@fedify/fedify 2.2.0-pr.715.28 → 2.2.0-pr.731.34

package/dist/{proof-jHDv7IKD.js → proof-BJrEACyu.js}

@@ -1,16 +1,16 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { _ as version, d as validateCryptoKey, g as name, s as fetchKey } from "./http-C8puyZ4Z.js";
+import { _ as version, d as validateCryptoKey, g as name, s as fetchKey } from "./http-pZce7PcA.js";
 import { getLogger } from "@logtape/logtape";
-import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, getTypeId, isActor } from "@fedify/vocab";
+import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, PUBLIC_COLLECTION, getTypeId, isActor } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 import { encodeHex } from "byte-encodings/hex";
-import { getDocumentLoader } from "@fedify/vocab-runtime";
+import { getDocumentLoader, preloadedContexts } from "@fedify/vocab-runtime";
 import { decodeBase64, encodeBase64 } from "byte-encodings/base64";
 import jsonld from "@fedify/vocab-runtime/jsonld";
 import serialize from "json-canon";
 //#region src/sig/ld.ts
-const logger$1 = getLogger([
+const logger$3 = getLogger([
 	"fedify",
 	"sig",
 	"ld"
@@ -158,7 +158,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		signature = decodeBase64(sig.signatureValue);
 	} catch (error) {
-		logger$1.debug("Failed to verify; invalid base64 signatureValue: {signatureValue}", {
+		logger$3.debug("Failed to verify; invalid base64 signatureValue: {signatureValue}", {
 			...sig,
 			error
 		});
@@ -177,7 +177,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		sigOptsHash = await hashJsonLd(sigOpts, options.contextLoader);
 	} catch (error) {
-		logger$1.warn("Failed to verify; failed to hash the signature options: {signatureOptions}\n{error}", {
+		logger$3.warn("Failed to verify; failed to hash the signature options: {signatureOptions}\n{error}", {
 			signatureOptions: sigOpts,
 			error
 		});
@@ -189,7 +189,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		docHash = await hashJsonLd(document, options.contextLoader);
 	} catch (error) {
-		logger$1.warn("Failed to verify; failed to hash the document: {document}\n{error}", {
+		logger$3.warn("Failed to verify; failed to hash the document: {document}\n{error}", {
 			document,
 			error
 		});
@@ -200,7 +200,7 @@ async function verifySignature(jsonLd, options = {}) {
 	const messageBytes = encoder.encode(message);
 	if (await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes)) return key;
 	if (cached) {
-		logger$1.debug("Failed to verify with the cached key {keyId}; signature {signatureValue} is invalid.  Retrying with the freshly fetched key...", {
+		logger$3.debug("Failed to verify with the cached key {keyId}; signature {signatureValue} is invalid.  Retrying with the freshly fetched key...", {
 			keyId: sig.creator,
 			...sig
 		});
@@ -214,7 +214,7 @@ async function verifySignature(jsonLd, options = {}) {
 		if (key == null) return null;
 		return await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes) ? key : null;
 	}
-	logger$1.debug("Failed to verify with the fetched key {keyId}; signature {signatureValue} is invalid.  Check if the key is correct or if the signed message is correct.  The message to sign is:\n{message}", {
+	logger$3.debug("Failed to verify with the fetched key {keyId}; signature {signatureValue} is invalid.  Check if the key is correct or if the signed message is correct.  The message to sign is:\n{message}", {
 		keyId: sig.creator,
 		...sig,
 		message
@@ -246,12 +246,12 @@ async function verifyJsonLd(jsonLd, options = {}) {
 			const key = await verifySignature(jsonLd, options);
 			if (key == null) return false;
 			if (key.ownerId == null) {
-				logger$1.debug("Key {keyId} has no owner.", { keyId: key.id?.href });
+				logger$3.debug("Key {keyId} has no owner.", { keyId: key.id?.href });
 				return false;
 			}
 			attributions.delete(key.ownerId.href);
 			if (attributions.size > 0) {
-				logger$1.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
+				logger$3.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
 				return false;
 			}
 			return true;
@@ -386,6 +386,385 @@ async function getKeyOwner(keyId, options) {
 	return null;
 }
 //#endregion
+//#region src/compat/preloaded-context-loader.ts
+/**
+* A restricted JSON-LD document loader that resolves only contexts bundled
+* with Fedify.
+*
+* This is intentionally narrower than `getDocumentLoader()`: normalization
+* helpers are also reached from verification paths that operate on inbound,
+* attacker-controlled JSON-LD, so the default fallback must never fetch
+* attacker-supplied context URLs.
+*/
+const preloadedOnlyDocumentLoader = (url) => {
+	if (Object.hasOwn(preloadedContexts, url)) return Promise.resolve({
+		contextUrl: null,
+		documentUrl: url,
+		document: preloadedContexts[url]
+	});
+	return Promise.reject(/* @__PURE__ */ new Error("Refusing to fetch a non-preloaded JSON-LD context: " + url));
+};
+//#endregion
+//#region src/compat/public-audience.ts
+const logger$2 = getLogger([
+	"fedify",
+	"compat",
+	"public-audience"
+]);
+const PUBLIC_ADDRESSING_FIELDS = new Set([
+	"to",
+	"cc",
+	"bto",
+	"bcc",
+	"audience"
+]);
+const AS_CONTEXT_URL$1 = "https://www.w3.org/ns/activitystreams";
+const MAX_TRAVERSAL_DEPTH$1 = 64;
+const KNOWN_SAFE_CONTEXT_URLS$1 = new Set(Object.keys(preloadedContexts));
+function hasPublicCurieInAddressing(value, parentKey, depth = 0) {
+	if (typeof value === "string") return parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public");
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return false;
+	if (Array.isArray(value)) return value.some((item) => hasPublicCurieInAddressing(item, parentKey, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasPublicCurieInAddressing(record[key], key, depth + 1)) return true;
+	}
+	return false;
+}
+function rewritePublicAudience(value, parentKey, depth = 0) {
+	if (typeof value === "string" && parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public")) return PUBLIC_COLLECTION.href;
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return value;
+	if (Array.isArray(value)) {
+		let changed = false;
+		const mapped = value.map((item) => {
+			const rewritten = rewritePublicAudience(item, parentKey, depth + 1);
+			if (rewritten !== item) changed = true;
+			return rewritten;
+		});
+		return changed ? mapped : value;
+	}
+	if (typeof value !== "object" || value == null) return value;
+	const record = value;
+	let changed = false;
+	const normalized = Object.create(null);
+	for (const key of Object.keys(record)) {
+		const rewritten = key === "@context" ? record[key] : rewritePublicAudience(record[key], key, depth + 1);
+		if (rewritten !== record[key]) changed = true;
+		normalized[key] = rewritten;
+	}
+	return changed ? normalized : value;
+}
+/**
+* Reports whether `value` carries an `@context` property anywhere inside
+* its subtree (not counting the value itself).  A nested `@context` can
+* introduce a local term-definition scope that redefines `as:` or `Public`
+* even when the top-level `@context` is safe, so the fast path must defer
+* to the URDNA2015 equivalence check whenever one is present.
+*/
+function hasNestedContext$1(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return true;
+	if (Array.isArray(value)) return value.some((item) => hasNestedContext$1(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") return true;
+		if (hasNestedContext$1(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+/**
+* Checks whether the `@context` of a JSON-LD document is guaranteed not
+* to redefine the `as:` prefix or the bare `Public` term.  Only documents
+* whose `@context` is a string, or an array of strings, drawn from Fedify's
+* preloaded context set AND including the ActivityStreams URL qualify,
+* AND no nested subtree carries its own `@context` that might redefine
+* those terms within a local scope.  When all of that holds the rewrite
+* is provably semantics-preserving and the URDNA2015 equivalence check
+* can be skipped.  Any other shape (unknown external URLs, inline
+* objects at the top level, nested `@context` blocks) is treated as
+* potentially unsafe.
+*/
+function hasKnownSafeContext$1(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return false;
+	const record = jsonLd;
+	if (!Object.hasOwn(record, "@context")) return false;
+	const ctx = record["@context"];
+	const entries = typeof ctx === "string" ? [ctx] : Array.isArray(ctx) ? ctx : null;
+	if (entries == null || entries.length === 0) return false;
+	let hasAs = false;
+	for (const entry of entries) {
+		if (typeof entry !== "string") return false;
+		if (!KNOWN_SAFE_CONTEXT_URLS$1.has(entry)) return false;
+		if (entry === AS_CONTEXT_URL$1) hasAs = true;
+	}
+	if (!hasAs) return false;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasNestedContext$1(record[key])) return false;
+	}
+	return true;
+}
+/**
+* Rewrites the compact `as:Public` / `Public` CURIE appearing in activity
+* addressing fields (`to`, `cc`, `bto`, `bcc`, `audience`) to the fully
+* expanded `https://www.w3.org/ns/activitystreams#Public` URI.
+*
+* Several ActivityPub implementations, Lemmy among them, match these
+* fields as plain URLs without running JSON-LD expansion, and silently
+* drop activities whose public addressing appears in CURIE form.  This
+* helper works around that gap.
+*
+* For documents whose `@context` is drawn entirely from Fedify's
+* preloaded context set and includes the ActivityStreams URL, the
+* rewrite is applied directly: the content of every preloaded non-AS
+* context is known not to redefine the `as:` prefix or the bare `Public`
+* term, so the semantics are preserved by construction.  Any other
+* shape (an inline object, an unknown external URL, and so on) is
+* treated as potentially unsafe and gated on a JSON-LD equivalence
+* check; both forms are canonicalized with URDNA2015 and the resulting
+* N-Quads are compared.  When they differ, the original document is
+* returned unchanged.  Canonicalization failures also fall back to the
+* original document.
+*
+* When no `contextLoader` is supplied the helper falls back to an
+* internal loader that resolves only the URLs in Fedify's
+* preloaded-contexts set and rejects every other URL without issuing a
+* network request.  That behaviour is deliberately narrower than
+* `@fedify/vocab-runtime`'s `getDocumentLoader()`, which after its
+* `validatePublicUrl` check will happily fetch non-preloaded URLs: the
+* helper is reached from verification paths (`verifyProof()` /
+* `verifyObject()`) that operate on inbound, potentially adversarial
+* JSON-LD, and a default loader that fetches attacker-supplied
+* `@context` URLs on the caller's behalf would be an SSRF vector.
+* Canonicalization failures against the restricted loader fall back to
+* the original document, same as any other canonicalization error.
+* Callers that genuinely need the remote-fetch loader (for example
+* applications that sign local JSON-LD against a custom vocabulary)
+* should pass a `contextLoader` explicitly.
+*
+* Must be called before any signing step that canonicalizes the
+* compact form byte-for-byte (for example, Object Integrity Proofs
+* using the `eddsa-jcs-2022` cryptosuite), so the signed payload
+* matches what is sent on the wire.
+*/
+async function normalizePublicAudience(jsonLd, contextLoader) {
+	if (!hasPublicCurieInAddressing(jsonLd)) return jsonLd;
+	const normalized = rewritePublicAudience(jsonLd);
+	if (hasKnownSafeContext$1(jsonLd)) return normalized;
+	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
+	try {
+		const [before, after] = await Promise.all([jsonld.canonize(jsonLd, {
+			format: "application/n-quads",
+			documentLoader: loader
+		}), jsonld.canonize(normalized, {
+			format: "application/n-quads",
+			documentLoader: loader
+		})]);
+		if (before === after) return normalized;
+		logger$2.warn("Expanding the public audience CURIE to its full URI would change the canonical form of the activity; sending the activity as is.  This usually means the active JSON-LD context redefines the `as:` prefix or the bare `Public` term.");
+	} catch (error) {
+		logger$2.debug("Failed to verify public audience normalization equivalence via JSON-LD canonicalization; sending the activity as is.\n{error}", { error });
+	}
+	return jsonLd;
+}
+//#endregion
+//#region src/compat/outgoing-jsonld.ts
+const logger$1 = getLogger([
+	"fedify",
+	"compat",
+	"outgoing-jsonld"
+]);
+const ATTACHMENT_FIELDS = new Set(["attachment", "https://www.w3.org/ns/activitystreams#attachment"]);
+const AS_CONTEXT_URL = "https://www.w3.org/ns/activitystreams";
+const KNOWN_SAFE_CONTEXT_URLS = getKnownSafeContextUrls();
+const MAX_TRAVERSAL_DEPTH = 64;
+function isJsonLdListObject(value) {
+	return typeof value === "object" && value != null && Object.hasOwn(value, "@list");
+}
+function isJsonLdValueObject(value) {
+	return typeof value === "object" && value != null && Object.hasOwn(value, "@value");
+}
+function* getContextObjects(value, seen = /* @__PURE__ */ new WeakSet()) {
+	if (Array.isArray(value)) {
+		if (seen.has(value)) return;
+		seen.add(value);
+		for (const item of value) yield* getContextObjects(item, seen);
+		return;
+	}
+	if (typeof value === "object" && value != null) {
+		if (seen.has(value)) return;
+		seen.add(value);
+		const record = value;
+		yield record;
+		for (const definition of Object.values(record)) {
+			if (typeof definition !== "object" || definition == null) continue;
+			const nestedContext = definition["@context"];
+			if (nestedContext == null) continue;
+			yield* getContextObjects(nestedContext, seen);
+		}
+	}
+}
+function isActivityStreamsAttachmentTerm(value) {
