@docknetwork/wallet-sdk-wasm 1.5.14 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/generate-docs.js +49 -0
  2. package/jsdoc.conf.json +29 -6
  3. package/lib/index.js +8 -1
  4. package/lib/index.mjs +8 -1
  5. package/lib/rpc-server.js +10 -1
  6. package/lib/rpc-server.mjs +10 -1
  7. package/lib/services/blockchain/cached-did-resolver.js +113 -0
  8. package/lib/services/blockchain/cached-did-resolver.mjs +109 -0
  9. package/lib/services/blockchain/index.js +11 -0
  10. package/lib/services/blockchain/index.mjs +11 -0
  11. package/lib/services/blockchain/service-rpc.js +12 -0
  12. package/lib/services/blockchain/service-rpc.mjs +12 -0
  13. package/lib/services/blockchain/service.js +140 -11
  14. package/lib/services/blockchain/service.mjs +140 -11
  15. package/lib/services/credential/bbs-revocation.js +11 -0
  16. package/lib/services/credential/bbs-revocation.mjs +11 -0
  17. package/lib/services/credential/config.js +4 -1
  18. package/lib/services/credential/config.mjs +4 -1
  19. package/lib/services/credential/index.js +14 -0
  20. package/lib/services/credential/index.mjs +14 -0
  21. package/lib/services/credential/sd-jwt.js +214 -0
  22. package/lib/services/credential/sd-jwt.mjs +200 -0
  23. package/lib/services/credential/service-rpc.js +9 -0
  24. package/lib/services/credential/service-rpc.mjs +9 -0
  25. package/lib/services/credential/service.js +324 -7
  26. package/lib/services/credential/service.mjs +324 -7
  27. package/lib/services/edv/service.js +145 -1
  28. package/lib/services/edv/service.mjs +145 -1
  29. package/lib/services/index.js +13 -0
  30. package/lib/services/index.mjs +13 -0
  31. package/lib/services/relay-service/service.js +124 -1
  32. package/lib/services/relay-service/service.mjs +124 -1
  33. package/lib/services/rpc-service-client.js +0 -3
  34. package/lib/services/rpc-service-client.mjs +0 -3
  35. package/lib/services/storage/index.js +19 -2
  36. package/lib/services/storage/index.mjs +24 -1
  37. package/lib/services/storage/service-rpc.js +7 -3
  38. package/lib/services/storage/service-rpc.mjs +7 -3
  39. package/lib/services/storage/service.js +4 -0
  40. package/lib/services/storage/service.mjs +4 -0
  41. package/lib/setup-nodejs.js +8 -1
  42. package/lib/setup-nodejs.mjs +8 -1
  43. package/lib/setup-tests.js +8 -1
  44. package/lib/setup-tests.mjs +8 -1
  45. package/lib/src/services/blockchain/cached-did-resolver.d.ts +28 -0
  46. package/lib/src/services/blockchain/cached-did-resolver.d.ts.map +1 -0
  47. package/lib/src/services/blockchain/cached-did-resolver.test.d.ts +2 -0
  48. package/lib/src/services/blockchain/cached-did-resolver.test.d.ts.map +1 -0
  49. package/lib/src/services/blockchain/service.d.ts +114 -17
  50. package/lib/src/services/blockchain/service.d.ts.map +1 -1
  51. package/lib/src/services/credential/config.d.ts.map +1 -1
  52. package/lib/src/services/credential/index.d.ts +3 -0
  53. package/lib/src/services/credential/index.d.ts.map +1 -1
  54. package/lib/src/services/credential/sd-jwt.test.d.ts +2 -0
  55. package/lib/src/services/credential/sd-jwt.test.d.ts.map +1 -0
  56. package/lib/src/services/credential/service.d.ts +274 -4
  57. package/lib/src/services/credential/service.d.ts.map +1 -1
  58. package/lib/src/services/edv/service.d.ts +151 -1
  59. package/lib/src/services/edv/service.d.ts.map +1 -1
  60. package/lib/src/services/relay-service/service.d.ts +129 -1
  61. package/lib/src/services/relay-service/service.d.ts.map +1 -1
  62. package/lib/src/services/rpc-service-client.d.ts +2 -2
  63. package/lib/src/services/rpc-service-client.d.ts.map +1 -1
  64. package/lib/src/services/storage/index.d.ts +1 -1
  65. package/lib/src/services/storage/index.d.ts.map +1 -1
  66. package/lib/src/services/storage/service-rpc.d.ts +9 -0
  67. package/lib/src/services/storage/service-rpc.d.ts.map +1 -0
  68. package/lib/src/services/storage/service.d.ts +1 -0
  69. package/lib/src/services/storage/service.d.ts.map +1 -1
  70. package/lib/src/services/util-crypto/service.d.ts +1 -1
  71. package/lib/tsconfig.tsbuildinfo +1 -1
  72. package/lib/wallet/rpc-storage-interface.js +13 -3
  73. package/lib/wallet/rpc-storage-interface.mjs +11 -1
  74. package/lib/wallet/rpc-storage-wallet.js +10 -0
  75. package/lib/wallet/rpc-storage-wallet.mjs +10 -0
  76. package/package.json +13 -8
  77. package/src/services/blockchain/cached-did-resolver.test.ts +288 -0
  78. package/src/services/blockchain/cached-did-resolver.ts +126 -0
  79. package/src/services/blockchain/service-rpc.js +12 -0
  80. package/src/services/blockchain/service.ts +142 -11
  81. package/src/services/credential/config.ts +7 -1
  82. package/src/services/credential/sd-jwt.test.ts +718 -0
  83. package/src/services/credential/sd-jwt.ts +231 -0
  84. package/src/services/credential/service-rpc.js +9 -0
  85. package/src/services/credential/service.ts +328 -7
  86. package/src/services/edv/service.ts +153 -1
  87. package/src/services/relay-service/service.ts +130 -1
  88. package/src/services/rpc-service-client.js +0 -3
  89. package/src/services/storage/index.js +15 -1
  90. package/src/services/storage/service-rpc.js +7 -3
  91. package/src/services/storage/service.ts +5 -0
@@ -1,4 +1,12 @@
1
1
  // @ts-nocheck
2
+
3
+ /**
4
+ * @module credential-service
5
+ * @description Verifiable credential management service for the Wallet SDK.
6
+ * This module provides functionality for creating, signing, verifying, and presenting
7
+ * verifiable credentials including support for BBS+ signatures and anonymous credentials.
8
+ */
9
+
2
10
  import {serviceName, validation} from './config';
3
11
  import {
4
12
  Accumulator,
@@ -31,9 +39,24 @@ import axios from 'axios';
31
39
  import {getIsRevoked, getWitnessDetails} from './bbs-revocation';
32
40
  import {getPexRequiredAttributes, shouldSkipAttribute} from './pex-helpers';
33
41
  import {didService} from '../dids/service';
42
+ import {isSDJWTCredential as checkIsSDJWT, credentialToW3C as convertCredentialToW3C, verifySDJWT, createSDJWTPresentation} from './sd-jwt';
34
43
 
