Storing a Credential with a negative numeric string value causes Marshmallow.exceptions.ValidationError

[Jsyro]

As the holder, after a credential offer is accepted, as aca-py is storing the credential, encoded values go through a marshmallow validator and a marshmallow.exceptions.validationError gets thrown.

bpa-agent2_1      | Traceback (most recent call last):
bpa-agent2_1      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/aries_cloudagent/messaging/models/base.py", line 137, in deserialize
bpa-agent2_1      |     return schema.loads(obj) if isinstance(obj, str) else schema.load(obj)
bpa-agent2_1      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/marshmallow/schema.py", line 723, in load
bpa-agent2_1      |     data, many=many, partial=partial, unknown=unknown, postprocess=True
bpa-agent2_1      |   File "/home/indy/.pyenv/versions/3.6.13/lib/python3.6/site-packages/marshmallow/schema.py", line 904, in _do_load
bpa-agent2_1      |     raise exc
bpa-agent2_1      | marshmallow.exceptions.ValidationError: {'values': defaultdict(<class 'dict'>, {'Longitude': {'value': {'encoded': ['Value -99 is not a non-negative numeric string']}}})}

A positive number string like '44' will not cause this issue, and including any letter character like '-125 E' will also not occur as it cannot be casted to a numeric python value (int/float).

