@sd-jwt/sd-jwt-vc 0.19.1-next.5 → 0.19.1-next.6

package/README.md

@@ -1,5 +1,5 @@
 ![License](https://img.shields.io/github/license/openwallet-foundation/sd-jwt-js.svg)
-![NPM](https://img.shields.io/npm/v/%40sd-jwt%2Fcore)
+![NPM](https://img.shields.io/npm/v/%40sd-jwt%2Fsd-jwt-vc)
 ![Release](https://img.shields.io/github/v/release/openwallet-foundation/sd-jwt-js)
 ![Stars](https://img.shields.io/github/stars/openwallet-foundation/sd-jwt-js)
 
@@ -9,7 +9,7 @@
 
 ### About
 
-SD-JWT-VC format based on the core functions
+Implementation of [SD-JWT-based Verifiable Credentials (SD-JWT VC) — draft-ietf-oauth-sd-jwt-vc-15](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html), built on top of `@sd-jwt/core` ([RFC 9901](https://www.rfc-editor.org/rfc/rfc9901.html)).
 
 Check the detail description in our github [repo](https://github.com/openwallet-foundation/sd-jwt-js).
 
@@ -34,8 +34,8 @@ Ensure you have Node.js installed as a prerequisite.
 
 Here's a basic example of how to use this library:
 
-```jsx
-import { DisclosureFrame } from '@sd-jwt/sd-jwt-vc';
+```typescript
+import type { DisclosureFrame } from '@sd-jwt/core';
 
 // identifier of the issuer
 const iss = 'University';
@@ -85,7 +85,7 @@ Check out more details in our [documentation](https://github.com/openwallet-foun
 
 ### Revocation
 
-To add revocation capabilities, you can use the `@sd-jwt/jwt-status-list` library to create a JWT Status List and include it in the SD-JWT-VC.
+To add revocation capabilities, you can use the `@owf/token-status-list` library to create a JWT Status List and include it in the SD-JWT-VC.
 
 You can pass a dedicated `statusVerifier` function in the configuration to verify the signature of the payload of the JWT of the statuslist. If no function is provided, it will fallback to the verifier that is also used for the sd-jwt-vc.
 
@@ -105,7 +105,7 @@ const sdjwt = new SDJwtVcInstance({
 });
 ```
 
-The library will load load the type metadata format based on the `vct` value according to the [SD-JWT-VC specification](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-08.html#name-sd-jwt-vc-type-metadata) and validate this schema.
+The library will load the type metadata format based on the `vct` value according to the [SD-JWT-VC specification](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html#name-sd-jwt-vc-type-metadata) and validate this schema.
 
 Since at this point the display is not yet implemented, the library will only validate the schema and return the type metadata format. In the future the values of the type metadata can be fetched via a function call.
 
@@ -131,7 +131,7 @@ try {
 The `safeVerify()` method collects all validation errors instead of failing on the first one. This is useful when you want to show users all issues with a credential at once, including signature, status (revocation), and VCT metadata validation:
 
 ```typescript
-import type { SafeVerifyResult, VerificationError } from '@sd-jwt/types';
+import type { SafeVerifyResult, VerificationError } from '@sd-jwt/core';
 
 const result = await sdjwt.safeVerify(presentation);
 
@@ -168,7 +168,6 @@ In addition to the [core error codes](../core/README.md#error-codes), `safeVerif
 
 ### Dependencies
 
-- @sd-jwt/core
-- @sd-jwt/types
-- @sd-jwt/utils
-- @sd-jwt/jwt-status-list
+- [@sd-jwt/core](https://www.npmjs.com/package/@sd-jwt/core)
+- [@owf/token-status-list](https://www.npmjs.com/package/@owf/token-status-list)
+- [zod](https://www.npmjs.com/package/zod)

package/dist/index.d.mts

@@ -1,6 +1,5 @@
-import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame, SafeVerifyResult } from '@sd-jwt/types';
+import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
 import { z } from 'zod';
-import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
 
 declare const BackgroundImageSchema: z.ZodObject<{
     /** REQUIRED. A URI pointing to the background image. */

package/dist/index.d.ts

@@ -1,6 +1,5 @@
-import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame, SafeVerifyResult } from '@sd-jwt/types';
+import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
 import { z } from 'zod';
-import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
 
 declare const BackgroundImageSchema: z.ZodObject<{
     /** REQUIRED. A URI pointing to the background image. */

package/dist/index.js

@@ -101,9 +101,8 @@ __export(index_exports, {
 module.exports = __toCommonJS(index_exports);
 
 // src/sd-jwt-vc-instance.ts
+var import_token_status_list = require("@owf/token-status-list");
 var import_core = require("@sd-jwt/core");
-var import_jwt_status_list = require("@sd-jwt/jwt-status-list");
-var import_utils = require("@sd-jwt/utils");
 var import_zod2 = __toESM(require("zod"));
 
 // src/sd-jwt-vc-type-metadata-format.ts
@@ -287,9 +286,11 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
   validateReservedFields(disclosureFrame) {
     if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
       const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
-      const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) => reservedNames.includes(key));
+      const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
+        (key) => reservedNames.includes(String(key))
+      );
       if (reservedNamesInDisclosureFrame.length > 0) {
-        throw new import_utils.SDJWTException("Cannot disclose protected field");
+        throw new import_core.SDJWTException("Cannot disclose protected field");
       }
     }
   }
@@ -329,7 +330,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
    */
   statusValidator(status) {
     return __async(this, null, function* () {
-      if (status !== 0) throw new import_utils.SDJWTException("Status is not valid");
+      if (status !== 0) throw new import_core.SDJWTException("Status is not valid");
       return Promise.resolve();
     });
   }
@@ -396,7 +397,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
       if (result) {
         try {
           yield this.verifyStatus(result, options);
-        } catch (error) {
+        } catch (e) {
+          const error = (0, import_core.ensureError)(e);
           const errorMessage = error.message;
           if (errorMessage.includes("Status is not valid")) {
             addError("STATUS_INVALID", errorMessage, error);
@@ -414,11 +416,11 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
             if (result) {
               result.typeMetadata = resolvedTypeMetadata;
             }
-          } catch (error) {
+          } catch (e) {
             addError(
               "VCT_VERIFICATION_FAILED",
-              `VCT verification failed: ${error.message}`,
-              error
+              `VCT verification failed: ${(0, import_core.ensureError)(e).message}`,
+              e
             );
           }
         }
@@ -455,7 +457,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
     return __async(this, null, function* () {
       const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
       if (!payload) {
-        throw new import_utils.SDJWTException("JWT payload is missing");
+        throw new import_core.SDJWTException("JWT payload is missing");
       }
       const result = {
         payload,
@@ -475,10 +477,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
