@smartledger/bsv 3.3.5 → 3.4.1

package/build/webpack.anchor.config.js

@@ -0,0 +1,17 @@
+const path = require('path')
+
+module.exports = {
+  entry: './anchor-entry.js',
+  mode: 'production',
+  optimization: {
+    minimize: true
+  },
+  output: {
+    path: path.resolve(__dirname, '../'),
+    filename: 'bsv-anchor.min.js',
+    library: 'bsvAnchor',
+    libraryTarget: 'umd',
+    globalObject: 'this'
+  },
+  target: 'web'
+}

package/build/webpack.didweb.config.js

@@ -0,0 +1,17 @@
+const path = require('path')
+
+module.exports = {
+  entry: './didweb-entry.js',
+  mode: 'production',
+  optimization: {
+    minimize: true
+  },
+  output: {
+    path: path.resolve(__dirname, '../'),
+    filename: 'bsv-didweb.min.js',
+    library: 'bsvDIDWeb',
+    libraryTarget: 'umd',
+    globalObject: 'this'
+  },
+  target: 'web'
+}

package/build/webpack.statuslist.config.js

@@ -0,0 +1,17 @@
+const path = require('path')
+
+module.exports = {
+  entry: './statuslist-entry.js',
+  mode: 'production',
+  optimization: {
+    minimize: true
+  },
+  output: {
+    path: path.resolve(__dirname, '../'),
+    filename: 'bsv-statuslist.min.js',
+    library: 'bsvStatusList',
+    libraryTarget: 'umd',
+    globalObject: 'this'
+  },
+  target: 'web'
+}

package/build/webpack.vcjwt.config.js

@@ -0,0 +1,17 @@
+const path = require('path')
+
+module.exports = {
+  entry: './vcjwt-entry.js',
+  mode: 'production',
+  optimization: {
+    minimize: true
+  },
+  output: {
+    path: path.resolve(__dirname, '../'),
+    filename: 'bsv-vcjwt.min.js',
+    library: 'bsvVcJwt',
+    libraryTarget: 'umd',
+    globalObject: 'this'
+  },
+  target: 'web'
+}

package/demos/browser-test.html

@@ -182,7 +182,7 @@
     </div>
 
     <!-- Load SmartLedger-BSV from CDN -->
-    <script src="https://unpkg.com/smartledger-bsv@3.3.4/bsv.bundle.js"></script>
+    <script src="https://unpkg.com/smartledger-bsv@3.3.5/bsv.bundle.js"></script>
     
     <script>
         let bsv;

package/didweb-entry.js

@@ -0,0 +1 @@
+module.exports = require('./lib/didweb')

package/docs/technical/roadmap.md

@@ -606,11 +606,11 @@ Provides hardened Bitcoin SV primitives + SmartLedger security modules.
 
 - **GitHub Repository** - https://github.com/codenlighten/smartledger-bsv🔒 *“Verified cryptographic fabric + transaction interpreter.”*
 
-- **Developer Documentation** - https://docs.smartledger.io
+- **Developer Documentation** - https://docs.smartledger.technology
 
 - **Community Discord** - https://discord.gg/smartledger---
 
-- **Standards Working Group** - https://standards.smartledger.io
+- **Standards Working Group** - https://standards.smartledger.technology
 
