@fedify/fedify 2.2.0-pr.715.28 → 2.2.0-pr.731.34

package/dist/{proof-Ds3T1-sE.mjs → proof-DC69vtxY.mjs}

@@ -1,8 +1,10 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-CjZGHpS5.mjs";
-import { n as fetchKey, o as validateCryptoKey } from "./key-CMhIdO1-.mjs";
+import { n as version, t as name } from "./deno-BYRjHaeb.mjs";
+import { n as fetchKey, o as validateCryptoKey } from "./key-cK-YTNKa.mjs";
+import { n as preloadedOnlyDocumentLoader } from "./public-audience-DYFHzm_c.mjs";
+import { r as normalizeOutgoingActivityJsonLd } from "./outgoing-jsonld-CNmZLixq.mjs";
 import { Activity, DataIntegrityProof, Multikey, getTypeId } from "@fedify/vocab";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { getLogger } from "@logtape/logtape";
@@ -56,11 +58,12 @@ function hasProofLike(jsonLd) {
 async function createProof(object, privateKey, keyId, { contextLoader, context, created } = {}) {
 	validateCryptoKey(privateKey, "private");
 	if (privateKey.algorithm.name !== "Ed25519") throw new TypeError("Unsupported algorithm: " + privateKey.algorithm.name);
-	const compactMsg = await object.clone({ proofs: [] }).toJsonLd({
+	let compactMsg = await object.clone({ proofs: [] }).toJsonLd({
 		format: "compact",
 		contextLoader,
 		context
 	});
+	compactMsg = await normalizeOutgoingActivityJsonLd(compactMsg, contextLoader);
 	const msgCanon = serialize(compactMsg);
 	const encoder = new TextEncoder();
 	const msgBytes = encoder.encode(msgCanon);
@@ -155,27 +158,22 @@ async function verifyProof(jsonLd, proof, options = {}) {
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
-	if (typeof jsonLd !== "object" || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
+	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
 	const publicKeyPromise = fetchKey(proof.verificationMethodId, Multikey, options);
-	const proofCanon = serialize({
+	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
 		cryptosuite: proof.cryptosuite,
 		verificationMethod: proof.verificationMethodId.href,
 		proofPurpose: proof.proofPurpose,
 		created: proof.created.toString()
-	});
+	};
 	const encoder = new TextEncoder();
-	const proofBytes = encoder.encode(proofCanon);
+	const proofBytes = encoder.encode(serialize(proofConfig));
 	const proofDigest = await crypto.subtle.digest("SHA-256", proofBytes);
 	const msg = { ...jsonLd };
 	if ("proof" in msg) delete msg.proof;
-	const msgCanon = serialize(msg);
-	const msgBytes = encoder.encode(msgCanon);
-	const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
-	const digest = new Uint8Array(proofDigest.byteLength + msgDigest.byteLength);
-	digest.set(new Uint8Array(proofDigest), 0);
-	digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+	if ("https://w3id.org/security#proof" in msg) delete msg["https://w3id.org/security#proof"];
 	let fetchedKey;
 	try {
 		fetchedKey = await publicKeyPromise;
@@ -204,7 +202,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			return await verifyProof(jsonLd, proof, {
 				...options,
 				keyCache: {
-					get: () => Promise.resolve(null),
+					get: () => Promise.resolve(void 0),
 					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
 				}
 			});
@@ -215,27 +213,36 @@ async function verifyProofInternal(jsonLd, proof, options) {
 		});
 		return null;
 	}
-	if (!await crypto.subtle.verify("Ed25519", publicKey.publicKey, proof.proofValue.slice(), digest)) {
-		if (fetchedKey.cached) {
-			logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
-				keyId: proof.verificationMethodId.href,
-				proof
-			});
-			return await verifyProof(jsonLd, proof, {
-				...options,
-				keyCache: {
-					get: () => Promise.resolve(void 0),
-					set: async (keyId, key) => await options.keyCache?.set(keyId, key)
-				}
-			});
-		}
-		logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+	const digest = new Uint8Array(proofDigest.byteLength + 32);
+	digest.set(new Uint8Array(proofDigest), 0);
+	const proofValue = proof.proofValue;
+	const verifyCandidate = async (candidate) => {
+		const msgBytes = encoder.encode(serialize(candidate));
+		const msgDigest = await crypto.subtle.digest("SHA-256", msgBytes);
+		digest.set(new Uint8Array(msgDigest), proofDigest.byteLength);
+		return await crypto.subtle.verify("Ed25519", publicKey.publicKey, proofValue.slice(), digest);
+	};
+	if (await verifyCandidate(msg)) return publicKey;
+	const normalized = await normalizeOutgoingActivityJsonLd(msg, preloadedOnlyDocumentLoader);
+	if (normalized !== msg && await verifyCandidate(normalized)) return publicKey;
+	if (fetchedKey.cached) {
+		logger.debug("Failed to verify the proof with the cached key {keyId}; retrying with the freshly fetched key...", {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return null;
+		return await verifyProof(jsonLd, proof, {
+			...options,
+			keyCache: {
+				get: () => Promise.resolve(void 0),
+				set: async (keyId, key) => await options.keyCache?.set(keyId, key)
+			}
+		});
 	}
-	return publicKey;
+	logger.debug("Failed to verify the proof with the fetched key {keyId}:\n{proof}", {
+		keyId: proof.verificationMethodId.href,
+		proof
+	});
+	return null;
 }
 /**
 * Verifies the given object.  It will verify all the proofs in the object,

package/dist/public-audience-DYFHzm_c.mjs

@@ -0,0 +1,192 @@
+import "@js-temporal/polyfill";
+import "urlpattern-polyfill";
+globalThis.addEventListener = () => {};
+import { PUBLIC_COLLECTION } from "@fedify/vocab";
+import { preloadedContexts } from "@fedify/vocab-runtime";
+import { getLogger } from "@logtape/logtape";
+import jsonld from "@fedify/vocab-runtime/jsonld";
+//#region src/compat/preloaded-context-loader.ts
+/**
+* A restricted JSON-LD document loader that resolves only contexts bundled
+* with Fedify.
+*
+* This is intentionally narrower than `getDocumentLoader()`: normalization
+* helpers are also reached from verification paths that operate on inbound,
+* attacker-controlled JSON-LD, so the default fallback must never fetch
+* attacker-supplied context URLs.
+*/
+const preloadedOnlyDocumentLoader = (url) => {
+	if (Object.hasOwn(preloadedContexts, url)) return Promise.resolve({
+		contextUrl: null,
+		documentUrl: url,
+		document: preloadedContexts[url]
+	});
+	return Promise.reject(/* @__PURE__ */ new Error("Refusing to fetch a non-preloaded JSON-LD context: " + url));
+};
+//#endregion
+//#region src/compat/public-audience.ts
+const logger = getLogger([
+	"fedify",
+	"compat",
+	"public-audience"
+]);
+const PUBLIC_ADDRESSING_FIELDS = new Set([
+	"to",
+	"cc",
+	"bto",
+	"bcc",
+	"audience"
+]);
+const AS_CONTEXT_URL = "https://www.w3.org/ns/activitystreams";
+const MAX_TRAVERSAL_DEPTH = 64;
+const KNOWN_SAFE_CONTEXT_URLS = new Set(Object.keys(preloadedContexts));
+function hasPublicCurieInAddressing(value, parentKey, depth = 0) {
+	if (typeof value === "string") return parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public");
+	if (depth >= MAX_TRAVERSAL_DEPTH) return false;
+	if (Array.isArray(value)) return value.some((item) => hasPublicCurieInAddressing(item, parentKey, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasPublicCurieInAddressing(record[key], key, depth + 1)) return true;
+	}
+	return false;
+}
+function rewritePublicAudience(value, parentKey, depth = 0) {
+	if (typeof value === "string" && parentKey != null && PUBLIC_ADDRESSING_FIELDS.has(parentKey) && (value === "as:Public" || value === "Public")) return PUBLIC_COLLECTION.href;
+	if (depth >= MAX_TRAVERSAL_DEPTH) return value;
+	if (Array.isArray(value)) {
+		let changed = false;
+		const mapped = value.map((item) => {
+			const rewritten = rewritePublicAudience(item, parentKey, depth + 1);
+			if (rewritten !== item) changed = true;
+			return rewritten;
+		});
+		return changed ? mapped : value;
+	}
+	if (typeof value !== "object" || value == null) return value;
+	const record = value;
+	let changed = false;
+	const normalized = Object.create(null);
+	for (const key of Object.keys(record)) {
+		const rewritten = key === "@context" ? record[key] : rewritePublicAudience(record[key], key, depth + 1);
+		if (rewritten !== record[key]) changed = true;
+		normalized[key] = rewritten;
+	}
+	return changed ? normalized : value;
+}
+/**
+* Reports whether `value` carries an `@context` property anywhere inside
+* its subtree (not counting the value itself).  A nested `@context` can
+* introduce a local term-definition scope that redefines `as:` or `Public`
+* even when the top-level `@context` is safe, so the fast path must defer
+* to the URDNA2015 equivalence check whenever one is present.
+*/
+function hasNestedContext(value, depth = 0) {
+	if (depth >= MAX_TRAVERSAL_DEPTH) return true;
+	if (Array.isArray(value)) return value.some((item) => hasNestedContext(item, depth + 1));
+	if (typeof value !== "object" || value == null) return false;
+	const record = value;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") return true;
+		if (hasNestedContext(record[key], depth + 1)) return true;
+	}
+	return false;
+}
+/**
+* Checks whether the `@context` of a JSON-LD document is guaranteed not
+* to redefine the `as:` prefix or the bare `Public` term.  Only documents
+* whose `@context` is a string, or an array of strings, drawn from Fedify's
+* preloaded context set AND including the ActivityStreams URL qualify,
+* AND no nested subtree carries its own `@context` that might redefine
+* those terms within a local scope.  When all of that holds the rewrite
+* is provably semantics-preserving and the URDNA2015 equivalence check
+* can be skipped.  Any other shape (unknown external URLs, inline
