Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: trigger content claims from piece cid #230

Merged
merged 7 commits into from
Sep 20, 2023

Conversation

vasco-santos
Copy link
Contributor

@vasco-santos vasco-santos commented Sep 18, 2023

Needs:

@@ -114,7 +114,7 @@ test('authorizations can be blocked by email or domain', async t => {
})

// Integration test for all flow from uploading a file to Kinesis events consumers and replicator
test('w3infra integration flow', async t => {
test.skip('w3infra integration flow', async t => {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo once dep available

"@ucanto/principal": "^8.1.0",
"@ucanto/transport": "^8.0.0",
"@web3-storage/content-claims": "^3.0.1",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vasco-santos vasco-santos force-pushed the feat/trigger-content-claims-from-piece-cid branch from 607fa87 to 0ad12d8 Compare September 19, 2023 09:28
@seed-deploy
Copy link

seed-deploy bot commented Sep 19, 2023

View stack outputs

@seed-deploy seed-deploy bot temporarily deployed to pr230 September 19, 2023 09:38 Inactive
Comment on lines 39 to 40
did: aggregatorDid,
url: aggregatorUrl
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
did: aggregatorDid,
url: aggregatorUrl
did: contentClaimsDid,
url: contentClaimsUrl

claimsInvocationConfig: /** @type {import('../types').ClaimsInvocationConfig} */ ({
issuer,
audience: claimsServiceConnection.id,
with: issuer.did(),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You either need to use the claims service private key or delegate assert/equals to this issuer from the claims service (and include it as a proof).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added private key as secret as we talked

@seed-deploy seed-deploy bot temporarily deployed to pr230 September 19, 2023 14:04 Inactive
Copy link
Member

@alanshaw alanshaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code changes LGTM 🚀

README.md Outdated Show resolved Hide resolved
Generated by [@ucanto/principal `EdSigner`](https://github.com/web3-storage/ucanto) via [`ucan-key`](https://www.npmjs.com/package/ucan-key)

_Example:_ `MgCZG7EvaA...1pX9as=`

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One thing I did when integrating claims with the current web3.storage API was allow a proof to be passed.

You need to sign a UCAN with a private key and provide proof that you have the capability. When the private key is the private key of the content claims service no proof is needed (you are self signing). When it's a different private key you need to have a delagation for assert/equals as proof.

By allowing a proof to be passed you enable both cases. It just means we can switch to the latter case in the future without code changes.

Not blocking...but should be easy to implement:

https://github.com/web3-storage/web3.storage/blob/1cc9707af6a10bccec4dd93888cf1d5fc1a8c0cb/packages/api/src/env.js#L232-L248

@seed-deploy seed-deploy bot temporarily deployed to pr230 September 20, 2023 09:11 Inactive
@seed-deploy seed-deploy bot temporarily deployed to pr230 September 20, 2023 09:54 Inactive
@vasco-santos vasco-santos force-pushed the feat/trigger-content-claims-from-piece-cid branch from a3f4d8c to a8b24c5 Compare September 20, 2023 09:59
@seed-deploy seed-deploy bot temporarily deployed to pr230 September 20, 2023 09:59 Inactive
@vasco-santos
Copy link
Contributor Author

Written content claims to staging 🎉

➜  content-claims git:(main) ✗ node packages/cli/bin.js read bagbaiera7xsk333k7wm67rbgcq7lxncqhbil2w725m6clcb7rzg7wqkolxwa --verbose 
WARN: using did:web:staging.claims.web3.storage
�㖲�p\m���}ߵroots��*X%q <6bX�����T!�>�Hx���y�9�]�@gversion�q  �X¾�g6��a�`�;7����asXD��@:Z�-q;Pz(        �k�p�+  L�,��]�i�|U�
�6=gcontent�*X&� ���j����&>��P8P�[��<%�?�M�AN]�ccanmassert/equalsdwithx#did:web:staging.claims.web3.storagecaudX!�web:staging.claims.web3.storagecexpe
��cissX!�web:staging.claims.web3.storagecprf�Yq <6bX�����T!�>�Hx���y�9�]�@�[email protected]�*X%q  �X¾�g6��a�`�;7���{
  iss: 'did:web:staging.claims.web3.storage',
  aud: 'did:web:staging.claims.web3.storage',
  v: '0.9.1',
  s: {
    '/': {
      bytes: '7aEDQDpaiy1xO1B6KAmxa9xwqysJTN8s0OVd0mkcoXxV8w0d/OOWsqVwXG38gY1937UMLvRJjbMvK5WIBM1UN3pHjwQ'
    }
  },
  exp: 1695203468,
  att: [
    {
      can: 'assert/equals',
      nb: {
        content: {
          '/': 'bagbaiera7xsk333k7wm67rbgcq7lxncqhbil2w725m6clcb7rzg7wqkolxwa'
        },
        equals: {
          '/': 'bafkzcibbandcag7o7h6n5elb4o5felutjoss53wyhi7otjvhz4mpmaqn4a3d2'
        }
      },
      with: 'did:web:staging.claims.web3.storage'
    }
  ],
  prf: [],
  '/': 'bafyreia32c3cbzkyyk7jezzwawoncyo2malkagomxibb2chnhm3qjmmuxe'
}
➜  content-claims git:(main) ✗ 
➜  content-claims git:(main) ✗ 
➜  content-claims git:(main) ✗ node packages/cli/bin.js read bafkzcibbandcag7o7h6n5elb4o5felutjoss53wyhi7otjvhz4mpmaqn4a3d2 --verbose
WARN: using did:web:staging.claims.web3.storage
�㖲�p\m���}ߵroots��*X%q <6bX�����T!�>�Hx���y�9�]�@gversion�q  �X¾�g6��a�`�;7����asXD��@:Z�-q;Pz(        �k�p�+  L�,��]�i�|U�
�6=gcontent�*X&� ���j����&>��P8P�[��<%�?�M�AN]�ccanmassert/equalsdwithx#did:web:staging.claims.web3.storagecaudX!�web:staging.claims.web3.storagecexpe
��cissX!�web:staging.claims.web3.storagecprf�Yq <6bX�����T!�>�Hx���y�9�]�@�[email protected]�*X%q  �X¾�g6��a�`�;7���{
  iss: 'did:web:staging.claims.web3.storage',
  aud: 'did:web:staging.claims.web3.storage',
  v: '0.9.1',
  s: {
    '/': {
      bytes: '7aEDQDpaiy1xO1B6KAmxa9xwqysJTN8s0OVd0mkcoXxV8w0d/OOWsqVwXG38gY1937UMLvRJjbMvK5WIBM1UN3pHjwQ'
    }
  },
  exp: 1695203468,
  att: [
    {
      can: 'assert/equals',
      nb: {
        content: {
          '/': 'bagbaiera7xsk333k7wm67rbgcq7lxncqhbil2w725m6clcb7rzg7wqkolxwa'
        },
        equals: {
          '/': 'bafkzcibbandcag7o7h6n5elb4o5felutjoss53wyhi7otjvhz4mpmaqn4a3d2'
        }
      },
      with: 'did:web:staging.claims.web3.storage'
    }
  ],
  prf: [],
  '/': 'bafyreia32c3cbzkyyk7jezzwawoncyo2malkagomxibb2chnhm3qjmmuxe'
}

@vasco-santos vasco-santos merged commit b68cb43 into main Sep 20, 2023
1 check passed
@vasco-santos vasco-santos deleted the feat/trigger-content-claims-from-piece-cid branch September 20, 2023 10:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants