@fedify/fedify 2.3.0-dev.1110 → 2.3.0-dev.1119

package/dist/{proof-BD92WeqV.cjs → proof-BUWfVr6Q.cjs}

@@ -1,7 +1,7 @@
 const { Temporal } = require("@js-temporal/polyfill");
 const { URLPattern } = require("urlpattern-polyfill");
 const require_chunk = require("./chunk-DDcVe30Y.cjs");
-const require_http = require("./http-DV0il3vk.cjs");
+const require_http = require("./http-CubOB9wq.cjs");
 let _logtape_logtape = require("@logtape/logtape");
 let _fedify_vocab = require("@fedify/vocab");
 let _opentelemetry_api = require("@opentelemetry/api");
@@ -148,6 +148,17 @@ function detachSignature(jsonLd) {
 }
 /**
 * Verifies Linked Data Signatures of the given JSON-LD document.
+*
+* This is a low-level utility that only checks the cryptographic signature
+* and (optionally) the cached key.  It does not run the JSON-LD parsing,
+* attribution, and owner checks that a complete inbound LD verification
+* needs.  For incoming activities, prefer {@link verifyJsonLd}, which is
+* the public verification entry point and the one that emits the
+* `activitypub.signature.verification.duration` metric for the LD path.
+* `verifySignature` itself only emits
+* `activitypub.signature.key_fetch.duration`, since the rest of the work
+* that the verification-duration metric is meant to cover happens in
+* `verifyJsonLd`.
 * @param jsonLd The JSON-LD document to verify.
 * @param options Options for verifying the signature.
 * @returns The public key that signed the document or `null` if the signature
@@ -167,7 +178,7 @@ async function verifySignature(jsonLd, options = {}) {
 		});
 		return null;
 	}
-	const { key, cached } = await require_http.fetchKey(new URL(sig.creator), _fedify_vocab.CryptographicKey, options);
+	const { key, cached } = await require_http.measureSignatureKeyFetch(options.meterProvider, "linked_data", () => require_http.fetchKey(new URL(sig.creator), _fedify_vocab.CryptographicKey, options));
 	if (key == null) return null;
 	const sigOpts = {
 		...sig,
@@ -207,13 +218,13 @@ async function verifySignature(jsonLd, options = {}) {
 			keyId: sig.creator,
 			...sig
 		});
-		const { key } = await require_http.fetchKey(new URL(sig.creator), _fedify_vocab.CryptographicKey, {
+		const { key } = await require_http.measureSignatureKeyFetch(options.meterProvider, "linked_data", () => require_http.fetchKey(new URL(sig.creator), _fedify_vocab.CryptographicKey, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),
 				set: async (keyId, key) => await options.keyCache?.set(keyId, key)
 			}
-		});
+		}));
 		if (key == null) return null;
 		return await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes) ? key : null;
 	}
@@ -225,6 +236,33 @@ async function verifySignature(jsonLd, options = {}) {
 	return null;
 }
 /**
+* Known Linked Data Signature `type` values, used to keep
+* `ld_signatures.type` on a bounded set of spec-defined string values.
+* Fedify only signs and verifies `RsaSignature2017`; other values come in
+* only from external documents and are dropped from the metric attribute to
+* avoid attacker-controlled cardinality.
+*/
+const LD_KNOWN_SIGNATURE_TYPES = new Set(["RsaSignature2017"]);
+/**
+* Reports only whether a `signature` key is present on the document, with
+* no shape check on its value.  This is intentionally looser than
+* {@link hasSignature} (which validates a full `RsaSignature2017` shape)
+* and {@link hasSignatureLike} (which structurally accepts several known
+* suites): `verifyJsonLd` needs to tell a document with a malformed or
+* unsupported signature payload (classified as `rejected`) apart from a
+* truly unsigned document (classified as `missing`), and only this
+* presence-only check captures both cases.
+*/
+function hasLdSignatureProperty(jsonLd) {
+	return typeof jsonLd === "object" && jsonLd != null && "signature" in jsonLd;
+}
+function getLdSignatureObject(jsonLd) {
+	if (!hasLdSignatureProperty(jsonLd)) return void 0;
+	const { signature } = jsonLd;
+	if (typeof signature !== "object" || signature == null || Array.isArray(signature)) return;
+	return signature;
+}
+/**
 * Verify the authenticity of the given JSON-LD document using Linked Data
 * Signatures.  If the document is signed, this function verifies the signature
 * and checks if the document is attributed to the owner of the public key.
