Restore did:indybesu and storage approach for CL objects

This reverts commit 7abeac9

docs/README.md

@@ -10,15 +10,16 @@
 
 - Network Permission modules:
   - [Auth](design/auth.md) - control user permissions
-    - role control - manage roles assigned to accounts  
+    - role control - manage roles assigned to accounts
     - access control - first level validation: whether to accept write transactions (execute target contract method) from a given account
   - [Upgrading contracts](design/upgradability.md) - control versions of deployed contracts (proposing and approving new versions).
   - [Validators node management](design/network.md) - control the list of network validator nodes
-- Identity: 
-  - [DID Method](design/did-method.md) - Supported DID method
+- Identity:
+  - [DID Methods](design/did-methods.md) - Supported DID method
+    - [IndyBesu DID Registry](design/indybesu-did-registry.md) - `indybesu` DID Registry
   - [CL Registry](design/cl-registry.md)
 - [Client](design/vdr.md) - design of VDR library
- 
+
 ### Migration documents
 
 - [Indy Migration](migration/migration.md)

docs/design/cl-registry.md

@@ -1,16 +1,5 @@
 # CL Registry
 
-## Design
-
-Smart contracts for schema and credential definition registries are designed to follow an approach used for DID:ethr
-method:
-
-* Contract Events are used for storing data
-* Contracts hold mapping for more efficient events look up
-* Gas efficient data types are used in contract method
-* Provided methods for delegating signing
-    * Nonce is not needed because only `create` methods provided  (no `update` method)
-
 ## Schema
 
 ### ID Syntax
@@ -20,117 +9,111 @@ method:
 | parameter   | value                                                           |
 |-------------|-----------------------------------------------------------------|
 | id          | “did:” method-name “:” namespace “:” method-specific-id         |
-| method-name | “ethr”                                                          |
+| method-name | “indybesu”, “ethr”                                              |
 | namespace   | “testnet”/"mainnet"                                             |
 | indy-id     | <issuer_did>/anoncreds/v0/SCHEMA/<schema_name>/<schema_version> |
 
 ```
-Example: did:ethr:mainnet:Y6LRXGU3ZCpm7yzjVRSaGu/anoncreds/v0/SCHEMA/BasicIdentity/1.0.0
+Example: did:indybesu:mainnet:0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266/anoncreds/v0/SCHEMA/BasicIdentity/1.0.0
 ```
 
 ### Storage format
 
-* Created schemas mapping:
-    * Description: Mapping to track created schemas by their id to the block number when it was created.
+* Schemas collection:
+    * Description: Mapping holding the list of Schema ID's to their data and metadata.
     * Format:
         ```
-        mapping(bytes32 id => uint block);
+        mapping(bytes32 id => SchemaRecord schemaRecord);
+  
+        struct SchemaRecord {
+            bytes data;
+            SchemaMetadata metadata;
+        }
+
+        struct SchemaMetadata {
+            uint256 created;
+        }
         ```
     * Example:
       ```
       {
-          "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af": 110,
+          "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af": {
+              schema: [1,2,3,4,5,6,7,8,9,....], 
+              metadata: {
+                  created: 1234
+              }, 
+          },
           ...
       }
       ```
 
+#### Types definition
+
+##### Schema
+
+Schema must match to
+the [specification](https://hyperledger.github.io/anoncreds-spec/#schema-publisher-publish-schema-object).
+
+##### Schema Metadata
+
+* `created` - timestamp of schema creation.
+
 ### Transactions (Smart Contract's methods)
 
