@graffiti-garden/implementation-decentralized 0.0.1

package/dist/esm/2-primitives/1-string-encoding-tests.js

@@ -0,0 +1,33 @@
+import { describe, expect, test } from "vitest";
+import {
+  STRING_ENCODER_METHOD_BASE64URL,
+  StringEncoder
+} from "./1-string-encoding";
+import { randomBytes } from "@noble/hashes/utils.js";
+function stringEncodingTests() {
+  describe("String encoding tests", () => {
+    const stringEncodingMethods = [STRING_ENCODER_METHOD_BASE64URL];
+    const stringEncoder = new StringEncoder();
+    test("Invalid string decoding method", async () => {
+      const bytes = randomBytes();
+      await expect(
+        () => stringEncoder.encode("invalid-method", bytes)
+      ).rejects.toThrow();
+    });
+    for (const method of stringEncodingMethods) {
+      describe(`String Encoding Method: ${method}`, () => {
+        test("encodes and decodes strings correctly", async () => {
+          const bytes = randomBytes();
+          const encoded = await stringEncoder.encode(method, bytes);
+          const decoded = await stringEncoder.decode(encoded);
+          expect(decoded).toEqual(bytes);
+          expect(decoded).not.toEqual(randomBytes());
+        });
+      });
+    }
+  });
+}
+export {
+  stringEncodingTests
+};
+//# sourceMappingURL=1-string-encoding-tests.js.map

package/dist/esm/2-primitives/1-string-encoding-tests.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/1-string-encoding-tests.ts"],
+  "sourcesContent": ["import { describe, expect, test } from \"vitest\";\nimport {\n  STRING_ENCODER_METHOD_BASE64URL,\n  StringEncoder,\n} from \"./1-string-encoding\";\nimport { randomBytes } from \"@noble/hashes/utils.js\";\n\nexport function stringEncodingTests() {\n  describe(\"String encoding tests\", () => {\n    const stringEncodingMethods = [STRING_ENCODER_METHOD_BASE64URL];\n    const stringEncoder = new StringEncoder();\n\n    test(\"Invalid string decoding method\", async () => {\n      const bytes = randomBytes();\n      await expect(() =>\n        stringEncoder.encode(\"invalid-method\", bytes),\n      ).rejects.toThrow();\n    });\n\n    for (const method of stringEncodingMethods) {\n      describe(`String Encoding Method: ${method}`, () => {\n        test(\"encodes and decodes strings correctly\", async () => {\n          const bytes = randomBytes();\n          const encoded = await stringEncoder.encode(method, bytes);\n          const decoded = await stringEncoder.decode(encoded);\n\n          expect(decoded).toEqual(bytes);\n          expect(decoded).not.toEqual(randomBytes());\n        });\n      });\n    }\n  });\n}\n"],
+  "mappings": "AAAA,SAAS,UAAU,QAAQ,YAAY;AACvC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP,SAAS,mBAAmB;AAErB,SAAS,sBAAsB;AACpC,WAAS,yBAAyB,MAAM;AACtC,UAAM,wBAAwB,CAAC,+BAA+B;AAC9D,UAAM,gBAAgB,IAAI,cAAc;AAExC,SAAK,kCAAkC,YAAY;AACjD,YAAM,QAAQ,YAAY;AAC1B,YAAM;AAAA,QAAO,MACX,cAAc,OAAO,kBAAkB,KAAK;AAAA,MAC9C,EAAE,QAAQ,QAAQ;AAAA,IACpB,CAAC;AAED,eAAW,UAAU,uBAAuB;AAC1C,eAAS,2BAA2B,MAAM,IAAI,MAAM;AAClD,aAAK,yCAAyC,YAAY;AACxD,gBAAM,QAAQ,YAAY;AAC1B,gBAAM,UAAU,MAAM,cAAc,OAAO,QAAQ,KAAK;AACxD,gBAAM,UAAU,MAAM,cAAc,OAAO,OAAO;AAElD,iBAAO,OAAO,EAAE,QAAQ,KAAK;AAC7B,iBAAO,OAAO,EAAE,IAAI,QAAQ,YAAY,CAAC;AAAA,QAC3C,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AACH;",
+  "names": []
+}

package/dist/esm/2-primitives/1-string-encoding.js

@@ -0,0 +1,26 @@
+const STRING_ENCODER_METHOD_BASE64URL = "base64url";
+const STRING_ENCODER_PREFIX_BASE64URL = "u";
+class StringEncoder {
+  async encode(method, bytes) {
+    if (method !== STRING_ENCODER_METHOD_BASE64URL) {
+      throw new Error(`Unsupported string encoding method: ${method}`);
+    }
+    const base64 = btoa(String.fromCodePoint(...bytes));
+    const encoded = base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/\=+$/, "");
+    return STRING_ENCODER_PREFIX_BASE64URL + encoded;
+  }
+  async decode(base64Url) {
+    if (!base64Url.startsWith(STRING_ENCODER_PREFIX_BASE64URL)) {
+      throw new Error(`Unsupported string encoding prefix: ${base64Url[0]}`);
+    }
+    base64Url = base64Url.slice(1);
+    let base64 = base64Url.replace(/-/g, "+").replace(/_/g, "/");
+    while (base64.length % 4 !== 0) base64 += "=";
+    return Uint8Array.from(atob(base64), (c) => c.charCodeAt(0));
+  }
+}
+export {
+  STRING_ENCODER_METHOD_BASE64URL,
+  StringEncoder
+};
+//# sourceMappingURL=1-string-encoding.js.map

package/dist/esm/2-primitives/1-string-encoding.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/1-string-encoding.ts"],
+  "sourcesContent": ["// https://github.com/multiformats/multibase/blob/master/multibase.csv\nexport const STRING_ENCODER_METHOD_BASE64URL = \"base64url\";\nconst STRING_ENCODER_PREFIX_BASE64URL = \"u\";\n\nexport class StringEncoder {\n  async encode(method: string, bytes: Uint8Array): Promise<string> {\n    if (method !== STRING_ENCODER_METHOD_BASE64URL) {\n      throw new Error(`Unsupported string encoding method: ${method}`);\n    }\n    // Convert it to base64\n    const base64 = btoa(String.fromCodePoint(...bytes));\n    // Make sure it is url safe\n    const encoded = base64\n      .replace(/\\+/g, \"-\")\n      .replace(/\\//g, \"_\")\n      .replace(/\\=+$/, \"\");\n    // Append method prefix\n    return STRING_ENCODER_PREFIX_BASE64URL + encoded;\n  }\n\n  async decode(base64Url: string): Promise<Uint8Array> {\n    if (!base64Url.startsWith(STRING_ENCODER_PREFIX_BASE64URL)) {\n      throw new Error(`Unsupported string encoding prefix: ${base64Url[0]}`);\n    }\n    base64Url = base64Url.slice(1);\n    // Undo url-safe base64\n    let base64 = base64Url.replace(/-/g, \"+\").replace(/_/g, \"/\");\n    // Add padding if necessary\n    while (base64.length % 4 !== 0) base64 += \"=\";\n    // Decode\n    return Uint8Array.from(atob(base64), (c) => c.charCodeAt(0));\n  }\n}\n"],
+  "mappings": "AACO,MAAM,kCAAkC;AAC/C,MAAM,kCAAkC;AAEjC,MAAM,cAAc;AAAA,EACzB,MAAM,OAAO,QAAgB,OAAoC;AAC/D,QAAI,WAAW,iCAAiC;AAC9C,YAAM,IAAI,MAAM,uCAAuC,MAAM,EAAE;AAAA,IACjE;AAEA,UAAM,SAAS,KAAK,OAAO,cAAc,GAAG,KAAK,CAAC;AAElD,UAAM,UAAU,OACb,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,QAAQ,EAAE;AAErB,WAAO,kCAAkC;AAAA,EAC3C;AAAA,EAEA,MAAM,OAAO,WAAwC;AACnD,QAAI,CAAC,UAAU,WAAW,+BAA+B,GAAG;AAC1D,YAAM,IAAI,MAAM,uCAAuC,UAAU,CAAC,CAAC,EAAE;AAAA,IACvE;AACA,gBAAY,UAAU,MAAM,CAAC;AAE7B,QAAI,SAAS,UAAU,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAE3D,WAAO,OAAO,SAAS,MAAM,EAAG,WAAU;AAE1C,WAAO,WAAW,KAAK,KAAK,MAAM,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAAA,EAC7D;AACF;",
+  "names": []
+}

