@kya-os/mcp 1.2.0 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +114 -10
- package/LICENSE +1 -1
- package/README.md +50 -33
- package/dist/auth/handshake.d.ts +1 -1
- package/dist/auth/handshake.js +1 -1
- package/dist/delegation/cascading-revocation.d.ts +1 -1
- package/dist/delegation/cascading-revocation.js +1 -1
- package/dist/delegation/delegation-graph.d.ts +1 -1
- package/dist/delegation/delegation-graph.js +1 -1
- package/dist/delegation/did-web-resolver.d.ts +51 -1
- package/dist/delegation/did-web-resolver.d.ts.map +1 -1
- package/dist/delegation/did-web-resolver.js +108 -0
- package/dist/delegation/did-web-resolver.js.map +1 -1
- package/dist/delegation/outbound-headers.d.ts +14 -14
- package/dist/delegation/outbound-headers.d.ts.map +1 -1
- package/dist/delegation/outbound-headers.js +15 -15
- package/dist/delegation/outbound-headers.js.map +1 -1
- package/dist/delegation/outbound-proof.d.ts +2 -2
- package/dist/delegation/outbound-proof.js +2 -2
- package/dist/delegation/vc-issuer.d.ts +1 -1
- package/dist/delegation/vc-issuer.js +1 -1
- package/dist/delegation/vc-verifier.d.ts +2 -1
- package/dist/delegation/vc-verifier.d.ts.map +1 -1
- package/dist/delegation/vc-verifier.js +1 -1
- package/dist/delegation/vc-verifier.js.map +1 -1
- package/dist/errors.d.ts +6 -6
- package/dist/errors.d.ts.map +1 -1
- package/dist/errors.js +3 -3
- package/dist/errors.js.map +1 -1
- package/dist/index.d.ts +8 -7
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +8 -6
- package/dist/index.js.map +1 -1
- package/dist/logging/logger.d.ts +1 -1
- package/dist/logging/logger.js +1 -1
- package/dist/middleware/index.d.ts +6 -6
- package/dist/middleware/index.d.ts.map +1 -1
- package/dist/middleware/index.js +6 -6
- package/dist/middleware/index.js.map +1 -1
- package/dist/middleware/{mcpi-transport.d.ts → kya-os-transport.d.ts} +8 -8
- package/dist/middleware/kya-os-transport.d.ts.map +1 -0
- package/dist/middleware/{mcpi-transport.js → kya-os-transport.js} +9 -9
- package/dist/middleware/kya-os-transport.js.map +1 -0
- package/dist/middleware/{with-mcpi-server.d.ts → with-kya-os-server.d.ts} +24 -24
- package/dist/middleware/with-kya-os-server.d.ts.map +1 -0
- package/dist/middleware/{with-mcpi-server.js → with-kya-os-server.js} +26 -26
- package/dist/middleware/with-kya-os-server.js.map +1 -0
- package/dist/middleware/{with-mcpi.d.ts → with-kya-os.d.ts} +41 -60
- package/dist/middleware/with-kya-os.d.ts.map +1 -0
- package/dist/middleware/{with-mcpi.js → with-kya-os.js} +66 -42
- package/dist/middleware/with-kya-os.js.map +1 -0
- package/dist/proof/errors.d.ts +1 -0
- package/dist/proof/errors.d.ts.map +1 -1
- package/dist/proof/errors.js +2 -0
- package/dist/proof/errors.js.map +1 -1
- package/dist/proof/generator.d.ts +1 -1
- package/dist/proof/generator.js +1 -1
- package/dist/proof/index.d.ts +1 -1
- package/dist/proof/index.d.ts.map +1 -1
- package/dist/proof/index.js +1 -1
- package/dist/proof/index.js.map +1 -1
- package/dist/proof/verifier.d.ts +49 -1
- package/dist/proof/verifier.d.ts.map +1 -1
- package/dist/proof/verifier.js +85 -2
- package/dist/proof/verifier.js.map +1 -1
- package/dist/providers/base.d.ts +32 -3
- package/dist/providers/base.d.ts.map +1 -1
- package/dist/providers/base.js.map +1 -1
- package/dist/providers/node-crypto.d.ts +2 -2
- package/dist/providers/node-crypto.js +2 -2
- package/dist/session/manager.d.ts +8 -6
- package/dist/session/manager.d.ts.map +1 -1
- package/dist/session/manager.js +16 -10
- package/dist/session/manager.js.map +1 -1
- package/dist/types/protocol.d.ts +15 -3
- package/dist/types/protocol.d.ts.map +1 -1
- package/dist/types/protocol.js +7 -3
- package/dist/types/protocol.js.map +1 -1
- package/package.json +4 -4
- package/schemas/README.md +6 -6
- package/schemas/delegation-credential.json +4 -4
- package/schemas/detached-proof.json +1 -1
- package/schemas/handshake-request.json +3 -3
- package/schemas/handshake-response.json +2 -2
- package/schemas/well-known-mcpi.json +14 -7
- package/dist/middleware/mcpi-transport.d.ts.map +0 -1
- package/dist/middleware/mcpi-transport.js.map +0 -1
- package/dist/middleware/with-mcpi-server.d.ts.map +0 -1
- package/dist/middleware/with-mcpi-server.js.map +0 -1
- package/dist/middleware/with-mcpi.d.ts.map +0 -1
- package/dist/middleware/with-mcpi.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,14 +7,107 @@ Versioning: https://semver.org/spec/v2.0.0.html
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
### Added
|
|
11
|
+
|
|
12
|
+
- Export the byte-variant base64url helpers (`base64urlEncodeFromBytes`, `base64urlDecodeToBytes`) from the package entry point. They existed in `src/utils/base64.ts` but were not on the public API; downstream consumers need them for DID/JWK key encoding.
|
|
13
|
+
|
|
14
|
+
### Docs
|
|
15
|
+
|
|
16
|
+
- Tightened two capability-language hits inside the spec that survived the Responsible Party rename: §8.2 `DelegationProofJWT.sub` comment now describes the Responsible Party explicitly (was "User DID (on whose behalf)"), and the `userDid` field description in `schemas/delegation-credential.json` now reads "whose delegated authority the agent exercises" instead of "on whose behalf the delegation acts."
|
|
17
|
+
|
|
18
|
+
### Spec
|
|
19
|
+
|
|
20
|
+
- Added §11.0 (Trust Model) naming the three trust boundaries explicitly: the agent process, the verifier (with the Edge Verifier called out as a TCB component at L1), and the service / resource owner. Includes key custody options (software, proxy-managed, hardware-attested) and a mutual-authentication recommendation for services.
