@pagopa/io-react-native-wallet 0.1.0

package/lib/typescript/wallet-instance-attestation/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/wallet-instance-attestation/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC;AAwBzB,MAAM,MAAM,mCAAmC,GAAG,CAAC,CAAC,KAAK,CACvD,OAAO,mCAAmC,CAC3C,CAAC;AACF,eAAO,MAAM,mCAAmC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc9C,CAAC;AAEH,MAAM,MAAM,4BAA4B,GAAG,CAAC,CAAC,KAAK,CAChD,OAAO,4BAA4B,CACpC,CAAC;AACF,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6BvC,CAAC"}

package/package.json

@@ -0,0 +1,108 @@
+{
+  "name": "@pagopa/io-react-native-wallet",
+  "version": "0.1.0",
+  "description": "Provide data structures, helpers and API for IO Wallet",
+  "main": "lib/commonjs/index",
+  "module": "lib/module/index",
+  "types": "lib/typescript/index.d.ts",
+  "react-native": "src/index",
+  "source": "src/index",
+  "files": [
+    "src",
+    "lib",
+    "android",
+    "ios",
+    "cpp",
+    "*.podspec",
+    "!lib/typescript/example",
+    "!ios/build",
+    "!android/build",
+    "!android/gradle",
+    "!android/gradlew",
+    "!android/gradlew.bat",
+    "!android/local.properties",
+    "!**/__tests__",
+    "!**/__fixtures__",
+    "!**/__mocks__",
+    "!**/.*"
+  ],
+  "scripts": {
+    "test": "jest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint \"src/**\"",
+    "prepack": "bob build",
+    "release": "release-it",
+    "example": "yarn --cwd example",
+    "bootstrap": "yarn example && yarn install",
+    "code-review": "yarn lint && yarn typecheck && yarn test"
+  },
+  "keywords": [
+    "react-native",
+    "ios",
+    "android"
+  ],
+  "repository": "https://github.com/pagopa/io-react-native-wallet",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/pagopa/io-react-native-wallet/issues"
+  },
+  "homepage": "https://github.com/pagopa/io-react-native-wallet#readme",
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/"
+  },
+  "devDependencies": {
+    "@pagopa/eslint-config": "^3.0.0",
+    "@pagopa/io-react-native-jwt": "^0.4.0",
+    "@react-native-community/eslint-config": "^3.2.0",
+    "@rushstack/eslint-patch": "^1.3.2",
+    "@types/jest": "^28.1.2",
+    "@types/react": "~17.0.21",
+    "@types/react-native": "0.70.0",
+    "del-cli": "^5.0.0",
+    "eslint": "^8.4.1",
+    "jest": "^28.1.1",
+    "pod-install": "^0.1.0",
+    "prettier": "^2.0.5",
+    "react": "18.2.0",
+    "react-native": "0.71.8",
+    "react-native-builder-bob": "^0.20.0",
+    "typescript": "^5.0.2"
+  },
+  "resolutions": {
+    "@types/react": "17.0.21"
+  },
+  "peerDependencies": {
+    "@pagopa/io-react-native-jwt": "*",
+    "react": "*",
+    "react-native": "*"
+  },
+  "engines": {
+    "node": ">= 16.0.0"
+  },
+  "packageManager": "^yarn@1.22.15",
+  "jest": {
+    "preset": "react-native",
+    "modulePathIgnorePatterns": [
+      "<rootDir>/example/node_modules",
+      "<rootDir>/lib/"
+    ]
+  },
+  "react-native-builder-bob": {
+    "source": "src",
+    "output": "lib",
+    "targets": [
+      "commonjs",
+      "module",
+      [
+        "typescript",
+        {
+          "project": "tsconfig.build.json"
+        }
+      ]
+    ]
+  },
+  "dependencies": {
+    "react-native-uuid": "^2.0.1",
+    "zod": "^3.21.4"
+  }
+}

