@arcblock/vc 1.28.9 → 1.29.0

package/README.md

@@ -1,6 +1,5 @@
 ![Verifiable Credentials](https://www.arcblock.io/.netlify/functions/badge/?text=Verifiable+Credentials)
 
-[![styled with prettier](https://img.shields.io/badge/styled_with-prettier-ff69b4.svg)](https://github.com/prettier/prettier)
 [![docs](https://img.shields.io/badge/powered%20by-arcblock-green.svg)](https://docs.arcblock.io)
 [![Gitter](https://badges.gitter.im/ArcBlock/community.svg)](https://gitter.im/ArcBlock/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
 

package/esm/index.d.mts

@@ -0,0 +1,155 @@
+import { WalletObject } from "@ocap/wallet";
+import stringify from "json-stable-stringify";
+
+//#region src/index.d.ts
+interface Proof {
+  type: string;
+  created: string;
+  proofPurpose: string;
+  jws: string;
+  pk?: string;
+}
+interface Issuer {
+  id: string;
+  pk: string;
+  name: string;
+}
+interface CredentialSubject {
+  id: string;
+  [key: string]: unknown;
+}
+interface CredentialStatus {
+  id: string;
+  type: string;
+  scope: string;
+}
+interface VerifiableCredential {
+  '@context': string;
+  id: string;
+  type: string;
+  issuer: Issuer;
+  issuanceDate: string;
+  expirationDate?: string;
+  credentialSubject: CredentialSubject;
+  proof: Proof;
+  tag?: string;
+  credentialStatus?: CredentialStatus;
+  signature?: unknown;
+}
+interface IssuerInfo {
+  wallet: WalletObject;
+  name?: string;
+}
+interface Presentation {
+  challenge: string;
+  verifiableCredential: string | string[];
+  proof: Proof | Proof[];
+  [key: string]: unknown;
+}
+interface Credential {
+  id: string;
+  issued: string;
+  issuer: Issuer;
+  proof: Proof;
+  claim: unknown;
+}
+declare const proofTypes: Record<number, string>;
+/**
+ * Create a valid verifiable credential
+ *
+ * @param params
+ * @param params.type - The type of credential
+ * @param params.subject - The content of credential
+ * @param params.issuer - The issuer name and wallet
+ * @param params.issuanceDate
+ * @param params.expirationDate
+ * @param params.endpoint - Status endpoint url
+ * @param params.endpointScope - Endpoint scope, either be public or private
+ * @returns Promise<object>
+ */
+declare function create({
+  type,
+  subject,
+  issuer,
+  issuanceDate,
+  expirationDate,
+  tag,
+  endpoint,
+  endpointScope
+}: {
+  type: string;
+  subject: CredentialSubject;
+  issuer: IssuerInfo;
+  issuanceDate?: string;
+  expirationDate?: string;
+  tag?: string;
+  endpoint?: string;
+  endpointScope?: string;
+}): Promise<VerifiableCredential | null>;
+/**
+ * Verify that the verifiable credential is valid
+ *  - It is signed by a whitelist of issuers
+ *  - It is owned by the vc.subject.id
+ *  - It has valid signature by the issuer
+ *  - It is not expired
+ *
+ * @param vc - the verifiable credential object
+ * @param ownerDid - vc holder/owner did
+ * @param trustedIssuers - list of issuer did
+ * @throws Error
+ * @returns Promise<boolean>
+ */
+declare function verify({
+  vc,
+  ownerDid,
+  trustedIssuers,
+  ignoreExpired
+}: {
+  vc: VerifiableCredential | null;
+  ownerDid: string;
+  trustedIssuers: string | string[];
+  ignoreExpired?: boolean;
+}): Promise<boolean>;
+/**
+ * Verify that the Presentation is valid
+ *  - It is signed by VC's owner
+ *  - It contain challenge
+ *  - It has valid signature by the issuer
+ *  - It is not expired
+ *
+ * @param presentation - the presentation object
+ * @param trustedIssuers - list of issuer did
+ * @param challenge - Random byte you want
+ * @throws Error
+ * @returns Promise<boolean>
+ */
+declare function verifyPresentation({
+  presentation,
+  trustedIssuers,
+  challenge,
+  ignoreExpired
+}: {
+  presentation: Presentation;
+  trustedIssuers: string[];
+  challenge: string;
+  ignoreExpired?: boolean;
+}): Promise<boolean>;
+declare function createCredentialList({
+  claims,
+  issuer,
+  issuanceDate
+}: {
+  claims: unknown[];
+  issuer: IssuerInfo;
+  issuanceDate?: string;
+}): Promise<Credential[]>;
+declare function verifyCredentialList({
+  credentials,
+  trustedIssuers
+}: {
+  credentials: Credential[];
+  trustedIssuers: string | string[];
+}): Promise<unknown[]>;
+declare const stableStringify: typeof stringify;
+//#endregion
+export { create, createCredentialList, proofTypes, stableStringify, verify, verifyCredentialList, verifyPresentation };

