@oma3/omatrust 0.1.0-alpha.12 → 0.1.0-alpha.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{index-B5OC9_8B.d.cts → index-CnWY9arI.d.cts} +135 -3
- package/dist/{index-C6WNgPRx.d.ts → index-DREQRFIE.d.ts} +135 -3
- package/dist/index.cjs +299 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +299 -0
- package/dist/index.js.map +1 -1
- package/dist/reputation/index.cjs +398 -14
- package/dist/reputation/index.cjs.map +1 -1
- package/dist/reputation/index.d.cts +1 -1
- package/dist/reputation/index.d.ts +1 -1
- package/dist/reputation/index.js +377 -15
- package/dist/reputation/index.js.map +1 -1
- package/package.json +1 -1
|
@@ -5,10 +5,33 @@ var ethers = require('ethers');
|
|
|
5
5
|
var jose = require('jose');
|
|
6
6
|
var canonicalize = require('canonicalize');
|
|
7
7
|
var promises = require('dns/promises');
|
|
8
|
+
var cid = require('multiformats/cid');
|
|
9
|
+
require('multiformats/hashes/sha2');
|
|
10
|
+
var raw = require('multiformats/codecs/raw');
|
|
11
|
+
var base32 = require('multiformats/bases/base32');
|
|
8
12
|
|
|
9
13
|
function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
|
|
10
14
|
|
|
15
|
+
function _interopNamespace(e) {
|
|
16
|
+
if (e && e.__esModule) return e;
|
|
17
|
+
var n = Object.create(null);
|
|
18
|
+
if (e) {
|
|
19
|
+
Object.keys(e).forEach(function (k) {
|
|
20
|
+
if (k !== 'default') {
|
|
21
|
+
var d = Object.getOwnPropertyDescriptor(e, k);
|
|
22
|
+
Object.defineProperty(n, k, d.get ? d : {
|
|
23
|
+
enumerable: true,
|
|
24
|
+
get: function () { return e[k]; }
|
|
25
|
+
});
|
|
26
|
+
}
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
n.default = e;
|
|
30
|
+
return Object.freeze(n);
|
|
31
|
+
}
|
|
32
|
+
|
|
11
33
|
var canonicalize__default = /*#__PURE__*/_interopDefault(canonicalize);
|
|
34
|
+
var raw__namespace = /*#__PURE__*/_interopNamespace(raw);
|
|
12
35
|
|
|
13
36
|
// src/reputation/submit.ts
|
|
14
37
|
|
|
@@ -16,10 +39,10 @@ var canonicalize__default = /*#__PURE__*/_interopDefault(canonicalize);
|
|
|
16
39
|
var OmaTrustError = class extends Error {
|
|
17
40
|
code;
|
|
18
41
|
details;
|
|
19
|
-
constructor(
|
|
42
|
+
constructor(code2, message, details) {
|
|
20
43
|
super(message);
|
|
21
44
|
this.name = "OmaTrustError";
|
|
22
|
-
this.code =
|
|
45
|
+
this.code = code2;
|
|
23
46
|
this.details = details;
|
|
24
47
|
}
|
|
25
48
|
};
|
|
@@ -200,14 +223,14 @@ function extractExpirationTime(data) {
|
|
|
200
223
|
}
|
|
201
224
|
|
|
202
225
|
// src/shared/assert.ts
|
|
203
|
-
function assertString(value, name,
|
|
226
|
+
function assertString(value, name, code2 = "INVALID_INPUT") {
|
|
204
227
|
if (typeof value !== "string" || value.trim().length === 0) {
|
|
205
|
-
throw new OmaTrustError(
|
|
228
|
+
throw new OmaTrustError(code2, `${name} must be a non-empty string`, { value });
|
|
206
229
|
}
|
|
207
230
|
}
|
|
208
|
-
function assertObject(value, name,
|
|
231
|
+
function assertObject(value, name, code2 = "INVALID_INPUT") {
|
|
209
232
|
if (!value || typeof value !== "object" || Array.isArray(value)) {
|
|
210
|
-
throw new OmaTrustError(
|
