@twin.org/node-core 0.0.1-next.10

package/dist/cjs/index.cjs

@@ -0,0 +1,1718 @@
+'use strict';
+
+var apiAuthEntityStorageService = require('@twin.org/api-auth-entity-storage-service');
+var core = require('@twin.org/core');
+var crypto = require('@twin.org/crypto');
+var engineTypes = require('@twin.org/engine-types');
+var entityStorageModels = require('@twin.org/entity-storage-models');
+var identityModels = require('@twin.org/identity-models');
+var vaultModels = require('@twin.org/vault-models');
+var walletModels = require('@twin.org/wallet-models');
+var promises = require('node:fs/promises');
+var path = require('node:path');
+var dotenv = require('dotenv');
+var engineServer = require('@twin.org/engine-server');
+var engineServerTypes = require('@twin.org/engine-server-types');
+var engine = require('@twin.org/engine');
+var engineCore = require('@twin.org/engine-core');
+var engineModels = require('@twin.org/engine-models');
+
+function _interopNamespaceDefault(e) {
+    var n = Object.create(null);
+    if (e) {
+        Object.keys(e).forEach(function (k) {
+            if (k !== 'default') {
+                var d = Object.getOwnPropertyDescriptor(e, k);
+                Object.defineProperty(n, k, d.get ? d : {
+                    enumerable: true,
+                    get: function () { return e[k]; }
+                });
+            }
+        });
+    }
+    n.default = e;
+    return Object.freeze(n);
+}
+
+var dotenv__namespace = /*#__PURE__*/_interopNamespaceDefault(dotenv);
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * The features that can be enabled on the node.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const NodeFeatures = {
+    /**
+     * NodeIdentity - generates an identity for the node if not provided in config.
+     */
+    NodeIdentity: "node-identity",
+    /**
+     * NodeUser - generates a user for the node if not provided in config.
+     */
+    NodeUser: "node-user"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/* eslint-disable no-console */
+/**
+ * Initialise the locales for the application.
+ * @param localesDirectory The directory containing the locales.
+ */
+async function initialiseLocales(localesDirectory) {
+    const localesFile = path.resolve(path.join(localesDirectory, "en.json"));
+    console.info("Locales File:", localesFile);
+    if (await fileExists(localesFile)) {
+        const enLangContent = await promises.readFile(localesFile, "utf8");
+        core.I18n.addDictionary("en", JSON.parse(enLangContent));
+    }
+    else {
+        console.warn(`Locales file not found: ${localesFile}`);
+    }
+}
+/**
+ * Get the directory where the application is being executed.
+ * @returns The execution directory.
+ */
+function getExecutionDirectory() {
+    return process.cwd();
+}
+/**
+ * Does the specified file exist.
+ * @param filename The filename to check for existence.
+ * @returns True if the file exists.
+ */
+async function fileExists(filename) {
+    try {
+        const stats = await promises.stat(filename);
+        return stats.isFile();
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Load the JSON file.
+ * @param filename The filename of the JSON file to load.
+ * @returns The contents of the JSON file or null if it could not be loaded.
+ */
+async function loadJsonFile(filename) {
+    const content = await promises.readFile(filename, "utf8");
+    return JSON.parse(content);
+}
+/**
+ * Get the features that are enabled on the node.
+ * @param env The environment variables for the node.
+ * @returns The features that are enabled on the node.
+ */
+function getFeatures(env) {
+    if (core.Is.empty(env.features)) {
+        return [];
+    }
+    const features = [];
+    const allFeatures = Object.values(NodeFeatures);
+    const splitFeatures = env.features.split(",");
+    for (const feature of splitFeatures) {
+        const featureTrimmed = feature.trim();
+        if (allFeatures.includes(featureTrimmed)) {
+            features.push(featureTrimmed);
+        }
+    }
+    return features;
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+const DEFAULT_NODE_USERNAME = "admin@node";
+/**
+ * Bootstrap the application.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ */
+async function bootstrap(engineCore, context, envVars) {
+    const features = getFeatures(envVars);
+    await bootstrapNodeIdentity(engineCore, context, envVars, features);
+    await bootstrapNodeUser(engineCore, context, envVars, features);
+    await bootstrapAuth(engineCore, context, envVars);
+    await bootstrapBlobEncryption(engineCore, context, envVars);
+    await bootstrapAttestationMethod(engineCore, context, envVars);
+    await bootstrapImmutableProofMethod(engineCore, context, envVars);
+}
+/**
+ * Bootstrap the node creating any necessary resources.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node. The features that are enabled on the node.
