@pagopa/io-react-native-wallet 3.2.0 → 3.3.0

package/src/credential/issuance/v1.3.3/02-start-user-authorization.ts

@@ -3,16 +3,17 @@ import {
   fetchPushedAuthorizationResponse,
   createClientAttestationPopJwt,
 } from "@pagopa/io-wallet-oauth2";
-import type { CallbackContext } from "@pagopa/io-wallet-oauth2";
+import type { JwtSignerJwk } from "@pagopa/io-wallet-oauth2";
+import { v4 as uuidv4 } from "uuid";
 import { LogLevel, Logger } from "../../../utils/logging";
 import type { IssuanceApi } from "../api";
-import { SignJWT } from "@pagopa/io-react-native-jwt";
-import { partialCallbacks } from "../../../utils/callbacks";
-import { IoWalletError } from "../../../utils/errors";
 import {
-  selectCredentialDefinition,
-  selectResponseMode,
-} from "../common/authorization";
+  createSignJwtFromCryptoContext,
+  partialCallbacks,
+} from "../../../utils/callbacks";
+import { IoWalletError } from "../../../utils/errors";
+import { sdkConfigV1_3 } from "../../../utils/config";
+import { selectCredentialDefinition } from "../common/02-start-user-authorization";
 
 export const startUserAuthorization: IssuanceApi["startUserAuthorization"] =
   async (issuerConf, credentialIds, proof, ctx) => {
@@ -33,8 +34,6 @@ export const startUserAuthorization: IssuanceApi["startUserAuthorization"] =
       throw new IoWalletError("No public key found");
     }
 
-    const responseMode = selectResponseMode(issuerConf, credentialIds);
-
     const credentialDefinition = credentialIds.map((c) =>
       selectCredentialDefinition(issuerConf, c)
     );
@@ -54,13 +53,16 @@ export const startUserAuthorization: IssuanceApi["startUserAuthorization"] =
       });
     }
 
-    const signerJwk = await wiaCryptoContext.getPublicKey();
-    const signJwt: CallbackContext["signJwt"] = async (_, payload) => ({
-      jwt: await new SignJWT(wiaCryptoContext).setPayload(payload).sign(),
-      signerJwk,
-    });
+    const wiaSigner: JwtSignerJwk = {
+      method: "jwk",
+      alg: "ES256",
+      publicJwk: await wiaCryptoContext.getPublicKey(),
+    };
+
+    const signJwt = createSignJwtFromCryptoContext(wiaCryptoContext);
 
     const parRequest = await createPushedAuthorizationRequest({
+      config: sdkConfigV1_3,
       callbacks: {
         ...partialCallbacks,
         signJwt,
@@ -68,25 +70,27 @@ export const startUserAuthorization: IssuanceApi["startUserAuthorization"] =
       authorizationServerMetadata: {
         require_signed_request_object: true,
       },
+      jti: uuidv4(),
       clientId,
       audience: issuerConf.credential_issuer,
       authorization_details: credentialDefinition,
       codeChallengeMethodsSupported: ["S256"],
-      responseMode,
       redirectUri,
+      dpop: {
+        signer: wiaSigner,
+      },
     });
 
     const clientAttestationPoP = await createClientAttestationPopJwt({
+      config: sdkConfigV1_3,
       callbacks: {
+        generateRandom: partialCallbacks.generateRandom,
         signJwt,
       },
       clientAttestation: walletInstanceAttestation,
       authorizationServer: issuerConf.authorization_endpoint,
-      signer: {
-        method: "jwk",
-        alg: "ES256",
-        publicJwk: signerJwk,
-      },
+      signer: wiaSigner,
+      jti: uuidv4(),
     });
 
     const { request_uri } = await fetchPushedAuthorizationResponse({

package/src/credential/issuance/v1.3.3/04-authorize-access.ts

@@ -1,10 +1,15 @@
-import { SignJWT } from "@pagopa/io-react-native-jwt";
-import { createTokenDPoP, fetchTokenResponse } from "@pagopa/io-wallet-oauth2";
+import {
+  createClientAttestationPopJwt,
+  createTokenDPoP,
+  fetchTokenResponse,
+} from "@pagopa/io-wallet-oauth2";
 import { v4 as uuidv4 } from "uuid";
-import { createPopToken } from "../../../utils/pop";
-import * as WalletInstanceAttestation from "../../../wallet-instance-attestation/v1.0.0/utils";
-import { partialCallbacks } from "../../../utils/callbacks";
+import {
+  createSignJwtFromCryptoContext,
+  partialCallbacks,
+} from "../../../utils/callbacks";
 import { IoWalletError } from "../../../utils/errors";
+import { sdkConfigV1_3 } from "../../../utils/config";
 import type { IssuanceApi, TokenResponse } from "../api";
 
 export const authorizeAccess: IssuanceApi["authorizeAccess"] = async (
@@ -21,37 +26,37 @@ export const authorizeAccess: IssuanceApi["authorizeAccess"] = async (
     dPopCryptoContext,
   } = context;
 
