From 75779bdacbb2d87f7a191e606bff20b427958cb0 Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Mon, 26 Jan 2026 09:06:12 -0500
Subject: [PATCH 1/6] update acapy to 1.5.0rc1

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 plugins/docker/Dockerfile                 |  4 ++--
 plugins/traction_innkeeper/poetry.lock    | 10 +++++-----
 plugins/traction_innkeeper/pyproject.toml |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/plugins/docker/Dockerfile b/plugins/docker/Dockerfile
index 62ed7c132..effbf8843 100644
--- a/plugins/docker/Dockerfile
+++ b/plugins/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc0 AS base
+FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc1 AS base
 
 # Install and Configure Poetry
 USER root
@@ -24,7 +24,7 @@ RUN poetry install --only main
 RUN ln -s $(poetry env info -p)/lib/python3.6/site-packages site-packages
 
 
-FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc0
+FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc1
 COPY --from=base --chown=aries:aries /home/aries/.venv /home/aries/.venv
 ENV PATH="/home/aries/.venv/bin:$PATH"
 
diff --git a/plugins/traction_innkeeper/poetry.lock b/plugins/traction_innkeeper/poetry.lock
index 6e462a2aa..e6e13d2a2 100644
--- a/plugins/traction_innkeeper/poetry.lock
+++ b/plugins/traction_innkeeper/poetry.lock
@@ -2,14 +2,14 @@
 
 [[package]]
 name = "acapy-agent"
-version = "1.5.0rc0"
+version = "1.5.0rc1"
 description = "(ACA-Py) A Cloud Agent Python is a foundation for building decentralized identity applications and services running in non-mobile environments. "
 optional = false
 python-versions = "<4.0,>=3.13"
 groups = ["main"]
 files = [
-    {file = "acapy_agent-1.5.0rc0-py3-none-any.whl", hash = "sha256:a6b8fcd822f77153876042fb4e771fb118bd9a2208efd5d4fd5c96f6e49583a0"},
-    {file = "acapy_agent-1.5.0rc0.tar.gz", hash = "sha256:d8bffeb6ccae40879b59636478712a69e8ca1e7e6d5e8bd5f6102865442b7765"},
+    {file = "acapy_agent-1.5.0rc1-py3-none-any.whl", hash = "sha256:cabd1d48e9a06d6533734f2ad2332cda29242606117281fd8e428220c7b48a01"},
+    {file = "acapy_agent-1.5.0rc1.tar.gz", hash = "sha256:12134bf7300da497064a2cf0fe508c5d6fb40fcc728c875cae142a68d8a44f8c"},
 ]
 
 [package.dependencies]
@@ -49,7 +49,7 @@ requests = ">=2.32.3,<2.33.0"
 rlp = ">=4.1.0,<5.0.0"
 sd-jwt = ">=0.10.3,<0.11.0"
 unflatten = ">=0.2,<0.3"
-uuid_utils = ">=0.10,<0.13"
+uuid_utils = ">=0.10,<0.14"
 
 [package.extras]
 bbs = ["ursa-bbs-signatures (>=1.0.1,<1.1.0)"]
@@ -3482,4 +3482,4 @@ propcache = ">=0.2.1"
 [metadata]
 lock-version = "2.1"
 python-versions = "^3.13"
-content-hash = "024aac753f331a472168a6728498439ac628acfbd558f57aba9fd64ae1a58551"
+content-hash = "e435fe4ac0b8d979651bf42dd980ccf4763b2e83ded0d7ed8e275d580b8f4d20"
diff --git a/plugins/traction_innkeeper/pyproject.toml b/plugins/traction_innkeeper/pyproject.toml
index 1160c33f7..83fb358cb 100644
--- a/plugins/traction_innkeeper/pyproject.toml
+++ b/plugins/traction_innkeeper/pyproject.toml
@@ -14,7 +14,7 @@ packages = [{include = "traction_innkeeper"}]
 
 [tool.poetry.dependencies]
 python = "^3.13"
-acapy-agent = { version = "1.5.0rc0" }
+acapy-agent = { version = "1.5.0rc1" }
 python-dateutil = "^2.9.0"
 bcrypt = "^4.2.1"
 mergedeep = "^1.3.4"

From 2a350998d8fa1a20c35c037bb9ac54394de54843 Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Tue, 27 Jan 2026 18:29:25 -0500
Subject: [PATCH 2/6] update revocation event sub

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 .../schema_storage/schema_storage_service.py  |  31 ++---
 .../v1_0/tenant/__init__.py                   |  10 ++
 .../v1_0/tenant/issuer_revocation_service.py  | 113 ++++++++++++++++++
 .../components/connections/Connections.vue    |   4 +-
 .../frontend/src/helpers/tableFormatters.ts   |  14 ++-
 .../frontend/src/store/connectionStore.ts     |   7 +-
 .../frontend/src/store/governanceStore.ts     |  42 +------
 .../frontend/src/store/issuerStore.ts         | 104 ++++++----------
 8 files changed, 194 insertions(+), 131 deletions(-)
 create mode 100644 plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py

diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/schema_storage/schema_storage_service.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/schema_storage/schema_storage_service.py
index 7ef28a2cf..b2103149c 100644
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/schema_storage/schema_storage_service.py
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/schema_storage/schema_storage_service.py
@@ -19,15 +19,10 @@
     EVENT_LISTENER_PATTERN as INDY_SCHEMA_EVENT_PATTERN,
 )
 
-# Try to import ANONCREDS_SCHEMA_FINISHED_EVENT, but handle the case where it doesn't exist
-# (e.g., if using an older version of acapy that doesn't have this event yet)
-try:
-    from acapy_agent.anoncreds.events import (
-        SCHEMA_FINISHED_EVENT as ANONCREDS_SCHEMA_FINISHED_EVENT,
-    )
-except (ImportError, AttributeError):
-    # If the event doesn't exist, we'll only subscribe to Indy events
-    ANONCREDS_SCHEMA_FINISHED_EVENT = None
+# Import the AnonCreds schema finished event
+from acapy_agent.anoncreds.events import (
+    SCHEMA_FINISHED_EVENT as ANONCREDS_SCHEMA_FINISHED_EVENT,
+)
 
 LOGGER = logging.getLogger(__name__)
 
@@ -274,13 +269,12 @@ async def sync_created(self, profile: Profile):
 def subscribe(bus: EventBus):
     # Subscribe to Indy schema events
     bus.subscribe(INDY_SCHEMA_EVENT_PATTERN, schemas_event_handler)
-    # Subscribe to AnonCreds schema events if available
-    # Explicitly compile as literal pattern to ensure it's a Pattern object, not a string
-    if ANONCREDS_SCHEMA_FINISHED_EVENT:
-        bus.subscribe(
-            re.compile(re.escape(ANONCREDS_SCHEMA_FINISHED_EVENT)),
-            schemas_event_handler,
-        )
+    # Subscribe to AnonCreds schema finished events
+    # Use exact match pattern - escape special chars and anchor to start/end
+    bus.subscribe(
+        re.compile(f"^{re.escape(ANONCREDS_SCHEMA_FINISHED_EVENT)}$"),
+        schemas_event_handler,
+    )
 
 
 def _normalize_schema_event_payload(event: Event) -> dict:
@@ -292,10 +286,7 @@ def _normalize_schema_event_payload(event: Event) -> dict:
     payload = event.payload
 
     # Check event topic to determine if it's AnonCreds or Indy
-    if (
-        ANONCREDS_SCHEMA_FINISHED_EVENT
-        and event.topic == ANONCREDS_SCHEMA_FINISHED_EVENT
-    ):
+    if event.topic == ANONCREDS_SCHEMA_FINISHED_EVENT:
         # AnonCreds event: SchemaFinishedPayload NamedTuple
         if hasattr(payload, "schema_id"):
             return {
diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
index f75b104c1..69231269e 100644
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
@@ -6,6 +6,10 @@
 from acapy_agent.core.protocol_registry import ProtocolRegistry
 
 from .holder_revocation_service import subscribe, HolderRevocationService
+from .issuer_revocation_service import (
+    subscribe as subscribe_issuer_revocation,
+    IssuerRevocationService,
+)
 
 LOGGER = logging.getLogger(__name__)
 
@@ -74,6 +78,12 @@ async def setup(context: InjectionContext):
 
     subscribe(bus)
 
+    # Subscribe to issuer revocation events
+    issuer_srv = IssuerRevocationService()
+    context.injector.bind_instance(IssuerRevocationService, issuer_srv)
+
+    subscribe_issuer_revocation(bus)
+
     setup_multitenant_logging()
 
