npm - @le-space/orbitdb-identity-provider-webauthn-did - Versions diffs - 0.0.1 → 0.2.1 - Mend

@le-space/orbitdb-identity-provider-webauthn-did 0.0.1 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/README.md +133 -340
package/package.json +41 -9
package/src/index.js +82 -453
package/src/keystore/encryption.js +579 -0
package/src/keystore/index.js +6 -0
package/src/keystore/provider.js +555 -0
package/src/keystore-encryption.js +6 -0
package/src/varsig/assertion.js +205 -0
package/src/varsig/credential.js +144 -0
package/src/varsig/domain.js +11 -0
package/src/varsig/identity.js +161 -0
package/src/varsig/index.js +6 -0
package/src/varsig/provider.js +78 -0
package/src/varsig/storage.js +46 -0
package/src/varsig/utils.js +43 -0
package/src/verification.js +273 -0
package/src/webauthn/provider.js +542 -0
package/verification.js +1 -0

package/README.md CHANGED Viewed

@@ -1,380 +1,173 @@
-# OrbitDB WebAuthn DID Identity Provider
+# OrbitDB WebAuthn Identity Providers
 [![Tests](https://github.com/le-space/orbitdb-identity-provider-webauthn-did/workflows/Tests/badge.svg)](https://github.com/le-space/orbitdb-identity-provider-webauthn-did/actions/workflows/test.yml) [![CI/CD](https://github.com/le-space/orbitdb-identity-provider-webauthn-did/workflows/CI%2FCD%20-%20Test%20and%20Publish/badge.svg)](https://github.com/le-space/orbitdb-identity-provider-webauthn-did/actions/workflows/ci-cd.yml)
-🚀 **[Try the Live Demo](https://bafybeida2cdlt3yie4hh67fwm2q4gvi23s53klo4rb2en2inhu33zzmmqa.ipfs.w3s.link/)** - Interactive WebAuthn demo with biometric authentication
+⚠️ **Security**: Experimental release. No formal audit. Use only after your own review.
-A hardware-secured identity provider for OrbitDB using WebAuthn authentication. This provider enables hardware -secured database access (Ledger, Yubikey etc.) where private keys never leave the secure hardware element
-and biometric authentication via Passkey.
+Two WebAuthn-based OrbitDB identity providers:
-## Features
+- **WebAuthn-Varsig**: No insecure OrbitDB keystore at all. Each entry is signed by WebAuthn (varsig envelope), so keys never leave the authenticator, one Passkey (WebAuthn) prompt per write.
-- 🔐 **Hardware-secured authentication** - Uses WebAuthn with platform authenticators (Face ID, Touch ID, Windows Hello)
-- 🚫 **Private keys never leave hardware** - Keys are generated and stored in secure elements
-- 🌐 **Cross-platform compatibility** - Works across modern browsers and platforms
-- 📱 **Biometric authentication** - Seamless user experience with fingerprint, face recognition, or PIN
-- 🔒 **Quantum-resistant** - P-256 elliptic curve cryptography with hardware backing
-- 🆔 **DID-based identity** - Generates deterministic DIDs based on WebAuthn credentials
+- **Keystore-based DID**: Generates an Ed25519/secp256k1 keystore keypair for OrbitDB signing in browser memory. When `encryptKeystore` is enabled, the private key is encrypted with AES-GCM and only rehydrated in memory after a WebAuthn unlock (PRF, largeBlob, or hmac-secret).
