@docknetwork/wallet-sdk-wasm 1.7.0 → 1.7.7-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.js +1 -0
- package/lib/index.mjs +1 -0
- package/lib/modules/network-manager.js +15 -12
- package/lib/modules/network-manager.mjs +15 -12
- package/lib/rpc-server.js +1 -0
- package/lib/rpc-server.mjs +1 -0
- package/lib/services/blockchain/service.js +22 -9
- package/lib/services/blockchain/service.mjs +23 -10
- package/lib/services/credential/bound-check.js +1 -1
- package/lib/services/credential/bound-check.mjs +1 -1
- package/lib/services/credential/delegatable-credentials.js +300 -0
- package/lib/services/credential/delegatable-credentials.mjs +263 -0
- package/lib/services/credential/index.js +39 -0
- package/lib/services/credential/index.mjs +4 -0
- package/lib/services/credential/pex-helpers.js +4 -4
- package/lib/services/credential/pex-helpers.mjs +4 -4
- package/lib/services/edv/index.js +1 -0
- package/lib/services/edv/index.mjs +1 -0
- package/lib/services/edv/service-rpc.js +23 -0
- package/lib/services/edv/service-rpc.mjs +23 -0
- package/lib/services/edv/service.js +81 -1
- package/lib/services/edv/service.mjs +78 -2
- package/lib/services/index.js +1 -0
- package/lib/services/index.mjs +1 -0
- package/lib/services/pex/config.js +4 -0
- package/lib/services/pex/config.mjs +4 -0
- package/lib/services/pex/service-rpc.js +4 -0
- package/lib/services/pex/service-rpc.mjs +4 -0
- package/lib/services/pex/service.js +7 -0
- package/lib/services/pex/service.mjs +7 -0
- package/lib/setup-nodejs.js +1 -0
- package/lib/setup-nodejs.mjs +1 -0
- package/lib/setup-tests.js +1 -0
- package/lib/setup-tests.mjs +1 -0
- package/lib/src/modules/event-manager.d.ts +0 -1
- package/lib/src/modules/event-manager.d.ts.map +1 -1
- package/lib/src/modules/network-manager.d.ts +2 -4
- package/lib/src/modules/network-manager.d.ts.map +1 -1
- package/lib/src/services/blockchain/configs.d.ts +1 -2
- package/lib/src/services/blockchain/configs.d.ts.map +1 -1
- package/lib/src/services/blockchain/service.d.ts +4 -3
- package/lib/src/services/blockchain/service.d.ts.map +1 -1
- package/lib/src/services/credential/bbs-revocation.d.ts +1 -1
- package/lib/src/services/credential/bbs-revocation.d.ts.map +1 -1
- package/lib/src/services/credential/bound-check.d.ts.map +1 -1
- package/lib/src/services/credential/delegatable-credentials.d.ts +272 -0
- package/lib/src/services/credential/delegatable-credentials.d.ts.map +1 -0
- package/lib/src/services/credential/index.d.ts +1 -0
- package/lib/src/services/credential/index.d.ts.map +1 -1
- package/lib/src/services/credential/pex-helpers.d.ts +2 -2
- package/lib/src/services/credential/pex-helpers.d.ts.map +1 -1
- package/lib/src/services/dids/keypair-utils.d.ts +2 -2
- package/lib/src/services/dids/keypair-utils.d.ts.map +1 -1
- package/lib/src/services/dids/service.d.ts +35 -3
- package/lib/src/services/dids/service.d.ts.map +1 -1
- package/lib/src/services/edv/service.d.ts +50 -1
- package/lib/src/services/edv/service.d.ts.map +1 -1
- package/lib/src/services/pex/config.d.ts +1 -0
- package/lib/src/services/pex/config.d.ts.map +1 -1
- package/lib/src/services/pex/service.d.ts +1 -0
- package/lib/src/services/pex/service.d.ts.map +1 -1
- package/lib/src/services/relay-service/service.d.ts +19 -7
- package/lib/src/services/relay-service/service.d.ts.map +1 -1
- package/lib/src/services/storage/service.d.ts.map +1 -1
- package/lib/src/services/util-crypto/service.d.ts +2 -2
- package/lib/src/services/util-crypto/service.d.ts.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/package.json +36 -16
- package/rollup.config.mjs +5 -3
- package/src/globals.d.ts +3 -0
- package/src/modules/network-manager.ts +15 -14
- package/src/services/blockchain/configs.ts +1 -2
- package/src/services/blockchain/service.ts +26 -10
- package/src/services/credential/bound-check.ts +1 -1
- package/src/services/credential/delegatable-credentials.ts +409 -0
- package/src/services/credential/index.ts +16 -0
- package/src/services/credential/pex-helpers.js +4 -4
- package/src/services/credential/pex-helpers.test.js +2 -2
- package/src/services/edv/index.test.js +229 -0