     LOGGER.info("< plugin setup.")
diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py
new file mode 100644
index 000000000..a182c22a8
--- /dev/null
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py
@@ -0,0 +1,113 @@
+import logging
+import re
+
+from acapy_agent.core.event_bus import EventBus, Event
+from acapy_agent.core.profile import Profile
+from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
+    V20CredExRecord,
+)
+from acapy_agent.revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
+from acapy_agent.storage.error import StorageNotFoundError
+
+LOGGER = logging.getLogger(__name__)
+
+# Subscribe to the event that's actually emitted by IssuerCredRevRecord
+# Format: acapy::record::issuer_cred_rev::revoked
+ISSUER_CRED_REV_REVOKED_EVENT_PATTERN = re.compile(
+    r"^acapy::record::issuer_cred_rev::revoked$"
+)
+
+
+class IssuerRevocationService:
+    def __init__(self):
+        self._logger = logging.getLogger(__name__)
+
+    async def update_credential_exchange_state(
+        self, profile: Profile, rev_rec: IssuerCredRevRecord
+    ) -> bool:
+        """Update credential exchange record state to credential-revoked.
+
+        Args:
+            profile: The profile to use
+            rev_rec: The IssuerCredRevRecord that was revoked
+
+        Returns:
+            bool: True if the state was updated, False otherwise
+        """
+        self._logger.info(
+            f"> update_credential_exchange_state(cred_ex_id={rev_rec.cred_ex_id})"
+        )
+
+        if not rev_rec.cred_ex_id:
+            self._logger.warning(
+                "IssuerCredRevRecord has no cred_ex_id, cannot update credential exchange state"
+            )
+            return False
+
+        updated = False
+        try:
+            async with profile.transaction() as txn:
+                cred_ex_record = await V20CredExRecord.retrieve_by_id(
+                    txn, rev_rec.cred_ex_id, for_update=True
+                )
+                cred_ex_record.state = V20CredExRecord.STATE_CREDENTIAL_REVOKED
+                await cred_ex_record.save(txn, reason="revoke credential")
+                await txn.commit()
+                updated = True
+                self._logger.info(
+                    f"Updated credential exchange {rev_rec.cred_ex_id} state to credential-revoked"
+                )
+        except StorageNotFoundError:
+            self._logger.warning(
+                f"Credential exchange record not found for cred_ex_id: {rev_rec.cred_ex_id}"
+            )
+        except Exception as err:
+            self._logger.error(
+                f"Error updating credential exchange state for cred_ex_id {rev_rec.cred_ex_id}",
+                exc_info=err,
+            )
+
+        self._logger.info(
+            f"< update_credential_exchange_state(cred_ex_id={rev_rec.cred_ex_id}): updated={updated}"
+        )
+        return updated
+
+
+def subscribe(bus: EventBus):
+    """Subscribe to issuer credential revocation events."""
+    bus.subscribe(ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler)
+
+
+async def issuer_cred_rev_revoked_handler(profile: Profile, event: Event):
+    """Handle issuer credential revocation event.
+
+    This handler is triggered when an IssuerCredRevRecord state changes to 'revoked'.
+    It updates the corresponding credential exchange record state to 'credential-revoked'.
+    """
+    LOGGER.info(
+        f"> issuer_cred_rev_revoked_handler: topic={event.topic}, payload_type={type(event.payload)}"
+    )
+
+    try:
+        # The event payload is the serialized IssuerCredRevRecord (dict)
+        # Deserialize it to get the IssuerCredRevRecord object
+        LOGGER.debug(f"Event payload: {event.payload}")
+        rev_rec = IssuerCredRevRecord.deserialize(event.payload)
+        LOGGER.info(
+            f"Deserialized IssuerCredRevRecord: cred_ex_id={rev_rec.cred_ex_id}, state={rev_rec.state}"
+        )
+
+        # Only process if cred_ex_id is present
+        if rev_rec.cred_ex_id:
+            srv = profile.inject(IssuerRevocationService)
+            await srv.update_credential_exchange_state(profile, rev_rec)
+        else:
+            LOGGER.warning(
+                "IssuerCredRevRecord has no cred_ex_id, skipping credential exchange update"
+            )
+    except Exception as err:
+        LOGGER.error(
+            "Error handling issuer credential revocation event", exc_info=err
+        )
+
+    LOGGER.info("< issuer_cred_rev_revoked_handler")
diff --git a/services/tenant-ui/frontend/src/components/connections/Connections.vue b/services/tenant-ui/frontend/src/components/connections/Connections.vue
index b43bba544..949bd883a 100644
--- a/services/tenant-ui/frontend/src/components/connections/Connections.vue
+++ b/services/tenant-ui/frontend/src/components/connections/Connections.vue
@@ -42,13 +42,13 @@
         <template #body="{ data }">
           <MessageConnection
             :connection-id="data.connection_id"
-            :connection-name="data.alias"
+            :connection-name="data.alias || data.their_label || ''"
           />
           <Button
             title="Delete Connection"
             icon="pi pi-trash"
             class="p-button-rounded p-button-icon-only p-button-text"
-            :disabled="deleteDisabled(data.alias)"
+            :disabled="deleteDisabled(data.alias || data.their_label || '')"
             @click="deleteConnection($event, data.connection_id)"
           />
           <EditConnection :connection-id="data.connection_id" />
diff --git a/services/tenant-ui/frontend/src/helpers/tableFormatters.ts b/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
index ade94ad65..852573197 100644
--- a/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
+++ b/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
@@ -185,12 +185,22 @@ export const formatIssuedCredentials = (
       }
     }
 
+    const connectionId = ce.cred_ex_record?.connection_id ?? '';
+    // findConnectionName is a function that takes connectionId and returns the connection name
+    // It should use alias first, then their_label as fallback
+    const connectionName = connectionId && findConnectionName 
+      ? (findConnectionName(connectionId) || '')
+      : '';
+    
     return {
+      // Preserve the full V20CredExRecordDetail structure for format detection
+      ...ce,
+      // Explicitly set all formatted values to ensure they override any spread properties
       state: ce.cred_ex_record?.state,
       cred_rev_id: credRevId,
       rev_reg_id: revRegId,
-      connection_id: ce.cred_ex_record?.connection_id,
-      connection: findConnectionName(ce.cred_ex_record?.connection_id ?? ''),
+      connection_id: connectionId,
+      connection: connectionName,
       credential_definition_id: credentialDefinitionDisplay,
       credential_exchange_id: ce.cred_ex_record?.cred_ex_id,
       created: formatDateLong(ce.cred_ex_record?.created_at),
diff --git a/services/tenant-ui/frontend/src/store/connectionStore.ts b/services/tenant-ui/frontend/src/store/connectionStore.ts
index acd2eb9e8..69d747094 100644
--- a/services/tenant-ui/frontend/src/store/connectionStore.ts
+++ b/services/tenant-ui/frontend/src/store/connectionStore.ts
@@ -42,11 +42,14 @@ export const useConnectionStore = defineStore('connection', () => {
 
   const findConnectionName = computed(() => (connectionId: string) => {
     if (loading.value) return undefined;
-    // Find the connection alias for an ID
+    // Find the connection alias for an ID, fallback to their_label
     const connection = connections.value?.find((c: any) => {
       return c.connection_id === connectionId;
     });
-    return connection && connection.alias ? connection.alias : '';
+    if (connection) {
+      return connection.alias || connection.their_label || '';
+    }
+    return '';
   });
 
   // actions
diff --git a/services/tenant-ui/frontend/src/store/governanceStore.ts b/services/tenant-ui/frontend/src/store/governanceStore.ts
index 1c9f88161..0d5e6517b 100644
--- a/services/tenant-ui/frontend/src/store/governanceStore.ts
+++ b/services/tenant-ui/frontend/src/store/governanceStore.ts
@@ -589,46 +589,14 @@ export const useGovernanceStore = defineStore('governance', () => {
       .then((res) => {
         result = res.data;
         console.log(result);
+        // Schema finished event will be handled by the backend event handler
+        // which will automatically add it to storage
       })
       .then(async () => {
-        // Extract schema_id from response
-        const schemaId = result?.schema_state?.schema_id;
-
-        if (!schemaId) {
-          console.warn('No schema_id found in response, cannot verify storage');
-          return;
-        }
-
-        // Wait a bit for event handler to complete (if it runs)
-        await new Promise((resolve) => setTimeout(resolve, 1500));
-
-        // Refresh the stored schema list
+        // Wait a moment for the backend event handler to process and store the schema
+        await new Promise((resolve) => setTimeout(resolve, 500));
+        // Refresh the schema list to show the newly created schema
         await listStoredSchemas();
-
-        // Check if schema is in storage after refresh
-        const storedSchema = storedSchemas.value.find(
-          (s: any) => s.schema_id === schemaId
-        );
-
-        if (!storedSchema) {
-          // Schema not in storage, manually add it via storage endpoint
-          console.log(
-            `Schema ${schemaId} not found in storage after event handler, manually adding...`
-          );
-          try {
-            await addSchemaFromLedgerToStorage({ schema_id: schemaId });
-            // Refresh again after manual add
-            await listStoredSchemas();
-          } catch (err) {
-            console.error(
-              `Failed to manually add schema ${schemaId} to storage:`,
-              err
-            );
-            // Don't throw - schema was created successfully, just storage failed
-          }
-        } else {
-          console.log(`Schema ${schemaId} found in storage`);
-        }
       })
       .catch((err) => {
         console.log(err);
diff --git a/services/tenant-ui/frontend/src/store/issuerStore.ts b/services/tenant-ui/frontend/src/store/issuerStore.ts
index ecf8d33e8..53f7b63ef 100644
--- a/services/tenant-ui/frontend/src/store/issuerStore.ts
+++ b/services/tenant-ui/frontend/src/store/issuerStore.ts
@@ -79,61 +79,45 @@ export const useIssuerStore = defineStore('issuer', () => {
     );
   }
 
-  async function revokeCredential(
-    payload: RevokeRequest,
-    isAnonCredsCredential?: boolean
-  ) {
+  async function revokeCredential(payload: RevokeRequest) {
     console.log('> issuerStore.revokeCredential');
     error.value = null;
     loading.value = true;
 
     try {
-      // Determine which endpoint to use based on credential format
-      // If format is not specified, fall back to wallet type
-      let useAnonCredsEndpoint = isAnonCredsCredential;
-
-      // If credential format is not explicitly detected (undefined), check wallet type
-      if (useAnonCredsEndpoint === undefined) {
-        // Ensure wallet is loaded and get wallet type
-        let walletType: string | undefined;
-        if (!tenantStore.tenantWallet?.value) {
-          try {
-            const wallet = await tenantStore.getTenantSubWallet();
-            walletType = wallet?.settings?.['wallet.type'];
-            if (!walletType && wallet) {
-              console.warn(
-                'Wallet retrieved but wallet.type setting not found, defaulting to Indy endpoint'
-              );
-            }
-          } catch (err) {
-            console.error(
-              'Failed to retrieve tenant wallet, defaulting to Indy endpoint:',
-              err
+      // Determine which endpoint to use based on wallet type
+      let walletType: string | undefined;
+      if (!tenantStore.tenantWallet?.value) {
+        try {
+          const wallet = await tenantStore.getTenantSubWallet();
+          walletType = wallet?.settings?.['wallet.type'];
+          if (!walletType && wallet) {
+            console.warn(
+              'Wallet retrieved but wallet.type setting not found, defaulting to Indy endpoint'
             );
-            walletType = undefined;
           }
-        } else {
-          walletType =
-            tenantStore.tenantWallet.value?.settings?.['wallet.type'];
+        } catch (err) {
+          console.error(
+            'Failed to retrieve tenant wallet, defaulting to Indy endpoint:',
+            err
+          );
+          walletType = undefined;
         }
-
-        // For askar-anoncreds wallets, default to AnonCreds endpoint
-        // For other wallets, default to Indy endpoint
-        useAnonCredsEndpoint = walletType === 'askar-anoncreds';
-
-        console.log(
-          'Credential format not detected, using wallet type:',
-          walletType,
-          '-> useAnonCredsEndpoint:',
-          useAnonCredsEndpoint
-        );
       } else {
-        console.log(
-          'Using explicit credential format detection:',
-          isAnonCredsCredential
-        );
+        walletType = tenantStore.tenantWallet.value?.settings?.['wallet.type'];
       }
 