 Contract name: **SchemaRegistry**
 
 #### Create a new schema
 
 * Method: `createSchema`
-    * Description: Transaction to create a new AnonCreds Schema matching to the [specification](https://hyperledger.github.io/anoncreds-spec/#schema-publisher-publish-schema-object)
+    * Description: Transaction to create a new AnonCreds Schema
     * Parameters:
         * `identity` - Account address of schema issuer
-        * `id` - KECCAK256 hash of schema id to be created
-        * `schema` - AnonCreds Schema object as bytes 
+        * `id` - Keccak hash of Schema id to be created
+        * `issuerId` - DID of Schema issuer
+        * `schema` - AnonCreds schema JSON as bytes.
     * Restrictions:
         * Schema id must be unique.
-        * Corresponding issuer account must exist and owned by sender.
+        * Corresponding issuer DID must exist, be active, and owned by sender.
     * Format:
         ```
         SchemaRegistry.createSchema(
             address identity,
             bytes32 id,
-            bytes schema
+            string calldata issuerId,
+            bytes calldata schema
         )
         ```
-    * Raised Event:
-       ```
-       SchemaCreated(bytes32 indexed id, address identity, bytes schema)`
-       ```
     * Example:
         ```
         SchemaRegistry.createSchema(
-            "0x173CC02518a355040F5Faee93D3AAAb1259F010c",
+            "0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266",
             "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af",
-            [34, 123,  92,  34, 105, 100,  92,  34,  58,  92,  34, 100, ...]
+            "did:ethr:0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266",
+            [1,2,3,4,5,6,7,8,9,....]
         )
+    * Raised Event:
+        * `SchemaCreated(id, identity)`
+
+#### Resolve schema
 
-* Method: `createSchemaSigned`
-    * Description: Transaction to endorse a new AnonCreds Schema (off-chain author signature)
+* Method: `resolveSchema`
+    * Description: Transaction to resolve Schema for giving id
     * Parameters:
-        * `identity` - Account address of schema issuer
-        * `sigV` - Part of EcDSA signature.
-        * `sigR` - Part of EcDSA signature.
-        * `sigS` - Part of EcDSA signature.
-        * `id` - KECCAK256 hash of schema id to be created
-        * `schema` - AnonCreds schema object as bytes
+        * `id` - Keccak hash of Schema id to be resolved
     * Restrictions:
-        * Schema id must be unique.
-        * Corresponding issuer account must exist and owned by sender.
+        * Schema must exist.
     * Format:
         ```
-        SchemaRegistry.createSchemaSigned(
-            address identity,
-            uint8 sigV,
-            bytes32 sigR,
-            bytes32 sigS,
-            bytes32 id,
-            bytes schema
-        )
+        SchemaRegistry.resolveSchema(
+            bytes32 id
+        ) returns (SchemaRecord sschemaRecord)
         ```
-    * Raised Event:
-       ```
-       SchemaCreated(bytes32 indexed id, address identity, bytes schema)`
-       ```
     * Example:
         ```
-        SchemaRegistry.createSchemaSigned(
-            "0x173CC02518a355040F5Faee93D3AAAb1259F010c",
-            27,
-            [1, 2, 3, 4, 5, 6, 7, 8, ...],
-            [11, 21, 33, 44, 55, 73, ...],
-            "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af",
-            [34, 123,  92,  34, 105, 100,  92,  34,  58,  92,  34, 100, ...]
+        SchemaRegistry.resolveSchema(
+            "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af"
         )
-
-#### Resolve schema
-
-In order to resolve a Schema the following steps must be done:
-
-* Call `SchemaRegistry.created(bytes32 id)` contract method passing KECCAK256 hash of target Schema id to get the block number when the Schema was created.
-    * Schemas are stored in the transaction logs.
-    * Query log events from the whole transaction history is very inefficient lookup mechanism.
-* Query ledger for `SchemaCreated` events specifying following data:
-  * `address`: Address of `SchemaRegistry
-  * `topics`: KECCAK256 hash of target Schema id as the second topic
-  * `from_block`: block number when the Schema was created
-  * `to_block`: block number when the Schema was created
-* If result is empty, schema does not exist.
-* If result contains more than one event, its unexpected case and ledger history is broken 
+    * Raised Event: `None`
 