       if (!integrity) return;
       const arrayBuffer = yield response.arrayBuffer();
       const alg = integrity.split("-")[0];
-      const hashBuffer = yield this.userConfig.hasher(
-        arrayBuffer,
-        alg
-      );
+      if (!this.userConfig.hasher) {
+        throw new import_core.SDJWTException("Hasher not found");
+      }
+      const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
       const integrityHash = integrity.split("-")[1];
       const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
       if (hash !== integrityHash) {
@@ -509,7 +511,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
         yield this.validateIntegrity(response.clone(), url, integrity);
         const data = yield response.json();
         return data;
-      } catch (error) {
+      } catch (e) {
+        const error = (0, import_core.ensureError)(e);
         if (error.name === "TimeoutError") {
           throw new Error(`Request to ${url} timed out`);
         }
@@ -560,7 +563,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
     if (baseClaim.sd && extendingClaim.sd) {
       if ((baseClaim.sd === "always" || baseClaim.sd === "never") && baseClaim.sd !== extendingClaim.sd) {
         const pathStr = JSON.stringify(extendingClaim.path);
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Cannot change 'sd' property from '${baseClaim.sd}' to '${extendingClaim.sd}' for claim at path ${pathStr}`
         );
       }
@@ -632,17 +635,17 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
       var _a;
       const maxDepth = (_a = this.userConfig.maxVctExtendsDepth) != null ? _a : 5;
       if (maxDepth !== -1 && depth > maxDepth) {
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Maximum VCT extends depth of ${maxDepth} exceeded`
         );
       }
       if (!parentTypeMetadata.extends) {
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Type metadata for vct '${parentTypeMetadata.vct}' has no 'extends' field. Unable to resolve extended type metadata document.`
         );
       }
       if (visitedVcts.has(parentTypeMetadata.extends)) {
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Circular dependency detected in VCT extends chain: ${parentTypeMetadata.extends}`
         );
       }
@@ -652,7 +655,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
         parentTypeMetadata["extends#integrity"]
       );
       if (!extendedTypeMetadata) {
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Resolving VCT extends value '${parentTypeMetadata.extends}' resulted in an undefined result.`
         );
       }
@@ -697,7 +700,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
       if (!data) return void 0;
       const validated = TypeMetadataFormatSchema.safeParse(data);
       if (!validated.success) {
-        throw new import_utils.SDJWTException(
+        throw new import_core.SDJWTException(
           `Invalid VCT type metadata for vct '${vct}':
 ${import_zod2.default.prettifyError(validated.error)}`
         );
@@ -720,16 +723,19 @@ ${import_zod2.default.prettifyError(validated.error)}`
             result.payload.status.status_list.uri
           );
           const slJWT = import_core.Jwt.fromEncode(statusListJWT);
+          if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
+            throw new import_core.SDJWTException("Verifier not found for status list JWT");
+          }
           yield slJWT.verify(
             (_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
             options
           ).catch((err) => {
-            throw new import_jwt_status_list.SLException(
+            throw new import_token_status_list.SLException(
               `Status List JWT verification failed: ${err.message}`,
               err.details
             );
           });
-          const statusList = (0, import_jwt_status_list.getListFromStatusListJWT)(statusListJWT);
+          const statusList = (0, import_token_status_list.getListFromStatusListJWT)(statusListJWT);
           const status = statusList.getStatus(
             result.payload.status.status_list.idx
           );

