@solidus-network/sdk 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chain/bbs.d.ts +128 -0
- package/dist/chain/bbs.d.ts.map +1 -0
- package/dist/chain/bbs.js +142 -0
- package/dist/chain/bbs.js.map +1 -0
- package/dist/chain/credentials.js +6 -6
- package/dist/chain/credentials.js.map +1 -1
- package/dist/chain/did.d.ts +52 -0
- package/dist/chain/did.d.ts.map +1 -1
- package/dist/chain/did.js +91 -2
- package/dist/chain/did.js.map +1 -1
- package/dist/chain/index.d.ts.map +1 -1
- package/dist/chain/index.js +2 -0
- package/dist/chain/index.js.map +1 -1
- package/dist/index.d.ts +38 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -1
- package/dist/sdjwt/index.d.ts +4 -0
- package/dist/sdjwt/index.d.ts.map +1 -0
- package/dist/sdjwt/index.js +5 -0
- package/dist/sdjwt/index.js.map +1 -0
- package/dist/sdjwt/issue.d.ts +12 -0
- package/dist/sdjwt/issue.d.ts.map +1 -0
- package/dist/sdjwt/issue.js +78 -0
- package/dist/sdjwt/issue.js.map +1 -0
- package/dist/sdjwt/signer.d.ts +43 -0
- package/dist/sdjwt/signer.d.ts.map +1 -0
- package/dist/sdjwt/signer.js +92 -0
- package/dist/sdjwt/signer.js.map +1 -0
- package/dist/sdjwt/types.d.ts +90 -0
- package/dist/sdjwt/types.d.ts.map +1 -0
- package/dist/sdjwt/types.js +12 -0
- package/dist/sdjwt/types.js.map +1 -0
- package/dist/sdjwt/verify.d.ts +10 -0
- package/dist/sdjwt/verify.d.ts.map +1 -0
- package/dist/sdjwt/verify.js +52 -0
- package/dist/sdjwt/verify.js.map +1 -0
- package/dist/stub/credentials.js +3 -3
- package/dist/stub/credentials.js.map +1 -1
- package/package.json +7 -5
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Chain-backed BBS+ methods.
|
|
3
|
+
*
|
|
4
|
+
* Wraps the chain's BBS+ JSON-RPC surface and the `CredentialIssueBbs`
|
|
5
|
+
* transaction. Verification is delegated to the chain (`solidus_bbsVerifyProof`
|
|
6
|
+
* and `solidus_bbsVerifyCredentialProof`) which runs the IRTF
|
|
7
|
+
* `draft-irtf-cfrg-bbs-signatures` ProofVerify routine via zkryptium.
|
|
8
|
+
*
|
|
9
|
+
* Client-side proof generation lives in a separate `@solidus-network/bbs`
|
|
10
|
+
* package (still in design) so this SDK does not require WASM.
|
|
11
|
+
*/
|
|
12
|
+
import type { RpcClient } from './rpc.js';
|
|
13
|
+
import type { ChainConfig } from './index.js';
|
|
14
|
+
import { bytesToHex } from './transaction.js';
|
|
15
|
+
/**
|
|
16
|
+
* One disclosed message in a BBS+ proof. `index` is the zero-based position
|
|
17
|
+
* in the original signed vector. `message` is hex-encoded bytes.
|
|
18
|
+
*/
|
|
19
|
+
export interface BbsDisclosedMessage {
|
|
20
|
+
index: number;
|
|
21
|
+
message: string;
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Result of verifying a BBS+ proof against an on-chain credential.
|
|
25
|
+
*
|
|
26
|
+
* - `proofValid` is the cryptographic verdict (true iff the proof was generated
|
|
27
|
+
* from a signature over the disclosed messages by the recorded BBS pubkey).
|
|
28
|
+
* - `valid` combines `proofValid` with revocation: `true` iff the proof is
|
|
29
|
+
* cryptographically valid AND the credential is not revoked.
|
|
30
|
+
* - `isBbs` is `false` for unknown credentials and for credentials issued via
|
|
31
|
+
* the legacy (Ed25519/opaque-hash) `CredentialIssue` path.
|
|
32
|
+
*/
|
|
33
|
+
export interface BbsCredentialProofResult {
|
|
34
|
+
valid: boolean;
|
|
35
|
+
proofValid: boolean;
|
|
36
|
+
isBbs: boolean;
|
|
37
|
+
revoked: boolean;
|
|
38
|
+
credential: BbsCredentialRecord | null;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* On-chain credential record with optional BBS+ metadata.
|
|
42
|
+
*/
|
|
43
|
+
export interface BbsCredentialRecord {
|
|
44
|
+
id: string;
|
|
45
|
+
issuer_did: string;
|
|
46
|
+
subject_did: string;
|
|
47
|
+
credential_type: string;
|
|
48
|
+
hash: string;
|
|
49
|
+
issued_ms: number;
|
|
50
|
+
revoked: boolean;
|
|
51
|
+
revoked_ms: number | null;
|
|
52
|
+
bbs_pubkey?: string | null;
|
|
53
|
+
bbs_message_count?: number | null;
|
|
54
|
+
}
|
|
55
|
+
interface RpcReceipt {
|
|
56
|
+
tx_hash: string;
|
|
57
|
+
status: string;
|
|
58
|
+
block_height: number;
|
|
59
|
+
fee_paid: number;
|
|
60
|
+
events: Array<{
|
|
61
|
+
type: string;
|
|
62
|
+
credentialId?: string;
|
|
63
|
+
[key: string]: unknown;
|
|
64
|
+
}>;
|
|
65
|
+
}
|
|
66
|
+
export declare function createChainBbs(rpc: RpcClient, config: ChainConfig): {
|
|
67
|
+
/**
|
|
68
|
+
* Issue a BBS+ credential by submitting a `CredentialIssueBbs` transaction.
|
|
69
|
+
*
|
|
70
|
+
* The caller must have already produced a BBS+ signature off-chain over
|
|
71
|
+
* the message vector and committed to a 96-byte BLS12-381 G2 public key.
|
|
72
|
+
* Only the public key, message count, and a BLAKE3 hash of the off-chain
|
|
73
|
+
* payload are recorded on-chain.
|
|
74
|
+
*
|
|
75
|
+
* @returns the transaction hash and the on-chain credential id.
|
|
76
|
+
*/
|
|
77
|
+
issueCredential(params: {
|
|
78
|
+
issuerPrivateKey: string;
|
|
79
|
+
subjectDid: string;
|
|
80
|
+
credentialType: string;
|
|
81
|
+
payloadHash: Uint8Array;
|
|
82
|
+
bbsPubkey: Uint8Array;
|
|
83
|
+
bbsMessageCount: number;
|
|
84
|
+
}): Promise<{
|
|
85
|
+
txHash: string;
|
|
86
|
+
credentialId: string;
|
|
87
|
+
receipt: RpcReceipt;
|
|
88
|
+
}>;
|
|
89
|
+
/**
|
|
90
|
+
* Verify a BBS+ selective-disclosure proof statelessly. Delegates to
|
|
91
|
+
* `solidus_bbsVerifyProof` so the cryptographic check runs on the chain
|
|
92
|
+
* node (zkryptium) — no client-side BBS library required.
|
|
93
|
+
*/
|
|
94
|
+
verifyProof(params: {
|
|
95
|
+
proofHex: string;
|
|
96
|
+
pubkeyHex: string;
|
|
97
|
+
headerHex?: string;
|
|
98
|
+
phHex?: string;
|
|
99
|
+
disclosedMessages: BbsDisclosedMessage[];
|
|
100
|
+
totalMessageCount: number;
|
|
101
|
+
}): Promise<boolean>;
|
|
102
|
+
/**
|
|
103
|
+
* Verify a BBS+ proof against an on-chain credential record. The chain
|
|
104
|
+
* looks up the credential by `credentialId`, pulls `bbs_pubkey` and
|
|
105
|
+
* `bbs_message_count` from chain state, and runs the proof check.
|
|
106
|
+
*
|
|
107
|
+
* Combines proof validity with revocation status: `valid === true` iff
|
|
108
|
+
* the proof is cryptographically valid AND the credential is not revoked.
|
|
109
|
+
*/
|
|
110
|
+
verifyCredentialProof(params: {
|
|
111
|
+
credentialId: string;
|
|
112
|
+
proofHex: string;
|
|
113
|
+
headerHex?: string;
|
|
114
|
+
phHex?: string;
|
|
115
|
+
disclosedMessages: BbsDisclosedMessage[];
|
|
116
|
+
}): Promise<BbsCredentialProofResult>;
|
|
117
|
+
};
|
|
118
|
+
/**
|
|
119
|
+
* Convenience helper: convert raw bytes to hex.
|
|
120
|
+
*/
|
|
121
|
+
export declare const toHex: typeof bytesToHex;
|
|
122
|
+
/**
|
|
123
|
+
* Convenience helper: encode a UTF-8 string as hex bytes (for use as a
|
|
124
|
+
* disclosed-message field or header/ph value).
|
|
125
|
+
*/
|
|
126
|
+
export declare function utf8ToHex(s: string): string;
|
|
127
|
+
export {};
|
|
128
|
+
//# sourceMappingURL=bbs.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bbs.d.ts","sourceRoot":"","sources":["../../src/chain/bbs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAC7C,OAAO,EAAuC,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAIlF;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAA;IACb,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,OAAO,CAAA;IACd,UAAU,EAAE,OAAO,CAAA;IACnB,KAAK,EAAE,OAAO,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,mBAAmB,GAAG,IAAI,CAAA;CACvC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,iBAAiB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAClC;AAED,UAAU,UAAU;IAClB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,CAAA;CAC/E;AAqCD,wBAAgB,cAAc,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW;IAE9D;;;;;;;;;OASG;4BAC2B;QAC5B,gBAAgB,EAAE,MAAM,CAAA;QACxB,UAAU,EAAE,MAAM,CAAA;QAClB,cAAc,EAAE,MAAM,CAAA;QACtB,WAAW,EAAE,UAAU,CAAA;QACvB,SAAS,EAAE,UAAU,CAAA;QACrB,eAAe,EAAE,MAAM,CAAA;KACxB,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,UAAU,CAAA;KAAE,CAAC;IA4C1E;;;;OAIG;wBACuB;QACxB,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,EAAE,MAAM,CAAA;QACjB,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,iBAAiB,EAAE,mBAAmB,EAAE,CAAA;QACxC,iBAAiB,EAAE,MAAM,CAAA;KAC1B,GAAG,OAAO,CAAC,OAAO,CAAC;IAYpB;;;;;;;OAOG;kCACiC;QAClC,YAAY,EAAE,MAAM,CAAA;QACpB,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,KAAK,CAAC,EAAE,MAAM,CAAA;QACd,iBAAiB,EAAE,mBAAmB,EAAE,CAAA;KACzC,GAAG,OAAO,CAAC,wBAAwB,CAAC;EAqCxC;AAID;;GAEG;AACH,eAAO,MAAM,KAAK,mBAAa,CAAA;AAE/B;;;GAGG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAE3C"}
|
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
import { buildTransaction, getAddressFromKey, bytesToHex } from './transaction.js';
|
|
2
|
+
// ---------- helpers ----------
|
|
3
|
+
async function pollReceipt(rpc, txHash) {
|
|
4
|
+
const maxAttempts = 20;
|
|
5
|
+
for (let i = 0; i < maxAttempts; i++) {
|
|
6
|
+
const receipt = await rpc.call('solidus_getReceipt', [txHash]);
|
|
7
|
+
if (receipt)
|
|
8
|
+
return receipt;
|
|
9
|
+
await new Promise((resolve) => setTimeout(resolve, 500));
|
|
10
|
+
}
|
|
11
|
+
throw new Error(`Transaction ${txHash} not confirmed after 10 seconds`);
|
|
12
|
+
}
|
|
13
|
+
function validateDisclosed(disclosed, totalMessageCount) {
|
|
14
|
+
const seen = new Set();
|
|
15
|
+
for (const dm of disclosed) {
|
|
16
|
+
if (!Number.isInteger(dm.index) || dm.index < 0) {
|
|
17
|
+
throw new Error(`disclosed index must be a non-negative integer, got ${dm.index}`);
|
|
18
|
+
}
|
|
19
|
+
if (dm.index >= totalMessageCount) {
|
|
20
|
+
throw new Error(`disclosed index ${dm.index} >= totalMessageCount ${totalMessageCount}`);
|
|
21
|
+
}
|
|
22
|
+
if (seen.has(dm.index)) {
|
|
23
|
+
throw new Error(`duplicate disclosed index ${dm.index}`);
|
|
24
|
+
}
|
|
25
|
+
seen.add(dm.index);
|
|
26
|
+
if (!/^[0-9a-f]*$/i.test(dm.message) || dm.message.length % 2 !== 0) {
|
|
27
|
+
throw new Error(`disclosed message at index ${dm.index} is not valid hex`);
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
// ---------- factory ----------
|
|
32
|
+
export function createChainBbs(rpc, config) {
|
|
33
|
+
return {
|
|
34
|
+
/**
|
|
35
|
+
* Issue a BBS+ credential by submitting a `CredentialIssueBbs` transaction.