 ## 2️⃣ Identity Layer: GDAF (Global Digital Attestation Framework)
 
@@ -903,7 +903,7 @@ SmartLedger-BSV/
 
 ### 🔹 **Minified CDN Build**
 
-`https://cdn.smartledger.io/smartledger-bsv.min.js`
+`https://cdn.smartledger.technology/smartledger-bsv.min.js`
 Provides browser-side access to the same hardened primitives used in Node:
 
 ```js

package/examples/legacy/README.md

@@ -0,0 +1,11 @@
+# Legacy sanity scripts
+
+Pre-mocha standalone scripts kept here for historical reference. They are not
+part of the test suite (no `describe`/`it`). Run with:
+
+```bash
+node examples/legacy/<file>.js
+```
+
+`smart_contract_test_integration.js` was previously in `lib/smart_contract/`
+but is an integration script (calls `process.exit`), not library code.

package/index.js

@@ -119,7 +119,9 @@ try {
 try {
   bsv.BrowserUTXOManager = require('./lib/browser-utxo-manager-es5')
 } catch (e) {
-  // BrowserUTXOManager not available
+  if (typeof window === 'undefined') {
+    console.warn('[bsv] BrowserUTXOManager failed to load:', e.message)
+  }
 }
 
 // Node.js specific tools (advanced development tools)
@@ -136,6 +138,42 @@ if (typeof window === 'undefined' && typeof require === 'function') {
 // Global Digital Attestation Framework (GDAF)
 bsv.GDAF = require('./lib/gdaf')
 
+// DID:web Module (W3C standards-based DIDs)
+try {
+  bsv.DIDWeb = require('./lib/didweb')
+} catch (e) {
+  if (typeof window === 'undefined') {
+    console.warn('[bsv] DIDWeb module failed to load:', e.message)
+  }
+}
+
+// VC-JWT Module (W3C Verifiable Credentials)
+try {
+  bsv.VcJwt = require('./lib/vcjwt')
+} catch (e) {
+  if (typeof window === 'undefined') {
+    console.warn('[bsv] VcJwt module failed to load:', e.message)
+  }
+}
+
+// StatusList2021 Module (Credential revocation)
+try {
+  bsv.StatusList = require('./lib/statuslist')
+} catch (e) {
+  if (typeof window === 'undefined') {
+    console.warn('[bsv] StatusList module failed to load:', e.message)
+  }
+}
+
+// Anchor Module (BSV hash anchoring)
+try {
+  bsv.Anchor = require('./lib/anchor')
+} catch (e) {
+  if (typeof window === 'undefined') {
+    console.warn('[bsv] Anchor module failed to load:', e.message)
+  }
+}
+
 // GDAF Direct Access Methods (for easier developer experience)
 bsv.createDID = function(publicKey) {
   var gdaf = new bsv.GDAF()

package/lib/anchor/index.js

@@ -0,0 +1,102 @@
+'use strict'
+
+/**
+ * BSV Anchor Module
+ * Hash anchoring helpers for on-chain evidence (no PII)
+ */
+
+var crypto = require('crypto')
+
+// SHA-256 hex hash
+function sha256Hex(data) {
+  var buffer
+  if (typeof data === 'string') {
+    buffer = Buffer.from(data, 'utf8')
+  } else if (Buffer.isBuffer(data)) {
+    buffer = data
+  } else if (data instanceof Uint8Array) {
+    buffer = Buffer.from(data)
+  } else {
+    throw new Error('Data must be string, Buffer, or Uint8Array')
+  }
+  
+  return crypto.createHash('sha256').update(buffer).digest('hex')
+}
+
+// Build anchor payload for OP_RETURN
+function buildAnchorPayload(params) {
+  if (!params.kind || !params.hash || !params.issuerDid) {
+    throw new Error('kind, hash, and issuerDid are required')
+  }
+
+  var validKinds = ['VC_ANCHOR_SHA256', 'STATUSLIST_SHA256', 'PRESENTATION_SHA256']
+  if (validKinds.indexOf(params.kind) === -1) {
+    throw new Error('Invalid kind. Must be one of: ' + validKinds.join(', '))
+  }
+
+  // Validate hash format (64 hex characters)
+  if (!/^[a-fA-F0-9]{64}$/.test(params.hash)) {
+    throw new Error('Invalid hash format. Must be 64 hex characters')
+  }
+
+  var payload = {
+    protocol: 'SmartLedger',
+    version: '1.0',
+    type: params.kind,
+    hash: params.hash,
+    issuer: params.issuerDid,
+    timestamp: params.issuedAt || new Date().toISOString()
+  }
+
+  return {
+    json: JSON.stringify(payload)
+  }
+}
+
+// Verify anchor hash against original data
+function verifyAnchorHash(originalData, anchorHash) {
+  var computed = sha256Hex(originalData)
+  return computed === anchorHash
+}
+
+// Extract anchor info from OP_RETURN data
+function parseAnchorPayload(opReturnData) {
+  try {