package/src/index.ts

@@ -0,0 +1,8 @@
+import * as PID from "./pid";
+import * as WalletInstanceAttestation from "./wallet-instance-attestation";
+
+export function multiply(a: number, b: number): Promise<number> {
+  return Promise.resolve(a * b);
+}
+
+export { PID, WalletInstanceAttestation };

package/src/pid/index.ts

@@ -0,0 +1,2 @@
+import * as SdJwt from "./sd-jwt";
+export { SdJwt };

package/src/pid/sd-jwt/converters.ts

@@ -0,0 +1,26 @@
+import { getValueFromDisclosures } from "../../sd-jwt/converters";
+import type { Disclosure, SdJwt4VC } from "../../sd-jwt/types";
+import { PID } from "./types";
+
+export function pidFromToken(sdJwt: SdJwt4VC, disclosures: Disclosure[]): PID {
+  return PID.parse({
+    issuer: sdJwt.payload.iss,
+    issuedAt: new Date(sdJwt.payload.iat * 1000),
+    expiration: new Date(sdJwt.payload.exp * 1000),
+    verification: {
+      trustFramework:
+        sdJwt.payload.verified_claims.verification.trust_framework,
+      assuranceLevel:
+        sdJwt.payload.verified_claims.verification.assurance_level,
+      evidence: getValueFromDisclosures(disclosures, "evidence"),
+    },
+    claims: {
+      uniqueId: getValueFromDisclosures(disclosures, "unique_id"),
+      givenName: getValueFromDisclosures(disclosures, "given_name"),
+      familyName: getValueFromDisclosures(disclosures, "family_name"),
+      birthdate: getValueFromDisclosures(disclosures, "birthdate"),
+      placeOfBirth: getValueFromDisclosures(disclosures, "place_of_birth"),
+      taxIdCode: getValueFromDisclosures(disclosures, "tax_id_number"),
+    },
+  });
+}

package/src/pid/sd-jwt/index.ts

@@ -0,0 +1,71 @@
+import { decode as decodeJwt } from "../../sd-jwt";
+import { verify as verifyJwt } from "../../sd-jwt";
+import { PID } from "./types";
+import { pidFromToken } from "./converters";
+import { Disclosure, SdJwt4VC } from "../../sd-jwt/types";
+
+/**
+ * Decode a given SD-JWT with Disclosures to get the parsed PID object they define.
+ * It ensures provided data is in a valid shape.
+ *
+ * It DOES NOT verify token signature nor check disclosures are correctly referenced by the SD-JWT.
+ * Use {@link verify} instead
+ *
+ * @function
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ *
+ * @returns The validated PID object along with the parsed SD-JWT token and the parsed disclosures
+ * @throws A decoding error if the token doesn't resolve in a valid SD-JWT
+ * @throws A validation error if the provided data doesn't result in a valid PID
+ *
+ */
+export function decode(token: string): PidWithToken {
+  let { sdJwt, disclosures } = decodeJwt(token, SdJwt4VC);
+  const pid = pidFromToken(sdJwt, disclosures);
+
+  return { pid, sdJwt, disclosures };
+}
+
+/**
+ * Verify a given SD-JWT with Disclosures to get the parsed PID object they define.
+ * Same as {@link decode} plus:
+ *   - token signature verification
+ *   - ensure disclosures are well-defined inside the SD-JWT
+ *
+ * @async @function
+ *
+ * @todo implement signature validation
+ * @todo check disclosures in sd-jwt
+ *
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ *
+ * @returns {VerifyResult} The validated PID object along with the parsed SD-JWT token and the parsed disclosures
+ * @throws A decoding error if the token doesn't resolve in a valid SD-JWT
+ * @throws A validation error if the provided data doesn't result in a valid PID
+ * @throws A validation error if the provided disclosures are not defined in the SD-JWT
+ * @throws Invalid signature error if the token signature is not valid
+ *
+ */
+export async function verify(token: string): Promise<VerifyResult> {
+  const decoded = decode(token);
+  const publicKey = decoded.sdJwt.payload.cnf.jwk;
+  await verifyJwt(token, publicKey, SdJwt4VC);
+
+  return decoded;
+}
+
+type PidWithToken = {
+  // The object with the parsed data for PID
+  pid: PID;
+  // The object with the parsed SD-JWT token that shipped the PID. It will be needed to present PID data.
+  sdJwt: SdJwt4VC;
+  // Parsed list of discloures with PID values. It will be needed to present PID data.
+  disclosures: Disclosure[];
+};
+
+/**
+ * Result object for {@link verify}
+ */
+export type VerifyResult = PidWithToken;
+
+export { PID } from "./types";

