@dwk/vc 0.1.0-beta.0

package/LICENSE

@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2026 David W. Keith
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1,143 @@
+# `@dwk/vc`
+
+> `did:web` identity plus Verifiable Credential (VCDM 2.0) issuance,
+> verification, and revocation. Endpoint package (+ lib).
+
+Part of the [`@dwk` IndieWeb + Solid cohort](../../README.md). See the
+[package specification](../../spec/packages/vc.md) for the full requirements.
+
+Decentralized identity rooted at the user's **own** domain. `did:web` is the same
+WebID / IndieAuth identity root expressed as a DID, and Verifiable Credential
+proofs reuse the project's asymmetric, allow-listed crypto posture — making
+decentralized identity a low-marginal-cost capability on top of the rest of the
+cohort.
+
+## Worker vs. static (the split)
+
+- The **`did:web` DID document is a static file** (`/.well-known/did.json`).
+  [`buildDidDocument`](src/did-web.ts) produces it — a static host (Anglesite)
+  can serve it, and **no Worker is needed to resolve a DID**.
+- The Worker covers the **dynamic** parts: signing credentials with the domain's
+  key (**issuance**), **verification**, and **status / revocation**, whose
+  bit-flips need a strongly-consistent store.
+
+## Proofs: JCS Data Integrity, not RDF canonicalization
+
+Proofs use the **JCS** Data Integrity cryptosuites — `eddsa-jcs-2022` (Ed25519)
+and `ecdsa-jcs-2019` (ECDSA P-256/P-384) — which canonicalize with
+[RFC 8785](https://www.rfc-editor.org/rfc/rfc8785) (JSON), **not** RDF Dataset
+Canonicalization. That keeps the package free of a JSON-LD/RDF canonicalizer
+(`jsonld.js`/Comunica), well within the Worker script-size budget, and makes
+proof construction a pure, plain-data transform that unit-tests without a Workers
+runtime. Signing/verification mirror `@dwk/dpop` and `@dwk/http-signatures`:
+asymmetric only, an explicit cryptosuite allow-list, and keys validated against
+the claimed suite.
+
+## Usage
+
+```ts
+import { createVc } from "@dwk/vc";
+
+const vc = createVc({
+  baseUrl: "https://example.com",
+  // did defaults to did:web:example.com; verificationMethod to ${did}#key-0
+  status: { enabled: true }, // revocation via a Bitstring Status List
+});
+
+// Bindings (composition contract):
+//   VC_SIGNING_KEY  secret — the issuer's PRIVATE signing key as JWK JSON
+//   VC_STATUS_DB    D1     — authoritative status bits (required iff status.enabled)
+
+// In your Worker's fetch handler, mount the dynamic endpoints:
+//   POST /credentials/issue           { credential }            → { verifiableCredential }
+//   POST /credentials/verify          { verifiableCredential }  → { verified, errors, warnings }
+//   POST /credentials/status          { credential | statusListIndex } → { status: "ok" }
+//   GET  /credentials/status-lists/revocation                   → signed BitstringStatusListCredential
+return vc(request, env, ctx);
+```
+
+The signing key's public half must be published in the DID document's
+verification method. Generate the document statically:
+
+```ts
+import { buildDidDocument, encodeEd25519Multikey } from "@dwk/vc";
+
+const didDocument = buildDidDocument({
+  did: "did:web:example.com",
+  verificationMethods: [
+    { id: "#key-0", publicKeyMultibase: encodeEd25519Multikey(rawEd25519PublicKey) },
+  ],
+});
+// → write to /.well-known/did.json
+```
+
+### Issuance / verification as a library
+
+Credential construction and the proof pipeline take plain-data inputs and need no
+runtime:
+
+```ts
+import { buildCredential, importSigner, addProof, verifyProof } from "@dwk/vc";
+
+const signer = await importSigner(privateJwk); // picks the cryptosuite by key type
+const credential = buildCredential({
+  issuer: "did:web:example.com",
+  credentialSubject: { id: "did:web:alice.example", alumniOf: "Example U" },
+  type: "AlumniCredential",
+});
+const vc = await addProof(credential, signer, {
+  verificationMethod: "did:web:example.com#key-0",
+});
+
+const result = await verifyProof(vc, {
+  resolveVerificationMethod: createDidWebResolver(), // did:web over fetch
+});
+// → { verified: boolean, errors: string[] }
+```
+
+## Endpoints
+
+- `POST {issueEndpoint}` (default `/credentials/issue`) — signs a credential with
+  the domain's key. When `status.enabled`, allocates and attaches a
+  `BitstringStatusListEntry` unless the request opts out (`credentialStatus:
+  false`) or the credential already carries one. → `{ verifiableCredential }`.
+- `POST {verifyEndpoint}` (default `/credentials/verify`) — structural (VCDM 2.0)
+  + validity-period + Data Integrity proof + status checks. Resolves keys via the
+  configured resolver (default `did:web`). → `{ verified, errors, warnings }`.