|
|
21
|
+
- Added §11.1 (Threat Model Summary) as a structured table: threat → mitigation → residual risk. Covers impersonation, replay, scope escalation, confused deputy, credential theft, agent abuse, key compromise, revocation race, downgrade, and DoS — with cross-references to detailed sections and to the cap-sec invariants in §6.4.1 / §6.5.
|
|
22
|
+
- Renumbered §11 subsections to fit the new structure (Revocation Freshness moved to §11.10; previous §11.1–§11.5 shifted by one).
|
|
23
|
+
- Introduced **Principal** and **Responsible Party** as first-class terms (§2). The Responsible Party is the entity ultimately accountable for actions taken under a delegation chain — the root issuer of the chain. Distinguished from the Principal (the immediate human delegator) to support organizational deployments where the operating human is not the accountable entity.
|
|
24
|
+
- Added a normative invariant to §6.4: every delegation chain MUST terminate at a Responsible Party, identified by the `issuerDid` of the root `DelegationCredential`.
|
|
25
|
+
- Reworded the Abstract to drop "on whose behalf" (impersonation framing) in favor of "what authority they hold (a delegation chain rooted at a Responsible Party)" — capability-security framing that matches the protocol's actual semantics.
|
|
26
|
+
- Added normative _meta hash exclusion paragraph and `session.metaPolicy` opt-in (default: `strict`).
|
|
27
|
+
- Documented anonymous handshake nonce-dedupe boundary; reference impl now uses a 60s TTL for anonymous nonces.
|
|
28
|
+
- Added `clockSkewSeconds` field to `.well-known/mcp` for server-advertised skew negotiation.
|
|
29
|
+
- Added the **designation invariant** to §6.4.1 as a normative MUST: invocations must designate the specific resource being exercised, even when the delegation authorizes multiple resources. The reference implementation already enforces this via the per-tool `scopeId` check; this change makes the behavior normative and cross-references it from §11.6 (Confused Deputy Attacks).
|
|
30
|
+
- Added §6.5.1 (Revocation Rights) defining who may revoke a delegation in v1.0: direct issuer, any ancestor issuer in the chain, and the responsible party at the root. Subject-side revocation is explicitly disallowed in v1.0; UCAN-style "revocation as a delegatable permission" is tracked for v1.1.
|
|
31
|
+
- Added §6.5.2 (Concurrency and the Revocation Race) acknowledging the Lamport-concurrent race between revocation issuance and propagation, with implementation guidance on bounding the window.
|
|
32
|
+
|
|
33
|
+
### Security
|
|
34
|
+
|
|
35
|
+
- **BREAKING (default flip): `requireAudienceOnRedelegation` now defaults to `true`.**
|
|
36
|
+
Every non-root credential in a delegation chain must carry an `audience`
|
|
37
|
+
constraint. Closes the confused-deputy class flagged by Alan Karp's
|
|
38
|
+
transitive-access analysis and matches `SPEC.md` §11.6. Integrations that
|
|
39
|
+
cannot yet bind audience on every re-delegation can set the flag to `false`
|
|
40
|
+
explicitly to preserve legacy behavior; doing so logs a one-time
|
|
41
|
+
per-process warning so the configuration is auditable in production logs.
|
|
42
|
+
- **Unsafe-mode warning:** setting `allowLegacyUnsafeDelegation` to `true`
|
|
43
|
+
now emits a one-time per-process `console.warn` on first use. Default
|
|
44
|
+
is unchanged (`false` / strict). The warning surfaces accidental
|
|
45
|
+
configuration in production logs without spamming per-session.
|
|
46
|
+
- `SECURITY.md` gained a "Secure Defaults & Unsafe Delegation Modes" section
|
|
47
|
+
documenting both flags, when to opt out, and the migration path back to
|
|
48
|
+
safe defaults.
|
|
49
|
+
- Added test coverage pinning the warn-once behavior on both unsafe-mode
|
|
50
|
+
flags: warns exactly once per process on opt-in, silent on safe defaults,
|
|
51
|
+
no duplicate warnings across repeated `wrapWithDelegation` calls.
|
|
52
|
+
|
|
53
|
+
### Added
|
|
54
|
+
|
|
55
|
+
- **Generic `Identity` interface** exported from the root entry point.
|
|
56
|
+
Captures the shape shared by every subject the protocol speaks about
|
|
57
|
+
(DID + verification-method id + key material). `AgentIdentity` now
|
|
58
|
+
extends `Identity`; the agent-flavoured shape is unchanged for
|
|
59
|
+
existing consumers.
|
|
60
|
+
- **`buildDidWebDocument(identity, options?)`** in
|
|
61
|
+
`delegation/did-web-resolver`. Produces the DID Document a `did:web`
|
|
62
|
+
controller serves at its resolution URL (see `didWebToUrl`),
|
|
63
|
+
completing the producer/consumer round-trip with `DidWebResolver`.
|
|
64
|
+
Emits both `publicKeyJwk` and `publicKeyMultibase` for cross-format
|
|
65
|
+
interop, matching the `Ed25519VerificationKey2020` form used by the
|
|
66
|
+
did:key resolver.
|
|
67
|
+
- Optional `@context` field on `DIDDocument` so produced documents can
|
|
68
|
+
declare the JSON-LD contexts they reference.
|
|
69
|
+
|
|
10
70
|
### Changed
|
|
11
71
|
|
|
12
|
-
- **Package renamed from `@mcp-i/core` to `@kya-os/mcp`.**
|
|
13
|
-
the KYA-OS
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
72
|
+
- **Package renamed from `@mcp-i/core` to `@kya-os/mcp`.** Renamed
|
|
73
|
+
under the KYA-OS protocol (Know Your Agent Operating System), the
|
|
74
|
+
agent identity, authorization, and observability protocol donated
|
|
75
|
+
to DIF TAAWG. Version stays at 1.2.0 — the wire format, public
|
|
76
|
+
exports, and behavior are unchanged. The old `@mcp-i/core` package
|
|
77
|
+
is deprecated and points at this one.
|
|
78
|
+
- **Spec renamed from MCP-I to KYA-OS** across `SPEC.md`,
|
|
79
|
+
`CONFORMANCE.md`, `GOVERNANCE.md`, and example READMEs. Wire-format
|
|
80
|
+
identifiers (`_kyaos` tool name, well-known path, JSON Schema
|
|
81
|
+
files, JSON-LD context URLs) are deferred to a later cutover so
|
|
82
|
+
this doc-only rename doesn't break running implementations.
|
|
83
|
+
|
|
84
|
+
Why the rename: two forces.
|
|
85
|
+
|
|
86
|
+
First, MCP is Anthropic's trademark and lives under Anthropic's
|
|
87
|
+
governance. Calling a DIF-track identity protocol "MCP-Identity"
|
|
88
|
+
suggested an official extension of MCP and tied the protocol to a
|
|
89
|
+
single vendor's roadmap. The Linux Foundation flagged this during
|
|
90
|
+
pre-donation review and we agreed: a foundation-owned identity
|
|
91
|
+
protocol should not carry another foundation's (or vendor's)
|
|
92
|
+
trademark in its name.
