@kya-os/contracts 1.2.1 → 1.2.2

package/dist/vc/schemas.js

@@ -0,0 +1,225 @@
+"use strict";
+/**
+ * Verifiable Credentials (W3C 1.1) Schemas
+ *
+ * Zod schemas and TypeScript types for W3C Verifiable Credentials Data Model 1.1.
+ * These schemas provide runtime validation and can emit JSON Schemas for interoperability.
+ *
+ * Related Spec: MCP-I §3, W3C VC Data Model 1.1
+ * Python Reference: Credential-Documentation.md, Credential-Service.md
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VerifiablePresentationSchema = exports.VerifiableCredentialSchema = exports.ProofSchema = exports.CredentialStatusSchema = exports.CredentialSubjectSchema = exports.IssuerSchema = exports.ContextSchema = exports.ContextEntrySchema = exports.STATUS_LIST_CONTEXT = exports.VC_CONTEXT = void 0;
+exports.validateVerifiableCredential = validateVerifiableCredential;
+exports.validateVerifiablePresentation = validateVerifiablePresentation;
+exports.isCredentialExpired = isCredentialExpired;
+exports.getIssuerDid = getIssuerDid;
+exports.getSubjectDid = getSubjectDid;
+const zod_1 = require("zod");
+/**
+ * Standard W3C Verifiable Credentials context
+ */
+exports.VC_CONTEXT = ['https://www.w3.org/2018/credentials/v1'];
+/**
+ * Additional context for StatusList2021
+ */
+exports.STATUS_LIST_CONTEXT = 'https://w3id.org/vc/status-list/2021/v1';
+/**
+ * Context Entry Schema
+ *
+ * Supports both string URLs and context objects
+ */
+exports.ContextEntrySchema = zod_1.z.union([
+    zod_1.z.string().url(),
+    zod_1.z.record(zod_1.z.any()),
+]);
+/**
+ * @context Schema
+ *
+ * The @context property establishes the semantic context of the credential.
+ * MUST include the base VC context and MAY include additional contexts.
+ */
+exports.ContextSchema = zod_1.z
+    .array(exports.ContextEntrySchema)
+    .nonempty()
+    .refine((contexts) => {
+    // First context must be the base VC context
+    const firstContext = contexts[0];
+    return (typeof firstContext === 'string' &&
+        firstContext === exports.VC_CONTEXT[0]);
+}, {
+    message: 'First @context must be "https://www.w3.org/2018/credentials/v1"',
+});
+/**
+ * Issuer Schema
+ *
+ * The issuer can be a DID string or an object with an id field
+ */
+exports.IssuerSchema = zod_1.z.union([
+    zod_1.z.string().min(1),
+    zod_1.z.object({
+        id: zod_1.z.string().min(1),
+    }).passthrough(), // Allow additional properties
+]);
+/**
+ * Credential Subject Schema
+ *
+ * The subject of the credential. Can be a single object or array of objects.
+ * MUST have an id property that is a DID or URI.
+ */
+exports.CredentialSubjectSchema = zod_1.z.union([
+    zod_1.z.record(zod_1.z.any()),
+    zod_1.z.array(zod_1.z.record(zod_1.z.any())),
+]);
+/**
+ * Credential Status Schema (StatusList2021Entry)
+ *
+ * References a position in a StatusList2021 credential for revocation/suspension checking.
+ */
+exports.CredentialStatusSchema = zod_1.z.object({
+    /** URI of this status entry */
+    id: zod_1.z.string().url(),
+    /** Type MUST be StatusList2021Entry */
+    type: zod_1.z.literal('StatusList2021Entry'),
+    /** Purpose of the status list (revocation or suspension) */
+    statusPurpose: zod_1.z.enum(['revocation', 'suspension']),
+    /** Index of this credential in the status list (as string per spec) */
+    statusListIndex: zod_1.z.string().regex(/^\d+$/, 'Must be a numeric string'),
+    /** URL of the StatusList2021Credential */
+    statusListCredential: zod_1.z.string().url(),
+});
+/**
+ * Proof Schema
+ *
+ * Cryptographic proof for the credential.
+ * This is a flexible schema as proof formats vary.
