@trustvc/trustvc 1.0.0-alpha.6 → 1.0.0-alpha.8

package/dist/config.d.mts

@@ -0,0 +1,3 @@
+declare const DEFAULT_KEY = "4d5a4e3f2f6d2b0a1f2e9b8f8a3c7a0b8d4f5c2e7b1a1c3f2e7b8c2d5a4f7e3e";
+
+export { DEFAULT_KEY };

package/dist/config.d.ts

@@ -0,0 +1,3 @@
+declare const DEFAULT_KEY = "4d5a4e3f2f6d2b0a1f2e9b8f8a3c7a0b8d4f5c2e7b1a1c3f2e7b8c2d5a4f7e3e";
+
+export { DEFAULT_KEY };

package/dist/config.js

@@ -0,0 +1,5 @@
+'use strict';
+
+const DEFAULT_KEY = "4d5a4e3f2f6d2b0a1f2e9b8f8a3c7a0b8d4f5c2e7b1a1c3f2e7b8c2d5a4f7e3e";
+
+exports.DEFAULT_KEY = DEFAULT_KEY;

package/dist/core/decrypt.js

@@ -1,20 +1,19 @@
 'use strict';
 
+var config = require('src/config');
 var stringUtils = require('../utils/stringUtils');
 var tsChacha20 = require('ts-chacha20');
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 function decrypt(encryptedMessage, key, nonce) {
-  if (key.length === 0) {
-    throw new Error("Key length must not be 0");
-  }
-  key = stringUtils.generate32ByteKey(key ?? "");
+  key = key.length > 0 ? key : config.DEFAULT_KEY;
+  key = stringUtils.generate32ByteKey(key);
   nonce = stringUtils.generate12ByteNonce(nonce ?? "");
   const keyBuffer = stringUtils.stringToUint8Array(key);
   const nonceBuffer = stringUtils.stringToUint8Array(nonce);
   const chacha20 = new tsChacha20.Chacha20(keyBuffer, nonceBuffer);
-  const encryptedBuffer = Buffer.from(encryptedMessage, "hex");
+  const encryptedBuffer = new Uint8Array(Buffer.from(encryptedMessage, "hex"));
   const decrypted = chacha20.decrypt(encryptedBuffer);
   return Buffer.from(decrypted).toString("utf-8");
 }

package/dist/core/encrypt.js

@@ -1,14 +1,13 @@
 'use strict';
 
+var config = require('src/config');
 var stringUtils = require('../utils/stringUtils');
 var tsChacha20 = require('ts-chacha20');
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 function encrypt(message, key, nonce) {
-  if (key.length === 0) {
-    throw new Error("Key length must not be 0");
-  }
+  key = key.length > 0 ? key : config.DEFAULT_KEY;
   key = stringUtils.generate32ByteKey(key);
   nonce = stringUtils.generate12ByteNonce(nonce ?? "");
   const keyBuffer = stringUtils.stringToUint8Array(key);

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.d.mts

@@ -0,0 +1,7 @@
+import { VerifierType } from './transferableRecordVerifier.types.mjs';
+import '@govtechsg/oa-verify';
+
+declare const TRANSFERABLE_RECORDS_TYPE = "TransferableRecords";
+declare const credentialStatusTransferableRecordVerifier: VerifierType;
+
+export { TRANSFERABLE_RECORDS_TYPE, credentialStatusTransferableRecordVerifier };

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.d.ts

@@ -0,0 +1,7 @@
+import { VerifierType } from './transferableRecordVerifier.types.js';
+import '@govtechsg/oa-verify';
+
+declare const TRANSFERABLE_RECORDS_TYPE = "TransferableRecords";
+declare const credentialStatusTransferableRecordVerifier: VerifierType;
+
+export { TRANSFERABLE_RECORDS_TYPE, credentialStatusTransferableRecordVerifier };

