@mcp-i/core 0.1.0

package/src/delegation/storage/__tests__/memory-statuslist-storage.test.ts

@@ -0,0 +1,228 @@
+import { describe, it, expect, beforeEach } from "vitest";
+import { MemoryStatusListStorage } from "../memory-statuslist-storage.js";
+import type { StatusList2021Credential } from "../../../types/protocol.js";
+
+describe("MemoryStatusListStorage", () => {
+  let storage: MemoryStatusListStorage;
+
+  const mockStatusListCredential: StatusList2021Credential = {
+    "@context": [
+      "https://www.w3.org/2018/credentials/v1",
+      "https://w3id.org/vc/status-list/2021/v1",
+    ],
+    id: "https://example.com/status/revocation/v1",
+    type: ["VerifiableCredential", "StatusList2021Credential"],
+    issuer: "did:web:example.com",
+    issuanceDate: "2024-01-01T00:00:00Z",
+    credentialSubject: {
+      id: "https://example.com/status/revocation/v1#list",
+      type: "StatusList2021",
+      statusPurpose: "revocation",
+      encodedList: "H4sIAAAAAAAAA2NgGAWjYBSMglEwCkYBqwAA0kEQVAEAAA==",
+    },
+    proof: {
+      type: "Ed25519Signature2020",
+      created: "2024-01-01T00:00:00Z",
+      verificationMethod: "did:web:example.com#key-1",
+      proofPurpose: "assertionMethod",
+      proofValue: "mock-proof",
+    },
+  };
+
+  beforeEach(() => {
+    storage = new MemoryStatusListStorage();
+  });
+
+  describe("getStatusList", () => {
+    it("should return null for non-existent status list", async () => {
+      const result = await storage.getStatusList("non-existent");
+      expect(result).toBeNull();
+    });
+
+    it("should return stored status list", async () => {
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        mockStatusListCredential
+      );
+
+      const result = await storage.getStatusList(
+        "https://example.com/status/revocation/v1"
+      );
+
+      expect(result).toEqual(mockStatusListCredential);
+    });
+  });
+
+  describe("setStatusList", () => {
+    it("should store status list", async () => {
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        mockStatusListCredential
+      );
+
+      const result = await storage.getStatusList(
+        "https://example.com/status/revocation/v1"
+      );
+      expect(result).toEqual(mockStatusListCredential);
+    });
+
+    it("should overwrite existing status list", async () => {
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        mockStatusListCredential
+      );
+
+      const updatedCredential = {
+        ...mockStatusListCredential,
+        issuanceDate: "2024-01-02T00:00:00Z",
+      };
+
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        updatedCredential
+      );
+
+      const result = await storage.getStatusList(
+        "https://example.com/status/revocation/v1"
+      );
+      expect(result?.issuanceDate).toBe("2024-01-02T00:00:00Z");
+    });
+
+    it("should store multiple status lists independently", async () => {
+      const revocationCredential = mockStatusListCredential;
+      const suspensionCredential = {
+        ...mockStatusListCredential,
+        id: "https://example.com/status/suspension/v1",
+        credentialSubject: {
+          ...mockStatusListCredential.credentialSubject,
+          id: "https://example.com/status/suspension/v1#list",
+          statusPurpose: "suspension" as const,
+        },
+      };
+
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        revocationCredential
+      );
+      await storage.setStatusList(
+        "https://example.com/status/suspension/v1",
+        suspensionCredential
+      );
+
+      const revocation = await storage.getStatusList(
+        "https://example.com/status/revocation/v1"
+      );
+      const suspension = await storage.getStatusList(
+        "https://example.com/status/suspension/v1"
+      );
+
+      expect(revocation?.credentialSubject.statusPurpose).toBe("revocation");
+      expect(suspension?.credentialSubject.statusPurpose).toBe("suspension");
+    });
+  });
+
+  describe("allocateIndex", () => {
