@docknetwork/wallet-sdk-wasm 1.5.14 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/generate-docs.js +49 -0
  2. package/jsdoc.conf.json +29 -6
  3. package/lib/index.js +8 -1
  4. package/lib/index.mjs +8 -1
  5. package/lib/rpc-server.js +10 -1
  6. package/lib/rpc-server.mjs +10 -1
  7. package/lib/services/blockchain/cached-did-resolver.js +113 -0
  8. package/lib/services/blockchain/cached-did-resolver.mjs +109 -0
  9. package/lib/services/blockchain/index.js +11 -0
  10. package/lib/services/blockchain/index.mjs +11 -0
  11. package/lib/services/blockchain/service-rpc.js +12 -0
  12. package/lib/services/blockchain/service-rpc.mjs +12 -0
  13. package/lib/services/blockchain/service.js +140 -11
  14. package/lib/services/blockchain/service.mjs +140 -11
  15. package/lib/services/credential/bbs-revocation.js +11 -0
  16. package/lib/services/credential/bbs-revocation.mjs +11 -0
  17. package/lib/services/credential/config.js +4 -1
  18. package/lib/services/credential/config.mjs +4 -1
  19. package/lib/services/credential/index.js +14 -0
  20. package/lib/services/credential/index.mjs +14 -0
  21. package/lib/services/credential/sd-jwt.js +214 -0
  22. package/lib/services/credential/sd-jwt.mjs +200 -0
  23. package/lib/services/credential/service-rpc.js +9 -0
  24. package/lib/services/credential/service-rpc.mjs +9 -0
  25. package/lib/services/credential/service.js +324 -7
  26. package/lib/services/credential/service.mjs +324 -7
  27. package/lib/services/edv/service.js +145 -1
  28. package/lib/services/edv/service.mjs +145 -1
  29. package/lib/services/index.js +13 -0
  30. package/lib/services/index.mjs +13 -0
  31. package/lib/services/relay-service/service.js +124 -1
  32. package/lib/services/relay-service/service.mjs +124 -1
  33. package/lib/services/rpc-service-client.js +0 -3
  34. package/lib/services/rpc-service-client.mjs +0 -3
  35. package/lib/services/storage/index.js +19 -2
  36. package/lib/services/storage/index.mjs +24 -1
  37. package/lib/services/storage/service-rpc.js +7 -3
  38. package/lib/services/storage/service-rpc.mjs +7 -3
  39. package/lib/services/storage/service.js +4 -0
  40. package/lib/services/storage/service.mjs +4 -0
  41. package/lib/setup-nodejs.js +8 -1
  42. package/lib/setup-nodejs.mjs +8 -1
  43. package/lib/setup-tests.js +8 -1
  44. package/lib/setup-tests.mjs +8 -1
  45. package/lib/src/services/blockchain/cached-did-resolver.d.ts +28 -0
  46. package/lib/src/services/blockchain/cached-did-resolver.d.ts.map +1 -0
  47. package/lib/src/services/blockchain/cached-did-resolver.test.d.ts +2 -0
  48. package/lib/src/services/blockchain/cached-did-resolver.test.d.ts.map +1 -0
  49. package/lib/src/services/blockchain/service.d.ts +114 -17
  50. package/lib/src/services/blockchain/service.d.ts.map +1 -1
  51. package/lib/src/services/credential/config.d.ts.map +1 -1
  52. package/lib/src/services/credential/index.d.ts +3 -0
  53. package/lib/src/services/credential/index.d.ts.map +1 -1
  54. package/lib/src/services/credential/sd-jwt.test.d.ts +2 -0
  55. package/lib/src/services/credential/sd-jwt.test.d.ts.map +1 -0
  56. package/lib/src/services/credential/service.d.ts +274 -4
  57. package/lib/src/services/credential/service.d.ts.map +1 -1
  58. package/lib/src/services/edv/service.d.ts +151 -1
  59. package/lib/src/services/edv/service.d.ts.map +1 -1
  60. package/lib/src/services/relay-service/service.d.ts +129 -1
  61. package/lib/src/services/relay-service/service.d.ts.map +1 -1
  62. package/lib/src/services/rpc-service-client.d.ts +2 -2
  63. package/lib/src/services/rpc-service-client.d.ts.map +1 -1
  64. package/lib/src/services/storage/index.d.ts +1 -1
  65. package/lib/src/services/storage/index.d.ts.map +1 -1
  66. package/lib/src/services/storage/service-rpc.d.ts +9 -0
  67. package/lib/src/services/storage/service-rpc.d.ts.map +1 -0
  68. package/lib/src/services/storage/service.d.ts +1 -0
  69. package/lib/src/services/storage/service.d.ts.map +1 -1
  70. package/lib/src/services/util-crypto/service.d.ts +1 -1
  71. package/lib/tsconfig.tsbuildinfo +1 -1
  72. package/lib/wallet/rpc-storage-interface.js +13 -3
  73. package/lib/wallet/rpc-storage-interface.mjs +11 -1
  74. package/lib/wallet/rpc-storage-wallet.js +10 -0
  75. package/lib/wallet/rpc-storage-wallet.mjs +10 -0
  76. package/package.json +13 -8
  77. package/src/services/blockchain/cached-did-resolver.test.ts +288 -0
  78. package/src/services/blockchain/cached-did-resolver.ts +126 -0
  79. package/src/services/blockchain/service-rpc.js +12 -0
