@originals/sdk 1.2.0 → 1.4.2

package/dist/core/OriginalsSDK.js

@@ -1,274 +0,0 @@
-import { DIDManager } from '../did/DIDManager';
-import { CredentialManager } from '../vc/CredentialManager';
-import { LifecycleManager } from '../lifecycle/LifecycleManager';
-import { BitcoinManager } from '../bitcoin/BitcoinManager';
-import { DEFAULT_WEBVH_NETWORK } from '../types/network';
-import { emitTelemetry, StructuredError } from '../utils/telemetry';
-import { Logger } from '../utils/Logger';
-import { MetricsCollector } from '../utils/MetricsCollector';
-import { EventLogger } from '../utils/EventLogger';
-import { createDID } from 'didwebvh-ts';
-export class OriginalsSDK {
-    constructor(config, keyStore) {
-        // Input validation
-        if (!config || typeof config !== 'object') {
-            throw new Error('Configuration object is required');
-        }
-        if (!config.network || !['mainnet', 'regtest', 'signet'].includes(config.network)) {
-            throw new Error('Invalid network: must be mainnet, regtest, or signet');
-        }
-        if (!config.defaultKeyType || !['ES256K', 'Ed25519', 'ES256'].includes(config.defaultKeyType)) {
-            throw new Error('Invalid defaultKeyType: must be ES256K, Ed25519, or ES256');
-        }
-        this.config = config;
-        // Initialize logger and metrics
-        this.logger = new Logger('SDK', config);
-        this.metrics = new MetricsCollector();
-        this.eventLogger = new EventLogger(this.logger.child('Events'), this.metrics);
-        // Log SDK initialization
-        this.logger.info('Initializing Originals SDK', {
-            network: config.network,
-            keyType: config.defaultKeyType
-        });
-        emitTelemetry(config.telemetry, { name: 'sdk.init', attributes: { network: config.network } });
-        // Initialize managers
-        this.did = new DIDManager(config);
-        this.credentials = new CredentialManager(config, this.did);
-        this.lifecycle = new LifecycleManager(config, this.did, this.credentials, undefined, keyStore);
-        this.bitcoin = new BitcoinManager(config);
-        // Set up event logging integration
-        this.setupEventLogging();
-        this.logger.info('SDK initialized successfully');
-    }
-    /**
-     * Set up event logging integration
-     */
-    setupEventLogging() {
-        // Configure event logging from config
-        if (this.config.logging?.eventLogging) {
-            this.eventLogger.configureEventLogging(this.config.logging.eventLogging);
-        }
-        // Subscribe to lifecycle events
-        this.eventLogger.subscribeToEvents(this.lifecycle.eventEmitter);
-    }
-    /**
-     * Validates that the SDK is properly configured for Bitcoin operations.
-     * Throws a StructuredError if ordinalsProvider is not configured.
-     *
-     * @throws {StructuredError} When ordinalsProvider is not configured
-     */
-    validateBitcoinConfig() {
-        if (!this.config.ordinalsProvider) {
-            throw new StructuredError('ORD_PROVIDER_REQUIRED', 'Bitcoin operations require an ordinalsProvider to be configured. ' +
-                'Please provide an ordinalsProvider when creating the SDK. ' +
-                'See README.md for configuration examples.');
-        }
-    }
-    static create(options) {
-        const { keyStore, ...configOptions } = options || {};
-        const defaultConfig = {
-            network: 'mainnet',
-            defaultKeyType: 'ES256K',
-            enableLogging: false,
-            webvhNetwork: DEFAULT_WEBVH_NETWORK, // Default to 'pichu' (production)
-        };
-        return new OriginalsSDK({ ...defaultConfig, ...configOptions }, keyStore);
-    }
-    /**
-     * Prepare data for signing using didwebvh-ts's canonical approach
-     * This is a public static helper method that wraps didwebvh-ts's prepareDataForSigning
-     * to ensure didwebvh-ts is only imported within the SDK
-     */
-    static async prepareDIDDataForSigning(document, proof) {
-        // Dynamically import didwebvh-ts to avoid module resolution issues
-        const mod = await import('didwebvh-ts');
-        const { prepareDataForSigning } = mod;
-        // Runtime validation
-        if (typeof prepareDataForSigning !== 'function') {
-            throw new Error('Failed to load didwebvh-ts: prepareDataForSigning is not a function');
-        }
-        return prepareDataForSigning(document, proof);
-    }
-    /**
-     * Verify a DID signature using Ed25519
-     * This is a public static helper method that provides browser-compatible Ed25519 verification
-     * Works with Uint8Array inputs (no Buffer required)
-     *
-     * @param signature - The signature bytes (Uint8Array)
-     * @param message - The message bytes that were signed (Uint8Array)