-## Installation
+**Recommendation (security-first):**
-```bash
-npm install orbitdb-identity-provider-webauthn-did
-```
-## Basic Usage
-```javascript
-import { createOrbitDB, Identities, IPFSAccessController } from '@orbitdb/core'
-import { createHelia } from 'helia'
-import {
-  WebAuthnDIDProvider,
-  OrbitDBWebAuthnIdentityProviderFunction,
-  registerWebAuthnProvider,
-  checkWebAuthnSupport,
-  storeWebAuthnCredential,
-  loadWebAuthnCredential
-} from 'orbitdb-identity-provider-webauthn-did'
-// Check WebAuthn support
-const support = await checkWebAuthnSupport()
-if (!support.supported) {
-  console.error('WebAuthn not supported:', support.message)
-  return
-}
-// Create or load WebAuthn credential
-let credential = loadWebAuthnCredential()
-if (!credential) {
-  // Create new WebAuthn credential (triggers biometric prompt)
-  credential = await WebAuthnDIDProvider.createCredential({
-    userId: 'alice@example.com',
-    displayName: 'Alice Smith'
-  })
-  // Store credential for future use
-  storeWebAuthnCredential(credential)
-}
-// Register the WebAuthn provider
-registerWebAuthnProvider()
-// Create identities instance
-const identities = await Identities()
-// Create WebAuthn identity
-const identity = await identities.createIdentity({
-  provider: OrbitDBWebAuthnIdentityProviderFunction({ webauthnCredential: credential })
-})
-// Create IPFS instance - see OrbitDB Liftoff example for full libp2p configuration:
-// https://github.com/orbitdb/orbitdb/tree/main/examples/liftoff
-const ipfs = await createHelia()
-// Create OrbitDB instance with WebAuthn identity
-const orbitdb = await createOrbitDB({
-  ipfs,
-  identities,
-  identity
-})
-// Create a database - will require biometric authentication for each write
-const db = await orbitdb.open('my-secure-database', {
-  type: 'keyvalue',
-  accessController: IPFSAccessController({
-    write: [identity.id] // Only this WebAuthn identity can write
-  })
-})
-// Adding data will trigger biometric prompt
-await db.put('greeting', 'Hello, secure world!')
-```
-## Advanced Configuration
+- **Best security:** Varsig provider (hardware-backed key for every write).
+- **Best balance:** Keystore provider with WebAuthn-encrypted keystore (fewer prompts, faster writes, key material in memory during session).
-### LibP2P and IPFS Setup
-For an example libp2p configuration. See the [OrbitDB Liftoff example](https://github.com/orbitdb/liftoff) for example libp2p setup including:
-### Credential Creation Options
-```javascript
-const credential = await WebAuthnDIDProvider.createCredential({
-  userId: 'unique-user-identifier',
-  displayName: 'User Display Name',
-  domain: 'your-app-domain.com', // Defaults to current hostname
-  timeout: 60000 // Authentication timeout in milliseconds
-})
-```
-### Identity Provider Configuration
-```javascript
-// Manual identity provider setup
-import { OrbitDBWebAuthnIdentityProviderFunction } from 'orbitdb-identity-provider-webauthn-did'
-const identityProvider = OrbitDBWebAuthnIdentityProviderFunction({
-  webauthnCredential: credential
-})
-const orbitdb = await createOrbitDB({
-  identity: {
-    provider: identityProvider
-  }
-})
-```
+Note: WebAuthn varsig support in this repo relies on our forked `@le-space/iso-*` packages of [Hugo Dias iso-repo](https://github.com/hugomrdias/iso-repo/) (notably `@le-space/iso-did` and `@le-space/iso-webauthn-varsig`) to align with the updated varsig flow.
-## WebAuthn Support Detection
-The library provides utilities to check WebAuthn compatibility:
+## Install
-```javascript
-import { checkWebAuthnSupport, WebAuthnDIDProvider } from 'orbitdb-identity-provider-webauthn-did'
-// Comprehensive support check
-const support = await checkWebAuthnSupport()
-console.log({
-  supported: support.supported,
-  platformAuthenticator: support.platformAuthenticator,
-  message: support.message
-})
-// Quick checks
-const isSupported = WebAuthnDIDProvider.isSupported()
-const hasBiometric = await WebAuthnDIDProvider.isPlatformAuthenticatorAvailable()
+```bash
+npm install orbitdb-identity-provider-webauthn-did
 ```
-## Browser Compatibility
-| Browser | Version | Face ID | Touch ID | Windows Hello |
-|---------|---------|---------|----------|---------------|
-| Chrome  | 67+     | ✅      | ✅       | ✅            |
-| Firefox | 60+     | ✅      | ✅       | ✅            |
-| Safari  | 14+     | ✅      | ✅       | ✅            |
-| Edge    | 18+     | ✅      | ✅       | ✅            |
-## Platform Support
+Note: `@orbitdb/core` is patched (via `patch-package`) to support Ed25519 keystore keys.
-- **macOS**: Face ID, Touch ID
-- **iOS**: Face ID, Touch ID
-- **Windows**: Windows Hello (face, fingerprint, PIN)
-- **Android**: Fingerprint, face unlock, screen lock
-- **Linux**: FIDO2 security keys, fingerprint readers
-## Credential Storage Utilities
-The library provides utility functions for properly storing and loading WebAuthn credentials:
-### Using the Built-in Utilities:
+## Memory Keystore Quick Start
 ```javascript
-import {
-  storeWebAuthnCredential,
-  loadWebAuthnCredential,
-  clearWebAuthnCredential
-} from 'orbitdb-identity-provider-webauthn-did'
-// Store credential (handles Uint8Array serialization automatically)
-storeWebAuthnCredential(credential)
-// Load credential (handles Uint8Array deserialization automatically)
-const credential = loadWebAuthnCredential()
+import { WebAuthnDIDProvider, OrbitDBWebAuthnIdentityProviderFunction } from 'orbitdb-identity-provider-webauthn-did';
-// Clear stored credential
-clearWebAuthnCredential()
+const credential = await WebAuthnDIDProvider.createCredential({
+  userId: 'alice@example.com',
+  displayName: 'Alice'
+});
-// Use custom storage keys
-storeWebAuthnCredential(credential, 'my-custom-key')
-const credential = loadWebAuthnCredential('my-custom-key')
+const identity = await identities.createIdentity({
+  provider: OrbitDBWebAuthnIdentityProviderFunction({ webauthnCredential: credential })
+});
 ```
-**Why we provide these utilities**: WebAuthn credentials contain `Uint8Array` objects that don't serialize properly with `JSON.stringify()`. Without proper serialization, the public key coordinates become empty arrays after loading from localStorage, causing DID generation to fail with `did:webauthn:` (missing identifier). Our utility functions handle this complexity automatically.
-## Security Considerations
-### Private Key Security
-- Private keys are generated within the secure hardware element
-- Keys cannot be extracted, cloned, or compromised through software attacks
-- Each authentication requires user presence and verification
-### DID Generation
-- DIDs are deterministically generated from the WebAuthn public key
-- Same credential always produces the same DID
-- Format: `did:webauthn:{32-char-hex-identifier}`
-### Authentication Flow
-1. User attempts database operation
-2. WebAuthn prompt appears
-3. User provides authentication
-4. Hardware element signs the operation
-5. OrbitDB verifies the signature
-## Error Handling
-The library provides detailed error handling for common WebAuthn scenarios:
+### Hardware Secured - Varsig Quick Start
 ```javascript
-try {
-  const credential = await WebAuthnDIDProvider.createCredential()
-} catch (error) {
-  switch (error.message) {
-    case 'Biometric authentication was cancelled or failed':
-      // User cancelled or biometric failed
-      break
-    case 'WebAuthn is not supported on this device':
-      // Device/browser doesn't support WebAuthn
-      break
-    case 'A credential with this ID already exists':