44
+ /**
45
+ * PEX (Presentation Exchange) instance for credential filtering
46
+ * @private
47
+ */
35
48
  const pex: PEX = new PEX();
36
49
 
50
+ /**
51
+ * Checks if a credential uses BBS+ signature
52
+ * @param {Object} credential - The credential to check
53
+ * @returns {boolean} True if the credential uses BBS+ signature
54
+ * @example
55
+ * const isBBS = isBBSPlusCredential(credential);
56
+ * if (isBBS) {
57
+ * console.log('This credential uses BBS+ signatures');
58
+ * }
59
+ */
37
60
  export function isBBSPlusCredential(credential) {
38
61
  return (
39
62
  (typeof credential?.proof?.type === 'string' &&
@@ -45,6 +68,13 @@ export function isBBSPlusCredential(credential) {
45
68
  );
46
69
  }
47
70
 
71
+ /**
72
+ * Checks if a credential uses KVAC (BBDT16) signature
73
+ * @param {Object} credential - The credential to check
74
+ * @returns {boolean} True if the credential uses KVAC signature
75
+ * @example
76
+ * const isKVAC = isKvacCredential(credential);
77
+ */
48
78
  export function isKvacCredential(credential) {
49
79
  return (
50
80
  typeof credential?.proof?.type === 'string' &&
@@ -52,11 +82,30 @@ export function isKvacCredential(credential) {
52
82
  );
53
83
  }
54
84
 
85
+ /**
86
+ * Checks if a credential is anonymous (BBS+ or KVAC)
87
+ * @param {Object} credential - The credential to check
88
+ * @returns {boolean} True if the credential is anonymous
89
+ * @example
90
+ * if (isAnnonymousCredential(credential)) {
91
+ * console.log('This credential supports selective disclosure');
92
+ * }
93
+ */
55
94
  export function isAnnonymousCredential(credential) {
56
95
  return isBBSPlusCredential(credential) || isKvacCredential(credential);
57
96
  }
58
97
 
98
+ /**
99
+ * Service class for managing verifiable credentials
100
+ * @class
101
+ * @description Provides methods for creating, signing, verifying, and presenting
102
+ * verifiable credentials with support for various signature types
103
+ */
59
104
  class CredentialService {
105
+ /**
106
+ * Creates a new CredentialService instance
107
+ * @constructor
108
+ */
60
109
  constructor() {
61
110
  this.name = serviceName;
62
111
  }
@@ -69,8 +118,28 @@ class CredentialService {
69
118
  CredentialService.prototype.deriveVCFromPresentation,
70
119
  CredentialService.prototype.isBBSPlusCredential,
71
120
  CredentialService.prototype.isKvacCredential,
121
+ CredentialService.prototype.isSDJWTCredential,
122
+ CredentialService.prototype.credentialToW3C,
123
+ CredentialService.prototype.createSDJWTPresentation,
72
124
  CredentialService.prototype.acquireOIDCredential,
73
125
  ];
126
+
127
+
128
+ createSDJWTPresentation(params) {
129
+ const {attributesToReveal, credential} = params;
130
+ return createSDJWTPresentation({attributesToReveal, credential});
131
+ }
132
+
133
+ /**
134
+ * Generates a new verifiable credential template
135
+ * @param {Object} [params={}] - Generation parameters
136
+ * @param {Object} [params.subject] - The credential subject
137
+ * @returns {VerifiableCredential} A new verifiable credential instance
138
+ * @example
139
+ * const credential = credentialService.generateCredential({
140
+ * subject: { id: 'did:example:123', name: 'Alice' }
141
+ * });
142
+ */
74
143
  generateCredential(params = {}) {
75
144
  validation.generateCredential(params);
76
145
  const {subject} = params;
@@ -89,6 +158,19 @@ class CredentialService {
89
158
  }
90
159
  return vc;
91
160
  }
161
+ /**
162
+ * Signs a verifiable credential
163
+ * @param {Object} params - Signing parameters
164
+ * @param {Object} params.vcJson - The credential JSON to sign
165
+ * @param {Object} params.keyDoc - The key document for signing
166
+ * @returns {Promise<VerifiableCredential>} The signed verifiable credential
167
+ * @throws {Error} If validation fails or signing fails
168
+ * @example
169
+ * const signedCredential = await credentialService.signCredential({
170
+ * vcJson: credentialData,
171
+ * keyDoc: issuerKeyDocument
172
+ * });
173
+ */
92
174
  async signCredential(params) {
93
175
  validation.signCredential(params);
94
176
  const {vcJson, keyDoc} = params;
@@ -104,13 +186,39 @@ class CredentialService {
104
186
 
105
187
  return verifiableCredential;
106
188
  }
189
+ /**
190
+ * Creates a verifiable presentation from credentials
191
+ * @param {Object} params - Presentation parameters
192
+ * @param {Array<Object>} params.credentials - Array of verifiable credentials to include
193
+ * @param {Object} params.keyDoc - The key document for signing the presentation
194
+ * @param {string} [params.challenge] - Challenge string for the presentation proof
195
+ * @param {string} [params.id] - Presentation identifier
196
+ * @param {string} [params.domain] - Domain for the presentation proof
197
+ * @returns {Promise<Object>} The signed verifiable presentation
198
+ * @throws {Error} If validation fails
199
+ * @example
200
+ * const presentation = await credentialService.createPresentation({
201
+ * credentials: [credential1, credential2],
202
+ * keyDoc: holderKeyDocument,
203
+ * challenge: 'abc123',
204
+ * domain: 'example.com'
205
+ * });
206
+ */
107
207
  async createPresentation(params) {
108
208
  validation.createPresentation(params);
109
209
  const {credentials, keyDoc, challenge, id, domain} = params;
110
210
  const vp = new VerifiablePresentation(id);
111
211
  let shouldSkipSigning = false;
212
+ let jwtCredentials = [];
213
+
112
214
  for (const signedVC of credentials) {
113
- vp.addCredential(signedVC);
215
+
216
+ if (typeof signedVC === 'string') {
217
+ jwtCredentials.push(signedVC);
218
+ shouldSkipSigning = true;
219
+ } else {
220
+ vp.addCredential(signedVC);
221
+ }
114
222
  shouldSkipSigning = shouldSkipSigning || isAnnonymousCredential(signedVC);
115
223
  }
116
224
 
@@ -123,19 +231,60 @@ class CredentialService {
123
231
  const suite = await getSuiteFromKeyDoc(keyPair);
124
232
 
