feat: implement proof micro service

apps/proof-manager/tsconfig.app.json

+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "module": "commonjs",
+    "types": ["node"],
+    "emitDecoratorMetadata": true,
+    "target": "es2015"
+  },
+  "exclude": ["jest.config.ts", "src/**/*.spec.ts", "src/**/*.test.ts"],
+  "include": ["src/**/*.ts"]
+}

apps/proof-manager/tsconfig.json

+{
+  "extends": "../../tsconfig.base.json",
+  "files": [],
+  "include": [],
+  "references": [
+    {
+      "path": "./tsconfig.app.json"
+    },
+    {
+      "path": "./tsconfig.spec.json"
+    }
+  ],
+  "compilerOptions": {
+    "esModuleInterop": true
+  }
+}

apps/proof-manager/tsconfig.spec.json

+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "outDir": "../../dist/out-tsc",
+    "module": "commonjs",
+    "types": ["jest", "node"]
+  },
+  "include": [
+    "jest.config.ts",
+    "src/**/*.test.ts",
+    "src/**/*.spec.ts",
+    "src/**/*.d.ts"
+  ]
+}

apps/proof-manager/webpack.config.js

+const { composePlugins, withNx } = require("@nx/webpack");
+
+// Nx plugins for webpack.
+module.exports = composePlugins(withNx(), (config) => {
+  // Update the webpack config as needed here.
+  // e.g. `config.plugins.push(new MyPlugin())`
+  return config;
+});

compose/docker-compose.infra.yml

+version: '3.8'
+
+services:
+  pg_db:
+    image: 'postgres:latest'
+    ports:
+      - '5432:5432'
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    volumes:
+      - ./data/db/:/var/lib/postgresql/data/
+
+  broker:
+    command: ["-js", "-sd", "/data", "-m","8222", "-D"]
+    container_name: broker
+    image: 'nats:latest'
+    ports:
+      - '4222:4222' #Nats server port
+      - '8222:8222' #Nats server Monitering port
+    volumes:
+      - ./data/nats/:/data/
+

compose/docker-compose.yml

 version: '3.8'
 
 services:
+
+  #===================== ISSUER =========================#
+
   agent-issuer:
+    labels:
+      - "traefik.http.routers.agent-issuer.rule=Host(`agent-issuer.local`)"
+      - "traefik.http.routers.agent-issuer.entrypoints=web"
+    profiles:
+      - issuer
     container_name: agent-issuer
     build:
       context: "../"
       dockerfile: "./apps/agent/deployment/Dockerfile"
     env_file:
       - ./env/issuer.env
-    ports:
-      - "8080:8080"
-      - "8001:8001"
+#    ports:
+#      - "8080:8080"
+#      - "8001:8001"
     depends_on:
       pg_db:
         condition: service_started
-      broker:
+      broker-issuer:
         condition: service_started
 
   gateway-issuer:
+    labels:
+      - "traefik.http.routers.gateway-issuer.rule=Host(`gateway-issuer.local`)"
+      - "traefik.http.routers.gateway-issuer.entrypoints=web"
+    profiles:
+      - issuer
     container_name: gateway-issuer
     build:
       context: "../"
       dockerfile: "./apps/gateway/deployment/Dockerfile"
     env_file:
       - ./env/issuer.env
-    ports:
-      - "8081:8081"
-      - "8881:8881"
+#    ports:
+#      - "8081:8081"
+#      - "8881:8881"
     depends_on:
       cm-issuer:
         condition: service_started
 
   cm-issuer:
+    profiles:
+      - issuer
     container_name: cm-issuer
     build:
       context: "../"
@@ -41,10 +56,12 @@ services:
     ports:
       - "8882"
     depends_on:
-      broker:
+      broker-issuer:
         condition: service_started
 