+    it("should allocate sequential indices starting from 0", async () => {
+      const statusListId = "https://example.com/status/revocation/v1";
+
+      const index1 = await storage.allocateIndex(statusListId);
+      const index2 = await storage.allocateIndex(statusListId);
+      const index3 = await storage.allocateIndex(statusListId);
+
+      expect(index1).toBe(0);
+      expect(index2).toBe(1);
+      expect(index3).toBe(2);
+    });
+
+    it("should allocate indices independently per status list", async () => {
+      const list1 = "https://example.com/status/revocation/v1";
+      const list2 = "https://example.com/status/suspension/v1";
+
+      const index1 = await storage.allocateIndex(list1);
+      const index2 = await storage.allocateIndex(list2);
+      const index3 = await storage.allocateIndex(list1);
+
+      expect(index1).toBe(0);
+      expect(index2).toBe(0); // Independent counter
+      expect(index3).toBe(1);
+    });
+
+    it("should continue from previous allocation after clear", async () => {
+      const statusListId = "https://example.com/status/revocation/v1";
+
+      await storage.allocateIndex(statusListId);
+      await storage.allocateIndex(statusListId);
+      storage.clear();
+
+      const index = await storage.allocateIndex(statusListId);
+      expect(index).toBe(0); // Starts fresh after clear
+    });
+  });
+
+  describe("getIndexCount", () => {
+    it("should return 0 for new status list", () => {
+      const count = storage.getIndexCount("https://example.com/status/new");
+      expect(count).toBe(0);
+    });
+
+    it("should return current allocation count", async () => {
+      const statusListId = "https://example.com/status/revocation/v1";
+
+      await storage.allocateIndex(statusListId);
+      expect(storage.getIndexCount(statusListId)).toBe(1);
+
+      await storage.allocateIndex(statusListId);
+      expect(storage.getIndexCount(statusListId)).toBe(2);
+    });
+  });
+
+  describe("clear", () => {
+    it("should remove all status lists", async () => {
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        mockStatusListCredential
+      );
+
+      storage.clear();
+
+      const result = await storage.getStatusList(
+        "https://example.com/status/revocation/v1"
+      );
+      expect(result).toBeNull();
+    });
+
+    it("should reset index counters", async () => {
+      const statusListId = "https://example.com/status/revocation/v1";
+
+      await storage.allocateIndex(statusListId);
+      await storage.allocateIndex(statusListId);
+
+      storage.clear();
+
+      expect(storage.getIndexCount(statusListId)).toBe(0);
+    });
+  });
+
+  describe("getAllStatusListIds", () => {
+    it("should return empty array when no status lists", () => {
+      const ids = storage.getAllStatusListIds();
+      expect(ids).toEqual([]);
+    });
+
+    it("should return all stored status list IDs", async () => {
+      await storage.setStatusList(
+        "https://example.com/status/revocation/v1",
+        mockStatusListCredential
+      );
+      await storage.setStatusList("https://example.com/status/suspension/v1", {
+        ...mockStatusListCredential,
+        id: "https://example.com/status/suspension/v1",
+      });
+
+      const ids = storage.getAllStatusListIds();
+      expect(ids).toContain("https://example.com/status/revocation/v1");
+      expect(ids).toContain("https://example.com/status/suspension/v1");
+      expect(ids.length).toBe(2);
+    });
+  });
+});

package/src/delegation/storage/memory-graph-storage.ts

@@ -0,0 +1,178 @@
+/**
+ * In-Memory Delegation Graph Storage Provider
+ *
+ * Memory-based implementation for testing and development.
+ * NOT suitable for production (no persistence).
+ *
+ * SOLID: Implements DelegationGraphStorageProvider interface
+ */
+
+import type {
+  DelegationGraphStorageProvider,
+  DelegationNode,
+} from '../delegation-graph.js';
+
+/**
+ * Memory-based Delegation Graph storage
+ *
+ * Stores delegation nodes in memory with efficient graph queries.
