@oma3/omatrust 0.1.0-alpha.10 → 0.1.0-alpha.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/identity/index.cjs +543 -0
- package/dist/identity/index.cjs.map +1 -1
- package/dist/identity/index.d.cts +2 -1
- package/dist/identity/index.d.ts +2 -1
- package/dist/identity/index.js +527 -1
- package/dist/identity/index.js.map +1 -1
- package/dist/index-BOvk-7Ku.d.cts +235 -0
- package/dist/index-C2w5EvFH.d.ts +329 -0
- package/dist/index-QueRiudB.d.cts +329 -0
- package/dist/index-R78TpAhN.d.ts +235 -0
- package/dist/index.cjs +1475 -165
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +4 -3
- package/dist/index.d.ts +4 -3
- package/dist/index.js +1476 -166
- package/dist/index.js.map +1 -1
- package/dist/reputation/index.browser.cjs +943 -66
- package/dist/reputation/index.browser.cjs.map +1 -1
- package/dist/reputation/index.browser.d.cts +2 -2
- package/dist/reputation/index.browser.d.ts +2 -2
- package/dist/reputation/index.browser.js +941 -66
- package/dist/reputation/index.browser.js.map +1 -1
- package/dist/reputation/index.cjs +1393 -217
- package/dist/reputation/index.cjs.map +1 -1
- package/dist/reputation/index.d.cts +3 -2
- package/dist/reputation/index.d.ts +3 -2
- package/dist/reputation/index.js +1378 -217
- package/dist/reputation/index.js.map +1 -1
- package/dist/{subject-ownership-CXvzEjpH.d.cts → subject-ownership-B7cFlm8c.d.cts} +256 -26
- package/dist/{subject-ownership-CXvzEjpH.d.ts → subject-ownership-B7cFlm8c.d.ts} +256 -26
- package/dist/types-dpYxRq8N.d.cts +281 -0
- package/dist/types-dpYxRq8N.d.ts +281 -0
- package/dist/widgets/index.cjs +70 -27
- package/dist/widgets/index.cjs.map +1 -1
- package/dist/widgets/index.d.cts +42 -18
- package/dist/widgets/index.d.ts +42 -18
- package/dist/widgets/index.js +67 -26
- package/dist/widgets/index.js.map +1 -1
- package/package.json +3 -2
- package/dist/index-B9KW02US.d.cts +0 -119
- package/dist/index-DXrwBex9.d.ts +0 -119
- package/dist/index-QZDExA4I.d.cts +0 -90
- package/dist/index-QZDExA4I.d.ts +0 -90
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { ZeroAddress, Signature, toUtf8Bytes, sha256, keccak256, formatUnits, getAddress, isAddress, verifyTypedData, hexlify, randomBytes, Contract, Interface } from 'ethers';
|
|
2
|
+
import { base64url, decodeProtectedHeader, importJWK, compactVerify } from 'jose';
|
|
2
3
|
import { SchemaEncoder, EAS } from '@ethereum-attestation-service/eas-sdk';
|
|
3
4
|
import canonicalize from 'canonicalize';
|
|
4
5
|
|
|
@@ -35,6 +36,11 @@ function assertString(value, name, code = "INVALID_INPUT") {
|
|
|
35
36
|
throw new OmaTrustError(code, `${name} must be a non-empty string`, { value });
|
|
36
37
|
}
|
|
37
38
|
}
|
|
39
|
+
function assertObject(value, name, code = "INVALID_INPUT") {
|
|
40
|
+
if (!value || typeof value !== "object" || Array.isArray(value)) {
|
|
41
|
+
throw new OmaTrustError(code, `${name} must be an object`, { value });
|
|
42
|
+
}
|
|
43
|
+
}
|
|
38
44
|
var init_assert = __esm({
|
|
39
45
|
"src/shared/assert.ts"() {
|
|
40
46
|
init_errors();
|
|
@@ -150,6 +156,8 @@ function normalizeDid(input) {
|
|
|
150
156
|
return normalizeDidHandle(trimmed);
|
|
151
157
|
case "key":
|
|
152
158
|
return normalizeDidKey(trimmed);
|
|
159
|
+
case "jwk":
|
|
160
|
+
return normalizeDidJwk(trimmed);
|
|
153
161
|
default:
|
|
154
162
|
return trimmed;
|
|
155
163
|
}
|
|
@@ -239,13 +247,226 @@ function extractAddressFromDid(identifier) {
|
|
|
239
247
|
}
|
|
240
248
|
throw new OmaTrustError("INVALID_DID", "Unsupported identifier format", { identifier });
|
|
241
249
|
}
|
|
242
|
-
|
|
250
|
+
function validateDidJwk(did) {
|
|
251
|
+
const parts = did.split(":");
|
|
252
|
+
if (parts.length !== 3) {
|
|
253
|
+
return {
|
|
254
|
+
valid: false,
|
|
255
|
+
method: "jwk",
|
|
256
|
+
error: `did:jwk must have exactly 3 colon-separated parts, got ${parts.length}`
|
|
257
|
+
};
|
|
258
|
+
}
|
|
259
|
+
const [, , encoded] = parts;
|
|
260
|
+
if (!encoded || encoded.length === 0) {
|
|
261
|
+
return { valid: false, method: "jwk", error: "Missing base64url-encoded JWK identifier" };
|
|
262
|
+
}
|
|
263
|
+
if (!BASE64URL_REGEX.test(encoded)) {
|
|
264
|
+
return {
|
|
265
|
+
valid: false,
|
|
266
|
+
method: "jwk",
|
|
267
|
+
error: "Identifier contains invalid base64url characters"
|
|
268
|
+
};
|
|
269
|
+
}
|
|
270
|
+
let decoded;
|
|
271
|
+
try {
|
|
272
|
+
const bytes = base64url.decode(encoded);
|
|
273
|
+
decoded = new TextDecoder().decode(bytes);
|
|
274
|
+
} catch {
|
|
275
|
+
return { valid: false, method: "jwk", error: "Failed to base64url-decode identifier" };
|
|
276
|
+
}
|
|
277
|
+
let jwk;
|
|
278
|
+
try {
|
|
279
|
+
jwk = JSON.parse(decoded);
|
|
280
|
+
} catch {
|
|
281
|
+
return { valid: false, method: "jwk", error: "Decoded identifier is not valid JSON" };
|
|
282
|
+
}
|
|
283
|
+
if (!jwk || typeof jwk !== "object" || Array.isArray(jwk)) {
|
|
284
|
+
return { valid: false, method: "jwk", error: "Decoded JWK must be a JSON object" };
|
|
285
|
+
}
|
|
286
|
+
const kty = jwk.kty;
|
|
287
|
+
if (typeof kty !== "string" || !VALID_JWK_KTY.has(kty)) {
|
|
288
|
+
return {
|
|
289
|
+
valid: false,
|
|
290
|
+
method: "jwk",
|
|
291
|
+
error: `Invalid or missing kty field (must be one of: EC, OKP, RSA)`
|
|
292
|
+
};
|
|
293
|
+
}
|
|
294
|
+
if ("d" in jwk) {
|
|
295
|
+
return {
|
|
296
|
+
valid: false,
|
|
297
|
+
method: "jwk",
|
|
298
|
+
error: "DID must reference a public key \u2014 private key component (d) is not allowed"
|
|
299
|
+
};
|
|
300
|
+
}
|
|
301
|
+
return { valid: true, method: "jwk" };
|
|
302
|
+
}
|
|
303
|
+
function normalizeDidJwk(input) {
|
|
304
|
+
assertString(input, "input", "INVALID_DID");
|
|
305
|
+
const trimmed = input.trim();
|
|
306
|
+
if (!trimmed.startsWith("did:jwk:")) {
|
|
307
|
+
throw new OmaTrustError("INVALID_DID", "Expected did:jwk DID", { input });
|
|
308
|
+
}
|
|
309
|
+
const result = validateDidJwk(trimmed);
|
|
310
|
+
if (!result.valid) {
|
|
311
|
+
throw new OmaTrustError("INVALID_DID", result.error ?? "Invalid did:jwk", { input });
|
|
312
|
+
}
|
|
313
|
+
return trimmed;
|
|
314
|
+
}
|
|
315
|
+
var DID_REGEX, BASE64URL_REGEX, VALID_JWK_KTY;
|
|
243
316
|
var init_did = __esm({
|
|
244
317
|