@@ -235,14 +273,22 @@ async function verifySignature(jsonLd, options = {}) {
 */
 async function verifyJsonLd(jsonLd, options = {}) {
 	return await (options.tracerProvider ?? _opentelemetry_api.trace.getTracerProvider()).getTracer(require_http.name, require_http.version).startActiveSpan("ld_signatures.verify", async (span) => {
+		const start = performance.now();
+		let verified = false;
+		let threw = false;
+		let signatureType;
 		try {
 			const object = await _fedify_vocab.Object.fromJsonLd(jsonLd, options);
 			if (object.id != null) span.setAttribute("activitypub.object.id", object.id.href);
 			span.setAttribute("activitypub.object.type", (0, _fedify_vocab.getTypeId)(object).href);
-			if (typeof jsonLd === "object" && jsonLd != null && "signature" in jsonLd && typeof jsonLd.signature === "object" && jsonLd.signature != null) {
-				if ("creator" in jsonLd.signature && typeof jsonLd.signature.creator === "string") span.setAttribute("ld_signatures.key_id", jsonLd.signature.creator);
-				if ("signatureValue" in jsonLd.signature && typeof jsonLd.signature.signatureValue === "string") span.setAttribute("ld_signatures.signature", jsonLd.signature.signatureValue);
-				if ("type" in jsonLd.signature && typeof jsonLd.signature.type === "string") span.setAttribute("ld_signatures.type", jsonLd.signature.type);
+			const sig = getLdSignatureObject(jsonLd);
+			if (sig != null) {
+				if (typeof sig.creator === "string") span.setAttribute("ld_signatures.key_id", sig.creator);
+				if (typeof sig.signatureValue === "string") span.setAttribute("ld_signatures.signature", sig.signatureValue);
+				if (typeof sig.type === "string") {
+					span.setAttribute("ld_signatures.type", sig.type);
+					if (LD_KNOWN_SIGNATURE_TYPES.has(sig.type)) signatureType = sig.type;
+				}
 			}
 			const attributions = new Set(object.attributionIds.map((uri) => uri.href));
 			if (object instanceof _fedify_vocab.Activity) for (const uri of object.actorIds) attributions.add(uri.href);
@@ -257,14 +303,18 @@ async function verifyJsonLd(jsonLd, options = {}) {
 				logger$3.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
 				return false;
 			}
+			verified = true;
 			return true;
 		} catch (error) {
+			threw = true;
 			span.setStatus({
 				code: _opentelemetry_api.SpanStatusCode.ERROR,
 				message: String(error)
 			});
 			throw error;
 		} finally {
+			const classified = threw ? "error" : verified ? "verified" : hasLdSignatureProperty(jsonLd) ? "rejected" : "missing";
+			require_http.getFederationMetrics(options.meterProvider).recordSignatureVerificationDuration(require_http.getDurationMs(start), "linked_data", classified, { ldType: signatureType });
 			span.end();
 		}
 	});
@@ -769,6 +819,15 @@ async function normalizeOutgoingActivityJsonLd(jsonLd, contextLoader) {
 }
 //#endregion
 //#region src/sig/proof.ts
+/**
+* Known Object Integrity Proof `cryptosuite` values, used to keep
+* `object_integrity_proofs.cryptosuite` on a bounded set of spec-defined
+* string values.  Fedify currently signs and verifies only
+* `eddsa-jcs-2022`; other values come in only from external proofs and are
+* dropped from the metric attribute to avoid attacker-controlled
+* cardinality.
+*/
+const OIP_KNOWN_CRYPTOSUITES = new Set(["eddsa-jcs-2022"]);
 const logger = (0, _logtape_logtape.getLogger)([
 	"fedify",
 	"sig",
@@ -895,6 +954,10 @@ async function signObject(object, privateKey, keyId, options = {}) {
 */
 async function verifyProof(jsonLd, proof, options = {}) {
 	return await (options.tracerProvider ?? _opentelemetry_api.trace.getTracerProvider()).getTracer(require_http.name, require_http.version).startActiveSpan("object_integrity_proofs.verify", async (span) => {
+		const start = performance.now();
+		let verified = false;
+		let threw = false;
+		const cryptosuite = proof.cryptosuite != null && OIP_KNOWN_CRYPTOSUITES.has(proof.cryptosuite) ? proof.cryptosuite : void 0;
 		if (span.isRecording()) {
 			if (proof.cryptosuite != null) span.setAttribute("object_integrity_proofs.cryptosuite", proof.cryptosuite);
 			if (proof.verificationMethodId != null) span.setAttribute("object_integrity_proofs.key_id", proof.verificationMethodId.href);
@@ -903,21 +966,25 @@ async function verifyProof(jsonLd, proof, options = {}) {
 		try {
 			const key = await verifyProofInternal(jsonLd, proof, options);
 			if (key == null) span.setStatus({ code: _opentelemetry_api.SpanStatusCode.ERROR });
+			else verified = true;
 			return key;
 		} catch (error) {
+			threw = true;
 			span.setStatus({
 				code: _opentelemetry_api.SpanStatusCode.ERROR,
 				message: String(error)
 			});
 			throw error;
 		} finally {
+			const classified = threw ? "error" : verified ? "verified" : "rejected";
+			require_http.getFederationMetrics(options.meterProvider).recordSignatureVerificationDuration(require_http.getDurationMs(start), "object_integrity", classified, { cryptosuite });
 			span.end();
 		}
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
 	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
-	const publicKeyPromise = require_http.fetchKey(proof.verificationMethodId, _fedify_vocab.Multikey, options);
+	const publicKeyPromise = require_http.measureSignatureKeyFetch(options.meterProvider, "object_integrity", () => require_http.fetchKey(proof.verificationMethodId, _fedify_vocab.Multikey, options));
 	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
@@ -957,7 +1024,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 				proof,
 				keyId: proof.verificationMethodId.href
 			});
-			return await verifyProof(jsonLd, proof, {
+			return await verifyProofInternal(jsonLd, proof, {
 				...options,
 				keyCache: {
 					get: () => Promise.resolve(void 0),
@@ -988,7 +1055,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return await verifyProof(jsonLd, proof, {
+		return await verifyProofInternal(jsonLd, proof, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),

package/dist/{proof-mfmHH9j0.mjs → proof-DhVuz4bc.mjs}

@@ -1,16 +1,26 @@
 import { Temporal } from "@js-temporal/polyfill";
 import "urlpattern-polyfill";
 globalThis.addEventListener = () => {};
-import { n as version, t as name } from "./deno-hqC7tKJn.mjs";
-import { n as fetchKey, o as validateCryptoKey } from "./key-DW1EVmtP.mjs";
-import { n as preloadedOnlyDocumentLoader } from "./public-audience-N3pyOx2p.mjs";
-import { r as normalizeOutgoingActivityJsonLd } from "./outgoing-jsonld-BgFLCJQ_.mjs";
+import { n as version, t as name } from "./deno-DVsHS7rA.mjs";
+import { a as measureSignatureKeyFetch, n as getFederationMetrics, t as getDurationMs } from "./metrics-C4attqv0.mjs";
+import { n as fetchKey, o as validateCryptoKey } from "./key-BoWaYRHm.mjs";
+import { n as preloadedOnlyDocumentLoader } from "./public-audience-c9zmYKgA.mjs";
+import { r as normalizeOutgoingActivityJsonLd } from "./outgoing-jsonld-BNL8AC14.mjs";
 import { getLogger } from "@logtape/logtape";
 import { Activity, DataIntegrityProof, Multikey, getTypeId } from "@fedify/vocab";
 import { SpanStatusCode, trace } from "@opentelemetry/api";
 import { encodeHex } from "byte-encodings/hex";
 import serialize from "json-canon";
 //#region src/sig/proof.ts
+/**
+* Known Object Integrity Proof `cryptosuite` values, used to keep
+* `object_integrity_proofs.cryptosuite` on a bounded set of spec-defined
+* string values.  Fedify currently signs and verifies only
+* `eddsa-jcs-2022`; other values come in only from external proofs and are
+* dropped from the metric attribute to avoid attacker-controlled
+* cardinality.
+*/
+const OIP_KNOWN_CRYPTOSUITES = new Set(["eddsa-jcs-2022"]);
 const logger = getLogger([
 	"fedify",
 	"sig",
@@ -137,6 +147,10 @@ async function signObject(object, privateKey, keyId, options = {}) {
 */
 async function verifyProof(jsonLd, proof, options = {}) {
 	return await (options.tracerProvider ?? trace.getTracerProvider()).getTracer(name, version).startActiveSpan("object_integrity_proofs.verify", async (span) => {
+		const start = performance.now();
+		let verified = false;
+		let threw = false;
+		const cryptosuite = proof.cryptosuite != null && OIP_KNOWN_CRYPTOSUITES.has(proof.cryptosuite) ? proof.cryptosuite : void 0;
 		if (span.isRecording()) {
 			if (proof.cryptosuite != null) span.setAttribute("object_integrity_proofs.cryptosuite", proof.cryptosuite);
 			if (proof.verificationMethodId != null) span.setAttribute("object_integrity_proofs.key_id", proof.verificationMethodId.href);
@@ -145,21 +159,25 @@ async function verifyProof(jsonLd, proof, options = {}) {
 		try {
 			const key = await verifyProofInternal(jsonLd, proof, options);
 			if (key == null) span.setStatus({ code: SpanStatusCode.ERROR });
+			else verified = true;
 			return key;
 		} catch (error) {
+			threw = true;
 			span.setStatus({
 				code: SpanStatusCode.ERROR,
 				message: String(error)
 			});
 			throw error;
 		} finally {
+			const classified = threw ? "error" : verified ? "verified" : "rejected";
+			getFederationMetrics(options.meterProvider).recordSignatureVerificationDuration(getDurationMs(start), "object_integrity", classified, { cryptosuite });
 			span.end();
 		}
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
 	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
-	const publicKeyPromise = fetchKey(proof.verificationMethodId, Multikey, options);
+	const publicKeyPromise = measureSignatureKeyFetch(options.meterProvider, "object_integrity", () => fetchKey(proof.verificationMethodId, Multikey, options));
 	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
@@ -199,7 +217,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 				proof,
 				keyId: proof.verificationMethodId.href
 			});
-			return await verifyProof(jsonLd, proof, {
+			return await verifyProofInternal(jsonLd, proof, {
 				...options,
 				keyCache: {
 					get: () => Promise.resolve(void 0),
@@ -230,7 +248,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return await verifyProof(jsonLd, proof, {
+		return await verifyProofInternal(jsonLd, proof, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),

package/dist/{proof-5kT7OUPV.js → proof-n60t8o9P.js}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { _ as version, d as validateCryptoKey, g as name, s as fetchKey } from "./http-O8MYWwk8.js";
+import { E as version, T as name, d as validateCryptoKey, f as getDurationMs, g as measureSignatureKeyFetch, p as getFederationMetrics, s as fetchKey } from "./http-CouJSFVK.js";
 import { getLogger } from "@logtape/logtape";
 import { Activity, CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1, PUBLIC_COLLECTION, getTypeId, isActor } from "@fedify/vocab";
 import { SpanKind, SpanStatusCode, trace } from "@opentelemetry/api";
@@ -145,6 +145,17 @@ function detachSignature(jsonLd) {
 }
 /**
 * Verifies Linked Data Signatures of the given JSON-LD document.
+*
+* This is a low-level utility that only checks the cryptographic signature
+* and (optionally) the cached key.  It does not run the JSON-LD parsing,
+* attribution, and owner checks that a complete inbound LD verification
+* needs.  For incoming activities, prefer {@link verifyJsonLd}, which is
+* the public verification entry point and the one that emits the
+* `activitypub.signature.verification.duration` metric for the LD path.
+* `verifySignature` itself only emits
+* `activitypub.signature.key_fetch.duration`, since the rest of the work
+* that the verification-duration metric is meant to cover happens in
+* `verifyJsonLd`.
 * @param jsonLd The JSON-LD document to verify.
 * @param options Options for verifying the signature.
 * @returns The public key that signed the document or `null` if the signature
@@ -164,7 +175,7 @@ async function verifySignature(jsonLd, options = {}) {
 		});
 		return null;
 	}
-	const { key, cached } = await fetchKey(new URL(sig.creator), CryptographicKey, options);
+	const { key, cached } = await measureSignatureKeyFetch(options.meterProvider, "linked_data", () => fetchKey(new URL(sig.creator), CryptographicKey, options));
 	if (key == null) return null;
 	const sigOpts = {
 		...sig,
@@ -204,13 +215,13 @@ async function verifySignature(jsonLd, options = {}) {
 			keyId: sig.creator,
 			...sig
 		});
-		const { key } = await fetchKey(new URL(sig.creator), CryptographicKey, {
+		const { key } = await measureSignatureKeyFetch(options.meterProvider, "linked_data", () => fetchKey(new URL(sig.creator), CryptographicKey, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),
 				set: async (keyId, key) => await options.keyCache?.set(keyId, key)
 			}
-		});
+		}));
 		if (key == null) return null;
 		return await crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature.slice(), messageBytes) ? key : null;
 	}
@@ -222,6 +233,33 @@ async function verifySignature(jsonLd, options = {}) {
 	return null;
 }
 /**
+* Known Linked Data Signature `type` values, used to keep
+* `ld_signatures.type` on a bounded set of spec-defined string values.
