Aries AIP and RFCs Supported in Aries Cloud Agent Python¶
This document provides a summary of the adherence of ACA-Py to the Aries Interop
Profiles,
and an overview of the ACA-Py feature set. This document is
manually updated and as such, may not be up to date with the most recent release of
ACA-Py or the repository main
branch. Reminders (and PRs!) to update this page are
welcome! If you have any questions, please contact us on the #aries channel on
Hyperledger Discord or through an issue in this repo.
Last Update: 2024-10-08, Release 1.0.1
The checklist version of this document was created as a joint effort between Northern Block, Animo Solutions and the Ontario government, on behalf of the Ontario government.
AIP Support and Interoperability¶
See the Aries Agent Test Harness and the Aries Interoperability Status for daily interoperability test run results between ACA-Py and other Aries Frameworks and Agents.
AIP Version | Supported | Notes |
---|---|---|
AIP 1.0 | Fully supported. Deprecation notices published | |
AIP 2.0 | Fully supported. |
A summary of the Aries Interop Profiles and Aries RFCs supported in ACA-Py can be found later in this document.
Platform Support¶
Platform | Supported | Notes |
---|---|---|
Server | ||
Kubernetes | BC Gov has extensive experience running ACA-Py on Red Hat's OpenShift Kubernetes Distribution. | |
Docker | Official docker images are published to the GitHub container repository at ghcr.io/hyperledger/aries-cloudagent-python . |
|
Desktop | Could be run as a local service on the computer | |
iOS | ||
Android | ||
Browser |
Agent Types¶
Role | Supported | Notes |
---|---|---|
Issuer | ||
Holder | ||
Verifier | ||
Mediator Service | See the aries-mediator-service, a pre-configured, production ready Aries Mediator Service based on a released version of ACA-Py. | |
Mediator Client | ||
Indy Transaction Author | ||
Indy Transaction Endorser | ||
Indy Endorser Service | See the aries-endorser-service, a pre-configured, production ready Aries Endorser Service based on a released version of ACA-Py. |
Credential Types¶
Credential Type | Supported | Notes |
---|---|---|
Hyperledger AnonCreds | Includes full issue VC, present proof, and revoke VC support. | |
W3C Verifiable Credentials Data Model | Supports JSON-LD Data Integrity Proof Credentials using the Ed25519Signature2018 , BbsBlsSignature2020 and BbsBlsSignatureProof2020 signature suites.Supports the DIF Presentation Exchange data format for presentation requests and presentation submissions. Work currently underway to add support for Hyperledger AnonCreds in W3C VC JSON-LD Format |
DID Methods¶
Method | Supported | Notes |
---|---|---|
"unqualified" | Deprecated | Pre-DID standard identifiers. Used either in a peer-to-peer context, or as an alternate form of a did:sov DID published on an Indy network. |
did:sov |
||
did:web |
Resolution only | |
did:key |
||
did:peer |
Algorithms 2 /3 and 4 |
|
Universal Resolver | A plug in from SICPA is available that can be added to an ACA-Py installation to support a universal resolver capability, providing support for most DID methods in the W3C DID Method Registry. |
Secure Storage Types¶
Secure Storage Types | Supported | Notes |
---|---|---|
Aries Askar | Recommended - Aries Askar provides equivalent/evolved secure storage and cryptography support to the "indy-wallet" part of the Indy SDK. When using Askar (via the --wallet-type askar startup parameter), other functionality is handled by CredX (AnonCreds) and Indy VDR (Indy ledger interactions). |
|
Aries Askar-AnonCreds | Recommended - When using Askar/AnonCreds (via the --wallet-type askar-anoncreds startup parameter), other functionality is handled by AnonCreds RS (AnonCreds) and Indy VDR (Indy ledger interactions).This wallet-type will eventually be the same as askar when we have fully integrated the AnonCreds RS library into ACA-Py. |
|
Indy SDK | Removed in ACA-Py Release 1.0.0rc5 |
Existing deployments using the Indy SDK MUST transition to Aries Askar and related components as soon as possible. See the Indy SDK to Askar Migration Guide for guidance.