package/dist/index.mjs

@@ -54,12 +54,17 @@ var __async = (__this, __arguments, generator) => {
 };
 
 // src/sd-jwt-vc-instance.ts
-import { Jwt, SDJwt, SDJwtInstance } from "@sd-jwt/core";
 import {
   getListFromStatusListJWT,
   SLException
-} from "@sd-jwt/jwt-status-list";
-import { SDJWTException } from "@sd-jwt/utils";
+} from "@owf/token-status-list";
+import {
+  ensureError,
+  Jwt,
+  SDJWTException,
+  SDJwt,
+  SDJwtInstance
+} from "@sd-jwt/core";
 import z2 from "zod";
 
 // src/sd-jwt-vc-type-metadata-format.ts
@@ -243,7 +248,9 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
   validateReservedFields(disclosureFrame) {
     if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
       const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
-      const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) => reservedNames.includes(key));
+      const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
+        (key) => reservedNames.includes(String(key))
+      );
       if (reservedNamesInDisclosureFrame.length > 0) {
         throw new SDJWTException("Cannot disclose protected field");
       }
@@ -352,7 +359,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
       if (result) {
         try {
           yield this.verifyStatus(result, options);
-        } catch (error) {
+        } catch (e) {
+          const error = ensureError(e);
           const errorMessage = error.message;
           if (errorMessage.includes("Status is not valid")) {
             addError("STATUS_INVALID", errorMessage, error);
@@ -370,11 +378,11 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
             if (result) {
               result.typeMetadata = resolvedTypeMetadata;
             }
-          } catch (error) {
+          } catch (e) {
             addError(
               "VCT_VERIFICATION_FAILED",
-              `VCT verification failed: ${error.message}`,
-              error
+              `VCT verification failed: ${ensureError(e).message}`,
+              e
             );
           }
         }
@@ -431,10 +439,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
       if (!integrity) return;
       const arrayBuffer = yield response.arrayBuffer();
       const alg = integrity.split("-")[0];
-      const hashBuffer = yield this.userConfig.hasher(
-        arrayBuffer,
-        alg
-      );
+      if (!this.userConfig.hasher) {
+        throw new SDJWTException("Hasher not found");
+      }
+      const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
       const integrityHash = integrity.split("-")[1];
       const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
       if (hash !== integrityHash) {
@@ -465,7 +473,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
         yield this.validateIntegrity(response.clone(), url, integrity);
         const data = yield response.json();
         return data;
-      } catch (error) {
+      } catch (e) {
+        const error = ensureError(e);
         if (error.name === "TimeoutError") {
           throw new Error(`Request to ${url} timed out`);
         }
@@ -676,6 +685,9 @@ ${z2.prettifyError(validated.error)}`
             result.payload.status.status_list.uri
           );
           const slJWT = Jwt.fromEncode(statusListJWT);
+          if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
+            throw new SDJWTException("Verifier not found for status list JWT");
+          }
           yield slJWT.verify(
             (_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
             options

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sd-jwt/sd-jwt-vc",
-  "version": "0.19.1-next.5+7e24764",
+  "version": "0.19.1-next.6+2bc47b2",
   "description": "sd-jwt draft 7 implementation in typescript",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -38,14 +38,12 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@sd-jwt/core": "0.19.1-next.5+7e24764",
-    "@sd-jwt/jwt-status-list": "0.19.1-next.5+7e24764",
-    "@sd-jwt/utils": "0.19.1-next.5+7e24764",
+    "@owf/token-status-list": "^0.1.0-alpha-20260312123226",
+    "@sd-jwt/core": "0.19.1-next.6+2bc47b2",
     "zod": "^4.3.5"
   },
   "devDependencies": {
-    "@sd-jwt/crypto-nodejs": "0.19.1-next.5+7e24764",
-    "@sd-jwt/types": "0.19.1-next.5+7e24764",
+    "@owf/crypto": "^0.1.0-alpha-20260312123226",
     "jose": "^6.1.2",
     "msw": "^2.12.3"
   },
@@ -65,5 +63,5 @@
       "esm"
     ]
   },
-  "gitHead": "7e2476423c6f51158d98d3cd3b78fa53166e8e81"
+  "gitHead": "2bc47b207fc23ea7ef340d81fac91e84c13ad58b"
 }

package/src/sd-jwt-vc-config.ts

@@ -1,4 +1,4 @@
-import type { SDJWTConfig, Verifier } from '@sd-jwt/types';
+import type { SDJWTConfig, Verifier } from '@sd-jwt/core';
 import type { VCTFetcher } from './sd-jwt-vc-vct';
 
 export type StatusListFetcher = (uri: string) => Promise<string>;