package/dist/esm/2-primitives/2-content-addresses-tests.js

@@ -0,0 +1,45 @@
+import { describe, expect, test } from "vitest";
+import {
+  CONTENT_ADDRESS_METHOD_SHA256,
+  ContentAddresses
+} from "./2-content-addresses";
+import { randomBytes } from "@noble/hashes/utils.js";
+function contentAddressesTests() {
+  describe("Content Address Tests", () => {
+    const contentAddressMethods = [CONTENT_ADDRESS_METHOD_SHA256];
+    const contentAddresses = new ContentAddresses();
+    test("Invalid content address method", async () => {
+      const bytes = randomBytes();
+      await expect(
+        () => contentAddresses.register("invalid-method", bytes)
+      ).rejects.toThrow();
+    });
+    for (const method of contentAddressMethods) {
+      describe(`Content Address Method: ${method}`, () => {
+        test("idempotent addresses", async () => {
+          const bytes = randomBytes();
+          const address1 = await contentAddresses.register(method, bytes);
+          const address2 = await contentAddresses.register(method, bytes);
+          expect(address1).toEqual(address2);
+        });
+        test("unique adddresses", async () => {
+          const bytes1 = randomBytes();
+          const bytes2 = randomBytes();
+          const address1 = await contentAddresses.register(method, bytes1);
+          const address2 = await contentAddresses.register(method, bytes2);
+          expect(address1).not.toEqual(address2);
+        });
+        test("get method", async () => {
+          const bytes = randomBytes();
+          const address = await contentAddresses.register(method, bytes);
+          const retrievedMethod = await contentAddresses.getMethod(address);
+          expect(retrievedMethod).toEqual(method);
+        });
+      });
+    }
+  });
+}
+export {
+  contentAddressesTests
+};
+//# sourceMappingURL=2-content-addresses-tests.js.map

package/dist/esm/2-primitives/2-content-addresses-tests.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/2-content-addresses-tests.ts"],
+  "sourcesContent": ["import { describe, expect, test } from \"vitest\";\nimport {\n  CONTENT_ADDRESS_METHOD_SHA256,\n  ContentAddresses,\n} from \"./2-content-addresses\";\nimport { randomBytes } from \"@noble/hashes/utils.js\";\n\nexport function contentAddressesTests() {\n  describe(\"Content Address Tests\", () => {\n    const contentAddressMethods = [CONTENT_ADDRESS_METHOD_SHA256];\n    const contentAddresses = new ContentAddresses();\n\n    test(\"Invalid content address method\", async () => {\n      const bytes = randomBytes();\n      await expect(() =>\n        contentAddresses.register(\"invalid-method\", bytes),\n      ).rejects.toThrow();\n    });\n\n    for (const method of contentAddressMethods) {\n      describe(`Content Address Method: ${method}`, () => {\n        test(\"idempotent addresses\", async () => {\n          const bytes = randomBytes();\n          const address1 = await contentAddresses.register(method, bytes);\n          const address2 = await contentAddresses.register(method, bytes);\n          expect(address1).toEqual(address2);\n        });\n\n        test(\"unique adddresses\", async () => {\n          const bytes1 = randomBytes();\n          const bytes2 = randomBytes();\n          const address1 = await contentAddresses.register(method, bytes1);\n          const address2 = await contentAddresses.register(method, bytes2);\n          expect(address1).not.toEqual(address2);\n        });\n\n        test(\"get method\", async () => {\n          const bytes = randomBytes();\n          const address = await contentAddresses.register(method, bytes);\n          const retrievedMethod = await contentAddresses.getMethod(address);\n          expect(retrievedMethod).toEqual(method);\n        });\n      });\n    }\n  });\n}\n"],
+  "mappings": "AAAA,SAAS,UAAU,QAAQ,YAAY;AACvC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP,SAAS,mBAAmB;AAErB,SAAS,wBAAwB;AACtC,WAAS,yBAAyB,MAAM;AACtC,UAAM,wBAAwB,CAAC,6BAA6B;AAC5D,UAAM,mBAAmB,IAAI,iBAAiB;AAE9C,SAAK,kCAAkC,YAAY;AACjD,YAAM,QAAQ,YAAY;AAC1B,YAAM;AAAA,QAAO,MACX,iBAAiB,SAAS,kBAAkB,KAAK;AAAA,MACnD,EAAE,QAAQ,QAAQ;AAAA,IACpB,CAAC;AAED,eAAW,UAAU,uBAAuB;AAC1C,eAAS,2BAA2B,MAAM,IAAI,MAAM;AAClD,aAAK,wBAAwB,YAAY;AACvC,gBAAM,QAAQ,YAAY;AAC1B,gBAAM,WAAW,MAAM,iBAAiB,SAAS,QAAQ,KAAK;AAC9D,gBAAM,WAAW,MAAM,iBAAiB,SAAS,QAAQ,KAAK;AAC9D,iBAAO,QAAQ,EAAE,QAAQ,QAAQ;AAAA,QACnC,CAAC;AAED,aAAK,qBAAqB,YAAY;AACpC,gBAAM,SAAS,YAAY;AAC3B,gBAAM,SAAS,YAAY;AAC3B,gBAAM,WAAW,MAAM,iBAAiB,SAAS,QAAQ,MAAM;AAC/D,gBAAM,WAAW,MAAM,iBAAiB,SAAS,QAAQ,MAAM;AAC/D,iBAAO,QAAQ,EAAE,IAAI,QAAQ,QAAQ;AAAA,QACvC,CAAC;AAED,aAAK,cAAc,YAAY;AAC7B,gBAAM,QAAQ,YAAY;AAC1B,gBAAM,UAAU,MAAM,iBAAiB,SAAS,QAAQ,KAAK;AAC7D,gBAAM,kBAAkB,MAAM,iBAAiB,UAAU,OAAO;AAChE,iBAAO,eAAe,EAAE,QAAQ,MAAM;AAAA,QACxC,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AACH;",
+  "names": []
+}

