@ixo/ucan 1.0.0

package/.eslintrc.js

@@ -0,0 +1,9 @@
+/** @type {import("eslint").Linter.Config} */
+module.exports = {
+  extends: ['@ixo/eslint-config/nest.js'],
+  parserOptions: {
+    project: 'tsconfig.json',
+    tsconfigRootDir: __dirname,
+    sourceType: 'module',
+  },
+};

package/.prettierignore

@@ -0,0 +1,3 @@
+pnpm-lock.yaml
+
+node_modules

package/.prettierrc.js

@@ -0,0 +1,4 @@
+/** @type {import("prettier").Config} */
+module.exports = {
+  ...require('@ixo/eslint-config/prettier-base'),
+};

package/.turbo/turbo-build.log

@@ -0,0 +1,4 @@
+
+> @ixo/ucan@1.0.0 build /home/runner/actions-runner/_work/ixo-oracles-boilerplate/ixo-oracles-boilerplate/packages/ucan
+> tsc
+

package/README.md

@@ -0,0 +1,189 @@
+# @ixo/ucan
+
+UCAN (User Controlled Authorization Networks) implementation for IXO Services. This package wraps the battle-tested [ucanto](https://github.com/storacha/ucanto) library and provides IXO-specific extensions for DID resolution and MCP tool authorization.
+
+## Features
+
+- **did:ixo Resolution**: Resolve IXO DIDs to their public keys via the IXO blockchain indexer
+- **MCP Capability Definitions**: Pre-built capability schemas for MCP tool authorization
+- **Server & Client Helpers**: Easy setup for ucanto servers and clients with IXO defaults
+- **Replay Protection**: In-memory invocation store to prevent replay attacks
+
+## Installation
+
+```bash
+pnpm add @ixo/ucan
+```
+
+## Quick Start
+
+### Server-Side (Oracle)
+
+```typescript
+import { createIxoServer, MCPCall } from '@ixo/ucan';
+import { provide } from '@ucanto/server';
+
+// Create a handler for MCP tool calls
+const mcpCallHandler = provide(MCPCall, async ({ capability, invocation }) => {
+  const { with: resourceUri } = capability;
+
+  // Parse the resource URI to get server/tool info
+  // Format: ixo:oracle:{oracleDid}:mcp/{serverName}/{toolName}
+
+  // Execute the MCP tool...
+  return { ok: { result: 'success' } };
+});
+
+// Create the server
+const { server, did } = createIxoServer({
+  privateKey: process.env.ORACLE_PRIVATE_KEY!,
+  rootIssuers: [process.env.ADMIN_DID!],
+  indexerUrl: 'https://blocksync.ixo.earth/graphql',
+  service: {
+    mcp: { call: mcpCallHandler }
+  }
+});
+
+console.log('Server DID:', did);
+```
+
+### Client-Side
+
+```typescript
+import { createIxoClient, createMCPResourceURI } from '@ixo/ucan';
+
+// Create a client
+const client = createIxoClient({
+  privateKey: myPrivateKey,
+  serverDid: 'did:key:z6Mk...',
+  endpoint: 'https://oracle.ixo.earth/ucan'
+});
+
+// Invoke an MCP tool capability
+const result = await client.invoke({
+  can: 'mcp/call',
+  with: createMCPResourceURI('did:ixo:oracle123', 'postgres', 'query'),
+  nb: { args: { sql: 'SELECT * FROM users' } }
+});
+
+// Or delegate capability to another user
+const delegation = await client.delegate({
+  audience: 'did:ixo:alice',
+  capabilities: [{
+    can: 'mcp/call',
+    with: createMCPResourceURI('did:ixo:oracle123', 'postgres', '*')
+  }],
+  expiration: Math.floor(Date.now() / 1000) + 86400 // 24 hours
+});
+```
+
+## Capability URI Format
+
+MCP capabilities use the following URI format:
+
+```
+ixo:oracle:{oracleDid}:mcp/{serverName}/{toolName}
+```
+
+Examples:
+- `ixo:oracle:did:ixo:abc123:mcp/postgres/query` - Specific tool
+- `ixo:oracle:did:ixo:abc123:mcp/postgres/*` - All tools in server (wildcard)
+- `ixo:oracle:did:ixo:abc123:mcp/*` - All MCP tools (wildcard)
+
+## DID Resolution
+
+The package supports multiple DID methods:
+
+- **did:key** - Handled natively by ucanto
+- **did:ixo** - Resolved via IXO blockchain indexer
+
+```typescript
+import { createIxoDIDResolver, createCompositeDIDResolver } from '@ixo/ucan';
+
+const ixoResolver = createIxoDIDResolver({
+  indexerUrl: 'https://blocksync.ixo.earth/graphql'
+});
+
+// Create a composite resolver for multiple DID methods
+const resolver = createCompositeDIDResolver([ixoResolver]);
+```
+
+## Replay Protection
+
+The package includes an in-memory invocation store for replay protection:
+
+```typescript
+import { InMemoryInvocationStore } from '@ixo/ucan';
+
+const store = new InMemoryInvocationStore({
+  defaultTtlMs: 24 * 60 * 60 * 1000, // 24 hours
+  cleanupIntervalMs: 60 * 60 * 1000,  // 1 hour
+});
+
+// Check if invocation was already used
+if (await store.has(invocationCid)) {
+  throw new Error('Replay attack detected');
+}
+
+// Mark as used
+await store.add(invocationCid);
+```
+
+## Integration with Oracle
+
+See the oracle app's `src/ucan/` directory for a complete integration example:
+
+- `ucan.config.ts` - Configuration for MCP UCAN requirements
+- `ucan.service.ts` - NestJS service for validation
+- `ucan.module.ts` - NestJS module
+
+## Environment Variables
+
+For the IXO DID resolver:
+
+```env
+BLOCKSYNC_GRAPHQL_URL=https://blocksync.ixo.earth/graphql
+```
+
+For UCAN configuration:
+
+```env
+ORACLE_ENTITY_DID=did:ixo:your-oracle-did
+UCAN_ROOT_ISSUERS=did:ixo:admin1,did:ixo:admin2
+UCAN_PROTECTED_MCP_SERVERS=postgres,redis
+```
+
+## API Reference
+
+### Types
+
+- `IxoDID` - IXO DID type (`did:ixo:${string}`)
+- `KeyDID` - Key DID type (`did:key:${string}`)
+- `MCPResourceURI` - MCP resource URI type
+- `MCPUCANConfig` - Configuration for MCP UCAN requirements
+- `InvocationStore` - Interface for replay protection stores
+- `DIDKeyResolver` - DID resolver function type
+
+### Functions
+
+- `createIxoServer(options)` - Create a ucanto server with IXO defaults
+- `createIxoClient(options)` - Create a ucanto client with IXO defaults
+- `createIxoDIDResolver(config)` - Create a did:ixo resolver
+- `createCompositeDIDResolver(resolvers)` - Combine multiple DID resolvers
+- `createMCPResourceURI(oracleDid, serverName, toolName)` - Build MCP resource URI
+- `parseMCPResourceURI(uri)` - Parse MCP resource URI into components
+- `createInvocationStore(options)` - Create an invocation store
+
+### Capabilities
+
+- `MCPCall` - Capability for calling MCP tools
+
+## TODO
+
+- [ ] Add Redis implementation for distributed deployments
+- [ ] Add SQLite implementation for persistence
+- [ ] Add delegation management utilities
+- [ ] Add capability inspection utilities
+- [ ] Add support for capability revocation lists
+- [ ] Add support for time-based restrictions in caveats
+

package/dist/capabilities/capability.d.ts

@@ -0,0 +1,33 @@
+import { Schema } from '@ucanto/validator';
+import type { Capability as UcantoCapability } from '@ucanto/interface';
+export { Schema };
+type Infer<T> = T extends {
+    read(input: unknown): {
+        ok: infer O;
+    } | {
+        error: unknown;
+    };
+} ? O : never;
+type InferStruct<U extends Record<string, unknown>> = {
+    [K in keyof U]: Infer<U[K]>;
+};
+export interface DefineCapabilityOptions<NBSchema extends Record<string, any> = Record<string, never>> {
+    can: string;
+    protocol?: string;
+    supportWildcards?: boolean;
+    nb?: NBSchema;
+    derives?: (claimed: {
+        with: string;
+        nb?: InferStruct<NBSchema>;
+    }, delegated: {
+        with: string;
+        nb?: InferStruct<NBSchema>;
+    }) => {
+        ok: Record<string, never>;
+    } | {
+        error: Error;
+    };
+}
+export declare function defineCapability<NBSchema extends Record<string, any> = Record<string, never>>(options: DefineCapabilityOptions<NBSchema>): import("@ucanto/interface").TheCapabilityParser<import("@ucanto/interface").CapabilityMatch<`${string}/${string}`, import("@ucanto/interface").URI<`${string}:`>, Schema.InferStruct<{}>>>;
+export type { UcantoCapability, Infer, InferStruct };
+//# sourceMappingURL=capability.d.ts.map

package/dist/capabilities/capability.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capability.d.ts","sourceRoot":"","sources":["../../src/capabilities/capability.ts"],"names":[],"mappings":"AAWA,OAAO,EAAmB,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,KAAK,EAAE,UAAU,IAAI,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAGxE,OAAO,EAAE,MAAM,EAAE,CAAC;AAUlB,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS;IAAE,IAAI,CAAC,KAAK,EAAE,OAAO,GAAG;QAAE,EAAE,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG;QAAE,KAAK,EAAE,OAAO,CAAA;KAAE,CAAA;CAAE,GACpF,CAAC,GACD,KAAK,CAAC;AAMV,KAAK,WAAW,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI;KACnD,CAAC,IAAI,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;CAC5B,CAAC;AA+BF,MAAM,WAAW,uBAAuB,CAGtC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC;IAM5D,GAAG,EAAE,MAAM,CAAC;IAOZ,QAAQ,CAAC,EAAE,MAAM,CAAC;IAOlB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAe3B,EAAE,CAAC,EAAE,QAAQ,CAAC;IAsBd,OAAO,CAAC,EAAE,CACR,OAAO,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAA;KAAE,EACrD,SAAS,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAA;KAAE,KACpD;QAAE,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;KAAE,GAAG;QAAE,KAAK,EAAE,KAAK,CAAA;KAAE,CAAC;CACvD;AAuCD,wBAAgB,gBAAgB,CAAC,QAAQ,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,EAC3F,OAAO,EAAE,uBAAuB,CAAC,QAAQ,CAAC,8LAsE3C;AAGD,YAAY,EAAE,gBAAgB,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC"}

package/dist/capabilities/capability.js

@@ -0,0 +1,53 @@
+import { capability, URI, Schema } from '@ucanto/validator';
+export { Schema };
+export function defineCapability(options) {
+    const protocol = (options.protocol ?? 'urn:');
+    const supportWildcards = options.supportWildcards ?? true;
+    const nbSchema = options.nb
+        ? Schema.struct(options.nb)
+        : Schema.struct({});
+    return capability({
+        can: options.can,
+        with: URI.match({ protocol }),
+        nb: nbSchema,
+        derives: (claimed, delegated) => {
+            const claimedUri = claimed.with;
+            const delegatedUri = delegated.with;
+            if (claimedUri !== delegatedUri) {
+                if (supportWildcards) {
+                    if (delegatedUri.endsWith('/*')) {
+                        const baseUri = delegatedUri.slice(0, -1);
+                        if (!claimedUri.startsWith(baseUri)) {
+                            return {
+                                error: new Error(`Resource '${claimedUri}' not covered by '${delegatedUri}'`),
+                            };
+                        }
+                    }
+                    else if (delegatedUri.endsWith(':*')) {
+                        const baseUri = delegatedUri.slice(0, -1);
+                        if (!claimedUri.startsWith(baseUri)) {
+                            return {
+                                error: new Error(`Resource '${claimedUri}' not covered by '${delegatedUri}'`),
+                            };
+                        }
+                    }
+                    else {
+                        return {
+                            error: new Error(`Resource '${claimedUri}' does not match '${delegatedUri}'`),
+                        };
+                    }
+                }
+                else {
+                    return {
+                        error: new Error(`Resource '${claimedUri}' does not match '${delegatedUri}'`),
+                    };
+                }
+            }
+            if (options.derives) {
+                return options.derives({ with: claimedUri, nb: claimed.nb }, { with: delegatedUri, nb: delegated.nb });
+            }
+            return { ok: {} };
+        },
+    });
+}
+//# sourceMappingURL=capability.js.map

package/dist/capabilities/capability.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"capability.js","sourceRoot":"","sources":["../../src/capabilities/capability.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAI5D,OAAO,EAAE,MAAM,EAAE,CAAC;AA0JlB,MAAM,UAAU,gBAAgB,CAC9B,OAA0C;IAE1C,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAiB,CAAC;IAC9D,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,IAAI,CAAC;IAG1D,MAAM,QAAQ,GAAG,OAAO,CAAC,EAAE;QACzB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAyC,CAAC;QAClE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAEtB,OAAO,UAAU,CAAC;QAChB,GAAG,EAAE,OAAO,CAAC,GAA4B;QACzC,IAAI,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC;QAC7B,EAAE,EAAE,QAAQ;QACZ,OAAO,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,EAAE;YAC9B,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;YAChC,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC;YAGpC,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;gBAEhC,IAAI,gBAAgB,EAAE,CAAC;oBAErB,IAAI,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;wBAChC,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;wBAC1C,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;4BACpC,OAAO;gCACL,KAAK,EAAE,IAAI,KAAK,CACd,aAAa,UAAU,qBAAqB,YAAY,GAAG,CAC5D;6BACF,CAAC;wBACJ,CAAC;oBACH,CAAC;yBAEI,IAAI,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;wBACrC,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;wBAC1C,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;4BACpC,OAAO;gCACL,KAAK,EAAE,IAAI,KAAK,CACd,aAAa,UAAU,qBAAqB,YAAY,GAAG,CAC5D;6BACF,CAAC;wBACJ,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,OAAO;4BACL,KAAK,EAAE,IAAI,KAAK,CACd,aAAa,UAAU,qBAAqB,YAAY,GAAG,CAC5D;yBACF,CAAC;oBACJ,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,OAAO;wBACL,KAAK,EAAE,IAAI,KAAK,CACd,aAAa,UAAU,qBAAqB,YAAY,GAAG,CAC5D;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;YAGD,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,OAAO,CAAC,OAAO,CACpB,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,OAAO,CAAC,EAA2B,EAAE,EAC7D,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,EAAE,SAAS,CAAC,EAA2B,EAAE,CAClE,CAAC;YACJ,CAAC;YAED,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;QACpB,CAAC;KACF,CAAC,CAAC;AACL,CAAC"}

