IETF Logo Mail Archive

Re: [Sat] Lock-Evidence artifact type/enumeration

Denis Avrilionis <denis@compell.io> Wed, 08 February 2023 09:30 UTC

Return-Path: <denis@compell.io>
X-Original-To: sat@ietfa.amsl.com
Delivered-To: sat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A72C14CE33 for <sat@ietfa.amsl.com>; Wed, 8 Feb 2023 01:30:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.085
X-Spam-Level:
X-Spam-Status: No, score=-7.085 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=compell.io
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PWDDDP5JGXGf for <sat@ietfa.amsl.com>; Wed, 8 Feb 2023 01:30:28 -0800 (PST)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3ACAAC14CEE4 for <sat@ietf.org>; Wed, 8 Feb 2023 01:30:28 -0800 (PST)
Received: by mail-wr1-x42e.google.com with SMTP id bu23so224987wrb.8 for <sat@ietf.org>; Wed, 08 Feb 2023 01:30:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=compell.io; s=google; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=YHmdFyWo+IGaC5nYNz+QDnJEMx96Z4Z1lB+sCGp36YU=; b=Sux7wDYhZCEpRSQgVK5xqE2/aCO6sIMq0jT9oNjP92eWWBPMdn9txsmL7jNHka6yGR l20qhmKBTOqToLKxt3MsRVjqgnC9JpUu8ZU7iXyybN06VRz45OYtO7yXFcmCGJFv5NSE MhEPiFrN1NK9FUEru9MxQr4NsO1yPA0ufrY5iJQOhK4BaLhnIhKqZXGziHIAWIu8H2jr K4AirrNlldpo0EjWHBgWVDSYHbHNL6mLfrpL5zNjVdVjE6hNJrI63uPHval8jW0runWo M3ZmLxJm1RJiUD6SA2D2S/VxcPUAGCXUGoRllbue57tkIyKN0t8Qq0m1bSKbGPpvPjhT azFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=YHmdFyWo+IGaC5nYNz+QDnJEMx96Z4Z1lB+sCGp36YU=; b=kKaHv8IzufmtcvXYFPuR+NomSlSevD6tgovqJrGC1QTHVCIRXoWKKQc06vGWNAcB0M 3XoN3hsV3tAcmXl1xduOn9bpBETPbSMqHkPOrnL90xpuRxyDUUx2Bzx+6AJibDXTMPGc 798TIKV9VxPlWbpt2WlDtN78FjOUNmw51RVscXz7RE5XKE055J4lihExgai7MTdgNquk Hvh9PBBgkfcOFVH0yVfkNnp43/dY40CH5NlZkv8s1qlvEhMZNqnOhpxbRh0Q39xHxDXE 4/LUUNaTHKYw/9lbXam6cZ1m88R3dzkLsEudTthtYKc9UjLi0eRtAXI9IeARUIs/VgCF jMDg==
X-Gm-Message-State: AO0yUKWQfNsbIcNuAN40B6YYhLVfejAxezaO1UKNtp0txPOjL2SOiLGk YBHGw6T2u9iWuGgShBJe+YI8SKjrHr6eCwFu4QQ9ug==
X-Google-Smtp-Source: AK7set8AX++1UCc0N/IBFRGrsbLTZbFKX4JDwdX6nvEo0kkp0ggfDTlFS7ew4kGfh6Ye530kHp30fg==
X-Received: by 2002:adf:ec52:0:b0:2bd:de40:21f9 with SMTP id w18-20020adfec52000000b002bdde4021f9mr5878244wrn.61.1675848626587; Wed, 08 Feb 2023 01:30:26 -0800 (PST)
Received: from smtpclient.apple ([146.0.216.87]) by smtp.gmail.com with ESMTPSA id h12-20020adff4cc000000b002c3d814cc63sm12229911wrp.76.2023.02.08.01.30.24 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Feb 2023 01:30:26 -0800 (PST)
From: Denis Avrilionis <denis@compell.io>
Message-Id: <DE4A1A03-D67D-42FE-A724-402BDDFE4F2A@compell.io>
Content-Type: multipart/alternative; boundary="Apple-Mail=_32A136B1-0A85-4408-B7CF-C562A4453DBD"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Wed, 08 Feb 2023 11:30:23 +0200
In-Reply-To: <ME3PR01MB81135D736C0A58CDF8398C9ED1D89@ME3PR01MB8113.ausprd01.prod.outlook.com>
Cc: "sat@ietf.org" <sat@ietf.org>
To: "Chen, Shiping (Data61, Eveleigh)" <Shiping.Chen@data61.csiro.au>, Orie Steele <orie@transmute.industries>, Thomas Hardjono <hardjono@mit.edu>
References: <26754e6a5b784d4586773a4a506f9f20@oc11expo23.exchange.mit.edu> <ME3PR01MB811346CE9BB65C0EC0873692D1DB9@ME3PR01MB8113.ausprd01.prod.outlook.com> <CAN8C-_J75sJstAUo9YB+M00vZu6g9DUsAWi11+ZEBOeAEVbANg@mail.gmail.com> <ME3PR01MB81135D736C0A58CDF8398C9ED1D89@ME3PR01MB8113.ausprd01.prod.outlook.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sat/g9eowTpPixC5rooh3MzeFqVq6ss>
Subject: Re: [Sat] Lock-Evidence artifact type/enumeration
X-BeenThere: sat@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "The purpose of this mailing-list is to discuss the secure asset transfer \(SAT\) protocol and related aspects." <sat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sat>, <mailto:sat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sat/>
List-Post: <mailto:sat@ietf.org>
List-Help: <mailto:sat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sat>, <mailto:sat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2023 09:30:32 -0000

Dear Shiping, Orie, Thomas,

Going in the direction of Shiping, one aspect that we may consider is that gateways depend on networks whereas the networks don’t have dependencies on gateways. Therefore we could consider a gateway identity that follows the identification of a given network (see some "network-specific” DID methods in section 14 (registries) here: https://www.w3.org/TR/did-spec-registries/): such a method could look like this:

did:gateway:tz:tz1aaYoabvj2DQtpHz74Z83fSNjY29asdBfZ

the “gateway” is the method, whereas the "tz:tz1aaYoabvj2DQtpHz74Z83fSNjY29asdBfZ" is the method-specific-id of the DID “gateway" method (gateway is kind a of “meta” method)

As defined in https://www.w3.org/TR/did-core/#did-syntax the method-specific-id could be used to contain complete DID methods of “cascade” DIDs. In the example above we should implement the resolution part of the “gateway” part, then define explicitly which resolver we would use to continue verification of the method-specific-id (for example a did “tz” for the tezos registry resolver that would take care of "tz:tz1aaYoabvj2DQtpHz74Z83fSNjY29asdBfZ”). In such a case we wouldn’t need to implement cascade resolvers, we could just state which resolver we would use to verify the cascade part.  

Denis

> On 8 Feb 2023, at 03:18, Chen, Shiping (Data61, Eveleigh) <Shiping.Chen@data61.csiro.au> wrote:
> 
> Thank Orie for your input to this discussion.
>  
> >There are 2 possible DID "strings", not sure which would be best for your use case
>  
> I mean the 1st, i.e. the DiD string, instead of a specific service.
> Please refer to https://datatracker.ietf.org/doc/draft-chen-dlt-gateway-identification/ <https://datatracker.ietf.org/doc/draft-chen-dlt-gateway-identification/> for its rationale and details.
>  
> Since it is still in draft, we are open and welcome to other solutions/suggestions.
>  
>  
>  
> Cheers
> -
> Shiping
>  
> From: Orie Steele <orie@transmute.industries <mailto:orie@transmute.industries>> 
> Sent: Wednesday, 8 February 2023 12:57 AM
> To: Chen, Shiping (Data61, Eveleigh) <Shiping.Chen@data61.csiro.au <mailto:Shiping.Chen@data61.csiro.au>>
> Cc: sat@ietf.org <mailto:sat@ietf.org>; Thomas Hardjono <hardjono@mit.edu <mailto:hardjono@mit.edu>>
> Subject: Re: [Sat] Lock-Evidence artifact type/enumeration
>  
> There are 2 possible DID "strings", not sure which would be best for your use case:
> 
> ## DID
> 
> did:example:123
> 
> This resolves to cryptographic keys for relationships, such as authentication or assertion, and services for interacting with the DID Subject.
> 
> ## DID URL
> 
> did:example:123/resources/456?query=789#fragment-123
> 
> This can dereference resources internal to the DID or external to it... it tends to be more "method specific", so not all methods will support it to the same degree.
> 
> It sounds to me like you are discussing a "service" which might be identified like this:
> 
> did:web:gateway.example#gateway-42
> 
> where there is a service in the DID Document that looks like this:
> 
> ```
>  "service": [{
>     "id": "did:web:gateway.example#gateway-42",
>     "type": "SATPGateway",
>     "serviceEndpoint": "https://gateway.example/api/ <https://gateway.example/api/>"
>   }]
> ```
> 
> Regards,
> 
> OS
>  
> On Mon, Feb 6, 2023 at 7:43 PM Chen, Shiping (Data61, Eveleigh) <Shiping.Chen@data61.csiro.au <mailto:Shiping.Chen@data61.csiro.au>> wrote:
> > gateway-ID":  "mygateway.com/gw1 <http://mygateway.com/gw1>
> 
