@enbox/dids 0.0.4 → 0.0.5

package/src/methods/did-dht-pkarr.ts

@@ -0,0 +1,192 @@
+import type { Packet } from '@dnsquery/dns-packet';
+import type { Signer } from '@enbox/crypto';
+
+import type { Bep44Message } from './did-dht-types.js';
+
+import bencode from 'bencode';
+import { Convert } from '@enbox/common';
+import { Ed25519 } from '@enbox/crypto';
+import { DidError, DidErrorCode } from '../did-error.js';
+import { decode as dnsPacketDecode, encode as dnsPacketEncode } from '@dnsquery/dns-packet';
+
+/**
+ * Constructs a Pkarr URL from public key bytes and a gateway URI.
+ *
+ * @param publicKeyBytes - The public key bytes to z-base-32 encode.
+ * @param gatewayUri - The gateway URI to use as the base URL.
+ * @returns The full Pkarr URL.
+ */
+function pkarrUrl(publicKeyBytes: Uint8Array, gatewayUri: string): string {
+  const identifier = Convert.uint8Array(publicKeyBytes).toBase32Z();
+  return new URL(identifier, gatewayUri).href;
+}
+
+/**
+ * Retrieves a signed BEP44 message from a DID DHT Gateway or Pkarr Relay server.
+ *
+ * @see {@link https://github.com/Nuhvi/pkarr/blob/main/design/relays.md | Pkarr Relay design}
+ *
+ * @param params - The parameters for the get operation.
+ * @param params.gatewayUri - The DID DHT Gateway or Pkarr Relay URI.
+ * @param params.publicKeyBytes - The public key bytes of the Identity Key, z-base-32 encoded.
+ * @returns A promise resolving to a BEP44 message containing the signed DNS packet.
+ */
+export async function pkarrGet({ gatewayUri, publicKeyBytes }: {
+  publicKeyBytes: Uint8Array;
+  gatewayUri: string;
+}): Promise<Bep44Message> {
+  // The identifier (key in the DHT) is the z-base-32 encoding of the Identity Key.
+  const identifier = Convert.uint8Array(publicKeyBytes).toBase32Z();
+
+  // Concatenate the gateway URI with the identifier to form the full URL.
+  const url = pkarrUrl(publicKeyBytes, gatewayUri);
+
+  // Transmit the Get request to the DID DHT Gateway or Pkarr Relay and get the response.
+  let response: Response;
+  try {
+    response = await fetch(url, { method: 'GET' });
+
+    if (!response.ok) {
+      throw new DidError(DidErrorCode.NotFound, `Pkarr record not found for: ${identifier}`);
+    }
+
+  } catch (error: any) {
+    if (error instanceof DidError) {throw error;}
+    throw new DidError(DidErrorCode.InternalError, `Failed to fetch Pkarr record: ${error.message}`);
+  }
+
+  // Read the Fetch Response stream into a byte array.
+  const messageBytes = await response.arrayBuffer();
+
+  if (!messageBytes) {
+    throw new DidError(DidErrorCode.NotFound, `Pkarr record not found for: ${identifier}`);
+  }
+
+  if (messageBytes.byteLength < 72) {
+    throw new DidError(DidErrorCode.InvalidDidDocumentLength, `Pkarr response must be at least 72 bytes but got: ${messageBytes.byteLength}`);
+  }
+
+  if (messageBytes.byteLength > 1072) {
+    throw new DidError(DidErrorCode.InvalidDidDocumentLength, `Pkarr response exceeds 1000 byte limit: ${messageBytes.byteLength}`);
+  }
+
+  // Decode the BEP44 message from the byte array.
+  const bep44Message: Bep44Message = {
+    k   : publicKeyBytes,
+    seq : Number(new DataView(messageBytes).getBigUint64(64)),
+    sig : new Uint8Array(messageBytes, 0, 64),
+    v   : new Uint8Array(messageBytes, 72)
+  };
+
+  return bep44Message;
+}
+
+/**
+ * Publishes a signed BEP44 message to a DID DHT Gateway or Pkarr Relay server.
