@originals/sdk 1.8.0 → 1.8.2

package/src/vc/Issuer.ts

@@ -0,0 +1,105 @@
+import { VerifiableCredential, VerifiablePresentation } from '../types';
+import { multikey, MultikeyType } from '../crypto/Multikey';
+import { DIDManager } from '../did/DIDManager';
+import { createDocumentLoader } from './documentLoader';
+import { DataIntegrityProofManager } from './proofs/data-integrity';
+
+export interface IssueOptions {
+  proofPurpose: 'assertionMethod' | 'authentication';
+  documentLoader?: (iri: string) => Promise<{ document: unknown; documentUrl: string; contextUrl: string | null }>;
+  challenge?: string;
+  domain?: string;
+}
+
+export type VerificationMethodLike = {
+  id: string;
+  controller: string;
+  publicKeyMultibase: string;
+  secretKeyMultibase?: string;
+  type?: string;
+};
+
+export class Issuer {
+  constructor(private didManager: DIDManager, private verificationMethod: VerificationMethodLike) {}
+
+  private inferKeyType(publicKeyMultibase: string): MultikeyType {
+    try {
+      return multikey.decodePublicKey(publicKeyMultibase).type;
+    } catch {
+      return 'Ed25519';
+    }
+  }
+
+  async issueCredential(
+    unsigned: Omit<VerifiableCredential, '@context' | 'proof'>,
+    options: IssueOptions
+  ): Promise<VerifiableCredential> {
+    const documentLoader = options.documentLoader || createDocumentLoader(this.didManager);
+    await documentLoader(this.verificationMethod.id);
+
+    const issuerId = typeof unsigned.issuer === 'string' ? unsigned.issuer : (unsigned.issuer as { id?: string })?.id;
+    const credential: VerifiableCredential = {
+      ...unsigned,
+      '@context': ['https://www.w3.org/ns/credentials/v2'],
+      issuer: issuerId || this.verificationMethod.controller,
+      proof: undefined
+    } as VerifiableCredential;
+
+    if (!this.verificationMethod.secretKeyMultibase) {
+      throw new Error('Missing secretKeyMultibase for issuance');
+    }
+    const keyType = this.inferKeyType(this.verificationMethod.publicKeyMultibase);
+    if (keyType !== 'Ed25519') {
+      throw new Error('Only Ed25519 supported for eddsa-rdfc-2022');
+    }
+    const proof = await DataIntegrityProofManager.createProof(credential, {
+      verificationMethod: this.verificationMethod.id,
+      proofPurpose: options.proofPurpose,
+      cryptosuite: 'eddsa-rdfc-2022',
+      type: 'DataIntegrityProof',
+      privateKey: this.verificationMethod.secretKeyMultibase,
+      documentLoader
+    });
+    return { ...credential, proof } as VerifiableCredential;
+  }
+
+  async issuePresentation(
+    presentation: Omit<VerifiablePresentation, '@context' | 'proof'>,
+    options: IssueOptions
+  ): Promise<VerifiablePresentation> {
+    const documentLoader = options.documentLoader || createDocumentLoader(this.didManager);
+    await documentLoader(this.verificationMethod.id);
+
+    if (!this.verificationMethod.secretKeyMultibase) {
+      throw new Error('Missing secretKeyMultibase for issuance');
+    }
+    const keyType = this.inferKeyType(this.verificationMethod.publicKeyMultibase);
+    if (keyType !== 'Ed25519') {
+      throw new Error('Only Ed25519 supported for eddsa-rdfc-2022');
+    }
+    const presentationWithContext = {
+      ...presentation,
+      '@context': ['https://www.w3.org/ns/credentials/v2']
+    } as Record<string, unknown>;
+
+    const proof = await DataIntegrityProofManager.createProof(
+      presentationWithContext,
+      {
+        verificationMethod: this.verificationMethod.id,
+        proofPurpose: options.proofPurpose,
+        cryptosuite: 'eddsa-rdfc-2022',
+        type: 'DataIntegrityProof',
+        privateKey: this.verificationMethod.secretKeyMultibase,
+        challenge: options.challenge,
+        domain: options.domain,
+        documentLoader
+      }
+    );
+    return {
+      ...presentation,
+      '@context': ['https://www.w3.org/ns/credentials/v2'],
+      proof
+    } as VerifiablePresentation;
+  }
+}
+

