@openvtc/trust-tasks 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/_framework/0.2/framework.d.ts +11 -0
- package/dist/_framework/0.2/framework.d.ts.map +1 -0
- package/dist/_framework/0.2/framework.js +6 -0
- package/dist/_framework/0.2/framework.js.map +1 -0
- package/dist/acl/grant/0.1/payload.d.ts +13 -0
- package/dist/acl/grant/0.1/payload.d.ts.map +1 -1
- package/dist/acl/grant/0.1/payload.js.map +1 -1
- package/dist/auth/passkey/login/finish/0.2/payload.d.ts +42 -0
- package/dist/auth/passkey/login/finish/0.2/payload.d.ts.map +1 -0
- package/dist/auth/passkey/login/finish/0.2/payload.js +9 -0
- package/dist/auth/passkey/login/finish/0.2/payload.js.map +1 -0
- package/dist/auth/passkey/login/start/0.2/payload.d.ts +29 -0
- package/dist/auth/passkey/login/start/0.2/payload.d.ts.map +1 -0
- package/dist/auth/passkey/login/start/0.2/payload.js +9 -0
- package/dist/auth/passkey/login/start/0.2/payload.js.map +1 -0
- package/dist/auth/step-up/approve-request/0.2/payload.d.ts +73 -0
- package/dist/auth/step-up/approve-request/0.2/payload.d.ts.map +1 -0
- package/dist/auth/step-up/approve-request/0.2/payload.js +9 -0
- package/dist/auth/step-up/approve-request/0.2/payload.js.map +1 -0
- package/dist/auth/step-up/approve-response/0.2/payload.d.ts +76 -0
- package/dist/auth/step-up/approve-response/0.2/payload.d.ts.map +1 -0
- package/dist/auth/step-up/approve-response/0.2/payload.js +9 -0
- package/dist/auth/step-up/approve-response/0.2/payload.js.map +1 -0
- package/dist/auth/step-up/policy/0.1/payload.d.ts +43 -0
- package/dist/auth/step-up/policy/0.1/payload.d.ts.map +1 -0
- package/dist/auth/step-up/policy/0.1/payload.js +9 -0
- package/dist/auth/step-up/policy/0.1/payload.js.map +1 -0
- package/dist/auth/step-up/policy/0.2/payload.d.ts +43 -0
- package/dist/auth/step-up/policy/0.2/payload.d.ts.map +1 -0
- package/dist/auth/step-up/policy/0.2/payload.js +9 -0
- package/dist/auth/step-up/policy/0.2/payload.js.map +1 -0
- package/dist/device/_shared/0.2/device-binding.d.ts +11 -0
- package/dist/device/_shared/0.2/device-binding.d.ts.map +1 -0
- package/dist/device/_shared/0.2/device-binding.js +6 -0
- package/dist/device/_shared/0.2/device-binding.js.map +1 -0
- package/dist/device/heartbeat/0.2/payload.d.ts +29 -0
- package/dist/device/heartbeat/0.2/payload.d.ts.map +1 -0
- package/dist/device/heartbeat/0.2/payload.js +9 -0
- package/dist/device/heartbeat/0.2/payload.js.map +1 -0
- package/dist/device/list/0.2/payload.d.ts +37 -0
- package/dist/device/list/0.2/payload.d.ts.map +1 -0
- package/dist/device/list/0.2/payload.js +9 -0
- package/dist/device/list/0.2/payload.js.map +1 -0
- package/dist/device/register/0.1/payload.d.ts +18 -0
- package/dist/device/register/0.1/payload.d.ts.map +1 -1
- package/dist/device/register/0.1/payload.js.map +1 -1
- package/dist/device/register/0.2/payload.d.ts +97 -0
- package/dist/device/register/0.2/payload.d.ts.map +1 -0
- package/dist/device/register/0.2/payload.js +9 -0
- package/dist/device/register/0.2/payload.js.map +1 -0
- package/dist/device/set-wake/0.1/payload.d.ts +43 -0
- package/dist/device/set-wake/0.1/payload.d.ts.map +1 -0
- package/dist/device/set-wake/0.1/payload.js +9 -0
- package/dist/device/set-wake/0.1/payload.js.map +1 -0
- package/dist/device/set-wake/0.2/payload.d.ts +43 -0
- package/dist/device/set-wake/0.2/payload.d.ts.map +1 -0
- package/dist/device/set-wake/0.2/payload.js +9 -0
- package/dist/device/set-wake/0.2/payload.js.map +1 -0
- package/dist/device/wipe/0.2/payload.d.ts +37 -0
- package/dist/device/wipe/0.2/payload.d.ts.map +1 -0
- package/dist/device/wipe/0.2/payload.js +9 -0
- package/dist/device/wipe/0.2/payload.js.map +1 -0
- package/dist/did-management/did/check-name/0.1/payload.d.ts +5 -2
- package/dist/did-management/did/check-name/0.1/payload.d.ts.map +1 -1
- package/dist/did-management/did/check-name/0.1/payload.js.map +1 -1
- package/dist/index.d.ts +63 -17
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +63 -17
- package/dist/index.js.map +1 -1
- package/dist/policy/_shared/0.2/policy.d.ts +11 -0
- package/dist/policy/_shared/0.2/policy.d.ts.map +1 -0
- package/dist/policy/_shared/0.2/policy.js +6 -0
- package/dist/policy/_shared/0.2/policy.js.map +1 -0
- package/dist/policy/evaluate/0.2/payload.d.ts +99 -0
- package/dist/policy/evaluate/0.2/payload.d.ts.map +1 -0
- package/dist/policy/evaluate/0.2/payload.js +9 -0
- package/dist/policy/evaluate/0.2/payload.js.map +1 -0
- package/dist/policy/list/0.2/payload.d.ts +22 -0
- package/dist/policy/list/0.2/payload.d.ts.map +1 -0
- package/dist/policy/list/0.2/payload.js +9 -0
- package/dist/policy/list/0.2/payload.js.map +1 -0