+ */
+exports.ProofSchema = zod_1.z
+    .object({
+    type: zod_1.z.string().min(1),
+    created: zod_1.z.string().optional(),
+    verificationMethod: zod_1.z.string().optional(),
+    proofPurpose: zod_1.z.string().optional(),
+})
+    .passthrough(); // Allow additional proof-specific fields
+/**
+ * Verifiable Credential Schema (W3C 1.1)
+ *
+ * Core schema for W3C Verifiable Credentials.
+ * Supports all required and common optional fields.
+ */
+exports.VerifiableCredentialSchema = zod_1.z.object({
+    /** JSON-LD context */
+    '@context': exports.ContextSchema,
+    /** Unique identifier for the credential (optional per spec) */
+    id: zod_1.z.string().url().optional(),
+    /** Type of the credential, MUST include "VerifiableCredential" */
+    type: zod_1.z
+        .array(zod_1.z.string())
+        .min(1)
+        .refine((types) => types.includes('VerifiableCredential'), {
+        message: 'type must include "VerifiableCredential"',
+    }),
+    /** Issuer of the credential (DID or issuer object) */
+    issuer: exports.IssuerSchema,
+    /** Issuance date in ISO 8601 format */
+    issuanceDate: zod_1.z.string().datetime(),
+    /** Expiration date in ISO 8601 format (optional) */
+    expirationDate: zod_1.z.string().datetime().optional(),
+    /** The subject(s) of the credential */
+    credentialSubject: exports.CredentialSubjectSchema,
+    /** Status information for revocation/suspension (optional) */
+    credentialStatus: exports.CredentialStatusSchema.optional(),
+    /** Cryptographic proof (optional, may be added as external proof) */
+    proof: exports.ProofSchema.optional(),
+    /** Allow additional properties for extensibility */
+}).passthrough();
+/**
+ * Verifiable Presentation Schema
+ *
+ * Schema for presenting one or more credentials.
+ */
+exports.VerifiablePresentationSchema = zod_1.z.object({
+    '@context': exports.ContextSchema,
+    id: zod_1.z.string().url().optional(),
+    type: zod_1.z
+        .array(zod_1.z.string())
+        .min(1)
+        .refine((types) => types.includes('VerifiablePresentation'), {
+        message: 'type must include "VerifiablePresentation"',
+    }),
+    holder: zod_1.z.string().min(1).optional(),
+    verifiableCredential: zod_1.z
+        .union([
+        exports.VerifiableCredentialSchema,
+        zod_1.z.array(exports.VerifiableCredentialSchema),
+    ])
+        .optional(),
+    proof: exports.ProofSchema.optional(),
+}).passthrough();
+/**
+ * Validation Helpers
+ */
+/**
+ * Validate a verifiable credential
+ *
+ * @param credential - The credential to validate
+ * @returns Validation result with parsed credential or errors
+ */
+function validateVerifiableCredential(credential) {
+    return exports.VerifiableCredentialSchema.safeParse(credential);
+}
+/**
+ * Validate a verifiable presentation
+ *
+ * @param presentation - The presentation to validate
+ * @returns Validation result with parsed presentation or errors
+ */
+function validateVerifiablePresentation(presentation) {
+    return exports.VerifiablePresentationSchema.safeParse(presentation);
+}
+/**
+ * Check if a credential is expired
+ *
+ * @param credential - The credential to check
+ * @returns true if expired, false otherwise
+ */
+function isCredentialExpired(credential) {
+    if (!credential.expirationDate) {
+        return false;
+    }
+    try {
+        const expirationDate = new Date(credential.expirationDate);
+        const now = new Date();
+        return expirationDate < now;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Extract issuer DID from credential
+ *
+ * @param credential - The credential
+ * @returns The issuer DID string
+ */
+function getIssuerDid(credential) {
+    const issuer = credential.issuer;
+    if (typeof issuer === 'string') {
+        return issuer;
+    }
+    return issuer.id;
+}
+/**
+ * Extract credential subject DID (if present)
+ *
+ * @param credential - The credential
+ * @returns The subject DID or null if not present
+ */
+function getSubjectDid(credential) {
+    const subject = Array.isArray(credential.credentialSubject)
+        ? credential.credentialSubject[0]
+        : credential.credentialSubject;
+    return subject?.id || null;
+}
+//# sourceMappingURL=schemas.js.map