package/src/sd-jwt-vc-instance.ts

@@ -1,19 +1,21 @@
-import { Jwt, SDJwt, SDJwtInstance, type VerifierOptions } from '@sd-jwt/core';
 import {
   getListFromStatusListJWT,
   SLException,
   type StatusListJWTHeaderParameters,
   type StatusListJWTPayload,
-} from '@sd-jwt/jwt-status-list';
-import type {
-  DisclosureFrame,
-  Hasher,
-  SafeVerifyResult,
-  VerificationError,
-  VerificationErrorCode,
-  Verifier,
-} from '@sd-jwt/types';
-import { SDJWTException } from '@sd-jwt/utils';
+} from '@owf/token-status-list';
+import {
+  type DisclosureFrame,
+  ensureError,
+  Jwt,
+  type SafeVerifyResult,
+  SDJWTException,
+  SDJwt,
+  SDJwtInstance,
+  type VerificationError,
+  type VerificationErrorCode,
+  type VerifierOptions,
+} from '@sd-jwt/core';
 import z from 'zod';
 import type {
   SDJWTVCConfig,
@@ -60,9 +62,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     ) {
       const reservedNames = ['iss', 'nbf', 'exp', 'cnf', 'vct', 'status'];
       // check if there is any reserved names in the disclosureFrame._sd array
-      const reservedNamesInDisclosureFrame = (
-        disclosureFrame._sd as string[]
-      ).filter((key) => reservedNames.includes(key));
+      const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) =>
+        reservedNames.includes(String(key)),
+      );
       if (reservedNamesInDisclosureFrame.length > 0) {
         throw new SDJWTException('Cannot disclose protected field');
       }
@@ -203,8 +205,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     if (result) {
       try {
         await this.verifyStatus(result, options);
-      } catch (error) {
-        const errorMessage = (error as Error).message;
+      } catch (e) {
+        const error = ensureError(e);
+        const errorMessage = error.message;
         if (errorMessage.includes('Status is not valid')) {
           addError('STATUS_INVALID', errorMessage, error);
         } else {
@@ -223,11 +226,11 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
           if (result) {
             result.typeMetadata = resolvedTypeMetadata;
           }
-        } catch (error) {
+        } catch (e) {
           addError(
             'VCT_VERIFICATION_FAILED',
-            `VCT verification failed: ${(error as Error).message}`,
-            error,
+            `VCT verification failed: ${ensureError(e).message}`,
+            e,
           );
         }
       }
@@ -302,10 +305,10 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     const arrayBuffer = await response.arrayBuffer();
     const alg = integrity.split('-')[0];
     //TODO: error handling when a hasher is passed that is not supporting the required algorithm according to the spec
-    const hashBuffer = await (this.userConfig.hasher as Hasher)(
-      arrayBuffer,
-      alg,
-    );
+    if (!this.userConfig.hasher) {
+      throw new SDJWTException('Hasher not found');
+    }
+    const hashBuffer = await this.userConfig.hasher(arrayBuffer, alg);
     const integrityHash = integrity.split('-')[1];
     const hash = Array.from(new Uint8Array(hashBuffer))
       .map((byte) => byte.toString(16).padStart(2, '0'))
@@ -340,8 +343,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
       const data = await response.json();
 
       return data;
-    } catch (error) {
-      if ((error as Error).name === 'TimeoutError') {
+    } catch (e) {
+      const error = ensureError(e);
+      if (error.name === 'TimeoutError') {
         throw new Error(`Request to ${url} timed out`);
       }
       throw error;
@@ -638,10 +642,12 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
           StatusListJWTPayload
         >(statusListJWT);
         // check if the status list has a valid signature. The presence of the verifier is checked in the parent class.
+        if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
+          throw new SDJWTException('Verifier not found for status list JWT');
+        }
         await slJWT
           .verify(
-            this.userConfig.statusVerifier ??
-              (this.userConfig.verifier as Verifier),
+            this.userConfig.statusVerifier ?? this.userConfig.verifier,
             options,
           )
           .catch((err: SLException) => {

package/src/test/index.spec.ts

@@ -1,16 +1,16 @@
 import Crypto from 'node:crypto';
-import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
+import { hasher as digest, generateSalt } from '@owf/crypto';
 import {
   createHeaderAndPayload,
   StatusList,
   type StatusListJWTHeaderParameters,
-} from '@sd-jwt/jwt-status-list';
+} from '@owf/token-status-list';
 import type {
   DisclosureFrame,
   JwtPayload,
   Signer,
   Verifier,
-} from '@sd-jwt/types';
+} from '@sd-jwt/core';
 import { SignJWT } from 'jose';
 import { describe, expect, test } from 'vitest';
 import { SDJwtVcInstance } from '..';

