Resetter Approval
Any client could take a resetter role for another client and respond to her client's request with
did_resetter_approve
operation. The server will take the consensus of all resetters and decide whether to approve or reject the request.In practice, a client could register multiple DIDs and use her own DIDs to be resetters of another DID. This is discouraged since a client could lose all private keys of all of her DIDs.
Unlike the
did_register_resetters
and did_revoke_resetters
operations that are initiated by the DID owner, the did_resetter_approve
is initiated by a DID resetter.As a resetter, there are three consensus types:
- 1.
did_register_resetters
approves a resetter registration for a DID. A set of resetters will become active after all resetters in the set approve the registration. - 2.
did_revoke_resetters
approves a resetter revocation for a DID. A set of resetters will be revoked, i.e. become deactivated, if the combined voting powers of all resetters surpass"acceptable_votes"
. - 3.
did_reset
approves a DID reset, i.e. resetting all key series in the DID. The reset will take place if the combined voting powers of all resetters surpass"acceptable_votes"
.
In the HTTP request for
did_resetter_approve
, a resetter must specify the attribute "consensus"
that contains (i) the consensus type, (ii) DID address of the target client and (iii) the DID address of the resetter who makes this HTTP request, which are seperated by |
as follows:"consensus": "consensus_name|target_did_address|resetter_did_address"
For a reset request to get approved, not all resetters need to respond to the request. The approval only requires that the combined vote powers of responding resetters surpass the theshold of
"acceptable_votes"
.post
https://test-network.finema.co/
did/<resetter_did_address>/approve
did_resetter_approve
If that the resetter DID is
did:idin:03e450465cd3bd268163dde7223bfb99efe03e3cbf279f6b1772050e09e09fbf
and the target DID address is did:idin:9cd19d4cbab9ca1d6f4c6a4b9117fb8904f250b47307cf4f484424f44e0c8370
, then the field "consensus" must have the following form:"consensus": "consensus_name|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0"
where
consensus_name
could be either (i) did_register_resetters
, (ii) did_revoke_resetters
or (iii) did_reset
.{
"consensus": "did_register_resetters|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIefmMIcLLop4og/YYR8NrcZTS378\nRfODoXU27dtXV7jJ+opms04VPgTuqLLlVyPr6hgU213ei2M37sHNOQt74A==\n-----END PUBLIC KEY-----",
"next_key_hash": "b410dd10dbe4c582583776c943e37613ecff16a51385fbc65b57b85474f4d1ca",
"operation": "did_resetter_approve",
"did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"nonce": 1
}
The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request
{
"message": "eyJjb25zZW5zdXMiOiAiZGlkX3JlZ2lzdGVyX3Jlc2V0dGVyc3xkaWQ6aWRpbjphZmI3YmE4OGM3NmVkYmRhNTVjMzQ0YjcwYWUwY2YwNTU2ZDc3MGVjMjU2ODIwZDcxODUwMDBkZTM5NTM5MWI1fGRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAiY3VycmVudF9rZXkiOiAiLS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS1cbk1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRUllZm1NSWNMTG9wNG9nL1lZUjhOcmNaVFMzNzhcblJmT0RvWFUyN2R0WFY3akorb3BtczA0VlBnVHVxTExsVnlQcjZoZ1UyMTNlaTJNMzdzSE5PUXQ3NEE9PVxuLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tIiwgIm5leHRfa2V5X2hhc2giOiAiYjQxMGRkMTBkYmU0YzU4MjU4Mzc3NmM5NDNlMzc2MTNlY2ZmMTZhNTEzODVmYmM2NWI1N2I4NTQ3NGY0ZDFjYSIsICJvcGVyYXRpb24iOiAiZGlkX3Jlc2V0dGVyX2FwcHJvdmUiLCAiZGlkX2FkZHJlc3MiOiAiZGlkOmlkaW46MDQ4Y2EyM2M3ZWRmYjcxNjU1Y2I2ZGM1NjI4YzgzMjc4MTZlZGZjYjM3Nzk2M2RlZWNiYTNhM2U5MWU1ZjhiMCIsICJub25jZSI6IDF9",