   am-issuer:
+    profiles:
+      - issuer
     container_name: am-issuer
     build:
       context: "../"
@@ -54,10 +71,114 @@ services:
     ports:
       - "8883"
     depends_on:
-      broker:
+      broker-issuer:
+        condition: service_started
+
+  pm-issuer:
+    profiles:
+      - issuer
+    container_name: pm-issuer
+    build:
+      context: "../"
+      dockerfile: "./apps/proof-manager/deployment/Dockerfile"
+    env_file:
+      - ./env/issuer.env
+    ports:
+      - "8884"
+    depends_on:
+      broker-issuer:
+        condition: service_started
+
+#===================== holder =========================#
+
+  agent-holder:
+    labels:
+      - "traefik.http.routers.agent-issuer.rule=Host(`agent-holder.local`)"
+      - "traefik.http.routers.agent-issuer.entrypoints=web"
+    profiles:
+      - holder
+    container_name: agent-holder
+    build:
+      context: "../"
+      dockerfile: "./apps/agent/deployment/Dockerfile"
+    env_file:
+      - ./env/holder.env
+#    ports:
+#      - "8080:8080"
+#      - "8001:8001"
+    depends_on:
+      pg_db:
+        condition: service_started
+      broker-holder:
+        condition: service_started
+
+  gateway-holder:
+    labels:
+      - "traefik.http.routers.gateway-issuer.rule=Host(`gateway-holder.local`)"
+      - "traefik.http.routers.gateway-issuer.entrypoints=web"
+    profiles:
+      - holder
+    container_name: gateway-holder
+    build:
+      context: "../"
+      dockerfile: "./apps/gateway/deployment/Dockerfile"
+    env_file:
+      - ./env/holder.env
+#    ports:
+#      - "8081:8081"
+#      - "8881:8881"
+    depends_on:
+      cm-holder:
+        condition: service_started
+
+  cm-holder:
+    profiles:
+      - holder
+    container_name: cm-holder
+    build:
+      context: "../"
+      dockerfile: "./apps/connection-manager/deployment/Dockerfile"
+    env_file:
+      - ./env/holder.env
+    ports:
+      - "8882"
+    depends_on:
+      broker-holder:
+        condition: service_started
+
+  am-holder:
+    profiles:
+      - holder
+    container_name: am-holder
+    build:
+      context: "../"
+      dockerfile: "./apps/attestation-manager/deployment/Dockerfile"
+    env_file:
+      - ./env/holder.env
+    ports:
+      - "8883"
+    depends_on:
+      broker-holder:
+        condition: service_started
+
+  pm-holder:
+    profiles:
+      - holder
+    container_name: pm-holder
+    build:
+      context: "../"
+      dockerfile: "./apps/proof-manager/deployment/Dockerfile"
+    env_file:
+      - ./env/holder.env
+    ports:
+      - "8884"
+    depends_on:
+      broker-holder:
         condition: service_started
 
 
+  #===================== INFRA =========================#
+
   pg_db:
     image: 'postgres:latest'
     ports:
@@ -68,12 +189,41 @@ services:
     volumes:
       - ./data/db/:/var/lib/postgresql/data/
 
-  broker:
+  broker-issuer:
+    profiles:
+      - issuer
     command: ["-js", "-sd", "/data", "-m","8222", "-D"]
-    container_name: broker
+    container_name: broker-issuer
     image: 'nats:latest'
     ports:
-      - '4222:4222' #Nats server port
+      - '4222' #Nats server port
       - '8222:8222' #Nats server Monitering port
     volumes:
-      - ./data/nats/:/data/
+      - ./data/issuer/nats/:/data/
+
+
+  broker-holder:
+    profiles:
+      - holder
+    command: ["-js", "-sd", "/data", "-m","8222", "-D"]
+    container_name: broker-holder
+    image: 'nats:latest'
+    ports:
+      - '4222' #Nats server port
+      - '8223:8222' #Nats server Monitering port
+    volumes:
+      - ./data/holder/nats/:/data/
+
+  reverse-proxy:
+    image: traefik:v2.10.1
+    command:
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.webextra.address=:8001"
+    ports:
+      - "80:80"
+      - "8001:8001"
+      - "8080:8080"
+    volumes:
+      - ./data/var/run/docker.sock:/var/run/docker.sock

compose/env/holder.env

-AGENT_PEER_URL="http://holder:6000"
-AGENT_NAME=HOLDER_LOCAL
-AGENT_KEY=HwNJroKHTSSJ3XvE7ZAnuKiTn2C4QkFvxEqfm5rzhNrh
-AGENT_DID_SEED=900000000000000000000000TCUste21
-
 LEDGERS="BCOVRIN_TEST"
-IDUNION_KEY="a"
+IDUNION_KEY=
 