 ## Credential Definition
 
@@ -141,124 +124,115 @@ In order to resolve a Schema the following steps must be done:
 | parameter   | value                                                   |
 |-------------|---------------------------------------------------------|
 | id          | “did:” method-name “:” namespace “:” method-specific-id |
-| method-name | “indy2”, “indy”, “sov”, “ethr”                          |
+| method-name | “indybesu”, “ethr”                                      |
 | namespace   | “testnet”/"mainnet"                                     |
 | indy-id     | <issuer_did>/anoncreds/v0/CLAIM_DEF/<schema_id>/<name>  |
 
 ```
-Example: did:indy2:sovrin:Gs6cQcvrtWoZKsbBhD3dQJ/anoncreds/v0/CLAIM_DEF/56495/mctc
+Example: did:indybesu:sovrin:0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266/anoncreds/v0/CLAIM_DEF/56495/mctc
 ```
 
 ### Storage format
 
-* Created credential definitions mapping:
-    * Description: Mapping to track created credential definitions by their id to the block number when it was created.
+* Credential Definitions collection:
+    * Description: Mapping holding the list of Credential Definition ID's to their data and metadata.
     * Format:
         ```
-        mapping(bytes32 id => uint block);
+        mapping(bytes32 id => CredentialDefinitionRecord credentialDefinitionRecord);
+
+        struct CredentialDefinitionRecord {
+            bytes credDef;
+            CredentialDefinitionMetadata metadata;
+        }
+
+        struct CredentialDefinitionMetadata {
+            uint256 created;
+        }
         ```
     * Example:
       ```
       {
-          "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af": 110,
+          "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af": {
+              credDef: [1,2,3,4,5,6,7,8,9,....], 
+              metadata: {
+                  created: 1234
+              }, 
+          },
           ...
       }
       ```
 
+#### Types definition
+
+##### CredentialDefinitionData
+
+Schema must match to
+the [specification](https://hyperledger.github.io/anoncreds-spec/#generating-a-credential-definition-without-revocation-support)
+.
+
+##### CredentialDefinitionMetadata
+
+* `created` - timestamp of credential definition creation.
+
 ### Transactions (Smart Contract's methods)
 
 Contract name: **CredentialDefinitionRegistry**
 
 #### Create a new credential definition
 
 * Method: `createCredentialDefinition`
-    * Description: Transaction to create a new AnonCreds Credential Definition matching to the [specification](https://hyperledger.github.io/anoncreds-spec/#generating-a-credential-definition-without-revocation-support)
+    * Description: Transaction to create a new AnonCreds Credential Definition
     * Parameters:
         * `identity` - Account address of credential definition issuer
-        * `id` - KECCAK256 hash of credential definition id to be created
-        * `schemaId` - KECCAK256 hash of schema id to be created
-        * `credDef` - AnonCreds Credential Definition object as bytes
+        * `id` - Keccak hash of Credential Definition id to be created
+        * `issuerId` - DID of Credential Definition issuer
+        * `schemaId` - Keccak hash of Schema id
+        * `credDef` - AnonCreds Credential Definition JSON as bytes
     * Restrictions:
         * Credential Definition must be unique.
-        * Corresponding issuer DID must exist and owned by sender.
+        * Corresponding issuer DID must exist, be active, and owned by sender.
         * Corresponding schema must exist.
     * Format:
         ```
         CredentialDefinitionRegistry.createCredentialDefinition(
             address identity,
             bytes32 id,
+            string calldata issuerId,
             bytes32 schemaId,
-            bytes credDef
+            bytes calldata credDef
         )
         ```
-    * Raised Event:
-       ```
-       CredentialDefinitionCreated(bytes32 indexed id, address identity, bytes credDef)`
-       ```
     * Example:
         ```
-        CredentialDefinitionCreated.createCredentialDefinition(
-            "0x173CC02518a355040F5Faee93D3AAAb1259F010c",
-            "0x76943530d3587e81f029e8ce20edb64f9254350d81c59ecf6b7e3ed553e9a8f6",
+        CredentialDefinitionRegistry.createCredentialDefinition(
+            "0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266",
             "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af",
-            [34, 123,  92,  34, 105, 100,  92,  34,  58,  92,  34, 100, ...]
+            did:ethr:0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266",
+            0x32ds23fd23445da3364623a7235a9e7d132fdc8e9f6e63858b53adshg234je2f2",
+            [1,2,3,4,5,6,7,8,9,....]
         )
+    * Raised Event:
+        * `CredentialDefinitionCreated(id, identity)`
+
+#### Resolve credential definition
 