  80. package/src/services/blockchain/service.ts +142 -11
  81. package/src/services/credential/config.ts +7 -1
  82. package/src/services/credential/sd-jwt.test.ts +718 -0
  83. package/src/services/credential/sd-jwt.ts +231 -0
  84. package/src/services/credential/service-rpc.js +9 -0
  85. package/src/services/credential/service.ts +328 -7
  86. package/src/services/edv/service.ts +153 -1
  87. package/src/services/relay-service/service.ts +130 -1
  88. package/src/services/rpc-service-client.js +0 -3
  89. package/src/services/storage/index.js +15 -1
  90. package/src/services/storage/service-rpc.js +7 -3
  91. package/src/services/storage/service.ts +5 -0
@@ -12,6 +12,7 @@ import assert from 'assert';
12
12
  import { getIsRevoked, getWitnessDetails } from './bbs-revocation.mjs';
13
13
  import { getPexRequiredAttributes, shouldSkipAttribute } from './pex-helpers.mjs';
14
14
  import { didService } from '../dids/service.mjs';
15
+ import { createSDJWTPresentation, isSDJWTCredential, verifySDJWT, credentialToW3C } from './sd-jwt.mjs';
15
16
  import '@cosmjs/proto-signing';
16
17
  import '@docknetwork/cheqd-blockchain-api';
17
18
  import '@docknetwork/cheqd-blockchain-modules';
@@ -26,6 +27,17 @@ import '@scure/bip39';
26
27
  import '@scure/bip39/wordlists/english';
27
28
  import '../util-crypto/configs.mjs';
28
29
  import '@docknetwork/credential-sdk/types';
30
+ import '../blockchain/cached-did-resolver.mjs';
31
+ import '../storage/index.mjs';
32
+ import '../storage/service.mjs';
33
+ import '../storage/service-rpc.mjs';
34
+ import '../rpc-service-client.mjs';
35
+ import '../../rpc-client.mjs';
36
+ import 'json-rpc-2.0';
37
+ import '../../core/crypto.mjs';
38
+ import 'crypto';
39
+ import '../../logger.mjs';
40
+ import '../../rpc-util.mjs';
29
41
  import '@docknetwork/crypto-wasm-ts/lib/legosnark';
30
42
  import 'base64url';
31
43
  import '@astronautlabs/jsonpath';
@@ -40,23 +52,65 @@ import '@digitalbazaar/x25519-key-agreement-key-2019';
40
52
  import '@digitalbazaar/ed25519-verification-key-2018';
41
53
  import '@digitalbazaar/ed25519-verification-key-2020';
42
54
  import '../dids/keypair-utils.mjs';
55
+ import '@sd-jwt/sd-jwt-vc';
56
+ import '@sd-jwt/crypto-nodejs';
43
57
 
44
58
  // @ts-nocheck
59
+ /**
60
+ * PEX (Presentation Exchange) instance for credential filtering
61
+ * @private
62
+ */
45
63
  const pex = new PEX();
64
+ /**
65
+ * Checks if a credential uses BBS+ signature
66
+ * @param {Object} credential - The credential to check
67
+ * @returns {boolean} True if the credential uses BBS+ signature
68
+ * @example
69
+ * const isBBS = isBBSPlusCredential(credential);
70
+ * if (isBBS) {
71
+ * console.log('This credential uses BBS+ signatures');
72
+ * }
73
+ */
46
74
  function isBBSPlusCredential(credential) {
47
75
  return ((typeof credential?.proof?.type === 'string' &&
48
76
  credential.proof.type.includes('BBS+SignatureDock')) ||
49
77
  (Array.isArray(credential['@context']) &&
50
78
  credential['@context'].find(context => typeof context === 'string' && context.indexOf('bbs') > -1)));
51
79
  }
80
+ /**
81
+ * Checks if a credential uses KVAC (BBDT16) signature
82
+ * @param {Object} credential - The credential to check
83
+ * @returns {boolean} True if the credential uses KVAC signature
84
+ * @example
85
+ * const isKVAC = isKvacCredential(credential);
86
+ */
52
87
  function isKvacCredential(credential) {
53
88
  return (typeof credential?.proof?.type === 'string' &&
54
89
  credential.proof.type.toLowerCase().includes('bbdt16'));
55
90
  }
91
+ /**
92
+ * Checks if a credential is anonymous (BBS+ or KVAC)
93
+ * @param {Object} credential - The credential to check
94
+ * @returns {boolean} True if the credential is anonymous
95
+ * @example
96
+ * if (isAnnonymousCredential(credential)) {
97
+ * console.log('This credential supports selective disclosure');
98
+ * }
99
+ */
56
100
  function isAnnonymousCredential(credential) {
57
101
  return isBBSPlusCredential(credential) || isKvacCredential(credential);
58
102
  }
103
+ /**
104
+ * Service class for managing verifiable credentials
105
+ * @class
106
+ * @description Provides methods for creating, signing, verifying, and presenting
107
+ * verifiable credentials with support for various signature types
108
+ */
59
109
  class CredentialService {
110
+ /**
111
+ * Creates a new CredentialService instance
112
+ * @constructor
113
+ */
60
114
  constructor() {
61
115
  this.name = serviceName;
62
116
  }
@@ -69,8 +123,25 @@ class CredentialService {
69
123
  CredentialService.prototype.deriveVCFromPresentation,
