Merge branch 'master' into feature/rc_1_4_0

Author: jovfer

README.md

@@ -1,46 +1,67 @@
-
-## Before you Continue
-
-If you haven't done so already, please visit the main resource for all things "Indy" to get acquainted with the code base, helpful resources, and up-to-date information: [Hyperledger Wiki-Indy](https://wiki.hyperledger.org/projects/indy).
-
 # Indy SDK
-
+![logo](https://raw.githubusercontent.com/hyperledger/indy-node/master/collateral/logos/indy-logo.png)
 This is the official SDK for [Hyperledger Indy](https://www.hyperledger.org/projects),
-which provides a distributed-ledger-based foundation for [self-sovereign identity](https://sovrin.org).
+which provides a distributed-ledger-based foundation for [self-sovereign identity](https://sovrin.org). Indy provides a software ecosystem for private, secure, and powerful identity, and the Indy SDK enables clients for it.
 The major artifact of the SDK is a c-callable
 library; there are also convenience wrappers for various programming languages and Indy CLI tool.
 
-All bugs, stories, and backlog for this project are managed through [Hyperledger's Jira](https://jira.hyperledger.org)
-in project IS (note that regular Indy tickets are in the INDY project instead...). Also, join
-us on [Hyperledger's Rocket.Chat](https://chat.hyperledger.org/) at #indy-sdk to discuss.
+All bugs, stories, and backlog for this project are managed through [Hyperledger's Jira](https://jira.hyperledger.org/secure/RapidBoard.jspa)
+in project IS (note that regular Indy tickets are in the INDY project instead...). Also, make sure to join
+us on [Hyperledger's Rocket.Chat](https://chat.hyperledger.org/) at #indy-sdk to discuss. You will need a Linux Foundation login to get access to these channels
+
+## Understanding Hyperledger Indy
+
+If you have just started learning about self-sovereign identity, here are some resources to increase your understanding:
+
+* This extended tutorial introduces Indy, explains how the whole ecosystem works, and how the
+functions in the SDK can be used to construct rich clients: [Indy-SDK Getting-Started Guide](doc/getting-started/getting-started.md)
+
+* A recent webinar explaining self-sovereign identity using Hyperledger Indy and Sovrin: [SSI Meetup Webinar](https://youtu.be/RllH91rcFdE?t=4m30s)
+
+* Visit the main resource for all things "Indy" to get acquainted with the code base, helpful resources, and up-to-date information: [Hyperledger Wiki-Indy](https://wiki.hyperledger.org/projects/indy).
+
+* You may also want to look at the [older guide](https://github.com/hyperledger/indy-node/blob/stable/getting-started.md)
+that explored the ecosystem via command line. That material is being
+rewritten but still contains some useful ideas.
+
+## How-To Tutorials
+
+Short, simple tutorials that demonstrate how to accomplish common tasks
+are also available. See the [doc/how-tos](doc/how-tos) folder.
 
+1. [Write a DID and Query Its Verkey](doc/how-tos/write-did-and-query-verkey/README.md)
+2. [Rotate a Key](doc/how-tos/rotate-key/README.md)
+3. [Save a Schema and Cred Def](doc/how-tos/save-schema-and-cred-def/README.md)
+4. [Issue a Credential](doc/how-tos/issue-credential/README.md)
+5. [Negotiate a Proof](doc/how-tos/negotiate-proof/README.md)
+6. [Send a Secure Message](doc/how-tos/send-secure-msg/README.md)
 
-## Installation
+## Installing the SDK
 ### Release channels
-Indy SDK release process defines the following release channels:
+The Indy SDK release process defines the following release channels:
 
 * `master` - development builds for each push to master branch.
 * `rc` - release candidates.
 * `stable` - stable releases.
 
-Please refer to [release workflow](doc/release-workflow.md) for more details.
+Please refer to our [release workflow](doc/release-workflow.md) for more details.
 
 ### Ubuntu based distributions (Ubuntu 16.04)
-It is recommended to install packages with APT:
+It is recommended to install the SDK packages with APT:
 
     sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 68DB5E88
     sudo add-apt-repository "deb https://repo.sovrin.org/sdk/deb xenial {release channel}"
     sudo apt-get update
     sudo apt-get install -y libindy
 
 {release channel} must be replaced with master, rc or stable to define corresponded release channel.
-See section "Release channels" for more details.
+Please See the section "Release channels" above for more details.
 
