verida / verida-js Goto Github PK
View Code? Open in Web Editor NEWThe Verida SDK provides several SDKs to interact with the Verida Network
Home Page: https://developers.verida.network
License: ISC License
The Verida SDK provides several SDKs to interact with the Verida Network
Home Page: https://developers.verida.network
License: ISC License
The Verida protocol supports defining a schema for data stored in Verida databases. These schema'd databases are called datastores
. See Verida schema documentation.
Anyone can define a schema and reference it by URL. The Verida protocol defines a collection of base schemas in the schema repo.
All Verida schemas should match the JSON schema specification.
Verida schemas need to provide additional metadata, beyond just "validation rules".
This includes:
You can see an example of this additional metadata in the draft Veirda social/contact schema.
Tasks:
Schemas will change. We need to have a clearly defined strategy and process to help developers update schemas.
I'm not sure we need to solve this problem now, but at least need a plan.
Things to consider:
My Initial thoughts:
In phase 1, we support versioning by having a convention of building it into the URL, ie: .../social/contact/schema/v1.json
. Since multiple schemas can use the same database, it's possible to have records stored in the same database but using different schema versions.
In phase 2, we support a "data migration" process, whereby a new schema version can define a data migration schema
. The Verida client can support applying this data transform based on the data migration schema to convert data from an older schema to the new schema.
Tasks:
There's a security risk where a schema is specified by URL and then the schema is modified (or the hosting provider hacked) to generate a different URL. For example, modifying the schema to remove the list of required fields, allowing data to be saved across the network with invalid data.
I don't think we need to solve this right now, but need to consider the implications and have a strategy to improve this in the future.
It's possible to use IPFS to store a schema and then reference the content addressable URI within data saved using the Verida protocol.
In a future phase, we could support on chain "schema hashes" via the Trust Framework. This allows schemas to be referenced by an on-chain hash instead of a https
URL. Ceramic network also provides similar capabilities.
Tasks:
The following community resources exist and seem active:
This was identified in the web-sandbox
.
@verida/vault-mobile
Only raise change
events for rows that change for the current schema.
Create a separate @verida/client-rn package and make necessary React Native changes
From the confidential storage working group discussion and spec
"Delete Resource (Document or Stream): Deletes the encrypted resource (note that a tombstone object should remain behind for replication purposes)."
A number of bug fixes have occurred in @verida/datastore
since this library was being created.
Diff the changes made during 2021, migrate them across to client-ts
and create appropriate unit tests.
In Verida, the user stores data in database collections. These collections are siloed within different contexts
.
For example, a user may have three contexts:
Verida: Vault
(all data stored in their vault)Secure Markdown Editor
(a markdown editor application)Social platform
(a generic social media application)Each of these contexts have their own private key to unlock access to the data. Each private key can be unlocked by the master private key controlled by the user's blockchain account.
Questions: What should this context
be called?
In a traditional application you would think of a context
as the name of an application (ie: Secure Markdown Editor
). However in the new world of de-centralized applications there is a separation between the user interface and the storage of data. This means you could have multiple user interfaces (or applications) that interact with the same siloed collection of databases.
For example, three different applications could be developed that all share the same Social platform
dataset (and schemas). Your data would be the same regardless of which application you logged into.
A developer intuitively would likely think of each context as an application name
, however as mentioned above that's not really accurate and undermines the capabilities of new world of de-centralized applications.
3box called these spaces
which makes sense, however the have recently dropped this due to perceived confusion from developers about what a space
actually was.
In the new refactor I have called these secure contexts
as it seemed the most fitting, but I'd like feedback from the team.
It's important to get a meaningful name as this is a new concept to most developers entering this world and we need to try and help them understand the concepts as quickly as possible.
@Dickson-Mwendia An explanation of this new concept should be included in our documentation.
Update existing documentation to match the changes made in this new package.
Requires:
client-ts
: API documentation of all public methodsclient-ts
: Updated README.mdaccount-node
: Updated README.mdaccount-web-vault
: Updated README.mdMigrate the inbox
and outbox
functionality from @verida/datastore
into client-ts
.
A user with access to an external database is unable to access it from a context with a different name.
The following refactor tasks need to occur when migrating from @verida/datastore
:
@verida/datastore
library into new Typescript refactor library (@verida/network-ts)@verida/network-ts
to @verida/client-ts
Public profile is currently key/value.
Refactor to support multiple public profiles in the same database with any number of schemas.
Add support for a basicProfile
schema based on Ceramic basicProfile
.
Requires:
client-ts
vault-common
vault-mobile
Migrate the inbuilt database manager that tracks all the databases available within a storage context.
Add support for maintaining a list of all the valid read
and write
users for the storage context.
Support a factory method that instantiates a context from a single configuration object.
This will be the primary way to use the library as it's the most common use case.
Migrate the profile manager from @verida/datatore
into client-ts
.
Give some thought into supporting IDX profiles for public profiles.
The tech capability demo needs to embed the login screen in a iframe.
Currently the QR Code is cut off and the iframe cannot be scrolled. It appears we are doing something to stop this, since other embedded codesandbox frames scroll fine (including our own code).
We need to be able to scroll to see the QR code
Example showing scrolling works
This occurs in the markdown editor demo.
