@credo-ts/drizzle-storage 0.6.0-pr-2324-20250708122805 → 0.6.0-pr-2324-20250709075226

package/src/openid4vc/openid4vc-issuance-session/sqlite.ts

@@ -0,0 +1,54 @@
+import {
+  OpenId4VcIssuanceSessionAuthorization,
+  OpenId4VcIssuanceSessionDpop,
+  OpenId4VcIssuanceSessionPresentation,
+  OpenId4VcIssuanceSessionRecord,
+  OpenId4VcIssuanceSessionState,
+  OpenId4VcIssuanceSessionWalletAttestation,
+  OpenId4VciCredentialOfferPayload,
+} from '@credo-ts/openid4vc'
+import { sqliteTable, text } from 'drizzle-orm/sqlite-core'
+import { getSqliteBaseRecordTable, sqliteBaseRecordIndexes } from '../../sqlite/baseRecord'
+import { openid4vcIssuer } from '../sqlite'
+
+export const openId4VcIssuanceSession = sqliteTable(
+  'OpenId4VcIssuanceSession',
+  {
+    ...getSqliteBaseRecordTable(),
+
+    issuerId: text('issuer_id')
+      .notNull()
+      .references(() => openid4vcIssuer.issuerId, { onDelete: 'cascade' }),
+
+    state: text().$type<OpenId4VcIssuanceSessionState>().notNull(),
+    issuedCredentials: text('issued_credentials', { mode: 'json' }).$type<string[]>(),
+
+    // Pre-authorized flow
+    preAuthorizedCode: text('pre_authorized_code'),
+    userPin: text('user_pin'),
+
+    // Client and authentication
+    clientId: text('client_id'),
+
+    pkce: text({ mode: 'json' }).$type<NonNullable<OpenId4VcIssuanceSessionRecord['pkce']>>(),
+    walletAttestation: text('wallet_attestation', { mode: 'json' }).$type<OpenId4VcIssuanceSessionWalletAttestation>(),
+    dpop: text({ mode: 'json' }).$type<OpenId4VcIssuanceSessionDpop>(),
+    authorization: text({ mode: 'json' }).$type<
+      Omit<OpenId4VcIssuanceSessionAuthorization, 'codeExpiresAt'> & { codeExpiresAt?: string }
+    >(),
+    presentation: text({ mode: 'json' }).$type<OpenId4VcIssuanceSessionPresentation>(),
+
+    // Metadata and error handling
+    issuanceMetadata: text('issuance_metadata', { mode: 'json' }).$type<Record<string, unknown>>(),
+
+    // Credential offer
+    credentialOfferUri: text('credential_offer_uri'),
+    credentialOfferId: text('credential_offer_id'),
+    credentialOfferPayload: text('credential_offer_payload', { mode: 'json' })
+      .$type<OpenId4VciCredentialOfferPayload>()
+      .notNull(),
+
+    errorMessage: text('error_message'),
+  },
+  (table) => sqliteBaseRecordIndexes(table, 'openId4VcIssuanceSession')
+)