+- `POST {statusEndpoint}` (default `/credentials/status`) — flips a credential's
+  status bit in D1 (revoke by default). Accepts a full `credential` (reads its
+  status entry) or an explicit `statusListIndex`. `404` when status is disabled.
+- `GET {statusListEndpoint}/<purpose>` (default `/credentials/status-lists/…`) —
+  serves the **signed** `BitstringStatusListCredential` for that purpose.
+
+Issuance and status are gated by the optional `authorize(operation, request)`
+hook; when omitted, the composing Worker's front door owns edge token validation
+(see [`spec/architecture.md`](../../spec/architecture.md)). Unmatched routes get
+`404`; wrong methods get `405`.
+
+## Design
+
+- **Confinement / composition contract:** signing keys and issuer identity arrive
+  via config and secret bindings, never the global environment. The package
+  **fails loudly** when a required binding is missing (`VC_SIGNING_KEY`,
+  `VC_STATUS_DB` when status is enabled).
+- **Strong consistency:** authoritative status bits live in **D1**, never KV —
+  staleness in a revocation check is a security bug
+  ([`spec/non-functional-requirements.md`](../../spec/non-functional-requirements.md)).
+- **Pure core:** `canonicalize` (JCS), the multibase/Multikey codecs, `addProof`
+  /`verifyProof`, the `did:web` mapping, and the bitstring codec are plain-data
+  (Web Crypto / `CompressionStream` only) and unit-test in isolation; only the
+  endpoints and the status store touch the runtime.
+
+## Observability
+
+Issuance, verification, status changes, and rejections are emitted through the
+injected `@dwk/log` `Logger`/`Metrics` seams (default no-op): `vc.issued`,
+`vc.verified`, `vc.status.changed`, `vc.rejected`. Credential subjects, claims,
+signing keys, and proof values are **never** logged.
+
+## Conformance
+
+W3C VCDM 2.0, Data Integrity, and `did:web`. Status is tracked in
+[`conformance/status.json`](../../conformance/status.json) and gated for stable
+releases (see [`spec/conformance-and-testing.md`](../../spec/conformance-and-testing.md)).

package/dist/config.d.ts

@@ -0,0 +1,97 @@
+/**
+ * Configuration for {@link ./handler.createVc}: the issuer DID and verification
+ * method, the dynamic endpoint URLs, the (optional) status-list policy, and the
+ * delegated authorization and DID-resolution hooks. Per the composition contract
+ * the package never reads the global environment — every tunable arrives here and
+ * signing-key material arrives via a secret binding — so a handler can be
+ * instantiated multiple times and tested in isolation.
+ */
+import { type Logger, type Metrics } from "@dwk/log";
+import type { VerificationMethod } from "./data-integrity";
+import { type StatusPurpose } from "./status-list";
+/** A mutating operation an {@link AuthorizeOperation} hook can gate. */
+export type VcOperation = "issue" | "status";
+/**
+ * Authorization hook for the mutating endpoints (issue, status). Return `true`
+ * to allow. When omitted, requests are allowed through — the composing Worker is
+ * the front door and owns edge token validation (see `spec/architecture.md`);
+ * supply this to enforce authorization inside the package as well.
+ */
+export type AuthorizeOperation = (operation: VcOperation, request: Request) => boolean | Promise<boolean>;
+/** Resolve a verification-method id to its key document, or `undefined`. */
+export type DidResolver = (id: string) => VerificationMethod | undefined | Promise<VerificationMethod | undefined>;
+/** Status-list policy. */
+export interface StatusConfig {
+    /** Enable the status endpoints and `credentialStatus` issuance. */
+    readonly enabled: boolean;
+    /** The status purpose lists track. Defaults to `"revocation"`. */
+    readonly statusPurpose?: StatusPurpose;
+    /** Bit length of each status list. Defaults to {@link DEFAULT_STATUS_LIST_LENGTH}. */
+    readonly listLength?: number;
+}
+/** Configuration passed to {@link ./handler.createVc}. */
+export interface VcConfig {
+    /** The identity root / base URL (e.g. `https://example.com`). */
+    readonly baseUrl: string;
+    /** The issuer DID. Defaults to the `did:web` derived from `baseUrl`. */
+    readonly did?: string;
+    /**
+     * The verification method id used to sign credentials (e.g.
+     * `did:web:example.com#key-0`). Defaults to `${did}#key-0`.
+     */
+    readonly verificationMethod?: string;
+    /** Absolute issuance endpoint. Defaults to `${baseUrl}/credentials/issue`. */
+    readonly issueEndpoint?: string;
+    /** Absolute verification endpoint. Defaults to `${baseUrl}/credentials/verify`. */
+    readonly verifyEndpoint?: string;
+    /** Absolute status-update endpoint. Defaults to `${baseUrl}/credentials/status`. */
+    readonly statusEndpoint?: string;
+    /**
+     * Absolute base URL under which signed status list credentials are served. A
+     * request to `${statusListEndpoint}/<listId>` returns that list. Defaults to
+     * `${baseUrl}/credentials/status-lists`.