package/src/pid/sd-jwt/types.ts

@@ -0,0 +1,44 @@
+import { z } from "zod";
+
+const VerificationEvidence = z.object({
+  type: z.string(),
+  record: z.object({
+    type: z.string(),
+    source: z.object({
+      organization_name: z.string(),
+      organization_id: z.string(),
+      country_code: z.string(),
+    }),
+  }),
+});
+type Verification = z.infer<typeof Verification>;
+const Verification = z.object({
+  trustFramework: z.literal("eidas"),
+  assuranceLevel: z.string(),
+  evidence: z.array(VerificationEvidence),
+});
+
+/**
+ * Data structure for the PID.
+ * It contains PID claims in plain text as well as verification data with the issuer's information
+ *
+ * @see https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
+ */
+export type PID = z.infer<typeof PID>;
+export const PID = z.object({
+  issuer: z.string(),
+  issuedAt: z.date(),
+  expiration: z.date(),
+  verification: Verification,
+  claims: z.object({
+    uniqueId: z.string(),
+    givenName: z.string(),
+    familyName: z.string(),
+    birthdate: z.string(),
+    placeOfBirth: z.object({
+      country: z.string(),
+      locality: z.string(),
+    }),
+    taxIdCode: z.string(),
+  }),
+});

package/src/sd-jwt/__test__/converters.test.ts

@@ -0,0 +1,27 @@
+import { getValueFromDisclosures } from "../converters";
+import { Disclosure } from "../types";
+
+const disclosures: Disclosure[] = [
+  ["6w1_soRXFgaHKfpYn3cvfQ", "given_name", "Mario"],
+  ["fuNp97Hf3wV6y48y-QZhIg", "birthdate", "1980-10-01"],
+  [
+    "p-9LzyWHZBVDvhXDWkN2xA",
+    "place_of_birth",
+    { country: "IT", locality: "Rome" },
+  ],
+];
+
+describe("getValueFromDisclosures", () => {
+  it("should return correct value for given_name", () => {
+    const success = getValueFromDisclosures(disclosures, "given_name");
+    expect(success).toBe("Mario");
+  });
+  it("should return correct value for place_of_birth", () => {
+    const success = getValueFromDisclosures(disclosures, "place_of_birth");
+    expect(success).toEqual({ country: "IT", locality: "Rome" });
+  });
+  it("should fail", () => {
+    const success = getValueFromDisclosures(disclosures, "given_surname");
+    expect(success).toBeUndefined();
+  });
+});