-      // Credential already registered for this user
-      break
-    default:
-      console.error('WebAuthn error:', error.message)
-  }
-}
-```
-## Development
+import { WebAuthnVarsigProvider, createWebAuthnVarsigIdentity } from 'orbitdb-identity-provider-webauthn-did';
-### Building
+const credential = await WebAuthnVarsigProvider.createCredential({
+  userId: 'alice@example.com',
+  displayName: 'Alice'
+});
-```bash
-npm run build
+const identity = await createWebAuthnVarsigIdentity({ credential });
 ```
-### Testing
-```bash
-npm test
+### Keystore-based DID (WebAuthn + OrbitDB keystore)
+```mermaid
+sequenceDiagram
+  autonumber
+  participant User
+  participant App
+  participant WebAuthn
+  participant Auth as Authenticator
+  participant KS as OrbitDB Keystore
+  participant Enc as KeystoreEncryption
+  participant DB as OrbitDB
+  User->>App: Create credential
+  App->>WebAuthn: create()
+  WebAuthn->>Auth: Create passkey
+  Auth-->>WebAuthn: Attestation
+  WebAuthn-->>App: Credential
+  App->>KS: getKey()/createKey(Ed25519)
+  KS-->>App: Keystore keypair
+  opt encryptKeystore=true
+    App->>Enc: generateSecretKey()
+    Enc-->>App: sk
+    App->>Enc: encrypt keystore private key (AES-GCM)
+    alt prf
+      App->>WebAuthn: get() with PRF
+      WebAuthn->>Auth: User verification
+      Auth-->>WebAuthn: PRF output
+      WebAuthn-->>App: PRF bytes
+      App->>Enc: wrap sk with PRF
+    else largeBlob
+      App->>WebAuthn: get() with largeBlob write
+      WebAuthn->>Auth: User verification
+      Auth-->>WebAuthn: Store sk in largeBlob
+      WebAuthn-->>App: largeBlob stored
+    else hmac-secret
+      App->>WebAuthn: get() with hmac-secret
+      WebAuthn->>Auth: User verification
+      Auth-->>WebAuthn: HMAC output
+      WebAuthn-->>App: HMAC bytes
+      App->>Enc: wrap sk with HMAC
+    end
+  end
+  App->>DB: db.put()
+  DB->>KS: sign entry with keystore key
+  KS-->>DB: Entry signature
+  Note over App,KS: Keystore private key is stored encrypted at rest.
 ```
-The test suite includes both unit tests and browser integration tests that verify WebAuthn functionality across different platforms.
-### Dependencies
-- `@orbitdb/core` - OrbitDB core functionality
-- `cbor-web` - CBOR decoding for WebAuthn attestation objects
-## API Reference
-### WebAuthnDIDProvider
-Core class for WebAuthn DID operations.
-#### Static Methods
-- `isSupported()` - Check if WebAuthn is supported
-- `isPlatformAuthenticatorAvailable()` - Check for biometric authenticators
-- `createCredential(options)` - Create new WebAuthn credential
-- `createDID(credentialInfo)` - Generate DID from credential
-- `extractPublicKey(credential)` - Extract public key from WebAuthn credential
-#### Instance Methods
-- `sign(data)` - Sign data using WebAuthn (triggers biometric prompt)
-- `verify(signature, data, publicKey)` - Verify WebAuthn signature
-### OrbitDBWebAuthnIdentityProvider
-OrbitDB-compatible identity provider.
