Resetter Revocation

Once a list of resetters are registered and approved, the client could also revoke the current set of resetters with did_revoke_resetters operation. However, the client still needs to get approvals from the current resetters. For the revocation to be complete, the combined voting powers from all resetters must surpass the threshold of "acceptable_votes".

For a revoke request to get approved, not all resetters need to respond to the request. The approval only requires that the combined vote powers of responding resetters surpass the threshold of"acceptable_votes".

A DID can only have one list of resetters at a time. To register a new set of resetters, the old one must be first revoked.

When a set of resetters are registered, if not all of those resetters approve the registration, this set of resetters will remain inactive. In this case, the client could revoke these inactive resetters without their approvals and then register a new set.

did_revoke_resetters

DELETE https://test-network.finema.co/did/<did_address>/reset

Request Body

Name
Type
Description

operation

string

The method's name that is "did_revoke_resetters".

did_address

string

The DID address.

current_key

string

The current public key in the series. It is used to verify the request's signature.

next_key_hash

string

The SHA-256 hash of the next public key in the series.

nonce

number

The request nonce.

{
    "operation": "did_revoke_resetters",
    "did_address": "did:idin:afb7ba88c76edbda55c344b70ae0cf0556d770ec256820d7185000de395391b5"
}

Example Message and Request

{
    "operation": "did_revoke_resetters",
    "did_address": "did:idin:9cd19d4cbab9ca1d6f4c6a4b9117fb8904f250b47307cf4f484424f44e0c8370",
    "current_key": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeR8NhQeHPT7l1yMyvkZMacPpibjH\n7mp5IRyO2J2kuE97h/fzu1c/7DFsO23qUN6/OezYglMEkoVo5Ob1b6k53A==\n-----END PUBLIC KEY-----",
    "next_key_hash": "a18b790a92683ad00d3562de385ca9e07d20a729809c782e72412f57dd847105"
    "nonce": 4
}

The above message can then be encoded in Base64 and signed with ECDSA to obtain the following HTTP request

{
    "message": "ewogICAgIm9wZXJhdGlvbiI6ICJkaWRfcmVnaXN0ZXJfcmVzZXR0ZXJzIiwKICAgICJkaWRfYWRkcmVzcyI6ICJkaWQ6aWRpbjo5Y2QxOWQ0Y2JhYjljYTFkNmY0YzZhNGI5MTE3ZmI4OTA0ZjI1MGI0NzMwN2NmNGY0ODQ0MjRmNDRlMGM4MzcwIiwKICAgICJjdXJyZW50X2tleSI6ICItLS0tLUJFR0lOIFBVQkxJQyBLRVktLS0tLVxuTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFZVI4TmhRZUhQVDdsMXlNeXZrWk1hY1BwaWJqSFxuN21wNUlSeU8ySjJrdUU5N2gvZnp1MWMvN0RGc08yM3FVTjYvT2V6WWdsTUVrb1ZvNU9iMWI2azUzQT09XG4tLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0iLAogICAgIm5leHRfa2V5X2hhc2giOiAiYTE4Yjc5MGE5MjY4M2FkMDBkMzU2MmRlMzg1Y2E5ZTA3ZDIwYTcyOTgwOWM3ODJlNzI0MTJmNTdkZDg0NzEwNSIKICAgICJub25jZSI6IDEKfQ==",
    "signature": "OTI3MzgyNDgzNTQ3NTU5ODMyNTM1NzYwMDc2MTEwNzYwMTUzMjAzMzQ2NzQ5MDU4NzIwMzM4ODUzNjc4OTE2MTI2NzA2NzQyODgyMDcsIDQ1MjE2NzEwMzM3MjI5NjEzOTc3MjYxMzY2MjUwODYxOTA5MzY2MDU1MDg2Mjk0NzEyMDAwMTU3MjU4ODYxNTQ3ODUzNDc3NTY2ODQw"
}

Last updated