0.11.0

Release 0.11.0 is a relatively large release of new features, fixes, and internal updates. 0.11.0 is planned to be the last significant update before we begin the transition to using the ledger agnostic AnonCreds Rust in a release that is expected to bring Admin/Controller API changes. We plan to do patches to the 0.11.x branch while the transition is made to using [Anoncreds Rust].

An important addition to ACA-Py is support for signing and verifying SD-JWT verifiable credentials. We expect this to be the first of the changes to extend ACA-Py to support OpenID4VC protocols.

This release and Release 0.10.5 contain a high priority fix to correct an issue with the handling of the JSON-LD presentation verifications, where the status of the verification of the presentation.proof in the Verifiable Presentation was not included when determining the verification value (true or false) of the overall presentation. A forthcoming security advisory will cover the details. Anyone using JSON-LD presentations is recommended to upgrade to one of these versions of ACA-Py as soon as possible.

In the CI/CD realm, substantial changes were applied to the source base in switching from:

• pip to Poetry for packaging and dependency management,
• Flake8 to Ruff for linting,
• asynctest to IsolatedAsyncioTestCase and AsyncMock objects now included in Python's builtin unittest package for unit testing.

These are necessary and important modernization changes, with the latter two triggering many (largely mechanical) changes to the codebase.

0.11.0 Breaking Changes

In addition to the impacts of the change for developers in switching from pip to Poetry, the only significant breaking change is the (overdue) transition of ACA-Py to always use the new DIDComm message type prefix, changing the DID Message prefix from the old hardcoded did:sov:BzCbsNYhMrjHiqZDTUASHg;spec to the new hardcoded https://didcomm.org value, and using the new DIDComm MIME type in place of the old. The vast majority (all?) Aries deployments have long since been updated to accept both values, so this change just forces the use of the newer value in sending messages. In updating this, we retained the old configuration parameters most deployments were using (--emit-new-didcomm-prefix and --emit-new-didcomm-mime-type) but updated the
code to set the configuration parameters to true even if the parameters were not set. See PR #2517.

The JSON-LD verifiable credential handling of JSON-LD contexts has been updated to pre-load the base contexts into the repository code so they are not fetched at run time. This is a security best practice for JSON-LD, and prevents errors in production when, from time to time, the JSON-LD contexts are unavailable because of outages of the web servers where they are hosted. See PR #2587.

A Problem Report message is now sent when a request for a credential is received and there is no associated Credential Exchange Record. This may happen, for example, if an issuer decides to delete a Credential Exchange Record that has not be answered for a long time, and the holder responds after the delete. See PR #2577.