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.js

@@ -0,0 +1,132 @@
+'use strict';
+
+var oaVerify = require('@govtechsg/oa-verify');
+var openAttestation = require('@govtechsg/open-attestation');
+var w3cVC = require('@trustvc/w3c-vc');
+var utils = require('./utils');
+
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
+
+var w3cVC__namespace = /*#__PURE__*/_interopNamespace(w3cVC);
+
+var __defProp = Object.defineProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+const TRANSFERABLE_RECORDS_TYPE = "TransferableRecords";
+const type = "DOCUMENT_STATUS";
+const name = TRANSFERABLE_RECORDS_TYPE;
+const verify = /* @__PURE__ */ __name(async (document, options) => {
+  let signedDocument;
+  let tokenId;
+  if (openAttestation.v4.isSignedWrappedDocument(document)) {
+    signedDocument = document;
+    tokenId = "0x" + signedDocument?.proof?.targetHash;
+  } else if (w3cVC__namespace.isSignedDocument(document)) {
+    signedDocument = document;
+    tokenId = "0x" + signedDocument?.credentialStatus?.tokenId;
+  }
+  const credentialStatus = signedDocument?.credentialStatus;
+  if (!credentialStatus?.tokenRegistry) {
+    throw new oaVerify.CodedError(
+      "Document's credentialStatus does not have tokenRegistry",
+      oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT,
+      oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT]
+    );
+  }
+  if (!credentialStatus?.tokenNetwork || !credentialStatus?.tokenNetwork?.chainId) {
+    throw new oaVerify.CodedError(
+      "Document's credentialStatus does not have tokenNetwork.chainId",
+      oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT,
+      oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT]
+    );
+  }
+  const { provider } = options;
+  const mintStatus = await utils.isTokenMintedOnRegistry({
+    tokenRegistryAddress: credentialStatus?.tokenRegistry,
+    tokenId,
+    provider
+  });
+  const result = {
+    name,
+    type,
+    status: "INVALID",
+    data: {
+      tokenRegistry: credentialStatus.tokenRegistry
+    }
+  };
+  if (oaVerify.ValidTokenRegistryStatus.guard(mintStatus)) {
+    result.status = "VALID";
+  } else {
+    result.reason = mintStatus.reason;
+  }
+  return result;
+}, "verify");
+const skip = /* @__PURE__ */ __name(async () => {
+  return {
+    status: "SKIPPED",
+    type,
+    name,
+    reason: {
+      code: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.SKIPPED,
+      codeString: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.SKIPPED],
+      message: `Document does not have TransferableRecords status`
+    }
+  };
+}, "skip");
+const test = /* @__PURE__ */ __name((document) => {
+  if (document?.credentialStatus?.type === TRANSFERABLE_RECORDS_TYPE) {
+    return true;
+  }
+  return false;
+}, "test");
+const credentialStatusTransferableRecordVerifier = {
+  skip,
+  test,
+  verify: /* @__PURE__ */ __name(async (...args) => {
+    try {
+      return await verify(...args);
+    } catch (e) {
+      if (e instanceof oaVerify.CodedError) {
+        const err = {
+          name,
+          type,
+          status: "ERROR",
+          reason: {
+            code: e.code,
+            codeString: e.codeString,
+            message: e.message
+          }
+        };
+        return err;
+      }
+      return {
+        name,
+        type,
+        status: "ERROR",
+        reason: {
+          code: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNEXPECTED_ERROR,
+          codeString: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.UNEXPECTED_ERROR],
+          message: e instanceof Error ? e.message : "An unexpected error occurred"
+        }
+      };
+    }
+  }, "verify")
+};
+
+exports.TRANSFERABLE_RECORDS_TYPE = TRANSFERABLE_RECORDS_TYPE;
+exports.credentialStatusTransferableRecordVerifier = credentialStatusTransferableRecordVerifier;

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.types.d.mts

@@ -0,0 +1,30 @@
+import { OpenAttestationEthereumTokenRegistryStatusCode, VerificationFragment, ErrorVerificationFragment, Verifier } from '@govtechsg/oa-verify';
+
+type TransferableRecordsErrorReason = {
+    code: OpenAttestationEthereumTokenRegistryStatusCode;
+    codeString: string;
+    message: string;
+};
+type TransferableRecordsResultFragment = VerificationFragment & {
+    status: 'VALID' | 'INVALID';
+    data: {
+        tokenRegistry: string;
+    };
+    reason?: TransferableRecordsErrorReason;
+};
+type TransferableRecordsErrorFragment = Omit<ErrorVerificationFragment<never>, 'data'> & {
+    data?: never;
+    reason: TransferableRecordsErrorReason;
+};
+type TransferableRecordsVerificationFragment = TransferableRecordsResultFragment | TransferableRecordsErrorFragment;
+type VerifierType = Verifier<TransferableRecordsVerificationFragment>;
+type TransferableRecordCredentialStatus = {
+    type: 'TransferableRecords';
+    tokenRegistry: string;
+    tokenNetwork: {
+        chainId: number;
+        name: string;
+    };
+};
+
+export type { TransferableRecordCredentialStatus, TransferableRecordsErrorFragment, TransferableRecordsErrorReason, TransferableRecordsResultFragment, TransferableRecordsVerificationFragment, VerifierType };