Miscellaneous Features¶
Feature | Supported | Notes |
---|---|---|
ACA-Py Plugins | The ACA-Py Plugins repository contains a growing set of plugins that are maintained and (mostly) tested against new releases of ACA-Py. | |
Multi use invitations | ||
Invitations using public did | ||
Invitations using peer dids supporting connection reuse | ||
Implicit pickup of messages in role of mediator | ||
Revocable AnonCreds Credentials | ||
Multi-Tenancy | Documentation | |
Multi-Tenant Management | The Traction open source project from BC Gov is a layer on top of ACA-Py that enables the easy management of ACA-Py tenants, with an Administrative UI ("The Innkeeper") and a Tenant UI for using ACA-Py in a web UI (setting up, issuing, holding and verifying credentials) | |
Connection-less (non OOB protocol / AIP 1.0) | Only for issue credential and present proof | |
Connection-less (OOB protocol / AIP 2.0) | Only for present proof | |
Signed Attachments | Used for OOB | |
Multi Indy ledger support (with automatic detection) | Support added in the 0.7.3 Release. | |
Persistence of mediated messages | Plugins in the ACA-Py Plugins repository are available for persistent queue support using Redis and Kafka. Without persistent queue support, messages are stored in an in-memory queue and so are subject to loss in the case of a sudden termination of an ACA-Py process. The in-memory queue is properly handled in the case of a graceful shutdown of an ACA-Py process (e.g. processing of the queue completes and no new messages are accepted). | |
Storage Import & Export | Supported by directly interacting with the Aries Askar (e.g., no Admin API endpoint available for wallet import & export). Aries Askar support includes the ability to import storage exported from the Indy SDK's "indy-wallet" component. Documentation for migrating from Indy SDK storage to Askar can be found in the Indy SDK to Askar Migration Guide. | |
SD-JWTs | Signing and verifying SD-JWTs is supported |
Supported RFCs¶
AIP 1.0¶
All RFCs listed in AIP 1.0 are fully supported in ACA-Py, but deprecation and removal of some of the protocols has begun. The following table provides notes about the implementation of specific RFCs.
RFC | Supported | Notes |
---|---|---|
0025-didcomm-transports | ACA-Py currently supports HTTP and WebSockets for both inbound and outbound messaging. Transports are pluggable and an agent instance can use multiple inbound and outbound transports. | |
0160-connection-protocol | DEPRECATED In the next release, the protocol will be removed. The protocol will continue to be available as an ACA-Py plugin, but those upgrading to that pending release and continuing to use this protocol will need to include the plugin in their deployment configuration. Users SHOULD upgrade to the equivalent AIP 2.0 protocols as soon as possible. | |
0036-issue-credential-v1.0 | DEPRECATED In the next release, the protocol will be removed. The protocol will continue to be available as an ACA-Py plugin, but those upgrading to that pending release and continuing to use this protocol will need to include the plugin in their deployment configuration. Users SHOULD upgrade to the equivalent AIP 2.0 protocols as soon as possible. | |
0037-present-proof-v1.0 | DEPRECATED In the next release, the protocol will be removed. It will continue to be available as an ACA-Py plugin, but those upgrading to that pending release and continuing to use this protocol will need to include the plugin in their deployment configuration. Users SHOULD upgrade to the equivalent AIP 2.0 protocols as soon as possible. |
AIP 2.0¶
All RFCs listed in AIP 2.0 (including the sub-targets) are fully supported in ACA-Py EXCEPT as noted in the table below.
RFC | Supported | Notes |
---|---|---|
Fully Supported |
Other Supported RFCs¶
RFC | Supported | Notes |
---|---|---|
0031-discover-features | Rarely (never?) used, and in implementing the V2 version of the protocol, the V1 version was found to be incomplete and was updated as part of Release 0.7.3 | |
0028-introduce | ||
00509-action-menu |