package/dist/client/create-client.d.ts

@@ -0,0 +1,33 @@
+import * as Client from '@ucanto/client';
+import type { Signer, Delegation, Capability } from '@ucanto/interface';
+import type { SupportedDID } from '../types.js';
+export declare function generateKeypair(): Promise<{
+    signer: Signer;
+    did: string;
+    privateKey: string;
+}>;
+export declare function parseSigner(privateKey: string, did?: SupportedDID): Signer;
+export declare function signerFromMnemonic(mnemonic: string, did?: SupportedDID): Promise<{
+    signer: Signer;
+    did: string;
+    privateKey: string;
+}>;
+export declare function createDelegation(options: {
+    issuer: Signer;
+    audience: string;
+    capabilities: Capability[];
+    expiration?: number;
+    notBefore?: number;
+    proofs?: Delegation[];
+}): Promise<Delegation>;
+export declare function createInvocation(options: {
+    issuer: Signer;
+    audience: string;
+    capability: Capability;
+    proofs?: Delegation[];
+}): Promise<Client.IssuedInvocationView<Client.Capability<Client.Ability, `${string}:${string}`, unknown>>>;
+export declare function serializeInvocation(invocation: Awaited<ReturnType<typeof createInvocation>>): Promise<string>;
+export declare function serializeDelegation(delegation: Delegation): Promise<string>;
+export declare function parseDelegation(serialized: string): Promise<Delegation>;
+export type { Signer, Delegation, Capability };
+//# sourceMappingURL=create-client.d.ts.map

package/dist/client/create-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create-client.d.ts","sourceRoot":"","sources":["../../src/client/create-client.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAEzC,OAAO,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAa,MAAM,mBAAmB,CAAC;AACnF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAmChD,wBAAsB,eAAe,IAAI,OAAO,CAAC;IAC/C,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC,CAOD;AASD,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,YAAY,GAAG,MAAM,CAM1E;AAqBD,wBAAsB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC;IACtF,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC,CAkDD;AA2BD,wBAAsB,gBAAgB,CAAC,OAAO,EAAE;IAE9C,MAAM,EAAE,MAAM,CAAC;IAEf,QAAQ,EAAE,MAAM,CAAC;IAEjB,YAAY,EAAE,UAAU,EAAE,CAAC;IAE3B,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,MAAM,CAAC,EAAE,UAAU,EAAE,CAAC;CACvB,GAAG,OAAO,CAAC,UAAU,CAAC,CAatB;AA6BD,wBAAsB,gBAAgB,CAAC,OAAO,EAAE;IAE9C,MAAM,EAAE,MAAM,CAAC;IAEf,QAAQ,EAAE,MAAM,CAAC;IAEjB,UAAU,EAAE,UAAU,CAAC;IAEvB,MAAM,CAAC,EAAE,UAAU,EAAE,CAAC;CACvB,2GAUA;AAQD,wBAAsB,mBAAmB,CACvC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC,GACvD,OAAO,CAAC,MAAM,CAAC,CAmBjB;AAQD,wBAAsB,mBAAmB,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAejF;AAQD,wBAAsB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAgB7E;AAGD,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC"}

