@did-btcr2/method 0.27.0 → 0.29.0

package/src/core/updater.ts

@@ -0,0 +1,415 @@
+import type { BitcoinConnection } from '@did-btcr2/bitcoin';
+import type { KeyBytes, PatchOperation } from '@did-btcr2/common';
+import { canonicalHash, INVALID_DID_UPDATE, JSONPatch, UpdateError } from '@did-btcr2/common';
+import { SchnorrMultikey, type DataIntegrityConfig, type SignedBTCR2Update, type UnsignedBTCR2Update } from '@did-btcr2/cryptosuite';
+import { DidDocument, type Btcr2DidDocument, type DidVerificationMethod } from '../utils/did-document.js';
+import { BeaconFactory } from './beacon/factory.js';
+import type { BeaconService } from './beacon/interfaces.js';
+
+// ─── DataNeed types ──────────────────────────────────────────────────────────
+
+/**
+ * The updater needs the caller to supply a signing key (or a KMS-backed signature)
+ * for the given verification method. The unsigned update is attached so the caller
+ * can inspect it before producing a signature.
+ */
+export interface NeedSigningKey {
+  readonly kind: 'NeedSigningKey';
+  /** The verification method ID that requires a signing key. */
+  readonly verificationMethodId: string;
+  /** The unsigned update that will be signed. */
+  readonly unsignedUpdate: UnsignedBTCR2Update;
+}
+
+/**
+ * The updater needs the caller to ensure the beacon address is funded before
+ * broadcasting. The caller checks the beacon address for UTXOs, funds it if
+ * needed, and then calls `updater.provide(need)` to continue.
+ *
+ * If the beacon is already funded, the caller can provide immediately (no-op).
+ */
+export interface NeedFunding {
+  readonly kind: 'NeedFunding';
+  /** The Bitcoin address that must have a spendable UTXO for broadcast. */
+  readonly beaconAddress: string;
+  /** The beacon service this address belongs to. */
+  readonly beaconService: BeaconService;
+}
+
+/**
+ * The updater needs the caller to broadcast the signed update via the beacon.
+ *
+ * The caller decides how: for single-party beacons, call
+ * `Updater.announce(beaconService, signedUpdate, secretKey, bitcoin)` or
+ * `BeaconFactory.establish(beaconService).broadcastSignal(...)`. For multi-party
+ * aggregate beacons, hand off to the aggregation protocol.
+ *
+ * After the broadcast succeeds, the caller calls `updater.provide(need)` (with no
+ * data) to transition the updater to Complete.
+ */
+export interface NeedBroadcast {
+  readonly kind: 'NeedBroadcast';
+  /** The beacon service to broadcast through. Inspect `beaconService.type` to decide the path. */
+  readonly beaconService: BeaconService;
+  /** The signed update ready for broadcast. */
+  readonly signedUpdate: SignedBTCR2Update;
+}
+
+/** Discriminated union of all data needs the updater may request from the caller. */
+export type UpdaterDataNeed = NeedSigningKey | NeedFunding | NeedBroadcast;
+
+/**
+ * The result returned by the updater when it reaches the Complete phase.
+ */
+export interface UpdaterResult {
+  /** The signed update that was constructed, signed, and broadcast. */
+  signedUpdate: SignedBTCR2Update;
+}
+
+/**
+ * Output of {@link Updater.advance}. Either the updater needs data from the
+ * caller, or the update is complete.
+ */
+export type UpdaterState =
+  | { status: 'action-required'; needs: ReadonlyArray<UpdaterDataNeed> }
+  | { status: 'complete'; result: UpdaterResult };
+
+/**
+ * Internal phases of the Updater state machine.
+ * @internal
+ */
+enum UpdaterPhase {
+  Construct = 'Construct',
+  Sign      = 'Sign',
+  Fund      = 'Fund',
+  Broadcast = 'Broadcast',
+  Complete  = 'Complete',
+}
+
+/**
+ * Parameters for constructing an {@link Updater}. Built by
+ * {@link https://dcdpr.github.io/did-btcr2/operations/update.html | DidBtcr2.update}.
+ */
+export interface UpdaterParams {
+  sourceDocument: Btcr2DidDocument;
+  patches: PatchOperation[];
+  sourceVersionId: number;
+  verificationMethod: DidVerificationMethod;
+  beaconService: BeaconService;
+}
+
+/**
+ * Sans-I/O state machine for did:btcr2 updates — the counterpart to {@link Resolver}.
+ *
+ * Created by {@link DidBtcr2.update} (the factory). The caller drives the update by
+ * repeatedly calling {@link advance} and {@link provide}:
+ *
+ * ```typescript
+ * const updater = DidBtcr2.update({ sourceDocument, patches, ... });
+ * let state = updater.advance();
+ *
+ * while(state.status === 'action-required') {
+ *   for(const need of state.needs) {
+ *     switch(need.kind) {
+ *       case 'NeedSigningKey':
+ *         updater.provide(need, secretKeyBytes);
+ *         break;
+ *       case 'NeedFunding':
+ *         // Check UTXOs at need.beaconAddress, fund if needed
+ *         updater.provide(need);
+ *         break;
+ *       case 'NeedBroadcast':
+ *         await Updater.announce(need.beaconService, need.signedUpdate, secretKey, bitcoin);
+ *         updater.provide(need);
+ *         break;
+ *     }
+ *   }
+ *   state = updater.advance();
+ * }
+ *
+ * const { signedUpdate } = state.result;
+ * ```
+ *
+ * The Updater performs **zero I/O**. All external work (signing with a KMS or raw
+ * key, funding checks, Bitcoin transaction construction, broadcast) flows through
+ * the advance/provide protocol. This mirrors the {@link Resolver} pattern and makes
+ * the update path transport-agnostic and KMS-ready.
+ *
+ * The class also exposes static utility methods ({@link construct}, {@link sign},
+ * {@link announce}) for callers that need direct access to individual update steps
+ * outside the state machine (e.g., test vector generation scripts).
+ *
+ * @class Updater
+ */
+export class Updater {
+  #phase: UpdaterPhase = UpdaterPhase.Construct;
+  readonly #sourceDocument: Btcr2DidDocument;
+  readonly #patches: PatchOperation[];
+  readonly #sourceVersionId: number;
+  readonly #verificationMethod: DidVerificationMethod;
+  readonly #beaconService: BeaconService;
+
+  #unsignedUpdate: UnsignedBTCR2Update | null = null;
+  #signedUpdate: SignedBTCR2Update | null = null;
+
+  /**
+   * @internal — Use {@link DidBtcr2.update} to create instances.
+   */
+  constructor(params: UpdaterParams) {
+    this.#sourceDocument = params.sourceDocument;
+    this.#patches = params.patches;
+    this.#sourceVersionId = params.sourceVersionId;
+    this.#verificationMethod = params.verificationMethod;
+    this.#beaconService = params.beaconService;
+  }
+
+  // ─── Public static utility methods ─────────────────────────────────────────
+  // Used by generate-vector.ts and other scripts that need direct access to
+  // individual update steps outside the state machine flow.
+
+  /**
+   * Implements subsection {@link https://dcdpr.github.io/did-btcr2/operations/update.html#construct-btcr2-unsigned-update | 7.3.b Construct BTCR2 Unsigned Update}.
+   *
+   * @param {Btcr2DidDocument} sourceDocument The source DID document to be updated.
+   * @param {PatchOperation[]} patches The JSON Patch operations to apply.
+   * @param {number} sourceVersionId The version ID of the source document.
+   * @returns {UnsignedBTCR2Update} The constructed UnsignedBTCR2Update object.
+   * @throws {UpdateError} If the target document fails DID Core validation.
+   */
+  static construct(
+    sourceDocument: Btcr2DidDocument,
+    patches: PatchOperation[],
+    sourceVersionId: number,
+  ): UnsignedBTCR2Update {
+    const unsignedUpdate: UnsignedBTCR2Update = {
+      '@context'      : [
+        'https://w3id.org/security/v2',
+        'https://w3id.org/zcap/v1',
+        'https://w3id.org/json-ld-patch/v1',
+        'https://btcr2.dev/context/v1'
+      ],
+      patch           : patches,
+      targetHash      : '',
+      targetVersionId : sourceVersionId + 1,
+      sourceHash      : canonicalHash(sourceDocument),
+    };
+
+    const targetDocument = JSONPatch.apply(sourceDocument, patches);
+
+    try {
+      DidDocument.isValid(targetDocument);
+    } catch (error) {
+      throw new UpdateError(
+        'Error validating targetDocument: ' + (error instanceof Error ? error.message : String(error)),
+        INVALID_DID_UPDATE, targetDocument
+      );
+    }
+
+    unsignedUpdate.targetHash = canonicalHash(targetDocument);
+    return unsignedUpdate;
+  }
+
+  /**
+   * Implements subsection {@link http://dcdpr.github.io/did-btcr2/operations/update.html#construct-btcr2-signed-update | 7.3.c Construct BTCR2 Signed Update }.
+   *
+   * @param {string} did The did-btcr2 identifier to derive the root capability from.
+   * @param {UnsignedBTCR2Update} unsignedUpdate The unsigned update to sign.
+   * @param {DidVerificationMethod} verificationMethod The verification method for signing.
+   * @param {KeyBytes} secretKey The secret key bytes.
+   * @returns {SignedBTCR2Update} The signed update with a Data Integrity proof.
+   */
+  static sign(
+    did: string,
+    unsignedUpdate: UnsignedBTCR2Update,
+    verificationMethod: DidVerificationMethod,
+    secretKey: KeyBytes,
+  ): SignedBTCR2Update {
+    const controller = verificationMethod.controller;
+    const id = verificationMethod.id.slice(verificationMethod.id.indexOf('#'));
+    const multikey = SchnorrMultikey.fromSecretKey(id, controller, secretKey);
+
+    const config: DataIntegrityConfig = {
+      '@context' : [
+        'https://w3id.org/security/v2',
+        'https://w3id.org/zcap/v1',
+        'https://w3id.org/json-ld-patch/v1',
+        'https://btcr2.dev/context/v1'
+      ],
+      cryptosuite        : 'bip340-jcs-2025',
+      type               : 'DataIntegrityProof',
+      verificationMethod : verificationMethod.id,
+      proofPurpose       : 'capabilityInvocation',
+      capability         : `urn:zcap:root:${encodeURIComponent(did)}`,
+      capabilityAction   : 'Write',
+    };
+
+    const diproof = multikey.toCryptosuite().toDataIntegrityProof();
+    return diproof.addProof(unsignedUpdate, config);
+  }
+
+  /**
+   * Implements subsection {@link https://dcdpr.github.io/did-btcr2/operations/update.html#announce-did-update | 7.3.d Announce DID Update}.
+   * Announces a signed update to the Bitcoin blockchain via the specified beacon.
+   *
+   * @param {BeaconService} beaconService The beacon service to broadcast through.
+   * @param {SignedBTCR2Update} update The signed update to announce.
+   * @param {KeyBytes} secretKey The secret key for signing the Bitcoin transaction.
+   * @param {BitcoinConnection} bitcoin The Bitcoin network connection.
+   * @returns {Promise<SignedBTCR2Update>} The signed update that was broadcast.
+   */
+  static async announce(
+    beaconService: BeaconService,
+    update: SignedBTCR2Update,
+    secretKey: KeyBytes,
+    bitcoin: BitcoinConnection
+  ): Promise<SignedBTCR2Update> {
+    const beacon = BeaconFactory.establish(beaconService);
+    return beacon.broadcastSignal(update, secretKey, bitcoin);
+  }
+
+  // ─── Private instance wrappers ─────────────────────────────────────────────
+  // Delegate to the public statics with bound instance fields for cleaner
+  // advance/provide code.
+
+  #construct(): UnsignedBTCR2Update {
+    return Updater.construct(this.#sourceDocument, this.#patches, this.#sourceVersionId);
+  }
+
+  #sign(secretKey: KeyBytes): SignedBTCR2Update {
+    return Updater.sign(this.#sourceDocument.id, this.#unsignedUpdate!, this.#verificationMethod, secretKey);
+  }
+
+  // ─── State machine ─────────────────────────────────────────────────────────
+
+  /**
+   * Advance the state machine. Returns either:
+   * - `{ status: 'action-required', needs }` — caller must provide data via {@link provide}
+   * - `{ status: 'complete', result }` — update is signed and broadcast
+   */
+  advance(): UpdaterState {
+    while(true) {
+      switch(this.#phase) {
+
+        // Phase: Construct
+        // Build the unsigned update from source doc + patches. Pure, synchronous.
+        case UpdaterPhase.Construct: {
+          this.#unsignedUpdate = this.#construct();
+          this.#phase = UpdaterPhase.Sign;
+          continue;
+        }
+
+        // Phase: Sign
+        // Emit NeedSigningKey — the caller supplies the secret key (or a KMS signature).
+        case UpdaterPhase.Sign: {
+          return {
+            status : 'action-required',
+            needs  : [{
+              kind                 : 'NeedSigningKey',
+              verificationMethodId : this.#verificationMethod.id,
+              unsignedUpdate       : this.#unsignedUpdate!,
+            }],
+          };
+        }
+
+        // Phase: Fund
+        // Emit NeedFunding with the beacon address. The caller checks UTXOs,
+        // funds the address if needed, and provides to continue.
+        case UpdaterPhase.Fund: {
+          const beaconAddress = this.#beaconService.serviceEndpoint.replace('bitcoin:', '');
+          return {
+            status : 'action-required',
+            needs  : [{
+              kind           : 'NeedFunding',
+              beaconAddress,
+              beaconService  : this.#beaconService,
+            }],
+          };
+        }
+
+        // Phase: Broadcast
+        // Emit NeedBroadcast with the signed update + beacon service. The caller performs
+        // the actual on-chain announcement (or hands off to the aggregation protocol).
+        case UpdaterPhase.Broadcast: {
+          return {
+            status : 'action-required',
+            needs  : [{
+              kind          : 'NeedBroadcast',
+              beaconService : this.#beaconService,
+              signedUpdate  : this.#signedUpdate!,
+            }],
+          };
+        }
+
+        // Phase: Complete
+        case UpdaterPhase.Complete: {
+          return {
+            status : 'complete',
+            result : { signedUpdate: this.#signedUpdate! },
+          };
+        }
+      }
+    }
+  }
+
+  /**
+   * Provide data the updater requested in a previous {@link advance} call.
+   * Call once per need, then call {@link advance} again to continue.
+   *
+   * @param need The DataNeed being fulfilled (from the `needs` array).
+   * @param data The data payload corresponding to the need kind (omit for NeedFunding/NeedBroadcast).
+   */
+  provide(need: NeedSigningKey, data: KeyBytes): void;
+  provide(need: NeedFunding): void;
+  provide(need: NeedBroadcast): void;
+  provide(need: UpdaterDataNeed, data?: KeyBytes): void {
+    switch(need.kind) {
+      case 'NeedSigningKey': {
+        if(this.#phase !== UpdaterPhase.Sign) {
+          throw new UpdateError(
+            `Cannot provide NeedSigningKey: updater phase is ${this.#phase}, expected Sign.`,
+            INVALID_DID_UPDATE, { phase: this.#phase }
+          );
+        }
+        if(!data) {
+          throw new UpdateError(
+            'NeedSigningKey requires secret key bytes.',
+            INVALID_DID_UPDATE
+          );
+        }
+        if(!this.#unsignedUpdate) {
+          throw new UpdateError(
+            'Internal error: unsigned update missing in Sign phase.',
+            INVALID_DID_UPDATE
+          );
+        }
+        this.#signedUpdate = this.#sign(data);
+        this.#phase = UpdaterPhase.Fund;
+        break;
+      }
+
+      case 'NeedFunding': {
+        if(this.#phase !== UpdaterPhase.Fund) {
+          throw new UpdateError(
+            `Cannot provide NeedFunding: updater phase is ${this.#phase}, expected Fund.`,
+            INVALID_DID_UPDATE, { phase: this.#phase }
+          );
+        }
+        // Caller has confirmed funding (or it was already funded). Continue.
+        this.#phase = UpdaterPhase.Broadcast;
+        break;
+      }
+
+      case 'NeedBroadcast': {
+        if(this.#phase !== UpdaterPhase.Broadcast) {
+          throw new UpdateError(
+            `Cannot provide NeedBroadcast: updater phase is ${this.#phase}, expected Broadcast.`,
+            INVALID_DID_UPDATE, { phase: this.#phase }
+          );
+        }
+        // Caller has broadcast externally. Transition to Complete.
+        this.#phase = UpdaterPhase.Complete;
+        break;
+      }
+    }
+  }
+}

package/src/did-btcr2.ts

@@ -1,7 +1,5 @@
-import type { BitcoinConnection } from '@did-btcr2/bitcoin';
 import type {
   DocumentBytes,
-  HexString,
   KeyBytes,
   PatchOperation} from '@did-btcr2/common';
 import {
@@ -12,7 +10,6 @@ import {
   MethodError,
   UpdateError
 } from '@did-btcr2/common';
-import type { SignedBTCR2Update } from '@did-btcr2/cryptosuite';
 import type {
   DidMethod} from '@web5/dids';
 import {
@@ -20,14 +17,11 @@ import {
   DidError,
   DidErrorCode
 } from '@web5/dids';
-import * as ecc from '@bitcoinerlab/secp256k1';
-import { hexToBytes } from '@noble/hashes/utils';
-import { initEccLib } from 'bitcoinjs-lib';
 import type { BeaconService } from './core/beacon/interfaces.js';
 import { Identifier } from './core/identifier.js';
 import type { ResolutionOptions } from './core/interfaces.js';
 import { Resolver } from './core/resolver.js';
-import { Update } from './core/update.js';
+import { Updater } from './core/updater.js';
 import { Appendix } from './utils/appendix.js';
 import type { Btcr2DidDocument, DidVerificationMethod } from './utils/did-document.js';
 
@@ -40,9 +34,6 @@ export interface DidCreateOptions {
   network?: string;
 }
 
-/** Initialize secp256k1 ECC library */
-initEccLib(ecc);
-
 /**
  * Implements {@link https://dcdpr.github.io/did-btcr2 | did:btcr2 DID Method Specification}.
  * did:btcr2 is a censorship-resistant Decentralized Identifier (DID) method using
@@ -140,55 +131,41 @@ export class DidBtcr2 implements DidMethod {
   }
 