 ### Windows
 
-1. follow to https://repo.sovrin.org/windows/libindy/{release-channel}.
-2. download last version of libindy.
-3. unzip archives to directory, where you want to save working library.
+1. Go to https://repo.sovrin.org/windows/libindy/{release-channel}.
+2. Download last version of libindy.
+3. Unzip archives to the directory where you want to save working library.
 4. After unzip you will get next structure of files:
 
 * `Your working directory`
@@ -71,7 +92,7 @@ See [wrapper iOS install documentation](wrappers/ios/README.md "How to install")
 Pre-built libraries are not provided for MacOS. Please look [here](doc/mac-build.md)
 for details on building from source for MacOS.
 
-After building `libindy`, add the path containing the library the `LD_LIBRARY_PATH` and
+ **Note:** After building `libindy`, add the path containing the library the `LD_LIBRARY_PATH` and
 `DYLD_LIBRARY_PATH` environment variables. This is necessary for dynamically linking
 your application with `libindy`. The dynamic linker will first check for the library in
 `LD_LIBRARY_PATH` if the library in your application doesn't include directory names.
@@ -87,23 +108,24 @@ After successfully compiling `libindy`, you will need to add the path containing
 `LD_LIBRARY_PATH` environment variable. This is required for your application to link to
 `libindy`.
 
-## How to build
+## How to build Indy SDK from source
 
 * [Ubuntu based distributions (Ubuntu 16.04)](doc/ubuntu-build.md)
 * [RHEL based distributions (Amazon Linux 2017.03)](doc/rhel-build.md)
 * [Windows](doc/windows-build.md)
 * [MacOS](doc/mac-build.md)
 
 ## How to start local nodes pool with docker
+To test the SDK codebase with a virtual Indy node network, you can start a pool of local nodes using docker:
 
-Start local nodes pool on `127.0.0.1:9701-9708` with Docker:
+Start the pool of local nodes on `127.0.0.1:9701-9708` with Docker by running:
 
 ```
 docker build -f ci/indy-pool.dockerfile -t indy_pool .
 docker run -itd -p 9701-9708:9701-9708 indy_pool
 ```
 