package/src/openid4vc/openid4vc-issuer/DrizzleOpenid4vcIssuerRecordAdapter.ts

@@ -0,0 +1,50 @@
+import { JsonTransformer, TagsBase } from '@credo-ts/core'
+
+import { OpenId4VcIssuerRecord } from '@credo-ts/openid4vc'
+import { DrizzleDatabase } from '../../DrizzleDatabase'
+import {
+  BaseDrizzleRecordAdapter,
+  DrizzleAdapterRecordValues,
+  DrizzleAdapterValues,
+} from '../../adapter/BaseDrizzleRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+type DrizzleOpenid4vcIssuerAdapterValues = DrizzleAdapterRecordValues<(typeof sqlite)['openid4vcIssuer']>
+export class DrizzleOpenid4vcIssuerRecordAdapter extends BaseDrizzleRecordAdapter<
+  OpenId4VcIssuerRecord,
+  typeof postgres.openid4vcIssuer,
+  typeof postgres,
+  typeof sqlite.openid4vcIssuer,
+  typeof sqlite
+> {
+  public constructor(database: DrizzleDatabase<typeof postgres, typeof sqlite>) {
+    super(database, { postgres: postgres.openid4vcIssuer, sqlite: sqlite.openid4vcIssuer }, 'OpenId4VcIssuerRecord')
+  }
+
+  public getValues(record: OpenId4VcIssuerRecord): DrizzleAdapterValues<(typeof sqlite)['openid4vcIssuer']> {
+    const { issuerId, ...customTags } = record.getTags()
+
+    return {
+      issuerId,
+      accessTokenPublicJwk: record.accessTokenPublicJwk,
+      accessTokenPublicKeyFingerprint: record.accessTokenPublicKeyFingerprint,
+      credentialConfigurationsSupported: record.credentialConfigurationsSupported,
+      dpopSigningAlgValuesSupported: record.dpopSigningAlgValuesSupported,
+      display: record.display,
+      authorizationServerConfigs: record.authorizationServerConfigs,
+      batchCredentialIssuance: record.batchCredentialIssuance,
+
+      customTags,
+    }
+  }
+
+  public toRecord(values: DrizzleOpenid4vcIssuerAdapterValues): OpenId4VcIssuerRecord {
+    const { customTags, ...remainingValues } = values
+
+    const record = JsonTransformer.fromJSON(remainingValues, OpenId4VcIssuerRecord)
+    if (customTags) record.setTags(customTags as TagsBase)
+
+    return record
+  }
+}

package/src/openid4vc/openid4vc-issuer/index.ts

@@ -0,0 +1,10 @@
+import { DrizzleRecord } from '../../DrizzleRecord'
+import { DrizzleOpenid4vcIssuerRecordAdapter } from './DrizzleOpenid4vcIssuerRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+export const openid4vcIssuerDrizzleRecord = {
+  adapter: DrizzleOpenid4vcIssuerRecordAdapter,
+  postgres,
+  sqlite,
+} satisfies DrizzleRecord

package/src/openid4vc/openid4vc-issuer/postgres.ts

@@ -0,0 +1,31 @@
+import { Kms } from '@credo-ts/core'
+import {
+  OpenId4VciAuthorizationServerConfig,
+  OpenId4VciBatchCredentialIssuanceOptions,
+  OpenId4VciCredentialConfigurationsSupportedWithFormats,
+  OpenId4VciCredentialIssuerMetadataDisplay,
+} from '@credo-ts/openid4vc'
+import { jsonb, pgTable, text } from 'drizzle-orm/pg-core'
+import { getPostgresBaseRecordTable, postgresBaseRecordIndexes } from '../../postgres/baseRecord'
+
+export const openid4vcIssuer = pgTable(
+  'Openid4vcIssuer',
+  {
+    ...getPostgresBaseRecordTable(),
+
+    issuerId: text('issuer_id').unique().notNull(),
+    accessTokenPublicKeyFingerprint: jsonb('access_token_public_key_fingerprint'),
+    accessTokenPublicJwk: jsonb('access_token_public_jwk').$type<Kms.KmsJwkPublicAsymmetric>(),
+
+    credentialConfigurationsSupported: jsonb('credential_configurations_supported')
+      .$type<OpenId4VciCredentialConfigurationsSupportedWithFormats>()
+      .notNull(),
+    display: jsonb().$type<OpenId4VciCredentialIssuerMetadataDisplay[]>(),
+    authorizationServerConfigs: jsonb('authorization_server_configs').$type<OpenId4VciAuthorizationServerConfig[]>(),
+    dpopSigningAlgValuesSupported: jsonb('dpop_signing_alg_values_supported').$type<
+      [Kms.KnownJwaSignatureAlgorithm, ...Kms.KnownJwaSignatureAlgorithm[]]
+    >(),
+    batchCredentialIssuance: text('batch_credential_issuance').$type<OpenId4VciBatchCredentialIssuanceOptions>(),
+  },
+  (table) => postgresBaseRecordIndexes(table, 'openid4vcIssuer')
+)

