Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

changing anchor origin #1045

Open
fqutishat opened this issue Jan 26, 2022 · 0 comments
Open

changing anchor origin #1045

fqutishat opened this issue Jan 26, 2022 · 0 comments
Assignees
@troyronda
Labels
demo

Comments

@fqutishat
Copy link
Contributor

fqutishat commented Jan 26, 2022
edited
Loading

Step 1: Download orb cli binary.

Step 2: extract a tar.

  • darwin: tar -zxf orb-cli-darwin-amd64.tar.gz
  • linux: tar -zxf orb-cli-linux-amd64.tar.gz

Step 3: create DID public keys

  • create file called create_publickeys.json
  • copy this content to create_publickeys.json
[
 {
  "id": "key1",
  "type": "Ed25519VerificationKey2018",
  "purposes": ["authentication"],
  "jwkPath": "key1_jwk.json"
 }
]
  • create file called key1_jwk.json
  • copy this content to key1_jwk.json
{
  "kty":"OKP",
  "crv":"Ed25519",
  "x":"o1bG1U7G3CNbtALMafUiFOq8ODraTyVTmPtRDO1QUWg",
  "y":""
}

Step 4: create DID services

  • create file called create_services.json
  • copy this content to create_services.json
[
  {
    "id": "svc1",
    "type": "type1",
    "priority": 1,
    "routingKeys": ["key1"],
    "recipientKeys": ["key1"],
    "serviceEndpoint": "http://www.example.com"
  }
]

Step 5: create keypair this key will be used for updatekey

  • openssl ecparam -name prime256v1 -genkey -noout -out update_privatekey.pem
  • openssl ec -in update_privatekey.pem -pubout -out update_publickey.pem
  • you should have two files update_privatekey.pem update_publickey.pem

Step 6: create keypair this key will be used for recoverkey

  • openssl ecparam -name prime256v1 -genkey -noout -out recover_privatekey.pem
  • openssl ec -in recover_privatekey.pem -pubout -out recover_publickey.pem
  • you should have two files recover_privatekey.pem recover_publickey.pem

Step 7: create orb DID with anchor origin orb-1

./orb-cli-darwin-amd64 did create --domain=https://orb-1.sandbox.trustbloc.dev --publickey-file=./create_publickeys.json --service-file=./create_services.json --recoverykey-file=./recover_publickey.pem --updatekey-file=./update_publickey.pem --did-anchor-origin=https://orb-1.sandbox.trustbloc.dev --tls-systemcertpool=true --sidetree-write-token=#TOKEN

Note: replace #TOKEN with real token value

Step 7: resolve orb DID and check anchor origin is orb-1

curl https://orb-1.sandbox.trustbloc.dev/sidetree/v1/identifiers/#DID_ID

Note: replace #DID_ID with canonical id

Step 8: create DID public keys for recover operation

  • create file called recover_publickeys.json
  • will replace did key1 with new purposes assertionMethod
  • copy this content to recover_publickeys.json
[
 {
  "id": "key1",
  "type": "Ed25519VerificationKey2018",
  "purposes": ["assertionMethod"],
  "jwkPath": "key1_jwk.json"
 }
]

Step 9: create keypair this key will be used for next updatekey

  • openssl ecparam -name prime256v1 -genkey -noout -out nextupdate_privatekey.pem
  • openssl ec -in nextupdate_privatekey.pem -pubout -out nextupdate_publickey.pem
  • you should have two files nextupdate_privatekey.pem nextupdate_publickey.pem

Step 10: create keypair this key will be used for next recoverkey

  • openssl ecparam -name prime256v1 -genkey -noout -out nextrecover_privatekey.pem
  • openssl ec -in nextrecover_privatekey.pem -pubout -out nextrecover_publickey.pem
  • you should have two files nextrecover_privatekey.pem nextrecover_publickey.pem

Step 11: recover orb DID with anchor origin orb-2

./orb-cli-darwin-amd64 did recover --domain=https://orb-1.sandbox.trustbloc.dev --did-uri=#DID_ID --publickey-file=./recover_publickeys.json --signingkey-file=./recover_privatekey.pem --nextupdatekey-file=./nextupdate_publickey.pem --nextrecoverkey-file=nextrecover_publickey.pem --tls-systemcertpool=true --did-anchor-origin=https://orb-2.sandbox.trustbloc.dev --sidetree-write-token=#TOKEN

Note: replace #TOKEN with real token value
Note: replace #DID_ID with canonical id

Step 12: resolve orb DID check anchor origin changed to orb-2

curl https://orb-1.sandbox.trustbloc.dev/sidetree/v1/identifiers/#DID_ID

Note: replace #DID_ID with canonical id
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@troyronda troyronda

Labels
demo
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@troyronda @fqutishat