+ */
+async function bootstrapNodeIdentity(engineCore, context, envVars, features) {
+    if (features.includes(NodeFeatures.NodeIdentity)) {
+        // When we bootstrap the node we need to generate an identity for it,
+        // But we have a chicken and egg problem in that we can't create the identity
+        // to store the mnemonic in the vault without an identity. We use a temporary identity
+        // and then replace it with the new identity later in the process.
+        const engineDefaultTypes = engineCore.getDefaultTypes();
+        if (!core.Is.empty(engineDefaultTypes.vaultConnector)) {
+            const vaultConnector = vaultModels.VaultConnectorFactory.get(engineDefaultTypes.vaultConnector);
+            const workingIdentity = envVars.identity ??
+                context.state.nodeIdentity ??
+                `bootstrap-temp-${core.Converter.bytesToHex(core.RandomHelper.generate(16))}`;
+            await bootstrapMnemonic(engineCore, envVars, features, vaultConnector, workingIdentity);
+            const addresses = await bootstrapWallet(engineCore, envVars, features, workingIdentity);
+            const finalIdentity = await bootstrapIdentity(engineCore, envVars, features, workingIdentity);
+            await finaliseWallet(engineCore, envVars, features, finalIdentity, addresses);
+            await finaliseMnemonic(vaultConnector, workingIdentity, finalIdentity);
+            context.state.nodeIdentity = finalIdentity;
+            context.stateDirty = true;
+            engineCore.logInfo(core.I18n.formatMessage("node.nodeIdentity", {
+                identity: context.state.nodeIdentity
+            }));
+        }
+    }
+}
+/**
+ * Bootstrap the identity for the node.
+ * @param engineCore The engine core for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node. The features that are enabled on the node.
+ * @param nodeIdentity The identity of the node.
+ * @returns The addresses for the wallet.
+ */
+async function bootstrapIdentity(engineCore, envVars, features, nodeIdentity) {
+    const engineDefaultTypes = engineCore.getDefaultTypes();
+    // Now create an identity for the node controlled by the address we just funded
+    const identityConnector = identityModels.IdentityConnectorFactory.get(engineDefaultTypes.identityConnector);
+    let identityDocument;
+    try {
+        const identityResolverConnector = identityModels.IdentityResolverConnectorFactory.get(engineDefaultTypes.identityResolverConnector);
+        identityDocument = await identityResolverConnector.resolveDocument(nodeIdentity);
+        engineCore.logInfo(core.I18n.formatMessage("node.existingNodeIdentity", { identity: nodeIdentity }));
+    }
+    catch { }
+    if (core.Is.empty(identityDocument)) {
+        engineCore.logInfo(core.I18n.formatMessage("node.generatingNodeIdentity"));
+        identityDocument = await identityConnector.createDocument(nodeIdentity);
+        engineCore.logInfo(core.I18n.formatMessage("node.createdNodeIdentity", { identity: identityDocument.id }));
+    }
+    if (engineDefaultTypes.identityConnector === engineTypes.IdentityConnectorType.Iota) {
+        const didUrn = core.Urn.fromValidString(identityDocument.id);
+        const didParts = didUrn.parts();
+        const objectId = didParts[3];
+        engineCore.logInfo(core.I18n.formatMessage("node.identityExplorer", {
+            url: `${envVars.iotaExplorerEndpoint}object/${objectId}?network=${envVars.iotaNetwork}`
+        }));
+    }
+    return identityDocument.id;
+}
+/**
+ * Bootstrap the wallet for the node.
+ * @param engineCore The engine core for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ * @param nodeIdentity The identity of the node.
+ * @returns The addresses for the wallet.
+ */
+async function bootstrapWallet(engineCore, envVars, features, nodeIdentity) {
+    const engineDefaultTypes = engineCore.getDefaultTypes();
+    const walletConnector = walletModels.WalletConnectorFactory.get(engineDefaultTypes.walletConnector);
+    const addresses = await walletConnector.getAddresses(nodeIdentity, 0, 0, 5);
+    const balance = await walletConnector.getBalance(nodeIdentity, addresses[0]);
+    if (balance === 0n) {
+        let address0 = addresses[0];
+        if (engineDefaultTypes.walletConnector === engineTypes.WalletConnectorType.Iota) {
+            address0 = `${envVars.iotaExplorerEndpoint}address/${address0}?network=${envVars.iotaNetwork}`;
+        }
+        engineCore.logInfo(core.I18n.formatMessage("node.fundingWallet", { address: address0 }));
+        // Add some funds to the wallet from the faucet
+        await walletConnector.ensureBalance(nodeIdentity, addresses[0], 1000000000n);
+    }
+    else {
+        engineCore.logInfo(core.I18n.formatMessage("node.fundedWallet"));
+    }
+    return addresses;
+}
+/**
+ * Bootstrap the identity for the node.