What's Changed

• #2289 Migrate to Poetry by @Gavinok in #2436
• Swap out flake8 in favor of Ruff by @dbluhm in #2438
• Update Python image version to 3.9.18 by @WadeBarnes in #2456
• chore: add black back in as a dev dep by @dbluhm in #2465
• feat: add timeout to did resolver resolve method by @dbluhm in #2464
• Remove old routing protocol code by @dbluhm in #2466
• fix: issue #2434: Change DIDExchange States to Match rfc160 by @anwalker293 in #2461
• fix: version should be set by pyproject.toml by @dbluhm in #2471
• fix: unique ids for services in legacy peer by @dbluhm in #2476
• peer did 2/3 resolution by @Jsyro in #2472
• Bugfix: Issue with write ledger pool when performing Accumulator sync by @shaangill025 in #2480
• Update steps for Manually Creating Revocation Registries by @WadeBarnes in #2491
• Issue #2419 InvalidClientTaaAcceptanceError time too precise error if container timezone is not UTC by @Ennovate-com in #2420
• Update devcontainer to read version from aries-cloudagent package by @usingtechnology in #2483
• Issue #2488 KeyError raised when Subject ID is not a URI by @Ennovate-com in #2490
• fix: run tests script copying local env by @dbluhm in #2495
• Feat/sd jwt implementation by @cjhowland in #2487
• Use correct rust log level in dockerfiles by @loneil in #2499
• Remove unused dependencies by @andrewwhitehead in #2510
• Feat: Upgrade from tags and fix issue with legacy IssuerRevRegRecords [<=v0.5.2] by @shaangill025 in #2486
• Change arg_parse to always set --emit-new-didcomm-prefix and --emit-new-didcomm-mime-type to true by @swcurran in #2517
• Fix: Problem Report Before Exchange Established by @Ennovate-com in #2519
• refactor: drop mediator_terms and recipient_terms by @dbluhm in #2515
• Avoid multiple open wallet connections by @andrewwhitehead in #2521
• chore(deps): Bump urllib3 from 2.0.5 to 2.0.6 by @dependabot in #2525
• chore(deps): Bump urllib3 from 2.0.2 to 2.0.6 in /demo/playground/scripts by @dependabot in #2524
• chore: update pydid by @dbluhm in #2527
• 🎨 clarify LedgerError message when TAA is required and not accepted by @ff137 in #2545
• fix: correct minor typos by @Ennovate-com in #2544
• Update .readthedocs.yaml by @swcurran in #2547
• Update .readthedocs.yaml by @swcurran in #2548
• fix: routing behind mediator by @dbluhm in #2536
• Feat: Support subwallet upgradation using the Upgrade command by @shaangill025 in #2529
• chore(deps): Bump urllib3 from 2.0.6 to 2.0.7 by @dependabot in #2552
• fix: taa rough timestamp timezone from datetime by @dbluhm in #2554
• refactor: replace multiformats library by @dbluhm in #2559
• fix: mediation routing keys as did key by @dbluhm in #2516
• chore(deps): Bump urllib3 from 2.0.6 to 2.0.7 in /demo/playground/scripts by @dependabot in #2551
• fix: clean up requests and invites by @dbluhm in #2560
• Update demo/playground scripts by @usingtechnology in #2562
• refactor: use did-peer-2 instead of peerdid by @dbluhm in #2561
• Issue 2555 playground scripts readme by @usingtechnology in #2563
• Playground needs optionally external network by @usingtechnology in #2564
• chore: dependency updates by @dbluhm in #2565
• fix: drop asynctest by @dbluhm in #2566
• 0.11.0-rc0 by @swcurran in #2575
• chore: point to official sd-jwt lib release by @dbluhm in #2573
• 0.11.0-rc1 by @swcurran in #2576
• Dockerfile.indy - Include aries_cloudagent code into build by @usingtechnology in #2584
• Goal and Goal Code in invitation URL. by @usingtechnology in #2591
• Send Problem report when CredEx not found by @usingtechnology in #2577
• Fix Issue #2589 TypeError When There Are No Nested Requirements by @Ennovate-com in #2590
• Issue 2570 devcontainer ruff, black and pytest by @usingtechnology in #2595
• feat: use a local static cache for commonly used contexts by @chumbert in #2587
• black formatter extension configuration update by @usingtechnology in #2603
• chore: correct type hints on base record by @dbluhm in #2604
• Update shared components by @andrewwhitehead in #2520
• Default connection_id to None to account for Connectionless Proofs by @popkinj in #2605
• Feat: Per Tenant Logging by @shaangill025 in #2550
• 🐛 fix wallet_update when only extra_settings requested by @ff137 in #2612
• 0.11.0rc2 by @swcurran in #2613
• fix: more resilient checks in verify signed attachments by @dbluhm in #2609
• fix: typos by @omahs in #2614
• fix: wallet type help text out of date by @dbluhm in #2618
• fix: report presentation result by @dbluhm in #2615
• chore: bump pydid version by @dbluhm in #2626
• 0.11.0 by @swcurran in #2627

New Contributors

• @Ennovate-com made their first contribution in #2420
• @popkinj made their first contribution in #2605
• @omahs made their first contribution in #2614

Full Changelog: 0.10.1...0.11.0