|
|
93
|
+
|
|
94
|
+
Second, the protocol was never going to be MCP-only. The design
|
|
95
|
+
intent was a primitive layer for identity, authority, and
|
|
96
|
+
accountability that other agent-facing protocols adopt, analogous
|
|
97
|
+
to how TLS is a security layer that transports adopt rather than
|
|
98
|
+
a transport itself. KYA-OS primitives are intended to embed in
|
|
99
|
+
three kinds of host surface: transport bindings (wire protocols
|
|
100
|
+
an agent's calls ride over, e.g. MCP, HTTPS, gRPC, SMTP, Matrix,
|
|
101
|
+
browser-driven actions), runtime bindings (agent harnesses where
|
|
102
|
+
the loop runs and tool invocations can be wrapped uniformly), and
|
|
103
|
+
manifest / assertion embeddings (host formats like C2PA manifests
|
|
104
|
+
that already carry signed assertions and can carry a KYA-OS proof
|
|
105
|
+
as one assertion type). Naming the protocol after one binding
|
|
106
|
+
undersold the surface.
|
|
107
|
+
|
|
108
|
+
The MCP binding ships first because MCP is the most concentrated
|
|
109
|
+
agent-to-tool RPC surface today. Additional bindings will be
|
|
110
|
+
specified in the working group as they reach consensus.
|
|
18
111
|
- **Spec cut to `1.0.0`** (was `0.1.0-draft` in `SPEC.md`, `1.0.0-draft`
|
|
19
112
|
in `CONFORMANCE.md`). The wire format was already pinned at `1.0.0`
|
|
20
113
|
in the handshake protocol-version field; the spec docs now match.
|
|
@@ -22,14 +115,25 @@ Versioning: https://semver.org/spec/v2.0.0.html
|
|
|
22
115
|
semver is independent of package semver: the spec describes the wire
|
|
23
116
|
protocol, the package describes the implementation shipping it.
|
|
24
117
|
- Delegation middleware remains strict by default for chain and status-list validation.
|
|
25
|
-
- Added `delegation.allowLegacyUnsafeDelegation` to `
|
|
118
|
+
- Added `delegation.allowLegacyUnsafeDelegation` to `createKyaOsMiddleware` as a temporary migration escape hatch for legacy integrations.
|
|
26
119
|
- Added middleware tests covering legacy-compatibility behavior for parent-linked and status-list credentials.
|
|
27
120
|
|
|
121
|
+
### Docs
|
|
122
|
+
|
|
123
|
+
- L1 revocation terminology clarified (verifier-local, not global CRL).
|
|
124
|
+
- Orchestration directory scope explicitly narrowed from global to service-local.
|
|
125
|
+
- Nonce lifetime documented to prevent early-eviction replay class.
|
|
126
|
+
- Multi-level audit record example added.
|
|
127
|
+
- Conformance-tiered audit-logging requirements added.
|
|
128
|
+
- Registry types (Delegation / Credential / Trust) disambiguated.
|
|
129
|
+
- Broken link to Protocol Registry fixed.
|
|
130
|
+
- Key Topics ordering aligned with site navigation.
|
|
131
|
+
|
|
28
132
|
## [1.0.0-draft] - 2026-03-12
|
|
29
133
|
|
|
30
134
|
### Added
|
|
31
135
|
|
|
32
|
-
- SPEC.md protocol specification defining
|
|
136
|
+
- SPEC.md protocol specification defining KYA-OS extension for cryptographic identity
|
|
33
137
|
- Supported DID methods: `did:key` (ephemeral/dev) and `did:web` (production)
|
|
34
138
|
- Ed25519/EdDSA cryptography for signing and verification
|
|
35
139
|
- Delegation module with W3C Verifiable Credential issuance and verification
|
|
@@ -46,14 +150,14 @@ Versioning: https://semver.org/spec/v2.0.0.html
|
|
|
46
150
|
- Auth module with `verifyOrHints` orchestration and sensitive scope detection
|
|
47
151
|
- Resume token storage for authorization flows
|
|
48
152
|
- `needs_authorization` hint response pattern
|
|
49
|
-
- MCP SDK middleware wrapper (`
|
|
153
|
+
- MCP SDK middleware wrapper (`createKyaOsMiddleware`)
|
|
50
154
|
- Tool wrapping with automatic proof generation
|
|
51
155
|
- Handshake tool registration and handling
|
|
52
156
|
- Provider abstractions: CryptoProvider, ClockProvider, FetchProvider, StorageProvider, NonceCacheProvider, IdentityProvider
|
|
53
157
|
- In-memory implementations for all providers (testing)
|
|
54
158
|
- Configurable logging with debug, info, warn, error levels
|
|
55
159
|
- Pure TypeScript protocol type definitions (zero runtime dependencies)
|
|
56
|
-
- Well-known endpoint (`/.well-known/
|
|
160
|
+
- Well-known endpoint (`/.well-known/mcp`) for server discovery
|
|
57
161
|
- Outbound delegation proof JWT builder for downstream API calls
|
|
58
162
|
- Three-tier conformance levels:
|
|
59
163
|
- Level 1: Core Crypto (key generation, signing, hashing, DID resolution)
|
package/LICENSE
CHANGED
package/README.md
CHANGED
|
@@ -1,35 +1,52 @@
|
|
|
1
1
|
<p align="center">
|
|
2
|
-
<a href="https://
|
|
2
|
+
<a href="https://kya-os.ai">
|
|
3
3
|
<picture>
|
|
4
4
|
<source media="(prefers-color-scheme: dark)" srcset="https://modelcontextprotocol-identity.io/images/logo-mark_white.svg">
|
|
5
|
-
<img alt="
|
|
5
|
+
<img alt="" src="https://modelcontextprotocol-identity.io/images/logo-mark_black.svg" width="64">
|
|
6
6
|
</picture>
|
|
7
7
|
</a>
|
|
8
8
|
</p>
|
|
9
9
|
|
|
10
10
|
<p align="center">
|
|
11
|
-
<strong>
|
|
11
|
+
<strong>KYA-OS: agent identity, delegation, and proof. This repo is the MCP binding.</strong>
|
|
12
12
|
</p>
|
|
13
13
|
|
|
14
14
|
<p align="center">
|
|
15
15
|
<a href="https://www.npmjs.com/package/@kya-os/mcp"><img src="https://img.shields.io/npm/v/@kya-os/mcp" alt="npm"></a>
|
|
16
|
-
<a href="https://modelcontextprotocol-identity.io"><img src="https://img.shields.io/badge/spec-
|
|
16
|
+
<a href="https://modelcontextprotocol-identity.io"><img src="https://img.shields.io/badge/spec-KYA--OS-blue" alt="spec"></a>
|
|
17
17
|
<a href="https://identity.foundation/working-groups/agent-and-authorization.html"><img src="https://img.shields.io/badge/DIF-TAAWG-purple" alt="DIF TAAWG"></a>
|
|
18
|
-
<a href="./LICENSE"><img src="https://img.shields.io/github/license/
|
|
19
|
-
</p>
|
|
20
|
-
|
|
21
|
-
<p align="center">
|
|
22
|
-
<em><code>@kya-os/mcp</code> is the reference implementation of <strong>MCP-I</strong>, the identity surface of <strong>KYA-OS</strong> (Know Your Agent Operating System). KYA-OS is the umbrella protocol for agent identity, authorization, and observability; MCP-I is its first surface, binding those primitives to Model Context Protocol servers.</em>
|
|
18
|
+
<a href="./LICENSE"><img src="https://img.shields.io/github/license/decentralized-identity/kya-os-mcp" alt="license"></a>
|
|
23
19
|
</p>
|
|
24
20
|
|
|
25
21
|
---
|
|
26
22
|
|
|
27
|
-
|
|
23
|
+
## What KYA-OS is
|
|
24
|
+
|
|
25
|
+
**KYA-OS** (Know Your Agent Operating System) is an identity, authority, and accountability layer that other agent-facing protocols adopt, so that any time an agent acts you can verify *who* called (agent identity), *under what authority* (delegation chain rooted at a Responsible Party, plus consent where required), and *what they did* (signed proofs composing into audit trails).