+* objects at the top level, nested `@context` blocks) is treated as
+* potentially unsafe.
+*/
+function hasKnownSafeContext(jsonLd) {
+	if (typeof jsonLd !== "object" || jsonLd == null) return false;
+	const record = jsonLd;
+	if (!Object.hasOwn(record, "@context")) return false;
+	const ctx = record["@context"];
+	const entries = typeof ctx === "string" ? [ctx] : Array.isArray(ctx) ? ctx : null;
+	if (entries == null || entries.length === 0) return false;
+	let hasAs = false;
+	for (const entry of entries) {
+		if (typeof entry !== "string") return false;
+		if (!KNOWN_SAFE_CONTEXT_URLS.has(entry)) return false;
+		if (entry === AS_CONTEXT_URL) hasAs = true;
+	}
+	if (!hasAs) return false;
+	for (const key of Object.keys(record)) {
+		if (key === "@context") continue;
+		if (hasNestedContext(record[key])) return false;
+	}
+	return true;
+}
+/**
+* Rewrites the compact `as:Public` / `Public` CURIE appearing in activity
+* addressing fields (`to`, `cc`, `bto`, `bcc`, `audience`) to the fully
+* expanded `https://www.w3.org/ns/activitystreams#Public` URI.
+*
+* Several ActivityPub implementations, Lemmy among them, match these
+* fields as plain URLs without running JSON-LD expansion, and silently
+* drop activities whose public addressing appears in CURIE form.  This
+* helper works around that gap.
+*
+* For documents whose `@context` is drawn entirely from Fedify's
+* preloaded context set and includes the ActivityStreams URL, the
+* rewrite is applied directly: the content of every preloaded non-AS
+* context is known not to redefine the `as:` prefix or the bare `Public`
+* term, so the semantics are preserved by construction.  Any other
+* shape (an inline object, an unknown external URL, and so on) is
+* treated as potentially unsafe and gated on a JSON-LD equivalence
+* check; both forms are canonicalized with URDNA2015 and the resulting
+* N-Quads are compared.  When they differ, the original document is
+* returned unchanged.  Canonicalization failures also fall back to the
+* original document.
+*
+* When no `contextLoader` is supplied the helper falls back to an
+* internal loader that resolves only the URLs in Fedify's
+* preloaded-contexts set and rejects every other URL without issuing a
+* network request.  That behaviour is deliberately narrower than
+* `@fedify/vocab-runtime`'s `getDocumentLoader()`, which after its
+* `validatePublicUrl` check will happily fetch non-preloaded URLs: the
+* helper is reached from verification paths (`verifyProof()` /
+* `verifyObject()`) that operate on inbound, potentially adversarial
+* JSON-LD, and a default loader that fetches attacker-supplied
+* `@context` URLs on the caller's behalf would be an SSRF vector.
+* Canonicalization failures against the restricted loader fall back to
+* the original document, same as any other canonicalization error.
+* Callers that genuinely need the remote-fetch loader (for example
+* applications that sign local JSON-LD against a custom vocabulary)
+* should pass a `contextLoader` explicitly.
+*
+* Must be called before any signing step that canonicalizes the
+* compact form byte-for-byte (for example, Object Integrity Proofs
+* using the `eddsa-jcs-2022` cryptosuite), so the signed payload
+* matches what is sent on the wire.
+*/
+async function normalizePublicAudience(jsonLd, contextLoader) {
+	if (!hasPublicCurieInAddressing(jsonLd)) return jsonLd;
+	const normalized = rewritePublicAudience(jsonLd);
+	if (hasKnownSafeContext(jsonLd)) return normalized;
+	const loader = contextLoader ?? preloadedOnlyDocumentLoader;
+	try {
+		const [before, after] = await Promise.all([jsonld.canonize(jsonLd, {
+			format: "application/n-quads",
+			documentLoader: loader
+		}), jsonld.canonize(normalized, {
+			format: "application/n-quads",
+			documentLoader: loader
+		})]);
+		if (before === after) return normalized;
+		logger.warn("Expanding the public audience CURIE to its full URI would change the canonical form of the activity; sending the activity as is.  This usually means the active JSON-LD context redefines the `as:` prefix or the bare `Public` term.");
+	} catch (error) {
+		logger.debug("Failed to verify public audience normalization equivalence via JSON-LD canonicalization; sending the activity as is.\n{error}", { error });
+	}
+	return jsonLd;
+}
+//#endregion
+export { preloadedOnlyDocumentLoader as n, normalizePublicAudience as t };

package/dist/{send-TicMA6nJ.mjs → send-BBRG1CKC.mjs}

@@ -1,8 +1,8 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-CjZGHpS5.mjs";
-import { n as doubleKnock } from "./http-9zjtsC0n.mjs";
+import { n as version, t as name } from "./deno-BYRjHaeb.mjs";
+import { n as doubleKnock } from "./http-BrVfkREl.mjs";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
 import { getLogger } from "@logtape/logtape";
 //#region src/federation/send.ts

package/dist/sig/accept.test.mjs

@@ -1,7 +1,7 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { i as validateAcceptSignature, n as fulfillAcceptSignature, r as parseAcceptSignature, t as formatAcceptSignature } from "../accept-Dd__NiUL.mjs";
+import { i as validateAcceptSignature, n as fulfillAcceptSignature, r as parseAcceptSignature, t as formatAcceptSignature } from "../accept-CPkZzmGN.mjs";
 import { test } from "@fedify/fixture";
 import { deepStrictEqual, strictEqual } from "node:assert/strict";
 //#region src/sig/accept.test.ts

package/dist/sig/http.test.mjs

@@ -3,13 +3,13 @@ import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
 import { t as esm_default } from "../esm-DVILvP5e.mjs";
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
-import { a as assertExists, t as assertStringIncludes } from "../std__assert-Duiq_YC9.mjs";
+import { i as assertExists, t as assertStringIncludes } from "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
-import { t as assert } from "../assert-ddO5KLpe.mjs";
-import { t as exportJwk } from "../key-CMhIdO1-.mjs";
-import { a as parseRfc9421Signature, c as timingSafeEqual, i as formatRfc9421SignatureParameters, l as verifyRequest, n as doubleKnock, o as parseRfc9421SignatureInput, r as formatRfc9421Signature, s as signRequest, t as createRfc9421SignatureBase, u as verifyRequestDetailed } from "../http-9zjtsC0n.mjs";
-import { i as rsaPrivateKey2, l as rsaPublicKey5, o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-BAK-tUlf.mjs";
+import { t as assert } from "../assert-DikXweDx.mjs";
+import { t as exportJwk } from "../key-cK-YTNKa.mjs";
+import { a as parseRfc9421Signature, c as timingSafeEqual, i as formatRfc9421SignatureParameters, l as verifyRequest, n as doubleKnock, o as parseRfc9421SignatureInput, r as formatRfc9421Signature, s as signRequest, t as createRfc9421SignatureBase, u as verifyRequestDetailed } from "../http-BrVfkREl.mjs";
+import { i as rsaPrivateKey2, l as rsaPublicKey5, o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-DGu1NFwu.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { FetchError, exportSpki } from "@fedify/vocab-runtime";
 import { encodeBase64 } from "byte-encodings/base64";

package/dist/sig/key.test.mjs

@@ -2,11 +2,11 @@ import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
-import "../std__assert-Duiq_YC9.mjs";
+import "../std__assert-CRDpx_HF.mjs";
 import { t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
-import { a as importJwk, i as generateCryptoKeyPair, n as fetchKey, o as validateCryptoKey, r as fetchKeyDetailed, t as exportJwk } from "../key-CMhIdO1-.mjs";
-import { c as rsaPublicKey3, i as rsaPrivateKey2, o as rsaPublicKey1, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-BAK-tUlf.mjs";
+import { a as importJwk, i as generateCryptoKeyPair, n as fetchKey, o as validateCryptoKey, r as fetchKeyDetailed, t as exportJwk } from "../key-cK-YTNKa.mjs";
+import { c as rsaPublicKey3, i as rsaPrivateKey2, o as rsaPublicKey1, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { CryptographicKey, Multikey } from "@fedify/vocab";
 import { FetchError } from "@fedify/vocab-runtime";

package/dist/sig/ld.test.mjs

@@ -4,10 +4,10 @@ globalThis.addEventListener = () => {};
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertThrows } from "../assert_throws-4NwKEy2q.mjs";
-import { t as assert } from "../assert-ddO5KLpe.mjs";
-import { i as generateCryptoKeyPair } from "../key-CMhIdO1-.mjs";
-import { a as rsaPrivateKey3, c as rsaPublicKey3, i as rsaPrivateKey2, n as ed25519PrivateKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-BAK-tUlf.mjs";
-import { a as signJsonLd, i as hasSignatureLike, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-BH-6muxq.mjs";
+import { t as assert } from "../assert-DikXweDx.mjs";
+import { i as generateCryptoKeyPair } from "../key-cK-YTNKa.mjs";
+import { a as rsaPrivateKey3, c as rsaPublicKey3, i as rsaPrivateKey2, n as ed25519PrivateKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
+import { a as signJsonLd, i as hasSignatureLike, n as createSignature, o as verifyJsonLd, r as detachSignature, s as verifySignature, t as attachSignature } from "../ld-SXDkzuUo.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
 import { CryptographicKey } from "@fedify/vocab";
 import { encodeBase64 } from "byte-encodings/base64";

package/dist/sig/mod.cjs

@@ -1,8 +1,8 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const require_http = require("../http-Wm7tvhRa.cjs");
-const require_proof = require("../proof-D-HuDCQe.cjs");
+const require_http = require("../http-H-4FzBb3.cjs");
+const require_proof = require("../proof-CFERN43j.cjs");
 exports.attachSignature = require_proof.attachSignature;
 exports.createProof = require_proof.createProof;
 exports.createSignature = require_proof.createSignature;

package/dist/sig/mod.js

@@ -1,5 +1,5 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
-import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-C8puyZ4Z.js";
-import { a as verifyProof, c as attachSignature, d as hasSignatureLike, f as signJsonLd, i as verifyObject, l as createSignature, m as verifySignature, n as hasProofLike, o as doesActorOwnKey, p as verifyJsonLd, r as signObject, s as getKeyOwner, t as createProof, u as detachSignature } from "../proof-jHDv7IKD.js";
+import { a as verifyRequestDetailed, c as fetchKeyDetailed, f as formatAcceptSignature, h as validateAcceptSignature, i as verifyRequest, l as generateCryptoKeyPair, m as parseAcceptSignature, o as exportJwk, p as fulfillAcceptSignature, r as signRequest, s as fetchKey, u as importJwk } from "../http-pZce7PcA.js";
+import { a as verifyProof, c as getKeyOwner, d as detachSignature, f as hasSignatureLike, h as verifySignature, i as verifyObject, l as attachSignature, m as verifyJsonLd, n as hasProofLike, p as signJsonLd, r as signObject, s as doesActorOwnKey, t as createProof, u as createSignature } from "../proof-BJrEACyu.js";
 export { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, formatAcceptSignature, fulfillAcceptSignature, generateCryptoKeyPair, getKeyOwner, hasProofLike, hasSignatureLike, importJwk, parseAcceptSignature, signJsonLd, signObject, signRequest, validateAcceptSignature, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/sig/owner.test.mjs

@@ -2,11 +2,11 @@ import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
-import "../std__assert-Duiq_YC9.mjs";
+import "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse } from "../assert_rejects-B-qJtC9Z.mjs";
-import { t as assert } from "../assert-ddO5KLpe.mjs";
-import { o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-BAK-tUlf.mjs";
-import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-CE5FwvNR.mjs";
+import { t as assert } from "../assert-DikXweDx.mjs";
+import { o as rsaPublicKey1, s as rsaPublicKey2 } from "../keys-DGu1NFwu.mjs";
+import { n as getKeyOwner, t as doesActorOwnKey } from "../owner-Cudh-ej0.mjs";
 import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
 import { Create, CryptographicKey, lookupObject } from "@fedify/vocab";
 //#region src/sig/owner.test.ts

