Skip to content
osvauld

Editing a Credential

Sequence Diagram

Sequence diagram for editing a credential

User Request

  1. The user (manager) initiates the edit of a credential.
  2. The client sends a request to the server to fetch all users who have access to the credential.
  3. The server returns the list of users with access to the credential.

Background Service Processing

  1. The user modifies the credential fields and sends the updated fields to the background service.
  2. The background service sends the updated credential fields to the WASM service for encryption with each user’s public key.
  3. The WASM service encrypts the updated credential fields with each user’s public key.
  4. The WASM service returns the encrypted credential fields to the background service.
[
 {
   "userId": "user_id_1",
   "fields": [
     {
       "fieldId": "field_id",
       "fieldValue": "encrypted_field_value_user1"
     }
   ]
 },
 {
   "userId": "user_id_2",
   "fields": [
     {
       "fieldId": "field_id",
       "fieldValue": "encrypted_field_value_user2"
     }
   ]
 }
]
  1. The background service returns the encrypted credential fields for each user to the client.
  2. The client then sends the whole payload to hash and then sign
  3. The client sends the payload to the server with signature in the header.

Server Processing

  1. The client sends the payload (encrypted credential fields for each user) to the server.
{
  "credentialId": "credential_id",
  "users": [
    {
      "userId": "user_id_1",
      "fields": [
        {
          "fieldId": "field_id",
          "fieldValue": "encrypted_field_value_user1"
        }
      ]
    },
    {
      "userId": "user_id_2",
      "fields": [
        {
          "fieldId": "field_id",
          "fieldValue": "encrypted_field_value_user2"
        }
      ]
    }
  ]
}
  1. The server processes the request after verifying the signature.
  2. For each user: The server moves the old fields of the user to the fields_archive table. The server adds the new fields to the fields table.
  3. The server returns the response (success/failure) to the user.
Note: Only the manager of a credential can edit it. When a credential is edited, the old fields of every user are moved to the fields_archive table, and the new fields are added to the fields table. This ensures that the changes are reflected for all users who have access to the credential.