125
233
  if (shouldSkipSigning) {
126
- return vp.toJSON();
234
+ const result = vp.toJSON();
235
+ result.verifiableCredential.push(...jwtCredentials);
236
+ return result;
127
237
  }
128
238
 
129
239
  return vp.sign(suite, challenge, domain, blockchainService.resolver);
130
240
  }
131
241
 
242
+ /**
243
+ * Verifies a verifiable presentation
244
+ * @param {Object} params - Verification parameters
245
+ * @param {Object} params.presentation - The presentation to verify
246
+ * @param {Object} [params.options] - Verification options
247
+ * @returns {Promise<Object>} Verification result with verified status and any errors
248
+ * @example
249
+ * const result = await credentialService.verifyPresentation({
250
+ * presentation: presentationData
251
+ * });
252
+ * console.log('Verified:', result.verified);
253
+ */
132
254
  async verifyPresentation({ presentation, options }: any) {
133
255
  return verifyPresentation(presentation, options);
134
256
  }
135
257
 
258
+ /**
259
+ * Verifies a verifiable credential including revocation check
260
+ * @param {Object} params - Verification parameters
261
+ * @param {Object} params.credential - The credential to verify
262
+ * @param {Object} [params.membershipWitness] - Membership witness for revocation check
263
+ * @returns {Promise<Object>} Verification result
264
+ * @returns {boolean} returns.verified - Whether the credential is valid
265
+ * @returns {string} [returns.error] - Error message if verification failed
266
+ * @throws {Error} If validation fails
267
+ * @example
268
+ * const result = await credentialService.verifyCredential({
269
+ * credential: credentialData,
270
+ * membershipWitness: witnessData
271
+ * });
272
+ * if (!result.verified) {
273
+ * console.error('Verification failed:', result.error);
274
+ * }
275
+ */
136
276
  async verifyCredential(params) {
137
277
  validation.verifyCredential(params);
138
- const {credential, membershipWitness} = params;
278
+ let {credential, membershipWitness} = params;
279
+
280
+ if (credential._sd_jwt) {
281
+ credential = credential?._sd_jwt?.encoded;
282
+ }
283
+
284
+ if (typeof credential === 'string' && checkIsSDJWT(credential)) {
285
+ return verifySDJWT(credential);
286
+ }
287
+
139
288
  const result = await verifyCredential(credential, {
140
289
  resolver: blockchainService.resolver,
141
290
  revocationApi: {dock: blockchainService.dock},
@@ -160,6 +309,20 @@ class CredentialService {
160
309
  return result;
161
310
  }
162
311
 
312
+ /**
313
+ * Filters credentials based on a presentation definition
314
+ * @param {Object} params - Filter parameters
315
+ * @param {Array<Object>} params.credentials - Array of credentials to filter
316
+ * @param {Object} params.presentationDefinition - PEX presentation definition
317
+ * @param {string} [params.holderDid] - DID of the credential holder
318
+ * @returns {Object} Filtered credentials matching the presentation definition
319
+ * @example
320
+ * const filtered = credentialService.filterCredentials({
321
+ * credentials: allCredentials,
322
+ * presentationDefinition: definition,
323
+ * holderDid: 'did:example:holder'
324
+ * });
325
+ */
163
326
  filterCredentials(params) {
164
327
  const {credentials, presentationDefinition, holderDid} = params;
165
328
  const result = pex.selectFrom(
@@ -171,6 +334,18 @@ class CredentialService {
171
334
  return result;
172
335
  }
173
336
 
337
+ /**
338
+ * Evaluates a presentation against a presentation definition
339
+ * @param {Object} params - Evaluation parameters
340
+ * @param {Object} params.presentation - The presentation to evaluate
341
+ * @param {Object} params.presentationDefinition - PEX presentation definition
342
+ * @returns {Object} Evaluation result with validation details
343
+ * @example
344
+ * const evaluation = credentialService.evaluatePresentation({
345
+ * presentation: presentationData,
346
+ * presentationDefinition: definition
347
+ * });
348
+ */
174
349
  evaluatePresentation(params) {
175
350
  const {presentation, presentationDefinition} = params;
176
351
  const result = pex.evaluatePresentation(
@@ -181,16 +356,81 @@ class CredentialService {
181
356
  return result;
182
357
  }
183
358
 
359
+ /**
360
+ * Checks if a credential uses BBS+ signature
361
+ * @param {Object} params - Check parameters
362
+ * @param {Object} params.credential - The credential to check
363
+ * @returns {boolean} True if the credential uses BBS+ signature
364
+ */
184
365
  isBBSPlusCredential(params) {
185
366
  const {credential} = params;
186
367
  return isBBSPlusCredential(credential);
187
368
  }
188
369
 