package/src/openid4vc/openid4vc-issuer/sqlite.ts

@@ -0,0 +1,40 @@
+import { Kms } from '@credo-ts/core'
+import {
+  OpenId4VciAuthorizationServerConfig,
+  OpenId4VciBatchCredentialIssuanceOptions,
+  OpenId4VciCredentialConfigurationsSupportedWithFormats,
+  OpenId4VciCredentialIssuerMetadataDisplay,
+} from '@credo-ts/openid4vc'
+import { sqliteTable, text } from 'drizzle-orm/sqlite-core'
+import { getSqliteBaseRecordTable, sqliteBaseRecordIndexes } from '../../sqlite/baseRecord'
+
+export const openid4vcIssuer = sqliteTable(
+  'Openid4vcIssuer',
+  {
+    ...getSqliteBaseRecordTable(),
+
+    // NOTE: generally we don't have unique constraints on single fields,
+    // (always in combination with the context correlation id), but for issuer
+    // id, it will actually cause issues, since we use the issuerId in the public
+    // url and map that to the context correlation id.
+    issuerId: text('issuer_id').notNull().unique(),
+
+    accessTokenPublicKeyFingerprint: text('access_token_public_key_fingerprint', {
+      mode: 'json',
+    }),
+    accessTokenPublicJwk: text('access_token_public_jwk', { mode: 'json' }).$type<Kms.KmsJwkPublicAsymmetric>(),
+
+    credentialConfigurationsSupported: text('credential_configurations_supported', { mode: 'json' })
+      .$type<OpenId4VciCredentialConfigurationsSupportedWithFormats>()
+      .notNull(),
+    display: text({ mode: 'json' }).$type<OpenId4VciCredentialIssuerMetadataDisplay[]>(),
+    authorizationServerConfigs: text('authorization_server_configs', { mode: 'json' }).$type<
+      OpenId4VciAuthorizationServerConfig[]
+    >(),
+    dpopSigningAlgValuesSupported: text('dpop_signing_alg_values_supported', { mode: 'json' }).$type<
+      [Kms.KnownJwaSignatureAlgorithm, ...Kms.KnownJwaSignatureAlgorithm[]]
+    >(),
+    batchCredentialIssuance: text('batch_credential_issuance').$type<OpenId4VciBatchCredentialIssuanceOptions>(),
+  },
+  (table) => sqliteBaseRecordIndexes(table, 'openid4vcIssuer')
+)

package/src/openid4vc/openid4vc-verification-session/DrizzleOpenId4VcVerificationSessionRecordAdapter.ts

@@ -0,0 +1,62 @@
+import { JsonTransformer, TagsBase } from '@credo-ts/core'
+
+import { OpenId4VcVerificationSessionRecord } from '@credo-ts/openid4vc'
+import { DrizzleDatabase } from '../../DrizzleDatabase'
+import {
+  BaseDrizzleRecordAdapter,
+  DrizzleAdapterRecordValues,
+  DrizzleAdapterValues,
+} from '../../adapter/BaseDrizzleRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+type DrizzleOpenId4VcVerificationSessionAdapterValues = DrizzleAdapterRecordValues<
+  (typeof sqlite)['openId4VcVerificationSession']
+>
+export class DrizzleOpenId4VcVerificationSessionRecordAdapter extends BaseDrizzleRecordAdapter<
+  OpenId4VcVerificationSessionRecord,
+  typeof postgres.openId4VcVerificationSession,
+  typeof postgres,
+  typeof sqlite.openId4VcVerificationSession,
+  typeof sqlite
+> {
+  public constructor(database: DrizzleDatabase<typeof postgres, typeof sqlite>) {
+    super(
+      database,
+      { postgres: postgres.openId4VcVerificationSession, sqlite: sqlite.openId4VcVerificationSession },
+      'OpenId4VcVerificationSessionRecord'
+    )
+  }
+
+  public getValues(
+    record: OpenId4VcVerificationSessionRecord
+  ): DrizzleAdapterValues<(typeof sqlite)['openId4VcVerificationSession']> {
+    const { authorizationRequestId, authorizationRequestUri, nonce, payloadState, state, verifierId, ...customTags } =
+      record.getTags()
+
+    return {
+      authorizationRequestJwt: record.authorizationRequestJwt,
+      authorizationRequestPayload: record.authorizationRequestPayload,
+      authorizationResponsePayload: record.authorizationResponsePayload,
+      errorMessage: record.errorMessage,
+      expiresAt: record.expiresAt,
+      presentationDuringIssuanceSession: record.presentationDuringIssuanceSession,
+      authorizationRequestId,
+      authorizationRequestUri,
+      nonce,
+      payloadState,
+      state,
+      verifierId,
+      customTags,
+    }
+  }
+
+  public toRecord(values: DrizzleOpenId4VcVerificationSessionAdapterValues): OpenId4VcVerificationSessionRecord {
+    const { customTags, nonce, payloadState, ...remainingValues } = values
+
+    const record = JsonTransformer.fromJSON(remainingValues, OpenId4VcVerificationSessionRecord)
+    if (customTags) record.setTags(customTags as TagsBase)
+
+    return record
+  }
+}