|
|
26
|
+
|
|
27
|
+
The shape of the contribution is roughly analogous to TLS. TLS is not a transport, it is a security layer that transports adopt. KYA-OS is not a transport or a runtime, it is an identity and accountability layer that host protocols embed.
|
|
28
|
+
|
|
29
|
+
Three jobs, six primitives:
|
|
30
|
+
|
|
31
|
+
- **Identity.** Every agent and every server holds a Decentralized Identifier (`did:key`, `did:web`): a stable, cryptographically-controlled identifier that the agent can prove it owns, and that credentials can be issued against. Without this, there is nothing to bind authority to or hold accountable.
|
|
32
|
+
- **Authority.** W3C Verifiable Credentials carrying scoped, revocable delegation chains rooted at a Responsible Party. Per-tool consent gating for actions that require explicit human approval.
|
|
33
|
+
- **Accountability.** Detached JWS proofs over canonicalized request/response hashes, composing into tamper-evident audit trails. Invisible to the LLM, verifiable by anyone holding the agent's DID.
|
|
34
|
+
|
|
35
|
+
> **Note on the name.** This protocol was previously known as **MCP-Identity** / **MCP-I**. The rename to KYA-OS reflects the protocol's binding-agnostic scope. See the [`[Unreleased]` entry in `CHANGELOG.md`](./CHANGELOG.md#unreleased) for the full rationale.
|
|
36
|
+
|
|
37
|
+
## What this repo is
|
|
38
|
+
|
|
39
|
+
`@kya-os/mcp` is the **MCP binding** of KYA-OS, the reference implementation for [Model Context Protocol](https://modelcontextprotocol.io) servers, and the first binding to ship.
|
|
40
|
+
|
|
41
|
+
KYA-OS primitives are intended to embed in three kinds of host surface:
|
|
42
|
+
|
|
43
|
+
1. **Transport bindings.** Wire protocols an agent's calls ride over (e.g. MCP, HTTPS, gRPC, SMTP).
|
|
44
|
+
2. **Runtime bindings.** Agent harnesses where the loop runs and tool invocations can be wrapped uniformly.
|
|
45
|
+
3. **Manifest / assertion embeddings.** Host formats that already carry signed assertions, where a KYA-OS proof can serve as one assertion type (e.g. C2PA-track content provenance manifests).
|
|
46
|
+
|
|
47
|
+
The MCP binding ships first because MCP is the most concentrated agent-to-tool RPC surface today. Additional bindings will be specified in the working group as they reach consensus.
|
|
28
48
|
|
|
29
|
-
-
|
|
30
|
-
- **Every tool call gets a signed proof** — a tamper-evident receipt the agent can't forge or deny
|
|
31
|
-
- **Protected tools require human consent** — per-tool authorization via W3C Delegation Credentials
|
|
32
|
-
- **The AI never knows** — identity, proofs, and consent happen transparently in the protocol layer
|
|
49
|
+
The KYA-OS protocol itself is defined in [`SPEC.md`](./SPEC.md). Binding-specific behavior is called out so future bindings can diverge cleanly where they need to.
|
|
33
50
|
|
|
34
51
|
```
|
|
35
52
|
npm install @kya-os/mcp
|
|
@@ -37,9 +54,9 @@ npm install @kya-os/mcp
|
|
|
37
54
|
|
|
38
55
|
---
|
|
39
56
|
|
|
40
|
-
## Migrate
|
|
57
|
+
## Migrate any MCP server in 2 lines
|
|
41
58
|
|
|
42
|
-
**Before
|
|
59
|
+
**Before**, a standard MCP server with no identity or proofs:
|
|
43
60
|
|
|
44
61
|
```typescript
|
|
45
62
|
import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
@@ -51,51 +68,51 @@ server.registerTool('greet', { description: 'Say hello' }, async (args) => ({
|
|
|
51
68
|
}));
|
|
52
69
|
```
|
|
53
70
|
|
|
54
|
-
**After
|
|
71
|
+
**After**, every tool response now carries a signed cryptographic proof:
|
|
55
72
|
|
|
56
73
|
```typescript
|
|
57
74
|
import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
58
|
-
import {
|
|
75
|
+
import { withKyaOs, NodeCryptoProvider } from '@kya-os/mcp'; // +1 line
|
|
59
76
|
|
|
60
77
|
const server = new McpServer({ name: 'my-server', version: '1.0.0' });
|
|
61
|
-
await
|
|
78
|
+
await withKyaOs(server, { crypto: new NodeCryptoProvider() }); // +1 line
|
|
62
79
|
|
|
63
80
|
server.registerTool('greet', { description: 'Say hello' }, async (args) => ({
|
|
64
81
|
content: [{ type: 'text', text: `Hello, ${args.name}!` }],
|
|
65
82
|
}));
|
|
66
83
|
```
|
|
67
84
|
|
|
68
|
-
That's it. `
|
|
85
|
+
That's it. `withKyaOs` auto-generates an Ed25519 identity, registers the `_kyaos` protocol tool, and wraps the transport so every tool response includes a detached JWS proof in `_meta`. Invisible to the LLM, verifiable by anyone.
