@metalabel/dfos-protocol 0.0.1

package/dist/crypto/index.d.ts

@@ -0,0 +1,205 @@
+import * as multiformats from 'multiformats';
+import { CID } from 'multiformats/cid';
+
+/**
+ * Encode bytes or a string as a base64url string (no padding)
+ */
+declare const base64urlEncode: (data: Uint8Array | string) => string;
+/**
+ * Decode a base64url string to bytes
+ */
+declare const base64urlDecode: (str: string) => Uint8Array;
+
+/**
+ * Generate a new random Ed25519 keypair
+ */
+declare const createNewEd25519Keypair: () => {
+    privateKey: Uint8Array<ArrayBufferLike>;
+    publicKey: Uint8Array<ArrayBufferLike>;
+};
+/**
+ * Generate an Ed25519 keypair from a private key
+ */
+declare const importEd25519Keypair: (privateKey: Uint8Array) => {
+    privateKey: Uint8Array<ArrayBufferLike>;
+    publicKey: Uint8Array<ArrayBufferLike>;
+};
+/**
+ * Sign a payload with an Ed25519 private key
+ *
+ * Ed25519 handles hashing internally (SHA-512) — no external prehash needed
+ */
+declare const signPayloadEd25519: (payload: Uint8Array, privateKey: Uint8Array) => Uint8Array<ArrayBufferLike>;
+/**
+ * Check that a signature is valid for a given payload and Ed25519 public key
+ */
+declare const isValidEd25519Signature: (payload: Uint8Array, signature: Uint8Array, publicKey: Uint8Array) => boolean;
+
+type PrefixedID<T extends string> = `${T}_${string}`;
+/**
+ * Generate an ID without a prefix
+ *
+ * Note: byte % 19 introduces ~0.3% modulo bias (256 is not divisible by 19).
+ * This is not security-relevant for identifiers. The simplicity of the algorithm
+ * is preferred over rejection sampling.
+ *
+ * @param options.seed - Optional seed for deterministic IDs
+ */
+declare const generateIdNoPrefix: (options?: {
+    seed?: Uint8Array;
+}) => string;
+/**
+ * Generate a prefixed ID
+ *
+ * Without options: generates random 22-char ID
+ * With { seed }: generates deterministic ID from seed (for external ID mapping)
+ *
+ * @example
+ * generateId('post') // random ID
+ * generateId('session', { seed: new TextEncoder().encode('clerk:123') }) // deterministic
+ */
+declare const generateId: <T extends string>(prefix: T, options?: {
+    seed?: Uint8Array;
+}) => PrefixedID<T>;
+/**
+ * Validate that an ID has the expected prefix and correct length
+ *
+ * @param prefix - Expected prefix (e.g., 'msg', 'post')
+ * @param id - ID to validate
+ * @returns true if ID has correct prefix and length (prefix + _ + 22 chars)
+ *
+ * @example
+ * isValidId('msg', 'msg_abc123...') // true
+ * isValidId('msg', 'post_abc123...') // false (wrong prefix)
+ * isValidId('msg', 'msg_short') // false (wrong length)
+ */
+declare const isValidId: (prefix: string, id: string) => boolean;
+/**
+ * Given an ID, validate prefix and return a normalized ID
+ */
+declare const normalizedId: <T extends string>(prefix: T, id: string) => `${T}_${string}`;
+
+interface JwsHeader {
+    alg: 'EdDSA';
+    typ: string;
+    kid: string;
+    /** CIDv1 of the operation payload (dag-cbor + SHA-256), signed in the protected header */
+    cid?: string;
+}
+/**
+ * Create an EdDSA JWS compact token
+ *
+ * The signer receives the signing input bytes and returns the raw Ed25519
+ * signature (64 bytes)
+ */
+declare const createJws: (options: {
+    header: JwsHeader;
+    payload: Record<string, unknown>;
+    sign: (message: Uint8Array) => Promise<Uint8Array>;
+}) => Promise<string>;
+/**
+ * Verify an EdDSA JWS compact token and return the decoded header and payload
+ *
+ * Throws JwsVerificationError if the signature is invalid
+ */
+declare const verifyJws: (options: {
+    token: string;
+    publicKey: Uint8Array;
+}) => {
+    header: JwsHeader;
+    payload: Record<string, unknown>;
+};
+/**
+ * Decode a JWS compact token without verifying the signature
+ *
+ * Returns null if the token is malformed
+ */
+declare const decodeJwsUnsafe: (token: string) => {
+    header: JwsHeader;
+    payload: Record<string, unknown>;
+} | null;
+/**
+ * Error thrown when JWS verification fails
+ */
+declare class JwsVerificationError extends Error {
+    constructor(message: string);
+}
+
+interface JwtHeader {
+    alg: 'EdDSA';
+    typ: 'JWT';
+    kid?: string;
+}
+interface JwtClaims {
+    iss: string;
+    sub: string;
+    aud?: string;
+    exp: number;
+    iat: number;
+    jti?: string;
+    [key: string]: unknown;
+}
+interface JwtVerifyOptions {
+    /** The JWT token string */
+    token: string;
+    /** Raw Ed25519 public key bytes (32 bytes) */
+    publicKey: Uint8Array;
+    /** Expected audience claim */
+    audience?: string;
+    /** Expected issuer claim */
+    issuer?: string;
+    /** Current time in seconds (defaults to Date.now() / 1000) */
+    currentTime?: number;
+}
+interface JwtCreateOptions {
+    header: JwtHeader;
+    payload: JwtClaims;
+    /** Signer function that signs payload bytes and returns signature bytes */
+    sign: (payload: Uint8Array) => Promise<Uint8Array>;
+}
+/**
+ * Create a JWT signed with EdDSA (Ed25519)
+ *
+ * The signer receives the raw signing input bytes and signs them directly
+ * (Ed25519 handles hashing internally)
+ */
+declare const createJwt: (options: JwtCreateOptions) => Promise<string>;
+/**
+ * Decode a JWT without verification (for extracting claims before key lookup)
+ *
+ * Returns null if the token is malformed
+ */
+declare const decodeJwtUnsafe: (token: string) => {
+    header: JwtHeader;
+    payload: JwtClaims;
+} | null;
+/**
+ * Verify a JWT signature and claims
+ *
+ * Supports EdDSA (Ed25519) only. Throws if verification fails.
+ */
+declare const verifyJwt: (options: JwtVerifyOptions) => {
+    header: JwtHeader;
+    payload: JwtClaims;
+};
+/**
+ * Error thrown when JWT verification fails
+ */
+declare class JwtVerificationError extends Error {
+    constructor(message: string);
+}
+
+/**
+ * Canonically encoded a value into an IPLD dag-cbor block
+ */
+declare const dagCborCanonicalEncode: (value: unknown) => Promise<multiformats.BlockView<any, 113, 18, 1>>;
+/**
+ * Parse a string CID
+ */
+declare const parseDagCborCID: (cid: string) => CID<unknown, number, number, multiformats.Version>;
+/**
+ * Returns true if the canonical encoding of the two values is the same
+ */
+declare const isCanonicallyEqual: (data1: unknown, data2: unknown) => Promise<boolean>;
+
+export { type JwsHeader, JwsVerificationError, type JwtClaims, type JwtCreateOptions, type JwtHeader, JwtVerificationError, type JwtVerifyOptions, type PrefixedID, base64urlDecode, base64urlEncode, createJws, createJwt, createNewEd25519Keypair, dagCborCanonicalEncode, decodeJwsUnsafe, decodeJwtUnsafe, generateId, generateIdNoPrefix, importEd25519Keypair, isCanonicallyEqual, isValidEd25519Signature, isValidId, normalizedId, parseDagCborCID, signPayloadEd25519, verifyJws, verifyJwt };

package/dist/crypto/index.js

@@ -0,0 +1,46 @@
+import {
+  JwsVerificationError,
+  JwtVerificationError,
+  base64urlDecode,
+  base64urlEncode,
+  createJws,
+  createJwt,
+  createNewEd25519Keypair,
+  dagCborCanonicalEncode,
+  decodeJwsUnsafe,
+  decodeJwtUnsafe,
+  generateId,
+  generateIdNoPrefix,
+  importEd25519Keypair,
+  isCanonicallyEqual,
+  isValidEd25519Signature,
+  isValidId,
+  normalizedId,
+  parseDagCborCID,
+  signPayloadEd25519,
+  verifyJws,
+  verifyJwt
+} from "../chunk-ZXXP5W5N.js";
+export {
+  JwsVerificationError,
+  JwtVerificationError,
+  base64urlDecode,
+  base64urlEncode,
+  createJws,
+  createJwt,
+  createNewEd25519Keypair,
+  dagCborCanonicalEncode,
+  decodeJwsUnsafe,
+  decodeJwtUnsafe,
+  generateId,
+  generateIdNoPrefix,
+  importEd25519Keypair,
+  isCanonicallyEqual,
+  isValidEd25519Signature,
+  isValidId,
+  normalizedId,
+  parseDagCborCID,
+  signPayloadEd25519,
+  verifyJws,
+  verifyJwt
+};