"src/identity/did.ts"() {
|
|
245
318
|
init_errors();
|
|
246
319
|
init_assert();
|
|
247
320
|
init_caip();
|
|
248
321
|
DID_REGEX = /^did:[a-z0-9]+:.+$/i;
|
|
322
|
+
BASE64URL_REGEX = /^[A-Za-z0-9_-]+$/;
|
|
323
|
+
VALID_JWK_KTY = /* @__PURE__ */ new Set(["EC", "OKP", "RSA"]);
|
|
324
|
+
}
|
|
325
|
+
});
|
|
326
|
+
function validatePublicJwk(jwk) {
|
|
327
|
+
if (!jwk || typeof jwk !== "object" || Array.isArray(jwk)) {
|
|
328
|
+
return { valid: false, error: "JWK must be a non-null object" };
|
|
329
|
+
}
|
|
330
|
+
const obj = jwk;
|
|
331
|
+
const kty = obj.kty;
|
|
332
|
+
if (typeof kty !== "string" || !VALID_KTY.has(kty)) {
|
|
333
|
+
return {
|
|
334
|
+
valid: false,
|
|
335
|
+
error: `Invalid or missing kty (must be one of: ${[...VALID_KTY].join(", ")})`
|
|
336
|
+
};
|
|
337
|
+
}
|
|
338
|
+
for (const field of PRIVATE_KEY_FIELDS) {
|
|
339
|
+
if (field in obj) {
|
|
340
|
+
return {
|
|
341
|
+
valid: false,
|
|
342
|
+
error: `JWK contains private key field "${field}" \u2014 only public keys are allowed`
|
|
343
|
+
};
|
|
344
|
+
}
|
|
345
|
+
}
|
|
346
|
+
const required = REQUIRED_PUBLIC_FIELDS[kty];
|
|
347
|
+
if (required) {
|
|
348
|
+
for (const field of required) {
|
|
349
|
+
if (!(field in obj) || obj[field] === void 0 || obj[field] === null || obj[field] === "") {
|
|
350
|
+
return {
|
|
351
|
+
valid: false,
|
|
352
|
+
error: `Missing required public key field "${field}" for kty="${kty}"`
|
|
353
|
+
};
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
}
|
|
357
|
+
return { valid: true };
|
|
358
|
+
}
|
|
359
|
+
function canonicalizeJwkJson(jwk) {
|
|
360
|
+
const sorted = Object.keys(jwk).sort();
|
|
361
|
+
const obj = {};
|
|
362
|
+
for (const key of sorted) {
|
|
363
|
+
obj[key] = jwk[key];
|
|
364
|
+
}
|
|
365
|
+
return JSON.stringify(obj);
|
|
366
|
+
}
|
|
367
|
+
function jwkToDidJwk(jwk) {
|
|
368
|
+
assertObject(jwk, "jwk", "INVALID_JWK");
|
|
369
|
+
const validation = validatePublicJwk(jwk);
|
|
370
|
+
if (!validation.valid) {
|
|
371
|
+
throw new OmaTrustError("INVALID_JWK", validation.error ?? "Invalid public JWK", { jwk });
|
|
372
|
+
}
|
|
373
|
+
const canonical = canonicalizeJwkJson(jwk);
|
|
374
|
+
const encoded = base64url.encode(new TextEncoder().encode(canonical));
|
|
375
|
+
return `did:jwk:${encoded}`;
|
|
376
|
+
}
|
|
377
|
+
function didJwkToJwk(didJwk) {
|
|
378
|
+
if (typeof didJwk !== "string" || !didJwk.startsWith("did:jwk:")) {
|
|
379
|
+
throw new OmaTrustError("INVALID_DID", "Expected a did:jwk DID", { input: didJwk });
|
|
380
|
+
}
|
|
381
|
+
const parts = didJwk.split(":");
|
|
382
|
+
if (parts.length !== 3) {
|
|
383
|
+
throw new OmaTrustError("INVALID_DID", "did:jwk must have exactly 3 colon-separated parts", {
|
|
384
|
+
input: didJwk
|
|
385
|
+
});
|
|
386
|
+
}
|
|
387
|
+
const encoded = parts[2];
|
|
388
|
+
if (!encoded || encoded.length === 0) {
|
|
389
|
+
throw new OmaTrustError("INVALID_DID", "Missing base64url-encoded JWK identifier", {
|
|
390
|
+
input: didJwk
|
|
391
|
+
});
|
|
392
|
+
}
|
|
393
|
+
let decoded;
|
|
394
|
+
try {
|
|
395
|
+
const bytes = base64url.decode(encoded);
|
|
396
|
+
decoded = new TextDecoder().decode(bytes);
|
|
397
|
+
} catch {
|
|
398
|
+
throw new OmaTrustError("INVALID_DID", "Failed to base64url-decode did:jwk identifier", {
|
|
399
|
+
input: didJwk
|
|
400
|
+
});
|
|
401
|
+
}
|
|
402
|
+
let jwk;
|
|
403
|
+
try {
|
|
404
|
+
jwk = JSON.parse(decoded);
|
|
405
|
+
} catch {
|
|
406
|
+
throw new OmaTrustError("INVALID_DID", "Decoded did:jwk identifier is not valid JSON", {
|
|
407
|
+
input: didJwk
|
|
408
|
+
});
|
|
409
|
+
}
|
|
410
|
+
if (!jwk || typeof jwk !== "object" || Array.isArray(jwk)) {
|
|
411
|
+
throw new OmaTrustError("INVALID_DID", "Decoded did:jwk must be a JSON object", {
|
|
412
|
+
input: didJwk
|
|
413
|
+
});
|
|
414
|
+
}
|
|
415
|
+
const validation = validatePublicJwk(jwk);
|
|
416
|
+
if (!validation.valid) {
|
|
417
|
+
throw new OmaTrustError("INVALID_DID", validation.error ?? "Invalid public JWK in did:jwk", {
|
|
418
|
+
input: didJwk
|
|
419
|
+
});
|
|
420
|
+
}
|
|
421
|
+
return jwk;
|
|
422
|
+
}
|
|
423
|
+
function extractPublicKeyFields(jwk) {
|
|
424
|
+
const result = {};
|
|
425
|
+
const metadataFields = /* @__PURE__ */ new Set(["kid", "use", "key_ops", "alg", "ext"]);
|
|
426
|
+
for (const [key, value] of Object.entries(jwk)) {
|
|
427
|
+
if (PRIVATE_KEY_FIELDS.has(key)) continue;
|
|
428
|
+
if (metadataFields.has(key)) continue;
|
|
429
|
+
result[key] = value;
|
|
430
|
+
}
|
|
431
|
+
return result;
|
|
432
|
+
}
|
|
433
|
+
function publicJwkEquals(a, b) {
|
|
434
|
+
assertObject(a, "a", "INVALID_JWK");
|
|
435
|
+
assertObject(b, "b", "INVALID_JWK");
|
|
436
|
+
const aObj = a;
|
|
437
|
+
const bObj = b;
|
|
438
|
+
for (const field of PRIVATE_KEY_FIELDS) {
|
|
439
|
+
if (field in aObj) {
|
|
440
|
+
throw new OmaTrustError(
|
|
441
|
+
"INVALID_JWK",
|
|
442
|
+
`First JWK contains private key field "${field}"`,
|
|
443
|
+
{ field }
|
|
444
|
+
);
|
|
445
|
+
}
|
|
446
|
+
if (field in bObj) {
|
|
447
|
+
throw new OmaTrustError(
|
|
448
|
+
"INVALID_JWK",
|
|
449
|
+
`Second JWK contains private key field "${field}"`,
|
|
450
|
+
{ field }
|
|
451
|
+
);
|
|
452
|
+
}
|
|
453
|
+
}
|
|
454
|
+
const aPublic = extractPublicKeyFields(aObj);
|
|
455
|
+
const bPublic = extractPublicKeyFields(bObj);
|
|
456
|
+
return canonicalizeJwkJson(aPublic) === canonicalizeJwkJson(bPublic);
|
|
457
|
+
}
|
|
458
|
+
var VALID_KTY, PRIVATE_KEY_FIELDS, REQUIRED_PUBLIC_FIELDS;
|
|
459
|
+
var init_jwk = __esm({
|
|
460
|
+
"src/identity/jwk.ts"() {
|
|
461
|
+
init_errors();
|
|
462
|
+
init_assert();
|
|
463
|
+
VALID_KTY = /* @__PURE__ */ new Set(["EC", "OKP", "RSA"]);
|
|
464
|
+
PRIVATE_KEY_FIELDS = /* @__PURE__ */ new Set(["d", "p", "q", "dp", "dq", "qi", "oth"]);
|
|
465
|
+
REQUIRED_PUBLIC_FIELDS = {
|
|
466
|
+
EC: ["crv", "x", "y"],
|
|
467
|
+
OKP: ["crv", "x"],
|
|
468
|
+
RSA: ["n", "e"]
|
|
469
|
+
};
|
|
249
470
|
}
|
|
250
471
|
});
|
|
251
472
|
|
|
@@ -256,21 +477,23 @@ function parseDnsTxtRecord(record) {
|
|
|
256
477
|
}
|
|
257
478
|
const entries = record.split(/[;\s]+/).map((entry) => entry.trim()).filter(Boolean);
|
|
