@interop/did-web-resolver 0.2.0 → 2.0.0

package/CHANGELOG.md

@@ -1,5 +1,38 @@
 # did-web-driver ChangeLog
 
+## 2.0.0 - 2022-01-01
+
+### Changed
+- Use rollup for build-time transpile instead of esm.
+- Use "no ESM" branches for all other deps.
+- `.get()` now also resolves keys (to match other did-io drivers).
+- **BREAKING**: Update ed25519 and X25519 dependencies to latest. You will have
+  to re-generate your `did:web` DID documents for this version, as the
+  key serialization formats have changed.
+
+## 1.1.0 - 2021-04-25
+
+### Added
+- Add `didWebDriver.publicMethodFor()`.
+
+## 1.0.1 - 2021-04-25
+
+### Fixed
+- Fix handling of hash fragments by `urlFromDid()`.
+- Add logger to constructor.
+
+## 1.0.0 - 2021-04-24
+
+### Changed
+- **BREAKING** Update to latest DID Core context
+- **BREAKING** Update to use crypto-ld v5 API, latest crypto suites
+- Add support for X25519KeyAgreementKey suite
+
+## 0.2.0 - 2020-08-01
+
+### Changed
+- **BREAKING**: Update to use crypto-ld v4 API
+
 ## 0.0.1
 
 ### Added

package/README.md

@@ -1,7 +1,7 @@
-# `did:web` Resolver Driver _(did-web-driver)_
+# `did:web` Resolver _(@interop/did-web-resolver)_
 
-[![Build Status](https://travis-ci.org/interop-alliance/did-web-driver.svg?branch=master&style=flat-square)](https://travis-ci.org/interop-alliance/did-web-driver)
-[![NPM Version](https://img.shields.io/npm/v/did-web-driver.svg?style=flat-square)](https://npm.im/did-web-driver)
+[![Node.js CI](https://github.com/interop-alliance/did-web-resolver/workflows/Node.js%20CI/badge.svg)](https://github.com/interop-alliance/did-web-resolver/actions?query=workflow%3A%22Node.js+CI%22)
+[![NPM Version](https://img.shields.io/npm/v/@interop/did-web-resolver.svg)](https://npm.im/@interop/did-web-resolver)
 
 > A did:web method Decentralized Identifier (DID) resolver for the did-io library.
 
@@ -33,36 +33,79 @@ Other implementations:
 
