Uploaded image for project: 'Indy Node'
  1. Indy Node
  2. INDY-1957

Confirm that Trust Anchor role works as intended

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Complete
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 1.6.83
    • Component/s: None
    • Labels:
      None
    • Sprint:
      Ev-Node 19.02
    • Documentation Impact:
      Unset

      Description

      Our requirements around the Trust Anchor role has evolved a lot over the last year, and we need to confirm that the current implementation will meet the needs of the organizations who are now ready to write to the Sovrin Ledger.

      Acceptance Criteria
      Confirm that the Trust Anchor role has the following behaviors, and raise tickets for any functionality that deviates from these requirements:

      • Any steward or trustee can create the role.
      • Any trustee can revoke the role.
      • Holders of this role can demote themselves (remove the role).
      • Anyone with the role should be able to write to the ledger without proof of payment.
      • If a ANYONE_CAN_WRITE (INDY-1528) is false, this role is required to write to the ledger.
      • If ANYONE_CAN_WRITE is true, then anyone can write to the ledger with or without this role.
      • The plugin interface supports plugins such that if ANYONE_CAN_WRITE is true, writes can be allowed without this role only if payment is attached, and can be allowed without a payment if the author has this role. (Check the Sovrin payment plugins to ensure they work this way. Issues with the plugin implementation should be raised in the Sovrin jira.)
      • This document reflects these rules:
        https://github.com/hyperledger/indy-node/blob/master/docs/auth_rules.md
      • Make sure that all necessary integration and system tests exist

      Notes

      • The current Trust Anchor role will soon be called Endorser (INDY-1950)
      • ANYONE_CAN_WRITE does not need to be tracked on the config ledger for now (INDY-1956)
      • This role does not need to be able to authorize 3rd party transaction authors; for now all authors must have this role. (INDY-1563)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              andkononykhin Andrey Kononykhin
              Reporter:
              esplinr Richard Esplin
              Watchers:
              Alexander Shcherbakov, Andrey Kononykhin, Olga Zheregelya, Richard Esplin
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: