@didcid/keymaster 0.2.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +199 -0
- package/dist/cjs/keymaster-client.cjs +26 -26
- package/dist/cjs/keymaster.cjs +277 -208
- package/dist/esm/cli.js +1213 -0
- package/dist/esm/cli.js.map +1 -0
- package/dist/esm/keymaster-client.js +26 -26
- package/dist/esm/keymaster-client.js.map +1 -1
- package/dist/esm/keymaster.js +218 -173
- package/dist/esm/keymaster.js.map +1 -1
- package/dist/types/cli.d.ts +2 -0
- package/dist/types/keymaster-client.d.ts +16 -14
- package/dist/types/keymaster.d.ts +22 -20
- package/dist/types/types.d.ts +26 -25
- package/package.json +10 -3
package/README.md
CHANGED
|
@@ -86,6 +86,205 @@ const keymaster = new Keymaster({
|
|
|
86
86
|
const newId = await keymaster.createId('Bob');
|
|
87
87
|
```
|
|
88
88
|
|
|
89
|
+
### CLI
|
|
90
|
+
|
|
91
|
+
The package includes a command-line interface for managing wallets and identities directly.
|
|
92
|
+
|
|
93
|
+
#### Installation
|
|
94
|
+
|
|
95
|
+
```bash
|
|
96
|
+
npm install -g @didcid/keymaster
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
#### Environment Variables
|
|
100
|
+
|
|
101
|
+
| Variable | Required | Default | Description |
|
|
102
|
+
|----------|----------|---------|-------------|
|
|
103
|
+
| `ARCHON_GATEKEEPER_URL` | No | `http://localhost:4224` | Gatekeeper service URL |
|
|
104
|
+
| `ARCHON_PASSPHRASE` | Yes | - | Passphrase for wallet encryption |
|
|
105
|
+
| `ARCHON_WALLET_PATH` | No | `./wallet.json` | Path to wallet file |
|
|
106
|
+
| `ARCHON_WALLET_TYPE` | No | `json` | Wallet type (`json` or `sqlite`) |
|
|
107
|
+
| `ARCHON_DEFAULT_REGISTRY` | No | `hyperswarm` | Default DID registry |
|
|
108
|
+
|
|
109
|
+
#### Quick Start
|
|
110
|
+
|
|
111
|
+
```bash
|
|
112
|
+
# Set required environment variables
|
|
113
|
+
export ARCHON_GATEKEEPER_URL=http://localhost:4224
|
|
114
|
+
export ARCHON_PASSPHRASE=your-secure-passphrase
|
|
115
|
+
|
|
116
|
+
# Create a new wallet
|
|
117
|
+
keymaster create-wallet
|
|
118
|
+
|
|
119
|
+
# Create an identity
|
|
120
|
+
keymaster create-id MyBot
|
|
121
|
+
|
|
122
|
+
# List identities
|
|
123
|
+
keymaster list-ids
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
#### Commands
|
|
127
|
+
|
|
128
|
+
##### Wallet Management
|
|
129
|
+
|
|
130
|
+
| Command | Description |
|
|
131
|
+
|---------|-------------|
|
|
132
|
+
| `create-wallet` | Create a new wallet (or show existing) |
|
|
133
|
+
| `new-wallet` | Create a new wallet |
|
|
134
|
+
| `show-wallet` | Display wallet contents |
|
|
135
|
+
| `check-wallet` | Validate DIDs in wallet |
|
|
136
|
+
| `fix-wallet` | Remove invalid DIDs from wallet |
|
|
137
|
+
| `import-wallet <phrase>` | Create wallet from recovery phrase |
|
|
138
|
+
| `show-mnemonic` | Show recovery phrase |
|
|
139
|
+
| `backup-wallet-file <file>` | Backup wallet to file |
|
|
140
|
+
| `restore-wallet-file <file>` | Restore wallet from file |
|
|
141
|
+
| `backup-wallet-did` | Backup wallet to encrypted DID |
|
|
142
|
+
| `recover-wallet-did [did]` | Recover wallet from DID |
|
|
143
|
+
|
|
144
|
+
##### Identity Management
|
|
145
|
+
|
|
146
|
+
| Command | Description |
|
|
147
|
+
|---------|-------------|
|
|
148
|
+
| `create-id <name>` | Create a new identity |
|
|
149
|
+
| `list-ids` | List all identities |
|
|
150
|
+
| `use-id <name>` | Set current identity |
|
|
151
|
+
| `remove-id <name>` | Delete an identity |
|
|
152
|
+
| `rename-id <old> <new>` | Rename an identity |
|
|
153
|
+
| `resolve-id` | Resolve current identity |
|
|
154
|
+
| `rotate-keys` | Generate new keys for current ID |
|
|
155
|
+
| `backup-id` | Backup current ID to registry |
|
|
156
|
+
| `recover-id <did>` | Recover ID from DID |
|
|
157
|
+
|
|
158
|
+
##### DID Operations
|
|
159
|
+
|
|
160
|
+
| Command | Description |
|
|
161
|
+
|---------|-------------|
|
|
162
|
+
| `resolve-did <did>` | Resolve a DID document |
|
|
163
|
+
| `resolve-did-version <did> <ver>` | Resolve specific version |
|
|
164
|
+
| `revoke-did <did>` | Permanently revoke a DID |
|
|
165
|
+
|
|
166
|
+
##### Encryption & Signing
|
|
167
|
+
|
|
168
|
+
| Command | Description |
|
|
169
|
+
|---------|-------------|
|
|
170
|
+
| `encrypt-message <msg> <did>` | Encrypt message for recipient |
|
|
171
|
+
| `encrypt-file <file> <did>` | Encrypt file for recipient |
|
|
172
|
+
| `decrypt-did <did>` | Decrypt an encrypted message |
|
|
173
|
+
| `decrypt-json <did>` | Decrypt encrypted JSON |
|
|
174
|
+
| `sign-file <file>` | Sign a JSON file |
|
|
175
|
+
| `verify-file <file>` | Verify signature in file |
|
|
176
|
+
|
|
177
|
+
##### Credentials
|
|
178
|
+
|
|
179
|
+
| Command | Description |
|
|
180
|
+
|---------|-------------|
|
|
181
|
+
| `bind-credential <schema> <subject>` | Create bound credential |
|
|
182
|
+
| `issue-credential <file>` | Issue a credential |
|
|
183
|
+
| `list-issued` | List issued credentials |
|
|
184
|
+
| `revoke-credential <did>` | Revoke a credential |
|
|
185
|
+
| `accept-credential <did>` | Accept a credential |
|
|
186
|
+
| `list-credentials` | List held credentials |
|
|
187
|
+
| `get-credential <did>` | Get credential by DID |
|
|
188
|
+
| `publish-credential <did>` | Publish credential existence |
|
|
189
|
+
| `reveal-credential <did>` | Reveal credential publicly |
|
|
190
|
+
| `unpublish-credential <did>` | Remove from manifest |
|
|
191
|
+
|
|
192
|
+
##### Challenges & Responses
|
|
193
|
+
|
|
194
|
+
| Command | Description |
|
|
195
|
+
|---------|-------------|
|
|
196
|
+
| `create-challenge [file]` | Create a challenge |
|
|
197
|
+
| `create-challenge-cc <did>` | Create challenge from credential |
|
|
198
|
+
| `create-response <challenge>` | Respond to a challenge |
|
|
199
|
+
| `verify-response <response>` | Verify a response |
|
|
200
|
+
|
|
201
|
+
##### Names (Aliases)
|
|
202
|
+
|
|
203
|
+
| Command | Description |
|
|
204
|
+
|---------|-------------|
|
|
205
|
+
| `add-name <name> <did>` | Add alias for DID |
|
|
206
|
+
| `get-name <name>` | Get DID by alias |
|
|
207
|
+
| `remove-name <name>` | Remove alias |
|
|
208
|
+
| `list-names` | List all aliases |
|
|
209
|
+
|
|
210
|
+
##### Groups
|
|
211
|
+
|
|
212
|
+
| Command | Description |
|
|
213
|
+
|---------|-------------|
|
|
214
|
+
| `create-group <name>` | Create a group |
|
|
215
|
+
| `list-groups` | List owned groups |
|
|
216
|
+
| `get-group <did>` | Get group details |
|
|
217
|
+
| `add-group-member <group> <member>` | Add member to group |
|
|
218
|
+
| `remove-group-member <group> <member>` | Remove member |
|
|
219
|
+
| `test-group <group> [member]` | Test group membership |
|
|
220
|
+
|
|
221
|
+
##### Schemas
|
|
222
|
+
|
|
223
|
+
| Command | Description |
|
|
224
|
+
|---------|-------------|
|
|
225
|
+
| `create-schema <file>` | Create schema from file |
|
|
226
|
+
| `list-schemas` | List owned schemas |
|
|
227
|
+
| `get-schema <did>` | Get schema by DID |
|
|
228
|
+
| `create-schema-template <schema>` | Generate template |
|
|
229
|
+
|
|
230
|
+
##### Assets
|
|
231
|
+
|
|
232
|
+
| Command | Description |
|
|
233
|
+
|---------|-------------|
|
|
234
|
+
| `create-asset` | Create empty asset |
|
|
235
|
+
| `create-asset-json <file>` | Create from JSON file |
|
|
236
|
+
| `create-asset-image <file>` | Create from image |
|
|
237
|
+
| `create-asset-document <file>` | Create from document |
|
|
238
|
+
| `get-asset <id>` | Get asset by ID |
|
|
239
|
+
| `update-asset-json <id> <file>` | Update with JSON |
|
|
240
|
+
| `update-asset-image <id> <file>` | Update with image |
|
|
241
|
+
| `update-asset-document <id> <file>` | Update with document |
|
|
242
|
+
| `transfer-asset <id> <controller>` | Transfer ownership |
|
|
243
|
+
| `clone-asset <id>` | Clone an asset |
|
|
244
|
+
| `set-property <id> <key> [value]` | Set asset property |
|
|
245
|
+
| `list-assets` | List owned assets |
|
|
246
|
+
|
|
247
|
+
##### Polls
|
|
248
|
+
|
|
249
|
+
| Command | Description |
|
|
250
|
+
|---------|-------------|
|
|
251
|
+
| `create-poll-template` | Create poll template |
|
|
252
|
+
| `create-poll <file>` | Create poll from file |
|
|
253
|
+
| `view-poll <poll>` | View poll details |
|
|
254
|
+
| `vote-poll <poll> <vote>` | Vote in poll |
|
|
255
|
+
| `update-poll <ballot>` | Add ballot to poll |
|
|
256
|
+
| `publish-poll <poll>` | Publish results (hidden) |
|
|
257
|
+
| `reveal-poll <poll>` | Publish results (revealed) |
|
|
258
|
+
| `unpublish-poll <poll>` | Remove results |
|
|
259
|
+
|
|
260
|
+
##### Vaults
|
|
261
|
+
|
|
262
|
+
| Command | Description |
|
|
263
|
+
|---------|-------------|
|
|
264
|
+
| `create-vault` | Create a vault |
|
|
265
|
+
| `list-vault-items <id>` | List vault items |
|
|
266
|
+
| `add-vault-member <id> <member>` | Add vault member |
|
|
267
|
+
| `remove-vault-member <id> <member>` | Remove member |
|
|
268
|
+
| `list-vault-members <id>` | List members |
|
|
269
|
+
| `add-vault-item <id> <file>` | Add file to vault |
|
|
270
|
+
| `remove-vault-item <id> <item>` | Remove item |
|
|
271
|
+
| `get-vault-item <id> <item> <file>` | Download item |
|
|
272
|
+
|
|
273
|
+
#### Command Options
|
|
274
|
+
|
|
275
|
+
Many commands support these options:
|
|
276
|
+
|
|
277
|
+
| Option | Description |
|
|
278
|
+
|--------|-------------|
|
|
279
|
+
| `-n, --name <name>` | Assign a name to created DID |
|
|
280
|
+
| `-r, --registry <registry>` | Specify DID registry |
|
|
281
|
+
|
|
282
|
+
Example:
|
|
283
|
+
```bash
|
|
284
|
+
keymaster create-id MyBot -r hyperswarm
|
|
285
|
+
keymaster create-schema schema.json -n my-schema -r local
|
|
286
|
+
```
|
|
287
|
+
|
|
89
288
|
### Client
|
|
90
289
|
|
|
91
290
|
The KeymasterClient is used to communicate with a keymaster REST API service.
|
|
@@ -553,9 +553,9 @@ class KeymasterClient {
|
|
|
553
553
|
throwError(error);
|
|
554
554
|
}
|
|
555
555
|
}
|
|
556
|
-
async bindCredential(
|
|
556
|
+
async bindCredential(subject, options) {
|
|
557
557
|
try {
|
|
558
|
-
const response = await axios.post(`${this.API}/credentials/bind`, {
|
|
558
|
+
const response = await axios.post(`${this.API}/credentials/bind`, { subject, options });
|
|
559
559
|
return response.data.credential;
|
|
560
560
|
}
|
|
561
561
|
catch (error) {
|
|
@@ -825,70 +825,70 @@ class KeymasterClient {
|
|
|
825
825
|
throwError(error);
|
|
826
826
|
}
|
|
827
827
|
}
|
|
828
|
-
async
|
|
828
|
+
async createVault(options = {}) {
|
|
829
829
|
try {
|
|
830
|
-
const response = await axios.post(`${this.API}/
|
|
830
|
+
const response = await axios.post(`${this.API}/vaults`, { options });
|
|
831
831
|
return response.data.did;
|
|
832
832
|
}
|
|
833
833
|
catch (error) {
|
|
834
834
|
throwError(error);
|
|
835
835
|
}
|
|
836
836
|
}
|
|
837
|
-
async
|
|
837
|
+
async getVault(id, options) {
|
|
838
838
|
try {
|
|
839
839
|
if (options) {
|
|
840
840
|
const queryParams = new URLSearchParams(options);
|
|
841
|
-
const response = await axios.get(`${this.API}/
|
|
842
|
-
return response.data.
|
|
841
|
+
const response = await axios.get(`${this.API}/vaults/${id}?${queryParams.toString()}`);
|
|
842
|
+
return response.data.vault;
|
|
843
843
|
}
|
|
844
844
|
else {
|
|
845
|
-
const response = await axios.get(`${this.API}/
|
|
846
|
-
return response.data.
|
|
845
|
+
const response = await axios.get(`${this.API}/vaults/${id}`);
|
|
846
|
+
return response.data.vault;
|
|
847
847
|
}
|
|
848
848
|
}
|
|
849
849
|
catch (error) {
|
|
850
850
|
throwError(error);
|
|
851
851
|
}
|
|
852
852
|
}
|
|
853
|
-
async
|
|
853
|
+
async testVault(id, options) {
|
|
854
854
|
try {
|
|
855
|
-
const response = await axios.post(`${this.API}/
|
|
855
|
+
const response = await axios.post(`${this.API}/vaults/${id}/test`, { options });
|
|
856
856
|
return response.data.test;
|
|
857
857
|
}
|
|
858
858
|
catch (error) {
|
|
859
859
|
throwError(error);
|
|
860
860
|
}
|
|
861
861
|
}
|
|
862
|
-
async
|
|
862
|
+
async addVaultMember(vaultId, memberId) {
|
|
863
863
|
try {
|
|
864
|
-
const response = await axios.post(`${this.API}/
|
|
864
|
+
const response = await axios.post(`${this.API}/vaults/${vaultId}/members`, { memberId });
|
|
865
865
|
return response.data.ok;
|
|
866
866
|
}
|
|
867
867
|
catch (error) {
|
|
868
868
|
throwError(error);
|
|
869
869
|
}
|
|
870
870
|
}
|
|
871
|
-
async
|
|
871
|
+
async removeVaultMember(vaultId, memberId) {
|
|
872
872
|
try {
|
|
873
|
-
const response = await axios.delete(`${this.API}/
|
|
873
|
+
const response = await axios.delete(`${this.API}/vaults/${vaultId}/members/${memberId}`);
|
|
874
874
|
return response.data.ok;
|
|
875
875
|
}
|
|
876
876
|
catch (error) {
|
|
877
877
|
throwError(error);
|
|
878
878
|
}
|
|
879
879
|
}
|
|
880
|
-
async
|
|
880
|
+
async listVaultMembers(vaultId) {
|
|
881
881
|
try {
|
|
882
|
-
const response = await axios.get(`${this.API}/
|
|
882
|
+
const response = await axios.get(`${this.API}/vaults/${vaultId}/members`);
|
|
883
883
|
return response.data.members;
|
|
884
884
|
}
|
|
885
885
|
catch (error) {
|
|
886
886
|
throwError(error);
|
|
887
887
|
}
|
|
888
888
|
}
|
|
889
|
-
async
|
|
889
|
+
async addVaultItem(vaultId, name, buffer) {
|
|
890
890
|
try {
|
|
891
|
-
const response = await axios.post(`${this.API}/
|
|
891
|
+
const response = await axios.post(`${this.API}/vaults/${vaultId}/items`, buffer, {
|
|
892
892
|
headers: {
|
|
893
893
|
// eslint-disable-next-line
|
|
894
894
|
'Content-Type': 'application/octet-stream',
|
|
@@ -901,24 +901,24 @@ class KeymasterClient {
|
|
|
901
901
|
throwError(error);
|
|
902
902
|
}
|
|
903
903
|
}
|
|
904
|
-
async
|
|
904
|
+
async removeVaultItem(vaultId, name) {
|
|
905
905
|
try {
|
|
906
|
-
const response = await axios.delete(`${this.API}/
|
|
906
|
+
const response = await axios.delete(`${this.API}/vaults/${vaultId}/items/${name}`);
|
|
907
907
|
return response.data.ok;
|
|
908
908
|
}
|
|
909
909
|
catch (error) {
|
|
910
910
|
throwError(error);
|
|
911
911
|
}
|
|
912
912
|
}
|
|
913
|
-
async
|
|
913
|
+
async listVaultItems(vaultId, options) {
|
|
914
914
|
try {
|
|
915
915
|
if (options) {
|
|
916
916
|
const queryParams = new URLSearchParams(options);
|
|
917
|
-
const response = await axios.get(`${this.API}/
|
|
917
|
+
const response = await axios.get(`${this.API}/vaults/${vaultId}/items?${queryParams.toString()}`);
|
|
918
918
|
return response.data.items;
|
|
919
919
|
}
|
|
920
920
|
else {
|
|
921
|
-
const response = await axios.get(`${this.API}/
|
|
921
|
+
const response = await axios.get(`${this.API}/vaults/${vaultId}/items`);
|
|
922
922
|
return response.data.items;
|
|
923
923
|
}
|
|
924
924
|
}
|
|
@@ -926,9 +926,9 @@ class KeymasterClient {
|
|
|
926
926
|
throwError(error);
|
|
927
927
|
}
|
|
928
928
|
}
|
|
929
|
-
async
|
|
929
|
+
async getVaultItem(vaultId, name, options) {
|
|
930
930
|
try {
|
|
931
|
-
let url = `${this.API}/
|
|
931
|
+
let url = `${this.API}/vaults/${vaultId}/items/${name}`;
|
|
932
932
|
if (options) {
|
|
933
933
|
const queryParams = new URLSearchParams(options);
|
|
934
934
|
url += `?${queryParams.toString()}`;
|