70
124
  CredentialService.prototype.isBBSPlusCredential,
71
125
  CredentialService.prototype.isKvacCredential,
126
+ CredentialService.prototype.isSDJWTCredential,
127
+ CredentialService.prototype.credentialToW3C,
128
+ CredentialService.prototype.createSDJWTPresentation,
72
129
  CredentialService.prototype.acquireOIDCredential,
73
130
  ];
131
+ createSDJWTPresentation(params) {
132
+ const { attributesToReveal, credential } = params;
133
+ return createSDJWTPresentation({ attributesToReveal, credential });
134
+ }
135
+ /**
136
+ * Generates a new verifiable credential template
137
+ * @param {Object} [params={}] - Generation parameters
138
+ * @param {Object} [params.subject] - The credential subject
139
+ * @returns {VerifiableCredential} A new verifiable credential instance
140
+ * @example
141
+ * const credential = credentialService.generateCredential({
142
+ * subject: { id: 'did:example:123', name: 'Alice' }
143
+ * });
144
+ */
74
145
  generateCredential(params = {}) {
75
146
  validation.generateCredential(params);
76
147
  const { subject } = params;
@@ -88,6 +159,19 @@ class CredentialService {
88
159
  }
89
160
  return vc;
90
161
  }
162
+ /**
163
+ * Signs a verifiable credential
164
+ * @param {Object} params - Signing parameters
165
+ * @param {Object} params.vcJson - The credential JSON to sign
166
+ * @param {Object} params.keyDoc - The key document for signing
167
+ * @returns {Promise<VerifiableCredential>} The signed verifiable credential
168
+ * @throws {Error} If validation fails or signing fails
169
+ * @example
170
+ * const signedCredential = await credentialService.signCredential({
171
+ * vcJson: credentialData,
172
+ * keyDoc: issuerKeyDocument
173
+ * });
174
+ */
91
175
  async signCredential(params) {
92
176
  validation.signCredential(params);
93
177
  const { vcJson, keyDoc } = params;
@@ -100,13 +184,38 @@ class CredentialService {
100
184
  await verifiableCredential.sign(suite);
101
185
  return verifiableCredential;
102
186
  }
187
+ /**
188
+ * Creates a verifiable presentation from credentials
189
+ * @param {Object} params - Presentation parameters
190
+ * @param {Array<Object>} params.credentials - Array of verifiable credentials to include
191
+ * @param {Object} params.keyDoc - The key document for signing the presentation
192
+ * @param {string} [params.challenge] - Challenge string for the presentation proof
193
+ * @param {string} [params.id] - Presentation identifier
194
+ * @param {string} [params.domain] - Domain for the presentation proof
195
+ * @returns {Promise<Object>} The signed verifiable presentation
196
+ * @throws {Error} If validation fails
197
+ * @example
198
+ * const presentation = await credentialService.createPresentation({
199
+ * credentials: [credential1, credential2],
200
+ * keyDoc: holderKeyDocument,
201
+ * challenge: 'abc123',
202
+ * domain: 'example.com'
203
+ * });
204
+ */
103
205
  async createPresentation(params) {
104
206
  validation.createPresentation(params);
105
207
  const { credentials, keyDoc, challenge, id, domain } = params;
106
208
  const vp = new VerifiablePresentation(id);
107
209
  let shouldSkipSigning = false;
210
+ let jwtCredentials = [];
108
211
  for (const signedVC of credentials) {
109
- vp.addCredential(signedVC);
212
+ if (typeof signedVC === 'string') {
213
+ jwtCredentials.push(signedVC);
214
+ shouldSkipSigning = true;
215
+ }
216
+ else {
217
+ vp.addCredential(signedVC);
218
+ }
110
219
  shouldSkipSigning = shouldSkipSigning || isAnnonymousCredential(signedVC);
111
220
  }
112
221
  if (!shouldSkipSigning) {
@@ -116,16 +225,54 @@ class CredentialService {
116
225
  keyPair.signer = keyPair.signer();
117
226
  const suite = await getSuiteFromKeyDoc(keyPair);
118
227
  if (shouldSkipSigning) {
119
- return vp.toJSON();
228
+ const result = vp.toJSON();
229
+ result.verifiableCredential.push(...jwtCredentials);
230
+ return result;
120
231
  }
121
232
  return vp.sign(suite, challenge, domain, blockchainService.resolver);
122
233
  }
234
+ /**
235
+ * Verifies a verifiable presentation
236
+ * @param {Object} params - Verification parameters
237
+ * @param {Object} params.presentation - The presentation to verify
238
+ * @param {Object} [params.options] - Verification options
239
+ * @returns {Promise<Object>} Verification result with verified status and any errors
240
+ * @example
241
+ * const result = await credentialService.verifyPresentation({
242
+ * presentation: presentationData
243
+ * });
244
+ * console.log('Verified:', result.verified);
