@metalabel/dfos-protocol 0.9.0 → 0.11.0

package/README.md

@@ -17,18 +17,15 @@ import { verifyContentChain, verifyIdentityChain } from '@metalabel/dfos-protoco
 import { createAuthToken, createDFOSCredential } from '@metalabel/dfos-protocol/credentials';
 // Crypto primitives
 import { createJws, dagCborCanonicalEncode, verifyJws } from '@metalabel/dfos-protocol/crypto';
-// Merkle trees
-import { buildMerkleTree, verifyMerkleProof } from '@metalabel/dfos-protocol/merkle';
 ```
 
 ## Subpath Exports
 
-| Export                                 | Description                                                             |
-| -------------------------------------- | ----------------------------------------------------------------------- |
-| `@metalabel/dfos-protocol/chain`       | Identity and content chain signing, verification, beacons, countersigns |
-| `@metalabel/dfos-protocol/credentials` | Auth tokens (DID-signed JWT) and DFOS credentials for authorization     |
-| `@metalabel/dfos-protocol/crypto`      | Ed25519, JWS, JWT, dag-cbor, base64url, ID generation                   |
-| `@metalabel/dfos-protocol/merkle`      | SHA-256 binary merkle tree, inclusion proofs                            |
+| Export                                 | Description                                                               |
+| -------------------------------------- | ------------------------------------------------------------------------- |
+| `@metalabel/dfos-protocol/chain`       | Identity & content chains, services, artifacts, countersigns, revocations |
+| `@metalabel/dfos-protocol/credentials` | Auth tokens (DID-signed JWT) and DFOS credentials for authorization       |
+| `@metalabel/dfos-protocol/crypto`      | Ed25519, JWS, JWT, dag-cbor, base64url, ID generation                     |
 
 ## Specifications
 
@@ -36,7 +33,7 @@ import { buildMerkleTree, verifyMerkleProof } from '@metalabel/dfos-protocol/mer
 | ------------------------------------------------ | -------------------------------------------------------------- |
 | [PROTOCOL.md](../../specs/PROTOCOL.md)           | Core protocol — chains, signatures, verification, test vectors |
 | [DID-METHOD.md](../../specs/DID-METHOD.md)       | W3C DID method specification for `did:dfos`                    |
-| [CONTENT-MODEL.md](../../specs/CONTENT-MODEL.md) | Standard content schemas (post, profile, manifest)             |
+| [CONTENT-MODEL.md](../../specs/CONTENT-MODEL.md) | Standard content schemas (post, profile)                       |
 
 ## Examples
 
@@ -50,8 +47,7 @@ The `examples/` directory contains deterministic reference fixtures that can be
 - `content-delegated.json` — creator genesis + delegated update with DFOS write credential
 - `credential-write.json` — DFOS write credential (broad + content-narrowed)
 - `credential-read.json` — DFOS read credential
-- `merkle-tree.json` — 5 content IDs → sorted tree → root, with inclusion proof
-- `beacon.json` — signed manifest pointer announcement with witness countersignature
+- `identity-services.json` — genesis publishing a services set (relay locator + content/artifact anchors)
 
 ## License
 

package/dist/chain/index.d.ts

@@ -1,5 +1,5 @@
-import { I as IdentityOperation, S as Signer, V as VerifiedIdentity, C as ContentOperation, B as BeaconPayload, a as CountersignPayload, A as ArtifactPayload } from '../schemas-BEl38wrI.js';
-export { M as MAX_ARTIFACT_PAYLOAD_SIZE, b as MultikeyPublicKey, R as RevocationPayload } from '../schemas-BEl38wrI.js';
+import { I as IdentityOperation, h as Signer, V as VerifiedIdentity, S as ServiceEntry, b as ContentOperation, c as CountersignPayload, a as ArtifactPayload } from '../schemas-Myod8ES9.js';
+export { A as ARTIFACT_CID_ANCHOR_RE, C as CONTENT_ID_ANCHOR_RE, M as MAX_ARTIFACT_PAYLOAD_SIZE, d as MAX_SERVICES_ENTRIES, e as MAX_SERVICES_PAYLOAD_SIZE, f as MultikeyPublicKey, R as RevocationPayload, g as ServicesArray } from '../schemas-Myod8ES9.js';
 import 'zod';
 
 /** Ed25519 public key multicodec value */
@@ -32,7 +32,7 @@ declare const deriveChainIdentifier: (cidBytes: Uint8Array, prefix: string) => s
 /**
  * Derive a bare content identifier from CID bytes
  *
- * Returns the raw 22-char hash with no prefix. Applications may add
+ * Returns the raw 31-char hash with no prefix. Applications may add
  * their own prefix for routing (e.g., post_xxxx) — that's semantic sugar.
  */
 declare const deriveContentId: (cidBytes: Uint8Array) => string;
@@ -88,8 +88,31 @@ declare const verifyIdentityExtensionFromTrustedState: (input: {
     createdAt: string;
 }>;
 
+type AnchorKind = 'chain' | 'artifact' | 'invalid';
+/**
+ * Enforce the services byte cap on the CBOR-encoded array — same encoding the
+ * wire uses, so the bound is identical across implementations. Mirrors the
+ * artifact payload size check.
+ */
+declare const assertServicesWithinCap: (services: ServiceEntry[]) => Promise<void>;
+/**
+ * Classify a ContentAnchor target by structural form. Resolvers dispatch on the
+ * result: 'chain' → resolve a content chain by contentId; 'artifact' → fetch by
+ * CID and require type:"artifact"; 'invalid' → reject (e.g. a bare head CID is
+ * 'artifact'-shaped but fails the resolution-time type check).
+ */
+declare const classifyAnchor: (anchor: string) => AnchorKind;
+/** Recognized (core-blessed) service types. All other types are valid but opaque. */
+declare const RECOGNIZED_SERVICE_TYPES: readonly ["DfosRelay", "ContentAnchor"];
+/** Whether the core assigns structural semantics to this service type. */
+declare const isRecognizedServiceType: (type: string) => boolean;
+/** Select the DfosRelay transport endpoints from a services set, in entry order. */
+declare const relayEndpoints: (services: ServiceEntry[]) => string[];
+/** Select ContentAnchor entries matching a client label (e.g. "profile"). */
+declare const anchorsByLabel: (services: ServiceEntry[], label: string) => ServiceEntry[];
+
 interface VerifiedContentChain {
-    /** Content identifier — bare 22-char hash derived from genesis CID */
+    /** Content identifier — bare 31-char hash derived from genesis CID */
     contentId: string;
     /** CID of the genesis operation */
     genesisCID: string;
@@ -144,6 +167,11 @@ declare const verifyContentChain: (input: {
      * is true, as credential verification needs identity resolution.
      */
     resolveIdentity?: (did: string) => Promise<VerifiedIdentity | undefined>;
+    /**
+     * Check whether a credential (leaf or parent) has been revoked. Threaded onto
+     * the WRITE path so revoked credentials no longer authorize writes.
+     */
+    isRevoked?: (issuerDID: string, credentialCID: string) => Promise<boolean>;
 }) => Promise<VerifiedContentChain>;
 /**
  * Verify a single new content operation against already-verified chain state
@@ -165,40 +193,14 @@ declare const verifyContentExtensionFromTrustedState: (input: {
     enforceAuthorization?: boolean;
     /** Resolve a DID to a VerifiedIdentity. Required when enforceAuthorization is true. */
     resolveIdentity?: (did: string) => Promise<VerifiedIdentity | undefined>;
+    /** Check whether a credential (leaf or parent) has been revoked. */
+    isRevoked?: (issuerDID: string, credentialCID: string) => Promise<boolean>;
 }) => Promise<{
     state: VerifiedContentChain;
     operationCID: string;
     createdAt: string;
 }>;
 
-interface VerifiedBeacon {
-    did: string;
-    manifestContentId: string;
-    createdAt: string;
-    signerKeyId: string;
-    beaconCID: string;
-}
-/**
- * Sign a beacon announcement as a JWS
- */
-declare const signBeacon: (input: {
-    payload: BeaconPayload;
-    signer: Signer;
-    kid: string;
-}) => Promise<{
-    jwsToken: string;
-    beaconCID: string;
-}>;
-/**
- * Verify a beacon JWS — signature, CID, payload schema, clock skew
- */
-declare const verifyBeacon: (input: {
-    jwsToken: string;
-    resolveKey: (kid: string) => Promise<Uint8Array>;
-    /** Current time for clock skew check (defaults to Date.now()) */
-    now?: number;
-}) => Promise<VerifiedBeacon>;
-
 interface VerifiedCountersignature {
     /** CID of this countersign operation (distinct from the target) */
     countersignCID: string;
@@ -206,6 +208,8 @@ interface VerifiedCountersignature {