- package/dist/policy/upsert/0.2/payload.d.ts +29 -0
- package/dist/policy/upsert/0.2/payload.d.ts.map +1 -0
- package/dist/policy/upsert/0.2/payload.js +9 -0
- package/dist/policy/upsert/0.2/payload.js.map +1 -0
- package/dist/provision/integration/0.2/payload.d.ts +178 -0
- package/dist/provision/integration/0.2/payload.d.ts.map +1 -0
- package/dist/provision/integration/0.2/payload.js +9 -0
- package/dist/provision/integration/0.2/payload.js.map +1 -0
- package/dist/push/provision/0.1/payload.d.ts +35 -0
- package/dist/push/provision/0.1/payload.d.ts.map +1 -0
- package/dist/push/provision/0.1/payload.js +9 -0
- package/dist/push/provision/0.1/payload.js.map +1 -0
- package/dist/push/provision/0.2/payload.d.ts +35 -0
- package/dist/push/provision/0.2/payload.d.ts.map +1 -0
- package/dist/push/provision/0.2/payload.js +9 -0
- package/dist/push/provision/0.2/payload.js.map +1 -0
- package/dist/push/register/0.1/payload.d.ts +72 -0
- package/dist/push/register/0.1/payload.d.ts.map +1 -0
- package/dist/push/register/0.1/payload.js +9 -0
- package/dist/push/register/0.1/payload.js.map +1 -0
- package/dist/push/register/0.2/payload.d.ts +72 -0
- package/dist/push/register/0.2/payload.d.ts.map +1 -0
- package/dist/push/register/0.2/payload.js +9 -0
- package/dist/push/register/0.2/payload.js.map +1 -0
- package/dist/push/wake/0.1/payload.d.ts +41 -0
- package/dist/push/wake/0.1/payload.d.ts.map +1 -0
- package/dist/push/wake/0.1/payload.js +9 -0
- package/dist/push/wake/0.1/payload.js.map +1 -0
- package/dist/push/wake/0.2/payload.d.ts +41 -0
- package/dist/push/wake/0.2/payload.d.ts.map +1 -0
- package/dist/push/wake/0.2/payload.js +9 -0
- package/dist/push/wake/0.2/payload.js.map +1 -0
- package/dist/sync/_shared/0.2/sync-event.d.ts +11 -0
- package/dist/sync/_shared/0.2/sync-event.d.ts.map +1 -0
- package/dist/sync/_shared/0.2/sync-event.js +6 -0
- package/dist/sync/_shared/0.2/sync-event.js.map +1 -0
- package/dist/sync/event/0.2/payload.d.ts +208 -0
- package/dist/sync/event/0.2/payload.d.ts.map +1 -0
- package/dist/sync/event/0.2/payload.js +9 -0
- package/dist/sync/event/0.2/payload.js.map +1 -0
- package/dist/trust-task-error/0.2/payload.d.ts +36 -0
- package/dist/trust-task-error/0.2/payload.d.ts.map +1 -0
- package/dist/trust-task-error/0.2/payload.js +9 -0
- package/dist/trust-task-error/0.2/payload.js.map +1 -0
- package/dist/vault/_shared/0.2/consumer-context.d.ts +11 -0
- package/dist/vault/_shared/0.2/consumer-context.d.ts.map +1 -0
- package/dist/vault/_shared/0.2/consumer-context.js +6 -0
- package/dist/vault/_shared/0.2/consumer-context.js.map +1 -0
- package/dist/vault/_shared/0.2/sealed-envelope.d.ts +15 -0
- package/dist/vault/_shared/0.2/sealed-envelope.d.ts.map +1 -0
- package/dist/vault/_shared/0.2/sealed-envelope.js +6 -0
- package/dist/vault/_shared/0.2/sealed-envelope.js.map +1 -0
- package/dist/vault/_shared/0.2/session-blob.d.ts +13 -0
- package/dist/vault/_shared/0.2/session-blob.d.ts.map +1 -0
- package/dist/vault/_shared/0.2/session-blob.js +6 -0
- package/dist/vault/_shared/0.2/session-blob.js.map +1 -0
- package/dist/vault/_shared/0.2/vault-entry.d.ts +13 -0
- package/dist/vault/_shared/0.2/vault-entry.d.ts.map +1 -0
- package/dist/vault/_shared/0.2/vault-entry.js +6 -0
- package/dist/vault/_shared/0.2/vault-entry.js.map +1 -0
- package/dist/vault/_shared/0.2/vault-secret.d.ts +15 -0
- package/dist/vault/_shared/0.2/vault-secret.d.ts.map +1 -0
- package/dist/vault/_shared/0.2/vault-secret.js +6 -0
- package/dist/vault/_shared/0.2/vault-secret.js.map +1 -0
- package/dist/vault/get/0.2/payload.d.ts +25 -0
- package/dist/vault/get/0.2/payload.d.ts.map +1 -0
- package/dist/vault/get/0.2/payload.js +9 -0
- package/dist/vault/get/0.2/payload.js.map +1 -0
- package/dist/vault/list/0.2/payload.d.ts +74 -0
- package/dist/vault/list/0.2/payload.d.ts.map +1 -0
- package/dist/vault/list/0.2/payload.js +9 -0
- package/dist/vault/list/0.2/payload.js.map +1 -0
- package/dist/vault/proxy-login/0.2/payload.d.ts +109 -0
- package/dist/vault/proxy-login/0.2/payload.d.ts.map +1 -0
- package/dist/vault/proxy-login/0.2/payload.js +9 -0
- package/dist/vault/proxy-login/0.2/payload.js.map +1 -0
- package/dist/vault/release/0.2/payload.d.ts +102 -0
- package/dist/vault/release/0.2/payload.d.ts.map +1 -0
- package/dist/vault/release/0.2/payload.js +9 -0
- package/dist/vault/release/0.2/payload.js.map +1 -0
- package/dist/vault/sign-trust-task/0.2/payload.d.ts +99 -0
- package/dist/vault/sign-trust-task/0.2/payload.d.ts.map +1 -0
- package/dist/vault/sign-trust-task/0.2/payload.js +9 -0
- package/dist/vault/sign-trust-task/0.2/payload.js.map +1 -0