- package/src/services/edv/service-rpc.js +23 -0
- package/src/services/edv/service.ts +119 -0
- package/src/services/pex/config.ts +4 -0
- package/src/services/pex/service-rpc.js +4 -0
- package/src/services/pex/service.ts +13 -0
- package/src/services/pex/tests/pex-service.test.js +210 -0
package/lib/index.js
CHANGED
|
@@ -80,6 +80,7 @@ require('./services/edv/hmac.js');
|
|
|
80
80
|
require('base64url-universal');
|
|
81
81
|
require('@docknetwork/universal-wallet/crypto');
|
|
82
82
|
require('@docknetwork/wallet-sdk-data-store/lib/logger');
|
|
83
|
+
require('futoin-hkdf');
|
|
83
84
|
require('winston-transport');
|
|
84
85
|
|
|
85
86
|
rpcClient.initRpcClient(jsonRPCRequest => {
|
package/lib/index.mjs
CHANGED
|
@@ -78,6 +78,7 @@ import './services/edv/hmac.mjs';
|
|
|
78
78
|
import 'base64url-universal';
|
|
79
79
|
import '@docknetwork/universal-wallet/crypto';
|
|
80
80
|
import '@docknetwork/wallet-sdk-data-store/lib/logger';
|
|
81
|
+
import 'futoin-hkdf';
|
|
81
82
|
import 'winston-transport';
|
|
82
83
|
|
|
83
84
|
initRpcClient(jsonRPCRequest => {
|
|
@@ -9,27 +9,30 @@ function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'defau
|
|
|
9
9
|
var assert__default = /*#__PURE__*/_interopDefaultLegacy(assert);
|
|
10
10
|
|
|
11
11
|
// @ts-nocheck
|
|
12
|
-
const
|
|
12
|
+
const BLOCKCHAIN_NETWORKS = {
|
|
13
13
|
mainnet: {
|
|
14
14
|
name: 'Cheqd Mainnet',
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
cheqdApiUrl: [
|
|
16
|
+
'https://mainnet.cheqd.docknode.io',
|
|
17
|
+
'https://rpc.cheqd.net',
|
|
18
|
+
],
|
|
18
19
|
},
|
|
19
20
|
testnet: {
|
|
20
21
|
name: 'Cheqd Testnet',
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
cheqdApiUrl: [
|
|
23
|
+
'https://testnet.cheqd.docknode.io',
|
|
24
|
+
'https://api.cheqd.network',
|
|
25
|
+
],
|
|
24
26
|
},
|
|
25
27
|
local: {
|
|
26
28
|
name: 'Local Node',
|
|
27
|
-
|
|
28
|
-
|
|
29
|
+
cheqdApiUrl: [
|
|
30
|
+
'http://localhost:8080',
|
|
31
|
+
],
|
|
29
32
|
},
|
|
30
33
|
};
|
|
31
34
|
function getNetworkInfo(networkId) {
|
|
32
|
-
const networkInfo =
|
|
35
|
+
const networkInfo = BLOCKCHAIN_NETWORKS[networkId];
|
|
33
36
|
assert__default["default"](!!networkInfo, `Network ${networkId} not found`);
|
|
34
37
|
return networkInfo;
|
|
35
38
|
}
|
|
@@ -50,7 +53,7 @@ class NetworkManager {
|
|
|
50
53
|
* @param {string} networkId
|
|
51
54
|
*/
|
|
52
55
|
setNetworkId(networkId) {
|
|
53
|
-
assert__default["default"](!!
|
|
56
|
+
assert__default["default"](!!BLOCKCHAIN_NETWORKS[networkId], `invalid networkId ${networkId}`);
|
|
54
57
|
this.networkId = networkId;
|
|
55
58
|
}
|
|
56
59
|
/**
|
|
@@ -73,5 +76,5 @@ class NetworkManager {
|
|
|
73
76
|
}
|
|
74
77
|
}
|
|
75
78
|
|
|
79
|
+
exports.BLOCKCHAIN_NETWORKS = BLOCKCHAIN_NETWORKS;
|
|
76
80
|
exports.NetworkManager = NetworkManager;
|
|
77
|
-
exports.SUBSTRATE_NETWORKS = SUBSTRATE_NETWORKS;
|
|
@@ -1,27 +1,30 @@
|
|
|
1
1
|
import assert from 'assert';
|
|
2
2
|
|
|
3
3
|
// @ts-nocheck
|
|
4
|
-
const
|
|
4
|
+
const BLOCKCHAIN_NETWORKS = {
|
|
5
5
|
mainnet: {
|
|
6
6
|
name: 'Cheqd Mainnet',
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
7
|
+
cheqdApiUrl: [
|
|
8
|
+
'https://mainnet.cheqd.docknode.io',
|
|
9
|
+
'https://rpc.cheqd.net',
|
|
10
|
+
],
|
|
10
11
|
},
|
|
11
12
|
testnet: {
|
|
12
13
|
name: 'Cheqd Testnet',
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
14
|
+
cheqdApiUrl: [
|
|
15
|
+
'https://testnet.cheqd.docknode.io',
|
|
16
|
+
'https://api.cheqd.network',
|
|
17
|
+
],
|
|
16
18
|
},
|
|
17
19
|
local: {
|
|
18
20
|
name: 'Local Node',
|
|
19
|
-
|
|
20
|
-
|
|
21
|
+
cheqdApiUrl: [
|
|
22
|
+
'http://localhost:8080',
|
|
23
|
+
],
|
|
21
24
|
},
|
|
22
25
|
};
|
|
23
26
|
function getNetworkInfo(networkId) {
|
|
24
|
-
const networkInfo =
|
|
27
|
+
const networkInfo = BLOCKCHAIN_NETWORKS[networkId];
|
|
25
28
|
assert(!!networkInfo, `Network ${networkId} not found`);
|
|
26
29
|
return networkInfo;
|
|
27
30
|
}
|
|
@@ -42,7 +45,7 @@ class NetworkManager {
|
|
|
42
45
|
* @param {string} networkId
|
|
43
46
|
*/
|
|
44
47
|
setNetworkId(networkId) {
|
|
45
|
-
assert(!!