package/dist/client/create-client.js

@@ -0,0 +1,104 @@
+import * as Client from '@ucanto/client';
+import { ed25519 } from '@ucanto/principal';
+function createPrincipal(did) {
+    if (did.startsWith('did:key:')) {
+        return ed25519.Verifier.parse(did);
+    }
+    return {
+        did: () => did,
+    };
+}
+export async function generateKeypair() {
+    const signer = await ed25519.Signer.generate();
+    return {
+        signer,
+        did: signer.did(),
+        privateKey: ed25519.Signer.format(signer),
+    };
+}
+export function parseSigner(privateKey, did) {
+    const signer = ed25519.Signer.parse(privateKey);
+    if (did) {
+        return signer.withDID(did);
+    }
+    return signer;
+}
+export async function signerFromMnemonic(mnemonic, did) {
+    const { Ed25519, sha256 } = await import('@cosmjs/crypto');
+    const { toUtf8 } = await import('@cosmjs/encoding');
+    const seed = sha256(toUtf8(mnemonic.trim())).slice(0, 32);
+    const keypair = await Ed25519.makeKeypair(seed);
+    const ED25519_PRIV_MULTICODEC = new Uint8Array([0x80, 0x26]);
+    const ED25519_PUB_MULTICODEC = new Uint8Array([0xed, 0x01]);
+    const keyMaterial = new Uint8Array(ED25519_PRIV_MULTICODEC.length +
+        seed.length +
+        ED25519_PUB_MULTICODEC.length +
+        keypair.pubkey.length);
+    keyMaterial.set(ED25519_PRIV_MULTICODEC, 0);
+    keyMaterial.set(seed, ED25519_PRIV_MULTICODEC.length);
+    keyMaterial.set(ED25519_PUB_MULTICODEC, ED25519_PRIV_MULTICODEC.length + seed.length);
+    keyMaterial.set(keypair.pubkey, ED25519_PRIV_MULTICODEC.length + seed.length + ED25519_PUB_MULTICODEC.length);
+    const base64 = Buffer.from(keyMaterial).toString('base64');
+    const multibasePrivateKey = 'M' + base64;
+    let signer = ed25519.Signer.parse(multibasePrivateKey);
+    const finalSigner = did ? signer.withDID(did) : signer;
+    return {
+        signer: finalSigner,
+        did: finalSigner.did(),
+        privateKey: multibasePrivateKey,
+    };
+}
+export async function createDelegation(options) {
+    const audiencePrincipal = createPrincipal(options.audience);
+    return Client.delegate({
+        issuer: options.issuer,
+        audience: audiencePrincipal,
+        capabilities: options.capabilities,
+        expiration: options.expiration,
+        proofs: options.proofs,
+        notBefore: options.notBefore,
+    });
+}
+export async function createInvocation(options) {
+    const audiencePrincipal = createPrincipal(options.audience);
+    return Client.invoke({
+        issuer: options.issuer,
+        audience: audiencePrincipal,
+        capability: options.capability,
+        proofs: options.proofs ?? [],
+    });
+}
+export async function serializeInvocation(invocation) {
+    const built = await invocation.buildIPLDView();
+    const archive = await built.archive();
+    if (archive.error) {
+        throw new Error(`Failed to archive invocation: ${archive.error?.message ?? 'unknown'}`);
+    }
+    if (!archive.ok) {
+        throw new Error('Failed to archive invocation: no data returned');
+    }
+    return Buffer.from(archive.ok).toString('base64');
+}
+export async function serializeDelegation(delegation) {
+    const archive = await delegation.archive();
+    if (archive.error) {
+        throw new Error(`Failed to archive delegation: ${archive.error.message}`);
+    }
+    if (!archive.ok) {
+        throw new Error('Failed to archive delegation: no data returned');
+    }
+    return Buffer.from(archive.ok).toString('base64');
+}
+export async function parseDelegation(serialized) {
+    const { extract } = await import('@ucanto/core/delegation');
+    const bytes = new Uint8Array(Buffer.from(serialized, 'base64'));
+    const result = await extract(bytes);
+    if (result.error) {
+        throw new Error(`Failed to parse delegation: ${result.error?.message ?? 'unknown error'}`);
+    }
+    if (!result.ok) {
+        throw new Error('Failed to parse delegation: no data returned');
+    }
+    return result.ok;
+}
+//# sourceMappingURL=create-client.js.map