|
|
36
|
+
*
|
|
37
|
+
* The caller must have already produced a BBS+ signature off-chain over
|
|
38
|
+
* the message vector and committed to a 96-byte BLS12-381 G2 public key.
|
|
39
|
+
* Only the public key, message count, and a BLAKE3 hash of the off-chain
|
|
40
|
+
* payload are recorded on-chain.
|
|
41
|
+
*
|
|
42
|
+
* @returns the transaction hash and the on-chain credential id.
|
|
43
|
+
*/
|
|
44
|
+
async issueCredential(params) {
|
|
45
|
+
if (params.payloadHash.length !== 32) {
|
|
46
|
+
throw new Error(`payloadHash must be 32 bytes, got ${params.payloadHash.length}`);
|
|
47
|
+
}
|
|
48
|
+
if (params.bbsPubkey.length !== 96) {
|
|
49
|
+
throw new Error(`bbsPubkey must be 96 bytes, got ${params.bbsPubkey.length}`);
|
|
50
|
+
}
|
|
51
|
+
if (!Number.isInteger(params.bbsMessageCount) ||
|
|
52
|
+
params.bbsMessageCount < 1 ||
|
|
53
|
+
params.bbsMessageCount > 64) {
|
|
54
|
+
throw new Error(`bbsMessageCount must be an integer in [1, 64], got ${params.bbsMessageCount}`);
|
|
55
|
+
}
|
|
56
|
+
const address = await getAddressFromKey(params.issuerPrivateKey);
|
|
57
|
+
const nonce = await rpc.call('solidus_getNonce', [address]);
|
|
58
|
+
const payload = {
|
|
59
|
+
CredentialIssueBbs: {
|
|
60
|
+
subject_did: params.subjectDid,
|
|
61
|
+
credential_type: params.credentialType,
|
|
62
|
+
hash: Array.from(params.payloadHash),
|
|
63
|
+
bbs_pubkey: Array.from(params.bbsPubkey),
|
|
64
|
+
bbs_message_count: params.bbsMessageCount,
|
|
65
|
+
},
|
|
66
|
+
};
|
|
67
|
+
const tx = await buildTransaction(params.issuerPrivateKey, nonce, payload);
|
|
68
|
+
const txHash = await rpc.call('solidus_sendTransaction', [JSON.stringify(tx)]);
|
|
69
|
+
const receipt = await pollReceipt(rpc, txHash);
|
|
70
|
+
if (!receipt.status.startsWith('success')) {
|
|
71
|
+
throw new Error(`CredentialIssueBbs failed: ${receipt.status}`);
|
|
72
|
+
}
|
|
73
|
+
const issuedEvent = receipt.events.find((e) => e.type === 'CredentialIssued');
|
|
74
|
+
const credentialId = issuedEvent?.credentialId ??
|
|
75
|
+
`urn:solidus:credential:${txHash}`;
|
|
76
|
+
return { txHash, credentialId, receipt };
|
|
77
|
+
},
|
|
78
|
+
/**
|
|
79
|
+
* Verify a BBS+ selective-disclosure proof statelessly. Delegates to
|
|
80
|
+
* `solidus_bbsVerifyProof` so the cryptographic check runs on the chain
|
|
81
|
+
* node (zkryptium) — no client-side BBS library required.
|
|
82
|
+
*/
|
|
83
|
+
async verifyProof(params) {
|
|
84
|
+
validateDisclosed(params.disclosedMessages, params.totalMessageCount);
|
|
85
|
+
return rpc.call('solidus_bbsVerifyProof', [
|
|
86
|
+
params.proofHex,
|
|
87
|
+
params.pubkeyHex,
|
|
88
|
+
params.headerHex ?? '',
|
|
89
|
+
params.phHex ?? '',
|
|
90
|
+
params.disclosedMessages,
|
|
91
|
+
params.totalMessageCount,
|
|
92
|
+
]);
|
|
93
|
+
},
|
|
94
|
+
/**
|
|
95
|
+
* Verify a BBS+ proof against an on-chain credential record. The chain
|
|
96
|
+
* looks up the credential by `credentialId`, pulls `bbs_pubkey` and
|
|
97
|
+
* `bbs_message_count` from chain state, and runs the proof check.
|
|
98
|
+
*
|
|
99
|
+
* Combines proof validity with revocation status: `valid === true` iff
|
|
100
|
+
* the proof is cryptographically valid AND the credential is not revoked.
|
|
101
|
+
*/
|
|
102
|
+
async verifyCredentialProof(params) {
|
|
103
|
+
// Indices are validated against on-chain message count by the chain;
|
|
104
|
+
// we only validate hex shape here.
|
|
105
|
+
for (const dm of params.disclosedMessages) {
|
|
106
|
+
if (!Number.isInteger(dm.index) || dm.index < 0) {
|
|
107
|
+
throw new Error(`disclosed index must be a non-negative integer, got ${dm.index}`);
|
|
108
|
+
}
|
|
109
|
+
if (!/^[0-9a-f]*$/i.test(dm.message) || dm.message.length % 2 !== 0) {
|
|
110
|
+
throw new Error(`disclosed message at index ${dm.index} is not valid hex`);
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
const result = await rpc.call('solidus_bbsVerifyCredentialProof', [
|
|
114
|
+
params.credentialId,
|
|
115
|
+
params.proofHex,
|
|
116
|
+
params.headerHex ?? '',
|
|
117
|
+
params.phHex ?? '',
|
|
118
|
+
params.disclosedMessages,
|
|
119
|
+
]);
|
|
120
|
+
return {
|
|
121
|
+
valid: result.valid,
|
|
122
|
+
proofValid: result.proof_valid,
|
|
123
|
+
isBbs: result.is_bbs,
|
|
124
|
+
revoked: result.revoked,
|
|
125
|
+
credential: result.credential,
|
|
126
|
+
};
|
|
127
|
+
},
|
|
128
|
+
};
|
|
129
|
+
}
|
|
130
|
+
// ---------- utility re-exports ----------
|
|
131
|
+
/**
|
|
132
|
+
* Convenience helper: convert raw bytes to hex.
|
|
133
|
+
*/
|
|
134
|
+
export const toHex = bytesToHex;
|
|
135
|
+
/**
|
|
136
|
+
* Convenience helper: encode a UTF-8 string as hex bytes (for use as a
|
|
137
|
+
* disclosed-message field or header/ph value).
|
|
138
|
+
*/
|
|
139
|
+
export function utf8ToHex(s) {
|
|
140
|
+
return bytesToHex(new TextEncoder().encode(s));
|
|
141
|
+
}
|
|
142
|
+
//# sourceMappingURL=bbs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bbs.js","sourceRoot":"","sources":["../../src/chain/bbs.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAuDlF,gCAAgC;AAEhC,KAAK,UAAU,WAAW,CAAC,GAAc,EAAE,MAAc;IACvD,MAAM,WAAW,GAAG,EAAE,CAAA;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAAoB,oBAAoB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;QACjF,IAAI,OAAO;YAAE,OAAO,OAAO,CAAA;QAC3B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAA;IAC1D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,iCAAiC,CAAC,CAAA;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAgC,EAAE,iBAAyB;IACpF,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;IAC9B,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,uDAAuD,EAAE,CAAC,KAAK,EAAE,CAAC,CAAA;QACpF,CAAC;QACD,IAAI,EAAE,CAAC,KAAK,IAAI,iBAAiB,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CACb,mBAAmB,EAAE,CAAC,KAAK,yBAAyB,iBAAiB,EAAE,CACxE,CAAA;QACH,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,6BAA6B,EAAE,CAAC,KAAK,EAAE,CAAC,CAAA;QAC1D,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,CAAA;QAClB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACpE,MAAM,IAAI,KAAK,CAAC,8BAA8B,EAAE,CAAC,KAAK,mBAAmB,CAAC,CAAA;QAC5E,CAAC;IACH,CAAC;AACH,CAAC;AAED,gCAAgC;AAEhC,MAAM,UAAU,cAAc,CAAC,GAAc,EAAE,MAAmB;IAChE,OAAO;QACL;;;;;;;;;WASG;QACH,KAAK,CAAC,eAAe,CAAC,MAOrB;YACC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,qCAAqC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAA;YACnF,CAAC;YACD,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAA;YAC/E,CAAC;YACD,IACE,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC;gBACzC,MAAM,CAAC,eAAe,GAAG,CAAC;gBAC1B,MAAM,CAAC,eAAe,GAAG,EAAE,EAC3B,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,sDAAsD,MAAM,CAAC,eAAe,EAAE,CAAC,CAAA;YACjG,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAA;YAChE,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;YAEnE,MAAM,OAAO,GAAG;gBACd,kBAAkB,EAAE;oBAClB,WAAW,EAAE,MAAM,CAAC,UAAU;oBAC9B,eAAe,EAAE,MAAM,CAAC,cAAc;oBACtC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;oBACpC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;oBACxC,iBAAiB,EAAE,MAAM,CAAC,eAAe;iBAC1C;aACF,CAAA;YAED,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAC1E,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAE9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,8BAA8B,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YACjE,CAAC;YAED,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,CAAA;YAC7E,MAAM,YAAY,GACf,WAAW,EAAE,YAAmC;gBACjD,0BAA0B,MAAM,EAAE,CAAA;YAEpC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,CAAA;QAC1C,CAAC;QAED;;;;WAIG;QACH,KAAK,CAAC,WAAW,CAAC,MAOjB;YACC,iBAAiB,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAA;YACrE,OAAO,GAAG,CAAC,IAAI,CAAU,wBAAwB,EAAE;gBACjD,MAAM,CAAC,QAAQ;gBACf,MAAM,CAAC,SAAS;gBAChB,MAAM,CAAC,SAAS,IAAI,EAAE;gBACtB,MAAM,CAAC,KAAK,IAAI,EAAE;gBAClB,MAAM,CAAC,iBAAiB;gBACxB,MAAM,CAAC,iBAAiB;aACzB,CAAC,CAAA;QACJ,CAAC;QAED;;;;;;;WAOG;QACH,KAAK,CAAC,qBAAqB,CAAC,MAM3B;YACC,qEAAqE;YACrE,mCAAmC;YACnC,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC1C,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;oBAChD,MAAM,IAAI,KAAK,CAAC,uDAAuD,EAAE,CAAC,KAAK,EAAE,CAAC,CAAA;gBACpF,CAAC;gBACD,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;oBACpE,MAAM,IAAI,KAAK,CAAC,8BAA8B,EAAE,CAAC,KAAK,mBAAmB,CAAC,CAAA;gBAC5E,CAAC;YACH,CAAC;YAUD,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAY,kCAAkC,EAAE;gBAC3E,MAAM,CAAC,YAAY;gBACnB,MAAM,CAAC,QAAQ;gBACf,MAAM,CAAC,SAAS,IAAI,EAAE;gBACtB,MAAM,CAAC,KAAK,IAAI,EAAE;gBAClB,MAAM,CAAC,iBAAiB;aACzB,CAAC,CAAA;YAEF,OAAO;gBACL,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,UAAU,EAAE,MAAM,CAAC,WAAW;gBAC9B,KAAK,EAAE,MAAM,CAAC,MAAM;gBACpB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAA;QACH,CAAC;KACF,CAAA;AACH,CAAC;AAED,2CAA2C;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,UAAU,CAAA;AAE/B;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,CAAS;IACjC,OAAO,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;AAChD,CAAC"}
|
|
@@ -51,11 +51,11 @@ function hashCredentialPayload(params) {
|
|
|
51
51
|
*/
|
|
52
52
|
function recordToVC(record) {
|
|
53
53
|
return {
|
|
54
|
-
'@context': ['https://www.w3.org/
|
|
54
|
+
'@context': ['https://www.w3.org/ns/credentials/v2'],
|
|
55
55
|
id: record.id,
|
|
56
56
|
type: ['VerifiableCredential', record.credential_type + 'Credential'],
|
|
57
57
|
issuer: record.issuer_did,
|
|
58
|
-
|
|
58
|
+
validFrom: new Date(record.issued_ms).toISOString(),
|
|
59
59
|
credentialSubject: { id: record.subject_did },
|
|
60
60
|
proof: {
|
|
61
61
|
type: 'Ed25519Signature2020',
|
|
@@ -116,16 +116,16 @@ export function createChainCredentials(rpc, config) {
|
|
|
116
116
|
}
|
|
117
117
|
// Fallback: construct the VC from what we know
|
|
118
118
|
const now = new Date();
|
|
119
|
-
const
|
|
119
|
+
const validUntil = params.expiresInDays
|
|
120
120
|
? new Date(now.getTime() + params.expiresInDays * 86_400_000).toISOString()
|
|
121
121
|
: undefined;
|
|
122
122
|
return {
|
|
123
|
-
'@context': ['https://www.w3.org/
|
|
123
|
+
'@context': ['https://www.w3.org/ns/credentials/v2'],
|
|
124
124
|
id: credentialId,
|
|
125
125
|
type: params.type,
|
|
126
126
|
issuer: params.issuerDid,
|
|
127
|
-
|
|
128
|
-
...(
|
|
127
|
+
validFrom: now.toISOString(),
|
|
128
|
+
...(validUntil ? { validUntil } : {}),
|
|
129
129
|
credentialSubject: { id: params.subjectDid, ...params.claims },
|
|
130
130
|
proof: {
|
|
131
131
|