+ *
+ * @see {@link https://github.com/Nuhvi/pkarr/blob/main/design/relays.md | Pkarr Relay design}
+ *
+ * @param params - The parameters to use when publishing a signed BEP44 message to a Pkarr relay server.
+ * @param params.gatewayUri - The DID DHT Gateway or Pkarr Relay URI.
+ * @param params.bep44Message - The BEP44 message to be published, containing the signed DNS packet.
+ * @returns A promise resolving to `true` if the message was successfully published, otherwise `false`.
+ */
+export async function pkarrPut({ gatewayUri, bep44Message }: {
+  bep44Message: Bep44Message;
+  gatewayUri: string;
+}): Promise<boolean> {
+  // The identifier (key in the DHT) is the z-base-32 encoding of the Identity Key.
+  const identifier = Convert.uint8Array(bep44Message.k).toBase32Z();
+
+  // Concatenate the gateway URI with the identifier to form the full URL.
+  const url = pkarrUrl(bep44Message.k, gatewayUri);
+
+  // Construct the body of the request according to the Pkarr relay specification.
+  const body = new Uint8Array(bep44Message.v.length + 72);
+  body.set(bep44Message.sig, 0);
+  new DataView(body.buffer).setBigUint64(bep44Message.sig.length, BigInt(bep44Message.seq));
+  body.set(bep44Message.v, bep44Message.sig.length + 8);
+
+  // Transmit the Put request to the Pkarr relay and get the response.
+  let response: Response;
+  try {
+    response = await fetch(url, {
+      method  : 'PUT',
+      headers : { 'Content-Type': 'application/octet-stream' },
+      body
+    });
+
+  } catch (error: any) {
+    throw new DidError(DidErrorCode.InternalError, `Failed to put Pkarr record for identifier ${identifier}: ${error.message}`);
+  }
+
+  // Return `true` if the DHT request was successful, otherwise return `false`.
+  return response.ok;
+}
+
+/**
+ * Creates a BEP44 put message, which is used to publish a DID document to the DHT network.
+ *
+ * @param params - The parameters to use when creating the BEP44 put message.
+ * @param params.dnsPacket - The DNS packet to encode in the BEP44 message.
+ * @param params.publicKeyBytes - The public key bytes of the Identity Key.
+ * @param params.signer - Signer that can sign and verify data using the Identity Key.
+ * @returns A promise that resolves to a BEP44 put message.
+ */
+export async function createBep44PutMessage({ dnsPacket, publicKeyBytes, signer }: {
+  dnsPacket: Packet;
+  publicKeyBytes: Uint8Array;
+  signer: Signer;
+}): Promise<Bep44Message> {
+  // BEP44 requires that the sequence number be a monotoically increasing integer, so we use the
+  // current time in seconds since Unix epoch as a simple solution. Higher precision is not
+  // recommended since DID DHT documents are not expected to change frequently and there are
+  // small differences in system clocks that can cause issues if multiple clients are publishing
+  // updates to the same DID document.
+  const sequenceNumber = Math.ceil(Date.now() / 1000);
+
+  // Encode the DNS packet into a byte array containing a UDP payload.
+  const encodedDnsPacket = dnsPacketEncode(dnsPacket);
+
+  // Encode the sequence and DNS byte array to bencode format.
+  const bencodedData = bencode.encode({ seq: sequenceNumber, v: encodedDnsPacket }).subarray(1, -1);
+
+  if (bencodedData.length > 1000) {
+    throw new DidError(DidErrorCode.InvalidDidDocumentLength, `DNS packet exceeds the 1000 byte maximum size: ${bencodedData.length} bytes`);
+  }
+
+  // Sign the BEP44 message.