245
+ */
123
246
  async verifyPresentation({ presentation, options }) {
124
247
  return verifyPresentation(presentation, options);
125
248
  }
249
+ /**
250
+ * Verifies a verifiable credential including revocation check
251
+ * @param {Object} params - Verification parameters
252
+ * @param {Object} params.credential - The credential to verify
253
+ * @param {Object} [params.membershipWitness] - Membership witness for revocation check
254
+ * @returns {Promise<Object>} Verification result
255
+ * @returns {boolean} returns.verified - Whether the credential is valid
256
+ * @returns {string} [returns.error] - Error message if verification failed
257
+ * @throws {Error} If validation fails
258
+ * @example
259
+ * const result = await credentialService.verifyCredential({
260
+ * credential: credentialData,
261
+ * membershipWitness: witnessData
262
+ * });
263
+ * if (!result.verified) {
264
+ * console.error('Verification failed:', result.error);
265
+ * }
266
+ */
126
267
  async verifyCredential(params) {
127
268
  validation.verifyCredential(params);
128
- const { credential, membershipWitness } = params;
269
+ let { credential, membershipWitness } = params;
270
+ if (credential._sd_jwt) {
271
+ credential = credential?._sd_jwt?.encoded;
272
+ }
273
+ if (typeof credential === 'string' && isSDJWTCredential(credential)) {
274
+ return verifySDJWT(credential);
275
+ }
129
276
  const result = await verifyCredential(credential, {
130
277
  resolver: blockchainService.resolver,
131
278
  revocationApi: { dock: blockchainService.dock },
@@ -146,24 +293,113 @@ class CredentialService {
146
293
  }
147
294
  return result;
148
295
  }
296
+ /**
297
+ * Filters credentials based on a presentation definition
298
+ * @param {Object} params - Filter parameters
299
+ * @param {Array<Object>} params.credentials - Array of credentials to filter
300
+ * @param {Object} params.presentationDefinition - PEX presentation definition
301
+ * @param {string} [params.holderDid] - DID of the credential holder
302
+ * @returns {Object} Filtered credentials matching the presentation definition
303
+ * @example
304
+ * const filtered = credentialService.filterCredentials({
305
+ * credentials: allCredentials,
306
+ * presentationDefinition: definition,
307
+ * holderDid: 'did:example:holder'
308
+ * });
309
+ */
149
310
  filterCredentials(params) {
150
311
  const { credentials, presentationDefinition, holderDid } = params;
151
312
  const result = pex.selectFrom(presentationDefinition, credentials, holderDid);
152
313
  return result;
153
314
  }
315
+ /**
316
+ * Evaluates a presentation against a presentation definition
317
+ * @param {Object} params - Evaluation parameters
318
+ * @param {Object} params.presentation - The presentation to evaluate
319
+ * @param {Object} params.presentationDefinition - PEX presentation definition
320
+ * @returns {Object} Evaluation result with validation details
321
+ * @example
322
+ * const evaluation = credentialService.evaluatePresentation({
323
+ * presentation: presentationData,
324
+ * presentationDefinition: definition
325
+ * });
326
+ */
154
327
  evaluatePresentation(params) {
155
328
  const { presentation, presentationDefinition } = params;
156
329
  const result = pex.evaluatePresentation(presentationDefinition, presentation);
157
330
  return result;
158
331
  }
332
+ /**
333
+ * Checks if a credential uses BBS+ signature
334
+ * @param {Object} params - Check parameters
335
+ * @param {Object} params.credential - The credential to check
336
+ * @returns {boolean} True if the credential uses BBS+ signature
337
+ */
159
338
  isBBSPlusCredential(params) {
160
339
  const { credential } = params;
161
340
  return isBBSPlusCredential(credential);
162
341
  }
342
+ /**
343
+ * Checks if a credential uses KVAC signature
344
+ * @param {Object} params - Check parameters
345
+ * @param {Object} params.credential - The credential to check
346
+ * @returns {boolean} True if the credential uses KVAC signature
347
+ */
163
348
  isKvacCredential(params) {
164
349
  const { credential } = params;
165
350
  return isKvacCredential(credential);
166
351
  }
352
+ /**
353
+ * Checks if a credential is an SD-JWT (Selective Disclosure JWT) credential
354
+ * @param {Object} params - Check parameters
355
+ * @param {string} params.credential - The JWT string to check
356
+ * @returns {boolean} True if the credential is an SD-JWT credential
357
+ * @example
358
+ * const isSDJWT = credentialService.isSDJWTCredential({
359
+ * credential: 'eyJ0eXAiOiJ2YytzZC1qd3Q...'