+      // For askar-anoncreds wallets, use AnonCreds endpoint
+      // For other wallets (askar, etc.), use Indy endpoint
+      const useAnonCredsEndpoint = walletType === 'askar-anoncreds';
+
+      console.log(
+        'Using wallet type:',
+        walletType,
+        '-> useAnonCredsEndpoint:',
+        useAnonCredsEndpoint
+      );
+
       const revocationEndpoint = useAnonCredsEndpoint
         ? API_PATH.ANONCREDS_REVOCATION_REVOKE
         : API_PATH.REVOCATION_REVOKE;
@@ -154,31 +138,15 @@ export const useIssuerStore = defineStore('issuer', () => {
             // AnonCreds endpoint returns {} (empty object), Indy returns { item: {...} }
             result = res.data.item || res.data;
 
-            // Refresh credentials to get updated state
+            // The backend event handler should update the credential state to "credential-revoked"
+            // Wait for the event handler to process, then refresh
+            // The event handler processes asynchronously, so we wait and refresh
+            await new Promise((resolve) => setTimeout(resolve, 2000));
+            await listCredentials();
+            
+            // Refresh once more after a delay to catch the state update
+            await new Promise((resolve) => setTimeout(resolve, 1000));
             await listCredentials();
-
-            // For AnonCreds endpoint, verify the revocation actually succeeded
-            // The endpoint might return success but not actually revoke (e.g., Indy credential in AnonCreds wallet)
-            if (useAnonCredsEndpoint && isAnonCredsCredential === undefined) {
-              // Best-effort polling: refresh credentials a few times with a short delay
-              const maxAttempts = 3;
-              const delayMs = 200;
-
-              for (let attempt = 1; attempt <= maxAttempts; attempt++) {
-                await listCredentials();
-
-                // If additional verification logic becomes available (e.g., using a cred_ex_id),
-                // it can be added here to break early when revocation is confirmed.
-
-                if (attempt < maxAttempts) {
-                  await new Promise((resolve) => setTimeout(resolve, delayMs));
-                }
-              }
-              // Check if the credential was actually revoked by looking for it in the list
-              // If credential format wasn't detected, the revocation might have failed silently
-              console.log('Verifying revocation succeeded...');
-              // Note: We can't easily verify here without the cred_ex_id, but the refresh will show the state
-            }
           })
           .catch((err) => {
             error.value = err;

From 4c94fd2c3d25abdabbe17702b309a957d8fa170e Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Tue, 27 Jan 2026 18:46:14 -0500
Subject: [PATCH 3/6] update innkeeper tests

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 .../tests/test_issuer_revocation_service.py   | 306 ++++++++++++++++++
 .../credentials/RevokeCredentialForm.vue      |  48 +--
 .../frontend/src/store/issuerStore.ts         |  47 ++-
 3 files changed, 354 insertions(+), 47 deletions(-)
 create mode 100644 plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py

diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py
new file mode 100644
index 000000000..afc2468b0
--- /dev/null
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py
@@ -0,0 +1,306 @@
+import logging
+from unittest.mock import MagicMock, AsyncMock, patch, ANY
+
+import pytest
+from acapy_agent.core.profile import Profile
+from acapy_agent.core.event_bus import Event, EventBus
+from acapy_agent.storage.error import StorageNotFoundError, StorageError
+from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
+    V20CredExRecord,
+)
+from acapy_agent.revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
+
+# Import the module containing the service and handler to be tested
+from traction_innkeeper.v1_0.tenant.issuer_revocation_service import (
+    IssuerRevocationService,
+    subscribe,
+    issuer_cred_rev_revoked_handler,
+    ISSUER_CRED_REV_REVOKED_EVENT_PATTERN,
+)
+
+# Disable logging noise during tests
+logging.disable(logging.CRITICAL)
+
+# --- Constants ---
+TEST_CRED_EX_ID = "cred-ex-id-abc-987"
+TEST_REV_REG_ID = "RvgFV1_CL_1_tag:4:RvgFV1_CL_1_tag:3:CL:1:tag:CL_ACCUM:default"
+TEST_CRED_REV_ID = "12345"
+
+
+# --- Fixtures ---
+@pytest.fixture
+def mock_profile():
+    """Provides a mocked Profile with transaction and inject."""
+    profile = MagicMock(spec=Profile)
+    # Mock transaction context manager
+    mock_txn = AsyncMock(name="MockTransaction")
+    profile.transaction = MagicMock(return_value=mock_txn)
+    mock_txn.__aenter__.return_value = mock_txn
+    mock_txn.__aexit__.return_value = None
+    mock_txn.commit = AsyncMock()
+    # Mock injection directly on profile (for event handler)
+    profile.inject = MagicMock()
+    return profile, mock_txn
+
+
+@pytest.fixture
+def issuer_revocation_service():
+    """Provides an IssuerRevocationService instance."""
+    return IssuerRevocationService()
+
+
+@pytest.fixture
+def mock_v20_cred_ex_record():
+    """Provides a mocked V20CredExRecord instance."""
+    record = AsyncMock(spec=V20CredExRecord)
+    record.cred_ex_id = TEST_CRED_EX_ID
+    record.state = V20CredExRecord.STATE_DONE  # Initial state
+    record.save = AsyncMock()
+    return record
+
+
+@pytest.fixture
+def mock_issuer_cred_rev_record():
+    """Provides a mocked IssuerCredRevRecord instance."""
+    rev_rec = MagicMock(spec=IssuerCredRevRecord)
+    rev_rec.cred_ex_id = TEST_CRED_EX_ID
+    rev_rec.rev_reg_id = TEST_REV_REG_ID
+    rev_rec.cred_rev_id = TEST_CRED_REV_ID
+    rev_rec.state = "revoked"
+    return rev_rec
+
+
+@pytest.fixture
+def mock_event():
+    """Provides a mocked Event for issuer credential revocation."""
+    event = MagicMock(spec=Event)
+    event.topic = "acapy::record::issuer_cred_rev::revoked"
+    # Event payload is a serialized dict representation
+    event.payload = {
+        "cred_ex_id": TEST_CRED_EX_ID,
+        "rev_reg_id": TEST_REV_REG_ID,
+        "cred_rev_id": TEST_CRED_REV_ID,
+        "state": "revoked",
+    }
+    return event
+
+
+@pytest.fixture
+def mock_event_bus():
+    """Provides a mocked EventBus."""
+    bus = MagicMock(spec=EventBus)
+    bus.subscribe = MagicMock()
+    return bus
+
+
+# --- Test Cases for IssuerRevocationService Methods ---
+
+
+# Test update_credential_exchange_state
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
+    new_callable=AsyncMock,
+)
+async def test_update_credential_exchange_state_success(
+    mock_retrieve: AsyncMock,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_profile: tuple,
+    mock_v20_cred_ex_record: AsyncMock,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test successfully updating a credential exchange to revoked state."""
+    profile, txn = mock_profile
+    mock_retrieve.return_value = mock_v20_cred_ex_record
+
+    result = await issuer_revocation_service.update_credential_exchange_state(
+        profile, mock_issuer_cred_rev_record
+    )
+
+    assert result is True
+    assert mock_v20_cred_ex_record.state == V20CredExRecord.STATE_CREDENTIAL_REVOKED
+    profile.transaction.assert_called_once()
+    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
+    mock_v20_cred_ex_record.save.assert_awaited_once_with(
+        txn, reason="revoke credential"
+    )
+    txn.commit.assert_awaited_once()
+
+
+@pytest.mark.asyncio
+async def test_update_credential_exchange_state_no_cred_ex_id(
+    issuer_revocation_service: IssuerRevocationService,
+    mock_profile: tuple,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test updating when IssuerCredRevRecord has no cred_ex_id."""
+    profile, _ = mock_profile
+    mock_issuer_cred_rev_record.cred_ex_id = None
+
+    result = await issuer_revocation_service.update_credential_exchange_state(
+        profile, mock_issuer_cred_rev_record
+    )
+
+    assert result is False
+    profile.transaction.assert_not_called()
+
+
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
+    new_callable=AsyncMock,
+)
+async def test_update_credential_exchange_state_not_found(
+    mock_retrieve: AsyncMock,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_profile: tuple,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test updating when the credential exchange record is not found."""
+    profile, txn = mock_profile
+    mock_retrieve.side_effect = StorageNotFoundError("Record not found")
+
+    result = await issuer_revocation_service.update_credential_exchange_state(
+        profile, mock_issuer_cred_rev_record
+    )
+
+    # Service catches StorageNotFoundError and returns False
+    assert result is False
+    profile.transaction.assert_called_once()
+    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
+    txn.commit.assert_not_called()
+
+
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
+    new_callable=AsyncMock,
+)
+async def test_update_credential_exchange_state_save_error(
+    mock_retrieve: AsyncMock,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_profile: tuple,
+    mock_v20_cred_ex_record: AsyncMock,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test updating when save fails."""
+    profile, txn = mock_profile
+    mock_retrieve.return_value = mock_v20_cred_ex_record
+    mock_v20_cred_ex_record.save.side_effect = StorageError("Save failed")
+
+    # The service catches Exception and returns False
+    result = await issuer_revocation_service.update_credential_exchange_state(
+        profile, mock_issuer_cred_rev_record
+    )
+
+    assert result is False
+    profile.transaction.assert_called_once()
+    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
+    mock_v20_cred_ex_record.save.assert_awaited_once_with(
+        txn, reason="revoke credential"
+    )
+    txn.commit.assert_not_called()
+
+
+# --- Test Cases for Global Functions ---
+
+
+# Test subscribe
+def test_subscribe(mock_event_bus: MagicMock):
+    """Test the subscribe function registers the handler."""
+    subscribe(mock_event_bus)
+    mock_event_bus.subscribe.assert_called_once_with(
+        ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler
+    )
+
+
+# Test issuer_cred_rev_revoked_handler
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
+)
+async def test_issuer_cred_rev_revoked_handler_success(
+    mock_deserialize: MagicMock,
+    mock_profile: tuple,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_event: MagicMock,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test the issuer_cred_rev_revoked_handler successfully processes event."""
+    profile, _ = mock_profile
+
+    # Mock profile.inject to return our service instance
+    profile.inject.return_value = issuer_revocation_service
+
+    # Mock deserialize to return our mock record
+    mock_deserialize.return_value = mock_issuer_cred_rev_record
+
+    # Mock the service method
+    issuer_revocation_service.update_credential_exchange_state = AsyncMock(
+        return_value=True
+    )
+
+    await issuer_cred_rev_revoked_handler(profile, mock_event)
+
+    profile.inject.assert_called_once_with(IssuerRevocationService)
+    mock_deserialize.assert_called_once_with(mock_event.payload)
+    issuer_revocation_service.update_credential_exchange_state.assert_awaited_once_with(
+        profile, mock_issuer_cred_rev_record
+    )
+
+
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
+)
+async def test_issuer_cred_rev_revoked_handler_no_cred_ex_id(
+    mock_deserialize: MagicMock,
+    mock_profile: tuple,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_event: MagicMock,
+    mock_issuer_cred_rev_record: MagicMock,
+):
+    """Test the handler when IssuerCredRevRecord has no cred_ex_id."""
+    profile, _ = mock_profile
+    profile.inject.return_value = issuer_revocation_service
+
+    # Mock record with no cred_ex_id
+    mock_issuer_cred_rev_record.cred_ex_id = None
+    mock_deserialize.return_value = mock_issuer_cred_rev_record
+
+    issuer_revocation_service.update_credential_exchange_state = AsyncMock()
+
+    await issuer_cred_rev_revoked_handler(profile, mock_event)
+
+    profile.inject.assert_called_once_with(IssuerRevocationService)
+    mock_deserialize.assert_called_once_with(mock_event.payload)
+    # Should not call update_credential_exchange_state when cred_ex_id is missing
+    issuer_revocation_service.update_credential_exchange_state.assert_not_awaited()
+
+
+@pytest.mark.asyncio
+@patch(
+    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
+)
+async def test_issuer_cred_rev_revoked_handler_deserialize_error(
+    mock_deserialize: MagicMock,
+    mock_profile: tuple,
+    issuer_revocation_service: IssuerRevocationService,
+    mock_event: MagicMock,
+):
+    """Test the handler when deserialization fails."""
+    profile, _ = mock_profile
+    profile.inject.return_value = issuer_revocation_service
+
+    # Mock deserialize to raise an error
+    mock_deserialize.side_effect = ValueError("Deserialization failed")
+
+    issuer_revocation_service.update_credential_exchange_state = AsyncMock()
+
+    # Handler should catch the exception and not raise
+    await issuer_cred_rev_revoked_handler(profile, mock_event)
+
+    profile.inject.assert_called_once_with(IssuerRevocationService)
+    mock_deserialize.assert_called_once_with(mock_event.payload)
+    # Should not call update_credential_exchange_state when deserialization fails
+    issuer_revocation_service.update_credential_exchange_state.assert_not_awaited()
diff --git a/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue b/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
index 92dd1068b..19b289d67 100644
--- a/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
+++ b/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
@@ -109,52 +109,22 @@ const handleSubmit = async (isFormValid: boolean) => {
   }
 