package/dist/esm/2-primitives/2-content-addresses.js

@@ -0,0 +1,33 @@
+import { sha256 } from "@noble/hashes/webcrypto.js";
+const CONTENT_ADDRESS_METHOD_SHA256 = "sha2-256";
+const MULTIHASH_CODE_SHA256 = 18;
+const MULTIHASH_LENGTH_SHA256 = 32;
+class ContentAddresses {
+  async register(contentAddressMethod, data) {
+    if (contentAddressMethod !== CONTENT_ADDRESS_METHOD_SHA256) {
+      throw new Error(
+        `Unsupported content address method: ${contentAddressMethod}`
+      );
+    }
+    const hash = await sha256(data);
+    const prefixedHash = new Uint8Array(2 + hash.length);
+    prefixedHash[0] = MULTIHASH_CODE_SHA256;
+    prefixedHash[1] = MULTIHASH_LENGTH_SHA256;
+    prefixedHash.set(hash, 2);
+    return prefixedHash;
+  }
+  async getMethod(contentAddress) {
+    if (contentAddress[0] === MULTIHASH_CODE_SHA256 && contentAddress[1] === MULTIHASH_LENGTH_SHA256 && contentAddress.length === 2 + MULTIHASH_LENGTH_SHA256) {
+      return CONTENT_ADDRESS_METHOD_SHA256;
+    } else {
+      throw new Error(`Unrecognized content address format.`);
+    }
+  }
+}
+export {
+  CONTENT_ADDRESS_METHOD_SHA256,
+  ContentAddresses,
+  MULTIHASH_CODE_SHA256,
+  MULTIHASH_LENGTH_SHA256
+};
+//# sourceMappingURL=2-content-addresses.js.map

package/dist/esm/2-primitives/2-content-addresses.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/2-content-addresses.ts"],
+  "sourcesContent": ["import { sha256 } from \"@noble/hashes/webcrypto.js\";\n\nexport const CONTENT_ADDRESS_METHOD_SHA256 = \"sha2-256\";\n\n// Multihash code and length for SHA2-256\n// https://multiformats.io/multihash/#sha2-256---256-bits-aka-sha256\nexport const MULTIHASH_CODE_SHA256 = 0x12;\nexport const MULTIHASH_LENGTH_SHA256 = 32;\n\nexport class ContentAddresses {\n  async register(\n    contentAddressMethod: string,\n    data: Uint8Array,\n  ): Promise<Uint8Array> {\n    if (contentAddressMethod !== CONTENT_ADDRESS_METHOD_SHA256) {\n      throw new Error(\n        `Unsupported content address method: ${contentAddressMethod}`,\n      );\n    }\n\n    const hash = await sha256(data);\n\n    const prefixedHash = new Uint8Array(2 + hash.length);\n    prefixedHash[0] = MULTIHASH_CODE_SHA256;\n    prefixedHash[1] = MULTIHASH_LENGTH_SHA256;\n    prefixedHash.set(hash, 2);\n\n    return prefixedHash;\n  }\n\n  async getMethod(contentAddress: Uint8Array): Promise<string> {\n    if (\n      contentAddress[0] === MULTIHASH_CODE_SHA256 &&\n      contentAddress[1] === MULTIHASH_LENGTH_SHA256 &&\n      contentAddress.length === 2 + MULTIHASH_LENGTH_SHA256\n    ) {\n      return CONTENT_ADDRESS_METHOD_SHA256;\n    } else {\n      throw new Error(`Unrecognized content address format.`);\n    }\n  }\n}\n"],
+  "mappings": "AAAA,SAAS,cAAc;AAEhB,MAAM,gCAAgC;AAItC,MAAM,wBAAwB;AAC9B,MAAM,0BAA0B;AAEhC,MAAM,iBAAiB;AAAA,EAC5B,MAAM,SACJ,sBACA,MACqB;AACrB,QAAI,yBAAyB,+BAA+B;AAC1D,YAAM,IAAI;AAAA,QACR,uCAAuC,oBAAoB;AAAA,MAC7D;AAAA,IACF;AAEA,UAAM,OAAO,MAAM,OAAO,IAAI;AAE9B,UAAM,eAAe,IAAI,WAAW,IAAI,KAAK,MAAM;AACnD,iBAAa,CAAC,IAAI;AAClB,iBAAa,CAAC,IAAI;AAClB,iBAAa,IAAI,MAAM,CAAC;AAExB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,UAAU,gBAA6C;AAC3D,QACE,eAAe,CAAC,MAAM,yBACtB,eAAe,CAAC,MAAM,2BACtB,eAAe,WAAW,IAAI,yBAC9B;AACA,aAAO;AAAA,IACT,OAAO;AACL,YAAM,IAAI,MAAM,sCAAsC;AAAA,IACxD;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/esm/2-primitives/3-channel-attestations-tests.js

@@ -0,0 +1,116 @@
+import { describe, expect, test } from "vitest";
+import {
+  CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,
+  ChannelAttestations
+} from "./3-channel-attestations";
+import { randomBytes } from "@noble/hashes/utils.js";
+import {
+  StringEncoder,
+  STRING_ENCODER_METHOD_BASE64URL
+} from "./1-string-encoding";
+function channelAttestationTests() {
+  describe("Channel Attestation Tests", () => {
+    const allowedAttestationMethods = [
+      CHANNEL_ATTESTATION_METHOD_SHA256_ED25519
+    ];
+    const channelAttestations = new ChannelAttestations();
+    async function randomActor() {
+      const bytes = randomBytes();
+      const str = await new StringEncoder().encode(
+        STRING_ENCODER_METHOD_BASE64URL,
+        bytes
+      );
+      return `did:web:${str}.com`;
+    }
+    async function randomChannel() {
+      const bytes = randomBytes();
+      return await new StringEncoder().encode(
+        STRING_ENCODER_METHOD_BASE64URL,
+        bytes
+      );
+    }
+    test("Invalid attestation method", async () => {
+      const actor = await randomActor();
+      await expect(
+        () => channelAttestations.register("invalid-method", actor)
+      ).rejects.toThrow();
+    });
+    for (const method of allowedAttestationMethods) {
+      describe(`Attestation Method: ${method}`, () => {
+        test("get method", async () => {
+          const channel = await randomChannel();
+          const publicId = await channelAttestations.register(method, channel);
+          const methodReturned = await channelAttestations.getMethod(publicId);
+          expect(methodReturned).toEqual(method);
+        });
+        test("Idempotent public Ids", async () => {
+          const channel = await randomChannel();
+          const publicId1 = await channelAttestations.register(method, channel);
+          const publicId2 = await channelAttestations.register(method, channel);
+          expect(publicId1).toEqual(publicId2);
+        });
+        test("Unique public ids", async () => {
+          const channel1 = await randomChannel();
+          const channel2 = await randomChannel();
+          const publicId1 = await channelAttestations.register(
+            method,
+            channel1
+          );
+          const publicId2 = await channelAttestations.register(
+            method,
+            channel2
+          );
+          expect(publicId1).not.toEqual(publicId2);
+        });
+        test("Valid attestation", async () => {
+          const actor = await randomActor();
+          const channel = await randomChannel();
+          const { attestation, channelPublicId } = await channelAttestations.attest(method, actor, channel);
+          const isValid = await channelAttestations.validate(
+            attestation,
+            actor,
+            channelPublicId
+          );
+          expect(isValid).toBe(true);
+          const channelPublicIdSeperate = await channelAttestations.register(
+            method,
+            channel
+          );
+          expect(channelPublicId).toEqual(channelPublicIdSeperate);
+        });
+        test("Invalid attestation with wrong actor", async () => {
+          const actor = await randomActor();
+          const wrongActor = await randomActor();
+          const channel = await randomChannel();
+          const { attestation, channelPublicId } = await channelAttestations.attest(method, actor, channel);
+          const isValid = await channelAttestations.validate(
+            attestation,
+            wrongActor,
+            channelPublicId
+          );
+          expect(isValid).toBe(false);
+        });
+        test("Invalid attestation with wrong channel", async () => {
+          const actor = await randomActor();
+          const channel = await randomChannel();
+          const wrongChannel = await randomChannel();
+          const { attestation, channelPublicId } = await channelAttestations.attest(method, actor, channel);
+          const wrongChannelPublicId = await channelAttestations.register(
+            method,
+            wrongChannel
+          );
+          const isValid = await channelAttestations.validate(
+            attestation,
+            actor,
+            wrongChannelPublicId
+          );
+          expect(isValid).toBe(false);
+        });
+      });
+    }
+  });
+}
+export {
+  channelAttestationTests
+};
+//# sourceMappingURL=3-channel-attestations-tests.js.map