+     */
+    readonly statusListEndpoint?: string;
+    /** Status-list policy. Disabled by default. */
+    readonly status?: StatusConfig;
+    /** Authorization hook for issue/status (see {@link AuthorizeOperation}). */
+    readonly authorize?: AuthorizeOperation;
+    /**
+     * Verification-method resolver used during verification. Defaults to a
+     * `did:web` resolver over the global `fetch`.
+     */
+    readonly resolveDid?: DidResolver;
+    /** Logger; defaults to a no-op. */
+    readonly logger?: Logger;
+    /** Metrics sink; defaults to a no-op. */
+    readonly metrics?: Metrics;
+}
+/** Fully resolved configuration with defaults applied and URLs parsed. */
+export interface ResolvedVcConfig {
+    readonly did: string;
+    readonly verificationMethod: string;
+    readonly issueEndpoint: string;
+    readonly verifyEndpoint: string;
+    readonly statusEndpoint: string;
+    readonly statusListEndpoint: string;
+    readonly issuePath: string;
+    readonly verifyPath: string;
+    readonly statusPath: string;
+    readonly statusListPath: string;
+    readonly statusEnabled: boolean;
+    readonly statusPurpose: StatusPurpose;
+    readonly statusListLength: number;
+    readonly authorize: AuthorizeOperation;
+    readonly resolveDid?: DidResolver;
+    readonly logger: Logger;
+    readonly metrics: Metrics;
+}
+/**
+ * Resolve user config into a {@link ResolvedVcConfig}: derive the issuer DID and
+ * verification method from `baseUrl` when omitted, default each endpoint URL, and
+ * pre-compute pathnames for routing. Throws if `baseUrl` (or any explicitly
+ * supplied endpoint URL) is not a valid URL, or if status is enabled without a
+ * status-list endpoint resolvable from `baseUrl`.
+ */
+export declare function resolveConfig(config: VcConfig): ResolvedVcConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAA2B,KAAK,MAAM,EAAE,KAAK,OAAO,EAAE,MAAM,UAAU,CAAC;AAE9E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAE3D,OAAO,EAA8B,KAAK,aAAa,EAAE,MAAM,eAAe,CAAC;AAE/E,wEAAwE;AACxE,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,QAAQ,CAAC;AAE7C;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAAG,CAC/B,SAAS,EAAE,WAAW,EACtB,OAAO,EAAE,OAAO,KACb,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;AAEhC,4EAA4E;AAC5E,MAAM,MAAM,WAAW,GAAG,CACxB,EAAE,EAAE,MAAM,KACP,kBAAkB,GAAG,SAAS,GAAG,OAAO,CAAC,kBAAkB,GAAG,SAAS,CAAC,CAAC;AAE9E,0BAA0B;AAC1B,MAAM,WAAW,YAAY;IAC3B,mEAAmE;IACnE,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,kEAAkE;IAClE,QAAQ,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC;IACvC,sFAAsF;IACtF,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,0DAA0D;AAC1D,MAAM,WAAW,QAAQ;IACvB,iEAAiE;IACjE,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,wEAAwE;IACxE,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,8EAA8E;IAC9E,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,mFAAmF;IACnF,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,oFAAoF;IACpF,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC;;;;OAIG;IACH,QAAQ,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IACrC,+CAA+C;IAC/C,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC;IAC/B,4EAA4E;IAC5E,QAAQ,CAAC,SAAS,CAAC,EAAE,kBAAkB,CAAC;IACxC;;;OAGG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC;IAClC,mCAAmC;IACnC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,yCAAyC;IACzC,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,0EAA0E;AAC1E,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,SAAS,EAAE,kBAAkB,CAAC;IACvC,QAAQ,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC;IAClC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;CAC3B;AAUD;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,QAAQ,GAAG,gBAAgB,CAuChE"}

package/dist/config.js

@@ -0,0 +1,62 @@
+/**
+ * Configuration for {@link ./handler.createVc}: the issuer DID and verification
+ * method, the dynamic endpoint URLs, the (optional) status-list policy, and the
+ * delegated authorization and DID-resolution hooks. Per the composition contract
+ * the package never reads the global environment — every tunable arrives here and
+ * signing-key material arrives via a secret binding — so a handler can be
+ * instantiated multiple times and tested in isolation.