   try {
+    // Use cred_ex_id if available (preferred), otherwise use rev_reg_id and cred_rev_id
     const payload: RevokeRequest = {
       comment: formFields.comment,
       connection_id: props.credExchRecord.connection_id,
-      rev_reg_id: props.credExchRecord.rev_reg_id,
-      cred_rev_id: props.credExchRecord.cred_rev_id,
+      ...(props.credExchRecord.credential_exchange_id
+        ? { cred_ex_id: props.credExchRecord.credential_exchange_id }
+        : {
+            rev_reg_id: props.credExchRecord.rev_reg_id,
+            cred_rev_id: props.credExchRecord.cred_rev_id,
+          }),
       publish: true,
       notify: true,
     };
 
-    // Determine if this is an AnonCreds credential by checking if anoncreds/indy fields exist
-    // FormattedIssuedCredentialRecord extends V20CredExRecordDetail which has indy/anoncreds fields
-    // If only anoncreds exists, it's an AnonCreds credential; if only indy exists, it's Indy
-    // If both or neither exist, pass undefined to let the store determine based on wallet type
-    const credRecord = props.credExchRecord as V20CredExRecordDetail;
-    const hasAnoncreds = !!credRecord.anoncreds;
-    const hasIndy = !!credRecord.indy;
-    const isAnonCredsCredential =
-      hasAnoncreds && !hasIndy
-        ? true
-        : hasIndy && !hasAnoncreds
-          ? false
-          : undefined;
-
-    console.log('Credential format detection:', {
-      hasAnoncreds,
-      hasIndy,
-      isAnonCredsCredential,
-    });
-
-    // Warn if credential format can't be detected - revocation might fail silently
-    if (isAnonCredsCredential === undefined) {
-      toast.warning(
-        'Credential format could not be detected. Please verify the revocation succeeded by checking the credential list.'
-      );
-    }
-
-    await issuerStore.revokeCredential(payload, isAnonCredsCredential);
-
-    // If format couldn't be detected, show a warning message instead of success
-    if (isAnonCredsCredential === undefined) {
-      toast.warning(
-        'Revocation request sent. Please verify the credential was actually revoked in the credential list.'
-      );
-      emit('closed');
-      return;
-    }
+    // The store now determines the endpoint based on wallet type
+    await issuerStore.revokeCredential(payload);
 
     emit('success');
     // close up on success
diff --git a/services/tenant-ui/frontend/src/store/issuerStore.ts b/services/tenant-ui/frontend/src/store/issuerStore.ts
index 53f7b63ef..8c2328ce7 100644
--- a/services/tenant-ui/frontend/src/store/issuerStore.ts
+++ b/services/tenant-ui/frontend/src/store/issuerStore.ts
@@ -138,14 +138,45 @@ export const useIssuerStore = defineStore('issuer', () => {
             // AnonCreds endpoint returns {} (empty object), Indy returns { item: {...} }
             result = res.data.item || res.data;
 
-            // The backend event handler should update the credential state to "credential-revoked"
-            // Wait for the event handler to process, then refresh
-            // The event handler processes asynchronously, so we wait and refresh
-            await new Promise((resolve) => setTimeout(resolve, 2000));
-            await listCredentials();
-            
-            // Refresh once more after a delay to catch the state update
-            await new Promise((resolve) => setTimeout(resolve, 1000));
+            // Directly update the credential state in the store
+            // Find the credential by cred_ex_id or rev_reg_id/cred_rev_id
+            const credExId = payload.cred_ex_id;
+            const revRegId = payload.rev_reg_id;
+            const credRevId = payload.cred_rev_id;
+
+            if (credExId) {
+              // Update by credential exchange ID
+              const credentialIndex = credentials.value.findIndex(
+                (cred) => cred.cred_ex_record?.cred_ex_id === credExId
+              );
+              if (credentialIndex !== -1) {
+                // Update the state directly
+                if (credentials.value[credentialIndex].cred_ex_record) {
+                  credentials.value[credentialIndex].cred_ex_record.state =
+                    'credential-revoked';
+                }
+              }
+            } else if (revRegId && credRevId) {
+              // Update by revocation registry ID and credential revocation ID
+              const credentialIndex = credentials.value.findIndex((cred) => {
+                const indyMatch =
+                  cred.indy?.rev_reg_id === revRegId &&
+                  cred.indy?.cred_rev_id === credRevId;
+                const anoncredsMatch =
+                  cred.anoncreds?.rev_reg_id === revRegId &&
+                  cred.anoncreds?.cred_rev_id === credRevId;
+                return indyMatch || anoncredsMatch;
+              });
+              if (credentialIndex !== -1) {
+                // Update the state directly
+                if (credentials.value[credentialIndex].cred_ex_record) {
+                  credentials.value[credentialIndex].cred_ex_record.state =
+                    'credential-revoked';
+                }
+              }
+            }
+
+            // Refresh the list to ensure we have the latest data from the backend
             await listCredentials();
           })
           .catch((err) => {

From 1d39417c879759afbec4aa205d81c083e8feda99 Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Tue, 27 Jan 2026 19:07:17 -0500
Subject: [PATCH 4/6] fix revocation event