370
+ /**
371
+ * Checks if a credential uses KVAC signature
372
+ * @param {Object} params - Check parameters
373
+ * @param {Object} params.credential - The credential to check
374
+ * @returns {boolean} True if the credential uses KVAC signature
375
+ */
189
376
  isKvacCredential(params) {
190
377
  const {credential} = params;
191
378
  return isKvacCredential(credential);
192
379
  }
193
380
 
381
+ /**
382
+ * Checks if a credential is an SD-JWT (Selective Disclosure JWT) credential
383
+ * @param {Object} params - Check parameters
384
+ * @param {string} params.credential - The JWT string to check
385
+ * @returns {boolean} True if the credential is an SD-JWT credential
386
+ * @example
387
+ * const isSDJWT = credentialService.isSDJWTCredential({
388
+ * credential: 'eyJ0eXAiOiJ2YytzZC1qd3Q...'
389
+ * });
390
+ */
391
+ isSDJWTCredential(params) {
392
+ const {credential} = params;
393
+ return checkIsSDJWT(credential);
394
+ }
395
+
396
+ /**
397
+ * Converts a credential to W3C Verifiable Credential format
398
+ * @description Handles both SD-JWT credentials (needs decoding) and regular W3C credentials (returns as-is)
399
+ * @param {Object} params - Conversion parameters
400
+ * @param {string|Object} params.credential - Either an SD-JWT string or a credential object
401
+ * @returns {Promise<Object>} W3C Verifiable Credential format
402
+ * @throws {Error} If credential cannot be converted to W3C format
403
+ * @example
404
+ * // Convert SD-JWT to W3C format
405
+ * const w3cCredential = await credentialService.credentialToW3C({
406
+ * credential: 'eyJ0eXAiOiJ2YytzZC1qd3Q...'
407
+ * });
408
+ *
409
+ * // Returns W3C credential as-is
410
+ * const w3cCredential = await credentialService.credentialToW3C({
411
+ * credential: { '@context': [...], type: [...], ... }
412
+ * });
413
+ */
414
+ async credentialToW3C(params) {
415
+ const {credential} = params;
416
+ return convertCredentialToW3C(credential);
417
+ }
418
+
419
+ /**
420
+ * Acquires a credential through OpenID for Verifiable Credentials (OID4VC)
421
+ * @param {Object} params - Acquisition parameters
422
+ * @param {string} params.uri - The credential offer URI
423
+ * @param {string} [params.authorizationCode] - Authorization code if required
424
+ * @param {Object} params.holderKeyDocument - Key document for the credential holder
425
+ * @returns {Promise<Object>} Result containing the credential or authorization URL
426
+ * @returns {Object} [returns.credential] - The acquired credential
427
+ * @returns {string} [returns.authorizationURL] - Authorization URL if auth is required
428
+ * @example
429
+ * const result = await credentialService.acquireOIDCredential({
430
+ * uri: 'openid-credential-offer://...',
431
+ * holderKeyDocument: keyDoc
432
+ * });
433
+ */
194
434
  async acquireOIDCredential({
195
435
  uri,
196
436
  authorizationCode,
@@ -209,6 +449,8 @@ class CredentialService {
209
449
  authorizationRequest: {
210
450
  redirectUri: 'dock-wallet://credentials/callback',
211
451
  clientId: 'dock.wallet',
452
+ // Hack: we need the scope property to avoid 'CredentialOffer format is wrong.' error
453
+ scope: []
212
454
  },
213
455
  });
214
456
 
@@ -264,6 +506,22 @@ class CredentialService {
264
506
  }
265
507
  }
266
508
 
509
+ /**
510
+ * Creates a BBS+ presentation with selective disclosure
511
+ * @param {Object} params - Presentation parameters
512
+ * @param {Array<Object>} params.credentials - Array of credentials with attributes to reveal
513
+ * @param {Object} params.credentials[].credential - The BBS+ credential
514
+ * @param {Array<string>} [params.credentials[].attributesToReveal] - Attributes to reveal
515
+ * @returns {Promise<Object>} The BBS+ presentation
516
+ * @throws {Error} If validation fails
517
+ * @example
518
+ * const presentation = await credentialService.createBBSPresentation({
519
+ * credentials: [{
520
+ * credential: bbsCredential,
521
+ * attributesToReveal: ['name', 'age']
522
+ * }]
523
+ * });
524
+ */
267
525
  async createBBSPresentation(params) {
268
526
  validation.createBBSPresentation(params);
269
527
  const {credentials} = params;
@@ -280,6 +538,13 @@ class CredentialService {
280
538
  return bbsPlusPresentation.createPresentation();
281
539
  }
282
540
 