package/src/vc/Verifier.ts

@@ -0,0 +1,54 @@
+import { VerifiableCredential, VerifiablePresentation } from '../types';
+import { DIDManager } from '../did/DIDManager';
+import { createDocumentLoader } from './documentLoader';
+import { DataIntegrityProofManager } from './proofs/data-integrity';
+import type { DataIntegrityProof } from './cryptosuites/eddsa';
+
+export type VerificationResult = { verified: boolean; errors: string[] };
+
+export class Verifier {
+  constructor(private didManager: DIDManager) {}
+
+  async verifyCredential(vc: VerifiableCredential, options: { documentLoader?: (iri: string) => Promise<unknown> } = {}): Promise<VerificationResult> {
+    try {
+      if (!vc || !vc['@context'] || !vc.type) throw new Error('Invalid credential');
+      if (!vc.proof) throw new Error('Credential has no proof');
+      const loader = options.documentLoader || createDocumentLoader(this.didManager);
+      const vcContext = vc['@context'];
+      const ctxs: string[] = Array.isArray(vcContext) ? vcContext.filter((c): c is string => typeof c === 'string') : [String(vcContext)];
+      for (const c of ctxs) await loader(c);
+      const proofValue = vc.proof;
+      const proof = Array.isArray(proofValue) ? proofValue[0] : proofValue;
+      const result = await DataIntegrityProofManager.verifyProof(vc, proof as unknown as DataIntegrityProof, { documentLoader: loader });
+      return result.verified ? { verified: true, errors: [] } : { verified: false, errors: result.errors ?? ['Verification failed'] };
+    } catch (e) {
+      const error = e as Error;
+      return { verified: false, errors: [error?.message ?? 'Unknown error in verifyCredential'] };
+    }
+  }
+
+  async verifyPresentation(vp: VerifiablePresentation, options: { documentLoader?: (iri: string) => Promise<unknown> } = {}): Promise<VerificationResult> {
+    try {
+      if (!vp || !vp['@context'] || !vp.type) throw new Error('Invalid presentation');
+      if (!vp.proof) throw new Error('Presentation has no proof');
+      const loader = options.documentLoader || createDocumentLoader(this.didManager);
+      const vpContext = vp['@context'];
+      const ctxs: string[] = Array.isArray(vpContext) ? vpContext.filter((c): c is string => typeof c === 'string') : [String(vpContext)];
+      for (const c of ctxs) await loader(c);
+      if (vp.verifiableCredential) {
+        for (const c of vp.verifiableCredential) {
+          const res = await this.verifyCredential(c, { documentLoader: loader });
+          if (!res.verified) return res;
+        }
+      }
+      const proofValue = vp.proof;
+      const proof = Array.isArray(proofValue) ? proofValue[0] : proofValue;
+      const result = await DataIntegrityProofManager.verifyProof(vp, proof as unknown as DataIntegrityProof, { documentLoader: loader });
+      return result.verified ? { verified: true, errors: [] } : { verified: false, errors: result.errors ?? ['Verification failed'] };
+    } catch (e) {
+      const error = e as Error;
+      return { verified: false, errors: [error?.message ?? 'Unknown error in verifyPresentation'] };
+    }
+  }
+}
+