+ */
+import { noopLogger, noopMetrics } from "@dwk/log";
+import { urlToDidWeb } from "./did-web";
+import { DEFAULT_STATUS_LIST_LENGTH } from "./status-list";
+function pathOf(absoluteUrl, label) {
+    try {
+        return new URL(absoluteUrl).pathname;
+    }
+    catch {
+        throw new Error(`@dwk/vc: ${label} is not a valid URL`);
+    }
+}
+/**
+ * Resolve user config into a {@link ResolvedVcConfig}: derive the issuer DID and
+ * verification method from `baseUrl` when omitted, default each endpoint URL, and
+ * pre-compute pathnames for routing. Throws if `baseUrl` (or any explicitly
+ * supplied endpoint URL) is not a valid URL, or if status is enabled without a
+ * status-list endpoint resolvable from `baseUrl`.
+ */
+export function resolveConfig(config) {
+    let base;
+    try {
+        base = new URL(config.baseUrl);
+    }
+    catch {
+        throw new Error("@dwk/vc: `baseUrl` is not a valid URL");
+    }
+    const origin = base.origin;
+    const did = config.did ?? urlToDidWeb(config.baseUrl);
+    const verificationMethod = config.verificationMethod ?? `${did}#key-0`;
+    const issueEndpoint = config.issueEndpoint ?? `${origin}/credentials/issue`;
+    const verifyEndpoint = config.verifyEndpoint ?? `${origin}/credentials/verify`;
+    const statusEndpoint = config.statusEndpoint ?? `${origin}/credentials/status`;
+    const statusListEndpoint = config.statusListEndpoint ?? `${origin}/credentials/status-lists`;
+    return {
+        did,
+        verificationMethod,
+        issueEndpoint,
+        verifyEndpoint,
+        statusEndpoint,
+        statusListEndpoint,
+        issuePath: pathOf(issueEndpoint, "issueEndpoint"),
+        verifyPath: pathOf(verifyEndpoint, "verifyEndpoint"),
+        statusPath: pathOf(statusEndpoint, "statusEndpoint"),
+        statusListPath: pathOf(statusListEndpoint, "statusListEndpoint"),
+        statusEnabled: config.status?.enabled ?? false,
+        statusPurpose: config.status?.statusPurpose ?? "revocation",
+        statusListLength: config.status?.listLength ?? DEFAULT_STATUS_LIST_LENGTH,
+        authorize: config.authorize ?? (() => true),
+        resolveDid: config.resolveDid,
+        logger: config.logger ?? noopLogger,
+        metrics: config.metrics ?? noopMetrics,
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,WAAW,EAA6B,MAAM,UAAU,CAAC;AAG9E,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,0BAA0B,EAAsB,MAAM,eAAe,CAAC;AA0F/E,SAAS,MAAM,CAAC,WAAmB,EAAE,KAAa;IAChD,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,YAAY,KAAK,qBAAqB,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAAC,MAAgB;IAC5C,IAAI,IAAS,CAAC;IACd,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAE3B,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACtD,MAAM,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,IAAI,GAAG,GAAG,QAAQ,CAAC;IAEvE,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,GAAG,MAAM,oBAAoB,CAAC;IAC5E,MAAM,cAAc,GAClB,MAAM,CAAC,cAAc,IAAI,GAAG,MAAM,qBAAqB,CAAC;IAC1D,MAAM,cAAc,GAClB,MAAM,CAAC,cAAc,IAAI,GAAG,MAAM,qBAAqB,CAAC;IAC1D,MAAM,kBAAkB,GACtB,MAAM,CAAC,kBAAkB,IAAI,GAAG,MAAM,2BAA2B,CAAC;IAEpE,OAAO;QACL,GAAG;QACH,kBAAkB;QAClB,aAAa;QACb,cAAc;QACd,cAAc;QACd,kBAAkB;QAClB,SAAS,EAAE,MAAM,CAAC,aAAa,EAAE,eAAe,CAAC;QACjD,UAAU,EAAE,MAAM,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACpD,UAAU,EAAE,MAAM,CAAC,cAAc,EAAE,gBAAgB,CAAC;QACpD,cAAc,EAAE,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QAChE,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,IAAI,KAAK;QAC9C,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,IAAI,YAAY;QAC3D,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,IAAI,0BAA0B;QACzE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QAC3C,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,UAAU;QACnC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,WAAW;KACvC,CAAC;AACJ,CAAC"}

package/dist/credential.d.ts

@@ -0,0 +1,70 @@
+/**
+ * Verifiable Credential Data Model 2.0 shapes and structural validation.
+ *
+ * Plain-data helpers: assemble an unsigned credential, validate the required VCDM
+ * 2.0 members before signing or after verifying, and evaluate the validity
+ * window. No Web Crypto, no runtime — the proof lives in {@link ./data-integrity}.
