@fedify/fedify 2.2.0-pr.715.28 → 2.2.0-pr.731.34

package/dist/{proof-D-HuDCQe.cjs → proof-CFERN43j.cjs}

@@ -1,7 +1,7 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 const require_chunk = require("./chunk-DDcVe30Y.cjs");
-const require_http = require("./http-Wm7tvhRa.cjs");
+const require_http = require("./http-H-4FzBb3.cjs");
 let _logtape_logtape = require("@logtape/logtape");
 let _fedify_vocab = require("@fedify/vocab");
 let _opentelemetry_api = require("@opentelemetry/api");
@@ -13,7 +13,7 @@ _fedify_vocab_runtime_jsonld = require_chunk.__toESM(_fedify_vocab_runtime_jsonl
 let json_canon = require("json-canon");
 json_canon = require_chunk.__toESM(json_canon);
 //#region src/sig/ld.ts
-const logger$1 = (0, _logtape_logtape.getLogger)([
+const logger$3 = (0, _logtape_logtape.getLogger)([
 	"fedify",
 	"sig",
 	"ld"
@@ -161,7 +161,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		signature = (0, byte_encodings_base64.decodeBase64)(sig.signatureValue);
 	} catch (error) {
-		logger$1.debug("Failed to verify; invalid base64 signatureValue: {signatureValue}", {
+		logger$3.debug("Failed to verify; invalid base64 signatureValue: {signatureValue}", {
 			...sig,
 			error
 		});
@@ -180,7 +180,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		sigOptsHash = await hashJsonLd(sigOpts, options.contextLoader);
 	} catch (error) {
-		logger$1.warn("Failed to verify; failed to hash the signature options: {signatureOptions}\n{error}", {
+		logger$3.warn("Failed to verify; failed to hash the signature options: {signatureOptions}\n{error}", {
 			signatureOptions: sigOpts,
 			error
 		});
@@ -192,7 +192,7 @@ async function verifySignature(jsonLd, options = {}) {
 	try {
 		docHash = await hashJsonLd(document, options.contextLoader);
 	} catch (error) {
-		logger$1.warn("Failed to verify; failed to hash the document: {document}\n{error}", {
+		logger$3.warn("Failed to verify; failed to hash the document: {document}\n{error}", {
 			document,
 			error
 		});
@@ -203,7 +203,7 @@ async function verifySignature(jsonLd, options = {}) {
 	const messageBytes = encoder.encode(message);
 	if (await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes)) return key;
 	if (cached) {
-		logger$1.debug("Failed to verify with the cached key {keyId}; signature {signatureValue} is invalid.  Retrying with the freshly fetched key...", {
+		logger$3.debug("Failed to verify with the cached key {keyId}; signature {signatureValue} is invalid.  Retrying with the freshly fetched key...", {
 			keyId: sig.creator,
 			...sig
 		});
@@ -217,7 +217,7 @@ async function verifySignature(jsonLd, options = {}) {
 		if (key == null) return null;
 		return await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes) ? key : null;
 	}
-	logger$1.debug("Failed to verify with the fetched key {keyId}; signature {signatureValue} is invalid.  Check if the key is correct or if the signed message is correct.  The message to sign is:\n{message}", {
+	logger$3.debug("Failed to verify with the fetched key {keyId}; signature {signatureValue} is invalid.  Check if the key is correct or if the signed message is correct.  The message to sign is:\n{message}", {
 		keyId: sig.creator,
 		...sig,
 		message
@@ -249,12 +249,12 @@ async function verifyJsonLd(jsonLd, options = {}) {
 			const key = await verifySignature(jsonLd, options);
 			if (key == null) return false;
 			if (key.ownerId == null) {
-				logger$1.debug("Key {keyId} has no owner.", { keyId: key.id?.href });
+				logger$3.debug("Key {keyId} has no owner.", { keyId: key.id?.href });
 				return false;
 			}
 			attributions.delete(key.ownerId.href);
 			if (attributions.size > 0) {
-				logger$1.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
+				logger$3.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
 				return false;
 			}
 			return true;
@@ -389,6 +389,385 @@ async function getKeyOwner(keyId, options) {
 	return null;
 }
 //#endregion
+//#region src/compat/preloaded-context-loader.ts
+/**
+* A restricted JSON-LD document loader that resolves only contexts bundled
+* with Fedify.
+*
+* This is intentionally narrower than `getDocumentLoader()`: normalization
+* helpers are also reached from verification paths that operate on inbound,
+* attacker-controlled JSON-LD, so the default fallback must never fetch
+* attacker-supplied context URLs.
+*/
+const preloadedOnlyDocumentLoader = (url) => {
+	if (Object.hasOwn(_fedify_vocab_runtime.preloadedContexts, url)) return Promise.resolve({
+		contextUrl: null,
+		documentUrl: url,
+		document: _fedify_vocab_runtime.preloadedContexts[url]
+	});
+	return Promise.reject(/* @__PURE__ */ new Error("Refusing to fetch a non-preloaded JSON-LD context: " + url));
+};
+//#endregion
+//#region src/compat/public-audience.ts
+const logger$2 = (0, _logtape_logtape.getLogger)([
+	"fedify",
+	"compat",
+	"public-audience"
+]);
+const PUBLIC_ADDRESSING_FIELDS = new Set([
+	"to",
+	"cc",
+	"bto",
+	"bcc",
+	"audience"
+]);
+const AS_CONTEXT_URL$1 = "https://www.w3.org/ns/activitystreams";
+const MAX_TRAVERSAL_DEPTH$1 = 64;
+const KNOWN_SAFE_CONTEXT_URLS$1 = new Set(Object.keys(_fedify_vocab_runtime.preloadedContexts));
+function hasPublicCurieInAddressing(value, parentKey, depth = 0) {
+	if (typeof value === "string") return parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public");
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return false;
+	if (Array.isArray(value)) return value.some((item) => hasPublicCurieInAddressing(item, parentKey, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasPublicCurieInAddressing(record[key], key, depth + 1)) return true;
+	}
+	return false;
+}
+function rewritePublicAudience(value, parentKey, depth = 0) {
+	if (typeof value === "string" && parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public")) return _fedify_vocab.PUBLIC_COLLECTION.href;
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return value;
+	if (Array.isArray(value)) {
+		let changed = false;
+		const mapped = value.map((item) => {
+			const rewritten = rewritePublicAudience(item, parentKey, depth + 1);
+			if (rewritten !== item) changed = true;
+			return rewritten;
+		});
+		return changed ? mapped : value;
+	}
+	if (typeof value !== "object" || value == null) return value;
+	const record = value;
+	let changed = false;
+	const normalized = Object.create(null);
+	for (const key of Object.keys(record)) {
+		const rewritten = key === "@context" ? record[key] : rewritePublicAudience(record[key], key, depth + 1);
+		if (rewritten !== record[key]) changed = true;
+		normalized[key] = rewritten;
+	}
+	return changed ? normalized : value;
+}
+/**
+* Reports whether `value` carries an `@context` property anywhere inside
+* its subtree (not counting the value itself).  A nested `@context` can
+* introduce a local term-definition scope that redefines `as:` or `Public`
+* even when the top-level `@context` is safe, so the fast path must defer
+* to the URDNA2015 equivalence check whenever one is present.
+*/
+function hasNestedContext$1(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH$1) return true;
+	if (Array.isArray(value)) return value.some((item) => hasNestedContext$1(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") return true;
+		if (hasNestedContext$1(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+/**
+* Checks whether the `@context` of a JSON-LD document is guaranteed not
+* to redefine the `as:` prefix or the bare `Public` term.  Only documents
+* whose `@context` is a string, or an array of strings, drawn from Fedify's
+* preloaded context set AND including the ActivityStreams URL qualify,
+* AND no nested subtree carries its own `@context` that might redefine
+* those terms within a local scope.  When all of that holds the rewrite
+* is provably semantics-preserving and the URDNA2015 equivalence check
+* can be skipped.  Any other shape (unknown external URLs, inline
+* objects at the top level, nested `@context` blocks) is treated as
+* potentially unsafe.
