@credo-ts/core 0.6.1-alpha-20251205125423 → 0.6.1-alpha-20251208081705

package/build/index.d.mts

@@ -51,7 +51,7 @@ import { DocumentLoader, Proof } from "./modules/vc/data-integrity/jsonldUtil.mj
 import { vcLibraries } from "./modules/vc/data-integrity/libraries/index.mjs";
 import { DifPresentationExchangeError } from "./modules/dif-presentation-exchange/DifPresentationExchangeError.mjs";
 import { DifPresentationExchangeModule } from "./modules/dif-presentation-exchange/DifPresentationExchangeModule.mjs";
-import { CredentialMultiInstanceState, CredentialMultiInstanceUseMode } from "./utils/credentialUseTypes.mjs";
+import { CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredentialMultiInstanceUseUpdateMode } from "./utils/credentialUseTypes.mjs";
 import { IDisclosureFrame, IPresentationFrame, SdJwtVcHeader, SdJwtVcHolderBinding, SdJwtVcHolderDidBinding, SdJwtVcHolderJwkBinding, SdJwtVcIssuer, SdJwtVcIssuerDid, SdJwtVcIssuerX5c, SdJwtVcPayload, SdJwtVcPresentOptions, SdJwtVcSignOptions, SdJwtVcStoreOptions, SdJwtVcVerifyOptions } from "./modules/sd-jwt-vc/SdJwtVcOptions.mjs";
 import { SdJwtVcTypeMetadata, SdJwtVcTypeMetadataClaim, SdJwtVcTypeMetadataDisplay, SdJwtVcTypeMetadataRenderingMethodSimple, SdJwtVcTypeMetadataRenderingMethodSvgTemplate } from "./modules/sd-jwt-vc/typeMetadata.mjs";
 import { SdJwtVc, SdJwtVcService, VerificationResult } from "./modules/sd-jwt-vc/SdJwtVcService.mjs";
@@ -233,6 +233,7 @@ import "./agent/index.mjs";
 import { Agent } from "./agent/Agent.mjs";
 import { InjectionSymbols } from "./constants.mjs";
 import { DcqlError } from "./modules/dcql/DcqlError.mjs";
+import { UseInstanceFromCredentialRecordOptions, UseInstanceFromCredentialRecordReturn, canUseInstanceFromCredentialRecord, useInstanceFromCredentialRecord } from "./utils/credentialUse.mjs";
 import { DcqlCredentialsForRequest } from "./modules/dcql/models/DcqlCredentialsForRequest.mjs";
 import { DcqlCredential, DcqlEncodedPresentations, DcqlEncodedPresentationsEntry, DcqlFailedCredential, DcqlMatchWithRecord, DcqlMdocCredential, DcqlPresentation, DcqlPresentationResult, DcqlQuery, DcqlQueryResult, DcqlSdJwtVcCredential, DcqlValidCredential, DcqlW3cVcCredential } from "./modules/dcql/models/index.mjs";
 import { DcqlSelectCredentialsForRequestOptions, DcqlService } from "./modules/dcql/DcqlService.mjs";
@@ -269,5 +270,5 @@ declare const utils: {
   addSecondsToDate: typeof addSecondsToDate;
 };
 //#endregion
-export { ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE, Agent, type AgentApi, AgentConfig, AgentContext, AgentContextProvider, type AgentDependencies, AnonCredsDataIntegrityServiceSymbol, AnoncredsDataIntegrityCreatePresentation, AnoncredsDataIntegrityVerifyPresentation, type AnyUint8Array, ApiModule, BaseAgent, BaseEvent, BaseLogger, type BaseName, BaseRecord, BaseRecordAny, type BaseRecordConstructor, Buffer, CREDENTIALS_CONTEXT_V1_URL, CREDENTIALS_CONTEXT_V2_URL, CREDENTIALS_ISSUER_URL, Cache, CacheModule, CacheModuleConfig, CacheModuleOptions, CachedStorageService, type CanBePromise, ClaimFormat, ClassValidationError, ConsoleLogger, type Constructable, type Constructor, ContentType, CredentialIssuancePurpose, CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredoError, CredoWebCrypto, CredoWebCryptoKey, CustomDidTags, CustomW3cCredentialTags, DID_V1_CONTEXT_URL, DataIntegrityProof, DataIntegrityProofOptions, DateOnly, DateTransformer, DcqlCredential, DcqlCredentialsForRequest, DcqlEncodedPresentations, DcqlEncodedPresentationsEntry, DcqlError, DcqlFailedCredential, DcqlJwtVpPresentationToCreate, DcqlJwtW3cVpPresentationToCreate, DcqlLdpVpPresentationToCreate, DcqlMatchWithRecord, DcqlMdocCredential, DcqlMdocPresentationToCreate, DcqlModule, DcqlPresentation, DcqlPresentationResult, DcqlPresentationsToCreate, DcqlQuery, DcqlQueryResult, DcqlSdJwtVcCredential, DcqlSdJwtVcPresentationToCreate, DcqlSdJwtW3cVpPresentationToCreate, DcqlSelectCredentialsForRequestOptions, DcqlService, DcqlValidCredential, DcqlW3cVcCredential, DefaultAgentContextProvider, type DefaultAgentModules, DefaultMdocRecordTags, DefaultSdJwtVcRecordTags, DefaultW3cCredentialTags, DefaultW3cV2CredentialTags, DependencyManager, DidCommV1Service, LegacyDidCommV2Service as DidCommV2Service, LegacyDidCommV2ServiceOptions as DidCommV2ServiceOptions, DidCreateOptions, DidCreateResult, DidDeactivateOptions, DidDeactivateResult, DidDocument, DidDocumentBuilder, DidDocumentKey, DidDocumentMetadata, DidDocumentOperation, DidDocumentRole, DidDocumentService, DidJwk, DidKey, DidOperationStateActionBase, DidOperationStateFailed, DidOperationStateFinished, DidOperationStateWait, DidPurpose, DidRecord, DidRecordMetadataKeys, DidRecordProps, DidRegistrar, DidRegistrarService, DidRegistrationExtraOptions, DidRegistrationMetadata, DidRegistrationSecretOptions, DidRepository, DidResolutionMetadata, DidResolutionOptions, DidResolutionResult, DidResolver, DidResolverService, DidUpdateOptions, DidUpdateResult, DidsApi, DidsModule, DidsModuleConfig, DidsModuleConfigOptions, DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, DifPexPresentationWithDescriptor, DifPresentationExchangeDefinition, DifPresentationExchangeDefinitionV1, DifPresentationExchangeDefinitionV2, DifPresentationExchangeError, DifPresentationExchangeModule, DifPresentationExchangeService, DifPresentationExchangeSubmission, PresentationSubmissionLocation as DifPresentationExchangeSubmissionLocation, DocumentLoader, type DownloadToFileOptions, ENVELOPED_VERIFIABLE_CREDENTIAL_TYPE, ENVELOPED_VERIFIABLE_PRESENTATION_TYPE, EXPANDED_TYPE_CREDENTIALS_CONTEXT_V1_VC_TYPE, Ed25519Signature2018, Ed25519Signature2020, type EmptyModuleMap, EncodedX509Certificate, EventEmitter, EventMetadata, type FileSystem, GenericRecord, GenericRecordStorageProps, GenericRecordTags, GenericRecordsApi, GenericRecordsModule, HashName, Hasher, IAnonCredsDataIntegrityService, IDisclosureFrame, IPresentationFrame, ImportDidOptions, InMemoryLruCache, InMemoryLruCacheOptions, IndyAgentService, type InitConfig, InjectionSymbols, InjectionToken, IsEnvelopedVerifiableCredentialType, IsEnvelopedVerifiablePresentationType, IsStringOrInstance, IsStringOrInstanceOrArrayOfInstances, IsStringOrStringArray, IsStringOrVerificationMethod, IsUri, IsW3cCredentialSubject, IsW3cIssuer, IsW3cV2Issuer, type JsonArray, JsonEncoder, type JsonObject, JsonTransformer, type JsonValue, JwkDidCreateOptions, JwkDidDeactivateOptions, JwkDidRegistrar, JwkDidResolver, JwkDidUpdateOptions, JwsDetachedFormat, JwsFlattenedDetachedFormat, JwsGeneralFormat, JwsLinkedDataSignature, JwsLinkedDataSignatureOptions, JwsProtectedHeaderOptions, JwsService, JwsSigner, JwsSignerDid, JwsSignerJwk, JwsSignerWithJwk, JwsSignerX5c, Jwt, JwtPayload, JwtPayloadJson, JwtPayloadOptions, KeyDidCreateOptions, KeyDidDeactivateOptions, KeyDidRegistrar, KeyDidResolver, KeyDidUpdateOptions, KeyGenAlgorithm, KeySignParams, index_d_exports as Kms, LdKeyPair, LdKeyPairOptions, LogLevel, Logger, Mdoc, MdocApi, MdocDeviceResponse, MdocDeviceResponseOptions, MdocDeviceResponsePresentationDefinitionOptions, MdocDeviceResponseVerifyOptions, MdocDocumentRequest, MdocError, MdocModule, MdocNameSpaces, MdocOpenId4VpDcApiDraft24SessionTranscriptOptions, MdocOpenId4VpDcApiSessionTranscriptOptions, MdocOpenId4VpDraft18SessionTranscriptOptions, MdocOpenId4VpSessionTranscriptOptions, MdocRecord, MdocRecordInstances, MdocRecordStorageProps, MdocRepository, MdocService, MdocSessionTranscriptByteOptions, MdocSessionTranscriptOptions, MdocSignOptions, MdocStoreOptions, MdocSupportedSignatureAlgorithm, MdocVerifyOptions, MessageValidator, Metadata, type MetadataBase, Module, type ModulesMap, MultiBaseEncoder, MultiHashEncoder, DidCommV2Service as NewDidCommV2Service, DidCommV2ServiceEndpoint as NewDidCommV2ServiceEndpoint, DidCommV2ServiceEndpointOptions as NewDidCommV2ServiceEndpointOptions, type NonEmptyArray, type Optional, ParsedDid, PeerDidCreateOptions, PeerDidDeactivateOptions, PeerDidNumAlgo, PeerDidNumAlgo0CreateOptions, PeerDidNumAlgo1CreateOptions, PeerDidNumAlgo2CreateOptions, PeerDidNumAlgo4CreateOptions, PeerDidRegistrar, PeerDidResolver, PeerDidUpdateOptions, Proof, ProofPurpose, type Query, type QueryOptions, RecordDeletedEvent, RecordDuplicateError, RecordNotFoundError, RecordSavedEvent, RecordTags, RecordUpdatedEvent, Repository, RepositoryEventTypes, type ResolvedDidCommService, SECURITY_CONTEXT_SECP256k1_URL, SECURITY_CONTEXT_URL, SECURITY_CONTEXT_V1_URL, SECURITY_CONTEXT_V2_URL, SECURITY_CONTEXT_V3_URL, SECURITY_JWS_CONTEXT_URL, SECURITY_PROOF_URL, SECURITY_SIGNATURE_URL, SECURITY_X25519_CONTEXT_URL, SaveGenericRecordOption, SdJwtVc, SdJwtVcApi, SdJwtVcError, SdJwtVcHeader, SdJwtVcHolderBinding, SdJwtVcHolderDidBinding, SdJwtVcHolderJwkBinding, SdJwtVcIssuer, SdJwtVcIssuerDid, SdJwtVcIssuerX5c, SdJwtVcModule, SdJwtVcPayload, SdJwtVcPresentOptions, SdJwtVcRecord, SdJwtVcRecordInstances, SdJwtVcRecordStorageProps, SdJwtVcRepository, SdJwtVcService, SdJwtVcSignOptions, SdJwtVcStoreOptions, SdJwtVcTypeMetadata, SdJwtVcTypeMetadataClaim, SdJwtVcTypeMetadataDisplay, SdJwtVcTypeMetadataRenderingMethodSimple, SdJwtVcTypeMetadataRenderingMethodSvgTemplate, SdJwtVcVerifyOptions, ServiceTransformer, Sha1, Sha256, Sha384, Sha512, SignatureSuiteRegistry, SignatureSuiteToken, type SimpleQuery, SingleContextLruCacheItem, SingleContextLruCacheRecord, SingleContextStorageLruCache, SingleContextStorageLruCacheOptions, type SingleOrArray, SingleValidationResult, type StorageService, StorageUpdateService, StorageVersionRecord, StorageVersionRecordProps, StorageVersionRepository, SubmissionEntryCredential, SuiteInfo, TagValue, Tags, TagsBase, TypedArrayEncoder, type Uint8ArrayBuffer, type UnionToIntersection, Update, UpdateAssistant, UpdateAssistantUpdateOptions, type UpdateConfig, type V0_1ToV0_2UpdateConfig, VERIFIABLE_CREDENTIAL_TYPE, VERIFIABLE_PRESENTATION_TYPE, VERIFICATION_METHOD_TYPE_ECDSA_SECP256K1_VERIFICATION_KEY_2019, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2020, VERIFICATION_METHOD_TYPE_JSON_WEB_KEY_2020, VERIFICATION_METHOD_TYPE_MULTIKEY, VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019, VerifiableCredential, VerifiablePresentation, VerificationMethod, VerificationMethodTransformer, VerificationResult, type VersionString, W3cCreatePresentationOptions, W3cCredential, W3cCredentialOptions, W3cCredentialRecord, W3cCredentialRecordInstances, W3cCredentialRecordOptions, W3cCredentialRepository, W3cCredentialSchema, W3cCredentialSchemaOptions, W3cCredentialService, W3cCredentialStatus, W3cCredentialStatusOptions, W3cCredentialSubject, W3cCredentialSubjectOptions, W3cCredentialSubjectTransformer, W3cCredentialsApi, W3cCredentialsModule, W3cCredentialsModuleConfig, W3cCredentialsModuleConfigOptions, W3cIssuer, W3cIssuerOptions, W3cIssuerTransformer, W3cJsonCredential, W3cJsonLdCredentialService, W3cJsonLdDeriveProofOptions, W3cJsonLdSignCredentialOptions, W3cJsonLdSignPresentationOptions, W3cJsonLdVerifiableCredential, W3cJsonLdVerifiableCredentialOptions, W3cJsonLdVerifiablePresentation, W3cJsonLdVerifiablePresentationOptions, W3cJsonLdVerifyCredentialOptions, W3cJsonLdVerifyPresentationOptions, W3cJsonPresentation, W3cJwtCredentialService, W3cJwtSignCredentialOptions, W3cJwtSignPresentationOptions, W3cJwtVerifiableCredential, W3cJwtVerifiableCredentialOptions, W3cJwtVerifiablePresentation, W3cJwtVerifiablePresentationOptions, W3cJwtVerifyCredentialOptions, W3cJwtVerifyPresentationOptions, W3cPresentation, W3cPresentationOptions, W3cSignCredentialOptions, W3cSignPresentationOptions, W3cStoreCredentialOptions, W3cV2Credential, W3cV2CredentialOptions, W3cV2CredentialRecord, W3cV2CredentialRecordInstances, W3cV2CredentialRecordOptions, W3cV2CredentialRepository, W3cV2CredentialSchema, W3cV2CredentialSchemaOptions, W3cV2CredentialService, W3cV2CredentialStatus, W3cV2CredentialStatusOptions, W3cV2CredentialSubject, W3cV2CredentialSubjectOptions, W3cV2CredentialsApi, W3cV2CredentialsModule, W3cV2EnvelopedVerifiableCredential, W3cV2EnvelopedVerifiableCredentialOptions, W3cV2EnvelopedVerifiableCredentialTransformer, W3cV2EnvelopedVerifiablePresentation, W3cV2EnvelopedVerifiablePresentationOptions, W3cV2Evidence, W3cV2EvidenceOptions, W3cV2Issuer, W3cV2IssuerOptions, W3cV2IssuerTransformer, W3cV2JsonCredential, W3cV2JsonLocalizedValue, W3cV2JsonPresentation, W3cV2JwtCredentialService, W3cV2JwtSignCredentialOptions, W3cV2JwtSignPresentationOptions, W3cV2JwtVerifiableCredential, W3cV2JwtVerifiableCredentialOptions, W3cV2JwtVerifiablePresentation, W3cV2JwtVerifiablePresentationOptions, W3cV2JwtVerifyCredentialOptions, W3cV2JwtVerifyPresentationOptions, W3cV2LocalizedValue, W3cV2LocalizedValueOptions, W3cV2LocalizedValueTransformer, W3cV2Presentation, W3cV2PresentationOptions, W3cV2RefreshService, W3cV2RefreshServiceOptions, W3cV2SdJwt, W3cV2SdJwtCredentialService, W3cV2SdJwtHeader, W3cV2SdJwtPayload, W3cV2SdJwtSignCredentialOptions, W3cV2SdJwtSignPresentationOptions, W3cV2SdJwtVcPresentOptions, W3cV2SdJwtVerifiableCredential, W3cV2SdJwtVerifiableCredentialOptions, W3cV2SdJwtVerifiablePresentation, W3cV2SdJwtVerifiablePresentationOptions, W3cV2SdJwtVerifyCredentialOptions, W3cV2SdJwtVerifyPresentationOptions, W3cV2SignCredentialOptions, W3cV2SignPresentationOptions, W3cV2StoreCredentialOptions, W3cV2TermsOfUse, W3cV2TermsOfUseOptions, W3cV2VerifiableCredential, W3cV2VerifiableCredentialOptions, W3cV2VerifiableCredentialTransformer, W3cV2VerifyCredentialOptions, W3cV2VerifyCredentialResult, W3cV2VerifyPresentationOptions, W3cV2VerifyPresentationResult, W3cVerifiableCredential, W3cVerifiableCredentialTransformer, W3cVerifiablePresentation, W3cVerifyCredentialOptions, W3cVerifyCredentialResult, W3cVerifyPresentationOptions, W3cVerifyPresentationResult, WebDidResolver, X509Api, X509Certificate, X509CertificateExtensionsOptions, X509CertificateIssuerAndSubjectOptions, X509CertificateOptions, X509CreateCertificateChainOptions, X509CreateCertificateOptions, X509Error, X509ExtendedKeyUsage, X509GetLeafCertificateOptions, X509KeyUsage, X509Module, X509ModuleConfig, X509ModuleConfigOptions, X509ParseCertificateOptions, X509Service, X509ValidateCertificateChainOptions, X509VerificationContext, X509VerificationTypeCredential, X509VerificationTypeOauth2ClientAttestation, X509VerificationTypeOauth2SecuredAuthorizationRequest, X509VerificationTypeOpenId4VciCredentialIssuerMetadata, X509VerificationTypeOpenId4VciKeyAttestation, type XOR, ZodValidationError, asArray, base64ToBase64URL, convertName, convertPublicKeyToX25519, createAuthorityKeyIdentifierExtension, createBasicConstraintsExtension, createCrlDistributionPointsExtension, createExtendedKeyUsagesExtension, createIssuerAlternativeNameExtension, createKeyUsagesExtension, createPeerDidDocumentFromServices, createSubjectAlternativeNameExtension, createSubjectKeyIdentifierExtension, dcqlGetPresentationsToCreate, decodeSdJwt, deepEquality, deriveProof, didDocumentJsonToNumAlgo1Did, didDocumentToNumAlgo2Did, didDocumentToNumAlgo4Did, didKeyToEd25519PublicJwk, didKeyToVerkey, equalsIgnoreOrder, equalsWithOrder, extractPresentationsWithDescriptorsFromSubmission, extractX509CertificatesFromJwt, filterContextCorrelationId, findMatchingEd25519Key, findVerificationMethodByKeyType, getAlternativeDidsForPeerDid, getApiForModuleByName, getDirFromFilePath, getDomainFromUrl, getEcdsaSecp256k1VerificationKey2019, getEd25519VerificationKey2018, getEd25519VerificationKey2020, getJsonWebKey2020, getKmsKeyIdForVerifiacationMethod, getMultikey, getNumAlgoFromPeerDid, getPublicJwkFromEcdsaSecp256k1VerificationKey2019, getPublicJwkFromEd25519VerificationKey2018, getPublicJwkFromEd25519VerificationKey2020, getPublicJwkFromJsonWebKey2020, getPublicJwkFromMultikey, getPublicJwkFromVerificationMethod, getPublicJwkFrommX25519KeyAgreementKey2019, getRegisteredModuleByInstance, getRegisteredModuleByName, getX25519KeyAgreementKey2019, inject, injectAll, injectable, isDid, isDidKey, isEcdsaSecp256k1VerificationKey2019, isEd25519VerificationKey2018, isEd25519VerificationKey2020, isJsonObject, isJsonWebKey2020, isMdocSupportedSignatureAlgorithm, isMultikey, isNonEmptyArray, isStorageUpToDate, isValidPeerDid, isX25519KeyAgreementKey2019, joinUriParts, keyDidEd25519, keyDidX25519, mapNonEmptyArray, parseDid, publicJwkToCryptoKeyAlgorithm, replaceError, sdJwtVcHasher, serviceTypes, tryParseDid, utils, vcLibraries, verkeyToDidKey, verkeyToPublicJwk, w3cDate };
+export { ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE, Agent, type AgentApi, AgentConfig, AgentContext, AgentContextProvider, type AgentDependencies, AnonCredsDataIntegrityServiceSymbol, AnoncredsDataIntegrityCreatePresentation, AnoncredsDataIntegrityVerifyPresentation, type AnyUint8Array, ApiModule, BaseAgent, BaseEvent, BaseLogger, type BaseName, BaseRecord, BaseRecordAny, type BaseRecordConstructor, Buffer, CREDENTIALS_CONTEXT_V1_URL, CREDENTIALS_CONTEXT_V2_URL, CREDENTIALS_ISSUER_URL, Cache, CacheModule, CacheModuleConfig, CacheModuleOptions, CachedStorageService, type CanBePromise, ClaimFormat, ClassValidationError, ConsoleLogger, type Constructable, type Constructor, ContentType, CredentialIssuancePurpose, CredentialMultiInstanceState, CredentialMultiInstanceUseMode, type CredentialMultiInstanceUseUpdateMode, CredoError, CredoWebCrypto, CredoWebCryptoKey, CustomDidTags, CustomW3cCredentialTags, DID_V1_CONTEXT_URL, DataIntegrityProof, DataIntegrityProofOptions, DateOnly, DateTransformer, DcqlCredential, DcqlCredentialsForRequest, DcqlEncodedPresentations, DcqlEncodedPresentationsEntry, DcqlError, DcqlFailedCredential, DcqlJwtVpPresentationToCreate, DcqlJwtW3cVpPresentationToCreate, DcqlLdpVpPresentationToCreate, DcqlMatchWithRecord, DcqlMdocCredential, DcqlMdocPresentationToCreate, DcqlModule, DcqlPresentation, DcqlPresentationResult, DcqlPresentationsToCreate, DcqlQuery, DcqlQueryResult, DcqlSdJwtVcCredential, DcqlSdJwtVcPresentationToCreate, DcqlSdJwtW3cVpPresentationToCreate, DcqlSelectCredentialsForRequestOptions, DcqlService, DcqlValidCredential, DcqlW3cVcCredential, DefaultAgentContextProvider, type DefaultAgentModules, DefaultMdocRecordTags, DefaultSdJwtVcRecordTags, DefaultW3cCredentialTags, DefaultW3cV2CredentialTags, DependencyManager, DidCommV1Service, LegacyDidCommV2Service as DidCommV2Service, LegacyDidCommV2ServiceOptions as DidCommV2ServiceOptions, DidCreateOptions, DidCreateResult, DidDeactivateOptions, DidDeactivateResult, DidDocument, DidDocumentBuilder, DidDocumentKey, DidDocumentMetadata, DidDocumentOperation, DidDocumentRole, DidDocumentService, DidJwk, DidKey, DidOperationStateActionBase, DidOperationStateFailed, DidOperationStateFinished, DidOperationStateWait, DidPurpose, DidRecord, DidRecordMetadataKeys, DidRecordProps, DidRegistrar, DidRegistrarService, DidRegistrationExtraOptions, DidRegistrationMetadata, DidRegistrationSecretOptions, DidRepository, DidResolutionMetadata, DidResolutionOptions, DidResolutionResult, DidResolver, DidResolverService, DidUpdateOptions, DidUpdateResult, DidsApi, DidsModule, DidsModuleConfig, DidsModuleConfigOptions, DifPexCredentialsForRequest, DifPexCredentialsForRequestRequirement, DifPexCredentialsForRequestSubmissionEntry, DifPexInputDescriptorToCredentials, DifPexPresentationWithDescriptor, DifPresentationExchangeDefinition, DifPresentationExchangeDefinitionV1, DifPresentationExchangeDefinitionV2, DifPresentationExchangeError, DifPresentationExchangeModule, DifPresentationExchangeService, DifPresentationExchangeSubmission, PresentationSubmissionLocation as DifPresentationExchangeSubmissionLocation, DocumentLoader, type DownloadToFileOptions, ENVELOPED_VERIFIABLE_CREDENTIAL_TYPE, ENVELOPED_VERIFIABLE_PRESENTATION_TYPE, EXPANDED_TYPE_CREDENTIALS_CONTEXT_V1_VC_TYPE, Ed25519Signature2018, Ed25519Signature2020, type EmptyModuleMap, EncodedX509Certificate, EventEmitter, EventMetadata, type FileSystem, GenericRecord, GenericRecordStorageProps, GenericRecordTags, GenericRecordsApi, GenericRecordsModule, HashName, Hasher, IAnonCredsDataIntegrityService, IDisclosureFrame, IPresentationFrame, ImportDidOptions, InMemoryLruCache, InMemoryLruCacheOptions, IndyAgentService, type InitConfig, InjectionSymbols, InjectionToken, IsEnvelopedVerifiableCredentialType, IsEnvelopedVerifiablePresentationType, IsStringOrInstance, IsStringOrInstanceOrArrayOfInstances, IsStringOrStringArray, IsStringOrVerificationMethod, IsUri, IsW3cCredentialSubject, IsW3cIssuer, IsW3cV2Issuer, type JsonArray, JsonEncoder, type JsonObject, JsonTransformer, type JsonValue, JwkDidCreateOptions, JwkDidDeactivateOptions, JwkDidRegistrar, JwkDidResolver, JwkDidUpdateOptions, JwsDetachedFormat, JwsFlattenedDetachedFormat, JwsGeneralFormat, JwsLinkedDataSignature, JwsLinkedDataSignatureOptions, JwsProtectedHeaderOptions, JwsService, JwsSigner, JwsSignerDid, JwsSignerJwk, JwsSignerWithJwk, JwsSignerX5c, Jwt, JwtPayload, JwtPayloadJson, JwtPayloadOptions, KeyDidCreateOptions, KeyDidDeactivateOptions, KeyDidRegistrar, KeyDidResolver, KeyDidUpdateOptions, KeyGenAlgorithm, KeySignParams, index_d_exports as Kms, LdKeyPair, LdKeyPairOptions, LogLevel, Logger, Mdoc, MdocApi, MdocDeviceResponse, MdocDeviceResponseOptions, MdocDeviceResponsePresentationDefinitionOptions, MdocDeviceResponseVerifyOptions, MdocDocumentRequest, MdocError, MdocModule, MdocNameSpaces, MdocOpenId4VpDcApiDraft24SessionTranscriptOptions, MdocOpenId4VpDcApiSessionTranscriptOptions, MdocOpenId4VpDraft18SessionTranscriptOptions, MdocOpenId4VpSessionTranscriptOptions, MdocRecord, MdocRecordInstances, MdocRecordStorageProps, MdocRepository, MdocService, MdocSessionTranscriptByteOptions, MdocSessionTranscriptOptions, MdocSignOptions, MdocStoreOptions, MdocSupportedSignatureAlgorithm, MdocVerifyOptions, MessageValidator, Metadata, type MetadataBase, Module, type ModulesMap, MultiBaseEncoder, MultiHashEncoder, DidCommV2Service as NewDidCommV2Service, DidCommV2ServiceEndpoint as NewDidCommV2ServiceEndpoint, DidCommV2ServiceEndpointOptions as NewDidCommV2ServiceEndpointOptions, type NonEmptyArray, type Optional, ParsedDid, PeerDidCreateOptions, PeerDidDeactivateOptions, PeerDidNumAlgo, PeerDidNumAlgo0CreateOptions, PeerDidNumAlgo1CreateOptions, PeerDidNumAlgo2CreateOptions, PeerDidNumAlgo4CreateOptions, PeerDidRegistrar, PeerDidResolver, PeerDidUpdateOptions, Proof, ProofPurpose, type Query, type QueryOptions, RecordDeletedEvent, RecordDuplicateError, RecordNotFoundError, RecordSavedEvent, RecordTags, RecordUpdatedEvent, Repository, RepositoryEventTypes, type ResolvedDidCommService, SECURITY_CONTEXT_SECP256k1_URL, SECURITY_CONTEXT_URL, SECURITY_CONTEXT_V1_URL, SECURITY_CONTEXT_V2_URL, SECURITY_CONTEXT_V3_URL, SECURITY_JWS_CONTEXT_URL, SECURITY_PROOF_URL, SECURITY_SIGNATURE_URL, SECURITY_X25519_CONTEXT_URL, SaveGenericRecordOption, SdJwtVc, SdJwtVcApi, SdJwtVcError, SdJwtVcHeader, SdJwtVcHolderBinding, SdJwtVcHolderDidBinding, SdJwtVcHolderJwkBinding, SdJwtVcIssuer, SdJwtVcIssuerDid, SdJwtVcIssuerX5c, SdJwtVcModule, SdJwtVcPayload, SdJwtVcPresentOptions, SdJwtVcRecord, SdJwtVcRecordInstances, SdJwtVcRecordStorageProps, SdJwtVcRepository, SdJwtVcService, SdJwtVcSignOptions, SdJwtVcStoreOptions, SdJwtVcTypeMetadata, SdJwtVcTypeMetadataClaim, SdJwtVcTypeMetadataDisplay, SdJwtVcTypeMetadataRenderingMethodSimple, SdJwtVcTypeMetadataRenderingMethodSvgTemplate, SdJwtVcVerifyOptions, ServiceTransformer, Sha1, Sha256, Sha384, Sha512, SignatureSuiteRegistry, SignatureSuiteToken, type SimpleQuery, SingleContextLruCacheItem, SingleContextLruCacheRecord, SingleContextStorageLruCache, SingleContextStorageLruCacheOptions, type SingleOrArray, SingleValidationResult, type StorageService, StorageUpdateService, StorageVersionRecord, StorageVersionRecordProps, StorageVersionRepository, SubmissionEntryCredential, SuiteInfo, TagValue, Tags, TagsBase, TypedArrayEncoder, type Uint8ArrayBuffer, type UnionToIntersection, Update, UpdateAssistant, UpdateAssistantUpdateOptions, type UpdateConfig, type UseInstanceFromCredentialRecordOptions, type UseInstanceFromCredentialRecordReturn, type V0_1ToV0_2UpdateConfig, VERIFIABLE_CREDENTIAL_TYPE, VERIFIABLE_PRESENTATION_TYPE, VERIFICATION_METHOD_TYPE_ECDSA_SECP256K1_VERIFICATION_KEY_2019, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2020, VERIFICATION_METHOD_TYPE_JSON_WEB_KEY_2020, VERIFICATION_METHOD_TYPE_MULTIKEY, VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019, VerifiableCredential, VerifiablePresentation, VerificationMethod, VerificationMethodTransformer, VerificationResult, type VersionString, W3cCreatePresentationOptions, W3cCredential, W3cCredentialOptions, W3cCredentialRecord, W3cCredentialRecordInstances, W3cCredentialRecordOptions, W3cCredentialRepository, W3cCredentialSchema, W3cCredentialSchemaOptions, W3cCredentialService, W3cCredentialStatus, W3cCredentialStatusOptions, W3cCredentialSubject, W3cCredentialSubjectOptions, W3cCredentialSubjectTransformer, W3cCredentialsApi, W3cCredentialsModule, W3cCredentialsModuleConfig, W3cCredentialsModuleConfigOptions, W3cIssuer, W3cIssuerOptions, W3cIssuerTransformer, W3cJsonCredential, W3cJsonLdCredentialService, W3cJsonLdDeriveProofOptions, W3cJsonLdSignCredentialOptions, W3cJsonLdSignPresentationOptions, W3cJsonLdVerifiableCredential, W3cJsonLdVerifiableCredentialOptions, W3cJsonLdVerifiablePresentation, W3cJsonLdVerifiablePresentationOptions, W3cJsonLdVerifyCredentialOptions, W3cJsonLdVerifyPresentationOptions, W3cJsonPresentation, W3cJwtCredentialService, W3cJwtSignCredentialOptions, W3cJwtSignPresentationOptions, W3cJwtVerifiableCredential, W3cJwtVerifiableCredentialOptions, W3cJwtVerifiablePresentation, W3cJwtVerifiablePresentationOptions, W3cJwtVerifyCredentialOptions, W3cJwtVerifyPresentationOptions, W3cPresentation, W3cPresentationOptions, W3cSignCredentialOptions, W3cSignPresentationOptions, W3cStoreCredentialOptions, W3cV2Credential, W3cV2CredentialOptions, W3cV2CredentialRecord, W3cV2CredentialRecordInstances, W3cV2CredentialRecordOptions, W3cV2CredentialRepository, W3cV2CredentialSchema, W3cV2CredentialSchemaOptions, W3cV2CredentialService, W3cV2CredentialStatus, W3cV2CredentialStatusOptions, W3cV2CredentialSubject, W3cV2CredentialSubjectOptions, W3cV2CredentialsApi, W3cV2CredentialsModule, W3cV2EnvelopedVerifiableCredential, W3cV2EnvelopedVerifiableCredentialOptions, W3cV2EnvelopedVerifiableCredentialTransformer, W3cV2EnvelopedVerifiablePresentation, W3cV2EnvelopedVerifiablePresentationOptions, W3cV2Evidence, W3cV2EvidenceOptions, W3cV2Issuer, W3cV2IssuerOptions, W3cV2IssuerTransformer, W3cV2JsonCredential, W3cV2JsonLocalizedValue, W3cV2JsonPresentation, W3cV2JwtCredentialService, W3cV2JwtSignCredentialOptions, W3cV2JwtSignPresentationOptions, W3cV2JwtVerifiableCredential, W3cV2JwtVerifiableCredentialOptions, W3cV2JwtVerifiablePresentation, W3cV2JwtVerifiablePresentationOptions, W3cV2JwtVerifyCredentialOptions, W3cV2JwtVerifyPresentationOptions, W3cV2LocalizedValue, W3cV2LocalizedValueOptions, W3cV2LocalizedValueTransformer, W3cV2Presentation, W3cV2PresentationOptions, W3cV2RefreshService, W3cV2RefreshServiceOptions, W3cV2SdJwt, W3cV2SdJwtCredentialService, W3cV2SdJwtHeader, W3cV2SdJwtPayload, W3cV2SdJwtSignCredentialOptions, W3cV2SdJwtSignPresentationOptions, W3cV2SdJwtVcPresentOptions, W3cV2SdJwtVerifiableCredential, W3cV2SdJwtVerifiableCredentialOptions, W3cV2SdJwtVerifiablePresentation, W3cV2SdJwtVerifiablePresentationOptions, W3cV2SdJwtVerifyCredentialOptions, W3cV2SdJwtVerifyPresentationOptions, W3cV2SignCredentialOptions, W3cV2SignPresentationOptions, W3cV2StoreCredentialOptions, W3cV2TermsOfUse, W3cV2TermsOfUseOptions, W3cV2VerifiableCredential, W3cV2VerifiableCredentialOptions, W3cV2VerifiableCredentialTransformer, W3cV2VerifyCredentialOptions, W3cV2VerifyCredentialResult, W3cV2VerifyPresentationOptions, W3cV2VerifyPresentationResult, W3cVerifiableCredential, W3cVerifiableCredentialTransformer, W3cVerifiablePresentation, W3cVerifyCredentialOptions, W3cVerifyCredentialResult, W3cVerifyPresentationOptions, W3cVerifyPresentationResult, WebDidResolver, X509Api, X509Certificate, X509CertificateExtensionsOptions, X509CertificateIssuerAndSubjectOptions, X509CertificateOptions, X509CreateCertificateChainOptions, X509CreateCertificateOptions, X509Error, X509ExtendedKeyUsage, X509GetLeafCertificateOptions, X509KeyUsage, X509Module, X509ModuleConfig, X509ModuleConfigOptions, X509ParseCertificateOptions, X509Service, X509ValidateCertificateChainOptions, X509VerificationContext, X509VerificationTypeCredential, X509VerificationTypeOauth2ClientAttestation, X509VerificationTypeOauth2SecuredAuthorizationRequest, X509VerificationTypeOpenId4VciCredentialIssuerMetadata, X509VerificationTypeOpenId4VciKeyAttestation, type XOR, ZodValidationError, asArray, base64ToBase64URL, canUseInstanceFromCredentialRecord, convertName, convertPublicKeyToX25519, createAuthorityKeyIdentifierExtension, createBasicConstraintsExtension, createCrlDistributionPointsExtension, createExtendedKeyUsagesExtension, createIssuerAlternativeNameExtension, createKeyUsagesExtension, createPeerDidDocumentFromServices, createSubjectAlternativeNameExtension, createSubjectKeyIdentifierExtension, dcqlGetPresentationsToCreate, decodeSdJwt, deepEquality, deriveProof, didDocumentJsonToNumAlgo1Did, didDocumentToNumAlgo2Did, didDocumentToNumAlgo4Did, didKeyToEd25519PublicJwk, didKeyToVerkey, equalsIgnoreOrder, equalsWithOrder, extractPresentationsWithDescriptorsFromSubmission, extractX509CertificatesFromJwt, filterContextCorrelationId, findMatchingEd25519Key, findVerificationMethodByKeyType, getAlternativeDidsForPeerDid, getApiForModuleByName, getDirFromFilePath, getDomainFromUrl, getEcdsaSecp256k1VerificationKey2019, getEd25519VerificationKey2018, getEd25519VerificationKey2020, getJsonWebKey2020, getKmsKeyIdForVerifiacationMethod, getMultikey, getNumAlgoFromPeerDid, getPublicJwkFromEcdsaSecp256k1VerificationKey2019, getPublicJwkFromEd25519VerificationKey2018, getPublicJwkFromEd25519VerificationKey2020, getPublicJwkFromJsonWebKey2020, getPublicJwkFromMultikey, getPublicJwkFromVerificationMethod, getPublicJwkFrommX25519KeyAgreementKey2019, getRegisteredModuleByInstance, getRegisteredModuleByName, getX25519KeyAgreementKey2019, inject, injectAll, injectable, isDid, isDidKey, isEcdsaSecp256k1VerificationKey2019, isEd25519VerificationKey2018, isEd25519VerificationKey2020, isJsonObject, isJsonWebKey2020, isMdocSupportedSignatureAlgorithm, isMultikey, isNonEmptyArray, isStorageUpToDate, isValidPeerDid, isX25519KeyAgreementKey2019, joinUriParts, keyDidEd25519, keyDidX25519, mapNonEmptyArray, parseDid, publicJwkToCryptoKeyAlgorithm, replaceError, sdJwtVcHasher, serviceTypes, tryParseDid, useInstanceFromCredentialRecord, utils, vcLibraries, verkeyToDidKey, verkeyToPublicJwk, w3cDate };
 //# sourceMappingURL=index.d.mts.map

package/build/index.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.mts","names":[],"sources":["../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA+FM"}
+{"version":3,"file":"index.d.mts","names":[],"sources":["../src/index.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAqGM"}

package/build/index.mjs

@@ -190,6 +190,7 @@ import { MdocRecord } from "./modules/mdoc/repository/MdocRecord.mjs";
 import { MdocRepository } from "./modules/mdoc/repository/MdocRepository.mjs";
 import { SdJwtVcRecord } from "./modules/sd-jwt-vc/repository/SdJwtVcRecord.mjs";
 import { SdJwtVcRepository } from "./modules/sd-jwt-vc/repository/SdJwtVcRepository.mjs";
+import { canUseInstanceFromCredentialRecord, useInstanceFromCredentialRecord } from "./utils/credentialUse.mjs";
 import { MdocDeviceResponse } from "./modules/mdoc/MdocDeviceResponse.mjs";
 import { MdocService } from "./modules/mdoc/MdocService.mjs";
 import { MdocApi } from "./modules/mdoc/MdocApi.mjs";
@@ -237,5 +238,5 @@ const utils = {
 };
 
 //#endregion
-export { ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE, Agent, AgentConfig, AgentContext, AnonCredsDataIntegrityServiceSymbol, BaseAgent, BaseLogger, BaseRecord, Buffer, CREDENTIALS_CONTEXT_V1_URL, CREDENTIALS_CONTEXT_V2_URL, CREDENTIALS_ISSUER_URL, CacheModule, CacheModuleConfig, CachedStorageService, ClaimFormat, ClassValidationError, ConsoleLogger, CredentialIssuancePurpose, CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredoError, CredoWebCrypto, CredoWebCryptoKey, DID_V1_CONTEXT_URL, DataIntegrityProof, DateOnly, DateTransformer, DcqlError, DcqlModule, DcqlService, DefaultAgentContextProvider, DependencyManager, DidCommV1Service, LegacyDidCommV2Service as DidCommV2Service, DidDocument, DidDocumentBuilder, DidDocumentRole, DidDocumentService, DidJwk, DidKey, DidRecord, DidRecordMetadataKeys, DidRegistrarService, DidRepository, DidResolverService, DidsApi, DidsModule, DidsModuleConfig, DifPresentationExchangeError, DifPresentationExchangeModule, DifPresentationExchangeService, PresentationSubmissionLocation as DifPresentationExchangeSubmissionLocation, ENVELOPED_VERIFIABLE_CREDENTIAL_TYPE, ENVELOPED_VERIFIABLE_PRESENTATION_TYPE, EXPANDED_TYPE_CREDENTIALS_CONTEXT_V1_VC_TYPE, Ed25519Signature2018, Ed25519Signature2020, EventEmitter, GenericRecord, GenericRecordsApi, GenericRecordsModule, Hasher, InMemoryLruCache, IndyAgentService, InjectionSymbols, IsEnvelopedVerifiableCredentialType, IsEnvelopedVerifiablePresentationType, IsStringOrInstance, IsStringOrInstanceOrArrayOfInstances, IsStringOrStringArray, IsStringOrVerificationMethod, IsUri, IsW3cCredentialSubject, IsW3cIssuer, IsW3cV2Issuer, JsonEncoder, JsonTransformer, JwkDidRegistrar, JwkDidResolver, JwsLinkedDataSignature, JwsService, Jwt, JwtPayload, KeyDidRegistrar, KeyDidResolver, kms_exports as Kms, LdKeyPair, LogLevel, Mdoc, MdocApi, MdocDeviceResponse, MdocError, MdocModule, MdocRecord, MdocRepository, MdocService, MessageValidator, Metadata, MultiBaseEncoder, MultiHashEncoder, DidCommV2Service as NewDidCommV2Service, DidCommV2ServiceEndpoint as NewDidCommV2ServiceEndpoint, PeerDidNumAlgo, PeerDidRegistrar, PeerDidResolver, RecordDuplicateError, RecordNotFoundError, Repository, RepositoryEventTypes, SECURITY_CONTEXT_SECP256k1_URL, SECURITY_CONTEXT_URL, SECURITY_CONTEXT_V1_URL, SECURITY_CONTEXT_V2_URL, SECURITY_CONTEXT_V3_URL, SECURITY_JWS_CONTEXT_URL, SECURITY_PROOF_URL, SECURITY_SIGNATURE_URL, SECURITY_X25519_CONTEXT_URL, SdJwtVcApi, SdJwtVcError, SdJwtVcModule, SdJwtVcRecord, SdJwtVcRepository, SdJwtVcService, ServiceTransformer, Sha1, Sha256, Sha384, Sha512, SignatureSuiteRegistry, SignatureSuiteToken, SingleContextLruCacheRecord, SingleContextStorageLruCache, StorageUpdateService, StorageVersionRecord, StorageVersionRepository, TypedArrayEncoder, UpdateAssistant, VERIFIABLE_CREDENTIAL_TYPE, VERIFIABLE_PRESENTATION_TYPE, VERIFICATION_METHOD_TYPE_ECDSA_SECP256K1_VERIFICATION_KEY_2019, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2020, VERIFICATION_METHOD_TYPE_JSON_WEB_KEY_2020, VERIFICATION_METHOD_TYPE_MULTIKEY, VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019, VerificationMethod, VerificationMethodTransformer, W3cCredential, W3cCredentialRecord, W3cCredentialRepository, W3cCredentialSchema, W3cCredentialService, W3cCredentialStatus, W3cCredentialSubject, W3cCredentialSubjectTransformer, W3cCredentialsApi, W3cCredentialsModule, W3cCredentialsModuleConfig, W3cIssuer, W3cIssuerTransformer, W3cJsonLdCredentialService, W3cJsonLdVerifiableCredential, W3cJsonLdVerifiablePresentation, W3cJwtCredentialService, W3cJwtVerifiableCredential, W3cJwtVerifiablePresentation, W3cPresentation, W3cV2Credential, W3cV2CredentialRecord, W3cV2CredentialRepository, W3cV2CredentialSchema, W3cV2CredentialService, W3cV2CredentialStatus, W3cV2CredentialSubject, W3cV2CredentialsApi, W3cV2CredentialsModule, W3cV2EnvelopedVerifiableCredential, W3cV2EnvelopedVerifiableCredentialTransformer, W3cV2EnvelopedVerifiablePresentation, W3cV2Evidence, W3cV2Issuer, W3cV2IssuerTransformer, W3cV2JwtCredentialService, W3cV2JwtVerifiableCredential, W3cV2JwtVerifiablePresentation, W3cV2LocalizedValue, W3cV2LocalizedValueTransformer, W3cV2Presentation, W3cV2RefreshService, W3cV2SdJwtCredentialService, W3cV2SdJwtVerifiableCredential, W3cV2SdJwtVerifiablePresentation, W3cV2TermsOfUse, W3cV2VerifiableCredentialTransformer, W3cVerifiableCredentialTransformer, WebDidResolver, X509Api, X509Certificate, X509Error, X509ExtendedKeyUsage, X509KeyUsage, X509Module, X509ModuleConfig, X509Service, ZodValidationError, asArray, base64ToBase64URL, convertName, convertPublicKeyToX25519, createAuthorityKeyIdentifierExtension, createBasicConstraintsExtension, createCrlDistributionPointsExtension, createExtendedKeyUsagesExtension, createIssuerAlternativeNameExtension, createKeyUsagesExtension, createPeerDidDocumentFromServices, createSubjectAlternativeNameExtension, createSubjectKeyIdentifierExtension, dcqlGetPresentationsToCreate, decodeSdJwt, deepEquality, deriveProof, didDocumentJsonToNumAlgo1Did, didDocumentToNumAlgo2Did, didDocumentToNumAlgo4Did, didKeyToEd25519PublicJwk, didKeyToVerkey, equalsIgnoreOrder, equalsWithOrder, extractPresentationsWithDescriptorsFromSubmission, extractX509CertificatesFromJwt, filterContextCorrelationId, findMatchingEd25519Key, findVerificationMethodByKeyType, getAlternativeDidsForPeerDid, getApiForModuleByName, getDirFromFilePath, getDomainFromUrl, getEcdsaSecp256k1VerificationKey2019, getEd25519VerificationKey2018, getEd25519VerificationKey2020, getJsonWebKey2020, getKmsKeyIdForVerifiacationMethod, getMultikey, getNumAlgoFromPeerDid, getPublicJwkFromEcdsaSecp256k1VerificationKey2019, getPublicJwkFromEd25519VerificationKey2018, getPublicJwkFromEd25519VerificationKey2020, getPublicJwkFromJsonWebKey2020, getPublicJwkFromMultikey, getPublicJwkFromVerificationMethod, getPublicJwkFrommX25519KeyAgreementKey2019, getRegisteredModuleByInstance, getRegisteredModuleByName, getX25519KeyAgreementKey2019, inject, injectAll, injectable, isDid, isDidKey, isEcdsaSecp256k1VerificationKey2019, isEd25519VerificationKey2018, isEd25519VerificationKey2020, isJsonObject, isJsonWebKey2020, isMdocSupportedSignatureAlgorithm, isMultikey, isNonEmptyArray, isStorageUpToDate, isValidPeerDid, isX25519KeyAgreementKey2019, joinUriParts, keyDidEd25519, keyDidX25519, mapNonEmptyArray, parseDid, publicJwkToCryptoKeyAlgorithm, replaceError, sdJwtVcHasher, serviceTypes, tryParseDid, utils, vcLibraries, verkeyToDidKey, verkeyToPublicJwk, w3cDate };
+export { ANONCREDS_DATA_INTEGRITY_CRYPTOSUITE, Agent, AgentConfig, AgentContext, AnonCredsDataIntegrityServiceSymbol, BaseAgent, BaseLogger, BaseRecord, Buffer, CREDENTIALS_CONTEXT_V1_URL, CREDENTIALS_CONTEXT_V2_URL, CREDENTIALS_ISSUER_URL, CacheModule, CacheModuleConfig, CachedStorageService, ClaimFormat, ClassValidationError, ConsoleLogger, CredentialIssuancePurpose, CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredoError, CredoWebCrypto, CredoWebCryptoKey, DID_V1_CONTEXT_URL, DataIntegrityProof, DateOnly, DateTransformer, DcqlError, DcqlModule, DcqlService, DefaultAgentContextProvider, DependencyManager, DidCommV1Service, LegacyDidCommV2Service as DidCommV2Service, DidDocument, DidDocumentBuilder, DidDocumentRole, DidDocumentService, DidJwk, DidKey, DidRecord, DidRecordMetadataKeys, DidRegistrarService, DidRepository, DidResolverService, DidsApi, DidsModule, DidsModuleConfig, DifPresentationExchangeError, DifPresentationExchangeModule, DifPresentationExchangeService, PresentationSubmissionLocation as DifPresentationExchangeSubmissionLocation, ENVELOPED_VERIFIABLE_CREDENTIAL_TYPE, ENVELOPED_VERIFIABLE_PRESENTATION_TYPE, EXPANDED_TYPE_CREDENTIALS_CONTEXT_V1_VC_TYPE, Ed25519Signature2018, Ed25519Signature2020, EventEmitter, GenericRecord, GenericRecordsApi, GenericRecordsModule, Hasher, InMemoryLruCache, IndyAgentService, InjectionSymbols, IsEnvelopedVerifiableCredentialType, IsEnvelopedVerifiablePresentationType, IsStringOrInstance, IsStringOrInstanceOrArrayOfInstances, IsStringOrStringArray, IsStringOrVerificationMethod, IsUri, IsW3cCredentialSubject, IsW3cIssuer, IsW3cV2Issuer, JsonEncoder, JsonTransformer, JwkDidRegistrar, JwkDidResolver, JwsLinkedDataSignature, JwsService, Jwt, JwtPayload, KeyDidRegistrar, KeyDidResolver, kms_exports as Kms, LdKeyPair, LogLevel, Mdoc, MdocApi, MdocDeviceResponse, MdocError, MdocModule, MdocRecord, MdocRepository, MdocService, MessageValidator, Metadata, MultiBaseEncoder, MultiHashEncoder, DidCommV2Service as NewDidCommV2Service, DidCommV2ServiceEndpoint as NewDidCommV2ServiceEndpoint, PeerDidNumAlgo, PeerDidRegistrar, PeerDidResolver, RecordDuplicateError, RecordNotFoundError, Repository, RepositoryEventTypes, SECURITY_CONTEXT_SECP256k1_URL, SECURITY_CONTEXT_URL, SECURITY_CONTEXT_V1_URL, SECURITY_CONTEXT_V2_URL, SECURITY_CONTEXT_V3_URL, SECURITY_JWS_CONTEXT_URL, SECURITY_PROOF_URL, SECURITY_SIGNATURE_URL, SECURITY_X25519_CONTEXT_URL, SdJwtVcApi, SdJwtVcError, SdJwtVcModule, SdJwtVcRecord, SdJwtVcRepository, SdJwtVcService, ServiceTransformer, Sha1, Sha256, Sha384, Sha512, SignatureSuiteRegistry, SignatureSuiteToken, SingleContextLruCacheRecord, SingleContextStorageLruCache, StorageUpdateService, StorageVersionRecord, StorageVersionRepository, TypedArrayEncoder, UpdateAssistant, VERIFIABLE_CREDENTIAL_TYPE, VERIFIABLE_PRESENTATION_TYPE, VERIFICATION_METHOD_TYPE_ECDSA_SECP256K1_VERIFICATION_KEY_2019, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2018, VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2020, VERIFICATION_METHOD_TYPE_JSON_WEB_KEY_2020, VERIFICATION_METHOD_TYPE_MULTIKEY, VERIFICATION_METHOD_TYPE_X25519_KEY_AGREEMENT_KEY_2019, VerificationMethod, VerificationMethodTransformer, W3cCredential, W3cCredentialRecord, W3cCredentialRepository, W3cCredentialSchema, W3cCredentialService, W3cCredentialStatus, W3cCredentialSubject, W3cCredentialSubjectTransformer, W3cCredentialsApi, W3cCredentialsModule, W3cCredentialsModuleConfig, W3cIssuer, W3cIssuerTransformer, W3cJsonLdCredentialService, W3cJsonLdVerifiableCredential, W3cJsonLdVerifiablePresentation, W3cJwtCredentialService, W3cJwtVerifiableCredential, W3cJwtVerifiablePresentation, W3cPresentation, W3cV2Credential, W3cV2CredentialRecord, W3cV2CredentialRepository, W3cV2CredentialSchema, W3cV2CredentialService, W3cV2CredentialStatus, W3cV2CredentialSubject, W3cV2CredentialsApi, W3cV2CredentialsModule, W3cV2EnvelopedVerifiableCredential, W3cV2EnvelopedVerifiableCredentialTransformer, W3cV2EnvelopedVerifiablePresentation, W3cV2Evidence, W3cV2Issuer, W3cV2IssuerTransformer, W3cV2JwtCredentialService, W3cV2JwtVerifiableCredential, W3cV2JwtVerifiablePresentation, W3cV2LocalizedValue, W3cV2LocalizedValueTransformer, W3cV2Presentation, W3cV2RefreshService, W3cV2SdJwtCredentialService, W3cV2SdJwtVerifiableCredential, W3cV2SdJwtVerifiablePresentation, W3cV2TermsOfUse, W3cV2VerifiableCredentialTransformer, W3cVerifiableCredentialTransformer, WebDidResolver, X509Api, X509Certificate, X509Error, X509ExtendedKeyUsage, X509KeyUsage, X509Module, X509ModuleConfig, X509Service, ZodValidationError, asArray, base64ToBase64URL, canUseInstanceFromCredentialRecord, convertName, convertPublicKeyToX25519, createAuthorityKeyIdentifierExtension, createBasicConstraintsExtension, createCrlDistributionPointsExtension, createExtendedKeyUsagesExtension, createIssuerAlternativeNameExtension, createKeyUsagesExtension, createPeerDidDocumentFromServices, createSubjectAlternativeNameExtension, createSubjectKeyIdentifierExtension, dcqlGetPresentationsToCreate, decodeSdJwt, deepEquality, deriveProof, didDocumentJsonToNumAlgo1Did, didDocumentToNumAlgo2Did, didDocumentToNumAlgo4Did, didKeyToEd25519PublicJwk, didKeyToVerkey, equalsIgnoreOrder, equalsWithOrder, extractPresentationsWithDescriptorsFromSubmission, extractX509CertificatesFromJwt, filterContextCorrelationId, findMatchingEd25519Key, findVerificationMethodByKeyType, getAlternativeDidsForPeerDid, getApiForModuleByName, getDirFromFilePath, getDomainFromUrl, getEcdsaSecp256k1VerificationKey2019, getEd25519VerificationKey2018, getEd25519VerificationKey2020, getJsonWebKey2020, getKmsKeyIdForVerifiacationMethod, getMultikey, getNumAlgoFromPeerDid, getPublicJwkFromEcdsaSecp256k1VerificationKey2019, getPublicJwkFromEd25519VerificationKey2018, getPublicJwkFromEd25519VerificationKey2020, getPublicJwkFromJsonWebKey2020, getPublicJwkFromMultikey, getPublicJwkFromVerificationMethod, getPublicJwkFrommX25519KeyAgreementKey2019, getRegisteredModuleByInstance, getRegisteredModuleByName, getX25519KeyAgreementKey2019, inject, injectAll, injectable, isDid, isDidKey, isEcdsaSecp256k1VerificationKey2019, isEd25519VerificationKey2018, isEd25519VerificationKey2020, isJsonObject, isJsonWebKey2020, isMdocSupportedSignatureAlgorithm, isMultikey, isNonEmptyArray, isStorageUpToDate, isValidPeerDid, isX25519KeyAgreementKey2019, joinUriParts, keyDidEd25519, keyDidX25519, mapNonEmptyArray, parseDid, publicJwkToCryptoKeyAlgorithm, replaceError, sdJwtVcHasher, serviceTypes, tryParseDid, useInstanceFromCredentialRecord, utils, vcLibraries, verkeyToDidKey, verkeyToPublicJwk, w3cDate };
 //# sourceMappingURL=index.mjs.map

package/build/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":[],"sources":["../src/index.ts"],"sourcesContent":["// reflect-metadata used for class-transformer + class-validator\nimport 'reflect-metadata'\n\nexport * from './agent'\nexport { Agent } from './agent/Agent'\nexport { AgentConfig } from './agent/AgentConfig'\nexport type { AgentDependencies } from './agent/AgentDependencies'\nexport type { AgentApi, DefaultAgentModules, EmptyModuleMap, ModulesMap } from './agent/AgentModules'\nexport { BaseAgent } from './agent/BaseAgent'\nexport { EventEmitter } from './agent/EventEmitter'\nexport * from './agent/Events'\nexport { InjectionSymbols } from './constants'\nexport * from './crypto'\nexport * from './error'\nexport * from './logger'\nexport * from './modules/cache'\nexport * from './modules/dcql'\nexport * from './modules/dids'\nexport { tryParseDid } from './modules/dids/domain/parse'\n// TODO: Clean up these exports used by DIDComm module\nexport {\n  didKeyToEd25519PublicJwk,\n  didKeyToVerkey,\n  isDidKey,\n  verkeyToDidKey,\n  verkeyToPublicJwk,\n} from './modules/dids/helpers'\nexport { didDocumentJsonToNumAlgo1Did } from './modules/dids/methods/peer/peerDidNumAlgo1'\nexport { didDocumentToNumAlgo2Did } from './modules/dids/methods/peer/peerDidNumAlgo2'\nexport { didDocumentToNumAlgo4Did } from './modules/dids/methods/peer/peerDidNumAlgo4'\nexport { DidRecordMetadataKeys } from './modules/dids/repository/didRecordMetadataTypes'\nexport * from './modules/dif-presentation-exchange'\nexport * from './modules/generic-records'\nexport * as Kms from './modules/kms'\nexport * from './modules/mdoc'\nexport * from './modules/sd-jwt-vc'\nexport * from './modules/vc'\nexport * from './modules/x509'\nexport * from './plugins'\nexport * from './storage/BaseRecord'\nexport type { DownloadToFileOptions, FileSystem } from './storage/FileSystem'\nexport { Metadata, type MetadataBase } from './storage/Metadata'\nexport * from './storage/migration'\nexport type { UpdateConfig, V0_1ToV0_2UpdateConfig } from './storage/migration/updates'\nexport { Repository } from './storage/Repository'\nexport * from './storage/RepositoryEvents'\nexport type { BaseRecordConstructor, Query, QueryOptions, SimpleQuery, StorageService } from './storage/StorageService'\nexport type {\n  AnyUint8Array,\n  CanBePromise,\n  InitConfig,\n  JsonArray,\n  JsonObject,\n  JsonValue,\n  NonEmptyArray,\n  Optional,\n  ResolvedDidCommService,\n  SingleOrArray,\n  Uint8ArrayBuffer,\n  XOR,\n} from './types'\nexport { isJsonObject, isNonEmptyArray, mapNonEmptyArray } from './types'\nexport {\n  asArray,\n  type BaseName,\n  Buffer,\n  DateTransformer,\n  deepEquality,\n  equalsIgnoreOrder,\n  equalsWithOrder,\n  IsStringOrInstance,\n  IsStringOrInstanceOrArrayOfInstances,\n  IsStringOrStringArray,\n  IsUri,\n  isDid,\n  JsonEncoder,\n  JsonTransformer,\n  MessageValidator,\n  MultiBaseEncoder,\n  MultiHashEncoder,\n  TypedArrayEncoder,\n} from './utils'\nexport { base64ToBase64URL } from './utils/base64'\nexport { CredentialMultiInstanceState, CredentialMultiInstanceUseMode } from './utils/credentialUseTypes'\nexport { getDomainFromUrl } from './utils/domain'\nexport type { Constructable, Constructor, UnionToIntersection } from './utils/mixins'\nexport { getDirFromFilePath, joinUriParts } from './utils/path'\nexport type { VersionString } from './utils/version'\n\nimport { indyDidFromPublicKeyBase58 } from './utils/did'\nimport { areObjectsEqual } from './utils/objectEquality'\nimport timestamp, { addSecondsToDate, dateToSeconds, nowInSeconds } from './utils/timestamp'\nimport { getProtocolScheme } from './utils/uri'\nimport { isValidUuid, uuid } from './utils/uuid'\n\nconst utils = {\n  areObjectsEqual,\n  uuid,\n  isValidUuid,\n  getProtocolScheme,\n  timestamp,\n  indyDidFromPublicKeyBase58,\n  nowInSeconds,\n  dateToSeconds,\n  addSecondsToDate,\n}\n\nexport { utils }\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+FA,MAAM,QAAQ;CACZ;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD"}
+{"version":3,"file":"index.mjs","names":[],"sources":["../src/index.ts"],"sourcesContent":["// reflect-metadata used for class-transformer + class-validator\nimport 'reflect-metadata'\n\nexport * from './agent'\nexport { Agent } from './agent/Agent'\nexport { AgentConfig } from './agent/AgentConfig'\nexport type { AgentDependencies } from './agent/AgentDependencies'\nexport type { AgentApi, DefaultAgentModules, EmptyModuleMap, ModulesMap } from './agent/AgentModules'\nexport { BaseAgent } from './agent/BaseAgent'\nexport { EventEmitter } from './agent/EventEmitter'\nexport * from './agent/Events'\nexport { InjectionSymbols } from './constants'\nexport * from './crypto'\nexport * from './error'\nexport * from './logger'\nexport * from './modules/cache'\nexport * from './modules/dcql'\nexport * from './modules/dids'\nexport { tryParseDid } from './modules/dids/domain/parse'\n// TODO: Clean up these exports used by DIDComm module\nexport {\n  didKeyToEd25519PublicJwk,\n  didKeyToVerkey,\n  isDidKey,\n  verkeyToDidKey,\n  verkeyToPublicJwk,\n} from './modules/dids/helpers'\nexport { didDocumentJsonToNumAlgo1Did } from './modules/dids/methods/peer/peerDidNumAlgo1'\nexport { didDocumentToNumAlgo2Did } from './modules/dids/methods/peer/peerDidNumAlgo2'\nexport { didDocumentToNumAlgo4Did } from './modules/dids/methods/peer/peerDidNumAlgo4'\nexport { DidRecordMetadataKeys } from './modules/dids/repository/didRecordMetadataTypes'\nexport * from './modules/dif-presentation-exchange'\nexport * from './modules/generic-records'\nexport * as Kms from './modules/kms'\nexport * from './modules/mdoc'\nexport * from './modules/sd-jwt-vc'\nexport * from './modules/vc'\nexport * from './modules/x509'\nexport * from './plugins'\nexport * from './storage/BaseRecord'\nexport type { DownloadToFileOptions, FileSystem } from './storage/FileSystem'\nexport { Metadata, type MetadataBase } from './storage/Metadata'\nexport * from './storage/migration'\nexport type { UpdateConfig, V0_1ToV0_2UpdateConfig } from './storage/migration/updates'\nexport { Repository } from './storage/Repository'\nexport * from './storage/RepositoryEvents'\nexport type { BaseRecordConstructor, Query, QueryOptions, SimpleQuery, StorageService } from './storage/StorageService'\nexport type {\n  AnyUint8Array,\n  CanBePromise,\n  InitConfig,\n  JsonArray,\n  JsonObject,\n  JsonValue,\n  NonEmptyArray,\n  Optional,\n  ResolvedDidCommService,\n  SingleOrArray,\n  Uint8ArrayBuffer,\n  XOR,\n} from './types'\nexport { isJsonObject, isNonEmptyArray, mapNonEmptyArray } from './types'\nexport {\n  asArray,\n  type BaseName,\n  Buffer,\n  DateTransformer,\n  deepEquality,\n  equalsIgnoreOrder,\n  equalsWithOrder,\n  IsStringOrInstance,\n  IsStringOrInstanceOrArrayOfInstances,\n  IsStringOrStringArray,\n  IsUri,\n  isDid,\n  JsonEncoder,\n  JsonTransformer,\n  MessageValidator,\n  MultiBaseEncoder,\n  MultiHashEncoder,\n  TypedArrayEncoder,\n} from './utils'\nexport { base64ToBase64URL } from './utils/base64'\nexport type {\n  CredentialMultiInstanceUseUpdateMode,\n  UseInstanceFromCredentialRecordOptions,\n  UseInstanceFromCredentialRecordReturn,\n} from './utils/credentialUse'\nexport { canUseInstanceFromCredentialRecord, useInstanceFromCredentialRecord } from './utils/credentialUse'\nexport { CredentialMultiInstanceState, CredentialMultiInstanceUseMode } from './utils/credentialUseTypes'\nexport { getDomainFromUrl } from './utils/domain'\nexport type { Constructable, Constructor, UnionToIntersection } from './utils/mixins'\nexport { getDirFromFilePath, joinUriParts } from './utils/path'\nexport type { VersionString } from './utils/version'\n\nimport { indyDidFromPublicKeyBase58 } from './utils/did'\nimport { areObjectsEqual } from './utils/objectEquality'\nimport timestamp, { addSecondsToDate, dateToSeconds, nowInSeconds } from './utils/timestamp'\nimport { getProtocolScheme } from './utils/uri'\nimport { isValidUuid, uuid } from './utils/uuid'\n\nconst utils = {\n  areObjectsEqual,\n  uuid,\n  isValidUuid,\n  getProtocolScheme,\n  timestamp,\n  indyDidFromPublicKeyBase58,\n  nowInSeconds,\n  dateToSeconds,\n  addSecondsToDate,\n}\n\nexport { utils }\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqGA,MAAM,QAAQ;CACZ;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD"}

package/build/utils/credentialUse.d.mts

@@ -1,9 +1,84 @@
-import { CredentialMultiInstanceState, CredentialMultiInstanceUseMode } from "./credentialUseTypes.mjs";
-import "../modules/sd-jwt-vc/SdJwtVcService.mjs";
+import { CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredentialMultiInstanceUseUpdateMode } from "./credentialUseTypes.mjs";
+import { SdJwtVc } from "../modules/sd-jwt-vc/SdJwtVcService.mjs";
+import { SdJwtVcRecord } from "../modules/sd-jwt-vc/repository/SdJwtVcRecord.mjs";
 import "../modules/sd-jwt-vc/repository/index.mjs";
+import { MdocRecord } from "../modules/mdoc/repository/MdocRecord.mjs";
 import "../modules/mdoc/repository/index.mjs";
+import { W3cCredentialRecord } from "../modules/vc/repository/W3cCredentialRecord.mjs";
+import { W3cV2CredentialRecord } from "../modules/vc/repository/W3cV2CredentialRecord.mjs";
 import "../modules/vc/repository/index.mjs";
+import { W3cV2VerifiableCredential } from "../modules/vc/models/credential/W3cV2VerifiableCredential.mjs";
+import { W3cVerifiableCredential } from "../modules/vc/models/credential/W3cVerifiableCredential.mjs";
 import "../modules/vc/index.mjs";
-import "../modules/mdoc/Mdoc.mjs";
+import { Mdoc } from "../modules/mdoc/Mdoc.mjs";
+import { AgentContext } from "../agent/context/AgentContext.mjs";
 import "../agent/index.mjs";
-import "../index.mjs";
+
+//#region src/utils/credentialUse.d.ts
+type CredentialRecord = W3cCredentialRecord | SdJwtVcRecord | MdocRecord | W3cV2CredentialRecord;
+type CredentialInstanceReturnType<Record extends CredentialRecord> = Record extends W3cCredentialRecord ? W3cVerifiableCredential : Record extends W3cV2CredentialRecord ? W3cV2VerifiableCredential : Record extends SdJwtVcRecord ? SdJwtVc : Record extends MdocRecord ? Mdoc : CredentialRecord;
+/**
+ * Checks whether an instance can be used from the provided record based on
+ * the required credential use mode.
+ */
+declare function canUseInstanceFromCredentialRecord({
+  credentialRecord,
+  useMode
+}: {
+  credentialRecord: CredentialRecord;
+  useMode: CredentialMultiInstanceUseMode;
+}): boolean;
+interface UseInstanceFromCredentialRecordOptions<Record extends CredentialRecord> {
+  agentContext: AgentContext;
+  /**
+   * Which mode to use for usage of the credential instance. See {@link CredentialMultiInstanceUseMode} for
+   * more information on the available options
+   */
+  useMode: CredentialMultiInstanceUseMode;
+  credentialRecord: Record;
+  /**
+   * The update mode for the credential record when a new instance is used.
+   *
+   * @default `CredentialMultiInstanceUseUpdateMode.RefetchAndUpdateWithLock`
+   */
+  updateMode?: CredentialMultiInstanceUseUpdateMode;
+}
+interface UseInstanceFromCredentialRecordReturn<Record extends CredentialRecord> {
+  /**
+   * The credential instance with the kms key id
+   */
+  credentialInstance: CredentialInstanceReturnType<Record>;
+  /**
+   * If the first instance was used, this value will be `true`. The first time
+   * the first instance is used, technically the credential is not reused yet,
+   * but we make no distinction between this.
+   */
+  isReused: boolean;
+  /**
+   * Whether the last new instance was used. If `isReused` is `true` this value will
+   * always be `false`.
+   *
+   * The last new instance is the second entry in the mdoc instances, since the first
+   * one is reserved for 'reused' usage.
+   */
+  isLastNewInstance: boolean;
+}
+/**
+ * Extract an instance with the correct kms key id from the credential instances
+ * on the record. Note that if an instance is extracted (that is not reused) it
+ * will remove the instance from the record, and the record should be updated in
+ * storage after usage.
+ *
+ * Note that the last credential instance is never removed from the record. So if the
+ * method indicates the last instance has been used, you should remove the credential
+ * from storage if you don't want it to be used anymore in the future.
+ */
+declare function useInstanceFromCredentialRecord<Record extends CredentialRecord>({
+  credentialRecord,
+  useMode,
+  agentContext,
+  updateMode
+}: UseInstanceFromCredentialRecordOptions<Record>): Promise<UseInstanceFromCredentialRecordReturn<Record>>;
+//#endregion
+export { UseInstanceFromCredentialRecordOptions, UseInstanceFromCredentialRecordReturn, canUseInstanceFromCredentialRecord, useInstanceFromCredentialRecord };
+//# sourceMappingURL=credentialUse.d.mts.map

package/build/utils/credentialUse.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentialUse.d.mts","names":[],"sources":["../../src/utils/credentialUse.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;;;KA+BK,gBAAA,GAAmB,sBAAsB,gBAAgB,aAAa;KAEtE,4CAA4C,oBAAoB,eAAe,sBAChF,0BACA,eAAe,wBACb,4BACA,eAAe,gBACb,UACA,eAAe,aACb,OACA;;;;;iBAgBM,kCAAA;;;;oBAII;WACT;;AA/BN,UAoDY,sCApDI,CAAA,eAoDkD,gBApDlD,CAAA,CAAA;EAAG,YAAA,EAqDR,YArDQ;EAAsB;;;;EAEzC,OAAA,EAyDM,8BAzDsB;EAAgB,gBAAA,EA0D7B,MA1D6B;EAAoB;;;;;EAG/D,UAAA,CAAA,EA8DS,oCA9DT;;AACe,UAgEJ,qCAhEI,CAAA,eAgEiD,gBAhEjD,CAAA,CAAA;EACb;;;EAEE,kBAAA,EAiEY,4BAjEZ,CAiEyC,MAjEzC,CAAA;EACA;;AAgBV;;;EAIoB,QAAA,EAAA,OAAA;EACT;;AAqBX;;;;;EAee,iBAAA,EAAA,OAAA;;AAGf;;;;;AAiCA;;;;;AAIE,iBAJoB,+BAIpB,CAAA,eAJmE,gBAInE,CAAA,CAAA;EAAA,gBAAA;EAAA,OAAA;EAAA,YAAA;EAAA;AAAA,CAAA,EACC,sCADD,CACwC,MADxC,CAAA,CAAA,EACkD,OADlD,CAC0D,qCAD1D,CACgG,MADhG,CAAA,CAAA"}

package/build/utils/credentialUse.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"credentialUse.mjs","names":["transformedCredentialInstance: W3cVerifiableCredential | Mdoc | SdJwtVc | W3cV2VerifiableCredential"],"sources":["../../src/utils/credentialUse.ts"],"sourcesContent":["import { AgentContext } from '../agent'\nimport { CredoError } from '../error/CredoError'\nimport { Mdoc } from '../modules/mdoc/Mdoc'\nimport { MdocRecord, type MdocRecordInstances, MdocRepository } from '../modules/mdoc/repository'\nimport { decodeSdJwtVc } from '../modules/sd-jwt-vc/decodeSdJwtVc'\nimport { SdJwtVcRecord, type SdJwtVcRecordInstances, SdJwtVcRepository } from '../modules/sd-jwt-vc/repository'\nimport type { SdJwtVc } from '../modules/sd-jwt-vc/SdJwtVcService'\nimport {\n  W3cJsonLdVerifiableCredential,\n  W3cJwtVerifiableCredential,\n  W3cV2JwtVerifiableCredential,\n  W3cV2SdJwtVerifiableCredential,\n  type W3cV2VerifiableCredential,\n  type W3cVerifiableCredential,\n} from '../modules/vc'\nimport {\n  W3cCredentialRecord,\n  type W3cCredentialRecordInstances,\n  W3cCredentialRepository,\n  W3cV2CredentialRecord,\n  type W3cV2CredentialRecordInstances,\n  W3cV2CredentialRepository,\n} from '../modules/vc/repository'\nimport {\n  CredentialMultiInstanceState,\n  CredentialMultiInstanceUseMode,\n  CredentialMultiInstanceUseUpdateMode,\n} from './credentialUseTypes'\n\nexport { CredentialMultiInstanceUseMode, CredentialMultiInstanceUseUpdateMode, CredentialMultiInstanceState }\n\ntype CredentialRecord = W3cCredentialRecord | SdJwtVcRecord | MdocRecord | W3cV2CredentialRecord\n\ntype CredentialInstanceReturnType<Record extends CredentialRecord> = Record extends W3cCredentialRecord\n  ? W3cVerifiableCredential\n  : Record extends W3cV2CredentialRecord\n    ? W3cV2VerifiableCredential\n    : Record extends SdJwtVcRecord\n      ? SdJwtVc\n      : Record extends MdocRecord\n        ? Mdoc\n        : CredentialRecord\n\ntype CredentialRepositoryForRecord<Record extends CredentialRecord> = Record extends W3cCredentialRecord\n  ? W3cCredentialRepository\n  : Record extends W3cV2CredentialRepository\n    ? W3cV2VerifiableCredential\n    : Record extends SdJwtVcRepository\n      ? SdJwtVc\n      : Record extends MdocRepository\n        ? Mdoc\n        : W3cCredentialRepository | W3cV2CredentialRepository | SdJwtVcRepository | MdocRepository\n\n/**\n * Checks whether an instance can be used from the provided record based on\n * the required credential use mode.\n */\nexport function canUseInstanceFromCredentialRecord({\n  credentialRecord,\n  useMode,\n}: {\n  credentialRecord: CredentialRecord\n  useMode: CredentialMultiInstanceUseMode\n}) {\n  // If we're not required to use a new instance, we can always return the first instance\n  if (\n    useMode === CredentialMultiInstanceUseMode.First ||\n    useMode === CredentialMultiInstanceUseMode.NewOrFirst ||\n    (useMode === CredentialMultiInstanceUseMode.NewIfReceivedInBatch &&\n      [CredentialMultiInstanceState.SingleInstanceUnused, CredentialMultiInstanceState.SingleInstanceUsed].includes(\n        credentialRecord.multiInstanceState\n      ))\n  ) {\n    return true\n  }\n\n  // Otherwise we return whether we can use a new instance\n  return (\n    credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n    credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n  )\n}\n\nexport interface UseInstanceFromCredentialRecordOptions<Record extends CredentialRecord> {\n  agentContext: AgentContext\n\n  /**\n   * Which mode to use for usage of the credential instance. See {@link CredentialMultiInstanceUseMode} for\n   * more information on the available options\n   */\n  useMode: CredentialMultiInstanceUseMode\n  credentialRecord: Record\n\n  /**\n   * The update mode for the credential record when a new instance is used.\n   *\n   * @default `CredentialMultiInstanceUseUpdateMode.RefetchAndUpdateWithLock`\n   */\n  updateMode?: CredentialMultiInstanceUseUpdateMode\n}\n\nexport interface UseInstanceFromCredentialRecordReturn<Record extends CredentialRecord> {\n  /**\n   * The credential instance with the kms key id\n   */\n  credentialInstance: CredentialInstanceReturnType<Record>\n\n  /**\n   * If the first instance was used, this value will be `true`. The first time\n   * the first instance is used, technically the credential is not reused yet,\n   * but we make no distinction between this.\n   */\n  isReused: boolean\n\n  /**\n   * Whether the last new instance was used. If `isReused` is `true` this value will\n   * always be `false`.\n   *\n   * The last new instance is the second entry in the mdoc instances, since the first\n   * one is reserved for 'reused' usage.\n   */\n  isLastNewInstance: boolean\n}\n\n/**\n * Extract an instance with the correct kms key id from the credential instances\n * on the record. Note that if an instance is extracted (that is not reused) it\n * will remove the instance from the record, and the record should be updated in\n * storage after usage.\n *\n * Note that the last credential instance is never removed from the record. So if the\n * method indicates the last instance has been used, you should remove the credential\n * from storage if you don't want it to be used anymore in the future.\n */\nexport async function useInstanceFromCredentialRecord<Record extends CredentialRecord>({\n  credentialRecord,\n  useMode,\n  agentContext,\n  updateMode,\n}: UseInstanceFromCredentialRecordOptions<Record>): Promise<UseInstanceFromCredentialRecordReturn<Record>> {\n  let extractResult = extractInstanceAndUpdateRecord({\n    credentialRecord,\n    useMode,\n  })\n\n  if (\n    (!extractResult.isReused || extractResult.isLastNewInstance) &&\n    updateMode === CredentialMultiInstanceUseUpdateMode.Update\n  ) {\n    await updateCredentialRecord(agentContext, credentialRecord)\n  }\n\n  if (\n    (!extractResult.isReused || extractResult.isLastNewInstance) &&\n    updateMode === CredentialMultiInstanceUseUpdateMode.RefetchAndUpdateWithLock\n  ) {\n    // the method is generic, but the types don't work well generically\n    const repository = repositoryForRecord(agentContext, credentialRecord) as SdJwtVcRepository\n\n    await repository.updateByIdWithLock(\n      agentContext,\n      credentialRecord.id,\n      async (freshCredentialRecord: SdJwtVcRecord) => {\n        extractResult = extractInstanceAndUpdateRecord({\n          credentialRecord: freshCredentialRecord,\n          useMode,\n        })\n\n        return freshCredentialRecord\n      }\n    )\n  }\n\n  let transformedCredentialInstance: W3cVerifiableCredential | Mdoc | SdJwtVc | W3cV2VerifiableCredential\n  if (credentialRecord instanceof MdocRecord) {\n    const { issuerSignedBase64Url, kmsKeyId } = extractResult.credentialInstance as MdocRecordInstances[0]\n    transformedCredentialInstance = Mdoc.fromBase64Url(issuerSignedBase64Url)\n    transformedCredentialInstance.deviceKeyId = kmsKeyId ?? transformedCredentialInstance.deviceKey.legacyKeyId\n  } else if (credentialRecord instanceof SdJwtVcRecord) {\n    const { compactSdJwtVc, kmsKeyId } = extractResult.credentialInstance as SdJwtVcRecordInstances[0]\n\n    transformedCredentialInstance = {\n      ...decodeSdJwtVc(compactSdJwtVc, credentialRecord.typeMetadata),\n      kmsKeyId,\n    }\n  } else if (credentialRecord instanceof W3cCredentialRecord) {\n    const { credential } = extractResult.credentialInstance as W3cCredentialRecordInstances[0]\n\n    transformedCredentialInstance =\n      typeof credential === 'string'\n        ? W3cJwtVerifiableCredential.fromSerializedJwt(credential)\n        : W3cJsonLdVerifiableCredential.fromJson(credential)\n  } else if (credentialRecord instanceof W3cV2CredentialRecord) {\n    const { credential } = extractResult.credentialInstance as W3cV2CredentialRecordInstances[0]\n\n    transformedCredentialInstance = credential.includes('~')\n      ? W3cV2SdJwtVerifiableCredential.fromCompact(credential)\n      : W3cV2JwtVerifiableCredential.fromCompact(credential)\n  } else {\n    throw new CredoError('Unsupported record type')\n  }\n\n  return {\n    credentialInstance: transformedCredentialInstance as CredentialInstanceReturnType<Record>,\n    isReused: extractResult.isReused,\n    isLastNewInstance: extractResult.isLastNewInstance,\n  }\n}\n\nexport function extractInstanceAndUpdateRecord<Record extends CredentialRecord>({\n  credentialRecord,\n  useMode,\n}: Pick<UseInstanceFromCredentialRecordOptions<Record>, 'credentialRecord' | 'useMode'>) {\n  if (credentialRecord.credentialInstances.length === 1 || useMode === CredentialMultiInstanceUseMode.First) {\n    const isFirstUnused =\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n\n    const isMultiInstance =\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUsed\n\n    const allowsReuse =\n      // New does not allow reuse\n      useMode === CredentialMultiInstanceUseMode.New\n        ? false\n        : // NewIfReceivedInBatch only allows reuse if the credential was not multi instance\n          useMode === CredentialMultiInstanceUseMode.NewIfReceivedInBatch\n          ? !isMultiInstance\n          : // Otherwise we allow reuse (First or NewOrFirst)\n            true\n\n    if (isFirstUnused) {\n      credentialRecord.multiInstanceState =\n        credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n          ? CredentialMultiInstanceState.SingleInstanceUsed\n          : CredentialMultiInstanceState.MultiInstanceFirstUsed\n    } else if (!allowsReuse) {\n      throw new CredoError(\n        `Unable to extract new credential instance from ${credentialRecord.type} with id '${credentialRecord.id}', since it only contains a single credential instance but using a new instance is required due to use mode '${useMode}'.`\n      )\n    }\n\n    return {\n      isReused: !isFirstUnused,\n      credentialInstance: credentialRecord.credentialInstances[0],\n      isLastNewInstance: isFirstUnused,\n    }\n  }\n\n  // We have multiple instances, so we pop the last one (never the first one)\n  const _credentialInstance = credentialRecord.credentialInstances.pop()\n  if (!_credentialInstance) {\n    throw new CredoError(\n      `Unable to extract credential instance from ${credentialRecord.type} with id '${credentialRecord.id}', since the credential record does not contain any credential instances.`\n    )\n  }\n\n  return {\n    credentialInstance: _credentialInstance,\n    isReused: false,\n    isLastNewInstance: false,\n  }\n}\n\nfunction repositoryForRecord<Record extends CredentialRecord>(\n  agentContext: AgentContext,\n  record: CredentialRecord\n): CredentialRepositoryForRecord<Record> {\n  if (record instanceof W3cCredentialRecord)\n    return agentContext.resolve(W3cCredentialRepository) as CredentialRepositoryForRecord<Record>\n  if (record instanceof W3cV2CredentialRecord)\n    return agentContext.resolve(W3cV2CredentialRepository) as CredentialRepositoryForRecord<Record>\n  if (record instanceof MdocRecord) return agentContext.resolve(MdocRepository) as CredentialRepositoryForRecord<Record>\n  return agentContext.resolve(SdJwtVcRepository) as CredentialRepositoryForRecord<Record>\n}\n\nfunction updateCredentialRecord(agentContext: AgentContext, record: CredentialRecord) {\n  if (record instanceof W3cCredentialRecord)\n    return agentContext.resolve(W3cCredentialRepository).update(agentContext, record)\n  if (record instanceof W3cV2CredentialRecord)\n    return agentContext.resolve(W3cV2CredentialRepository).update(agentContext, record)\n  if (record instanceof MdocRecord) return agentContext.resolve(MdocRepository).update(agentContext, record)\n  return agentContext.resolve(SdJwtVcRepository).update(agentContext, record)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyDA,SAAgB,mCAAmC,EACjD,kBACA,WAIC;AAED,KACE,YAAY,+BAA+B,SAC3C,YAAY,+BAA+B,cAC1C,YAAY,+BAA+B,wBAC1C,CAAC,6BAA6B,sBAAsB,6BAA6B,mBAAmB,CAAC,SACnG,iBAAiB,mBAClB,CAEH,QAAO;AAIT,QACE,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;;;;;;;;;;;;AAuDzE,eAAsB,gCAAiE,EACrF,kBACA,SACA,cACA,cACyG;CACzG,IAAI,gBAAgB,+BAA+B;EACjD;EACA;EACD,CAAC;AAEF,MACG,CAAC,cAAc,YAAY,cAAc,sBAC1C,eAAe,qCAAqC,OAEpD,OAAM,uBAAuB,cAAc,iBAAiB;AAG9D,MACG,CAAC,cAAc,YAAY,cAAc,sBAC1C,eAAe,qCAAqC,yBAKpD,OAFmB,oBAAoB,cAAc,iBAAiB,CAErD,mBACf,cACA,iBAAiB,IACjB,OAAO,0BAAyC;AAC9C,kBAAgB,+BAA+B;GAC7C,kBAAkB;GAClB;GACD,CAAC;AAEF,SAAO;GAEV;CAGH,IAAIA;AACJ,KAAI,4BAA4B,YAAY;EAC1C,MAAM,EAAE,uBAAuB,aAAa,cAAc;AAC1D,kCAAgC,KAAK,cAAc,sBAAsB;AACzE,gCAA8B,cAAc,YAAY,8BAA8B,UAAU;YACvF,4BAA4B,eAAe;EACpD,MAAM,EAAE,gBAAgB,aAAa,cAAc;AAEnD,kCAAgC;GAC9B,GAAG,cAAc,gBAAgB,iBAAiB,aAAa;GAC/D;GACD;YACQ,4BAA4B,qBAAqB;EAC1D,MAAM,EAAE,eAAe,cAAc;AAErC,kCACE,OAAO,eAAe,WAClB,2BAA2B,kBAAkB,WAAW,GACxD,8BAA8B,SAAS,WAAW;YAC/C,4BAA4B,uBAAuB;EAC5D,MAAM,EAAE,eAAe,cAAc;AAErC,kCAAgC,WAAW,SAAS,IAAI,GACpD,+BAA+B,YAAY,WAAW,GACtD,6BAA6B,YAAY,WAAW;OAExD,OAAM,IAAI,WAAW,0BAA0B;AAGjD,QAAO;EACL,oBAAoB;EACpB,UAAU,cAAc;EACxB,mBAAmB,cAAc;EAClC;;AAGH,SAAgB,+BAAgE,EAC9E,kBACA,WACuF;AACvF,KAAI,iBAAiB,oBAAoB,WAAW,KAAK,YAAY,+BAA+B,OAAO;EACzG,MAAM,gBACJ,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;EAEvE,MAAM,kBACJ,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;EAEvE,MAAM,cAEJ,YAAY,+BAA+B,MACvC,QAEA,YAAY,+BAA+B,uBACzC,CAAC,kBAED;AAER,MAAI,cACF,kBAAiB,qBACf,iBAAiB,uBAAuB,6BAA6B,uBACjE,6BAA6B,qBAC7B,6BAA6B;WAC1B,CAAC,YACV,OAAM,IAAI,WACR,kDAAkD,iBAAiB,KAAK,YAAY,iBAAiB,GAAG,+GAA+G,QAAQ,IAChO;AAGH,SAAO;GACL,UAAU,CAAC;GACX,oBAAoB,iBAAiB,oBAAoB;GACzD,mBAAmB;GACpB;;CAIH,MAAM,sBAAsB,iBAAiB,oBAAoB,KAAK;AACtE,KAAI,CAAC,oBACH,OAAM,IAAI,WACR,8CAA8C,iBAAiB,KAAK,YAAY,iBAAiB,GAAG,2EACrG;AAGH,QAAO;EACL,oBAAoB;EACpB,UAAU;EACV,mBAAmB;EACpB;;AAGH,SAAS,oBACP,cACA,QACuC;AACvC,KAAI,kBAAkB,oBACpB,QAAO,aAAa,QAAQ,wBAAwB;AACtD,KAAI,kBAAkB,sBACpB,QAAO,aAAa,QAAQ,0BAA0B;AACxD,KAAI,kBAAkB,WAAY,QAAO,aAAa,QAAQ,eAAe;AAC7E,QAAO,aAAa,QAAQ,kBAAkB;;AAGhD,SAAS,uBAAuB,cAA4B,QAA0B;AACpF,KAAI,kBAAkB,oBACpB,QAAO,aAAa,QAAQ,wBAAwB,CAAC,OAAO,cAAc,OAAO;AACnF,KAAI,kBAAkB,sBACpB,QAAO,aAAa,QAAQ,0BAA0B,CAAC,OAAO,cAAc,OAAO;AACrF,KAAI,kBAAkB,WAAY,QAAO,aAAa,QAAQ,eAAe,CAAC,OAAO,cAAc,OAAO;AAC1G,QAAO,aAAa,QAAQ,kBAAkB,CAAC,OAAO,cAAc,OAAO"}
+{"version":3,"file":"credentialUse.mjs","names":["transformedCredentialInstance: W3cVerifiableCredential | Mdoc | SdJwtVc | W3cV2VerifiableCredential"],"sources":["../../src/utils/credentialUse.ts"],"sourcesContent":["import { AgentContext } from '../agent'\nimport { CredoError } from '../error/CredoError'\nimport { Mdoc } from '../modules/mdoc/Mdoc'\nimport { MdocRecord, type MdocRecordInstances, MdocRepository } from '../modules/mdoc/repository'\nimport { decodeSdJwtVc } from '../modules/sd-jwt-vc/decodeSdJwtVc'\nimport { SdJwtVcRecord, type SdJwtVcRecordInstances, SdJwtVcRepository } from '../modules/sd-jwt-vc/repository'\nimport type { SdJwtVc } from '../modules/sd-jwt-vc/SdJwtVcService'\nimport {\n  W3cJsonLdVerifiableCredential,\n  W3cJwtVerifiableCredential,\n  W3cV2JwtVerifiableCredential,\n  W3cV2SdJwtVerifiableCredential,\n  type W3cV2VerifiableCredential,\n  type W3cVerifiableCredential,\n} from '../modules/vc'\nimport {\n  W3cCredentialRecord,\n  type W3cCredentialRecordInstances,\n  W3cCredentialRepository,\n  W3cV2CredentialRecord,\n  type W3cV2CredentialRecordInstances,\n  W3cV2CredentialRepository,\n} from '../modules/vc/repository'\nimport {\n  CredentialMultiInstanceState,\n  CredentialMultiInstanceUseMode,\n  CredentialMultiInstanceUseUpdateMode,\n} from './credentialUseTypes'\n\nexport { CredentialMultiInstanceUseMode, CredentialMultiInstanceUseUpdateMode, CredentialMultiInstanceState }\n\ntype CredentialRecord = W3cCredentialRecord | SdJwtVcRecord | MdocRecord | W3cV2CredentialRecord\n\ntype CredentialInstanceReturnType<Record extends CredentialRecord> = Record extends W3cCredentialRecord\n  ? W3cVerifiableCredential\n  : Record extends W3cV2CredentialRecord\n    ? W3cV2VerifiableCredential\n    : Record extends SdJwtVcRecord\n      ? SdJwtVc\n      : Record extends MdocRecord\n        ? Mdoc\n        : CredentialRecord\n\ntype CredentialRepositoryForRecord<Record extends CredentialRecord> = Record extends W3cCredentialRecord\n  ? W3cCredentialRepository\n  : Record extends W3cV2CredentialRepository\n    ? W3cV2VerifiableCredential\n    : Record extends SdJwtVcRepository\n      ? SdJwtVc\n      : Record extends MdocRepository\n        ? Mdoc\n        : W3cCredentialRepository | W3cV2CredentialRepository | SdJwtVcRepository | MdocRepository\n\n/**\n * Checks whether an instance can be used from the provided record based on\n * the required credential use mode.\n */\nexport function canUseInstanceFromCredentialRecord({\n  credentialRecord,\n  useMode,\n}: {\n  credentialRecord: CredentialRecord\n  useMode: CredentialMultiInstanceUseMode\n}) {\n  // If we're not required to use a new instance, we can always return the first instance\n  if (\n    useMode === CredentialMultiInstanceUseMode.First ||\n    useMode === CredentialMultiInstanceUseMode.NewOrFirst ||\n    (useMode === CredentialMultiInstanceUseMode.NewIfReceivedInBatch &&\n      [CredentialMultiInstanceState.SingleInstanceUnused, CredentialMultiInstanceState.SingleInstanceUsed].includes(\n        credentialRecord.multiInstanceState\n      ))\n  ) {\n    return true\n  }\n\n  // Otherwise we return whether we can use a new instance\n  return (\n    credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n    credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n  )\n}\n\nexport interface UseInstanceFromCredentialRecordOptions<Record extends CredentialRecord> {\n  agentContext: AgentContext\n\n  /**\n   * Which mode to use for usage of the credential instance. See {@link CredentialMultiInstanceUseMode} for\n   * more information on the available options\n   */\n  useMode: CredentialMultiInstanceUseMode\n  credentialRecord: Record\n\n  /**\n   * The update mode for the credential record when a new instance is used.\n   *\n   * @default `CredentialMultiInstanceUseUpdateMode.RefetchAndUpdateWithLock`\n   */\n  updateMode?: CredentialMultiInstanceUseUpdateMode\n}\n\nexport interface UseInstanceFromCredentialRecordReturn<Record extends CredentialRecord> {\n  /**\n   * The credential instance with the kms key id\n   */\n  credentialInstance: CredentialInstanceReturnType<Record>\n\n  /**\n   * If the first instance was used, this value will be `true`. The first time\n   * the first instance is used, technically the credential is not reused yet,\n   * but we make no distinction between this.\n   */\n  isReused: boolean\n\n  /**\n   * Whether the last new instance was used. If `isReused` is `true` this value will\n   * always be `false`.\n   *\n   * The last new instance is the second entry in the mdoc instances, since the first\n   * one is reserved for 'reused' usage.\n   */\n  isLastNewInstance: boolean\n}\n\n/**\n * Extract an instance with the correct kms key id from the credential instances\n * on the record. Note that if an instance is extracted (that is not reused) it\n * will remove the instance from the record, and the record should be updated in\n * storage after usage.\n *\n * Note that the last credential instance is never removed from the record. So if the\n * method indicates the last instance has been used, you should remove the credential\n * from storage if you don't want it to be used anymore in the future.\n */\nexport async function useInstanceFromCredentialRecord<Record extends CredentialRecord>({\n  credentialRecord,\n  useMode,\n  agentContext,\n  updateMode,\n}: UseInstanceFromCredentialRecordOptions<Record>): Promise<UseInstanceFromCredentialRecordReturn<Record>> {\n  let extractResult = extractInstanceAndUpdateRecord({\n    credentialRecord,\n    useMode,\n  })\n\n  if (\n    (!extractResult.isReused || extractResult.isLastNewInstance) &&\n    updateMode === CredentialMultiInstanceUseUpdateMode.Update\n  ) {\n    await updateCredentialRecord(agentContext, credentialRecord)\n  }\n\n  if (\n    (!extractResult.isReused || extractResult.isLastNewInstance) &&\n    updateMode === CredentialMultiInstanceUseUpdateMode.RefetchAndUpdateWithLock\n  ) {\n    // the method is generic, but the types don't work well generically\n    const repository = repositoryForRecord(agentContext, credentialRecord) as SdJwtVcRepository\n\n    await repository.updateByIdWithLock(\n      agentContext,\n      credentialRecord.id,\n      async (freshCredentialRecord: SdJwtVcRecord) => {\n        extractResult = extractInstanceAndUpdateRecord({\n          credentialRecord: freshCredentialRecord,\n          useMode,\n        })\n\n        return freshCredentialRecord\n      }\n    )\n  }\n\n  let transformedCredentialInstance: W3cVerifiableCredential | Mdoc | SdJwtVc | W3cV2VerifiableCredential\n  if (credentialRecord instanceof MdocRecord) {\n    const { issuerSignedBase64Url, kmsKeyId } = extractResult.credentialInstance as MdocRecordInstances[0]\n    transformedCredentialInstance = Mdoc.fromBase64Url(issuerSignedBase64Url)\n    transformedCredentialInstance.deviceKeyId = kmsKeyId ?? transformedCredentialInstance.deviceKey.legacyKeyId\n  } else if (credentialRecord instanceof SdJwtVcRecord) {\n    const { compactSdJwtVc, kmsKeyId } = extractResult.credentialInstance as SdJwtVcRecordInstances[0]\n\n    transformedCredentialInstance = {\n      ...decodeSdJwtVc(compactSdJwtVc, credentialRecord.typeMetadata),\n      kmsKeyId,\n    }\n  } else if (credentialRecord instanceof W3cCredentialRecord) {\n    const { credential } = extractResult.credentialInstance as W3cCredentialRecordInstances[0]\n\n    transformedCredentialInstance =\n      typeof credential === 'string'\n        ? W3cJwtVerifiableCredential.fromSerializedJwt(credential)\n        : W3cJsonLdVerifiableCredential.fromJson(credential)\n  } else if (credentialRecord instanceof W3cV2CredentialRecord) {\n    const { credential } = extractResult.credentialInstance as W3cV2CredentialRecordInstances[0]\n\n    transformedCredentialInstance = credential.includes('~')\n      ? W3cV2SdJwtVerifiableCredential.fromCompact(credential)\n      : W3cV2JwtVerifiableCredential.fromCompact(credential)\n  } else {\n    throw new CredoError('Unsupported record type')\n  }\n\n  return {\n    credentialInstance: transformedCredentialInstance as CredentialInstanceReturnType<Record>,\n    isReused: extractResult.isReused,\n    isLastNewInstance: extractResult.isLastNewInstance,\n  }\n}\n\nfunction extractInstanceAndUpdateRecord<Record extends CredentialRecord>({\n  credentialRecord,\n  useMode,\n}: Pick<UseInstanceFromCredentialRecordOptions<Record>, 'credentialRecord' | 'useMode'>) {\n  if (credentialRecord.credentialInstances.length === 1 || useMode === CredentialMultiInstanceUseMode.First) {\n    const isFirstUnused =\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n\n    const isMultiInstance =\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUnused ||\n      credentialRecord.multiInstanceState === CredentialMultiInstanceState.MultiInstanceFirstUsed\n\n    const allowsReuse =\n      // New does not allow reuse\n      useMode === CredentialMultiInstanceUseMode.New\n        ? false\n        : // NewIfReceivedInBatch only allows reuse if the credential was not multi instance\n          useMode === CredentialMultiInstanceUseMode.NewIfReceivedInBatch\n          ? !isMultiInstance\n          : // Otherwise we allow reuse (First or NewOrFirst)\n            true\n\n    if (isFirstUnused) {\n      credentialRecord.multiInstanceState =\n        credentialRecord.multiInstanceState === CredentialMultiInstanceState.SingleInstanceUnused\n          ? CredentialMultiInstanceState.SingleInstanceUsed\n          : CredentialMultiInstanceState.MultiInstanceFirstUsed\n    } else if (!allowsReuse) {\n      throw new CredoError(\n        `Unable to extract new credential instance from ${credentialRecord.type} with id '${credentialRecord.id}', since it only contains a single credential instance but using a new instance is required due to use mode '${useMode}'.`\n      )\n    }\n\n    return {\n      isReused: !isFirstUnused,\n      credentialInstance: credentialRecord.credentialInstances[0],\n      isLastNewInstance: isFirstUnused,\n    }\n  }\n\n  // We have multiple instances, so we pop the last one (never the first one)\n  const _credentialInstance = credentialRecord.credentialInstances.pop()\n  if (!_credentialInstance) {\n    throw new CredoError(\n      `Unable to extract credential instance from ${credentialRecord.type} with id '${credentialRecord.id}', since the credential record does not contain any credential instances.`\n    )\n  }\n\n  return {\n    credentialInstance: _credentialInstance,\n    isReused: false,\n    isLastNewInstance: false,\n  }\n}\n\nfunction repositoryForRecord<Record extends CredentialRecord>(\n  agentContext: AgentContext,\n  record: CredentialRecord\n): CredentialRepositoryForRecord<Record> {\n  if (record instanceof W3cCredentialRecord)\n    return agentContext.resolve(W3cCredentialRepository) as CredentialRepositoryForRecord<Record>\n  if (record instanceof W3cV2CredentialRecord)\n    return agentContext.resolve(W3cV2CredentialRepository) as CredentialRepositoryForRecord<Record>\n  if (record instanceof MdocRecord) return agentContext.resolve(MdocRepository) as CredentialRepositoryForRecord<Record>\n  return agentContext.resolve(SdJwtVcRepository) as CredentialRepositoryForRecord<Record>\n}\n\nfunction updateCredentialRecord(agentContext: AgentContext, record: CredentialRecord) {\n  if (record instanceof W3cCredentialRecord)\n    return agentContext.resolve(W3cCredentialRepository).update(agentContext, record)\n  if (record instanceof W3cV2CredentialRecord)\n    return agentContext.resolve(W3cV2CredentialRepository).update(agentContext, record)\n  if (record instanceof MdocRecord) return agentContext.resolve(MdocRepository).update(agentContext, record)\n  return agentContext.resolve(SdJwtVcRepository).update(agentContext, record)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyDA,SAAgB,mCAAmC,EACjD,kBACA,WAIC;AAED,KACE,YAAY,+BAA+B,SAC3C,YAAY,+BAA+B,cAC1C,YAAY,+BAA+B,wBAC1C,CAAC,6BAA6B,sBAAsB,6BAA6B,mBAAmB,CAAC,SACnG,iBAAiB,mBAClB,CAEH,QAAO;AAIT,QACE,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;;;;;;;;;;;;AAuDzE,eAAsB,gCAAiE,EACrF,kBACA,SACA,cACA,cACyG;CACzG,IAAI,gBAAgB,+BAA+B;EACjD;EACA;EACD,CAAC;AAEF,MACG,CAAC,cAAc,YAAY,cAAc,sBAC1C,eAAe,qCAAqC,OAEpD,OAAM,uBAAuB,cAAc,iBAAiB;AAG9D,MACG,CAAC,cAAc,YAAY,cAAc,sBAC1C,eAAe,qCAAqC,yBAKpD,OAFmB,oBAAoB,cAAc,iBAAiB,CAErD,mBACf,cACA,iBAAiB,IACjB,OAAO,0BAAyC;AAC9C,kBAAgB,+BAA+B;GAC7C,kBAAkB;GAClB;GACD,CAAC;AAEF,SAAO;GAEV;CAGH,IAAIA;AACJ,KAAI,4BAA4B,YAAY;EAC1C,MAAM,EAAE,uBAAuB,aAAa,cAAc;AAC1D,kCAAgC,KAAK,cAAc,sBAAsB;AACzE,gCAA8B,cAAc,YAAY,8BAA8B,UAAU;YACvF,4BAA4B,eAAe;EACpD,MAAM,EAAE,gBAAgB,aAAa,cAAc;AAEnD,kCAAgC;GAC9B,GAAG,cAAc,gBAAgB,iBAAiB,aAAa;GAC/D;GACD;YACQ,4BAA4B,qBAAqB;EAC1D,MAAM,EAAE,eAAe,cAAc;AAErC,kCACE,OAAO,eAAe,WAClB,2BAA2B,kBAAkB,WAAW,GACxD,8BAA8B,SAAS,WAAW;YAC/C,4BAA4B,uBAAuB;EAC5D,MAAM,EAAE,eAAe,cAAc;AAErC,kCAAgC,WAAW,SAAS,IAAI,GACpD,+BAA+B,YAAY,WAAW,GACtD,6BAA6B,YAAY,WAAW;OAExD,OAAM,IAAI,WAAW,0BAA0B;AAGjD,QAAO;EACL,oBAAoB;EACpB,UAAU,cAAc;EACxB,mBAAmB,cAAc;EAClC;;AAGH,SAAS,+BAAgE,EACvE,kBACA,WACuF;AACvF,KAAI,iBAAiB,oBAAoB,WAAW,KAAK,YAAY,+BAA+B,OAAO;EACzG,MAAM,gBACJ,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;EAEvE,MAAM,kBACJ,iBAAiB,uBAAuB,6BAA6B,4BACrE,iBAAiB,uBAAuB,6BAA6B;EAEvE,MAAM,cAEJ,YAAY,+BAA+B,MACvC,QAEA,YAAY,+BAA+B,uBACzC,CAAC,kBAED;AAER,MAAI,cACF,kBAAiB,qBACf,iBAAiB,uBAAuB,6BAA6B,uBACjE,6BAA6B,qBAC7B,6BAA6B;WAC1B,CAAC,YACV,OAAM,IAAI,WACR,kDAAkD,iBAAiB,KAAK,YAAY,iBAAiB,GAAG,+GAA+G,QAAQ,IAChO;AAGH,SAAO;GACL,UAAU,CAAC;GACX,oBAAoB,iBAAiB,oBAAoB;GACzD,mBAAmB;GACpB;;CAIH,MAAM,sBAAsB,iBAAiB,oBAAoB,KAAK;AACtE,KAAI,CAAC,oBACH,OAAM,IAAI,WACR,8CAA8C,iBAAiB,KAAK,YAAY,iBAAiB,GAAG,2EACrG;AAGH,QAAO;EACL,oBAAoB;EACpB,UAAU;EACV,mBAAmB;EACpB;;AAGH,SAAS,oBACP,cACA,QACuC;AACvC,KAAI,kBAAkB,oBACpB,QAAO,aAAa,QAAQ,wBAAwB;AACtD,KAAI,kBAAkB,sBACpB,QAAO,aAAa,QAAQ,0BAA0B;AACxD,KAAI,kBAAkB,WAAY,QAAO,aAAa,QAAQ,eAAe;AAC7E,QAAO,aAAa,QAAQ,kBAAkB;;AAGhD,SAAS,uBAAuB,cAA4B,QAA0B;AACpF,KAAI,kBAAkB,oBACpB,QAAO,aAAa,QAAQ,wBAAwB,CAAC,OAAO,cAAc,OAAO;AACnF,KAAI,kBAAkB,sBACpB,QAAO,aAAa,QAAQ,0BAA0B,CAAC,OAAO,cAAc,OAAO;AACrF,KAAI,kBAAkB,WAAY,QAAO,aAAa,QAAQ,eAAe,CAAC,OAAO,cAAc,OAAO;AAC1G,QAAO,aAAa,QAAQ,kBAAkB,CAAC,OAAO,cAAc,OAAO"}

package/build/utils/credentialUseTypes.d.mts

@@ -48,6 +48,30 @@ declare enum CredentialMultiInstanceUseMode {
    */
   First = "First",
 }
+declare enum CredentialMultiInstanceUseUpdateMode {
+  /**
+   * The record is not updated, which means the credential can be reused in the future even
+   * if `useMode` is set to `New`. This is generally not recommended.
+   */
+  None = "None",
+  /**
+   * Update the provided record if a new instance is used. This may result in race conditions
+   * if multiple processes are using the record at the same time (e.g. in a server environment)
+   */
+  Update = "Update",
+  /**
+   * Refetch and update the provided record with a lock. This is the safest method, but does
+   * require another re-fetch of the record. Locking is not supported on all databases backend,
+   * in which case the record will be refetched and updated without lock.
+   *
+   * Even without lock, this will still minimize the chance of race conditions and concurrent writes significantly, as
+   * with the standard `Update` the record was fetched at the time the credentials were received, which is usually before
+   * showing the request to the user and waiting for confirmation.
+   *
+   * This is the recommended option.
+   */
+  RefetchAndUpdateWithLock = "RefetchAndUpdateWithLock",
+}
 //#endregion
-export { CredentialMultiInstanceState, CredentialMultiInstanceUseMode };
+export { CredentialMultiInstanceState, CredentialMultiInstanceUseMode, CredentialMultiInstanceUseUpdateMode };
 //# sourceMappingURL=credentialUseTypes.d.mts.map

package/build/utils/credentialUseTypes.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"credentialUseTypes.d.mts","names":[],"sources":["../../src/utils/credentialUseTypes.ts"],"sourcesContent":[],"mappings":";;;;AAGY,aAAA,4BAAA;EA2BA;;;;;;;;;;;;;;;;;;;;;;aAAA,8BAAA"}
+{"version":3,"file":"credentialUseTypes.d.mts","names":[],"sources":["../../src/utils/credentialUseTypes.ts"],"sourcesContent":[],"mappings":";;;;AAGY,aAAA,4BAAA;EA2BA;AA2BZ;;;;;;;;;;;;;;;;;;;;;aA3BY,8BAAA;;;;;;;;;;;;;;;;;;;;;;;aA2BA,oCAAA"}

package/package.json

@@ -4,7 +4,7 @@
     ".": "./build/index.mjs",
     "./package.json": "./package.json"
   },
-  "version": "0.6.1-alpha-20251205125423",
+  "version": "0.6.1-alpha-20251208081705",
   "files": [
     "build"
   ],