package/src/test/vct.spec.ts

@@ -1,7 +1,7 @@
 import Crypto from 'node:crypto';
 import { afterEach } from 'node:test';
-import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
-import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/types';
+import { hasher as digest, generateSalt } from '@owf/crypto';
+import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/core';
 import { HttpResponse, http } from 'msw';
 import { setupServer } from 'msw/node';
 import { afterAll, beforeAll, describe, expect, test, vitest } from 'vitest';

package/src/verification-result.ts

@@ -1,4 +1,4 @@
-import type { kbHeader, kbPayload } from '@sd-jwt/types';
+import type { kbHeader, kbPayload } from '@sd-jwt/core';
 import type { SdJwtVcPayload } from './sd-jwt-vc-payload';
 import type { ResolvedTypeMetadata } from './sd-jwt-vc-type-metadata-format';
 

package/test/app-e2e.spec.ts

@@ -1,13 +1,13 @@
 import Crypto from 'node:crypto';
 import fs from 'node:fs';
 import path from 'node:path';
-import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
+import { hasher as digest, generateSalt } from '@owf/crypto';
 import type {
   DisclosureFrame,
   PresentationFrame,
   Signer,
   Verifier,
-} from '@sd-jwt/types';
+} from '@sd-jwt/core';
 import { describe, expect, test } from 'vitest';
 import { SDJwtVcInstance } from '../src/index';
 