|
|
48
|
+
assert(!!BLOCKCHAIN_NETWORKS[networkId], `invalid networkId ${networkId}`);
|
|
46
49
|
this.networkId = networkId;
|
|
47
50
|
}
|
|
48
51
|
/**
|
|
@@ -65,4 +68,4 @@ class NetworkManager {
|
|
|
65
68
|
}
|
|
66
69
|
}
|
|
67
70
|
|
|
68
|
-
export {
|
|
71
|
+
export { BLOCKCHAIN_NETWORKS, NetworkManager };
|
package/lib/rpc-server.js
CHANGED
|
@@ -78,6 +78,7 @@ require('./services/edv/hmac.js');
|
|
|
78
78
|
require('base64url-universal');
|
|
79
79
|
require('@docknetwork/universal-wallet/crypto');
|
|
80
80
|
require('@docknetwork/wallet-sdk-data-store/lib/logger');
|
|
81
|
+
require('futoin-hkdf');
|
|
81
82
|
|
|
82
83
|
const rpcServer = new jsonRpc2_0.JSONRPCServer();
|
|
83
84
|
|
package/lib/rpc-server.mjs
CHANGED
|
@@ -57,7 +57,10 @@ class BlockchainService {
|
|
|
57
57
|
cheqdApi;
|
|
58
58
|
cheqdApiUrl;
|
|
59
59
|
isBlockchainReady = false;
|
|
60
|
-
|
|
60
|
+
_resolver;
|
|
61
|
+
get resolver() {
|
|
62
|
+
return this._resolver;
|
|
63
|
+
}
|
|
61
64
|
/**
|
|
62
65
|
* Event names emitted by the blockchain service
|
|
63
66
|
* @static
|
|
@@ -88,7 +91,8 @@ class BlockchainService {
|
|
|
88
91
|
this.cheqdModules = new cheqdBlockchainModules.CheqdCoreModules(this.cheqdApi);
|
|
89
92
|
this.modules = new modules.MultiApiCoreModules([this.cheqdModules]);
|
|
90
93
|
this.emitter = new events.EventEmitter();
|
|
91
|
-
|
|
94
|
+
// Blockchain is not ready yet, but we can use fallback resolvers
|
|
95
|
+
this._resolver = this.createDIDResolver();
|
|
92
96
|
}
|
|
93
97
|
/**
|
|
94
98
|
* Gets the types and modules needed for DID or accumulator operations
|
|
@@ -148,12 +152,19 @@ class BlockchainService {
|
|
|
148
152
|
* @private
|
|
149
153
|
* @returns {CachedDIDResolver} Cached DID resolver instance
|
|
150
154
|
*/
|
|
151
|
-
createDIDResolver() {
|
|
152
|
-
|
|
153
|
-
new resolver.DIDKeyResolver(),
|
|
154
|
-
new resolver.CoreResolver(this.modules),
|
|
155
|
+
createDIDResolver(isBlockchainReady) {
|
|
156
|
+
let resolvers = [
|
|
155
157
|
new resolver.UniversalResolver(universalResolverUrl),
|
|
156
|
-
|
|
158
|
+
new resolver.DIDKeyResolver(),
|
|
159
|
+
];
|
|
160
|
+
// Add blockchain resolvers if the blockchain is ready
|
|
161
|
+
if (isBlockchainReady) {
|
|
162
|
+
resolvers = [
|
|
163
|
+
new resolver.CoreResolver(this.modules),
|
|
164
|
+
...resolvers
|
|
165
|
+
];
|
|
166
|
+
}
|
|
167
|
+
const router = new AnyDIDResolver(resolvers);
|
|
157
168
|
return new services_blockchain_cachedDidResolver.CachedDIDResolver(router);
|
|
158
169
|
}
|
|
159
170
|
/**
|
|
@@ -193,15 +204,17 @@ class BlockchainService {
|
|
|
193
204
|
try {
|
|
194
205
|
await this.cheqdApi.init({
|
|
195
206
|
wallet,
|
|
196
|
-
|
|
207
|
+
urls: Array.isArray(checkdApiUrl) ? checkdApiUrl : [checkdApiUrl],
|
|
197
208
|
network: cheqdNetworkId,
|
|
198
209
|
});
|
|
199
210
|
core_logger.Logger.info(`Cheqd initialized at: ${checkdApiUrl}`);
|
|
200
211
|
}
|
|
201
212
|
catch (err) {
|
|
213
|
+
debugger;
|
|
202
214
|
core_logger.Logger.error(`Failed to initialize cheqd at: ${checkdApiUrl}`, err);
|
|
203
215
|
}
|
|
204
|
-
|
|
216
|
+
// Re-create the resolver with the new blockchain connection
|
|
217
|
+
this._resolver = this.createDIDResolver(true);
|
|
205
218
|
if (process.env.NODE_ENV !== 'test' ||
|
|
206
219
|
process.env.API_MOCK_DISABLED === 'true') {
|
|
207
220
|
await index.initializeWasm();
|
|
@@ -2,7 +2,7 @@ import { DirectSecp256k1HdWallet } from '@cosmjs/proto-signing';
|
|
|
2
2
|