|
|
69
86
|
|
|
70
|
-
> See the full working example: [examples/context7-with-
|
|
87
|
+
> See the full working example: [examples/context7-with-kya-os](./examples/context7-with-kya-os/), a real MCP server (Context7) migrated with exactly 2 lines of code.
|
|
71
88
|
|
|
72
89
|
---
|
|
73
90
|
|
|
74
|
-
## Protect
|
|
91
|
+
## Protect tools with human consent
|
|
75
92
|
|
|
76
|
-
Some tools shouldn't run without a human saying "yes."
|
|
93
|
+
Some tools shouldn't run without a human saying "yes." KYA-OS adds per-tool authorization using W3C Verifiable Credentials:
|
|
77
94
|
|
|
78
95
|
```typescript
|
|
79
|
-
const checkout =
|
|
96
|
+
const checkout = kyaos.wrapWithDelegation(
|
|
80
97
|
'checkout',
|
|
81
98
|
{ scopeId: 'cart:write', consentUrl: 'https://example.com/consent' },
|
|
82
|
-
|
|
99
|
+
kyaos.wrapWithProof('checkout', async (args) => ({
|
|
83
100
|
content: [{ type: 'text', text: `Order placed: ${args.item}` }],
|
|
84
101
|
})),
|
|
85
102
|
);
|
|
86
103
|
```
|
|
87
104
|
|
|
88
|
-
When an agent calls `checkout` without a delegation credential, it gets back a `needs_authorization` response with a consent URL. The human approves, a scoped credential is issued, and the agent retries
|
|
105
|
+
When an agent calls `checkout` without a delegation credential, it gets back a `needs_authorization` response with a consent URL. The human approves, a scoped credential is issued, and the agent retries, now authorized.
|
|
89
106
|
|
|
90
107
|
> Try it yourself: [examples/consent-basic](./examples/consent-basic/) walks through the full consent flow end-to-end.
|
|
91
108
|
|
|
92
109
|
---
|
|
93
110
|
|
|
94
|
-
## See
|
|
111
|
+
## See it in action
|
|
95
112
|
|
|
96
113
|
```bash
|
|
97
|
-
git clone https://github.com/
|
|
98
|
-
cd
|
|
114
|
+
git clone https://github.com/decentralized-identity/kya-os-mcp.git
|
|
115
|
+
cd kya-os-mcp && npm install
|
|
99
116
|
bash scripts/demo.sh
|
|
100
117
|
```
|
|
101
118
|
|
|
@@ -106,19 +123,19 @@ This starts all example servers and opens [MCP Inspector](https://github.com/mod
|
|
|
106
123
|
| 3001 | [node-server](./examples/node-server/) | Proofs + restricted tools (low-level API) |
|
|
107
124
|
| 3002 | [consent-basic](./examples/consent-basic/) | Human consent flow with built-in UI |
|
|
108
125
|
| 3003 | [consent-full](./examples/consent-full/) | Production consent UI ([@kya-os/consent](https://www.npmjs.com/package/@kya-os/consent)) |
|
|
109
|
-
| 3004 | [context7-with-
|
|
126
|
+
| 3004 | [context7-with-kya-os](./examples/context7-with-kya-os/) | 2-line migration of a real MCP server |
|
|
110
127
|
|
|
111
128
|
Also available: [outbound-delegation](./examples/outbound-delegation/) (gateway pattern), [verify-proof](./examples/verify-proof/) (standalone verification), [statuslist](./examples/statuslist/) (revocation lifecycle).
|
|
112
129
|
|
|
113
130
|
---
|
|
114
131
|
|
|
115
|
-
## What's
|
|
132
|
+
## What's under the hood
|
|
116
133
|
|
|
117
134
|
| Capability | How it works |
|
|
118
135
|
|-----------|-------------|
|
|
119
136
|
| **Cryptographic identity** | Ed25519 key pairs, `did:key` and `did:web` resolution |
|
|
120
137
|
| **Signed proofs** | Detached JWS over JCS-canonicalized request/response hashes |
|
|
121
|
-
| **Delegation credentials** | W3C Verifiable Credentials with scope constraints |
|
|
138
|
+
| **Delegation credentials** | W3C Verifiable Credentials with scope constraints, rooted at a Responsible Party |
|
|
122
139
|
| **Revocation** | StatusList2021 bitstring with cascading revocation |
|
|
123
140
|
| **Replay prevention** | Nonce-based handshake with timestamp skew validation |
|
|
124
141
|
| **Extensible** | Bring your own KMS, HSM, nonce cache (Redis, DynamoDB, KV), or DID method |
|
|
@@ -127,7 +144,7 @@ Also available: [outbound-delegation](./examples/outbound-delegation/) (gateway
|
|
|
127
144
|
|
|
128
145
|
## Links
|
|
129
146
|
|
|
130
|
-
- [Spec](
|
|
147
|
+
- [Spec](./SPEC.md) | [Changelog](./CHANGELOG.md) | [DIF TAAWG](https://identity.foundation/working-groups/agent-and-authorization.html) | [npm](https://www.npmjs.com/package/@kya-os/mcp)
|
|
131
148
|
- [CONTRIBUTING.md](./CONTRIBUTING.md) | [CONFORMANCE.md](./CONFORMANCE.md) | [SECURITY.md](./SECURITY.md) | [GOVERNANCE.md](./GOVERNANCE.md)
|
|
132
149
|
|
|
133
150
|
## License
|
package/dist/auth/handshake.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Authorization Handshake — Platform-agnostic Protocol Reference
|
|
3
3
|
*
|
|
4
|
-
* Orchestrates the
|
|
4
|
+
* Orchestrates the KYA-OS authorization flow:
|
|
5
5
|
* 1. Check agent reputation (optional)
|
|
6
6
|
* 2. Verify delegation exists
|
|
7
7
|
* 3. Return needs_authorization error if missing
|
package/dist/auth/handshake.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Authorization Handshake — Platform-agnostic Protocol Reference
|
|
3
3
|
*
|
|
4
|
-
* Orchestrates the
|
|
4
|
+
* Orchestrates the KYA-OS authorization flow:
|
|
5
5
|
* 1. Check agent reputation (optional)
|
|
6
6
|
* 2. Verify delegation exists
|
|
7
7
|
* 3. Return needs_authorization error if missing
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Implements cascading revocation per Python POC design.
|
|
5
5
|
* When a parent delegation is revoked, all children are automatically revoked.
|
|
6
6
|
*
|
|
7
|
-
* Related Spec:
|
|
7
|
+
* Related Spec: KYA-OS §4.4, Delegation Chains
|
|
8
8
|
*/
|
|
9
9
|
import { DelegationGraphManager } from './delegation-graph.js';
|
|
10
10
|
import { StatusList2021Manager } from './statuslist-manager.js';
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Implements cascading revocation per Python POC design.