258
479
|
const parsed = {};
|
|
480
|
+
const controllers = [];
|
|
259
481
|
for (const entry of entries) {
|
|
260
|
-
const
|
|
261
|
-
if (
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
if (
|
|
266
|
-
|
|
482
|
+
const eqIndex = entry.indexOf("=");
|
|
483
|
+
if (eqIndex === -1) continue;
|
|
484
|
+
const key = entry.slice(0, eqIndex).trim();
|
|
485
|
+
const value = entry.slice(eqIndex + 1).trim();
|
|
486
|
+
if (!key || !value) continue;
|
|
487
|
+
if (key === "controller") {
|
|
488
|
+
controllers.push(value);
|
|
489
|
+
} else {
|
|
490
|
+
parsed[key] = value;
|
|
267
491
|
}
|
|
268
|
-
parsed[key.trim()] = value.trim();
|
|
269
492
|
}
|
|
270
493
|
return {
|
|
271
494
|
version: parsed.v,
|
|
272
|
-
controller:
|
|
273
|
-
|
|
495
|
+
controller: controllers[0],
|
|
496
|
+
controllers
|
|
274
497
|
};
|
|
275
498
|
}
|
|
276
499
|
function buildDnsTxtRecord(controllerDid) {
|
|
@@ -284,6 +507,56 @@ var init_dns_txt_record = __esm({
|
|
|
284
507
|
}
|
|
285
508
|
});
|
|
286
509
|
|
|
510
|
+
// src/identity/controller-id.ts
|
|
511
|
+
function isSameControllerId(a, b) {
|
|
512
|
+
let normalizedA = null;
|
|
513
|
+
let normalizedB = null;
|
|
514
|
+
try {
|
|
515
|
+
normalizedA = normalizeDid(a);
|
|
516
|
+
} catch {
|
|
517
|
+
}
|
|
518
|
+
try {
|
|
519
|
+
normalizedB = normalizeDid(b);
|
|
520
|
+
} catch {
|
|
521
|
+
}
|
|
522
|
+
if (normalizedA && normalizedB && normalizedA === normalizedB) {
|
|
523
|
+
return true;
|
|
524
|
+
}
|
|
525
|
+
const evmA = extractControllerEvmAddress(a);
|
|
526
|
+
const evmB = extractControllerEvmAddress(b);
|
|
527
|
+
if (evmA && evmB && evmA.toLowerCase() === evmB.toLowerCase()) {
|
|
528
|
+
return true;
|
|
529
|
+
}
|
|
530
|
+
const methodA = extractDidMethod(a);
|
|
531
|
+
const methodB = extractDidMethod(b);
|
|
532
|
+
if (methodA === "jwk" && methodB === "jwk") {
|
|
533
|
+
try {
|
|
534
|
+
const jwkA = didJwkToJwk(a);
|
|
535
|
+
const jwkB = didJwkToJwk(b);
|
|
536
|
+
return publicJwkEquals(jwkA, jwkB);
|
|
537
|
+
} catch {
|
|
538
|
+
return false;
|
|
539
|
+
}
|
|
540
|
+
}
|
|
541
|
+
return false;
|
|
542
|
+
}
|
|
543
|
+
function extractControllerEvmAddress(controllerDid) {
|
|
544
|
+
try {
|
|
545
|
+
const method = extractDidMethod(controllerDid);
|
|
546
|
+
if (method === "pkh" && controllerDid.includes("eip155")) {
|
|
547
|
+
return extractAddressFromDid(controllerDid);
|
|
548
|
+
}
|
|
549
|
+
} catch {
|
|
550
|
+
}
|
|
551
|
+
return null;
|
|
552
|
+
}
|
|
553
|
+
var init_controller_id = __esm({
|
|
554
|
+
"src/identity/controller-id.ts"() {
|
|
555
|
+
init_did();
|
|
556
|
+
init_jwk();
|
|
557
|
+
}
|
|
558
|
+
});
|
|
559
|
+
|
|
287
560
|
// src/reputation/proof/dns-txt-shared.ts
|
|
288
561
|
var dns_txt_shared_exports = {};
|
|
289
562
|
__export(dns_txt_shared_exports, {
|
|
@@ -296,7 +569,6 @@ async function verifyDnsTxtControllerDid(domain, expectedControllerDid, options
|
|
|
296
569
|
if (!options.resolveTxt) {
|
|
297
570
|
throw new OmaTrustError("NETWORK_ERROR", "No DNS TXT resolver was provided", { domain });
|
|
298
571
|
}
|
|
299
|
-
const expected = normalizeDid(expectedControllerDid);
|
|
300
572
|
const prefix = options.recordPrefix ?? "_controllers";
|
|
301
573
|
const host = `${prefix}.${domain.toLowerCase().replace(/\.$/, "")}`;
|
|
302
574
|
let records;
|
|
@@ -308,15 +580,18 @@ async function verifyDnsTxtControllerDid(domain, expectedControllerDid, options
|
|
|
308
580
|
for (const recordParts of records) {
|
|
309
581
|
const record = recordParts.join("");
|
|
310
582
|
const parsed = parseDnsTxtRecord(record);
|
|
311
|
-
if (parsed.version
|
|
312
|
-
|
|
583
|
+
if (parsed.version !== "1") continue;
|
|
584
|
+
for (const recordController of parsed.controllers) {
|
|
585
|
+
if (isSameControllerId(recordController, expectedControllerDid)) {
|
|
586
|
+
return { valid: true, record };
|
|
587
|
+
}
|
|
313
588
|
}
|
|
314
589
|
}
|
|
315
|
-
return { valid: false, reason: "
|
|
590
|
+
return { valid: false, reason: "Controller DID not found in DNS TXT records" };
|
|
316
591
|
}
|
|
317
592
|
var init_dns_txt_shared = __esm({
|
|
318
593
|
"src/reputation/proof/dns-txt-shared.ts"() {
|
|
319
|
-
|
|
594
|
+
init_controller_id();
|
|
320
595
|
init_errors();
|
|
321
596
|
init_dns_txt_record();
|
|
322
597
|
}
|
|
@@ -787,19 +1062,32 @@ async function submitDelegatedAttestation(params) {
|
|
|
787
1062
|
payload = {};
|
|
788
1063
|
}
|
|
789
1064
|
if (!response.ok) {
|
|
790
|
-
|
|
791
|
-
|
|
1065
|
+
const relayError = {
|
|
1066
|
+
httpStatus: response.status,
|
|
1067
|
+
code: payload.code,
|
|
1068
|
+
error: payload.error ?? payload.message,
|
|
792
1069
|
payload
|
|
793
|
-
}
|
|
1070
|
+
};
|
|
1071
|
+
throw new OmaTrustError("RELAY_ERROR", `Relay submission failed (HTTP ${response.status})`, relayError);
|
|
794
1072
|
}
|
|
795
1073
|
const uid = payload.uid ?? ZERO_UID;
|
|
796
1074
|
const txHash = payload.txHash;
|
|
797
|
-
const
|
|
798
|
-
|
|
799
|
-
|
|
800
|
-
|
|
801
|
-
|
|
802
|
-
|
|
1075
|
+
const hasConfirmationSignals = payload.status === "confirmed" || payload.success === true || typeof payload.blockNumber === "number";
|
|
1076
|
+
const status = hasConfirmationSignals ? "confirmed" : "submitted";
|
|
1077
|
+
const relay = {};
|
|
1078
|
+
if (typeof payload.blockNumber === "number") relay.blockNumber = payload.blockNumber;
|
|
1079
|
+
if (typeof payload.chain === "string") relay.chain = payload.chain;
|
|
1080
|
+
if (typeof payload.success === "boolean") relay.success = payload.success;
|
|
1081
|
+
for (const key of Object.keys(payload)) {
|
|
1082
|
+
if (!["uid", "txHash", "status", "blockNumber", "chain", "success"].includes(key)) {
|
|
1083
|
+
relay[key] = payload[key];
|
|
1084
|
+
}
|
|
1085
|
+
}
|
|
1086
|
+
const result = { uid, txHash, status };
|
|
1087
|
+
if (Object.keys(relay).length > 0) {
|
|
1088
|
+
result.relay = relay;
|
|
1089
|
+
}
|
|
1090
|
+
return result;
|
|
803
1091
|
}
|
|
804
1092
|
|
|
805
1093
|
// src/reputation/query.ts
|
|
@@ -905,7 +1193,7 @@ async function getAttestationsForDid(params) {
|
|
|
905
1193
|
provider,
|
|
906
1194
|
fromBlock,
|
|
907
1195
|
toBlock,
|
|
908
|
-
{ recipient: didToAddress(params.
