Two consecutive update without waiting DID to anchored

[fqutishat]

Step 1: Download orb cli binary.

• wget https://nightly.link/trustbloc/orb/actions/artifacts/150250948.zip -O orb-cli.zip
• unzip orb-cli.zip

Step 2: extract a tar.

• darwin: tar -zxf orb-cli-darwin-amd64.tar.gz
• linux: tar -zxf orb-cli-linux-amd64.tar.gz

Step 3: create DID public keys

• create file called create_publickeys.json
• copy this content to create_publickeys.json

[
 {
  "id": "key1",
  "type": "Ed25519VerificationKey2018",
  "purposes": ["authentication"],
  "jwkPath": "key1_jwk.json"
 }
]

• create file called key1_jwk.json
• copy this content to key1_jwk.json

{
  "kty":"OKP",
  "crv":"Ed25519",
  "x":"o1bG1U7G3CNbtALMafUiFOq8ODraTyVTmPtRDO1QUWg",
  "y":""
}

Step 5: create DID public keys for update1 operation

• create file called update1_publickeys.json
• will amend DID public key1 and add two purposes [authentication,capabilityInvocation]
• copy this content to update1_publickeys.json

[
 {
  "id": "key1",
  "type": "Ed25519VerificationKey2018",
  "purposes": ["authentication","capabilityInvocation"],
  "jwkPath": "key1_jwk.json"
 }
]

Step 6: create DID public keys for update2 operation

• create file called update2_publickeys.json
• will amend DID public key2 and add two purposes [authentication,capabilityInvocation,assertionMethod]
• copy this content to update2_publickeys.json

[
 {
  "id": "key1",
  "type": "Ed25519VerificationKey2018",
  "purposes": ["authentication","capabilityInvocation","assertionMethod"],
  "jwkPath": "key1_jwk.json"
 }
]

Step 7: create 3 keypairs this keys will be used for updatekey (create, update1, update2)

• openssl ecparam -name prime256v1 -genkey -noout -out update_privatekey.pem
• openssl ec -in update_privatekey.pem -pubout -out update_publickey.pem
• openssl ecparam -name prime256v1 -genkey -noout -out update1_privatekey.pem
• openssl ec -in update1_privatekey.pem -pubout -out update1_publickey.pem
• openssl ecparam -name prime256v1 -genkey -noout -out update2_privatekey.pem
• openssl ec -in update2_privatekey.pem -pubout -out update2_publickey.pem

Step 8: create keypair this key will be used for recoverkey

• openssl ecparam -name prime256v1 -genkey -noout -out recover_privatekey.pem
• openssl ec -in recover_privatekey.pem -pubout -out recover_publickey.pem
• you should have two files recover_privatekey.pem recover_publickey.pem

Step 9: create orb DID then two consecutive updates

./orb-cli-darwin-amd64 did create --domain=https://orb-1.sandbox.trustbloc.dev --publickey-file=./create_publickeys.json --recoverykey-file=./recover_publickey.pem --updatekey-file=./update_publickey.pem --did-anchor-origin=https://orb-1.sandbox.trustbloc.dev --tls-systemcertpool=true --sidetree-write-token=#TOKEN

./orb-cli-darwin-amd64 did update --domain=https://orb-1.sandbox.trustbloc.dev --add-publickey-file=./update1_publickeys.json --signingkey-file=./update_privatekey.pem --nextupdatekey-file=./update1_publickey.pem --tls-systemcertpool=true --did-uri=#DID_ID --sidetree-write-token=#TOKEN

./orb-cli-darwin-amd64 did update --domain=https://orb-1.sandbox.trustbloc.dev --add-publickey-file=./update2_publickeys.json --signingkey-file=./update1_privatekey.pem --nextupdatekey-file=./update2_publickey.pem --tls-systemcertpool=true --did-uri=#DID_ID --sidetree-write-token=#TOKEN

Note: replace #TOKEN with real token value
Note: replace #DID_ID with did id from create command

Step 7: resolve orb DID check [authentication,capabilityInvocation,assertionMethod]

curl https://orb-1.sandbox.trustbloc.dev/sidetree/v1/identifiers/#DID_ID