+* Fedify only signs and verifies `RsaSignature2017`; other values come in
+* only from external documents and are dropped from the metric attribute to
+* avoid attacker-controlled cardinality.
+*/
+const LD_KNOWN_SIGNATURE_TYPES = new Set(["RsaSignature2017"]);
+/**
+* Reports only whether a `signature` key is present on the document, with
+* no shape check on its value.  This is intentionally looser than
+* {@link hasSignature} (which validates a full `RsaSignature2017` shape)
+* and {@link hasSignatureLike} (which structurally accepts several known
+* suites): `verifyJsonLd` needs to tell a document with a malformed or
+* unsupported signature payload (classified as `rejected`) apart from a
+* truly unsigned document (classified as `missing`), and only this
+* presence-only check captures both cases.
+*/
+function hasLdSignatureProperty(jsonLd) {
+	return typeof jsonLd === "object" && jsonLd != null && "signature" in jsonLd;
+}
+function getLdSignatureObject(jsonLd) {
+	if (!hasLdSignatureProperty(jsonLd)) return void 0;
+	const { signature } = jsonLd;
+	if (typeof signature !== "object" || signature == null || Array.isArray(signature)) return;
+	return signature;
+}
+/**
 * Verify the authenticity of the given JSON-LD document using Linked Data
 * Signatures.  If the document is signed, this function verifies the signature
 * and checks if the document is attributed to the owner of the public key.
@@ -232,14 +270,22 @@ async function verifySignature(jsonLd, options = {}) {
 */
 async function verifyJsonLd(jsonLd, options = {}) {
 	return await (options.tracerProvider ?? trace.getTracerProvider()).getTracer(name, version).startActiveSpan("ld_signatures.verify", async (span) => {
+		const start = performance.now();
+		let verified = false;
+		let threw = false;
+		let signatureType;
 		try {
 			const object = await Object$1.fromJsonLd(jsonLd, options);
 			if (object.id != null) span.setAttribute("activitypub.object.id", object.id.href);
 			span.setAttribute("activitypub.object.type", getTypeId(object).href);
-			if (typeof jsonLd === "object" && jsonLd != null && "signature" in jsonLd && typeof jsonLd.signature === "object" && jsonLd.signature != null) {
-				if ("creator" in jsonLd.signature && typeof jsonLd.signature.creator === "string") span.setAttribute("ld_signatures.key_id", jsonLd.signature.creator);
-				if ("signatureValue" in jsonLd.signature && typeof jsonLd.signature.signatureValue === "string") span.setAttribute("ld_signatures.signature", jsonLd.signature.signatureValue);
-				if ("type" in jsonLd.signature && typeof jsonLd.signature.type === "string") span.setAttribute("ld_signatures.type", jsonLd.signature.type);
+			const sig = getLdSignatureObject(jsonLd);
+			if (sig != null) {
+				if (typeof sig.creator === "string") span.setAttribute("ld_signatures.key_id", sig.creator);
+				if (typeof sig.signatureValue === "string") span.setAttribute("ld_signatures.signature", sig.signatureValue);
+				if (typeof sig.type === "string") {
+					span.setAttribute("ld_signatures.type", sig.type);
+					if (LD_KNOWN_SIGNATURE_TYPES.has(sig.type)) signatureType = sig.type;
+				}
 			}
 			const attributions = new Set(object.attributionIds.map((uri) => uri.href));
 			if (object instanceof Activity) for (const uri of object.actorIds) attributions.add(uri.href);
@@ -254,14 +300,18 @@ async function verifyJsonLd(jsonLd, options = {}) {
 				logger$3.debug("Some attributions are not authenticated by the Linked Data Signatures: {attributions}.", { attributions: [...attributions] });
 				return false;
 			}
+			verified = true;
 			return true;
 		} catch (error) {
+			threw = true;
 			span.setStatus({
 				code: SpanStatusCode.ERROR,
 				message: String(error)
 			});
 			throw error;
 		} finally {
+			const classified = threw ? "error" : verified ? "verified" : hasLdSignatureProperty(jsonLd) ? "rejected" : "missing";
+			getFederationMetrics(options.meterProvider).recordSignatureVerificationDuration(getDurationMs(start), "linked_data", classified, { ldType: signatureType });
 			span.end();
 		}
 	});
@@ -766,6 +816,15 @@ async function normalizeOutgoingActivityJsonLd(jsonLd, contextLoader) {
 }
 //#endregion
 //#region src/sig/proof.ts
+/**
+* Known Object Integrity Proof `cryptosuite` values, used to keep
+* `object_integrity_proofs.cryptosuite` on a bounded set of spec-defined
+* string values.  Fedify currently signs and verifies only
+* `eddsa-jcs-2022`; other values come in only from external proofs and are
+* dropped from the metric attribute to avoid attacker-controlled
+* cardinality.