package/esm/index.mjs

@@ -0,0 +1,209 @@
+import { name } from "./package.mjs";
+import { fromPublicKeyHash, isFromPublicKey, isValid, toTypeInfo } from "@arcblock/did";
+import { types } from "@ocap/mcrypto";
+import { fromBase58, fromBase64, toBase58, toBase64 } from "@ocap/util";
+import { fromPublicKey } from "@ocap/wallet";
+import Debug from "debug";
+import isAbsoluteUrl from "is-absolute-url";
+import stringify from "json-stable-stringify";
+import cloneDeep from "lodash/cloneDeep.js";
+
+//#region src/index.ts
+/**
+* @fileOverview Utility functions to create/verify vc
+*
+* @module @arcblock/vc
+* @requires @arcblock/did
+* @requires @ocap/util
+*/
+const debug = Debug(name);
+const proofTypes = {
+	[types.KeyType.ED25519]: "Ed25519Signature",
+	[types.KeyType.SECP256K1]: "Secp256k1Signature",
+	[types.KeyType.ETHEREUM]: "EthereumSignature"
+};
+/**
+* Create a valid verifiable credential
+*
+* @param params
+* @param params.type - The type of credential
+* @param params.subject - The content of credential
+* @param params.issuer - The issuer name and wallet
+* @param params.issuanceDate
+* @param params.expirationDate
+* @param params.endpoint - Status endpoint url
+* @param params.endpointScope - Endpoint scope, either be public or private
+* @returns Promise<object>
+*/
+async function create({ type, subject, issuer, issuanceDate, expirationDate, tag = "", endpoint = "", endpointScope = "public" }) {
+	if (!type) throw new Error("Can not create verifiable credential without empty type");
+	if (!subject) throw new Error("Can not create verifiable credential from empty subject");
+	if (!subject.id) throw new Error("Can not create verifiable credential without holder");
+	if (!isValid(subject.id)) throw new Error("Can not create verifiable credential invalid holder did");
+	if (endpoint && isAbsoluteUrl(endpoint) === false) throw new Error("VC Endpoint must be absolute url");
+	if (endpointScope && ["public", "private"].includes(endpointScope) === false) throw new Error("VC Endpoint scope must be either public or private");
+	const { wallet, name: issuerName } = issuer;
+	const issuerDid = wallet.address;
+	const typeInfo = toTypeInfo(issuerDid);
+	const vcType = {
+		...typeInfo,
+		role: types.RoleType.ROLE_VC
+	};
+	const vcDid = fromPublicKeyHash(wallet.hash(stringify(subject)), vcType);
+	const issuanceDateValue = issuanceDate || (/* @__PURE__ */ new Date()).toISOString();
+	const vcObj = {
+		"@context": "https://schema.arcblock.io/v0.1/context.jsonld",
+		id: vcDid,
+		type,
+		issuer: {
+			id: issuerDid,
+			pk: toBase58(wallet.publicKey),
+			name: issuerName || issuerDid
+		},
+		issuanceDate: issuanceDateValue,
+		expirationDate,
+		credentialSubject: subject
+	};
+	if (tag) vcObj.tag = tag;
+	if (endpoint) vcObj.credentialStatus = {
+		id: endpoint,
+		type: "NFTStatusList2021",
+		scope: endpointScope || "public"
+	};
+	const pkType = typeInfo.pk;
+	if (!proofTypes[pkType]) throw new Error("Unsupported signer type when create verifiable credential");
+	const signature = await wallet.sign(stringify(vcObj));
+	const result = {
+		proof: {
+			type: proofTypes[pkType],
+			created: issuanceDateValue,
+			proofPurpose: "assertionMethod",
+			jws: toBase64(signature)
+		},
+		...vcObj
+	};
+	debug("create", result);
+	if (await verify({
+		vc: result,
+		ownerDid: subject.id,
+		trustedIssuers: [issuerDid]
+	})) return result;
+	return null;
+}
+/**
+* Verify that the verifiable credential is valid
+*  - It is signed by a whitelist of issuers
+*  - It is owned by the vc.subject.id
+*  - It has valid signature by the issuer
+*  - It is not expired
+*
+* @param vc - the verifiable credential object
+* @param ownerDid - vc holder/owner did
+* @param trustedIssuers - list of issuer did
+* @throws Error
+* @returns Promise<boolean>
+*/
+async function verify({ vc, ownerDid, trustedIssuers, ignoreExpired = false }) {
+	if (!vc) throw new Error("Empty verifiable credential object");
+	if (!vc.issuer || !vc.issuer.id || !vc.issuer.pk || !isValid(vc.issuer.id)) throw new Error("Invalid verifiable credential issuer");
+	if (!vc.credentialSubject || !vc.credentialSubject.id || !isValid(vc.credentialSubject.id)) throw new Error("Invalid verifiable credential subject");
+	if (!vc.proof || !vc.proof.jws) throw new Error("Invalid verifiable credential proof");
+	if (vc.issuanceDate === void 0) throw Error("Invalid verifiable credential issue date");
+	if (new Date(vc.issuanceDate).getTime() > Date.now()) throw Error("Verifiable credential has not take effect");
+	if (!ignoreExpired && vc.expirationDate !== void 0 && new Date(vc.expirationDate).getTime() < Date.now()) throw Error("Verifiable credential has expired");
+	const issuerDid = (Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers]).find((x) => x === vc.issuer.id);
+	if (!issuerDid) throw new Error("Verifiable credential not issued by trusted issuers");
+	if (!isFromPublicKey(issuerDid, vc.issuer.pk)) throw new Error("Verifiable credential not issuer pk not match with issuer did");
+	if (ownerDid !== vc.credentialSubject.id) throw new Error("Verifiable credential not owned by specified owner did");
+	const issuerWallet = fromPublicKey(vc.issuer.pk, toTypeInfo(issuerDid));
+	const clone = cloneDeep(vc);
+	const signatureStr = clone.proof.jws;
+	delete clone.proof;
+	delete clone.signature;
+	if (await issuerWallet.verify(stringify(clone), fromBase64(signatureStr)) !== true) throw Error("Verifiable credential signature not valid");
+	return true;
+}
+/**
+* Verify that the Presentation is valid
+*  - It is signed by VC's owner
+*  - It contain challenge
+*  - It has valid signature by the issuer
+*  - It is not expired
+*
+* @param presentation - the presentation object
+* @param trustedIssuers - list of issuer did
+* @param challenge - Random byte you want
+* @throws Error
+* @returns Promise<boolean>
+*/
+async function verifyPresentation({ presentation, trustedIssuers, challenge, ignoreExpired = false }) {
+	if (!presentation.challenge || challenge !== presentation.challenge) throw Error("Invalid challenge included on vc presentation");
+	const vcList = Array.isArray(presentation.verifiableCredential) ? presentation.verifiableCredential : [presentation.verifiableCredential];
+	const proofList = Array.isArray(presentation.proof) ? presentation.proof : [presentation.proof];
+	const clone = cloneDeep(presentation);
+	delete clone.proof;
+	await Promise.all(vcList.map(async (vcStr) => {
+		const vcObj = JSON.parse(vcStr);
+		const proof = proofList.find((x) => isFromPublicKey(vcObj.credentialSubject.id, x.pk));
+		if (!proof) throw Error(`VC does not have corresponding proof: ${vcStr}`);
+		const signatureStr = proof.jws;
+		if (await fromPublicKey(fromBase58(proof.pk), toTypeInfo(vcObj.credentialSubject.id)).verify(stringify(clone), fromBase64(signatureStr)) !== true) throw Error("Presentation signature invalid");
+		await verify({
+			vc: vcObj,
+			ownerDid: vcObj.credentialSubject.id,
+			trustedIssuers,
+			ignoreExpired
+		});
+	}));
+	return true;
+}
+async function createCredentialList({ claims, issuer, issuanceDate }) {
+	if (!claims || !Array.isArray(claims)) throw new Error("Can not create credential list with empty claim list");
+	if (!issuer || !issuer.wallet || !issuer.name) throw new Error("Can not create credential list with empty issuer name or wallet");
+	if (typeof issuer.wallet.sign !== "function") throw new Error("Can not create credential list with invalid issuer wallet");
+	const { wallet, name: name$1 } = issuer;
+	const issuerDid = wallet.address;
+	const typeInfo = toTypeInfo(issuerDid);
+	const vcType = {
+		...typeInfo,
+		role: types.RoleType.ROLE_VC
+	};
+	const issued = issuanceDate || (/* @__PURE__ */ new Date()).toISOString();
+	const pkType = typeInfo.pk;
+	return await Promise.all(claims.map(async (x) => {
+		const vc = { claim: x };
+		vc.id = fromPublicKeyHash(wallet.hash(stringify(vc.claim)), vcType);
+		vc.issued = issued;
+		vc.issuer = {
+			id: issuerDid,
+			pk: toBase58(wallet.publicKey),
+			name: name$1 || issuerDid
+		};
+		const signature = await wallet.sign(stringify(vc));
+		vc.proof = {
+			type: proofTypes[pkType],
+			created: issued,
+			proofPurpose: "assertionMethod",
+			jws: toBase64(signature)
+		};
+		return vc;
+	}));
+}
+async function verifyCredentialList({ credentials, trustedIssuers }) {
+	if (!credentials || !Array.isArray(credentials)) throw new Error("Can not verify with empty credentials list");
+	return Promise.all(credentials.map(async (x) => {
+		const issuerDid = (Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers]).find((d) => d === x.issuer.id);
+		if (!issuerDid) throw new Error("Credential not issued by trusted issuers");
+		if (!isFromPublicKey(issuerDid, x.issuer.pk)) throw new Error("Credential not issuer pk not match with issuer did");
+		const issuerWallet = fromPublicKey(x.issuer.pk, toTypeInfo(issuerDid));
+		const clone = cloneDeep(x);
+		const signatureStr = clone.proof.jws;
+		delete clone.proof;
+		if (await issuerWallet.verify(stringify(clone), fromBase64(signatureStr)) !== true) throw Error("Status credential signature not valid");
+		return x.claim;
+	}));
+}
+const stableStringify = stringify;
+
+//#endregion
+export { create, createCredentialList, proofTypes, stableStringify, verify, verifyCredentialList, verifyPresentation };