|
|
5
5
|
* When a parent delegation is revoked, all children are automatically revoked.
|
|
6
6
|
*
|
|
7
|
-
* Related Spec:
|
|
7
|
+
* Related Spec: KYA-OS §4.4, Delegation Chains
|
|
8
8
|
*/
|
|
9
9
|
export class CascadingRevocationManager {
|
|
10
10
|
graph;
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Tracks parent-child relationships between delegation credentials.
|
|
5
5
|
* Critical for cascading revocation per Delegation-Revocation.md.
|
|
6
6
|
*
|
|
7
|
-
* Related Spec:
|
|
7
|
+
* Related Spec: KYA-OS §4.4, Delegation Chains
|
|
8
8
|
*/
|
|
9
9
|
export interface DelegationNode {
|
|
10
10
|
id: string;
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Tracks parent-child relationships between delegation credentials.
|
|
5
5
|
* Critical for cascading revocation per Delegation-Revocation.md.
|
|
6
6
|
*
|
|
7
|
-
* Related Spec:
|
|
7
|
+
* Related Spec: KYA-OS §4.4, Delegation Chains
|
|
8
8
|
*/
|
|
9
9
|
export class DelegationGraphManager {
|
|
10
10
|
storage;
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
*
|
|
11
11
|
* @see https://w3c-ccg.github.io/did-method-web/
|
|
12
12
|
*/
|
|
13
|
-
import type { FetchProvider } from '../providers/base.js';
|
|
13
|
+
import type { FetchProvider, Identity } from '../providers/base.js';
|
|
14
14
|
import type { DIDResolver, DIDDocument } from './vc-verifier.js';
|
|
15
15
|
/**
|
|
16
16
|
* Parsed components of a did:web DID
|
|
@@ -79,5 +79,55 @@ export declare class DidWebResolver implements DIDResolver {
|
|
|
79
79
|
export declare function createDidWebResolver(fetchProvider: FetchProvider, options?: {
|
|
80
80
|
cacheTtl?: number;
|
|
81
81
|
}): DIDResolver;
|
|
82
|
+
/**
|
|
83
|
+
* Options for {@link buildDidWebDocument}.
|
|
84
|
+
*/
|
|
85
|
+
export interface BuildDidWebDocumentOptions {
|
|
86
|
+
/**
|
|
87
|
+
* Additional JSON-LD contexts appended after the defaults
|
|
88
|
+
* (`did/v1`, `ed25519-2020/v1`). Use to declare credential or
|
|
89
|
+
* service contexts the controller publishes alongside its keys.
|
|
90
|
+
*/
|
|
91
|
+
additionalContexts?: readonly string[];
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* Build the DID Document a did:web controller serves at its
|
|
95
|
+
* resolution URL (see {@link didWebToUrl}).
|
|
96
|
+
*
|
|
97
|
+
* Emits a single Ed25519 verification method derived from
|
|
98
|
+
* `identity.publicKey` (base64-encoded raw bytes — the
|
|
99
|
+
* {@link Identity} convention). Both `publicKeyJwk` and
|
|
100
|
+
* `publicKeyMultibase` are included for cross-format interop with
|
|
101
|
+
* verifiers that prefer one over the other.
|
|
102
|
+
*
|
|
103
|
+
* The verification method is published in both `authentication` and
|
|
104
|
+
* `assertionMethod`, matching the {@link createDidKeyResolver} output
|
|
105
|
+
* and the most common verifier expectations.
|
|
106
|
+
*
|
|
107
|
+
* The function is purely synchronous and performs no I/O. Hosts
|
|
108
|
+
* publish the returned object verbatim (e.g. as the body of a
|
|
109
|
+
* `/.well-known/did.json` route).
|
|
110
|
+
*
|
|
111
|
+
* @param identity - Subject identity. `did` must be a `did:web:` DID;
|
|
112
|
+
* `kid` must reference the same DID (`<did>#<fragment>`).
|
|
113
|
+
* @param options - Optional context extensions.
|
|
114
|
+
* @returns DID Document satisfying the W3C DID Core data model.
|
|
115
|
+
* @throws Error when `identity.did` is not a `did:web:` DID, when
|
|
116
|
+
* `identity.kid` does not reference `identity.did`, or when
|
|
117
|
+
* `identity.publicKey` is not a valid base64 string of the
|
|
118
|
+
* expected length.
|
|
119
|
+
*
|
|
120
|
+
* @example
|
|
121
|
+
* ```typescript
|
|
122
|
+
* const document = buildDidWebDocument({
|
|
123
|
+
* did: 'did:web:example.com:agents:bot1',
|
|
124
|
+
* kid: 'did:web:example.com:agents:bot1#keys-1',
|
|
125
|
+
* publicKey: agent.publicKey, // base64-encoded Ed25519
|
|
126
|
+
* createdAt: new Date().toISOString(),
|
|
127
|
+
* });
|
|
128
|
+
* // Serve `document` at https://example.com/agents/bot1/did.json
|
|
129
|
+
* ```
|
|
130
|
+
*/
|
|
131
|
+
export declare function buildDidWebDocument(identity: Identity, options?: BuildDidWebDocumentOptions): DIDDocument;
|
|
82
132
|
export {};
|
|
83
133
|
//# sourceMappingURL=did-web-resolver.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"did-web-resolver.d.ts","sourceRoot":"","sources":["../../src/delegation/did-web-resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"did-web-resolver.d.ts","sourceRoot":"","sources":["../../src/delegation/did-web-resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAsB,MAAM,kBAAkB,CAAC;AAMrF;;GAEG;AACH,UAAU,YAAY;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB;AA0DD;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAE7C;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CA0B5D;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAsBtD;AAED;;GAEG;AACH,qBAAa,cAAe,YAAW,WAAW;IAChD,OAAO,CAAC,aAAa,CAAgB;IACrC,OAAO,CAAC,KAAK,CAA4D;IACzE,OAAO,CAAC,QAAQ,CAAS;gBAEb,aAAa,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE;IAMzE;;;;;OAKG;IACG,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAgEvD;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;OAEG;IACH,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;CAGnC;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAClC,aAAa,EAAE,aAAa,EAC5B,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAC9B,WAAW,CAEb;AAeD;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CACxC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,QAAQ,EAClB,OAAO,CAAC,EAAE,0BAA0B,GACnC,WAAW,CAoCb"}
|
|
@@ -11,6 +11,9 @@
|
|
|
11
11
|
* @see https://w3c-ccg.github.io/did-method-web/
|
|
12
12
|
*/
|
|
13
13
|
import { logger } from '../logging/index.js';
|
|
14
|
+
import { base58Encode } from '../utils/base58.js';
|
|
15
|
+
import { base64ToBytes } from '../utils/base64.js';
|
|
16
|
+
import { publicKeyToJwk } from './did-key-resolver.js';
|
|
14
17
|
/**
|
|
15
18
|
* Type guard for checking if value is a valid DID Document structure
|
|
16
19
|
*/
|
|
@@ -215,4 +218,109 @@ export class DidWebResolver {
|
|
|
215
218
|
export function createDidWebResolver(fetchProvider, options) {
|
|
216
219
|
return new DidWebResolver(fetchProvider, options);
|
|
217
220
|
}
|
|
221
|
+
/** Ed25519 multicodec prefix (0xed 0x01) used for `publicKeyMultibase`. */
|
|
222
|
+
const ED25519_MULTICODEC_PREFIX = new Uint8Array([0xed, 0x01]);
|
|
223
|
+
/**
|
|
224
|
+
* Default JSON-LD contexts for an Ed25519-keyed did:web Document.