+  const signature = await signer.sign({ data: bencodedData });
+
+  return { k: publicKeyBytes, seq: sequenceNumber, sig: signature, v: encodedDnsPacket };
+}
+
+/**
+ * Parses and verifies a BEP44 Get message, converting it to a DNS packet.
+ *
+ * @param params - The parameters to use when verifying and parsing the BEP44 Get response message.
+ * @param params.bep44Message - The BEP44 message to verify and parse.
+ * @returns A promise that resolves to a DNS packet.
+ */
+export async function parseBep44GetMessage({ bep44Message }: {
+  bep44Message: Bep44Message;
+}): Promise<Packet> {
+  // Convert the public key byte array to JWK format.
+  const publicKey = await Ed25519.bytesToPublicKey({ publicKeyBytes: bep44Message.k });
+
+  // Encode the sequence and DNS byte array to bencode format.
+  const bencodedData = bencode.encode({ seq: bep44Message.seq, v: bep44Message.v }).subarray(1, -1);
+
+  // Verify the signature of the BEP44 message.
+  const isValid = await Ed25519.verify({
+    key       : publicKey,
+    signature : bep44Message.sig,
+    data      : bencodedData
+  });
+
+  if (!isValid) {
+    throw new DidError(DidErrorCode.InvalidSignature, `Invalid signature for DHT BEP44 message`);
+  }
+
+  return dnsPacketDecode(bep44Message.v);
+}

package/src/methods/did-dht-types.ts

@@ -0,0 +1,316 @@
+import type { DidCreateOptions, DidCreateVerificationMethod } from './did-method.js';
+
+import type { DidService } from '../types/did-core.js';
+
+/**
+ * Represents a BEP44 message, which is used for storing and retrieving data in the Mainline DHT
+ * network.
+ *
+ * A BEP44 message is used primarily in the context of the DID DHT method for publishing and
+ * resolving DID documents in the DHT network. This type encapsulates the data structure required
+ * for such operations in accordance with BEP44.
+ *
+ * @see {@link https://www.bittorrent.org/beps/bep_0044.html | BEP44}
+ */
+export interface Bep44Message {
+  /**
+   * The public key bytes of the Identity Key, which serves as the identifier in the DHT network for
+   * the corresponding BEP44 message.
+   */
+  k: Uint8Array;
+
+  /**
+   * The sequence number of the message, used to ensure the latest version of the data is retrieved
+   * and updated. It's a monotonically increasing number.
+   */
+  seq: number;
+
+  /**
+   * The signature of the message, ensuring the authenticity and integrity of the data. It's
+   * computed over the bencoded sequence number and value.
+   */
+  sig: Uint8Array;
+
+  /**
+   * The actual data being stored or retrieved from the DHT network, typically encoded in a format
+   * suitable for DNS packet representation of a DID Document.
+   */
+  v: Uint8Array;
+}
+
+/**
+ * Options for creating a Decentralized Identifier (DID) using the DID DHT method.
+ */
+export interface DidDhtCreateOptions<TKms> extends DidCreateOptions<TKms> {
+  /**
+   * Optionally specify that the DID Subject is also identified by one or more other DIDs or URIs.
+   *
+   * A DID subject can have multiple identifiers for different purposes, or at different times.
+   * The assertion that two or more DIDs (or other types of URI) refer to the same DID subject can
+   * be made using the `alsoKnownAs` property.
+   *
+   * @see {@link https://www.w3.org/TR/did-core/#also-known-as | DID Core Specification, § Also Known As}
+   *
+   * @example
+   * ```ts
+   * const did = await DidDht.create({
+   *  options: {
+   *   alsoKnownAs: 'did:example:123'
+   * };
+   * ```
+   */
+  alsoKnownAs?: string[];
+
+  /**
+   * Optionally specify which DID (or DIDs) is authorized to make changes to the DID document.
+   *
+   * A DID controller is an entity that is authorized to make changes to a DID document. Typically,
+   * only the DID Subject (i.e., the value of `id` property in the DID document) is authoritative.
