Merge pull request #127 from OpSecId/witness-service-endpoint

Add Witness service endpoint

Author: swcurran

README.md

@@ -1,96 +1,49 @@
 # DID Web with Verifiable History Server Python
-## A Web Server component for a DID WebVH implementation
 
-This server is built with the FastAPI framework.
+A Web Server component for a DID WebVH implementation built with FastAPI.
 
-The DID WebVH spec: [https://identity.foundation/didwebvh](https://identity.foundation/didwebvh)
+**DID WebVH Specification**: [https://identity.foundation/didwebvh](https://identity.foundation/didwebvh)
 
-## Abstract
+## Quick Start
 
-This server is for issuing clients to deposit their did documents, did logs and other objects.
-
-Having a seperate server to deposit verification material will ensure that signing material is isolated and provide a more secured architecture.
-
-This also enables system architects to create rigid governance rules around publishing DID documents and related ressources through endorsment.
-
-## How it works
-*For a demonstration, please see the demo directory*
+```bash
+# Install dependencies
+cd server
+uv sync
 
-- A controller requests an identifier from the server.
-- The server returns a configuration if the requested identifier is available.
-- The controller generates a first log entry matching the server policies.
-- The controller sends the initial log entry to the server, along with the did witness file if required
+# Copy and configure environment
+cp env.example .env
+# Edit .env with your settings
 
-### Registering a new DID
-```mermaid
-sequenceDiagram
-    participant WebVH Server
-    participant Controller
-    participant Witness
-    Controller->>WebVH Server: Request an identifier namespace.
-    WebVH Server->>Controller: Provide log input document.
-    Controller->>Controller: Create and sign initial log entry.
-    Controller->>Witness: Request witness signature if enabled.
-    Controller->>WebVH Server: Send initial log entry and did witness file if required.
-    WebVH Server->>WebVH Server: Verify and publish DID.
+# Run server
+uv run python main.py
 ```
 
-### AnonCreds Objects (AttestedResources)
-
-An attested resource is a stored resource cryptographically bound to it's location on the web. See the anoncreds document for more information.
-
-### Setting up policies
-
-The server is equiped with a configurable policy module. Rule sets can be established to change the server behavior when validating some requests.
-
-When a rule is enforced, the server will reject any request that doesn't match said policy. Here are the configurable policies:
-
-#### Known Witnesses Registry
-
-- WEBVH_KNOWN_WITNESS_KEY: A default known witness key to provision the server.
-    - ex: `WEBVH_KNOWN_WITNESS_KEY="z6Mkf5rGMoatrSj1f4CyvuHBeXJELe9RPdzo2PKGNCKVtZxP"`
-
-- WEBVH_KNOWN_WITNESS_REGISTRY: A list of known witnesses is used for validating witness policies. This will be cached every time a witness can't be found.
-    - ex: `WEBVH_KNOWN_WITNESS_REGISTRY="https://known-witnesses.example.com"`
-
-#### Attested Resource Endorsement
-
-- WEBVH_ENDORSEMENT: This will require a known witness proof on any attested resource uploaded or updated. It's up to the witness service to determine which resources to endorse from the controller.
-    - ex: `WEBVH_ENDORSEMENT="true"`
-
-#### WebVH Parameters
-
-The following policy variables can be used to enforce parameters from the did:webvh specification:
-- WEBVH_VERSION: Specify a webvh method version to enforce
-    - ex: `WEBVH_VERSION="1.0"`
-- WEBVH_WITNESS: Enforce the use of witness with a minimum threshold of 1. At least 1 witness from the known witness registry will need to be used.
-    - ex: `WEBVH_WITNESS="true"`
-- WEBVH_PORTABILITY: Ensure that portability is enabled.
-    - ex: `WEBVH_PORTABILITY="true"`
-- WEBVH_WATCHER: Request a specific watcher to be included in the watchers array
-    - ex: `WEBVH_WATCHER=https://watcher.example.com`
-- WEBVH_PREROTATION: Enforce the use of prerotation
-    - ex: `WEBVH_PREROTATION="true"`
-
-### Exploring the resources
-
-Have a look at the demo directory for instructions on how to browse the explorer.
+The server will be available at `http://localhost:8000` with:
+- **API Documentation**: `http://localhost:8000/docs` (Swagger UI)
+- **Web Explorer**: `http://localhost:8000/api/explorer`
 
 ## Documentation
 
-The documentation is built with [Zensical](https://zensical.org/). To view the documentation locally:
+📚 **Complete documentation is available in the [User Manual](docs/index.md)**
+
+To view the documentation locally:
 