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+export { JwsHeader, JwsVerificationError, JwtClaims, JwtCreateOptions, JwtHeader, JwtVerificationError, JwtVerifyOptions, PrefixedID, base64urlDecode, base64urlEncode, createJws, createJwt, createNewEd25519Keypair, dagCborCanonicalEncode, decodeJwsUnsafe, decodeJwtUnsafe, generateId, generateIdNoPrefix, importEd25519Keypair, isCanonicallyEqual, isValidEd25519Signature, isValidId, normalizedId, parseDagCborCID, signPayloadEd25519, verifyJws, verifyJwt } from './crypto/index.js';
+export { ContentOperation, ED25519_PRIV_MULTICODEC, ED25519_PUB_MULTICODEC, IdentityOperation, MultikeyPublicKey, Signer, VerifiedContentChain, VerifiedIdentity, decodeMultikey, deriveChainIdentifier, deriveEntityId, encodeEd25519Multikey, signContentOperation, signIdentityOperation, verifyContentChain, verifyIdentityChain } from './chain/index.js';
+export { ChainStore, EntityOperationsParams, EntityOperationsResponse, IdentityOperationsParams, IdentityOperationsResponse, OperationEntry, PaginationParams, RegistryError, ResolveDocumentResponse, ResolveEntityResponse, ResolveIdentityResponse, ResolveOperationResponse, StoredChain, SubmitContentChainRequest, SubmitContentChainResponse, SubmitIdentityChainRequest, SubmitIdentityChainResponse, createRegistryServer } from './registry/index.js';
+import 'multiformats';
+import 'multiformats/cid';
+import 'zod';
+import 'hono/types';
+import 'hono';

package/dist/index.js

@@ -0,0 +1,108 @@
+import {
+  ChainStore,
+  EntityOperationsParams,
+  EntityOperationsResponse,
+  IdentityOperationsParams,
+  IdentityOperationsResponse,
+  RegistryError,
+  ResolveDocumentResponse,
+  ResolveEntityResponse,
+  ResolveIdentityResponse,
+  ResolveOperationResponse,
+  SubmitContentChainRequest,
+  SubmitContentChainResponse,
+  SubmitIdentityChainRequest,
+  SubmitIdentityChainResponse,
+  createRegistryServer
+} from "./chunk-3PB644X2.js";
+import {
+  ContentOperation,
+  ED25519_PRIV_MULTICODEC,
+  ED25519_PUB_MULTICODEC,
+  IdentityOperation,
+  MultikeyPublicKey,
+  VerifiedIdentity,
+  decodeMultikey,
+  deriveChainIdentifier,
+  deriveEntityId,
+  encodeEd25519Multikey,
+  signContentOperation,
+  signIdentityOperation,
+  verifyContentChain,
+  verifyIdentityChain
+} from "./chunk-LWC4PWGZ.js";
+import {
+  JwsVerificationError,
+  JwtVerificationError,
+  base64urlDecode,
+  base64urlEncode,
+  createJws,
+  createJwt,
+  createNewEd25519Keypair,
+  dagCborCanonicalEncode,
+  decodeJwsUnsafe,
+  decodeJwtUnsafe,
+  generateId,
+  generateIdNoPrefix,
+  importEd25519Keypair,
+  isCanonicallyEqual,
+  isValidEd25519Signature,
+  isValidId,
+  normalizedId,
+  parseDagCborCID,
+  signPayloadEd25519,
+  verifyJws,
+  verifyJwt
+} from "./chunk-ZXXP5W5N.js";
+export {
+  ChainStore,
+  ContentOperation,
+  ED25519_PRIV_MULTICODEC,
+  ED25519_PUB_MULTICODEC,
+  EntityOperationsParams,
+  EntityOperationsResponse,
+  IdentityOperation,
+  IdentityOperationsParams,
+  IdentityOperationsResponse,
+  JwsVerificationError,
+  JwtVerificationError,
+  MultikeyPublicKey,
+  RegistryError,
+  ResolveDocumentResponse,
+  ResolveEntityResponse,
+  ResolveIdentityResponse,
+  ResolveOperationResponse,
+  SubmitContentChainRequest,
+  SubmitContentChainResponse,
+  SubmitIdentityChainRequest,
+  SubmitIdentityChainResponse,
+  VerifiedIdentity,
+  base64urlDecode,
+  base64urlEncode,
+  createJws,
+  createJwt,
+  createNewEd25519Keypair,
+  createRegistryServer,
+  dagCborCanonicalEncode,
+  decodeJwsUnsafe,
+  decodeJwtUnsafe,
+  decodeMultikey,
+  deriveChainIdentifier,
+  deriveEntityId,
+  encodeEd25519Multikey,
+  generateId,
+  generateIdNoPrefix,
+  importEd25519Keypair,
+  isCanonicallyEqual,
+  isValidEd25519Signature,
+  isValidId,
+  normalizedId,
+  parseDagCborCID,
+  signContentOperation,
+  signIdentityOperation,
+  signPayloadEd25519,
+  verifyContentChain,
+  verifyIdentityChain,
+  verifyJws,
+  verifyJwt
+};