360
+ * });
361
+ */
362
+ isSDJWTCredential(params) {
363
+ const { credential } = params;
364
+ return isSDJWTCredential(credential);
365
+ }
366
+ /**
367
+ * Converts a credential to W3C Verifiable Credential format
368
+ * @description Handles both SD-JWT credentials (needs decoding) and regular W3C credentials (returns as-is)
369
+ * @param {Object} params - Conversion parameters
370
+ * @param {string|Object} params.credential - Either an SD-JWT string or a credential object
371
+ * @returns {Promise<Object>} W3C Verifiable Credential format
372
+ * @throws {Error} If credential cannot be converted to W3C format
373
+ * @example
374
+ * // Convert SD-JWT to W3C format
375
+ * const w3cCredential = await credentialService.credentialToW3C({
376
+ * credential: 'eyJ0eXAiOiJ2YytzZC1qd3Q...'
377
+ * });
378
+ *
379
+ * // Returns W3C credential as-is
380
+ * const w3cCredential = await credentialService.credentialToW3C({
381
+ * credential: { '@context': [...], type: [...], ... }
382
+ * });
383
+ */
384
+ async credentialToW3C(params) {
385
+ const { credential } = params;
386
+ return credentialToW3C(credential);
387
+ }
388
+ /**
389
+ * Acquires a credential through OpenID for Verifiable Credentials (OID4VC)
390
+ * @param {Object} params - Acquisition parameters
391
+ * @param {string} params.uri - The credential offer URI
392
+ * @param {string} [params.authorizationCode] - Authorization code if required
393
+ * @param {Object} params.holderKeyDocument - Key document for the credential holder
394
+ * @returns {Promise<Object>} Result containing the credential or authorization URL
395
+ * @returns {Object} [returns.credential] - The acquired credential
396
+ * @returns {string} [returns.authorizationURL] - Authorization URL if auth is required
397
+ * @example
398
+ * const result = await credentialService.acquireOIDCredential({
399
+ * uri: 'openid-credential-offer://...',
400
+ * holderKeyDocument: keyDoc
401
+ * });
402
+ */
167
403
  async acquireOIDCredential({ uri, authorizationCode, holderKeyDocument, }) {
168
404
  const searchParams = new URL(uri).searchParams;
169
405
  new URLSearchParams(searchParams);
@@ -173,6 +409,8 @@ class CredentialService {
173
409
  authorizationRequest: {
174
410
  redirectUri: 'dock-wallet://credentials/callback',
175
411
  clientId: 'dock.wallet',
412
+ // Hack: we need the scope property to avoid 'CredentialOffer format is wrong.' error
413
+ scope: []
176
414
  },
177
415
  });
178
416
  const format = 'ldp_vc';
@@ -223,6 +461,22 @@ class CredentialService {
223
461
  console.error(err);
224
462
  }
225
463
  }
464
+ /**
465
+ * Creates a BBS+ presentation with selective disclosure
466
+ * @param {Object} params - Presentation parameters
467
+ * @param {Array<Object>} params.credentials - Array of credentials with attributes to reveal
468
+ * @param {Object} params.credentials[].credential - The BBS+ credential
469
+ * @param {Array<string>} [params.credentials[].attributesToReveal] - Attributes to reveal
470
+ * @returns {Promise<Object>} The BBS+ presentation
471
+ * @throws {Error} If validation fails
472
+ * @example
473
+ * const presentation = await credentialService.createBBSPresentation({
474
+ * credentials: [{
475
+ * credential: bbsCredential,
476
+ * attributesToReveal: ['name', 'age']
477
+ * }]
478
+ * });
479
+ */
226
480
  async createBBSPresentation(params) {
227
481
  validation.createBBSPresentation(params);
228
482
  const { credentials } = params;
@@ -237,6 +491,13 @@ class CredentialService {
237
491
  }
238
492
  return bbsPlusPresentation.createPresentation();
239
493
  }
494
+ /**
495
+ * Gets the accumulator ID from a credential's status
496
+ * @param {Object} params - Parameters
497
+ * @param {Object} params.credential - The credential to get accumulator ID from
498
+ * @returns {string|null} The accumulator ID or null if not present
499
+ * @throws {Error} If credential is not provided
500
+ */
240
501
  getAccumulatorId({ credential }) {
241
502
  assert(!!credential, `credential is required`);
242
503
  if (!credential?.credentialStatus) {