 ```bash
 # Install Zensical
 pip install zensical
 
-# Navigate to the project root (where zensical.toml is located)
-cd /path/to/didwebvh-server-py
-
 # Start the documentation server
 zensical serve
 ```
 
 The documentation will be available at `http://localhost:8000` (or the port specified in `zensical.toml`).
 
-For comprehensive documentation, see the [User Manual](docs/user-manual.md) in the `docs/` directory.
+## Additional Resources
+
+- **[Server README](server/README.md)**: Quick setup guide
+- **Demo**: See the `demo/` directory for load testing and examples
+
+## License
+
+Apache License 2.0

charts/didwebvh-server/Chart.yaml

@@ -3,8 +3,8 @@ name: didwebvh-server-py
 icon: https://identity.foundation/didwebvh/didwebvh.jpg
 description: An api server to register and serve web dids with verifiable history.
 type: application
-version: 0.4.5
-appVersion: 0.4.5
+version: 0.5.0
+appVersion: 0.5.0
 
 maintainers:
   - name: PatStLouis

charts/didwebvh-server/templates/server/configmap.yaml

@@ -31,8 +31,9 @@ data:
   {{- if .Values.server.branding }}
   APP_NAME: {{ .Values.server.branding.app_name | default "DID WebVH Server" | quote }}
   APP_DESCRIPTION: {{ .Values.server.branding.app_description | default "An api server to register and serve web dids with verifiable history." | quote }}
-  APP_ICON: {{ .Values.server.branding.app_icon | default "https://didwebvh.info/latest/assets/favicon.ico" | quote }}
-  APP_LOGO: {{ .Values.server.branding.app_logo | default "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg" | quote }}
+  APP_ICON: {{ .Values.server.branding.icon | default "https://didwebvh.info/latest/assets/favicon.ico" | quote }}
+  APP_LOGO_VERTICAL: {{ .Values.server.branding.logo_vertical | default "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg" | quote }}
+  APP_LOGO_HORIZONTAL: {{ .Values.server.branding.logo_horizontal | default "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg" | quote }}
   APP_PRIMARY_COLOR: {{ .Values.server.branding.app_primary_color | default "#1a365d" | quote }}
   APP_SECONDARY_COLOR: {{ .Values.server.branding.app_secondary_color | default "#38a169" | quote }}
   APP_ACCENT_COLOR: {{ .Values.server.branding.app_accent_color | default "#3182ce" | quote }}

charts/didwebvh-server/templates/server/deployment.yaml

@@ -53,14 +53,14 @@ spec:
               protocol: TCP
           livenessProbe:
             httpGet:
-              path: /server/status
+              path: /api/server/status
               port: {{ .Values.server.service.apiPort }}
             failureThreshold: 2
             initialDelaySeconds: 60
             periodSeconds: 5
           readinessProbe:
             httpGet:
-              path: /server/status
+              path: /api/server/status
               port: {{ .Values.server.service.apiPort }}
             initialDelaySeconds: 60
           resources:

charts/didwebvh-server/values.yaml

@@ -16,7 +16,7 @@ networkPolicy:
 server:
   image:
     repository: ghcr.io/decentralized-identity/didwebvh-server-py
-    tag: 0.4.5
+    tag: 0.5.0
     pullPolicy: IfNotPresent
     pullSecrets: []
 
@@ -38,8 +38,9 @@ server:
   branding:
     app_name: "DID WebVH Server"
     app_description: "An api server to register and serve web dids with verifiable history."
-    app_icon: "https://didwebvh.info/latest/assets/favicon.ico"
-    app_logo: "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg"
+    icon: "https://didwebvh.info/latest/assets/favicon.ico"
+    logo_vertical: "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg"
+    logo_horizontal: "https://raw.githubusercontent.com/decentralized-identity/didwebvh-info/main/docs/assets/didwebvh.jpg"
     app_primary_color: "#1a365d"
     app_secondary_color: "#38a169"
     app_accent_color: "#3182ce"

demo/README.md

@@ -113,6 +113,8 @@ Build Options:
 Load Test Options:
   -c, --count N     Number of DIDs to create (default: 10)
   -u, --updates N   Updates per DID (default: 2)
+  -s, --server URL  Server URL for load test (default: http://localhost:8000)
+                    Use this to test against an existing server instead of starting one
   --concurrent      Run tests concurrently (faster)
   --agent           Use agent provisioning instead of load test
 
@@ -126,6 +128,8 @@ Server Options:
 Examples:
   ./magic.sh                          # Quick start with defaults
   ./magic.sh -c 50 --concurrent       # 50 DIDs concurrently
+  ./magic.sh -s http://localhost:8000 # Test existing server (skip startup)
+  ./magic.sh -s https://did.example.com -c 20  # Test remote server
   ./magic.sh --ngrok                  # Start with ngrok
   ./magic.sh --agent --ngrok          # Agent provisioning with ngrok
   ./magic.sh --no-rebuild -c 20       # Skip rebuild, 20 DIDs

demo/docker-compose.yml

@@ -15,7 +15,7 @@ services:
       WEBVH_ENDORSEMENT: ${WEBVH_ENDORSEMENT:-false}
       APP_PORT: 8000
     healthcheck:
-      test: ["CMD-SHELL", "python3 -c 'import urllib.request; urllib.request.urlopen(\"http://localhost:8000/server/status\")' || exit 1"]
+      test: ["CMD-SHELL", "python3 -c 'import urllib.request; urllib.request.urlopen(\"http://localhost:8000/api/server/status\")' || exit 1"]
       interval: 5s
       timeout: 3s
       retries: 10