# Resetter Approval

Any client could take a resetter role for another client and respond to her client's request with `did_resetter_approve` operation. The server will take the **consensus** of all resetters and decide whether to approve or reject the request.

{% hint style="danger" %}
In practice, a client could register multiple DIDs and use her own DIDs to be resetters of another DID. This is discouraged since a client could lose all private keys of all of her DIDs.
{% endhint %}

{% hint style="warning" %}
Unlike the `did_register_resetters` and `did_revoke_resetters` operations that are initiated by the DID owner, the `did_resetter_approve` is initiated by a DID resetter.
{% endhint %}

As a resetter, there are three consensus types:

1. `did_register_resetters` approves a resetter registration for a DID. A set of resetters will become active after all resetters in the set approve the registration.
2. `did_revoke_resetters` approves a resetter revocation for a DID. A set of resetters will be revoked, i.e. become deactivated, if the combined voting powers of all resetters surpass `"acceptable_votes"`.
3. `did_reset` approves a DID reset, i.e. resetting all key series in the DID. The reset will take place if the combined voting powers of all resetters surpass `"acceptable_votes"`.

In the HTTP request for `did_resetter_approve`, a resetter must specify the attribute `"consensus"` that contains (i) the consensus type, (ii) DID address of the target client and (iii) the DID address of the resetter who makes this HTTP request, which are seperated by `|` as follows:

```
"consensus": "consensus_name|target_did_address|resetter_did_address"
```

{% hint style="info" %}
For a reset request to get approved, not all resetters need to respond to the request. The approval only requires that the combined vote powers of responding resetters surpass the theshold of`"acceptable_votes"`.
{% endhint %}

## did\_resetter\_approve

<mark style="color:green;">`POST`</mark> `https://test-network.finema.co/did/<resetter_did_address>/approve`

#### Request Body

| Name            | Type   | Description                                                                         |
| --------------- | ------ | ----------------------------------------------------------------------------------- |
| operation       | string | The method's name that is "did\_resetter\_approve".                                 |
| did\_address    | string | The DID address.                                                                    |
| current\_key    | string | The current public key in the series. It is used to verify the request's signature. |
| next\_key\_hash | string | The SHA-256 hash of the next public key in the series.                              |
| consensus       | string | The name of the invoked resetter consensus.                                         |
| new\_key\_hash  | string | The SHA-256 hash of the first public key in the new series.                         |
| nonce           | number | The request nonce.                                                                  |

{% tabs %}
{% tab title="200 The operation name, resetter's DID address (\<resetter\_did\_address>) and "consensus" are given as the response. Depending on the request, consensus\_name could be either (i) did\_register\_resetters, (ii) did\_revoke\_resetters or (iii) did\_reset." %}

```
{
    "operation": "did_resetter_approve",
    "did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "consensus": "consensus_name|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0"
}
```

{% endtab %}

{% tab title="422 " %}

```
{
    "errors": [
        {
           "status": 422,
            "title": "Invalid Attribute",
            "detail": "the server cannot process the request",
        }
    ]
}
```

{% endtab %}
{% endtabs %}

## Example Messages and Requests

If that the resetter DID is `did:idin:03e450465cd3bd268163dde7223bfb99efe03e3cbf279f6b1772050e09e09fbf`and the target DID address is `did:idin:9cd19d4cbab9ca1d6f4c6a4b9117fb8904f250b47307cf4f484424f44e0c8370` , then the field "consensus" must have the following form:

```
"consensus": "consensus_name|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0"
```

where `consensus_name` could be either (i) `did_register_resetters`, (ii) `did_revoke_resetters` or (iii) `did_reset`.

### 1. Approve a resetter registration:

```
{
    "consensus": "did_register_resetters|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIefmMIcLLop4og/YYR8NrcZTS378\nRfODoXU27dtXV7jJ+opms04VPgTuqLLlVyPr6hgU213ei2M37sHNOQt74A==\n-----END PUBLIC KEY-----",
    "next_key_hash": "b410dd10dbe4c582583776c943e37613ecff16a51385fbc65b57b85474f4d1ca",
    "operation": "did_resetter_approve",
    "did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "nonce": 1
}
```

The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request

```
{
    "message": "eyJjb25zZW5zdXMiOiAiZGlkX3JlZ2lzdGVyX3Jlc2V0dGVyc3xkaWQ6aWRpbjphZmI3YmE4OGM3NmVkYmRhNTVjMzQ0YjcwYWUwY2YwNTU2ZDc3MGVjMjU2ODIwZDcxODUwMDBkZTM5NTM5MWI1fGRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAiY3VycmVudF9rZXkiOiAiLS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS1cbk1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRUllZm1NSWNMTG9wNG9nL1lZUjhOcmNaVFMzNzhcblJmT0RvWFUyN2R0WFY3akorb3BtczA0VlBnVHVxTExsVnlQcjZoZ1UyMTNlaTJNMzdzSE5PUXQ3NEE9PVxuLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tIiwgIm5leHRfa2V5X2hhc2giOiAiYjQxMGRkMTBkYmU0YzU4MjU4Mzc3NmM5NDNlMzc2MTNlY2ZmMTZhNTEzODVmYmM2NWI1N2I4NTQ3NGY0ZDFjYSIsICJvcGVyYXRpb24iOiAiZGlkX3Jlc2V0dGVyX2FwcHJvdmUiLCAiZGlkX2FkZHJlc3MiOiAiZGlkOmlkaW46MDQ4Y2EyM2M3ZWRmYjcxNjU1Y2I2ZGM1NjI4YzgzMjc4MTZlZGZjYjM3Nzk2M2RlZWNiYTNhM2U5MWU1ZjhiMCIsICJub25jZSI6IDF9",
    "signature": "MEUCIQCOKd+bLX69VEmLV8PA7X9/22el2X56WplZG+iCHV+hdAIgZnLZDi6yQ2/siv7VEhb1TeeGCvU/7Db22zSPzAD/GZQ="
}
```