-  const dPopSignerJwk = await dPopCryptoContext.getPublicKey();
   const tokenDPoP = await createTokenDPoP({
     callbacks: {
       ...partialCallbacks,
-      signJwt: async (_, payload) => ({
-        jwt: await new SignJWT(wiaCryptoContext).setPayload(payload).sign(),
-        signerJwk: dPopSignerJwk,
-      }),
+      signJwt: createSignJwtFromCryptoContext(dPopCryptoContext),
     },
     signer: {
-      alg: "ES256",
       method: "jwk",
-      publicJwk: dPopSignerJwk,
+      alg: "ES256",
+      publicJwk: await dPopCryptoContext.getPublicKey(),
     },
+    jti: uuidv4(),
     tokenRequest: {
       method: "POST",
       url: issuerConf.token_endpoint,
     },
   });
 
-  const iss = WalletInstanceAttestation.decode(walletInstanceAttestation)
-    .payload.cnf.jwk.kid;
-
-  const signedWiaPoP = await createPopToken(
-    {
-      jti: uuidv4(),
-      aud: issuerConf.credential_issuer,
-      iss,
+  const clientAttestationDPoP = await createClientAttestationPopJwt({
+    config: sdkConfigV1_3,
+    callbacks: {
+      generateRandom: partialCallbacks.generateRandom,
+      signJwt: createSignJwtFromCryptoContext(wiaCryptoContext),
     },
-    wiaCryptoContext
-  );
+    clientAttestation: walletInstanceAttestation,
+    authorizationServer: issuerConf.credential_issuer,
+    signer: {
+      method: "jwk",
+      alg: "ES256",
+      publicJwk: await wiaCryptoContext.getPublicKey(),
+    },
+  });
 
   const tokenResponse = await fetchTokenResponse({
     accessTokenEndpoint: issuerConf.token_endpoint,
@@ -61,7 +66,7 @@ export const authorizeAccess: IssuanceApi["authorizeAccess"] = async (
     },
     walletAttestation: walletInstanceAttestation,
     dPoP: tokenDPoP.jwt,
-    clientAttestationDPoP: signedWiaPoP,
+    clientAttestationDPoP,
     accessTokenRequest: {
       code,
       grant_type: "authorization_code",

package/src/credential/issuance/v1.3.3/05-obtain-credential.ts

@@ -9,6 +9,7 @@ import {
   createCredentialRequest,
 } from "@pagopa/io-wallet-oid4vci";
 import { UnexpectedStatusCodeError as SdkUnexpectedStatusCodeError } from "@pagopa/io-wallet-utils";
+import { v4 as uuidv4 } from "uuid";
 import { hasStatusOrThrow, type Out } from "../../../utils/misc";
 import {
   IoWalletError,
@@ -19,7 +20,10 @@ import {
 } from "../../../utils/errors";
 import { LogLevel, Logger } from "../../../utils/logging";
 import { sdkConfigV1_3 } from "../../../utils/config";
-import { partialCallbacks } from "../../../utils/callbacks";
+import {
+  createSignJwtFromCryptoContext,
+  partialCallbacks,
+} from "../../../utils/callbacks";
 import type { IssuanceApi, IssuerConfig } from "../api";
 import { NonceResponse } from "./types";
 import type { AuthorizeAccessApi } from "../api/04-authorize-access";
@@ -115,21 +119,17 @@ export const requestCredentials = async ({
     signers,
   });
 