@@ -244,6 +505,13 @@ class CredentialService {
244
505
  }
245
506
  return credential?.credentialStatus.id;
246
507
  }
508
+ /**
509
+ * Gets accumulator data from the blockchain for a credential
510
+ * @param {Object} params - Parameters
511
+ * @param {Object} params.credential - The credential to get accumulator data for
512
+ * @returns {Promise<Object|null>} The accumulator data or null if not found
513
+ * @throws {Error} If credential is not provided
514
+ */
247
515
  async getAccumulatorData({ credential }) {
248
516
  assert(!!credential, `credential is required`);
249
517
  const accumulatorId = await this.getAccumulatorId({ credential });
@@ -253,10 +521,15 @@ class CredentialService {
253
521
  return blockchainService.dock.accumulatorModule.getAccumulator(accumulatorId, false);
254
522
  }
255
523
  /**
256
- * Fetch the latest accumulator witness updates for a given credential and membership witness
257
- * The witness is generated by the issuer when the credential is created and is stored in the wallet when the credential is imported
258
- *
259
- * @param param0
524
+ * Updates the membership witness with the latest accumulator state
525
+ * @description The witness is generated by the issuer when the credential is created
526
+ * and is stored in the wallet when the credential is imported. This method updates
527
+ * it with the latest accumulator changes from the blockchain.
528
+ * @param {Object} params - Update parameters
529
+ * @param {Object} params.credential - The credential with revocation status
530
+ * @param {Object} params.membershipWitnessJSON - Current membership witness in JSON format
531
+ * @returns {Promise<Object>} Updated membership witness in JSON format
532
+ * @throws {Error} If updates cannot be fetched or applied
260
533
  */
261
534
  async updateMembershipWitness({ credential, membershipWitnessJSON }) {
262
535
  const revocationId = credential.credentialStatus.revocationId;
@@ -293,6 +566,25 @@ class CredentialService {
293
566
  witness.updateUsingPublicInfoPostBatchUpdate(member, additions, removals, queriedWitnessInfo);
294
567
  return witness.toJSON();
295
568
  }
569
+ /**
570
+ * Derives verifiable credentials from a presentation with selective disclosure
571
+ * @param {Object} params - Derivation parameters
572
+ * @param {Array<Object>} params.credentials - Array of credential objects
573
+ * @param {Object} params.credentials[].credential - The credential
574
+ * @param {Array<string>} params.credentials[].attributesToReveal - Attributes to reveal
575
+ * @param {Object} [params.credentials[].witness] - Membership witness for revocation
576
+ * @param {Object} [params.options={}] - Additional options for derivation
577
+ * @param {Object} [params.proofRequest] - Proof request with constraints
578
+ * @returns {Promise<Array>} Array of derived credentials
579
+ * @throws {Error} If validation fails
580
+ * @example
581
+ * const derivedCredentials = await credentialService.deriveVCFromPresentation({
582
+ * credentials: [{
583
+ * credential: bbsCredential,
584
+ * attributesToReveal: ['name', 'dateOfBirth']
585
+ * }]
586
+ * });
587
+ */
296
588
  async deriveVCFromPresentation(params) {
297
589
  validation.deriveVCFromPresentation(params);
298
590
  const { credentials, options = {}, proofRequest } = params;
@@ -346,10 +638,35 @@ class CredentialService {
346
638
  const credentialsFromPresentation = await presentation.deriveCredentials(options);
347
639
  return credentialsFromPresentation;
348
640
  }
641
+ /**
642
+ * Test method for range proofs
643
+ * @private
644
+ * @returns {Promise<void>}
645
+ */
349
646
  async testRangeProof() {
350
647
  console.log('test');
351
648
  }
352
649
  }
650
+ /**
651
+ * Singleton instance of the credential service
652
+ * @type {CredentialService}
653
+ * @example
654
+ * import { credentialService } from '@docknetwork/wallet-sdk-wasm/services/credential';
655
+ *
656
+ * // Create and sign a credential
657
+ * const credential = credentialService.generateCredential({
658
+ * subject: { id: 'did:example:123' }
659
+ * });
660