- package/dist/vault/sync/0.2/payload.d.ts +33 -0
- package/dist/vault/sync/0.2/payload.d.ts.map +1 -0
- package/dist/vault/sync/0.2/payload.js +9 -0
- package/dist/vault/sync/0.2/payload.js.map +1 -0
- package/dist/vault/upsert/0.2/payload.d.ts +150 -0
- package/dist/vault/upsert/0.2/payload.d.ts.map +1 -0
- package/dist/vault/upsert/0.2/payload.js +9 -0
- package/dist/vault/upsert/0.2/payload.js.map +1 -0
- package/dist/vault/usage/0.2/payload.d.ts +38 -0
- package/dist/vault/usage/0.2/payload.d.ts.map +1 -0
- package/dist/vault/usage/0.2/payload.js +9 -0
- package/dist/vault/usage/0.2/payload.js.map +1 -0
- package/dist/vta/_shared/0.1/passkey-vm.d.ts +11 -0
- package/dist/vta/_shared/0.1/passkey-vm.d.ts.map +1 -0
- package/dist/vta/_shared/0.1/passkey-vm.js +6 -0
- package/dist/vta/_shared/0.1/passkey-vm.js.map +1 -0
- package/dist/vta/passkey-vms/enroll-challenge/0.1/payload.d.ts +29 -0
- package/dist/vta/passkey-vms/enroll-challenge/0.1/payload.d.ts.map +1 -0
- package/dist/vta/passkey-vms/enroll-challenge/0.1/payload.js +9 -0
- package/dist/vta/passkey-vms/enroll-challenge/0.1/payload.js.map +1 -0
- package/dist/vta/passkey-vms/enroll-submit/0.1/payload.d.ts +61 -0
- package/dist/vta/passkey-vms/enroll-submit/0.1/payload.d.ts.map +1 -0
- package/dist/vta/passkey-vms/enroll-submit/0.1/payload.js +9 -0
- package/dist/vta/passkey-vms/enroll-submit/0.1/payload.js.map +1 -0
- package/dist/vta/passkey-vms/list/0.1/payload.d.ts +25 -0
- package/dist/vta/passkey-vms/list/0.1/payload.d.ts.map +1 -0
- package/dist/vta/passkey-vms/list/0.1/payload.js +9 -0
- package/dist/vta/passkey-vms/list/0.1/payload.js.map +1 -0
- package/dist/vta/passkey-vms/revoke/0.1/payload.d.ts +29 -0
- package/dist/vta/passkey-vms/revoke/0.1/payload.d.ts.map +1 -0
- package/dist/vta/passkey-vms/revoke/0.1/payload.js +9 -0
- package/dist/vta/passkey-vms/revoke/0.1/payload.js.map +1 -0
- package/package.json +1 -1
- package/src/index.ts +31 -26
- package/src/vta/_shared/0.1/passkey-vm.ts +11 -0
- package/src/vta/passkey-vms/enroll-challenge/0.1/payload.ts +31 -0
- package/src/vta/passkey-vms/enroll-submit/0.1/payload.ts +63 -0
- package/src/vta/passkey-vms/list/0.1/payload.ts +27 -0
- package/src/vta/passkey-vms/revoke/0.1/payload.ts +31 -0
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vault/usage/0.2/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/** Trust Task type URI. */
|
|
6
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vault/usage/0.2";
|
|
7
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
8
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vault/usage/0.2#response";
|
|
9
|
+
//# sourceMappingURL=payload.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../../../src/vault/usage/0.2/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAgCH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,QAAQ,GAAG,6CAAsD,CAAC;AAE/E,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,sDAA+D,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/_shared/0.1/passkey-vm.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* A WebAuthn passkey published as a Multikey verificationMethod (purpose `authentication`) on a VTA-managed DID. Any verifier that resolves the DID can validate a WebAuthn assertion against the embedded public key — no callback to the VTA and no shared secret. Returned by vta/passkey-vms/enroll-submit (the single VM just created) and vta/passkey-vms/list (every VM on the DID). The shape mirrors the wallet-side `@pnm/core` PasskeyVerificationMethod and the VTA-side `vta_sdk::protocols::did_management::passkey_vms::PasskeyVerificationMethod`.
|
|
7
|
+
*/
|
|
8
|
+
export interface PasskeyVerificationMethodSharedDefinitionForTheVtaPasskeyVmsSpecFamily {
|
|
9
|
+
[k: string]: unknown | undefined;
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=passkey-vm.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkey-vm.d.ts","sourceRoot":"","sources":["../../../../src/vta/_shared/0.1/passkey-vm.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,sEAAsE;IACrF,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CAClC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkey-vm.js","sourceRoot":"","sources":["../../../../src/vta/_shared/0.1/passkey-vm.ts"],"names":[],"mappings":"AAAA;;;GAGG"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-challenge/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Request a fresh WebAuthn registration challenge for adding a passkey verificationMethod to a VTA-managed DID. Step 1 of the two-step enrolment ceremony (challenge → submit). The producer must hold the admin role on the target DID's context.