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 .../v1_0/tenant/__init__.py                   |  84 ++++-
 .../v1_0/tenant/issuer_revocation_service.py  | 113 -------
 .../tests/test_issuer_revocation_service.py   | 306 ------------------
 .../credentials/RevokeCredentialForm.vue      |   5 +-
 .../frontend/src/helpers/tableFormatters.ts   |  10 +-
 .../frontend/src/store/issuerStore.ts         |  64 ++--
 6 files changed, 114 insertions(+), 468 deletions(-)
 delete mode 100644 plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py
 delete mode 100644 plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py

diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
index 69231269e..fedc96635 100644
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
@@ -1,15 +1,13 @@
 import logging
+import re
 
 from acapy_agent.config.injection_context import InjectionContext
-from acapy_agent.core.event_bus import EventBus
+from acapy_agent.core.event_bus import EventBus, Event
+from acapy_agent.core.profile import Profile
 from acapy_agent.core.plugin_registry import PluginRegistry
 from acapy_agent.core.protocol_registry import ProtocolRegistry
 
 from .holder_revocation_service import subscribe, HolderRevocationService
-from .issuer_revocation_service import (
-    subscribe as subscribe_issuer_revocation,
-    IssuerRevocationService,
-)
 
 LOGGER = logging.getLogger(__name__)
 
@@ -78,12 +76,78 @@ async def setup(context: InjectionContext):
 
     subscribe(bus)
 
-    # Subscribe to issuer revocation events
-    issuer_srv = IssuerRevocationService()
-    context.injector.bind_instance(IssuerRevocationService, issuer_srv)
-
-    subscribe_issuer_revocation(bus)
+    # Subscribe to issuer credential revocation record events
+    # This event is emitted when an IssuerCredRevRecord state changes to 'revoked'
+    # The event name is: acapy::record::issuer_cred_rev::revoked
+    # (Note: The old event name acapy::cred-revoked may no longer be emitted)
+    ISSUER_CRED_REV_REVOKED_EVENT_PATTERN = re.compile(
+        r"^acapy::record::issuer_cred_rev::revoked$"
+    )
+    bus.subscribe(
+        ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler
+    )
 
     setup_multitenant_logging()
 