541
+ /**
542
+ * Gets the accumulator ID from a credential's status
543
+ * @param {Object} params - Parameters
544
+ * @param {Object} params.credential - The credential to get accumulator ID from
545
+ * @returns {string|null} The accumulator ID or null if not present
546
+ * @throws {Error} If credential is not provided
547
+ */
283
548
  getAccumulatorId({credential}) {
284
549
  assert(!!credential, `credential is required`);
285
550
  if (!credential?.credentialStatus) {
@@ -289,6 +554,13 @@ class CredentialService {
289
554
  return credential?.credentialStatus.id;
290
555
  }
291
556
 
557
+ /**
558
+ * Gets accumulator data from the blockchain for a credential
559
+ * @param {Object} params - Parameters
560
+ * @param {Object} params.credential - The credential to get accumulator data for
561
+ * @returns {Promise<Object|null>} The accumulator data or null if not found
562
+ * @throws {Error} If credential is not provided
563
+ */
292
564
  async getAccumulatorData({credential}) {
293
565
  assert(!!credential, `credential is required`);
294
566
  const accumulatorId = await this.getAccumulatorId({credential});
@@ -304,10 +576,15 @@ class CredentialService {
304
576
  }
305
577
 
306
578
  /**
307
- * Fetch the latest accumulator witness updates for a given credential and membership witness
308
- * The witness is generated by the issuer when the credential is created and is stored in the wallet when the credential is imported
309
- *
310
- * @param param0
579
+ * Updates the membership witness with the latest accumulator state
580
+ * @description The witness is generated by the issuer when the credential is created
581
+ * and is stored in the wallet when the credential is imported. This method updates
582
+ * it with the latest accumulator changes from the blockchain.
583
+ * @param {Object} params - Update parameters
584
+ * @param {Object} params.credential - The credential with revocation status
585
+ * @param {Object} params.membershipWitnessJSON - Current membership witness in JSON format
586
+ * @returns {Promise<Object>} Updated membership witness in JSON format
587
+ * @throws {Error} If updates cannot be fetched or applied
311
588
  */
312
589
  async updateMembershipWitness({credential, membershipWitnessJSON}) {
313
590
  const revocationId = credential.credentialStatus.revocationId;
@@ -359,6 +636,25 @@ class CredentialService {
359
636
  return witness.toJSON();
360
637
  }
361
638
 
639
+ /**
640
+ * Derives verifiable credentials from a presentation with selective disclosure
641
+ * @param {Object} params - Derivation parameters
642
+ * @param {Array<Object>} params.credentials - Array of credential objects
643
+ * @param {Object} params.credentials[].credential - The credential
644
+ * @param {Array<string>} params.credentials[].attributesToReveal - Attributes to reveal
645
+ * @param {Object} [params.credentials[].witness] - Membership witness for revocation
646
+ * @param {Object} [params.options={}] - Additional options for derivation
647
+ * @param {Object} [params.proofRequest] - Proof request with constraints
648
+ * @returns {Promise<Array>} Array of derived credentials
649
+ * @throws {Error} If validation fails
650
+ * @example
651
+ * const derivedCredentials = await credentialService.deriveVCFromPresentation({
652
+ * credentials: [{
653
+ * credential: bbsCredential,
654
+ * attributesToReveal: ['name', 'dateOfBirth']
655
+ * }]
656
+ * });
657
+ */
362
658
  async deriveVCFromPresentation(params) {
363
659
  validation.deriveVCFromPresentation(params);
364
660
  const {credentials, options = {}, proofRequest} = params;
@@ -443,9 +739,34 @@ class CredentialService {
443
739
  return credentialsFromPresentation;
444
740
  }
445
741
 
742
+ /**
743
+ * Test method for range proofs
744
+ * @private
745
+ * @returns {Promise<void>}
746
+ */
446
747
  async testRangeProof() {
447
748
  console.log('test');
448
749
  }
449
750
  }
450
751
 