-     * @param publicKey - The public key bytes (Uint8Array, should be 32 bytes for Ed25519)
-     * @returns True if the signature is valid
-     */
-    static async verifyDIDSignature(signature, message, publicKey) {
-        // Dynamically import @noble/ed25519 to avoid module resolution issues
-        const ed25519Mod = await import('@noble/ed25519');
-        // Ed25519 public keys must be exactly 32 bytes
-        // Some keys may have a version byte prefix, so remove it if present
-        let ed25519PublicKey = publicKey;
-        if (publicKey.length === 33) {
-            ed25519PublicKey = publicKey.slice(1);
-        }
-        else if (publicKey.length !== 32) {
-            throw new Error(`Invalid Ed25519 public key length: ${publicKey.length} (expected 32 bytes)`);
-        }
-        // Verify using @noble/ed25519 with Uint8Array (browser-compatible)
-        // ed25519.verifyAsync accepts Uint8Array directly
-        try {
-            return await ed25519Mod.verifyAsync(signature, message, ed25519PublicKey);
-        }
-        catch (error) {
-            // Verification failed or error occurred
-            return false;
-        }
-    }
-    /**
-     * Create a new Original
-     * This is a convenience proxy that routes to the appropriate specialized creation method.
-     * Currently proxies to createDIDOriginal(), but can be extended for other Original types.
-     *
-     * @param options - Creation options (discriminated union by type)
-     * @returns Created DID, document, log, and metadata
-     */
-    static async createOriginal(options) {
-        // Route based on type discriminator
-        switch (options.type) {
-            case 'did':
-                return OriginalsSDK.createDIDOriginal(options);
-            default:
-                // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
-                throw new Error(`Unsupported Original type: ${options.type}`);
-        }
-    }
-    /**
-     * Create a new DID-based Original (DID document/log)
-     * This wraps didwebvh-ts's createDID function to ensure didwebvh-ts is only imported within the SDK.
-     *
-     * A DID-based Original represents a decentralized identity that can be used as the foundation
-     * for other Originals (e.g., asset Originals, credential Originals, etc.).
-     *
-     * @param options - Creation options matching didwebvh-ts createDID interface
-     * @returns Created DID, document, log, and metadata
-     */
-    static async createDIDOriginal(options) {
-        // Dynamically import didwebvh-ts to avoid module resolution issues
-        // const mod = await import('didwebvh-ts') as unknown as {
-        //   createDID: (options: Record<string, unknown>) => Promise<{
-        //     did: string;
-        //     doc: Record<string, unknown>;
-        //     log: DIDLog;
-        //     meta: DIDResolutionMeta;
-        //   }>;
-        // };
-        // const { createDID } = mod;
-        // Runtime validation
-        if (typeof createDID !== 'function') {
-            throw new Error('Failed to load didwebvh-ts: createDID is not a function');
-        }
-        // Create the DID using didwebvh-ts
-        const result = await createDID({
-            domain: options.domain,
-            signer: options.signer,
-            verifier: options.verifier,
-            paths: options.paths,
-            updateKeys: options.updateKeys,
-            verificationMethods: options.verificationMethods,
-            context: options.context || [
-                'https://www.w3.org/ns/did/v1',
-                'https://w3id.org/security/multikey/v1'
-            ],
-        });
-        return {
-            did: result.did,
-            doc: result.doc,
-            log: result.log,
-            meta: result.meta
-        };
-    }
-    /**
-     * Update an existing Original
-     * This is a convenience proxy that routes to the appropriate specialized update method.
-     * Currently proxies to updateDIDOriginal(), but can be extended for other Original types.
-     *
-     * @param options - Update options (discriminated union by type)
-     * @returns Updated DID, document, log, and metadata
-     */
-    static async updateOriginal(options) {
-        // Route based on type discriminator
-        switch (options.type) {
-            case 'did':
-                return OriginalsSDK.updateDIDOriginal(options);
-            default:
-                // TypeScript exhaustiveness check
-                const _exhaustive = options;
-                throw new Error(`Unsupported Original type: ${_exhaustive.type}`);
-        }
-    }
-    /**
-     * Update an existing DID-based Original (DID document/log)
-     * This wraps didwebvh-ts's updateDID function to ensure didwebvh-ts is only imported within the SDK.
