which key I rotated out

keri: Parser msg non-extraction error: Failure satisfying nsith=['1', '1'] on sigs=['AACtfcyFNeFOjbByUWFDjM70tFdBxf5BRWChNNySlZIN-uamT2_kc_CGrcob4WRTIWTtIb5v1BtxonuKW3dsbc4B', 'ABA1BAbf32yZlhf0HxBlrrk_dUaqluvX4fjv7CRZY8qhA1JZq4qW2FdnReuPN3jEQODUBlXGHn11rNgmejRjqOsD', 'ACAeUpa4TpOwCk-LiNHwCxjEkR9w492hGHJkm3ixvryrm-T5TAa0tuKDKVnF5qWhwUsCf9EHM8s4HGEZjHdT1dsC'] for evt={'v': 'KERI10JSON000201_', 't': 'rot', 'd': 'EDDXZQ290PLKxid5_iHItvOlC2TD-2lgdoq3W-tkQ1_7', 'i': 'EMHcIZJvRZgszqcOEwFY_u50ytN2ZGMmMb8yyZ5aC4WH', 's': '2', 'p': 'EFi6G12KTBxVCjVMiy4pl_C7b8_lEzleRRlfARvdklOB', 'kt': ['0', '1/2', '1/2'], 'k': ['DPE9fWVXKz3eLDFN0YqSFeO2TS2teI7lW1x14ye3k9pR', 'DCGa1idTkUD4wTBgP02pN56wIcV2AWfcJlzop9SnDvXv', 'DCbVbczU9GaIT9BU6PtMA2vArTmRgudyJyWOTm7RJ9Cn'], 'nt': ['1', '1'], 'n': ['EIkIx_uZ5w1DVIdwWdbiRRCTsj14-F1kuGL81xb05GSX', 'EA5t2o71moYZNvKVQ3RCaLmOacQXl3RgwWn7ib77eTea'], 'bt': '0', 'br': [], 'ba': [], 'a': []}
I made my code pass. I'll post the KEL next and explain how.

{"v":"KERI10JSON000199_","t":"icp","d":"EMHcIZJvRZgszqcOEwFY_u50ytN2ZGMmMb8yyZ5aC4WH","i":"EMHcIZJvRZgszqcOEwFY_u50ytN2ZGMmMb8yyZ5aC4WH","s":"0","kt":["1/2","1/2"],"k":["DLQ0dV8X2SSaM0HWRQBMcdYVhvwaCesKbGdsfMuoUtU1","DDH-NjWAUQAuJtmoZ-3Vo0JThr-VK3PRZ5WClWh8ksXq"],"nt":["1","1"],"n":["EBgxbX-PxloGb-UzIuLGm9OHZ2h4yqSawHeqzxaSJVWR","EGtl5QBUy3O0BOFB5mCdOaOuy9cOTQ8mjaID_9B8quEc"],"bt":"0","b":[],"c":[],"a":[]}-VAt-AACAAAuic32VIDz7Op6JnKQ5_sgb7w52iOzybjeAK1nAUy_BYDPCvOJ2Qz198HcYiiGER97zq2p9ePNfGv5MZQY7ksJABA2AEsWcQtqV6rzd_W-BbnfVjm7YX66FTAfTx06RemPHcb3jJ_B9rS6aOOfyqXi88w0DaPHTAouOSRNvGO6pMMK
... some ixn events ...

{"v":"KERI10JSON000201_","t":"rot","d":"EDDXZQ290PLKxid5_iHItvOlC2TD-2lgdoq3W-tkQ1_7","i":"EMHcIZJvRZgszqcOEwFY_u50ytN2ZGMmMb8yyZ5aC4WH","s":"2","p":"EFi6G12KTBxVCjVMiy4pl_C7b8_lEzleRRlfARvdklOB","kt":["0","1/2","1/2"],"k":["DPE9fWVXKz3eLDFN0YqSFeO2TS2teI7lW1x14ye3k9pR","DCGa1idTkUD4wTBgP02pN56wIcV2AWfcJlzop9SnDvXv","DCbVbczU9GaIT9BU6PtMA2vArTmRgudyJyWOTm7RJ9Cn"],"nt":["1","1"],"n":["EIkIx_uZ5w1DVIdwWdbiRRCTsj14-F1kuGL81xb05GSX","EA5t2o71moYZNvKVQ3RCaLmOacQXl3RgwWn7ib77eTea"],"bt":"0","br":[],"ba":[],"a":[]}-VBD-AADAACtfcyFNeFOjbByUWFDjM70tFdBxf5BRWChNNySlZIN-uamT2_kc_CGrcob4WRTIWTtIb5v1BtxonuKW3dsbc4BABA1BAbf32yZlhf0HxBlrrk_dUaqluvX4fjv7CRZY8qhA1JZq4qW2FdnReuPN3jEQODUBlXGHn11rNgmejRjqOsDACAeUpa4TpOwCk-LiNHwCxjEkR9w492hGHJkm3ixvryrm-T5TAa0tuKDKVnF5qWhwUsCf9EHM8s4HGEZjHdT1dsC
Here's the pertinent Rust code to making these events be acceptable:

let mut v = vec![];
for index in verified_indices {
    v.push(&verfers[index as usize]);
}

let mut indices = vec![];
for (i, diger) in digers.iter().enumerate() {
    for verfer in &v {
        if Diger::new_with_ser(&verfer.qb64b()?, None)?.qb64()? == diger.qb64()? {
            indices.push(i as u32);
            break;
        }
    }
}

if !ntholder.satisfy(&indices)? {
    return err!(Error::Verification);
}
it basically allows reordering of keys, removal of keys, while still ensuring the prior next threshold is satisfied (with respect the previous next threshold indices)

let mut verified_digers = HashSet::new();
for index in verified_indices {
    let verfer = &verfers[index as usize];
    let diger = Diger::new_with_ser(&verfer.qb64b()?, None)?;
    verified_digers.insert(diger.qb64()?);
}

let mut indices = vec![];
for (i, diger) in digers.iter().enumerate() {
    if verified_digers.contains(&diger.qb64()?) {
        indices.push(i as u32);
    }
}

if !ntholder.satisfy(&indices)? {
    return err!(Error::Verification);
}

if tier == Tiers.low:
   opslimit = 2  # pysodium.crypto_pwhash_OPSLIMIT_INTERACTIVE
   memlimit = 67108864  # pysodium.crypto_pwhash_MEMLIMIT_INTERACTIVE
elif tier == Tiers.med:
   opslimit = 3  # pysodium.crypto_pwhash_OPSLIMIT_MODERATE
   memlimit = 268435456  # pysodium.crypto_pwhash_MEMLIMIT_MODERATE
elif tier == Tiers.high:
   opslimit = 4  # pysodium.crypto_pwhash_OPSLIMIT_SENSITIVE
   memlimit = 1073741824  # pysodium.crypto_pwhash_MEMLIMIT_SENSITIVE
I'm guessing that the harcoding is for protecting from changes on  the library.
Should we use the same pattern in the the typescript and  and rust implementations?

ERR: 'NoneType' object has no attribute 'accept' 
when trying to run
kli witness demo

bran = b'0123456789abcdefghijk'
client = SignifyClient(passcode=bran, tier=tier)

client.connect(url=url)

identifiers = client.identifiers()

aid = identifiers.create("aid1")
The above all occurs on the client. According to Rodolfo the User AID is used to send an inception event over the internet from the SignifyClient to the KERIA Agent during inception. This sets up a delegated AID (in SignifyTS) which is properly delegated from the User AID’s KEL to the Agent AID’s KEL through the use of seals.

The User AID can only be used by providing the passcode. It is only ever in volatile memory so as soon as the browser or mobile client is shut down then the User AID is removed.

What I’m still confused about are:
1. Whether credentials are issued to the User AID or Agent AIDs, which is similar to what you asked me yesterday.
2. Whether the User AID can be rotated as well as where the User KEL would be stored.
It appears the User KEL is never stored and is only created as needed on-the-fly to send an inception event one time at the beginning of setting up an agent.

lmdb.BadRslotError: mdb_txn_renew: MDB_BAD_RSLOT: Invalid reuse of reader locktable slot
Should this be an issue on the KERIA repository? The way I eliminate this error is by clearing out my entire .keri directory and starting fresh.

kli vc issue --name {my_keystore} \
             --alias {my_alias} \
             --registry-name {my_registry} \
             --schema {cred_schema_1} \
             --recipient ${person_aid} \
             --data @/path/to/mycred-data.json
Writing credential EC2zQ2mpXjJpF8GAyBWe4b_B2LCLR41aNFXR_lu-oo_J to credential.json
Waiting for TEL event witness receipts
Sending TEL events to witnesses
Credential issuance complete, sending to recipient
It hangs on that last line of output there. Why would that be?