+AGENT_PEER_URL="http://agent-holder:8001"
+AGENT_NAME=DEV_AGENT_HOLDER_OCM # this should be changed to company name
+AGENT_KEY=HwNJroKHTSSj3XvE7ZAnuKiTn2C4QkFvxEqfm5rzhNrh #example random string
+AGENT_DID_SEED=200000000000000000000000TCuste21 #did private key seed min lenght 32
 AGENT_DB_HOST=pg_db:5432
 AGENT_DB_USER=postgres
 AGENT_DB_PASS=postgres
-PORT=5001
+AGENT_PORT=8081
+AGENT_CONSUMER_NAME=agent_1
+AGENT_IS_REST=false
+AGENT_MAX_MESSAGES=10
+AGENT_RETE_LIMIT=5
+
+NATS_SERVERS=broker-holder:4222
+NATS_STREAM_NAME=ssi_holder_stream
+NATS_SUBJECTS="connections.*,proofs.*,credentials.*,schemas.*"
+
+GATEWAY_HTTP_PORT=8081
+GATEWAY_TCP_PORT=8881
+GATEWAY_SOCKET_EVENT_NAME=message
+GATEWAY_MESSAGE_PATTERN=webhook
+GATEWAY_HOST=gateway-holder
+
+CONNECTION_SERVICE_TCP_PORT=8882
+CONNECTION_SERVICE_HOST=cm-holder
+
+ATTESTATION_SERVICE_TCP_PORT=8883
+ATTESTATION_SERVICE_HOST=ap-holder
+
+PROOF_SERVICE_TCP_PORT=8884
+PROOF_SERVICE_HOST=pm-holder

compose/env/issuer.env

 LEDGERS="BCOVRIN_TEST"
 IDUNION_KEY=
 
-AGENT_PEER_URL="http://0.0.0.0:8001"
-AGENT_NAME=DExcVasd_AGENT_45
-AGENT_KEY=HwNJroKHTSSj3XvE7ZAnuKiTn2C4QkFvxEqfm5rzhNrh
-AGENT_DID_SEED=200000000000000000000000TCuste21
+AGENT_PEER_URL="http://agent-issuer:8001"
+AGENT_NAME=DEV_AGENT_ISSUER_OCM # this should be changed to company name
+AGENT_KEY=HwNJroKHTSSj3XvE7ZAnuKiTn2C4QkFvxEqfm5rzhNrh #example random string
+AGENT_DID_SEED=200000000000000000000000TCuste21 #did private key seed min lenght 32
 AGENT_DB_HOST=pg_db:5432
 AGENT_DB_USER=postgres
 AGENT_DB_PASS=postgres
@@ -14,8 +14,8 @@ AGENT_IS_REST=false
 AGENT_MAX_MESSAGES=10
 AGENT_RETE_LIMIT=5
 
-NATS_SERVERS=broker:4222
-NATS_STREAM_NAME=ssi_12
+NATS_SERVERS=broker-issuer:4222
+NATS_STREAM_NAME=ssi_issuer_stream
 NATS_SUBJECTS="connections.*,proofs.*,credentials.*,schemas.*"
 
 GATEWAY_HTTP_PORT=8081
@@ -27,5 +27,8 @@ GATEWAY_HOST=gateway-issuer
 CONNECTION_SERVICE_TCP_PORT=8882
 CONNECTION_SERVICE_HOST=cm-issuer
 
-CONNECTION_SERVICE_TCP_PORT=8883
-CONNECTION_SERVICE_HOST=am-issuer
+ATTESTATION_SERVICE_TCP_PORT=8883
+ATTESTATION_SERVICE_HOST=ap-issuer
+
+PROOF_SERVICE_TCP_PORT=8884
+PROOF_SERVICE_HOST=pm-issuer

libs/asker/src/agent.utils.ts

@@ -11,6 +11,7 @@ import {
   TypedArrayEncoder,
   V2CredentialProtocol,
   V2ProofProtocol,
+  WalletError,
   WalletKeyExistsError,
 } from "@aries-framework/core";
 import {
@@ -62,7 +63,7 @@ export const generateKey = async ({
 
   try {
     return await agent.wallet.createKey({
-      privateKey,
+      seed: privateKey,
       keyType: KeyType.Ed25519,
     });
   } catch (e) {
@@ -75,8 +76,11 @@ export const generateKey = async ({
       return Key.fromPublicKey(c.publicBytes, KeyType.Ed25519);
     }
 