-  const dPopSignerJwk = await dPopCryptoContext.getPublicKey();
-
   const credentialDPoP = await createTokenDPoP({
     callbacks: {
       ...partialCallbacks,
-      signJwt: async (_, payload) => ({
-        jwt: await new SignJWT(dPopCryptoContext).setPayload(payload).sign(),
-        signerJwk: dPopSignerJwk,
-      }),
+      signJwt: createSignJwtFromCryptoContext(dPopCryptoContext),
     },
     signer: {
       method: "jwk",
       alg: "ES256",
-      publicJwk: dPopSignerJwk,
+      publicJwk: await dPopCryptoContext.getPublicKey(),
     },
+    jti: uuidv4(),
     tokenRequest: {
       method: "POST",
       url: issuerConf.credential_endpoint,

package/src/credential/issuance/v1.3.3/06-verify-and-parse-credential.ts

@@ -23,7 +23,8 @@ export const verifyAndParseCredential: IssuanceApi["verifyAndParseCredential"] =
           issuerConf,
           credential,
           credentialConfigurationId,
-          context
+          { validateCertificateChain: true, ...context },
+          x509CertRoot
         );
       }
       case "mso_mdoc": {

package/src/credential/issuance/v1.3.3/index.ts

@@ -14,7 +14,7 @@ import {
   obtainCredentialsBatch,
 } from "./05-obtain-credential";
 import { verifyAndParseCredential } from "./06-verify-and-parse-credential";
-import { MRTDPoP } from "../mrtd-pop";
+import { MRTDPoPv1_3 } from "../mrtd-pop";
 
 export const Issuance: IssuanceApi = {
   evaluateIssuerTrust,
@@ -28,5 +28,5 @@ export const Issuance: IssuanceApi = {
   obtainCredential,
   obtainCredentialsBatch,
   verifyAndParseCredential,
-  MRTDPoP,
+  MRTDPoP: MRTDPoPv1_3,
 };

package/src/credential/issuance/v1.3.3/mappers.ts

@@ -60,7 +60,10 @@ export const mapToIssuerConfig = createMapper<
       credential_configurations_supported: mapCredentialConfigurationsSupported(
         openid_credential_issuer
       ),
-      keys: openid_credential_issuer.jwks.keys as JWK[],
+      keys: [
+        ...openid_credential_issuer.jwks.keys,
+        ...oauth_authorization_server.jwks.keys,
+      ] as JWK[],
       pushed_authorization_request_endpoint:
         oauth_authorization_server.pushed_authorization_request_endpoint,
       token_endpoint: oauth_authorization_server.token_endpoint,

package/src/credential/presentation/{v1.3.3/utils.mdoc.ts → common/utils/mdoc.ts}

@@ -5,8 +5,8 @@ import type {
   Credential4Dcql,
   EvaluatedDisclosure,
   PresentationFrame,
-} from "../api";
-import { getValidDcqlClaims } from "../common/utils/dcql";
+} from "../../api";
+import { getValidDcqlClaims } from "./dcql";
 
 type CustomDcqlMdocCredential = DcqlMdocCredential & {
   original_credential: Credential4Dcql;

package/src/credential/presentation/v1.3.3/06-evaluate-dcql-query.ts

@@ -2,13 +2,13 @@ import { DcqlQuery, DcqlError } from "dcql";
 import { isValiError } from "valibot";
 import { CredentialsNotFoundError } from "../common/errors";
 import type { CredentialPurpose } from "../api/06-evaluate-dcql-query";
-import * as mdocUtils from "./utils.mdoc";
-import type { Credential4Dcql, RemotePresentationApi } from "../api";
 import * as sdJwtUtils from "../common/utils/sd-jwt";
-import { getClaimsFromDcqlMatch } from "./utils.mdoc";
+import * as mdocUtils from "../common/utils/mdoc";
+import type { Credential4Dcql, RemotePresentationApi } from "../api";
 import {
   extractFailedCredentialsDetails,
   getDcqlQueryMatches,
+  getClaimsFromDcqlMatch,
   getPresentationFrameFromDcqlMatch,
 } from "../common/utils/dcql";
 

package/src/credential/status/README.md

@@ -111,15 +111,16 @@ const res = await wallet.CredentialStatus.statusList.get(
 );
 
 // Verify and parse the status list response to get the credential status
-const { status } =
+const { status, statusBit } =
   await wallet.CredentialStatus.statusList.verifyAndParse(
-    issuerConf,
+    issuerConf.keys,
     res
   );
 
