[][src]Function indyrs::anoncreds::issuer_create_and_store_revoc_reg

pub fn issuer_create_and_store_revoc_reg(
    wallet_handle: WalletHandle, 
    issuer_did: &str, 
    revoc_def_type: Option<&str>, 
    tag: &str, 
    cred_def_id: &str, 
    config_json: &str, 
    tails_writer_handle: TailsWriterHandle
) -> Box<dyn Future<Item = (String, String, String), Error = IndyError>>

Create a new revocation registry for the given credential definition as tuple of entities

  • Revocation registry definition that encapsulates credentials definition reference, revocation type specific configuration and secrets used for credentials revocation
  • Revocation registry state that stores the information about revoked entities in a non-disclosing way. The state can be represented as ordered list of revocation registry entries were each entry represents the list of revocation or issuance operations.

Revocation registry definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing REVOC_REG_DEF transaction to Indy distributed ledger.

Revocation registry state is stored on the wallet and also intended to be shared as the ordered list of REVOC_REG_ENTRY transactions. This call initializes the state in the wallet and returns the initial entry.

Some revocation registry types (for example, 'CL_ACCUM') can require generation of binary blob called tails used to hide information about revoked credentials in public revocation registry and intended to be distributed out of leger (REVOC_REG_DEF transaction will still contain uri and hash of tails). This call requires access to pre-configured blob storage writer instance handle that will allow to write generated tails.

Arguments

  • wallet_handle: wallet handle (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing transaction to the Ledger
  • revoc_def_type: revocation registry type (optional, default value depends on credential definition type). Supported types are:
  • 'CL_ACCUM': Type-3 pairing based accumulator implemented according to the algorithm in this paper: https://github.com/hyperledger/ursa/blob/master/libursa/docs/AnonCred.pdf This type is default for 'CL' credential definition type./// * tag: allows to distinct between revocation registries for the same issuer and credential definition
  • cred_def_id: id of stored in ledger credential definition
  • config_json: type-specific configuration of revocation registry as json:
    • 'CL_ACCUM': { "issuance_type": (optional) type of issuance. Currently supported: 1) ISSUANCE_BY_DEFAULT: all indices are assumed to be issued and initial accumulator is calculated over all indices; Revocation Registry is updated only during revocation. 2) ISSUANCE_ON_DEMAND: nothing is issued initially accumulator is 1 (used by default); "max_cred_num": maximum number of credentials the new registry can process (optional, default 100000) }
  • tails_writer_handle: handle of blob storage to store tails

Returns

  • revoc_reg_id: identifier of created revocation registry definition
  • revoc_reg_def_json: public part of revocation registry definition { "id": string - ID of the Revocation Registry, "revocDefType": string - Revocation Registry type (only CL_ACCUM is supported for now), "tag": string - Unique descriptive ID of the Registry, "credDefId": string - ID of the corresponding CredentialDefinition, "value": Registry-specific data { "issuanceType": string - Type of Issuance(ISSUANCE_BY_DEFAULT or ISSUANCE_ON_DEMAND), "maxCredNum": number - Maximum number of credentials the Registry can serve. "tailsHash": string - Hash of tails. "tailsLocation": string - Location of tails file. "publicKeys": <public_keys> - Registry's public key (opaque type that contains data structures internal to Ursa. It should not be parsed and are likely to change in future versions). }, "ver": string - version of revocation registry definition json. }
  • revoc_reg_entry_json: revocation registry entry that defines initial state of revocation registry { value: { prevAccum: string - previous accumulator value. accum: string - current accumulator value. issued: array - an array of issued indices. revoked: array an array of revoked indices. }, ver: string - version revocation registry entry json }