-    console.log(JSON.stringify(e, null, 2));
-    throw new Error("Failed to create key");
+    if (e instanceof WalletError) {
+      throw new Error(`Failed to create key - ${e.message}`);
+    }
+
+    throw new Error("Unknown");
   }
 };
 

libs/asker/src/asker-nats/agent.consumer.service.ts

@@ -11,6 +11,7 @@ import { IConfAgent } from "@ocm-engine/config";
 import { GatewayClient } from "@ocm-engine/clients";
 import {
   AcceptCredentialOfferRequestDto,
+  AcceptProofRequestDto,
   CONNECTION_ACCEPT,
   CONNECTION_CREATE,
   CONNECTION_GET,
@@ -26,6 +27,10 @@ import {
   GetConnectionRequestDto,
   GetSchemaRequestDto,
   IssueCredentialRequestDto,
+  IssueProofRequestDto,
+  PROOF_ACCEPT,
+  PROOF_ISSUE,
+  PROOF_LIST,
   SCHEMA_CREATE,
   SCHEMA_GET,
   SCHEMA_LIST,
@@ -111,6 +116,21 @@ export class AgentConsumerService implements OnModuleInit, OnModuleDestroy {
           data = await this.agentService.acceptCredential(
             dto.credentialRecordId,
           );
+          break;
+
+        case PROOF_ISSUE:
+          dto = event.data as IssueProofRequestDto;
+          data = await this.agentService.issueProof(dto);
+          break;
+
+        case PROOF_LIST:
+          data = await this.agentService.proofs();
+          break;
+
+        case PROOF_ACCEPT:
+          dto = event.data as AcceptProofRequestDto;
+          data = await this.agentService.acceptProof(dto.proofRecordId);
+          break;
       }
 
       event.data = data;

libs/asker/src/asker/asker.service.ts

@@ -55,7 +55,6 @@ export class AskerService implements OnModuleInit, OnModuleDestroy {
         },
         id: this.agentConfig.agentName,
         key: this.agentConfig.agentKey,
-        keyDerivationMethod: KeyDerivationMethod.Raw,
       },
       endpoints: [this.agentConfig.agentPeerAddress],
     } satisfies InitConfig;

libs/clients/src/index.ts

 export * from "./lib/gateway.client";
 export * from "./lib/connection.manager.client";
 export * from "./lib/attestation.manager.client";
+export * from "./lib/proof.manager.client";

libs/clients/src/lib/proof.manager.client.ts

+import {
+  BadRequestException,
+  Injectable,
+  InternalServerErrorException,
+  Logger,
+} from "@nestjs/common";
+import {
+  ClientProxy,
+  ClientProxyFactory,
+  Transport,
+} from "@nestjs/microservices";
+import { ConfigService } from "@nestjs/config";
+import {
+  IConnectionManagerConfig,
+  IProofManagerConfig,
+} from "@ocm-engine/config";
+import { lastValueFrom } from "rxjs";
+
+@Injectable()
+export class ProofManagerClient {
+  private client: ClientProxy;
+  private pmConfig: IProofManagerConfig;
+  private readonly logger: Logger = new Logger(ProofManagerClient.name);
+
+  constructor(configService: ConfigService) {
+    this.pmConfig = configService.get<IProofManagerConfig>("pm")!;
+
+    this.client = ClientProxyFactory.create({
+      transport: Transport.TCP,
+      options: {
+        host: this.pmConfig.host,
+        port: this.pmConfig.port,
+      },
+    });
+  }
+
+  async sendPayload<T>({
+    pattern,
+    payload,
+  }: {
+    pattern: string;
+    payload: {
+      data: T;
+      type: string;
+      source: string;
+    };
+  }): Promise<{
+    id: string;
+  }> {
+    this.logger.debug(
+      `sending payload to proof manager ${JSON.stringify(payload, null, 2)}`,
+    );
+
+    return lastValueFrom(this.client.send(pattern, payload)).catch((e) => {
+      if (e.message === "Internal server error") {
+        throw new InternalServerErrorException();
+      }
+
+      throw new BadRequestException(e.message);
+    });
+  }
+}