+    var parsed = JSON.parse(opReturnData)
+    
+    if (parsed.protocol !== 'SmartLedger') {
+      return { valid: false, error: 'Invalid protocol' }
+    }
+
+    var validTypes = ['VC_ANCHOR_SHA256', 'STATUSLIST_SHA256', 'PRESENTATION_SHA256']
+    if (validTypes.indexOf(parsed.type) === -1) {
+      return { valid: false, error: 'Invalid anchor type' }
+    }
+
+    if (!/^[a-fA-F0-9]{64}$/.test(parsed.hash)) {
+      return { valid: false, error: 'Invalid hash format' }
+    }
+
+    return {
+      valid: true,
+      protocol: parsed.protocol,
+      version: parsed.version,
+      type: parsed.type,
+      hash: parsed.hash,
+      issuer: parsed.issuer,
+      timestamp: parsed.timestamp
+    }
+  } catch (error) {
+    return {
+      valid: false,
+      error: 'Failed to parse anchor payload: ' + error.message
+    }
+  }
+}
+
+module.exports = {
+  sha256Hex: sha256Hex,
+  buildAnchorPayload: buildAnchorPayload,
+  verifyAnchorHash: verifyAnchorHash,
+  parseAnchorPayload: parseAnchorPayload
+}

package/lib/browser-utxo-manager-es5.js

@@ -5,6 +5,13 @@
  * Lightweight UTXO management for browser environments with configurable storage
  */
 
+// Set window.BSV_DEBUG = true (browser) or BSV_DEBUG=1 (Node) to enable info logs.
+var debug = function () {
+  var enabled = (typeof process !== 'undefined' && process.env && process.env.BSV_DEBUG) ||
+                (typeof window !== 'undefined' && window.BSV_DEBUG)
+  if (enabled) console.log.apply(console, arguments)
+}
+
 var STORAGE_TYPES = {
   MEMORY: 'memory',
   SESSION: 'session',
@@ -75,7 +82,7 @@ BrowserUTXOManager.prototype.loadFromStorage = function() {
       this.metadata = parsed.metadata
     }
 
-    console.log('✅ BrowserUTXOManager: Loaded ' + this.utxos.size + ' UTXOs from ' + this.options.storage + ' storage')
+    debug('✅ BrowserUTXOManager: Loaded ' + this.utxos.size + ' UTXOs from ' + this.options.storage + ' storage')
   } catch (e) {
     console.error('Failed to load UTXOs from storage:', e)
   }
@@ -96,7 +103,7 @@ BrowserUTXOManager.prototype.saveToStorage = function() {
     }
 
     storage.setItem(this.options.storageKey, JSON.stringify(data))
-    console.log('💾 BrowserUTXOManager: Saved ' + this.utxos.size + ' UTXOs to ' + this.options.storage + ' storage')
+    debug('💾 BrowserUTXOManager: Saved ' + this.utxos.size + ' UTXOs to ' + this.options.storage + ' storage')
   } catch (e) {
     console.error('Failed to save UTXOs to storage:', e)
   }
@@ -110,7 +117,7 @@ BrowserUTXOManager.prototype.addUTXO = function(utxo) {
   var key = utxo.txid + ':' + utxo.vout
 
   if (this.utxos.has(key)) {
-    console.log('⚠️ UTXO already exists: ' + key)
+    debug('⚠️ UTXO already exists: ' + key)
     return false
   }
 
@@ -298,7 +305,7 @@ BrowserUTXOManager.prototype.importData = function(jsonData, merge) {
       })
     }
 
-    console.log('✅ BrowserUTXOManager: Imported ' + (data.utxos && data.utxos.length || 0) + ' UTXOs')
+    debug('✅ BrowserUTXOManager: Imported ' + (data.utxos && data.utxos.length || 0) + ' UTXOs')
     return true
   } catch (e) {
     console.error('Failed to import UTXO data:', e)

package/lib/browser-utxo-manager.js

@@ -5,6 +5,13 @@
  * Lightweight UTXO management for browser environments with configurable storage
  */
 
+// Set window.BSV_DEBUG = true (browser) or BSV_DEBUG=1 (Node) to enable info logs.
+var debug = function () {
+  var enabled = (typeof process !== 'undefined' && process.env && process.env.BSV_DEBUG) ||
+                (typeof window !== 'undefined' && window.BSV_DEBUG)
+  if (enabled) console.log.apply(console, arguments)
+}
+
 /**
  * Storage types available for browser UTXO management
  */
@@ -127,7 +134,7 @@ function BrowserUTXOManager(options) {
       }
 
       this._updateMetadata()
-      console.log(`✅ BrowserUTXOManager: Loaded ${this.utxos.size} UTXOs from ${this.options.storage} storage`)
+      debug(`✅ BrowserUTXOManager: Loaded ${this.utxos.size} UTXOs from ${this.options.storage} storage`)
 
     } catch (error) {
       console.error('BrowserUTXOManager: Error loading from storage:', error.message)