package/esm/package.mjs

@@ -0,0 +1,5 @@
+//#region package.json
+var name = "@arcblock/vc";
+
+//#endregion
+export { name };

package/lib/_virtual/rolldown_runtime.cjs

@@ -0,0 +1,29 @@
+//#region rolldown:runtime
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+
+//#endregion
+
+exports.__toESM = __toESM;

package/lib/index.cjs

@@ -0,0 +1,220 @@
+const require_rolldown_runtime = require('./_virtual/rolldown_runtime.cjs');
+const require_package = require('./package.cjs');
+let _arcblock_did = require("@arcblock/did");
+let _ocap_mcrypto = require("@ocap/mcrypto");
+let _ocap_util = require("@ocap/util");
+let _ocap_wallet = require("@ocap/wallet");
+let debug = require("debug");
+debug = require_rolldown_runtime.__toESM(debug);
+let is_absolute_url = require("is-absolute-url");
+is_absolute_url = require_rolldown_runtime.__toESM(is_absolute_url);
+let json_stable_stringify = require("json-stable-stringify");
+json_stable_stringify = require_rolldown_runtime.__toESM(json_stable_stringify);
+let lodash_cloneDeep = require("lodash/cloneDeep");
+lodash_cloneDeep = require_rolldown_runtime.__toESM(lodash_cloneDeep);
+
+//#region src/index.ts
+/**
+* @fileOverview Utility functions to create/verify vc
+*
+* @module @arcblock/vc
+* @requires @arcblock/did
+* @requires @ocap/util
+*/
+const debug$1 = (0, debug.default)(require_package.name);
+const proofTypes = {
+	[_ocap_mcrypto.types.KeyType.ED25519]: "Ed25519Signature",
+	[_ocap_mcrypto.types.KeyType.SECP256K1]: "Secp256k1Signature",
+	[_ocap_mcrypto.types.KeyType.ETHEREUM]: "EthereumSignature"
+};
+/**
+* Create a valid verifiable credential
+*
+* @param params
+* @param params.type - The type of credential
+* @param params.subject - The content of credential
+* @param params.issuer - The issuer name and wallet
+* @param params.issuanceDate
+* @param params.expirationDate
+* @param params.endpoint - Status endpoint url
+* @param params.endpointScope - Endpoint scope, either be public or private
+* @returns Promise<object>
+*/
+async function create({ type, subject, issuer, issuanceDate, expirationDate, tag = "", endpoint = "", endpointScope = "public" }) {
+	if (!type) throw new Error("Can not create verifiable credential without empty type");
+	if (!subject) throw new Error("Can not create verifiable credential from empty subject");
+	if (!subject.id) throw new Error("Can not create verifiable credential without holder");
+	if (!(0, _arcblock_did.isValid)(subject.id)) throw new Error("Can not create verifiable credential invalid holder did");
+	if (endpoint && (0, is_absolute_url.default)(endpoint) === false) throw new Error("VC Endpoint must be absolute url");
+	if (endpointScope && ["public", "private"].includes(endpointScope) === false) throw new Error("VC Endpoint scope must be either public or private");
+	const { wallet, name: issuerName } = issuer;
+	const issuerDid = wallet.address;
+	const typeInfo = (0, _arcblock_did.toTypeInfo)(issuerDid);
+	const vcType = {
+		...typeInfo,
+		role: _ocap_mcrypto.types.RoleType.ROLE_VC
+	};
+	const vcDid = (0, _arcblock_did.fromPublicKeyHash)(wallet.hash((0, json_stable_stringify.default)(subject)), vcType);
+	const issuanceDateValue = issuanceDate || (/* @__PURE__ */ new Date()).toISOString();
+	const vcObj = {
+		"@context": "https://schema.arcblock.io/v0.1/context.jsonld",
+		id: vcDid,
+		type,
+		issuer: {
+			id: issuerDid,
+			pk: (0, _ocap_util.toBase58)(wallet.publicKey),
+			name: issuerName || issuerDid
+		},
+		issuanceDate: issuanceDateValue,
+		expirationDate,
+		credentialSubject: subject
+	};
+	if (tag) vcObj.tag = tag;
+	if (endpoint) vcObj.credentialStatus = {
+		id: endpoint,
+		type: "NFTStatusList2021",
+		scope: endpointScope || "public"
+	};
+	const pkType = typeInfo.pk;
+	if (!proofTypes[pkType]) throw new Error("Unsupported signer type when create verifiable credential");
+	const signature = await wallet.sign((0, json_stable_stringify.default)(vcObj));
+	const result = {
+		proof: {
+			type: proofTypes[pkType],
+			created: issuanceDateValue,
+			proofPurpose: "assertionMethod",
+			jws: (0, _ocap_util.toBase64)(signature)
+		},
+		...vcObj
+	};
+	debug$1("create", result);
+	if (await verify({
+		vc: result,
+		ownerDid: subject.id,
+		trustedIssuers: [issuerDid]
+	})) return result;
+	return null;
+}
+/**
+* Verify that the verifiable credential is valid
+*  - It is signed by a whitelist of issuers
+*  - It is owned by the vc.subject.id
+*  - It has valid signature by the issuer
+*  - It is not expired
+*
+* @param vc - the verifiable credential object
+* @param ownerDid - vc holder/owner did
+* @param trustedIssuers - list of issuer did
+* @throws Error
+* @returns Promise<boolean>
+*/
+async function verify({ vc, ownerDid, trustedIssuers, ignoreExpired = false }) {
+	if (!vc) throw new Error("Empty verifiable credential object");
+	if (!vc.issuer || !vc.issuer.id || !vc.issuer.pk || !(0, _arcblock_did.isValid)(vc.issuer.id)) throw new Error("Invalid verifiable credential issuer");
+	if (!vc.credentialSubject || !vc.credentialSubject.id || !(0, _arcblock_did.isValid)(vc.credentialSubject.id)) throw new Error("Invalid verifiable credential subject");
+	if (!vc.proof || !vc.proof.jws) throw new Error("Invalid verifiable credential proof");
+	if (vc.issuanceDate === void 0) throw Error("Invalid verifiable credential issue date");
+	if (new Date(vc.issuanceDate).getTime() > Date.now()) throw Error("Verifiable credential has not take effect");