package/dist/registry/index.d.ts

@@ -0,0 +1,151 @@
+import { z } from 'zod';
+import * as hono_types from 'hono/types';
+import { Hono } from 'hono';
+
+declare const OperationEntry: z.ZodObject<{
+    cid: z.ZodString;
+    jwsToken: z.ZodString;
+    createdAt: z.ZodString;
+}, z.core.$strict>;
+type OperationEntry = z.infer<typeof OperationEntry>;
+declare const PaginationParams: z.ZodObject<{
+    cursor: z.ZodOptional<z.ZodString>;
+    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
+}, z.core.$strip>;
+type PaginationParams = z.infer<typeof PaginationParams>;
+declare const SubmitIdentityChainRequest: z.ZodObject<{
+    chain: z.ZodArray<z.ZodString>;
+}, z.core.$strict>;
+type SubmitIdentityChainRequest = z.infer<typeof SubmitIdentityChainRequest>;
+declare const SubmitIdentityChainResponse: z.ZodObject<{
+    did: z.ZodString;
+    isDeleted: z.ZodBoolean;
+    authKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+    assertKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+    controllerKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+type SubmitIdentityChainResponse = z.infer<typeof SubmitIdentityChainResponse>;
+declare const ResolveIdentityResponse: z.ZodObject<{
+    did: z.ZodString;
+    isDeleted: z.ZodBoolean;
+    authKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+    assertKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+    controllerKeys: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"Multikey">;
+        publicKeyMultibase: z.ZodString;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+type ResolveIdentityResponse = SubmitIdentityChainResponse;
+declare const IdentityOperationsParams: z.ZodObject<{
+    cursor: z.ZodOptional<z.ZodString>;
+    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
+}, z.core.$strip>;
+declare const IdentityOperationsResponse: z.ZodObject<{
+    operations: z.ZodArray<z.ZodObject<{
+        cid: z.ZodString;
+        jwsToken: z.ZodString;
+        createdAt: z.ZodString;
+    }, z.core.$strict>>;
+    nextCursor: z.ZodNullable<z.ZodString>;
+}, z.core.$strict>;
+type IdentityOperationsResponse = z.infer<typeof IdentityOperationsResponse>;
+declare const SubmitContentChainRequest: z.ZodObject<{
+    chain: z.ZodArray<z.ZodString>;
+}, z.core.$strict>;
+type SubmitContentChainRequest = z.infer<typeof SubmitContentChainRequest>;
+declare const SubmitContentChainResponse: z.ZodObject<{
+    entityId: z.ZodString;
+    isDeleted: z.ZodBoolean;
+    currentDocumentCID: z.ZodNullable<z.ZodString>;
+    genesisCID: z.ZodString;
+    headCID: z.ZodString;
+}, z.core.$strict>;
+type SubmitContentChainResponse = z.infer<typeof SubmitContentChainResponse>;
+declare const ResolveEntityResponse: z.ZodObject<{
+    entityId: z.ZodString;
+    isDeleted: z.ZodBoolean;
+    currentDocumentCID: z.ZodNullable<z.ZodString>;
+    genesisCID: z.ZodString;
+    headCID: z.ZodString;
+}, z.core.$strict>;
+type ResolveEntityResponse = SubmitContentChainResponse;
+declare const EntityOperationsParams: z.ZodObject<{
+    cursor: z.ZodOptional<z.ZodString>;
+    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
+}, z.core.$strip>;
+declare const EntityOperationsResponse: z.ZodObject<{
+    operations: z.ZodArray<z.ZodObject<{
+        cid: z.ZodString;
+        jwsToken: z.ZodString;
+        createdAt: z.ZodString;
+    }, z.core.$strict>>;
+    nextCursor: z.ZodNullable<z.ZodString>;
+}, z.core.$strict>;
+type EntityOperationsResponse = z.infer<typeof EntityOperationsResponse>;
+declare const ResolveOperationResponse: z.ZodObject<{
+    cid: z.ZodString;
+    jwsToken: z.ZodString;
+}, z.core.$strict>;
+type ResolveOperationResponse = z.infer<typeof ResolveOperationResponse>;
+declare const ResolveDocumentResponse: z.ZodObject<{
+    cid: z.ZodString;
+    content: z.ZodUnknown;
+}, z.core.$strict>;
+type ResolveDocumentResponse = z.infer<typeof ResolveDocumentResponse>;
+declare const RegistryError: z.ZodObject<{
+    error: z.ZodString;
+    message: z.ZodString;
+}, z.core.$strict>;
+type RegistryError = z.infer<typeof RegistryError>;
+
+interface StoredChain {
+    /** Ordered array of operations, genesis first */
+    operations: OperationEntry[];
+}
+declare class ChainStore {
+    private identities;
+    private entities;
+    private documents;
+    getIdentityChain(did: string): StoredChain | undefined;
+    /**
+     * Submit an identity chain. Returns 'accepted' | 'noop' | 'conflict'.
+     * - accepted: chain was stored or extended
+     * - noop: submitted chain is same as or prefix of stored chain
+     * - conflict: submitted chain diverges from stored chain (fork)
+     */
+    submitIdentityChain(did: string, operations: OperationEntry[]): 'accepted' | 'noop' | 'conflict';
+    getEntityChain(entityId: string): StoredChain | undefined;
+    submitEntityChain(entityId: string, operations: OperationEntry[]): 'accepted' | 'noop' | 'conflict';
+    getDocument(cid: string): unknown | undefined;
+    setDocument(cid: string, content: unknown): void;
+    getOperation(cid: string): OperationEntry | undefined;
+    private submitChain;
+}
+
+declare const createRegistryServer: (store?: ChainStore) => {
+    app: Hono<hono_types.BlankEnv, hono_types.BlankSchema, "/">;
+    store: ChainStore;
+};
+
+export { ChainStore, EntityOperationsParams, EntityOperationsResponse, IdentityOperationsParams, IdentityOperationsResponse, OperationEntry, PaginationParams, RegistryError, ResolveDocumentResponse, ResolveEntityResponse, ResolveIdentityResponse, ResolveOperationResponse, type StoredChain, SubmitContentChainRequest, SubmitContentChainResponse, SubmitIdentityChainRequest, SubmitIdentityChainResponse, createRegistryServer };

package/dist/registry/index.js

@@ -0,0 +1,36 @@
+import {
+  ChainStore,
+  EntityOperationsParams,
+  EntityOperationsResponse,
+  IdentityOperationsParams,
+  IdentityOperationsResponse,
+  RegistryError,
+  ResolveDocumentResponse,
+  ResolveEntityResponse,
+  ResolveIdentityResponse,
+  ResolveOperationResponse,
+  SubmitContentChainRequest,
+  SubmitContentChainResponse,
+  SubmitIdentityChainRequest,
+  SubmitIdentityChainResponse,
+  createRegistryServer
+} from "../chunk-3PB644X2.js";
+import "../chunk-LWC4PWGZ.js";
+import "../chunk-ZXXP5W5N.js";
+export {
+  ChainStore,
+  EntityOperationsParams,
+  EntityOperationsResponse,
+  IdentityOperationsParams,
+  IdentityOperationsResponse,
+  RegistryError,
+  ResolveDocumentResponse,
+  ResolveEntityResponse,
+  ResolveIdentityResponse,
+  ResolveOperationResponse,
+  SubmitContentChainRequest,
+  SubmitContentChainResponse,
+  SubmitIdentityChainRequest,
+  SubmitIdentityChainResponse,
+  createRegistryServer
+};