+ *
+ * @see https://www.w3.org/TR/vc-data-model-2.0/
+ */
+import type { JcsValue } from "./jcs";
+import type { JsonObject } from "./data-integrity";
+/** The base VCDM 2.0 context, which MUST be the first `@context` entry. */
+export declare const VC_CONTEXT_V2 = "https://www.w3.org/ns/credentials/v2";
+/** The base credential type every verifiable credential carries. */
+export declare const VERIFIABLE_CREDENTIAL_TYPE = "VerifiableCredential";
+/** An issuer reference: a URL string or an object with an `id`. */
+export type Issuer = string | (JsonObject & {
+    id: string;
+});
+/** A credential prior to having a proof attached. */
+export interface UnsignedCredential extends JsonObject {
+    "@context": JcsValue;
+    type: JcsValue;
+    issuer: Issuer;
+    credentialSubject: JcsValue;
+}
+/** Inputs to {@link buildCredential}. */
+export interface BuildCredentialOptions {
+    /** Extra credential types beyond `VerifiableCredential`. */
+    readonly type?: string | readonly string[];
+    /** Extra `@context` entries beyond the base VCDM 2.0 context. */
+    readonly context?: string | readonly string[];
+    /** The credential id (a URL), if any. */
+    readonly id?: string;
+    readonly issuer: Issuer;
+    readonly credentialSubject: JcsValue;
+    /** `validFrom` (XSD dateTime). Defaults to now when omitted. */
+    readonly validFrom?: Date | string;
+    /** `validUntil` (XSD dateTime). */
+    readonly validUntil?: Date | string;
+    /** A `credentialStatus` entry (e.g. a Bitstring Status List reference). */
+    readonly credentialStatus?: JsonObject | readonly JsonObject[];
+}
+/**
+ * Assemble an unsigned VCDM 2.0 credential, guaranteeing the base context comes
+ * first and the base `VerifiableCredential` type is present. The result is ready
+ * for {@link ./data-integrity.addProof}.
+ */
+export declare function buildCredential(options: BuildCredentialOptions): UnsignedCredential;
+/**
+ * Validate the structural VCDM 2.0 requirements of a credential, returning a
+ * list of problems (empty when valid). Checks the base context ordering, the
+ * `VerifiableCredential` type, and the presence/typing of `issuer` and
+ * `credentialSubject`. Does not check the proof — that is
+ * {@link ./data-integrity.verifyProof}.
+ */
+export declare function validateCredential(credential: JsonObject): string[];
+/** The issuer id of a credential, whether `issuer` is a string or an object. */
+export declare function issuerId(credential: JsonObject): string | undefined;
+/**
+ * Evaluate a credential's validity window against `now` (epoch ms). Returns a
+ * reason when the credential is not yet valid or has expired, else `null`.
+ *
+ * A present-but-malformed bound fails **closed**: an unparseable `validFrom` is
+ * treated as not-yet-valid and an unparseable `validUntil` as expired, rather
+ * than silently dropping the bound (which would let a credential with a garbled
+ * expiry verify as if it never expires).
+ */
+export declare function checkValidityPeriod(credential: JsonObject, now?: number): "not_yet_valid" | "expired" | null;
+//# sourceMappingURL=credential.d.ts.map

package/dist/credential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential.d.ts","sourceRoot":"","sources":["../src/credential.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACtC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEnD,2EAA2E;AAC3E,eAAO,MAAM,aAAa,yCAAyC,CAAC;AAEpE,oEAAoE;AACpE,eAAO,MAAM,0BAA0B,yBAAyB,CAAC;AAEjE,mEAAmE;AACnE,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,UAAU,GAAG;IAAE,EAAE,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AAE5D,qDAAqD;AACrD,MAAM,WAAW,kBAAmB,SAAQ,UAAU;IACpD,UAAU,EAAE,QAAQ,CAAC;IACrB,IAAI,EAAE,QAAQ,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,EAAE,QAAQ,CAAC;CAC7B;AAED,yCAAyC;AACzC,MAAM,WAAW,sBAAsB;IACrC,4DAA4D;IAC5D,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAAC;IAC3C,iEAAiE;IACjE,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAAC;IAC9C,yCAAyC;IACzC,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,iBAAiB,EAAE,QAAQ,CAAC;IACrC,gEAAgE;IAChE,QAAQ,CAAC,SAAS,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC;IACnC,mCAAmC;IACnC,QAAQ,CAAC,UAAU,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC;IACpC,2EAA2E;IAC3E,QAAQ,CAAC,gBAAgB,CAAC,EAAE,UAAU,GAAG,SAAS,UAAU,EAAE,CAAC;CAChE;AAeD;;;;GAIG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE,sBAAsB,GAC9B,kBAAkB,CAkBpB;AAYD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,UAAU,GAAG,MAAM,EAAE,CAqCnE;AAED,gFAAgF;AAChF,wBAAgB,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAQnE;AAED;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,UAAU,EAAE,UAAU,EACtB,GAAG,GAAE,MAAmB,GACvB,eAAe,GAAG,SAAS,GAAG,IAAI,CAmBpC"}

package/dist/credential.js

@@ -0,0 +1,139 @@
+/**
+ * Verifiable Credential Data Model 2.0 shapes and structural validation.