+	if (!ignoreExpired && vc.expirationDate !== void 0 && new Date(vc.expirationDate).getTime() < Date.now()) throw Error("Verifiable credential has expired");
+	const issuerDid = (Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers]).find((x) => x === vc.issuer.id);
+	if (!issuerDid) throw new Error("Verifiable credential not issued by trusted issuers");
+	if (!(0, _arcblock_did.isFromPublicKey)(issuerDid, vc.issuer.pk)) throw new Error("Verifiable credential not issuer pk not match with issuer did");
+	if (ownerDid !== vc.credentialSubject.id) throw new Error("Verifiable credential not owned by specified owner did");
+	const issuerWallet = (0, _ocap_wallet.fromPublicKey)(vc.issuer.pk, (0, _arcblock_did.toTypeInfo)(issuerDid));
+	const clone = (0, lodash_cloneDeep.default)(vc);
+	const signatureStr = clone.proof.jws;
+	delete clone.proof;
+	delete clone.signature;
+	if (await issuerWallet.verify((0, json_stable_stringify.default)(clone), (0, _ocap_util.fromBase64)(signatureStr)) !== true) throw Error("Verifiable credential signature not valid");
+	return true;
+}
+/**
+* Verify that the Presentation is valid
+*  - It is signed by VC's owner
+*  - It contain challenge
+*  - It has valid signature by the issuer
+*  - It is not expired
+*
+* @param presentation - the presentation object
+* @param trustedIssuers - list of issuer did
+* @param challenge - Random byte you want
+* @throws Error
+* @returns Promise<boolean>
+*/
+async function verifyPresentation({ presentation, trustedIssuers, challenge, ignoreExpired = false }) {
+	if (!presentation.challenge || challenge !== presentation.challenge) throw Error("Invalid challenge included on vc presentation");
+	const vcList = Array.isArray(presentation.verifiableCredential) ? presentation.verifiableCredential : [presentation.verifiableCredential];
+	const proofList = Array.isArray(presentation.proof) ? presentation.proof : [presentation.proof];
+	const clone = (0, lodash_cloneDeep.default)(presentation);
+	delete clone.proof;
+	await Promise.all(vcList.map(async (vcStr) => {
+		const vcObj = JSON.parse(vcStr);
+		const proof = proofList.find((x) => (0, _arcblock_did.isFromPublicKey)(vcObj.credentialSubject.id, x.pk));
+		if (!proof) throw Error(`VC does not have corresponding proof: ${vcStr}`);
+		const signatureStr = proof.jws;
+		if (await (0, _ocap_wallet.fromPublicKey)((0, _ocap_util.fromBase58)(proof.pk), (0, _arcblock_did.toTypeInfo)(vcObj.credentialSubject.id)).verify((0, json_stable_stringify.default)(clone), (0, _ocap_util.fromBase64)(signatureStr)) !== true) throw Error("Presentation signature invalid");
+		await verify({
+			vc: vcObj,
+			ownerDid: vcObj.credentialSubject.id,
+			trustedIssuers,
+			ignoreExpired
+		});
+	}));
+	return true;
+}
+async function createCredentialList({ claims, issuer, issuanceDate }) {
+	if (!claims || !Array.isArray(claims)) throw new Error("Can not create credential list with empty claim list");
+	if (!issuer || !issuer.wallet || !issuer.name) throw new Error("Can not create credential list with empty issuer name or wallet");
+	if (typeof issuer.wallet.sign !== "function") throw new Error("Can not create credential list with invalid issuer wallet");
+	const { wallet, name: name$1 } = issuer;
+	const issuerDid = wallet.address;
+	const typeInfo = (0, _arcblock_did.toTypeInfo)(issuerDid);
+	const vcType = {
+		...typeInfo,
+		role: _ocap_mcrypto.types.RoleType.ROLE_VC
+	};
+	const issued = issuanceDate || (/* @__PURE__ */ new Date()).toISOString();
+	const pkType = typeInfo.pk;
+	return await Promise.all(claims.map(async (x) => {
+		const vc = { claim: x };
+		vc.id = (0, _arcblock_did.fromPublicKeyHash)(wallet.hash((0, json_stable_stringify.default)(vc.claim)), vcType);
+		vc.issued = issued;
+		vc.issuer = {
+			id: issuerDid,
+			pk: (0, _ocap_util.toBase58)(wallet.publicKey),
+			name: name$1 || issuerDid
+		};
+		const signature = await wallet.sign((0, json_stable_stringify.default)(vc));
+		vc.proof = {
+			type: proofTypes[pkType],
+			created: issued,
+			proofPurpose: "assertionMethod",
+			jws: (0, _ocap_util.toBase64)(signature)
+		};
+		return vc;
+	}));
+}
+async function verifyCredentialList({ credentials, trustedIssuers }) {
+	if (!credentials || !Array.isArray(credentials)) throw new Error("Can not verify with empty credentials list");
+	return Promise.all(credentials.map(async (x) => {
+		const issuerDid = (Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers]).find((d) => d === x.issuer.id);
+		if (!issuerDid) throw new Error("Credential not issued by trusted issuers");
+		if (!(0, _arcblock_did.isFromPublicKey)(issuerDid, x.issuer.pk)) throw new Error("Credential not issuer pk not match with issuer did");
+		const issuerWallet = (0, _ocap_wallet.fromPublicKey)(x.issuer.pk, (0, _arcblock_did.toTypeInfo)(issuerDid));
+		const clone = (0, lodash_cloneDeep.default)(x);
+		const signatureStr = clone.proof.jws;
+		delete clone.proof;
+		if (await issuerWallet.verify((0, json_stable_stringify.default)(clone), (0, _ocap_util.fromBase64)(signatureStr)) !== true) throw Error("Status credential signature not valid");
+		return x.claim;
+	}));
+}
+const stableStringify = json_stable_stringify.default;
+
+//#endregion
+exports.create = create;
+exports.createCredentialList = createCredentialList;
+exports.proofTypes = proofTypes;
+exports.stableStringify = stableStringify;
+exports.verify = verify;
+exports.verifyCredentialList = verifyCredentialList;
+exports.verifyPresentation = verifyPresentation;

