@docknetwork/wallet-sdk-wasm 1.5.14 → 1.7.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/generate-docs.js +49 -0
- package/jsdoc.conf.json +29 -6
- package/lib/index.js +9 -1
- package/lib/index.mjs +9 -1
- package/lib/modules/network-manager.js +15 -12
- package/lib/modules/network-manager.mjs +15 -12
- package/lib/rpc-server.js +11 -1
- package/lib/rpc-server.mjs +11 -1
- package/lib/services/blockchain/cached-did-resolver.js +113 -0
- package/lib/services/blockchain/cached-did-resolver.mjs +109 -0
- package/lib/services/blockchain/index.js +11 -0
- package/lib/services/blockchain/index.mjs +11 -0
- package/lib/services/blockchain/service-rpc.js +12 -0
- package/lib/services/blockchain/service-rpc.mjs +12 -0
- package/lib/services/blockchain/service.js +161 -19
- package/lib/services/blockchain/service.mjs +162 -20
- package/lib/services/credential/bbs-revocation.js +11 -0
- package/lib/services/credential/bbs-revocation.mjs +11 -0
- package/lib/services/credential/bound-check.js +1 -1
- package/lib/services/credential/bound-check.mjs +1 -1
- package/lib/services/credential/config.js +4 -1
- package/lib/services/credential/config.mjs +4 -1
- package/lib/services/credential/delegatable-credentials.js +300 -0
- package/lib/services/credential/delegatable-credentials.mjs +263 -0
- package/lib/services/credential/index.js +53 -0
- package/lib/services/credential/index.mjs +18 -0
- package/lib/services/credential/pex-helpers.js +4 -4
- package/lib/services/credential/pex-helpers.mjs +4 -4
- package/lib/services/credential/sd-jwt.js +214 -0
- package/lib/services/credential/sd-jwt.mjs +200 -0
- package/lib/services/credential/service-rpc.js +9 -0
- package/lib/services/credential/service-rpc.mjs +9 -0
- package/lib/services/credential/service.js +324 -7
- package/lib/services/credential/service.mjs +324 -7
- package/lib/services/edv/index.js +1 -0
- package/lib/services/edv/index.mjs +1 -0
- package/lib/services/edv/service-rpc.js +23 -0
- package/lib/services/edv/service-rpc.mjs +23 -0
- package/lib/services/edv/service.js +226 -2
- package/lib/services/edv/service.mjs +223 -3
- package/lib/services/index.js +14 -0
- package/lib/services/index.mjs +14 -0
- package/lib/services/pex/config.js +4 -0
- package/lib/services/pex/config.mjs +4 -0
- package/lib/services/pex/service-rpc.js +4 -0
- package/lib/services/pex/service-rpc.mjs +4 -0
- package/lib/services/pex/service.js +7 -0
- package/lib/services/pex/service.mjs +7 -0
- package/lib/services/relay-service/service.js +124 -1
- package/lib/services/relay-service/service.mjs +124 -1
- package/lib/services/rpc-service-client.js +0 -3
- package/lib/services/rpc-service-client.mjs +0 -3
- package/lib/services/storage/index.js +19 -2
- package/lib/services/storage/index.mjs +24 -1
- package/lib/services/storage/service-rpc.js +7 -3
- package/lib/services/storage/service-rpc.mjs +7 -3
- package/lib/services/storage/service.js +4 -0
- package/lib/services/storage/service.mjs +4 -0
- package/lib/setup-nodejs.js +9 -1
- package/lib/setup-nodejs.mjs +9 -1
- package/lib/setup-tests.js +9 -1
- package/lib/setup-tests.mjs +9 -1
- package/lib/src/modules/event-manager.d.ts +0 -1
- package/lib/src/modules/event-manager.d.ts.map +1 -1
- package/lib/src/modules/network-manager.d.ts +2 -4
- package/lib/src/modules/network-manager.d.ts.map +1 -1
- package/lib/src/services/blockchain/cached-did-resolver.d.ts +28 -0
- package/lib/src/services/blockchain/cached-did-resolver.d.ts.map +1 -0
- package/lib/src/services/blockchain/cached-did-resolver.test.d.ts +2 -0