+*/
+const OIP_KNOWN_CRYPTOSUITES = new Set(["eddsa-jcs-2022"]);
 const logger = getLogger([
 	"fedify",
 	"sig",
@@ -892,6 +951,10 @@ async function signObject(object, privateKey, keyId, options = {}) {
 */
 async function verifyProof(jsonLd, proof, options = {}) {
 	return await (options.tracerProvider ?? trace.getTracerProvider()).getTracer(name, version).startActiveSpan("object_integrity_proofs.verify", async (span) => {
+		const start = performance.now();
+		let verified = false;
+		let threw = false;
+		const cryptosuite = proof.cryptosuite != null && OIP_KNOWN_CRYPTOSUITES.has(proof.cryptosuite) ? proof.cryptosuite : void 0;
 		if (span.isRecording()) {
 			if (proof.cryptosuite != null) span.setAttribute("object_integrity_proofs.cryptosuite", proof.cryptosuite);
 			if (proof.verificationMethodId != null) span.setAttribute("object_integrity_proofs.key_id", proof.verificationMethodId.href);
@@ -900,21 +963,25 @@ async function verifyProof(jsonLd, proof, options = {}) {
 		try {
 			const key = await verifyProofInternal(jsonLd, proof, options);
 			if (key == null) span.setStatus({ code: SpanStatusCode.ERROR });
+			else verified = true;
 			return key;
 		} catch (error) {
+			threw = true;
 			span.setStatus({
 				code: SpanStatusCode.ERROR,
 				message: String(error)
 			});
 			throw error;
 		} finally {
+			const classified = threw ? "error" : verified ? "verified" : "rejected";
+			getFederationMetrics(options.meterProvider).recordSignatureVerificationDuration(getDurationMs(start), "object_integrity", classified, { cryptosuite });
 			span.end();
 		}
 	});
 }
 async function verifyProofInternal(jsonLd, proof, options) {
 	if (typeof jsonLd !== "object" || jsonLd == null || Array.isArray(jsonLd) || proof.cryptosuite !== "eddsa-jcs-2022" || proof.verificationMethodId == null || proof.proofPurpose !== "assertionMethod" || proof.proofValue == null || proof.created == null) return null;
-	const publicKeyPromise = fetchKey(proof.verificationMethodId, Multikey, options);
+	const publicKeyPromise = measureSignatureKeyFetch(options.meterProvider, "object_integrity", () => fetchKey(proof.verificationMethodId, Multikey, options));
 	const proofConfig = {
 		"@context": jsonLd["@context"],
 		type: "DataIntegrityProof",
@@ -954,7 +1021,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 				proof,
 				keyId: proof.verificationMethodId.href
 			});
-			return await verifyProof(jsonLd, proof, {
+			return await verifyProofInternal(jsonLd, proof, {
 				...options,
 				keyCache: {
 					get: () => Promise.resolve(void 0),
@@ -985,7 +1052,7 @@ async function verifyProofInternal(jsonLd, proof, options) {
 			keyId: proof.verificationMethodId.href,
 			proof
 		});
-		return await verifyProof(jsonLd, proof, {
+		return await verifyProofInternal(jsonLd, proof, {
 			...options,
 			keyCache: {
 				get: () => Promise.resolve(void 0),