[−][src]Function indyrs::anoncreds::issuer_create_and_store_revoc_reg
pub fn issuer_create_and_store_revoc_reg(
wallet_handle: WalletHandle,
issuer_did: &str,
revoc_def_type: Option<&str>,
tag: &str,
cred_def_id: &str,
config_json: &str,
tails_writer_handle: TailsWriterHandle
) -> Box<dyn Future<Item = (String, String, String), Error = IndyError>>
Create a new revocation registry for the given credential definition as tuple of entities
- Revocation registry definition that encapsulates credentials definition reference, revocation type specific configuration and secrets used for credentials revocation
- Revocation registry state that stores the information about revoked entities in a non-disclosing way. The state can be represented as ordered list of revocation registry entries were each entry represents the list of revocation or issuance operations.
Revocation registry definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing REVOC_REG_DEF transaction to Indy distributed ledger.
Revocation registry state is stored on the wallet and also intended to be shared as the ordered list of REVOC_REG_ENTRY transactions. This call initializes the state in the wallet and returns the initial entry.
Some revocation registry types (for example, 'CL_ACCUM') can require generation of binary blob called tails used to hide information about revoked credentials in public revocation registry and intended to be distributed out of leger (REVOC_REG_DEF transaction will still contain uri and hash of tails). This call requires access to pre-configured blob storage writer instance handle that will allow to write generated tails.
Arguments
wallet_handle
: wallet handle (created by Wallet::open_wallet).issuer_did
: a DID of the issuer signing transaction to the Ledgerrevoc_def_type
: revocation registry type (optional, default value depends on credential definition type). Supported types are:
- 'CL_ACCUM': Type-3 pairing based accumulator implemented according to the algorithm in this paper:
https://github.com/hyperledger/ursa/blob/master/libursa/docs/AnonCred.pdf
This type is default for 'CL' credential definition type./// *
tag
: allows to distinct between revocation registries for the same issuer and credential definition
cred_def_id
: id of stored in ledger credential definitionconfig_json
: type-specific configuration of revocation registry as json:- 'CL_ACCUM': { "issuance_type": (optional) type of issuance. Currently supported: 1) ISSUANCE_BY_DEFAULT: all indices are assumed to be issued and initial accumulator is calculated over all indices; Revocation Registry is updated only during revocation. 2) ISSUANCE_ON_DEMAND: nothing is issued initially accumulator is 1 (used by default); "max_cred_num": maximum number of credentials the new registry can process (optional, default 100000) }
tails_writer_handle
: handle of blob storage to store tails
NOTE:
Recursive creation of folder for Default Tails Writer (correspondent to tails_writer_handle
)
in the system-wide temporary directory may fail in some setup due to permissions: IO error: Permission denied
.
In this case use TMPDIR
environment variable to define temporary directory specific for an application.
Returns
revoc_reg_id
: identifier of created revocation registry definitionrevoc_reg_def_json
: public part of revocation registry definition { "id": string - ID of the Revocation Registry, "revocDefType": string - Revocation Registry type (only CL_ACCUM is supported for now), "tag": string - Unique descriptive ID of the Registry, "credDefId": string - ID of the corresponding CredentialDefinition, "value": Registry-specific data { "issuanceType": string - Type of Issuance(ISSUANCE_BY_DEFAULT or ISSUANCE_ON_DEMAND), "maxCredNum": number - Maximum number of credentials the Registry can serve. "tailsHash": string - Hash of tails. "tailsLocation": string - Location of tails file. "publicKeys": <public_keys> - Registry's public key (opaque type that contains data structures internal to Ursa. It should not be parsed and are likely to change in future versions). }, "ver": string - version of revocation registry definition json. }revoc_reg_entry_json
: revocation registry entry that defines initial state of revocation registry { value: { prevAccum: string - previous accumulator value. accum: string - current accumulator value. issued: array- an array of issued indices. revoked: array an array of revoked indices. }, ver: string - version revocation registry entry json }