 ## Usage
 
+### Initializing
+
 ```js
+import { Ed25519VerificationKey2020 }
+  from '@digitalbazaar/ed25519-verification-key-2020'
+import { X25519KeyAgreementKey2020 }
+  from '@digitalbazaar/x25519-key-agreement-key-2020'
 import { CryptoLD } from 'crypto-ld'
-import Ed25519KeyPair from 'ed25519-key-pair'
+
+import * as didWeb from '@interop/did-web-resolver'
 
 const cryptoLd = new CryptoLD()
-cryptoLd.use(Ed25519KeyPair)
-
-import { DidWebResolver } from '@interop/did-web-resolver'
-const keyMap = { // default
-  capabilityInvocation: 'ed25519',
-  authentication: 'ed25519',
-  assertionMethod: 'ed25519',
-  capabilityDelegation: 'ed25519',
-  // keyAgreement: 'x25519'  // <- not yet supported
-}
+cryptoLd.use(Ed25519VerificationKey2020)
+cryptoLd.use(X25519KeyAgreementKey2020)
 
-const didWeb = new DidWebResolver({ cryptoLd, keyMap })
+const didWebDriver = didWeb.driver({ cryptoLd })
 
-// Optionally use it with `did-io`
-import { DidResolver } from 'did-io'
-const didIo = new DidResolver()
+// Optionally use it with the CachedResolver from did-io
+import {CachedResolver} from '@digitalbazaar/did-io';
+const resolver = new CachedResolver()
+resolver.use(didWebDriver)
+```
 
-didIo.use(didWeb)
+### Generating a new DID
+
+```js
+const { didDocument, keyPairs, methodFor } = await didWebDriver.generate()
+
+{
+  '@context': [
+    'https://www.w3.org/ns/did/v1',
+    'https://w3id.org/security/suites/ed25519-2020/v1',
+    'https://w3id.org/security/suites/x25519-2020/v1'
+  ],
+  id: 'did:web:example.com',
+  capabilityInvocation: [{
+    id: 'did:web:example.com#z6MkqUiWi2o5V5oDEVzqszpkDhzeJ2o9Z4zVyTWeASqgrgti',
+    type: 'Ed25519VerificationKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'zC2TU7nYe9YJk81A9CRruNcSeUTXJ9Bk9HSbiLAsfwU7L'
+  }],
+  authentication: [{
+    id: 'did:web:example.com#z6MksjNYAxjiTrhPFx9Ljk3SVowEtFXhFqLdsMKJHV4KrcDT',
+    type: 'Ed25519VerificationKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'zEH7VaiVH8KCv9TJe4B5beiPF4gFqqx6HBLQNTD6JwPS5'
+  }],
+  assertionMethod: [{
+    id: 'did:web:example.com#z6MkiyYa5mG4moiHrmXQea8bNvdEWRWi3KuouHqoiknGf7xV',
+    type: 'Ed25519VerificationKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'z5XHXVX1dSGDpkGghy1AkXq5EgrErdSfTDGvstUpFjuB7'
+  }],
+  capabilityDelegation: [{
+    id: 'did:web:example.com#z6MknmeMZEXLhS6g2p6YPHkQG4PkNsJev652CqnsArPm3dZa',
+    type: 'Ed25519VerificationKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'z9KPJxzGuMtcCvKFqhinZQxqkZJ2oWCpfWpswLaRk8QnC'
+  }],
+  keyAgreement: [{
+    id: 'did:web:example.com#z6LSg3dWQzpQgRpaVzNXkcosnheyhXJUQkNQQgXyDapFSCFZ',
+    type: 'X25519KeyAgreementKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'z5NTLth1Yay6qQbzmDyHvU7SVrNmMi9CFXhpHj8AiipUo'
+  }]
+}
 ```
 
 ## Install
 
 ```bash
-git clone https://github.com/interop-alliance/did-web-driver.git
-cd did-web-driver
+git clone https://github.com/interop-alliance/did-web-resolver.git
+cd did-web-resolver
 npm install
 ```
 
@@ -76,4 +119,4 @@ PRs accepted.
 
 ## License
 
-[The MIT License](LICENSE.md) © Interop Alliance and Dmitri Zagidulin
+[The MIT License](LICENSE.md) ©2020-2021 Interop Alliance and Dmitri Zagidulin

package/build-dist.sh

@@ -0,0 +1,14 @@
+mkdir ./dist/esm
+cat >dist/esm/index.js <<!EOF
+import cjsModule from '../index.js';
+export const driver = cjsModule.driver;
+export const DidWebResolver = cjsModule.DidWebResolver;
+export const didFromUrl = cjsModule.didFromUrl;
+export const urlFromDid = cjsModule.urlFromDid;
+!EOF
+
+cat >dist/esm/package.json <<!EOF
+{
+  "type": "module"
+}
+!EOF