libs/config/src/config/proof.manager.ts

+import { registerAs } from "@nestjs/config";
+import * as process from "process";
+import { IAttestationManagerConfig } from "../interfaces/attestation.manager.config.interface";
+
+export const pmConfig = registerAs(
+  "pm",
+  (): IAttestationManagerConfig => ({
+    host: process.env["PROOF_SERVICE_HOST"]!,
+    port: parseInt(process.env["PROOF_SERVICE_TCP_PORT"]!),
+  }),
+);

libs/config/src/index.ts

@@ -4,6 +4,7 @@ export * from "./config/ledgers.config";
 export * from "./config/gateway.config";
 export * from "./config/connection.manager.config";
 export * from "./config/attestation.manager";
+export * from "./config/proof.manager";
 
 export * from "./interfaces/nats.config.interface";
 export * from "./interfaces/agent.config.interface";
@@ -11,6 +12,7 @@ export * from "./interfaces/ledgers.config.interface";
 export * from "./interfaces/gateway.config.interface";
 export * from "./interfaces/connection.manager.config.interface";
 export * from "./interfaces/attestation.manager.config.interface";
+export * from "./interfaces/proof.manager.config.interface";
 
 export * from "./schemas/nats.schema";
 export * from "./schemas/agent.schema";
@@ -18,3 +20,4 @@ export * from "./schemas/ledgers.schema";
 export * from "./schemas/gateway.schema";
 export * from "./schemas/connection.manager.schema";
 export * from "./schemas/attestation.manager.schema";
+export * from "./schemas/proof.manager.schema";

libs/config/src/interfaces/proof.manager.config.interface.ts

+export interface IProofManagerConfig {
+  host: string;
+  port: number;
+}

libs/config/src/schemas/proof.manager.schema.ts

+import Joi from "joi";
+
+export const pmSchema = Joi.object({
+  PROOF_SERVICE_TCP_PORT: Joi.string().required(),
+  PROOF_SERVICE_HOST: Joi.string().required(),
+});

libs/dtos/src/dtos/requests/accept.proof.request.dto.ts

+import { IsNotEmpty, IsString } from "class-validator";
+
+export class AcceptProofRequestDto {
+  @IsString()
+  @IsNotEmpty()
+  proofRecordId: string;
+}

libs/dtos/src/events/dtoToEventTransformer.ts

+import {
+  ALL_EVENTS,
+  ConnectionEvent,
+  CredentialEvent,
+  ProofEvent,
+  SchemaEvent,
+} from "./types";
+import { CloudEventDto } from "./event";
+import { ConnectionUnsupportedTypeError } from "../errors/connection.unsupported.type.error";
+import { CreateCredentialDefinitionRequsetDto } from "../dtos/requests/create.credential.definition.requset.dto";
+import { CreateInvitationResponseDto } from "../dtos/responses/create.invitation.response.dto";
+import { CreateSchemaRequestDto } from "../dtos/requests/create.schema.request.dto";
+import { GetConnectionRequestDto } from "../dtos/requests/get.connection.request.dto";
+import { IssueCredentialRequestDto } from "../dtos/requests/issue.credential.request.dto";
+import { IssueProofRequestDto } from "../dtos/requests/issue.proof.request.dto";
+import { AcceptCredentialOfferRequestDto } from "../dtos/requests/accept.credential.offer.request.dto";
+
+export const makeEvent = (payload: {
+  data:
+    | null
+    | IssueProofRequestDto
+    | AcceptCredentialOfferRequestDto
+    | CreateInvitationResponseDto
+    | GetConnectionRequestDto
+    | CreateSchemaRequestDto
+    | CreateSchemaRequestDto
+    | CreateCredentialDefinitionRequsetDto
+    | IssueCredentialRequestDto;
+  type: SchemaEvent | CredentialEvent | ProofEvent | ConnectionEvent;
+  source: string;
+}) => {
+  if (ALL_EVENTS.includes(payload.type)) {
+    throw new ConnectionUnsupportedTypeError();
+  }
+
+  const event = new CloudEventDto<typeof payload.data>();
+  event.subject = payload.type;
+  event.source = payload.source;
+  event.type = payload.type;
+  event.data = payload.data;
+
+  return event;
+};