package/dist/esm/2-primitives/3-channel-attestations-tests.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/3-channel-attestations-tests.ts"],
+  "sourcesContent": ["import { describe, expect, test } from \"vitest\";\nimport {\n  CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,\n  ChannelAttestations,\n} from \"./3-channel-attestations\";\nimport { randomBytes } from \"@noble/hashes/utils.js\";\nimport {\n  StringEncoder,\n  STRING_ENCODER_METHOD_BASE64URL,\n} from \"./1-string-encoding\";\n\nexport function channelAttestationTests() {\n  describe(\"Channel Attestation Tests\", () => {\n    const allowedAttestationMethods = [\n      CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,\n    ];\n    const channelAttestations = new ChannelAttestations();\n\n    async function randomActor() {\n      const bytes = randomBytes();\n      const str = await new StringEncoder().encode(\n        STRING_ENCODER_METHOD_BASE64URL,\n        bytes,\n      );\n      return `did:web:${str}.com`;\n    }\n    async function randomChannel() {\n      const bytes = randomBytes();\n      return await new StringEncoder().encode(\n        STRING_ENCODER_METHOD_BASE64URL,\n        bytes,\n      );\n    }\n\n    test(\"Invalid attestation method\", async () => {\n      const actor = await randomActor();\n      await expect(() =>\n        channelAttestations.register(\"invalid-method\", actor),\n      ).rejects.toThrow();\n    });\n\n    for (const method of allowedAttestationMethods) {\n      describe(`Attestation Method: ${method}`, () => {\n        test(\"get method\", async () => {\n          const channel = await randomChannel();\n          const publicId = await channelAttestations.register(method, channel);\n          const methodReturned = await channelAttestations.getMethod(publicId);\n          expect(methodReturned).toEqual(method);\n        });\n\n        test(\"Idempotent public Ids\", async () => {\n          const channel = await randomChannel();\n          const publicId1 = await channelAttestations.register(method, channel);\n          const publicId2 = await channelAttestations.register(method, channel);\n          expect(publicId1).toEqual(publicId2);\n        });\n\n        test(\"Unique public ids\", async () => {\n          const channel1 = await randomChannel();\n          const channel2 = await randomChannel();\n          const publicId1 = await channelAttestations.register(\n            method,\n            channel1,\n          );\n          const publicId2 = await channelAttestations.register(\n            method,\n            channel2,\n          );\n          expect(publicId1).not.toEqual(publicId2);\n        });\n\n        test(\"Valid attestation\", async () => {\n          const actor = await randomActor();\n          const channel = await randomChannel();\n          const { attestation, channelPublicId } =\n            await channelAttestations.attest(method, actor, channel);\n          const isValid = await channelAttestations.validate(\n            attestation,\n            actor,\n            channelPublicId,\n          );\n          expect(isValid).toBe(true);\n\n          const channelPublicIdSeperate = await channelAttestations.register(\n            method,\n            channel,\n          );\n          expect(channelPublicId).toEqual(channelPublicIdSeperate);\n        });\n\n        test(\"Invalid attestation with wrong actor\", async () => {\n          const actor = await randomActor();\n          const wrongActor = await randomActor();\n          const channel = await randomChannel();\n          const { attestation, channelPublicId } =\n            await channelAttestations.attest(method, actor, channel);\n          const isValid = await channelAttestations.validate(\n            attestation,\n            wrongActor,\n            channelPublicId,\n          );\n          expect(isValid).toBe(false);\n        });\n\n        test(\"Invalid attestation with wrong channel\", async () => {\n          const actor = await randomActor();\n          const channel = await randomChannel();\n          const wrongChannel = await randomChannel();\n          const { attestation, channelPublicId } =\n            await channelAttestations.attest(method, actor, channel);\n          const wrongChannelPublicId = await channelAttestations.register(\n            method,\n            wrongChannel,\n          );\n          const isValid = await channelAttestations.validate(\n            attestation,\n            actor,\n            wrongChannelPublicId,\n          );\n          expect(isValid).toBe(false);\n        });\n      });\n    }\n  });\n}\n"],
+  "mappings": "AAAA,SAAS,UAAU,QAAQ,YAAY;AACvC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEA,SAAS,0BAA0B;AACxC,WAAS,6BAA6B,MAAM;AAC1C,UAAM,4BAA4B;AAAA,MAChC;AAAA,IACF;AACA,UAAM,sBAAsB,IAAI,oBAAoB;AAEpD,mBAAe,cAAc;AAC3B,YAAM,QAAQ,YAAY;AAC1B,YAAM,MAAM,MAAM,IAAI,cAAc,EAAE;AAAA,QACpC;AAAA,QACA;AAAA,MACF;AACA,aAAO,WAAW,GAAG;AAAA,IACvB;AACA,mBAAe,gBAAgB;AAC7B,YAAM,QAAQ,YAAY;AAC1B,aAAO,MAAM,IAAI,cAAc,EAAE;AAAA,QAC/B;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAEA,SAAK,8BAA8B,YAAY;AAC7C,YAAM,QAAQ,MAAM,YAAY;AAChC,YAAM;AAAA,QAAO,MACX,oBAAoB,SAAS,kBAAkB,KAAK;AAAA,MACtD,EAAE,QAAQ,QAAQ;AAAA,IACpB,CAAC;AAED,eAAW,UAAU,2BAA2B;AAC9C,eAAS,uBAAuB,MAAM,IAAI,MAAM;AAC9C,aAAK,cAAc,YAAY;AAC7B,gBAAM,UAAU,MAAM,cAAc;AACpC,gBAAM,WAAW,MAAM,oBAAoB,SAAS,QAAQ,OAAO;AACnE,gBAAM,iBAAiB,MAAM,oBAAoB,UAAU,QAAQ;AACnE,iBAAO,cAAc,EAAE,QAAQ,MAAM;AAAA,QACvC,CAAC;AAED,aAAK,yBAAyB,YAAY;AACxC,gBAAM,UAAU,MAAM,cAAc;AACpC,gBAAM,YAAY,MAAM,oBAAoB,SAAS,QAAQ,OAAO;AACpE,gBAAM,YAAY,MAAM,oBAAoB,SAAS,QAAQ,OAAO;AACpE,iBAAO,SAAS,EAAE,QAAQ,SAAS;AAAA,QACrC,CAAC;AAED,aAAK,qBAAqB,YAAY;AACpC,gBAAM,WAAW,MAAM,cAAc;AACrC,gBAAM,WAAW,MAAM,cAAc;AACrC,gBAAM,YAAY,MAAM,oBAAoB;AAAA,YAC1C;AAAA,YACA;AAAA,UACF;AACA,gBAAM,YAAY,MAAM,oBAAoB;AAAA,YAC1C;AAAA,YACA;AAAA,UACF;AACA,iBAAO,SAAS,EAAE,IAAI,QAAQ,SAAS;AAAA,QACzC,CAAC;AAED,aAAK,qBAAqB,YAAY;AACpC,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,UAAU,MAAM,cAAc;AACpC,gBAAM,EAAE,aAAa,gBAAgB,IACnC,MAAM,oBAAoB,OAAO,QAAQ,OAAO,OAAO;AACzD,gBAAM,UAAU,MAAM,oBAAoB;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,OAAO,EAAE,KAAK,IAAI;AAEzB,gBAAM,0BAA0B,MAAM,oBAAoB;AAAA,YACxD;AAAA,YACA;AAAA,UACF;AACA,iBAAO,eAAe,EAAE,QAAQ,uBAAuB;AAAA,QACzD,CAAC;AAED,aAAK,wCAAwC,YAAY;AACvD,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,aAAa,MAAM,YAAY;AACrC,gBAAM,UAAU,MAAM,cAAc;AACpC,gBAAM,EAAE,aAAa,gBAAgB,IACnC,MAAM,oBAAoB,OAAO,QAAQ,OAAO,OAAO;AACzD,gBAAM,UAAU,MAAM,oBAAoB;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,OAAO,EAAE,KAAK,KAAK;AAAA,QAC5B,CAAC;AAED,aAAK,0CAA0C,YAAY;AACzD,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,UAAU,MAAM,cAAc;AACpC,gBAAM,eAAe,MAAM,cAAc;AACzC,gBAAM,EAAE,aAAa,gBAAgB,IACnC,MAAM,oBAAoB,OAAO,QAAQ,OAAO,OAAO;AACzD,gBAAM,uBAAuB,MAAM,oBAAoB;AAAA,YACrD;AAAA,YACA;AAAA,UACF;AACA,gBAAM,UAAU,MAAM,oBAAoB;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,OAAO,EAAE,KAAK,KAAK;AAAA,QAC5B,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AACH;",
+  "names": []
+}