|
|
7
|
+
*/
|
|
8
|
+
export interface VTAPasskeyVMEnrollChallengePayload {
|
|
9
|
+
/**
|
|
10
|
+
* The DID the new passkey verificationMethod will be added to. The producer MUST hold the admin role on this DID's context.
|
|
11
|
+
*/
|
|
12
|
+
did: string;
|
|
13
|
+
/**
|
|
14
|
+
* Optional operator-supplied label for the new passkey (e.g. "MacBook Touch ID"). Carried through to the WebAuthn user name and, if the ceremony completes, to the published verificationMethod.
|
|
15
|
+
*/
|
|
16
|
+
label?: string;
|
|
17
|
+
ext?: Ext;
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
21
|
+
*/
|
|
22
|
+
export interface Ext {
|
|
23
|
+
[k: string]: unknown | undefined;
|
|
24
|
+
}
|
|
25
|
+
/** Trust Task type URI. */
|
|
26
|
+
export declare const TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1";
|
|
27
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
28
|
+
export declare const RESPONSE_TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1#response";
|
|
29
|
+
//# sourceMappingURL=payload.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/enroll-challenge/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,kCAAkC;IACjD;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,GAAG,CAAC;CACX;AACD;;GAEG;AACH,MAAM,WAAW,GAAG;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CAClC;AAED,2BAA2B;AAC3B,eAAO,MAAM,QAAQ,EAAG,kEAA2E,CAAC;AAEpG,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,EAAG,2EAAoF,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-challenge/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/** Trust Task type URI. */
|
|
6
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1";
|
|
7
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
8
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1#response";
|
|
9
|
+
//# sourceMappingURL=payload.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/enroll-challenge/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAuBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,QAAQ,GAAG,kEAA2E,CAAC;AAEpG,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,2EAAoF,CAAC"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-submit/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Finalise passkey enrolment by submitting the WebAuthn registration result for a ceremony opened by vta/passkey-vms/enroll-challenge. The VTA re-derives the Multikey from attestationObject.authData and rejects on mismatch with the browser-claimed publicKeyMultibase — the browser's value is NOT trusted as authoritative. On success the VTA appends the verificationMethod to the DID document via a WebVH log entry. All byte-valued fields are base64url-encoded (no padding).
|
|
7
|
+
*/
|
|
8
|
+
export interface VTAPasskeyVMEnrollSubmitPayload {
|
|
9
|
+
/**
|
|
10
|
+
* The DID the new verificationMethod is to be added to. MUST match the DID bound to `ceremonyId` at challenge time — a mismatch is rejected as a cross-DID replay.
|
|
11
|
+
*/
|
|
12
|
+
did: string;
|
|
13
|
+
/**
|
|
14
|
+
* The `ceremonyId` returned by vta/passkey-vms/enroll-challenge. Single-use; consumed by this submission.
|
|
15
|
+
*/
|
|
16
|
+
ceremonyId: string;
|
|
17
|
+
/**
|
|
18
|
+
* WebAuthn `credential.id` (base64url, no padding). The published verificationMethod `id` fragment is derived as `passkey-<base64url(sha256(credentialId))>`.
|
|
19
|
+
*/
|
|
20
|
+
credentialId: string;
|
|
21
|
+
/**
|
|
22
|
+
* Browser-computed W3C Multikey for the credential public key. ADVISORY: the VTA re-derives the Multikey from `attestationObject.authData` and rejects this submission if the values differ (anti-tamper gate). The re-derived key — not this one — is what gets published.
|
|
23
|
+
*/
|
|
24
|
+
publicKeyMultibase: string;
|
|
25
|
+
/**
|
|
26
|
+
* COSE algorithm identifier of the credential key (e.g. -7 for ES256, -8 for EdDSA). Must be an algorithm the VTA can convert to a Multikey.
|
|
27
|
+
*/
|
|
28
|
+
coseAlgorithm: number;
|
|
29
|
+
/**
|
|
30
|
+
* Raw WebAuthn `attestationObject` — base64url-encoded CBOR. The VTA parses `authData` from this to re-derive the authoritative public key.
|
|
31
|
+
*/
|
|
32
|
+
attestationObject: string;
|
|
33
|
+
/**
|
|
34
|
+
* Raw WebAuthn `clientDataJSON` (base64url, no padding). Bound to the ceremony `challenge` during WebAuthn verification.
|
|
35
|
+
*/
|
|
36
|
+
clientDataJson: string;
|
|
37
|
+
/**
|
|
38
|
+
* Raw WebAuthn `authenticatorData` (base64url, no padding).
|
|
39
|
+
*/
|
|
40
|
+
authenticatorData: string;
|
|
41
|
+
/**
|
|
42
|
+
* Transport hints reported by the authenticator (e.g. `internal`, `hybrid`). Advisory; carried through to the published verificationMethod's `webauthnTransports`.
|
|
43
|
+
*/
|
|
44
|
+
transports?: string[];
|
|
45
|
+
/**
|
|
46
|
+
* Optional operator-supplied label (e.g. "MacBook Touch ID"), carried through to the published verificationMethod.
|
|
47
|
+
*/
|
|
48
|
+
label?: string;
|
|
49
|
+
ext?: Ext;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
53
|
+
*/
|
|
54
|
+
export interface Ext {
|
|
55
|
+
[k: string]: unknown | undefined;
|
|
56
|
+
}
|
|
57
|
+
/** Trust Task type URI. */
|
|
58
|
+
export declare const TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1";
|
|
59
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
60
|
+
export declare const RESPONSE_TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1#response";
|
|
61
|
+
//# sourceMappingURL=payload.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/enroll-submit/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,+BAA+B;IAC9C;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;OAEG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,GAAG,CAAC;CACX;AACD;;GAEG;AACH,MAAM,WAAW,GAAG;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CAClC;AAED,2BAA2B;AAC3B,eAAO,MAAM,QAAQ,EAAG,+DAAwE,CAAC;AAEjG,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,EAAG,wEAAiF,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-submit/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/** Trust Task type URI. */
|
|
6
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1";
|
|
7
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
8
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1#response";
|
|
9
|
+
//# sourceMappingURL=payload.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/enroll-submit/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAuDH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,QAAQ,GAAG,+DAAwE,CAAC;AAEjG,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,wEAAiF,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/list/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* List every passkey verificationMethod currently published on a VTA-managed DID. Admin-gated read. The returned entries are the same Multikey verificationMethods that appear in the DID document.