     witnessDID: string;
     /** The CID being attested to */
     targetCID: string;
+    /** Open-namespace relation tag, if present (e.g. "endorses", "coauthors") */
+    relation?: string;
 }
 /**
  * Sign a countersignature attesting to a target operation by CID
@@ -287,4 +291,4 @@ declare const verifyRevocation: (input: {
     resolveKey: (kid: string) => Promise<Uint8Array>;
 }) => Promise<VerifiedRevocation>;
 
-export { ArtifactPayload, BeaconPayload, ContentOperation, CountersignPayload, ED25519_PRIV_MULTICODEC, ED25519_PUB_MULTICODEC, IdentityOperation, Signer, type VerifiedArtifact, type VerifiedBeacon, type VerifiedContentChain, type VerifiedCountersignature, VerifiedIdentity, type VerifiedRevocation, decodeMultikey, deriveChainIdentifier, deriveContentId, encodeEd25519Multikey, signArtifact, signBeacon, signContentOperation, signCountersignature, signIdentityOperation, signRevocation, verifyArtifact, verifyBeacon, verifyContentChain, verifyContentExtensionFromTrustedState, verifyCountersignature, verifyIdentityChain, verifyIdentityExtensionFromTrustedState, verifyRevocation };
+export { type AnchorKind, ArtifactPayload, ContentOperation, CountersignPayload, ED25519_PRIV_MULTICODEC, ED25519_PUB_MULTICODEC, IdentityOperation, RECOGNIZED_SERVICE_TYPES, ServiceEntry, Signer, type VerifiedArtifact, type VerifiedContentChain, type VerifiedCountersignature, VerifiedIdentity, type VerifiedRevocation, anchorsByLabel, assertServicesWithinCap, classifyAnchor, decodeMultikey, deriveChainIdentifier, deriveContentId, encodeEd25519Multikey, isRecognizedServiceType, relayEndpoints, signArtifact, signContentOperation, signCountersignature, signIdentityOperation, signRevocation, verifyArtifact, verifyContentChain, verifyContentExtensionFromTrustedState, verifyCountersignature, verifyIdentityChain, verifyIdentityExtensionFromTrustedState, verifyRevocation };

package/dist/chain/index.js

@@ -1,61 +1,79 @@
 import {
+  ARTIFACT_CID_ANCHOR_RE,
   ArtifactPayload,
-  BeaconPayload,
+  CONTENT_ID_ANCHOR_RE,
   ContentOperation,
   CountersignPayload,
   IdentityOperation,
   MAX_ARTIFACT_PAYLOAD_SIZE,
+  MAX_SERVICES_ENTRIES,
+  MAX_SERVICES_PAYLOAD_SIZE,
   MultikeyPublicKey,
+  RECOGNIZED_SERVICE_TYPES,
   RevocationPayload,
+  ServiceEntry,
+  ServicesArray,
   VerifiedIdentity,
+  anchorsByLabel,
+  assertServicesWithinCap,
+  classifyAnchor,
   deriveChainIdentifier,
   deriveContentId,
+  isRecognizedServiceType,
+  relayEndpoints,
   signArtifact,
-  signBeacon,
   signContentOperation,
   signCountersignature,
   signIdentityOperation,
   signRevocation,
   verifyArtifact,
-  verifyBeacon,
   verifyContentChain,
   verifyContentExtensionFromTrustedState,
   verifyCountersignature,
   verifyIdentityChain,
   verifyIdentityExtensionFromTrustedState,
   verifyRevocation
-} from "../chunk-UEJ364OG.js";
+} from "../chunk-SDUOUFTF.js";
 import {
   ED25519_PRIV_MULTICODEC,
   ED25519_PUB_MULTICODEC,
   decodeMultikey,
   encodeEd25519Multikey
-} from "../chunk-24VGJGUM.js";
-import "../chunk-ZXXP5W5N.js";
+} from "../chunk-LQFOBE6X.js";
+import "../chunk-GQOZJKKO.js";
 export {
+  ARTIFACT_CID_ANCHOR_RE,
   ArtifactPayload,
-  BeaconPayload,
+  CONTENT_ID_ANCHOR_RE,
   ContentOperation,
   CountersignPayload,
   ED25519_PRIV_MULTICODEC,
   ED25519_PUB_MULTICODEC,
   IdentityOperation,
   MAX_ARTIFACT_PAYLOAD_SIZE,
+  MAX_SERVICES_ENTRIES,
+  MAX_SERVICES_PAYLOAD_SIZE,
   MultikeyPublicKey,
+  RECOGNIZED_SERVICE_TYPES,
   RevocationPayload,
+  ServiceEntry,
+  ServicesArray,
   VerifiedIdentity,
+  anchorsByLabel,
+  assertServicesWithinCap,
+  classifyAnchor,
   decodeMultikey,
   deriveChainIdentifier,
   deriveContentId,
   encodeEd25519Multikey,
+  isRecognizedServiceType,
+  relayEndpoints,
   signArtifact,
-  signBeacon,
   signContentOperation,
   signCountersignature,
   signIdentityOperation,
