[RFC] Do NOT merge yet - Allow access to /ledger/register-nym with multitenancy

Open matgnt opened this issue 3 years ago • 3 comments

The change shows what might be necessary to support "Option 3" described in #1657

Still needs discussion whether this is the desired way to go.

Mar 09 '22 14:03 matgnt

Codecov Report

Merging #1658 (df2c3a8) into main (9b67bb8) will increase coverage by 0.00%. The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1658   +/-   ##
=======================================
  Coverage   95.50%   95.50%           
=======================================
  Files         528      528           
  Lines       32734    32735    +1     
=======================================
+ Hits        31264    31265    +1     
  Misses       1470     1470

Mar 09 '22 15:03 codecov-commenter

You can register a nym on the ledger through an endorser. With PR 1616 you'll also be able to update attrib through an endorser as well

Mar 10 '22 16:03 ianco

We also considered using the root wallet as endorser but decided against it.

Apart from these endorsement considerations, I'm not in favor of opening any new endpoints. This endorsement design decision, that can make sense for some but not for others, would have an impact on all aca-py instances due to the endpoint whitelist being hardcoded. This was one of the cons when making our decision.

If we want to accommodate for this, I would suggest having the endpoints whitelist be configurable instead of hardcoded. This way, having the root wallet as an endorser can be an option, but the downsides of opening new endpoints won't impact all multi-tenant aca-py instances.

Mar 11 '22 07:03 chumbert

With #1836, this type of change should no longer require code changes.

Aug 16 '22 19:08 dbluhm

Closing this PR. Thanks @dbluhm for your PR #1836 that should do the trick in a more configurable way.

Aug 16 '22 19:08 matgnt