+	return typeof value === "object" && value != null && value["@id"] === "as:attachment" && value["@type"] === "@id";
+}
+/** @internal */
+function isPreloadedContextAttachmentSafe(document) {
+	if (typeof document !== "object" || document == null) return true;
+	const context = document["@context"];
+	for (const contextObject of getContextObjects(context)) {
+		if (!Object.hasOwn(contextObject, "attachment")) continue;
+		if (isActivityStreamsAttachmentTerm(contextObject.attachment)) continue;
+		return false;
+	}
+	return true;
+}
+function getKnownSafeContextUrls() {
+	const urls = /* @__PURE__ */ new Set();
+	for (const [url, document] of Object.entries(preloadedContexts)) if (isPreloadedContextAttachmentSafe(document)) urls.add(url);
+	else logger$1.warn("Preloaded JSON-LD context {contextUrl} redefines the `attachment` term incompatibly; attachment array normalization will require canonicalization for documents using it.", { contextUrl: url });
+	return urls;
+}
+/**
+* Wraps scalar ActivityStreams attachment properties in arrays.
+*/
+function wrapScalarAttachments(jsonLd, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return jsonLd;
+	if (Array.isArray(jsonLd)) {
+		let normalized = null;
+		for (let i = 0; i < jsonLd.length; i++) {
+			const item = jsonLd[i];
+			const next = wrapScalarAttachments(item, depth + 1);
+			if (normalized == null && next !== item) normalized = jsonLd.slice(0, i);
+			if (normalized != null) normalized[i] = next;
+		}
+		return normalized ?? jsonLd;
+	}
+	if (typeof jsonLd !== "object" || jsonLd == null) return jsonLd;
+	const record = jsonLd;
+	const keys = Object.keys(record);
+	let normalized = null;
+	for (let i = 0; i < keys.length; i++) {
+		const key = keys[i];
+		const value = record[key];
+		const next = key === "@context" || key === "@value" && isJsonLdValueObject(jsonLd) ? value : wrapScalarAttachments(value, depth + 1);
+		const output = ATTACHMENT_FIELDS.has(key) && next != null && !Array.isArray(next) && !isJsonLdListObject(next) ? [next] : next;
+		if (normalized == null && output !== value) {
+			const cloned = Object.create(null);
+			for (let j = 0; j < i; j++) {
+				const previousKey = keys[j];
+				cloned[previousKey] = record[previousKey];
+			}
+			normalized = cloned;
+		}
+		if (normalized != null) normalized[key] = output;
+	}
+	return normalized ?? jsonLd;
+}
+function hasNestedContext(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
+	if (Array.isArray(value)) return value.some((item) => hasNestedContext(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") return true;
+		if (key === "@value" && isJsonLdValueObject(value)) continue;
+		if (hasNestedContext(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+function exceedsTraversalDepth(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
+	if (Array.isArray(value)) return value.some((item) => exceedsTraversalDepth(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context" || key === "@value" && isJsonLdValueObject(value)) continue;
+		if (exceedsTraversalDepth(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+function hasKnownSafeContext(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return false;
+	const record = jsonLd;
+	if (!Object.hasOwn(record, "@context")) return false;
+	const context = record["@context"];
+	const entries = typeof context === "string" ? [context] : Array.isArray(context) ? context : null;
+	if (entries == null || entries.length < 1) return false;
+	let hasActivityStreamsContext = false;
+	for (const entry of entries) {
+		if (typeof entry !== "string") return false;
+		if (!KNOWN_SAFE_CONTEXT_URLS.has(entry)) return false;
+		if (entry === AS_CONTEXT_URL) hasActivityStreamsContext = true;
+	}
+	if (!hasActivityStreamsContext) return false;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasNestedContext(record[key])) return false;
+	}
+	return true;
+}
+function getLogSafeJsonLdMetadata(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return {};
+	const record = jsonLd;
+	const context = record["@context"];
+	return {
+		id: typeof record.id === "string" ? record.id : typeof record["@id"] === "string" ? record["@id"] : void 0,
+		type: typeof record.type === "string" ? record.type : typeof record["@type"] === "string" ? record["@type"] : void 0,
+		context: typeof context === "string" ? context : Array.isArray(context) ? context.filter((entry) => typeof entry === "string").slice(0, 4) : context == null ? void 0 : "[inline context]"
+	};
+}
+/**
+* Ensures ActivityStreams attachment properties are represented as arrays
+* when doing so preserves the JSON-LD semantics.
+*
+* JSON-LD compaction collapses single-item arrays into scalar values by
+* default.  Some ActivityPub implementations, Pixelfed among them, parse
+* `attachment` as a plain JSON array rather than a JSON-LD property and reject
+* otherwise valid objects whose single attachment is emitted as a scalar.
+*
+* When no `contextLoader` is supplied, the helper falls back to a restricted
+* loader that resolves only Fedify's preloaded JSON-LD contexts and rejects
+* every other URL without network access.  Documents with custom, inline, or
+* otherwise uncached contexts should pass a real `contextLoader` if they need
+* the semantic-preservation check to succeed; otherwise canonicalization
+* failures leave the original document unchanged.
+*/
+async function normalizeAttachmentArrays(jsonLd, contextLoader) {
+	const normalized = wrapScalarAttachments(jsonLd);
+	if (normalized === jsonLd) return jsonLd;
+	if (exceedsTraversalDepth(jsonLd)) {
+		logger$1.debug("Skipping attachment array normalization because the JSON-LD document exceeds the safe traversal depth; leaving it unchanged.");
+		return jsonLd;
+	}
+	if (hasKnownSafeContext(jsonLd)) return normalized;
+	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
+	try {
+		const [before, after] = await Promise.all([jsonld.canonize(jsonLd, {
+			format: "application/n-quads",
+			documentLoader: loader
+		}), jsonld.canonize(normalized, {
+			format: "application/n-quads",
+			documentLoader: loader
+		})]);
+		if (before === after) return normalized;
+		logger$1.warn("Wrapping scalar attachment values in arrays would change the canonical form of the JSON-LD document; leaving it unchanged.  This usually means the active JSON-LD context redefines the `attachment` term.  Document: {id}; type: {type}; context: {context}.", getLogSafeJsonLdMetadata(jsonLd));
+	} catch (error) {
+		logger$1.debug("Failed to verify attachment array normalization equivalence via JSON-LD canonicalization; leaving the JSON-LD document unchanged.\n{error}", { error });
+	}
+	return jsonLd;
+}
+/**
+* Applies Fedify's internal JSON-LD wire-format interoperability workarounds
+* to locally generated outgoing activities before they are signed, enqueued,
+* or sent.
+*/
+async function normalizeOutgoingActivityJsonLd(jsonLd, contextLoader) {
+	jsonLd = await normalizePublicAudience(jsonLd, contextLoader);
+	return await normalizeAttachmentArrays(jsonLd, contextLoader);
+}
+//#endregion
 //#region src/sig/proof.ts
 const logger = getLogger([
 	"fedify",
@@ -434,11 +813,12 @@ function hasProofLike(jsonLd) {
 async function createProof(object, privateKey, keyId, { contextLoader, context, created } = {}) {
 	validateCryptoKey(privateKey, "private");
 	if (privateKey.algorithm.name !== "Ed25519") throw new TypeError("Unsupported algorithm: " + privateKey.algorithm.name);
-	const compactMsg = await object.clone({ proofs: [] }).toJsonLd({
+	let compactMsg = await object.clone({ proofs: [] }).toJsonLd({
 		format: "compact",
 		contextLoader,
 		context
 	});
+	compactMsg = await normalizeOutgoingActivityJsonLd(compactMsg, contextLoader);
 	const msgCanon = serialize(compactMsg);
 	const encoder = new TextEncoder();
 	const msgBytes = encoder.encode(msgCanon);
@@ -533,27 +913,22 @@ async function verifyProof(jsonLd, proof, options = {}) {
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
-	if (typeof jsonLd !== "object" || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
+	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
 	const publicKeyPromise = fetchKey(proof.verificationMethodId, Multikey, options);
-	const proofCanon = serialize({
+	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
 		cryptosuite: proof.cryptosuite,
 		verificationMethod: proof.verificationMethodId.href,
 		proofPurpose: proof.proofPurpose,
 		created: proof.created.toString()
-	});
+	};
 	const encoder = new TextEncoder();
-	const proofBytes = encoder.encode(proofCanon);
+	const proofBytes = encoder.encode(serialize(proofConfig));
 	const proofDigest = await crypto.subtle.digest("SHA-256", proofBytes);
 	const msg = { ...jsonLd };
 	if ("proof" in msg) delete msg.proof;
-	const msgCanon = serialize(msg);
-	const msgBytes = encoder.encode(msgCanon);
-	const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
-	const digest = new Uint8Array(proofDigest.byteLength + msgDigest.byteLength);
-	digest.set(new Uint8Array(proofDigest), 0);
-	digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+	if ("https://w3id.org/security#proof" in msg) delete msg["https://w3id.org/security#proof"];
 	let fetchedKey;
 	try {
 		fetchedKey = await publicKeyPromise;
@@ -582,7 +957,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			return await verifyProof(jsonLd, proof, {
 				...options,
 				keyCache: {
-					get: () => Promise.resolve(null),
+					get: () => Promise.resolve(void 0),
 					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
 				}
 			});
@@ -593,27 +968,36 @@ async function verifyProofInternal(jsonLd, proof, options) {
 		});
 		return null;
 	}
-	if (!await crypto.subtle.verify("Ed25519", publicKey.publicKey, proof.proofValue.slice(), digest)) {
-		if (fetchedKey.cached) {
-			logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
-				keyId: proof.verificationMethodId.href,
-				proof
-			});
-			return await verifyProof(jsonLd, proof, {
-				...options,
-				keyCache: {
-					get: () => Promise.resolve(void 0),
-					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
-				}
-			});
-		}
-		logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+	const digest = new Uint8Array(proofDigest.byteLength + 32);
+	digest.set(new Uint8Array(proofDigest), 0);
+	const proofValue = proof.proofValue;
+	const verifyCandidate = async (candidate) => {
+		const msgBytes = encoder.encode(serialize(candidate));
+		const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
+		digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+		return await crypto.subtle.verify("Ed25519", publicKey.publicKey, proofValue.slice(), digest);
+	};
+	if (await verifyCandidate(msg)) return publicKey;
+	const normalized = await normalizeOutgoingActivityJsonLd(msg, preloadedOnlyDocumentLoader);
+	if (normalized !== msg && await verifyCandidate(normalized)) return publicKey;
+	if (fetchedKey.cached) {
+		logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return null;
+		return await verifyProof(jsonLd, proof, {
+			...options,
+			keyCache: {
+				get: () => Promise.resolve(void 0),
+				set: async (keyId, key) => await options.keyCache?.set(keyId, key)
+			}
+		});
 	}
-	return publicKey;
+	logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+		keyId: proof.verificationMethodId.href,
+		proof
+	});
+	return null;
 }
 /**
 * Verifies the given object.  It will verify all the proofs in the object,
@@ -654,4 +1038,4 @@ async function verifyObject(cls, jsonLd, options = {}) {
 	return object;
 }
 //#endregion
-export { verifyProof as a, attachSignature as c, hasSignatureLike as d, signJsonLd as f, verifyObject as i, createSignature as l, verifySignature as m, hasProofLike as n, doesActorOwnKey as o, verifyJsonLd as p, signObject as r, getKeyOwner as s, createProof as t, detachSignature as u };
+export { verifyProof as a, getKeyOwner as c, detachSignature as d, hasSignatureLike as f, verifySignature as h, verifyObject as i, attachSignature as l, verifyJsonLd as m, hasProofLike as n, normalizeOutgoingActivityJsonLd as o, signJsonLd as p, signObject as r, doesActorOwnKey as s, createProof as t, createSignature as u };