+   * However, another DID (or DIDs) can be specified as the DID controller, and when doing so, any
+   * verification methods contained in the DID document for the other DID should be accepted as
+   * authoritative. In other words, proofs created by the controller DID should be considered
+   * equivalent to proofs created by the DID Subject.
+   *
+   * @see {@link https://www.w3.org/TR/did-core/#did-controller | DID Core Specification, § DID Controller}
+   *
+   * @example
+   * ```ts
+   * const did = await DidDht.create({
+   *  options: {
+   *   controller: 'did:example:123'
+   * };
+   * ```
+   */
+  controllers?: string | string[];
+
+  /**
+   * Optional. The URI of a server involved in executing DID method operations. In the context of
+   * DID creation, the endpoint is expected to be a DID DHT Gateway or Pkarr relay. If not
+   * specified, a default gateway node is used.
+   */
+  gatewayUri?: string;
+
+  /**
+   * Optional. Determines whether the created DID should be published to the DHT network.
+   *
+   * If set to `true` or omitted, the DID is publicly discoverable. If `false`, the DID is not
+   * published and cannot be resolved by others. By default, newly created DIDs are published.
+   *
+   * @see {@link https://did-dht.com | DID DHT Method Specification}
+   *
+   * @example
+   * ```ts
+   * const did = await DidDht.create({
+   *  options: {
+   *   publish: false
+   * };
+   * ```
+   */
+  publish?: boolean;
+
+  /**
+   * Optional. An array of service endpoints associated with the DID.
+   *
+   * Services are used in DID documents to express ways of communicating with the DID subject or
+   * associated entities. A service can be any type of service the DID subject wants to advertise,
+   * including decentralized identity management services for further discovery, authentication,
+   * authorization, or interaction.
+   *
+   * @see {@link https://www.w3.org/TR/did-core/#services | DID Core Specification, § Services}
+   *
+   * @example
+   * ```ts
+   * const did = await DidDht.create({
+   *  options: {
+   *   services: [
+   *     {
+   *       id: 'did:dht:i9xkp8ddcbcg8jwq54ox699wuzxyifsqx4jru45zodqu453ksz6y#dwn',
+   *       type: 'DecentralizedWebNode',
+   *       serviceEndpoint: ['https://example.com/dwn1', 'https://example/dwn2']
+   *     }
+   *   ]
+   * };
+   * ```
+   */
+  services?: DidService[];
+
+  /**
+   * Optionally specify one or more registered DID DHT types to make the DID discovereable.
+   *
+   * Type indexing is an OPTIONAL feature that enables DIDs to become discoverable. DIDs that wish
+   * to be discoverable and resolveable by type can include one or more types when publishing their
+   * DID document to a DID DHT Gateway.
+   *
+   * The registered DID types are published in the {@link https://did-dht.com/registry/index.html#indexed-types | DID DHT Registry}.
+   */
+  types?: (DidDhtRegisteredDidType | keyof typeof DidDhtRegisteredDidType)[];
+
+  /**
+   * Optional. An array of verification methods to be included in the DID document.
+   *
+   * By default, a newly created DID DHT document will contain a single Ed25519 verification method,
+   * also known as the {@link https://did-dht.com/#term:identity-key | Identity Key}. Additional
+   * verification methods can be added to the DID document using the `verificationMethods` property.
+   *
+   * @see {@link https://www.w3.org/TR/did-core/#verification-methods | DID Core Specification, § Verification Methods}
+   *
+   * @example
+   * ```ts
+   * const did = await DidDht.create({
+   *  options: {
+   *   verificationMethods: [
+   *     {
+   *       algorithm: 'Ed25519',
+   *       purposes: ['authentication', 'assertionMethod']
+   *     },
+   *     {
+   *       algorithm: 'Ed25519',
+   *       id: 'dwn-sig',
+   *       purposes: ['authentication', 'assertionMethod']
+   *     }
+   *   ]
+   * };
+   * ```
+   */
+  verificationMethods?: DidCreateVerificationMethod<TKms>[];
+}
+
+/**
+ * Proof to used to construct the `_prv._did.` DNS record as described in https://did-dht.com/#rotation to link a DID to a previous DID.