|
|
225
|
+
* `did/v1` is required by DID Core; `ed25519-2020/v1` defines the
|
|
226
|
+
* `Ed25519VerificationKey2020` type emitted below.
|
|
227
|
+
*/
|
|
228
|
+
const DEFAULT_DID_WEB_CONTEXTS = [
|
|
229
|
+
'https://www.w3.org/ns/did/v1',
|
|
230
|
+
'https://w3id.org/security/suites/ed25519-2020/v1',
|
|
231
|
+
];
|
|
232
|
+
/**
|
|
233
|
+
* Build the DID Document a did:web controller serves at its
|
|
234
|
+
* resolution URL (see {@link didWebToUrl}).
|
|
235
|
+
*
|
|
236
|
+
* Emits a single Ed25519 verification method derived from
|
|
237
|
+
* `identity.publicKey` (base64-encoded raw bytes — the
|
|
238
|
+
* {@link Identity} convention). Both `publicKeyJwk` and
|
|
239
|
+
* `publicKeyMultibase` are included for cross-format interop with
|
|
240
|
+
* verifiers that prefer one over the other.
|
|
241
|
+
*
|
|
242
|
+
* The verification method is published in both `authentication` and
|
|
243
|
+
* `assertionMethod`, matching the {@link createDidKeyResolver} output
|
|
244
|
+
* and the most common verifier expectations.
|
|
245
|
+
*
|
|
246
|
+
* The function is purely synchronous and performs no I/O. Hosts
|
|
247
|
+
* publish the returned object verbatim (e.g. as the body of a
|
|
248
|
+
* `/.well-known/did.json` route).
|
|
249
|
+
*
|
|
250
|
+
* @param identity - Subject identity. `did` must be a `did:web:` DID;
|
|
251
|
+
* `kid` must reference the same DID (`<did>#<fragment>`).
|
|
252
|
+
* @param options - Optional context extensions.
|
|
253
|
+
* @returns DID Document satisfying the W3C DID Core data model.
|
|
254
|
+
* @throws Error when `identity.did` is not a `did:web:` DID, when
|
|
255
|
+
* `identity.kid` does not reference `identity.did`, or when
|
|
256
|
+
* `identity.publicKey` is not a valid base64 string of the
|
|
257
|
+
* expected length.
|
|
258
|
+
*
|
|
259
|
+
* @example
|
|
260
|
+
* ```typescript
|
|
261
|
+
* const document = buildDidWebDocument({
|
|
262
|
+
* did: 'did:web:example.com:agents:bot1',
|
|
263
|
+
* kid: 'did:web:example.com:agents:bot1#keys-1',
|
|
264
|
+
* publicKey: agent.publicKey, // base64-encoded Ed25519
|
|
265
|
+
* createdAt: new Date().toISOString(),
|
|
266
|
+
* });
|
|
267
|
+
* // Serve `document` at https://example.com/agents/bot1/did.json
|
|
268
|
+
* ```
|
|
269
|
+
*/
|
|
270
|
+
export function buildDidWebDocument(identity, options) {
|
|
271
|
+
if (!isDidWeb(identity.did)) {
|
|
272
|
+
throw new Error(`buildDidWebDocument: identity.did must be a did:web DID (got "${identity.did}")`);
|
|
273
|
+
}
|
|
274
|
+
if (!identity.kid.startsWith(`${identity.did}#`)) {
|
|
275
|
+
throw new Error(`buildDidWebDocument: identity.kid "${identity.kid}" does not reference identity.did "${identity.did}"`);
|
|
276
|
+
}
|
|
277
|
+
const publicKeyBytes = decodePublicKey(identity.publicKey);
|
|
278
|
+
const publicKeyJwk = publicKeyToJwk(publicKeyBytes);
|
|
279
|
+
const publicKeyMultibase = encodeEd25519Multibase(publicKeyBytes);
|
|
280
|
+
const verificationMethod = {
|
|
281
|
+
id: identity.kid,
|
|
282
|
+
type: 'Ed25519VerificationKey2020',
|
|
283
|
+
controller: identity.did,
|
|
284
|
+
publicKeyJwk,
|
|
285
|
+
publicKeyMultibase,
|
|
286
|
+
};
|
|
287
|
+
const contexts = options?.additionalContexts?.length
|
|
288
|
+
? [...DEFAULT_DID_WEB_CONTEXTS, ...options.additionalContexts]
|
|
289
|
+
: [...DEFAULT_DID_WEB_CONTEXTS];
|
|
290
|
+
return {
|
|
291
|
+
'@context': contexts,
|
|
292
|
+
id: identity.did,
|
|
293
|
+
verificationMethod: [verificationMethod],
|
|
294
|
+
authentication: [identity.kid],
|
|
295
|
+
assertionMethod: [identity.kid],
|
|
296
|
+
};
|
|
297
|
+
}
|
|
298
|
+
/**
|
|
299
|
+
* Decode a base64-encoded Ed25519 public key to raw bytes.
|
|
300
|
+
*
|
|
301
|
+
* The {@link Identity} contract documents `publicKey` as base64 of the
|
|
302
|
+
* 32-byte Ed25519 public key. We accept that length only — anything
|
|
303
|
+
* else is a programming error and surfaces as a thrown construction
|
|
304
|
+
* exception (per the repository error contract: construction throws,
|
|
305
|
+
* verification/resolution returns).
|
|
306
|
+
*/
|
|
307
|
+
function decodePublicKey(publicKeyBase64) {
|
|
308
|
+
const bytes = base64ToBytes(publicKeyBase64);
|
|
309
|
+
if (bytes.length !== 32) {
|
|
310
|
+
throw new Error(`buildDidWebDocument: expected 32-byte Ed25519 public key, got ${bytes.length} bytes after base64 decode`);
|
|
311
|
+
}
|
|
312
|
+
return bytes;
|
|
313
|
+
}
|
|
314
|
+
/**
|
|
315
|
+
* Encode raw Ed25519 public key bytes as `publicKeyMultibase`
|
|
316
|
+
* (multicodec-tagged, base58btc-encoded, `z`-prefixed). Matches the
|
|
317
|
+
* encoding used by {@link createDidKeyResolver} for the equivalent
|
|
318
|
+
* field on did:key documents.