-#### Methods
-- `getId()` - Get the DID identifier
-- `signIdentity(data, options)` - Sign identity data
-- `verifyIdentity(signature, data, publicKey)` - Verify identity signature
-### Utility Functions
-- `registerWebAuthnProvider()` - Register provider with OrbitDB
-- `checkWebAuthnSupport()` - Comprehensive support detection
-- `OrbitDBWebAuthnIdentityProviderFunction(options)` - Provider factory function
-- `storeWebAuthnCredential(credential, key?)` - Store credential to localStorage with proper serialization
-- `loadWebAuthnCredential(key?)` - Load credential from localStorage with proper deserialization
-- `clearWebAuthnCredential(key?)` - Clear stored credential from localStorage
+### Varsig (no keystore)
+```mermaid
+sequenceDiagram
+  autonumber
+  participant User
+  participant App
+  participant WebAuthn
+  participant Auth as Authenticator
+  participant Var as Varsig Provider
+  participant DB as OrbitDB
+  User->>App: Create credential
+  App->>WebAuthn: create()
+  WebAuthn->>Auth: Create passkey
+  Auth-->>WebAuthn: Attestation
+  WebAuthn-->>App: Credential
+  User->>App: Create varsig identity
+  App->>Var: createIdentity()
+  Var->>WebAuthn: get()
+  WebAuthn->>Auth: User verification
+  Auth-->>WebAuthn: Assertion
+  WebAuthn-->>Var: Assertion
+  Var->>Var: encode varsig envelope
+  Var-->>App: Identity
+  User->>App: Add entry
+  App->>DB: db.put()
+  DB->>Var: signIdentity(payload)
+  Var->>WebAuthn: get()
+  WebAuthn->>Auth: User verification
+  Auth-->>WebAuthn: Assertion
+  WebAuthn-->>Var: Assertion
+  Var->>Var: encode varsig envelope
+  Var-->>DB: Varsig signature
+```
 ## Examples
-See the `test/` directory for comprehensive usage examples including:
-- Basic credential creation and authentication
-- Multi-platform compatibility testing
-- Error handling scenarios
-- Integration with OrbitDB databases
-## Reference Documentation
-### Core Technologies
-#### OrbitDB
-- [OrbitDB Documentation](https://orbitdb.org/docs/) - Peer-to-peer database for the decentralized web
-- [OrbitDB GitHub](https://github.com/orbitdb/orbitdb) - Source code and examples
-- [OrbitDB Liftoff Example](https://github.com/orbitdb/orbitdb/tree/main/examples/liftoff) - Complete setup guide
-#### IPFS & Helia
-- [Helia Documentation](https://helia.io/) - Lean, modular, and modern implementation of IPFS for JavaScript
-- [Helia GitHub](https://github.com/ipfs/helia) - Source code and examples
-- [IPFS Documentation](https://docs.ipfs.tech/) - InterPlanetary File System docs
-#### libp2p
-- [libp2p Documentation](https://docs.libp2p.io/) - Modular network stack for peer-to-peer applications
-- [libp2p JavaScript](https://github.com/libp2p/js-libp2p) - JavaScript implementation
-- [libp2p Browser Examples](https://github.com/libp2p/js-libp2p/tree/main/examples) - Browser-specific configurations
-### WebAuthn & Authentication
+Svelte demos:
+- `examples/webauthn-todo-demo/` - WebAuthn DID (no keystore signing; identity-only).
+- `examples/ed25519-encrypted-keystore-demo/` - Ed25519 keystore DID; keystore encrypted at rest with WebAuthn (PRF when available, otherwise largeBlob/hmac-secret).
+- `examples/webauthn-varsig-demo/` - Varsig provider with passkey signing for each entry. Live demo: https://dweb.link/ipfs/bafybeib6tpwiby7pik67ufb3lxpr3j4by2l7r3ov3zzk6hjbzjzgsvckhy
-#### WebAuthn Standard
-- [WebAuthn W3C Specification](https://w3c.github.io/webauthn/) - Official WebAuthn standard
-- [WebAuthn Guide](https://webauthn.guide/) - Comprehensive WebAuthn tutorial
-- [MDN WebAuthn API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API) - Browser API documentation
+Scripted examples:
+- `examples/ed25519-keystore-did-example.js` - Keystore DID flow.
+- `examples/encrypted-keystore-example.js` - Keystore encryption flow.
+- `examples/simple-encryption-integration.js` - Keystore + database content encryption.