+ * @param engineCore The engine core for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ * @param finalIdentity The identity of the node.
+ * @param addresses The addresses for the wallet.
+ */
+async function finaliseWallet(engineCore, envVars, features, finalIdentity, addresses) {
+    const engineDefaultTypes = engineCore.getDefaultTypes();
+    // If we are using entity storage for wallet the identity associated with the
+    // address will be wrong, so fix it
+    if (engineDefaultTypes.walletConnector === "entity-storage") {
+        const walletAddress = entityStorageModels.EntityStorageConnectorFactory.get(core.StringHelper.kebabCase("WalletAddress"));
+        const addr = await walletAddress.get(addresses[0]);
+        if (!core.Is.empty(addr)) {
+            addr.identity = finalIdentity;
+            await walletAddress.set(addr);
+        }
+    }
+}
+/**
+ * Generate a mnemonic for the node identity.
+ * @param engineCore The engine core for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ * @param vaultConnector The vault connector to use.
+ * @param nodeIdentity The identity of the node.
+ */
+async function bootstrapMnemonic(engineCore, envVars, features, vaultConnector, nodeIdentity) {
+    let mnemonic = envVars.mnemonic;
+    let storeMnemonic = false;
+    try {
+        const storedMnemonic = await vaultConnector.getSecret(`${nodeIdentity}/mnemonic`);
+        storeMnemonic = storedMnemonic !== mnemonic;
+        mnemonic = storedMnemonic;
+    }
+    catch {
+        storeMnemonic = true;
+    }
+    // If there is no mnemonic then we need to generate one
+    if (core.Is.empty(mnemonic)) {
+        mnemonic = crypto.Bip39.randomMnemonic();
+        storeMnemonic = true;
+        engineCore.logInfo(core.I18n.formatMessage("node.generatingMnemonic", { mnemonic }));
+    }
+    // If there is no mnemonic stored in the vault then we need to store it
+    if (storeMnemonic) {
+        engineCore.logInfo(core.I18n.formatMessage("node.storingMnemonic"));
+        await vaultConnector.setSecret(`${nodeIdentity}/mnemonic`, mnemonic);
+    }
+    else {
+        engineCore.logInfo(core.I18n.formatMessage("node.existingMnemonic"));
+    }
+}
+/**
+ * Finalise the mnemonic for the node identity.
+ * @param vaultConnector The vault connector to use.
+ * @param workingIdentity The identity of the node.
+ * @param finalIdentity The final identity for the node.
+ */
+async function finaliseMnemonic(vaultConnector, workingIdentity, finalIdentity) {
+    // Now that we have an identity we can remove the temporary one
+    // and store the mnemonic with the new identity
+    if (workingIdentity.startsWith("bootstrap-temp-") && workingIdentity !== finalIdentity) {
+        const mnemonic = await vaultConnector.getSecret(`${workingIdentity}/mnemonic`);
+        await vaultConnector.setSecret(`${finalIdentity}/mnemonic`, mnemonic);
+        await vaultConnector.removeSecret(`${workingIdentity}/mnemonic`);
+    }
+}
+/**
+ * Bootstrap the user.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ */
+async function bootstrapNodeUser(engineCore, context, envVars, features) {
+    if (features.includes(NodeFeatures.NodeUser)) {
+        const engineDefaultTypes = engineCore.getDefaultTypes();
+        if (engineDefaultTypes.authenticationComponent === "authentication-entity-storage" &&
+            core.Is.stringValue(context.state.nodeIdentity)) {
+            const authUserEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(core.StringHelper.kebabCase("AuthenticationUser"));
+            const email = envVars.username ?? DEFAULT_NODE_USERNAME;
+            let nodeAdminUser = await authUserEntityStorage.get(email);
+            if (core.Is.empty(nodeAdminUser)) {
+                engineCore.logInfo(core.I18n.formatMessage("node.creatingNodeUser", { email }));
+                const generatedPassword = envVars.password ?? crypto.PasswordGenerator.generate(16);
+                const passwordBytes = core.Converter.utf8ToBytes(generatedPassword);
+                const saltBytes = core.RandomHelper.generate(16);
+                const hashedPassword = await apiAuthEntityStorageService.PasswordHelper.hashPassword(passwordBytes, saltBytes);
+                nodeAdminUser = {
+                    email,
+                    password: hashedPassword,
+                    salt: core.Converter.bytesToBase64(saltBytes),
+                    identity: context.state.nodeIdentity
+                };
+                engineCore.logInfo(core.I18n.formatMessage("node.nodeAdminUserEmail", { email: nodeAdminUser.email }));