package/examples/content-delete.json

@@ -0,0 +1,28 @@
+{
+  "description": "Content chain: create + delete",
+  "type": "content",
+  "chain": [
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmNvbnRlbnQtb3AiLCJraWQiOiJkaWQ6ZGZvczplM3Z2dGNrNDJkNGVhY2RuenZ0cm42I2tleV9lejlhODc0dGNrcjNkdjkzM2QzY2tkIiwiY2lkIjoiYmFmeXJlaWE1ejd6eGtuYWU1ZHM3MmV1aWh1ZjJyZzNpeGw2dDRmYnpqZWZoY29nZzNucXBweW9ncXUifQ.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiY3JlYXRlIiwiZG9jdW1lbnRDSUQiOiJiYWZ5cmVpZnB2d3Vhcm1sNjJzZm9nZHBpMnZsbHR2ZzJldjZvNHh0dzc0emZ1ZDdjcGtnNzQyNnpuZSIsImNyZWF0ZWRBdCI6IjIwMjYtMDMtMDdUMDA6MDI6MDAuMDAwWiIsIm5vdGUiOm51bGx9.t_DDkJ_TmNekIGUFO22G-W78QoE4XTg9LKQ4gzAQHaK3B6491Tir9b-wtp-hcwmENu2Hqnieqv5ASiqfFrEbDw",
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmNvbnRlbnQtb3AiLCJraWQiOiJkaWQ6ZGZvczplM3Z2dGNrNDJkNGVhY2RuenZ0cm42I2tleV9lejlhODc0dGNrcjNkdjkzM2QzY2tkIiwiY2lkIjoiYmFmeXJlaWVwamFzN3JzdHV5aWI0eDY0NHYyeXJxN3c3MmV0dG5xcWozbzdhcmRhcWN1NnVzZml6b3kifQ.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiZGVsZXRlIiwicHJldmlvdXNPcGVyYXRpb25DSUQiOiJiYWZ5cmVpYTV6N3p4a25hZTVkczcyZXVpaHVmMnJnM2l4bDZ0NGZiemplZmhjb2dnM25xcHB5b2dxdSIsImNyZWF0ZWRBdCI6IjIwMjYtMDMtMDdUMDA6MDM6MDAuMDAwWiIsIm5vdGUiOiJyZW1vdmluZyBjb250ZW50In0.VkfUjFIz40nBOMzCTtoO1nhExzQHB4QX9PIOe2MmDwC-nilMStTwdiRcxRskPRg0gw8eM5Mz9hNQ8dZfCJ9JAg"
+  ],
+  "signerPublicKey": "z6MkfUd65JrAhfdgFuMCccU9ThQvjB2fJAMUHkuuajF992gK",
+  "documents": [
+    {
+      "content": {
+        "$schema": "https://schemas.dfos.com/post/v1",
+        "format": "short-post",
+        "title": "Hello World",
+        "body": "First post on the protocol."
+      },
+      "baseDocumentCID": null,
+      "createdByDID": "did:dfos:e3vvtck42d4eacdnzvtrn6",
+      "createdAt": "2026-03-07T00:02:00.000Z"
+    }
+  ],
+  "expected": {
+    "entityId": "67t27rzc83v7c22n9t6z7c",
+    "isDeleted": true,
+    "currentDocumentCID": null,
+    "length": 2
+  }
+}