package/dist/sig/proof.test.mjs

@@ -2,14 +2,15 @@ import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
 import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
-import "../std__assert-Duiq_YC9.mjs";
+import "../std__assert-CRDpx_HF.mjs";
 import { n as assertFalse, t as assertRejects } from "../assert_rejects-B-qJtC9Z.mjs";
 import { t as assertInstanceOf } from "../assert_instance_of-C4Ri6VuN.mjs";
-import { t as assert } from "../assert-ddO5KLpe.mjs";
-import { i as rsaPrivateKey2, n as ed25519PrivateKey, r as ed25519PublicKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-BAK-tUlf.mjs";
-import { a as verifyProof, i as verifyObject, n as hasProofLike, r as signObject, t as createProof } from "../proof-Ds3T1-sE.mjs";
+import { t as assert } from "../assert-DikXweDx.mjs";
+import { i as rsaPrivateKey2, n as ed25519PrivateKey, r as ed25519PublicKey, s as rsaPublicKey2, t as ed25519Multikey } from "../keys-DGu1NFwu.mjs";
+import { r as normalizeOutgoingActivityJsonLd } from "../outgoing-jsonld-CNmZLixq.mjs";
+import { a as verifyProof, i as verifyObject, n as hasProofLike, r as signObject, t as createProof } from "../proof-DC69vtxY.mjs";
 import { mockDocumentLoader, test } from "@fedify/fixture";
-import { Create, DataIntegrityProof, Multikey, Note, Place } from "@fedify/vocab";
+import { Create, DataIntegrityProof, Document, Multikey, Note, PUBLIC_COLLECTION, Place } from "@fedify/vocab";
 import { decodeMultibase, importMultibaseKey } from "@fedify/vocab-runtime";
 import { decodeHex } from "byte-encodings/hex";
 //#region src/sig/proof.test.ts
@@ -151,6 +152,47 @@ test("signObject()", async () => {
 		created,
 		contextLoader: mockDocumentLoader
 	}), TypeError, "Unsupported algorithm");
+	const signed = await signObject(new Create({
+		id: new URL("https://server.example/activities/2"),
+		actor: new URL("https://server.example/users/alice"),
+		object: new Note({
+			id: new URL("https://server.example/objects/2"),
+			attribution: new URL("https://server.example/users/alice"),
+			content: "Hello public",
+			attachments: [new Document({
+				mediaType: "image/png",
+				url: new URL("https://server.example/objects/2/image.png")
+			})]
+		}),
+		tos: [PUBLIC_COLLECTION]
+	}), fep8b32TestVectorPrivateKey, fep8b32TestVectorKeyId, {
+		...options,
+		created
+	});
+	const [proof] = await Array.fromAsync(signed.getProofs(options));
+	assertInstanceOf(proof, DataIntegrityProof);