-     *
-     * @param options - Update options matching didwebvh-ts updateDID interface
-     * @returns Updated DID, document, log, and metadata
-     */
-    static async updateDIDOriginal(options) {
-        // Dynamically import didwebvh-ts to avoid module resolution issues
-        const mod = await import('didwebvh-ts');
-        const { updateDID } = mod;
-        // Runtime validation
-        if (typeof updateDID !== 'function') {
-            throw new Error('Failed to load didwebvh-ts: updateDID is not a function');
-        }
-        // Prepare options for updateDID
-        const updateOptions = {
-            log: options.log,
-            signer: options.signer,
-            verifier: options.verifier || options.signer, // Use signer as verifier if not provided
-        };
-        // Add optional parameters
-        if (options.updateKeys !== undefined)
-            updateOptions.updateKeys = options.updateKeys;
-        if (options.verificationMethods !== undefined)
-            updateOptions.verificationMethods = options.verificationMethods;
-        if (options.services !== undefined)
-            updateOptions.services = options.services;
-        if (options.controller !== undefined)
-            updateOptions.controller = options.controller;
-        if (options.context !== undefined)
-            updateOptions.context = options.context;
-        if (options.alsoKnownAs !== undefined)
-            updateOptions.alsoKnownAs = options.alsoKnownAs;
-        if (options.portable !== undefined)
-            updateOptions.portable = options.portable;
-        if (options.nextKeyHashes !== undefined)
-            updateOptions.nextKeyHashes = options.nextKeyHashes;
-        if (options.authentication !== undefined)
-            updateOptions.authentication = options.authentication;
-        if (options.assertionMethod !== undefined)
-            updateOptions.assertionMethod = options.assertionMethod;
-        if (options.keyAgreement !== undefined)
-            updateOptions.keyAgreement = options.keyAgreement;
-        if (options.domain !== undefined)
-            updateOptions.domain = options.domain;
-        // Update the DID using didwebvh-ts
-        const result = await updateDID(updateOptions);
-        // Extract DID from the log if not returned directly
-        let did;
-        if (result.did) {
-            did = result.did;
-        }
-        else if (result.log && result.log.length > 0) {
-            // Extract DID from the document in the log
-            const latestDoc = result.log[result.log.length - 1]?.state;
-            did = latestDoc?.id || '';
-        }
-        else {
-            throw new Error('Cannot determine DID from update result');
-        }
-        return {
-            did,
-            doc: result.doc,
-            log: result.log,
-            meta: result.meta
-        };
-    }
-}

package/dist/crypto/Multikey.d.ts

@@ -1,30 +0,0 @@
-export declare const MULTICODEC_ED25519_PUB_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_ED25519_PRIV_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_SECP256K1_PUB_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_SECP256K1_PRIV_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_BLS12381_G2_PUB_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_BLS12381_G2_PRIV_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_P256_PUB_HEADER: Uint8Array<ArrayBuffer>;
-export declare const MULTICODEC_P256_PRIV_HEADER: Uint8Array<ArrayBuffer>;
-export type MultikeyType = 'Ed25519' | 'Secp256k1' | 'Bls12381G2' | 'P256';
-/**
- * Validates that a key string uses proper multikey format.
- * @param key - The multibase-encoded key string to validate
- * @param expectedType - The expected key type (e.g., 'Ed25519', 'Secp256k1')
- * @param isPrivate - Whether this is a private key (true) or public key (false)
- * @throws Error with descriptive message if validation fails
- */
-export declare function validateMultikeyFormat(key: string, expectedType: MultikeyType, isPrivate: boolean): void;
-export declare const multikey: {
-    encodePublicKey: (publicKey: Uint8Array, type: MultikeyType) => string;
-    encodePrivateKey: (privateKey: Uint8Array, type: MultikeyType) => string;
-    encodeMultibase: (data: Uint8Array | Buffer) => string;
-    decodePublicKey: (publicKeyMultibase: string) => {
-        key: Uint8Array;
-        type: MultikeyType;
-    };
-    decodePrivateKey: (privateKeyMultibase: string) => {
-        key: Uint8Array;
-        type: MultikeyType;
-    };
-};

package/dist/crypto/Multikey.js

@@ -1,149 +0,0 @@
-import { base58 } from '@scure/base';
-// Multicodec headers (varints) for supported key types
-export const MULTICODEC_ED25519_PUB_HEADER = new Uint8Array([0xed, 0x01]);
-export const MULTICODEC_ED25519_PRIV_HEADER = new Uint8Array([0x80, 0x26]);
-export const MULTICODEC_SECP256K1_PUB_HEADER = new Uint8Array([0xe7, 0x01]);
-export const MULTICODEC_SECP256K1_PRIV_HEADER = new Uint8Array([0x13, 0x01]);
-export const MULTICODEC_BLS12381_G2_PUB_HEADER = new Uint8Array([0xeb, 0x01]);
-export const MULTICODEC_BLS12381_G2_PRIV_HEADER = new Uint8Array([0x82, 0x26]);
-export const MULTICODEC_P256_PUB_HEADER = new Uint8Array([0x80, 0x24]);
-export const MULTICODEC_P256_PRIV_HEADER = new Uint8Array([0x81, 0x26]);
-function concatBytes(a, b) {
-    const out = new Uint8Array(a.length + b.length);
-    out.set(a, 0);
-    out.set(b, a.length);
-    return out;
-}
-/**
- * Validates that a key string uses proper multikey format.