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.types.d.ts

@@ -0,0 +1,30 @@
+import { OpenAttestationEthereumTokenRegistryStatusCode, VerificationFragment, ErrorVerificationFragment, Verifier } from '@govtechsg/oa-verify';
+
+type TransferableRecordsErrorReason = {
+    code: OpenAttestationEthereumTokenRegistryStatusCode;
+    codeString: string;
+    message: string;
+};
+type TransferableRecordsResultFragment = VerificationFragment & {
+    status: 'VALID' | 'INVALID';
+    data: {
+        tokenRegistry: string;
+    };
+    reason?: TransferableRecordsErrorReason;
+};
+type TransferableRecordsErrorFragment = Omit<ErrorVerificationFragment<never>, 'data'> & {
+    data?: never;
+    reason: TransferableRecordsErrorReason;
+};
+type TransferableRecordsVerificationFragment = TransferableRecordsResultFragment | TransferableRecordsErrorFragment;
+type VerifierType = Verifier<TransferableRecordsVerificationFragment>;
+type TransferableRecordCredentialStatus = {
+    type: 'TransferableRecords';
+    tokenRegistry: string;
+    tokenNetwork: {
+        chainId: number;
+        name: string;
+    };
+};
+
+export type { TransferableRecordCredentialStatus, TransferableRecordsErrorFragment, TransferableRecordsErrorReason, TransferableRecordsResultFragment, TransferableRecordsVerificationFragment, VerifierType };

package/dist/core/fragments/document-status/transferableRecords/transferableRecordVerifier.types.js

@@ -0,0 +1,2 @@
+'use strict';
+

package/dist/core/fragments/document-status/transferableRecords/utils.d.mts

@@ -0,0 +1,18 @@
+import { ValidTokenRegistryStatus, InvalidTokenRegistryStatus } from '@govtechsg/oa-verify';
+import { providers, errors } from 'ethers';
+
+type EthersError = {
+    message?: string;
+    data?: string;
+    method?: string;
+    reason?: string;
+    code?: errors;
+};
+declare const decodeError: (error: EthersError) => "Document has not been issued under token registry" | "Token registry is not found" | "ENS name is not configured" | "Invalid token registry address" | "Invalid contract arguments";
+declare const isTokenMintedOnRegistry: ({ tokenRegistryAddress, tokenId, provider, }: {
+    tokenRegistryAddress: string;
+    tokenId: string;
+    provider: providers.Provider;
+}) => Promise<ValidTokenRegistryStatus | InvalidTokenRegistryStatus>;
+
+export { decodeError, isTokenMintedOnRegistry };

package/dist/core/fragments/document-status/transferableRecords/utils.d.ts

@@ -0,0 +1,18 @@
+import { ValidTokenRegistryStatus, InvalidTokenRegistryStatus } from '@govtechsg/oa-verify';
+import { providers, errors } from 'ethers';
+
+type EthersError = {
+    message?: string;
+    data?: string;
+    method?: string;
+    reason?: string;
+    code?: errors;
+};
+declare const decodeError: (error: EthersError) => "Document has not been issued under token registry" | "Token registry is not found" | "ENS name is not configured" | "Invalid token registry address" | "Invalid contract arguments";
+declare const isTokenMintedOnRegistry: ({ tokenRegistryAddress, tokenId, provider, }: {
+    tokenRegistryAddress: string;
+    tokenId: string;
+    provider: providers.Provider;
+}) => Promise<ValidTokenRegistryStatus | InvalidTokenRegistryStatus>;
+
+export { decodeError, isTokenMintedOnRegistry };