package/dist/DidWebResolver.js

@@ -0,0 +1,336 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var httpClient = require('@digitalbazaar/http-client');
+var didIo = require('@digitalbazaar/did-io');
+var ed25519Context = require('ed25519-signature-2020-context');
+var x25519Context = require('x25519-key-agreement-2020-context');
+var didContext = require('did-context');
+
+function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
+
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n["default"] = e;
+  return Object.freeze(n);
+}
+
+var didIo__namespace = /*#__PURE__*/_interopNamespace(didIo);
+var ed25519Context__default = /*#__PURE__*/_interopDefaultLegacy(ed25519Context);
+var x25519Context__default = /*#__PURE__*/_interopDefaultLegacy(x25519Context);
+var didContext__default = /*#__PURE__*/_interopDefaultLegacy(didContext);
+
+const { VERIFICATION_RELATIONSHIPS } = didIo__namespace;
+
+const DEFAULT_KEY_MAP = {
+  capabilityInvocation: 'Ed25519VerificationKey2020',
+  authentication: 'Ed25519VerificationKey2020',
+  assertionMethod: 'Ed25519VerificationKey2020',
+  capabilityDelegation: 'Ed25519VerificationKey2020',
+  keyAgreement: 'X25519KeyAgreementKey2020'
+};
+
+function didFromUrl ({ url } = {}) {
+  if (!url) {
+    throw new TypeError('Cannot convert url to did, missing url.')
+  }
+  if (url.startsWith('http:')) {
+    throw new TypeError('did:web does not support non-HTTPS URLs.')
+  }
+
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(url);
+  } catch (error) {
+    throw new TypeError(`Invalid url: "${url}".`)
+  }
+
+  const { host, pathname } = parsedUrl;
+
+  let pathComponent = '';
+  if (pathname && pathname !== '/' && pathname !== '/.well-known/did.json') {
+    pathComponent = pathname.split('/').map(encodeURIComponent).join(':');
+  }
+
+  return 'did:web:' + encodeURIComponent(host) + pathComponent
+}
+
+function urlFromDid ({ did } = {}) {
+  if (!did) {
+    throw new TypeError('Cannot convert did to url, missing did.')
+  }
+  if (!did.startsWith('did:web:')) {
+    throw new TypeError(`DID Method not supported: "${did}".`)
+  }
+
+  const [didUrl, hashFragment] = did.split('#');
+  // eslint-disable-next-line no-unused-vars
+  // const [didResource, query] = didUrl.split('?')
+
+  // eslint-disable-next-line no-unused-vars
+  const [_did, _web, urlNoProtocol] = didUrl.split(':');
+
+  let parsedUrl;
+  try {
+    // URI-decode the url (in case it contained a port number,
+    // for example, `did:web:localhost%3A8080`
+    parsedUrl = new URL('https://' + decodeURIComponent(urlNoProtocol));
+  } catch (error) {
+    throw new TypeError(`Cannot construct url from did: "${did}".`)
+  }
+
+  if (!parsedUrl.pathname || parsedUrl.pathname === '/') {
+    parsedUrl.pathname = '/.well-known/did.json';
+  } else {
+    const pathFragments = parsedUrl.pathname.split('/');
+    parsedUrl.pathname = pathFragments.map(decodeURIComponent).join('/');
+  }
+
+  if (hashFragment) {
+    parsedUrl.hash = hashFragment;
+  }
+  return parsedUrl.toString()
+}
+
+/**
+ * Initializes the DID Document's keys/proof methods.
+ *
+ * @example
+ * didDocument.id = 'did:ex:123';
+ * const {didDocument, keyPairs} = await initKeys({
+ *   didDocument,
+ *   cryptoLd,
+ *   keyMap: {
+ *     capabilityInvocation: someExistingKey,
+ *     authentication: 'Ed25519VerificationKey2020',
+ *     assertionMethod: 'Ed25519VerificationKey2020',
+ *     keyAgreement: 'X25519KeyAgreementKey2019'
+ *   }
+ * });.
+ *
+ * @param {object} options - Options hashmap.
+ * @param {object} options.didDocument - DID Document.
+ * @typedef {object} CryptoLD
+ * @param {CryptoLD} [options.cryptoLd] - CryptoLD driver instance,