-* Method: `createCredentialDefinitionSigned`
-    * Description: Transaction to endorse a new AnonCreds Credential Definition (off-chain author signature)
+* Method: `resolveCredentialDefinition`
+    * Description: Transaction to resolve Credential Definition for giving id
     * Parameters:
-        * `identity` - Account address of credential definition issuer
-        * `sigV` - Part of EcDSA signature.
-        * `sigR` - Part of EcDSA signature.
-        * `sigS` - Part of EcDSA signature.
-        * `id` - KECCAK256 hash of credential definition id to be created
-        * `schemaId` - KECCAK256 hash of schema id
-        * `credDef` - AnonCreds credential definition object as bytes
+        * `id` - Keccak hash of the Credential Definition to be resolved
     * Restrictions:
-        * Credential Definition must be unique.
-        * Corresponding issuer DID must exist and owned by sender.
-        * Corresponding schema must exist.
+        * Credential Definition must exist.
     * Format:
         ```
-        CredentialDefinitionRegistry.createCredentialDefinitionSigned(
-            address identity,
-            uint8 sigV,
-            bytes32 sigR,
-            bytes32 sigS,
-            bytes32 id,
-            bytes32 schemaId,
-            bytes credDef
-        )
+        CredentialDefinitionRegistry.resolveCredentialDefinition(
+            bytes32 id
+        ) returns (CredentialDefinitionRecord credentialDefinitionRecord)
         ```
-    * Raised Event:
-       ```
-       CredentialDefinitionCreated(bytes32 indexed id, address identity, bytes credDef)`
-       ```
     * Example:
         ```
-        CredentialDefinitionRegistry.createCredentialDefinitionSigned(
-            "0x173CC02518a355040F5Faee93D3AAAb1259F010c",
-            27,
-            [1, 2, 3, 4, 5, 6, 7, 8, ...],
-            [11, 21, 33, 44, 55, 73, ...],
-            "0x76943530d3587e81f029e8ce20edb64f9254350d81c59ecf6b7e3ed553e9a8f6",
-            "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af",
-            [34, 123,  92,  34, 105, 100,  92,  34,  58,  92,  34, 100, ...]
+        CredentialDefinitionRegistry.resolveCredentialDefinition(
+           "0x8ae64c08cf45da3364623a7235a9e7d132fdc8e9f6e63858b53a90d9db32c3af"
         )
-
-#### Resolve credential definition
-
-In order to resolve a Credential Definition the following steps must be done:
-
-* Call `CredentialDefinitionRegistry.created(bytes32 id)` contract method passing KECCAK256 hash of target Credential Definition id to get the block number when the Credential Definition was created.
-    * Credential Definitions are stored in the transaction logs.
-    * Query log events from the whole transaction history is very inefficient lookup mechanism.
-* Query ledger for `CredentialDefinitionCreated` events specifying following data:
-    * `address`: Address of `CredentialDefinitionRegistry`
-    * `topics`: KECCAK256 hash of target Credential Definition id as the second topic
-    * `from_block`: block number when the Credential Definition was created
-    * `to_block`: block number when the Credential Definition was created
-* If result is empty, Credential Definition does not exist.
-* If result contains more than one event, its unexpected case and ledger history is broken
+    * Raised Event: `None`