package/dist/esm/2-primitives/3-channel-attestations.js

@@ -0,0 +1,69 @@
+import {
+  getPublicKeyAsync,
+  signAsync,
+  verifyAsync,
+  hashes
+} from "@noble/ed25519";
+import { sha256, sha512 } from "@noble/hashes/webcrypto.js";
+hashes.sha512Async = sha512;
+const CHANNEL_ATTESTATION_METHOD_SHA256_ED25519 = "pk:sha2-256+ed25519";
+const CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519 = 0;
+class ChannelAttestations {
+  async register(channelAttestationMethod, channel) {
+    if (channelAttestationMethod !== CHANNEL_ATTESTATION_METHOD_SHA256_ED25519) {
+      throw new Error(
+        `Unsupported channel attestation method: ${channelAttestationMethod}`
+      );
+    }
+    const privateKey = await this.channelToPrivateKey(channel);
+    return await this.channelPublicIdFromPrivateKey(privateKey);
+  }
+  async getMethod(channelPublicId) {
+    if (channelPublicId[0] === CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519) {
+      return CHANNEL_ATTESTATION_METHOD_SHA256_ED25519;
+    } else {
+      throw new Error(`Unrecognized channel attestation method.`);
+    }
+  }
+  async channelToPrivateKey(channel) {
+    const channelBytes = new TextEncoder().encode(channel);
+    return await sha256(channelBytes);
+  }
+  async channelPublicIdFromPrivateKey(privateKey) {
+    const channelPublicIdRaw = await getPublicKeyAsync(privateKey);
+    const channelPublicId = new Uint8Array(channelPublicIdRaw.length + 1);
+    channelPublicId[0] = CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519;
+    channelPublicId.set(channelPublicIdRaw, 1);
+    return channelPublicId;
+  }
+  async attest(channelAttestationMethod, actor, channel) {
+    if (channelAttestationMethod !== CHANNEL_ATTESTATION_METHOD_SHA256_ED25519) {
+      throw new Error(
+        `Unsupported channel attestation method: ${channelAttestationMethod}`
+      );
+    }
+    const privateKey = await this.channelToPrivateKey(channel);
+    const channelPublicId = await this.channelPublicIdFromPrivateKey(privateKey);
+    const actorBytes = new TextEncoder().encode(actor);
+    const attestation = await signAsync(actorBytes, privateKey);
+    return { attestation, channelPublicId };
+  }
+  async validate(attestation, actor, channelPublicId) {
+    const prefix = channelPublicId[0];
+    if (prefix !== CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519) {
+      throw new Error(
+        `Unrecognized channel attestation method prefix: ${prefix}`
+      );
+    }
+    return await verifyAsync(
+      attestation,
+      new TextEncoder().encode(actor),
+      channelPublicId.slice(1)
+    );
+  }
+}
+export {
+  CHANNEL_ATTESTATION_METHOD_SHA256_ED25519,
+  ChannelAttestations
+};
+//# sourceMappingURL=3-channel-attestations.js.map