package/src/openid4vc/openid4vc-verification-session/index.ts

@@ -0,0 +1,10 @@
+import { DrizzleRecord } from '../../DrizzleRecord'
+import { DrizzleOpenId4VcVerificationSessionRecordAdapter } from './DrizzleOpenId4VcVerificationSessionRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+export const openId4VcVerificationSessionDrizzleRecord = {
+  adapter: DrizzleOpenId4VcVerificationSessionRecordAdapter,
+  postgres,
+  sqlite,
+} satisfies DrizzleRecord

package/src/openid4vc/openid4vc-verification-session/postgres.ts

@@ -0,0 +1,46 @@
+import {
+  OpenId4VcVerificationSessionState,
+  OpenId4VpAuthorizationRequestPayload,
+  OpenId4VpAuthorizationResponsePayload,
+} from '@credo-ts/openid4vc'
+import { jsonb, pgEnum, pgTable, text, timestamp } from 'drizzle-orm/pg-core'
+import { getPostgresBaseRecordTable, postgresBaseRecordIndexes } from '../../postgres/baseRecord'
+import { openid4vcVerifier } from '../postgres'
+
+export const openId4VcVerificationSessionStateEnum = pgEnum(
+  'OpenId4VcVerificationSessionState',
+  OpenId4VcVerificationSessionState
+)
+
+export const openId4VcVerificationSession = pgTable(
+  'OpenId4VcVerificationSession',
+  {
+    ...getPostgresBaseRecordTable(),
+
+    verifierId: text('verifier_id')
+      .notNull()
+      .references(() => openid4vcVerifier.verifierId, { onDelete: 'cascade' }),
+
+    state: openId4VcVerificationSessionStateEnum().notNull(),
+    errorMessage: text('error_message'),
+
+    authorizationRequestJwt: text('authorization_request_jwt'),
+    authorizationRequestPayload: jsonb('authorization_request_payload').$type<OpenId4VpAuthorizationRequestPayload>(),
+    authorizationRequestUri: text('authorization_request_uri'),
+    authorizationRequestId: text('authorization_request_id'),
+
+    expiresAt: timestamp('expires_at', {
+      withTimezone: true,
+      precision: 3,
+    }),
+    authorizationResponsePayload: jsonb(
+      'authorization_response_payload'
+    ).$type<OpenId4VpAuthorizationResponsePayload>(),
+    presentationDuringIssuanceSession: text('presentation_during_issuance_session'),
+
+    // These tags may be encoded in a JWT, so we need to duplicate them
+    nonce: text().notNull(),
+    payloadState: text('payload_state'),
+  },
+  (table) => postgresBaseRecordIndexes(table, 'openId4VcVerificationSession')
+)