   signRevocation,
   verifyArtifact,
-  verifyBeacon,
   verifyContentChain,
   verifyContentExtensionFromTrustedState,
   verifyCountersignature,

package/dist/{chunk-ZXXP5W5N.js → chunk-GQOZJKKO.js}

@@ -40,7 +40,7 @@ var isValidEd25519Signature = (payload, signature, publicKey) => {
 // src/crypto/id.ts
 import { sha256 as sha256Hash } from "@noble/hashes/sha2.js";
 var alphabet = "2346789acdefhknrtvz";
-var idLength = 22;
+var idLength = 31;
 var getRandomBytes = (length) => {
   const bytes = new Uint8Array(length);
   globalThis.crypto.getRandomValues(bytes);
@@ -75,6 +75,22 @@ var normalizedId = (prefix, id) => {
   return `${prefixLowered}_${idLowered}`;
 };
 
+// src/crypto/jws-profile.ts
+var assertJwsProfile = (header, makeError) => {
+  if (header.alg !== "EdDSA") {
+    throw makeError(`Unsupported algorithm: ${String(header.alg)}`);
+  }
+  if ("crit" in header) {
+    throw makeError("crit header is not supported");
+  }
+  if ("jwk" in header) {
+    throw makeError("jwk header is not allowed (key is resolved from kid)");
+  }
+  if ("x5c" in header) {
+    throw makeError("x5c header is not allowed (key is resolved from kid)");
+  }
+};
+
 // src/crypto/jws.ts
 var createJws = async (options) => {
   const headerB64 = base64urlEncode(JSON.stringify(options.header));
@@ -99,9 +115,10 @@ var verifyJws = (options) => {
   } catch {
     throw new JwsVerificationError("Failed to decode token");
   }
-  if (header.alg !== "EdDSA") {
-    throw new JwsVerificationError(`Unsupported algorithm: ${header.alg}`);
-  }
+  assertJwsProfile(
+    header,
+    (m) => new JwsVerificationError(m)
+  );
   const signingInput = `${headerB64}.${payloadB64}`;
   const signingInputBytes = new TextEncoder().encode(signingInput);
   const signatureBytes = base64urlDecode(signatureB64);
@@ -172,12 +189,13 @@ var verifyJwt = (options) => {
   } catch {
     throw new JwtVerificationError("Failed to decode token");
   }
+  assertJwsProfile(
+    header,
+    (m) => new JwtVerificationError(m)
+  );
   const signingInput = `${headerB64}.${payloadB64}`;
   const signingInputBytes = new TextEncoder().encode(signingInput);
   const signatureBytes = base64urlDecode(signatureB64);
-  if (header.alg !== "EdDSA") {
-    throw new JwtVerificationError(`Unsupported algorithm: ${header.alg}`);
-  }
   const isValid = isValidEd25519Signature(signingInputBytes, signatureBytes, options.publicKey);
   if (!isValid) throw new JwtVerificationError("Invalid signature");
   const currentTime = options.currentTime ?? Math.floor(Date.now() / 1e3);
@@ -209,14 +227,43 @@ import * as Block from "multiformats/block";
 import { CID } from "multiformats/cid";
 import { sha256 } from "multiformats/hashes/sha2";
 var dagCborCanonicalEncode = async (value) => {
+  assertCanonicalNumbers(value);
+  const serialized = JSON.parse(JSON.stringify(value));
+  assertCanonicalNumbers(serialized);
   return await Block.encode({
-    // removes any undefineds or other non-serializable values, kinda whack but
-    // it works for now
-    value: JSON.parse(JSON.stringify(value)),
+    // removes any undefineds or other non-serializable values (and normalizes
+    // -0 to 0)
+    value: serialized,
     codec: dagCborCodec,
     hasher: sha256
   });
 };
+var MAX_SAFE_CANONICAL_INTEGER = 9007199254740991;
+var assertCanonicalNumbers = (value) => {
+  if (typeof value === "number") {
+    if (!Number.isFinite(value)) {
+      throw new Error(`non-finite number is not canonicalizable: ${value}`);
+    }
+    if (!Number.isInteger(value)) {
+      throw new Error(
+        `non-integer number is not canonicalizable: ${value} (encode it as a string)`
+      );
+    }
+    if (value > MAX_SAFE_CANONICAL_INTEGER || value < -MAX_SAFE_CANONICAL_INTEGER) {
+      throw new Error(
+        `integer out of safe range is not canonicalizable: ${value} (encode it as a string)`