package/src/sd-jwt/__test__/types.test.ts

@@ -0,0 +1,85 @@
+import { Disclosure, SdJwt4VC } from "../types";
+
+describe("SdJwt4VC", () => {
+  it("should accept a valid token", () => {
+    // example provided at https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
+    const token = {
+      header: {
+        typ: "vc+sd-jwt",
+        alg: "RS512",
+        kid: "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw",
+        trust_chain: [
+          "NEhRdERpYnlHY3M5WldWTWZ2aUhm ...",
+          "eyJhbGciOiJSUzI1NiIsImtpZCI6 ...",
+          "IkJYdmZybG5oQU11SFIwN2FqVW1B ...",
+        ],
+      },
+      payload: {
+        iss: "https://pidprovider.example.org",
+        sub: "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs...",
+        jti: "urn:uuid:6c5c0a49-b589-431d-bae7-219122a9ec2c",
+        iat: 1541493724,
+        exp: 1541493724,
+        status: "https://pidprovider.example.org/status",
+        cnf: {
+          jwk: {
+            kty: "RSA",
+            use: "sig",
+            n: "1Ta-sE …",
+            e: "AQAB",
+            kid: "YhNFS3YnC9tjiCaivhWLVUJ3AxwGGz_98uRFaqMEEs",
+          },
+        },
+        type: "PersonIdentificationData",
+        verified_claims: {
+          verification: {
+            _sd: ["OGm7ryXgt5Xzlevp-Hu-UTk0a-TxAaPAobqv1pIWMfw"],
+            trust_framework: "eidas",
+            assurance_level: "high",
+          },
+          claims: {
+            _sd: [
+              "8JjozBfovMNvQ3HflmPWy4O19Gpxs61FWHjZebU589E",
+              "BoMGktW1rbikntw8Fzx_BeL4YbAndr6AHsdgpatFCig",
+              "CFLGzentGNRFngnLVVQVcoAFi05r6RJUX-rdbLdEfew",
+              "JU_sTaHCngS32X-0ajHrd1-HCLCkpT5YqgcfQme168w",
+              "VQI-S1mT1Kxfq2o8J9io7xMMX2MIxaG9M9PeJVqrMcA",
+              "zVdghcmClMVWlUgGsGpSkCPkEHZ4u9oWj1SlIBlCc1o",
+            ],
+          },
+        },
+        _sd_alg: "sha-256",
+      },
+    };
+
+    const { success } = SdJwt4VC.safeParse(token);
+
+    expect(success).toBe(true);
+  });
+});
+
+describe("Disclosure", () => {
+  it("should accept a valid disclosure", () => {
+    // example provided at https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
+    const value = [
+      "2GLC42sKQveCfGfryNRN9w",
+      "evidence",
+      [
+        {
+          type: "electronic_record",
+          record: {
+            type: "eidas.it.cie",
+            source: {
+              organization_name: "Ministero dell'Interno",
+              organization_id: "m_it",
+              country_code: "IT",
+            },
+          },
+        },
+      ],
+    ];
+
+    const { success } = Disclosure.safeParse(value);
+    expect(success).toBe(true);
+  });
+});

package/src/sd-jwt/converters.ts

@@ -0,0 +1,24 @@
+import type { Disclosure } from "./types";
+
+export function getValueFromDisclosures(
+  disclosures: Disclosure[],
+  claimName: string
+) {
+  const value = disclosures.find(([, name]) => name === claimName)?.[2];
+  // value didn't found, we return nothing
+  if (!value) {
+    return undefined;
+  }
+  // value is not a string, it's probably fine
+  if (typeof value !== "string") {
+    return value;
+  }
+  // value is a string, we try to parse it
+  // maybe it's a serialized object
+  try {
+    return JSON.parse(value);
+  } catch (error) {
+    // It's definitely a string
+    return value;
+  }
+}