 return {
   statusList: res.statusList,
   status,
+  statusBit,
 };
 ```
 

package/src/credential/status/api/status-list.ts

@@ -1,8 +1,6 @@
 import type { Out } from "../../../utils/misc";
-import type {
-  CredentialFormat,
-  IssuerConfig,
-} from "../../../credential/issuance/api";
+import type { CredentialFormat } from "../../../credential/issuance/api";
+import type { JWK } from "../../../utils/jwk";
 
 export interface StatusListApi {
   isSupported: true;
@@ -22,6 +20,7 @@ export interface StatusListApi {
    * @since 1.3.3
    * @param credential The credential to get the status list for
    * @param format The credential format
+   * @param context.appFetch Optional fetch function to use for the network request
    * @returns The raw status list, the index of the credential and other metadata
    */
   get(
@@ -40,11 +39,15 @@ export interface StatusListApi {
   /**
    * Verifies the signature of a status list and extract the status at the specified index.
    * @since 1.3.3
-   * @param issuerConf The Credential Issuer common configuration
+   * @param keys The JSON Web Key Set to verify the status list signature
    * @param statusListParams The raw status list, the index to read and other metadata
+   * @return The status of the credential and the raw status bit in hexadecimal format (e.g. "0x01")
    */
   verifyAndParse(
-    issuerConf: IssuerConfig,
+    keys: JWK[],
     statusListParams: Out<StatusListApi["get"]>
-  ): Promise<{ status: number }>;
+  ): Promise<{
+    statusBit: string;
+    status: string;
+  }>;
 }

package/src/credential/status/v1.3.3/01-status-list.ts

@@ -1,4 +1,5 @@
 import { CBOR } from "@pagopa/io-react-native-iso18013";
+import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
 import {
   getStatusListFromJWT,
   type StatusListEntry,
@@ -38,13 +39,26 @@ export const getStatusList: StatusListApi["get"] = async (
 ) => {
   const { uri, idx } = await getStatusListEntry(credential, format);
 
-  const statusList = await appFetch(uri, {
-    headers: {
-      Accept: "application/statuslist+jwt",
-    },
-  })
-    .then(hasStatusOrThrow(200))
-    .then((response) => response.text());
+  const fetchStatusList = (options: { cacheDisabled?: boolean } = {}) =>
+    appFetch(uri, {
+      headers: {
+        Accept: "application/statuslist+jwt",
+        ...(options.cacheDisabled && { "Cache-Control": "no-cache" }),
+      },
+    })
+      .then(hasStatusOrThrow(200))
+      .then((response) => response.text());
 
+  // When the HTTP response includes cache headers, fetch will return a cached response and the JWT might be expired
+  let statusList = await fetchStatusList();
+  const decoded = decodeJwt(statusList);
+
+  const { exp } = decoded.payload;
+
+  // If the status list JWT is expired, try to fetch it again bypassing the HTTP cache.
+  // If it is still expired after the refetch, `verifyAndParseStatusList` will throw.
+  if (exp && exp < Math.floor(Date.now() / 1000)) {
+    statusList = await fetchStatusList({ cacheDisabled: true });
+  }
   return { statusList, uri, idx, format: "jwt" };
 };

package/src/credential/status/v1.3.3/02-verify-and-parse-status-list.ts

@@ -2,18 +2,32 @@ import { verify } from "@pagopa/io-react-native-jwt";
 import { getListFromStatusListJWT } from "@sd-jwt/jwt-status-list";
 import type { StatusListApi } from "../api/status-list";
 
+/**
+ * Mapping of status bits to their corresponding meaning as defined in the specification.
+ * @see https://italia.github.io/eid-wallet-it-docs/releases/1.3.3/en/credential-revocation.html#token-status-lists
+ */
+const CredentialStatusMap = {
+  0x00: "VALID",
+  0x01: "INVALID",
+  0x02: "SUSPENDED",
+  0x03: "UPDATE",
+  0x0b: "ATTRIBUTE_UPDATE",
+} as const;
+
+type CredentialStatusBit = keyof typeof CredentialStatusMap;
+
 export const verifyAndParseStatusList: StatusListApi["verifyAndParse"] = async (
-  issuerConf,
+  keys,
   { statusList: rawStatusList, idx }
 ) => {
-  await verify(rawStatusList, issuerConf.keys);
+  await verify(rawStatusList, keys);
 
   const statusList = getListFromStatusListJWT(rawStatusList);
+  const statusBit = statusList.getStatus(idx) as CredentialStatusBit;
+  const status = CredentialStatusMap[statusBit];
 