package/lib/index.d.cts

@@ -0,0 +1,155 @@
+import { WalletObject } from "@ocap/wallet";
+import stringify from "json-stable-stringify";
+
+//#region src/index.d.ts
+interface Proof {
+  type: string;
+  created: string;
+  proofPurpose: string;
+  jws: string;
+  pk?: string;
+}
+interface Issuer {
+  id: string;
+  pk: string;
+  name: string;
+}
+interface CredentialSubject {
+  id: string;
+  [key: string]: unknown;
+}
+interface CredentialStatus {
+  id: string;
+  type: string;
+  scope: string;
+}
+interface VerifiableCredential {
+  '@context': string;
+  id: string;
+  type: string;
+  issuer: Issuer;
+  issuanceDate: string;
+  expirationDate?: string;
+  credentialSubject: CredentialSubject;
+  proof: Proof;
+  tag?: string;
+  credentialStatus?: CredentialStatus;
+  signature?: unknown;
+}
+interface IssuerInfo {
+  wallet: WalletObject;
+  name?: string;
+}
+interface Presentation {
+  challenge: string;
+  verifiableCredential: string | string[];
+  proof: Proof | Proof[];
+  [key: string]: unknown;
+}
+interface Credential {
+  id: string;
+  issued: string;
+  issuer: Issuer;
+  proof: Proof;
+  claim: unknown;
+}
+declare const proofTypes: Record<number, string>;
+/**
+ * Create a valid verifiable credential
+ *
+ * @param params
+ * @param params.type - The type of credential
+ * @param params.subject - The content of credential
+ * @param params.issuer - The issuer name and wallet
+ * @param params.issuanceDate
+ * @param params.expirationDate
+ * @param params.endpoint - Status endpoint url
+ * @param params.endpointScope - Endpoint scope, either be public or private
+ * @returns Promise<object>
+ */
+declare function create({
+  type,
+  subject,
+  issuer,
+  issuanceDate,
+  expirationDate,
+  tag,
+  endpoint,
+  endpointScope
+}: {
+  type: string;
+  subject: CredentialSubject;
+  issuer: IssuerInfo;
+  issuanceDate?: string;
+  expirationDate?: string;
+  tag?: string;
+  endpoint?: string;
+  endpointScope?: string;
+}): Promise<VerifiableCredential | null>;
+/**
+ * Verify that the verifiable credential is valid
+ *  - It is signed by a whitelist of issuers
+ *  - It is owned by the vc.subject.id
+ *  - It has valid signature by the issuer
+ *  - It is not expired
+ *
+ * @param vc - the verifiable credential object
+ * @param ownerDid - vc holder/owner did
+ * @param trustedIssuers - list of issuer did
+ * @throws Error
+ * @returns Promise<boolean>
+ */
+declare function verify({
+  vc,
+  ownerDid,
+  trustedIssuers,
+  ignoreExpired
+}: {
+  vc: VerifiableCredential | null;
+  ownerDid: string;
+  trustedIssuers: string | string[];
+  ignoreExpired?: boolean;
+}): Promise<boolean>;
+/**
+ * Verify that the Presentation is valid
+ *  - It is signed by VC's owner
+ *  - It contain challenge
+ *  - It has valid signature by the issuer
+ *  - It is not expired
+ *
+ * @param presentation - the presentation object
+ * @param trustedIssuers - list of issuer did
+ * @param challenge - Random byte you want
+ * @throws Error
+ * @returns Promise<boolean>
+ */
+declare function verifyPresentation({
+  presentation,
+  trustedIssuers,
+  challenge,
+  ignoreExpired
+}: {
+  presentation: Presentation;
+  trustedIssuers: string[];
+  challenge: string;
+  ignoreExpired?: boolean;
+}): Promise<boolean>;
+declare function createCredentialList({
+  claims,
+  issuer,
+  issuanceDate
+}: {
+  claims: unknown[];
+  issuer: IssuerInfo;
+  issuanceDate?: string;
+}): Promise<Credential[]>;
+declare function verifyCredentialList({
+  credentials,
+  trustedIssuers
+}: {
+  credentials: Credential[];
+  trustedIssuers: string | string[];
+}): Promise<unknown[]>;
+declare const stableStringify: typeof stringify;
+//#endregion
+export { create, createCredentialList, proofTypes, stableStringify, verify, verifyCredentialList, verifyPresentation };

package/lib/package.cjs

@@ -0,0 +1,11 @@
+
+//#region package.json
+var name = "@arcblock/vc";
+
+//#endregion
+Object.defineProperty(exports, 'name', {
+  enumerable: true,
+  get: function () {
+    return name;
+  }
+});