import { CheqdAPI } from '@docknetwork/cheqd-blockchain-api';
|
|
3
3
|
import { CheqdCoreModules } from '@docknetwork/cheqd-blockchain-modules';
|
|
4
4
|
import { MultiApiCoreModules } from '@docknetwork/credential-sdk/modules';
|
|
5
|
-
import { DIDKeyResolver, CoreResolver,
|
|
5
|
+
import { UniversalResolver, DIDKeyResolver, CoreResolver, ResolverRouter, WILDCARD } from '@docknetwork/credential-sdk/resolver';
|
|
6
6
|
import { initializeWasm } from '@docknetwork/crypto-wasm-ts/lib/index';
|
|
7
7
|
import { EventEmitter } from 'events';
|
|
8
8
|
import { Logger } from '../../core/logger.mjs';
|
|
@@ -53,7 +53,10 @@ class BlockchainService {
|
|
|
53
53
|
cheqdApi;
|
|
54
54
|
cheqdApiUrl;
|
|
55
55
|
isBlockchainReady = false;
|
|
56
|
-
|
|
56
|
+
_resolver;
|
|
57
|
+
get resolver() {
|
|
58
|
+
return this._resolver;
|
|
59
|
+
}
|
|
57
60
|
/**
|
|
58
61
|
* Event names emitted by the blockchain service
|
|
59
62
|
* @static
|
|
@@ -84,7 +87,8 @@ class BlockchainService {
|
|
|
84
87
|
this.cheqdModules = new CheqdCoreModules(this.cheqdApi);
|
|
85
88
|
this.modules = new MultiApiCoreModules([this.cheqdModules]);
|
|
86
89
|
this.emitter = new EventEmitter();
|
|
87
|
-
|
|
90
|
+
// Blockchain is not ready yet, but we can use fallback resolvers
|
|
91
|
+
this._resolver = this.createDIDResolver();
|
|
88
92
|
}
|
|
89
93
|
/**
|
|
90
94
|
* Gets the types and modules needed for DID or accumulator operations
|
|
@@ -144,12 +148,19 @@ class BlockchainService {
|
|
|
144
148
|
* @private
|
|
145
149
|
* @returns {CachedDIDResolver} Cached DID resolver instance
|
|
146
150
|
*/
|
|
147
|
-
createDIDResolver() {
|
|
148
|
-
|
|
149
|
-
new DIDKeyResolver(),
|
|
150
|
-
new CoreResolver(this.modules),
|
|
151
|
+
createDIDResolver(isBlockchainReady) {
|
|
152
|
+
let resolvers = [
|
|
151
153
|
new UniversalResolver(universalResolverUrl),
|
|
152
|
-
|
|
154
|
+
new DIDKeyResolver(),
|
|
155
|
+
];
|
|
156
|
+
// Add blockchain resolvers if the blockchain is ready
|
|
157
|
+
if (isBlockchainReady) {
|
|
158
|
+
resolvers = [
|
|
159
|
+
new CoreResolver(this.modules),
|
|
160
|
+
...resolvers
|
|
161
|
+
];
|
|
162
|
+
}
|
|
163
|
+
const router = new AnyDIDResolver(resolvers);
|
|
153
164
|
return new CachedDIDResolver(router);
|
|
154
165
|
}
|
|
155
166
|
/**
|
|
@@ -189,15 +200,17 @@ class BlockchainService {
|
|
|
189
200
|
try {
|
|
190
201
|
await this.cheqdApi.init({
|
|
191
202
|
wallet,
|
|
192
|
-
|
|
203
|
+
urls: Array.isArray(checkdApiUrl) ? checkdApiUrl : [checkdApiUrl],
|
|
193
204
|
network: cheqdNetworkId,
|
|
194
205
|
});
|
|
195
206
|
Logger.info(`Cheqd initialized at: ${checkdApiUrl}`);
|
|
196
207
|
}
|
|
197
208
|
catch (err) {
|
|
209
|
+
debugger;
|
|
198
210
|
Logger.error(`Failed to initialize cheqd at: ${checkdApiUrl}`, err);
|
|
199
211
|
}
|
|
200
|
-
|
|
212
|
+
// Re-create the resolver with the new blockchain connection
|
|
213
|
+
this._resolver = this.createDIDResolver(true);
|
|
201
214
|
if (process.env.NODE_ENV !== 'test' ||
|
|
202
215
|
process.env.API_MOCK_DISABLED === 'true') {
|
|
203
216
|
await initializeWasm();
|
|
@@ -48,7 +48,7 @@ async function fetchBlobFromUrl(url) {
|
|
|
48
48
|
}
|
|
49
49
|
function blobFromBase64(base64String) {
|
|
50
50
|
const cleanedBase64 = base64String.replace(/^data:application\/octet-stream;base64,/, '');
|
|
51
|
-
return base64url__default["default"].toBuffer(cleanedBase64);
|
|
51
|
+
return new Uint8Array(base64url__default["default"].toBuffer(cleanedBase64));
|
|
52
52
|
}
|