+ *   initialized with the key types this DID Document intends to support.
+ * @param {object} [options.keyMap] - Map of keys (or key types) by purpose.
+ *
+ * @returns {Promise<{didDocument: object, keyPairs: Map}>} Resolves with the
+ *   DID Document initialized with keys, as well as the map of the corresponding
+ *   key pairs (by key id).
+ */
+async function initKeys ({ didDocument, cryptoLd, keyMap = {} } = {}) {
+  const doc = { ...didDocument };
+  if (!doc.id) {
+    throw new TypeError(
+      'DID Document "id" property is required to initialize keys.')
+  }
+
+  const keyPairs = new Map();
+
+  // Set the defaults for the created keys (if needed)
+  const options = { controller: doc.id };
+
+  for (const purpose in keyMap) {
+    if (!VERIFICATION_RELATIONSHIPS.has(purpose)) {
+      throw new Error(`Unsupported key purpose: "${purpose}".`)
+    }
+
+    let key;
+    if (typeof keyMap[purpose] === 'string') {
+      if (!cryptoLd) {
+        throw new Error('Please provide an initialized CryptoLD instance.')
+      }
+      key = await cryptoLd.generate({ type: keyMap[purpose], ...options });
+    } else {
+      // An existing key has been provided
+      key = keyMap[purpose];
+    }
+
+    doc[purpose] = [key.export({ publicKey: true })];
+    keyPairs.set(key.id, key);
+  }
+
+  return { didDocument: doc, keyPairs }
+}
+
+class DidWebResolver {
+  /**
+   * @param cryptoLd {CryptoLD}
+   * @param keyMap {object}
+   * @param [logger] {object} Logger object (with .log, .error, .warn,
+   *   etc methods).
+   */
+  constructor ({ cryptoLd, keyMap = DEFAULT_KEY_MAP, logger = console } = {}) {
+    this.method = 'web'; // did:web:... (used for didIo resolver harness)
+    this.cryptoLd = cryptoLd;
+    this.keyMap = keyMap;
+    this.logger = logger;
+  }
+
+  /**
+   * Generates a new DID Document and initializes various authentication
+   * and authorization proof purpose keys.
+   *
+   * @example
+   *   const url = 'https://example.com'
+   *   const { didDocument, didKeys } = await didWeb.generate({url})
+   *   didDocument.id
+   *   // -> 'did:web:example.com'
+   *
+   *
+   * Either an `id` or a `url` is required:
+   * @param [id] {string} - A did:web DID. If absent, will be converted from url
+   * @param [url] {string}
+   *
+   * @param [keyMap=DEFAULT_KEY_MAP] {object} A hashmap of key types by purpose.
+   *
+   * @parma [cryptoLd] {object} CryptoLD instance with support for supported
+   *   crypto suites installed.
+   *
+   * @returns {Promise<{didDocument: object, keyPairs: Map,
+   *   methodFor: Function}>} Resolves with the generated DID Document, along
+   *   with the corresponding key pairs used to generate it (for storage in a
+   *   KMS).
+   */
+  async generate ({ id, url, keyMap = this.keyMap, cryptoLd = this.cryptoLd } = {}) {
+    const did = id || didFromUrl({ url });
+
+    // Compose the DID Document
+    let didDocument = {
+      '@context': [
+        didContext__default["default"].constants.DID_CONTEXT_URL,
+        ed25519Context__default["default"].constants.CONTEXT_URL,
+        x25519Context__default["default"].constants.CONTEXT_URL
+      ],
+      id: did
+    };
+
+    const result = await initKeys({ didDocument, cryptoLd, keyMap });
+    const keyPairs = result.keyPairs;
+    didDocument = result.didDocument;
+
+    // Convenience function that returns the public/private key pair instance
+    // for a given purpose (authentication, assertionMethod, keyAgreement, etc).
+    const methodFor = ({ purpose }) => {
+      const { id: methodId } = didIo__namespace.findVerificationMethod({
+        doc: didDocument, purpose
+      });
+      return keyPairs.get(methodId)