@@ -163,7 +170,7 @@ function BrowserUTXOManager(options) {
       })
 
       storage.setItem(this.options.storageKey, JSON.stringify(data))
-      console.log(`💾 BrowserUTXOManager: Saved ${this.utxos.size} UTXOs to ${this.options.storage} storage`)
+      debug(`💾 BrowserUTXOManager: Saved ${this.utxos.size} UTXOs to ${this.options.storage} storage`)
 
     } catch (error) {
       console.error('BrowserUTXOManager: Error saving to storage:', error.message)
@@ -186,7 +193,7 @@ function BrowserUTXOManager(options) {
 
       // Check if already exists
       if (this.utxos.has(key)) {
-        console.log(`⚠️ UTXO already exists: ${key}`)
+        debug(`⚠️ UTXO already exists: ${key}`)
         return false
       }
 
@@ -217,7 +224,7 @@ function BrowserUTXOManager(options) {
         this.saveToStorage()
       }
 
-      console.log(`✅ UTXO added: ${key} (${utxo.satoshis} sats)`)
+      debug(`✅ UTXO added: ${key} (${utxo.satoshis} sats)`)
       return true
 
     } catch (error) {
@@ -305,7 +312,7 @@ function BrowserUTXOManager(options) {
           }
         }
 
-        console.log(`❌ UTXO spent: ${key} in ${spentUTXO.spentInTx}`)
+        debug(`❌ UTXO spent: ${key} in ${spentUTXO.spentInTx}`)
       })
 
       this._updateMetadata()
@@ -446,11 +453,11 @@ function BrowserUTXOManager(options) {
       const storage = this._getStorage()
       if (storage) {
         storage.removeItem(this.options.storageKey)
-        console.log(`🔄 Cleared ${this.options.storage} storage`)
+        debug(`🔄 Cleared ${this.options.storage} storage`)
       }
     }
 
-    console.log('🔄 BrowserUTXOManager reset complete')
+    debug('🔄 BrowserUTXOManager reset complete')
   }
 
   /**
@@ -513,7 +520,7 @@ function BrowserUTXOManager(options) {
         this.saveToStorage()
       }
 
-      console.log('✅ BrowserUTXOManager: Imported ' + (data.utxos && data.utxos.length || 0) + ' UTXOs')
+      debug('✅ BrowserUTXOManager: Imported ' + (data.utxos && data.utxos.length || 0) + ' UTXOs')
       return true
 
     } catch (error) {

package/lib/didweb/index.js

@@ -0,0 +1,177 @@
+'use strict'
+
+/**
+ * DID:web Module
+ * Legally-recognizable DID (did:web) generation and management
+ * Supports ES256 (P-256) and ES256K (secp256k1) keys
+ */
+
+var crypto = require('crypto')
+
+// Generate issuer keys (ES256 or ES256K)
+async function generateIssuerKeys(opts) {
+  opts = opts || {}
+  var alg = opts.alg || 'ES256'
+  var kid = opts.kid || 'key-' + Date.now()
+
+  if (alg !== 'ES256' && alg !== 'ES256K') {
+    throw new Error('Invalid algorithm. Must be ES256 or ES256K')
+  }
+
+  var keyPair
+  if (alg === 'ES256') {
+    // P-256 (NIST curve)
+    keyPair = crypto.generateKeyPairSync('ec', {
+      namedCurve: 'P-256',
+      publicKeyEncoding: { type: 'spki', format: 'pem' },
+      privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
+    })
+  } else {
+    // secp256k1
+    keyPair = crypto.generateKeyPairSync('ec', {
+      namedCurve: 'secp256k1',
+      publicKeyEncoding: { type: 'spki', format: 'pem' },
+      privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
+    })
+  }
+
+  // Convert to JWK format
+  var publicJwk = crypto.createPublicKey(keyPair.publicKey).export({ format: 'jwk' })
+  var privateJwk = crypto.createPrivateKey(keyPair.privateKey).export({ format: 'jwk' })
+
+  // Add required JWK fields
+  publicJwk.kid = kid
+  publicJwk.alg = alg
+  publicJwk.use = 'sig'
+  publicJwk.kty = 'EC'
+  
+  privateJwk.kid = kid
+  privateJwk.alg = alg
+  privateJwk.use = 'sig'
+  privateJwk.kty = 'EC'
+
+  return {
+    privateJwk: privateJwk,
+    publicJwk: publicJwk,
+    kid: kid,
+    alg: alg
+  }
+}
+
+// Build did:web documents (did.json and jwks.json)
+function buildDidWebDocuments(params) {
+  if (!params.domain) {
+    throw new Error('domain is required')
+  }
+
+  var domain = params.domain
+  var did = 'did:web:' + domain.replace(/:/g, '%3A')
+  
+  var verificationMethods = []
+  var publicKeys = []
+
+  // Add P-256 key if provided
+  if (params.p256) {
+    var p256Method = {
+      id: did + '#' + params.p256.kid,