type: 'Ed25519Signature2020',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/chain/credentials.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAc,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC9F,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AA6B7C,gCAAgC;AAEhC;;;GAGG;AACH,SAAS,iBAAiB,CAAC,KAAe;IACxC,0EAA0E;IAC1E,4DAA4D;IAC5D,MAAM,OAAO,GAA2B;QACtC,eAAe,EAAE,OAAO;QACxB,eAAe,EAAE,OAAO;QACxB,mBAAmB,EAAE,OAAO;QAC5B,mBAAmB,EAAE,OAAO;QAC5B,mBAAmB,EAAE,OAAO;QAC5B,aAAa,EAAE,KAAK;QACpB,oBAAoB,EAAE,YAAY;QAClC,kCAAkC;QAClC,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,KAAK;QACV,UAAU,EAAE,YAAY;KACzB,CAAA;IAED,uEAAuE;IACvE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;QACzB,IAAI,MAAM;YAAE,OAAO,MAAM,CAAA;IAC3B,CAAC;IAED,yCAAyC;IACzC,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,MAA6B;IAC1D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;QAC7B,OAAO,EAAE,MAAM,CAAC,UAAU;QAC1B,MAAM,EAAE,MAAM,CAAC,SAAS;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAA;IACF,OAAO,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;AAClD,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,MAA2B;IAC7C,OAAO;QACL,UAAU,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/chain/credentials.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAc,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC9F,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AA6B7C,gCAAgC;AAEhC;;;GAGG;AACH,SAAS,iBAAiB,CAAC,KAAe;IACxC,0EAA0E;IAC1E,4DAA4D;IAC5D,MAAM,OAAO,GAA2B;QACtC,eAAe,EAAE,OAAO;QACxB,eAAe,EAAE,OAAO;QACxB,mBAAmB,EAAE,OAAO;QAC5B,mBAAmB,EAAE,OAAO;QAC5B,mBAAmB,EAAE,OAAO;QAC5B,aAAa,EAAE,KAAK;QACpB,oBAAoB,EAAE,YAAY;QAClC,kCAAkC;QAClC,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,KAAK;QACV,UAAU,EAAE,YAAY;KACzB,CAAA;IAED,uEAAuE;IACvE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;QACzB,IAAI,MAAM;YAAE,OAAO,MAAM,CAAA;IAC3B,CAAC;IAED,yCAAyC;IACzC,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,MAA6B;IAC1D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;QAC7B,OAAO,EAAE,MAAM,CAAC,UAAU;QAC1B,MAAM,EAAE,MAAM,CAAC,SAAS;QACxB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAA;IACF,OAAO,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;AAClD,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,MAA2B;IAC7C,OAAO;QACL,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,IAAI,EAAE,CAAC,sBAAsB,EAAE,MAAM,CAAC,eAAe,GAAG,YAAY,CAAC;QACrE,MAAM,EAAE,MAAM,CAAC,UAAU;QACzB,SAAS,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;QACnD,iBAAiB,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,WAAW,EAAE;QAC7C,KAAK,EAAE;YACL,IAAI,EAAE,sBAAsB;YAC5B,OAAO,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;YACjD,kBAAkB,EAAE,GAAG,MAAM,CAAC,UAAU,QAAQ;YAChD,YAAY,EAAE,iBAAiB;YAC/B,UAAU,EAAE,MAAM,CAAC,IAAI,EAAE,yCAAyC;SACnE;KACF,CAAA;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,WAAW,CAAC,GAAc,EAAE,MAAc;IACvD,MAAM,WAAW,GAAG,EAAE,CAAA;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAAoB,oBAAoB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;QACjF,IAAI,OAAO;YAAE,OAAO,OAAO,CAAA;QAC3B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAA;IAC1D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,iCAAiC,CAAC,CAAA;AACzE,CAAC;AAED,gCAAgC;AAEhC,MAAM,UAAU,sBAAsB,CAAC,GAAc,EAAE,MAAmB;IACxE,OAAO;QACL,KAAK,CAAC,KAAK,CAAC,MAA6B;YACvC,uDAAuD;YACvD,MAAM,SAAS,GAAG,MAAM,CAAC,gBAAgB,CAAA;YACzC,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAClD,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;YAEnE,gDAAgD;YAChD,MAAM,WAAW,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAA;YAEjD,yDAAyD;YACzD,MAAM,OAAO,GAAG;gBACd,eAAe,EAAE;oBACf,WAAW,EAAE,MAAM,CAAC,UAAU;oBAC9B,eAAe,EAAE,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC;oBAC/C,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC;iBAC9B;aACF,CAAA;YAED,6BAA6B;YAC7B,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAE5D,8BAA8B;YAC9B,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YAC9D,CAAC;YAED,wDAAwD;YACxD,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,CAAA;YAC7E,MAAM,YAAY,GAAG,WAAW,EAAE,YAAY,IAAI,0BAA0B,MAAM,EAAE,CAAA;YAEpF,mDAAmD;YACnD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAC5B,8BAA8B,EAC9B,CAAC,MAAM,CAAC,UAAU,CAAC,CACpB,CAAA;YACD,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,CAAA;YAEzD,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,UAAU,CAAC,MAAM,CAAC,CAAA;YAC3B,CAAC;YAED,+CAA+C;YAC/C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;YACtB,MAAM,UAAU,GAAG,MAAM,CAAC,aAAa;gBACrC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE;gBAC3E,CAAC,CAAC,SAAS,CAAA;YAEb,OAAO;gBACL,UAAU,EAAE,CAAC,sCAAsC,CAAC;gBACpD,EAAE,EAAE,YAAY;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,MAAM,EAAE,MAAM,CAAC,SAAS;gBACxB,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;gBAC5B,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrC,iBAAiB,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE;gBAC9D,KAAK,EAAE;oBACL,IAAI,EAAE,sBAAsB;oBAC5B,OAAO,EAAE,GAAG,CAAC,WAAW,EAAE;oBAC1B,kBAAkB,EAAE,GAAG,MAAM,CAAC,SAAS,QAAQ;oBAC/C,YAAY,EAAE,iBAAiB;oBAC/B,UAAU,EAAE,UAAU,CAAC,WAAW,CAAC;iBACpC;aACF,CAAA;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,IAAY;YACvB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAC3B,0BAA0B,EAC1B,CAAC,IAAI,CAAC,CACP,CAAA;YAED,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,sBAAsB;oBAC7B,MAAM,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE;iBAC/D,CAAA;YACH,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,MAAM,EAAE;oBACN,SAAS,EAAE,IAAI,EAAE,gDAAgD;oBACjE,MAAM,EAAE,IAAI,EAAE,0CAA0C;oBACxD,UAAU,EAAE,CAAC,MAAM,CAAC,OAAO;iBAC5B;aACF,CAAA;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,YAAoB,EAAE,SAAiB;YAClD,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAClD,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;YAEnE,MAAM,OAAO,GAAG,EAAE,gBAAgB,EAAE,EAAE,aAAa,EAAE,YAAY,EAAE,EAAE,CAAA;YACrE,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAE5D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,KAAK,CAAC,KAAK,CAAC,UAAkB;YAC5B,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAC5B,8BAA8B,EAC9B,CAAC,UAAU,CAAC,CACb,CAAA;YACD,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC1D,CAAC;KACF,CAAA;AACH,CAAC"}
|
package/dist/chain/did.d.ts
CHANGED
|
@@ -8,9 +8,61 @@
|
|
|
8
8
|
import type { DID, DIDDocument } from '@solidus-network/types';
|
|
9
9
|
import type { RpcClient } from './rpc.js';
|
|
10
10
|
import type { ChainConfig } from './index.js';
|
|
11
|
+
/**
|
|
12
|
+
* W3C DID Resolution result — preserves the deactivated state separately
|
|
13
|
+
* from the document. Mirrors the shape defined in
|
|
14
|
+
* https://www.w3.org/TR/did-resolution/#did-resolution-result.
|
|
15
|
+
*/
|
|
16
|
+
export interface DIDResolutionResult {
|
|
17
|
+
didDocument: DIDDocument | null;
|
|
18
|
+
didDocumentMetadata: {
|
|
19
|
+
deactivated?: boolean;
|
|
20
|
+
created?: string;
|
|
21
|
+
updated?: string;
|
|
22
|
+
/** W3C DID Resolution §3.1.1 — opaque content-hash version identifier
|
|
23
|
+
* for the resolved document. Omitted if the chain returned no
|
|
24
|
+
* version (pre-2026-05-09 record). `nextVersionId` and
|
|
25
|
+
* `previousVersionId` are intentionally never populated: Solidus
|
|
26
|
+
* has no historical resolution. */
|
|
27
|
+
versionId?: string;
|
|
28
|
+
};
|
|
29
|
+
didResolutionMetadata: {
|
|
30
|
+
contentType: 'application/did+json';
|
|
31
|
+
error?: 'notFound' | 'invalidDid';
|
|
32
|
+
};
|
|
33
|
+
}
|
|
11
34
|
export declare function createChainDid(rpc: RpcClient, config: ChainConfig): {
|
|
12
35
|
create(publicKey: string): Promise<DID>;
|
|
13
36
|
resolve(did: string): Promise<DIDDocument | null>;
|
|
37
|
+
/**
|
|
38
|
+
* Spec-conformant W3C DID Resolution. Returns the full
|
|
39
|
+
* {@link DIDResolutionResult} including `didDocumentMetadata.deactivated`
|
|
40
|
+
* for tombstoned DIDs, instead of folding the deactivated state into
|
|
41
|
+
* a `null` document. Use this when interoperating with W3C DID Core
|
|
42
|
+
* tooling that distinguishes "not found" from "deactivated".
|
|
43
|
+
*
|
|
44
|
+
* @see https://www.w3.org/TR/did-resolution/#did-resolution-result
|
|
45
|
+
*/
|
|
46
|
+
resolveWithMetadata(did: string): Promise<DIDResolutionResult>;
|
|
14
47
|
deactivate(did: string, signerKey: string): Promise<void>;
|
|
48
|
+
/**
|
|
49
|
+
* Reassign a DID's controller to a different DID (W3C DID Core
|
|
50
|
+
* controller hand-off, gap 6 of the did:solidus method spec).
|
|
51
|
+
*
|
|
52
|
+
* After this call lands on chain, the new controller — and only the
|
|
53
|
+
* new controller — may submit subsequent `DidUpdate` /
|
|
54
|
+
* `DidDeactivate` transactions for `did`. The original signer's keys
|
|
55
|
+
* lose authority. The chain rejects no-op handovers (new controller
|
|
56
|
+
* equals current), reassignments to DIDs that don't exist on chain,
|
|
57
|
+
* and reassignments to deactivated DIDs.
|
|
58
|
+
*
|
|
59
|
+
* Wraps `DidUpdate { patches: [{ SetController: newController }] }`.
|
|
60
|
+
*
|
|
61
|
+
* @param did The DID whose controller is being reassigned.
|
|
62
|
+
* @param newController The DID to hand authority over to.
|
|
63
|
+
* @param signerKey Hex-encoded Ed25519 private key of the
|
|
64
|
+
* current controller.
|
|
65
|
+
*/
|
|
66
|
+
setController(did: string, newController: string, signerKey: string): Promise<void>;
|
|
15
67
|
};
|
|
16
68
|
//# sourceMappingURL=did.d.ts.map
|
package/dist/chain/did.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"did.d.ts","sourceRoot":"","sources":["../../src/chain/did.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EAAE,GAAG,EAAE,WAAW,EAAsB,MAAM,gBAAgB,CAAA;AAC1E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"did.d.ts","sourceRoot":"","sources":["../../src/chain/did.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EAAE,GAAG,EAAE,WAAW,EAAsB,MAAM,gBAAgB,CAAA;AAC1E,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACzC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AA4C7C;;;;GAIG;AACH,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,WAAW,GAAG,IAAI,CAAA;IAC/B,mBAAmB,EAAE;QACnB,WAAW,CAAC,EAAE,OAAO,CAAA;QACrB,OAAO,CAAC,EAAE,MAAM,CAAA;QAChB,OAAO,CAAC,EAAE,MAAM,CAAA;QAChB;;;;4CAIoC;QACpC,SAAS,CAAC,EAAE,MAAM,CAAA;KACnB,CAAA;IACD,qBAAqB,EAAE;QACrB,WAAW,EAAE,sBAAsB,CAAA;QACnC,KAAK,CAAC,EAAE,UAAU,GAAG,YAAY,CAAA;KAClC,CAAA;CACF;AA4ED,wBAAgB,cAAc,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW;sBAEtC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;iBA8C1B,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAUvD;;;;;;;;OAQG;6BAC4B,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;oBA+B9C,MAAM,aAAa,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe/D;;;;;;;;;;;;;;;;;OAiBG;uBAEI,MAAM,iBACI,MAAM,aACV,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;EAmBnB"}
|
package/dist/chain/did.js
CHANGED
|
@@ -32,6 +32,16 @@ function mapToW3CDIDDocument(doc) {
|
|
|
32
32
|
controller: vm.controller,
|
|
33
33
|
publicKeyMultibase: 'z' + bs58.encode(hexToBytes(vm.publicKeyHex)),
|
|
34
34
|
}));
|
|
35
|
+
// Use chain-stored relationship arrays when present; for legacy
|
|
36
|
+
// documents (chain version < 2026-05-09) fall back to mirroring
|
|
37
|
+
// `authentication` for `assertionMethod`/`capabilityInvocation`/
|
|
38
|
+
// `capabilityDelegation` (the conservative W3C interpretation that
|
|
39
|
+
// matches how `build_did_document` populates these defaults today).