752
+ /**
753
+ * Singleton instance of the credential service
754
+ * @type {CredentialService}
755
+ * @example
756
+ * import { credentialService } from '@docknetwork/wallet-sdk-wasm/services/credential';
757
+ *
758
+ * // Create and sign a credential
759
+ * const credential = credentialService.generateCredential({
760
+ * subject: { id: 'did:example:123' }
761
+ * });
762
+ * const signed = await credentialService.signCredential({
763
+ * vcJson: credential,
764
+ * keyDoc: issuerKey
765
+ * });
766
+ *
767
+ * // Verify a credential
768
+ * const result = await credentialService.verifyCredential({
769
+ * credential: signedCredential
770
+ * });
771
+ */
451
772
  export const credentialService = new CredentialService();
@@ -1,4 +1,12 @@
1
1
  // @ts-nocheck
2
+
3
+ /**
4
+ * @module edv-service
5
+ * @description Encrypted Data Vault (EDV) service for the Wallet SDK.
6
+ * This module provides secure, encrypted storage functionality using EDV protocol,
7
+ * enabling privacy-preserving data storage with client-side encryption.
8
+ */
9
+
2
10
  import {InitializeEDVParams, serviceName} from './configs';
3
11
  import EDVHTTPStorageInterface from '@docknetwork/universal-wallet/storage/edv-http-storage';
4
12
  import HMAC from './hmac';
@@ -11,7 +19,10 @@ import {didService} from '@docknetwork/wallet-sdk-wasm/src/services/dids/service
11
19
  import {Ed25519Keypair} from '@docknetwork/credential-sdk/keypairs';
12
20
 
13
21
  /**
14
- * EDVService
22
+ * Service class for managing Encrypted Data Vaults
23
+ * @class
24
+ * @description Provides methods for creating, managing, and interacting with
25
+ * encrypted data vaults for secure storage of sensitive wallet data
15
26
  */
16
27
  export class EDVService {
17
28
  storageInterface: EDVHTTPStorageInterface;
@@ -30,10 +41,33 @@ export class EDVService {
30
41
  EDVService.prototype.delete,
31
42
  ];
32
43
 
44
+ /**
45
+ * Creates a new EDVService instance
46
+ * @constructor
47
+ */
33
48
  constructor() {
34
49
  this.name = serviceName;
35
50
  }
36
51
 
52
+ /**
53
+ * Initializes the EDV service with encryption keys and connection parameters
54
+ * @param {InitializeEDVParams} params - Initialization parameters
55
+ * @param {Object} params.hmacKey - HMAC key for document indexing
56
+ * @param {Object} params.agreementKey - Key agreement key for encryption
57
+ * @param {Object} params.verificationKey - Verification key for authentication
58
+ * @param {string} params.edvUrl - URL of the EDV server
59
+ * @param {string} params.authKey - Authentication key for the EDV server
60
+ * @returns {Promise<void>}
61
+ * @throws {Error} If unable to create or connect to EDV
62
+ * @example
63
+ * await edvService.initialize({
64
+ * hmacKey: hmacKeyData,
65
+ * agreementKey: agreementKeyData,
66
+ * verificationKey: verificationKeyData,
67
+ * edvUrl: 'https://edv.example.com',
68
+ * authKey: 'auth-token-123'
69
+ * });
70
+ */
37
71
  async initialize({
38
72
  hmacKey,
39
73
  agreementKey,
@@ -95,6 +129,21 @@ export class EDVService {
95
129
  });
96
130
  }
97
131
 
132
+ /**
133
+ * Generates new cryptographic keys for EDV operations
134
+ * @returns {Promise<Object>} Generated keys
135
+ * @returns {Object} returns.verificationKey - Ed25519 verification key for authentication
136
+ * @returns {Object} returns.agreementKey - X25519 key agreement key for encryption
137
+ * @returns {Object} returns.hmacKey - HMAC key for indexing
138
+ * @example
139
+ * const keys = await edvService.generateKeys();
140
+ * // Use keys for EDV initialization
141
+ * await edvService.initialize({
142
+ * ...keys,
143
+ * edvUrl: 'https://edv.example.com',
144
+ * authKey: 'auth-token'
145
+ * });
146
+ */
98
147
  async generateKeys() {
99
148
  const keyPair = await didService.generateKeyDoc({});
100
149
 
@@ -111,6 +160,17 @@ export class EDVService {
111
160
  return {verificationKey, agreementKey, hmacKey};
112
161
  }
113
162
 
163
+ /**
164
+ * Derives cryptographic keys from a master key
165
+ * @param {Uint8Array} masterKey - Master key for derivation
166
+ * @returns {Promise<Object>} Derived keys
167
+ * @returns {Object} returns.verificationKey - Derived Ed25519 verification key
168
+ * @returns {Object} returns.agreementKey - Derived X25519 key agreement key
169
+ * @returns {Object} returns.hmacKey - Derived HMAC key
170
+ * @example
171
+ * const masterKey = new Uint8Array(32); // Your master key
172
+ * const keys = await edvService.deriveKeys(masterKey);
173
+ */
114
174
  async deriveKeys(masterKey: Uint8Array) {
115
175
  const {keyPair: pair} = new Ed25519Keypair(masterKey, 'seed');
116
176
 