- Dockerfile `ci/indy-pool.dockerfile` supports optional pool_ip param that allows
+ Dockerfile `ci/indy-pool.dockerfile` supports an optional pool_ip param that allows
  changing ip of pool nodes in generated pool configuration. The following commands
  allow to start local nodes pool in custom docker network and access this pool
  by custom ip in docker network:
@@ -115,7 +137,7 @@ docker run -itd -p 9701-9708:9701-9708 indy_pool
  ```
  Note that for Windows and MacOS this approach has some issues. Docker for these OS run in
  their virtual environment. First command creates network for container and host can't
- get access to that network because container placed on virtual machine. You must appropriate set up 
+ get access to that network because container placed on virtual machine. You must appropriate set up
  networking on your virtual environment. See the instructions for MacOS below.
 
 ### Docker port mapping on MacOS
@@ -159,23 +181,9 @@ details.
 * [iOS](wrappers/ios/README.md)
 
 ## Indy CLI documentation
-* [Indy CLI](cli/README.md)
-
-## Getting started
-
-This extended tutorial shows how the whole ecosystem works, and how
-functions in the SDK can be used to construct rich clients. (You may also
-want to look at the [older guide](https://github.com/hyperledger/indy-node/blob/stable/getting-started.md)
-that explored the ecosystem via command line. That material is being
-rewritten but still contains some useful ideas.)
-
-* [Libindy Getting-Started Guide](doc/getting-started/getting-started.md)
-
-## How Tos
-
-Short, simple tutorials that demonstrate how to accomplish common tasks
-are also available. See [the doc/how-tos folder](doc/how-tos).
+* An explanation of how to install the official command line interface for that provides commands to manage wallets and interactions with the ledger: [Indy CLI](cli/README.md)
 
 ## How to migrate
-The documents that provide necessary information for Libindy migration.
+The documents that provide necessary information for Libindy migration. This document is written for developers using Libindy 1.3.0 to provide necessary information and
+to simplify their transition to API of Libindy 1.4.0.
 * [v1.3.0 → v1.4.0](doc/migration-guide.md)

ci/acceptance/ubuntu_acceptance.dockerfile

@@ -14,8 +14,11 @@ RUN apt-get update && \
 RUN add-apt-repository ppa:jonathonf/python-3.6
 RUN apt-get update && \
       apt-get install -y \
-      python3.6 \
-      python3-pip
+      python3.5 \
+      python3-pip \
+      vim
+
+RUN pip3 install -U pip
 
 ARG indy_sdk_deb
 RUN echo ${indy_sdk_deb}
@@ -24,5 +27,5 @@ ADD ${indy_sdk_deb} indy-sdk.deb
 RUN dpkg -i indy-sdk.deb || apt-get install -y -f
 
 RUN useradd -ms /bin/bash indy
-WORKDIR /home/indy
 USER indy
+WORKDIR /home/indy

doc/before-and-after.png

@@ -0,0 +1,185 @@
+# How Credential Revocation Works
+
+This doc aims to explain credential revocation at a conceptual level.
+If this doc still feels too low-level, you might consider watching [this
+introductory video](https://drive.google.com/open?id=1FxdgkYwwLfpln6MnsZJAwnYjM6LpCoP0) from time offset 0:30 to 4:30.
+
+## Background: Cryptographic Accumulators
+
+Before explaining the mechanism in detail, it's necessary to understand
+__cryptographic accumulators__ at a very high level.
+We will try to avoid daunting math in our explanation.
+
+You can think of an accumulator as the product of multiplying many numbers
+together. In the equation `a * b * c * d = ` __`e`__,
+the accumulator would be __`e`__;
+it _accumulates_ a value as each new factor is multiplied in. We could
+plug in numbers; if `a`=2 and `b`=3 and `c`=5 and `d`=7, then our accumulator
+__`e`__ has a value of 210. If `e` has this value, we
+say that 3 is "in" `e` because it is a factor. If we want to take 3 out
+of the accumulator, we divide 210 by 3 and get 70 (=2*5*7); 3 has now been
+"removed".
+
+Notice that you can also produce __`e`__ by multiplying any single
+factor such as `a` by the product of all the other factors (`b * c * d`).
+This is a useful characteristic; it means you can tell someone else
+the value of `a` and _the product of all the other inputs to the accumulator,
+but not the other inputs themselves_, and they can produce the output.
+
+## Background: Tails Files
+
+In our simple example above, we only have 4 factors, and we are using small
+numbers. We are also using standard arithmetic, where you can reverse
+multiplication by dividing. In such a system, the contents of an accumulator
+can be reverse-engineered by simple prime factorization.
+
+To be useful for revocation, Indy's accumulators can't be reversible; that is,
+it must be the case that the only way to derive the accumulator
+value is to know the factors.
+We accomplish this by using modular arithmetic (where division is undefined),
+and by using massive numbers for the factors and accumulators.
+
+A __tails file__ is associated with an accumulator
+and its factors. It is a binary file that contains an
+array of randomly generated factors for an accumulator. Instead of small
+numbers like 2 and 3 and 7, these factors are massive numbers, far too
+big to display conveniently on a screen. Typically the quantity of these
+numeric factors in a tails file is large--hundreds of thousands to tens of
+millions.
+
+A tails file is not secret; it is published as plain text to the world
+and freely downloadable by anyone. The contents of this file never change.
+
+Each potential or actual credential issued by a particular issuer is
+assigned an index to an accumulator factor in a tails file. However,
+only credentials that have not been revoked contribute to the value of the
+accumulator. We will see how this works, below.
+
+![tails file and accumulator](tails.png)
+
+## Setup
+
+Before revocable credentials can be issued, a number of things must be
+true about the ecosystem:
+
+1. A __schema__ for each credential type
+   must be written to the ledger.
+   For example, if companies wish to issue proof of employment, then
+   a "Employee Credential" schema would need to be published. Similarly,
+   before birth certificate credentials can be issued, a "Birth Certificate"