   /**
-   * Entry point for section {@link https://dcdpr.github.io/did-btcr2/#read | 7.3 Update}.
-   * See specification for the {@link https://dcdpr.github.io/did-btcr2/operations/resolve.html#process | Resolve Process}.
-   * See {@link Update | Update (class)} for class implementation.
+   * Entry point for section {@link https://dcdpr.github.io/did-btcr2/#update | 7.3 Update}.
+   *
+   * Factory method that validates the update parameters and returns a sans-I/O
+   * {@link Updater} state machine. The caller drives the updater through its
+   * phases (Construct → Sign → Broadcast → Complete) by calling `advance()` and
+   * `provide()`. The method package performs **zero I/O** — signing key retrieval
+   * (or KMS delegation) and the on-chain broadcast are the caller's responsibility.
    *
-   * BTCR2 DID documents can be updated by anchoring BTCR2 Updates to Bitcoin transactions. These transactions MAY be
-   * published to the Bitcoin network. Any property in the DID document may be updated except the id. Doing so would
-   * invalidate the DID document.
-   * @param params An object containing the parameters for the update operation.
+   * For a fully-wired version with Bitcoin broadcast and key handling, see
+   * `DidMethodApi.update()` in `@did-btcr2/api`.
+   *
+   * @param params Update construction parameters.
    * @param {Btcr2DidDocument} params.sourceDocument The DID document being updated.
-   * @param {PatchOperation[]} params.patches The array of JSON Patch operations to apply to the sourceDocument.
-   * @param {string} params.sourceVersionId The version ID before applying the update.
-   * @param {string} params.verificationMethodId The verificationMethod ID to sign the update with.
-   * @param {string} params.beaconId The beacon ID associated with the update.
-   * @param {KeyBytes | HexString} [params.signingMaterial] Optional signing material (key bytes or hex string).
-   * @param {BitcoinConnection} [params.bitcoin] Optional Bitcoin network connection for announcing the update. If not provided, a default connection will be initialized.
-   * @return {Promise<SignedBTCR2Update>} Promise resolving to the signed BTCR2 update.
-   * @throws {UpdateError} if no verificationMethod, verificationMethod type is not `Multikey` or the publicKeyMultibase
-   * header is not `zQ3s`
+   * @param {PatchOperation[]} params.patches The JSON Patch operations to apply.
+   * @param {number} params.sourceVersionId The version ID before applying the update.
+   * @param {string} params.verificationMethodId The verification method ID to sign with.
+   * @param {string} params.beaconId The beacon service ID to broadcast through.
+   * @returns {Updater} A sans-I/O state machine for driving the update.
+   * @throws {UpdateError} If the verification method is not authorized, not found,
+   *   not of type `Multikey`, or does not have a `zQ3s` publicKeyMultibase prefix.
+   *   Also throws if the beacon service is not found.
    */
-  static async update({
+  static update({
     sourceDocument,
     patches,
     sourceVersionId,
     verificationMethodId,
     beaconId,
-    signingMaterial,
-    bitcoin,
   }: {
     sourceDocument: Btcr2DidDocument;
     patches: PatchOperation[];
     sourceVersionId: number;
     verificationMethodId: string;
     beaconId: string;
-    signingMaterial?: KeyBytes | HexString;
-    bitcoin?: BitcoinConnection;
-  }): Promise<SignedBTCR2Update> {
-    // If no signingMaterial provided, throw an UpdateError with INVALID_DID_UPDATE.
-    if (!signingMaterial) {
-      throw new UpdateError(
-        'Missing signing material for update',
-        INVALID_DID_UPDATE, {signingMaterial}
-      );
-    }
-
-    // Convert signingMaterial to bytes if it's a hex string
-    const secretKey = typeof signingMaterial === 'string'
-      ? hexToBytes(signingMaterial)
-      : signingMaterial;
-
+  }): Updater {
     // Validate that the verificationMethodId is authorized for capabilityInvocation
     if(!sourceDocument.capabilityInvocation?.some(vr => vr === verificationMethodId)) {
       throw new UpdateError(
@@ -201,15 +178,15 @@ export class DidBtcr2 implements DidMethod {
     const verificationMethod = this.getSigningMethod(sourceDocument, verificationMethodId);
 
     // Validate the verificationMethod exists in the sourceDocument
-    if (!verificationMethod) {
+    if(!verificationMethod) {
       throw new UpdateError(
         'Invalid verificationMethod: not found in source document',
-        INVALID_DID_DOCUMENT, {sourceDocument, verificationMethodId}
+        INVALID_DID_DOCUMENT, { sourceDocument, verificationMethodId }
       );
     }
 
     // Validate the verificationMethod is of type 'Multikey'
-    if (verificationMethod.type !== 'Multikey') {
+    if(verificationMethod.type !== 'Multikey') {
       throw new UpdateError(
         'Invalid verificationMethod: verificationMethod.type must be "Multikey"',
         INVALID_DID_DOCUMENT, verificationMethod
@@ -217,46 +194,34 @@ export class DidBtcr2 implements DidMethod {
     }
 
     // Validate the publicKeyMultibase prefix is 'zQ3s'
-    if (verificationMethod.publicKeyMultibase?.slice(0, 4) !== 'zQ3s') {
+    if(verificationMethod.publicKeyMultibase?.slice(0, 4) !== 'zQ3s') {
       throw new UpdateError(
         'Invalid verificationMethodId: publicKeyMultibase prefix must start with "zQ3s"',
         INVALID_DID_DOCUMENT, verificationMethod
       );
     }
 