|
53
53
|
async function isBase64OrDataUrl(str) {
|
|
54
54
|
return ((await services_utilCrypto_service.utilCryptoService.isBase64(str)) ||
|
|
@@ -40,7 +40,7 @@ async function fetchBlobFromUrl(url) {
|
|
|
40
40
|
}
|
|
41
41
|
function blobFromBase64(base64String) {
|
|
42
42
|
const cleanedBase64 = base64String.replace(/^data:application\/octet-stream;base64,/, '');
|
|
43
|
-
return base64url.toBuffer(cleanedBase64);
|
|
43
|
+
return new Uint8Array(base64url.toBuffer(cleanedBase64));
|
|
44
44
|
}
|
|
45
45
|
async function isBase64OrDataUrl(str) {
|
|
46
46
|
return ((await utilCryptoService.isBase64(str)) ||
|
|
@@ -0,0 +1,300 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
|
+
|
|
5
|
+
var cedar = require('@cedar-policy/cedar-wasm/nodejs');
|
|
6
|
+
var vc = require('@docknetwork/credential-sdk/vc');
|
|
7
|
+
var vcDelegationEngine = require('@docknetwork/vc-delegation-engine');
|
|
8
|
+
var keypairs = require('@docknetwork/universal-wallet/methods/keypairs');
|
|
9
|
+
var services_blockchain_service = require('../blockchain/service.js');
|
|
10
|
+
require('@cosmjs/proto-signing');
|
|
11
|
+
require('@docknetwork/cheqd-blockchain-api');
|
|
12
|
+
require('@docknetwork/cheqd-blockchain-modules');
|
|
13
|
+
require('@docknetwork/credential-sdk/modules');
|
|
14
|
+
require('@docknetwork/credential-sdk/resolver');
|
|
15
|
+
require('@docknetwork/crypto-wasm-ts/lib/index');
|
|
16
|
+
require('events');
|
|
17
|
+
require('../../core/logger.js');
|
|
18
|
+
require('../../modules/event-manager.js');
|
|
19
|
+
require('assert');
|
|
20
|
+
require('../util-crypto/service.js');
|
|
21
|
+
require('@docknetwork/credential-sdk/utils');
|
|
22
|
+
require('@scure/bip39');
|
|
23
|
+
require('@scure/bip39/wordlists/english');
|
|
24
|
+
require('../util-crypto/configs.js');
|
|
25
|
+
require('@docknetwork/credential-sdk/types');
|
|
26
|
+
require('../blockchain/cached-did-resolver.js');
|
|
27
|
+
require('../storage/index.js');
|
|
28
|
+
require('../storage/service.js');
|
|
29
|
+
require('../storage/service-rpc.js');
|
|
30
|
+
require('../rpc-service-client.js');
|
|
31
|
+
require('../../rpc-client.js');
|
|
32
|
+
require('json-rpc-2.0');
|
|
33
|
+
require('../../core/crypto.js');
|
|
34
|
+
require('crypto');
|
|
35
|
+
require('../../logger.js');
|
|
36
|
+
require('../../rpc-util.js');
|
|
37
|
+
|
|
38
|
+
function _interopNamespace(e) {
|
|
39
|
+
if (e && e.__esModule) return e;
|
|
40
|
+
var n = Object.create(null);
|
|
41
|
+
if (e) {
|
|
42
|
+
Object.keys(e).forEach(function (k) {
|
|
43
|
+
if (k !== 'default') {
|
|
44
|
+
var d = Object.getOwnPropertyDescriptor(e, k);
|
|
45
|
+
Object.defineProperty(n, k, d.get ? d : {
|
|
46
|
+
enumerable: true,
|
|
47
|
+
get: function () { return e[k]; }
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
});
|
|
51
|
+
}
|
|
52
|
+
n["default"] = e;
|
|
53
|
+
return Object.freeze(n);
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
var cedar__namespace = /*#__PURE__*/_interopNamespace(cedar);
|
|
57
|
+
|
|
58
|
+
// @ts-nocheck
|
|
59
|
+
/**
|
|
60
|
+
* Prepares a key document for signing by creating a proper keypair with signer capability
|
|
61
|
+
* @param keyDoc - The key document with id, controller, type, and key material
|
|
62
|
+
* @returns A key document with an active signer
|
|
63
|
+
*/
|
|
64
|
+
function prepareKeyForSigning(keyDoc) {
|
|
65
|
+
const kp = keypairs.getKeypairFromDoc(keyDoc);
|
|
66
|
+
// Get the signer from the keypair - this returns an object with id and sign method