|
233
|
+
throw new OmaTrustError(code2, `${name} must be an object`, { value });
|
|
211
234
|
}
|
|
212
235
|
}
|
|
213
236
|
|
|
@@ -1597,10 +1620,10 @@ function validateReceiptPayload(payload) {
|
|
|
1597
1620
|
}
|
|
1598
1621
|
return { valid: true };
|
|
1599
1622
|
}
|
|
1600
|
-
function failure(
|
|
1623
|
+
function failure(code2, message, partial) {
|
|
1601
1624
|
return {
|
|
1602
1625
|
valid: false,
|
|
1603
|
-
error: { code, message },
|
|
1626
|
+
error: { code: code2, message },
|
|
1604
1627
|
...partial
|
|
1605
1628
|
};
|
|
1606
1629
|
}
|
|
@@ -1798,10 +1821,10 @@ function validateReceiptPayload2(payload) {
|
|
|
1798
1821
|
}
|
|
1799
1822
|
return { valid: true };
|
|
1800
1823
|
}
|
|
1801
|
-
function failure2(
|
|
1824
|
+
function failure2(code2, message, partial) {
|
|
1802
1825
|
return {
|
|
1803
1826
|
valid: false,
|
|
1804
|
-
error: { code, message },
|
|
1827
|
+
error: { code: code2, message },
|
|
1805
1828
|
...partial
|
|
1806
1829
|
};
|
|
1807
1830
|
}
|
|
@@ -2319,8 +2342,8 @@ async function readOwnerFromContract(provider, contractAddress, signature, metho
|
|
|
2319
2342
|
}
|
|
2320
2343
|
async function discoverContractOwner(provider, contractAddress) {
|
|
2321
2344
|
try {
|
|
2322
|
-
const
|
|
2323
|
-
if (
|
|
2345
|
+
const code2 = await provider.getCode(contractAddress);
|
|
2346
|
+
if (code2 === "0x" || code2 === "0x0") {
|
|
2324
2347
|
return null;
|
|
2325
2348
|
}
|
|
2326
2349
|
} catch {
|
|
@@ -3016,8 +3039,8 @@ async function verifyDidPkhOwnership(params) {
|
|
|
3016
3039
|
subjectDid: params.subjectDid
|
|
3017
3040
|
});
|
|
3018
3041
|
}
|
|
3019
|
-
const
|
|
3020
|
-
const isContract =
|
|
3042
|
+
const code2 = await params.provider.getCode(subjectAddress);
|
|
3043
|
+
const isContract = code2 !== "0x" && code2 !== "0x0";
|
|
3021
3044
|
if (!isContract) {
|
|
3022
3045
|
if (ethers.getAddress(subjectAddress) === ethers.getAddress(connectedWalletAddress)) {
|
|
3023
3046
|
return {
|
|
@@ -3487,6 +3510,364 @@ function verifyKeyBindingProofs(data) {
|
|
|
3487
3510
|
reasons
|
|
3488
3511
|
};
|
|
3489
3512
|
}
|
|
3513
|
+
var DID_ARTIFACT_PREFIX = "did:artifact:";
|
|
3514
|
+
var CID_VERSION = 1;
|
|
3515
|
+
var RAW_CODEC = raw__namespace.code;
|
|
3516
|
+
var SHA2_256_CODE = 18;
|
|
3517
|
+
var SHA2_256_DIGEST_LENGTH = 32;
|
|
3518
|
+
function parseArtifactDid(did) {
|
|
3519
|
+
if (typeof did !== "string" || !did.startsWith(DID_ARTIFACT_PREFIX)) {
|
|
3520
|
+
throw new OmaTrustError("INVALID_DID", "Expected a did:artifact DID", { did });
|
|
3521
|
+
}
|
|
3522
|
+
const identifier = did.slice(DID_ARTIFACT_PREFIX.length);
|
|
3523
|
+
if (!identifier || identifier.length === 0) {
|
|
3524
|
+
throw new OmaTrustError("INVALID_DID", "Missing method-specific identifier", { did });
|
|
3525
|
+
}
|
|
3526
|
+
if (identifier[0] !== "b") {
|
|
3527
|
+
throw new OmaTrustError(
|
|
3528
|
+
"INVALID_DID",
|
|
3529
|
+
`Invalid multibase prefix "${identifier[0]}", expected "b" (base32lower)`,
|
|
3530
|
+
{ did }
|
|
3531
|
+
);
|
|
3532
|
+
}
|
|
3533
|
+
let cid$1;
|
|
3534
|
+
try {
|