+ * const signed = await credentialService.signCredential({
661
+ * vcJson: credential,
662
+ * keyDoc: issuerKey
663
+ * });
664
+ *
665
+ * // Verify a credential
666
+ * const result = await credentialService.verifyCredential({
667
+ * credential: signedCredential
668
+ * });
669
+ */
353
670
  const credentialService = new CredentialService();
354
671
 
355
672
  export { credentialService, isAnnonymousCredential, isBBSPlusCredential, isKvacCredential };
@@ -31,7 +31,10 @@ var EDVHTTPStorageInterface__default = /*#__PURE__*/_interopDefaultLegacy(EDVHTT
31
31
 
32
32
  // @ts-nocheck
33
33
  /**
34
- * EDVService
34
+ * Service class for managing Encrypted Data Vaults
35
+ * @class
36
+ * @description Provides methods for creating, managing, and interacting with
37
+ * encrypted data vaults for secure storage of sensitive wallet data
35
38
  */
36
39
  class EDVService {
37
40
  storageInterface;
@@ -47,9 +50,32 @@ class EDVService {
47
50
  EDVService.prototype.insert,
48
51
  EDVService.prototype.delete,
49
52
  ];
53
+ /**
54
+ * Creates a new EDVService instance
55
+ * @constructor
56
+ */
50
57
  constructor() {
51
58
  this.name = services_edv_configs.serviceName;
52
59
  }
60
+ /**
61
+ * Initializes the EDV service with encryption keys and connection parameters
62
+ * @param {InitializeEDVParams} params - Initialization parameters
63
+ * @param {Object} params.hmacKey - HMAC key for document indexing
64
+ * @param {Object} params.agreementKey - Key agreement key for encryption
65
+ * @param {Object} params.verificationKey - Verification key for authentication
66
+ * @param {string} params.edvUrl - URL of the EDV server
67
+ * @param {string} params.authKey - Authentication key for the EDV server
68
+ * @returns {Promise<void>}
69
+ * @throws {Error} If unable to create or connect to EDV
70
+ * @example
71
+ * await edvService.initialize({
72
+ * hmacKey: hmacKeyData,
73
+ * agreementKey: agreementKeyData,
74
+ * verificationKey: verificationKeyData,
75
+ * edvUrl: 'https://edv.example.com',
76
+ * authKey: 'auth-token-123'
77
+ * });
78
+ */
53
79
  async initialize({ hmacKey, agreementKey, verificationKey, edvUrl, authKey, }) {
54
80
  const hmac = await services_edv_hmac.create({
55
81
  key: hmacKey,
@@ -97,6 +123,21 @@ class EDVService {
97
123
  attribute: 'content.type',
98
124
  });
99
125
  }
126
+ /**
127
+ * Generates new cryptographic keys for EDV operations
128
+ * @returns {Promise<Object>} Generated keys
129
+ * @returns {Object} returns.verificationKey - Ed25519 verification key for authentication
130
+ * @returns {Object} returns.agreementKey - X25519 key agreement key for encryption
131
+ * @returns {Object} returns.hmacKey - HMAC key for indexing
132
+ * @example
133
+ * const keys = await edvService.generateKeys();
134
+ * // Use keys for EDV initialization
135
+ * await edvService.initialize({
136
+ * ...keys,
137
+ * edvUrl: 'https://edv.example.com',
138
+ * authKey: 'auth-token'
139
+ * });
140
+ */
100
141
  async generateKeys() {
101
142
  const keyPair = await services_dids_service.didService.generateKeyDoc({});
102
143
  const verificationKey = await ed25519VerificationKey2018.Ed25519VerificationKey2018.generate({
@@ -109,6 +150,17 @@ class EDVService {
109
150
  const hmacKey = await services_edv_hmac.exportKey(await services_edv_hmac.generateKey());
110
151
  return { verificationKey, agreementKey, hmacKey };
111
152
  }
153
+ /**
154
+ * Derives cryptographic keys from a master key
155
+ * @param {Uint8Array} masterKey - Master key for derivation
156
+ * @returns {Promise<Object>} Derived keys
157
+ * @returns {Object} returns.verificationKey - Derived Ed25519 verification key
158
+ * @returns {Object} returns.agreementKey - Derived X25519 key agreement key
159
+ * @returns {Object} returns.hmacKey - Derived HMAC key
160
+ * @example
161
+ * const masterKey = new Uint8Array(32); // Your master key
162
+ * const keys = await edvService.deriveKeys(masterKey);
163
+ */
112
164
  async deriveKeys(masterKey) {
113
165
  const { keyPair: pair } = new keypairs$1.Ed25519Keypair(masterKey, 'seed');
114
166