- package/lib/src/services/blockchain/cached-did-resolver.test.d.ts.map +1 -0
- package/lib/src/services/blockchain/configs.d.ts +1 -2
- package/lib/src/services/blockchain/configs.d.ts.map +1 -1
- package/lib/src/services/blockchain/service.d.ts +117 -19
- package/lib/src/services/blockchain/service.d.ts.map +1 -1
- package/lib/src/services/credential/bbs-revocation.d.ts +1 -1
- package/lib/src/services/credential/bbs-revocation.d.ts.map +1 -1
- package/lib/src/services/credential/bound-check.d.ts.map +1 -1
- package/lib/src/services/credential/config.d.ts.map +1 -1
- package/lib/src/services/credential/delegatable-credentials.d.ts +272 -0
- package/lib/src/services/credential/delegatable-credentials.d.ts.map +1 -0
- package/lib/src/services/credential/index.d.ts +4 -0
- package/lib/src/services/credential/index.d.ts.map +1 -1
- package/lib/src/services/credential/pex-helpers.d.ts +2 -2
- package/lib/src/services/credential/pex-helpers.d.ts.map +1 -1
- package/lib/src/services/credential/sd-jwt.test.d.ts +2 -0
- package/lib/src/services/credential/sd-jwt.test.d.ts.map +1 -0
- package/lib/src/services/credential/service.d.ts +274 -4
- package/lib/src/services/credential/service.d.ts.map +1 -1
- package/lib/src/services/dids/keypair-utils.d.ts +2 -2
- package/lib/src/services/dids/keypair-utils.d.ts.map +1 -1
- package/lib/src/services/dids/service.d.ts +35 -3
- package/lib/src/services/dids/service.d.ts.map +1 -1
- package/lib/src/services/edv/service.d.ts +201 -2
- package/lib/src/services/edv/service.d.ts.map +1 -1
- package/lib/src/services/pex/config.d.ts +1 -0
- package/lib/src/services/pex/config.d.ts.map +1 -1
- package/lib/src/services/pex/service.d.ts +1 -0
- package/lib/src/services/pex/service.d.ts.map +1 -1
- package/lib/src/services/relay-service/service.d.ts +148 -8
- package/lib/src/services/relay-service/service.d.ts.map +1 -1
- package/lib/src/services/rpc-service-client.d.ts +2 -2
- package/lib/src/services/rpc-service-client.d.ts.map +1 -1
- package/lib/src/services/storage/index.d.ts +1 -1
- package/lib/src/services/storage/index.d.ts.map +1 -1
- package/lib/src/services/storage/service-rpc.d.ts +9 -0
- package/lib/src/services/storage/service-rpc.d.ts.map +1 -0
- package/lib/src/services/storage/service.d.ts +1 -0
- package/lib/src/services/storage/service.d.ts.map +1 -1
- package/lib/src/services/util-crypto/service.d.ts +2 -2
- package/lib/src/services/util-crypto/service.d.ts.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/lib/wallet/rpc-storage-interface.js +13 -3
- package/lib/wallet/rpc-storage-interface.mjs +11 -1
- package/lib/wallet/rpc-storage-wallet.js +10 -0
- package/lib/wallet/rpc-storage-wallet.mjs +10 -0
- package/package.json +29 -16
- package/rollup.config.mjs +5 -3
- package/src/globals.d.ts +3 -0
- package/src/modules/network-manager.ts +15 -14
- package/src/services/blockchain/cached-did-resolver.test.ts +288 -0
- package/src/services/blockchain/cached-did-resolver.ts +126 -0
- package/src/services/blockchain/configs.ts +1 -2
- package/src/services/blockchain/service-rpc.js +12 -0
- package/src/services/blockchain/service.ts +167 -20
- package/src/services/credential/bound-check.ts +1 -1
- package/src/services/credential/config.ts +7 -1
- package/src/services/credential/delegatable-credentials.ts +409 -0
- package/src/services/credential/index.ts +16 -0
- package/src/services/credential/pex-helpers.js +4 -4
- package/src/services/credential/pex-helpers.test.js +2 -2
- package/src/services/credential/sd-jwt.test.ts +718 -0
- package/src/services/credential/sd-jwt.ts +231 -0