+                engineCore.logInfo(core.I18n.formatMessage("node.nodeAdminUserPassword", { password: generatedPassword }));
+                await authUserEntityStorage.set(nodeAdminUser);
+            }
+            else {
+                engineCore.logInfo(core.I18n.formatMessage("node.existingNodeUser", { email }));
+                // The user already exists, so double check the other details match
+                let needsUpdate = false;
+                if (nodeAdminUser.identity !== context.state.nodeIdentity) {
+                    nodeAdminUser.identity = context.state.nodeIdentity;
+                    needsUpdate = true;
+                }
+                if (core.Is.stringValue(envVars.password)) {
+                    const passwordBytes = core.Converter.utf8ToBytes(envVars.password);
+                    const saltBytes = core.Converter.base64ToBytes(nodeAdminUser.salt);
+                    const hashedPassword = await apiAuthEntityStorageService.PasswordHelper.hashPassword(passwordBytes, saltBytes);
+                    if (nodeAdminUser.password !== hashedPassword) {
+                        nodeAdminUser.password = hashedPassword;
+                        needsUpdate = true;
+                    }
+                }
+                if (needsUpdate) {
+                    await authUserEntityStorage.set(nodeAdminUser);
+                }
+            }
+            // We have create a node user, now we need to create a profile for the user
+            const identityProfileConnector = identityModels.IdentityProfileConnectorFactory.get(engineDefaultTypes.identityProfileConnector);
+            if (identityProfileConnector) {
+                let userProfile;
+                try {
+                    userProfile = await identityProfileConnector.get(context.state.nodeIdentity);
+                }
+                catch { }
+                if (core.Is.empty(userProfile)) {
+                    engineCore.logInfo(core.I18n.formatMessage("node.creatingUserProfile", { identity: context.state.nodeIdentity }));
+                    const publicProfile = {
+                        "@context": "https://schema.org",
+                        "@type": "Person",
+                        name: "Node Administrator"
+                    };
+                    const privateProfile = {
+                        "@context": "https://schema.org",
+                        "@type": "Person",
+                        givenName: "Node",
+                        familyName: "Administrator",
+                        email
+                    };
+                    await identityProfileConnector.create(context.state.nodeIdentity, publicProfile, privateProfile);
+                }
+                else {
+                    engineCore.logInfo(core.I18n.formatMessage("node.existingUserProfile", { identity: context.state.nodeIdentity }));
+                }
+            }
+        }
+    }
+}
+/**
+ * Bootstrap the attestation verification methods.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ */
+async function bootstrapAttestationMethod(engineCore, context, envVars, features) {
+    if (core.Is.stringValue(context.state.nodeIdentity) &&
+        core.Is.arrayValue(context.config.types.identityConnector) &&
+        core.Is.stringValue(envVars.attestationVerificationMethodId)) {
+        const engineDefaultTypes = engineCore.getDefaultTypes();
+        const identityConnector = identityModels.IdentityConnectorFactory.get(engineDefaultTypes.identityConnector);
+        const identityResolverConnector = identityModels.IdentityResolverConnectorFactory.get(engineDefaultTypes.identityResolverConnector);
+        const identityDocument = await identityResolverConnector.resolveDocument(context.state.nodeIdentity);
+        const fullMethodId = `${identityDocument.id}#${envVars.attestationVerificationMethodId}`;
+        let createVm = true;
+        try {
+            identityModels.DocumentHelper.getVerificationMethod(identityDocument, fullMethodId, "assertionMethod");
+            createVm = false;
+        }
+        catch { }
+        if (createVm) {
+            // Add attestation verification method to DID, the correct node context is now in place
+            // so the keys for the verification method will be stored correctly
+            engineCore.logInfo(core.I18n.formatMessage("node.addingAttestation", {
+                methodId: fullMethodId
+            }));
+            await identityConnector.addVerificationMethod(context.state.nodeIdentity, context.state.nodeIdentity, "assertionMethod", envVars.attestationVerificationMethodId);
+        }
+        else {
+            engineCore.logInfo(core.I18n.formatMessage("node.existingAttestation", {