|
|
7
|
+
*/
|
|
8
|
+
export interface VTAPasskeyVMListPayload {
|
|
9
|
+
/**
|
|
10
|
+
* The DID whose passkey verificationMethods to enumerate. The producer MUST hold the admin role on this DID's context.
|
|
11
|
+
*/
|
|
12
|
+
did: string;
|
|
13
|
+
ext?: Ext;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
17
|
+
*/
|
|
18
|
+
export interface Ext {
|
|
19
|
+
[k: string]: unknown | undefined;
|
|
20
|
+
}
|
|
21
|
+
/** Trust Task type URI. */
|
|
22
|
+
export declare const TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/list/0.1";
|
|
23
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
24
|
+
export declare const RESPONSE_TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/list/0.1#response";
|
|
25
|
+
//# sourceMappingURL=payload.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/list/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,GAAG,CAAC;CACX;AACD;;GAEG;AACH,MAAM,WAAW,GAAG;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CAClC;AAED,2BAA2B;AAC3B,eAAO,MAAM,QAAQ,EAAG,sDAA+D,CAAC;AAExF,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,EAAG,+DAAwE,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/list/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/** Trust Task type URI. */
|
|
6
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/list/0.1";
|
|
7
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
8
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/list/0.1#response";
|
|
9
|
+
//# sourceMappingURL=payload.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/list/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAmBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,QAAQ,GAAG,sDAA+D,CAAC;AAExF,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,+DAAwE,CAAC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/revoke/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Remove a passkey verificationMethod from a VTA-managed DID document via a WebVH log entry. Admin-gated. The VM is identified by its URL fragment (everything after `#` in the verificationMethod id). The success response is an empty object — modelled as an object so future additive fields do not bump the version.
|
|
7
|
+
*/
|
|
8
|
+
export interface VTAPasskeyVMRevokePayload {
|
|
9
|
+
/**
|
|
10
|
+
* The DID the verificationMethod lives on. The producer MUST hold the admin role on this DID's context.
|
|
11
|
+
*/
|
|
12
|
+
did: string;
|
|
13
|
+
/**
|
|
14
|
+
* The verificationMethod URL fragment — everything after `#` in the VM id (e.g. `passkey-3q2r1s0tUvWxYz`). MUST NOT include the leading `#`.
|
|
15
|
+
*/
|
|
16
|
+
fragment: string;
|
|
17
|
+
ext?: Ext;
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
21
|
+
*/
|
|
22
|
+
export interface Ext {
|
|
23
|
+
[k: string]: unknown | undefined;
|
|
24
|
+
}
|
|
25
|
+
/** Trust Task type URI. */
|
|
26
|
+
export declare const TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1";
|
|
27
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
28
|
+
export declare const RESPONSE_TYPE_URI: "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1#response";
|
|
29
|
+
//# sourceMappingURL=payload.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/revoke/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,GAAG,CAAC;CACX;AACD;;GAEG;AACH,MAAM,WAAW,GAAG;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC;CAClC;AAED,2BAA2B;AAC3B,eAAO,MAAM,QAAQ,EAAG,wDAAiE,CAAC;AAE1F,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,EAAG,iEAA0E,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/revoke/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
/** Trust Task type URI. */
|
|
6
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1";
|
|
7
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
8
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1#response";
|
|
9
|
+
//# sourceMappingURL=payload.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../../../../src/vta/passkey-vms/revoke/0.1/payload.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAuBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,QAAQ,GAAG,wDAAiE,CAAC;AAE1F,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,iEAA0E,CAAC"}
|
package/package.json
CHANGED
package/src/index.ts
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
/** Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND. */
|
|
2
2
|
|
|
3
|
-
export * as
|
|
4
|
-
export * as
|
|
5
|
-
export * as
|
|
3
|
+
export * as FrameworkShared_v0_1 from "./_framework/0.1/framework";
|
|
4
|
+
export * as FrameworkShared_v0_2 from "./_framework/0.2/framework";
|
|
5
|
+
export * as AclEntryShared_v0_1 from "./acl/_shared/0.1/acl-entry";
|
|
6
6
|
export * as AclChangeRole_v0_1 from "./acl/change-role/0.1/payload";
|
|
7
7
|
export * as AclGrant_v0_1 from "./acl/grant/0.1/payload";
|
|
8
8
|
export * as AclList_v0_1 from "./acl/list/0.1/payload";
|
|
9
9
|