- package/src/services/credential/service-rpc.js +9 -0
- package/src/services/credential/service.ts +328 -7
- package/src/services/edv/index.test.js +229 -0
- package/src/services/edv/service-rpc.js +23 -0
- package/src/services/edv/service.ts +272 -1
- package/src/services/pex/config.ts +4 -0
- package/src/services/pex/service-rpc.js +4 -0
- package/src/services/pex/service.ts +13 -0
- package/src/services/pex/tests/pex-service.test.js +210 -0
- package/src/services/relay-service/service.ts +130 -1
- package/src/services/rpc-service-client.js +0 -3
- package/src/services/storage/index.js +15 -1
- package/src/services/storage/service-rpc.js +7 -3
- package/src/services/storage/service.ts +5 -0
|
@@ -0,0 +1,231 @@
|
|
|
1
|
+
import {SDJwtVcInstance} from '@sd-jwt/sd-jwt-vc';
|
|
2
|
+
import {digest, generateSalt} from '@sd-jwt/crypto-nodejs';
|
|
3
|
+
import base64url from 'base64url';
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Checks if a JWT string is an SD-JWT credential
|
|
7
|
+
*/
|
|
8
|
+
export function isSDJWTCredential(jwt) {
|
|
9
|
+
const jwtHeader = jwt.split('.')[0];
|
|
10
|
+
const decodedHeader = JSON.parse(base64url.decode(jwtHeader));
|
|
11
|
+
return decodedHeader.typ === 'dc+sd-jwt' || decodedHeader.typ === 'vc+sd-jwt';
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
export async function createSDJWTPresentation({
|
|
15
|
+
attributesToReveal,
|
|
16
|
+
credential,
|
|
17
|
+
}: {
|
|
18
|
+
attributesToReveal: string[];
|
|
19
|
+
credential: string;
|
|
20
|
+
}) {
|
|
21
|
+
const sdjwt = new SDJwtVcInstance({
|
|
22
|
+
signAlg: 'EdDSA',
|
|
23
|
+
hasher: digest,
|
|
24
|
+
hashAlg: 'sha-256',
|
|
25
|
+
saltGenerator: generateSalt,
|
|
26
|
+
});
|
|
27
|
+
|
|
28
|
+
// Holder defines the presentation frame to specify which claims should be presented
|
|
29
|
+
// The list of presented claims must be a subset of the disclosed claims
|
|
30
|
+
const presentationFrame: any = {};
|
|
31
|
+
attributesToReveal.forEach(attribute => {
|
|
32
|
+
presentationFrame[attribute.replace('credentialSubject.', '')] = true;
|
|
33
|
+
});
|
|
34
|
+
|
|
35
|
+
// Holder creates a presentation using the issued credential and the presentation frame
|
|
36
|
+
// returns an encoded SD JWT.
|
|
37
|
+
const presentation = await sdjwt.present(credential, presentationFrame);
|
|
38
|
+
|
|
39
|
+
return presentation;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Decodes an SD-JWT string into its structured format
|
|
43
|
+
* @param {string} sdJwtString - The SD-JWT string to decode
|
|
44
|
+
* @returns {Promise<Object>} Decoded SD-JWT structure with jwt and disclosures
|
|
45
|
+
*/
|
|
46
|
+
export async function decodeSDJWT(sdJwtString) {
|
|
47
|
+
// Create SD-JWT instance with minimal configuration (no verification needed for decoding)
|
|
48
|
+
const sdjwt = new SDJwtVcInstance({
|
|
49
|
+
signAlg: 'EdDSA',
|
|
50
|
+
hasher: digest,
|
|
51
|
+
hashAlg: 'sha-256',
|
|
52
|
+
saltGenerator: generateSalt,
|
|
53
|
+
});
|
|
54
|
+
|
|
55
|
+
// Decode the SD-JWT
|
|
56
|
+
return await sdjwt.decode(sdJwtString);
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Verifies an SD-JWT credential
|
|
61
|
+
* @param {string} jwt - The SD-JWT string to verify
|
|
62
|
+
* @returns {Promise<Object>} Verification result with verified status and optional error
|
|
63
|
+
* @returns {boolean} returns.verified - Whether the credential is valid
|
|
64
|
+
* @returns {string} [returns.error] - Error message if verification failed
|
|
65
|
+
*/
|
|