+                methodId: fullMethodId
+            }));
+        }
+    }
+}
+/**
+ * Bootstrap the immutable proof verification methods.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ */
+async function bootstrapImmutableProofMethod(engineCore, context, envVars, features) {
+    const engineDefaultTypes = engineCore.getDefaultTypes();
+    if (core.Is.stringValue(context.state.nodeIdentity) &&
+        core.Is.arrayValue(context.config.types.identityConnector) &&
+        core.Is.stringValue(envVars.immutableProofVerificationMethodId)) {
+        const identityConnector = identityModels.IdentityConnectorFactory.get(engineDefaultTypes.identityConnector);
+        const identityResolverConnector = identityModels.IdentityResolverConnectorFactory.get(engineDefaultTypes.identityResolverConnector);
+        const identityDocument = await identityResolverConnector.resolveDocument(context.state.nodeIdentity);
+        const fullMethodId = `${identityDocument.id}#${envVars.immutableProofVerificationMethodId}`;
+        let createVm = true;
+        try {
+            identityModels.DocumentHelper.getVerificationMethod(identityDocument, fullMethodId, "assertionMethod");
+            createVm = false;
+        }
+        catch { }
+        if (createVm) {
+            // Add AIG verification method to DID, the correct node context is now in place
+            // so the keys for the verification method will be stored correctly
+            engineCore.logInfo(core.I18n.formatMessage("node.addingImmutableProof", {
+                methodId: fullMethodId
+            }));
+            await identityConnector.addVerificationMethod(context.state.nodeIdentity, context.state.nodeIdentity, "assertionMethod", envVars.immutableProofVerificationMethodId);
+        }
+        else {
+            engineCore.logInfo(core.I18n.formatMessage("node.existingImmutableProof", {
+                methodId: fullMethodId
+            }));
+        }
+    }
+}
+/**
+ * Bootstrap the keys for blob encryption.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ */
+async function bootstrapBlobEncryption(engineCore, context, envVars, features) {
+    if ((core.Coerce.boolean(envVars.blobStorageEnableEncryption) ?? false) &&
+        core.Is.stringValue(context.state.nodeIdentity)) {
+        const engineDefaultTypes = engineCore.getDefaultTypes();
+        // Create a new key for encrypting blobs
+        const vaultConnector = vaultModels.VaultConnectorFactory.get(engineDefaultTypes.vaultConnector);
+        const keyName = `${context.state.nodeIdentity}/${envVars.blobStorageEncryptionKey}`;
+        let existingKey;
+        try {
+            existingKey = await vaultConnector.getKey(keyName);
+        }
+        catch { }
+        if (core.Is.empty(existingKey)) {
+            engineCore.logInfo(core.I18n.formatMessage("node.creatingBlobEncryptionKey", { keyName }));
+            await vaultConnector.createKey(keyName, vaultModels.VaultKeyType.ChaCha20Poly1305);
+        }
+        else {
+            engineCore.logInfo(core.I18n.formatMessage("node.existingBlobEncryptionKey", { keyName }));
+        }
+    }
+}
+/**
+ * Bootstrap the JWT signing key.
+ * @param engineCore The engine core for the node.
+ * @param context The context for the node.
+ * @param envVars The environment variables for the node.
+ * @param features The features that are enabled on the node.
+ */
+async function bootstrapAuth(engineCore, context, envVars, features) {
+    const engineDefaultTypes = engineCore.getDefaultTypes();
+    if (engineDefaultTypes.authenticationComponent === "authentication-entity-storage" &&
+        core.Is.stringValue(context.state.nodeIdentity)) {
+        // Create a new JWT signing key and a user login for the node
+        const vaultConnector = vaultModels.VaultConnectorFactory.get(engineDefaultTypes.vaultConnector);
+        const keyName = `${context.state.nodeIdentity}/${envVars.authSigningKeyId}`;
+        let existingKey;
+        try {
+            existingKey = await vaultConnector.getKey(keyName);
+        }
+        catch { }
+        if (core.Is.empty(existingKey)) {
+            engineCore.logInfo(core.I18n.formatMessage("node.creatingAuthKey", { keyName }));
+            await vaultConnector.createKey(keyName, vaultModels.VaultKeyType.Ed25519);
+        }
+        else {
+            engineCore.logInfo(core.I18n.formatMessage("node.existingAuthKey", { keyName }));
+        }
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Build the engine core configuration from environment variables.
+ * @param envVars The environment variables.
+ * @returns The config for the core.