package/dist/client/create-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"create-client.js","sourceRoot":"","sources":["../../src/client/create-client.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAY5C,SAAS,eAAe,CAAC,GAAW;IAElC,IAAI,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrC,CAAC;IAID,OAAO;QACL,GAAG,EAAE,GAAG,EAAE,CAAC,GAAgC;KAC5C,CAAC;AACJ,CAAC;AAcD,MAAM,CAAC,KAAK,UAAU,eAAe;IAKnC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;IAC/C,OAAO;QACL,MAAM;QACN,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE;QACjB,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;KAC1C,CAAC;AACJ,CAAC;AASD,MAAM,UAAU,WAAW,CAAC,UAAkB,EAAE,GAAkB;IAChE,MAAM,MAAM,GAAI,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACjD,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAqBD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,QAAgB,EAAE,GAAkB;IAO3E,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAC3D,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAIpD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAUhD,MAAM,uBAAuB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAC7D,MAAM,sBAAsB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;IAG5D,MAAM,WAAW,GAAG,IAAI,UAAU,CAChC,uBAAuB,CAAC,MAAM;QAC5B,IAAI,CAAC,MAAM;QACX,sBAAsB,CAAC,MAAM;QAC7B,OAAO,CAAC,MAAM,CAAC,MAAM,CACxB,CAAC;IACF,WAAW,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC;IAC5C,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,CAAC;IACtD,WAAW,CAAC,GAAG,CAAC,sBAAsB,EAAE,uBAAuB,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IACtF,WAAW,CAAC,GAAG,CACb,OAAO,CAAC,MAAM,EACd,uBAAuB,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,GAAG,sBAAsB,CAAC,MAAM,CAC7E,CAAC;IAGF,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3D,MAAM,mBAAmB,GAAG,GAAG,GAAG,MAAM,CAAC;IAGzC,IAAI,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACvD,MAAM,WAAW,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAEvD,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,GAAG,EAAE,WAAW,CAAC,GAAG,EAAE;QACtB,UAAU,EAAE,mBAAmB;KAChC,CAAC;AACJ,CAAC;AA2BD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAatC;IAEC,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAG5D,OAAO,MAAM,CAAC,QAAQ,CAAC;QACrB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,iBAAiB;QAC3B,YAAY,EAAE,OAAO,CAAC,YAAmB;QACzC,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,SAAS,EAAE,OAAO,CAAC,SAAS;KAC7B,CAAC,CAAC;AACL,CAAC;AA6BD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAStC;IAEC,MAAM,iBAAiB,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAE5D,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,iBAAiB;QAC3B,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;KAC7B,CAAC,CAAC;AACL,CAAC;AAQD,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,UAAwD;IAGxD,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC;IAG/C,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;IAEtC,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CACb,iCAAiC,OAAO,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,EAAE,CACvE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IAGD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpD,CAAC;AAQD,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,UAAsB;IAE9D,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,CAAC;IAG3C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,iCAAiC,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IAGD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpD,CAAC;AAQD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,UAAkB;IACtD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;IAEhE,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,+BAA+B,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CAC1E,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,MAAM,CAAC,EAAgB,CAAC;AACjC,CAAC"}

package/dist/did/ixo-resolver.d.ts

@@ -0,0 +1,8 @@
+import type { DIDKeyResolver } from '../types.js';
+export interface IxoDIDResolverConfig {
+    indexerUrl: string;
+    fetch?: typeof globalThis.fetch;
+}
+export declare function createIxoDIDResolver(config: IxoDIDResolverConfig): DIDKeyResolver;
+export declare function createCompositeDIDResolver(resolvers: DIDKeyResolver[]): DIDKeyResolver;
+//# sourceMappingURL=ixo-resolver.d.ts.map

package/dist/did/ixo-resolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ixo-resolver.d.ts","sourceRoot":"","sources":["../../src/did/ixo-resolver.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,cAAc,EAAU,MAAM,aAAa,CAAC;AAM1D,MAAM,WAAW,oBAAoB;IAKnC,UAAU,EAAE,MAAM,CAAC;IAKnB,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;CACjC;AAwJD,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,oBAAoB,GAC3B,cAAc,CA2GhB;AAQD,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,cAAc,EAAE,GAC1B,cAAc,CAuBhB"}