|
3535
|
+
cid$1 = cid.CID.parse(identifier, base32.base32);
|
|
3536
|
+
} catch (err) {
|
|
3537
|
+
throw new OmaTrustError(
|
|
3538
|
+
"INVALID_DID",
|
|
3539
|
+
"Failed to decode base32 CID from did:artifact identifier",
|
|
3540
|
+
{ did, cause: err }
|
|
3541
|
+
);
|
|
3542
|
+
}
|
|
3543
|
+
if (cid$1.version !== CID_VERSION) {
|
|
3544
|
+
throw new OmaTrustError(
|
|
3545
|
+
"INVALID_DID",
|
|
3546
|
+
`CID version must be 1, got ${cid$1.version}`,
|
|
3547
|
+
{ did }
|
|
3548
|
+
);
|
|
3549
|
+
}
|
|
3550
|
+
if (cid$1.code !== RAW_CODEC) {
|
|
3551
|
+
throw new OmaTrustError(
|
|
3552
|
+
"INVALID_DID",
|
|
3553
|
+
`Multicodec must be raw (0x55), got 0x${cid$1.code.toString(16)}`,
|
|
3554
|
+
{ did }
|
|
3555
|
+
);
|
|
3556
|
+
}
|
|
3557
|
+
if (cid$1.multihash.code !== SHA2_256_CODE) {
|
|
3558
|
+
throw new OmaTrustError(
|
|
3559
|
+
"INVALID_DID",
|
|
3560
|
+
`Multihash function must be sha2-256 (0x12), got 0x${cid$1.multihash.code.toString(16)}`,
|
|
3561
|
+
{ did }
|
|
3562
|
+
);
|
|
3563
|
+
}
|
|
3564
|
+
if (cid$1.multihash.digest.length !== SHA2_256_DIGEST_LENGTH) {
|
|
3565
|
+
throw new OmaTrustError(
|
|
3566
|
+
"INVALID_DID",
|
|
3567
|
+
`SHA-256 digest must be 32 bytes, got ${cid$1.multihash.digest.length}`,
|
|
3568
|
+
{ did }
|
|
3569
|
+
);
|
|
3570
|
+
}
|
|
3571
|
+
const digest = cid$1.multihash.digest;
|
|
3572
|
+
const digestHex = Array.from(digest).map((b) => b.toString(16).padStart(2, "0")).join("");
|
|
3573
|
+
return { did, identifier, digest, digestHex };
|
|
3574
|
+
}
|
|
3575
|
+
|
|
3576
|
+
// src/reputation/artifact-verification.ts
|
|
3577
|
+
async function verifyResponsibilityClaim(params) {
|
|
3578
|
+
const {
|
|
3579
|
+
attestation,
|
|
3580
|
+
artifactDid,
|
|
3581
|
+
provider,
|
|
3582
|
+
easContractAddress,
|
|
3583
|
+
chain,
|
|
3584
|
+
chainId,
|
|
3585
|
+
responsibilityClaimSchemaString
|
|
3586
|
+
} = params;
|
|
3587
|
+
const reasons = [];
|
|
3588
|
+
const checks = {
|
|
3589
|
+
schemaValid: false,
|
|
3590
|
+
subjectMatches: false,
|
|
3591
|
+
notRevoked: false,
|
|
3592
|
+
currentlyEffective: false,
|
|
3593
|
+
controllerAuthorized: false,
|
|
3594
|
+
issuedDuringAuthorizationWindow: false
|
|
3595
|
+
};
|
|
3596
|
+
let decoded;
|
|
3597
|
+
try {
|
|
3598
|
+
if (attestation.raw) {
|
|
3599
|
+
decoded = decodeAttestationData(responsibilityClaimSchemaString, attestation.raw);
|
|
3600
|
+
} else if (attestation.data && typeof attestation.data === "object") {
|
|
3601
|
+
decoded = attestation.data;
|
|
3602
|
+
} else {
|
|
3603
|
+
reasons.push("No attestation data available to decode");
|
|
3604
|
+
return buildFailedResult(checks, reasons);
|
|
3605
|
+
}
|
|
3606
|
+
} catch (err) {
|
|
3607
|
+
reasons.push(
|
|
3608
|
+
`Failed to decode attestation data: ${err instanceof Error ? err.message : "unknown error"}`
|
|
3609
|
+
);
|
|
3610
|
+
return buildFailedResult(checks, reasons);
|
|
3611
|
+
}
|
|
3612
|
+
const responsibleParty = decoded.responsibleParty;
|
|
3613
|
+
const subject = decoded.subject;
|
|
3614
|
+
const responsibilityType = decoded.responsibilityType;
|
|
3615
|
+
const issuedAt = decoded.issuedAt;
|
|
3616
|
+
const effectiveAt = decoded.effectiveAt;
|
|
3617
|
+
const expiresAt = decoded.expiresAt;
|
|
3618
|
+
const subjectLabel = decoded.subjectLabel;
|
|
3619
|
+
if (!responsibleParty || !subject || !responsibilityType || !issuedAt) {
|
|
3620
|
+
if (!responsibleParty) reasons.push("Missing required field: responsibleParty");
|
|
3621
|
+
if (!subject) reasons.push("Missing required field: subject");
|
|
3622
|
+
if (!responsibilityType) reasons.push("Missing required field: responsibilityType");
|
|
3623
|
+
if (!issuedAt) reasons.push("Missing required field: issuedAt");
|
|
3624
|
+
return buildFailedResult(checks, reasons, {
|
|
3625
|
+
responsibleParty,
|
|
3626
|
+
subjectLabel,
|
|
3627
|
+
responsibilityType
|
|
3628
|
+
});
|
|
3629
|
+
}
|
|
3630
|
+
if (!Array.isArray(responsibilityType) || responsibilityType.length === 0) {
|
|
3631
|
+
reasons.push("responsibilityType must be a non-empty array");
|
|
3632
|
+
return buildFailedResult(checks, reasons, {
|
|
3633
|
+
responsibleParty,
|
|
3634
|
+
subjectLabel,
|
|
3635
|
+
responsibilityType
|
|
3636
|
+
});
|
|
3637
|
+
}
|
|
3638
|
+
checks.schemaValid = true;
|
|
3639
|
+
if (artifactDid) {
|
|
3640
|
+
checks.subjectMatches = subject.toLowerCase() === artifactDid.toLowerCase();
|
|
3641
|
+
if (!checks.subjectMatches) {
|
|
3642
|
+
reasons.push(`Subject "${subject}" does not match expected artifact "${artifactDid}"`);
|
|
3643
|
+
}
|
|
3644
|
+
} else {
|
|
3645
|
+
checks.subjectMatches = true;
|
|
3646
|
+
}
|
|
3647
|
+
checks.notRevoked = attestation.revocationTime === BigInt(0);
|
|
3648
|
+
if (!checks.notRevoked) {
|
|
3649
|
+
reasons.push("Attestation has been revoked");
|
|
3650
|
+
}
|
|
3651
|
+
const now = BigInt(Math.floor(Date.now() / 1e3));
|
|
3652
|
+
const effectiveTime = toBigInt(effectiveAt);
|
|
3653
|
+
const expirationTime = toBigInt(expiresAt);
|
|
3654
|
+
const isEffective = effectiveTime === BigInt(0) || effectiveTime <= now;
|
|
3655
|
+
const isNotExpired = expirationTime === BigInt(0) || expirationTime > now;
|
|
3656
|
+
checks.currentlyEffective = isEffective && isNotExpired;
|
|
3657
|
+
if (!isEffective) {
|
|
3658
|
+
reasons.push("Attestation is not yet effective");
|
|
3659
|
+
}
|
|
3660
|
+
if (!isNotExpired) {
|
|
3661
|
+
reasons.push("Attestation has expired");
|
|
3662
|
+
}
|
|
3663
|
+
const controllerDid = `did:pkh:eip155:${chainId}:${attestation.attester.toLowerCase()}`;
|
|
3664
|
+
let authorization = null;
|
|
3665
|
+
try {
|
|
3666
|
+
const resolvedChain = chain ?? `eip155:${chainId}`;
|
|
3667
|
+
authorization = await getControllerAuthorization({
|
|
3668
|
+
subjectDid: responsibleParty,
|
|
3669
|
+
controllerDid,
|
|
3670
|
+
provider,
|
|
3671
|
+
chain: resolvedChain,
|
|
3672
|
+
easContractAddress
|
|
3673
|
+
});
|
|
3674
|
+
checks.controllerAuthorized = authorization.authorized;
|
|
3675
|
+
if (!checks.controllerAuthorized) {
|
|
3676
|
+
reasons.push(`Controller ${controllerDid} is not authorized for ${responsibleParty}`);
|
|
3677
|
+
}
|
|
3678
|
+
if (authorization.authorized && authorization.anchoredFrom !== null) {
|
|
3679
|
+
const issuedAtBigInt = toBigInt(issuedAt);
|
|
3680
|
+
const afterStart = issuedAtBigInt >= authorization.anchoredFrom;
|
|
3681
|
+
const beforeEnd = authorization.until === null || issuedAtBigInt <= authorization.until;
|
|
3682
|
+
checks.issuedDuringAuthorizationWindow = afterStart && beforeEnd;
|
|
3683
|
+
if (!afterStart) {
|
|
3684
|
+
reasons.push("Attestation was issued before the authorization window started");
|
|
3685
|
+
}
|
|
3686
|
+
if (!beforeEnd) {
|
|
3687
|
+
reasons.push("Attestation was issued after the authorization window ended");
|
|
3688
|
+
}
|
|
3689
|
+
} else if (authorization.authorized && authorization.anchoredFrom === null) {
|
|
3690
|
+
checks.issuedDuringAuthorizationWindow = true;
|
|
3691
|
+
} else {
|
|
3692
|
+
checks.issuedDuringAuthorizationWindow = false;
|
|
3693
|
+
}
|
|
3694
|
+
} catch (err) {
|
|
3695
|
+
reasons.push(
|
|
3696
|
+
`Controller authorization check failed: ${err instanceof Error ? err.message : "unknown error"}`
|
|
3697
|
+
);
|
|
3698
|
+
checks.controllerAuthorized = false;
|
|
3699
|
+
checks.issuedDuringAuthorizationWindow = false;
|
|
3700
|
+
}
|
|
3701
|
+
const valid = Object.values(checks).every(Boolean);
|
|
3702
|
+
return {
|
|
3703
|
+
valid,
|
|
3704
|
+
responsibleParty,
|
|
3705
|
+
controllerDid,
|
|
3706
|
+
responsibilityTypes: responsibilityType,
|
|
3707
|
+
subjectLabel: subjectLabel || void 0,
|
|
3708
|
+
authorization,
|
|
3709
|
+
checks,
|
|
3710
|
+
reasons
|
|
3711
|
+
};
|
|
3712
|
+
}
|
|
3713
|
+
async function getVerifiedArtifactAttestations(params) {
|
|
3714
|
+
const {
|
|
3715
|
+
artifactDid,
|
|
3716
|
+
provider,
|
|
3717
|
+
easContractAddress,
|
|
3718
|
+
chain,
|
|
3719
|
+
chainId,
|
|
3720
|
+
schemaUids,
|
|
3721
|
+
responsibilityClaimSchemaUid,
|
|
3722
|
+
responsibilityClaimSchemaString,
|
|
3723
|
+
securityAssessmentSchemaUid,
|
|
3724
|
+
certificationSchemaUid,
|
|
3725
|
+
fromBlock,
|
|
3726
|
+
limit
|
|
3727
|
+
} = params;
|
|
3728
|
+
parseArtifactDid(artifactDid);
|
|
3729
|
+
if (schemaUids.length === 0) {
|
|
3730
|
+
return {
|
|
3731
|
+
artifactDid,
|
|
3732
|
+
responsibilityClaims: [],
|
|
3733
|
+
securityAssessments: [],
|
|
3734
|
+
certifications: [],
|
|
3735
|
+
otherAttestations: []
|
|
3736
|
+
};
|
|
3737
|
+
}
|
|
3738
|
+
const results = await listAttestations({
|
|
3739
|
+
subjectDid: artifactDid,
|
|
3740
|
+
provider,
|
|
3741
|
+
easContractAddress,
|
|
3742
|
+
schemas: schemaUids,
|
|
3743
|
+
limit: limit ?? 100,
|
|
3744
|
+
fromBlock
|
|
3745
|
+
});
|
|
3746
|
+
const responsibilityClaims = [];
|
|
3747
|
+
const securityAssessments = [];
|
|
3748
|
+
const certifications = [];
|
|
3749
|
+
const otherAttestations = [];
|
|
3750
|
+
for (const att of results) {
|
|
3751
|
+
const schemaUidLower = att.schema.toLowerCase();
|
|
3752
|
+
if (schemaUidLower === responsibilityClaimSchemaUid.toLowerCase()) {
|
|
3753
|
+
const verification = await verifyResponsibilityClaim({
|
|
3754
|
+
attestation: att,
|
|
3755
|
+
artifactDid,
|
|
3756
|
+
provider,
|
|
3757
|
+
easContractAddress,
|
|
3758
|
+
chain,
|
|
3759
|
+
chainId,
|
|
3760
|
+
responsibilityClaimSchemaString
|
|
3761
|
+
});
|
|
3762
|
+
responsibilityClaims.push({ attestation: att, verification });
|
|
3763
|
+
} else if (securityAssessmentSchemaUid && schemaUidLower === securityAssessmentSchemaUid.toLowerCase()) {
|
|
3764
|
+
const verification = await runStandardVerification(att, provider);
|
|
3765
|
+
securityAssessments.push({ attestation: att, verification });
|
|
3766
|
+
} else if (certificationSchemaUid && schemaUidLower === certificationSchemaUid.toLowerCase()) {
|
|
3767
|
+
const verification = await runStandardVerification(att, provider);
|
|
3768
|
+
certifications.push({ attestation: att, verification });
|
|
3769
|
+
} else {
|
|
3770
|
+
const verification = await runStandardVerification(att, provider);
|
|
3771
|
+
otherAttestations.push({ attestation: att, verification });
|
|
3772
|
+
}
|
|
3773
|
+
}
|
|
3774
|
+
return {
|
|
3775
|
+
artifactDid,
|
|
3776
|
+
responsibilityClaims,
|
|
3777
|
+
securityAssessments,
|
|
3778
|
+
certifications,
|
|
3779
|
+
otherAttestations
|
|
3780
|
+
};
|
|
3781
|
+
}
|
|
3782
|
+
async function isArtifactClaimedBy(params) {
|
|
3783
|
+
const { artifactDid, responsibleParty, responsibilityTypes } = params;
|
|
3784
|
+
const result = await getVerifiedArtifactAttestations({
|
|
3785
|
+
artifactDid,
|
|
3786
|
+
provider: params.provider,
|
|
3787
|
+
easContractAddress: params.easContractAddress,
|
|
3788
|
+
chain: params.chain,
|
|
3789
|
+
chainId: params.chainId,
|
|
3790
|
+
schemaUids: params.schemaUids,
|
|
3791
|
+
responsibilityClaimSchemaUid: params.responsibilityClaimSchemaUid,
|
|
3792
|
+
responsibilityClaimSchemaString: params.responsibilityClaimSchemaString,
|
|
3793
|
+
securityAssessmentSchemaUid: params.securityAssessmentSchemaUid,
|
|
3794
|
+
certificationSchemaUid: params.certificationSchemaUid
|
|
3795
|
+
});
|
|
3796
|
+
const matchingClaims = result.responsibilityClaims.filter(
|
|
3797
|
+
(claim) => claim.verification.responsibleParty.toLowerCase() === responsibleParty.toLowerCase()
|
|
3798
|
+
);
|
|
3799
|
+
const validClaims = matchingClaims.filter((claim) => claim.verification.valid);
|
|
3800
|
+
let finalClaims = validClaims;
|
|
3801
|
+
let matchedTypes = [];
|
|
3802
|
+
if (responsibilityTypes && responsibilityTypes.length > 0) {
|
|
3803
|
+
finalClaims = validClaims.filter(
|
|
3804
|
+
(claim) => claim.verification.responsibilityTypes.some(
|
|
3805
|
+
(t) => responsibilityTypes.includes(t)
|
|
3806
|
+
)
|
|
3807
|
+
);
|
|
3808
|
+
matchedTypes = [
|
|
3809
|
+
...new Set(
|
|
3810
|
+
finalClaims.flatMap(
|
|
3811
|
+
(claim) => claim.verification.responsibilityTypes.filter(
|
|
3812
|
+
(t) => responsibilityTypes.includes(t)
|
|
3813
|
+
)
|
|
3814
|
+
)
|
|
3815
|
+
)
|
|
3816
|
+
];
|
|
3817
|
+
} else {
|
|
3818
|
+
matchedTypes = [
|
|
3819
|
+
...new Set(
|
|
3820
|
+
validClaims.flatMap((claim) => claim.verification.responsibilityTypes)
|
|
3821
|
+
)
|
|
3822
|
+
];
|
|
3823
|
+
}
|
|
3824
|
+
const reasons = [];
|
|
3825
|