+ *
+ * Plain-data helpers: assemble an unsigned credential, validate the required VCDM
+ * 2.0 members before signing or after verifying, and evaluate the validity
+ * window. No Web Crypto, no runtime — the proof lives in {@link ./data-integrity}.
+ *
+ * @see https://www.w3.org/TR/vc-data-model-2.0/
+ */
+import { isValidXsdDateTimeStamp, toXsdDateTime } from "./datetime";
+/** The base VCDM 2.0 context, which MUST be the first `@context` entry. */
+export const VC_CONTEXT_V2 = "https://www.w3.org/ns/credentials/v2";
+/** The base credential type every verifiable credential carries. */
+export const VERIFIABLE_CREDENTIAL_TYPE = "VerifiableCredential";
+function dedupePrepend(base, extra) {
+    const out = [base];
+    if (extra === undefined)
+        return out;
+    const list = typeof extra === "string" ? [extra] : extra;
+    for (const item of list) {
+        if (!out.includes(item))
+            out.push(item);
+    }
+    return out;
+}
+/**
+ * Assemble an unsigned VCDM 2.0 credential, guaranteeing the base context comes
+ * first and the base `VerifiableCredential` type is present. The result is ready
+ * for {@link ./data-integrity.addProof}.
+ */
+export function buildCredential(options) {
+    const credential = {
+        "@context": dedupePrepend(VC_CONTEXT_V2, options.context),
+        type: dedupePrepend(VERIFIABLE_CREDENTIAL_TYPE, options.type),
+        issuer: options.issuer,
+        credentialSubject: options.credentialSubject,
+    };
+    if (options.id !== undefined)
+        credential.id = options.id;
+    credential.validFrom = toXsdDateTime(options.validFrom ?? new Date());
+    if (options.validUntil !== undefined) {
+        credential.validUntil = toXsdDateTime(options.validUntil);
+    }
+    if (options.credentialStatus !== undefined) {
+        credential.credentialStatus = Array.isArray(options.credentialStatus)
+            ? [...options.credentialStatus]
+            : options.credentialStatus;
+    }
+    return credential;
+}
+function hasType(type, expected) {
+    if (type === expected)
+        return true;
+    return Array.isArray(type) && type.includes(expected);
+}
+function firstContext(context) {
+    if (Array.isArray(context))
+        return context[0];
+    return context;
+}
+/**
+ * Validate the structural VCDM 2.0 requirements of a credential, returning a
+ * list of problems (empty when valid). Checks the base context ordering, the
+ * `VerifiableCredential` type, and the presence/typing of `issuer` and
+ * `credentialSubject`. Does not check the proof — that is
+ * {@link ./data-integrity.verifyProof}.
+ */
+export function validateCredential(credential) {
+    const errors = [];
+    if (firstContext(credential["@context"]) !== VC_CONTEXT_V2) {
+        errors.push(`@context must begin with "${VC_CONTEXT_V2}"`);
+    }
+    if (!hasType(credential.type, VERIFIABLE_CREDENTIAL_TYPE)) {
+        errors.push(`type must include "${VERIFIABLE_CREDENTIAL_TYPE}"`);
+    }
+    const issuer = credential.issuer;
+    const issuerOk = typeof issuer === "string"
+        ? issuer.length > 0
+        : issuer !== null &&
+            typeof issuer === "object" &&
+            !Array.isArray(issuer) &&
+            typeof issuer.id === "string";
+    if (!issuerOk) {
+        errors.push("issuer must be a URL string or an object with a string id");
+    }
+    const subject = credential.credentialSubject;
+    const subjectOk = subject !== null &&
+        subject !== undefined &&
+        typeof subject === "object" &&
+        (!Array.isArray(subject) || subject.length > 0);
+    if (!subjectOk) {
+        errors.push("credentialSubject must be an object or a non-empty array");
+    }
+    if (credential.id !== undefined && typeof credential.id !== "string") {
+        errors.push("id, when present, must be a string");
+    }
+    return errors;
+}
+/** The issuer id of a credential, whether `issuer` is a string or an object. */
+export function issuerId(credential) {
+    const issuer = credential.issuer;
+    if (typeof issuer === "string")
+        return issuer;
+    if (issuer !== null && typeof issuer === "object" && !Array.isArray(issuer)) {
+        const id = issuer.id;
+        return typeof id === "string" ? id : undefined;
+    }
+    return undefined;
+}
+/**
+ * Evaluate a credential's validity window against `now` (epoch ms). Returns a
+ * reason when the credential is not yet valid or has expired, else `null`.
+ *
+ * A present-but-malformed bound fails **closed**: an unparseable `validFrom` is
+ * treated as not-yet-valid and an unparseable `validUntil` as expired, rather
+ * than silently dropping the bound (which would let a credential with a garbled
+ * expiry verify as if it never expires).