|
|
1196
|
+
{ recipient: didToAddress(params.subjectDid), schemas: params.schemas }
|
|
909
1197
|
);
|
|
910
1198
|
}
|
|
911
1199
|
async function getAttestationsByAttester(params) {
|
|
@@ -1157,6 +1445,10 @@ function getExplorerAddressUrl(chainId, address) {
|
|
|
1157
1445
|
|
|
1158
1446
|
// src/reputation/proof/did-json.ts
|
|
1159
1447
|
init_did();
|
|
1448
|
+
init_jwk();
|
|
1449
|
+
init_errors();
|
|
1450
|
+
|
|
1451
|
+
// src/shared/did-document.ts
|
|
1160
1452
|
init_errors();
|
|
1161
1453
|
async function fetchDidDocument(domain) {
|
|
1162
1454
|
const normalized = domain.toLowerCase().replace(/\.$/, "");
|
|
@@ -1168,15 +1460,16 @@ async function fetchDidDocument(domain) {
|
|
|
1168
1460
|
throw new OmaTrustError("NETWORK_ERROR", "Failed to fetch DID document", { domain, err });
|
|
1169
1461
|
}
|
|
1170
1462
|
if (!response.ok) {
|
|
1171
|
-
throw new OmaTrustError("NETWORK_ERROR",
|
|
1463
|
+
throw new OmaTrustError("NETWORK_ERROR", `DID document fetch failed: ${response.status}`, {
|
|
1172
1464
|
domain,
|
|
1173
1465
|
status: response.status
|
|
1174
1466
|
});
|
|
1175
1467
|
}
|
|
1176
|
-
|
|
1177
|
-
return body;
|
|
1468
|
+
return await response.json();
|
|
1178
1469
|
}
|
|
1179
|
-
|
|
1470
|
+
|
|
1471
|
+
// src/reputation/proof/did-json.ts
|
|
1472
|
+
function extractEvmAddressesFromDidDocument(didDocument) {
|
|
1180
1473
|
const methods = didDocument.verificationMethod;
|
|
1181
1474
|
if (!Array.isArray(methods)) {
|
|
1182
1475
|
return [];
|
|
@@ -1200,14 +1493,52 @@ function extractAddressesFromDidDocument(didDocument) {
|
|
|
1200
1493
|
}
|
|
1201
1494
|
return [...addresses];
|
|
1202
1495
|
}
|
|
1496
|
+
function extractJwksFromDidDocument(didDocument) {
|
|
1497
|
+
const methods = didDocument.verificationMethod;
|
|
1498
|
+
if (!Array.isArray(methods)) {
|
|
1499
|
+
return [];
|
|
1500
|
+
}
|
|
1501
|
+
const jwks = [];
|
|
1502
|
+
for (const method of methods) {
|
|
1503
|
+
const publicKeyJwk = method.publicKeyJwk;
|
|
1504
|
+
if (publicKeyJwk && typeof publicKeyJwk === "object" && !Array.isArray(publicKeyJwk)) {
|
|
1505
|
+
jwks.push(publicKeyJwk);
|
|
1506
|
+
}
|
|
1507
|
+
}
|
|
1508
|
+
return jwks;
|
|
1509
|
+
}
|
|
1203
1510
|
function verifyDidDocumentControllerDid(didDocument, expectedControllerDid) {
|
|
1511
|
+
const method = extractDidMethod(expectedControllerDid);
|
|
1512
|
+
if (method === "jwk") {
|
|
1513
|
+
try {
|
|
1514
|
+
const expectedJwk = didJwkToJwk(expectedControllerDid);
|
|
1515
|
+
const documentJwks = extractJwksFromDidDocument(didDocument);
|
|
1516
|
+
for (const docJwk of documentJwks) {
|
|
1517
|
+
try {
|
|
1518
|
+
if (publicJwkEquals(docJwk, expectedJwk)) {
|
|
1519
|
+
return { valid: true };
|
|
1520
|
+
}
|
|
1521
|
+
} catch {
|
|
1522
|
+
}
|
|
1523
|
+
}
|
|
1524
|
+
return {
|
|
1525
|
+
valid: false,
|
|
1526
|
+
reason: "No matching publicKeyJwk found in DID document verification methods"
|
|
1527
|
+
};
|
|
1528
|
+
} catch {
|
|
1529
|
+
return {
|
|
1530
|
+
valid: false,
|
|
1531
|
+
reason: "Failed to decode did:jwk controller DID"
|
|
1532
|
+
};
|
|
1533
|
+
}
|
|
1534
|
+
}
|
|
1204
1535
|
let expectedAddress;
|
|
1205
1536
|
try {
|
|
1206
1537
|
expectedAddress = getAddress(extractAddressFromDid(expectedControllerDid));
|
|
1207
1538
|
} catch {
|
|
1208
|
-
return { valid: false, reason: "
|
|
1539
|
+
return { valid: false, reason: "Controller DID does not resolve to an EVM address and is not did:jwk" };
|
|
1209
1540
|
}
|
|
1210
|
-
const addresses =
|
|
1541
|
+
const addresses = extractEvmAddressesFromDidDocument(didDocument);
|
|
1211
1542
|
if (addresses.some((address) => address.toLowerCase() === expectedAddress.toLowerCase())) {
|
|
1212
1543
|
return { valid: true };
|
|
1213
1544
|
}
|
|
@@ -1261,6 +1592,469 @@ function verifyEip712Signature(typedData, signature) {
|
|
|
1261
1592
|
|
|
1262
1593
|
// src/reputation/verify.ts
|
|
1263
1594
|
init_dns_txt_record();
|
|
1595
|
+
|
|
1596
|
+
// src/reputation/proof/x402-jws.ts
|
|
1597
|
+
init_errors();
|
|
1598
|
+
init_jwk();
|
|
1599
|
+
|
|
1600
|
+
// src/identity/resolve-key.ts
|
|
1601
|
+
init_errors();
|
|
1602
|
+
init_assert();
|
|
1603
|
+
|
|
1604
|
+
// src/identity/did-url.ts
|
|
1605
|
+
init_errors();
|
|
1606
|
+
init_assert();
|
|
1607
|
+
var DID_URL_REGEX = /^did:[a-z0-9]+:.+$/i;
|
|
1608
|
+
function parseDidUrl(input) {
|
|
1609
|
+
assertString(input, "input", "INVALID_DID_URL");
|
|
1610
|
+
const trimmed = input.trim();
|
|
1611
|
+
const hashIndex = trimmed.indexOf("#");
|
|
1612
|
+
let did;
|
|
1613
|
+
let fragment;
|
|
1614
|
+
if (hashIndex === -1) {
|
|
1615
|
+
did = trimmed;
|
|
1616
|
+
fragment = null;
|
|
1617
|
+
} else {
|
|
1618
|
+
did = trimmed.slice(0, hashIndex);
|
|
1619
|
+
const rawFragment = trimmed.slice(hashIndex + 1);
|
|
1620
|
+
if (rawFragment.length === 0) {
|
|
1621
|
+
throw new OmaTrustError(
|
|
1622
|
+
"INVALID_DID_URL",
|
|
1623
|
+
"DID URL has empty fragment (trailing '#' with no identifier)",
|
|
1624
|
+
{ input }
|
|
1625
|
+
);
|
|
1626
|
+
}
|
|
1627
|
+
fragment = rawFragment;
|
|
1628
|
+
}
|
|
1629
|
+
if (!DID_URL_REGEX.test(did)) {
|
|
1630
|
+
throw new OmaTrustError(
|
|
1631
|
+
"INVALID_DID_URL",
|
|
1632
|
+
"Invalid DID URL: base DID portion is malformed",
|
|
1633
|
+
{ input, did }
|
|
1634
|
+
);
|
|
1635
|
+
}
|
|
1636
|
+
return {
|
|
1637
|
+
didUrl: trimmed,
|
|
1638
|
+
did,
|
|
1639
|
+
fragment
|
|
1640
|
+
};
|
|
1641
|
+
}
|
|
1642
|
+
|
|
1643
|
+
// src/identity/resolve-key.ts
|
|
1644
|
+
init_did();
|
|
1645
|
+
init_jwk();
|
|
1646
|
+
function findVerificationMethod(didDocument, didUrl, fragment) {
|
|
1647
|
+
const methods = didDocument.verificationMethod;
|
|
1648
|
+
if (!Array.isArray(methods)) {
|
|
1649
|
+
return null;
|
|
1650
|
+
}
|
|
1651
|
+
for (const method of methods) {
|
|
1652
|
+
if (!method || typeof method !== "object") continue;
|
|
1653
|
+
const id = method.id;
|
|
1654
|
+
if (typeof id !== "string") continue;
|
|
1655
|
+
if (id === didUrl) return method;
|
|
1656
|
+
if (fragment && (id === `#${fragment}` || id.endsWith(`#${fragment}`))) {
|
|
1657
|
+
return method;
|
|
1658
|
+
}
|
|
1659
|
+
}
|
|
1660
|
+
return null;
|
|
1661
|
+
}
|
|
1662
|
+
function extractMethodIdsFromDidDocument(didDocument) {
|
|
1663
|
+
const methods = didDocument.verificationMethod;
|
|
1664
|
+
if (!Array.isArray(methods)) return [];
|
|
1665
|
+
return methods.filter((m) => m && typeof m.id === "string").map((m) => m.id);
|
|
1666
|
+
}
|
|
1667
|
+
async function resolveDidUrlToPublicKey(didUrl, options) {
|
|
1668
|
+
assertString(didUrl, "didUrl", "INVALID_DID_URL");
|
|
1669
|
+
const parsed = parseDidUrl(didUrl);
|
|
1670
|
+
const method = extractDidMethod(parsed.did);
|
|
1671
|
+
if (!method) {
|
|
1672
|
+
throw new OmaTrustError("INVALID_DID_URL", "Cannot extract DID method from DID URL", {
|
|
1673
|
+
didUrl,
|
|
1674
|
+
did: parsed.did
|
|
1675
|
+
});
|
|
1676
|
+
}
|
|
1677
|
+
switch (method) {
|
|
1678
|
+
case "web":
|
|
1679
|
+
return resolveDidUrlKey(parsed.didUrl, parsed.did, parsed.fragment);
|
|
1680
|
+
default:
|
|
1681
|
+
throw new OmaTrustError(
|
|
1682
|
+
"UNSUPPORTED_DID_METHOD",
|
|
1683
|
+
`DID URL key resolution is not supported for method "${method}"`,
|
|
1684
|
+
{ didUrl, method }
|
|
1685
|
+
);
|
|
1686
|
+
}
|
|
1687
|
+
}
|
|
1688
|
+
async function resolveDidUrlKey(didUrl, did, fragment, options) {
|
|
1689
|
+
const domain = getDomainFromDidWeb(did);
|
|
1690
|
+