+ * Useful for:
+ * - Unit tests
+ * - Integration tests
+ * - Development/debugging
+ * - Examples
+ */
+export class MemoryDelegationGraphStorage
+  implements DelegationGraphStorageProvider
+{
+  private nodes = new Map<string, DelegationNode>();
+
+  /**
+   * Get a delegation node by ID
+   */
+  async getNode(delegationId: string): Promise<DelegationNode | null> {
+    return this.nodes.get(delegationId) || null;
+  }
+
+  /**
+   * Save a delegation node
+   */
+  async setNode(node: DelegationNode): Promise<void> {
+    this.nodes.set(node.id, node);
+  }
+
+  /**
+   * Get all children of a delegation
+   */
+  async getChildren(delegationId: string): Promise<DelegationNode[]> {
+    const parent = this.nodes.get(delegationId);
+    if (!parent) return [];
+
+    return parent.children
+      .map((childId) => this.nodes.get(childId))
+      .filter((node): node is DelegationNode => node !== undefined);
+  }
+
+  /**
+   * Get the full chain from root to this delegation
+   */
+  async getChain(delegationId: string): Promise<DelegationNode[]> {
+    const chain: DelegationNode[] = [];
+    let currentId: string | null = delegationId;
+
+    // Walk up the tree to root
+    while (currentId) {
+      const node = this.nodes.get(currentId);
+      if (!node) break;
+
+      chain.unshift(node); // Add to front (root first)
+      currentId = node.parentId;
+    }
+
+    return chain;
+  }
+
+  /**
+   * Get all descendants (children, grandchildren, etc.)
+   *
+   * Uses BFS for efficiency.
+   */
+  async getDescendants(delegationId: string): Promise<DelegationNode[]> {
+    const descendants: DelegationNode[] = [];
+    const queue: string[] = [delegationId];
+    const visited = new Set<string>();
+
+    while (queue.length > 0) {
+      const currentId = queue.shift()!;
+
+      // Skip if already visited (prevent infinite loops)
+      if (visited.has(currentId)) continue;
+      visited.add(currentId);
+
+      const node = this.nodes.get(currentId);
+      if (!node) continue;
+
+      // Add children to queue
+      for (const childId of node.children) {
+        if (!visited.has(childId)) {
+          queue.push(childId);
+
+          const childNode = this.nodes.get(childId);
+          if (childNode) {
+            descendants.push(childNode);
+          }
+        }
+      }
+    }
+
+    return descendants;
+  }
+
+  /**
+   * Delete a node
+   */
+  async deleteNode(delegationId: string): Promise<void> {
+    this.nodes.delete(delegationId);
+  }
+
+  /**
+   * Clear all data (for testing)
+   */
+  clear(): void {
+    this.nodes.clear();
+  }
+
+  /**
+   * Get all node IDs (for testing)
+   */
+  getAllNodeIds(): string[] {
+    return Array.from(this.nodes.keys());
+  }
+
+  /**
+   * Get graph statistics (for testing/debugging)
+   */
+  getStats(): {
+    totalNodes: number;
+    rootNodes: number;
+    leafNodes: number;
+    maxDepth: number;
+  } {
+    const nodes = Array.from(this.nodes.values());
+
+    const rootNodes = nodes.filter((n) => n.parentId === null).length;
+    const leafNodes = nodes.filter((n) => n.children.length === 0).length;
+
+    // Calculate max depth
+    let maxDepth = 0;
+    for (const node of nodes) {
+      const chain = this.getChainSync(node.id);
+      maxDepth = Math.max(maxDepth, chain.length - 1);
+    }
+
+    return {
+      totalNodes: nodes.length,
+      rootNodes,
+      leafNodes,
+      maxDepth,
+    };
+  }
+
+  /**
+   * Synchronous chain retrieval (for stats)
+   */
+  private getChainSync(delegationId: string): DelegationNode[] {
+    const chain: DelegationNode[] = [];
+    let currentId: string | null = delegationId;
+
+    while (currentId) {
+      const node = this.nodes.get(currentId);
+      if (!node) break;
+
+      chain.unshift(node);
+      currentId = node.parentId;
+    }
+
+    return chain;
+  }
+}

package/src/delegation/storage/memory-statuslist-storage.ts

@@ -0,0 +1,42 @@
+/**
+ * In-Memory StatusList Storage Provider
+ *
+ * Memory-based implementation for testing and development.
+ * NOT suitable for production (no persistence).
+ */
+
+import type { StatusList2021Credential } from '../../types/protocol.js';
+import type { StatusListStorageProvider } from '../statuslist-manager.js';
+
+export class MemoryStatusListStorage implements StatusListStorageProvider {
+  private statusLists = new Map<string, StatusList2021Credential>();
+  private indexCounters = new Map<string, number>();
+
+  async getStatusList(statusListId: string): Promise<StatusList2021Credential | null> {
+    return this.statusLists.get(statusListId) || null;
+  }
+
+  async setStatusList(statusListId: string, credential: StatusList2021Credential): Promise<void> {
+    this.statusLists.set(statusListId, credential);
+  }
+
+  async allocateIndex(statusListId: string): Promise<number> {
+    const current = this.indexCounters.get(statusListId) || 0;
+    const allocated = current;
+    this.indexCounters.set(statusListId, current + 1);
+    return allocated;
+  }
+
+  getIndexCount(statusListId: string): number {
+    return this.indexCounters.get(statusListId) || 0;
+  }
+
+  clear(): void {
+    this.statusLists.clear();
+    this.indexCounters.clear();
+  }
+
+  getAllStatusListIds(): string[] {
+    return Array.from(this.statusLists.keys());
+  }
+}

package/src/delegation/utils.ts

@@ -0,0 +1,189 @@
+/**
+ * Delegation Utilities
+ *
+ * Shared utility functions for delegation credential operations.
+ */
+
+import { base64urlEncodeFromString, base64urlDecodeToString } from '../utils/base64.js';
+import { canonicalize } from 'json-canonicalize';
+
+/**
+ * Canonicalize a JSON value using RFC 8785 (JSON Canonicalization Scheme).
+ *
+ * Wraps `json-canonicalize` with input validation to reject values that are
+ * not representable in JSON (Infinity, NaN, undefined, functions, symbols,
+ * bigints). The underlying library silently coerces these to `"null"` or
+ * `"undefined"`, which is dangerous for cryptographic canonicalization where
+ * distinct inputs must produce distinct outputs.
+ *
+ * @throws {TypeError} If `obj` is not a valid JSON value
+ */
+export function canonicalizeJSON(obj: unknown): string {
+  assertJsonSafe(obj);
+  return canonicalize(obj);
+}
+
+/**
+ * Recursively validates that a value is JSON-safe.
+ * Throws TypeError for Infinity, NaN, undefined, functions, symbols, bigints.