+*/
+function hasKnownSafeContext$1(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return false;
+	const record = jsonLd;
+	if (!Object.hasOwn(record, "@context")) return false;
+	const ctx = record["@context"];
+	const entries = typeof ctx === "string" ? [ctx] : Array.isArray(ctx) ? ctx : null;
+	if (entries == null || entries.length === 0) return false;
+	let hasAs = false;
+	for (const entry of entries) {
+		if (typeof entry !== "string") return false;
+		if (!KNOWN_SAFE_CONTEXT_URLS$1.has(entry)) return false;
+		if (entry === AS_CONTEXT_URL$1) hasAs = true;
+	}
+	if (!hasAs) return false;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasNestedContext$1(record[key])) return false;
+	}
+	return true;
+}
+/**
+* Rewrites the compact `as:Public` / `Public` CURIE appearing in activity
+* addressing fields (`to`, `cc`, `bto`, `bcc`, `audience`) to the fully
+* expanded `https://www.w3.org/ns/activitystreams#Public` URI.
+*
+* Several ActivityPub implementations, Lemmy among them, match these
+* fields as plain URLs without running JSON-LD expansion, and silently
+* drop activities whose public addressing appears in CURIE form.  This
+* helper works around that gap.
+*
+* For documents whose `@context` is drawn entirely from Fedify's
+* preloaded context set and includes the ActivityStreams URL, the
+* rewrite is applied directly: the content of every preloaded non-AS
+* context is known not to redefine the `as:` prefix or the bare `Public`
+* term, so the semantics are preserved by construction.  Any other
+* shape (an inline object, an unknown external URL, and so on) is
+* treated as potentially unsafe and gated on a JSON-LD equivalence
+* check; both forms are canonicalized with URDNA2015 and the resulting
+* N-Quads are compared.  When they differ, the original document is
+* returned unchanged.  Canonicalization failures also fall back to the
+* original document.
+*
+* When no `contextLoader` is supplied the helper falls back to an
+* internal loader that resolves only the URLs in Fedify's
+* preloaded-contexts set and rejects every other URL without issuing a
+* network request.  That behaviour is deliberately narrower than
+* `@fedify/vocab-runtime`'s `getDocumentLoader()`, which after its
+* `validatePublicUrl` check will happily fetch non-preloaded URLs: the
+* helper is reached from verification paths (`verifyProof()` /
+* `verifyObject()`) that operate on inbound, potentially adversarial
+* JSON-LD, and a default loader that fetches attacker-supplied
+* `@context` URLs on the caller's behalf would be an SSRF vector.
+* Canonicalization failures against the restricted loader fall back to
+* the original document, same as any other canonicalization error.
+* Callers that genuinely need the remote-fetch loader (for example
+* applications that sign local JSON-LD against a custom vocabulary)
+* should pass a `contextLoader` explicitly.
+*
+* Must be called before any signing step that canonicalizes the
+* compact form byte-for-byte (for example, Object Integrity Proofs
+* using the `eddsa-jcs-2022` cryptosuite), so the signed payload
+* matches what is sent on the wire.
+*/
+async function normalizePublicAudience(jsonLd, contextLoader) {
+	if (!hasPublicCurieInAddressing(jsonLd)) return jsonLd;
+	const normalized = rewritePublicAudience(jsonLd);
+	if (hasKnownSafeContext$1(jsonLd)) return normalized;
+	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
+	try {
+		const [before, after] = await Promise.all([_fedify_vocab_runtime_jsonld.default.canonize(jsonLd, {
+			format: "application/n-quads",
+			documentLoader: loader
+		}), _fedify_vocab_runtime_jsonld.default.canonize(normalized, {
+			format: "application/n-quads",
+			documentLoader: loader
+		})]);
+		if (before === after) return normalized;
+		logger$2.warn("Expanding the public audience CURIE to its full URI would change the canonical form of the activity; sending the activity as is.  This usually means the active JSON-LD context redefines the `as:` prefix or the bare `Public` term.");
+	} catch (error) {
+		logger$2.debug("Failed to verify public audience normalization equivalence via JSON-LD canonicalization; sending the activity as is.\n{error}", { error });
+	}
+	return jsonLd;
+}
+//#endregion
+//#region src/compat/outgoing-jsonld.ts
+const logger$1 = (0, _logtape_logtape.getLogger)([
+	"fedify",
+	"compat",
+	"outgoing-jsonld"
+]);
+const ATTACHMENT_FIELDS = new Set(["attachment", "https://www.w3.org/ns/activitystreams#attachment"]);
+const AS_CONTEXT_URL = "https://www.w3.org/ns/activitystreams";
+const KNOWN_SAFE_CONTEXT_URLS = getKnownSafeContextUrls();
+const MAX_TRAVERSAL_DEPTH = 64;
+function isJsonLdListObject(value) {
+	return typeof value === "object" && value != null && Object.hasOwn(value, "@list");
+}
+function isJsonLdValueObject(value) {
+	return typeof value === "object" && value != null && Object.hasOwn(value, "@value");
+}
+function* getContextObjects(value, seen = /* @__PURE__ */ new WeakSet()) {
+	if (Array.isArray(value)) {
+		if (seen.has(value)) return;
+		seen.add(value);
+		for (const item of value) yield* getContextObjects(item, seen);
+		return;
+	}
+	if (typeof value === "object" && value != null) {
+		if (seen.has(value)) return;
+		seen.add(value);
+		const record = value;
+		yield record;
+		for (const definition of Object.values(record)) {
+			if (typeof definition !== "object" || definition == null) continue;
+			const nestedContext = definition["@context"];
+			if (nestedContext == null) continue;
+			yield* getContextObjects(nestedContext, seen);
+		}
+	}
+}
+function isActivityStreamsAttachmentTerm(value) {
+	return typeof value === "object" && value != null && value["@id"] === "as:attachment" && value["@type"] === "@id";
+}
+/** @internal */
+function isPreloadedContextAttachmentSafe(document) {
+	if (typeof document !== "object" || document == null) return true;
+	const context = document["@context"];
+	for (const contextObject of getContextObjects(context)) {
+		if (!Object.hasOwn(contextObject, "attachment")) continue;
+		if (isActivityStreamsAttachmentTerm(contextObject.attachment)) continue;
+		return false;
+	}
+	return true;
+}
+function getKnownSafeContextUrls() {
+	const urls = /* @__PURE__ */ new Set();
+	for (const [url, document] of Object.entries(_fedify_vocab_runtime.preloadedContexts)) if (isPreloadedContextAttachmentSafe(document)) urls.add(url);
+	else logger$1.warn("Preloaded JSON-LD context {contextUrl} redefines the `attachment` term incompatibly; attachment array normalization will require canonicalization for documents using it.", { contextUrl: url });
+	return urls;
+}
+/**
+* Wraps scalar ActivityStreams attachment properties in arrays.
+*/
+function wrapScalarAttachments(jsonLd, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return jsonLd;
+	if (Array.isArray(jsonLd)) {
+		let normalized = null;
+		for (let i = 0; i < jsonLd.length; i++) {
+			const item = jsonLd[i];
+			const next = wrapScalarAttachments(item, depth + 1);
+			if (normalized == null && next !== item) normalized = jsonLd.slice(0, i);
+			if (normalized != null) normalized[i] = next;
+		}
+		return normalized ?? jsonLd;
+	}
+	if (typeof jsonLd !== "object" || jsonLd == null) return jsonLd;
+	const record = jsonLd;
+	const keys = Object.keys(record);
+	let normalized = null;
+	for (let i = 0; i < keys.length; i++) {
+		const key = keys[i];
+		const value = record[key];
+		const next = key === "@context" || key === "@value" && isJsonLdValueObject(jsonLd) ? value : wrapScalarAttachments(value, depth + 1);
+		const output = ATTACHMENT_FIELDS.has(key) && next != null && !Array.isArray(next) && !isJsonLdListObject(next) ? [next] : next;
+		if (normalized == null && output !== value) {
+			const cloned = Object.create(null);
+			for (let j = 0; j < i; j++) {
+				const previousKey = keys[j];
+				cloned[previousKey] = record[previousKey];
+			}
+			normalized = cloned;
+		}
+		if (normalized != null) normalized[key] = output;
+	}
+	return normalized ?? jsonLd;
+}
+function hasNestedContext(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
+	if (Array.isArray(value)) return value.some((item) => hasNestedContext(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") return true;
+		if (key === "@value" && isJsonLdValueObject(value)) continue;
+		if (hasNestedContext(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+function exceedsTraversalDepth(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
+	if (Array.isArray(value)) return value.some((item) => exceedsTraversalDepth(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context" || key === "@value" && isJsonLdValueObject(value)) continue;
+		if (exceedsTraversalDepth(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+function hasKnownSafeContext(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return false;
+	const record = jsonLd;
+	if (!Object.hasOwn(record, "@context")) return false;
+	const context = record["@context"];
+	const entries = typeof context === "string" ? [context] : Array.isArray(context) ? context : null;
+	if (entries == null || entries.length < 1) return false;
+	let hasActivityStreamsContext = false;
+	for (const entry of entries) {
+		if (typeof entry !== "string") return false;
+		if (!KNOWN_SAFE_CONTEXT_URLS.has(entry)) return false;
+		if (entry === AS_CONTEXT_URL) hasActivityStreamsContext = true;
+	}
+	if (!hasActivityStreamsContext) return false;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasNestedContext(record[key])) return false;
+	}
+	return true;
+}
+function getLogSafeJsonLdMetadata(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return {};
+	const record = jsonLd;
+	const context = record["@context"];
+	return {
+		id: typeof record.id === "string" ? record.id : typeof record["@id"] === "string" ? record["@id"] : void 0,
+		type: typeof record.type === "string" ? record.type : typeof record["@type"] === "string" ? record["@type"] : void 0,
+		context: typeof context === "string" ? context : Array.isArray(context) ? context.filter((entry) => typeof entry === "string").slice(0, 4) : context == null ? void 0 : "[inline context]"
+	};
+}
+/**
+* Ensures ActivityStreams attachment properties are represented as arrays
+* when doing so preserves the JSON-LD semantics.