if (!domain) {
|
|
1691
|
+
throw new OmaTrustError("INVALID_DID_URL", "Cannot extract domain from did:web DID", {
|
|
1692
|
+
didUrl,
|
|
1693
|
+
did
|
|
1694
|
+
});
|
|
1695
|
+
}
|
|
1696
|
+
const fetchFn = fetchDidDocument;
|
|
1697
|
+
const didDocument = await fetchFn(domain);
|
|
1698
|
+
const method = findVerificationMethod(didDocument, didUrl, fragment);
|
|
1699
|
+
if (!method) {
|
|
1700
|
+
throw new OmaTrustError(
|
|
1701
|
+
"KEY_NOT_FOUND",
|
|
1702
|
+
`No verification method found matching "${fragment ? `#${fragment}` : didUrl}"`,
|
|
1703
|
+
{ didUrl, fragment, availableMethods: extractMethodIdsFromDidDocument(didDocument) }
|
|
1704
|
+
);
|
|
1705
|
+
}
|
|
1706
|
+
const publicKeyJwk = method.publicKeyJwk;
|
|
1707
|
+
if (!publicKeyJwk || typeof publicKeyJwk !== "object") {
|
|
1708
|
+
throw new OmaTrustError(
|
|
1709
|
+
"KEY_NOT_FOUND",
|
|
1710
|
+
`Verification method "${method.id}" does not contain publicKeyJwk`,
|
|
1711
|
+
{ didUrl, verificationMethodId: method.id }
|
|
1712
|
+
);
|
|
1713
|
+
}
|
|
1714
|
+
const validation = validatePublicJwk(publicKeyJwk);
|
|
1715
|
+
if (!validation.valid) {
|
|
1716
|
+
throw new OmaTrustError(
|
|
1717
|
+
"INVALID_JWK",
|
|
1718
|
+
`publicKeyJwk in verification method "${method.id}" is invalid: ${validation.error}`,
|
|
1719
|
+
{ didUrl, verificationMethodId: method.id }
|
|
1720
|
+
);
|
|
1721
|
+
}
|
|
1722
|
+
return {
|
|
1723
|
+
didUrl,
|
|
1724
|
+
did,
|
|
1725
|
+
fragment,
|
|
1726
|
+
publicKeyJwk,
|
|
1727
|
+
verificationMethodId: method.id
|
|
1728
|
+
};
|
|
1729
|
+
}
|
|
1730
|
+
|
|
1731
|
+
// src/reputation/proof/x402-jws.ts
|
|
1732
|
+
var REQUIRED_OFFER_FIELDS = [
|
|
1733
|
+
"version",
|
|
1734
|
+
"resourceUrl",
|
|
1735
|
+
"scheme",
|
|
1736
|
+
"network",
|
|
1737
|
+
"asset",
|
|
1738
|
+
"payTo",
|
|
1739
|
+
"amount"
|
|
1740
|
+
];
|
|
1741
|
+
var REQUIRED_RECEIPT_FIELDS = [
|
|
1742
|
+
"version",
|
|
1743
|
+
"network",
|
|
1744
|
+
"resourceUrl",
|
|
1745
|
+
"payer",
|
|
1746
|
+
"issuedAt"
|
|
1747
|
+
];
|
|
1748
|
+
function validateOfferPayload(payload) {
|
|
1749
|
+
for (const field of REQUIRED_OFFER_FIELDS) {
|
|
1750
|
+
if (!(field in payload) || payload[field] === void 0 || payload[field] === null) {
|
|
1751
|
+
return { valid: false, field };
|
|
1752
|
+
}
|
|
1753
|
+
}
|
|
1754
|
+
return { valid: true };
|
|
1755
|
+
}
|
|
1756
|
+
function validateReceiptPayload(payload) {
|
|
1757
|
+
for (const field of REQUIRED_RECEIPT_FIELDS) {
|
|
1758
|
+
if (!(field in payload) || payload[field] === void 0 || payload[field] === null) {
|
|
1759
|
+
return { valid: false, field };
|
|
1760
|
+
}
|
|
1761
|
+
}
|
|
1762
|
+
return { valid: true };
|
|
1763
|
+
}
|
|
1764
|
+
function failure(code, message, partial) {
|
|
1765
|
+
return {
|
|
1766
|
+
valid: false,
|
|
1767
|
+
error: { code, message },
|
|
1768
|
+
...partial
|
|
1769
|
+
};
|
|
1770
|
+
}
|
|
1771
|
+
async function verifyX402JwsArtifact(artifact, options) {
|
|
1772
|
+
if (!artifact || typeof artifact !== "object") {
|
|
1773
|
+
return failure("INVALID_ARTIFACT", "Artifact must be a non-null object");
|
|
1774
|
+
}
|
|
1775
|
+
if (artifact.format !== "jws") {
|
|
1776
|
+
return failure("INVALID_ARTIFACT", `Expected format "jws", got "${artifact.format}"`);
|
|
1777
|
+
}
|
|
1778
|
+
if (typeof artifact.signature !== "string" || artifact.signature.length === 0) {
|
|
1779
|
+
return failure("INVALID_ARTIFACT", "Artifact signature must be a non-empty string");
|
|
1780
|
+
}
|
|
1781
|
+
const compactJws = artifact.signature;
|
|
1782
|
+
const parts = compactJws.split(".");
|
|
1783
|
+
if (parts.length !== 3) {
|
|
1784
|
+
return failure("MALFORMED_JWS", "Invalid compact JWS format: expected 3 dot-separated parts");
|
|
1785
|
+
}
|
|
1786
|
+
let header;
|
|
1787
|
+
try {
|
|
1788
|
+
header = decodeProtectedHeader(compactJws);
|
|
1789
|
+
} catch {
|
|
1790
|
+
return failure("MALFORMED_JWS", "Failed to decode JWS protected header");
|
|
1791
|
+
}
|
|
1792
|
+
if (!header.alg || typeof header.alg !== "string") {
|
|
1793
|
+
return failure("MISSING_ALG", "JWS header must include alg", { header });
|
|
1794
|
+
}
|
|
1795
|
+
const kid = typeof header.kid === "string" ? header.kid : null;
|
|
1796
|
+
const embeddedJwk = header.jwk;
|
|
1797
|
+
if (!kid && !embeddedJwk) {
|
|
1798
|
+
return failure(
|
|
1799
|
+
"MISSING_KEY_MATERIAL",
|
|
1800
|
+
"JWS header must include at least one of kid or jwk",
|
|
1801
|
+
{ header }
|
|
1802
|
+
);
|
|
1803
|
+
}
|
|
1804
|
+
let publicKeyJwk;
|
|
1805
|
+
let publicKeySource;
|
|
1806
|
+
if (embeddedJwk) {
|
|
1807
|
+
const validation = validatePublicJwk(embeddedJwk);
|
|
1808
|
+
if (!validation.valid) {
|
|
1809
|
+
return failure(
|
|
1810
|
+
"INVALID_EMBEDDED_JWK",
|
|
1811
|
+
`Embedded JWK is invalid: ${validation.error}`,
|
|
1812
|
+
{ header }
|
|
1813
|
+
);
|
|
1814
|
+
}
|
|
1815
|
+
publicKeyJwk = embeddedJwk;
|
|
1816
|
+
publicKeySource = "embedded-jwk";
|
|
1817
|
+
if (kid) {
|
|
1818
|
+
try {
|
|
1819
|
+
const resolved = await resolveDidUrlToPublicKey(kid, options?.resolveOptions);
|
|
1820
|
+
if (!publicJwkEquals(publicKeyJwk, resolved.publicKeyJwk)) {
|
|
1821
|
+
return failure(
|
|
1822
|
+
"KEY_CONFLICT",
|
|
1823
|
+
"Embedded jwk conflicts with public key resolved from kid",
|
|
1824
|
+
{ header, kid }
|
|
1825
|
+
);
|
|
1826
|
+
}
|
|
1827
|
+
} catch (err) {
|
|
1828
|
+
}
|
|
1829
|
+
}
|
|
1830
|
+
} else {
|
|
1831
|
+
publicKeySource = "kid-resolution";
|
|
1832
|
+
try {
|
|
1833
|
+
const resolved = await resolveDidUrlToPublicKey(kid, options?.resolveOptions);
|
|
1834
|
+
publicKeyJwk = resolved.publicKeyJwk;
|
|
1835
|
+
} catch (err) {
|
|
1836
|
+
const message = err instanceof OmaTrustError ? `Failed to resolve kid "${kid}": ${err.message}` : `Failed to resolve kid "${kid}"`;
|
|
1837
|
+
return failure("KID_RESOLUTION_FAILED", message, { header, kid });
|
|
1838
|
+
}
|
|
1839
|
+
}
|
|
1840
|
+
let payload;
|
|
1841
|
+
try {
|
|
1842
|
+
const key = await importJWK(publicKeyJwk, header.alg);
|
|
1843
|
+
const result = await compactVerify(compactJws, key);
|
|
1844
|
+
const payloadText = new TextDecoder().decode(result.payload);
|
|
1845
|
+
payload = JSON.parse(payloadText);
|
|
1846
|
+
} catch (err) {
|
|
1847
|
+
const message = err instanceof Error ? err.message : "Signature verification failed";
|
|
1848
|
+
return failure("SIGNATURE_INVALID", message, { header, kid });
|
|
1849
|
+
}
|
|
1850
|
+
const publicKeyDid = jwkToDidJwk(publicKeyJwk);
|
|
1851
|
+
return {
|
|
1852
|
+
valid: true,
|
|
1853
|
+
header,
|
|
1854
|
+
payload,
|
|
1855
|
+
kid,
|
|
1856
|
+
publicKeyJwk,
|
|
1857
|
+
publicKeySource,
|
|
1858
|
+
publicKeyDid
|
|
1859
|
+
};
|
|
1860
|
+
}
|
|
1861
|
+
async function verifyX402JwsOffer(artifact, options) {
|
|
1862
|
+
const result = await verifyX402JwsArtifact(artifact, options);
|
|
1863
|
+
if (!result.valid) return result;
|
|
1864
|
+
const payloadCheck = validateOfferPayload(result.payload);
|
|
1865
|
+
if (!payloadCheck.valid) {
|
|
1866
|
+
return failure(
|
|
1867
|
+
"INVALID_OFFER_PAYLOAD",
|
|
1868
|
+
`Missing required offer field: ${payloadCheck.field}`,
|
|
1869
|
+
{
|
|
1870
|
+
header: result.header,
|
|
1871
|
+
payload: result.payload,
|
|
1872
|
+
kid: result.kid,
|
|
1873
|
+
publicKeyJwk: result.publicKeyJwk,
|
|
1874
|
+
publicKeySource: result.publicKeySource,
|
|
1875
|
+
publicKeyDid: result.publicKeyDid
|
|
1876
|
+
}
|
|
1877
|
+
);
|
|
1878
|
+
}
|
|