66
|
+
export async function verifySDJWT(jwt) {
|
|
67
|
+
try {
|
|
68
|
+
// Decode the SD-JWT
|
|
69
|
+
const decoded = await decodeSDJWT(jwt);
|
|
70
|
+
|
|
71
|
+
// Extract payload for validation
|
|
72
|
+
const payload: any = decoded.jwt.payload;
|
|
73
|
+
|
|
74
|
+
// Check expiration date if present
|
|
75
|
+
if (payload.exp) {
|
|
76
|
+
const now = Math.floor(Date.now() / 1000);
|
|
77
|
+
const exp = Number(payload.exp);
|
|
78
|
+
if (now > exp) {
|
|
79
|
+
return {
|
|
80
|
+
verified: false,
|
|
81
|
+
error: 'SD-JWT credential has expired',
|
|
82
|
+
};
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
// Check not-before date if present
|
|
87
|
+
if (payload.nbf) {
|
|
88
|
+
const now = Math.floor(Date.now() / 1000);
|
|
89
|
+
const nbf = Number(payload.nbf);
|
|
90
|
+
if (now < nbf) {
|
|
91
|
+
return {
|
|
92
|
+
verified: false,
|
|
93
|
+
error: 'SD-JWT credential is not yet valid',
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
|
|
98
|
+
// If we successfully decoded and passed date checks, consider it verified
|
|
99
|
+
return {
|
|
100
|
+
verified: true,
|
|
101
|
+
};
|
|
102
|
+
} catch (error) {
|
|
103
|
+
return {
|
|
104
|
+
verified: false,
|
|
105
|
+
error: error.message || 'Failed to verify SD-JWT credential',
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
|
|
110
|
+
/**
|
|
111
|
+
* Converts a decoded SD-JWT into W3C Verifiable Credential format
|
|
112
|
+
* @param {Object} decodedSDJWT - The decoded SD-JWT object from SDJwtVcInstance.decode()
|
|
113
|
+
* @param {string} [encodedSDJWT] - Optional raw encoded SD-JWT string
|
|
114
|
+
* @returns {Object} W3C Verifiable Credential format with SD-JWT metadata
|
|
115
|
+
*/
|
|
116
|
+
export function sdJwtToW3C(decodedSDJWT, encodedSDJWT?) {
|
|
117
|
+
const {jwt, disclosures} = decodedSDJWT;
|
|
118
|
+
|
|
119
|
+
// The jwt object already has header and payload parsed
|
|
120
|
+
const header = jwt.header;
|
|
121
|
+
const payload = jwt.payload;
|
|
122
|
+
|
|
123
|
+
// Build credential subject from disclosed claims
|
|
124
|
+
const credentialSubject: any = {};
|
|
125
|
+
|
|
126
|
+
// Process disclosures to build the credential subject
|
|
127
|
+
if (disclosures && Array.isArray(disclosures)) {
|
|
128
|
+
disclosures.forEach(disclosure => {
|
|
129
|
+
if (disclosure && disclosure.key && disclosure.value !== undefined) {
|
|
130
|
+
credentialSubject[disclosure.key] = disclosure.value;
|
|
131
|
+
}
|
|
132
|
+
});
|
|
133
|
+
}
|
|
134
|
+
|
|
135
|
+
// Extract issuer from payload
|
|
136
|
+
const issuer = payload.iss || payload.issuer;
|
|
137
|
+
|
|
138
|
+
// Extract subject ID if present in disclosures
|
|
139
|
+
const subjectId = credentialSubject.id;
|
|
140
|
+
|
|
141
|
+
// Build final credential subject with id if available
|
|
142
|
+
const finalCredentialSubject = subjectId
|
|
143
|
+
? {id: subjectId, ...credentialSubject}
|
|
144
|
+
: credentialSubject;
|
|
145
|
+
|
|
146
|
+
// Extract credential type from vct (verifiable credential type) field
|
|
147
|
+
// vct is the SD-JWT VC type claim
|
|
148
|
+
const credentialType = payload.vct || 'UnknownCredential';
|
|
149
|
+
|
|
150
|
+
// Build the W3C credential
|
|
151
|
+
const w3cCredential: any = {
|
|
152
|
+
'@context': ['https://www.w3.org/2018/credentials/v1'],
|
|
153
|
+
type: ['VerifiableCredential', credentialType],
|
|
154
|
+
issuer: issuer,
|
|
155
|
+
credentialSubject: finalCredentialSubject,
|
|
156
|
+
};
|
|
157
|
+
|
|
158
|
+
// Add issuance date if available
|
|
159
|
+