+ */
+export type PreviousDidProof = {
+  /** The previous DID. */
+  previousDid: string;
+
+  /** The signature signed using the private Identity Key of the previous DID in Base64URL format. */
+  signature: string;
+};
+
+/**
+ * Represents an optional extension to a DID Document's DNS packet representation exposed as a
+ * type index.
+ *
+ * Type indexing is an OPTIONAL feature that enables DIDs to become discoverable. DIDs that wish to
+ * be discoverable and resolveable by type can include one or more types when publishing their DID
+ * document to a DID DHT Gateway.
+ *
+ * The registered DID types are published in the {@link https://did-dht.com/registry/index.html#indexed-types | DID DHT Registry}.
+ */
+export enum DidDhtRegisteredDidType {
+  /**
+   * Type 0 is reserved for DIDs that do not wish to associate themselves with a specific type but
+   * wish to make themselves discoverable.
+   */
+  Discoverable = 0,
+
+  /**
+   * Organization
+   * @see {@link https://schema.org/Organization | schema definition}
+   */
+  Organization = 1,
+
+  /**
+   * Government Organization
+   * @see {@link https://schema.org/GovernmentOrganization | schema definition}
+   */
+  Government = 2,
+
+  /**
+   * Corporation
+   * @see {@link https://schema.org/Corporation | schema definition}
+   */
+  Corporation = 3,
+
+  /**
+   * Corporation
+   * @see {@link https://schema.org/Corporation | schema definition}
+   */
+  LocalBusiness = 4,
+
+  /**
+   * Software Package
+   * @see {@link https://schema.org/SoftwareSourceCode | schema definition}
+   */
+  SoftwarePackage = 5,
+
+  /**
+   * Web App
+   * @see {@link https://schema.org/WebApplication | schema definition}
+   */
+  WebApp = 6,
+
+  /**
+   * Financial Institution
+   * @see {@link https://schema.org/FinancialService | schema definition}
+   */
+  FinancialInstitution = 7
+}
+
+/**
+ * Enumerates the types of keys that can be used in a DID DHT document.
+ *
+ * The DID DHT method supports various cryptographic key types. These key types are essential for
+ * the creation and management of DIDs and their associated cryptographic operations like signing
+ * and encryption. The registered key types are published in the DID DHT Registry and each is
+ * assigned a unique numerical value for use by client and gateway implementations.
+ *
+ * The registered key types are published in the {@link https://did-dht.com/registry/index.html#key-type-index | DID DHT Registry}.
+ */
+export enum DidDhtRegisteredKeyType {
+  /**
+   * Ed25519: A public-key signature system using the EdDSA (Edwards-curve Digital Signature
+   * Algorithm) and Curve25519.
+   */
+  Ed25519 = 0,
+
+  /**
+   * secp256k1: A cryptographic curve used for digital signatures in a range of decentralized
+   * systems.
+   */
+  secp256k1 = 1,
+
+  /**
+   * secp256r1: Also known as P-256 or prime256v1, this curve is used for cryptographic operations
+   * and is widely supported in various cryptographic libraries and standards.
+   */
+  secp256r1 = 2,
+
+  /**
+   * X25519: A public key used for Diffie-Hellman key exchange using Curve25519.
+   */
+  X25519 = 3,
+}
+
+/**
+ * Maps {@link https://www.w3.org/TR/did-core/#verification-relationships | DID Core Verification Relationship}
+ * values to the corresponding record name in the DNS packet representation of a DHT DID document.
+ */
+export enum DidDhtVerificationRelationship {
+  /**
+   * Specifies how the DID subject is expected to be authenticated.