Here is the raw event that aca-py logged

bpa-agent2_1      | 2021-10-13 22:07:14,153 aries_cloudagent.messaging.base_handler INFO Received credential message: {"@type":"did:sov:BzCbsNYhMrjHiqZDTUASHg;spec/issue-credential/1.0/issue-credential","@id":"79a4fde5-eb67-40f6-8cdc-6d23811968e1","~thread":{"thid":"24f5450a-2a0b-40e2-bede-a3514638af60"},"credentials~attach":[{"@id":"libindy-cred-0","mime-type":"application/json","data":{"base64":"eyJzY2hlbWFfaWQiOiAiOU4xWjJyd21RM2tjZm1vNXdtQ3plejoyOnBlcm1pdDowLjEiLCAiY3JlZF9kZWZfaWQiOiAiOU4xWjJyd21RM2tjZm1vNXdtQ3plejozOkNMOjEyOmxvY2FsIiwgInJldl9yZWdfaWQiOiBudWxsLCAidmFsdWVzIjogeyJMYXRpdHVkZSI6IHsicmF3IjogIjQ5IiwgImVuY29kZWQiOiAiNDkifSwgIkxvbmdpdHVkZSI6IHsicmF3IjogIi05OSIsICJlbmNvZGVkIjogIi05OSJ9LCAiUGVybWl0X25vIjogeyJyYXciOiAiUFRUVFRUIiwgImVuY29kZWQiOiAiMTE1NjM3NjA2MDU5MDUyMjA0MDU4NDQwMTUwNTIzODIzOTI0NzI5NTMzMjIzMzY1NDgyNjMzNjYwNzcxNTIyODE4OTc0NzIwNjA0NzgifX0sICJzaWduYXR1cmUiOiB7InBfY3JlZGVudGlhbCI6IHsibV8yIjogIjcwMTg1MTkxMDYxNTU2NTgxODE3NzkzODc1OTE2MzkwMjg5MzAxNDQwNjUyNjEzMDY0MTc3Njc1OTU1NTYxNjk2OTI3MDExOTM0MTQyIiwgImEiOiAiNjQwNzM2Nzk1NjcyMjUwODAzMDE0MTE3OTA0ODg5MDc2NDUxNTkzMzU4NzQ2MjM0Mzk1MDg4NDQ5ODUzNzY5OTIxNzcyMDM3ODA0NzkzODI4Mjg2NTkyOTQ2MjE4ODAzOTAzODg2ODE5ODIzMTA5MzYxODg5NTAzMDM5MDAxODQ2MzgwOTcxMDY0NTkyODk2NDY2NDAyODg1Mzk1NjcwNDY1NDE4ODk0NTM4MzYyMzc3NTI0NjkxMzU4NDA4MTM3MTEwNzgxMDIzNzA2NjMzODk3NTEzODY0NDk2MzYzNjkwMjU0Mjg3MjM0MDU4Njc3MjQzNDY4NjgyNDgwNDY0MTI3NDM2NzY4ODUyOTc3MDE1MjU4MzE0NDYzNjU5MjM0NTgxODY0ODcxOTk5MDc0MTIyMjU3MzAxODc3NjcxNTIzNTgwMjU4NTAxMjAzMDA5NzE3NzMxNTM3MDMwNjIxNTYyMzg5MTU3NjkzMTU5OTcwNjE2NDY4MTE0NzQ3MDU1ODc5NzY3MTQ1NDkzODE1NjM5MDY5NjMyOTkyMzYzOTM2NTQ2ODkyNjQ2MTEzNDA0NzA2NjM2ODA5Nzg4MzY4MTE2MDgxMjQwMjA1ODQzNTU3NjMxNzYwNTcwNzE2NzMwNzY0MDYyMjExODEzMjAwOTcyNTY5NjcwMDU5MzE2MDg3NTIwMjc2MjUyNzkzMTg1MzI1NjM5NzM5Mzk4NDI2MjU0NTA2MzMwNTY1NDg0MDQ5ODUzNjc1MjIwMDc1NTYzMjQ3MzEyNzQ1MjgzMjQ4MTY3NjA2NzYxNDU0MTUxOTc5Mzc3MzIyMzIiLCAiZSI6ICIyNTkzNDQ3MjMwNTUwNjIwNTk5MDcwMjU0OTE0ODA2OTc1NzE5MzgyNzc4ODk1MTUxNTIzMDYyNDk3Mjg1ODMxMDU2NjU4MDA3MTMzMDY3NTkxNDk5ODE2OTA1NTkxOTM5ODcxNDMwMTIzNjc5MTMyMDYyOTkzMjM4OTk2OTY5NDIyMTMyMzU5NTY3NDI5Mjk4OTExNzIzOTg2NzMyODQyNjcxMTY5MTYxNzI5MDUzOTkyMTkiLCAidiI6ICI3ODQ3NjA5MjcxNTU4OTI5MzA4MTI2MDc1NTM3MjA1NTk3NjQyMzc1NjY4MTIxMDM3NjM1MTI1MDgwMTcxMzA3MDA0OTcwNTU0MzM3MDI5MDUwMTI5MDM2OTQ4NDY1OTc1NjA3NTIwMjk5OTY5NjkxNzEyMjQ2NDA2NzMxOTM4NjUxMTU1OTc5NzA5NzIzMjM0MDM1ODI2OTU1NDEzOTIyNzg5MzczOTAzMjUxMjI4MDQzMjE0NjEzNTM5OTQ3MDI4Mzk0MDUzNDA0NTE2MTY3NTkwMTcwMjgwMjU1NDUwMDY4OTA4NTEyMDg3MjA4OTE2NjY5MjM1NDk1MTQ4NTY4NjQ3NDY4ODk4NDU5MDE5MzQzOTEyMTYyMzI0NTg3MzIxOTgyNzc2MDM5NTkzNjgzNjY5NTQ0NzM0NzQ4MDgyOTMxNjAwNjE1MzY2NDE4NDc0NjQwODkxOTM4NDkwMjA4NzQzMzI3NjAwNTAxMDI3OTkwNzM4MDE2MzQyODQ2OTkyNTI4ODA3OTI2NTE3MDgxODQ3Njg1MTY2NTgxNzYyOTM5MjIyMTc4NTAzMzU3ODA5NjE0OTI4NDQ3OTcwMDg3NTY4Mjk5NDAxMTA2NTc5MDMxNjYwOTI4MjcxNTk3MjM4NzU3MDg4MTQ4NzY2MDgwMTUwMDM3NjMzMjgwOTYxNjQ2MDk2NjEyMTU1MTE0NzUxMDM5NjUyNDU1MzU4OTc4OTM3MTY4MDgxNDMxMzk5NDI1NTgzNjE3OTUzNzU4OTg0NjAyNjQ2MjI2ODE5NDA3NDQ3NjAzNjc4Mjg3Nzg3ODU4NzQ0NDQzMDE2NTUzMTEwODE4NjY2OTY3NTY3NTA2NjA2MzkzNzYwMjQ3MDg5OTA3NTU3NDkxOTUyNjc0NzA2MTM1MTkzODIzMTExMjY3NDQ1MzA2NDc3Nzk0NjIwNTQ3NDM2NDk1NDI5NTEyNTMwMjIzMTQzNTQwNzgxMTIyNTE5NTgyOTg2NzU5MTg4NTQ5MTUwNDAzODg4MzQ5OTQ0MDExMDE0MTQwNTQ3NjEzMDE0MzY2ODg2OTgxMTY3MDE0OTY4MTM1MjUzNzQ1MDI4ODk0In0sICJyX2NyZWRlbnRpYWwiOiBudWxsfSwgInNpZ25hdHVyZV9jb3JyZWN0bmVzc19wcm9vZiI6IHsic2UiOiAiMzk3Mzg5MjY4NjAzOTkwOTkwOTAxMjEzNjc4Nzc1OTg4OTQ2MzY1OTQwMTExNTY5ODU0ODkwODQ4MDk5MDgxOTgyODYyNTQ2Mjg2MzY3NDY4MTk2OTAwOTAwNjQwMDQ5MzU0MDUyOTE2MTEyMTExNDk1MDQwODA4Njk3NDM0NjU0MTcwOTk0NTY1NTkxMzEyMDM2MzIwMjQ2NjU4MTY2NjU4NDU5OTIwNzIwNjYxNzA5ODA0NDcyNjI1OTIwMTg0MDkyODk5MjI4MzA1Mzg4OTk1Mzk4MTk1MTAyNjI5OTgwMTU3OTQ4NDQxMjE0OTAzNDMyMzEzMzQwNjIwNzQxMTgxODI1MTgxMzcxMjYyNzY1MTU3MjM0OTg0MTg4NDI2ODg5MjkxMzQ5MDIwNzMwOTExNzE5MzM0MzgzMjE2NjU4NzIzNTg4OTcwMzQ0MDM4NDg3NDQ0NTk0Njc0OTE5NjYyMjY1MDEzMTk5MDE0MjkxNzM2NjgyMDM4NjQ2MzAzOTQ4ODcxNDM2NTUyNjAxNjgyMzE1ODEzMjc4NDA3MTc3MDg2NTk4OTgwNTc0MTc1MDYyNTA0MTI5NTMxNTkyNTcxMzMzMDQ2MDA0MjIzNTcxMTYzMzg2OTYwODI1NjAwOTE2NDcxNTU2MDg4ODIzMjI3MzgwNzQ4MjY2MDU3OTEzODk4MDk1OTQwODYwOTA1OTMyNTQwODAwODQ3ODIxOTAxNDczNDYxNjI1NjM1MzMwODU2MzE0MjA1MTQ5MDk0Mjk1NTUzODM3NjM1MTE1MTczMTg3MjAwNjI1MDM1MjIzNjIwNjE1MCIsICJjIjogIjExMTE3ODcyMDM5ODU2OTEzMzMyNzIxNTc2NjQ1ODI5MTcyODg2ODgzMDM4MzQxMzg2NTc3Mzc5MDIzOTcyMDQ4OTE1MTM1MDYwOTY5OSJ9LCAicmV2X3JlZyI6IG51bGwsICJ3aXRuZXNzIjogbnVsbH0="}}]}

[ianco]

See PR #1475

Tested out negative encodings and doesn't seem to cause any issues

[swcurran]

Based on @ianco 's comment -- closing this. Please reopen if something more is needed.