+    };
+
+    return { didDocument, keyPairs, methodFor }
+  }
+
+  /**
+   * Fetches a DID Document for a given DID.
+   *
+   * @example
+   * // In Node.js tests, use an agent to avoid self-signed certificate errors
+   * const agent = new https.agent({rejectUnauthorized: false});
+   *
+   * @param {string} [did] For example, 'did:web:example.com'
+   * @param {string} [url]
+   * @param {https.Agent} [agent] Optional agent used to customize network
+   *   behavior in Node.js (such as `rejectUnauthorized: false`).
+   * @param {object} [logger] Logger object (with .log, .error, .warn,
+   *   etc methods).
+   *
+   * @throws {Error}
+   *
+   * @returns {Promise<object>} Plain parsed JSON object of the DID Document.
+   */
+  async get ({ did, url, agent, logger = this.logger }) {
+    const didUrl = url || urlFromDid({ did });
+    if (!didUrl) {
+      throw new TypeError('A DID or a URL is required.')
+    }
+
+    const [urlAuthority, keyIdFragment] = didUrl.split('#');
+
+    let didDocument;
+    try {
+      logger.info(`Fetching "${urlAuthority}" via http client.`);
+      const result = await httpClient.httpClient.get(urlAuthority, { agent });
+      didDocument = result.data;
+    } catch (e) {
+      // status is HTTP status code
+      // data is JSON error from the server if available
+      const { data, status } = e;
+      logger.error(`Http ${status} error:`, data);
+      throw e
+    }
+    if (didDocument && keyIdFragment) {
+      // resolve an individual key
+      // Keys are expected to have format: <did:web:...>#<keyIdFragment>
+      const didAuthority = didFromUrl({ url: urlAuthority });
+      const methodId = `${didAuthority}#${keyIdFragment}`;
+
+      const key = didIo__namespace.findVerificationMethod({ doc: didDocument, methodId });
+      if (!key) {
+        throw new Error(`Key id ${methodId} not found.`)
+      }
+
+      const keyPair = await this.cryptoLd.from(key);
+
+      return keyPair.export({ publicKey: true, includeContext: true })
+    }
+
+    return didDocument
+  }
+
+  /**
+   * Returns the public key (verification method) object for a given DID
+   * Document and purpose. Useful in conjunction with a `.get()` call.
+   *
+   * @example
+   * const didDocument = await didKeyDriver.get({did});
+   * const authKeyData = didDriver.publicMethodFor({
+   *   didDocument, purpose: 'authentication'
+   * });
+   * // You can then create a suite instance object to verify signatures etc.
+   * const authPublicKey = await cryptoLd.from(authKeyData);
+   * const {verify} = authPublicKey.verifier();
+   *
+   * @param {object} options - Options hashmap.
+   * @param {object} options.didDocument - DID Document (retrieved via a
+   *   `.get()` or from some other source).
+   * @param {string} options.purpose - Verification method purpose, such as
+   *   'authentication', 'assertionMethod', 'keyAgreement' and so on.
+   *
+   * @returns {object} Returns the public key object (obtained from the DID
+   *   Document), without a `@context`.
+   */
+  publicMethodFor ({ didDocument, purpose } = {}) {
+    if (!didDocument) {
+      throw new TypeError('The "didDocument" parameter is required.')
+    }
+    if (!purpose) {
+      throw new TypeError('The "purpose" parameter is required.')
+    }
+
+    const method = didIo__namespace.findVerificationMethod({ doc: didDocument, purpose });
+    if (!method) {
+      throw new Error(`No verification method found for purpose "${purpose}"`)
+    }
+    return method
+  }
+}
+
+exports.DidWebResolver = DidWebResolver;
+exports.didFromUrl = didFromUrl;
+exports.initKeys = initKeys;
+exports.urlFromDid = urlFromDid;