-#### Passkeys
-- [Passkeys.dev](https://passkeys.dev/) - Complete guide to implementing passkeys
-- [Apple Passkeys](https://developer.apple.com/passkeys/) - iOS/macOS passkey implementation
-- [Google Passkeys](https://developers.google.com/identity/passkeys) - Android/Chrome passkey support
-- [Microsoft Passkeys](https://docs.microsoft.com/en-us/microsoft-edge/web-platform/passkeys) - Windows Hello integration
+Mermaid sequences for scripts:
+- `docs/EXAMPLE-SEQUENCES.md`
-#### Hardware Security Keys
+## Documentation
-##### Ledger WebAuthn
-- [Ledger WebAuthn Support](https://support.ledger.com/hc/en-us/articles/115005198545-FIDO-U2F) - FIDO U2F and WebAuthn on Ledger devices
-- [Ledger Developer Portal](https://developers.ledger.com/) - Building apps for Ledger hardware wallets
-- [Ledger WebAuthn Example](https://github.com/LedgerHQ/ledger-live/tree/develop/apps/ledger-live-desktop/src/renderer/families/ethereum/WebAuthnModal) - Implementation examples
-##### YubiKey WebAuthn
-- [YubiKey WebAuthn Guide](https://developers.yubico.com/WebAuthn/) - Complete WebAuthn implementation guide
-- [YubiKey Developer Program](https://developers.yubico.com/) - SDKs, libraries, and documentation
-- [YubiKey WebAuthn Examples](https://github.com/Yubico/java-webauthn-server) - Server-side WebAuthn implementation
-- [YubiKey JavaScript Library](https://github.com/Yubico/yubikit-web) - Web integration tools
-#### Browser Compatibility
-- [Can I Use WebAuthn](https://caniuse.com/webauthn) - Browser support matrix
-- [WebAuthn Awesome List](https://github.com/herrjemand/awesome-webauthn) - Curated WebAuthn resources
-- [FIDO Alliance](https://fidoalliance.org/) - Industry standards and certification
-### Cryptography & DIDs
-#### Decentralized Identifiers (DIDs)
-- [DID W3C Specification](https://w3c.github.io/did-core/) - Official DID standard
-- [DID Method Registry](https://w3c.github.io/did-spec-registries/) - Registered DID methods
-- [DID Primer](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/topics-and-advance-readings/did-primer.md) - Introduction to DIDs
-#### P-256 Elliptic Curve Cryptography
-- [RFC 6090 - ECC Algorithms](https://tools.ietf.org/html/rfc6090) - Fundamental ECC operations
-- [NIST P-256 Curve](https://csrc.nist.gov/csrc/media/events/workshop-on-elliptic-curve-cryptography-standards/documents/papers/session6-adalier-mehmet.pdf) - Technical specifications
-- [WebCrypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) - Browser cryptography APIs
-## Contributing
-Contributions are welcome! Please ensure all tests pass and follow the existing code style.
+- `docs/USAGE-GUIDE.md`
+- `docs/ED25519-KEYSTORE-DID.md`
+- `docs/WEBAUTHN-ENCRYPTED-KEYSTORE-INTEGRATION.md`
+- `docs/WEBAUTHN-DID-AND-ORBITDB-IDENTITY.md`
 ## License
-MIT License - see LICENSE file for details.
-## Security Disclosures
-For security vulnerabilities, please email security@le-space.de instead of using the issue tracker.
+MIT. See `LICENSE`.