if (payload.iat) {
|
|
160
|
+
w3cCredential.issuanceDate = new Date(payload.iat * 1000).toISOString();
|
|
161
|
+
}
|
|
162
|
+
|
|
163
|
+
// Add expiration date if available
|
|
164
|
+
if (payload.exp) {
|
|
165
|
+
w3cCredential.expirationDate = new Date(payload.exp * 1000).toISOString();
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
// Add credential ID if available
|
|
169
|
+
if (payload.jti) {
|
|
170
|
+
w3cCredential.id = payload.jti;
|
|
171
|
+
}
|
|
172
|
+
|
|
173
|
+
// Store SD-JWT metadata for unwrapping during presentation flow
|
|
174
|
+
// This allows converting back to SD-JWT format when needed
|
|
175
|
+
w3cCredential._sd_jwt = {
|
|
176
|
+
// Raw encoded SD-JWT string
|
|
177
|
+
encoded: encodedSDJWT,
|
|
178
|
+
};
|
|
179
|
+
|
|
180
|
+
return w3cCredential;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
/**
|
|
184
|
+
* Decodes an SD-JWT string and converts it to W3C credential format
|
|
185
|
+
* @param {string} sdJwtString - The SD-JWT string
|
|
186
|
+
* @returns {Promise<Object>} W3C Verifiable Credential format with SD-JWT metadata
|
|
187
|
+
*/
|
|
188
|
+
export async function decodeSDJWTToW3C(sdJwtString) {
|
|
189
|
+
// Decode the SD-JWT using the reusable decode function
|
|
190
|
+
const decoded = await decodeSDJWT(sdJwtString);
|
|
191
|
+
|
|
192
|
+
// Convert to W3C format, passing both decoded data and raw string
|
|
193
|
+
return sdJwtToW3C(decoded, sdJwtString);
|
|
194
|
+
}
|
|
195
|
+
|
|
196
|
+
/**
|
|
197
|
+
* Converts a credential to W3C format
|
|
198
|
+
* Handles both SD-JWT credentials (needs decoding) and regular W3C credentials (returns as-is)
|
|
199
|
+
* @param {string|Object} credential - Either an SD-JWT string or a credential object
|
|
200
|
+
* @returns {Promise<Object>} W3C Verifiable Credential format
|
|
201
|
+
*/
|
|
202
|
+
export async function credentialToW3C(credential) {
|
|
203
|
+
// If it's already an object with a type field, assume it's already W3C format
|
|
204
|
+
if (typeof credential === 'object' && credential.type) {
|
|
205
|
+
return credential;
|
|
206
|
+
}
|
|
207
|
+
|
|
208
|
+
// If it's a string, check if it's an SD-JWT
|
|
209
|
+
if (typeof credential === 'string') {
|
|
210
|
+
// First try to parse as JSON
|
|
211
|
+
try {
|
|
212
|
+
const parsed = JSON.parse(credential);
|
|
213
|
+
if (parsed.type) {
|
|
214
|
+
return parsed;
|
|
215
|
+
}
|
|
216
|
+
} catch (e) {
|
|
217
|
+
// Not a JSON string, might be a JWT
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
// Check if it's an SD-JWT
|
|
221
|
+
try {
|
|
222
|
+
if (isSDJWTCredential(credential)) {
|
|
223
|
+
return await decodeSDJWTToW3C(credential);
|
|
224
|
+
}
|
|
225
|
+
} catch (e) {
|
|
226
|
+
// Not a valid SD-JWT
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
throw new Error('Unable to convert credential to W3C format');
|
|
231
|
+
}
|
|
@@ -29,6 +29,15 @@ export class CredentialServiceRPC extends RpcService {
|
|
|
29
29
|
async isKvacCredential(params) {
|
|
30
30
|
return this.call('isKvacCredential', params);
|
|
31
31
|
}
|
|
32
|
+
async isSDJWTCredential(params) {
|
|
33
|
+
return this.call('isSDJWTCredential', params);
|
|
34
|
+
}
|
|
35
|
+
async credentialToW3C(params) {
|
|
36
|
+
return this.call('credentialToW3C', params);
|
|
37
|
+
}
|
|
38
|
+
async createSDJWTPresentation(params) {
|
|
39
|
+
return this.call('createSDJWTPresentation', params);
|
|
40
|
+
}
|
|
32
41
|
async getAccumulatorId(params) {
|
|
33
42
|
return this.call('getAccumulatorId', params);
|
|
34
43
|
}
|