-  const status = statusList.getStatus(idx);
-
-  // TODO: [SIW-3992] Improve the return object with additional data, throw CredentialInvalidStatus when invalid
   return {
     status,
+    statusBit: `0x${statusBit.toString(16).padStart(2, "0").toUpperCase()}`,
   };
 };

package/src/mdoc/index.ts

@@ -1,19 +1,12 @@
 import { CBOR, COSE, ISO18013_7 } from "@pagopa/io-react-native-iso18013";
 import { b64utob64 } from "jsrsasign";
-import {
-  verifyCertificateChain,
-  type CertificateValidationResult,
-  type PublicKey,
-  type X509CertificateOptions,
-} from "@pagopa/io-react-native-crypto";
-import {
-  MissingX509CertsError,
-  X509ValidationError,
-} from "../trust/common/errors";
+import { type PublicKey } from "@pagopa/io-react-native-crypto";
+import { MissingX509CertsError } from "../trust/common/errors";
 import { IoWalletError } from "../utils/errors";
 import { convertBase64DerToPem, getSigninJwkFromCert } from "../utils/crypto";
-import type { Presentation } from "src/credential/presentation";
+import type { Presentation } from "../credential/presentation";
 import { removePadding } from "@pagopa/io-react-native-jwt";
+import { verifyX509Chain } from "../utils/x509";
 export * from "./utils";
 
 export const verify = async (
@@ -37,7 +30,7 @@ export const verify = async (
   const x5chain =
     issuerSigned.issuerAuth.unprotectedHeader.x5chain.map(b64utob64);
   // Verify the x5chain
-  await verifyX5chain(x5chain, x509CertRoot);
+  await verifyX509Chain(x5chain, x509CertRoot);
 
   const coseSign1 = issuerSigned.issuerAuth.rawValue;
 
@@ -50,35 +43,6 @@ export const verify = async (
   return { issuerSigned };
 };
 
-/**
- * This function checks whether the x509 certificate chain is valid against a specified Certificate Authority (CA)
- *
- * @param x5chain The mdoc's x509 certificate chain
- * @param x509CertRoot The Trust Anchor CA
- * @param options Options for certificate validation
- */
-const verifyX5chain = async (
-  x5chain: string[],
-  x509CertRoot: string,
-  options: X509CertificateOptions = {
-    connectTimeout: 10000,
-    readTimeout: 10000,
-    requireCrl: true,
-  }
-) => {
-  const x509ValidationResult: CertificateValidationResult =
-    await verifyCertificateChain(x5chain, x509CertRoot, options);
-
-  if (!x509ValidationResult.isValid) {
-    throw new X509ValidationError(
-      `X.509 certificate chain validation failed. Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`,
-      {
-        x509ValidationStatus: x509ValidationResult.validationStatus,
-        x509ErrorMessage: x509ValidationResult.errorMessage,
-      }
-    );
-  }
-};
 /**
  * This function verifies that the signature is valid for the given certificate.
  * If not, it throws an error

package/src/sd-jwt/__test__/types.test.ts

@@ -28,20 +28,8 @@ describe("Verification.time", () => {
 
   it("rejects invalid type", () => {
     const value = {
-      trust_framework: "eidas",
+      trust_framework: ["eidas"],
       assurance_level: "high",
-      evidence: [
-        {
-          type: "vouch",
-          time: null,
-          attestation: {
-            type: "digital_attestation",
-            reference_number: "abc",
-            date_of_issuance: "2025-09-02",
-            voucher: { organization: "IPZS" },
-          },
-        },
-      ],
     };
 
     expect(Verification.safeParse(value).success).toBe(false);

package/src/sd-jwt/__test__/utils.test.ts

@@ -4,18 +4,6 @@ import { getVerification } from "..";
 describe("SD-JWT getVerification", () => {
   it("extracts the verification claims correctly", () => {
     expect(getVerification(pid)).toEqual({
-      evidence: [
-        {
-          attestation: {
-            date_of_issuance: "2025-06-23",
-            voucher: { organization: "Ministero dell'Interno" },
-            type: "digital_attestation",
-            reference_number: "123456789",
-          },
-          time: "2025-06-23T13:14:25Z",
-          type: "vouch",
-        },
-      ],
       trust_framework: "it_cie",
       assurance_level: "high",
     });

package/src/sd-jwt/types.ts

@@ -64,19 +64,6 @@ export type Verification = z.infer<typeof Verification>;
 export const Verification = z.object({
   trust_framework: z.string(),