+ */
+export function checkValidityPeriod(credential, now = Date.now()) {
+    const validFrom = credential.validFrom;
+    if (validFrom !== undefined) {
+        if (typeof validFrom !== "string" || !isValidXsdDateTimeStamp(validFrom)) {
+            return "not_yet_valid";
+        }
+        if (now < Date.parse(validFrom))
+            return "not_yet_valid";
+    }
+    const validUntil = credential.validUntil;
+    if (validUntil !== undefined) {
+        if (typeof validUntil !== "string" ||
+            !isValidXsdDateTimeStamp(validUntil)) {
+            return "expired";
+        }
+        if (now > Date.parse(validUntil))
+            return "expired";
+    }
+    return null;
+}
+//# sourceMappingURL=credential.js.map

package/dist/credential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential.js","sourceRoot":"","sources":["../src/credential.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,uBAAuB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAIpE,2EAA2E;AAC3E,MAAM,CAAC,MAAM,aAAa,GAAG,sCAAsC,CAAC;AAEpE,oEAAoE;AACpE,MAAM,CAAC,MAAM,0BAA0B,GAAG,sBAAsB,CAAC;AA+BjE,SAAS,aAAa,CACpB,IAAY,EACZ,KAA6C;IAE7C,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;IACnB,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC;IACpC,MAAM,IAAI,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACzD,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;QACxB,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC7B,OAA+B;IAE/B,MAAM,UAAU,GAAuB;QACrC,UAAU,EAAE,aAAa,CAAC,aAAa,EAAE,OAAO,CAAC,OAAO,CAAC;QACzD,IAAI,EAAE,aAAa,CAAC,0BAA0B,EAAE,OAAO,CAAC,IAAI,CAAC;QAC7D,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;KAC7C,CAAC;IACF,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS;QAAE,UAAU,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;IACzD,UAAU,CAAC,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;IACtE,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACrC,UAAU,CAAC,UAAU,GAAG,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,OAAO,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QAC3C,UAAU,CAAC,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC;YACnE,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC;YAC/B,CAAC,CAAE,OAAO,CAAC,gBAA+B,CAAC;IAC/C,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,OAAO,CAAC,IAA0B,EAAE,QAAgB;IAC3D,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACnC,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,YAAY,CAAC,OAA6B;IACjD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC;IAC9C,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,UAAsB;IACvD,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,YAAY,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,KAAK,aAAa,EAAE,CAAC;QAC3D,MAAM,CAAC,IAAI,CAAC,6BAA6B,aAAa,GAAG,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,EAAE,0BAA0B,CAAC,EAAE,CAAC;QAC1D,MAAM,CAAC,IAAI,CAAC,sBAAsB,0BAA0B,GAAG,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;IACjC,MAAM,QAAQ,GACZ,OAAO,MAAM,KAAK,QAAQ;QACxB,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC;QACnB,CAAC,CAAC,MAAM,KAAK,IAAI;YACf,OAAO,MAAM,KAAK,QAAQ;YAC1B,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YACtB,OAAQ,MAAqB,CAAC,EAAE,KAAK,QAAQ,CAAC;IACpD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;IAC3E,CAAC;IAED,MAAM,OAAO,GAAG,UAAU,CAAC,iBAAiB,CAAC;IAC7C,MAAM,SAAS,GACb,OAAO,KAAK,IAAI;QAChB,OAAO,KAAK,SAAS;QACrB,OAAO,OAAO,KAAK,QAAQ;QAC3B,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAClD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,UAAU,CAAC,EAAE,KAAK,SAAS,IAAI,OAAO,UAAU,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;QACrE,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IACpD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,gFAAgF;AAChF,MAAM,UAAU,QAAQ,CAAC,UAAsB;IAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;IACjC,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC;IAC9C,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5E,MAAM,EAAE,GAAI,MAAqB,CAAC,EAAE,CAAC;QACrC,OAAO,OAAO,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACjD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CACjC,UAAsB,EACtB,MAAc,IAAI,CAAC,GAAG,EAAE;IAExB,MAAM,SAAS,GAAG,UAAU,CAAC,SAAS,CAAC;IACvC,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,EAAE,CAAC;YACzE,OAAO,eAAe,CAAC;QACzB,CAAC;QACD,IAAI,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;YAAE,OAAO,eAAe,CAAC;IAC1D,CAAC;IACD,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC;IACzC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,IACE,OAAO,UAAU,KAAK,QAAQ;YAC9B,CAAC,uBAAuB,CAAC,UAAU,CAAC,EACpC,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;YAAE,OAAO,SAAS,CAAC;IACrD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/data-integrity.d.ts

@@ -0,0 +1,102 @@
+/**
+ * Data Integrity proofs over JSON credentials, using the JCS cryptosuites.