package/src/openid4vc/openid4vc-verification-session/sqlite.ts

@@ -0,0 +1,40 @@
+import {
+  OpenId4VcVerificationSessionState,
+  OpenId4VpAuthorizationRequestPayload,
+  OpenId4VpAuthorizationResponsePayload,
+} from '@credo-ts/openid4vc'
+import { integer, sqliteTable, text } from 'drizzle-orm/sqlite-core'
+import { getSqliteBaseRecordTable, sqliteBaseRecordIndexes } from '../../sqlite/baseRecord'
+import { openid4vcVerifier } from '../sqlite'
+
+export const openId4VcVerificationSession = sqliteTable(
+  'OpenId4VcVerificationSession',
+  {
+    ...getSqliteBaseRecordTable(),
+
+    verifierId: text('verifier_id')
+      .notNull()
+      .references(() => openid4vcVerifier.verifierId, { onDelete: 'cascade' }),
+
+    state: text().$type<OpenId4VcVerificationSessionState>().notNull(),
+    errorMessage: text('error_message'),
+
+    authorizationRequestJwt: text('authorization_request_jwt'),
+    authorizationRequestPayload: text('authorization_request_payload', {
+      mode: 'json',
+    }).$type<OpenId4VpAuthorizationRequestPayload>(),
+    authorizationRequestUri: text('authorization_request_uri'),
+    authorizationRequestId: text('authorization_request_id'),
+
+    expiresAt: integer('expires_at', { mode: 'timestamp_ms' }),
+    authorizationResponsePayload: text('authorization_response_payload', {
+      mode: 'json',
+    }).$type<OpenId4VpAuthorizationResponsePayload>(),
+    presentationDuringIssuanceSession: text('presentation_during_issuance_session'),
+
+    // These tags may be encoded in a JWT, so we need to duplicate them
+    nonce: text().notNull(),
+    payloadState: text('payload_state'),
+  },
+  (table) => sqliteBaseRecordIndexes(table, 'openId4VcVerificationSession')
+)

package/src/openid4vc/openid4vc-verifier/DrizzleOpenid4vcVerifierRecordAdapter.ts

@@ -0,0 +1,43 @@
+import { JsonTransformer, TagsBase } from '@credo-ts/core'
+
+import { OpenId4VcVerifierRecord } from '@credo-ts/openid4vc'
+import { DrizzleDatabase } from '../../DrizzleDatabase'
+import { BaseDrizzleRecordAdapter, DrizzleAdapterRecordValues } from '../../adapter/BaseDrizzleRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+type DrizzleOpenid4vcVerifierAdapterValues = DrizzleAdapterRecordValues<(typeof sqlite)['openid4vcVerifier']>
+export class DrizzleOpenid4vcVerifierRecordAdapter extends BaseDrizzleRecordAdapter<
+  OpenId4VcVerifierRecord,
+  typeof postgres.openid4vcVerifier,
+  typeof postgres,
+  typeof sqlite.openid4vcVerifier,
+  typeof sqlite
+> {
+  public constructor(database: DrizzleDatabase<typeof postgres, typeof sqlite>) {
+    super(
+      database,
+      { postgres: postgres.openid4vcVerifier, sqlite: sqlite.openid4vcVerifier },
+      'OpenId4VcVerifierRecord'
+    )
+  }
+
+  public getValues(record: OpenId4VcVerifierRecord) {
+    const { verifierId, ...customTags } = record.getTags()
+
+    return {
+      verifierId,
+      clientMetadata: record.clientMetadata,
+      customTags,
+    }
+  }
+
+  public toRecord(values: DrizzleOpenid4vcVerifierAdapterValues): OpenId4VcVerifierRecord {
+    const { customTags, ...remainingValues } = values
+
+    const record = JsonTransformer.fromJSON(remainingValues, OpenId4VcVerifierRecord)
+    if (customTags) record.setTags(customTags as TagsBase)
+
+    return record
+  }
+}