     LOGGER.info("< plugin setup.")
+
+
+async def issuer_cred_rev_revoked_handler(profile: Profile, event: Event):
+    """Handle issuer credential revocation record revoked event.
+    
+    This event is emitted when an IssuerCredRevRecord state changes to 'revoked'.
+    The event payload is the IssuerCredRevRecord.
+    
+    Note: ACA-Py subscribes to 'acapy::cred-revoked' but the actual event emitted
+    is 'acapy::record::issuer_cred_rev::revoked', so we need to handle it here to
+    update the credential exchange state.
+    """
+    LOGGER.info("> issuer_cred_rev_revoked_handler")
+    from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
+        V20CredExRecord,
+    )
+    from acapy_agent.revocation.models.issuer_cred_rev_record import (
+        IssuerCredRevRecord,
+    )
+    from acapy_agent.storage.error import StorageNotFoundError
+    
+    # The event payload is the IssuerCredRevRecord
+    rev_rec = event.payload
+    if not isinstance(rev_rec, IssuerCredRevRecord):
+        LOGGER.warning("Event payload is not an IssuerCredRevRecord")
+        return
+    
+    if rev_rec.cred_ex_id is None:
+        LOGGER.debug("IssuerCredRevRecord has no cred_ex_id, skipping")
+        return
+    
+    if (
+        rev_rec.cred_ex_version
+        and rev_rec.cred_ex_version != IssuerCredRevRecord.VERSION_2
+    ):
+        LOGGER.debug(
+            "IssuerCredRevRecord version is %s, not VERSION_2, skipping",
+            rev_rec.cred_ex_version
+        )
+        return
+    
+    # Update the credential exchange record state
+    async with profile.transaction() as txn:
+        try:
+            cred_ex_record = await V20CredExRecord.retrieve_by_id(
+                txn, rev_rec.cred_ex_id, for_update=True
+            )
+            cred_ex_record.state = V20CredExRecord.STATE_CREDENTIAL_REVOKED
+            await cred_ex_record.save(txn, reason="revoke credential")
+            await txn.commit()
+            LOGGER.info(
+                "Updated credential exchange %s state to credential-revoked",
+                rev_rec.cred_ex_id
+            )
+        except StorageNotFoundError:
+            LOGGER.warning(
+                "Credential exchange record %s not found",
+                rev_rec.cred_ex_id
+            )
+    
+    LOGGER.info("< issuer_cred_rev_revoked_handler")
diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py
deleted file mode 100644
index a182c22a8..000000000
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/issuer_revocation_service.py
+++ /dev/null
@@ -1,113 +0,0 @@
-import logging
-import re
-
-from acapy_agent.core.event_bus import EventBus, Event
-from acapy_agent.core.profile import Profile
-from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
-    V20CredExRecord,
-)
-from acapy_agent.revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
-from acapy_agent.storage.error import StorageNotFoundError
-
-LOGGER = logging.getLogger(__name__)
-
-# Subscribe to the event that's actually emitted by IssuerCredRevRecord
-# Format: acapy::record::issuer_cred_rev::revoked
-ISSUER_CRED_REV_REVOKED_EVENT_PATTERN = re.compile(
-    r"^acapy::record::issuer_cred_rev::revoked$"
-)
-
-
-class IssuerRevocationService:
-    def __init__(self):
-        self._logger = logging.getLogger(__name__)
-
-    async def update_credential_exchange_state(
-        self, profile: Profile, rev_rec: IssuerCredRevRecord
-    ) -> bool:
-        """Update credential exchange record state to credential-revoked.
-
-        Args:
-            profile: The profile to use
-            rev_rec: The IssuerCredRevRecord that was revoked
-
-        Returns:
-            bool: True if the state was updated, False otherwise
-        """
-        self._logger.info(
-            f"> update_credential_exchange_state(cred_ex_id={rev_rec.cred_ex_id})"
-        )
-
-        if not rev_rec.cred_ex_id:
-            self._logger.warning(
-                "IssuerCredRevRecord has no cred_ex_id, cannot update credential exchange state"
-            )
-            return False
-
-        updated = False
-        try:
-            async with profile.transaction() as txn:
-                cred_ex_record = await V20CredExRecord.retrieve_by_id(
-                    txn, rev_rec.cred_ex_id, for_update=True
-                )
-                cred_ex_record.state = V20CredExRecord.STATE_CREDENTIAL_REVOKED
-                await cred_ex_record.save(txn, reason="revoke credential")
-                await txn.commit()
-                updated = True
-                self._logger.info(
-                    f"Updated credential exchange {rev_rec.cred_ex_id} state to credential-revoked"
-                )
-        except StorageNotFoundError:
-            self._logger.warning(
-                f"Credential exchange record not found for cred_ex_id: {rev_rec.cred_ex_id}"
-            )
-        except Exception as err:
-            self._logger.error(
-                f"Error updating credential exchange state for cred_ex_id {rev_rec.cred_ex_id}",
-                exc_info=err,
-            )
-
-        self._logger.info(
-            f"< update_credential_exchange_state(cred_ex_id={rev_rec.cred_ex_id}): updated={updated}"
-        )
-        return updated
-
-
-def subscribe(bus: EventBus):
-    """Subscribe to issuer credential revocation events."""
-    bus.subscribe(ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler)
-
-
-async def issuer_cred_rev_revoked_handler(profile: Profile, event: Event):
-    """Handle issuer credential revocation event.
-
-    This handler is triggered when an IssuerCredRevRecord state changes to 'revoked'.
-    It updates the corresponding credential exchange record state to 'credential-revoked'.
-    """
-    LOGGER.info(
-        f"> issuer_cred_rev_revoked_handler: topic={event.topic}, payload_type={type(event.payload)}"
-    )
-
-    try:
-        # The event payload is the serialized IssuerCredRevRecord (dict)
-        # Deserialize it to get the IssuerCredRevRecord object
-        LOGGER.debug(f"Event payload: {event.payload}")
-        rev_rec = IssuerCredRevRecord.deserialize(event.payload)
-        LOGGER.info(
-            f"Deserialized IssuerCredRevRecord: cred_ex_id={rev_rec.cred_ex_id}, state={rev_rec.state}"
-        )
-
-        # Only process if cred_ex_id is present
-        if rev_rec.cred_ex_id:
-            srv = profile.inject(IssuerRevocationService)
-            await srv.update_credential_exchange_state(profile, rev_rec)
-        else:
-            LOGGER.warning(
-                "IssuerCredRevRecord has no cred_ex_id, skipping credential exchange update"
-            )
-    except Exception as err:
-        LOGGER.error(
-            "Error handling issuer credential revocation event", exc_info=err
-        )
-
-    LOGGER.info("< issuer_cred_rev_revoked_handler")
diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py
deleted file mode 100644
index afc2468b0..000000000
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tests/test_issuer_revocation_service.py
+++ /dev/null
@@ -1,306 +0,0 @@
-import logging
-from unittest.mock import MagicMock, AsyncMock, patch, ANY
-
-import pytest
-from acapy_agent.core.profile import Profile
-from acapy_agent.core.event_bus import Event, EventBus
-from acapy_agent.storage.error import StorageNotFoundError, StorageError
-from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
-    V20CredExRecord,
-)
-from acapy_agent.revocation.models.issuer_cred_rev_record import IssuerCredRevRecord
-
-# Import the module containing the service and handler to be tested
-from traction_innkeeper.v1_0.tenant.issuer_revocation_service import (
-    IssuerRevocationService,
-    subscribe,
-    issuer_cred_rev_revoked_handler,
-    ISSUER_CRED_REV_REVOKED_EVENT_PATTERN,
-)
-
-# Disable logging noise during tests
-logging.disable(logging.CRITICAL)
-
-# --- Constants ---
-TEST_CRED_EX_ID = "cred-ex-id-abc-987"
-TEST_REV_REG_ID = "RvgFV1_CL_1_tag:4:RvgFV1_CL_1_tag:3:CL:1:tag:CL_ACCUM:default"
-TEST_CRED_REV_ID = "12345"
-
-
-# --- Fixtures ---
-@pytest.fixture
-def mock_profile():
-    """Provides a mocked Profile with transaction and inject."""
-    profile = MagicMock(spec=Profile)
-    # Mock transaction context manager
-    mock_txn = AsyncMock(name="MockTransaction")
-    profile.transaction = MagicMock(return_value=mock_txn)
-    mock_txn.__aenter__.return_value = mock_txn
-    mock_txn.__aexit__.return_value = None
-    mock_txn.commit = AsyncMock()
-    # Mock injection directly on profile (for event handler)
-    profile.inject = MagicMock()
-    return profile, mock_txn
-
-
-@pytest.fixture
-def issuer_revocation_service():
-    """Provides an IssuerRevocationService instance."""
-    return IssuerRevocationService()
-
-
-@pytest.fixture
-def mock_v20_cred_ex_record():
-    """Provides a mocked V20CredExRecord instance."""
-    record = AsyncMock(spec=V20CredExRecord)
-    record.cred_ex_id = TEST_CRED_EX_ID
-    record.state = V20CredExRecord.STATE_DONE  # Initial state
-    record.save = AsyncMock()
-    return record
-
-
-@pytest.fixture
-def mock_issuer_cred_rev_record():
-    """Provides a mocked IssuerCredRevRecord instance."""
-    rev_rec = MagicMock(spec=IssuerCredRevRecord)
-    rev_rec.cred_ex_id = TEST_CRED_EX_ID
-    rev_rec.rev_reg_id = TEST_REV_REG_ID
-    rev_rec.cred_rev_id = TEST_CRED_REV_ID
-    rev_rec.state = "revoked"
-    return rev_rec
-
-
-@pytest.fixture
-def mock_event():
-    """Provides a mocked Event for issuer credential revocation."""
-    event = MagicMock(spec=Event)
-    event.topic = "acapy::record::issuer_cred_rev::revoked"
-    # Event payload is a serialized dict representation
-    event.payload = {
-        "cred_ex_id": TEST_CRED_EX_ID,
-        "rev_reg_id": TEST_REV_REG_ID,
-        "cred_rev_id": TEST_CRED_REV_ID,
-        "state": "revoked",
-    }
-    return event
-
-
-@pytest.fixture
-def mock_event_bus():
-    """Provides a mocked EventBus."""
-    bus = MagicMock(spec=EventBus)
-    bus.subscribe = MagicMock()
-    return bus
-
-
-# --- Test Cases for IssuerRevocationService Methods ---
-
-
-# Test update_credential_exchange_state
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
-    new_callable=AsyncMock,
-)
-async def test_update_credential_exchange_state_success(
-    mock_retrieve: AsyncMock,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_profile: tuple,
-    mock_v20_cred_ex_record: AsyncMock,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test successfully updating a credential exchange to revoked state."""
-    profile, txn = mock_profile
-    mock_retrieve.return_value = mock_v20_cred_ex_record
-
-    result = await issuer_revocation_service.update_credential_exchange_state(
-        profile, mock_issuer_cred_rev_record
-    )
-
-    assert result is True
-    assert mock_v20_cred_ex_record.state == V20CredExRecord.STATE_CREDENTIAL_REVOKED
-    profile.transaction.assert_called_once()
-    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
-    mock_v20_cred_ex_record.save.assert_awaited_once_with(
-        txn, reason="revoke credential"
-    )
-    txn.commit.assert_awaited_once()
-
-
-@pytest.mark.asyncio
-async def test_update_credential_exchange_state_no_cred_ex_id(
-    issuer_revocation_service: IssuerRevocationService,
-    mock_profile: tuple,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test updating when IssuerCredRevRecord has no cred_ex_id."""
-    profile, _ = mock_profile
-    mock_issuer_cred_rev_record.cred_ex_id = None
-
-    result = await issuer_revocation_service.update_credential_exchange_state(
-        profile, mock_issuer_cred_rev_record
-    )
-
-    assert result is False
-    profile.transaction.assert_not_called()
-
-
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
-    new_callable=AsyncMock,
-)
-async def test_update_credential_exchange_state_not_found(
-    mock_retrieve: AsyncMock,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_profile: tuple,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test updating when the credential exchange record is not found."""
-    profile, txn = mock_profile
-    mock_retrieve.side_effect = StorageNotFoundError("Record not found")
-
-    result = await issuer_revocation_service.update_credential_exchange_state(
-        profile, mock_issuer_cred_rev_record
-    )
-
-    # Service catches StorageNotFoundError and returns False
-    assert result is False
-    profile.transaction.assert_called_once()
-    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
-    txn.commit.assert_not_called()
-
-
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.V20CredExRecord.retrieve_by_id",
-    new_callable=AsyncMock,
-)
-async def test_update_credential_exchange_state_save_error(
-    mock_retrieve: AsyncMock,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_profile: tuple,
-    mock_v20_cred_ex_record: AsyncMock,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test updating when save fails."""
-    profile, txn = mock_profile
-    mock_retrieve.return_value = mock_v20_cred_ex_record
-    mock_v20_cred_ex_record.save.side_effect = StorageError("Save failed")
-
-    # The service catches Exception and returns False
-    result = await issuer_revocation_service.update_credential_exchange_state(
-        profile, mock_issuer_cred_rev_record
-    )
-
-    assert result is False
-    profile.transaction.assert_called_once()
-    mock_retrieve.assert_awaited_once_with(txn, TEST_CRED_EX_ID, for_update=True)
-    mock_v20_cred_ex_record.save.assert_awaited_once_with(
-        txn, reason="revoke credential"
-    )
-    txn.commit.assert_not_called()
-
-
-# --- Test Cases for Global Functions ---
-
-
-# Test subscribe
-def test_subscribe(mock_event_bus: MagicMock):
-    """Test the subscribe function registers the handler."""
-    subscribe(mock_event_bus)
-    mock_event_bus.subscribe.assert_called_once_with(
-        ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler
-    )
-
-
-# Test issuer_cred_rev_revoked_handler
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
-)
-async def test_issuer_cred_rev_revoked_handler_success(
-    mock_deserialize: MagicMock,
-    mock_profile: tuple,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_event: MagicMock,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test the issuer_cred_rev_revoked_handler successfully processes event."""
-    profile, _ = mock_profile
-
-    # Mock profile.inject to return our service instance
-    profile.inject.return_value = issuer_revocation_service
-
-    # Mock deserialize to return our mock record
-    mock_deserialize.return_value = mock_issuer_cred_rev_record
-
-    # Mock the service method
-    issuer_revocation_service.update_credential_exchange_state = AsyncMock(
-        return_value=True
-    )
-
-    await issuer_cred_rev_revoked_handler(profile, mock_event)
-
-    profile.inject.assert_called_once_with(IssuerRevocationService)
-    mock_deserialize.assert_called_once_with(mock_event.payload)
-    issuer_revocation_service.update_credential_exchange_state.assert_awaited_once_with(
-        profile, mock_issuer_cred_rev_record
-    )
-
-
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
-)
-async def test_issuer_cred_rev_revoked_handler_no_cred_ex_id(
-    mock_deserialize: MagicMock,
-    mock_profile: tuple,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_event: MagicMock,
-    mock_issuer_cred_rev_record: MagicMock,
-):
-    """Test the handler when IssuerCredRevRecord has no cred_ex_id."""
-    profile, _ = mock_profile
-    profile.inject.return_value = issuer_revocation_service
-
-    # Mock record with no cred_ex_id
-    mock_issuer_cred_rev_record.cred_ex_id = None
-    mock_deserialize.return_value = mock_issuer_cred_rev_record
-
-    issuer_revocation_service.update_credential_exchange_state = AsyncMock()
-
-    await issuer_cred_rev_revoked_handler(profile, mock_event)
-
-    profile.inject.assert_called_once_with(IssuerRevocationService)
-    mock_deserialize.assert_called_once_with(mock_event.payload)
-    # Should not call update_credential_exchange_state when cred_ex_id is missing
-    issuer_revocation_service.update_credential_exchange_state.assert_not_awaited()
-
-
-@pytest.mark.asyncio
-@patch(
-    "traction_innkeeper.v1_0.tenant.issuer_revocation_service.IssuerCredRevRecord.deserialize"
-)
-async def test_issuer_cred_rev_revoked_handler_deserialize_error(
-    mock_deserialize: MagicMock,
-    mock_profile: tuple,
-    issuer_revocation_service: IssuerRevocationService,
-    mock_event: MagicMock,
-):
-    """Test the handler when deserialization fails."""
-    profile, _ = mock_profile
-    profile.inject.return_value = issuer_revocation_service
-
-    # Mock deserialize to raise an error
-    mock_deserialize.side_effect = ValueError("Deserialization failed")
-
-    issuer_revocation_service.update_credential_exchange_state = AsyncMock()
-
-    # Handler should catch the exception and not raise
-    await issuer_cred_rev_revoked_handler(profile, mock_event)
-
-    profile.inject.assert_called_once_with(IssuerRevocationService)
-    mock_deserialize.assert_called_once_with(mock_event.payload)
-    # Should not call update_credential_exchange_state when deserialization fails
-    issuer_revocation_service.update_credential_exchange_state.assert_not_awaited()
diff --git a/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue b/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
index 19b289d67..74a48ca04 100644
--- a/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
+++ b/services/tenant-ui/frontend/src/components/issuance/credentials/RevokeCredentialForm.vue
@@ -61,10 +61,7 @@
 <script setup lang="ts">
 // Types
 import { FormattedIssuedCredentialRecord } from '@/helpers/tableFormatters';
-import {
-  RevokeRequest,
-  V20CredExRecordDetail,
-} from '@/types/acapyApi/acapyInterface';
+import { RevokeRequest } from '@/types/acapyApi/acapyInterface';
 
 // Vue/State
 import { reactive, ref } from 'vue';
diff --git a/services/tenant-ui/frontend/src/helpers/tableFormatters.ts b/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
index 852573197..8be36927f 100644
--- a/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
+++ b/services/tenant-ui/frontend/src/helpers/tableFormatters.ts
@@ -34,6 +34,7 @@ export interface FormattedIssuedCredentialRecord extends V20CredExRecordDetail {
   created: string;
   cred_rev_id?: string;
   rev_reg_id?: string;
+  credential_exchange_id?: string;
   state: V20CredExRecord['state'];
 }
 