+ */
+function buildEngineConfiguration(envVars) {
+    if (core.Is.stringValue(envVars.storageFileRoot)) {
+        envVars.stateFilename ??= "engine-state.json";
+        envVars.storageFileRoot = path.resolve(envVars.storageFileRoot);
+        envVars.stateFilename = path.join(envVars.storageFileRoot, envVars.stateFilename);
+    }
+    envVars.attestationVerificationMethodId ??= "attestation-assertion";
+    envVars.immutableProofVerificationMethodId ??= "immutable-proof-assertion";
+    envVars.blobStorageEnableEncryption ??= "false";
+    envVars.blobStorageEncryptionKey ??= "blob-encryption";
+    const coreConfig = {
+        debug: core.Coerce.boolean(envVars.debug) ?? false,
+        types: {}
+    };
+    configureEntityStorage(coreConfig, envVars);
+    configureBlobStorage(coreConfig, envVars);
+    configureVault(coreConfig, envVars);
+    configureDlt(coreConfig, envVars);
+    configureLogging(coreConfig, envVars);
+    configureBackgroundTask(coreConfig, envVars);
+    configureEventBus(coreConfig, envVars);
+    configureTelemetry(coreConfig, envVars);
+    configureMessaging(coreConfig, envVars);
+    configureFaucet(coreConfig, envVars);
+    configureWallet(coreConfig, envVars);
+    configureNft(coreConfig, envVars);
+    configureVerifiableStorage(coreConfig, envVars);
+    configureIdentity(coreConfig, envVars);
+    configureIdentityResolver(coreConfig, envVars);
+    configureIdentityProfile(coreConfig, envVars);
+    configureAttestation(coreConfig, envVars);
+    configureDataProcessing(coreConfig, envVars);
+    configureAuditableItemGraph(coreConfig);
+    configureAuditableItemStream(coreConfig);
+    configureDocumentManagement(coreConfig);
+    configureFederatedCatalogue(coreConfig, envVars);
+    configureRightsManagement(coreConfig, envVars);
+    configureTaskScheduler(coreConfig, envVars);
+    return coreConfig;
+}
+/**
+ * Helper function to get IOTA configuration from centralized dltConfig.
+ * @param coreConfig The core config.
+ * @returns The IOTA configuration if found, undefined otherwise.
+ */
+function getIotaConfig(coreConfig) {
+    const dltConfig = coreConfig.types.dltConfig?.find(config => config.type === engineTypes.DltConfigType.Iota && config.isDefault);
+    return dltConfig?.options?.config;
+}
+/**
+ * Configures the entity storage.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureEntityStorage(coreConfig, envVars) {
+    coreConfig.types ??= {};
+    coreConfig.types.entityStorageConnector ??= [];
+    if ((core.Coerce.boolean(envVars.entityMemoryEnable) ?? false) ||
+        envVars.entityStorageConnectorType === engineTypes.EntityStorageConnectorType.Memory) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.Memory
+        });
+    }
+    if ((core.Coerce.boolean(envVars.entityFileEnable) ?? false) ||
+        envVars.entityStorageConnectorType === engineTypes.EntityStorageConnectorType.File) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.File,
+            options: {
+                config: { directory: envVars.storageFileRoot ?? "" },
+                folderPrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.awsDynamodbAccessKeyId)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.AwsDynamoDb,
+            options: {
+                config: {
+                    region: envVars.awsDynamodbRegion ?? "",
+                    accessKeyId: envVars.awsDynamodbAccessKeyId ?? "",
+                    secretAccessKey: envVars.awsDynamodbSecretAccessKey ?? "",
+                    endpoint: envVars.awsDynamodbEndpoint ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.azureCosmosdbKey)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.AzureCosmosDb,
+            options: {
+                config: {
+                    endpoint: envVars.azureCosmosdbEndpoint ?? "",
+                    key: envVars.azureCosmosdbKey ?? "",
+                    databaseId: envVars.azureCosmosdbDatabaseId ?? "",
+                    containerId: envVars.azureCosmosdbContainerId ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.gcpFirestoreCredentials)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.GcpFirestoreDb,
+            options: {
+                config: {
+                    projectId: envVars.gcpFirestoreProjectId ?? "",
+                    credentials: envVars.gcpFirestoreCredentials ?? "",
+                    databaseId: envVars.gcpFirestoreDatabaseId ?? "",
+                    collectionName: envVars.gcpFirestoreCollectionName ?? "",
+                    endpoint: envVars.gcpFirestoreApiEndpoint ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.scylladbHosts)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.ScyllaDb,
+            options: {
+                config: {
+                    hosts: envVars.scylladbHosts.split(",") ?? "",
+                    localDataCenter: envVars.scylladbLocalDataCenter ?? "",
+                    keyspace: envVars.scylladbKeyspace ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.mySqlHost)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.MySqlDb,