package/examples/content-lifecycle.json

@@ -0,0 +1,39 @@
+{
+  "description": "Content chain: create + update (with both documents)",
+  "type": "content",
+  "chain": [
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmNvbnRlbnQtb3AiLCJraWQiOiJkaWQ6ZGZvczplM3Z2dGNrNDJkNGVhY2RuenZ0cm42I2tleV9lejlhODc0dGNrcjNkdjkzM2QzY2tkIiwiY2lkIjoiYmFmeXJlaWE1ejd6eGtuYWU1ZHM3MmV1aWh1ZjJyZzNpeGw2dDRmYnpqZWZoY29nZzNucXBweW9ncXUifQ.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiY3JlYXRlIiwiZG9jdW1lbnRDSUQiOiJiYWZ5cmVpZnB2d3Vhcm1sNjJzZm9nZHBpMnZsbHR2ZzJldjZvNHh0dzc0emZ1ZDdjcGtnNzQyNnpuZSIsImNyZWF0ZWRBdCI6IjIwMjYtMDMtMDdUMDA6MDI6MDAuMDAwWiIsIm5vdGUiOm51bGx9.t_DDkJ_TmNekIGUFO22G-W78QoE4XTg9LKQ4gzAQHaK3B6491Tir9b-wtp-hcwmENu2Hqnieqv5ASiqfFrEbDw",
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmNvbnRlbnQtb3AiLCJraWQiOiJkaWQ6ZGZvczplM3Z2dGNrNDJkNGVhY2RuenZ0cm42I2tleV9lejlhODc0dGNrcjNkdjkzM2QzY2tkIiwiY2lkIjoiYmFmeXJlaWJiNGxzdnFtejRqNzZyc3Zoa3F3M3YyYjR2cDIzdDdkaW1tNnZsNWc1d2xuaW52a2VteHEifQ.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoidXBkYXRlIiwicHJldmlvdXNPcGVyYXRpb25DSUQiOiJiYWZ5cmVpYTV6N3p4a25hZTVkczcyZXVpaHVmMnJnM2l4bDZ0NGZiemplZmhjb2dnM25xcHB5b2dxdSIsImRvY3VtZW50Q0lEIjoiYmFmeXJlaWV1bzI2emZtanh3cG13NWprNmJxenFodml2eGNiY2tneHR5ZXVjN3lwZjNwNHNpaGdxNHEiLCJjcmVhdGVkQXQiOiIyMDI2LTAzLTA3VDAwOjAzOjAwLjAwMFoiLCJub3RlIjoiZWRpdGVkIHRpdGxlIGFuZCBib2R5In0.v2BnXflq3lAiDqCpCuAoXUURY1scOGb9AMHHfCMxj1bD0GJOgdV_klv7KfqDLlSfF3Sn6CK1RDeLniF_UTKXAQ"
+  ],
+  "signerPublicKey": "z6MkfUd65JrAhfdgFuMCccU9ThQvjB2fJAMUHkuuajF992gK",
+  "documents": [
+    {
+      "content": {
+        "$schema": "https://schemas.dfos.com/post/v1",
+        "format": "short-post",
+        "title": "Hello World",
+        "body": "First post on the protocol."
+      },
+      "baseDocumentCID": null,
+      "createdByDID": "did:dfos:e3vvtck42d4eacdnzvtrn6",
+      "createdAt": "2026-03-07T00:02:00.000Z"
+    },
+    {
+      "content": {
+        "$schema": "https://schemas.dfos.com/post/v1",
+        "format": "short-post",
+        "title": "Hello World (edited)",
+        "body": "Updated content."
+      },
+      "baseDocumentCID": "bafyreifpvwuarml62sfogdpi2vlltvg2ev6o4xtw74zfud7cpkg7426zne",
+      "createdByDID": "did:dfos:e3vvtck42d4eacdnzvtrn6",
+      "createdAt": "2026-03-07T00:03:00.000Z"
+    }
+  ],
+  "expected": {
+    "entityId": "67t27rzc83v7c22n9t6z7c",
+    "isDeleted": false,
+    "currentDocumentCID": "bafyreieuo26zfmjxwpmw5jk6bqzqhvivxcbckgxtyeuc7ypf3p4sihgq4q",
+    "length": 2
+  }
+}

package/examples/identity-delete.json

@@ -0,0 +1,19 @@
+{
+  "description": "Identity chain: genesis + delete (terminal)",
+  "type": "identity",
+  "chain": [
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmlkZW50aXR5LW9wIiwia2lkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJjaWQiOiJiYWZ5cmVpYmFuanBnY3FmZmNmaHI0c3B0empmdGhoNXN6b2hoYm81dGpmdWxlbWt3N3VoZGVuNXVxeSJ9.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiY3JlYXRlIiwiYXV0aEtleXMiOlt7ImlkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJ0eXBlIjoiTXVsdGlrZXkiLCJwdWJsaWNLZXlNdWx0aWJhc2UiOiJ6Nk1rcnpMTU53b0pTVjRQM1ljY1djYnRrOHZkOUx0Z01LbkxlYURMVXFMdUFTamIifV0sImFzc2VydEtleXMiOlt7ImlkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJ0eXBlIjoiTXVsdGlrZXkiLCJwdWJsaWNLZXlNdWx0aWJhc2UiOiJ6Nk1rcnpMTU53b0pTVjRQM1ljY1djYnRrOHZkOUx0Z01LbkxlYURMVXFMdUFTamIifV0sImNvbnRyb2xsZXJLZXlzIjpbeyJpZCI6ImtleV9yOWV2MzRmdmMyM3o5OTl2ZWFhZnQ4IiwidHlwZSI6Ik11bHRpa2V5IiwicHVibGljS2V5TXVsdGliYXNlIjoiejZNa3J6TE1Od29KU1Y0UDNZY2NXY2J0azh2ZDlMdGdNS25MZWFETFVxTHVBU2piIn1dLCJjcmVhdGVkQXQiOiIyMDI2LTAzLTA3VDAwOjAwOjAwLjAwMFoifQ.EDryDK1uvtix-17cHun9t6MacFIx2rMmMF1QLzfD5TFlSsOvMcue97pCgGn3CXeLVFtVxgpCoh0kGSXioKKzAw",
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmlkZW50aXR5LW9wIiwia2lkIjoiZGlkOmRmb3M6ZTN2dnRjazQyZDRlYWNkbnp2dHJuNiNrZXlfcjlldjM0ZnZjMjN6OTk5dmVhYWZ0OCIsImNpZCI6ImJhZnlyZWloZ214ZmlnY2JvZjQ2czRrcGtteXhicXJ3dGxybmE0b2NibmxybzNzN29wanljYW15b3g0In0.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiZGVsZXRlIiwicHJldmlvdXNPcGVyYXRpb25DSUQiOiJiYWZ5cmVpYmFuanBnY3FmZmNmaHI0c3B0empmdGhoNXN6b2hoYm81dGpmdWxlbWt3N3VoZGVuNXVxeSIsImNyZWF0ZWRBdCI6IjIwMjYtMDMtMDdUMDA6MDE6MDAuMDAwWiJ9.l3X4ojfmfSd2N2tcLL4LlQbP2iaNrsxrgJ-1Wh2T3xNeZ77jgoWYIN6NHI-oYfi9GnwHBPKsOPKoBOoEFUPlAw"
+  ],
+  "expected": {
+    "did": "did:dfos:e3vvtck42d4eacdnzvtrn6",
+    "isDeleted": true,
+    "controllerKeys": [
+      {
+        "id": "key_r9ev34fvc23z999veaaft8",
+        "type": "Multikey",
+        "publicKeyMultibase": "z6MkrzLMNwoJSV4P3YccWcbtk8vd9LtgMKnLeaDLUqLuASjb"
+      }
+    ]
+  }
+}