|
|
40
|
+
const authentication = doc.authentication;
|
|
41
|
+
const assertionMethod = doc.assertion_method ?? doc.authentication;
|
|
42
|
+
const capabilityInvocation = doc.capability_invocation ?? doc.authentication;
|
|
43
|
+
const capabilityDelegation = doc.capability_delegation ?? doc.authentication;
|
|
44
|
+
const keyAgreement = doc.key_agreement ?? [];
|
|
35
45
|
return {
|
|
36
46
|
'@context': [
|
|
37
47
|
'https://www.w3.org/ns/did/v1',
|
|
@@ -40,8 +50,11 @@ function mapToW3CDIDDocument(doc) {
|
|
|
40
50
|
id: doc.id,
|
|
41
51
|
controller: doc.controller,
|
|
42
52
|
verificationMethod,
|
|
43
|
-
authentication
|
|
44
|
-
assertionMethod
|
|
53
|
+
authentication,
|
|
54
|
+
assertionMethod,
|
|
55
|
+
keyAgreement,
|
|
56
|
+
capabilityInvocation,
|
|
57
|
+
capabilityDelegation,
|
|
45
58
|
created: new Date(doc.created_ms).toISOString(),
|
|
46
59
|
updated: new Date(doc.updated_ms).toISOString(),
|
|
47
60
|
};
|
|
@@ -87,6 +100,9 @@ export function createChainDid(rpc, config) {
|
|
|
87
100
|
};
|
|
88
101
|
},
|
|
89
102
|
async resolve(did) {
|
|
103
|
+
// BACKWARD COMPAT: returns null for deactivated DIDs. Use
|
|
104
|
+
// resolveWithMetadata() for spec-conformant resolution that
|
|
105
|
+
// distinguishes "not found" from "deactivated".
|
|
90
106
|
const doc = await rpc.call('solidus_didResolve', [did]);
|
|
91
107
|
if (!doc)
|
|
92
108
|
return null;
|
|
@@ -94,6 +110,45 @@ export function createChainDid(rpc, config) {
|
|
|
94
110
|
return null;
|
|
95
111
|
return mapToW3CDIDDocument(doc);
|
|
96
112
|
},
|
|
113
|
+
/**
|
|
114
|
+
* Spec-conformant W3C DID Resolution. Returns the full
|
|
115
|
+
* {@link DIDResolutionResult} including `didDocumentMetadata.deactivated`
|
|
116
|
+
* for tombstoned DIDs, instead of folding the deactivated state into
|
|
117
|
+
* a `null` document. Use this when interoperating with W3C DID Core
|
|
118
|
+
* tooling that distinguishes "not found" from "deactivated".
|
|
119
|
+
*
|
|
120
|
+
* @see https://www.w3.org/TR/did-resolution/#did-resolution-result
|
|
121
|
+
*/
|
|
122
|
+
async resolveWithMetadata(did) {
|
|
123
|
+
const doc = await rpc.call('solidus_didResolve', [did]);
|
|
124
|
+
if (!doc) {
|
|
125
|
+
return {
|
|
126
|
+
didDocument: null,
|
|
127
|
+
didDocumentMetadata: {},
|
|
128
|
+
didResolutionMetadata: {
|
|
129
|
+
contentType: 'application/did+json',
|
|
130
|
+
error: 'notFound',
|
|
131
|
+
},
|
|
132
|
+
};
|
|
133
|
+
}
|
|
134
|
+
const didDocument = mapToW3CDIDDocument(doc);
|
|
135
|
+
// Only surface versionId when the chain returned a non-empty value;
|
|
136
|
+
// empty string indicates a pre-2026-05-09 legacy record where the
|
|
137
|
+
// metadata is not yet available.
|
|
138
|
+
const versionId = doc.version_id && doc.version_id.length > 0 ? doc.version_id : undefined;
|
|
139
|
+
return {
|
|
140
|
+
didDocument,
|
|
141
|
+
didDocumentMetadata: {
|
|
142
|
+
deactivated: !doc.active,
|
|
143
|
+
created: new Date(doc.created_ms).toISOString(),
|
|
144
|
+
updated: new Date(doc.updated_ms).toISOString(),
|
|
145
|
+
...(versionId !== undefined ? { versionId } : {}),
|
|
146
|
+
},
|
|
147
|
+
didResolutionMetadata: {
|
|
148
|
+
contentType: 'application/did+json',
|
|
149
|
+
},
|
|
150
|
+
};
|
|
151
|
+
},
|
|
97
152
|
async deactivate(did, signerKey) {
|
|
98
153
|
// Derive address from the provided signing key
|
|
99
154
|
const address = await getAddressFromKey(signerKey);
|
|
@@ -106,6 +161,40 @@ export function createChainDid(rpc, config) {
|
|
|
106
161
|
throw new Error(`DidDeactivate failed: ${receipt.status}`);
|
|
107
162
|
}
|
|
108
163
|
},
|
|
164
|
+
/**
|
|
165
|
+
* Reassign a DID's controller to a different DID (W3C DID Core
|
|
166
|
+
* controller hand-off, gap 6 of the did:solidus method spec).
|
|
167
|
+
*
|
|
168
|
+
* After this call lands on chain, the new controller — and only the
|
|
169
|
+
* new controller — may submit subsequent `DidUpdate` /
|
|
170
|
+
* `DidDeactivate` transactions for `did`. The original signer's keys
|
|
171
|
+
* lose authority. The chain rejects no-op handovers (new controller
|
|
172
|
+
* equals current), reassignments to DIDs that don't exist on chain,
|
|
173
|
+
* and reassignments to deactivated DIDs.
|
|
174
|
+
*
|
|
175
|
+
* Wraps `DidUpdate { patches: [{ SetController: newController }] }`.
|
|
176
|
+
*
|
|
177
|
+
* @param did The DID whose controller is being reassigned.
|
|
178
|
+
* @param newController The DID to hand authority over to.
|
|
179
|
+
* @param signerKey Hex-encoded Ed25519 private key of the
|
|
180
|
+
* current controller.
|
|
181
|
+
*/
|
|
182
|
+
async setController(did, newController, signerKey) {
|
|
183
|
+
const address = await getAddressFromKey(signerKey);
|
|
184
|
+
const nonce = await rpc.call('solidus_getNonce', [address]);
|
|
185
|
+
const payload = {
|
|
186
|
+
DidUpdate: {
|
|
187
|
+
did,
|
|
188
|
+
patches: [{ SetController: newController }],
|
|
189
|
+
},
|
|
190
|
+
};
|
|
191
|
+
const tx = await buildTransaction(signerKey, nonce, payload);
|
|
192
|
+
const txHash = await rpc.call('solidus_sendTransaction', [JSON.stringify(tx)]);
|
|
193
|
+
const receipt = await pollReceipt(rpc, txHash);
|
|
194
|
+
if (!receipt.status.startsWith('success')) {
|
|
195
|
+
throw new Error(`SetController failed: ${receipt.status}`);
|
|
196
|
+
}
|
|
197
|
+
},
|
|
109
198
|
};
|
|
110
199
|
}
|
|
111
200
|
//# sourceMappingURL=did.js.map
|
package/dist/chain/did.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"did.js","sourceRoot":"","sources":["../../src/chain/did.ts"],"names":[],"mappings":"AAUA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,oBAAoB,EACpB,UAAU,EACV,UAAU,GAEX,MAAM,kBAAkB,CAAA;AAEzB,OAAO,IAAI,MAAM,MAAM,CAAA;
|
|
1
|
+
{"version":3,"file":"did.js","sourceRoot":"","sources":["../../src/chain/did.ts"],"names":[],"mappings":"AAUA,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,oBAAoB,EACpB,UAAU,EACV,UAAU,GAEX,MAAM,kBAAkB,CAAA;AAEzB,OAAO,IAAI,MAAM,MAAM,CAAA;AAkEvB,gCAAgC;AAEhC;;;GAGG;AACH,SAAS,cAAc,CAAC,OAAe,EAAE,OAAe;IACtD,OAAO,eAAe,OAAO,IAAI,OAAO,EAAE,CAAA;AAC5C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,WAAW,CAAC,GAAc,EAAE,MAAc;IACvD,MAAM,WAAW,GAAG,EAAE,CAAA,CAAC,mBAAmB;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,CAAoB,oBAAoB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;QACjF,IAAI,OAAO;YAAE,OAAO,OAAO,CAAA;QAC3B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAA;IAC1D,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,iCAAiC,CAAC,CAAA;AACzE,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,GAAmB;IAC9C,MAAM,kBAAkB,GAAyB,GAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACpF,EAAE,EAAE,EAAE,CAAC,EAAE;QACT,IAAI,EAAE,4BAA4B;QAClC,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,kBAAkB,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC;KACnE,CAAC,CAAC,CAAA;IAEH,gEAAgE;IAChE,gEAAgE;IAChE,iEAAiE;IACjE,mEAAmE;IACnE,oEAAoE;IACpE,MAAM,cAAc,GAAG,GAAG,CAAC,cAAc,CAAA;IACzC,MAAM,eAAe,GAAG,GAAG,CAAC,gBAAgB,IAAI,GAAG,CAAC,cAAc,CAAA;IAClE,MAAM,oBAAoB,GAAG,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,cAAc,CAAA;IAC5E,MAAM,oBAAoB,GAAG,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,cAAc,CAAA;IAC5E,MAAM,YAAY,GAAG,GAAG,CAAC,aAAa,IAAI,EAAE,CAAA;IAE5C,OAAO;QACL,UAAU,EAAE;YACV,8BAA8B;YAC9B,kDAAkD;SACnD;QACD,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,UAAU,EAAE,GAAG,CAAC,UAAU;QAC1B,kBAAkB;QAClB,cAAc;QACd,eAAe;QACf,YAAY;QACZ,oBAAoB;QACpB,oBAAoB;QACpB,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;QAC/C,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;KAChD,CAAA;AACH,CAAC;AAED,gCAAgC;AAEhC,MAAM,UAAU,cAAc,CAAC,GAAc,EAAE,MAAmB;IAChE,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,SAAiB;YAC5B,gDAAgD;YAChD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,MAAM,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAA;YAEhG,uBAAuB;YACvB,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,aAAa,CAAC,CAAC,CAAA;YAEzE,6DAA6D;YAC7D,MAAM,OAAO,GAAG;gBACd,SAAS,EAAE;oBACT,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC;oBACjC,iBAAiB,EAAE,EAAE;iBACtB;aACF,CAAA;YAED,gCAAgC;YAChC,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAE1E,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAEtF,sBAAsB;YACtB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,qBAAqB,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YACxD,CAAC;YAED,8DAA8D;YAC9D,2DAA2D;YAC3D,MAAM,WAAW,GAAG,UAAU,CAAC,SAAS,CAAC,CAAA;YACzC,MAAM,UAAU,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAA;YACpD,MAAM,GAAG,GAAG,cAAc,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAEtD,+CAA+C;YAC/C,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,CAAwB,oBAAoB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;YAC9E,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAEpC,OAAO;gBACL,EAAE,EAAE,GAAG;gBACP,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,GAAG;gBAC3D,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,GAAG;gBAC3D,OAAO,EAAE,MAAM,CAAC,OAAO;aACxB,CAAA;QACH,CAAC;QAED,KAAK,CAAC,OAAO,CAAC,GAAW;YACvB,0DAA0D;YAC1D,4DAA4D;YAC5D,gDAAgD;YAChD,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,CAAwB,oBAAoB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;YAC9E,IAAI,CAAC,GAAG;gBAAE,OAAO,IAAI,CAAA;YACrB,IAAI,CAAC,GAAG,CAAC,MAAM;gBAAE,OAAO,IAAI,CAAA;YAC5B,OAAO,mBAAmB,CAAC,GAAG,CAAC,CAAA;QACjC,CAAC;QAED;;;;;;;;WAQG;QACH,KAAK,CAAC,mBAAmB,CAAC,GAAW;YACnC,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,CAAwB,oBAAoB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;YAC9E,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,OAAO;oBACL,WAAW,EAAE,IAAI;oBACjB,mBAAmB,EAAE,EAAE;oBACvB,qBAAqB,EAAE;wBACrB,WAAW,EAAE,sBAAsB;wBACnC,KAAK,EAAE,UAAU;qBAClB;iBACF,CAAA;YACH,CAAC;YACD,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAA;YAC5C,oEAAoE;YACpE,kEAAkE;YAClE,iCAAiC;YACjC,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAA;YAC1F,OAAO;gBACL,WAAW;gBACX,mBAAmB,EAAE;oBACnB,WAAW,EAAE,CAAC,GAAG,CAAC,MAAM;oBACxB,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;oBAC/C,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;oBAC/C,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAClD;gBACD,qBAAqB,EAAE;oBACrB,WAAW,EAAE,sBAAsB;iBACpC;aACF,CAAA;QACH,CAAC;QAED,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,SAAiB;YAC7C,+CAA+C;YAC/C,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAClD,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;YAEnE,MAAM,OAAO,GAAG,EAAE,aAAa,EAAE,EAAE,GAAG,EAAE,EAAE,CAAA;YAC1C,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAE5D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YAC5D,CAAC;QACH,CAAC;QAED;;;;;;;;;;;;;;;;;WAiBG;QACH,KAAK,CAAC,aAAa,CACjB,GAAW,EACX,aAAqB,EACrB,SAAiB;YAEjB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAClD,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,kBAAkB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAA;YAEnE,MAAM,OAAO,GAAG;gBACd,SAAS,EAAE;oBACT,GAAG;oBACH,OAAO,EAAE,CAAC,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC;iBAC5C;aACF,CAAA;YACD,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,CAAA;YAE5D,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAAS,yBAAyB,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;YAC5D,CAAC;QACH,CAAC;KACF,CAAA;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/chain/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/chain/index.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE7C,MAAM,WAAW,WAAW;IAC1B,uDAAuD;IACvD,MAAM,EAAE,MAAM,CAAA;IACd,6EAA6E;IAC7E,gBAAgB,EAAE,MAAM,CAAA;IACxB,gDAAgD;IAChD,OAAO,EAAE,SAAS,GAAG,SAAS,CAAA;IAC9B,6EAA6E;IAC7E,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,WAAW,GAAG,UAAU,CAQjE"}