> Its value would/can be a DiD string if being standardized, something like: did:gateway:dwu231dwh, which is resolvable by 1 or multiple DiD repository services.
> 
> 
> Cheers
> -
> Shiping
> 
> -----Original Message-----
> From: sat <sat-bounces@ietf.org <mailto:sat-bounces@ietf.org>> On Behalf Of Thomas Hardjono
> Sent: Tuesday, 7 February 2023 3:01 AM
> To: sat@ietf.org <mailto:sat@ietf.org>
> Subject: [Sat] Lock-Evidence artifact type/enumeration
> 
> 
> Hi All,
> 
> I recently received an interesting question about SATP Core and the lock-evidence.
> 
> The specific question was about (a) what does the Lock-Evidence artifact (data structure) look like and who will spec it (IETF?), and (b) how to assign some kind of identification to the *type* of the lock (because each network/ledger will have its own data structure).
> 
> 
> The lock-evidence structure must have enough information (e.g. block number; record number) to allow the authorized third party (e.g. auditor) to later verify that the Lock-Evidence is true/accurate. This need is independent from the fact the GW1 has signed the message 2.5 (carrying the Lock-Evidence) and is now liable in the case that it makes a mistake or is lying (or was hacked).
> 
> The information stated in the Lock-Evidence may also need to be recorded in the Receipt from GW2 to GW1 at the end of the flows in message 3.8.
> 
> As reference, here is the link to the current message-flow diagram (v15):
> 
> https://bit.ly/3Yw20BT <https://bit.ly/3Yw20BT>
> 
> 
> There are at least 2 places in the message-flow diagram that the type of the lock/ledger needs to be stated.
> 
> The first mention is in Stage-0 when gateway GW1 and GW2 are negotiating artifacts and parameters.  
> 
> The second mention is in message 2.5 in the message-flow diagram, which is also in SATP Core draft in Section 8.3:
> 
>    *  lock_evidence_claim REQUIRED.  The lock or escrow evidence (on the
>       network behind the client).
> 
>    *  lock_claim_format OPTIONAL.  The format of the evidence.
> 
>    *  lock_evidence_expiration REQUIRED.  The duration of time of lock
>       on the asset (after which the lock is released).
> 
> 
> I sketched the following lock-evidence structure (in JSON notation) that could be used in the lock_evidence_claim:
> 
> {
>        "gateway-ID":  "mygateway.com/gw1 <http://mygateway.com/gw1>"
>        "lock-evidence type":  "escrow", 
>        "network-ID":  "7777xa"              [32-byte identifier EIP3220]
>        "block number": "775,306bla",
>        "block hash": "0000-39ca",
>        "escrow holder":  "b7bd-159d"     [hash of address]
>        ...
> }
> 
> 
> Thoughts?
> 
> 
> More questions:
> 
> -- Do we need some kind of IANA registration for the lock-evidence type value (e.g. alphanumeric)?
> 
> -- Is there some similarity of requirements between Views and the lock-evidence type?
> 
> 
> 
> best
> --thomas
> 
> 
> 
> 
> -- 
> sat mailing list
> sat@ietf.org <mailto:sat@ietf.org>
> https://www.ietf.org/mailman/listinfo/sat <https://www.ietf.org/mailman/listinfo/sat>
> 
> -- 
> sat mailing list
> sat@ietf.org <mailto:sat@ietf.org>
> https://www.ietf.org/mailman/listinfo/sat <https://www.ietf.org/mailman/listinfo/sat>
> 
>  
> -- 
> ORIE STEELE
> Chief Technical Officer
> www.transmute.industries <http://www.transmute.industries/>
>  
>  <https://www.transmute.industries/>-- 
> sat mailing list
> sat@ietf.org <mailto:sat@ietf.org>
> https://www.ietf.org/mailman/listinfo/sat <https://www.ietf.org/mailman/listinfo/sat>

v2.23.0 | Report a Bug | By Email