package/CHANGELOG.md

@@ -1,282 +0,0 @@
-# Change Log
-
-All notable changes to this project will be documented in this file.
-See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
-
-# [0.19.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.1...v0.19.0) (2026-01-23)
-
-
-### Bug Fixes
-
-* missing/updated fields in type metadata ([#359](https://github.com/openwallet-foundation/sd-jwt-js/issues/359)) ([d230a8d](https://github.com/openwallet-foundation/sd-jwt-js/commit/d230a8df2899b342b98a1d72eb606fb31de41924))
-
-
-### Features
-
-* update to locale ([#358](https://github.com/openwallet-foundation/sd-jwt-js/issues/358)) ([114389e](https://github.com/openwallet-foundation/sd-jwt-js/commit/114389ef8e02b4b40d4e16585a4eea0bdb0732bc))
-
-
-
-
-
-## [0.18.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.0...v0.18.1) (2026-01-14)
-
-
-### Bug Fixes
-
-* keep custom properties on type metadata ([#357](https://github.com/openwallet-foundation/sd-jwt-js/issues/357)) ([2b1f0ba](https://github.com/openwallet-foundation/sd-jwt-js/commit/2b1f0badd7fcc4096e12c38dae227f0ed9d30ec3))
-
-
-
-
-
-# [0.18.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.1...v0.18.0) (2026-01-11)
-
-
-### Bug Fixes
-
-* integrity check ([#339](https://github.com/openwallet-foundation/sd-jwt-js/issues/339)) ([4a4c1b0](https://github.com/openwallet-foundation/sd-jwt-js/commit/4a4c1b0c04615bcf0e455d51cd1b9234cbcd0d78))
-
-
-### Features
-
-* allow undefined type metadata to be returned by resolver ([#338](https://github.com/openwallet-foundation/sd-jwt-js/issues/338)) ([213de7e](https://github.com/openwallet-foundation/sd-jwt-js/commit/213de7e85b9820ca638ba3362fe4deee808e236e))
-* validate sd jwt vc type metadata with zod ([#348](https://github.com/openwallet-foundation/sd-jwt-js/issues/348)) ([23e4beb](https://github.com/openwallet-foundation/sd-jwt-js/commit/23e4beb767451ef975709d01e471285da00f55e9))
-
-
-
-
-
-## [0.17.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.0...v0.17.1) (2025-11-18)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-# [0.17.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.16.0...v0.17.0) (2025-10-23)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-# [0.16.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.1...v0.16.0) (2025-10-07)
-
-
-### Bug Fixes
-
-* change repo url from labs to other one ([#323](https://github.com/openwallet-foundation/sd-jwt-js/issues/323)) ([f68c847](https://github.com/openwallet-foundation/sd-jwt-js/commit/f68c8476c2f04bb9d53acd4059b59caf271df015))
-* set correct url in package json ([#321](https://github.com/openwallet-foundation/sd-jwt-js/issues/321)) ([554152c](https://github.com/openwallet-foundation/sd-jwt-js/commit/554152cc819bbc3afb504b25f4a2018a92fb72f1))
-
-
-### Features
-
-* Adding validation during issuance when a schema is passed ([#308](https://github.com/openwallet-foundation/sd-jwt-js/issues/308)) ([90eef6b](https://github.com/openwallet-foundation/sd-jwt-js/commit/90eef6be1c0838d334ecdef083dbb609c3812357))
-* updates all dependencies to latest versions + biome updates ([#324](https://github.com/openwallet-foundation/sd-jwt-js/issues/324)) ([75d5780](https://github.com/openwallet-foundation/sd-jwt-js/commit/75d5780fb53c5e2c886537b283503fc6fb088a4a))
-
-
-
-
-
-## [0.15.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.0...v0.15.1) (2025-08-28)
-
-
-### Bug Fixes
-
-* make iss claim optional in SD-JWT VC payload ([#310](https://github.com/openwallet-foundation/sd-jwt-js/issues/310)) ([f6275e3](https://github.com/openwallet-foundation/sd-jwt-js/commit/f6275e35e66777709321328ba50fec53e5f48c7b))
-
-
-
-
-
-# [0.15.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.1...v0.15.0) (2025-08-20)
-
-
-### Features
-
-* Allows to pass a custom function for the status list JWT validation ([#306](https://github.com/openwallet-foundation/sd-jwt-js/issues/306)) ([25e546e](https://github.com/openwallet-foundation/sd-jwt-js/commit/25e546e1536178f8ee41b0e1b3836656fd6f48ab))
-
-
-
-
-
-## [0.14.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.0...v0.14.1) (2025-08-02)
-
-
-### Bug Fixes
-
-* claim type ([#300](https://github.com/openwallet-foundation/sd-jwt-js/issues/300)) ([3bab5ea](https://github.com/openwallet-foundation/sd-jwt-js/commit/3bab5eae69b6ef872209ca00b5593f96b541bc03))
-
-
-
-
-
-# [0.14.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.13.0...v0.14.0) (2025-06-30)
-
-
-### Features
-
-* Add Verifier options ([#297](https://github.com/openwallet-foundation/sd-jwt-js/issues/297)) ([2a6a367](https://github.com/openwallet-foundation/sd-jwt-js/commit/2a6a3674f94742f48feaf660056226b1a54145e7))