  const keyPair = await services_dids_service.didService.deriveKeyDoc({ pair });
@@ -118,15 +170,63 @@ class EDVService {
118
170
  const hmacKey = await services_edv_hmac.exportKey(await services_edv_hmac.deriveKey(masterKey));
119
171
  return { verificationKey, agreementKey, hmacKey };
120
172
  }
173
+ /**
174
+ * Gets the controller identifier for the current EDV
175
+ * @returns {Promise<string>} The controller DID or identifier
176
+ * @example
177
+ * const controller = await edvService.getController();
178
+ * console.log('EDV Controller:', controller);
179
+ */
121
180
  async getController() {
122
181
  return this.controller;
123
182
  }
183
+ /**
184
+ * Finds documents in the EDV based on query parameters
185
+ * @param {Object} params - Query parameters
186
+ * @param {Object} [params.equals] - Equality-based query conditions
187
+ * @param {boolean} [params.has] - Existence-based query conditions
188
+ * @param {number} [params.limit] - Maximum number of results
189
+ * @returns {Promise<Array>} Array of matching documents
190
+ * @example
191
+ * const documents = await edvService.find({
192
+ * equals: { 'content.type': 'VerifiableCredential' },
193
+ * limit: 10
194
+ * });
195
+ */
124
196
  find(params) {
125
197
  return this.storageInterface.find(params);
126
198
  }
199
+ /**
200
+ * Updates a document in the EDV
201
+ * @param {Object} params - Update parameters
202
+ * @param {string} params.id - Document ID to update
203
+ * @param {Object} params.content - New document content
204
+ * @returns {Promise<Object>} Updated document
205
+ * @example
206
+ * const updated = await edvService.update({
207
+ * id: 'doc-123',
208
+ * content: { ...existingContent, updated: true }
209
+ * });
210
+ */
127
211
  update(params) {
128
212
  return this.storageInterface.update(params);
129
213
  }
214
+ /**
215
+ * Inserts a new document into the EDV
216
+ * @param {Object} params - Insert parameters
217
+ * @param {string} params.id - Document ID
218
+ * @param {Object} params.content - Document content to store
219
+ * @returns {Promise<Object>} The inserted document
220
+ * @throws {Error} If insertion fails
221
+ * @example
222
+ * const document = await edvService.insert({
223
+ * id: 'doc-456',
224
+ * content: {
225
+ * type: 'VerifiableCredential',
226
+ * data: credentialData
227
+ * }
228
+ * });
229
+ */
130
230
  insert(params) {
131
231
  this.insertQueue = this.insertQueue.then(() => {
132
232
  return this.storageInterface.insert(params).catch(error => {
@@ -136,10 +236,54 @@ class EDVService {
136
236
  });
137
237
  return this.insertQueue;
138
238
  }
239
+ /**
240
+ * Deletes a document from the EDV
241
+ * @param {Object} params - Deletion parameters
242
+ * @param {string} params.id - Document ID to delete
243
+ * @returns {Promise<boolean>} True if deletion successful
244
+ * @example
245
+ * const deleted = await edvService.delete({
246
+ * id: 'doc-123'
247
+ * });
248
+ */
139
249
  delete(params) {
140
250
  return this.storageInterface.delete(params);
141
251
  }
142
252
  }
253
+ /**
254
+ * Singleton instance of the EDV service
255
+ * @type {EDVService}
256
+ * @example
257
+ * import { edvService } from '@docknetwork/wallet-sdk-wasm/services/edv';
258
+ *
259
+ * // Generate keys and initialize
260
+ * const keys = await edvService.generateKeys();
261
+ * await edvService.initialize({
262
+ * ...keys,
263
+ * edvUrl: 'https://edv.example.com',
264
+ * authKey: 'auth-token'
265
+ * });
266
+ *
267
+ * // Store encrypted data
268
+ * await edvService.insert({
269
+ * id: 'credential-1',
270
+ * content: {
271
+ * type: 'VerifiableCredential',
272
+ * data: credentialData
273
+ * }
274
+ * });
275
+ *
276
+ * // Query encrypted data
277
+ * const credentials = await edvService.find({
278
+ * equals: { 'content.type': 'VerifiableCredential' }
279
+ * });
280
+ *
281
+ * // Update encrypted data
282
+ * await edvService.update({
283
+ * id: 'credential-1',
284
+ * content: updatedData
285
+ * });
286
+ */
143
287
  const edvService = new EDVService();
144
288
 
145
289
  exports.EDVService = EDVService;