|
|
67
|
+
const signer = kp.signer();
|
|
68
|
+
// Set the id on the signer to match the verification method
|
|
69
|
+
signer.id = keyDoc.id;
|
|
70
|
+
return {
|
|
71
|
+
...keyDoc,
|
|
72
|
+
keypair: kp,
|
|
73
|
+
signer,
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* W3C Credentials V1 context URL
|
|
78
|
+
*/
|
|
79
|
+
const W3C_CREDENTIALS_V1 = 'https://www.w3.org/2018/credentials/v1';
|
|
80
|
+
/**
|
|
81
|
+
* Namespace used by the vc-delegation-engine for delegation properties
|
|
82
|
+
*/
|
|
83
|
+
const DELEGATION_ENGINE_NS = 'https://ld.truvera.io/credentials/delegation#';
|
|
84
|
+
/**
|
|
85
|
+
* Base delegation context terms required for delegation credentials.
|
|
86
|
+
* These terms define the JSON-LD mappings needed for the vc-delegation-engine
|
|
87
|
+
* to properly process delegation chains.
|
|
88
|
+
*
|
|
89
|
+
* Use this as a base and extend with your own application-specific terms:
|
|
90
|
+
* @example
|
|
91
|
+
* const myContext = [
|
|
92
|
+
* W3C_CREDENTIALS_V1,
|
|
93
|
+
* {
|
|
94
|
+
* ...DELEGATION_CONTEXT_TERMS,
|
|
95
|
+
* // Add your custom terms here
|
|
96
|
+
* MyCredentialType: 'https://example.org/MyCredentialType',
|
|
97
|
+
* myField: 'https://example.org/myField',
|
|
98
|
+
* },
|
|
99
|
+
* ];
|
|
100
|
+
*/
|
|
101
|
+
const DELEGATION_CONTEXT_TERMS = {
|
|
102
|
+
'@version': 1.1,
|
|
103
|
+
'@protected': true,
|
|
104
|
+
DelegationCredential: `${DELEGATION_ENGINE_NS}DelegationCredential`,
|
|
105
|
+
mayClaim: { '@id': vcDelegationEngine.MAY_CLAIM_IRI, '@container': '@set' },
|
|
106
|
+
rootCredentialId: { '@id': `${DELEGATION_ENGINE_NS}rootCredentialId`, '@type': '@id' },
|
|
107
|
+
previousCredentialId: { '@id': `${DELEGATION_ENGINE_NS}previousCredentialId`, '@type': '@id' },
|
|
108
|
+
};
|
|
109
|
+
/**
|
|
110
|
+
* Default context for verifiable presentations
|
|
111
|
+
*/
|
|
112
|
+
const PRESENTATION_CONTEXT = [W3C_CREDENTIALS_V1];
|
|
113
|
+
/**
|
|
114
|
+
* Issues a delegation credential that grants authority to a delegate
|
|
115
|
+
* @param keyPair - The key pair to sign the credential
|
|
116
|
+
* @param params - Delegation parameters
|
|
117
|
+
* @returns Signed delegation credential
|
|
118
|
+
*/
|
|
119
|
+
async function issueDelegationCredential(keyPair, credential) {
|
|
120
|
+
const preparedKey = prepareKeyForSigning(keyPair);
|
|
121
|
+
return vc.issueCredential(preparedKey, credential);
|
|
122
|
+
}
|
|
123
|
+
/**
|
|
124
|
+
* Issues a credential as a delegate (with delegation chain reference)
|
|
125
|
+
* @param keyPair - The delegate's key pair to sign the credential
|
|
126
|
+
* @param params - Credential parameters
|
|
127
|
+
* @returns Signed credential
|
|
128
|
+
*/
|
|
129
|
+
async function issueDelegatedCredential(keyPair, credential) {
|
|
130
|
+
const preparedKey = prepareKeyForSigning(keyPair);
|
|
131
|
+
return vc.issueCredential(preparedKey, credential);
|
|
132
|
+
}
|
|
133
|
+
/**
|
|
134
|
+
* Creates and signs a verifiable presentation with delegation credentials
|
|
135
|
+
* @param keyPair - The key pair to sign the presentation
|
|
136
|
+
* @param params - Presentation parameters
|
|
137
|
+
* @returns Signed verifiable presentation
|
|
138
|
+
*/
|
|
139
|
+
async function createSignedPresentation(keyPair, params) {
|
|
140
|
+
const { credentials, holderDid, challenge, domain, context = PRESENTATION_CONTEXT, } = params;
|
|
141
|
+
const presentation = {
|
|
142
|
+
'@context': context,