package/dist/esm/2-primitives/3-channel-attestations.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/3-channel-attestations.ts"],
+  "sourcesContent": ["import {\n  getPublicKeyAsync,\n  signAsync,\n  verifyAsync,\n  hashes,\n} from \"@noble/ed25519\";\nimport { sha256, sha512 } from \"@noble/hashes/webcrypto.js\";\nhashes.sha512Async = sha512;\n\nexport const CHANNEL_ATTESTATION_METHOD_SHA256_ED25519 = \"pk:sha2-256+ed25519\";\nconst CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519 = 0;\n\nexport class ChannelAttestations {\n  async register(\n    channelAttestationMethod: string,\n    channel: string,\n  ): Promise<Uint8Array> {\n    if (\n      channelAttestationMethod !== CHANNEL_ATTESTATION_METHOD_SHA256_ED25519\n    ) {\n      throw new Error(\n        `Unsupported channel attestation method: ${channelAttestationMethod}`,\n      );\n    }\n    const privateKey = await this.channelToPrivateKey(channel);\n    return await this.channelPublicIdFromPrivateKey(privateKey);\n  }\n\n  async getMethod(channelPublicId: Uint8Array): Promise<string> {\n    if (\n      channelPublicId[0] === CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519\n    ) {\n      return CHANNEL_ATTESTATION_METHOD_SHA256_ED25519;\n    } else {\n      throw new Error(`Unrecognized channel attestation method.`);\n    }\n  }\n\n  protected async channelToPrivateKey(channel: string): Promise<Uint8Array> {\n    const channelBytes = new TextEncoder().encode(channel);\n    return await sha256(channelBytes);\n  }\n  protected async channelPublicIdFromPrivateKey(\n    privateKey: Uint8Array,\n  ): Promise<Uint8Array> {\n    const channelPublicIdRaw = await getPublicKeyAsync(privateKey);\n    const channelPublicId = new Uint8Array(channelPublicIdRaw.length + 1);\n    channelPublicId[0] = CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519;\n    channelPublicId.set(channelPublicIdRaw, 1);\n    return channelPublicId;\n  }\n\n  async attest(\n    channelAttestationMethod: string,\n    actor: string,\n    channel: string,\n  ): Promise<{\n    attestation: Uint8Array;\n    channelPublicId: Uint8Array;\n  }> {\n    if (\n      channelAttestationMethod !== CHANNEL_ATTESTATION_METHOD_SHA256_ED25519\n    ) {\n      throw new Error(\n        `Unsupported channel attestation method: ${channelAttestationMethod}`,\n      );\n    }\n    const privateKey = await this.channelToPrivateKey(channel);\n    const channelPublicId =\n      await this.channelPublicIdFromPrivateKey(privateKey);\n\n    const actorBytes = new TextEncoder().encode(actor);\n    const attestation = await signAsync(actorBytes, privateKey);\n    return { attestation, channelPublicId };\n  }\n\n  async validate(\n    attestation: Uint8Array,\n    actor: string,\n    channelPublicId: Uint8Array,\n  ): Promise<boolean> {\n    const prefix = channelPublicId[0];\n    if (prefix !== CHANNEL_ATTESTATION_METHOD_PREFIX_SHA256_ED25519) {\n      throw new Error(\n        `Unrecognized channel attestation method prefix: ${prefix}`,\n      );\n    }\n\n    return await verifyAsync(\n      attestation,\n      new TextEncoder().encode(actor),\n      channelPublicId.slice(1),\n    );\n  }\n}\n"],
+  "mappings": "AAAA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,QAAQ,cAAc;AAC/B,OAAO,cAAc;AAEd,MAAM,4CAA4C;AACzD,MAAM,mDAAmD;AAElD,MAAM,oBAAoB;AAAA,EAC/B,MAAM,SACJ,0BACA,SACqB;AACrB,QACE,6BAA6B,2CAC7B;AACA,YAAM,IAAI;AAAA,QACR,2CAA2C,wBAAwB;AAAA,MACrE;AAAA,IACF;AACA,UAAM,aAAa,MAAM,KAAK,oBAAoB,OAAO;AACzD,WAAO,MAAM,KAAK,8BAA8B,UAAU;AAAA,EAC5D;AAAA,EAEA,MAAM,UAAU,iBAA8C;AAC5D,QACE,gBAAgB,CAAC,MAAM,kDACvB;AACA,aAAO;AAAA,IACT,OAAO;AACL,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AAAA,EACF;AAAA,EAEA,MAAgB,oBAAoB,SAAsC;AACxE,UAAM,eAAe,IAAI,YAAY,EAAE,OAAO,OAAO;AACrD,WAAO,MAAM,OAAO,YAAY;AAAA,EAClC;AAAA,EACA,MAAgB,8BACd,YACqB;AACrB,UAAM,qBAAqB,MAAM,kBAAkB,UAAU;AAC7D,UAAM,kBAAkB,IAAI,WAAW,mBAAmB,SAAS,CAAC;AACpE,oBAAgB,CAAC,IAAI;AACrB,oBAAgB,IAAI,oBAAoB,CAAC;AACzC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,OACJ,0BACA,OACA,SAIC;AACD,QACE,6BAA6B,2CAC7B;AACA,YAAM,IAAI;AAAA,QACR,2CAA2C,wBAAwB;AAAA,MACrE;AAAA,IACF;AACA,UAAM,aAAa,MAAM,KAAK,oBAAoB,OAAO;AACzD,UAAM,kBACJ,MAAM,KAAK,8BAA8B,UAAU;AAErD,UAAM,aAAa,IAAI,YAAY,EAAE,OAAO,KAAK;AACjD,UAAM,cAAc,MAAM,UAAU,YAAY,UAAU;AAC1D,WAAO,EAAE,aAAa,gBAAgB;AAAA,EACxC;AAAA,EAEA,MAAM,SACJ,aACA,OACA,iBACkB;AAClB,UAAM,SAAS,gBAAgB,CAAC;AAChC,QAAI,WAAW,kDAAkD;AAC/D,YAAM,IAAI;AAAA,QACR,mDAAmD,MAAM;AAAA,MAC3D;AAAA,IACF;AAEA,WAAO,MAAM;AAAA,MACX;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,MAC9B,gBAAgB,MAAM,CAAC;AAAA,IACzB;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/esm/2-primitives/4-allowed-attestations-tests.js