@@ -188,10 +189,11 @@ export const formatIssuedCredentials = (
     const connectionId = ce.cred_ex_record?.connection_id ?? '';
     // findConnectionName is a function that takes connectionId and returns the connection name
     // It should use alias first, then their_label as fallback
-    const connectionName = connectionId && findConnectionName 
-      ? (findConnectionName(connectionId) || '')
-      : '';
-    
+    const connectionName =
+      connectionId && findConnectionName
+        ? findConnectionName(connectionId) || ''
+        : '';
+
     return {
       // Preserve the full V20CredExRecordDetail structure for format detection
       ...ce,
diff --git a/services/tenant-ui/frontend/src/store/issuerStore.ts b/services/tenant-ui/frontend/src/store/issuerStore.ts
index 8c2328ce7..d8a581701 100644
--- a/services/tenant-ui/frontend/src/store/issuerStore.ts
+++ b/services/tenant-ui/frontend/src/store/issuerStore.ts
@@ -79,7 +79,7 @@ export const useIssuerStore = defineStore('issuer', () => {
     );
   }
 
-  async function revokeCredential(payload: RevokeRequest) {
+  async function revokeCredential(payload?: RevokeRequest) {
     console.log('> issuerStore.revokeCredential');
     error.value = null;
     loading.value = true;
@@ -140,38 +140,40 @@ export const useIssuerStore = defineStore('issuer', () => {
 
             // Directly update the credential state in the store
             // Find the credential by cred_ex_id or rev_reg_id/cred_rev_id
-            const credExId = payload.cred_ex_id;
-            const revRegId = payload.rev_reg_id;
-            const credRevId = payload.cred_rev_id;
+            if (payload) {
+              const credExId = payload.cred_ex_id;
+              const revRegId = payload.rev_reg_id;
+              const credRevId = payload.cred_rev_id;
 
-            if (credExId) {
-              // Update by credential exchange ID
-              const credentialIndex = credentials.value.findIndex(
-                (cred) => cred.cred_ex_record?.cred_ex_id === credExId
-              );
-              if (credentialIndex !== -1) {
-                // Update the state directly
-                if (credentials.value[credentialIndex].cred_ex_record) {
-                  credentials.value[credentialIndex].cred_ex_record.state =
-                    'credential-revoked';
+              if (credExId) {
+                // Update by credential exchange ID
+                const credentialIndex = credentials.value.findIndex(
+                  (cred) => cred.cred_ex_record?.cred_ex_id === credExId
+                );
+                if (credentialIndex !== -1) {
+                  // Update the state directly
+                  if (credentials.value[credentialIndex].cred_ex_record) {
+                    credentials.value[credentialIndex].cred_ex_record.state =
+                      'credential-revoked';
+                  }
                 }
-              }
-            } else if (revRegId && credRevId) {
-              // Update by revocation registry ID and credential revocation ID
-              const credentialIndex = credentials.value.findIndex((cred) => {
-                const indyMatch =
-                  cred.indy?.rev_reg_id === revRegId &&
-                  cred.indy?.cred_rev_id === credRevId;
-                const anoncredsMatch =
-                  cred.anoncreds?.rev_reg_id === revRegId &&
-                  cred.anoncreds?.cred_rev_id === credRevId;
-                return indyMatch || anoncredsMatch;
-              });
-              if (credentialIndex !== -1) {
-                // Update the state directly
-                if (credentials.value[credentialIndex].cred_ex_record) {
-                  credentials.value[credentialIndex].cred_ex_record.state =
-                    'credential-revoked';
+              } else if (revRegId && credRevId) {
+                // Update by revocation registry ID and credential revocation ID
+                const credentialIndex = credentials.value.findIndex((cred) => {
+                  const indyMatch =
+                    cred.indy?.rev_reg_id === revRegId &&
+                    cred.indy?.cred_rev_id === credRevId;
+                  const anoncredsMatch =
+                    cred.anoncreds?.rev_reg_id === revRegId &&
+                    cred.anoncreds?.cred_rev_id === credRevId;
+                  return indyMatch || anoncredsMatch;
+                });
+                if (credentialIndex !== -1) {
+                  // Update the state directly
+                  if (credentials.value[credentialIndex].cred_ex_record) {
+                    credentials.value[credentialIndex].cred_ex_record.state =
+                      'credential-revoked';
+                  }
                 }
               }
             }

From a8bba60637afb5d49a1f8b379e720dcdb020a51c Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Mon, 2 Feb 2026 14:02:56 -0500
Subject: [PATCH 5/6] update to acapy 1.5.0

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 plugins/docker/Dockerfile                     |   4 +-
 plugins/traction_innkeeper/poetry.lock        |  12 +-
 plugins/traction_innkeeper/pyproject.toml     |   2 +-
 .../v1_0/tenant/__init__.py                   |  76 +-----------
 .../frontend/src/store/issuerStore.ts         | 108 +-----------------
 5 files changed, 16 insertions(+), 186 deletions(-)

diff --git a/plugins/docker/Dockerfile b/plugins/docker/Dockerfile
index effbf8843..3bdb62a46 100644
--- a/plugins/docker/Dockerfile
+++ b/plugins/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc1 AS base
+FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0 AS base
 
 # Install and Configure Poetry
 USER root
@@ -24,7 +24,7 @@ RUN poetry install --only main
 RUN ln -s $(poetry env info -p)/lib/python3.6/site-packages site-packages
 
 
-FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0rc1
+FROM ghcr.io/openwallet-foundation/acapy-agent:py3.13-1.5.0
 COPY --from=base --chown=aries:aries /home/aries/.venv /home/aries/.venv
 ENV PATH="/home/aries/.venv/bin:$PATH"
 
diff --git a/plugins/traction_innkeeper/poetry.lock b/plugins/traction_innkeeper/poetry.lock
index e6e13d2a2..265a2ea20 100644
--- a/plugins/traction_innkeeper/poetry.lock
+++ b/plugins/traction_innkeeper/poetry.lock
@@ -2,14 +2,14 @@
 
 [[package]]
 name = "acapy-agent"
-version = "1.5.0rc1"
+version = "1.5.0"
 description = "(ACA-Py) A Cloud Agent Python is a foundation for building decentralized identity applications and services running in non-mobile environments. "
 optional = false
 python-versions = "<4.0,>=3.13"
 groups = ["main"]
 files = [
-    {file = "acapy_agent-1.5.0rc1-py3-none-any.whl", hash = "sha256:cabd1d48e9a06d6533734f2ad2332cda29242606117281fd8e428220c7b48a01"},
-    {file = "acapy_agent-1.5.0rc1.tar.gz", hash = "sha256:12134bf7300da497064a2cf0fe508c5d6fb40fcc728c875cae142a68d8a44f8c"},
+    {file = "acapy_agent-1.5.0-py3-none-any.whl", hash = "sha256:2ec2c1ead6f826ac04df5daed9c4d447276ff3d76d994bb8cc9f653abbd0016c"},
+    {file = "acapy_agent-1.5.0.tar.gz", hash = "sha256:271caa0679ede758b89652dd1de45803b10c44d67ac2fd14bef208d50f08e0ec"},
 ]
 
 [package.dependencies]
@@ -33,7 +33,7 @@ Markdown = ">=3.7,<3.11"
 markupsafe = ">=3.0.2,<4.0.0"
 marshmallow = ">=3.26.1,<3.27.0"
 nest_asyncio = ">=1.6.0,<1.7.0"
-packaging = ">=24.2,<26.0"
+packaging = ">=24.2,<27.0"
 portalocker = ">=3.1.1,<4.0.0"
 prompt_toolkit = ">=3.0,<3.1"
 psycopg = {version = ">=3.2.1,<4.0.0", extras = ["binary", "pool"]}
@@ -49,7 +49,7 @@ requests = ">=2.32.3,<2.33.0"
 rlp = ">=4.1.0,<5.0.0"
 sd-jwt = ">=0.10.3,<0.11.0"
 unflatten = ">=0.2,<0.3"
-uuid_utils = ">=0.10,<0.14"
+uuid_utils = ">=0.10,<0.15"
 
 [package.extras]
 bbs = ["ursa-bbs-signatures (>=1.0.1,<1.1.0)"]
@@ -3482,4 +3482,4 @@ propcache = ">=0.2.1"
 [metadata]
 lock-version = "2.1"
 python-versions = "^3.13"
-content-hash = "e435fe4ac0b8d979651bf42dd980ccf4763b2e83ded0d7ed8e275d580b8f4d20"
+content-hash = "4f2bccfc28e45c8073b69420c673d04ff4edd050587530d0d048a18ff89f4302"
diff --git a/plugins/traction_innkeeper/pyproject.toml b/plugins/traction_innkeeper/pyproject.toml
index 83fb358cb..2b133315f 100644
--- a/plugins/traction_innkeeper/pyproject.toml
+++ b/plugins/traction_innkeeper/pyproject.toml
@@ -14,7 +14,7 @@ packages = [{include = "traction_innkeeper"}]
 
 [tool.poetry.dependencies]
 python = "^3.13"
-acapy-agent = { version = "1.5.0rc1" }
+acapy-agent = { version = "1.5.0" }
 python-dateutil = "^2.9.0"
 bcrypt = "^4.2.1"
 mergedeep = "^1.3.4"
diff --git a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
index fedc96635..f75b104c1 100644
--- a/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
+++ b/plugins/traction_innkeeper/traction_innkeeper/v1_0/tenant/__init__.py
@@ -1,9 +1,7 @@
 import logging
-import re
 
 from acapy_agent.config.injection_context import InjectionContext
-from acapy_agent.core.event_bus import EventBus, Event
-from acapy_agent.core.profile import Profile
+from acapy_agent.core.event_bus import EventBus
 from acapy_agent.core.plugin_registry import PluginRegistry
 from acapy_agent.core.protocol_registry import ProtocolRegistry
 