Investigate if this behaviour is acceptable or should be improved.
Unit tests are now throwing this error:
Error: Cannot change 'deterministic' or 'unique' properties on existing Streams
Each event handler should return an unsubscribe function so that client can handle it correctly, especially in React.
For example:
const unsubscribe = messaging.onMessage(function () {
fetchInboxCount()
})
// Unsubscribe when that screen is not rendered anymore:
unsubscribe()
Update all demos to use the new Verida client-ts
package:
Depends on #1
Support creating an account-3id
natively, without linking any existing blockchain account.
Create an account implementation that handles logging in via Ceramic 3ID in the browser and then handles signing consent messages.
See the AutoAccount implementation that automatically signs a consent message given a private key on a NodeJs server: https://github.com/verida/verida-js/blob/feature/datastore-support/packages/account/src/auto.ts
Add support for a disconnect()
method in account-web-vault/vault-account.ts
(https://github.com/verida/verida-js/blob/main/packages/account-web-vault/src/vault-account.ts).
Requires adding a disconnect()
method to the AccountInterface
(#37)
Need to update dependencies to use pbkdf2
password hashing algorithm as it works across nodeJs, browser and react-native environments.
After a lot of investgation, there is no easy cross-environment solution exists for argon2id
or scrypt
.
Add a resync()
and isconnected()
methods to database and datastore in client-ts
.
Investigate auto-reconnection in the underlying pouchdb connections.
At the moment the default servers for a context are supplied by the Vault mobile application.
Need to update the auth flow so the defaults can be provided by the application itself.
account-web-vault
library should emit an event when the QR modal is is closed and login request is not made , so that the frontend applications can listen to this cancelled
event and update its loading state .Each user (DID) has an array of data storage contexts (applications) where their data is stored. This allows a user to have data stored across three different applications and stored on three different infrastructure providers.
Additionally, each of those storage contexts have a set of public keys (asymmetric and signing) that can be used to communicate / verify data relating to that user in the particular storage context.
This data is stored in Ceramic's IDX and is public. See this example entry for the Verida Vault for a given DID (3ID):
{
id: 'Verida Vault',
publicKeys: {
asymKey: {
type: 'Curve25519EncryptionPublicKey',
base58: 'kjzly24aefcy24aefcy24aefc8b5d'
},
signKey: {
type: 'ED25519SignatureVerification',
base58: 'zjzly24aefcy24aefcy24aefc8b5d'
}
},
services: {
storageServer: {
type: 'VeridaStorage',
endpointUri: 'https://localhost:5000/'
},
messageServer: {
type: 'VeridaStorage',
endpointUri: 'https://localhost:5000/'
}
}
}
Question: Should the id
property (Verida Vault
) be hashed along with the user's DID?
ie: instead of id=Verida Vault
we would set id=hash(did + context.id)
.
This prevents a third party looking up a user's DID and easily seeing all the applications they have connected to. A third party could manually build a list of all applications in the Verida network and hash them with the user's DID to produce a list โ but that's a significant amount of work and doesn't scale to easily index every Verida user.
This doesn't prevent a third party checking if a DID is using a particular application context (which we obviously don't want, as this information is public and needs to be looked up).
Update 3id-utils to support NEAR accounts. Add unit tests.
disconnect()
currently logs out of all sessions and ignores the contextName
parameter.
There is an issue where a new index added to a schema doesn't get created for a user if they have previously opened that schema.
Tasks:
disconnect()
when client.disconnect()
is called.This is required for: verida/vault-auth-server#7
(GNaP https://github.com/interop-alliance/gnap-client-js, ZCaP, JWT auth)
Update from using https://github.com/tahpot/crypto-pouch.git to the latest version of crypto-pouch (v4.0.1) this will remove some vulnerabilities in the elliptic package calvinmetcalf/crypto-pouch#76 that is currently being used.
Repositories requiring the change
package.json
yarn.lock
This error is thrown randomly when creating/connecting to an account.
HTTP request to 'https://ceramic-clay.3boxlabs.com/api/v0/streams' failed with status '': <html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
</body>
</html>...
account-web-vault
packages should support adding the verida connect button image to third parties application,window.onload
to inject the img tag into the DOMVerida currently has its own DID generation approach. This has served it well for a PoC, but it's better to migrate to an alternative DID solution. In this issue I will outline a migration plan to use Ceramic network's 3ID DID provider.
Verida currently generates a DID on a per application basis:
Do you want to login to the Verida Vault application?
)Verida DID
document is created that lists the public keys of those keypairs, which is then stored in a centralized APIDID service
definition)This offers the following benefits:
Ceramic provides an alternative approach, whereby multiple blockchain wallets can be used to control a 3ID DID via their 3ID DID Provider. Utilizing the Ceramic network and IDX protocol, it's possible to store public or encrypted data for each 3ID.
Under this model a user will need a 3ID in order to use the Verida network. A user will authenticate (or sign up) as follows:
In the future, it may be possible for the Verida Vault QR code auth to be integrated into 3ID Connect.
Behind the scenes, the following needs to occur:
Manually test the code running in a web browser environment.
Depends on #6.
In the future create a full web test suite.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.