|
|
143
|
+
type: ['VerifiablePresentation'],
|
|
144
|
+
holder: holderDid,
|
|
145
|
+
verifiableCredential: credentials,
|
|
146
|
+
};
|
|
147
|
+
// Create key document for signing with proper keypair
|
|
148
|
+
const keyDoc = {
|
|
149
|
+
...keyPair,
|
|
150
|
+
id: keyPair.id || `${holderDid}#keys-1`,
|
|
151
|
+
controller: keyPair.controller || holderDid,
|
|
152
|
+
};
|
|
153
|
+
const preparedKey = prepareKeyForSigning(keyDoc);
|
|
154
|
+
return vc.signPresentation(presentation, preparedKey, challenge, domain);
|
|
155
|
+
}
|
|
156
|
+
/**
|
|
157
|
+
* Verifies a verifiable presentation with optional delegation chain validation
|
|
158
|
+
* Uses the credential-sdk's verifyPresentation which automatically:
|
|
159
|
+
* 1. Verifies the presentation signature
|
|
160
|
+
* 2. Verifies all credentials
|
|
161
|
+
* 3. Detects delegation credentials
|
|
162
|
+
* 4. Validates the delegation chain
|
|
163
|
+
* 5. Applies Cedar policies if provided
|
|
164
|
+
*
|
|
165
|
+
* @param vp - The verifiable presentation to verify
|
|
166
|
+
* @param options - Verification options
|
|
167
|
+
* @returns Verification result with delegation info if applicable
|
|
168
|
+
*/
|
|
169
|
+
async function verifyDelegatablePresentation(vp, options = {}) {
|
|
170
|
+
const { challenge = vp.proof?.challenge || 'default-challenge', domain = vp.proof?.domain || 'default-domain', unsignedPresentation = false, failOnUnauthorizedClaims = true, policies, } = options;
|
|
171
|
+
const verifyOptions = {
|
|
172
|
+
challenge,
|
|
173
|
+
domain,
|
|
174
|
+
documentLoader: vc.documentLoader(services_blockchain_service.blockchainService.resolver),
|
|
175
|
+
unsignedPresentation,
|
|
176
|
+
failOnUnauthorizedClaims,
|
|
177
|
+
};
|
|
178
|
+
// Add Cedar authorization if policies are provided
|
|
179
|
+
if (policies) {
|
|
180
|
+
verifyOptions.cedarAuth = {
|
|
181
|
+
policies,
|
|
182
|
+
cedar: cedar__namespace,
|
|
183
|
+
};
|
|
184
|
+
}
|
|
185
|
+
return vc.verifyPresentation(vp, verifyOptions);
|
|
186
|
+
}
|
|
187
|
+
/**
|
|
188
|
+
* Creates a Cedar policy for delegation verification
|
|
189
|
+
* @param config - Policy configuration
|
|
190
|
+
* @returns Cedar policy object
|
|
191
|
+
*/
|
|
192
|
+
function createCedarPolicy(config) {
|
|
193
|
+
const { maxDepth = 2, rootIssuer, requiredClaims = {} } = config;
|
|
194
|
+
let claimsConditions = '';
|
|
195
|
+
for (const [key, value] of Object.entries(requiredClaims)) {
|
|
196
|
+
if (typeof value === 'number') {
|
|
197
|
+
claimsConditions += ` &&\n context.authorizedClaims.${key} >= ${value}`;
|
|
198
|
+
}
|
|
199
|
+
else if (typeof value === 'string') {
|
|
200
|
+
claimsConditions += ` &&\n context.authorizedClaims.${key} == "${value}"`;
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
const policyText = `
|
|
204
|
+
permit(
|
|
205
|
+
principal in Credential::Chain::"Action:Verify",
|
|
206
|
+
action == Credential::Action::"Verify",
|
|
207
|
+
resource
|
|
208
|
+
) when {
|
|
209
|
+
principal == context.vpSigner &&
|
|
210
|
+
context.tailDepth <= ${maxDepth} &&
|
|
211
|
+
context.rootIssuer == Credential::Actor::"${rootIssuer}"${claimsConditions}
|
|
212
|
+
};
|
|
213
|
+
`;
|
|
214
|
+
return { staticPolicies: policyText };
|
|
215
|
+
}
|
|
216
|
+
/**
|
|
217
|
+
* Creates an unsigned verifiable presentation (for testing)
|
|
218
|
+
* @param credentials - Array of credentials to include
|
|
219
|
+
* @param proof - Optional proof object
|
|
220
|
+