+
if (finalClaims.length === 0) {
|
|
3826
|
+
if (matchingClaims.length === 0) {
|
|
3827
|
+
reasons.push(
|
|
3828
|
+
`No responsibility claims found from ${responsibleParty} for this artifact`
|
|
3829
|
+
);
|
|
3830
|
+
} else if (validClaims.length === 0) {
|
|
3831
|
+
reasons.push(
|
|
3832
|
+
`Claims from ${responsibleParty} exist but none passed verification`
|
|
3833
|
+
);
|
|
3834
|
+
} else if (responsibilityTypes) {
|
|
3835
|
+
reasons.push(
|
|
3836
|
+
`No claims matched the requested responsibility types: ${responsibilityTypes.join(", ")}`
|
|
3837
|
+
);
|
|
3838
|
+
}
|
|
3839
|
+
}
|
|
3840
|
+
return {
|
|
3841
|
+
claimed: finalClaims.length > 0,
|
|
3842
|
+
claims: finalClaims,
|
|
3843
|
+
matchedResponsibilityTypes: matchedTypes,
|
|
3844
|
+
reasons
|
|
3845
|
+
};
|
|
3846
|
+
}
|
|
3847
|
+
function toBigInt(value) {
|
|
3848
|
+
if (value === void 0 || value === null) return BigInt(0);
|
|
3849
|
+
if (typeof value === "bigint") return value;
|
|
3850
|
+
return BigInt(value);
|
|
3851
|
+
}
|
|
3852
|
+
function buildFailedResult(checks, reasons, decoded) {
|
|
3853
|
+
return {
|
|
3854
|
+
valid: false,
|
|
3855
|
+
responsibleParty: decoded?.responsibleParty ?? "",
|
|
3856
|
+
controllerDid: "",
|
|
3857
|
+
responsibilityTypes: decoded?.responsibilityType ?? [],
|
|
3858
|
+
subjectLabel: decoded?.subjectLabel || void 0,
|
|
3859
|
+
authorization: null,
|
|
3860
|
+
checks,
|
|
3861
|
+
reasons
|
|
3862
|
+
};
|
|
3863
|
+
}
|
|
3864
|
+
async function runStandardVerification(attestation, provider) {
|
|
3865
|
+
try {
|
|
3866
|
+
return await verifyAttestation({ attestation, provider });
|
|
3867
|
+
} catch {
|
|
3868
|
+
return void 0;
|
|
3869
|
+
}
|
|
3870
|
+
}
|
|
3490
3871
|
|
|
3491
3872
|
exports.EIP1967_ADMIN_SLOT = EIP1967_ADMIN_SLOT;
|
|
3492
3873
|
exports.OWNERSHIP_PATTERNS = OWNERSHIP_PATTERNS;
|
|
@@ -3529,7 +3910,9 @@ exports.getMajorVersion = getMajorVersion;
|
|
|
3529
3910
|
exports.getOmaTrustProofEip712Types = getOmaTrustProofEip712Types;
|
|
3530
3911
|
exports.getSchemaDetails = getSchemaDetails;
|
|
3531
3912
|
exports.getSupportedChainIds = getSupportedChainIds;
|
|
3913
|
+
exports.getVerifiedArtifactAttestations = getVerifiedArtifactAttestations;
|
|
3532
3914
|
exports.hashSeed = hashSeed;
|
|
3915
|
+
exports.isArtifactClaimedBy = isArtifactClaimedBy;
|
|
3533
3916
|
exports.isChainSupported = isChainSupported;
|
|
3534
3917
|
exports.listAttestations = listAttestations;
|
|
3535
3918
|
exports.normalizeSchema = normalizeSchema;
|
|
@@ -3553,6 +3936,7 @@ exports.verifyEip712Signature = verifyEip712Signature;
|
|
|
3553
3936
|
exports.verifyKeyBindingProofs = verifyKeyBindingProofs;
|
|
3554
3937
|
exports.verifyLinkedIdentifierProofs = verifyLinkedIdentifierProofs;
|
|
3555
3938
|
exports.verifyProof = verifyProof;
|
|
3939
|
+
exports.verifyResponsibilityClaim = verifyResponsibilityClaim;
|
|
3556
3940
|
exports.verifySchemaExists = verifySchemaExists;
|
|
3557
3941
|
exports.verifySubjectOwnership = verifySubjectOwnership;
|
|
3558
3942
|
exports.verifyTransferProof = verifyTransferProof;
|