- * @param key - The multibase-encoded key string to validate
- * @param expectedType - The expected key type (e.g., 'Ed25519', 'Secp256k1')
- * @param isPrivate - Whether this is a private key (true) or public key (false)
- * @throws Error with descriptive message if validation fails
- */
-export function validateMultikeyFormat(key, expectedType, isPrivate) {
-    // Validate multibase prefix
-    if (!key || typeof key !== 'string') {
-        throw new Error('Invalid multibase key format. Key must be a non-empty string.');
-    }
-    if (key[0] !== 'z') {
-        throw new Error('Invalid multibase key format. Keys must use z-base58btc encoding (prefix "z").');
-    }
-    // Attempt to decode and validate multicodec header
-    try {
-        const mc = base58.decode(key.slice(1));
-        if (mc.length < 2) {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        // Validate header matches expected type
-        const header = mc.slice(0, 2);
-        const expectedHeaders = isPrivate
-            ? {
-                Ed25519: MULTICODEC_ED25519_PRIV_HEADER,
-                Secp256k1: MULTICODEC_SECP256K1_PRIV_HEADER,
-                Bls12381G2: MULTICODEC_BLS12381_G2_PRIV_HEADER,
-                P256: MULTICODEC_P256_PRIV_HEADER
-            }
-            : {
-                Ed25519: MULTICODEC_ED25519_PUB_HEADER,
-                Secp256k1: MULTICODEC_SECP256K1_PUB_HEADER,
-                Bls12381G2: MULTICODEC_BLS12381_G2_PUB_HEADER,
-                P256: MULTICODEC_P256_PUB_HEADER
-            };
-        const expectedHeader = expectedHeaders[expectedType];
-        if (header[0] !== expectedHeader[0] || header[1] !== expectedHeader[1]) {
-            throw new Error(`Invalid multibase key format. Expected ${expectedType} ${isPrivate ? 'private' : 'public'} key with multicodec header [0x${expectedHeader[0].toString(16)}, 0x${expectedHeader[1].toString(16)}], but found [0x${header[0].toString(16)}, 0x${header[1].toString(16)}].`);
-        }
-        // Validate key length (basic sanity check)
-        const keyBytes = mc.slice(2);
-        const expectedLengths = {
-            Ed25519: { private: 32, public: 32 },
-            Secp256k1: { private: 32, public: 33 },
-            P256: { private: 32, public: 33 },
-            Bls12381G2: { private: 32, public: 96 }
-        };
-        const expectedLength = isPrivate
-            ? expectedLengths[expectedType].private
-            : expectedLengths[expectedType].public;
-        if (keyBytes.length !== expectedLength) {
-            throw new Error(`Invalid multibase key format. Expected ${expectedType} ${isPrivate ? 'private' : 'public'} key to be ${expectedLength} bytes, but found ${keyBytes.length} bytes.`);
-        }
-    }
-    catch (error) {
-        // Re-throw our own errors as-is
-        if (error instanceof Error && error.message.startsWith('Invalid multibase key format')) {
-            throw error;
-        }
-        // Base58 decode errors or other unexpected errors
-        throw new Error(`Invalid multibase key format. Keys must use multicodec headers. Decode error: ${error instanceof Error ? error.message : String(error)}`);
-    }
-}
-export const multikey = {
-    encodePublicKey: (publicKey, type) => {
-        const header = type === 'Ed25519'
-            ? MULTICODEC_ED25519_PUB_HEADER
-            : type === 'Secp256k1'
-                ? MULTICODEC_SECP256K1_PUB_HEADER
-                : type === 'Bls12381G2'
-                    ? MULTICODEC_BLS12381_G2_PUB_HEADER
-                    : MULTICODEC_P256_PUB_HEADER;
-        const mcBytes = concatBytes(header, publicKey);
-        return 'z' + base58.encode(mcBytes);
-    },
-    encodePrivateKey: (privateKey, type) => {
-        const header = type === 'Ed25519'
-            ? MULTICODEC_ED25519_PRIV_HEADER
-            : type === 'Secp256k1'
-                ? MULTICODEC_SECP256K1_PRIV_HEADER
-                : type === 'Bls12381G2'
-                    ? MULTICODEC_BLS12381_G2_PRIV_HEADER
-                    : MULTICODEC_P256_PRIV_HEADER;
-        const mcBytes = concatBytes(header, privateKey);
-        return 'z' + base58.encode(mcBytes);
-    },
-    encodeMultibase: (data) => {
-        return 'z' + base58.encode(data instanceof Buffer ? new Uint8Array(data) : data);