export * as AclRevoke_v0_1 from "./acl/revoke/0.1/payload";
|
|
10
10
|
export * as AclShow_v0_1 from "./acl/show/0.1/payload";
|
|
11
11
|
export * as AclSwapKey_v0_1 from "./acl/swap-key/0.1/payload";
|
|
12
|
-
export * as
|
|
13
|
-
export * as
|
|
14
|
-
export * as
|
|
12
|
+
export * as SessionShared_v0_1 from "./auth/_shared/0.1/session";
|
|
13
|
+
export * as TokensShared_v0_1 from "./auth/_shared/0.1/tokens";
|
|
14
|
+
export * as WebauthnShared_v0_1 from "./auth/_shared/0.1/webauthn";
|
|
15
15
|
export * as AuthAuthenticate_v0_1 from "./auth/authenticate/0.1/payload";
|
|
16
16
|
export * as AuthChallenge_v0_1 from "./auth/challenge/0.1/payload";
|
|
17
17
|
export * as AuthPasskeyEnrollFinish_v0_1 from "./auth/passkey/enroll/finish/0.1/payload";
|
|
@@ -33,8 +33,8 @@ export * as AuthStepUpPolicy_v0_2 from "./auth/step-up/policy/0.2/payload";
|
|
|
33
33
|
export * as AuthWhoami_v0_1 from "./auth/whoami/0.1/payload";
|
|
34
34
|
export * as ConfirmRequest_v0_1 from "./confirm/request/0.1/payload";
|
|
35
35
|
export * as ConfirmResponse_v0_1 from "./confirm/response/0.1/payload";
|
|
36
|
-
export * as
|
|
37
|
-
export * as
|
|
36
|
+
export * as DeviceBindingShared_v0_1 from "./device/_shared/0.1/device-binding";
|
|
37
|
+
export * as DeviceBindingShared_v0_2 from "./device/_shared/0.2/device-binding";
|
|
38
38
|
export * as DeviceDisable_v0_1 from "./device/disable/0.1/payload";
|
|
39
39
|
export * as DeviceHeartbeat_v0_1 from "./device/heartbeat/0.1/payload";
|
|
40
40
|
export * as DeviceHeartbeat_v0_2 from "./device/heartbeat/0.2/payload";
|
|
@@ -46,10 +46,10 @@ export * as DeviceSetWake_v0_1 from "./device/set-wake/0.1/payload";
|
|
|
46
46
|
export * as DeviceSetWake_v0_2 from "./device/set-wake/0.2/payload";
|
|
47
47
|
export * as DeviceWipe_v0_1 from "./device/wipe/0.1/payload";
|
|
48
48
|
export * as DeviceWipe_v0_2 from "./device/wipe/0.2/payload";
|
|
49
|
-
export * as
|
|
50
|
-
export * as
|
|
51
|
-
export * as
|
|
52
|
-
export * as
|
|
49
|
+
export * as WebvhShared_v0_1 from "./did-management/_shared/0.1/did-method-extensions/webvh";
|
|
50
|
+
export * as DidRecordShared_v0_1 from "./did-management/_shared/0.1/did-record";
|
|
51
|
+
export * as DomainEntryShared_v0_1 from "./did-management/_shared/0.1/domain-entry";
|
|
52
|
+
export * as ServiceInstanceShared_v0_1 from "./did-management/_shared/0.1/service-instance";
|
|
53
53
|
export * as DidManagementDidChangeOwner_v0_1 from "./did-management/did/change-owner/0.1/payload";
|
|
54
54
|
export * as DidManagementDidCheckName_v0_1 from "./did-management/did/check-name/0.1/payload";
|
|
55
55
|
export * as DidManagementDidDelete_v0_1 from "./did-management/did/delete/0.1/payload";
|
|
@@ -75,8 +75,8 @@ export * as DidManagementRegistryDeregister_v0_1 from "./did-management/registry
|
|
|
75
75
|
export * as DidManagementServerHealth_v0_1 from "./did-management/server/health/0.1/payload";
|
|
76
76
|
export * as DidManagementServerRegister_v0_1 from "./did-management/server/register/0.1/payload";
|
|
77
77
|
export * as DidManagementServerStatsSync_v0_1 from "./did-management/server/stats-sync/0.1/payload";
|
|
78
|
-
export * as
|
|
79
|
-
export * as
|
|
78
|
+
export * as PolicyShared_v0_1 from "./policy/_shared/0.1/policy";
|
|
79
|
+
export * as PolicyShared_v0_2 from "./policy/_shared/0.2/policy";
|
|
80
80
|
export * as PolicyDelete_v0_1 from "./policy/delete/0.1/payload";
|
|
81
81
|
export * as PolicyEvaluate_v0_1 from "./policy/evaluate/0.1/payload";
|
|
82
82
|
export * as PolicyEvaluate_v0_2 from "./policy/evaluate/0.2/payload";
|
|
@@ -92,23 +92,23 @@ export * as PushRegister_v0_1 from "./push/register/0.1/payload";
|
|
|
92
92
|
export * as PushRegister_v0_2 from "./push/register/0.2/payload";
|
|
93
93
|
export * as PushWake_v0_1 from "./push/wake/0.1/payload";
|
|
94
94
|
export * as PushWake_v0_2 from "./push/wake/0.2/payload";
|
|
95
|
-
export * as
|
|
96
|
-
export * as
|
|
95
|
+
export * as SyncEventShared_v0_1 from "./sync/_shared/0.1/sync-event";
|
|
96
|
+
export * as SyncEventShared_v0_2 from "./sync/_shared/0.2/sync-event";
|
|
97
97
|
export * as SyncEvent_v0_1 from "./sync/event/0.1/payload";
|
|
98
98
|
export * as SyncEvent_v0_2 from "./sync/event/0.2/payload";
|
|
99
99
|
export * as TrustTaskDiscovery_v0_1 from "./trust-task-discovery/0.1/payload";
|
|
100
100
|
export * as TrustTaskError_v0_1 from "./trust-task-error/0.1/payload";
|
|
101
101
|
export * as TrustTaskError_v0_2 from "./trust-task-error/0.2/payload";
|
|
102
|
-
export * as
|
|
103
|
-
export * as
|
|
104
|
-
export * as
|
|
105
|
-
export * as
|
|
106
|
-
export * as
|
|
107
|
-
export * as
|
|
108
|
-
export * as
|
|
109
|
-
export * as
|
|
110
|
-
export * as
|
|
111
|
-
export * as
|
|
102
|
+
export * as ConsumerContextShared_v0_1 from "./vault/_shared/0.1/consumer-context";
|
|
103
|
+