|
package/dist/chain/index.js
CHANGED
|
@@ -8,12 +8,14 @@ import { RpcClient } from './rpc.js';
|
|
|
8
8
|
import { createChainDid } from './did.js';
|
|
9
9
|
import { createChainCredentials } from './credentials.js';
|
|
10
10
|
import { createChainAuth } from './auth.js';
|
|
11
|
+
import { createChainBbs } from './bbs.js';
|
|
11
12
|
export function createChainClient(config) {
|
|
12
13
|
const rpc = new RpcClient(config.rpcUrl);
|
|
13
14
|
return {
|
|
14
15
|
did: createChainDid(rpc, config),
|
|
15
16
|
credentials: createChainCredentials(rpc, config),
|
|
16
17
|
auth: createChainAuth(rpc, config),
|
|
18
|
+
bbs: createChainBbs(rpc, config),
|
|
17
19
|
};
|
|
18
20
|
}
|
|
19
21
|
//# sourceMappingURL=index.js.map
|
package/dist/chain/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/chain/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/chain/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAA;AAezC,MAAM,UAAU,iBAAiB,CAAC,MAAmB;IACnD,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;IACxC,OAAO;QACL,GAAG,EAAE,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC;QAChC,WAAW,EAAE,sBAAsB,CAAC,GAAG,EAAE,MAAM,CAAC;QAChD,IAAI,EAAE,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC;QAClC,GAAG,EAAE,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC;KACjC,CAAA;AACH,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
import type { DID, DIDDocument, VerifiableCredential, IssueCredentialParams, VerificationResult, AuthResult } from '@solidus-network/types';
|
|
2
|
+
import type { BbsDisclosedMessage, BbsCredentialProofResult } from './chain/bbs.js';
|
|
2
3
|
export type { DID, DIDDocument, VerifiableCredential, IssueCredentialParams, VerificationResult, AuthResult, };
|
|
3
4
|
export { runMigrations, closeConnection } from './stub/db.js';
|
|
4
5
|
export { generateKeypair, decodePublicKey } from './stub/crypto.js';
|
|
5
6
|
export type { ChainConfig } from './chain/index.js';
|
|
7
|
+
export type { BbsDisclosedMessage, BbsCredentialProofResult, BbsCredentialRecord, } from './chain/bbs.js';
|
|
8
|
+
export { utf8ToHex, toHex } from './chain/bbs.js';
|
|
9
|
+
export { issueSdJwtVc, verifySdJwtVc, } from './sdjwt/index.js';
|
|
10
|
+
export type { IssueSdJwtVcParams, IssuedSdJwtVc, VerifySdJwtVcParams, VerificationResult as SdJwtVerificationResult, } from './sdjwt/index.js';
|
|
6
11
|
export interface SolidusSDK {
|
|
7
12
|
did: {
|
|
8
13
|
create(publicKey: string): Promise<DID>;
|
|
@@ -19,6 +24,39 @@ export interface SolidusSDK {
|
|
|
19
24
|
createChallenge(domain: string): Promise<string>;
|
|
20
25
|
verifyPresentation(vp: string, challenge: string, domain: string): Promise<AuthResult>;
|
|
21
26
|
};
|
|
27
|
+
/**
|
|
28
|
+
* BBS+ selective-disclosure operations. Available only in chain mode
|
|
29
|
+
* (testnet/mainnet) — `undefined` in stub mode.
|
|
30
|
+
*/
|
|
31
|
+
bbs?: {
|
|
32
|
+
issueCredential(params: {
|
|
33
|
+
issuerPrivateKey: string;
|
|
34
|
+
subjectDid: string;
|
|
35
|
+
credentialType: string;
|
|
36
|
+
payloadHash: Uint8Array;
|
|
37
|
+
bbsPubkey: Uint8Array;
|
|
38
|
+
bbsMessageCount: number;
|
|
39
|
+
}): Promise<{
|
|
40
|
+
txHash: string;
|
|
41
|
+
credentialId: string;
|
|
42
|
+
receipt: unknown;
|
|
43
|
+
}>;
|
|
44
|
+
verifyProof(params: {
|
|
45
|
+
proofHex: string;
|
|
46
|
+
pubkeyHex: string;
|
|
47
|
+
headerHex?: string;
|
|
48
|
+
phHex?: string;
|
|
49
|
+
disclosedMessages: BbsDisclosedMessage[];
|
|
50
|
+
totalMessageCount: number;
|
|
51
|
+
}): Promise<boolean>;
|
|
52
|
+
verifyCredentialProof(params: {
|
|
53
|
+
credentialId: string;
|
|
54
|
+
proofHex: string;
|
|
55
|
+
headerHex?: string;
|
|
56
|
+
phHex?: string;
|
|
57
|
+
disclosedMessages: BbsDisclosedMessage[];
|
|
58
|
+
}): Promise<BbsCredentialProofResult>;
|
|
59
|
+
};
|
|
22
60
|
}
|
|
23
61
|
export interface SolidusConfig {
|
|
24
62
|
mode: 'stub' | 'testnet' | 'mainnet';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,GAAG,EAAE,WAAW,EAAE,oBAAoB,EACtC,qBAAqB,EAAE,kBAAkB,EAAE,UAAU,EACtD,MAAM,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,GAAG,EAAE,WAAW,EAAE,oBAAoB,EACtC,qBAAqB,EAAE,kBAAkB,EAAE,UAAU,EACtD,MAAM,gBAAgB,CAAA;AAKvB,OAAO,KAAK,EACV,mBAAmB,EACnB,wBAAwB,EAEzB,MAAM,gBAAgB,CAAA;AAEvB,YAAY,EACV,GAAG,EAAE,WAAW,EAAE,oBAAoB,EACtC,qBAAqB,EAAE,kBAAkB,EAAE,UAAU,GACtD,CAAA;AACD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AACnE,YAAY,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AACnD,YAAY,EACV,mBAAmB,EACnB,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAIjD,OAAO,EACL,YAAY,EACZ,aAAa,GACd,MAAM,kBAAkB,CAAA;AACzB,YAAY,EACV,kBAAkB,EAClB,aAAa,EACb,mBAAmB,EACnB,kBAAkB,IAAI,uBAAuB,GAC9C,MAAM,kBAAkB,CAAA;AAEzB,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE;QACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAA;QACvC,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAA;QACjD,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;KAC1D,CAAA;IACD,WAAW,EAAE;QACX,KAAK,CAAC,MAAM,EAAE,qBAAqB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;QACnE,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;QACjD,MAAM,CAAC,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QAC9D,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC,CAAA;KAC3D,CAAA;IACD,IAAI,EAAE;QACJ,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;QAChD,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;KACvF,CAAA;IACD;;;OAGG;IACH,GAAG,CAAC,EAAE;QACJ,eAAe,CAAC,MAAM,EAAE;YACtB,gBAAgB,EAAE,MAAM,CAAA;YACxB,UAAU,EAAE,MAAM,CAAA;YAClB,cAAc,EAAE,MAAM,CAAA;YACtB,WAAW,EAAE,UAAU,CAAA;YACvB,SAAS,EAAE,UAAU,CAAA;YACrB,eAAe,EAAE,MAAM,CAAA;SACxB,GAAG,OAAO,CAAC;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,YAAY,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,OAAO,CAAA;SAAE,CAAC,CAAA;QACvE,WAAW,CAAC,MAAM,EAAE;YAClB,QAAQ,EAAE,MAAM,CAAA;YAChB,SAAS,EAAE,MAAM,CAAA;YACjB,SAAS,CAAC,EAAE,MAAM,CAAA;YAClB,KAAK,CAAC,EAAE,MAAM,CAAA;YACd,iBAAiB,EAAE,mBAAmB,EAAE,CAAA;YACxC,iBAAiB,EAAE,MAAM,CAAA;SAC1B,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;QACpB,qBAAqB,CAAC,MAAM,EAAE;YAC5B,YAAY,EAAE,MAAM,CAAA;YACpB,QAAQ,EAAE,MAAM,CAAA;YAChB,SAAS,CAAC,EAAE,MAAM,CAAA;YAClB,KAAK,CAAC,EAAE,MAAM,CAAA;YACd,iBAAiB,EAAE,mBAAmB,EAAE,CAAA;SACzC,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAA;KACtC,CAAA;CACF;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAA;IACpC,8EAA8E;IAC9E,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,gEAAgE;IAChE,gBAAgB,CAAC,EAAE,MAAM,CAAA;CAC1B;AAkCD,wBAAgB,SAAS,CAAC,MAAM,EAAE,aAAa,GAAG,UAAU,CAiB3D"}
|
package/dist/index.js
CHANGED
|
@@ -5,6 +5,10 @@ import { getSql } from './stub/db.js';
|
|
|
5
5
|
import { createChainClient } from './chain/index.js';
|
|
6
6
|
export { runMigrations, closeConnection } from './stub/db.js';
|
|
7
7
|
export { generateKeypair, decodePublicKey } from './stub/crypto.js';
|
|
8
|
+
export { utf8ToHex, toHex } from './chain/bbs.js';
|
|
9
|
+
// SD-JWT VC (selective-disclosure JWT, VC profile) — required for
|
|
10
|
+
// EUDI Wallet interop. Phase 1: issue + verify on flat subjects.
|
|
11
|
+
export { issueSdJwtVc, verifySdJwtVc, } from './sdjwt/index.js';
|
|
8
12
|
function createStubSdk() {
|
|
9
13
|
return {
|
|
10
14
|
did: {
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAKxC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AACpE,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAChH,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EAAE,iBAAiB,EAAoB,MAAM,kBAAkB,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAKxC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AACpE,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAChH,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AACrC,OAAO,EAAE,iBAAiB,EAAoB,MAAM,kBAAkB,CAAA;AAWtE,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAOnE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAEjD,kEAAkE;AAClE,iEAAiE;AACjE,OAAO,EACL,YAAY,EACZ,aAAa,GACd,MAAM,kBAAkB,CAAA;AA+DzB,SAAS,aAAa;IACpB,OAAO;QACL,GAAG,EAAE;YACH,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,UAAU;YACnB,UAAU,EAAE,aAAa;SAC1B;QACD,WAAW,EAAE;YACX,KAAK,EAAE,gBAAgB;YACvB,MAAM,EAAE,iBAAiB;YACzB,MAAM,EAAE,iBAAiB;YACzB,KAAK,EAAE,gBAAgB;SACxB;QACD,IAAI,EAAE;YACJ,KAAK,CAAC,eAAe,CAAC,MAAc;gBAClC,MAAM,GAAG,GAAG,MAAM,EAAE,CAAA;gBACpB,MAAM,SAAS,GAAG,UAAU,EAAE,CAAA;gBAC9B,MAAM,GAAG,CAAA,2DAA2D,SAAS,KAAK,MAAM,GAAG,CAAA;gBAC3F,OAAO,SAAS,CAAA;YAClB,CAAC;YACD,KAAK,CAAC,kBAAkB,CACtB,GAAW,EACX,UAAkB,EAClB,OAAe;gBAEf,qDAAqD;gBACrD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAA;YACpC,CAAC;SACF;KACF,CAAA;AACH,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAqB;IAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,CAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAgD,IAAI,MAAM,CAAC,CAAA;IAEvH,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS,CAAC;QACf,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,uBAAuB,CAAA;YACzF,MAAM,SAAS,GAAG,MAAM,CAAC,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAA;YACpF,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAA;YAC3F,CAAC;YACD,OAAO,iBAAiB,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;QAClF,CAAC;QACD,KAAK,MAAM,CAAC;QACZ;YACE,OAAO,aAAa,EAAE,CAAA;IAC1B,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sdjwt/index.ts"],"names":[],"mappings":"AAGA,YAAY,EACV,kBAAkB,EAClB,aAAa,EACb,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sdjwt/index.ts"],"names":[],"mappings":"AAAA,qCAAqC;AACrC,6DAA6D;AAS7D,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Issue an SD-JWT VC (Selective-Disclosure JWT, VC profile).