package/src/openid4vc/openid4vc-verifier/index.ts

@@ -0,0 +1,10 @@
+import { DrizzleRecord } from '../../DrizzleRecord'
+import { DrizzleOpenid4vcVerifierRecordAdapter } from './DrizzleOpenid4vcVerifierRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+export const openid4vcVerifierDrizzleRecord = {
+  adapter: DrizzleOpenid4vcVerifierRecordAdapter,
+  postgres,
+  sqlite,
+} satisfies DrizzleRecord

package/src/openid4vc/openid4vc-verifier/postgres.ts

@@ -0,0 +1,14 @@
+import { jsonb, pgTable, text } from 'drizzle-orm/pg-core'
+import { getPostgresBaseRecordTable, postgresBaseRecordIndexes } from '../../postgres/baseRecord'
+
+import { OpenId4VpVerifierClientMetadata } from '@credo-ts/openid4vc'
+
+export const openid4vcVerifier = pgTable(
+  'Openid4vcVerifier',
+  {
+    ...getPostgresBaseRecordTable(),
+    verifierId: text('verifier_id').unique().notNull(),
+    clientMetadata: jsonb('client_metadata').$type<OpenId4VpVerifierClientMetadata>(),
+  },
+  (table) => postgresBaseRecordIndexes(table, 'openid4vcVerifier')
+)

package/src/openid4vc/openid4vc-verifier/sqlite.ts

@@ -0,0 +1,19 @@
+import { OpenId4VpVerifierClientMetadata } from '@credo-ts/openid4vc'
+import { sqliteTable, text } from 'drizzle-orm/sqlite-core'
+import { getSqliteBaseRecordTable, sqliteBaseRecordIndexes } from '../../sqlite/baseRecord'
+
+export const openid4vcVerifier = sqliteTable(
+  'Openid4vcVerifier',
+  {
+    ...getSqliteBaseRecordTable(),
+
+    // NOTE: generally we don't have unique constraints on single fields,
+    // (always in combination with the context correlation id), but for verifier
+    // id, it will actually cause issues, since we use the verifierId in the public
+    // url and map that to the context correlation id.
+    verifierId: text('verifier_id').unique().notNull(),
+
+    clientMetadata: text('client_metadata', { mode: 'json' }).$type<OpenId4VpVerifierClientMetadata>(),
+  },
+  (table) => sqliteBaseRecordIndexes(table, 'openid4vcVerifier')
+)

package/src/openid4vc/postgres.ts

@@ -0,0 +1,4 @@
+export * from './openid4vc-issuer/postgres'
+export * from './openid4vc-issuance-session/postgres'
+export * from './openid4vc-verifier/postgres'
+export * from './openid4vc-verification-session/postgres'

package/src/openid4vc/sqlite.ts

@@ -0,0 +1,4 @@
+export * from './openid4vc-issuer/sqlite'
+export * from './openid4vc-issuance-session/sqlite'
+export * from './openid4vc-verifier/sqlite'
+export * from './openid4vc-verification-session/sqlite'

package/src/postgres/baseRecord.ts

@@ -0,0 +1,44 @@
+import { ExtraConfigColumn, foreignKey, jsonb, primaryKey, text, timestamp } from 'drizzle-orm/pg-core'
+import { context } from '../core/context/postgres'
+
+export const getPostgresBaseRecordTable = () =>
+  ({
+    contextCorrelationId: text('context_correlation_id').notNull(),
+    id: text().notNull(),
+
+    // createdAt is set in credo, to avoid having to query the
+    // value from the database after creation
+    createdAt: timestamp('created_at', {
+      withTimezone: true,
+      precision: 3,
+    }).notNull(),
+
+    // updatedAt is updated in credo, to avoid having to query the updated
+    // value from the database after an update
+    updatedAt: timestamp('updated_at', {
+      withTimezone: true,
+      precision: 3,
+    }).notNull(),
+
+    metadata: jsonb().$type<Record<string, Record<string, unknown> | undefined>>(),
+    customTags: jsonb('custom_tags').$type<Record<string, string | number | boolean | null | string[]>>(),
+  }) as const
+
+// Define common base indexes that all tables should have
+export const postgresBaseRecordIndexes = <
+  // biome-ignore lint/suspicious/noExplicitAny: <explanation>
+  Table extends { contextCorrelationId: ExtraConfigColumn<any>; id: ExtraConfigColumn<any> },
+>(
+  table: Table,
+  tableName: string
+) => {
+  return [
+    // Composite primary key on each table with id + context correlation id
+    primaryKey({ columns: [table.contextCorrelationId, table.id], name: `${tableName}_pk` }),
+    foreignKey({
+      columns: [table.contextCorrelationId],
+      foreignColumns: [context.contextCorrelationId],
+      name: `${tableName}_fk_context`,
+    }).onDelete('cascade'),
+  ]
+}