package/examples/identity-genesis.json

@@ -0,0 +1,18 @@
+{
+  "description": "Identity chain: genesis (single create operation)",
+  "type": "identity",
+  "chain": [
+    "eyJhbGciOiJFZERTQSIsInR5cCI6ImRpZDpkZm9zOmlkZW50aXR5LW9wIiwia2lkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJjaWQiOiJiYWZ5cmVpYmFuanBnY3FmZmNmaHI0c3B0empmdGhoNXN6b2hoYm81dGpmdWxlbWt3N3VoZGVuNXVxeSJ9.eyJ2ZXJzaW9uIjoxLCJ0eXBlIjoiY3JlYXRlIiwiYXV0aEtleXMiOlt7ImlkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJ0eXBlIjoiTXVsdGlrZXkiLCJwdWJsaWNLZXlNdWx0aWJhc2UiOiJ6Nk1rcnpMTU53b0pTVjRQM1ljY1djYnRrOHZkOUx0Z01LbkxlYURMVXFMdUFTamIifV0sImFzc2VydEtleXMiOlt7ImlkIjoia2V5X3I5ZXYzNGZ2YzIzejk5OXZlYWFmdDgiLCJ0eXBlIjoiTXVsdGlrZXkiLCJwdWJsaWNLZXlNdWx0aWJhc2UiOiJ6Nk1rcnpMTU53b0pTVjRQM1ljY1djYnRrOHZkOUx0Z01LbkxlYURMVXFMdUFTamIifV0sImNvbnRyb2xsZXJLZXlzIjpbeyJpZCI6ImtleV9yOWV2MzRmdmMyM3o5OTl2ZWFhZnQ4IiwidHlwZSI6Ik11bHRpa2V5IiwicHVibGljS2V5TXVsdGliYXNlIjoiejZNa3J6TE1Od29KU1Y0UDNZY2NXY2J0azh2ZDlMdGdNS25MZWFETFVxTHVBU2piIn1dLCJjcmVhdGVkQXQiOiIyMDI2LTAzLTA3VDAwOjAwOjAwLjAwMFoifQ.EDryDK1uvtix-17cHun9t6MacFIx2rMmMF1QLzfD5TFlSsOvMcue97pCgGn3CXeLVFtVxgpCoh0kGSXioKKzAw"
+  ],
+  "expected": {
+    "did": "did:dfos:e3vvtck42d4eacdnzvtrn6",
+    "isDeleted": false,
+    "controllerKeys": [
+      {
+        "id": "key_r9ev34fvc23z999veaaft8",
+        "type": "Multikey",
+        "publicKeyMultibase": "z6MkrzLMNwoJSV4P3YccWcbtk8vd9LtgMKnLeaDLUqLuASjb"
+      }
+    ]
+  }
+}