1879
|
+
return result;
|
|
1880
|
+
}
|
|
1881
|
+
async function verifyX402JwsReceipt(artifact, options) {
|
|
1882
|
+
const result = await verifyX402JwsArtifact(artifact, options);
|
|
1883
|
+
if (!result.valid) return result;
|
|
1884
|
+
const payloadCheck = validateReceiptPayload(result.payload);
|
|
1885
|
+
if (!payloadCheck.valid) {
|
|
1886
|
+
return failure(
|
|
1887
|
+
"INVALID_RECEIPT_PAYLOAD",
|
|
1888
|
+
`Missing required receipt field: ${payloadCheck.field}`,
|
|
1889
|
+
{
|
|
1890
|
+
header: result.header,
|
|
1891
|
+
payload: result.payload,
|
|
1892
|
+
kid: result.kid,
|
|
1893
|
+
publicKeyJwk: result.publicKeyJwk,
|
|
1894
|
+
publicKeySource: result.publicKeySource,
|
|
1895
|
+
publicKeyDid: result.publicKeyDid
|
|
1896
|
+
}
|
|
1897
|
+
);
|
|
1898
|
+
}
|
|
1899
|
+
return result;
|
|
1900
|
+
}
|
|
1901
|
+
var OFFER_DOMAIN = {
|
|
1902
|
+
name: "x402 offer",
|
|
1903
|
+
version: "1",
|
|
1904
|
+
chainId: 1
|
|
1905
|
+
};
|
|
1906
|
+
var RECEIPT_DOMAIN = {
|
|
1907
|
+
name: "x402 receipt",
|
|
1908
|
+
version: "1",
|
|
1909
|
+
chainId: 1
|
|
1910
|
+
};
|
|
1911
|
+
var OFFER_TYPES = {
|
|
1912
|
+
Offer: [
|
|
1913
|
+
{ name: "version", type: "uint256" },
|
|
1914
|
+
{ name: "resourceUrl", type: "string" },
|
|
1915
|
+
{ name: "scheme", type: "string" },
|
|
1916
|
+
{ name: "network", type: "string" },
|
|
1917
|
+
{ name: "asset", type: "string" },
|
|
1918
|
+
{ name: "payTo", type: "string" },
|
|
1919
|
+
{ name: "amount", type: "string" },
|
|
1920
|
+
{ name: "validUntil", type: "uint256" }
|
|
1921
|
+
]
|
|
1922
|
+
};
|
|
1923
|
+
var RECEIPT_TYPES = {
|
|
1924
|
+
Receipt: [
|
|
1925
|
+
{ name: "version", type: "uint256" },
|
|
1926
|
+
{ name: "network", type: "string" },
|
|
1927
|
+
{ name: "resourceUrl", type: "string" },
|
|
1928
|
+
{ name: "payer", type: "string" },
|
|
1929
|
+
{ name: "issuedAt", type: "uint256" },
|
|
1930
|
+
{ name: "transaction", type: "string" }
|
|
1931
|
+
]
|
|
1932
|
+
};
|
|
1933
|
+
var REQUIRED_OFFER_FIELDS2 = [
|
|
1934
|
+
"version",
|
|
1935
|
+
"resourceUrl",
|
|
1936
|
+
"scheme",
|
|
1937
|
+
"network",
|
|
1938
|
+
"asset",
|
|
1939
|
+
"payTo",
|
|
1940
|
+
"amount"
|
|
1941
|
+
];
|
|
1942
|
+
var REQUIRED_RECEIPT_FIELDS2 = [
|
|
1943
|
+
"version",
|
|
1944
|
+
"network",
|
|
1945
|
+
"resourceUrl",
|
|
1946
|
+
"payer",
|
|
1947
|
+
"issuedAt"
|
|
1948
|
+
];
|
|
1949
|
+
function validateOfferPayload2(payload) {
|
|
1950
|
+
for (const field of REQUIRED_OFFER_FIELDS2) {
|
|
1951
|
+
if (!(field in payload) || payload[field] === void 0 || payload[field] === null) {
|
|
1952
|
+
return { valid: false, field };
|
|
1953
|
+
}
|
|
1954
|
+
}
|
|
1955
|
+
return { valid: true };
|
|
1956
|
+
}
|
|
1957
|
+
function validateReceiptPayload2(payload) {
|
|
1958
|
+
for (const field of REQUIRED_RECEIPT_FIELDS2) {
|
|
1959
|
+
if (!(field in payload) || payload[field] === void 0 || payload[field] === null) {
|
|
1960
|
+
return { valid: false, field };
|
|
1961
|
+
}
|
|
1962
|
+
}
|
|
1963
|
+
return { valid: true };
|
|
1964
|
+
}
|
|
1965
|
+
function failure2(code, message, partial) {
|
|
1966
|
+
return {
|
|
1967
|
+
valid: false,
|
|
1968
|
+
error: { code, message },
|
|
1969
|
+
...partial
|
|
1970
|
+
};
|
|
1971
|
+
}
|
|
1972
|
+
function prepareOfferMessage(payload) {
|
|
1973
|
+
return {
|
|
1974
|
+
version: payload.version,
|
|
1975
|
+
resourceUrl: payload.resourceUrl,
|
|
1976
|
+
scheme: payload.scheme,
|
|
1977
|
+
network: payload.network,
|
|
1978
|
+
asset: payload.asset,
|
|
1979
|
+
payTo: payload.payTo,
|
|
1980
|
+
amount: payload.amount,
|
|
1981
|
+
validUntil: payload.validUntil ?? 0
|
|
1982
|
+
};
|
|
1983
|
+
}
|
|
1984
|
+
function prepareReceiptMessage(payload) {
|
|
1985
|
+
return {
|
|
1986
|
+
version: payload.version,
|
|
1987
|
+
network: payload.network,
|
|
1988
|
+
resourceUrl: payload.resourceUrl,
|
|
1989
|
+
payer: payload.payer,
|
|
1990
|
+
issuedAt: payload.issuedAt,
|
|
1991
|
+
transaction: payload.transaction ?? ""
|
|
1992
|
+
};
|
|
1993
|
+
}
|
|
1994
|
+
function verifyX402Eip712Artifact(artifact, artifactType) {
|
|
1995
|
+
if (!artifact || typeof artifact !== "object") {
|
|
1996
|
+
return failure2("INVALID_ARTIFACT", "Artifact must be a non-null object");
|
|
1997
|
+
}
|
|
1998
|
+
if (artifact.format !== "eip712") {
|
|
1999
|
+
return failure2("INVALID_ARTIFACT", `Expected format "eip712", got "${artifact.format}"`);
|
|
2000
|
+
}
|
|
2001
|
+
if (!artifact.payload || typeof artifact.payload !== "object" || Array.isArray(artifact.payload)) {
|
|
2002
|
+
return failure2("MISSING_PAYLOAD", "EIP-712 artifact must include a payload object");
|
|
2003
|
+
}
|
|
2004
|
+
if (typeof artifact.signature !== "string" || artifact.signature.length === 0) {
|
|
2005
|
+
return failure2("MISSING_SIGNATURE", "EIP-712 artifact must include a non-empty signature");
|
|
2006
|
+
}
|
|
2007
|
+
const payload = artifact.payload;
|
|
2008
|
+
if (artifactType === "offer") {
|
|
2009
|
+
const check = validateOfferPayload2(payload);
|
|
2010
|
+
if (!check.valid) {
|
|
2011
|
+
return failure2(
|
|
2012
|
+
"INVALID_OFFER_PAYLOAD",
|
|
2013
|
+
`Missing required offer field: ${check.field}`,
|
|
2014
|
+
{ payload }
|
|
2015
|
+
);
|
|
2016
|
+
}
|
|
2017
|
+
} else {
|
|
2018
|
+
const check = validateReceiptPayload2(payload);
|
|
2019
|
+
if (!check.valid) {
|
|
2020
|
+
return failure2(
|
|
2021
|
+
"INVALID_RECEIPT_PAYLOAD",
|
|
2022
|
+
`Missing required receipt field: ${check.field}`,
|
|
2023
|
+
{ payload }
|
|
2024
|
+
);
|
|
2025
|
+
}
|
|
2026
|
+
}
|
|
2027
|
+
const domain = artifactType === "offer" ? OFFER_DOMAIN : RECEIPT_DOMAIN;
|
|
2028
|
+
const types = artifactType === "offer" ? OFFER_TYPES : RECEIPT_TYPES;
|
|
2029
|
+
const message = artifactType === "offer" ? prepareOfferMessage(payload) : prepareReceiptMessage(payload);
|
|
2030
|
+
let signer;
|
|
2031
|
+
try {
|
|
2032
|
+
signer = verifyTypedData(
|
|
2033
|
+
domain,
|
|
2034
|
+
types,
|
|
2035
|
+
message,
|
|
2036
|
+
artifact.signature
|
|
2037
|
+
);
|
|
2038
|
+
signer = getAddress(signer);
|
|
2039
|
+
} catch (err) {
|
|
2040
|
+
const message2 = err instanceof Error ? err.message : "EIP-712 signature verification failed";
|
|
2041
|
+
return failure2("SIGNATURE_INVALID", message2, { payload });
|
|
2042
|
+
}
|
|
2043
|
+
return {
|
|
2044
|
+
valid: true,
|
|
2045
|
+
payload,
|
|
2046
|
+
signer,
|
|
2047
|
+
artifactType
|
|
2048
|
+
};
|
|
2049
|
+
}
|
|
2050
|
+
function verifyX402Eip712Offer(artifact) {
|
|
2051
|
+
return verifyX402Eip712Artifact(artifact, "offer");
|
|
2052
|
+
}
|
|
2053
|
+
function verifyX402Eip712Receipt(artifact) {
|
|
2054
|
+
return verifyX402Eip712Artifact(artifact, "receipt");
|
|
2055
|
+
}
|
|
2056
|
+
|
|
2057
|
+
// src/reputation/verify.ts
|
|
1264
2058
|
function parseChainId(input) {
|
|
1265
2059
|
if (typeof input === "number") {
|
|
1266
2060
|
return input;
|
|
@@ -1317,18 +2111,18 @@ function decodeJwtPayload(compactJws) {
|
|
|
1317
2111
|
return JSON.parse(json);
|
|
1318
2112
|
}
|
|
1319
2113
|
async function verifyProof(params) {
|
|
1320
|
-
const { proof, provider,
|
|
2114
|
+
const { proof, provider, expectedSubjectDid, expectedControllerDid } = params;
|
|
1321
2115
|
try {
|
|
1322
2116
|
switch (proof.proofType) {
|
|
1323
2117
|
case "tx-encoded-value": {
|
|
1324
2118
|
if (!provider) {
|
|
1325
2119
|
return { valid: false, proofType: proof.proofType, reason: "Provider is required" };
|
|
1326
2120
|
}
|
|
1327
|
-
if (!