package/src/vc/cryptosuites/bbs.ts

@@ -0,0 +1,253 @@
+import * as cbor from 'cbor-js';
+
+/**
+ * Minimal BBS utility methods ported from legacy for working with
+ * Data Integrity BBS (bbs-2023) base and derived proof value encoding.
+ *
+ * Notes:
+ * - This module focuses on serialization/parsing helpers used by callers
+ *   to pack/unpack proof values. It does not perform signing or verification.
+ * - All methods operate on Uint8Array inputs and return multibase strings
+ *   (base64url with 'u' prefix) where applicable to match the spec.
+ */
+export class BBSCryptosuiteUtils {
+  private static encodeBase64urlNoPad(bytes: Uint8Array): string {
+    const b64 = Buffer.from(bytes).toString('base64');
+    const b64url = b64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/g, '');
+    return 'u' + b64url;
+  }
+
+  private static decodeBase64urlNoPad(s: string): Uint8Array {
+    if (!s.startsWith('u')) throw new Error('Not a multibase base64url (u- prefixed) string');
+    const raw = s.slice(1);
+    const b64 = raw.replace(/-/g, '+').replace(/_/g, '/');
+    const pad = b64.length % 4 === 2 ? '==' : b64.length % 4 === 3 ? '=' : '';
+    return new Uint8Array(Buffer.from(b64 + pad, 'base64'));
+  }
+  private static compareBytes(a: Uint8Array, b: number[]): boolean {
+    if (a.length !== b.length) return false;
+    for (let i = 0; i < b.length; i++) {
+      if (a[i] !== b[i]) return false;
+    }
+    return true;
+  }
+
+  private static concatBytes(a: Uint8Array, b: Uint8Array): Uint8Array {
+    const out = new Uint8Array(a.length + b.length);
+    out.set(a, 0);
+    out.set(b, a.length);
+    return out;
+  }
+
+  // ===== Base proof (serialize/parse) =====
+
+  static serializeBaseProofValue(
+    bbsSignature: Uint8Array,
+    bbsHeader: Uint8Array,
+    publicKey: Uint8Array,
+    hmacKey: Uint8Array,
+    mandatoryPointers: string[],
+    featureOption: 'baseline' | 'anonymous_holder_binding' | 'pseudonym_issuer_pid' | 'pseudonym_hidden_pid',
+    pid?: Uint8Array,
+    signerBlind?: Uint8Array
+  ): string {
+    let headerBytes: Uint8Array;
+    let components: (Uint8Array | string[] | Uint8Array)[];
+
+    switch (featureOption) {
+      case 'baseline':
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x02]);
+        components = [bbsSignature, bbsHeader, publicKey, hmacKey, mandatoryPointers];
+        break;
+      case 'anonymous_holder_binding':
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x04]);
+        if (!signerBlind) throw new Error('signerBlind is required for anonymous_holder_binding');
+        components = [bbsSignature, bbsHeader, publicKey, hmacKey, mandatoryPointers, signerBlind];
+        break;
+      case 'pseudonym_issuer_pid':
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x06]);
+        if (!pid) throw new Error('pid is required for pseudonym_issuer_pid');
+        components = [bbsSignature, bbsHeader, publicKey, hmacKey, mandatoryPointers, pid];
+        break;
+      case 'pseudonym_hidden_pid':
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x08]);
+        if (!signerBlind) throw new Error('signerBlind is required for pseudonym_hidden_pid');
+        components = [bbsSignature, bbsHeader, publicKey, hmacKey, mandatoryPointers, signerBlind];
+        break;
+      default:
+        throw new Error(`Unsupported feature option: ${featureOption}`);
+    }
+
+    const encodedComponents = cbor.encode(components);
+    const proofBytes = BBSCryptosuiteUtils.concatBytes(headerBytes, new Uint8Array(encodedComponents));
+    return BBSCryptosuiteUtils.encodeBase64urlNoPad(proofBytes);
+  }
+
+  static parseBaseProofValue(proofValue: string): {
+    bbsSignature: Uint8Array;
+    bbsHeader: Uint8Array;
+    publicKey: Uint8Array;
+    hmacKey: Uint8Array;
+    mandatoryPointers: string[];
+    featureOption: 'baseline' | 'anonymous_holder_binding' | 'pseudonym_issuer_pid' | 'pseudonym_hidden_pid' | 'base_proof';
+    pid?: Uint8Array;
+    signerBlind?: Uint8Array;
+  } {
+    const decoded = BBSCryptosuiteUtils.decodeBase64urlNoPad(proofValue);
+    const header = decoded.slice(0, 3);
+    let featureOption: any;
+    if (this.compareBytes(header, [0xd9, 0x5d, 0x02])) featureOption = 'baseline';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x04])) featureOption = 'anonymous_holder_binding';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x06])) featureOption = 'pseudonym_issuer_pid';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x08])) featureOption = 'pseudonym_hidden_pid';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x03])) featureOption = 'base_proof';
+    else throw new Error('Invalid BBS base proof header');
+
+    const components: any[] = cbor.decode(decoded.slice(3).buffer) as any[];
+    const base = {
+      bbsSignature: components[0] as Uint8Array,
+      bbsHeader: components[1] as Uint8Array,
+      publicKey: components[2] as Uint8Array,
+      hmacKey: components[3] as Uint8Array,
+      mandatoryPointers: components[4] as string[],
+      featureOption
+    } as any;
+
+    if (featureOption === 'anonymous_holder_binding' || featureOption === 'pseudonym_hidden_pid') {
+      base.signerBlind = components[5] as Uint8Array;
+    }
+    if (featureOption === 'pseudonym_issuer_pid') {
+      base.pid = components[5] as Uint8Array;
+    }
+    return base;
+  }
+
+  // ===== Label map compression helpers =====
+
+  private static compressLabelMap(labelMap: { [key: string]: string }): { [key: string]: string } {
+    const map: { [key: string]: string } = {};
+    for (const [k, v] of Object.entries(labelMap)) {
+      const c14nMatch = k.match(/^c14n(\d+)$/);
+      const bMatch = v.match(/^b(\d+)$/);
+      if (!c14nMatch || !bMatch) {
+        throw new Error(`Invalid label map entry: ${k} -> ${v}`);
+      }
+      const key = parseInt(c14nMatch[1], 10);
+      const value = parseInt(bMatch[1], 10);
+      map[key] = value.toString();
+    }
+    return map;
+  }
+
+  private static decompressLabelMap(compressed: { [key: string]: string }): { [key: string]: string } {
+    const map: { [key: string]: string } = {};
+    for (const [k, v] of Object.entries(compressed)) {
+      map[`c14n${k}`] = `b${v}`;
+    }
+    return map;
+  }
+
+  // ===== Derived proof (serialize/parse) =====
+
+  static serializeDerivedProofValue(
+    bbsProof: Uint8Array,
+    labelMap: { [key: string]: string },
+    mandatoryIndexes: number[],
+    selectiveIndexes: number[],
+    presentationHeader: Uint8Array,
+    featureOption: 'baseline' | 'anonymous_holder_binding' | 'pseudonym',
+    pseudonym?: string,
+    lengthBBSMessages?: number
+  ): string {