|
|
3
|
+
*
|
|
4
|
+
* Wraps `@sd-jwt/sd-jwt-vc` with Solidus's Ed25519 / EdDSA conventions.
|
|
5
|
+
* The result is the compact-serialised form `<jws>~<d1>~<d2>~`, ready
|
|
6
|
+
* to hand off to a holder. Disclosure values stay attached to the
|
|
7
|
+
* compact form; selective revelation is a holder-side concern (see
|
|
8
|
+
* `present.ts` in a follow-up).
|
|
9
|
+
*/
|
|
10
|
+
import type { IssueSdJwtVcParams, IssuedSdJwtVc } from './types.js';
|
|
11
|
+
export declare function issueSdJwtVc(params: IssueSdJwtVcParams): Promise<IssuedSdJwtVc>;
|
|
12
|
+
//# sourceMappingURL=issue.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"issue.d.ts","sourceRoot":"","sources":["../../src/sdjwt/issue.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAWH,OAAO,KAAK,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAgBnE,wBAAsB,YAAY,CAChC,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,aAAa,CAAC,CAmExB"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Issue an SD-JWT VC (Selective-Disclosure JWT, VC profile).
|
|
3
|
+
*
|
|
4
|
+
* Wraps `@sd-jwt/sd-jwt-vc` with Solidus's Ed25519 / EdDSA conventions.
|
|
5
|
+
* The result is the compact-serialised form `<jws>~<d1>~<d2>~`, ready
|
|
6
|
+
* to hand off to a holder. Disclosure values stay attached to the
|
|
7
|
+
* compact form; selective revelation is a holder-side concern (see
|
|
8
|
+
* `present.ts` in a follow-up).
|
|
9
|
+
*/
|
|
10
|
+
import { SDJwtVcInstance } from '@sd-jwt/sd-jwt-vc';
|
|
11
|
+
import * as ed from '@noble/ed25519';
|
|
12
|
+
import { makeEd25519Signer, sdJwtHasher, sdJwtSaltGenerator, } from './signer.js';
|
|
13
|
+
function buildDisclosureFrame(subject, disclosable) {
|
|
14
|
+
// Only flat top-level subject keys are disclosable in Phase 1.
|
|
15
|
+
// Nested-path disclosure (sd-jwt-js supports it via recursive _sd
|
|
16
|
+
// arrays) is deferred. Default: every key except `id` is disclosable.
|
|
17
|
+
const keys = disclosable ?? Object.keys(subject).filter((k) => k !== 'id');
|
|
18
|
+
// sd-jwt-js types the _sd array as (keyof Payload)[]; we keep the
|
|
19
|
+
// payload generic so the runtime list of strings has to be cast.
|
|
20
|
+
return { _sd: keys };
|
|
21
|
+
}
|
|
22
|
+
export async function issueSdJwtVc(params) {
|
|
23
|
+
if (params.issuerPrivateKey.length !== 32) {
|
|
24
|
+
throw new Error(`issuerPrivateKey must be 32 bytes, got ${params.issuerPrivateKey.length}`);
|
|
25
|
+
}
|
|
26
|
+
// Derive the public key once so the verifier callback can be
|
|
27
|
+
// attached at issuance time (sd-jwt-vc does not strictly need it for
|
|
28
|
+
// issue() but we keep symmetry with the verify path).
|
|
29
|
+
const issuerPublicKey = await ed.getPublicKeyAsync(params.issuerPrivateKey);
|
|
30
|
+
const sdjwt = new SDJwtVcInstance({
|
|
31
|
+
signer: makeEd25519Signer(params.issuerPrivateKey),
|
|
32
|
+
signAlg: 'EdDSA',
|
|
33
|
+
hasher: sdJwtHasher,
|
|
34
|
+
hashAlg: 'sha-256',
|
|
35
|
+
saltGenerator: sdJwtSaltGenerator,
|
|
36
|
+
// We don't load remote vct metadata in Phase 1 — the issuer is
|
|
37
|
+
// authoritative for the type and consumers can fetch metadata
|
|
38
|
+
// out-of-band when Phase 2 adds a metadata endpoint.
|
|
39
|
+
loadTypeMetadataFormat: false,
|
|
40
|
+
});
|
|
41
|
+
const now = Math.floor(Date.now() / 1000);
|
|
42
|
+
const subject = { ...params.subject };
|
|
43
|
+
const subjectId = typeof subject['id'] === 'string' ? subject['id'] : undefined;
|
|
44
|
+
// `id` is not part of the SD-JWT VC payload directly — `sub` carries
|
|
45
|
+
// the holder identifier per spec §3.2.2.2.
|
|
46
|
+
delete subject['id'];
|
|
47
|
+
const payload = {
|
|
48
|
+
iss: params.issuer,
|
|
49
|
+
vct: params.vct,
|
|
50
|
+
iat: now,
|
|
51
|
+
...subject,
|
|
52
|
+
};
|
|
53
|
+
if (subjectId !== undefined)
|
|
54
|
+
payload['sub'] = subjectId;
|
|
55
|
+
if (params.validFrom !== undefined) {
|
|
56
|
+
payload['nbf'] = Math.floor(new Date(params.validFrom).getTime() / 1000);
|
|
57
|
+
}
|
|
58
|
+
if (params.validUntil !== undefined) {
|
|
59
|
+
payload['exp'] = Math.floor(new Date(params.validUntil).getTime() / 1000);
|
|
60
|
+
}
|
|
61
|
+
const disclosureFrame = buildDisclosureFrame(subject, params.disclosable);
|
|
62
|
+
const compact = await sdjwt.issue(payload, disclosureFrame);
|
|
63
|
+
// Quick sanity check that we can derive a count of disclosures from
|
|
64
|
+
// the compact form: split on `~`, drop the leading JWS, and any
|
|
65
|
+
// trailing empty (which is the absent KB-JWT slot in Phase 1).
|
|
66
|
+
const parts = compact.split('~');
|
|
67
|
+
const disclosureCount = parts.slice(1).filter((p) => p.length > 0).length;
|
|
68
|
+
// Surface the public key on the result for callers that want to
|
|
69
|
+
// immediately store it alongside the compact form (e.g., a verify
|
|
70
|
+
// backend that records the issuer-key-at-issue-time).
|
|
71
|
+
void issuerPublicKey;
|
|
72
|
+
return {
|
|
73
|
+
compact,
|
|
74
|
+
payload,
|
|
75
|
+
disclosureCount,
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
//# sourceMappingURL=issue.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"issue.js","sourceRoot":"","sources":["../../src/sdjwt/issue.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAA;AAEpC,OAAO,EACL,iBAAiB,EACjB,WAAW,EACX,kBAAkB,GACnB,MAAM,aAAa,CAAA;AAGpB,SAAS,oBAAoB,CAC3B,OAAgC,EAChC,WAAsB;IAEtB,+DAA+D;IAC/D,kEAAkE;IAClE,sEAAsE;IACtE,MAAM,IAAI,GACR,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAA;IAC/D,kEAAkE;IAClE,iEAAiE;IACjE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAyD,CAAA;AAC7E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAA0B;IAE1B,IAAI,MAAM,CAAC,gBAAgB,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,0CAA0C,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAC3E,CAAA;IACH,CAAC;IAED,6DAA6D;IAC7D,qEAAqE;IACrE,sDAAsD;IACtD,MAAM,eAAe,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAA;IAE3E,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC;QAChC,MAAM,EAAE,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC;QAClD,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,SAAS;QAClB,aAAa,EAAE,kBAAkB;QACjC,+DAA+D;QAC/D,8DAA8D;QAC9D,qDAAqD;QACrD,sBAAsB,EAAE,KAAK;KAC9B,CAAC,CAAA;IAEF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IACzC,MAAM,OAAO,GAAG,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,CAAA;IACrC,MAAM,SAAS,GAAG,OAAO,OAAO,CAAC,IAAI,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IAC/E,qEAAqE;IACrE,2CAA2C;IAC3C,OAAO,OAAO,CAAC,IAAI,CAAC,CAAA;IAEpB,MAAM,OAAO,GAA4B;QACvC,GAAG,EAAE,MAAM,CAAC,MAAM;QAClB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,GAAG,EAAE,GAAG;QACR,GAAG,OAAO;KACX,CAAA;IACD,IAAI,SAAS,KAAK,SAAS;QAAE,OAAO,CAAC,KAAK,CAAC,GAAG,SAAS,CAAA;IACvD,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAA;IAC1E,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAA;IAC3E,CAAC;IAED,MAAM,eAAe,GAAG,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,WAAW,CAAC,CAAA;IACzE,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,KAAK,CAC/B,OAA4C,EAC5C,eAAoD,CACrD,CAAA;IAED,oEAAoE;IACpE,gEAAgE;IAChE,+DAA+D;IAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAChC,MAAM,eAAe,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM,CAAA;IAEzE,gEAAgE;IAChE,kEAAkE;IAClE,sDAAsD;IACtD,KAAK,eAAe,CAAA;IAEpB,OAAO;QACL,OAAO;QACP,OAAO;QACP,eAAe;KAChB,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ed25519 signer/verifier adapters for `@sd-jwt/core`.
|
|
3
|
+
*
|
|
4
|
+
* sd-jwt-js expects callbacks shaped as `(data: string) => Promise<string>`
|
|
5
|
+
* for signing and `(data: string, signature: string) => Promise<boolean>`
|
|
6
|
+
* for verification. Both data and signature are compact-encoded bytes
|
|
7
|
+
* for SD-JWT (which uses base64url).
|
|
8
|
+
*
|
|
9
|
+
* This module wires those callbacks to `@noble/ed25519`, matching the
|
|
10
|
+
* EdDSA convention used elsewhere in Solidus (chain tx signing,
|
|
11
|
+
* `@solidus-network/jwt`). The hash algorithm is fixed at SHA-256 because the
|
|
12
|
+
* SD-JWT spec requires it for the disclosure-digest construction; the
|
|
13
|
+
* rest of Solidus (chain layer) uses BLAKE3, but disclosure hashes are
|
|
14
|
+
* client-interop boundary so we follow the spec.
|
|
15
|
+
*/
|
|
16
|
+
/**
|
|
17
|
+
* Construct a signer callback bound to the given Ed25519 private key.
|
|
18
|
+
*
|
|
19
|
+
* Returns the signature as a base64url-encoded string, matching what
|
|
20
|
+
* sd-jwt-js expects for the JWS `signature` segment.
|
|
21
|
+
*/
|
|
22
|
+
export declare function makeEd25519Signer(privateKey: Uint8Array): (data: string) => Promise<string>;
|
|
23
|
+
/** Construct a verifier callback bound to the given Ed25519 public key. */
|
|
24
|
+
export declare function makeEd25519Verifier(publicKey: Uint8Array): (data: string, signature: string) => Promise<boolean>;
|
|
25
|
+
/**
|
|
26
|
+
* Hasher in the shape `@sd-jwt/types` expects:
|
|
27
|
+
* `(data: string | ArrayBuffer, alg: string) => Uint8Array`.
|
|
28
|
+
*
|
|
29
|
+
* Honours the requested algorithm so callers can plug in others later;
|
|
30
|
+
* Phase 1 only supports `sha-256` (the SD-JWT spec default and the
|
|
31
|
+
* only algorithm sd-jwt-vc emits without explicit configuration).
|
|
32
|
+
*/
|
|
33
|
+
export declare function sdJwtHasher(data: string | ArrayBuffer, alg: string): Uint8Array;
|
|
34
|
+
/**
|
|
35
|
+
* Salt generator in the shape `@sd-jwt/types` expects:
|
|
36
|
+
* `(length: number) => string`.
|
|
37
|
+
*
|
|
38
|
+
* Returns a base64url-encoded random string of `length` bytes.
|
|
39
|
+
* SD-JWT spec recommends ≥128 bits (16 bytes) of entropy per salt;
|
|
40
|
+
* sd-jwt-js calls this with `length = 16` by default.
|
|
41
|
+
*/
|
|
42
|
+
export declare function sdJwtSaltGenerator(length: number): string;
|
|
43
|
+
//# sourceMappingURL=signer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/sdjwt/signer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAqBH;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,UAAU,IAIxC,MAAM,MAAM,KAAG,OAAO,CAAC,MAAM,CAAC,CAI7C;AAED,2EAA2E;AAC3E,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,UAAU,IAIzC,MAAM,MAAM,EAAE,WAAW,MAAM,KAAG,OAAO,CAAC,OAAO,CAAC,CAWjE;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CACzB,IAAI,EAAE,MAAM,GAAG,WAAW,EAC1B,GAAG,EAAE,MAAM,GACV,UAAU,CASZ;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAQzD"}
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ed25519 signer/verifier adapters for `@sd-jwt/core`.