+            options: {
+                config: {
+                    host: envVars.mySqlHost,
+                    port: envVars.mySqlPort ?? 3306,
+                    user: envVars.mySqlUser ?? "",
+                    password: envVars.mySqlPassword ?? "",
+                    database: envVars.mySqlDatabase ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.mySqlHost)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.MySqlDb,
+            options: {
+                config: {
+                    host: envVars.mySqlHost,
+                    port: envVars.mySqlPort ?? 3306,
+                    user: envVars.mySqlUser ?? "",
+                    password: envVars.mySqlPassword ?? "",
+                    database: envVars.mySqlDatabase ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.mongoDbHost)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.MongoDb,
+            options: {
+                config: {
+                    host: envVars.mongoDbHost,
+                    port: envVars.mongoDbPort,
+                    user: envVars.mongoDbUser ?? "",
+                    password: envVars.mongoDbPassword ?? "",
+                    database: envVars.mongoDbDatabase ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.postgreSqlHost)) {
+        coreConfig.types.entityStorageConnector.push({
+            type: engineTypes.EntityStorageConnectorType.PostgreSql,
+            options: {
+                config: {
+                    host: envVars.postgreSqlHost,
+                    port: envVars.postgreSqlPort,
+                    user: envVars.postgreSqlUser ?? "",
+                    password: envVars.postgreSqlPassword ?? "",
+                    database: envVars.postgreSqlDatabase ?? ""
+                },
+                tablePrefix: envVars.entityStorageTablePrefix
+            }
+        });
+    }
+    const defaultStorageConnector = envVars.entityStorageConnectorType;
+    if (core.Is.stringValue(defaultStorageConnector)) {
+        for (const config of coreConfig.types.entityStorageConnector) {
+            if (config.type === defaultStorageConnector) {
+                config.isDefault = true;
+            }
+        }
+    }
+}
+/**
+ * Configures the blob storage.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureBlobStorage(coreConfig, envVars) {
+    coreConfig.types.blobStorageConnector ??= [];
+    if ((core.Coerce.boolean(envVars.blobMemoryEnable) ?? false) ||
+        envVars.blobStorageConnectorType === engineTypes.BlobStorageConnectorType.Memory) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.Memory
+        });
+    }
+    if ((core.Coerce.boolean(envVars.blobFileEnable) ?? false) ||
+        envVars.blobStorageConnectorType === engineTypes.BlobStorageConnectorType.File) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.File,
+            options: {
+                config: {
+                    directory: core.Is.stringValue(envVars.storageFileRoot)
+                        ? path.join(envVars.storageFileRoot, "blob-storage")
+                        : ""
+                },
+                storagePrefix: envVars.blobStoragePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.ipfsApiUrl)) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.Ipfs,
+            options: {
+                config: {
+                    apiUrl: envVars.ipfsApiUrl,
+                    bearerToken: envVars.ipfsBearerToken
+                }
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.awsS3AccessKeyId)) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.AwsS3,
+            options: {
+                config: {
+                    region: envVars.awsS3Region ?? "",
+                    bucketName: envVars.awsS3BucketName ?? "",
+                    accessKeyId: envVars.awsS3AccessKeyId ?? "",
+                    secretAccessKey: envVars.awsS3SecretAccessKey ?? "",
+                    endpoint: envVars.awsS3Endpoint ?? ""
+                },
+                storagePrefix: envVars.blobStoragePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.azureStorageAccountKey)) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.AzureStorage,
+            options: {
+                config: {
+                    accountName: envVars.azureStorageAccountName ?? "",
+                    accountKey: envVars.azureStorageAccountKey ?? "",
+                    containerName: envVars.azureStorageContainerName ?? "",
+                    endpoint: envVars.azureStorageEndpoint ?? ""
+                },
+                storagePrefix: envVars.blobStoragePrefix
+            }
+        });
+    }
+    if (core.Is.stringValue(envVars.gcpStorageCredentials)) {
+        coreConfig.types.blobStorageConnector.push({
+            type: engineTypes.BlobStorageConnectorType.GcpStorage,
+            options: {
+                config: {
+                    projectId: envVars.gcpStorageProjectId ?? "",
+                    credentials: envVars.gcpStorageCredentials ?? "",
+                    bucketName: envVars.gcpStorageBucketName ?? "",
