Feat/4086 anoncreds indy accum fix with endorsement#4090
Conversation
|
I think this is getting pretty close. I originally thought I could do this easier but it ended up being quite a bit of refactoring. I can add more unit tests for the retry logic and there's one other thing I want to go over. |
jamshale
force-pushed
the
feat/4086-anoncreds-indy-accum-fix-with-endorsement
branch
from
72e9d3b to
69b9a07
Compare
|
I found another problem when testing self endorsement. The new event driven anoncreds revocation module was swallowing the exception from the update transaction. This prevents that from happening and then emits the same event as the failed endorsement transaction to get the flow working correctly. I'd still like to add a bit more unit test coverage.... |
|
This could be reviewed now. I've been focusing mostly on manually testing this because you need to create a ledger error for it to occur. I'll try and get a couple more unit tests in to boost it up. |
|
I think this probably has enough unit testing now. Most of the missing code is exception paths and the main fix and retry function which would require a lot of mocking and the individual functions are unit tested. |
jamshale
force-pushed
the
feat/4086-anoncreds-indy-accum-fix-with-endorsement
branch
from
104a750 to
c288588
Compare
| rev_list.rev_reg_def_id, | ||
| txn_record_type=GET_REVOC_REG_ENTRY, | ||
| ) | ||
| ledger = profile.inject_or(BaseLedger) |
There was a problem hiding this comment.
I still don't really understand this yet but this solves the unknown did problem with multi-tenant and multi-ledger scenarios. Apparently you're only supposed to use IndyLedgerRequestsExecutor when reading from the ledger?
I'll keep looking for a bit if there's a reasonable way to fix this pattern. It's very easy to create bugs.
esune
left a comment
esune
left a comment
There was a problem hiding this comment.
Changes look good from the little I know about anoncreds/revocation. There's a couple test failures that need attention, other than that I think it's good.
…o legacy_indy plugin Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
Signed-off-by: jamshale <jamiehalebc@gmail.com>
jamshale
force-pushed
the
feat/4086-anoncreds-indy-accum-fix-with-endorsement
branch
from
9cf8338 to
ac9fa9e
Compare
|
Tests fixed now. The last small change needed updated mocking. |
PatStLouis
left a comment
PatStLouis
left a comment
There was a problem hiding this comment.
I think this looks good. I won't put this as a blocker, but I think there could probably be some more comments in the code and these functions to capture the flow and how things work together for future maintainers while its fresh in memory. This is a complex sequence of operations.
| async def generate_ledger_rrrecovery_txn(genesis_txns: str, rev_list: RevList) -> dict: | ||
| """Generate a new ledger accum entry, using the wallet value if revocations ahead of ledger.""" # noqa: E501 | ||
| registry_from_ledger, prev_revoked = await fetch_txns( | ||
| async def generate_ledger_rrrecovery_txn(genesis_txns: str, rev_list: RevList): |
There was a problem hiding this comment.
can we fix this function name spelling?
There was a problem hiding this comment.
I thought this was a deliberate name for something like revocation registry recovery transaction, but if it is not I agree we should fix it
There was a problem hiding this comment.
This was just copied straight from the existing implementation. But, yes I might as well change it with the rest of the refactor.
| registry_from_ledger, prev_revoked = await fetch_txns( | ||
| async def generate_ledger_rrrecovery_txn(genesis_txns: str, rev_list: RevList): | ||
| """Generate a new ledger accum entry, based on wallet vs ledger revocation state.""" | ||
| new_delta = None |
There was a problem hiding this comment.
this variable seems pointless? its only being set to none and returned as none?
| return endorser_did, connection_record | ||
|
|
||
|
|
||
| async def _track_retry(cache: BaseCache, accum: str): |
There was a problem hiding this comment.
I'm confused by this function, is the accum the retry value? what's the logic behind this?
I'll do a round of commenting... I agree it's a complicated sequence of events and there's 2 separate flows for self endorsement and using an endorser which makes it quite confusing. |
For the future: I know endorsement is pretty much baked into some of the core functionality, as a longer-term strategy we could consider refactoring it and extracting it to a plugin - using an event-driven pattern. |
I think the endorsement protocol and module is so indy specific it should be taken out as a wider |
Signed-off-by: jamshale <jamiehalebc@gmail.com>
|
…ation#4090) * feat: Trigger revocation recovery with endorsement / Move indy code to legacy_indy plugin Signed-off-by: jamshale <jamiehalebc@gmail.com> * fix: Co-pilot suggestions Signed-off-by: jamshale <jamiehalebc@gmail.com> * fix: Better session management and more null object handling Signed-off-by: jamshale <jamiehalebc@gmail.com> * chore: Remove indy specific usage from anoncreds manager Signed-off-by: jamshale <jamiehalebc@gmail.com> * Some fixes and hardening Signed-off-by: jamshale <jamiehalebc@gmail.com> * Remove comment Signed-off-by: jamshale <jamiehalebc@gmail.com> * Refactor / Add self endorsment support / Unit tests Signed-off-by: jamshale <jamiehalebc@gmail.com> * fix: Use old ruff version to format Signed-off-by: jamshale <jamiehalebc@gmail.com> * Small fixes Signed-off-by: jamshale <jamiehalebc@gmail.com> * Add a bit more unit test coverage Signed-off-by: jamshale <jamiehalebc@gmail.com> * bit more test coverage Signed-off-by: jamshale <jamiehalebc@gmail.com> * Add another test Signed-off-by: jamshale <jamiehalebc@gmail.com> * fix: Don't use IndyLedgerRequestsExecutor when posting to ledger Signed-off-by: jamshale <jamiehalebc@gmail.com> * Fix unit tests Signed-off-by: jamshale <jamiehalebc@gmail.com> * Refactor and additional commenting Signed-off-by: jamshale <jamiehalebc@gmail.com> * Fix mocks Signed-off-by: jamshale <jamiehalebc@gmail.com> --------- Signed-off-by: jamshale <jamiehalebc@gmail.com>
| revocation_list=[1, 0, 0, 0], | ||
| ), | ||
| recovery_txn={"value": "txn"}, | ||
| endorser_did=None, |
There was a problem hiding this comment.
@jamshale -- I'm comparing the LTS PR to this PR and saw these warnings in here from SonarCloud about type issues. I'm assuming you saw them, but just wanted to be sure.
4 participants
Pull request overview
This PR refactors anoncreds revocation recovery by moving legacy Indy–specific recovery logic into the
anoncreds/default/legacy_indyimplementation, and adds an anoncreds-specific event path to trigger recovery when an endorsed revocation list update fails.Changes:
anoncreds/default/legacy_indy/recover.py, leaving only shared exception(s) inanoncreds/revocation/recover.py.