package/dist/core/fragments/document-status/transferableRecords/utils.js

@@ -0,0 +1,75 @@
+'use strict';
+
+var oaVerify = require('@govtechsg/oa-verify');
+var contracts = require('@tradetrust-tt/token-registry/dist/contracts');
+var ethers = require('ethers');
+
+var __defProp = Object.defineProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+const isNonExistentToken = /* @__PURE__ */ __name((error) => {
+  const message = error.message;
+  if (!message) {
+    return error.data && error.data.slice(0, 10) === "0x7e273289";
+  }
+  return message.includes("owner query for nonexistent token");
+}, "isNonExistentToken");
+const isMissingTokenRegistry = /* @__PURE__ */ __name((error) => {
+  return !error.reason && error.method?.toLowerCase() === "ownerOf(uint256)".toLowerCase() && error.code === ethers.errors.CALL_EXCEPTION;
+}, "isMissingTokenRegistry");
+const decodeError = /* @__PURE__ */ __name((error) => {
+  const reason = error.reason && Array.isArray(error.reason) ? error.reason[0] : error.reason ?? "";
+  switch (true) {
+    case isNonExistentToken(error):
+      return `Document has not been issued under token registry`;
+    case isMissingTokenRegistry(error):
+      return `Token registry is not found`;
+    case (reason.toLowerCase() === "ENS name not configured".toLowerCase() && error.code === ethers.errors.UNSUPPORTED_OPERATION):
+      return "ENS name is not configured";
+    case (reason.toLowerCase() === "invalid address".toLowerCase() && error.code === ethers.errors.INVALID_ARGUMENT):
+      return `Invalid token registry address`;
+    case error.code === ethers.errors.INVALID_ARGUMENT:
+      return `Invalid contract arguments`;
+    case error.code === ethers.errors.SERVER_ERROR:
+    case error.code === ethers.errors.NETWORK_ERROR:
+      throw new oaVerify.CodedError(
+        "Unable to connect to the network, please try again later",
+        oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.SERVER_ERROR,
+        oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.SERVER_ERROR]
+      );
+    default:
+      throw error;
+  }
+}, "decodeError");
+const isTokenMintedOnRegistry = /* @__PURE__ */ __name(async ({
+  tokenRegistryAddress,
+  tokenId,
+  provider
+}) => {
+  try {
+    const tokenRegistryContract = contracts.TradeTrustToken__factory.connect(tokenRegistryAddress, provider);
+    const minted = await tokenRegistryContract.ownerOf(tokenId).then((owner) => owner !== ethers.constants.AddressZero);
+    return minted ? { minted, address: tokenRegistryAddress } : {
+      minted,
+      address: tokenRegistryAddress,
+      reason: {
+        code: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED,
+        codeString: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED],
+        message: `Document ${tokenId} has not been issued under contract ${tokenRegistryAddress}`
+      }
+    };
+  } catch (error) {
+    return {
+      minted: false,
+      address: tokenRegistryAddress,
+      reason: {
+        message: decodeError(error),
+        // message: (error as Error).message,
+        code: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED,
+        codeString: oaVerify.OpenAttestationEthereumTokenRegistryStatusCode[oaVerify.OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED]
+      }
+    };
+  }
+}, "isTokenMintedOnRegistry");
+
+exports.decodeError = decodeError;
+exports.isTokenMintedOnRegistry = isTokenMintedOnRegistry;

package/dist/core/verify.js

@@ -6,13 +6,18 @@ var w3cSignatureIntegrity = require('./fragments/document-integrity/w3cSignature
 var w3cCredentialStatus = require('./fragments/document-status/w3cCredentialStatus');
 var w3cIssuerIdentity = require('./fragments/issuer-identity/w3cIssuerIdentity');
 var openAttestation = require('@govtechsg/open-attestation');
+var transferableRecordVerifier = require('./fragments/document-status/transferableRecords/transferableRecordVerifier');
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 const verifyDocument = /* @__PURE__ */ __name(async (document, rpcProviderUrl) => {
   if (openAttestation.utils.isWrappedV2Document(document) || openAttestation.utils.isWrappedV3Document(document) || openAttestation.utils.isWrappedV4Document(document)) {
     const verify = oaVerify.verificationBuilder(
-      [...oaVerify.openAttestationVerifiers, oaVerify.openAttestationDidIdentityProof],
+      [
+        ...oaVerify.openAttestationVerifiers,
+        oaVerify.openAttestationDidIdentityProof,
+        transferableRecordVerifier.credentialStatusTransferableRecordVerifier
+      ],
       {
         provider: new ethers.ethers.providers.JsonRpcProvider(rpcProviderUrl)
         // Use user-provided provider URL
@@ -21,7 +26,12 @@ const verifyDocument = /* @__PURE__ */ __name(async (document, rpcProviderUrl) =
     return verify(document);
   } else {
     const verify = oaVerify.verificationBuilder(
-      [w3cSignatureIntegrity.w3cSignatureIntegrity, w3cCredentialStatus.w3cCredentialStatus, w3cIssuerIdentity.w3cIssuerIdentity],
+      [
+        w3cSignatureIntegrity.w3cSignatureIntegrity,
+        w3cCredentialStatus.w3cCredentialStatus,
+        w3cIssuerIdentity.w3cIssuerIdentity,
+        transferableRecordVerifier.credentialStatusTransferableRecordVerifier
+      ],
       {
         provider: new ethers.ethers.providers.JsonRpcProvider(rpcProviderUrl)
         // Use user-provided provider URL