package/dist/did/ixo-resolver.js

@@ -0,0 +1,162 @@
+import { base58Encode, hexDecode, base58Decode } from './utils.js';
+const DID_DOCUMENT_QUERY = `
+  query GetDIDDocument($id: String!) {
+    iids(filter: { id: { equalTo: $id } }) {
+      nodes {
+        id
+        verificationMethod
+      }
+    }
+  }
+`;
+const ED25519_MULTICODEC_PREFIX = new Uint8Array([0xed, 0x01]);
+function rawPublicKeyToDidKey(publicKeyBytes) {
+    if (publicKeyBytes.length !== 32) {
+        console.warn(`[IxoDIDResolver] Expected 32-byte Ed25519 key, got ${publicKeyBytes.length} bytes`);
+        return null;
+    }
+    const prefixedKey = new Uint8Array(ED25519_MULTICODEC_PREFIX.length + publicKeyBytes.length);
+    prefixedKey.set(ED25519_MULTICODEC_PREFIX, 0);
+    prefixedKey.set(publicKeyBytes, ED25519_MULTICODEC_PREFIX.length);
+    const multibaseEncoded = 'z' + base58Encode(prefixedKey);
+    return `did:key:${multibaseEncoded}`;
+}
+function publicKeyToDidKey(vm) {
+    if (vm.publicKeyMultibase) {
+        if (vm.publicKeyMultibase.startsWith('z')) {
+            return `did:key:${vm.publicKeyMultibase}`;
+        }
+        console.warn(`[IxoDIDResolver] Unsupported multibase prefix for ${vm.id}: ${vm.publicKeyMultibase.charAt(0)}`);
+        return null;
+    }
+    if (vm.publicKeyHex) {
+        try {
+            const publicKeyBytes = hexDecode(vm.publicKeyHex);
+            const didKey = rawPublicKeyToDidKey(publicKeyBytes);
+            return didKey;
+        }
+        catch (error) {
+            console.warn(`[IxoDIDResolver] Failed to decode publicKeyHex for ${vm.id}: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+    if (vm.publicKeyBase58) {
+        try {
+            const publicKeyBytes = base58Decode(vm.publicKeyBase58);
+            const didKey = rawPublicKeyToDidKey(publicKeyBytes);
+            return didKey;
+        }
+        catch (error) {
+            console.warn(`[IxoDIDResolver] Failed to decode publicKeyBase58 for ${vm.id}: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            return null;
+        }
+    }
+    return null;
+}
+export function createIxoDIDResolver(config) {
+    const fetchFn = config.fetch ?? globalThis.fetch;
+    return async (did) => {
+        if (!did.startsWith('did:ixo:')) {
+            return {
+                error: {
+                    name: 'DIDKeyResolutionError',
+                    did,
+                    message: `Cannot resolve ${did}: not a did:ixo identifier`,
+                },
+            };
+        }
+        try {
+            const response = await fetchFn(config.indexerUrl, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    query: DID_DOCUMENT_QUERY,
+                    variables: { id: did },
+                }),
+            });
+            if (!response.ok) {
+                return {
+                    error: {
+                        name: 'DIDKeyResolutionError',
+                        did,
+                        message: `Failed to fetch DID document: HTTP ${response.status}`,
+                    },
+                };
+            }
+            const data = (await response.json());
+            if (data.errors && data.errors.length > 0) {
+                return {
+                    error: {
+                        name: 'DIDKeyResolutionError',
+                        did,
+                        message: `GraphQL error: ${data.errors[0]?.message ?? 'Unknown error'}`,
+                    },
+                };
+            }
+            const didDoc = data.data?.iids?.nodes?.[0];
+            if (!didDoc) {
+                return {
+                    error: {
+                        name: 'DIDKeyResolutionError',
+                        did,
+                        message: `DID document not found for ${did}`,
+                    },
+                };
+            }
+            const keys = [];
+            for (const vm of didDoc.verificationMethod || []) {
+                if (vm.type.includes('Ed25519') ||
+                    vm.type === 'JsonWebKey2020' ||
+                    vm.id.includes('signing')) {
+                    const keyDid = publicKeyToDidKey(vm);
+                    if (keyDid) {
+                        keys.push(keyDid);
+                    }
+                }
+            }
+            if (keys.length === 0) {
+                return {
+                    error: {
+                        name: 'DIDKeyResolutionError',
+                        did,
+                        message: `No valid Ed25519 verification methods found in DID document for ${did}`,
+                    },
+                };
+            }
+            return { ok: keys };
+        }
+        catch (error) {
+            return {
+                error: {
+                    name: 'DIDKeyResolutionError',
+                    did,
+                    message: `Failed to resolve ${did}: ${error instanceof Error ? error.message : 'Unknown error'}`,
+                },
+            };
+        }
+    };
+}
+export function createCompositeDIDResolver(resolvers) {
+    return async (did) => {
+        for (const resolver of resolvers) {
+            const result = await resolver(did);
+            if ('ok' in result) {
+                return result;
+            }
+            if (result.error.message.includes('not a did:')) {
+                continue;
+            }
+            return result;
+        }
+        return {
+            error: {
+                name: 'DIDKeyResolutionError',
+                did,
+                message: `No resolver could handle ${did}`,
+            },
+        };
+    };
+}
+//# sourceMappingURL=ixo-resolver.js.map