|
|
2121
|
+
if (!expectedSubjectDid || !expectedControllerDid) {
|
|
1328
2122
|
return {
|
|
1329
2123
|
valid: false,
|
|
1330
2124
|
proofType: proof.proofType,
|
|
1331
|
-
reason: "
|
|
2125
|
+
reason: "expectedSubjectDid and expectedControllerDid are required"
|
|
1332
2126
|
};
|
|
1333
2127
|
}
|
|
1334
2128
|
const proofObject = proof.proofObject;
|
|
@@ -1340,13 +2134,13 @@ async function verifyProof(params) {
|
|
|
1340
2134
|
return { valid: false, proofType: proof.proofType, reason: "Transaction not found" };
|
|
1341
2135
|
}
|
|
1342
2136
|
const expectedAmount = calculateTransferAmount(
|
|
1343
|
-
|
|
1344
|
-
|
|
2137
|
+
expectedSubjectDid,
|
|
2138
|
+
expectedControllerDid,
|
|
1345
2139
|
chainId,
|
|
1346
2140
|
getProofPurpose(proof)
|
|
1347
2141
|
);
|
|
1348
|
-
const subjectAddress = getAddress(extractAddressFromDid(
|
|
1349
|
-
const controllerAddress = getAddress(extractAddressFromDid(
|
|
2142
|
+
const subjectAddress = getAddress(extractAddressFromDid(expectedSubjectDid));
|
|
2143
|
+
const controllerAddress = getAddress(extractAddressFromDid(expectedControllerDid));
|
|
1350
2144
|
if (tx.from && getAddress(tx.from) !== subjectAddress) {
|
|
1351
2145
|
return { valid: false, proofType: proof.proofType, reason: "Transaction sender mismatch" };
|
|
1352
2146
|
}
|
|
@@ -1420,6 +2214,38 @@ async function verifyProof(params) {
|
|
|
1420
2214
|
if (!proof.proofObject || typeof proof.proofObject !== "object") {
|
|
1421
2215
|
return { valid: false, proofType: proof.proofType, reason: "Invalid x402 proof object" };
|
|
1422
2216
|
}
|
|
2217
|
+
const proofObj = proof.proofObject;
|
|
2218
|
+
if (proofObj.format === "jws" && typeof proofObj.signature === "string") {
|
|
2219
|
+
const artifact = {
|
|
2220
|
+
format: "jws",
|
|
2221
|
+
signature: proofObj.signature
|
|
2222
|
+
};
|
|
2223
|
+
const jwsResult = proof.proofType === "x402-offer" ? await verifyX402JwsOffer(artifact) : await verifyX402JwsReceipt(artifact);
|
|
2224
|
+
if (!jwsResult.valid) {
|
|
2225
|
+
return {
|
|
2226
|
+
valid: false,
|
|
2227
|
+
proofType: proof.proofType,
|
|
2228
|
+
reason: jwsResult.error?.message ?? "JWS verification failed"
|
|
2229
|
+
};
|
|
2230
|
+
}
|
|
2231
|
+
return { valid: true, proofType: proof.proofType };
|
|
2232
|
+
}
|
|
2233
|
+
if (proofObj.format === "eip712" && typeof proofObj.signature === "string" && proofObj.payload && typeof proofObj.payload === "object") {
|
|
2234
|
+
const artifact = {
|
|
2235
|
+
format: "eip712",
|
|
2236
|
+
payload: proofObj.payload,
|
|
2237
|
+
signature: proofObj.signature
|
|
2238
|
+
};
|
|
2239
|
+
const eip712Result = proof.proofType === "x402-offer" ? verifyX402Eip712Offer(artifact) : verifyX402Eip712Receipt(artifact);
|
|
2240
|
+
if (!eip712Result.valid) {
|
|
2241
|
+
return {
|
|
2242
|
+
valid: false,
|
|
2243
|
+
proofType: proof.proofType,
|
|
2244
|
+
reason: eip712Result.error?.message ?? "EIP-712 verification failed"
|
|
2245
|
+
};
|
|
2246
|
+
}
|
|
2247
|
+
return { valid: true, proofType: proof.proofType };
|
|
2248
|
+
}
|
|
1423
2249
|
return { valid: true, proofType: proof.proofType };
|
|
1424
2250
|
}
|
|
1425
2251
|
case "evidence-pointer": {
|
|
@@ -1431,9 +2257,9 @@ async function verifyProof(params) {
|
|
|
1431
2257
|
if (!response.ok) {
|
|
1432
2258
|
return { valid: false, proofType: proof.proofType, reason: `Evidence fetch failed (${response.status})` };
|
|
1433
2259
|
}
|
|
1434
|
-
if (object.url.endsWith("/.well-known/did.json") &&
|
|
2260
|
+
if (object.url.endsWith("/.well-known/did.json") && expectedControllerDid) {
|
|
1435
2261
|
const didDoc = await response.json();
|
|
1436
|
-
const didCheck = verifyDidDocumentControllerDid(didDoc,
|
|
2262
|
+
const didCheck = verifyDidDocumentControllerDid(didDoc, expectedControllerDid);
|
|
1437
2263
|
return {
|
|
1438
2264
|
valid: didCheck.valid,
|
|
1439
2265
|
proofType: proof.proofType,
|
|
@@ -1441,10 +2267,10 @@ async function verifyProof(params) {
|
|
|
1441
2267
|
};
|
|
1442
2268
|
}
|
|
1443
2269
|
const body = await response.text();
|
|
1444
|
-
if (
|
|
2270
|
+
if (expectedControllerDid && !body.includes(expectedControllerDid)) {
|
|
1445
2271
|
try {
|
|
1446
2272
|
const parsed = parseDnsTxtRecord(body);
|
|
1447
|
-
if (parsed.