package/package.json CHANGED Viewed

@@ -1,20 +1,28 @@
 {
   "name": "@le-space/orbitdb-identity-provider-webauthn-did",
-  "version": "0.0.1",
+  "version": "0.2.1",
   "description": "WebAuthn-based DID identity provider for OrbitDB for hardware-secured wallets and biometric Passkey authentication",
   "main": "src/index.js",
   "type": "module",
+  "exports": {
+    ".": "./src/index.js",
+    "./verification": "./verification.js"
+  },
   "scripts": {
-    "test": "playwright test tests/webauthn-focused.test.js --project=chromium",
+    "postinstall": "patch-package",
+    "test": "npm run test:all",
     "test:all": "playwright test",
     "test:headed": "playwright test tests/webauthn-focused.test.js --headed --project=chromium",
     "test:ui": "playwright test --ui",
     "test:focused": "playwright test tests/webauthn-focused.test.js --project=chromium --reporter=line",
     "test:unit": "playwright test tests/webauthn-unit.test.js",
     "test:integration": "playwright test tests/webauthn-integration.test.js",
-    "test:ci": "playwright test tests/webauthn-focused.test.js --project=chromium --reporter=github",
-    "test:old": "mocha test/*.test.js",
-    "test:watch": "mocha test/*.test.js --watch",
+    "test:verification": "playwright test tests/webauthn-verification.test.js --project=chromium",
+    "test:ci": "playwright test tests/webauthn-verification.test.js --project=chromium --reporter=github",
+    "test:logging": "DEBUG='orbitdb-identity-provider-webauthn-did*' playwright test tests/webauthn-logging-e2e.test.js --project=chromium --reporter=line",
+    "test:varsig-e2e": "playwright test tests/webauthn-varsig-e2e.test.js --project=chromium --reporter=line",
+    "test:encrypted-keystore": "USE_ENCRYPTED_DEMO=true playwright test tests/ed25519-encrypted-keystore-e2e.test.js --project=chromium --reporter=line",
+    "test:encrypted-keystore-headed": "USE_ENCRYPTED_DEMO=true playwright test tests/ed25519-encrypted-keystore-e2e.test.js --headed --project=chromium",
     "test:full-flow": "npm run demo:setup && npm run test:focused",
     "lint": "eslint src/ tests/",
     "lint:fix": "eslint src/ tests/ --fix",
@@ -43,17 +51,27 @@
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/orbitdb/orbitdb-identity-provider-webauthn-did.git"
+    "url": "git+https://github.com/le-space/orbitdb-identity-provider-webauthn-did.git"
   },
   "bugs": {
-    "url": "https://github.com/orbitdb/orbitdb-identity-provider-webauthn-did/issues"
+    "url": "https://github.com/le-space.de/orbitdb-identity-provider-webauthn-did/issues"
   },
-  "homepage": "https://github.com/orbitdb/orbitdb-identity-provider-webauthn-did#readme",
+  "homepage": "https://github.com/le-space/orbitdb-identity-provider-webauthn-did#readme",
   "peerDependencies": {
     "@orbitdb/core": "^3.0.0"
   },
   "dependencies": {
+    "@ipld/dag-cbor": "^9.2.5",
+    "@libp2p/logger": "^5.1.5",
+    "@libp2p/crypto": "^5.1.8",
+    "@simplewebauthn/browser": "^13.0.0",
     "cbor-web": "^9.0.1",
+    "iso-base": "npm:@le-space/iso-base",
+    "iso-did": "npm:@le-space/iso-did@2.1.2",
+    "iso-passkeys": "npm:@le-space/iso-passkeys",
+    "iso-web": "^2.1.0",
+    "iso-webauthn-varsig": "npm:@le-space/iso-webauthn-varsig",
+    "multiformats": "^13.0.0",
     "vite-plugin-node-polyfills": "^0.24.0"
   },
   "devDependencies": {
@@ -63,7 +81,8 @@
     "eslint": "^9.0.0",
     "helia": "^5.0.0",
     "libp2p": "^2.0.0",
-    "mocha": "^10.0.0"
+    "mocha": "^10.0.0",
+    "patch-package": "^8.0.1"
   },
   "engines": {
     "node": ">=18.0.0"
@@ -73,10 +92,23 @@
   },
   "files": [
     "src/",
+    "verification.js",
     "README.md",
     "LICENSE",
     "package.json"
   ],
+  "pnpm": {
+    "overrides": {
+      "iso-base": "npm:@le-space/iso-base",
+      "iso-did": "npm:@le-space/iso-did@2.1.2",
+      "iso-webauthn-varsig": "npm:@le-space/iso-webauthn-varsig"
+    },
+    "onlyBuiltDependencies": [
+      "@ipshipyard/node-datachannel",
+      "classic-level",
+      "esbuild"
+    ]
+  },
   "publishConfig": {
     "access": "public"
   }