package/src/postgres/index.ts

@@ -0,0 +1 @@
+export { getPostgresBaseRecordTable, postgresBaseRecordIndexes } from './baseRecord'

package/src/question-answer/bundle.ts

@@ -0,0 +1,18 @@
+import { DrizzleRecordBundle } from '../DrizzleRecord'
+import { didcommQuestionAnswerDrizzleRecord } from './question-answer'
+
+export default {
+  name: 'question-answer',
+  records: [didcommQuestionAnswerDrizzleRecord],
+
+  migrations: {
+    postgres: {
+      schemaModule: '@credo-ts/drizzle-storage/question-answer/postgres',
+      migrationsPath: '../../migrations/question-answer/postgres',
+    },
+    sqlite: {
+      schemaModule: '@credo-ts/drizzle-storage/question-answer/sqlite',
+      migrationsPath: '../../migrations/question-answer/sqlite',
+    },
+  },
+} as const satisfies DrizzleRecordBundle

package/src/question-answer/postgres.ts

@@ -0,0 +1 @@
+export * from './question-answer/postgres'

package/src/question-answer/question-answer/DrizzleDidcommQuestionAnswerRecordAdapter.ts

@@ -0,0 +1,52 @@
+import { JsonTransformer, TagsBase } from '@credo-ts/core'
+
+import { QuestionAnswerRecord } from '@credo-ts/question-answer'
+import { DrizzleDatabase } from '../../DrizzleDatabase'
+import { BaseDrizzleRecordAdapter, DrizzleAdapterRecordValues } from '../../adapter/BaseDrizzleRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+type DrizzleDidcommQuestionAnswerAdapterValues = DrizzleAdapterRecordValues<(typeof sqlite)['didcommQuestionAnswer']>
+export class DrizzleDidcommQuestionAnswerRecordAdapter extends BaseDrizzleRecordAdapter<
+  QuestionAnswerRecord,
+  typeof postgres.didcommQuestionAnswer,
+  typeof postgres,
+  typeof sqlite.didcommQuestionAnswer,
+  typeof sqlite
+> {
+  public constructor(database: DrizzleDatabase<typeof postgres, typeof sqlite>) {
+    super(
+      database,
+      { postgres: postgres.didcommQuestionAnswer, sqlite: sqlite.didcommQuestionAnswer },
+      'QuestionAnswerRecord'
+    )
+  }
+
+  public getValues(record: QuestionAnswerRecord) {
+    const { connectionId, role, state, threadId, ...customTags } = record.getTags()
+
+    return {
+      state,
+      role,
+      connectionId,
+      threadId,
+
+      questionText: record.questionText,
+      questionDetail: record.questionDetail,
+      validResponses: record.validResponses,
+      signatureRequired: record.signatureRequired,
+      response: record.response,
+
+      customTags,
+    }
+  }
+
+  public toRecord(values: DrizzleDidcommQuestionAnswerAdapterValues): QuestionAnswerRecord {
+    const { customTags, ...remainingValues } = values
+
+    const record = JsonTransformer.fromJSON(remainingValues, QuestionAnswerRecord)
+    if (customTags) record.setTags(customTags as TagsBase)
+
+    return record
+  }
+}