I imagine I have to have a registry created first in the KERIA agent in order to receive a credential. Is that correct?

The *issue-ecr.sh* script didn’t show a registry issuance, though I’ll give it a shot and report back.

acdc:issued:its-SAID = { compact version of ACDC }
acdc:received:its-SAID = { compact version of ACDC }

// or just
acdc:issued = [ list of SAIDs ]
acdc:received = [ list of SAIDs ]
acdc:its-SAID = { compact version of ACDC }
...
note i use namespacing, useful for when scanning, i.e. in Redis (what type of KV db you'll use matters here). In `Sled` (Rust embedded KV) you'd need to model it differently.  Then for each attr, i.e.:
r:its-SAID = { content of r }
r:its-SAID = { content of roleAliability }
and similarly for any other attr.

Above approach requires many hits to DB so a
acdc:parts:its-SAID = [all keys of all parts of n-depth ACDC]
would improve it.

    "A": {
      "oneOf": [
        {
          "description": "Attribute aggregate digest",
          "type": "string"
        },
        {
          "$id": "",
          "description": "Attribute aggregate array",
          "type": "array",
          "minItems": 1,
          "maxItems": 3,
          "items": {
            "anyOf": [
              {
                "type": "object",
                "required": ["d", "u", "i"],
                "properties": {
                  "d": {
                    "description": "SAID of disclosable data",
                    "type": "string"
                  },
                  "u": {
                    "description": "Salty nonce",
                    "type": "string"
                  },
                  "i": {
                    "description": "Issuee AID",
                    "type": "string"    
                  }
                },
                "additionalProperties": false
              },
              {
                "type": "object",
                "required": ["d", "u", "claim"],
                "properties": {
                  "d": {
                    "description": "SAID of disclosable data",
                    "type": "string"
                  },
                  "u": {
                    "description": "Salty nonce",
                    "type": "string"
                  },
                  "legalName": {
                    "description": "Legal name",
                    "type": "string"    
                  }
                },
                "additionalProperties": false
              },
              {
                "type": "object",
                "required": ["d", "u", "age"],
                "properties": {
                  "d": {
                    "description": "SAID of disclosable data",
                    "type": "string"
                  },
                  "u": {
                    "description": "Salty nonce",
                    "type": "string"
                  },
                  "age": {
                    "description": "Age",
                    "type": "number"
                  }
                },
                "additionalProperties": false
              }
            ]
          }
        }
      ]
    }
and then I can create a blinded aggregate that contains three entries, but with age omitted and two, different legal names. If someone asks me to disclose my legal name, I can choose which to display. This seems very bad.

To alleviate this, when presenting the blinded array, could we not label each SAID with the data label used in the SAD it corresponds to? Maybe this is the intent. I think this also allows for saidifcation of the attributes themselves, so that we can use a SAID and not just a digest in the aggregate value when compacted (again, maybe that was the intent). I'll clarify what I mean in an example in a reply.

Additionally, without the labels, I can't really think of how to prevent this - so does that mean the merkle tree method of disclosing breaks down?

"A": "EGsHbUlJ1JSm63A2dzBmrWvLcKVb22_6OD0fL61KuZ3V"
or

"A": [
  "EJgDHAe0lS3dWPB7yT78O2d1xb_AuNecU8VMjykVTd4F",
  "EGcJzlAaalMxlFSfs2DPB7Tx7n3D7EKAWSXJaheVf_-P",
  "EOYM0KDlDPODdiUDL7Xp-XRjr9mif7Dv5ovMSGTRxyTA"
]
or

"A": [
  {
    "d": "EJgDHAe0lS3dWPB7yT78O2d1xb_AuNecU8VMjykVTd4F",
    "u": "0AB9VADfPtCQvFqp-u4BxUvy",
    "i": "ENoxXSSTfy8FDryU0J0av3IdHKqAb6aYBu0fIT5fvqfY"
  },
  {
    "d": "EGcJzlAaalMxlFSfs2DPB7Tx7n3D7EKAWSXJaheVf_-P",
    "u": "0ACsCxwKKCg0C9Hb7OX9ajbZ",
    "legalName": "Jason Colburne"
  },
  {
    "d": "EOYM0KDlDPODdiUDL7Xp-XRjr9mif7Dv5ovMSGTRxyTA",
    "u": "0ACbHEmnqeXUJFMf1G2Dj0BU",
    "age": 43
  }
]
and I am proposing the first two be disclosed like this:

"A": "EAVyu2rAKhx-kV0sVOKMDE4IFHQjmMyllmZfInBygwb0"
"A": {
  "d": "EAVyu2rAKhx-kV0sVOKMDE4IFHQjmMyllmZfInBygwb0",
  "i": "EJgDHAe0lS3dWPB7yT78O2d1xb_AuNecU8VMjykVTd4F",
  "legalName": "EGcJzlAaalMxlFSfs2DPB7Tx7n3D7EKAWSXJaheVf_-P",
  "age": "EOYM0KDlDPODdiUDL7Xp-XRjr9mif7Dv5ovMSGTRxyTA"
}
Does this make sense?

The primary difference between partial disclosure and selective disclosure is determined by the correlatability with respect to its encompassing block after its disclosure. A partially disclosable field becomes correlatable to its encompassing block after its disclosure whereas a selectively disclosable field does not. After selective disclosure, the selectively disclosed fields are not correlatable to the so-far undisclosed but selectively disclosable fields in the same encompassing block.

{
    "witness_0": {
        "dt": "2023-02-24T12:57:59.823350+00:00",
        "curls": [
            "",
            ""
        ]
    },
    "dt": "2023-02-24T12:57:59.823350+00:00",
    "iurls": []
}
What should be replace the `127.0.0.1` to use it as docker service ?

0 	Crnt 	[A0, A1, A2] 	            [1/2, 1/2, 1/2]              // Signing (current) keys of the inception event
0 	Next 	[H(A3), H(A4), H(A5)] 	    [1/2, 1/2, 1/2]              // Rotation (next) keys of the inception event
1 	Crnt 	[A3, A4, A5, A6, A7, A8] 	[0, 0, 0, 1/2, 1/2, 1/2]     // Signing (current) keys of the rotation event
1 	Next 	[H(A9), H(A10), H(A11)] 	[1/2, 1/2, 1/2]              // Rotation (next) keys of the rotation event
Now let me modify this example a bit by changing the thresholds of the rotation keys in the inception event and using just one of the previous next keys to rotate:

0 	Crnt 	[A0, A1, A2] 	            [1/2, 1/2, 1/2]              // Signing (current) keys of the inception event
0 	Next 	[H(A3), H(A4), H(A5)] 	    1                            // Rotation (next) keys of the inception event
1 	Crnt 	[A4, A6, A7, A8] 	        [0, 1/2, 1/2, 1/2]           // Signing (current) keys of the rotation event
1 	Next 	[H(A3), H(A10), H(A5)] 	    1                            // Rotation (next) keys of the rotation event
As you can see, I changed the rotation thresholds to *1* so *any* of the given rotation keys can sign a rotation.
As the rotation threshold is now 1 so any of the rotation keys is able to sign the rotation, I also only use one rotation keypair in the rotation current keylist (namely A4 instead of all three previous next keys A3, A4 and A5 as in the specs example). This allows me to only generate one new rotation keypair (namely A10) and keep the other rotation keys (namely A3 and A5) secret and unchanged.

*Question*:
(1) Is this valid? Or in other words, do I need to change all rotation keys in a rotation event or can I keep some of the old keys in case the threshold allows it?
(2) If this is valid, I assume it was unnecessary to expose all three rotation keys in the specs example as two (1/2 + 1/2) rotation keys would already have fullfilled the threshold?

0 	Crnt 	[A0, A1, A2] 	            [1/2, 1/2, 1/2]      
0 	Next 	[H(A3), H(A4), H(A5)] 	    1                      
1 	Crnt 	[A4, A6, A7, A8] 	        [0, 1/2, 1/2, 1/2]                            
Signing with `A4` means `index = 0` and `ondex = 1` .
Signing with `A6` means `index = 1` and `ondex = undefined` because this key is not specified in prior next list.

0 	Crnt 	[A0, A1, A2] 	            [1/2, 1/2, 1/2]      
0 	Next 	[H(A3), H(A4), H(A5)] 	    1                      
1 	Crnt 	[A3, A6, A7, A8] 	        [0, 1/2, 1/2, 1/2]     
Signing with `A3` means `index = 0` and `ondex = 0` . In other words, ondex does not need to be specified, it turns into index in the code.
Signing with `A6` means `index = 1` and `ondex = undefined`. But if undefined eventually turns into the value of index, meaning 1 then it makes no sense anymore.