package/src/sd-jwt/index.ts

@@ -0,0 +1,92 @@
+import { z } from "zod";
+
+import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
+import { verify as verifyJwt } from "@pagopa/io-react-native-jwt";
+
+import { decodeBase64 } from "@pagopa/io-react-native-jwt";
+import { Disclosure } from "./types";
+import { verifyDisclosure } from "./verifier";
+import type { JWK } from "src/utils/jwk";
+
+/**
+ * Decode a given SD-JWT with Disclosures to get the parsed SD-JWT object they define.
+ * It ensures provided data is in a valid shape.
+ *
+ * It DOES NOT verify token signature nor check disclosures are correctly referenced by the SD-JWT.
+ * Use {@link verify} instead
+ *
+ * @function
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ * @param schema Schema to use to parse the SD-JWT
+ *
+ * @returns The parsed SD-JWT token and the parsed disclosures
+ *
+ */
+export const decode = <S extends z.AnyZodObject>(
+  token: string,
+  schema: S
+): { sdJwt: z.infer<S>; disclosures: Disclosure[] } => {
+  // token are expected in the form "sd-jwt~disclosure0~disclosure1~...~disclosureN"
+  const [rawSdJwt = "", ...rawDisclosures] = token.split("~");
+
+  // get the sd-jwt as object
+  // validate it's a valid SD-JWT for Verifiable Credentials
+  const decodedJwt = decodeJwt(rawSdJwt);
+  const sdJwt = schema.parse({
+    header: decodedJwt.protectedHeader,
+    payload: decodedJwt.payload,
+  });
+
+  // get disclosures as list of triples
+  // validate each triple
+  // throw a validation error if at least one fails to parse
+  const disclosures = rawDisclosures
+    .map(decodeBase64)
+    .map((e) => JSON.parse(e))
+    .map((e) => Disclosure.parse(e));
+
+  return { sdJwt, disclosures };
+};
+
+/**
+ * Verify a given SD-JWT with Disclosures
+ * Same as {@link decode} plus:
+ *   - token signature verification
+ *   - ensure disclosures are well-defined inside the SD-JWT
+ *
+ * @async @function
+ *
+ *
+ * @param token The encoded token that represents a valid sd-jwt for verifiable credentials
+ * @param publicKey The public key to validate the signature
+ * @param schema Schema to use to parse the SD-JWT
+ *
+ * @returns The parsed SD-JWT token and the parsed disclosures
+ *
+ */
+export const verify = async <S extends z.AnyZodObject>(
+  token: string,
+  publicKey: JWK,
+  schema: S
+): Promise<{ sdJwt: z.infer<S>; disclosures: Disclosure[] }> => {
+  // get decoded data
+  const [rawSdJwt = ""] = token.split("~");
+  const decoded = decode(token, schema);
+
+  //Check signature
+  await verifyJwt(rawSdJwt, publicKey);
+
+  //Check disclosures in sd-jwt
+  const claims = [
+    ...decoded.sdJwt.payload.verified_claims.verification._sd,
+    ...decoded.sdJwt.payload.verified_claims.claims._sd,
+  ];
+
+  await Promise.all(
+    decoded.disclosures.map(
+      async (disclosure) => await verifyDisclosure(disclosure, claims)
+    )
+  );
+
+  return decoded;
+};

package/src/sd-jwt/types.ts

@@ -0,0 +1,54 @@
+import { JWK } from "../utils/jwk";
+import { z } from "zod";
+
+export const UnixTime = z.number().min(0).max(2147483647000);
+export type UnixTime = z.infer<typeof UnixTime>;
+
+export type ObfuscatedDisclosures = z.infer<typeof ObfuscatedDisclosures>;
+export const ObfuscatedDisclosures = z.object({ _sd: z.array(z.string()) });
+
+/**
+ * A triple of values in the form of {salt, claim name, claim value} that represent a parsed disclosure.
+ *
+ * @see https://datatracker.ietf.org/doc/html/draft-ietf-oauth-selective-disclosure-jwt-04
+ * @see https://vcstuff.github.io/draft-terbu-sd-jwt-vc/draft-terbu-oauth-sd-jwt-vc.html
+ */
+export type Disclosure = z.infer<typeof Disclosure>;
+export const Disclosure = z.tuple([
+  /* salt */ z.string(),
+  /* claim name */ z.string(),
+  /* claim value */ z.unknown(),
+]);
+
+export type SdJwt4VC = z.infer<typeof SdJwt4VC>;
+export const SdJwt4VC = z.object({
+  header: z.object({
+    typ: z.literal("vc+sd-jwt"),
+    alg: z.string(),
+    kid: z.string(),
+    trust_chain: z.array(z.string()),
+  }),
+  payload: z.object({
+    iss: z.string(),
+    sub: z.string(),
+    jti: z.string(),
+    iat: UnixTime,
+    exp: UnixTime,
+    status: z.string(),
+    cnf: z.object({
+      jwk: JWK,
+    }),
+    type: z.literal("PersonIdentificationData"),
+    verified_claims: z.object({
+      verification: z.intersection(
+        z.object({
+          trust_framework: z.literal("eidas"),
+          assurance_level: z.string(),
+        }),
+        ObfuscatedDisclosures
+      ),
+      claims: ObfuscatedDisclosures,
+    }),
+    _sd_alg: z.literal("sha-256"),
+  }),
+});