* @param context - Optional context
|
|
221
|
+
* @returns Verifiable presentation object
|
|
222
|
+
*/
|
|
223
|
+
function createUnsignedPresentation(credentials, proof, context = PRESENTATION_CONTEXT) {
|
|
224
|
+
const vp = {
|
|
225
|
+
'@context': context,
|
|
226
|
+
type: ['VerifiablePresentation'],
|
|
227
|
+
verifiableCredential: credentials,
|
|
228
|
+
};
|
|
229
|
+
if (proof) {
|
|
230
|
+
vp.proof = proof;
|
|
231
|
+
}
|
|
232
|
+
return vp;
|
|
233
|
+
}
|
|
234
|
+
/**
|
|
235
|
+
* Service class for delegatable credentials operations
|
|
236
|
+
*/
|
|
237
|
+
class DelegatableCredentialsService {
|
|
238
|
+
name = 'delegatable-credentials';
|
|
239
|
+
rpcMethods = [
|
|
240
|
+
DelegatableCredentialsService.prototype.issueDelegation,
|
|
241
|
+
DelegatableCredentialsService.prototype.issueDelegatedCredential,
|
|
242
|
+
DelegatableCredentialsService.prototype.createPresentation,
|
|
243
|
+
DelegatableCredentialsService.prototype.verifyPresentation,
|
|
244
|
+
DelegatableCredentialsService.prototype.createPolicy,
|
|
245
|
+
];
|
|
246
|
+
/**
|
|
247
|
+
* Issues a delegation credential
|
|
248
|
+
*/
|
|
249
|
+
async issueDelegation(params) {
|
|
250
|
+
return issueDelegationCredential(params.keyPair, params);
|
|
251
|
+
}
|
|
252
|
+
/**
|
|
253
|
+
* Issues a credential as a delegate
|
|
254
|
+
*/
|
|
255
|
+
async issueDelegatedCredential(params) {
|
|
256
|
+
return issueDelegatedCredential(params.keyPair, params);
|
|
257
|
+
}
|
|
258
|
+
/**
|
|
259
|
+
* Creates and signs a verifiable presentation
|
|
260
|
+
*/
|
|
261
|
+
async createPresentation(params) {
|
|
262
|
+
return createSignedPresentation(params.keyPair, params);
|
|
263
|
+
}
|
|
264
|
+
/**
|
|
265
|
+
* Verifies a verifiable presentation with delegation chain
|
|
266
|
+
*/
|
|
267
|
+
async verifyPresentation(params) {
|
|
268
|
+
return verifyDelegatablePresentation(params.presentation, {
|
|
269
|
+
challenge: params.challenge,
|
|
270
|
+
domain: params.domain,
|
|
271
|
+
unsignedPresentation: params.unsignedPresentation,
|
|
272
|
+
failOnUnauthorizedClaims: params.failOnUnauthorizedClaims,
|
|
273
|
+
policies: params.policies,
|
|
274
|
+
});
|
|
275
|
+
}
|
|
276
|
+
/**
|
|
277
|
+
* Creates a Cedar policy for delegation verification
|
|
278
|
+
*/
|
|
279
|
+
createPolicy(params) {
|
|
280
|
+
return createCedarPolicy(params);
|
|
281
|
+
}
|
|
282
|
+
}
|
|
283
|
+
const delegatableCredentialsService = new DelegatableCredentialsService();
|
|
284
|
+
|
|
285
|
+
exports.cedar = cedar__namespace;
|
|
286
|
+
Object.defineProperty(exports, 'MAY_CLAIM_IRI', {
|
|
287
|
+
enumerable: true,
|
|
288
|
+
get: function () { return vcDelegationEngine.MAY_CLAIM_IRI; }
|
|
289
|
+
});
|
|
290
|
+
exports.DELEGATION_CONTEXT_TERMS = DELEGATION_CONTEXT_TERMS;
|
|
291
|
+
exports.DELEGATION_ENGINE_NS = DELEGATION_ENGINE_NS;
|
|
292
|
+
exports.PRESENTATION_CONTEXT = PRESENTATION_CONTEXT;
|
|
293
|
+
exports.W3C_CREDENTIALS_V1 = W3C_CREDENTIALS_V1;
|
|
294
|
+
exports.createCedarPolicy = createCedarPolicy;
|
|
295
|
+
exports.createSignedPresentation = createSignedPresentation;
|
|
296
|
+
exports.createUnsignedPresentation = createUnsignedPresentation;
|
|
297
|
+
exports.delegatableCredentialsService = delegatableCredentialsService;
|
|
298
|
+
exports.issueDelegatedCredential = issueDelegatedCredential;
|
|
299
|
+
exports.issueDelegationCredential = issueDelegationCredential;
|
|
300
|
+
exports.verifyDelegatablePresentation = verifyDelegatablePresentation;
|