+ *
+ * Implements `eddsa-jcs-2022` (Ed25519) and `ecdsa-jcs-2019` (ECDSA P-256 /
+ * P-384) from the W3C Data Integrity specs. The proof pipeline is:
+ *
+ * 1. Build a **proof configuration** (the proof object minus `proofValue`),
+ *    copying the document's `@context`.
+ * 2. JCS-canonicalize the proof config and the document-without-proof, hash each
+ *    with the cryptosuite's digest, and concatenate `proofConfigHash ‖ docHash`.
+ * 3. Sign (or verify) that concatenation with the verification key.
+ *
+ * The proof value is multibase base58-btc. ECDSA signatures use the IEEE P1363
+ * (`r ‖ s`) form Web Crypto produces, which is exactly what the cryptosuite
+ * expects. Signing/verification mirror the `@dwk/dpop` and `@dwk/http-signatures`
+ * posture — asymmetric only, an explicit cryptosuite allow-list, and the key is
+ * validated against the claimed cryptosuite.
+ *
+ * Pure aside from Web Crypto: plain-data in, plain-data out, no runtime bindings.
+ *
+ * @see https://www.w3.org/TR/vc-di-eddsa/
+ * @see https://www.w3.org/TR/vc-di-ecdsa/
+ */
+import { type JcsValue } from "./jcs";
+/** A JSON object with string keys — a credential, proof, or proof config. */
+export type JsonObject = {
+    [key: string]: JcsValue | undefined;
+};
+/** The Data Integrity cryptosuites this package implements. */
+export type Cryptosuite = "eddsa-jcs-2022" | "ecdsa-jcs-2019";
+/** Whether `value` names a supported cryptosuite. */
+export declare function isSupportedCryptosuite(value: unknown): value is Cryptosuite;
+type ComponentHash = "SHA-256" | "SHA-384";
+interface AlgParams {
+    name: string;
+    namedCurve?: string;
+    hash?: string;
+}
+type SignVerifyParams = AlgParams;
+/** A resolved signing key plus the cryptosuite parameters it implies. */
+export interface Signer {
+    readonly key: CryptoKey;
+    readonly cryptosuite: Cryptosuite;
+    readonly componentHash: ComponentHash;
+    readonly params: SignVerifyParams;
+}
+/**
+ * Import a private signing key from a JWK and resolve the cryptosuite it
+ * implies: `OKP`/`Ed25519` → `eddsa-jcs-2022`; `EC`/`P-256`|`P-384` →
+ * `ecdsa-jcs-2019`. Throws for unsupported or non-private keys.
+ */
+export declare function importSigner(jwk: JsonWebKey): Promise<Signer>;
+/** Options controlling how a Data Integrity proof is attached. */
+export interface AddProofOptions {
+    /** The verification method id (`did:web:…#key`) clients resolve to verify. */
+    readonly verificationMethod: string;
+    /** Proof purpose. Defaults to `"assertionMethod"`. */
+    readonly proofPurpose?: string;
+    /** Proof creation time. A `Date` or an XSD dateTime string. Defaults to now. */
+    readonly created?: Date | string;
+}
+/** A document carrying its attached Data Integrity proof. */
+export type SecuredDocument = JsonObject & {
+    proof: JsonObject;
+};
+/**
+ * Attach a Data Integrity proof to `document`, returning a new secured document.
+ * Any existing `proof` on the input is excluded from the signed payload (a proof
+ * never signs over itself).
+ */
+export declare function addProof(document: JsonObject, signer: Signer, options: AddProofOptions): Promise<SecuredDocument>;
+/** A verification method as published in a DID document. */
+export interface VerificationMethod {
+    readonly id: string;
+    readonly type?: string;
+    readonly controller?: string;
+    readonly publicKeyMultibase?: string;
+    readonly publicKeyJwk?: JsonWebKey;
+}
+/** Resolve a verification method id to its document, or `undefined` if unknown. */
+export type VerificationMethodResolver = (id: string) => VerificationMethod | undefined | Promise<VerificationMethod | undefined>;
+/** Options for {@link verifyProof}. */
+export interface VerifyProofOptions {
+    /** Resolves the proof's `verificationMethod` to its public key. */
+    readonly resolveVerificationMethod: VerificationMethodResolver;
+    /** Required proof purpose. Defaults to `"assertionMethod"`. */
+    readonly expectedProofPurpose?: string;
+}
+/** The outcome of verifying a document's Data Integrity proof(s). */
+export interface VerifyProofResult {
+    readonly verified: boolean;
+    /** Stable, human-readable failure descriptions; empty when verified. */
+    readonly errors: readonly string[];
+}
+/**
+ * Verify the Data Integrity proof(s) on `document`. A document with no proof, or
+ * any proof that fails, yields `verified: false` with the reasons collected in
+ * `errors`. Never throws — verification failures are returned, not raised.
+ */
+export declare function verifyProof(document: JsonObject, options: VerifyProofOptions): Promise<VerifyProofResult>;
+export {};
+//# sourceMappingURL=data-integrity.d.ts.map