|
|
319
|
+
*/
|
|
320
|
+
function encodeEd25519Multibase(publicKeyBytes) {
|
|
321
|
+
const multicodec = new Uint8Array(ED25519_MULTICODEC_PREFIX.length + publicKeyBytes.length);
|
|
322
|
+
multicodec.set(ED25519_MULTICODEC_PREFIX);
|
|
323
|
+
multicodec.set(publicKeyBytes, ED25519_MULTICODEC_PREFIX.length);
|
|
324
|
+
return `z${base58Encode(multicodec)}`;
|
|
325
|
+
}
|
|
218
326
|
//# sourceMappingURL=did-web-resolver.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"did-web-resolver.js","sourceRoot":"","sources":["../../src/delegation/did-web-resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"did-web-resolver.js","sourceRoot":"","sources":["../../src/delegation/did-web-resolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAUvD;;GAEG;AACH,SAAS,kBAAkB,CAAC,KAAc;IACxC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,KAAgC,CAAC;IAE7C,sCAAsC;IACtC,IAAI,OAAO,GAAG,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iEAAiE;IACjE,IAAI,GAAG,CAAC,oBAAoB,CAAC,KAAK,SAAS,EAAE,CAAC;QAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,qDAAqD;QACrD,KAAK,MAAM,EAAE,IAAI,GAAG,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAC3C,IAAI,CAAC,yBAAyB,CAAC,EAAE,CAAC,EAAE,CAAC;gBACnC,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,KAAc;IAC/C,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,EAAE,GAAG,KAAgC,CAAC;IAE5C,gDAAgD;IAChD,IAAI,OAAO,EAAE,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1D,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,EAAE,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,EAAE,CAAC,YAAY,CAAC,KAAK,QAAQ,IAAI,EAAE,CAAC,YAAY,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1E,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,QAAQ,CAAC,GAAW;IAClC,OAAO,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AACpC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+BAA+B;IAC/B,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE/B,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iDAAiD;IACjD,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEnC,yCAAyC;IACzC,MAAM,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;IAE7C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gCAAgC;IAChC,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9D,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAC1B,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;IAEhC,gBAAgB;IAChB,6CAA6C;IAC7C,IAAI,GAAG,GAAG,WAAW,MAAM,EAAE,CAAC;IAE9B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,yCAAyC;QACzC,GAAG,IAAI,uBAAuB,CAAC;IACjC,CAAC;SAAM,CAAC;QACN,6CAA6C;QAC7C,GAAG,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC;IAC5C,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,cAAc;IACjB,aAAa,CAAgB;IAC7B,KAAK,CAA4D;IACjE,QAAQ,CAAS;IAEzB,YAAY,aAA4B,EAAE,OAA+B;QACvE,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,CAAC,oBAAoB;IACpE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,GAAW;QACvB,0BAA0B;QAC1B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,QAAQ,CAAC;QACzB,CAAC;QAED,iBAAiB;QACjB,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,CAAC,IAAI,CAAC,4CAA4C,GAAG,EAAE,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,yBAAyB;YACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAErD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,CAAC,IAAI,CAAC,yBAAyB,QAAQ,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;gBACxE,OAAO,IAAI,CAAC;YACd,CAAC;YAED,aAAa;YACb,IAAI,IAAa,CAAC;YAClB,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,CAAC,IAAI,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAC;gBACzD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,qBAAqB;YACrB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC9B,MAAM,CAAC,IAAI,CAAC,wDAAwD,GAAG,EAAE,CAAC,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,EAAE,KAAK,GAAG,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,CAAC,uDAAuD,GAAG,SAAS,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC1F,OAAO,IAAI,CAAC;YACd,CAAC;YAED,mBAAmB;YACnB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;gBAClB,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,QAAQ;aACtC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CACT,oCAAoC,GAAG,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACvG,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,GAAW;QACzB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;CACF;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAClC,aAA4B,EAC5B,OAA+B;IAE/B,OAAO,IAAI,cAAc,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,2EAA2E;AAC3E,MAAM,yBAAyB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;AAE/D;;;;GAIG;AACH,MAAM,wBAAwB,GAAsB;IAClD,8BAA8B;IAC9B,kDAAkD;CACnD,CAAC;AAcF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAkB,EAClB,OAAoC;IAEpC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,iEAAiE,QAAQ,CAAC,GAAG,IAAI,CAClF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,CAAC,GAAG,sCAAsC,QAAQ,CAAC,GAAG,GAAG,CACxG,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,eAAe,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC3D,MAAM,YAAY,GAAG,cAAc,CAAC,cAAc,CAAC,CAAC;IACpD,MAAM,kBAAkB,GAAG,sBAAsB,CAAC,cAAc,CAAC,CAAC;IAElE,MAAM,kBAAkB,GAAuB;QAC7C,EAAE,EAAE,QAAQ,CAAC,GAAG;QAChB,IAAI,EAAE,4BAA4B;QAClC,UAAU,EAAE,QAAQ,CAAC,GAAG;QACxB,YAAY;QACZ,kBAAkB;KACnB,CAAC;IAEF,MAAM,QAAQ,GAAG,OAAO,EAAE,kBAAkB,EAAE,MAAM;QAClD,CAAC,CAAC,CAAC,GAAG,wBAAwB,EAAE,GAAG,OAAO,CAAC,kBAAkB,CAAC;QAC9D,CAAC,CAAC,CAAC,GAAG,wBAAwB,CAAC,CAAC;IAElC,OAAO;QACL,UAAU,EAAE,QAAQ;QACpB,EAAE,EAAE,QAAQ,CAAC,GAAG;QAChB,kBAAkB,EAAE,CAAC,kBAAkB,CAAC;QACxC,cAAc,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC9B,eAAe,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;KAChC,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,eAAe,CAAC,eAAuB;IAC9C,MAAM,KAAK,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC;IAC7C,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,iEAAiE,KAAK,CAAC,MAAM,4BAA4B,CAC1G,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,sBAAsB,CAAC,cAA0B;IACxD,MAAM,UAAU,GAAG,IAAI,UAAU,CAC/B,yBAAyB,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CACzD,CAAC;IACF,UAAU,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IAC1C,UAAU,CAAC,GAAG,CAAC,cAAc,EAAE,yBAAyB,CAAC,MAAM,CAAC,CAAC;IACjE,OAAO,IAAI,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC;AACxC,CAAC"}
|