+ */
+function assertJsonSafe(value: unknown, path = '$'): void {
+  if (value === null || typeof value === 'boolean' || typeof value === 'string') {
+    return;
+  }
+
+  if (typeof value === 'number') {
+    if (!Number.isFinite(value)) {
+      throw new TypeError(
+        `Cannot canonicalize non-finite number at ${path}: ${value}`
+      );
+    }
+    return;
+  }
+
+  if (typeof value === 'undefined') {
+    throw new TypeError(`Cannot canonicalize undefined at ${path}`);
+  }
+
+  if (typeof value === 'function') {
+    throw new TypeError(`Cannot canonicalize function at ${path}`);
+  }
+
+  if (typeof value === 'symbol') {
+    throw new TypeError(`Cannot canonicalize symbol at ${path}`);
+  }
+
+  if (typeof value === 'bigint') {
+    throw new TypeError(`Cannot canonicalize bigint at ${path}`);
+  }
+
+  if (Array.isArray(value)) {
+    for (let i = 0; i < value.length; i++) {
+      assertJsonSafe(value[i], `${path}[${i}]`);
+    }
+    return;
+  }
+
+  if (typeof value === 'object') {
+    for (const [key, val] of Object.entries(value as Record<string, unknown>)) {
+      assertJsonSafe(val, `${path}.${key}`);
+    }
+    return;
+  }
+}
+
+export interface VCJWTHeader {
+  alg: 'EdDSA';
+  typ: 'JWT' | 'vc+jwt';
+  kid?: string;
+}
+
+export interface VCJWTPayload {
+  iss: string;
+  sub?: string;
+  aud?: string | string[];
+  exp?: number;
+  iat?: number;
+  jti?: string;
+  vc: Record<string, unknown>;
+}
+
+export interface EncodeVCAsJWTOptions {
+  keyId?: string;
+}
+
+export function createUnsignedVCJWT(
+  vc: Record<string, unknown>,
+  options: EncodeVCAsJWTOptions = {}
+): {
+  header: VCJWTHeader;
+  payload: VCJWTPayload;
+  encodedHeader: string;
+  encodedPayload: string;
+  signingInput: string;
+} {
+  const header: VCJWTHeader = {
+    alg: 'EdDSA',
+    typ: 'JWT',
+  };
+  if (options.keyId) {
+    header.kid = options.keyId;
+  }
+
+  const issuer =
+    typeof vc['issuer'] === 'string'
+      ? vc['issuer']
+      : ((vc['issuer'] as Record<string, unknown>)?.['id'] as string);
+  const subject = (vc['credentialSubject'] as Record<string, unknown>)?.['id'] as
+    | string
+    | undefined;
+
+  let exp: number | undefined;
+  let iat: number | undefined;
+
+  if (vc['expirationDate'] && typeof vc['expirationDate'] === 'string') {
+    exp = Math.floor(new Date(vc['expirationDate']).getTime() / 1000);
+  }
+  if (vc['issuanceDate'] && typeof vc['issuanceDate'] === 'string') {
+    iat = Math.floor(new Date(vc['issuanceDate']).getTime() / 1000);
+  }
+
+  const vcWithoutProof = { ...vc };
+  delete vcWithoutProof['proof'];
+
+  const payload: VCJWTPayload = {
+    iss: issuer,
+    vc: vcWithoutProof,
+  };
+
+  if (subject) payload.sub = subject;
+  if (exp) payload.exp = exp;
+  if (iat) payload.iat = iat;
+  if (vc['id'] && typeof vc['id'] === 'string') payload.jti = vc['id'];
+
+  const encodedHeader = base64urlEncodeFromString(JSON.stringify(header));
+  const encodedPayload = base64urlEncodeFromString(JSON.stringify(payload));
+  const signingInput = `${encodedHeader}.${encodedPayload}`;
+
+  return {
+    header,
+    payload,
+    encodedHeader,
+    encodedPayload,
+    signingInput,
+  };
+}
+
+export function completeVCJWT(signingInput: string, signature: string): string {
+  return `${signingInput}.${signature}`;
+}
+
+export function parseVCJWT(jwt: string): {
+  header: VCJWTHeader;
+  payload: VCJWTPayload;
+  signature: string;
+  signingInput: string;
+} | null {
+  const parts = jwt.split('.');
+  if (parts.length !== 3) {
+    return null;
+  }
+
+  try {
+    const headerJson = base64urlDecodeToString(parts[0]!);
+    const payloadJson = base64urlDecodeToString(parts[1]!);
+
+    const header = JSON.parse(headerJson) as VCJWTHeader;
+    const payload = JSON.parse(payloadJson) as VCJWTPayload;
+
+    return {
+      header,
+      payload,
+      signature: parts[2]!,
+      signingInput: `${parts[0]}.${parts[1]}`,
+    };
+  } catch {
+    return null;
+  }
+}
+