package/dist/did/ixo-resolver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ixo-resolver.js","sourceRoot":"","sources":["../../src/did/ixo-resolver.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAqBnE,MAAM,kBAAkB,GAAG;;;;;;;;;CAS1B,CAAC;AAgCF,MAAM,yBAAyB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;AAU/D,SAAS,oBAAoB,CAAC,cAA0B;IAEtD,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CACV,sDAAsD,cAAc,CAAC,MAAM,QAAQ,CACpF,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,MAAM,WAAW,GAAG,IAAI,UAAU,CAChC,yBAAyB,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CACzD,CAAC;IACF,WAAW,CAAC,GAAG,CAAC,yBAAyB,EAAE,CAAC,CAAC,CAAC;IAC9C,WAAW,CAAC,GAAG,CAAC,cAAc,EAAE,yBAAyB,CAAC,MAAM,CAAC,CAAC;IAGlE,MAAM,gBAAgB,GAAG,GAAG,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;IAEzD,OAAO,WAAW,gBAAgB,EAAY,CAAC;AACjD,CAAC;AAMD,SAAS,iBAAiB,CAAC,EAAsB;IAG/C,IAAI,EAAE,CAAC,kBAAkB,EAAE,CAAC;QAG1B,IAAI,EAAE,CAAC,kBAAkB,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAE1C,OAAO,WAAW,EAAE,CAAC,kBAAkB,EAAY,CAAC;QACtD,CAAC;QAGD,OAAO,CAAC,IAAI,CACV,qDAAqD,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACjG,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAGD,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,SAAS,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,oBAAoB,CAAC,cAAc,CAAC,CAAC;YACpD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,sDAAsD,EAAE,CAAC,EAAE,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAC3H,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAGD,IAAI,EAAE,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,YAAY,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC;YACxD,MAAM,MAAM,GAAG,oBAAoB,CAAC,cAAc,CAAC,CAAC;YACpD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,yDAAyD,EAAE,CAAC,EAAE,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAC9H,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAuBD,MAAM,UAAU,oBAAoB,CAClC,MAA4B;IAE5B,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,CAAC;IAEjD,OAAO,KAAK,EACV,GAAQ,EAGN,EAAE;QAEJ,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAuB;oBAC7B,GAAG;oBACH,OAAO,EAAE,kBAAkB,GAAG,4BAA4B;iBAC3D;aACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE;gBAChD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK,EAAE,kBAAkB;oBACzB,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE;iBACvB,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAuB;wBAC7B,GAAG;wBACH,OAAO,EAAE,sCAAsC,QAAQ,CAAC,MAAM,EAAE;qBACjE;iBACF,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGlC,CAAC;YAEF,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1C,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAuB;wBAC7B,GAAG;wBACH,OAAO,EAAE,kBAAkB,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,eAAe,EAAE;qBACxE;iBACF,CAAC;YACJ,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAuB;wBAC7B,GAAG;wBACH,OAAO,EAAE,8BAA8B,GAAG,EAAE;qBAC7C;iBACF,CAAC;YACJ,CAAC;YAGD,MAAM,IAAI,GAAa,EAAE,CAAC;YAE1B,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,kBAAkB,IAAI,EAAE,EAAE,CAAC;gBAGjD,IACE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;oBAC3B,EAAE,CAAC,IAAI,KAAK,gBAAgB;oBAC5B,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,EACzB,CAAC;oBACD,MAAM,MAAM,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;oBACrC,IAAI,MAAM,EAAE,CAAC;wBACX,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO;oBACL,KAAK,EAAE;wBACL,IAAI,EAAE,uBAAuB;wBAC7B,GAAG;wBACH,OAAO,EAAE,mEAAmE,GAAG,EAAE;qBAClF;iBACF,CAAC;YACJ,CAAC;YAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;QACtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE;oBACL,IAAI,EAAE,uBAAuB;oBAC7B,GAAG;oBACH,OAAO,EAAE,qBAAqB,GAAG,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;iBACjG;aACF,CAAC;QACJ,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAQD,MAAM,UAAU,0BAA0B,CACxC,SAA2B;IAE3B,OAAO,KAAK,EAAE,GAAQ,EAAE,EAAE;QACxB,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;YACnC,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;gBACnB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,IAAI,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAChD,SAAS;YACX,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO;YACL,KAAK,EAAE;gBACL,IAAI,EAAE,uBAAuB;gBAC7B,GAAG;gBACH,OAAO,EAAE,4BAA4B,GAAG,EAAE;aAC3C;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/did/utils.d.ts

@@ -0,0 +1,4 @@
+export declare function base58Decode(str: string): Uint8Array;
+export declare function base58Encode(bytes: Uint8Array): string;
+export declare function hexDecode(hex: string): Uint8Array;
+//# sourceMappingURL=utils.d.ts.map

package/dist/did/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/did/utils.ts"],"names":[],"mappings":"AAkBA,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAgDpD;AAOD,wBAAgB,YAAY,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CA2CtD;AASD,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAcjD"}