+	const signedJson = await normalizeOutgoingActivityJsonLd(await signed.toJsonLd(options), mockDocumentLoader);
+	assertEquals(signedJson.to, PUBLIC_COLLECTION.href);
+	const signedJsonObject = signedJson.object;
+	assertEquals(Array.isArray(signedJsonObject.attachment), true);
+	const verifyCache = {};
+	const verifyOptions = {
+		contextLoader: mockDocumentLoader,
+		documentLoader: mockDocumentLoader,
+		keyCache: {
+			get: (keyId) => Promise.resolve(verifyCache[keyId.href]),
+			set: (keyId, key) => {
+				verifyCache[keyId.href] = key;
+				return Promise.resolve();
+			}
+		}
+	};
+	assertInstanceOf(await verifyProof(signedJson, proof, verifyOptions), Multikey);
+	const signedJsonWithCurie = await signed.toJsonLd(options);
+	assertEquals(signedJsonWithCurie.to, "as:Public");
+	const signedJsonWithCurieObject = signedJsonWithCurie.object;
+	assertEquals(Array.isArray(signedJsonWithCurieObject.attachment), false);
+	assertInstanceOf(await verifyProof(signedJsonWithCurie, proof, verifyOptions), Multikey);
 });
 test("hasProofLike()", () => {
 	assert(hasProofLike({ proof: {
@@ -252,6 +294,37 @@ test("verifyProof()", async () => {
 		}
 	}, proof, options), null);
 	assertEquals(await verifyProof(jsonLd, proof.clone({ created: Temporal.Now.instant() }), options), null);
+	assertEquals(await verifyProof({
+		...jsonLd,
+		"https://w3id.org/security#proof": {
+			"@type": ["https://w3id.org/security#DataIntegrityProof"],
+			"https://w3id.org/security#proofValue": [{ "@value": "stale" }]
+		}
+	}, proof, options), expectedKey);
+	assertEquals(await verifyProof([jsonLd], proof, options), null);
+	const attackerInput = {
+		"@context": ["https://www.w3.org/ns/activitystreams", "https://attacker.example/ctx"],
+		id: "https://server.example/activities/attacker",
+		type: "Create",
+		actor: "https://server.example/users/alice",
+		object: {
+			id: "https://server.example/objects/attacker",
+			type: "Note",
+			attributedTo: "https://server.example/users/alice",
+			content: "n/a",
+			to: "as:Public"
+		}
+	};
+	const contextLoaderCalls = [];
+	assertEquals(await verifyProof(attackerInput, proof, {
+		contextLoader: async (url) => {
+			contextLoaderCalls.push(url);
+			return await mockDocumentLoader(url);
+		},
+		documentLoader: mockDocumentLoader,
+		keyCache: options.keyCache
+	}), null);
+	assertFalse(contextLoaderCalls.includes("https://attacker.example/ctx"));
 });
 test("verifyObject()", async () => {
 	const options = {