+      );
+    }
+    return;
+  }
+  if (Array.isArray(value)) {
+    for (const entry of value) assertCanonicalNumbers(entry);
+    return;
+  }
+  if (value !== null && typeof value === "object") {
+    for (const entry of Object.values(value)) assertCanonicalNumbers(entry);
+  }
+};
 var parseDagCborCID = (cid) => {
   return CID.parse(cid);
 };
@@ -237,6 +284,7 @@ export {
   generateId,
   isValidId,
   normalizedId,
+  assertJwsProfile,
   createJws,
   verifyJws,
   decodeJwsUnsafe,

package/dist/{chunk-24VGJGUM.js → chunk-LQFOBE6X.js}

@@ -5,7 +5,7 @@ import {
   decodeJwsUnsafe,
   verifyJws,
   verifyJwt
-} from "./chunk-ZXXP5W5N.js";
+} from "./chunk-GQOZJKKO.js";
 
 // src/credentials/schemas.ts
 import { z } from "zod";
@@ -14,7 +14,7 @@ var MAX_AUD = 512;
 var MAX_RESOURCE = 512;
 var MAX_ACTION = 64;
 var MAX_ATT = 32;
-var MAX_PRF = 8;
+var MAX_PRF = 1;
 var Attenuation = z.strictObject({
   resource: z.string().min(1).max(MAX_RESOURCE),
   action: z.string().min(1).max(MAX_ACTION)
@@ -96,6 +96,7 @@ var verifyAuthToken = (options) => {
     iss: result.data.iss,
     aud: result.data.aud,
     exp: result.data.exp,
+    iat: result.data.iat,
     kid
   };
 };
@@ -256,41 +257,38 @@ var verifyDelegationChain = async (credential, options) => {
       }
       return { credential, chain, rootDID: options.rootDID };
     }
-    const parents = [];
-    for (const parentJws of current.prf) {
-      const parent = await verifyDFOSCredential(parentJws, {
-        resolveIdentity: options.resolveIdentity,
-        ...options.now !== void 0 ? { now: options.now } : {}
-      });
-      if (options.isRevoked) {
-        const revoked = await options.isRevoked(parent.iss, parent.credentialCID);
-        if (revoked) {
-          throw new CredentialVerificationError("parent credential in delegation chain is revoked");
-        }
+    if (current.prf.length > 1) {
+      throw new CredentialVerificationError(
+        "delegation chain: multi-parent credentials are not supported (prf must have at most one entry)"
+      );
+    }
+    const parent = await verifyDFOSCredential(current.prf[0], {
+      resolveIdentity: options.resolveIdentity,
+      ...options.now !== void 0 ? { now: options.now } : {}
+    });
+    if (options.isRevoked) {
+      const revoked = await options.isRevoked(parent.iss, parent.credentialCID);
+      if (revoked) {
+        throw new CredentialVerificationError("parent credential in delegation chain is revoked");
       }
-      parents.push(parent);
     }
-    const matchingParent = parents.find((p) => p.aud === "*" || p.aud === current.iss);
-    if (!matchingParent) {
+    if (parent.aud !== "*" && parent.aud !== current.iss) {
       throw new CredentialVerificationError(
-        `delegation gap: no parent credential has audience matching child issuer ${current.iss}`
+        `delegation gap: parent credential audience ${parent.aud} does not match child issuer ${current.iss}`
       );
     }
-    for (const parent of parents) {
-      if (current.exp > parent.exp) {
-        throw new CredentialVerificationError(
-          "delegation chain: child credential expiry exceeds parent expiry"
-        );
-      }
+    if (current.exp > parent.exp) {
+      throw new CredentialVerificationError(
+        "delegation chain: child credential expiry exceeds parent expiry"
+      );
     }
-    const parentAttUnion = parents.flatMap((p) => p.att);
-    if (!isAttenuated(parentAttUnion, current.att)) {
+    if (!isAttenuated(parent.att, current.att)) {
       throw new CredentialVerificationError(
         "delegation chain: child credential scope exceeds parent scope"
       );
     }
-    chain.push(...parents);
-    current = parents[0];
+    chain.push(parent);
+    current = parent;
   }
   throw new CredentialVerificationError("delegation chain too deep (max 16 hops)");
 };