+   */
+  authentication = 'auth',
+
+  /**
+   * Specifies how the DID subject is expected to express claims, such as for issuing Verifiable
+   * Credentials.
+   */
+  assertionMethod = 'asm',
+
+  /**
+   * Specifies a mechanism used by the DID subject to delegate a cryptographic capability to another
+   * party
+   */
+  capabilityDelegation = 'del',
+
+  /**
+   * Specifies a verification method used by the DID subject to invoke a cryptographic capability.
+   */
+  capabilityInvocation = 'inv',
+
+  /**
+   * Specifies how an entity can generate encryption material to communicate confidentially with the
+   * DID subject.
+   */
+  keyAgreement = 'agm'
+}

package/src/methods/did-dht-utils.ts

@@ -0,0 +1,157 @@
+import type { AsymmetricKeyConverter, Jwk } from '@enbox/crypto';
+
+import { Convert } from '@enbox/common';
+import { Ed25519, Secp256k1, Secp256r1, X25519 } from '@enbox/crypto';
+
+import type { PreviousDidProof } from './did-dht-types.js';
+
+import { Did } from '../did.js';
+import { DidError, DidErrorCode } from '../did-error.js';
+
+/**
+ * The DID DHT method name.
+ */
+const DID_DHT_METHOD_NAME = 'dht';
+
+/**
+ * Converts a DID URI to a JSON Web Key (JWK) representing the Identity Key.
+ *
+ * @param params - The parameters to use for the conversion.
+ * @param params.didUri - The DID URI containing the Identity Key.
+ * @returns A promise that resolves to a JWK representing the Identity Key.
+ */
+export async function identifierToIdentityKey({ didUri }: {
+  didUri: string;
+}): Promise<Jwk> {
+  // Decode the method-specific identifier from z-base-32 to a byte array.
+  const identityKeyBytes = identifierToIdentityKeyBytes({ didUri });
+
+  // Convert the byte array to a JWK.
+  const identityKey = await Ed25519.bytesToPublicKey({ publicKeyBytes: identityKeyBytes });
+
+  return identityKey;
+}
+
+/**
+ * Converts a DID URI to the byte array representation of the Identity Key.
+ *
+ * @param params - The parameters to use for the conversion.
+ * @param params.didUri - The DID URI containing the Identity Key.
+ * @returns A byte array representation of the Identity Key.
+ */
+export function identifierToIdentityKeyBytes({ didUri }: {
+  didUri: string;
+}): Uint8Array {
+  // Parse the DID URI.
+  const parsedDid = Did.parse(didUri);
+
+  // Verify that the DID URI is valid.
+  if (!parsedDid) {
+    throw new DidError(DidErrorCode.InvalidDid, `Invalid DID URI: ${didUri}`);
+  }
+
+  // Verify the DID method is supported.
+  if (parsedDid.method !== DID_DHT_METHOD_NAME) {
+    throw new DidError(DidErrorCode.MethodNotSupported, `Method not supported: ${parsedDid.method}`);
+  }
+
+  // Decode the method-specific identifier from z-base-32 to a byte array.
+  let identityKeyBytes: Uint8Array;
+  try {
+    identityKeyBytes = Convert.base32Z(parsedDid.id).toUint8Array();
+  } catch {
+    throw new DidError(DidErrorCode.InvalidPublicKey, `Failed to decode method-specific identifier`);
+  }
+
+  if (identityKeyBytes.length !== 32) {
+    throw new DidError(DidErrorCode.InvalidPublicKeyLength, `Invalid public key length: ${identityKeyBytes.length}`);
+  }
+
+  return identityKeyBytes;
+}
+
+/**
+ * Encodes a DID DHT Identity Key into a DID identifier.
+ *
+ * This method first z-base-32 encodes the Identity Key. The resulting string is prefixed with
+ * `did:dht:` to form the DID identifier.
+ *
+ * @param params - The parameters to use for the conversion.