-    },
-    decodePublicKey: (publicKeyMultibase) => {
-        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid Multibase encoding');
-        }
-        const mc = base58.decode(publicKeyMultibase.slice(1));
-        const header = mc.slice(0, 2);
-        const key = mc.slice(2);
-        if (header[0] === MULTICODEC_ED25519_PUB_HEADER[0] && header[1] === MULTICODEC_ED25519_PUB_HEADER[1]) {
-            return { key, type: 'Ed25519' };
-        }
-        if (header[0] === MULTICODEC_SECP256K1_PUB_HEADER[0] && header[1] === MULTICODEC_SECP256K1_PUB_HEADER[1]) {
-            return { key, type: 'Secp256k1' };
-        }
-        if (header[0] === MULTICODEC_BLS12381_G2_PUB_HEADER[0] && header[1] === MULTICODEC_BLS12381_G2_PUB_HEADER[1]) {
-            return { key, type: 'Bls12381G2' };
-        }
-        if (header[0] === MULTICODEC_P256_PUB_HEADER[0] && header[1] === MULTICODEC_P256_PUB_HEADER[1]) {
-            return { key, type: 'P256' };
-        }
-        throw new Error('Unsupported key type');
-    },
-    decodePrivateKey: (privateKeyMultibase) => {
-        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid Multibase encoding');
-        }
-        const mc = base58.decode(privateKeyMultibase.slice(1));
-        const header = mc.slice(0, 2);
-        const key = mc.slice(2);
-        if (header[0] === MULTICODEC_ED25519_PRIV_HEADER[0] && header[1] === MULTICODEC_ED25519_PRIV_HEADER[1]) {
-            return { key, type: 'Ed25519' };
-        }
-        if (header[0] === MULTICODEC_SECP256K1_PRIV_HEADER[0] && header[1] === MULTICODEC_SECP256K1_PRIV_HEADER[1]) {
-            return { key, type: 'Secp256k1' };
-        }
-        if (header[0] === MULTICODEC_BLS12381_G2_PRIV_HEADER[0] && header[1] === MULTICODEC_BLS12381_G2_PRIV_HEADER[1]) {
-            return { key, type: 'Bls12381G2' };
-        }
-        if (header[0] === MULTICODEC_P256_PRIV_HEADER[0] && header[1] === MULTICODEC_P256_PRIV_HEADER[1]) {
-            return { key, type: 'P256' };
-        }
-        throw new Error('Unsupported key type');
-    }
-};

package/dist/crypto/Signer.d.ts

@@ -1,21 +0,0 @@
-import './noble-init.js';
-export declare abstract class Signer {
-    abstract sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
-    abstract verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
-}
-export declare class ES256KSigner extends Signer {
-    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
-    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
-}
-export declare class Ed25519Signer extends Signer {
-    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
-    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
-}
-export declare class ES256Signer extends Signer {
-    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
-    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
-}
-export declare class Bls12381G2Signer extends Signer {
-    sign(data: Buffer, privateKeyMultibase: string): Promise<Buffer>;
-    verify(data: Buffer, signature: Buffer, publicKeyMultibase: string): Promise<boolean>;
-}

package/dist/crypto/Signer.js

@@ -1,196 +0,0 @@
-// Initialize noble crypto libraries first (idempotent - safe to import multiple times)
-import './noble-init.js';
-export class Signer {
-}
-import { bls12_381 as bls } from '@noble/curves/bls12-381';
-import { p256 } from '@noble/curves/p256';
-import { sha256 } from '@noble/hashes/sha2.js';
-import * as secp256k1 from '@noble/secp256k1';
-import * as ed25519 from '@noble/ed25519';
-import { multikey } from './Multikey';
-export class ES256KSigner extends Signer {
-    async sign(data, privateKeyMultibase) {
-        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePrivateKey(privateKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Secp256k1') {
-            throw new Error('Invalid key type for ES256K');
-        }
-        const privateKey = decoded.key;
-        const hash = sha256(data);
-        const sigAny = await secp256k1.signAsync(hash, privateKey);
-        const sigBytes = sigAny instanceof Uint8Array
-            ? sigAny
-            : typeof sigAny?.toCompactRawBytes === 'function'
-                ? sigAny.toCompactRawBytes()