   assurance_level: z.string(),
-  evidence: z.array(
-    z.object({
-      type: z.literal("vouch"),
-      // Support both string and UNIX timestamp for backward compatibility
-      time: z.union([z.string(), z.number()]),
-      attestation: z.object({
-        type: z.literal("digital_attestation"),
-        reference_number: z.string(),
-        date_of_issuance: z.string(),
-        voucher: z.object({ organization: z.string() }),
-      }),
-    })
-  ),
 });
 
 /**

package/src/utils/callbacks.ts

@@ -1,4 +1,9 @@
-import { EncryptJwe, getJwkFromHeader } from "@pagopa/io-react-native-jwt";
+import {
+  EncryptJwe,
+  getJwkFromHeader,
+  SignJWT,
+  type CryptoContext,
+} from "@pagopa/io-react-native-jwt";
 import { verify } from "@pagopa/io-react-native-jwt";
 import { type CallbackContext, type JwtSigner } from "@pagopa/io-wallet-oauth2";
 import { digest } from "@sd-jwt/crypto-nodejs";
@@ -109,3 +114,25 @@ export const createVerifyJwtFromJwks = (
     }
   };
 };
+
+/**
+ * Create a signJwt implementation that signs a JWT using the provided CryptoContext.
+ * @param cryptoContext The CryptoContext to use for signing the JWT
+ * @returns Function that implements `signJwt` callback
+ */
+export const createSignJwtFromCryptoContext = (
+  cryptoContext: CryptoContext
+): CallbackContext["signJwt"] => {
+  return async function signJwt(jwtSigner, { header, payload }) {
+    return {
+      jwt: await new SignJWT(cryptoContext)
+        .setProtectedHeader(header)
+        .setPayload(payload)
+        .sign(),
+      signerJwk:
+        jwtSigner.method === "jwk"
+          ? jwtSigner.publicJwk
+          : await cryptoContext.getPublicKey(),
+    };
+  };
+};

package/src/utils/x509.ts

@@ -0,0 +1,43 @@
+import {
+  verifyCertificateChain,
+  type CertificateValidationResult,
+  type X509CertificateOptions,
+} from "@pagopa/io-react-native-crypto";
+import { X509ValidationError } from "../trust/common/errors";
+
+/**
+ * This function checks whether the x509 certificate chain is valid against a specified Certificate Authority (CA)
+ *
+ * @param x5chain The mdoc's x509 certificate chain
+ * @param x509CertRoot The Trust Anchor CA
+ * @param options Options for certificate validation
+ */
+export const verifyX509Chain = async (
+  x5chain: string[],
+  x509CertRoot: string,
+  options: X509CertificateOptions = {
+    connectTimeout: 10000,
+    readTimeout: 10000,
+    requireCrl: true,
+  }
+) => {
+  // Strip the trust anchor from the chain if the issuer included it,
+  // since verifyCertificateChain expects it passed separately.
+  const certChain =
+    x5chain.length > 1 && x5chain.at(-1) === x509CertRoot
+      ? x5chain.slice(0, -1)
+      : x5chain;
+
+  const x509ValidationResult: CertificateValidationResult =
+    await verifyCertificateChain(certChain, x509CertRoot, options);
+
+  if (!x509ValidationResult.isValid) {
+    throw new X509ValidationError(
+      `X.509 certificate chain validation failed. Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`,
+      {
+        x509ValidationStatus: x509ValidationResult.validationStatus,
+        x509ErrorMessage: x509ValidationResult.errorMessage,
+      }
+    );
+  }
+};

package/src/wallet-instance-attestation/api/types.ts

@@ -15,8 +15,6 @@ export const DecodedWalletInstanceAttestation = z.object({
   exp: UnixTime,
   cnf: z.object({ jwk: JWK }),
   sub: z.string(),
-  wallet_provider_name: z.string().optional(),
-  wallet_solution_id: z.string().optional(),
   /** @deprecated */
   wallet_link: z.string().optional(),
   /** @deprecated */

package/src/wallet-instance-attestation/v1.3.3/mappers.ts

@@ -5,14 +5,6 @@ import { WalletInstanceAttestationJwt } from "./types";
 export const mapToDecodedWalletInstanceAttestation = createMapper<
   WalletInstanceAttestationJwt,
   DecodedWalletInstanceAttestation
->(
-  ({ payload }) => {
-    const { eudi_wallet_info, ...rest } = payload;
-    return {
-      ...rest,
-      wallet_provider_name: eudi_wallet_info.general_info.wallet_provider_name,
-      wallet_solution_id: eudi_wallet_info.general_info.wallet_solution_id,
-    };
-  },
-  { outputSchema: DecodedWalletInstanceAttestation }
-);
+>((x) => x.payload, {
+  outputSchema: DecodedWalletInstanceAttestation,
+});