@cooperation/vc-storage 1.0.29 → 1.0.31

package/dist/models/CredentialEngine.js

@@ -6,7 +6,7 @@ import { extractKeyPairFromCredential, generateDIDSchema, generateUnsignedRecomm
 import { customDocumentLoader } from '../utils/digitalbazaar.js';
 import { saveToGoogleDrive } from '../utils/google.js';
 function delay(ms) {
-    return new Promise(resolve => setTimeout(resolve, ms));
+    return new Promise((resolve) => setTimeout(resolve, ms));
 }
 /**
  * Class representing the Credential Engine.
@@ -50,12 +50,19 @@ export class CredentialEngine {
         this.keyPair = key;
         return key;
     }
-    generateKeyPair = async (address) => {
-        const keyPair = await Ed25519VerificationKey2020.generate();
+    generateKeyPair = async (address, seed) => {
+        // Generate the key pair using the library's method
+        const keyPair = seed
+            ? await Ed25519VerificationKey2020.generate({
+                seed: Buffer.from(seed).toString('hex'),
+            })
+            : await Ed25519VerificationKey2020.generate();
+        // Configure key pair attributes
         const a = address || keyPair.publicKeyMultibase;
         keyPair.controller = `did:key:${a}`;
         keyPair.id = `${keyPair.controller}#${a}`;
         keyPair.revoked = false;
+        // The `signer` is already provided by the `Ed25519VerificationKey2020` instance
         return keyPair;
     };
     async verifyCreds(creds) {
@@ -74,11 +81,6 @@ export class CredentialEngine {
     async createDID() {
         try {
             const keyPair = await this.generateKeyPair();
-            // const keyFile = await saveToGoogleDrive({
-            // 	storage: this.storage,
-            // 	data: keyPair,
-            // 	type: 'KEYPAIR',
-            // });
             const didDocument = await generateDIDSchema(keyPair);
             return { didDocument, keyPair };
         }
@@ -242,45 +244,51 @@ export class CredentialEngine {
      * @param {string} email - The email address to create the VC for
      * @returns {Promise<{signedVC: any, fileId: string}>} The signed VC and its Google Drive file ID
      */
-    async generateAndSignEmailVC(email) {
+    async generateAndSignEmailVC(email, encodedSeed) {
         try {
-            // Try to find existing keys and DIDs
-            const existingKeys = await this.findKeysAndDIDs();
             let keyPair;
             let didDocument;
-            if (existingKeys) {
-                // Use existing keys and DID
-                keyPair = existingKeys.keyPair;
-                didDocument = existingKeys.didDocument;
+            // Require SEED from environment
+            if (!encodedSeed) {
+                throw new Error('SEED environment variable not set. Cannot generate or use any DID.');
             }
-            else {
-                // Generate new key pair and DID if none exist
-                keyPair = await this.generateKeyPair();
-                const result = await this.createDID();
-                didDocument = result.didDocument;
+            // Use deterministic keys from environment seed
+            const { getDidFromEnvSeed } = await import('../utils/decodedSeed');
+            const result = await getDidFromEnvSeed();
+            keyPair = result.keyPair;
+            didDocument = result.didDocument;
+            console.log('Using DID from environment seed:', didDocument.id);
+            // Ensure the key has proper ID and controller
+            if (!keyPair.id || !keyPair.controller) {
+                const verificationMethod = didDocument.verificationMethod?.[0] || didDocument.authentication?.[0];
+                if (verificationMethod) {
+                    keyPair.id = typeof verificationMethod === 'string' ? verificationMethod : verificationMethod.id;
+                    keyPair.controller = didDocument.id;
+                }
             }
+            console.log('Creating email VC with DID:', didDocument.id);
             // Generate unsigned email VC
             const unsignedCredential = {
                 '@context': [
                     'https://www.w3.org/2018/credentials/v1',
                     {
-                        'email': 'https://schema.org/email',
-                        'EmailCredential': {
-                            '@id': 'https://example.com/EmailCredential'
-                        }
-                    }
+                        email: 'https://schema.org/email',
+                        EmailCredential: {
+                            '@id': 'https://example.com/EmailCredential',
+                        },
+                    },
                 ],
-                'id': `urn:uuid:${uuidv4()}`,
-                'type': ['VerifiableCredential', 'EmailCredential'],
-                'issuer': {
-                    'id': didDocument.id
+                id: `urn:uuid:${uuidv4()}`,
+                type: ['VerifiableCredential', 'EmailCredential'],
+                issuer: {
+                    id: didDocument.id,
+                },
+                issuanceDate: new Date().toISOString(),
+                expirationDate: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000).toISOString(), // 1 year from now
+                credentialSubject: {
+                    id: `did:email:${email}`,
+                    email: email,
                 },
-                'issuanceDate': new Date().toISOString(),
-                'expirationDate': new Date(Date.now() + 365 * 24 * 60 * 60 * 1000).toISOString(), // 1 year from now
-                'credentialSubject': {
-                    'id': `did:email:${email}`,
-                    'email': email
-                }
             };
             // Sign the VC
             const suite = new Ed25519Signature2020({
@@ -292,14 +300,13 @@ export class CredentialEngine {
                 suite,
                 documentLoader: customDocumentLoader,
             });
-            // Get root folders
             const rootFolders = await this.storage.findFolders();
             // Find or create Credentials folder
             let credentialsFolder = rootFolders.find((f) => f.name === 'Credentials');
             if (!credentialsFolder) {
                 credentialsFolder = await this.storage.createFolder({
                     folderName: 'Credentials',
-                    parentFolderId: 'root'
+                    parentFolderId: 'root',
                 });
                 // Wait and re-check to avoid duplicates
                 await delay(1500);
@@ -314,7 +321,7 @@ export class CredentialEngine {
             if (!emailVcFolder) {
                 emailVcFolder = await this.storage.createFolder({
                     folderName: 'EMAIL_VC',
-                    parentFolderId: credentialsFolder.id
+                    parentFolderId: credentialsFolder.id,
                 });
                 // Wait and re-check to avoid duplicates
                 await delay(1500);
@@ -326,20 +333,12 @@ export class CredentialEngine {
             // Save the VC in the EMAIL_VC folder
             const file = await this.storage.saveFile({
                 data: {
-                    fileName: `${email}.vc`,
+                    fileName: `${email}`,
                     mimeType: 'application/json',
-                    body: signedVC
+                    body: signedVC,
                 },
-                folderId: emailVcFolder.id
+                folderId: emailVcFolder.id,
             });
-            // Only save key pair if it's new
-            if (!existingKeys) {
-                await saveToGoogleDrive({
-                    storage: this.storage,
-                    data: keyPair,
-                    type: 'KEYPAIR',
-                });
-            }
             return { signedVC, fileId: file.id };
         }
         catch (error) {