+*
+* JSON-LD compaction collapses single-item arrays into scalar values by
+* default.  Some ActivityPub implementations, Pixelfed among them, parse
+* `attachment` as a plain JSON array rather than a JSON-LD property and reject
+* otherwise valid objects whose single attachment is emitted as a scalar.
+*
+* When no `contextLoader` is supplied, the helper falls back to a restricted
+* loader that resolves only Fedify's preloaded JSON-LD contexts and rejects
+* every other URL without network access.  Documents with custom, inline, or
+* otherwise uncached contexts should pass a real `contextLoader` if they need
+* the semantic-preservation check to succeed; otherwise canonicalization
+* failures leave the original document unchanged.
+*/
+async function normalizeAttachmentArrays(jsonLd, contextLoader) {
+	const normalized = wrapScalarAttachments(jsonLd);
+	if (normalized === jsonLd) return jsonLd;
+	if (exceedsTraversalDepth(jsonLd)) {
+		logger$1.debug("Skipping attachment array normalization because the JSON-LD document exceeds the safe traversal depth; leaving it unchanged.");
+		return jsonLd;
+	}
+	if (hasKnownSafeContext(jsonLd)) return normalized;
+	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
+	try {
+		const [before, after] = await Promise.all([_fedify_vocab_runtime_jsonld.default.canonize(jsonLd, {
+			format: "application/n-quads",
+			documentLoader: loader
+		}), _fedify_vocab_runtime_jsonld.default.canonize(normalized, {
+			format: "application/n-quads",
+			documentLoader: loader
+		})]);
+		if (before === after) return normalized;
+		logger$1.warn("Wrapping scalar attachment values in arrays would change the canonical form of the JSON-LD document; leaving it unchanged.  This usually means the active JSON-LD context redefines the `attachment` term.  Document: {id}; type: {type}; context: {context}.", getLogSafeJsonLdMetadata(jsonLd));
+	} catch (error) {
+		logger$1.debug("Failed to verify attachment array normalization equivalence via JSON-LD canonicalization; leaving the JSON-LD document unchanged.\n{error}", { error });
+	}
+	return jsonLd;
+}
+/**
+* Applies Fedify's internal JSON-LD wire-format interoperability workarounds
+* to locally generated outgoing activities before they are signed, enqueued,
+* or sent.