|
|
3
|
+
*
|
|
4
|
+
* sd-jwt-js expects callbacks shaped as `(data: string) => Promise<string>`
|
|
5
|
+
* for signing and `(data: string, signature: string) => Promise<boolean>`
|
|
6
|
+
* for verification. Both data and signature are compact-encoded bytes
|
|
7
|
+
* for SD-JWT (which uses base64url).
|
|
8
|
+
*
|
|
9
|
+
* This module wires those callbacks to `@noble/ed25519`, matching the
|
|
10
|
+
* EdDSA convention used elsewhere in Solidus (chain tx signing,
|
|
11
|
+
* `@solidus-network/jwt`). The hash algorithm is fixed at SHA-256 because the
|
|
12
|
+
* SD-JWT spec requires it for the disclosure-digest construction; the
|
|
13
|
+
* rest of Solidus (chain layer) uses BLAKE3, but disclosure hashes are
|
|
14
|
+
* client-interop boundary so we follow the spec.
|
|
15
|
+
*/
|
|
16
|
+
import * as ed from '@noble/ed25519';
|
|
17
|
+
import { sha256 } from '@noble/hashes/sha2';
|
|
18
|
+
function fromBase64Url(input) {
|
|
19
|
+
const padded = input.replace(/-/g, '+').replace(/_/g, '/').padEnd(input.length + ((4 - (input.length % 4)) % 4), '=');
|
|
20
|
+
return new Uint8Array(Buffer.from(padded, 'base64'));
|
|
21
|
+
}
|
|
22
|
+
function toBase64Url(input) {
|
|
23
|
+
return Buffer.from(input)
|
|
24
|
+
.toString('base64')
|
|
25
|
+
.replace(/\+/g, '-')
|
|
26
|
+
.replace(/\//g, '_')
|
|
27
|
+
.replace(/=/g, '');
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Construct a signer callback bound to the given Ed25519 private key.
|
|
31
|
+
*
|
|
32
|
+
* Returns the signature as a base64url-encoded string, matching what
|
|
33
|
+
* sd-jwt-js expects for the JWS `signature` segment.
|
|
34
|
+
*/
|
|
35
|
+
export function makeEd25519Signer(privateKey) {
|
|
36
|
+
if (privateKey.length !== 32) {
|
|
37
|
+
throw new Error(`privateKey must be 32 bytes, got ${privateKey.length}`);
|
|
38
|
+
}
|
|
39
|
+
return async (data) => {
|
|
40
|
+
const sig = await ed.signAsync(new TextEncoder().encode(data), privateKey);
|
|
41
|
+
return toBase64Url(sig);
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
/** Construct a verifier callback bound to the given Ed25519 public key. */
|
|
45
|
+
export function makeEd25519Verifier(publicKey) {
|
|
46
|
+
if (publicKey.length !== 32) {
|
|
47
|
+
throw new Error(`publicKey must be 32 bytes, got ${publicKey.length}`);
|
|
48
|
+
}
|
|
49
|
+
return async (data, signature) => {
|
|
50
|
+
try {
|
|
51
|
+
return await ed.verifyAsync(fromBase64Url(signature), new TextEncoder().encode(data), publicKey);
|
|
52
|
+
}
|
|
53
|
+
catch {
|
|
54
|
+
return false;
|
|
55
|
+
}
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Hasher in the shape `@sd-jwt/types` expects:
|
|
60
|
+
* `(data: string | ArrayBuffer, alg: string) => Uint8Array`.
|
|
61
|
+
*
|
|
62
|
+
* Honours the requested algorithm so callers can plug in others later;
|
|
63
|
+
* Phase 1 only supports `sha-256` (the SD-JWT spec default and the
|
|
64
|
+
* only algorithm sd-jwt-vc emits without explicit configuration).
|
|
65
|
+
*/
|
|
66
|
+
export function sdJwtHasher(data, alg) {
|
|
67
|
+
if (alg !== 'sha-256') {
|
|
68
|
+
throw new Error(`unsupported SD-JWT hash algorithm: ${alg}`);
|
|
69
|
+
}
|
|
70
|
+
const bytes = typeof data === 'string'
|
|
71
|
+
? new TextEncoder().encode(data)
|
|
72
|
+
: new Uint8Array(data);
|
|
73
|
+
return sha256(bytes);
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Salt generator in the shape `@sd-jwt/types` expects:
|
|
77
|
+
* `(length: number) => string`.
|
|
78
|
+
*
|
|
79
|
+
* Returns a base64url-encoded random string of `length` bytes.
|
|
80
|
+
* SD-JWT spec recommends ≥128 bits (16 bytes) of entropy per salt;
|
|
81
|
+
* sd-jwt-js calls this with `length = 16` by default.
|
|
82
|
+
*/
|
|
83
|
+
export function sdJwtSaltGenerator(length) {
|
|
84
|
+
const bytes = new Uint8Array(length);
|
|
85
|
+
crypto.getRandomValues(bytes);
|
|
86
|
+
return Buffer.from(bytes)
|
|
87
|
+
.toString('base64')
|
|
88
|
+
.replace(/\+/g, '-')
|
|
89
|
+
.replace(/\//g, '_')
|
|
90
|
+
.replace(/=/g, '');
|
|
91
|
+
}
|
|
92
|
+
//# sourceMappingURL=signer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/sdjwt/signer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,MAAM,gBAAgB,CAAA;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,SAAS,aAAa,CAAC,KAAa;IAClC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,MAAM,CAC/D,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAC7C,GAAG,CACJ,CAAA;IACD,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;AACtD,CAAC;AAED,SAAS,WAAW,CAAC,KAAiB;IACpC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;SACtB,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;AACtB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAsB;IACtD,IAAI,UAAU,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oCAAoC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAA;IAC1E,CAAC;IACD,OAAO,KAAK,EAAE,IAAY,EAAmB,EAAE;QAC7C,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAA;QAC1E,OAAO,WAAW,CAAC,GAAG,CAAC,CAAA;IACzB,CAAC,CAAA;AACH,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,mBAAmB,CAAC,SAAqB;IACvD,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAA;IACxE,CAAC;IACD,OAAO,KAAK,EAAE,IAAY,EAAE,SAAiB,EAAoB,EAAE;QACjE,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,CAAC,WAAW,CACzB,aAAa,CAAC,SAAS,CAAC,EACxB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAC9B,SAAS,CACV,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAA;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,WAAW,CACzB,IAA0B,EAC1B,GAAW;IAEX,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;IAC9D,CAAC;IACD,MAAM,KAAK,GACT,OAAO,IAAI,KAAK,QAAQ;QACtB,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC;QAChC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAA;IAC1B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAA;AACtB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAA;IACpC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAA;IAC7B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;SACtB,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;AACtB,CAAC"}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Public interfaces for the SD-JWT VC integration.
|
|
3
|
+
*
|
|
4
|
+
* SD-JWT VC (draft-ietf-oauth-sd-jwt-vc) is one of two W3C VC formats
|
|
5
|
+
* accepted by the EUDI Wallet ARF; the other is ISO mDoc. This module
|
|
6
|
+
* exposes a thin, opinionated wrapper around `@sd-jwt/sd-jwt-vc` that
|
|
7
|
+
* matches Solidus's Ed25519 / DID conventions.
|
|
8
|
+
*
|
|
9
|
+
* For background, see `.claude/plans/2026-05-09-sdjwt-vc-implementation.md`.
|
|
10
|
+
*/
|
|
11
|
+
/** Parameters accepted by [`issueSdJwtVc`]. */
|
|
12
|
+
export interface IssueSdJwtVcParams {
|
|
13
|
+
/**
|
|
14
|
+
* Issuer DID (e.g., `did:solidus:testnet:...`). Becomes the `iss` claim
|
|
15
|
+
* and surfaces the issuer's chain-resolved verification key to verifiers.
|
|
16
|
+
*/
|
|
17
|
+
issuer: string;
|
|
18
|
+
/**
|
|
19
|
+
* Verifiable credential type — an opaque URN per SD-JWT VC §3.2.2.2.
|
|
20
|
+
* Use `https://docs.solidus.network/credentials/{type}` for Solidus
|
|
21
|
+
* native types, or any externally-defined URN for interop.
|
|
22
|
+
*/
|
|
23
|
+
vct: string;
|
|
24
|
+
/**
|
|
25
|
+
* The credential subject. Typically `{ id: did, ...claims }`. The
|
|
26
|
+
* subject `id` is conventionally a holder DID; if absent, the SD-JWT
|
|
27
|
+
* is bearer.
|
|
28
|
+
*/
|
|
29
|
+
subject: Record<string, unknown>;
|
|
30
|
+
/**
|
|
31
|
+
* Issuer's raw 32-byte Ed25519 private key. Same key material used
|
|
32
|
+
* elsewhere in Solidus (chain transactions, `@solidus-network/jwt`).
|
|
33
|
+
*/
|
|
34
|
+
issuerPrivateKey: Uint8Array;
|
|
35
|
+
/**
|
|
36
|
+
* Subject-claim paths that should be disclosable. Each entry is a
|
|
37
|
+
* top-level subject key (Phase 1 supports flat structures only;
|
|
38
|
+
* nested disclosure comes in Phase 2). If omitted, every subject
|
|
39
|
+
* claim is disclosable.
|
|
40
|
+
*
|
|
41
|
+
* @example ['birthdate', 'address']
|
|
42
|
+
*/
|
|
43
|
+
disclosable?: string[];
|
|
44
|
+
/** RFC 3339 timestamp; sd-jwt-vc maps this to `nbf`. Defaults to now. */
|
|
45
|
+
validFrom?: string;
|
|
46
|
+
/** RFC 3339 timestamp; sd-jwt-vc maps this to `exp`. Optional. */
|
|
47
|
+
validUntil?: string;
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* The compact-serialised SD-JWT VC, plus metadata. The `compact` field
|
|
51
|
+
* is the wire format consumed by holders and verifiers:
|
|
52
|
+
* `<jws>~<disclosure1>~<disclosure2>~`.
|
|
53
|
+
*/
|
|
54
|
+
export interface IssuedSdJwtVc {
|
|
55
|
+
/** Compact-serialised SD-JWT VC: `<jws>~<d1>~...~`. */
|
|
56
|
+
compact: string;
|
|
57
|
+
/** Decoded JWS payload (claims minus the disclosed-but-hashed values). */
|
|
58
|
+
payload: Record<string, unknown>;
|
|
59
|
+
/** Number of disclosable claims encoded. */
|
|
60
|
+
disclosureCount: number;
|
|
61
|
+
}
|
|
62
|
+
/** Parameters accepted by [`verifySdJwtVc`]. */
|
|
63
|
+
export interface VerifySdJwtVcParams {
|
|
64
|
+
/** Compact-serialised SD-JWT VC. */
|
|
65
|
+
compact: string;
|
|
66
|
+
/**
|
|
67
|
+
* Issuer's raw 32-byte Ed25519 *public* key. In production the
|
|
68
|
+
* verifier resolves this from the issuer DID's chain document; this
|
|
69
|
+
* Phase-1 API takes the key explicitly to keep the module decoupled
|
|
70
|
+
* from the chain client.
|
|
71
|
+
*/
|
|
72
|
+
issuerPublicKey: Uint8Array;
|
|
73
|
+
}
|
|
74
|
+
export interface VerificationResult {
|
|
75
|
+
/** True if signature, hashes, and freshness all check out. */
|
|
76
|
+
valid: boolean;
|
|
77
|
+
/**
|
|
78
|
+
* Reconstructed claims after applying disclosures. Includes hidden
|
|
79
|
+
* fields *only if* the corresponding disclosure was present in the
|
|
80
|
+
* compact form.
|
|
81
|
+
*/
|
|
82
|
+
claims: Record<string, unknown>;
|
|
83
|
+
/** Issuer DID (the `iss` claim). */
|
|
84
|
+
issuer?: string;
|
|
85
|
+
/** Verifiable credential type (`vct` claim). */
|
|
86
|
+
vct?: string;
|
|
87
|
+
/** Reason for verification failure, if any. */
|
|
88
|
+
error?: string;
|
|
89
|
+
}
|
|
90
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/sdjwt/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,+CAA+C;AAC/C,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAA;IAEd;;;;OAIG;IACH,GAAG,EAAE,MAAM,CAAA;IAEX;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAEhC;;;OAGG;IACH,gBAAgB,EAAE,UAAU,CAAA;IAE5B;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IAEtB,yEAAyE;IACzE,SAAS,CAAC,EAAE,MAAM,CAAA;IAElB,kEAAkE;IAClE,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,uDAAuD;IACvD,OAAO,EAAE,MAAM,CAAA;IAEf,0EAA0E;IAC1E,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAEhC,4CAA4C;IAC5C,eAAe,EAAE,MAAM,CAAA;CACxB;AAED,gDAAgD;AAChD,MAAM,WAAW,mBAAmB;IAClC,oCAAoC;IACpC,OAAO,EAAE,MAAM,CAAA;IAEf;;;;;OAKG;IACH,eAAe,EAAE,UAAU,CAAA;CAC5B;AAED,MAAM,WAAW,kBAAkB;IACjC,8DAA8D;IAC9D,KAAK,EAAE,OAAO,CAAA;IAEd;;;;OAIG;IACH,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAE/B,oCAAoC;IACpC,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf,gDAAgD;IAChD,GAAG,CAAC,EAAE,MAAM,CAAA;IAEZ,+CAA+C;IAC/C,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Public interfaces for the SD-JWT VC integration.