@@ -76,78 +74,6 @@ async def setup(context: InjectionContext):
 
     subscribe(bus)
 
-    # Subscribe to issuer credential revocation record events
-    # This event is emitted when an IssuerCredRevRecord state changes to 'revoked'
-    # The event name is: acapy::record::issuer_cred_rev::revoked
-    # (Note: The old event name acapy::cred-revoked may no longer be emitted)
-    ISSUER_CRED_REV_REVOKED_EVENT_PATTERN = re.compile(
-        r"^acapy::record::issuer_cred_rev::revoked$"
-    )
-    bus.subscribe(
-        ISSUER_CRED_REV_REVOKED_EVENT_PATTERN, issuer_cred_rev_revoked_handler
-    )
-
     setup_multitenant_logging()
 
     LOGGER.info("< plugin setup.")
-
-
-async def issuer_cred_rev_revoked_handler(profile: Profile, event: Event):
-    """Handle issuer credential revocation record revoked event.
-    
-    This event is emitted when an IssuerCredRevRecord state changes to 'revoked'.
-    The event payload is the IssuerCredRevRecord.
-    
-    Note: ACA-Py subscribes to 'acapy::cred-revoked' but the actual event emitted
-    is 'acapy::record::issuer_cred_rev::revoked', so we need to handle it here to
-    update the credential exchange state.
-    """
-    LOGGER.info("> issuer_cred_rev_revoked_handler")
-    from acapy_agent.protocols.issue_credential.v2_0.models.cred_ex_record import (
-        V20CredExRecord,
-    )
-    from acapy_agent.revocation.models.issuer_cred_rev_record import (
-        IssuerCredRevRecord,
-    )
-    from acapy_agent.storage.error import StorageNotFoundError
-    
-    # The event payload is the IssuerCredRevRecord
-    rev_rec = event.payload
-    if not isinstance(rev_rec, IssuerCredRevRecord):
-        LOGGER.warning("Event payload is not an IssuerCredRevRecord")
-        return
-    
-    if rev_rec.cred_ex_id is None:
-        LOGGER.debug("IssuerCredRevRecord has no cred_ex_id, skipping")
-        return
-    
-    if (
-        rev_rec.cred_ex_version
-        and rev_rec.cred_ex_version != IssuerCredRevRecord.VERSION_2
-    ):
-        LOGGER.debug(
-            "IssuerCredRevRecord version is %s, not VERSION_2, skipping",
-            rev_rec.cred_ex_version
-        )
-        return
-    
-    # Update the credential exchange record state
-    async with profile.transaction() as txn:
-        try:
-            cred_ex_record = await V20CredExRecord.retrieve_by_id(
-                txn, rev_rec.cred_ex_id, for_update=True
-            )
-            cred_ex_record.state = V20CredExRecord.STATE_CREDENTIAL_REVOKED
-            await cred_ex_record.save(txn, reason="revoke credential")
-            await txn.commit()
-            LOGGER.info(
-                "Updated credential exchange %s state to credential-revoked",
-                rev_rec.cred_ex_id
-            )
-        except StorageNotFoundError:
-            LOGGER.warning(
-                "Credential exchange record %s not found",
-                rev_rec.cred_ex_id
-            )
-    
-    LOGGER.info("< issuer_cred_rev_revoked_handler")
diff --git a/services/tenant-ui/frontend/src/store/issuerStore.ts b/services/tenant-ui/frontend/src/store/issuerStore.ts
index d8a581701..853430f84 100644
--- a/services/tenant-ui/frontend/src/store/issuerStore.ts
+++ b/services/tenant-ui/frontend/src/store/issuerStore.ts
@@ -80,7 +80,6 @@ export const useIssuerStore = defineStore('issuer', () => {
   }
 
   async function revokeCredential(payload?: RevokeRequest) {
-    console.log('> issuerStore.revokeCredential');
     error.value = null;
     loading.value = true;
 
@@ -91,16 +90,7 @@ export const useIssuerStore = defineStore('issuer', () => {
         try {
           const wallet = await tenantStore.getTenantSubWallet();
           walletType = wallet?.settings?.['wallet.type'];
-          if (!walletType && wallet) {
-            console.warn(
-              'Wallet retrieved but wallet.type setting not found, defaulting to Indy endpoint'
-            );
-          }
         } catch (err) {
-          console.error(
-            'Failed to retrieve tenant wallet, defaulting to Indy endpoint:',
-            err
-          );
           walletType = undefined;
         }
       } else {
@@ -111,121 +101,35 @@ export const useIssuerStore = defineStore('issuer', () => {
       // For other wallets (askar, etc.), use Indy endpoint
       const useAnonCredsEndpoint = walletType === 'askar-anoncreds';
 
-      console.log(
-        'Using wallet type:',
-        walletType,
-        '-> useAnonCredsEndpoint:',
-        useAnonCredsEndpoint
-      );
-
       const revocationEndpoint = useAnonCredsEndpoint
         ? API_PATH.ANONCREDS_REVOCATION_REVOKE
         : API_PATH.REVOCATION_REVOKE;
 
-      console.log(
-        'Using endpoint:',
-        revocationEndpoint,
-        'for AnonCreds credential:',
-        useAnonCredsEndpoint
-      );
-
       let result: RevocationModuleResponse | null = null;
 
       try {
-        await acapyApi
-          .postHttp(revocationEndpoint, payload)
-          .then(async (res) => {
-            // AnonCreds endpoint returns {} (empty object), Indy returns { item: {...} }
-            result = res.data.item || res.data;
-
-            // Directly update the credential state in the store
-            // Find the credential by cred_ex_id or rev_reg_id/cred_rev_id
-            if (payload) {
-              const credExId = payload.cred_ex_id;
-              const revRegId = payload.rev_reg_id;
-              const credRevId = payload.cred_rev_id;
-
-              if (credExId) {
-                // Update by credential exchange ID
-                const credentialIndex = credentials.value.findIndex(
-                  (cred) => cred.cred_ex_record?.cred_ex_id === credExId
-                );
-                if (credentialIndex !== -1) {
-                  // Update the state directly
-                  if (credentials.value[credentialIndex].cred_ex_record) {
-                    credentials.value[credentialIndex].cred_ex_record.state =
-                      'credential-revoked';
-                  }
-                }
-              } else if (revRegId && credRevId) {
-                // Update by revocation registry ID and credential revocation ID
-                const credentialIndex = credentials.value.findIndex((cred) => {
-                  const indyMatch =
-                    cred.indy?.rev_reg_id === revRegId &&
-                    cred.indy?.cred_rev_id === credRevId;
-                  const anoncredsMatch =
-                    cred.anoncreds?.rev_reg_id === revRegId &&
-                    cred.anoncreds?.cred_rev_id === credRevId;
-                  return indyMatch || anoncredsMatch;
-                });
-                if (credentialIndex !== -1) {
-                  // Update the state directly
-                  if (credentials.value[credentialIndex].cred_ex_record) {
-                    credentials.value[credentialIndex].cred_ex_record.state =
-                      'credential-revoked';
-                  }
-                }
-              }
-            }
+        const res = await acapyApi.postHttp(revocationEndpoint, payload);
+        // AnonCreds endpoint returns {} (empty object), Indy returns { item: {...} }
+        result = res.data.item || res.data;
 
-            // Refresh the list to ensure we have the latest data from the backend
-            await listCredentials();
-          })
-          .catch((err) => {
-            error.value = err;
-            // If we got a 500 error, the revocation might have still succeeded
-            // (e.g., error in notification or response serialization after revocation)
-            // Refresh the credential list to check the actual state
-            // Note: We don't await this to avoid overwriting the original error
-            if (err?.response?.status === 500) {
-              console.log(
-                'Got 500 error, refreshing credential list to check if revocation succeeded...'
-              );
-              // Fire-and-forget: don't await to preserve the original error
-              listCredentials().catch(() => {
-                // Silently ignore errors from listCredentials to preserve original error
-              });
-            }
-            // Re-throw to ensure the promise chain rejects
-            throw err;
-          });
+        // Refresh the list to get the updated state from the backend
+        await listCredentials();
       } catch (err) {
-        // Catch any errors that escape the promise chain
-        if (error.value == null) {
-          error.value = err;
-        }
-        // Re-throw to be caught by outer catch block
+        error.value = err;
         throw err;
       }
 
-      console.log('< issuerStore.revokeCredential');
-
       if (error.value != null) {
-        // throw error so $onAction.onError listeners can add their own handler
         const errToThrow = error.value;
         throw errToThrow;
       }
-      // return data so $onAction.after listeners can add their own handler
       return result;
     } catch (err) {
-      // Catch any errors that occur outside the promise chain (e.g., in wallet type check)
-      // or when re-throwing error.value from the promise chain
       if (error.value == null) {
         error.value = err as any;
       }
       throw err;
     } finally {
-      // Always reset loading, regardless of success or error
       loading.value = false;
     }
   }

From 2f438bdd05faebcebd5bb7833e65a00a4d489f28 Mon Sep 17 00:00:00 2001
From: Patrick St-Louis <patrick.st-louis@opsecid.ca>
Date: Mon, 2 Feb 2026 14:04:53 -0500
Subject: [PATCH 6/6] fix unused vars

Signed-off-by: Patrick St-Louis <patrick.st-louis@opsecid.ca>
---
 services/tenant-ui/frontend/src/store/issuerStore.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/tenant-ui/frontend/src/store/issuerStore.ts b/services/tenant-ui/frontend/src/store/issuerStore.ts
index 853430f84..40c5f8d67 100644
--- a/services/tenant-ui/frontend/src/store/issuerStore.ts
+++ b/services/tenant-ui/frontend/src/store/issuerStore.ts
@@ -90,7 +90,7 @@ export const useIssuerStore = defineStore('issuer', () => {
         try {
           const wallet = await tenantStore.getTenantSubWallet();
           walletType = wallet?.settings?.['wallet.type'];
-        } catch (err) {
+        } catch (_err) {
           walletType = undefined;
         }
       } else {