package/dist/esm/config.js

@@ -0,0 +1,3 @@
+const DEFAULT_KEY = "4d5a4e3f2f6d2b0a1f2e9b8f8a3c7a0b8d4f5c2e7b1a1c3f2e7b8c2d5a4f7e3e";
+
+export { DEFAULT_KEY };

package/dist/esm/core/decrypt.js

@@ -1,18 +1,17 @@
+import { DEFAULT_KEY } from 'src/config';
 import { generate32ByteKey, generate12ByteNonce, stringToUint8Array } from '../utils/stringUtils';
 import { Chacha20 } from 'ts-chacha20';
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 function decrypt(encryptedMessage, key, nonce) {
-  if (key.length === 0) {
-    throw new Error("Key length must not be 0");
-  }
-  key = generate32ByteKey(key ?? "");
+  key = key.length > 0 ? key : DEFAULT_KEY;
+  key = generate32ByteKey(key);
   nonce = generate12ByteNonce(nonce ?? "");
   const keyBuffer = stringToUint8Array(key);
   const nonceBuffer = stringToUint8Array(nonce);
   const chacha20 = new Chacha20(keyBuffer, nonceBuffer);
-  const encryptedBuffer = Buffer.from(encryptedMessage, "hex");
+  const encryptedBuffer = new Uint8Array(Buffer.from(encryptedMessage, "hex"));
   const decrypted = chacha20.decrypt(encryptedBuffer);
   return Buffer.from(decrypted).toString("utf-8");
 }

package/dist/esm/core/encrypt.js

@@ -1,12 +1,11 @@
+import { DEFAULT_KEY } from 'src/config';
 import { generate32ByteKey, generate12ByteNonce, stringToUint8Array } from '../utils/stringUtils';
 import { Chacha20 } from 'ts-chacha20';
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 function encrypt(message, key, nonce) {
-  if (key.length === 0) {
-    throw new Error("Key length must not be 0");
-  }
+  key = key.length > 0 ? key : DEFAULT_KEY;
   key = generate32ByteKey(key);
   nonce = generate12ByteNonce(nonce ?? "");
   const keyBuffer = stringToUint8Array(key);

package/dist/esm/core/fragments/document-status/transferableRecords/transferableRecordVerifier.js