-    // Construct an unsigned update following the BTCR2 Update construction algorithm
-    const update = Update.construct(sourceDocument, patches, sourceVersionId);
-
-    // Sign the unsigned update using the specified verification method
-    const signed = Update.sign(sourceDocument.id, update, verificationMethod, secretKey);
-
-    // Filter sourceDocument services to get beaconServices matching beaconIds
+    // Find the beacon service matching the given beaconId
     const beaconService = sourceDocument.service
       .filter((service: BeaconService) => service.id === beaconId)
       .filter((service: BeaconService): service is BeaconService => !!service)
       .shift();
 
-    // If no matching beacon service found, throw an UpdateError with INVALID_DID_UPDATE.
     if(!beaconService) {
       throw new UpdateError(
         'No beacon service found for provided beaconId',
-        INVALID_DID_UPDATE, {sourceDocument, beaconId}
+        INVALID_DID_UPDATE, { sourceDocument, beaconId }
       );
     }
-    // Require an explicit bitcoin connection — no silent env-var fallback
-    if (!bitcoin) {
-      throw new UpdateError(
-        'Bitcoin connection required for update. Pass a configured `bitcoin` parameter '
-        + 'or use DidBtcr2Api which injects it automatically.',
-        INVALID_DID_UPDATE, { beaconId }
-      );
-    }
-
-    // Announce the signed update to the blockchain using the specified beacon(s)
-    await Update.announce(beaconService, signed, secretKey, bitcoin);
 
-    // Return signed update if announced successfully
-    return signed;
+    // Return a sans-I/O state machine the caller will drive
+    return new Updater({
+      sourceDocument,
+      patches,
+      sourceVersionId,
+      verificationMethod,
+      beaconService,
+    });
   }
 
   /**

package/src/index.ts

@@ -5,6 +5,8 @@ export * from './core/aggregation/cohort.js';
 export * from './core/aggregation/signing-session.js';
 export * from './core/aggregation/phases.js';
 export * from './core/aggregation/errors.js';
+export * from './core/aggregation/beacon-strategy.js';
+export * from './core/aggregation/logger.js';
 export * from './core/aggregation/messages/index.js';
 export * from './core/aggregation/transport/index.js';
 export * from './core/aggregation/runner/index.js';
@@ -14,6 +16,7 @@ export * from './core/beacon/beacon.js';
 export * from './core/beacon/cas-beacon.js';
 export * from './core/beacon/error.js';
 export * from './core/beacon/factory.js';
+export * from './core/beacon/fee-estimator.js';
 export * from './core/beacon/interfaces.js';
 export * from './core/beacon/signal-discovery.js';
 export * from './core/beacon/singleton-beacon.js';
@@ -25,7 +28,7 @@ export * from './core/identifier.js';
 export * from './core/interfaces.js';
 export * from './core/resolver.js';
 export * from './core/types.js';
-export * from './core/update.js';
+export * from './core/updater.js';
 
 // Utils
 export * from './utils/appendix.js';

package/src/utils/did-document.ts

@@ -15,7 +15,7 @@ import {
 import { CompressedSecp256k1PublicKey } from '@did-btcr2/keypair';
 import type { DidDocument as W3CDidDocument, DidVerificationMethod as W3CDidVerificationMethod } from '@web5/dids';
 import { isDidService } from '@web5/dids/utils';
-import { payments } from 'bitcoinjs-lib';
+import { p2pkh } from '@scure/btc-signer';
 import type { BeaconService } from '../core/beacon/interfaces.js';
 import { Identifier } from '../core/identifier.js';
 import { Appendix } from './appendix.js';
@@ -491,7 +491,7 @@ export class GenesisDocument extends DidDocument {
   public static fromPublicKey(publicKey: KeyBytes, network: string): GenesisDocument {
     const pk = new CompressedSecp256k1PublicKey(publicKey);
     const id = ID_PLACEHOLDER_VALUE;
-    const address = payments.p2pkh({ pubkey: pk.compressed, network: getNetwork(network) })?.address;
+    const address = p2pkh(pk.compressed, getNetwork(network)).address;
     const services = [{
       id              : `${id}#service-0`,
       serviceEndpoint : `bitcoin:${address}`,