@@ -0,0 +1,82 @@
+import { describe, expect, test } from "vitest";
+import {
+  ALLOWED_ATTESTATION_METHOD_HMAC_SHA256,
+  AllowedAttestations
+} from "./4-allowed-attestations";
+import { randomBytes } from "@noble/hashes/utils.js";
+import {
+  StringEncoder,
+  STRING_ENCODER_METHOD_BASE64URL
+} from "./1-string-encoding";
+function allowedAttestationTests() {
+  describe("Allowed Attestation Tests", () => {
+    const allowedAttestationMethods = [ALLOWED_ATTESTATION_METHOD_HMAC_SHA256];
+    const allowedAttestations = new AllowedAttestations();
+    async function randomActor() {
+      const bytes = randomBytes();
+      const str = await new StringEncoder().encode(
+        STRING_ENCODER_METHOD_BASE64URL,
+        bytes
+      );
+      return `did:web:${str}.com`;
+    }
+    test("Invalid attestation method", async () => {
+      const actor = await randomActor();
+      await expect(
+        () => allowedAttestations.attest("invalid-method", actor)
+      ).rejects.toThrow();
+    });
+    for (const method of allowedAttestationMethods) {
+      describe(`Attestation Method: ${method}`, () => {
+        test("Valid attestation", async () => {
+          const actor = await randomActor();
+          const { attestation, ticket } = await allowedAttestations.attest(
+            method,
+            actor
+          );
+          const isValid = await allowedAttestations.validate(
+            attestation,
+            actor,
+            ticket
+          );
+          expect(isValid).toBe(true);
+        });
+        test("Wrong actor", async () => {
+          const actor = await randomActor();
+          const { attestation, ticket } = await allowedAttestations.attest(
+            method,
+            actor
+          );
+          const otherActor = await randomActor();
+          const isValid = await allowedAttestations.validate(
+            attestation,
+            otherActor,
+            ticket
+          );
+          expect(isValid).toBe(false);
+        });
+        test("Wrong ticket", async () => {
+          const actor = await randomActor();
+          const { attestation: attestation1, ticket: ticket1 } = await allowedAttestations.attest(method, actor);
+          const { attestation: attestation2, ticket: ticket2 } = await allowedAttestations.attest(method, actor);
+          const isValid1 = await allowedAttestations.validate(
+            attestation1,
+            actor,
+            ticket2
+          );
+          const isValid2 = await allowedAttestations.validate(
+            attestation2,
+            actor,
+            ticket1
+          );
+          expect(isValid1).toBe(false);
+          expect(isValid2).toBe(false);
+        });
+      });
+    }
+  });
+}
+export {
+  allowedAttestationTests
+};
+//# sourceMappingURL=4-allowed-attestations-tests.js.map

package/dist/esm/2-primitives/4-allowed-attestations-tests.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/4-allowed-attestations-tests.ts"],
+  "sourcesContent": ["import { describe, expect, test } from \"vitest\";\nimport {\n  ALLOWED_ATTESTATION_METHOD_HMAC_SHA256,\n  AllowedAttestations,\n} from \"./4-allowed-attestations\";\nimport { randomBytes } from \"@noble/hashes/utils.js\";\nimport {\n  StringEncoder,\n  STRING_ENCODER_METHOD_BASE64URL,\n} from \"./1-string-encoding\";\n\nexport function allowedAttestationTests() {\n  describe(\"Allowed Attestation Tests\", () => {\n    const allowedAttestationMethods = [ALLOWED_ATTESTATION_METHOD_HMAC_SHA256];\n    const allowedAttestations = new AllowedAttestations();\n\n    async function randomActor() {\n      const bytes = randomBytes();\n      const str = await new StringEncoder().encode(\n        STRING_ENCODER_METHOD_BASE64URL,\n        bytes,\n      );\n      return `did:web:${str}.com`;\n    }\n\n    test(\"Invalid attestation method\", async () => {\n      const actor = await randomActor();\n      await expect(() =>\n        allowedAttestations.attest(\"invalid-method\", actor),\n      ).rejects.toThrow();\n    });\n\n    for (const method of allowedAttestationMethods) {\n      describe(`Attestation Method: ${method}`, () => {\n        test(\"Valid attestation\", async () => {\n          const actor = await randomActor();\n          const { attestation, ticket } = await allowedAttestations.attest(\n            method,\n            actor,\n          );\n          const isValid = await allowedAttestations.validate(\n            attestation,\n            actor,\n            ticket,\n          );\n          expect(isValid).toBe(true);\n        });\n\n        test(\"Wrong actor\", async () => {\n          const actor = await randomActor();\n          const { attestation, ticket } = await allowedAttestations.attest(\n            method,\n            actor,\n          );\n          const otherActor = await randomActor();\n          const isValid = await allowedAttestations.validate(\n            attestation,\n            otherActor,\n            ticket,\n          );\n          expect(isValid).toBe(false);\n        });\n\n        test(\"Wrong ticket\", async () => {\n          const actor = await randomActor();\n          const { attestation: attestation1, ticket: ticket1 } =\n            await allowedAttestations.attest(method, actor);\n          const { attestation: attestation2, ticket: ticket2 } =\n            await allowedAttestations.attest(method, actor);\n          const isValid1 = await allowedAttestations.validate(\n            attestation1,\n            actor,\n            ticket2,\n          );\n          const isValid2 = await allowedAttestations.validate(\n            attestation2,\n            actor,\n            ticket1,\n          );\n          expect(isValid1).toBe(false);\n          expect(isValid2).toBe(false);\n        });\n      });\n    }\n  });\n}\n"],
+  "mappings": "AAAA,SAAS,UAAU,QAAQ,YAAY;AACvC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEA,SAAS,0BAA0B;AACxC,WAAS,6BAA6B,MAAM;AAC1C,UAAM,4BAA4B,CAAC,sCAAsC;AACzE,UAAM,sBAAsB,IAAI,oBAAoB;AAEpD,mBAAe,cAAc;AAC3B,YAAM,QAAQ,YAAY;AAC1B,YAAM,MAAM,MAAM,IAAI,cAAc,EAAE;AAAA,QACpC;AAAA,QACA;AAAA,MACF;AACA,aAAO,WAAW,GAAG;AAAA,IACvB;AAEA,SAAK,8BAA8B,YAAY;AAC7C,YAAM,QAAQ,MAAM,YAAY;AAChC,YAAM;AAAA,QAAO,MACX,oBAAoB,OAAO,kBAAkB,KAAK;AAAA,MACpD,EAAE,QAAQ,QAAQ;AAAA,IACpB,CAAC;AAED,eAAW,UAAU,2BAA2B;AAC9C,eAAS,uBAAuB,MAAM,IAAI,MAAM;AAC9C,aAAK,qBAAqB,YAAY;AACpC,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,EAAE,aAAa,OAAO,IAAI,MAAM,oBAAoB;AAAA,YACxD;AAAA,YACA;AAAA,UACF;AACA,gBAAM,UAAU,MAAM,oBAAoB;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,OAAO,EAAE,KAAK,IAAI;AAAA,QAC3B,CAAC;AAED,aAAK,eAAe,YAAY;AAC9B,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,EAAE,aAAa,OAAO,IAAI,MAAM,oBAAoB;AAAA,YACxD;AAAA,YACA;AAAA,UACF;AACA,gBAAM,aAAa,MAAM,YAAY;AACrC,gBAAM,UAAU,MAAM,oBAAoB;AAAA,YACxC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,OAAO,EAAE,KAAK,KAAK;AAAA,QAC5B,CAAC;AAED,aAAK,gBAAgB,YAAY;AAC/B,gBAAM,QAAQ,MAAM,YAAY;AAChC,gBAAM,EAAE,aAAa,cAAc,QAAQ,QAAQ,IACjD,MAAM,oBAAoB,OAAO,QAAQ,KAAK;AAChD,gBAAM,EAAE,aAAa,cAAc,QAAQ,QAAQ,IACjD,MAAM,oBAAoB,OAAO,QAAQ,KAAK;AAChD,gBAAM,WAAW,MAAM,oBAAoB;AAAA,YACzC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,gBAAM,WAAW,MAAM,oBAAoB;AAAA,YACzC;AAAA,YACA;AAAA,YACA;AAAA,UACF;AACA,iBAAO,QAAQ,EAAE,KAAK,KAAK;AAC3B,iBAAO,QAAQ,EAAE,KAAK,KAAK;AAAA,QAC7B,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF,CAAC;AACH;",
+  "names": []
+}