@@ -0,0 +1,109 @@
+import { OpenAttestationEthereumTokenRegistryStatusCode, CodedError, ValidTokenRegistryStatus } from '@govtechsg/oa-verify';
+import { v4 } from '@govtechsg/open-attestation';
+import * as w3cVC from '@trustvc/w3c-vc';
+import { isTokenMintedOnRegistry } from './utils';
+
+var __defProp = Object.defineProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+const TRANSFERABLE_RECORDS_TYPE = "TransferableRecords";
+const type = "DOCUMENT_STATUS";
+const name = TRANSFERABLE_RECORDS_TYPE;
+const verify = /* @__PURE__ */ __name(async (document, options) => {
+  let signedDocument;
+  let tokenId;
+  if (v4.isSignedWrappedDocument(document)) {
+    signedDocument = document;
+    tokenId = "0x" + signedDocument?.proof?.targetHash;
+  } else if (w3cVC.isSignedDocument(document)) {
+    signedDocument = document;
+    tokenId = "0x" + signedDocument?.credentialStatus?.tokenId;
+  }
+  const credentialStatus = signedDocument?.credentialStatus;
+  if (!credentialStatus?.tokenRegistry) {
+    throw new CodedError(
+      "Document's credentialStatus does not have tokenRegistry",
+      OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT,
+      OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT]
+    );
+  }
+  if (!credentialStatus?.tokenNetwork || !credentialStatus?.tokenNetwork?.chainId) {
+    throw new CodedError(
+      "Document's credentialStatus does not have tokenNetwork.chainId",
+      OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT,
+      OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.UNRECOGNIZED_DOCUMENT]
+    );
+  }
+  const { provider } = options;
+  const mintStatus = await isTokenMintedOnRegistry({
+    tokenRegistryAddress: credentialStatus?.tokenRegistry,
+    tokenId,
+    provider
+  });
+  const result = {
+    name,
+    type,
+    status: "INVALID",
+    data: {
+      tokenRegistry: credentialStatus.tokenRegistry
+    }
+  };
+  if (ValidTokenRegistryStatus.guard(mintStatus)) {
+    result.status = "VALID";
+  } else {
+    result.reason = mintStatus.reason;
+  }
+  return result;
+}, "verify");
+const skip = /* @__PURE__ */ __name(async () => {
+  return {
+    status: "SKIPPED",
+    type,
+    name,
+    reason: {
+      code: OpenAttestationEthereumTokenRegistryStatusCode.SKIPPED,
+      codeString: OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.SKIPPED],
+      message: `Document does not have TransferableRecords status`
+    }
+  };
+}, "skip");
+const test = /* @__PURE__ */ __name((document) => {
+  if (document?.credentialStatus?.type === TRANSFERABLE_RECORDS_TYPE) {
+    return true;
+  }
+  return false;
+}, "test");
+const credentialStatusTransferableRecordVerifier = {
+  skip,
+  test,
+  verify: /* @__PURE__ */ __name(async (...args) => {
+    try {
+      return await verify(...args);
+    } catch (e) {
+      if (e instanceof CodedError) {
+        const err = {
+          name,
+          type,
+          status: "ERROR",
+          reason: {
+            code: e.code,
+            codeString: e.codeString,
+            message: e.message
+          }
+        };
+        return err;
+      }
+      return {
+        name,
+        type,
+        status: "ERROR",
+        reason: {
+          code: OpenAttestationEthereumTokenRegistryStatusCode.UNEXPECTED_ERROR,
+          codeString: OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.UNEXPECTED_ERROR],
+          message: e instanceof Error ? e.message : "An unexpected error occurred"
+        }
+      };
+    }
+  }, "verify")
+};
+
+export { TRANSFERABLE_RECORDS_TYPE, credentialStatusTransferableRecordVerifier };

package/dist/esm/core/fragments/document-status/transferableRecords/transferableRecordVerifier.types.js