@@ -126,18 +186,66 @@ export class EDVService {
126
186
  return { verificationKey, agreementKey, hmacKey };
127
187
  }
128
188
 
189
+ /**
190
+ * Gets the controller identifier for the current EDV
191
+ * @returns {Promise<string>} The controller DID or identifier
192
+ * @example
193
+ * const controller = await edvService.getController();
194
+ * console.log('EDV Controller:', controller);
195
+ */
129
196
  async getController() {
130
197
  return this.controller;
131
198
  }
132
199
 
200
+ /**
201
+ * Finds documents in the EDV based on query parameters
202
+ * @param {Object} params - Query parameters
203
+ * @param {Object} [params.equals] - Equality-based query conditions
204
+ * @param {boolean} [params.has] - Existence-based query conditions
205
+ * @param {number} [params.limit] - Maximum number of results
206
+ * @returns {Promise<Array>} Array of matching documents
207
+ * @example
208
+ * const documents = await edvService.find({
209
+ * equals: { 'content.type': 'VerifiableCredential' },
210
+ * limit: 10
211
+ * });
212
+ */
133
213
  find(params: any) {
134
214
  return this.storageInterface.find(params);
135
215
  }
136
216
 
217
+ /**
218
+ * Updates a document in the EDV
219
+ * @param {Object} params - Update parameters
220
+ * @param {string} params.id - Document ID to update
221
+ * @param {Object} params.content - New document content
222
+ * @returns {Promise<Object>} Updated document
223
+ * @example
224
+ * const updated = await edvService.update({
225
+ * id: 'doc-123',
226
+ * content: { ...existingContent, updated: true }
227
+ * });
228
+ */
137
229
  update(params: any) {
138
230
  return this.storageInterface.update(params);
139
231
  }
140
232
 
233
+ /**
234
+ * Inserts a new document into the EDV
235
+ * @param {Object} params - Insert parameters
236
+ * @param {string} params.id - Document ID
237
+ * @param {Object} params.content - Document content to store
238
+ * @returns {Promise<Object>} The inserted document
239
+ * @throws {Error} If insertion fails
240
+ * @example
241
+ * const document = await edvService.insert({
242
+ * id: 'doc-456',
243
+ * content: {
244
+ * type: 'VerifiableCredential',
245
+ * data: credentialData
246
+ * }
247
+ * });
248
+ */
141
249
  insert(params: any) {
142
250
  this.insertQueue = this.insertQueue.then(() => {
143
251
  return this.storageInterface.insert(params).catch(error => {
@@ -148,9 +256,53 @@ export class EDVService {
148
256
  return this.insertQueue;
149
257
  }
150
258
 
259
+ /**
260
+ * Deletes a document from the EDV
261
+ * @param {Object} params - Deletion parameters
262
+ * @param {string} params.id - Document ID to delete
263
+ * @returns {Promise<boolean>} True if deletion successful
264
+ * @example
265
+ * const deleted = await edvService.delete({
266
+ * id: 'doc-123'
267
+ * });
268
+ */
151
269
  delete(params: any) {
152
270
  return this.storageInterface.delete(params);
153
271
  }
154
272
  }
155
273
 
274
+ /**
275
+ * Singleton instance of the EDV service
276
+ * @type {EDVService}
277
+ * @example
278
+ * import { edvService } from '@docknetwork/wallet-sdk-wasm/services/edv';
279
+ *
280
+ * // Generate keys and initialize
281
+ * const keys = await edvService.generateKeys();
282
+ * await edvService.initialize({
283
+ * ...keys,
284
+ * edvUrl: 'https://edv.example.com',
285
+ * authKey: 'auth-token'
286
+ * });
287
+ *
288
+ * // Store encrypted data
289
+ * await edvService.insert({
290
+ * id: 'credential-1',
291
+ * content: {
292
+ * type: 'VerifiableCredential',
293
+ * data: credentialData
294
+ * }
295
+ * });
296
+ *
297
+ * // Query encrypted data
298
+ * const credentials = await edvService.find({
299
+ * equals: { 'content.type': 'VerifiableCredential' }
300
+ * });
301
+ *
302
+ * // Update encrypted data
303
+ * await edvService.update({
304
+ * id: 'credential-1',
305
+ * content: updatedData
306
+ * });
307
+ */
156
308
  export const edvService: EDVService = new EDVService();