|
|
3
|
+
*
|
|
4
|
+
* SD-JWT VC (draft-ietf-oauth-sd-jwt-vc) is one of two W3C VC formats
|
|
5
|
+
* accepted by the EUDI Wallet ARF; the other is ISO mDoc. This module
|
|
6
|
+
* exposes a thin, opinionated wrapper around `@sd-jwt/sd-jwt-vc` that
|
|
7
|
+
* matches Solidus's Ed25519 / DID conventions.
|
|
8
|
+
*
|
|
9
|
+
* For background, see `.claude/plans/2026-05-09-sdjwt-vc-implementation.md`.
|
|
10
|
+
*/
|
|
11
|
+
export {};
|
|
12
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/sdjwt/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Verify an SD-JWT VC.
|
|
3
|
+
*
|
|
4
|
+
* Phase 1 verifies signature, freshness (`iat`/`nbf`/`exp`), and
|
|
5
|
+
* reconstructs the disclosed claims. Status-list and KB-JWT
|
|
6
|
+
* verification land in Phase 2.
|
|
7
|
+
*/
|
|
8
|
+
import type { VerifySdJwtVcParams, VerificationResult } from './types.js';
|
|
9
|
+
export declare function verifySdJwtVc(params: VerifySdJwtVcParams): Promise<VerificationResult>;
|
|
10
|
+
//# sourceMappingURL=verify.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/sdjwt/verify.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AAEzE,wBAAsB,aAAa,CACjC,MAAM,EAAE,mBAAmB,GAC1B,OAAO,CAAC,kBAAkB,CAAC,CAyC7B"}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Verify an SD-JWT VC.
|
|
3
|
+
*
|
|
4
|
+
* Phase 1 verifies signature, freshness (`iat`/`nbf`/`exp`), and
|
|
5
|
+
* reconstructs the disclosed claims. Status-list and KB-JWT
|
|
6
|
+
* verification land in Phase 2.
|
|
7
|
+
*/
|
|
8
|
+
import { SDJwtVcInstance } from '@sd-jwt/sd-jwt-vc';
|
|
9
|
+
import { makeEd25519Verifier, sdJwtHasher } from './signer.js';
|
|
10
|
+
export async function verifySdJwtVc(params) {
|
|
11
|
+
if (params.issuerPublicKey.length !== 32) {
|
|
12
|
+
return {
|
|
13
|
+
valid: false,
|
|
14
|
+
claims: {},
|
|
15
|
+
error: `issuerPublicKey must be 32 bytes, got ${params.issuerPublicKey.length}`,
|
|
16
|
+
};
|
|
17
|
+
}
|
|
18
|
+
const sdjwt = new SDJwtVcInstance({
|
|
19
|
+
verifier: makeEd25519Verifier(params.issuerPublicKey),
|
|
20
|
+
hasher: sdJwtHasher,
|
|
21
|
+
hashAlg: 'sha-256',
|
|
22
|
+
loadTypeMetadataFormat: false,
|
|
23
|
+
});
|
|
24
|
+
try {
|
|
25
|
+
const result = await sdjwt.verify(params.compact);
|
|
26
|
+
const payload = result.payload;
|
|
27
|
+
// sd-jwt-js's verify() reconstructs the disclosed claims and merges
|
|
28
|
+
// them into the payload, dropping the `_sd` arrays. So
|
|
29
|
+
// `result.payload` is already the full revealed claim set.
|
|
30
|
+
const claims = {};
|
|
31
|
+
for (const [k, v] of Object.entries(payload)) {
|
|
32
|
+
// Drop SD-JWT housekeeping fields from the user-facing claim set.
|
|
33
|
+
if (k === '_sd' || k === '_sd_alg' || k === 'cnf')
|
|
34
|
+
continue;
|
|
35
|
+
claims[k] = v;
|
|
36
|
+
}
|
|
37
|
+
const out = { valid: true, claims };
|
|
38
|
+
if (typeof payload['iss'] === 'string')
|
|
39
|
+
out.issuer = payload['iss'];
|
|
40
|
+
if (typeof payload['vct'] === 'string')
|
|
41
|
+
out.vct = payload['vct'];
|
|
42
|
+
return out;
|
|
43
|
+
}
|
|
44
|
+
catch (e) {
|
|
45
|
+
return {
|
|
46
|
+
valid: false,
|
|
47
|
+
claims: {},
|
|
48
|
+
error: e instanceof Error ? e.message : String(e),
|
|
49
|
+
};
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=verify.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/sdjwt/verify.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9D,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAA2B;IAE3B,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,yCAAyC,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE;SAChF,CAAA;IACH,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC;QAChC,QAAQ,EAAE,mBAAmB,CAAC,MAAM,CAAC,eAAe,CAAC;QACrD,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,SAAS;QAClB,sBAAsB,EAAE,KAAK;KAC9B,CAAC,CAAA;IAEF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAkC,CAAA;QAEzD,oEAAoE;QACpE,uDAAuD;QACvD,2DAA2D;QAC3D,MAAM,MAAM,GAA4B,EAAE,CAAA;QAC1C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,kEAAkE;YAClE,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,KAAK;gBAAE,SAAQ;YAC3D,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;QACf,CAAC;QAED,MAAM,GAAG,GAAuB,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAA;QACvD,IAAI,OAAO,OAAO,CAAC,KAAK,CAAC,KAAK,QAAQ;YAAE,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;QACnE,IAAI,OAAO,OAAO,CAAC,KAAK,CAAC,KAAK,QAAQ;YAAE,GAAG,CAAC,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;QAChE,OAAO,GAAG,CAAA;IACZ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;SAClD,CAAA;IACH,CAAC;AACH,CAAC"}
|
package/dist/stub/credentials.js
CHANGED
|
@@ -3,12 +3,12 @@ import { getSql } from './db.js';
|
|
|
3
3
|
import { sign, verify as cryptoVerify } from './crypto.js';
|
|
4
4
|
function rowToVC(row) {
|
|
5
5
|
return {
|
|
6
|
-
'@context': ['https://www.w3.org/
|
|
6
|
+
'@context': ['https://www.w3.org/ns/credentials/v2'],
|
|
7
7
|
id: row.credential_id,
|
|
8
8
|
type: row.type,
|
|
9
9
|
issuer: row.issuer_did,
|
|
10
|
-
|
|
11
|
-
...(row.expires_at && {
|
|
10
|
+
validFrom: row.issued_at.toISOString(),
|
|
11
|
+
...(row.expires_at && { validUntil: row.expires_at.toISOString() }),
|
|
12
12
|
credentialSubject: { id: row.subject_did, ...row.claims },
|
|
13
13
|
proof: {
|
|
14
14
|
type: 'Ed25519Signature2020',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/stub/credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAGxC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,aAAa,CAAA;AAc1D,SAAS,OAAO,CAAC,GAAkB;IACjC,OAAO;QACL,UAAU,EAAE,CAAC,
|
|
1
|
+
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../src/stub/credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAGxC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,aAAa,CAAA;AAc1D,SAAS,OAAO,CAAC,GAAkB;IACjC,OAAO;QACL,UAAU,EAAE,CAAC,sCAAsC,CAAC;QACpD,EAAE,EAAE,GAAG,CAAC,aAAa;QACrB,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,MAAM,EAAE,GAAG,CAAC,UAAU;QACtB,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE;QACtC,GAAG,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC;QACnE,iBAAiB,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE;QACzD,KAAK,EAAE;YACL,IAAI,EAAE,sBAAsB;YAC5B,OAAO,EAAE,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE;YACpC,kBAAkB,EAAE,GAAG,GAAG,CAAC,UAAU,QAAQ;YAC7C,YAAY,EAAE,iBAAiB;YAC/B,UAAU,EAAE,GAAG,CAAC,WAAW;SAC5B;KACF,CAAA;AACH,CAAC;AAED,SAAS,YAAY,CAAC,MAMrB;IACC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAC7B,IAAI,CAAC,SAAS,CAAC;QACb,EAAE,EAAE,MAAM,CAAC,YAAY;QACvB,OAAO,EAAE,MAAM,CAAC,UAAU;QAC1B,MAAM,EAAE,MAAM,CAAC,SAAS;QACxB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC,CACH,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAA6B;IAClE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAA;IACpB,MAAM,YAAY,GAAG,mBAAmB,UAAU,EAAE,EAAE,CAAA;IACtD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;IACtB,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa;QACpC,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,GAAG,UAAU,CAAC;QAC7D,CAAC,CAAC,IAAI,CAAA;IAER,MAAM,OAAO,GAAG,YAAY,CAAC;QAC3B,YAAY;QACZ,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,GAAG,CAAC,WAAW,EAAE;KAC5B,CAAC,CAAA;IACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAA;IAE/D,MAAM,GAAG,CAAA;;;;QAIH,YAAY,KAAK,MAAM,CAAC,UAAU,KAAK,MAAM,CAAC,SAAS;QACvD,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAA4B,CAAC;QACxE,UAAU,KAAK,GAAG,KAAK,SAAS;;GAErC,CAAA;IAED,OAAO,OAAO,CAAC;QACb,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,MAAM,CAAC,UAAU;QAC9B,UAAU,EAAE,MAAM,CAAC,SAAS;QAC5B,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,WAAW,EAAE,UAAU;QACvB,SAAS,EAAE,GAAG;QACd,UAAU,EAAE,SAAS;QACrB,OAAO,EAAE,KAAK;KACf,CAAC,CAAA;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAY;IAClD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAA;IACpB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAiB;2DACkB,IAAI;GAC5D,CAAA;IACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,sBAAsB;YAC7B,MAAM,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE;SAC/D,CAAA;IACH,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAA;IAEpB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,OAAO,CAAA;IAC/B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAA;IAEjE,MAAM,UAAU,GAAG,MAAM,GAAG,CAA+B;mDACV,GAAG,CAAC,UAAU;GAC9D,CAAA;IAED,IAAI,QAAQ,GAAG,KAAK,CAAA;IACpB,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,OAAO,GAAG,YAAY,CAAC;YAC3B,YAAY,EAAE,GAAG,CAAC,aAAa;YAC/B,UAAU,EAAE,GAAG,CAAC,WAAW;YAC3B,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE;SACtC,CAAC,CAAA;QACF,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,GAAG,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAA;IACpF,CAAC;IAED,MAAM,KAAK,GAAG,QAAQ,IAAI,UAAU,IAAI,UAAU,CAAA;IAClD,OAAO;QACL,KAAK;QACL,YAAY,EAAE,IAAI;QAClB,MAAM,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE;KAC5E,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,YAAoB,EAAE,UAAkB;IAC9E,MAAM,GAAG,GAAG,MAAM,EAAE,CAAA;IACpB,MAAM,GAAG,CAAA;;4BAEiB,YAAY;GACrC,CAAA;IACD,MAAM,GAAG,CAAA;2DACgD,YAAY;;GAEpE,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,UAAkB;IACvD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAA;IACpB,MAAM,IAAI,GAAG,MAAM,GAAG,CAAiB;;0BAEf,UAAU;;GAEjC,CAAA;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;AAC1B,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solidus-network/sdk",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "Solidus Network SDK — DID resolution, verifiable credential issuance and verification, and on-chain queries via JSON-RPC.",
|
|
3
|
+
"version": "0.2.0",
|
|
4
|
+
"description": "Solidus Network SDK — DID resolution, verifiable credential issuance and verification, SD-JWT VC (EUDI-compatible), and on-chain queries via JSON-RPC.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
7
7
|
"types": "./dist/index.d.ts",
|
|
@@ -15,12 +15,14 @@
|
|
|
15
15
|
"dependencies": {
|
|
16
16
|
"@noble/ed25519": "^2.1.0",
|
|
17
17
|
"@noble/hashes": "^1.5.0",
|
|
18
|
-
"@
|
|
19
|
-
"@
|
|
18
|
+
"@sd-jwt/sd-jwt-vc": "^0.19.0",
|
|
19
|
+
"@sd-jwt/types": "^0.19.0",
|
|
20
|
+
"@solidus-network/auth": "0.2.0",
|
|
21
|
+
"@solidus-network/types": "0.2.0",
|
|
20
22
|
"bs58": "^6.0.0",
|
|
21
23
|
"postgres": "^3.4.4"
|
|
22
24
|
},
|
|
23
|
-
"keywords": ["solidus", "did", "verifiable-credentials", "vc", "blockchain", "decentralized-identity", "sdk"],
|
|
25
|
+
"keywords": ["solidus", "did", "verifiable-credentials", "vc", "sd-jwt", "sd-jwt-vc", "eudi", "blockchain", "decentralized-identity", "sdk"],
|
|
24
26
|
"author": "Solidus Network (https://solidus.network)",
|
|
25
27
|
"license": "Apache-2.0",
|
|
26
28
|
"homepage": "https://solidus.network",
|