@@ -0,0 +1 @@
+

package/dist/esm/core/fragments/document-status/transferableRecords/utils.js

@@ -0,0 +1,72 @@
+import { CodedError, OpenAttestationEthereumTokenRegistryStatusCode } from '@govtechsg/oa-verify';
+import { TradeTrustToken__factory } from '@tradetrust-tt/token-registry/dist/contracts';
+import { errors, constants } from 'ethers';
+
+var __defProp = Object.defineProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+const isNonExistentToken = /* @__PURE__ */ __name((error) => {
+  const message = error.message;
+  if (!message) {
+    return error.data && error.data.slice(0, 10) === "0x7e273289";
+  }
+  return message.includes("owner query for nonexistent token");
+}, "isNonExistentToken");
+const isMissingTokenRegistry = /* @__PURE__ */ __name((error) => {
+  return !error.reason && error.method?.toLowerCase() === "ownerOf(uint256)".toLowerCase() && error.code === errors.CALL_EXCEPTION;
+}, "isMissingTokenRegistry");
+const decodeError = /* @__PURE__ */ __name((error) => {
+  const reason = error.reason && Array.isArray(error.reason) ? error.reason[0] : error.reason ?? "";
+  switch (true) {
+    case isNonExistentToken(error):
+      return `Document has not been issued under token registry`;
+    case isMissingTokenRegistry(error):
+      return `Token registry is not found`;
+    case (reason.toLowerCase() === "ENS name not configured".toLowerCase() && error.code === errors.UNSUPPORTED_OPERATION):
+      return "ENS name is not configured";
+    case (reason.toLowerCase() === "invalid address".toLowerCase() && error.code === errors.INVALID_ARGUMENT):
+      return `Invalid token registry address`;
+    case error.code === errors.INVALID_ARGUMENT:
+      return `Invalid contract arguments`;
+    case error.code === errors.SERVER_ERROR:
+    case error.code === errors.NETWORK_ERROR:
+      throw new CodedError(
+        "Unable to connect to the network, please try again later",
+        OpenAttestationEthereumTokenRegistryStatusCode.SERVER_ERROR,
+        OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.SERVER_ERROR]
+      );
+    default:
+      throw error;
+  }
+}, "decodeError");
+const isTokenMintedOnRegistry = /* @__PURE__ */ __name(async ({
+  tokenRegistryAddress,
+  tokenId,
+  provider
+}) => {
+  try {
+    const tokenRegistryContract = TradeTrustToken__factory.connect(tokenRegistryAddress, provider);
+    const minted = await tokenRegistryContract.ownerOf(tokenId).then((owner) => owner !== constants.AddressZero);
+    return minted ? { minted, address: tokenRegistryAddress } : {
+      minted,
+      address: tokenRegistryAddress,
+      reason: {
+        code: OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED,
+        codeString: OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED],
+        message: `Document ${tokenId} has not been issued under contract ${tokenRegistryAddress}`
+      }
+    };
+  } catch (error) {
+    return {
+      minted: false,
+      address: tokenRegistryAddress,
+      reason: {
+        message: decodeError(error),
+        // message: (error as Error).message,
+        code: OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED,
+        codeString: OpenAttestationEthereumTokenRegistryStatusCode[OpenAttestationEthereumTokenRegistryStatusCode.DOCUMENT_NOT_MINTED]
+      }
+    };
+  }
+}, "isTokenMintedOnRegistry");
+
+export { decodeError, isTokenMintedOnRegistry };

package/dist/esm/core/verify.js

@@ -4,13 +4,18 @@ import { w3cSignatureIntegrity } from './fragments/document-integrity/w3cSignatu
 import { w3cCredentialStatus } from './fragments/document-status/w3cCredentialStatus';
 import { w3cIssuerIdentity } from './fragments/issuer-identity/w3cIssuerIdentity';
 import { utils } from '@govtechsg/open-attestation';
+import { credentialStatusTransferableRecordVerifier } from './fragments/document-status/transferableRecords/transferableRecordVerifier';
 
 var __defProp = Object.defineProperty;
 var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 const verifyDocument = /* @__PURE__ */ __name(async (document, rpcProviderUrl) => {
   if (utils.isWrappedV2Document(document) || utils.isWrappedV3Document(document) || utils.isWrappedV4Document(document)) {
     const verify = verificationBuilder(
-      [...openAttestationVerifiers, openAttestationDidIdentityProof],
+      [
+        ...openAttestationVerifiers,
+        openAttestationDidIdentityProof,
+        credentialStatusTransferableRecordVerifier
+      ],
       {
         provider: new ethers.providers.JsonRpcProvider(rpcProviderUrl)
         // Use user-provided provider URL
@@ -19,7 +24,12 @@ const verifyDocument = /* @__PURE__ */ __name(async (document, rpcProviderUrl) =
     return verify(document);
   } else {
     const verify = verificationBuilder(
-      [w3cSignatureIntegrity, w3cCredentialStatus, w3cIssuerIdentity],
+      [
+        w3cSignatureIntegrity,
+        w3cCredentialStatus,
+        w3cIssuerIdentity,
+        credentialStatusTransferableRecordVerifier
+      ],
       {
         provider: new ethers.providers.JsonRpcProvider(rpcProviderUrl)
         // Use user-provided provider URL

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@trustvc/trustvc",
-  "version": "1.0.0-alpha.6",
+  "version": "1.0.0-alpha.8",
   "description": "TrustVC library",
   "main": "dist/index.js",
   "module": "dist/esm/index.js",
@@ -70,6 +70,7 @@
     "prettier": "^3.3.2",
     "rimraf": "^5.0.10",
     "semantic-release": "^20.1.3",
+    "ts-node": "^10.9.2",
     "tsup": "^8.3.0",
     "typescript": "^5.6.2",
     "typescript-eslint": "^8.8.0",