### 2. Approves a resetter revocation:

```
{
    "operation": "did_resetter_approve",
    "did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh0qHd7FcTODcLPj6Hy4QB8EXPq01\nL0yNT0aynCtrqee4fLKkWcOk5N2vz0TQ6yvogkNFD+N7fyHbcuEvnu5/ow==\n-----END PUBLIC KEY-----",
    "next_key_hash": "7b8fa478e5f445bac96c2960b71b4a6dbdf5bcedf14fd56915399e71d590c07b",
    "consensus": "did_revoke_resetters|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "nonce": 6
}
```

The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request

```
{
    "message": "eyJjb25zZW5zdXMiOiAiZGlkX3Jldm9rZV9yZXNldHRlcnN8ZGlkOmlkaW46YWZiN2JhODhjNzZlZGJkYTU1YzM0NGI3MGFlMGNmMDU1NmQ3NzBlYzI1NjgyMGQ3MTg1MDAwZGUzOTUzOTFiNXxkaWQ6aWRpbjowNDhjYTIzYzdlZGZiNzE2NTVjYjZkYzU2MjhjODMyNzgxNmVkZmNiMzc3OTYzZGVlY2JhM2EzZTkxZTVmOGIwIiwgImN1cnJlbnRfa2V5IjogIi0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tXG5NRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVoMHFIZDdGY1RPRGNMUGo2SHk0UUI4RVhQcTAxXG5MMHlOVDBheW5DdHJxZWU0ZkxLa1djT2s1TjJ2ejBUUTZ5dm9na05GRCtON2Z5SGJjdUV2bnU1L293PT1cbi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLSIsICJuZXh0X2tleV9oYXNoIjogIjdiOGZhNDc4ZTVmNDQ1YmFjOTZjMjk2MGI3MWI0YTZkYmRmNWJjZWRmMTRmZDU2OTE1Mzk5ZTcxZDU5MGMwN2IiLCAib3BlcmF0aW9uIjogImRpZF9yZXNldHRlcl9hcHByb3ZlIiwgImRpZF9hZGRyZXNzIjogImRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAibm9uY2UiOiAyfQ==",
    "signature": "MEQCIC3/LHAO4W6J4hXxnFyjLBcuGPGrdq5ksyrbxcJcZO8TAiAwnn2UyKXYcFlxUDxTmMA9dHxFnzDCXDA7somw21Z3jA=="
}
```

### 3. Approve a DID reset:

```
{
    "consensus": "did_reset|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "new_key_hash": "0874c5673691f7d08a6846fbfeb1f08595ea07c7002e18b2c382f3d4be7fc3f1",
    "current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB1w2xiPd6UPTMd5zM3qLb66yNPVL\nkRwq7qM5Gmgf4+NDeJBWWxy/u8bL9VwTdPXhm9f91aHwPu5/BMln05SxPA==\n-----END PUBLIC KEY-----",
    "next_key_hash": "f91ce1eabfd805562d4c58ea59674129ef17a510022b2ade24593ca73d8c08b4",
    "operation": "did_resetter_approve",
    "did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
    "nonce": 4
}
```

The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request

```
{
    "message": "eyJjb25zZW5zdXMiOiAiZGlkX3Jldm9rZV9yZXNldHRlcnN8ZGlkOmlkaW46YWZiN2JhODhjNzZlZGJkYTU1YzM0NGI3MGFlMGNmMDU1NmQ3NzBlYzI1NjgyMGQ3MTg1MDAwZGUzOTUzOTFiNXxkaWQ6aWRpbjowNDhjYTIzYzdlZGZiNzE2NTVjYjZkYzU2MjhjODMyNzgxNmVkZmNiMzc3OTYzZGVlY2JhM2EzZTkxZTVmOGIwIiwgImN1cnJlbnRfa2V5IjogIi0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tXG5NRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVRRlZNNktNMDlzWjRVWm8zUE1tYkRlMSt6am5OXG5BcmF1TjlEUjBDTmVRb20ybi9COUFDVHZRT3pua0VCTTNiRW4xdmtkeWRiZExVcC9lcXRVWFdhbDlnPT1cbi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLSIsICJuZXh0X2tleV9oYXNoIjogImZmMjM4NThlYTAzYmZmZGQ0NTA2MjI3NGVlNzQ2ZmI4ZWFiOGU0ZmFkYTcyYzA0YmM1MjZjZmU5MjdjYzFlNDMiLCAib3BlcmF0aW9uIjogImRpZF9yZXNldHRlcl9hcHByb3ZlIiwgImRpZF9hZGRyZXNzIjogImRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAibm9uY2UiOiAzfQ==",
    "signature": "MEQCIDdve4Sa1O52Dl3IoI1x9pkSssYP//qJps8RDH4ZCRVJAiApNRuwiT0zD3rUtaSE9KArV4OAs4qYkgbwAwZPvKNkCA=="
}
```