+      type: 'JsonWebKey2020',
+      controller: did,
+      publicKeyJwk: params.p256.jwk
+    }
+    verificationMethods.push(p256Method)
+    publicKeys.push(params.p256.jwk)
+  }
+
+  // Add secp256k1 key if provided
+  if (params.k1) {
+    var k1Method = {
+      id: did + '#' + params.k1.kid,
+      type: 'JsonWebKey2020',
+      controller: did,
+      publicKeyJwk: params.k1.jwk
+    }
+    verificationMethods.push(k1Method)
+    publicKeys.push(params.k1.jwk)
+  }
+
+  if (verificationMethods.length === 0) {
+    throw new Error('At least one key (p256 or k1) must be provided')
+  }
+
+  // Build DID Document
+  var didDocument = {
+    '@context': [
+      'https://www.w3.org/ns/did/v1',
+      'https://w3id.org/security/suites/jws-2020/v1'
+    ],
+    id: did,
+    verificationMethod: verificationMethods,
+    authentication: verificationMethods.map(function(vm) { return vm.id }),
+    assertionMethod: verificationMethods.map(function(vm) { return vm.id })
+  }
+
+  if (params.controllerName) {
+    didDocument.controller = params.controllerName
+  }
+
+  // Build JWKS
+  var jwks = {
+    keys: publicKeys
+  }
+
+  return {
+    did: did,
+    didDocument: didDocument,
+    jwks: jwks
+  }
+}
+
+// Rotate issuer key
+function rotateIssuerKey(params) {
+  if (!params.domain || !params.newKey) {
+    throw new Error('domain and newKey are required')
+  }
+
+  var domain = params.domain
+  var did = 'did:web:' + domain.replace(/:/g, '%3A')
+  var keepOldForDays = params.keepOldForDays || 30
+
+  // Create verification method for new key
+  var newMethod = {
+    id: did + '#' + params.newKey.kid,
+    type: 'JsonWebKey2020',
+    controller: did,
+    publicKeyJwk: params.newKey.jwk
+  }
+
+  // Build updated DID Document with new key as primary
+  var didDocument = {
+    '@context': [
+      'https://www.w3.org/ns/did/v1',
+      'https://w3id.org/security/suites/jws-2020/v1'
+    ],
+    id: did,
+    verificationMethod: [newMethod],
+    authentication: [newMethod.id],
+    assertionMethod: [newMethod.id],
+    rotationInfo: {
+      rotatedAt: new Date().toISOString(),
+      gracePeriodDays: keepOldForDays
+    }
+  }
+
+  var jwks = {
+    keys: [params.newKey.jwk]
+  }
+
+  return {
+    didDocument: didDocument,
+    jwks: jwks
+  }
+}
+
+module.exports = {
+  generateIssuerKeys: generateIssuerKeys,
+  buildDidWebDocuments: buildDidWebDocuments,
+  rotateIssuerKey: rotateIssuerKey
+}

package/lib/ltp/claim.js

@@ -691,6 +691,7 @@ var ClaimValidator = {
    * @private
    */
   _generateBatchId: function() {
+    // Non-security: identifier collision avoidance only
     var data = 'batch_' + Date.now() + '_' + Math.random()
     return Hash.sha256(Buffer.from(data)).toString('hex').substring(0, 16)
   },

package/lib/ltp/obligation.js

@@ -929,6 +929,7 @@ var ObligationToken = {
    * @private
    */
   _generateUUID: function() {
+    // Non-security: identifier collision avoidance only (not RFC 4122 v4 random)
     return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
       var r = Math.random() * 16 | 0
       var v = c === 'x' ? r : (r & 0x3 | 0x8)

package/lib/ltp/registry.js

@@ -552,6 +552,7 @@ var LTPRegistry = {
    * @private
    */
   _generateRegistryId: function() {
+    // Non-security: identifier collision avoidance only
     var data = 'reg_' + Date.now() + '_' + Math.random()
     return 'reg_' + Hash.sha256(Buffer.from(data)).toString('hex').substring(0, 16)
   },
@@ -685,6 +686,7 @@ var LTPRegistry = {
    * @private
    */
   _generateAuditId: function() {
+    // Non-security: identifier collision avoidance only
     var data = 'audit_' + Date.now() + '_' + Math.random()
     return 'audit_' + Hash.sha256(Buffer.from(data)).toString('hex').substring(0, 12)
   },

package/lib/ltp/right.js

@@ -752,6 +752,7 @@ var RightToken = {
    * @private
    */
   _generateUUID: function() {
+    // Non-security: identifier collision avoidance only (not RFC 4122 v4 random)
     return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
       var r = Math.random() * 16 | 0
       var v = c === 'x' ? r : (r & 0x3 | 0x8)