package/dist/tests/email.test.js

@@ -0,0 +1,31 @@
+import { CredentialEngine } from '../models/CredentialEngine.js';
+import { GoogleDriveStorage } from '../models/GoogleDriveStorage.js';
+async function testEmailVC() {
+    try {
+        // Get Google Drive access token from environment
+        const accessToken = 'your access token';
+        // Initialize storage and engine
+        const storage = new GoogleDriveStorage(accessToken);
+        const engine = new CredentialEngine(storage);
+        // Test email
+        const testEmail = 'test@example.com';
+        console.log('Starting email VC generation test...');
+        console.log('Test email:', testEmail);
+        // Generate and sign the email VC
+        const result = await engine.generateAndSignEmailVC(testEmail);
+        console.log('\nTest Results:');
+        console.log('-------------');
+        console.log('File ID:', result.fileId);
+        console.log('Signed VC:', JSON.stringify(result.signedVC, null, 2));
+        // Test retrieving the VC from storage
+        console.log('\nRetrieving VC from storage...');
+        const retrievedVC = await storage.retrieve(result.fileId);
+        console.log('Retrieved VC:', retrievedVC ? 'Success' : 'Failed');
+        console.log('\nTest completed successfully!');
+    }
+    catch (error) {
+        console.error('Test failed:', error);
+    }
+}
+// Run the test
+testEmailVC().catch(console.error);

package/dist/tests/seed.test.js

@@ -0,0 +1,75 @@
+// @ts-nocheck
+import { decodeSecretKeySeed } from 'bnid';
+import { Ed25519VerificationKey2020 } from '@digitalbazaar/ed25519-verification-key-2020';
+import { driver as keyDriver } from '@digitalbazaar/did-method-key';
+import { CryptoLD } from 'crypto-ld';
+// EXACT SAME SETUP AS YOUR WORKING SCRIPT
+const cryptoLd = new CryptoLD();
+cryptoLd.use(Ed25519VerificationKey2020);
+// Reference decodeSeed implementation
+const decodeSeed = async (secretKeySeed) => {
+    let secretKeySeedBytes;
+    if (secretKeySeed.startsWith('z')) {
+        secretKeySeedBytes = decodeSecretKeySeed({ secretKeySeed });
+    }
+    else if (secretKeySeed.length >= 32) {
+        secretKeySeedBytes = new TextEncoder().encode(secretKeySeed).slice(0, 32);
+    }
+    else {
+        throw TypeError('"secretKeySeed" must be at least 32 bytes, preferably multibase-encoded.');
+    }
+    return secretKeySeedBytes;
+};
+// EXACT SAME FUNCTION AS YOUR WORKING generateSeed BUT WITH PREDEFINED SEEDS
+async function testGenerateSeed(encodedSeed) {
+    const seed = await decodeSeed(encodedSeed);
+    let didDocument;
+    // EXACT SAME CODE AS YOUR WORKING SCRIPT
+    const didKeyDriver = keyDriver();
+    didKeyDriver.use({
+        multibaseMultikeyHeader: 'z6Mk',
+        fromMultibase: Ed25519VerificationKey2020.from,
+    });
+    const verificationKeyPair = await Ed25519VerificationKey2020.generate({
+        seed,
+    });
+    ({ didDocument } = await didKeyDriver.fromKeyPair({ verificationKeyPair }));
+    const did = didDocument.id;
+    return { seed: encodedSeed, decodedSeed: seed, did, didDocument, publicKey: verificationKeyPair.publicKeyMultibase };
+}
+// Test with different seeds
+async function testDifferentSeeds() {
+    console.log('Testing different seeds with EXACT working script approach:\n');
+    const testSeeds = [
+        'z1AjjnVSNmZot5TJcgtFYhn83WASAcphrqgE95AQ436hrGR',
+        'z1AibHGc5Zek2kvdSyC22xGLZCvV7b77KWBFWiQmZGnD6rV',
+        'z1AgfwVqaN3zX1kw2iTvLLekCbXNRJA7XbiFZCQv9TfgKCT',
+    ];
+    const results = [];
+    for (const testSeed of testSeeds) {
+        console.log(`Testing seed: ${testSeed}`);
+        console.log(`Decoded hex: ${Buffer.from(await decodeSeed(testSeed)).toString('hex')}`);
+        try {
+            const result = await testGenerateSeed(testSeed);
+            console.log(`Generated DID: ${result.did}`);
+            console.log(`Public key: ${result.publicKey}`);
+            results.push(result);
+        }
+        catch (error) {
+            console.error(`Error: ${error.message}`);
+        }
+        console.log('---');
+    }
+    console.log('\nResults:');
+    const uniqueDids = new Set(results.map((r) => r.did));
+    const uniqueKeys = new Set(results.map((r) => r.publicKey));
+    console.log(`Total results: ${results.length}`);
+    console.log(`Unique DIDs: ${uniqueDids.size}`);
+    console.log(`Unique public keys: ${uniqueKeys.size}`);
+    console.log(`Expected unique: ${testSeeds.length}`);
+    console.log(`Success: ${uniqueDids.size === testSeeds.length ? '✓ YES' : '✗ NO'}`);
+    results.forEach((result, i) => {
+        console.log(`${i + 1}. ${result.seed} -> ${result.did}`);
+    });
+}
+testDifferentSeeds().catch(console.error);

package/dist/types/tests/email.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/types/tests/seed.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/types/utils/decodedSeed.d.ts

@@ -0,0 +1,18 @@
+export declare function decodeSeed(encodedSeed: string): Promise<Uint8Array>;
+export declare const getDidFromEnvSeed: () => Promise<{
+    keyPair: any;
+    didDocument: {
+        '@context': string[];
+        id: string;
+        verificationMethod: {
+            id: string;
+            type: string;
+            controller: string;
+            publicKeyMultibase: any;
+        }[];
+        authentication: string[];
+        assertionMethod: string[];
+        capabilityDelegation: string[];
+        capabilityInvocation: string[];
+    };
+}>;

package/dist/utils/decodedSeed.js

@@ -0,0 +1,77 @@
+import { Ed25519VerificationKey2020 } from '@digitalbazaar/ed25519-verification-key-2020';
+import { base58btc } from 'multiformats/bases/base58';
+export async function decodeSeed(encodedSeed) {
+    try {
+        // Ensure the seed has the 'z' prefix
+        const seedWithPrefix = encodedSeed.startsWith('z') ? encodedSeed : `z${encodedSeed}`;
+        // Decode the entire string including the prefix
+        const decoded = base58btc.decode(seedWithPrefix);
+        // The decoded data includes a multicodec header (2 bytes: 0x00 0x20)
+        // We need to remove this header to get the actual 32-byte seed
+        if (decoded.length === 34 && decoded[0] === 0x00 && decoded[1] === 0x20) {
+            // Skip the first 2 bytes to get the actual seed
+            const seed = new Uint8Array(decoded.slice(2));
+            console.log('Decoded seed (removed 2-byte header):', Buffer.from(seed).toString('hex'));
+            return seed;
+        }
+        // If it's already 32 bytes, return as is
+        if (decoded.length === 32) {
+            console.log('Decoded seed (already 32 bytes):', Buffer.from(decoded).toString('hex'));
+            return new Uint8Array(decoded);
+        }
+        throw new Error(`Invalid seed length: ${decoded.length} bytes (expected 32 bytes after removing any headers)`);
+    }
+    catch (error) {
+        console.error('Error decoding seed:', error);
+        throw error;
+    }
+}
+export const getDidFromEnvSeed = async () => {
+    // Get seed from environment variable
+    const encodedSeed = process.env.SEED;
+    if (!encodedSeed) {
+        throw new Error('SEED environment variable not set');
+    }
+    console.log('Using seed from environment:', encodedSeed);
+    // Decode the seed (this will remove the 2-byte header if present)
+    const seed = await decodeSeed(encodedSeed);
+    console.log('Decoded seed length:', seed.length);
+    // Create key pair from seed
+    const verificationKeyPair = await Ed25519VerificationKey2020.generate({
+        seed: seed,
+        type: 'Ed25519VerificationKey2020',
+    });
+    console.log('Generated public key:', verificationKeyPair.publicKeyMultibase);
+    // Create DID manually to avoid key agreement issues
+    const fingerprint = verificationKeyPair.fingerprint();
+    const did = `did:key:${fingerprint}`;
+    // Create a proper DID document
+    const didDocument = {
+        '@context': [
+            'https://www.w3.org/ns/did/v1',
+            'https://w3id.org/security/suites/ed25519-2020/v1',
+            'https://w3id.org/security/suites/x25519-2020/v1',
+        ],
+        id: did,
+        verificationMethod: [
+            {
+                id: `${did}#${fingerprint}`,
+                type: 'Ed25519VerificationKey2020',
+                controller: did,
+                publicKeyMultibase: verificationKeyPair.publicKeyMultibase,
+            },
+        ],
+        authentication: [`${did}#${fingerprint}`],
+        assertionMethod: [`${did}#${fingerprint}`],
+        capabilityDelegation: [`${did}#${fingerprint}`],
+        capabilityInvocation: [`${did}#${fingerprint}`],
+    };
+    // Set the key ID and controller on the key pair
+    verificationKeyPair.id = `${did}#${fingerprint}`;
+    verificationKeyPair.controller = did;
+    console.log('Generated DID:', did);
+    return {
+        keyPair: verificationKeyPair,
+        didDocument,
+    };
+};

package/package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@cooperation/vc-storage",
 	"type": "module",
-	"version": "1.0.29",
+	"version": "1.0.31",
 	"description": "Sign and store your verifiable credentials.",
 	"main": "dist/index.js",
 	"types": "dist/types/index.d.ts",
@@ -17,12 +17,16 @@
 	"license": "ISC",
 	"dependencies": {
 		"@digitalbazaar/did-method-key": "^5.2.0",
-		"@digitalbazaar/ed25519-signature-2020": "^5.3.0",
+		"@digitalbazaar/ed25519-signature-2020": "^5.4.0",
 		"@digitalbazaar/ed25519-verification-key-2020": "^4.1.0",
 		"@digitalbazaar/vc": "^6.3.0",
+		"add": "^2.0.6",
+		"bnid": "^3.0.0",
 		"crypto-js": "^4.2.0",
+		"crypto-ld": "^7.0.0",
 		"ethers": "^6.13.2",
 		"jest": "^29.7.0",
+		"multiformats": "^13.3.6",
 		"ts-jest": "^29.2.5",
 		"ts-node": "^10.9.2",
 		"tsc": "^2.0.4",