package/dist/esm/index.js

@@ -0,0 +1,5 @@
+import cjsModule from '../index.js';
+export const driver = cjsModule.driver;
+export const DidWebResolver = cjsModule.DidWebResolver;
+export const didFromUrl = cjsModule.didFromUrl;
+export const urlFromDid = cjsModule.urlFromDid;

package/dist/esm/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}

package/dist/index.js

@@ -0,0 +1,14 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var DidWebResolver = require('./DidWebResolver.js');
+
+const driver = options => {
+  return new DidWebResolver.DidWebResolver(options)
+};
+
+exports.DidWebResolver = DidWebResolver.DidWebResolver;
+exports.didFromUrl = DidWebResolver.didFromUrl;
+exports.urlFromDid = DidWebResolver.urlFromDid;
+exports.driver = driver;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@interop/did-web-resolver",
   "description": "A did:web method Decentralized Identifier (DID) resolver for the did-io library.",
-  "version": "0.2.0",
+  "version": "2.0.0",
   "author": {
     "name": "Dmitri Zagidulin",
     "url": "https://github.com/dmitrizagidulin/"
@@ -14,45 +14,70 @@
   "homepage": "https://github.com/interop-alliance/did-web-driver",
   "bugs": "https://github.com/interop-alliance/did-web-driver/issues",
   "scripts": {
+    "rollup": "rollup -c rollup.config.js",
+    "build": "npm run clear && npm run rollup && ./build-dist.sh",
+    "clear": "rimraf dist/ && mkdir dist",
+    "prepare": "npm run build",
+    "rebuild": "npm run clear && npm run build",
     "test": "npm run standard && npm run test-node",
     "test-node": "cross-env NODE_ENV=test mocha -r esm --preserve-symlinks -t 10000 test/**/*.spec.js",
     "test-karma": "karma start test/karma.conf.js",
     "nyc": "cross-env NODE_ENV=test nyc npm run test-node",
     "standard": "standard --fix"
   },
+  "files": [
+    "dist",
+    "src",
+    "rollup.config.js",
+    "build-dist.sh",
+    "README.md",
+    "LICENSE"
+  ],
+  "main": "dist/index.js",
+  "module": "dist/esm/index.js",
+  "exports": {
+    ".": {
+      "require": "./dist/index.js",
+      "import": "./dist/esm/index.js"
+    }
+  },
   "dependencies": {
-    "did-context": "^2.0.0",
-    "did-io": "digitalbazaar/did-io#v0.9.0-rc1",
-    "esm": "^3.2.25",
-    "whatwg-url": "^8.1.0"
+    "@digitalbazaar/did-io": "digitalbazaar/did-io#noesm",
+    "@digitalbazaar/http-client": "digitalbazaar/http-client#noesm",
+    "did-context": "digitalbazaar/did-context#nofs",
+    "ed25519-signature-2020-context": "^1.1.0",
+    "x25519-key-agreement-2020-context": "digitalbazaar/x25519-key-agreement-2020-context#nofs"
   },
   "devDependencies": {
-    "@babel/core": "^7.11.0",
-    "@babel/plugin-transform-modules-commonjs": "^7.10.4",
-    "@babel/plugin-transform-runtime": "^7.11.0",
-    "@babel/preset-env": "^7.11.0",
-    "@babel/runtime": "^7.11.0",
-    "@digitalbazaar/ed25519-verification-key-2018": "^1.0.0",
-    "babel-loader": "^8.1.0",
-    "chai": "^4.2.0",
-    "cross-env": "^7.0.2",
-    "crypto-ld": "^4.0.2",
+    "@babel/core": "^7.16.7",
+    "@babel/plugin-transform-modules-commonjs": "^7.16.7",
+    "@babel/plugin-transform-runtime": "^7.16.7",
+    "@babel/preset-env": "^7.16.7",
+    "@babel/runtime": "^7.16.7",
+    "@digitalbazaar/ed25519-verification-key-2020": "^3.2.0",
+    "@digitalbazaar/x25519-key-agreement-key-2020": "^2.0.0",
+    "babel-loader": "^8.2.3",
+    "chai": "^4.3.4",
+    "cross-env": "^7.0.3",
+    "crypto-ld": "^6.0.0",
+    "esm": "^3.2.25",
     "dirty-chai": "^2.0.1",
-    "karma": "^5.1.1",
+    "karma": "^6.3.9",
     "karma-babel-preprocessor": "^8.0.1",
     "karma-chai": "^0.1.0",
     "karma-chrome-launcher": "^3.1.0",
     "karma-mocha": "^2.0.1",
     "karma-mocha-reporter": "^2.2.5",
-    "karma-sourcemap-loader": "^0.3.7",
-    "karma-webpack": "^4.0.2",
-    "mocha": "^8.1.0",
+    "karma-sourcemap-loader": "^0.3.8",
+    "karma-webpack": "^5.0.0",
+    "mocha": "^8.4.0",
     "nyc": "^15.1.0",
-    "sinon": "^9.0.2",
-    "standard": "^14.3.4",
-    "webpack": "^5.0.0-beta.22"
+    "sinon": "^12.0.1",
+    "standard": "^16.0.4",
+    "rimraf": "^3.0.2",
+    "rollup": "^2.62.0",
+    "webpack": "^5.65.0"
   },
-  "main": "src/main.js",
   "nyc": {
     "reporter": [
       "html",

package/rollup.config.js

@@ -0,0 +1,15 @@
+import pkg from './package.json'
+
+export default [
+  {
+    input: './src/index.js',
+    output: [
+      {
+        dir: 'dist',
+        format: 'cjs',
+        preserveModules: true
+      }
+    ],
+    external: Object.keys(pkg.dependencies).concat(['crypto', 'util'])
+  }
+]