Problem receiving revocation notification

[barnabef]

Here is the setup. We are using Hyperledger Acapy version 1.2.0 with askar-anoncred as our controller. We are using credo-ts v 0.5.13 as wallet holder.

The flow is quite simple. The Acapy agent sends a credential offer. The user accepts the credential in Credo. Then Acapy revokes the credential it sends a notification to the Credo holder, but there's this error when trying to get it from the storage:

INFO: Processing revocation notification v2 {
2025-02-24T16:04:29.552264300Z   "message": {
2025-02-24T16:04:29.552282690Z     "@type": "https://didcomm.org/revocation_notification/2.0/revoke",
2025-02-24T16:04:29.552291303Z     "@id": "c3256534-d68f-42e2-ad22-cb0c7149b8ca",
2025-02-24T16:04:29.552295793Z     "revocation_format": "indy-anoncreds",
2025-02-24T16:04:29.552299852Z     "credential_id": "Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0::3",
2025-02-24T16:04:29.552304001Z     "comment": "Revocation"
2025-02-24T16:04:29.552334319Z   }
2025-02-24T16:04:29.552339540Z }
2025-02-24T16:04:29.558320243Z TRACE: Getting record by query for revocation notification: {
2025-02-24T16:04:29.558432306Z   "$or": [
2025-02-24T16:04:29.558456042Z     {
2025-02-24T16:04:29.558464475Z       "anonCredsRevocationRegistryId": "Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0",
2025-02-24T16:04:29.558469585Z       "anonCredsCredentialRevocationId": "3",
2025-02-24T16:04:29.558473657Z       "connectionId": "dbc36568-c1b5-4d67-9049-68b73b861d1a"
2025-02-24T16:04:29.558477991Z     },
2025-02-24T16:04:29.558481875Z     {
2025-02-24T16:04:29.558485384Z       "anonCredsUnqualifiedRevocationRegistryId": "Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0",
2025-02-24T16:04:29.558489697Z       "anonCredsCredentialRevocationId": "3",
2025-02-24T16:04:29.558493396Z       "connectionId": "dbc36568-c1b5-4d67-9049-68b73b861d1a"
2025-02-24T16:04:29.558497201Z     }
2025-02-24T16:04:29.558500742Z   ]
2025-02-24T16:04:29.558504012Z }
2025-02-24T16:04:29.602479809Z WARN: Failed to process revocation notification message {
2025-02-24T16:04:29.602555801Z   "error": {
2025-02-24T16:04:29.602562691Z     "name": "RecordNotFoundError",
2025-02-24T16:04:29.602566941Z     "message": "CredentialRecord: No record found for given query '{\"$or\":[{\"anonCredsRevocationRegistryId\":\"Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0\",\"anonCredsCredentialRevocationId\":\"3\",\"connectionId\":\"dbc36568-c1b5-4d67-9049-68b73b861d1a\"},{\"anonCredsUnqualifiedRevocationRegistryId\":\"Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0\",\"anonCredsCredentialRevocationId\":\"3\",\"connectionId\":\"dbc36568-c1b5-4d67-9049-68b73b861d1a\"}]}'",
2025-02-24T16:04:29.602577912Z     "stack": "RecordNotFoundError: CredentialRecord: No record found for given query '{\"$or\":[{\"anonCredsRevocationRegistryId\":\"Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0\",\"anonCredsCredentialRevocationId\":\"3\",\"connectionId\":\"dbc36568-c1b5-4d67-9049-68b73b861d1a\"},{\"anonCredsUnqualifiedRevocationRegistryId\":\"Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0\",\"anonCredsCredentialRevocationId\":\"3\",\"connectionId\":\"dbc36568-c1b5-4d67-9049-68b73b861d1a\"}]}'\n    at CredentialRepository.getSingleByQuery (/app/node_modules/@credo-ts/core/src/storage/Repository.ts:145:13)\n    at processTicksAndRejections (node:internal/process/task_queues:95:5)\n    at async RevocationNotificationService.processRevocationNotification (/app/node_modules/@credo-ts/core/src/modules/credentials/protocol/revocation-notification/services/RevocationNotificationService.ts:71:30)\n    at async RevocationNotificationService.v2ProcessRevocationNotification (/app/node_modules/@credo-ts/core/src/modules/credentials/protocol/revocation-notification/services/RevocationNotificationService.ts:175:7)\n    at async V2RevocationNotificationHandler.handle (/app/node_modules/@credo-ts/core/src/modules/credentials/protocol/revocation-notification/handlers/V2RevocationNotificationHandler.ts:15:5)\n    at async Dispatcher.defaultHandlerMiddleware (/app/node_modules/@credo-ts/core/src/agent/Dispatcher.ts:59:29)\n    at async dispatch (/app/node_modules/@credo-ts/core/src/agent/MessageHandlerMiddleware.ts:17:11)\n    at async /app/node_modules/@credo-ts/core/src/agent/MessageHandlerMiddleware.ts:19:9\n    at async Function.run (/app/node_modules/@credo-ts/core/src/agent/MessageHandlerMiddleware.ts:24:5)\n    at async Dispatcher.dispatch (/app/node_modules/@credo-ts/core/src/agent/Dispatcher.ts:80:7)"
2025-02-24T16:04:29.602613207Z   },
2025-02-24T16:04:29.602616885Z   "credentialId": "Uzy1MJK1dQ6eoX265pUTLx:4:Uzy1MJK1dQ6eoX265pUTLx:3:CL:19:default:CL_ACCUM:0::3"
2025-02-24T16:04:29.602621090Z }

If I get the credential using agent.credentials.getAll(), I see that the information is correct, except for the anonCredsRevocationRegistryId that is qualified in the storage and not in the select.

"anonCredsCredentialRevocationId": "3",
"anonCredsRevocationRegistryId": "did:indy:bcovrin:test:Uzy1MJK1dQ6eoX265pUTLx/anoncreds/v0/REV_REG_DEF/19/default/0",
"connectionId": "dbc36568-c1b5-4d67-9049-68b73b861d1a",

Shouldn't the select use the qualified id instead or save the unqualified id in anonCredsUnqualifiedRevocationRegistryId?

[TimoGlastra]

How is the credential issued? In qualified form or in unqualified? If the latter, we probably still store the credential as qualified and don't correctly handle the backwards compatibility of unqualified identifiers (and this would be a bug in Credo).

[zoblazo]

@TimoGlastra The credential is issued in unqualified form.

[zoblazo]

@TimoGlastra if it is indeed a backward compatibility of unqualified identifiers in Credo, can you think of any work around that we could try while sticking with unqualified did:sov ? We did try to provision our acapy agents with qualified did:sov but ran in another bug currently preventing us to go forward in that direction.