+    const compressedLabelMap = this.compressLabelMap(labelMap);
+
+    let headerBytes: Uint8Array;
+    let components: (Uint8Array | { [key: string]: string } | number[] | number | string)[];
+
+    switch (featureOption) {
+      case 'baseline':
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x03]);
+        components = [
+          bbsProof,
+          compressedLabelMap,
+          mandatoryIndexes,
+          selectiveIndexes,
+          presentationHeader
+        ];
+        break;
+      case 'anonymous_holder_binding':
+        if (typeof lengthBBSMessages !== 'number') {
+          throw new Error('lengthBBSMessages is required for anonymous_holder_binding');
+        }
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x05]);
+        components = [
+          bbsProof,
+          compressedLabelMap,
+          mandatoryIndexes,
+          selectiveIndexes,
+          presentationHeader,
+          lengthBBSMessages
+        ];
+        break;
+      case 'pseudonym':
+        if (!pseudonym || typeof lengthBBSMessages !== 'number') {
+          throw new Error('pseudonym and lengthBBSMessages are required for pseudonym features');
+        }
+        headerBytes = new Uint8Array([0xd9, 0x5d, 0x07]);
+        components = [
+          bbsProof,
+          compressedLabelMap,
+          mandatoryIndexes,
+          selectiveIndexes,
+          presentationHeader,
+          pseudonym,
+          lengthBBSMessages
+        ];
+        break;
+      default:
+        throw new Error(`Unsupported feature option: ${featureOption}`);
+    }
+
+    const encodedComponents = cbor.encode(components);
+    const proofBytes = this.concatBytes(headerBytes, new Uint8Array(encodedComponents));
+    return this.encodeBase64urlNoPad(proofBytes);
+  }
+
+  static parseDerivedProofValue(proofValue: string): {
+    bbsProof: Uint8Array;
+    labelMap: { [key: string]: string };
+    mandatoryIndexes: number[];
+    selectiveIndexes: number[];
+    presentationHeader: Uint8Array;
+    featureOption: 'baseline' | 'anonymous_holder_binding' | 'pseudonym';
+    pseudonym?: string;
+    lengthBBSMessages?: number;
+  } {
+    const decoded = this.decodeBase64urlNoPad(proofValue);
+    const header = decoded.slice(0, 3);
+    let featureOption: 'baseline' | 'anonymous_holder_binding' | 'pseudonym';
+    if (this.compareBytes(header, [0xd9, 0x5d, 0x03])) featureOption = 'baseline';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x05])) featureOption = 'anonymous_holder_binding';
+    else if (this.compareBytes(header, [0xd9, 0x5d, 0x07])) featureOption = 'pseudonym';
+    else throw new Error('Invalid BBS derived proof header');
+
+    const components: any[] = cbor.decode(decoded.slice(3).buffer) as any[];
+    const decompressedLabelMap = this.decompressLabelMap(components[1]);
+    const result: any = {
+      bbsProof: components[0],
+      labelMap: decompressedLabelMap,
+      mandatoryIndexes: components[2],
+      selectiveIndexes: components[3],
+      presentationHeader: components[4],
+      featureOption
+    };
+    if (featureOption === 'anonymous_holder_binding') {
+      result.lengthBBSMessages = components[5];
+    } else if (featureOption === 'pseudonym') {
+      result.pseudonym = components[5];
+      result.lengthBBSMessages = components[6];
+    }
+    return result;
+  }
+}
+

