This repository includes a fully containerized indy-cli environment, allowing you to use the indy-cli without ever having to build or install the indy-sdk or any of its dependencies on your machine.
The following indy-cli examples are performed using a local instance of von-network, however the indy-cli environment can be connected to any number of indy ledgers. In order to use some indy-cli commands you'll need to have a DID already registered on that network. The process of starting the indy-cli and generating a local wallet will generate the DID and Verkey you could then have registered on that network.
./manage build
The first thing you'll need is a set of secrets, a seed: used to generate your DID, and a key: used as the encryption key for your wallet.
These two values are very sensitive. Make sure you store them in a safe place such as a secure password manager application. If someone gets hold of your seed, they can regenerate your DID and Verkey and impersonate you. If someone gains access to your wallet and your wallet key, they can impersonate you AND have control over all of the credentials in your wallet. So, make sure you keep your seed and wallet key a secret.
The ./manage script makes this easy to generate these values randomly, just run:
./manage generateSecrets
Seed: 2yMTRs+zBBPF75OE5i1WCY5uDcQYUdt4
Key: b+StO9VtqyvdEeUsUQknR6uB+UoXK09kHzskSjIYIZ0GQmG4O0bLULc7NlY42/Bh
For the remainder of the examples we'll use the seed and key from above for consistency.
The generateDid command can be used with or without a seed to generate a DID. When used without a seed it will generate a random seed and use that to generate a DID and Verkey.
./manage generateDid 2yMTRs+zBBPF75OE5i1WCY5uDcQYUdt4
Seed: 2yMTRs+zBBPF75OE5i1WCY5uDcQYUdt4
DID: 5DHNJswc1LjkCWPYYrzYVX
Verkey: 3J9F2QpresMoukCSJTbvM2YmaovfqveVDgg1P1azMsJP
./manage start
- Browse to http://localhost:9000/.
- In the Authenticate a New DID section enter the seed (created above) in the Wallet seed (32 characters or base64) field and
my-didin the Alias (optional) field. - Click Register DID
You should see the following message written to the screen:
Identity successfully registered:
Seed: 2yMTRs+zBBPF75OE5i1WCY5uDcQYUdt4
DID: 5DHNJswc1LjkCWPYYrzYVX
Verkey: 3J9F2QpresMoukCSJTbvM2YmaovfqveVDgg1P1azMsJP
Now on to working with the indy-cli ...
This command downloads and registers the network's genesis file with the indy-cli.
Note we're using the internal docker host IP address to access the locally running network since it's also running in docker. This IP can be obtained by running ./manage dockerhost.
./manage cli init-pool local_net http://192.168.65.3:9000/genesis
Creating von_client_run ... done
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3092 100 3092 0 0 1006k 0 --:--:-- --:--:-- --:--:-- 1006k
To register another network (say Sovrin BuilderNet) you would run the command like this:
./manage cli init-pool builder_net https://raw.githubusercontent.com/sovrin-foundation/sovrin/stable/sovrin/pool_transactions_builder_genesis
./manage \
indy-cli create-wallet \
walletName=local_net_trustee_wallet
When prompted, enter the wallet encryption key to create the wallet:
Creating von_client_run ... done
load-plugin library=libindystrgpostgres.so initializer=postgresstorage_init
Plugin has been loaded: "libindystrgpostgres.so"
wallet create local_net_trustee_wallet key storage_type=default storage_config={} storage_credentials={}
Enter value for key:
When prompted, enter the wallet encryption key to open the wallet:
Wallet "local_net_trustee_wallet" has been created
wallet open local_net_trustee_wallet key storage_credentials={}
Enter value for key:
When prompted, enter your seed:
Wallet "local_net_trustee_wallet" has been opened
did new seed
Enter value for seed:
Did "5DHNJswc1LjkCWPYYrzYVX" has been created with "~ATfU5eKehb2Y1WkqHbmLvT" verkey
did list
+------------------------+-------------------------+----------+
| Did | Verkey | Metadata |
+------------------------+-------------------------+----------+
| 5DHNJswc1LjkCWPYYrzYVX | ~ATfU5eKehb2Y1WkqHbmLvT | - |
+------------------------+-------------------------+----------+
wallet close
Wallet "local_net_trustee_wallet" has been closed
wallet detach local_net_trustee_wallet
Wallet "local_net_trustee_wallet" has been detached
exit
Goodbye...
./manage \
indy-cli export-wallet \
walletName=local_net_trustee_wallet \
exportPath=/tmp/local_net_trustee_wallet.export
When prompted, enter the wallet encryption key to open the wallet:
Creating von_client_run ... done
load-plugin library=libindystrgpostgres.so initializer=postgresstorage_init
Plugin has been loaded: "libindystrgpostgres.so"
-wallet attach local_net_trustee_wallet storage_type=default storage_config={}
Wallet "local_net_trustee_wallet" has been attached
wallet open local_net_trustee_wallet key storage_credentials={}
Enter value for key:
When prompted, enter the wallet encryption key to encrypt the wallet export:
Wallet "local_net_trustee_wallet" has been opened
wallet export export_path=/tmp/local_net_trustee_wallet.export export_key
Enter value for export_key:
Wallet "local_net_trustee_wallet" has been exported to the file "/tmp/local_net_trustee_wallet.export"
wallet close
Wallet "local_net_trustee_wallet" has been closed
wallet detach local_net_trustee_wallet
Wallet "local_net_trustee_wallet" has been detached
exit
Goodbye...