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@arcblock/vc",
-  "version": "1.28.9",
-  "description": "Javascript lib to work with ArcBlock Verifiable Credentials",
+  "version": "1.29.0",
+  "description": "TypeScript lib to work with ArcBlock Verifiable Credentials",
   "keywords": [
     "arcblock",
     "blockchain",
@@ -19,24 +19,50 @@
   "contributors": [
     "wangshijun <shijun@arcblock.io> (https://github.com/wangshijun)"
   ],
-  "homepage": "https://github.com/ArcBlock/blockchain/tree/master/did/vc",
+  "homepage": "https://github.com/ArcBlock/blockchain/tree/master/asset/vc",
   "license": "Apache-2.0",
-  "main": "lib/index.js",
+  "type": "module",
+  "main": "./lib/index.cjs",
+  "module": "./esm/index.mjs",
+  "types": "./esm/index.d.mts",
+  "exports": {
+    ".": {
+      "types": "./esm/index.d.mts",
+      "import": "./esm/index.mjs",
+      "default": "./lib/index.cjs"
+    },
+    "./lib/*.js": {
+      "types": "./esm/*.d.mts",
+      "import": "./esm/*.mjs",
+      "default": "./lib/*.cjs"
+    },
+    "./lib/*": {
+      "types": "./esm/*.d.mts",
+      "import": "./esm/*.mjs",
+      "default": "./lib/*.cjs"
+    }
+  },
   "files": [
-    "lib"
+    "lib",
+    "esm"
   ],
-  "devDependencies": {},
+  "devDependencies": {
+    "@types/debug": "^4.1.12",
+    "@types/json-stable-stringify": "^1.1.0",
+    "@types/lodash": "^4.17.0"
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/ArcBlock/blockchain.git"
   },
   "scripts": {
+    "build": "tsdown",
+    "prebuild": "rm -rf lib esm",
     "lint": "biome check",
     "lint:fix": "biome check --write",
-    "docs": "bun run gen-dts && bun run gen-docs && bun run cleanup-docs && bun run format-docs",
+    "docs": "bun run gen-docs && bun run cleanup-docs && bun run format-docs",
     "cleanup-docs": "node ../../scripts/cleanup-docs.js docs/README.md $npm_package_name",
-    "gen-docs": "jsdoc2md lib/index.js > docs/README.md",
-    "gen-dts": "j2d lib/index.js",
+    "gen-docs": "jsdoc2md src/index.ts > docs/README.md",
     "format-docs": "remark . -o",
     "test": "bun test",
     "coverage": "npm run test -- --coverage"
@@ -45,13 +71,13 @@
     "url": "https://github.com/ArcBlock/blockchain/issues"
   },
   "dependencies": {
-    "@arcblock/did": "1.28.9",
-    "@ocap/mcrypto": "1.28.9",
-    "@ocap/util": "1.28.9",
-    "@ocap/wallet": "1.28.9",
-    "debug": "^4.3.6",
+    "@arcblock/did": "1.29.0",
+    "@ocap/mcrypto": "1.29.0",
+    "@ocap/util": "1.29.0",
+    "@ocap/wallet": "1.29.0",
+    "debug": "^4.4.3",
     "is-absolute-url": "^3.0.3",
     "json-stable-stringify": "^1.0.1",
-    "lodash": "^4.17.21"
+    "lodash": "^4.17.23"
   }
 }

package/lib/index.d.ts

@@ -1,84 +0,0 @@
-// Generate by [js2dts@0.3.3](https://github.com/whxaxes/js2dts#readme)
-
-import * as jsonStableStringify from 'json-stable-stringify';
-/**
- * Create a valid verifiable credential
- *
- * @param {object} params
- * @param {string} params.type - The type of credential
- * @param {object} params.subject - The content of credential
- * @param {object} params.issuer - The issuer name and wallet
- * @param {Date} params.issuanceDate
- * @param {Date} params.expirationDate
- * @param {String} params.endpoint - Status endpoint url
- * @param {String} params.endpointScope - Endpoint scope, either be public or private
- * @returns {Promise<object>}
- */
-declare function create(T100: _Lib.T101): Promise<any>;
-/**
- * Verify that the verifiable credential is valid
- *  - It is signed by a whitelist of issuers
- *  - It is owned by the vc.subject.id
- *  - It has valid signature by the issuer
- *  - It is not expired
- *
- * @param {object} vc - the verifiable credential object
- * @param {string} ownerDid - vc holder/owner did
- * @param {Array} trustedIssuers - list of issuer did
- * @throws {Error}
- * @returns {Promise<boolean>}
- */
-declare function verify(T102: any): Promise<boolean>;
-/**
- * Verify that the Presentation is valid
- *  - It is signed by VC's owner
- *  - It contain challenge
- *  - It has valid signature by the issuer
- *  - It is not expired
- *
- * @param {object} presentation - the presentation object
- * @param {Array} trustedIssuers - list of issuer did
- * @param {String} challenge - Random byte you want
- * @throws {Error}
- * @returns {Promise<boolean>}
- */
-declare function verifyPresentation(T103: any): Promise<boolean>;
-declare function createCredentialList(T105: _Lib.T106): Promise<_Lib.T107[]>;
-declare function verifyCredentialList(T108: _Lib.T109): Promise<any[]>;
-declare const _Lib: _Lib.T110;
-declare namespace _Lib {
-  export interface T101 {
-    type: string;
-    subject: any;
-    issuer: any;
-    issuanceDate: Date;
-    expirationDate: Date;
-    endpoint: string;
-    endpointScope: string;
-  }
-  export interface T104 {
-    [key: string]: any;
-  }
-  export interface T106 {
-    claims: any;
-    issuer: any;
-    issuanceDate: any;
-  }
-  export interface T107 {
-    claim: any;
-  }
-  export interface T109 {
-    credentials: any;
-    trustedIssuers: any;
-  }
-  export interface T110 {
-    create: typeof create;
-    verify: typeof verify;
-    verifyPresentation: typeof verifyPresentation;
-    stableStringify: typeof jsonStableStringify.default;
-    proofTypes: _Lib.T104;
-    createCredentialList: typeof createCredentialList;
-    verifyCredentialList: typeof verifyCredentialList;
-  }
-}
-export = _Lib;