+*/
+async function normalizeOutgoingActivityJsonLd(jsonLd, contextLoader) {
+	jsonLd = await normalizePublicAudience(jsonLd, contextLoader);
+	return await normalizeAttachmentArrays(jsonLd, contextLoader);
+}
+//#endregion
 //#region src/sig/proof.ts
 const logger = (0, _logtape_logtape.getLogger)([
 	"fedify",
@@ -437,11 +816,12 @@ function hasProofLike(jsonLd) {
 async function createProof(object, privateKey, keyId, { contextLoader, context, created } = {}) {
 	require_http.validateCryptoKey(privateKey, "private");
 	if (privateKey.algorithm.name !== "Ed25519") throw new TypeError("Unsupported algorithm: " + privateKey.algorithm.name);
-	const compactMsg = await object.clone({ proofs: [] }).toJsonLd({
+	let compactMsg = await object.clone({ proofs: [] }).toJsonLd({
 		format: "compact",
 		contextLoader,
 		context
 	});
+	compactMsg = await normalizeOutgoingActivityJsonLd(compactMsg, contextLoader);
 	const msgCanon = (0, json_canon.default)(compactMsg);
 	const encoder = new TextEncoder();
 	const msgBytes = encoder.encode(msgCanon);
@@ -536,27 +916,22 @@ async function verifyProof(jsonLd, proof, options = {}) {
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
-	if (typeof jsonLd !== "object" || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
+	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
 	const publicKeyPromise = require_http.fetchKey(proof.verificationMethodId, _fedify_vocab.Multikey, options);
-	const proofCanon = (0, json_canon.default)({
+	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
 		cryptosuite: proof.cryptosuite,
 		verificationMethod: proof.verificationMethodId.href,
 		proofPurpose: proof.proofPurpose,
 		created: proof.created.toString()
-	});
+	};
 	const encoder = new TextEncoder();
-	const proofBytes = encoder.encode(proofCanon);
+	const proofBytes = encoder.encode((0, json_canon.default)(proofConfig));
 	const proofDigest = await crypto.subtle.digest("SHA-256", proofBytes);
 	const msg = { ...jsonLd };
 	if ("proof" in msg) delete msg.proof;
-	const msgCanon = (0, json_canon.default)(msg);
-	const msgBytes = encoder.encode(msgCanon);
-	const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
-	const digest = new Uint8Array(proofDigest.byteLength + msgDigest.byteLength);
-	digest.set(new Uint8Array(proofDigest), 0);
-	digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+	if ("https://w3id.org/security#proof" in msg) delete msg["https://w3id.org/security#proof"];
 	let fetchedKey;
 	try {
 		fetchedKey = await publicKeyPromise;
@@ -585,7 +960,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			return await verifyProof(jsonLd, proof, {
 				...options,
 				keyCache: {
-					get: () => Promise.resolve(null),
+					get: () => Promise.resolve(void 0),
 					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
 				}
 			});
@@ -596,27 +971,36 @@ async function verifyProofInternal(jsonLd, proof, options) {
 		});
 		return null;
 	}
-	if (!await crypto.subtle.verify("Ed25519", publicKey.publicKey, proof.proofValue.slice(), digest)) {
-		if (fetchedKey.cached) {
-			logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
-				keyId: proof.verificationMethodId.href,
-				proof
-			});
-			return await verifyProof(jsonLd, proof, {
-				...options,
-				keyCache: {
-					get: () => Promise.resolve(void 0),
-					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
-				}
-			});
-		}
-		logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+	const digest = new Uint8Array(proofDigest.byteLength + 32);
+	digest.set(new Uint8Array(proofDigest), 0);
+	const proofValue = proof.proofValue;
+	const verifyCandidate = async (candidate) => {
+		const msgBytes = encoder.encode((0, json_canon.default)(candidate));
+		const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
+		digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+		return await crypto.subtle.verify("Ed25519", publicKey.publicKey, proofValue.slice(), digest);
+	};
+	if (await verifyCandidate(msg)) return publicKey;
+	const normalized = await normalizeOutgoingActivityJsonLd(msg, preloadedOnlyDocumentLoader);
+	if (normalized !== msg && await verifyCandidate(normalized)) return publicKey;
+	if (fetchedKey.cached) {
+		logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return null;
+		return await verifyProof(jsonLd, proof, {
+			...options,
+			keyCache: {
+				get: () => Promise.resolve(void 0),
+				set: async (keyId, key) => await options.keyCache?.set(keyId, key)
+			}
+		});
 	}
-	return publicKey;
+	logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+		keyId: proof.verificationMethodId.href,
+		proof
+	});
+	return null;
 }
 /**
 * Verifies the given object.  It will verify all the proofs in the object,
@@ -705,6 +1089,12 @@ Object.defineProperty(exports, "hasSignatureLike", {
 		return hasSignatureLike;
 	}
 });
+Object.defineProperty(exports, "normalizeOutgoingActivityJsonLd", {
+	enumerable: true,
+	get: function() {
+		return normalizeOutgoingActivityJsonLd;
+	}
+});
 Object.defineProperty(exports, "signJsonLd", {
 	enumerable: true,
 	get: function() {