|
|
2273
|
+
if (!parsed.controllers.includes(expectedControllerDid)) {
|
|
1448
2274
|
return {
|
|
1449
2275
|
valid: false,
|
|
1450
2276
|
proofType: proof.proofType,
|
|
@@ -1500,8 +2326,8 @@ async function verifyAttestation(params) {
|
|
|
1500
2326
|
const result = await verifyProof({
|
|
1501
2327
|
proof,
|
|
1502
2328
|
provider: params.provider,
|
|
1503
|
-
|
|
1504
|
-
|
|
2329
|
+
expectedSubjectDid: params.context?.subjectDid,
|
|
2330
|
+
expectedControllerDid: params.context?.controllerDid
|
|
1505
2331
|
});
|
|
1506
2332
|
checks[proof.proofType] = result.valid;
|
|
1507
2333
|
if (!result.valid) {
|
|
@@ -1606,6 +2432,38 @@ async function callControllerWitness(params) {
|
|
|
1606
2432
|
method: "did-json"
|
|
1607
2433
|
};
|
|
1608
2434
|
}
|
|
2435
|
+
var DEFAULT_CONTROLLER_WITNESS_URL = "https://api.omatrust.org/v1/controller-witness";
|
|
2436
|
+
async function requestControllerWitness(params) {
|
|
2437
|
+
const url = params.gatewayUrl ?? DEFAULT_CONTROLLER_WITNESS_URL;
|
|
2438
|
+
const body = {
|
|
2439
|
+
subjectDid: params.subjectDid,
|
|
2440
|
+
controllerDid: params.controllerDid
|
|
2441
|
+
};
|
|
2442
|
+
if (params.chainId !== void 0) {
|
|
2443
|
+
body.chainId = params.chainId;
|
|
2444
|
+
}
|
|
2445
|
+
let response;
|
|
2446
|
+
try {
|
|
2447
|
+
response = await fetch(url, {
|
|
2448
|
+
method: "POST",
|
|
2449
|
+
headers: { "Content-Type": "application/json" },
|
|
2450
|
+
credentials: "include",
|
|
2451
|
+
body: JSON.stringify(body),
|
|
2452
|
+
signal: AbortSignal.timeout(params.timeoutMs ?? 15e3)
|
|
2453
|
+
});
|
|
2454
|
+
} catch (err) {
|
|
2455
|
+
throw new OmaTrustError("NETWORK_ERROR", "Controller witness request failed", { err });
|
|
2456
|
+
}
|
|
2457
|
+
if (!response.ok) {
|
|
2458
|
+
const errorBody = await response.json().catch(() => ({ error: response.statusText }));
|
|
2459
|
+
throw new OmaTrustError(
|
|
2460
|
+
"API_ERROR",
|
|
2461
|
+
errorBody.error ?? `Controller witness failed: ${response.status}`,
|
|
2462
|
+
{ status: response.status, ...errorBody }
|
|
2463
|
+
);
|
|
2464
|
+
}
|
|
2465
|
+
return await response.json();
|
|
2466
|
+
}
|
|
1609
2467
|
|
|
1610
2468
|
// src/reputation/proof/tx-interaction.ts
|
|
1611
2469
|
init_errors();
|
|
@@ -1752,29 +2610,20 @@ async function verifyDnsTxtControllerDid2(domain, expectedControllerDid, options
|
|
|
1752
2610
|
);
|
|
1753
2611
|
}
|
|
1754
2612
|
|
|
1755
|
-
// src/reputation/
|
|
2613
|
+
// src/reputation/subject-ownership.ts
|
|
1756
2614
|
init_did();
|
|
1757
2615
|
init_errors();
|
|
1758
2616
|
init_dns_txt_shared();
|
|
2617
|
+
|
|
2618
|
+
// src/reputation/contract-ownership.ts
|
|
2619
|
+
init_did();
|
|
1759
2620
|
var EIP1967_ADMIN_SLOT = "0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103";
|
|
1760
2621
|
var OWNERSHIP_PATTERNS = [
|
|
1761
2622
|
{ method: "owner", signature: "function owner() view returns (address)" },
|
|
1762
2623
|
{ method: "admin", signature: "function admin() view returns (address)" },
|
|
1763
2624
|
{ method: "getOwner", signature: "function getOwner() view returns (address)" }
|
|
1764
2625
|
];
|
|
1765
|
-
function
|
|
1766
|
-
const normalized = normalizeDid(input);
|
|
1767
|
-
if (extractDidMethod(normalized) !== "pkh") {
|
|
1768
|
-
throw new OmaTrustError("INVALID_INPUT", "connectedWalletDid must be a did:pkh DID", {
|
|
1769
|
-
connectedWalletDid: input
|
|
1770
|
-
});
|
|
1771
|
-
}
|
|
1772
|
-
return normalized;
|
|
1773
|
-
}
|
|
1774
|
-
function normalizeSubjectDid(input) {
|
|
1775
|
-
return normalizeDid(input);
|
|
1776
|
-
}
|
|
1777
|
-
async function readAddressFromContract(provider, contractAddress, signature, method) {
|
|
2626
|
+
async function readOwnerFromContract(provider, contractAddress, signature, method) {
|
|
1778
2627
|
try {
|
|
1779
2628
|
const iface = new Interface([signature]);
|
|
1780
2629
|
const data = iface.encodeFunctionData(method, []);
|
|
@@ -1787,16 +2636,24 @@ async function readAddressFromContract(provider, contractAddress, signature, met
|
|
|
1787
2636
|
}
|
|
1788
2637
|
return null;
|
|
1789
2638
|
}
|
|
1790
|
-
async function
|
|
2639
|
+
async function discoverContractOwner(provider, contractAddress) {
|
|
2640
|
+
try {
|
|
2641
|
+
const code = await provider.getCode(contractAddress);
|
|
2642
|
+
if (code === "0x" || code === "0x0") {
|
|
2643
|
+
return null;
|
|
2644
|
+
}
|
|
2645
|
+
} catch {
|
|
2646
|
+
return null;
|
|
2647
|
+
}
|
|
1791
2648
|
for (const pattern of OWNERSHIP_PATTERNS) {
|
|
1792
|
-
const address = await
|
|
2649
|
+
const address = await readOwnerFromContract(
|
|
1793
2650
|
provider,
|
|
1794
2651
|
contractAddress,
|
|
1795
2652
|
pattern.signature,
|
|
1796
2653
|
pattern.method
|
|
1797
2654
|
);
|
|
1798
2655
|
if (address) {
|
|
1799
|
-
return
|
|
2656
|
+
return address;
|
|
1800
2657
|
}
|
|
1801
2658
|
}
|
|
1802
2659
|
try {
|
|
@@ -1804,13 +2661,31 @@ async function discoverControllingWallet(provider, contractAddress, chainId) {
|
|
|
1804
2661
|
if (adminValue && adminValue !== "0x" && adminValue !== "0x0000000000000000000000000000000000000000000000000000000000000000") {
|
|
1805
2662
|
const adminAddress = getAddress(`0x${adminValue.slice(-40)}`);
|
|
1806
2663
|
if (adminAddress !== ZeroAddress) {
|
|
1807
|
-
return
|
|
2664
|
+
return adminAddress;
|
|
1808
2665
|
}
|
|
1809
2666
|
}
|
|
1810
2667
|
} catch {
|
|
1811
2668
|
}
|
|
1812
2669
|
return null;
|
|
1813
2670
|
}
|
|
2671
|
+
async function discoverControllingWalletDid(provider, contractAddress, chainId) {
|
|
2672
|
+
const owner = await discoverContractOwner(provider, contractAddress);
|
|
2673
|
+
return owner ? buildEvmDidPkh(chainId, owner) : null;
|
|
2674
|
+
}
|
|
2675
|
+
|
|
2676
|
+
// src/reputation/subject-ownership.ts
|
|
2677
|
+
function assertConnectedWalletDid(input) {
|
|
2678
|
+
const normalized = normalizeDid(input);
|
|
2679
|
+
if (extractDidMethod(normalized) !== "pkh") {
|
|
2680
|
+
throw new OmaTrustError("INVALID_INPUT", "connectedWalletDid must be a did:pkh DID", {
|
|
2681
|
+
connectedWalletDid: input
|
|
2682
|
+
});
|
|
2683
|
+
}
|
|
2684
|
+
return normalized;
|
|
2685
|
+
}
|
|
2686
|
+
function normalizeSubjectDid(input) {
|
|
2687
|
+
return normalizeDid(input);
|
|
2688
|
+
}
|
|
1814
2689
|
async function verifyDidWebOwnership(params) {
|
|
1815
2690
|
const subjectDid = normalizeSubjectDid(params.subjectDid);
|
|
1816
2691
|
const connectedWalletDid = assertConnectedWalletDid(params.connectedWalletDid);
|
|
@@ -1908,7 +2783,7 @@ async function verifyDidPkhOwnership(params) {
|
|
|
1908
2783
|
connectedWalletDid
|
|
1909
2784
|
};
|
|
1910
2785
|
}
|
|
1911
|
-
const controllingWalletDid = await
|
|
2786
|
+
const controllingWalletDid = await discoverControllingWalletDid(params.provider, subjectAddress, chainId);
|
|
1912
2787
|
if (params.txHash) {
|
|
1913
2788
|
if (!controllingWalletDid) {
|
|
1914
2789
|
return {
|
|
@@ -1991,7 +2866,7 @@ async function verifyDidPkhOwnership(params) {
|
|
|
1991
2866
|
};
|
|
1992
2867
|
}
|
|
1993
2868
|
for (const pattern of OWNERSHIP_PATTERNS) {
|
|
1994
|
-
const ownerAddress = await
|
|
2869
|
+
const ownerAddress = await readOwnerFromContract(
|
|
1995
2870
|
params.provider,
|
|
1996
2871
|
subjectAddress,
|
|
1997
2872
|
pattern.signature,
|
|
@@ -2066,6 +2941,6 @@ async function verifySubjectOwnership(params) {
|
|
|
2066
2941
|
});
|
|
2067
2942
|
}
|
|
2068
2943
|
|
|
2069
|
-
export { buildDelegatedAttestationTypedData, buildDelegatedTypedDataFromEncoded, buildDnsTxtRecord, buildEip712Domain, calculateAverageUserReviewRating, calculateTransferAmount, calculateTransferAmountFromAddresses, callControllerWitness, constructSeed, createEvidencePointerProof, createPopEip712Proof, createPopJwsProof, createTxEncodedValueProof, createTxInteractionProof, createX402OfferProof, createX402ReceiptProof, decodeAttestationData, deduplicateReviews, encodeAttestationData,
|
|
2944
|
+
export { buildDelegatedAttestationTypedData, buildDelegatedTypedDataFromEncoded, buildDnsTxtRecord, buildEip712Domain, calculateAverageUserReviewRating, calculateTransferAmount, calculateTransferAmountFromAddresses, callControllerWitness, constructSeed, createEvidencePointerProof, createPopEip712Proof, createPopJwsProof, createTxEncodedValueProof, createTxInteractionProof, createX402OfferProof, createX402ReceiptProof, decodeAttestationData, deduplicateReviews, encodeAttestationData, extractEvmAddressesFromDidDocument, extractExpirationTime, extractJwksFromDidDocument, fetchDidDocument, formatSchemaUid, formatTransferAmount, getAttestation, getAttestationsByAttester, getAttestationsForDid, getChainConstants, getExplorerAddressUrl, getExplorerTxUrl, getLatestAttestations, getMajorVersion, getOmaTrustProofEip712Types, getSchemaDetails, getSupportedChainIds, hashSeed, isChainSupported, listAttestations, normalizeSchema, parseDnsTxtRecord, prepareDelegatedAttestation, requestControllerWitness, revokeAttestation, schemaToString, splitSignature, submitAttestation, submitDelegatedAttestation, validateAttestationData, verifyAttestation, verifyDidDocumentControllerDid, verifyDidJsonControllerDid, verifyDidPkhOwnership, verifyDidWebOwnership, verifyDnsTxtControllerDid2 as verifyDnsTxtControllerDid, verifyEip712Signature, verifyProof, verifySchemaExists, verifySubjectOwnership };
|
|
2070
2945
|
//# sourceMappingURL=index.browser.js.map
|
|
2071
2946
|
//# sourceMappingURL=index.browser.js.map
|