package/src/vc/cryptosuites/bbsSimple.ts

@@ -0,0 +1,21 @@
+import { sha256 } from '@noble/hashes/sha2.js';
+
+export type BbsKeyPair = {
+  publicKey: Uint8Array;
+  privateKey: Uint8Array;
+};
+
+export class BbsSimple {
+  static readonly CIPHERSUITE = 'BLS12-381-SHA-256';
+
+  static async sign(messages: Uint8Array[], keypair: BbsKeyPair, header?: Uint8Array): Promise<Uint8Array> {
+    const headerBytes = header ?? new Uint8Array(sha256(new Uint8Array(0)));
+    throw new Error('BbsSimple.sign is not implemented');
+  }
+
+  static async verify(messages: Uint8Array[], signature: Uint8Array, publicKey: Uint8Array, header?: Uint8Array): Promise<boolean> {
+    const headerBytes = header ?? new Uint8Array(sha256(new Uint8Array(0)));
+    throw new Error('BbsSimple.verify is not implemented');
+  }
+}
+

package/src/vc/cryptosuites/eddsa.ts

@@ -0,0 +1,99 @@
+import { base58 } from '@scure/base';
+import * as ed25519 from '@noble/ed25519';
+import { canonize, canonizeProof } from '../utils/jsonld';
+import { multikey } from '../../crypto/Multikey';
+import { sha256Bytes } from '../../utils/hash';
+
+export interface DataIntegrityProof {
+  type: 'DataIntegrityProof';
+  cryptosuite: string;
+  created?: string;
+  verificationMethod: string;
+  proofPurpose: string;
+  proofValue: string;
+  id?: string;
+  previousProof?: string | string[];
+}
+
+export interface VerificationResult {
+  verified: boolean;
+  errors?: string[];
+}
+
+export class EdDSACryptosuiteManager {
+
+  static async createProof(document: any, options: any): Promise<DataIntegrityProof> {
+    const proofConfig = await this.createProofConfiguration(options);
+    const transformedData = await this.transform(document, options);
+    const hashData = await this.hash(transformedData, proofConfig, options);
+    let privateKey: Uint8Array;
+    if (typeof options.privateKey === 'string') {
+      const dec = multikey.decodePrivateKey(options.privateKey);
+      if (dec.type !== 'Ed25519') throw new Error('Invalid key type for EdDSA');
+      privateKey = dec.key;
+    } else if (options.privateKey instanceof Uint8Array) {
+      privateKey = options.privateKey;
+    } else {
+      throw new Error('Invalid private key format');
+    }
+    const proofValueBytes = await this.sign({ data: hashData, privateKey });
+    delete (proofConfig as any)['@context'];
+    return { ...proofConfig, proofValue: base58.encode(proofValueBytes) } as DataIntegrityProof;
+  }
+
+  static async verifyProof(document: any, proof: DataIntegrityProof, options: any): Promise<VerificationResult> {
+    try {
+      const documentToVerify = { ...document };
+      delete (documentToVerify as any).proof;
+      const transformedData = await this.transform(documentToVerify, options);
+      const hashData = await this.hash(transformedData, { '@context': document['@context'], ...proof }, options);
+      const vmDoc = await options.documentLoader(proof.verificationMethod);
+      const pk = vmDoc.document.publicKeyMultibase as string;
+      const dec = multikey.decodePublicKey(pk);
+      if (dec.type !== 'Ed25519') throw new Error('Invalid key type for EdDSA');
+      const signature = base58.decode(proof.proofValue);
+      const verified = await this.verify({ data: hashData, signature, publicKey: dec.key });
+      return verified ? { verified: true } : { verified: false, errors: ['Proof verification failed'] };
+    } catch (e: any) {
+      return { verified: false, errors: [e?.message ?? 'Unknown verification error'] };
+    }
+  }
+
+  private static async createProofConfiguration(options: any): Promise<any> {
+    return {
+      '@context': 'https://w3id.org/security/data-integrity/v2',
+      type: 'DataIntegrityProof',
+      cryptosuite: 'eddsa-rdfc-2022',
+      created: new Date().toISOString(),
+      verificationMethod: options.verificationMethod,
+      proofPurpose: options.proofPurpose || 'assertionMethod',
+      ...(options.challenge && { challenge: options.challenge }),
+      ...(options.domain && { domain: options.domain })
+    };
+  }
+
+  private static async transform(document: any, options: any): Promise<string> {
+    return await canonize(document, { documentLoader: options.documentLoader });
+  }
+
+  private static async hash(transformedData: string, proofConfig: any, options: any): Promise<Uint8Array> {
+    const canonicalProofConfig = await canonizeProof(proofConfig, { documentLoader: options.documentLoader });
+    const proofConfigHash = await sha256Bytes(canonicalProofConfig);
+    const documentHash = await sha256Bytes(transformedData);
+    return new Uint8Array([...proofConfigHash, ...documentHash]);
+  }
+
+  static async sign({ data, privateKey }: { data: Uint8Array; privateKey: Uint8Array }): Promise<Uint8Array> {
+    if (privateKey.length !== 32) {
+      if (privateKey.length === 64) privateKey = privateKey.slice(32);
+      else throw new Error('Invalid private key length');
+    }
+    const signature = await ed25519.signAsync(Buffer.from(data).toString('hex'), Buffer.from(privateKey).toString('hex'));
+    return signature;
+  }
+
+  static async verify({ data, signature, publicKey }: { data: Uint8Array; signature: Uint8Array; publicKey: Uint8Array }): Promise<boolean> {
+    return await ed25519.verifyAsync(Buffer.from(signature).toString('hex'), Buffer.from(data).toString('hex'), Buffer.from(publicKey).toString('hex'));
+  }
+}
+