package/src/sd-jwt/verifier.ts

@@ -0,0 +1,20 @@
+import { encodeBase64, sha256ToBase64 } from "@pagopa/io-react-native-jwt";
+
+import { ValidationFailed } from "../utils/errors";
+import type { Disclosure, ObfuscatedDisclosures } from "./types";
+
+export const verifyDisclosure = async (
+  disclosure: Disclosure,
+  claims: ObfuscatedDisclosures["_sd"]
+) => {
+  let disclosureString = JSON.stringify(disclosure);
+  let encodedDisclosure = encodeBase64(disclosureString);
+  let hash = await sha256ToBase64(encodedDisclosure);
+  if (!claims.includes(hash)) {
+    throw new ValidationFailed(
+      "Validation of disclosure failed",
+      `${disclosure}`,
+      "Disclosure hash not found in claims"
+    );
+  }
+};

package/src/utils/errors.ts

@@ -0,0 +1,74 @@
+/**
+ * A generic Error that all other io-wallet specific Error subclasses extend.
+ *
+ * @example Checking thrown error is a io-wallet one
+ *
+ * ```js
+ * if (err instanceof errors.IoWalletError) {
+ *   // ...
+ * }
+ * ```
+ */
+export class IoWalletError extends Error {
+  /** A unique error code for the particular error subclass. */
+  static get code(): string {
+    return "ERR_IO_WALLET_GENERIC";
+  }
+
+  /** A unique error code for the particular error subclass. */
+  code: string = "ERR_IO_WALLET_GENERIC";
+
+  constructor(message?: string) {
+    super(message);
+    this.name = this.constructor.name;
+    // @ts-ignore
+    Error.captureStackTrace?.(this, this.constructor);
+  }
+}
+/**
+ * An error subclass thrown when validation fail
+ *
+ */
+export class ValidationFailed extends IoWalletError {
+  static get code(): "ERR_IO_WALLET_VALIDATION_FAILED" {
+    return "ERR_IO_WALLET_VALIDATION_FAILED";
+  }
+
+  code = "ERR_IO_WALLET_VALIDATION_FAILED";
+
+  /** The Claim for which the validation failed. */
+  claim: string;
+
+  /** Reason code for the validation failure. */
+  reason: string;
+
+  constructor(message: string, claim = "unspecified", reason = "unspecified") {
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}
+
+/**
+ * An error subclass thrown when validation fail
+ *
+ */
+export class WalletInstanceAttestationIssuingError extends IoWalletError {
+  static get code(): "ERR_IO_WALLET_INSTANCE_ATTESTATION_ISSUING_FAILED" {
+    return "ERR_IO_WALLET_INSTANCE_ATTESTATION_ISSUING_FAILED";
+  }
+
+  code = "ERR_IO_WALLET_INSTANCE_ATTESTATION_ISSUING_FAILED";
+
+  /** The Claim for which the validation failed. */
+  claim: string;
+
+  /** Reason code for the validation failure. */
+  reason: string;
+
+  constructor(message: string, claim = "unspecified", reason = "unspecified") {
+    super(message);
+    this.claim = claim;
+    this.reason = reason;
+  }
+}