export * as SealedEnvelopeShared_v0_1 from "./vault/_shared/0.1/sealed-envelope";
|
|
104
|
+
export * as SessionBlobShared_v0_1 from "./vault/_shared/0.1/session-blob";
|
|
105
|
+
export * as VaultEntryShared_v0_1 from "./vault/_shared/0.1/vault-entry";
|
|
106
|
+
export * as VaultSecretShared_v0_1 from "./vault/_shared/0.1/vault-secret";
|
|
107
|
+
export * as ConsumerContextShared_v0_2 from "./vault/_shared/0.2/consumer-context";
|
|
108
|
+
export * as SealedEnvelopeShared_v0_2 from "./vault/_shared/0.2/sealed-envelope";
|
|
109
|
+
export * as SessionBlobShared_v0_2 from "./vault/_shared/0.2/session-blob";
|
|
110
|
+
export * as VaultEntryShared_v0_2 from "./vault/_shared/0.2/vault-entry";
|
|
111
|
+
export * as VaultSecretShared_v0_2 from "./vault/_shared/0.2/vault-secret";
|
|
112
112
|
export * as VaultDelete_v0_1 from "./vault/delete/0.1/payload";
|
|
113
113
|
export * as VaultGet_v0_1 from "./vault/get/0.1/payload";
|
|
114
114
|
export * as VaultGet_v0_2 from "./vault/get/0.2/payload";
|
|
@@ -126,6 +126,11 @@ export * as VaultUpsert_v0_1 from "./vault/upsert/0.1/payload";
|
|
|
126
126
|
export * as VaultUpsert_v0_2 from "./vault/upsert/0.2/payload";
|
|
127
127
|
export * as VaultUsage_v0_1 from "./vault/usage/0.1/payload";
|
|
128
128
|
export * as VaultUsage_v0_2 from "./vault/usage/0.2/payload";
|
|
129
|
+
export * as PasskeyVmShared_v0_1 from "./vta/_shared/0.1/passkey-vm";
|
|
130
|
+
export * as VtaPasskeyVmsEnrollChallenge_v0_1 from "./vta/passkey-vms/enroll-challenge/0.1/payload";
|
|
131
|
+
export * as VtaPasskeyVmsEnrollSubmit_v0_1 from "./vta/passkey-vms/enroll-submit/0.1/payload";
|
|
132
|
+
export * as VtaPasskeyVmsList_v0_1 from "./vta/passkey-vms/list/0.1/payload";
|
|
133
|
+
export * as VtaPasskeyVmsRevoke_v0_1 from "./vta/passkey-vms/revoke/0.1/payload";
|
|
129
134
|
export * as WebvhSyncDelete_v0_1 from "./webvh/sync/delete/0.1/payload";
|
|
130
135
|
export * as WebvhSyncUpdate_v0_1 from "./webvh/sync/update/0.1/payload";
|
|
131
136
|
export * as WebvhWitnessPublish_v0_1 from "./webvh/witness/publish/0.1/payload";
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/_shared/0.1/passkey-vm.schema.json
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* A WebAuthn passkey published as a Multikey verificationMethod (purpose `authentication`) on a VTA-managed DID. Any verifier that resolves the DID can validate a WebAuthn assertion against the embedded public key — no callback to the VTA and no shared secret. Returned by vta/passkey-vms/enroll-submit (the single VM just created) and vta/passkey-vms/list (every VM on the DID). The shape mirrors the wallet-side `@pnm/core` PasskeyVerificationMethod and the VTA-side `vta_sdk::protocols::did_management::passkey_vms::PasskeyVerificationMethod`.
|
|
8
|
+
*/
|
|
9
|
+
export interface PasskeyVerificationMethodSharedDefinitionForTheVtaPasskeyVmsSpecFamily {
|
|
10
|
+
[k: string]: unknown | undefined;
|
|
11
|
+
}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-challenge/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Request a fresh WebAuthn registration challenge for adding a passkey verificationMethod to a VTA-managed DID. Step 1 of the two-step enrolment ceremony (challenge → submit). The producer must hold the admin role on the target DID's context.
|
|
8
|
+
*/
|
|
9
|
+
export interface VTAPasskeyVMEnrollChallengePayload {
|
|
10
|
+
/**
|
|
11
|
+
* The DID the new passkey verificationMethod will be added to. The producer MUST hold the admin role on this DID's context.
|
|
12
|
+
*/
|
|
13
|
+
did: string;
|
|
14
|
+
/**
|
|
15
|
+
* Optional operator-supplied label for the new passkey (e.g. "MacBook Touch ID"). Carried through to the WebAuthn user name and, if the ceremony completes, to the published verificationMethod.
|
|
16
|
+
*/
|
|
17
|
+
label?: string;
|
|
18
|
+
ext?: Ext;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
22
|
+
*/
|
|
23
|
+
export interface Ext {
|
|
24
|
+
[k: string]: unknown | undefined;
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
/** Trust Task type URI. */
|
|
28
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1" as const;
|
|
29
|
+
|
|
30
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
31
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-challenge/0.1#response" as const;
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/enroll-submit/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Finalise passkey enrolment by submitting the WebAuthn registration result for a ceremony opened by vta/passkey-vms/enroll-challenge. The VTA re-derives the Multikey from attestationObject.authData and rejects on mismatch with the browser-claimed publicKeyMultibase — the browser's value is NOT trusted as authoritative. On success the VTA appends the verificationMethod to the DID document via a WebVH log entry. All byte-valued fields are base64url-encoded (no padding).