package/lib/index.js

@@ -1,341 +0,0 @@
-/**
- * @fileOverview Utility functions to create/verify vc
- *
- * @module @arcblock/vc
- * @requires @arcblock/did
- * @requires @ocap/util
- */
-const isAbsoluteUrl = require('is-absolute-url');
-const stringify = require('json-stable-stringify');
-const cloneDeep = require('lodash/cloneDeep');
-const { types } = require('@ocap/mcrypto');
-const { fromPublicKey } = require('@ocap/wallet');
-const { toTypeInfo, isValid, isFromPublicKey, fromPublicKeyHash } = require('@arcblock/did');
-const { toBase58, toBase64, fromBase64, fromBase58 } = require('@ocap/util');
-
-const debug = require('debug')(require('../package.json').name);
-
-const proofTypes = {
-  [types.KeyType.ED25519]: 'Ed25519Signature',
-  [types.KeyType.SECP256K1]: 'Secp256k1Signature',
-  [types.KeyType.ETHEREUM]: 'EthereumSignature',
-};
-
-/**
- * Create a valid verifiable credential
- *
- * @param {object} params
- * @param {string} params.type - The type of credential
- * @param {object} params.subject - The content of credential
- * @param {object} params.issuer - The issuer name and wallet
- * @param {Date} params.issuanceDate
- * @param {Date} params.expirationDate
- * @param {String} params.endpoint - Status endpoint url
- * @param {String} params.endpointScope - Endpoint scope, either be public or private
- * @returns {Promise<object>}
- */
-async function create({
-  type,
-  subject,
-  issuer,
-  issuanceDate,
-  expirationDate,
-  tag = '',
-  endpoint = '',
-  endpointScope = 'public',
-}) {
-  if (!type) {
-    throw new Error('Can not create verifiable credential without empty type');
-  }
-
-  if (!subject) {
-    throw new Error('Can not create verifiable credential from empty subject');
-  }
-
-  // Should have an owner
-  if (!subject.id) {
-    throw new Error('Can not create verifiable credential without holder');
-  }
-
-  if (!isValid(subject.id)) {
-    throw new Error('Can not create verifiable credential invalid holder did');
-  }
-
-  if (endpoint && isAbsoluteUrl(endpoint) === false) {
-    throw new Error('VC Endpoint must be absolute url');
-  }
-
-  if (endpointScope && ['public', 'private'].includes(endpointScope) === false) {
-    throw new Error('VC Endpoint scope must be either public or private');
-  }
-
-  const { wallet, name: issuerName } = issuer;
-  const issuerDid = wallet.address;
-  const typeInfo = toTypeInfo(issuerDid);
-
-  // The { pk, hash } type should be same as issuer, role type must be `ROLE_VC`
-  const vcType = { ...typeInfo, role: types.RoleType.ROLE_VC };
-  const vcDid = fromPublicKeyHash(wallet.hash(stringify(subject)), vcType);
-
-  issuanceDate = issuanceDate || new Date().toISOString();
-
-  const vcObj = {
-    '@context': 'https://schema.arcblock.io/v0.1/context.jsonld',
-    id: vcDid,
-    type,
-    issuer: {
-      id: issuerDid,
-      pk: toBase58(wallet.publicKey),
-      name: issuerName || issuerDid,
-    },
-    issuanceDate,
-    expirationDate,
-    credentialSubject: subject,
-  };
-
-  if (tag) {
-    vcObj.tag = tag;
-  }
-
-  if (endpoint) {
-    vcObj.credentialStatus = {
-      id: endpoint,
-      type: 'NFTStatusList2021',
-      scope: endpointScope || 'public',
-    };
-  }
-
-  if (!proofTypes[typeInfo.pk]) {
-    throw new Error('Unsupported signer type when create verifiable credential');
-  }
-
-  const signature = await wallet.sign(stringify(vcObj));
-  const proof = {
-    type: proofTypes[typeInfo.pk],
-    created: issuanceDate,
-    proofPurpose: 'assertionMethod',
-    jws: toBase64(signature),
-  };
-
-  // NOTE: we should be able to verify the vc before return
-  const result = { proof, ...vcObj };
-
-  debug('create', result);
-
-  if (await verify({ vc: result, ownerDid: subject.id, trustedIssuers: [issuerDid] })) {
-    return result;
-  }
-
-  return null;
-}
-
-/**
- * Verify that the verifiable credential is valid
- *  - It is signed by a whitelist of issuers
- *  - It is owned by the vc.subject.id
- *  - It has valid signature by the issuer
- *  - It is not expired
- *
- * @param {object} vc - the verifiable credential object
- * @param {string} ownerDid - vc holder/owner did
- * @param {Array} trustedIssuers - list of issuer did
- * @throws {Error}
- * @returns {Promise<boolean>}
- */
-async function verify({ vc, ownerDid, trustedIssuers, ignoreExpired = false }) {
-  // Integrity check
-  if (!vc) {
-    throw new Error('Empty verifiable credential object');
-  }
-  if (!vc.issuer || !vc.issuer.id || !vc.issuer.pk || !isValid(vc.issuer.id)) {
-    throw new Error('Invalid verifiable credential issuer');
-  }
-  if (!vc.credentialSubject || !vc.credentialSubject.id || !isValid(vc.credentialSubject.id)) {
-    throw new Error('Invalid verifiable credential subject');
-  }
-  if (!vc.proof || !vc.proof.jws) {
-    throw new Error('Invalid verifiable credential proof');
-  }
-
-  // Verify dates
-  if (vc.issuanceDate === undefined) {
-    throw Error('Invalid verifiable credential issue date');
-  }
-  if (new Date(vc.issuanceDate).getTime() > Date.now()) {
-    throw Error('Verifiable credential has not take effect');
-  }
-
-  if (!ignoreExpired && vc.expirationDate !== undefined && new Date(vc.expirationDate).getTime() < Date.now()) {
-    throw Error('Verifiable credential has expired');
-  }
-
-  // Verify issuer
-  const issuers = Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers];