"signature": "MEUCIQCOKd+bLX69VEmLV8PA7X9/22el2X56WplZG+iCHV+hdAIgZnLZDi6yQ2/siv7VEhb1TeeGCvU/7Db22zSPzAD/GZQ="
}
{
"operation": "did_resetter_approve",
"did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh0qHd7FcTODcLPj6Hy4QB8EXPq01\nL0yNT0aynCtrqee4fLKkWcOk5N2vz0TQ6yvogkNFD+N7fyHbcuEvnu5/ow==\n-----END PUBLIC KEY-----",
"next_key_hash": "7b8fa478e5f445bac96c2960b71b4a6dbdf5bcedf14fd56915399e71d590c07b",
"consensus": "did_revoke_resetters|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"nonce": 6
}
The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request
{
"message": "eyJjb25zZW5zdXMiOiAiZGlkX3Jldm9rZV9yZXNldHRlcnN8ZGlkOmlkaW46YWZiN2JhODhjNzZlZGJkYTU1YzM0NGI3MGFlMGNmMDU1NmQ3NzBlYzI1NjgyMGQ3MTg1MDAwZGUzOTUzOTFiNXxkaWQ6aWRpbjowNDhjYTIzYzdlZGZiNzE2NTVjYjZkYzU2MjhjODMyNzgxNmVkZmNiMzc3OTYzZGVlY2JhM2EzZTkxZTVmOGIwIiwgImN1cnJlbnRfa2V5IjogIi0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tXG5NRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVoMHFIZDdGY1RPRGNMUGo2SHk0UUI4RVhQcTAxXG5MMHlOVDBheW5DdHJxZWU0ZkxLa1djT2s1TjJ2ejBUUTZ5dm9na05GRCtON2Z5SGJjdUV2bnU1L293PT1cbi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLSIsICJuZXh0X2tleV9oYXNoIjogIjdiOGZhNDc4ZTVmNDQ1YmFjOTZjMjk2MGI3MWI0YTZkYmRmNWJjZWRmMTRmZDU2OTE1Mzk5ZTcxZDU5MGMwN2IiLCAib3BlcmF0aW9uIjogImRpZF9yZXNldHRlcl9hcHByb3ZlIiwgImRpZF9hZGRyZXNzIjogImRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAibm9uY2UiOiAyfQ==",
"signature": "MEQCIC3/LHAO4W6J4hXxnFyjLBcuGPGrdq5ksyrbxcJcZO8TAiAwnn2UyKXYcFlxUDxTmMA9dHxFnzDCXDA7somw21Z3jA=="
}
{
"consensus": "did_reset|did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5|did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"new_key_hash": "0874c5673691f7d08a6846fbfeb1f08595ea07c7002e18b2c382f3d4be7fc3f1",
"current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB1w2xiPd6UPTMd5zM3qLb66yNPVL\nkRwq7qM5Gmgf4+NDeJBWWxy/u8bL9VwTdPXhm9f91aHwPu5/BMln05SxPA==\n-----END PUBLIC KEY-----",
"next_key_hash": "f91ce1eabfd805562d4c58ea59674129ef17a510022b2ade24593ca73d8c08b4",
"operation": "did_resetter_approve",
"did_address": "did:idin:048ca23c7edfb71655cb6dc5628c8327816edfcb377963deecba3a3e91e5f8b0",
"nonce": 4
}
The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request
{
"message": "eyJjb25zZW5zdXMiOiAiZGlkX3Jldm9rZV9yZXNldHRlcnN8ZGlkOmlkaW46YWZiN2JhODhjNzZlZGJkYTU1YzM0NGI3MGFlMGNmMDU1NmQ3NzBlYzI1NjgyMGQ3MTg1MDAwZGUzOTUzOTFiNXxkaWQ6aWRpbjowNDhjYTIzYzdlZGZiNzE2NTVjYjZkYzU2MjhjODMyNzgxNmVkZmNiMzc3OTYzZGVlY2JhM2EzZTkxZTVmOGIwIiwgImN1cnJlbnRfa2V5IjogIi0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tXG5NRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVRRlZNNktNMDlzWjRVWm8zUE1tYkRlMSt6am5OXG5BcmF1TjlEUjBDTmVRb20ybi9COUFDVHZRT3pua0VCTTNiRW4xdmtkeWRiZExVcC9lcXRVWFdhbDlnPT1cbi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLSIsICJuZXh0X2tleV9oYXNoIjogImZmMjM4NThlYTAzYmZmZGQ0NTA2MjI3NGVlNzQ2ZmI4ZWFiOGU0ZmFkYTcyYzA0YmM1MjZjZmU5MjdjYzFlNDMiLCAib3BlcmF0aW9uIjogImRpZF9yZXNldHRlcl9hcHByb3ZlIiwgImRpZF9hZGRyZXNzIjogImRpZDppZGluOjA0OGNhMjNjN2VkZmI3MTY1NWNiNmRjNTYyOGM4MzI3ODE2ZWRmY2IzNzc5NjNkZWVjYmEzYTNlOTFlNWY4YjAiLCAibm9uY2UiOiAzfQ==",
"signature": "MEQCIDdve4Sa1O52Dl3IoI1x9pkSssYP//qJps8RDH4ZCRVJAiApNRuwiT0zD3rUtaSE9KArV4OAs4qYkgbwAwZPvKNkCA=="
}
Last modified 2yr ago