+ * @param params.identityKey The Identity Key from which the DID identifier is computed.
+ * @returns A promise that resolves to a string containing the DID identifier.
+ */
+export async function identityKeyToIdentifier({ identityKey }: {
+  identityKey: Jwk;
+}): Promise<string> {
+  // Convert the key from JWK format to a byte array.
+  const publicKeyBytes = await Ed25519.publicKeyToBytes({ publicKey: identityKey });
+
+  // Encode the byte array as a z-base-32 string.
+  const identifier = Convert.uint8Array(publicKeyBytes).toBase32Z();
+
+  return `did:${DID_DHT_METHOD_NAME}:${identifier}`;
+}
+
+/**
+ * Returns the appropriate key converter for the specified cryptographic curve.
+ *
+ * @param curve - The cryptographic curve to use for the key conversion.
+ * @returns An `AsymmetricKeyConverter` for the specified curve.
+ */
+export function keyConverter(curve: string): AsymmetricKeyConverter {
+  const converters: Record<string, AsymmetricKeyConverter> = {
+    'Ed25519' : Ed25519,
+    'P-256'   : {
+      // Wrap the key converter which produces uncompressed public key bytes to produce compressed key bytes as required by the DID DHT spec.
+      // See https://did-dht.com/#representing-keys for more info.
+      publicKeyToBytes: async ({ publicKey }: { publicKey: Jwk }): Promise<Uint8Array> => {
+        const publicKeyBytes = await Secp256r1.publicKeyToBytes({ publicKey });
+        const compressedPublicKey = await Secp256r1.compressPublicKey({ publicKeyBytes });
+        return compressedPublicKey;
+      },
+      bytesToPublicKey  : Secp256r1.bytesToPublicKey,
+      privateKeyToBytes : Secp256r1.privateKeyToBytes,
+      bytesToPrivateKey : Secp256r1.bytesToPrivateKey,
+    },
+    'secp256k1': {
+      // Wrap the key converter which produces uncompressed public key bytes to produce compressed key bytes as required by the DID DHT spec.
+      // See https://did-dht.com/#representing-keys for more info.
+      publicKeyToBytes: async ({ publicKey }: { publicKey: Jwk }): Promise<Uint8Array> => {
+        const publicKeyBytes = await Secp256k1.publicKeyToBytes({ publicKey });
+        const compressedPublicKey = await Secp256k1.compressPublicKey({ publicKeyBytes });
+        return compressedPublicKey;
+      },
+      bytesToPublicKey  : Secp256k1.bytesToPublicKey,
+      privateKeyToBytes : Secp256k1.privateKeyToBytes,
+      bytesToPrivateKey : Secp256k1.bytesToPrivateKey,
+    },
+    X25519: X25519,
+  };
+
+  const converter = converters[curve];
+
+  if (!converter) {throw new DidError(DidErrorCode.InvalidPublicKeyType, `Unsupported curve: ${curve}`);}
+
+  return converter;
+}
+
+/**
+ * Validates the proof of previous DID given.
+ *
+ * @param params - The parameters to validate the previous DID proof.
+ * @param params.newDid - The new DID that the previous DID is linking to.
+ * @param params.previousDidProof - The proof of the previous DID, containing the previous DID and signature signed by the previous DID.
+ */
+export async function validatePreviousDidProof({ newDid, previousDidProof }: {
+  newDid: string;
+  previousDidProof: PreviousDidProof;
+}): Promise<void> {
+  const key = await identifierToIdentityKey({ didUri: previousDidProof.previousDid });
+  const data = identifierToIdentityKeyBytes({ didUri: newDid });
+  const signature = Convert.base64Url(previousDidProof.signature).toUint8Array();
+  const isValid = await Ed25519.verify({ key, data, signature });
+
+  if (!isValid) {
+    throw new DidError(DidErrorCode.InvalidPreviousDidProof, 'The previous DID proof is invalid.');
+  }
+}