I am currently using the example of Hyperledger Indy of Write a DID and Query Its Verkey to dive deep into DID creation.
After generating a DID and a verkey for a TRUST_ANCHOR, I sign and submit it to the ledger as:
# 7.
print_log('\n7. Building NYM request to add Trust Anchor to the ledger\n')
nym_transaction_request = await ledger.build_nym_request(submitter_did=user.steward_did,
target_did=actor_did,
ver_key=actor_verkey,
alias=None,
role='TRUST_ANCHOR')
print_log('NYM transaction request: ')
pprint.pprint(json.loads(nym_transaction_request))
# 8.
print_log('\n8. Sending NYM request to the ledger\n')
nym_transaction_response = await ledger.sign_and_submit_request(pool_handle=pool_handle,
wallet_handle=wallet_handle,
submitter_did=user.steward_did,
request_json=nym_transaction_request)
I wanted to demote this TRUST_ANCHOR from the ledger, removing its rights and making it disappear, is it possible?
Reading the AUTH_RULES it seems possible as there are many lines in this table about demoting roles. But I don't see how to implement it on Python.
On indy-cli you remove the role with this txn:
This is probably what you want on python, run this to remove the did's role:
and of course you have to sign and submit the request after creating it.
if you look at the ledger after the request, you will see that the last transaction is a DID transaction with no role.