package/src/question-answer/question-answer/index.ts

@@ -0,0 +1,10 @@
+import { DrizzleRecord } from '../../DrizzleRecord'
+import { DrizzleDidcommQuestionAnswerRecordAdapter } from './DrizzleDidcommQuestionAnswerRecordAdapter'
+import * as postgres from './postgres'
+import * as sqlite from './sqlite'
+
+export const didcommQuestionAnswerDrizzleRecord = {
+  adapter: DrizzleDidcommQuestionAnswerRecordAdapter,
+  postgres,
+  sqlite,
+} satisfies DrizzleRecord

package/src/question-answer/question-answer/postgres.ts

@@ -0,0 +1,34 @@
+import { QuestionAnswerRole, QuestionAnswerState, ValidResponse } from '@credo-ts/question-answer'
+import { boolean, foreignKey, jsonb, pgEnum, pgTable, text, unique } from 'drizzle-orm/pg-core'
+import { didcommConnection } from '../../didcomm/connection/postgres'
+import { getPostgresBaseRecordTable, postgresBaseRecordIndexes } from '../../postgres/baseRecord'
+
+export const didcommQuestionAnswerStateEnum = pgEnum('DidcommQuestionAnswerState', QuestionAnswerState)
+export const didcommQuestionAnswerRoleEnum = pgEnum('DidcommQuestionAnswerRole', QuestionAnswerRole)
+
+export const didcommQuestionAnswer = pgTable(
+  'DidcommQuestionAnswer',
+  {
+    ...getPostgresBaseRecordTable(),
+
+    state: didcommQuestionAnswerStateEnum().notNull(),
+    role: didcommQuestionAnswerRoleEnum().notNull(),
+
+    connectionId: text('connection_id').notNull(),
+    threadId: text('thread_id').notNull(),
+
+    questionText: text('question_text').notNull(),
+    questionDetail: text('question_detail'),
+    validResponses: jsonb('valid_responses').notNull().$type<ValidResponse[]>(),
+    signatureRequired: boolean('signature_required').notNull(),
+    response: text(),
+  },
+  (table) => [
+    ...postgresBaseRecordIndexes(table, 'didcommQuestionAnswer'),
+    unique().on(table.contextCorrelationId, table.threadId),
+    foreignKey({
+      columns: [table.connectionId, table.contextCorrelationId],
+      foreignColumns: [didcommConnection.id, didcommConnection.contextCorrelationId],
+    }).onDelete('cascade'),
+  ]
+)

package/src/question-answer/question-answer/sqlite.ts

@@ -0,0 +1,32 @@
+import { foreignKey, integer, sqliteTable, text, unique } from 'drizzle-orm/sqlite-core'
+
+import { QuestionAnswerRole, QuestionAnswerState, ValidResponse } from '@credo-ts/question-answer'
+import { didcommConnection } from '../../didcomm/connection/sqlite'
+import { getSqliteBaseRecordTable, sqliteBaseRecordIndexes } from '../../sqlite/baseRecord'
+
+export const didcommQuestionAnswer = sqliteTable(
+  'DidcommQuestionAnswer',
+  {
+    ...getSqliteBaseRecordTable(),
+
+    state: text('state').$type<QuestionAnswerState>().notNull(),
+    role: text('role').$type<QuestionAnswerRole>().notNull(),
+
+    connectionId: text('connection_id').notNull(),
+    threadId: text('thread_id').notNull(),
+
+    questionText: text('question_text').notNull(),
+    questionDetail: text('question_detail'),
+    validResponses: text('valid_responses', { mode: 'json' }).notNull().$type<ValidResponse[]>(),
+    signatureRequired: integer('signature_required', { mode: 'boolean' }).notNull(),
+    response: text(),
+  },
+  (table) => [
+    ...sqliteBaseRecordIndexes(table, 'didcommQuestionAnswer'),
+    unique().on(table.contextCorrelationId, table.threadId),
+    foreignKey({
+      columns: [table.connectionId, table.contextCorrelationId],
+      foreignColumns: [didcommConnection.id, didcommConnection.contextCorrelationId],
+    }).onDelete('cascade'),
+  ]
+)

package/src/question-answer/sqlite.ts

@@ -0,0 +1 @@
+export * from './question-answer/sqlite'