./manage \
indy-cli import-wallet \
walletName=local_net_trustee_wallet \
importPath=/tmp/local_net_trustee_wallet.export
When prompted, enter the encryption key of the export (backup) file:
Creating von_client_run ... done
load-plugin library=libindystrgpostgres.so initializer=postgresstorage_init
Plugin has been loaded: "libindystrgpostgres.so"
wallet import local_net_trustee_wallet key export_path=/tmp/local_net_trustee_wallet.export export_key storage_type=default storage_config={} storage_credentials={}
Enter value for key:
When prompted, enter the wallet encryption key for the restore process:
Enter value for export_key:
When prompted, enter the wallet encryption key to open the wallet:
Wallet "local_net_trustee_wallet" has been created
wallet open local_net_trustee_wallet key storage_credentials={}
Enter value for key:
Wallet "local_net_trustee_wallet" has been opened
did list
+------------------------+-------------------------+----------+
| Did | Verkey | Metadata |
+------------------------+-------------------------+----------+
| 5DHNJswc1LjkCWPYYrzYVX | ~ATfU5eKehb2Y1WkqHbmLvT | - |
+------------------------+-------------------------+----------+
wallet close
Wallet "local_net_trustee_wallet" has been closed
wallet detach local_net_trustee_wallet
Wallet "local_net_trustee_wallet" has been detached
exit
Goodbye...
This command starts an indy-cli session with a given ledger and opens the specified wallet and sets the session context using the did use command.
The command is setup to use an indy-cli config file to indicate the TAA acceptance mechanism. Create the file ./tmp/cliconfig.json in the von-network folder (i.e. .../von-network/tmp/cliconfig.json) and save the following content:
{
"taaAcceptanceMechanism": "for_session"
}
The ./tmp folder gets mounted automatically into the docker container's /tmp folder.
./manage \
indy-cli --config /tmp/cliconfig.json start-session \
walletName=local_net_trustee_wallet \
poolName=local_net \
useDid=5DHNJswc1LjkCWPYYrzYVX
When prompted, enter the wallet encryption key to open the wallet:
Creating von_client_run ... done
"for_session" is used as transaction author agreement acceptance mechanism
load-plugin library=libindystrgpostgres.so initializer=postgresstorage_init
Plugin has been loaded: "libindystrgpostgres.so"
pool connect local_net
Pool "local_net" has been connected
-wallet attach local_net_trustee_wallet storage_type=default storage_config={}
Wallet "local_net_trustee_wallet" has been attached
wallet open local_net_trustee_wallet key storage_credentials={}
Enter value for key:
Wallet "local_net_trustee_wallet" has been opened
did use 5DHNJswc1LjkCWPYYrzYVX
Did "5DHNJswc1LjkCWPYYrzYVX" has been set as active
pool(local_net):local_net_trustee_wallet:did(5DH...YVX):indy>
You are now ready to issue commands/transactions to the ledger using your DID's context.
Read your DID from the ledger by entering the following command on the indy-cli command prompt:
ledger get-nym did=5DHNJswc1LjkCWPYYrzYVX
Following NYM has been received.
Metadata:
+------------------------+-----------------+---------------------+---------------------+
| Identifier | Sequence Number | Request ID | Transaction time |
+------------------------+-----------------+---------------------+---------------------+
| 5DHNJswc1LjkCWPYYrzYVX | 10 | 1633469176534450900 | 2021-10-05 20:02:27 |
+------------------------+-----------------+---------------------+---------------------+
Data:
+------------------------+------------------------+----------------------------------------------+----------+
| Identifier | Dest | Verkey | Role |
+------------------------+------------------------+----------------------------------------------+----------+
| V4SGRU86Z58d6TV7PBUe6f | 5DHNJswc1LjkCWPYYrzYVX | 3J9F2QpresMoukCSJTbvM2YmaovfqveVDgg1P1azMsJP | ENDORSER |
+------------------------+------------------------+----------------------------------------------+----------+
pool(local_net):local_net_trustee_wallet:did(5DH...YVX):indy>
When done type exit and press enter:
pool(local_net):local_net_trustee_wallet:did(5DH...YVX):indy> exit
Pool "local_net" has been disconnected
Wallet "local_net_trustee_wallet" has been closed
Goodbye...
./manage indy-cli
Creating von_client_run ... done
indy>
You are now on an interactive indy-cli command line. For help with the commands type help. This will give you information about the top level commands. To get help about a specific command, or sub-command type the <command> [sub-command] followed by help; for example ledger help, or ledger get-nym help.
When done type exit and press enter:
indy> exit
Goodbye...
Use with caution. This deletes everything in your indy-cli environment. Make sure you have things backed up if needed.
./manage cli reset
This command generates pool and domain genesis files from data input via csv files.
./manage generategenesisfiles <trustees_csv_file> <stewards_csv_file>
It is a convenience command wrapped around the Steward Tools script for generating genesis files found here; https://github.com/sovrin-foundation/steward-tools/tree/master/create_genesis
The script is downloaded and hosted in a running container which has the required packages installed.
Examples of the csv files can be downloaded from here; https://docs.google.com/spreadsheets/d/1LDduIeZp7pansd9deXeVSqGgdf0VdAHNMc7xYli3QAY/edit#gid=0
Download each sheet separately in csv format and fill them out with the data specific to your network.
The input csv files must be placed into the ./tmp/ folder.
The resulting output pool_transactions_genesis and domain_transactions_genesis files will be placed
in the ./tmp/ folder.
Example:
./manage generategenesisfiles "./tmp/CANdy Beta Genesis File Node info - Trustees.csv" "./tmp/CANdy Beta Genesis File Node info - Stewards.csv"