Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failure in Credentials Verification #481

Closed
mahtovivekUBT opened this issue Jun 10, 2024 · 10 comments
Closed

Failure in Credentials Verification #481

mahtovivekUBT opened this issue Jun 10, 2024 · 10 comments
Assignees
@SuperBatata
Labels
0.4.0 release 0.4.0 Stale

Comments

@mahtovivekUBT
Copy link

I took the checkout of the latest walt.id repo and built the images locally and ran the setup with local built images.
But whenever I try verifying the credentials, it fails

This is the last log I see in the wallet-api docker (Attached log.txt)

Is there an issue with the presentation?

Screenshot 2024-06-10 155423
log.txt
@niwim
Copy link

niwim commented Jun 11, 2024
edited
Loading

I'm seeing a similar issue but on the offer side, seems to be related to this PR.

The browser isn't reaching the the issuer-container as the host of the vc-request sting is a internal docker URL reference.

Screenshot 2024-06-11 at 09 42 09

@SuperBatata
Copy link
Contributor

@niwim in the etc/hosts file you can add those lines to resolve the issue :

127.0.0.1 host.docker.internal
127.0.0.1 gateway.docker.internal

@niwim
Copy link

niwim commented Jun 11, 2024

Thanks @SuperBatata, noticed that the issues were not related.

Managed to reproduce @mahtovivekUBT issue. It looks like its ebsi-related, idk much about the ebsi resolver but managed to extract this error at least.

docker-compose-verifier-api-1       | [DefaultDispatcher-worker-8] TRACE id.walt.credentials.schemes.JwsSignatureScheme - Verifying with issuer did: did:ebsi:zf39qHTXaLrr6iy3tQhT3UZ
docker-compose-verifier-api-1       | [DefaultDispatcher-worker-8] TRACE id.walt.credentials.schemes.JwsSignatureScheme - Imported key: Failure(io.ktor.network.tls.TLSException: Received alert during handshake. Level: FATAL, code: ProtocolVersion) from did: did:ebsi:zf39qHTXaLrr6iy3tQhT3UZ, public is: null

@SuperBatata
Copy link
Contributor

@niwim Could you please update the VERSION_TAG in docker-compose/.env to latest? The fix was not included in version 0.3.1.

@mahtovivekUBT Could you kindly provide additional details to help us diagnose the issue? Specifically, the logs from the verifier-api, the setup you are using, and any steps to reproduce the problem would be very helpful. Thank you!

@waltkb
Copy link
Contributor

waltkb commented Jun 11, 2024

Thanks @SuperBatata, noticed that the issues were not related.

Managed to reproduce @mahtovivekUBT issue. It looks like its ebsi-related, idk much about the ebsi resolver but managed to extract this error at least.

docker-compose-verifier-api-1       | [DefaultDispatcher-worker-8] TRACE id.walt.credentials.schemes.JwsSignatureScheme - Verifying with issuer did: did:ebsi:zf39qHTXaLrr6iy3tQhT3UZ
docker-compose-verifier-api-1       | [DefaultDispatcher-worker-8] TRACE id.walt.credentials.schemes.JwsSignatureScheme - Imported key: Failure(io.ktor.network.tls.TLSException: Received alert during handshake. Level: FATAL, code: ProtocolVersion) from did: did:ebsi:zf39qHTXaLrr6iy3tQhT3UZ, public is: null

This TLS exception sounds like the one with the missing TLS 1.3 support in the CIO client, this was changed when switching to okhttp in one of the last updates (EBSI DID Registry does not have support for TLS1.2/TLS1.1, only TLS1.3).

@laserguy
Copy link

Thanks @SuperBatata and @niwim

These are the logs from the verifier_api (After clicking on accept presentation)
verifier_api.log

I have Windows 11 OS with Docker-desktop, and I'm running the demo on Chrome browser although the behavior is same on other browsers. Please let me know if you need any more info.

@SuperBatata
Copy link
Contributor

SuperBatata commented Jun 11, 2024
edited
Loading

@laserguy Thank you for providing the logs from the verifier-api. Could you please also provide the steps to reproduce the issue? For example, how are you running the project, and how do you issue the VC? etc.. This information will help us better understand and address the problem. Thank you!

Additionally, could you try using did:jwk instead of did:cheqd and let us know if the problem persists?

@laserguy
Copy link

@SuperBatata I tried with did:jwk, and the verification works with it. I tried with other did methods as well.
Except did:key and did:cheqd, other methods are working fine.

I have made a video that shows how issue can be reproduced, but it is more than 10 MB so I have uploaded it to the discord Failed Verification

@laserguy
Copy link

@SuperBatata I had one small question, I was able to resolve the did:cheqd using Uniresolver, but I couldn't resolve the did:ebsi. Is did:ebsi not stored on the ebsi blockchain?

did:ebsi:zf39qHTXaLrr6iy3tQhT3UZ

@waltkb waltkb added the 0.4.0 release 0.4.0 label Jun 25, 2024
@github-actions GitHub Actions
Copy link

This issue has been marked as stale.

@github-actions github-actions bot added the Stale label Oct 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SuperBatata SuperBatata

Labels
0.4.0 release 0.4.0 Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@laserguy @niwim @SuperBatata @waltkb @mahtovivekUBT