|
|
8
|
+
*/
|
|
9
|
+
export interface VTAPasskeyVMEnrollSubmitPayload {
|
|
10
|
+
/**
|
|
11
|
+
* The DID the new verificationMethod is to be added to. MUST match the DID bound to `ceremonyId` at challenge time — a mismatch is rejected as a cross-DID replay.
|
|
12
|
+
*/
|
|
13
|
+
did: string;
|
|
14
|
+
/**
|
|
15
|
+
* The `ceremonyId` returned by vta/passkey-vms/enroll-challenge. Single-use; consumed by this submission.
|
|
16
|
+
*/
|
|
17
|
+
ceremonyId: string;
|
|
18
|
+
/**
|
|
19
|
+
* WebAuthn `credential.id` (base64url, no padding). The published verificationMethod `id` fragment is derived as `passkey-<base64url(sha256(credentialId))>`.
|
|
20
|
+
*/
|
|
21
|
+
credentialId: string;
|
|
22
|
+
/**
|
|
23
|
+
* Browser-computed W3C Multikey for the credential public key. ADVISORY: the VTA re-derives the Multikey from `attestationObject.authData` and rejects this submission if the values differ (anti-tamper gate). The re-derived key — not this one — is what gets published.
|
|
24
|
+
*/
|
|
25
|
+
publicKeyMultibase: string;
|
|
26
|
+
/**
|
|
27
|
+
* COSE algorithm identifier of the credential key (e.g. -7 for ES256, -8 for EdDSA). Must be an algorithm the VTA can convert to a Multikey.
|
|
28
|
+
*/
|
|
29
|
+
coseAlgorithm: number;
|
|
30
|
+
/**
|
|
31
|
+
* Raw WebAuthn `attestationObject` — base64url-encoded CBOR. The VTA parses `authData` from this to re-derive the authoritative public key.
|
|
32
|
+
*/
|
|
33
|
+
attestationObject: string;
|
|
34
|
+
/**
|
|
35
|
+
* Raw WebAuthn `clientDataJSON` (base64url, no padding). Bound to the ceremony `challenge` during WebAuthn verification.
|
|
36
|
+
*/
|
|
37
|
+
clientDataJson: string;
|
|
38
|
+
/**
|
|
39
|
+
* Raw WebAuthn `authenticatorData` (base64url, no padding).
|
|
40
|
+
*/
|
|
41
|
+
authenticatorData: string;
|
|
42
|
+
/**
|
|
43
|
+
* Transport hints reported by the authenticator (e.g. `internal`, `hybrid`). Advisory; carried through to the published verificationMethod's `webauthnTransports`.
|
|
44
|
+
*/
|
|
45
|
+
transports?: string[];
|
|
46
|
+
/**
|
|
47
|
+
* Optional operator-supplied label (e.g. "MacBook Touch ID"), carried through to the published verificationMethod.
|
|
48
|
+
*/
|
|
49
|
+
label?: string;
|
|
50
|
+
ext?: Ext;
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
54
|
+
*/
|
|
55
|
+
export interface Ext {
|
|
56
|
+
[k: string]: unknown | undefined;
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
/** Trust Task type URI. */
|
|
60
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1" as const;
|
|
61
|
+
|
|
62
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
63
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/enroll-submit/0.1#response" as const;
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/list/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* List every passkey verificationMethod currently published on a VTA-managed DID. Admin-gated read. The returned entries are the same Multikey verificationMethods that appear in the DID document.
|
|
8
|
+
*/
|
|
9
|
+
export interface VTAPasskeyVMListPayload {
|
|
10
|
+
/**
|
|
11
|
+
* The DID whose passkey verificationMethods to enumerate. The producer MUST hold the admin role on this DID's context.
|
|
12
|
+
*/
|
|
13
|
+
did: string;
|
|
14
|
+
ext?: Ext;
|
|
15
|
+
}
|
|
16
|
+
/**
|
|
17
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
18
|
+
*/
|
|
19
|
+
export interface Ext {
|
|
20
|
+
[k: string]: unknown | undefined;
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
/** Trust Task type URI. */
|
|
24
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/list/0.1" as const;
|
|
25
|
+
|
|
26
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
27
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/list/0.1#response" as const;
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Generated by scripts/build-ts-bindings.mjs — DO NOT EDIT BY HAND.
|
|
3
|
+
* Source: specs/vta/passkey-vms/revoke/0.1/payload.schema.json
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
/**
|
|
7
|
+
* Remove a passkey verificationMethod from a VTA-managed DID document via a WebVH log entry. Admin-gated. The VM is identified by its URL fragment (everything after `#` in the verificationMethod id). The success response is an empty object — modelled as an object so future additive fields do not bump the version.
|
|
8
|
+
*/
|
|
9
|
+
export interface VTAPasskeyVMRevokePayload {
|
|
10
|
+
/**
|
|
11
|
+
* The DID the verificationMethod lives on. The producer MUST hold the admin role on this DID's context.
|
|
12
|
+
*/
|
|
13
|
+
did: string;
|
|
14
|
+
/**
|
|
15
|
+
* The verificationMethod URL fragment — everything after `#` in the VM id (e.g. `passkey-3q2r1s0tUvWxYz`). MUST NOT include the leading `#`.
|
|
16
|
+
*/
|
|
17
|
+
fragment: string;
|
|
18
|
+
ext?: Ext;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Ecosystem-defined extension members per SPEC.md §4.5.1.
|
|
22
|
+
*/
|
|
23
|
+
export interface Ext {
|
|
24
|
+
[k: string]: unknown | undefined;
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
/** Trust Task type URI. */
|
|
28
|
+
export const TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1" as const;
|
|
29
|
+
|
|
30
|
+
/** Trust Task response type URI (request type URI + "#response"). */
|
|
31
|
+
export const RESPONSE_TYPE_URI = "https://trusttasks.org/spec/vta/passkey-vms/revoke/0.1#response" as const;
|