package/dist/esm/2-primitives/4-allowed-attestations.js

@@ -0,0 +1,51 @@
+import { sha256, hmac } from "@noble/hashes/webcrypto.js";
+import { randomBytes } from "@noble/hashes/utils.js";
+import {
+  MULTIHASH_CODE_SHA256,
+  MULTIHASH_LENGTH_SHA256
+} from "./2-content-addresses";
+const ALLOWED_ATTESTATION_METHOD_HMAC_SHA256 = "hmac:sha2-256";
+const ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC = 0;
+class AllowedAttestations {
+  async attest(allowedAttestationMethod, actor) {
+    if (allowedAttestationMethod !== ALLOWED_ATTESTATION_METHOD_HMAC_SHA256) {
+      throw new Error(
+        `Unsupported allowed attestation method: ${allowedAttestationMethod}`
+      );
+    }
+    const ticket = randomBytes();
+    const attestation = await hmac(
+      sha256,
+      ticket,
+      new TextEncoder().encode(actor)
+    );
+    const prefixedTicket = new Uint8Array(ticket.length + 3);
+    prefixedTicket[0] = ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC;
+    prefixedTicket[1] = MULTIHASH_CODE_SHA256;
+    prefixedTicket[2] = MULTIHASH_LENGTH_SHA256;
+    prefixedTicket.set(ticket, 3);
+    return { attestation, ticket: prefixedTicket };
+  }
+  async validate(attestation, actor, ticket) {
+    const typePrefix = ticket[0];
+    const hashPrefix = ticket[1];
+    const lengthPrefix = ticket[2];
+    if (typePrefix !== ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC || hashPrefix !== MULTIHASH_CODE_SHA256 || lengthPrefix !== MULTIHASH_LENGTH_SHA256) {
+      throw new Error(`Unrecognized allowed ticket format`);
+    }
+    const expected = await hmac(
+      sha256,
+      ticket.slice(3),
+      new TextEncoder().encode(actor)
+    );
+    if (attestation.length !== expected.length) {
+      return false;
+    }
+    return expected.every((b, i) => attestation[i] === b);
+  }
+}
+export {
+  ALLOWED_ATTESTATION_METHOD_HMAC_SHA256,
+  AllowedAttestations
+};
+//# sourceMappingURL=4-allowed-attestations.js.map

package/dist/esm/2-primitives/4-allowed-attestations.js.map

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../../src/2-primitives/4-allowed-attestations.ts"],
+  "sourcesContent": ["import { sha256, hmac } from \"@noble/hashes/webcrypto.js\";\nimport { randomBytes } from \"@noble/hashes/utils.js\";\nimport {\n  MULTIHASH_CODE_SHA256,\n  MULTIHASH_LENGTH_SHA256,\n} from \"./2-content-addresses\";\n\nexport const ALLOWED_ATTESTATION_METHOD_HMAC_SHA256 = \"hmac:sha2-256\";\nconst ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC = 0;\n\nexport class AllowedAttestations {\n  async attest(\n    allowedAttestationMethod: string,\n    actor: string,\n  ): Promise<{\n    attestation: Uint8Array;\n    ticket: Uint8Array;\n  }> {\n    if (allowedAttestationMethod !== ALLOWED_ATTESTATION_METHOD_HMAC_SHA256) {\n      throw new Error(\n        `Unsupported allowed attestation method: ${allowedAttestationMethod}`,\n      );\n    }\n\n    const ticket = randomBytes();\n    const attestation = await hmac(\n      sha256,\n      ticket,\n      new TextEncoder().encode(actor),\n    );\n\n    const prefixedTicket = new Uint8Array(ticket.length + 3);\n    prefixedTicket[0] = ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC;\n    prefixedTicket[1] = MULTIHASH_CODE_SHA256;\n    prefixedTicket[2] = MULTIHASH_LENGTH_SHA256;\n    prefixedTicket.set(ticket, 3);\n\n    return { attestation, ticket: prefixedTicket };\n  }\n\n  async validate(\n    attestation: Uint8Array,\n    actor: string,\n    ticket: Uint8Array,\n  ): Promise<boolean> {\n    const typePrefix = ticket[0];\n    const hashPrefix = ticket[1];\n    const lengthPrefix = ticket[2];\n    if (\n      typePrefix !== ALLOWED_ATTESTATION_METHOD_PREFIX_HMAC ||\n      hashPrefix !== MULTIHASH_CODE_SHA256 ||\n      lengthPrefix !== MULTIHASH_LENGTH_SHA256\n    ) {\n      throw new Error(`Unrecognized allowed ticket format`);\n    }\n\n    const expected = await hmac(\n      sha256,\n      ticket.slice(3),\n      new TextEncoder().encode(actor),\n    );\n\n    // Make sure the bytes are exactly equal\n    if (attestation.length !== expected.length) {\n      return false;\n    }\n    return expected.every((b, i) => attestation[i] === b);\n  }\n}\n"],
+  "mappings": "AAAA,SAAS,QAAQ,YAAY;AAC7B,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAEA,MAAM,yCAAyC;AACtD,MAAM,yCAAyC;AAExC,MAAM,oBAAoB;AAAA,EAC/B,MAAM,OACJ,0BACA,OAIC;AACD,QAAI,6BAA6B,wCAAwC;AACvE,YAAM,IAAI;AAAA,QACR,2CAA2C,wBAAwB;AAAA,MACrE;AAAA,IACF;AAEA,UAAM,SAAS,YAAY;AAC3B,UAAM,cAAc,MAAM;AAAA,MACxB;AAAA,MACA;AAAA,MACA,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,IAChC;AAEA,UAAM,iBAAiB,IAAI,WAAW,OAAO,SAAS,CAAC;AACvD,mBAAe,CAAC,IAAI;AACpB,mBAAe,CAAC,IAAI;AACpB,mBAAe,CAAC,IAAI;AACpB,mBAAe,IAAI,QAAQ,CAAC;AAE5B,WAAO,EAAE,aAAa,QAAQ,eAAe;AAAA,EAC/C;AAAA,EAEA,MAAM,SACJ,aACA,OACA,QACkB;AAClB,UAAM,aAAa,OAAO,CAAC;AAC3B,UAAM,aAAa,OAAO,CAAC;AAC3B,UAAM,eAAe,OAAO,CAAC;AAC7B,QACE,eAAe,0CACf,eAAe,yBACf,iBAAiB,yBACjB;AACA,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AAEA,UAAM,WAAW,MAAM;AAAA,MACrB;AAAA,MACA,OAAO,MAAM,CAAC;AAAA,MACd,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,IAChC;AAGA,QAAI,YAAY,WAAW,SAAS,QAAQ;AAC1C,aAAO;AAAA,IACT;AACA,WAAO,SAAS,MAAM,CAAC,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC;AAAA,EACtD;AACF;",
+  "names": []
+}