package/src/vc/documentLoader.ts

@@ -0,0 +1,81 @@
+import { DIDManager } from '../did/DIDManager';
+
+type LoadedDocument = { document: unknown; documentUrl: string; contextUrl: string | null };
+
+interface ContextDocument {
+  '@context': {
+    '@version': number;
+  };
+}
+
+const CONTEXTS: Record<string, ContextDocument> = {
+  // Provide 1.1-compatible stubs for jsonld canonize
+  'https://www.w3.org/ns/credentials/v2': { '@context': { '@version': 1.1 } },
+  'https://w3id.org/security/data-integrity/v2': { '@context': { '@version': 1.1 } }
+};
+
+export class DocumentLoader {
+  constructor(private didManager: DIDManager) {}
+
+  async load(iri: string): Promise<LoadedDocument> {
+    if (iri.startsWith('did:')) {
+      return this.resolveDID(iri);
+    }
+    const doc = CONTEXTS[iri];
+    if (doc) {
+      return { document: doc, documentUrl: iri, contextUrl: null };
+    }
+    throw new Error(`Document not found: ${iri}`);
+  }
+
+  private async resolveDID(didUrl: string): Promise<LoadedDocument> {
+    const [did, fragment] = didUrl.split('#');
+    const didDoc = await this.didManager.resolveDID(did);
+    if (!didDoc) {
+      throw new Error(`DID not resolved: ${did}`);
+    }
+
+    interface DIDDocWithContext {
+      '@context'?: unknown;
+      verificationMethod?: Array<{ id?: string }>;
+    }
+
+    const didDocTyped = didDoc as DIDDocWithContext;
+
+    if (fragment) {
+      // If a VM was registered explicitly, prefer it
+      const cached = verificationMethodRegistry.get(didUrl);
+      if (cached) {
+        return {
+          document: { '@context': didDocTyped['@context'], ...cached },
+          documentUrl: didUrl,
+          contextUrl: null
+        };
+      }
+      const vms = didDocTyped.verificationMethod;
+      const vm = vms?.find((m) => m.id === didUrl);
+      if (vm) {
+        return {
+          document: { '@context': didDocTyped['@context'], ...vm },
+          documentUrl: didUrl,
+          contextUrl: null
+        };
+      }
+      return {
+        document: { '@context': didDocTyped['@context'], id: didUrl },
+        documentUrl: didUrl,
+        contextUrl: null
+      };
+    }
+    return { document: didDoc, documentUrl: didUrl, contextUrl: null };
+  }
+}
+
+export const createDocumentLoader = (didManager: DIDManager) =>
+  (iri: string) => new DocumentLoader(didManager).load(iri);
+
+export const verificationMethodRegistry: Map<string, Record<string, unknown>> = new Map();
+export function registerVerificationMethod(vm: Record<string, unknown> & { id?: string }): void {
+  if (vm?.id) verificationMethodRegistry.set(vm.id, vm);
+}
+

package/src/vc/proofs/data-integrity.ts

@@ -0,0 +1,33 @@
+import { EdDSACryptosuiteManager, type DataIntegrityProof } from '../cryptosuites/eddsa';
+
+export interface VerificationResult { verified: boolean; errors?: string[] }
+
+export interface ProofOptions {
+  verificationMethod: string;
+  proofPurpose: string;
+  privateKey?: Uint8Array | string;
+  type: 'DataIntegrityProof';
+  created?: string;
+  cryptosuite: string;
+  documentLoader?: (url: string) => Promise<any>;
+  previousProof?: string | string[];
+  challenge?: string;
+  domain?: string;
+}
+
+export class DataIntegrityProofManager {
+  static async createProof(document: any, options: ProofOptions): Promise<DataIntegrityProof> {
+    if (options.cryptosuite !== 'eddsa-rdfc-2022') {
+      throw new Error(`Unsupported cryptosuite: ${options.cryptosuite}`);
+    }
+    return await EdDSACryptosuiteManager.createProof(document, options);
+  }
+
+  static async verifyProof(document: any, proof: DataIntegrityProof, options: any): Promise<VerificationResult> {
+    if (proof.cryptosuite !== 'eddsa-rdfc-2022') {
+      return { verified: false, errors: [`Unsupported cryptosuite: ${proof.cryptosuite}`] };
+    }
+    return await EdDSACryptosuiteManager.verifyProof(document, proof, options);
+  }
+}
+

package/src/vc/utils/jsonld.ts

@@ -0,0 +1,18 @@
+import jsonld from 'jsonld';
+
+export async function canonize(input: any, { documentLoader }: any): Promise<string> {
+  return await jsonld.canonize(input, {
+    algorithm: 'URDNA2015',
+    format: 'application/n-quads',
+    documentLoader,
+    safe: false,
+    useNative: false,
+    rdfDirection: 'i18n-datatype'
+  } as any);
+}
+
+export async function canonizeProof(proof: any, { documentLoader }: any): Promise<string> {
+  const { jws, signatureValue, proofValue, ...rest } = proof;
+  return await canonize(rest, { documentLoader });
+}
+