+   schema would need to be defined and made available to the public. Any number
+   of issuers can reference the same schema. Schemas can be versioned and
+   evolved over time. Any individual or institution can write a schema
+   to the ledger; it does not require special privileges.
+
+2. Each issuer must publish on the ledger one __credential
+   definition__ for each credential type they intend
+   to create. The definition announces the issuer's intention to
+   create credentials that match a particular schema, and specifies the
+   keys that the issuer will use to sign such credentials. (The verkey+
+   signing key pair used to authenticate the issuer's DID should be kept
+   separate from the keys used to sign credentials, so that each key
+   pair can be rotated independently; it would be bad if a sysadmin
+   rotated a DID keypair and accidentally invalidated all credentials
+   issued by an institution...)
+
+3. Each issuer must also publish on the ledger a __revocation
+   registry__. This metadata references a credential definition and
+   specifies how revocation for that credential type will be handled.
+   The revocation registry tells which cryptographic __accumulator__
+   can be used to test revocation, and gives the URI and
+   hash of the associated __tails file__.
+
+4. Each issuer must publish on the ledger an accumulator value that
+   describes the revocation status for all associated credentials. This
+   accumulator must be updated on a periodic or as-needed basis. For
+   example, if a driver's license division revokes 3 licenses during a
+   given work day, then when they close their doors at 5 pm, they might
+   issue a ledger transaction that updates the accumulator value for
+   their driver's license credentials, removing the 3 revoked credentials
+   from the accumulator. What we mean by "removing" is as described above--
+   the factors listed in the tails file for the indexes associated with
+   the 3 revoked credentials are no longer multiplied into the accumulator.
+
+![before and after revocation](before-and-after.png)
+
+## How Revocation Will Be Tested
+
+Let us now skip ahead to think about what needs to happen much later.
+When a prover gives proof to a verifier, we normally think about the proof
+as focusing on core information demands: _What is your birthdate?_ _Please
+disclose your address_. This is __primary proof__.
+
+But there is another dimension of proof that's also necessary: _The prover
+must demonstrate that the credentials behind the primary proof have not
+been revoked._ This is called __proof of non-revocation__.
+
+In Indy, proof of non-revocation is accomplished by having provers show
+that they can derive the value of the accumulator for their credential
+using a factor for the accumulator that they know, plus the product of
+all other factors.
+The verifier can see that the prover produces the right answer (because
+the answer is on the ledger), but does not know certain details of how the
+prover derived it. The issuer can revoke by changing the answer to the
+math problem in a way that defeats the prover.
+
+## Preparing for Revocation at Issuance
+
+When a credential is issued, the actual credential file is transmitted
+to the holder (who will later become a prover). In addition, the issuer
+communicates two other pieces of vital information:
+
+* The index corresponding to this credential, in the tails file. This
+  lets the holder look up their private factor, which we could map to
+  `a` in the simple equation from the accumulator background section
+  at the top of the doc.
+* The product of the _other_ factors contributing to the accumulator (all
+  factors except the private one for this credential).
+  This value is like `b * c * d` from the simple equation above, and
+  is called a __witness__.
+
+## Presenting Proof of Non-Revocation
+
+When the prover needs to demonstrate that her credential is not revoked,
+she shows that she can provide math that derives the accumulator value
+on the ledger using her private factor times the witness. She does this
+without actually disclosing what her private value is; this is important
+to avoid correlation.
+
+But there is a complication: what if the accumulator has changed value
+since the time the credential was issued? In this case, the private
+factor times the witness will not equal the accumulator...
+
+This is handled by requiring accumulator updates to also publish a
+__witness delta__ as part of the same transaction.
+This tells provers how to adjust their witness (referencing other indexes
+in the public tails file) to bring it back into
+harmony with the current value of the accumulator. Updating witnesses
+requires the prover (but not the verifier) to download the tails file.
+
+## Putting It All Together
+
+This discussion has suppressed some details. The math has been simplified,
+and we haven't discussed how an issuer copes with multiple tails files
+and revocation registries, or why that might be desirable. However, the
+broad flow of the mechanism should be apparent, and its features are
+now easy to summarize:
+
+* Issuers revoke by changing a number on the ledger. They can revoke
+  as many credentials as they want in a single transaction, since
+  they are just changing the answer to a math problem that either does
+  or doesn't include the factors they choose. Issuers do not have to
+  contact anybody--provers or verifiers--to revoke. Changes take place
+  globally, the instant the accumulator update transaction appears
+  on the ledger.
+* Revocation is reversible.
+* Provers demonstrate proof of non-revocation in a privacy-preserving
+  way. They cannot be correlated by something like a credential ID or
+  a tails index. This is radically different from a revocation list
+  approach, which requires correlation to test.
+* Verification of proof of non-revocation is extremely easy and cheap.
+  No tails files are needed by verifiers, and computation is trivial.
+  Proving non-revocation is somewhat more expensive for provers, but
+  is also not overly complex.
+* Verifiers do not need to contact issuers or consult a revocation list
+  to test revocation.