-                : typeof sigAny?.toRawBytes === 'function'
-                    ? sigAny.toRawBytes()
-                    : new Uint8Array(sigAny);
-        return Buffer.from(sigBytes);
-    }
-    async verify(data, signature, publicKeyMultibase) {
-        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePublicKey(publicKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Secp256k1') {
-            throw new Error('Invalid key type for ES256K');
-        }
-        const publicKey = decoded.key;
-        const hash = sha256(data);
-        try {
-            return secp256k1.verify(signature, hash, publicKey);
-        }
-        catch {
-            return false;
-        }
-    }
-}
-export class Ed25519Signer extends Signer {
-    async sign(data, privateKeyMultibase) {
-        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePrivateKey(privateKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Ed25519') {
-            throw new Error('Invalid key type for Ed25519');
-        }
-        const privateKey = decoded.key;
-        const signature = await ed25519.signAsync(data, privateKey);
-        return Buffer.from(signature);
-    }
-    async verify(data, signature, publicKeyMultibase) {
-        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePublicKey(publicKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Ed25519') {
-            throw new Error('Invalid key type for Ed25519');
-        }
-        const publicKey = decoded.key;
-        try {
-            return await ed25519.verifyAsync(signature, data, publicKey);
-        }
-        catch {
-            return false;
-        }
-    }
-}
-export class ES256Signer extends Signer {
-    async sign(data, privateKeyMultibase) {
-        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePrivateKey(privateKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'P256') {
-            throw new Error('Invalid key type for ES256');
-        }
-        const privateKey = decoded.key;
-        const hash = sha256(data);
-        const sigAny = p256.sign(hash, privateKey);
-        const sigBytes = sigAny instanceof Uint8Array
-            ? sigAny
-            : typeof sigAny?.toCompactRawBytes === 'function'
-                ? sigAny.toCompactRawBytes()
-                : typeof sigAny?.toRawBytes === 'function'
-                    ? sigAny.toRawBytes()
-                    : new Uint8Array(sigAny);
-        return Buffer.from(sigBytes);
-    }
-    async verify(data, signature, publicKeyMultibase) {
-        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePublicKey(publicKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'P256') {
-            throw new Error('Invalid key type for ES256');
-        }
-        const publicKey = decoded.key;
-        const hash = sha256(data);
-        try {
-            return p256.verify(signature, hash, publicKey);
-        }
-        catch {
-            return false;
-        }
-    }
-}
-export class Bls12381G2Signer extends Signer {
-    async sign(data, privateKeyMultibase) {
-        if (!privateKeyMultibase || privateKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePrivateKey(privateKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Bls12381G2') {
-            throw new Error('Invalid key type for Bls12381G2');
-        }
-        const sk = decoded.key;
-        const sig = await bls.sign(data, sk);
-        return Buffer.from(sig);
-    }
-    async verify(data, signature, publicKeyMultibase) {
-        if (!publicKeyMultibase || publicKeyMultibase[0] !== 'z') {
-            throw new Error('Invalid multibase key format. Keys must use multicodec headers.');
-        }
-        let decoded;
-        try {
-            decoded = multikey.decodePublicKey(publicKeyMultibase);
-        }
-        catch (error) {
-            throw new Error(`Invalid multibase key format. Keys must use multicodec headers. ${error instanceof Error ? error.message : String(error)}`);
-        }
-        if (decoded.type !== 'Bls12381G2') {
-            throw new Error('Invalid key type for Bls12381G2');
-        }
-        const pk = decoded.key;
-        try {
-            return await bls.verify(signature, data, pk);
-        }
-        catch {
-            return false;
-        }
-    }
-}