package/dist/{std__assert-Duiq_YC9.mjs → std__assert-CRDpx_HF.mjs}

@@ -1,9 +1,10 @@
 import "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { a as red, i as buildMessage, l as AssertionError, n as diffStr, r as diff, s as format } from "./assert_equals-Ew3jOFa3.mjs";
+import { l as AssertionError, s as format } from "./assert_equals-Ew3jOFa3.mjs";
 import "./assert_rejects-B-qJtC9Z.mjs";
 import "./assert_throws-4NwKEy2q.mjs";
+import "./assert_strict_equals-Dmjbg-bA.mjs";
 //#region ../../node_modules/.pnpm/@jsr+std__assert@0.226.0/node_modules/@jsr/std__assert/assert_exists.js
 /**
 * Make an assertion that actual is not null or undefined.
@@ -77,42 +78,6 @@ import "./assert_throws-4NwKEy2q.mjs";
 	throw new AssertionError(msg ?? `Expect ${actualString} > ${expectedString}`);
 }
 //#endregion
-//#region ../../node_modules/.pnpm/@jsr+std__assert@0.226.0/node_modules/@jsr/std__assert/assert_strict_equals.js
-/**
-* Make an assertion that `actual` and `expected` are equal using
-* {@linkcode Object.is} for equality comparison. If not, then throw.
-*
-* @example Usage
-* ```ts no-eval
-* import { assertStrictEquals } from "@std/assert/assert-strict-equals";
-*
-* const a = {};
-* const b = a;
-* assertStrictEquals(a, b); // Doesn't throw
-*
-* const c = {};
-* const d = {};
-* assertStrictEquals(c, d); // Throws
-* ```
-*
-* @typeParam T The type of the expected value.
-* @param actual The actual value to compare.
-* @param expected The expected value to compare.
-* @param msg The optional message to display if the assertion fails.
-*/ function assertStrictEquals(actual, expected, msg) {
-	if (Object.is(actual, expected)) return;
-	const msgSuffix = msg ? `: ${msg}` : ".";
-	let message;
-	const actualString = format(actual);
-	const expectedString = format(expected);
-	if (actualString === expectedString) message = `Values have the same structure but are not reference-equal${msgSuffix}\n\n${red(actualString.split("\n").map((l) => `    ${l}`).join("\n"))}\n`;
-	else {
-		const stringDiff = typeof actual === "string" && typeof expected === "string";
-		message = `Values are not strictly equal${msgSuffix}\n${buildMessage(stringDiff ? diffStr(actual, expected) : diff(actualString.split("\n"), expectedString.split("\n")), { stringDiff }).join("\n")}`;
-	}
-	throw new AssertionError(message);
-}
-//#endregion
 //#region ../../node_modules/.pnpm/@jsr+std__assert@0.226.0/node_modules/@jsr/std__assert/assert_string_includes.js
 /**
 * Make an assertion that actual includes expected. If not
@@ -136,4 +101,4 @@ import "./assert_throws-4NwKEy2q.mjs";
 	}
 }
 //#endregion
-export { assertExists as a, assertGreaterOrEqual as i, assertStrictEquals as n, assertGreater as r, assertStringIncludes as t };
+export { assertExists as i, assertGreater as n, assertGreaterOrEqual as r, assertStringIncludes as t };

package/dist/testing/mod.d.mts

@@ -584,6 +584,15 @@ interface FanoutMessage {
   readonly activityType: string;
   readonly collectionSync?: string;
   readonly orderingKey?: string;
+  /**
+   * Whether to apply outgoing JSON-LD wire-format normalization to queued
+   * activities that already carry Object Integrity Proofs.
+   *
+   * `true` is used for proofs Fedify created before fanout, or when callers
+   * explicitly request normalization for locally pre-signed activities.
+   * `false`/`undefined` preserves existing proofs as-is.
+   */
+  readonly normalizeExistingProofs?: boolean;
   readonly traceContext: Readonly<Record<string, string>>;
 }
 interface OutboxMessage {
@@ -2215,6 +2224,19 @@ interface SendActivityOptions {
    * @since 1.5.0
    */
   readonly fanout?: "auto" | "skip" | "force";
+  /**
+   * Whether to apply Fedify's outgoing JSON-LD wire-format compatibility fixes
+   * to activities that already carry Object Integrity Proofs.
+   *
+   * By default, Fedify preserves existing proofs byte-for-byte because it
+   * cannot know whether they were created for the normalized outgoing wire
+   * form.  Set this to `true` when sending an activity that was pre-signed
+   * locally with `signObject()` or `createProof()`, so the emitted
+   * compact JSON-LD matches the bytes covered by the proof.
+   *
+   * @since 2.2.0
+   */
+  readonly normalizeExistingProofs?: boolean;
   /**
    * The base URIs to exclude from the recipients' inboxes.  It is useful
    * for excluding the recipients having the same shared inbox with the sender.