-
-
-
-
-
-# [0.13.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.12.0...v0.13.0) (2025-06-25)
-
-
-### Features
-
-* fetch VCT Metadata from SD JWT header ([#288](https://github.com/openwallet-foundation/sd-jwt-js/issues/288)) ([#294](https://github.com/openwallet-foundation/sd-jwt-js/issues/294)) ([f89ba44](https://github.com/openwallet-foundation/sd-jwt-js/commit/f89ba445aeb57ce342ec76b58a0eb6d0c090a4e9))
-
-
-
-
-
-# [0.12.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.11.0...v0.12.0) (2025-06-21)
-
-
-### Bug Fixes
-
-* expose types ([#290](https://github.com/openwallet-foundation/sd-jwt-js/issues/290)) ([1b656ac](https://github.com/openwallet-foundation/sd-jwt-js/commit/1b656ac21796b715096feae439de6b48442244a9))
-
-
-### Features
-
-* add missing types ([#286](https://github.com/openwallet-foundation/sd-jwt-js/issues/286)) ([506b876](https://github.com/openwallet-foundation/sd-jwt-js/commit/506b8769ac8e0082ad30544338eace2d0df34294))
-
-
-
-
-
-# [0.11.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.10.0...v0.11.0) (2025-06-17)
-
-
-### Features
-
-* SD JWT Instances VCT Metadata get separated from verify ([#285](https://github.com/openwallet-foundation/sd-jwt-js/issues/285)) ([bc91fd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/bc91fd71f7d721298ad5c08d4379bc870903f65f))
-
-
-
-
-
-# [0.10.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.2...v0.10.0) (2025-03-24)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-## [0.9.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.1...v0.9.2) (2025-01-29)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-## [0.9.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.0...v0.9.1) (2024-12-13)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-# [0.9.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.8.0...v0.9.0) (2024-12-10)
-
-
-### Features
-
-* align type metadata fetching with sd-jwt-vc draft 08 ([#260](https://github.com/openwallet-foundation/sd-jwt-js/issues/260)) ([2358c75](https://github.com/openwallet-foundation/sd-jwt-js/commit/2358c759887ee29b4c35a3ee0e93ebd8e8c26545))
-
-
-
-
-
-# [0.8.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.2...v0.8.0) (2024-11-26)
-
-
-### Bug Fixes
-
-* check if the header includes the string ([#244](https://github.com/openwallet-foundation/sd-jwt-js/issues/244)) ([8a48bb5](https://github.com/openwallet-foundation/sd-jwt-js/commit/8a48bb57fcf9bbad349f349b0aa1ffd997c86bb2))
-
-
-### Features
-
-* align media type with sd-jwt-vc draft 06 ([#256](https://github.com/openwallet-foundation/sd-jwt-js/issues/256)) ([1aa3aea](https://github.com/openwallet-foundation/sd-jwt-js/commit/1aa3aea86213e75328975e34d9bf71410fc7a12a))
-
-
-
-
-
-## [0.7.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.1...v0.7.2) (2024-07-19)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-## [0.7.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.0...v0.7.1) (2024-05-21)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-# [0.7.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.1...v0.7.0) (2024-05-13)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-## [0.6.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.0...v0.6.1) (2024-03-18)
-
-
-### Bug Fixes
-
-* **sd-jwt-vc:** improve alignment with draft-03 ([#175](https://github.com/openwallet-foundation/sd-jwt-js/issues/175)) ([bcd7d6e](https://github.com/openwallet-foundation/sd-jwt-js/commit/bcd7d6e40fff938d06425d69297274400ab9e8a6))
-
-
-
-
-
-# [0.6.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.5.0...v0.6.0) (2024-03-12)
-
-**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
-
-
-
-
-
-# [0.5.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.4.0...v0.5.0) (2024-03-11)
-
-
-### Features
-
-* make _digest value public in disclosure ([#151](https://github.com/openwallet-foundation/sd-jwt-js/issues/151)) ([7a3fbd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/7a3fbd7db19b6501978340c972b171743d287285))
-
-
-
-
-
-# 0.4.0 (2024-03-08)
-
-
-### Bug Fixes
-
-* change SDJwtPayload to SdJwtPayload ([9f06ef7](https://github.com/openwallet-foundation/sd-jwt-js/commit/9f06ef7bd31a1dff4e9bf988e425200a5e1aa82d))
-* make sdjwt instance non abstract ([#122](https://github.com/openwallet-foundation/sd-jwt-js/issues/122)) ([e85aae8](https://github.com/openwallet-foundation/sd-jwt-js/commit/e85aae89910f5d9468e29ef14ef3b3d3215b86fd))
-
-
-### Features
-
-* add new package for sd-jwt-vc ([ed99188](https://github.com/openwallet-foundation/sd-jwt-js/commit/ed99188f13184d58db64b4211e39fb67f3f78cb5))