-  const issuerDid = issuers.find((x) => x === vc.issuer.id);
-  if (!issuerDid) {
-    throw new Error('Verifiable credential not issued by trusted issuers');
-  }
-  if (!isFromPublicKey(issuerDid, vc.issuer.pk)) {
-    throw new Error('Verifiable credential not issuer pk not match with issuer did');
-  }
-
-  // Verify owner
-  if (ownerDid !== vc.credentialSubject.id) {
-    throw new Error('Verifiable credential not owned by specified owner did');
-  }
-
-  // Construct the issuer wallet
-  const issuer = fromPublicKey(vc.issuer.pk, toTypeInfo(issuerDid));
-
-  // NOTE: we are ignoring other fields of the proof
-  const clone = cloneDeep(vc);
-  const signature = clone.proof.jws;
-  delete clone.proof;
-  delete clone.signature;
-
-  // Verify signature
-  if ((await issuer.verify(stringify(clone), fromBase64(signature))) !== true) {
-    throw Error('Verifiable credential signature not valid');
-  }
-
-  // TODO: support verify revoked from endpoint
-
-  return true;
-}
-
-/**
- * Verify that the Presentation is valid
- *  - It is signed by VC's owner
- *  - It contain challenge
- *  - It has valid signature by the issuer
- *  - It is not expired
- *
- * @param {object} presentation - the presentation object
- * @param {Array} trustedIssuers - list of issuer did
- * @param {String} challenge - Random byte you want
- * @throws {Error}
- * @returns {Promise<boolean>}
- */
-async function verifyPresentation({ presentation, trustedIssuers, challenge, ignoreExpired = false }) {
-  if (!presentation.challenge || challenge !== presentation.challenge) {
-    throw Error('Invalid challenge included on vc presentation');
-  }
-
-  const vcList = Array.isArray(presentation.verifiableCredential)
-    ? presentation.verifiableCredential
-    : [presentation.verifiableCredential];
-
-  const proofList = Array.isArray(presentation.proof) ? presentation.proof : [presentation.proof];
-  const clone = cloneDeep(presentation);
-  delete clone.proof;
-
-  await Promise.all(
-    vcList.map(async (vcStr) => {
-      const vcObj = JSON.parse(vcStr);
-      const proof = proofList.find((x) => isFromPublicKey(vcObj.credentialSubject.id, x.pk));
-
-      if (!proof) {
-        throw Error(`VC does not have corresponding proof: ${vcStr}`);
-      }
-
-      const signature = proof.jws;
-      const holder = fromPublicKey(fromBase58(proof.pk), toTypeInfo(vcObj.credentialSubject.id));
-      if ((await holder.verify(stringify(clone), fromBase64(signature))) !== true) {
-        throw Error('Presentation signature invalid');
-      }
-
-      await verify({ vc: vcObj, ownerDid: vcObj.credentialSubject.id, trustedIssuers, ignoreExpired });
-    })
-  );
-
-  return true;
-}
-
-async function createCredentialList({ claims, issuer, issuanceDate }) {
-  if (!claims || !Array.isArray(claims)) {
-    throw new Error('Can not create credential list with empty claim list');
-  }
-  if (!issuer || !issuer.wallet || !issuer.name) {
-    throw new Error('Can not create credential list with empty issuer name or wallet');
-  }
-  if (typeof issuer.wallet.sign !== 'function') {
-    throw new Error('Can not create credential list with invalid issuer wallet');
-  }
-
-  const { wallet, name } = issuer;
-  const issuerDid = wallet.address;
-  const typeInfo = toTypeInfo(issuerDid);
-  const vcType = { ...typeInfo, role: types.RoleType.ROLE_VC };
-
-  const issued = issuanceDate || new Date().toISOString();
-
-  const results = await Promise.all(
-    claims.map(async (x) => {
-      const vc = { claim: x };
-
-      vc.id = fromPublicKeyHash(wallet.hash(stringify(vc.claim)), vcType);
-      vc.issued = issued;
-      vc.issuer = {
-        id: issuerDid,
-        pk: toBase58(wallet.publicKey),
-        name: name || issuerDid,
-      };
-
-      const signature = await wallet.sign(stringify(vc));
-      vc.proof = {
-        type: proofTypes[typeInfo.pk],
-        created: issued,
-        proofPurpose: 'assertionMethod',
-        jws: toBase64(signature),
-      };
-
-      return vc;
-    })
-  );
-  return results;
-}
-
-async function verifyCredentialList({ credentials, trustedIssuers }) {
-  if (!credentials || !Array.isArray(credentials)) {
-    throw new Error('Can not verify with empty credentials list');
-  }
-
-  return Promise.all(
-    credentials.map(async (x) => {
-      // Verify issuer
-      const issuers = Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers];
-      const issuerDid = issuers.find((d) => d === x.issuer.id);
-      if (!issuerDid) {
-        throw new Error('Credential not issued by trusted issuers');
-      }
-      if (!isFromPublicKey(issuerDid, x.issuer.pk)) {
-        throw new Error('Credential not issuer pk not match with issuer did');
-      }
-
-      // Construct the issuer wallet
-      const issuer = fromPublicKey(x.issuer.pk, toTypeInfo(issuerDid));
-
-      // NOTE: we are ignoring other fields of the proof
-      const clone = cloneDeep(x);
-      const signature = clone.proof.jws;
-      delete clone.proof;
-
-      // Verify signature
-      if ((await issuer.verify(stringify(clone), fromBase64(signature))) !== true) {
-        throw Error('Status credential signature not valid');
-      }
-
-      return x.claim;
-    })
-  );
-}
-
-module.exports = {
-  create,
-  verify,
-  verifyPresentation,
-  stableStringify: stringify,
-  proofTypes,
-  createCredentialList,
-  verifyCredentialList,
-};