+                    apiEndpoint: envVars.gcpFirestoreApiEndpoint
+                },
+                storagePrefix: envVars.blobStoragePrefix
+            }
+        });
+    }
+    const defaultStorageConnectorType = envVars.blobStorageConnectorType;
+    if (core.Is.stringValue(defaultStorageConnectorType)) {
+        for (const config of coreConfig.types.blobStorageConnector) {
+            if (config.type === defaultStorageConnectorType) {
+                config.isDefault = true;
+            }
+        }
+    }
+    if (coreConfig.types.blobStorageConnector.length > 0) {
+        coreConfig.types.blobStorageComponent ??= [];
+        coreConfig.types.blobStorageComponent.push({
+            type: engineTypes.BlobStorageComponentType.Service,
+            options: {
+                config: {
+                    vaultKeyId: (envVars.blobStorageEnableEncryption ?? false)
+                        ? envVars.blobStorageEncryptionKey
+                        : undefined
+                }
+            }
+        });
+    }
+}
+/**
+ * Configures the logging.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureLogging(coreConfig, envVars) {
+    coreConfig.types.loggingConnector ??= [];
+    const loggingConnectors = (envVars.loggingConnector ?? "").split(",");
+    for (const loggingConnector of loggingConnectors) {
+        if (loggingConnector === engineTypes.LoggingConnectorType.Console) {
+            coreConfig.types.loggingConnector?.push({
+                type: engineTypes.LoggingConnectorType.Console,
+                options: {
+                    config: {
+                        translateMessages: true,
+                        hideGroups: true
+                    }
+                },
+                isDefault: loggingConnectors.length === 1
+            });
+        }
+        else if (loggingConnector === engineTypes.LoggingConnectorType.EntityStorage) {
+            coreConfig.types.loggingConnector?.push({
+                type: engineTypes.LoggingConnectorType.EntityStorage,
+                isDefault: loggingConnectors.length === 1
+            });
+        }
+    }
+    if (loggingConnectors.length > 1) {
+        coreConfig.types.loggingConnector?.push({
+            type: engineTypes.LoggingConnectorType.Multi,
+            isDefault: true,
+            options: {
+                loggingConnectorTypes: loggingConnectors
+            }
+        });
+    }
+    if (loggingConnectors.length > 0) {
+        coreConfig.types.loggingComponent ??= [];
+        coreConfig.types.loggingComponent.push({ type: engineTypes.LoggingComponentType.Service });
+    }
+}
+/**
+ * Configures the vault.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureVault(coreConfig, envVars) {
+    coreConfig.types.vaultConnector ??= [];
+    if (envVars.vaultConnector === engineTypes.VaultConnectorType.EntityStorage) {
+        coreConfig.types.vaultConnector.push({
+            type: engineTypes.VaultConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.vaultConnector === engineTypes.VaultConnectorType.Hashicorp) {
+        coreConfig.types.vaultConnector.push({
+            type: engineTypes.VaultConnectorType.Hashicorp,
+            options: {
+                config: {
+                    endpoint: envVars.hashicorpVaultEndpoint ?? "",
+                    token: envVars.hashicorpVaultToken ?? ""
+                }
+            }
+        });
+    }
+}
+/**
+ * Configures the background task.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureBackgroundTask(coreConfig, envVars) {
+    coreConfig.types.backgroundTaskConnector ??= [];
+    if (envVars.backgroundTaskConnector === engineTypes.BackgroundTaskConnectorType.EntityStorage) {
+        coreConfig.types.backgroundTaskConnector.push({
+            type: engineTypes.BackgroundTaskConnectorType.EntityStorage
+        });
+    }
+}
+/**
+ * Configures the event bud.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureEventBus(coreConfig, envVars) {
+    coreConfig.types.eventBusConnector ??= [];
+    if (envVars.eventBusConnector === engineTypes.EventBusConnectorType.Local) {
+        coreConfig.types.eventBusConnector.push({
+            type: engineTypes.EventBusConnectorType.Local
+        });
+    }
+    if (coreConfig.types.eventBusConnector.length > 0) {
+        coreConfig.types.eventBusComponent ??= [];
+        coreConfig.types.eventBusComponent.push({ type: engineTypes.EventBusComponentType.Service });
+    }
+}
+/**
+ * Configures the telemetry.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureTelemetry(coreConfig, envVars) {
+    coreConfig.types.telemetryConnector ??= [];
+    if (envVars.telemetryConnector === engineTypes.TelemetryConnectorType.EntityStorage) {
+        coreConfig.types.telemetryConnector.push({
+            type: engineTypes.TelemetryConnectorType.EntityStorage
+        });
+    }
+    if (coreConfig.types.telemetryConnector.length > 0) {
+        coreConfig.types.telemetryComponent ??= [];
+        coreConfig.types.telemetryComponent.push({ type: engineTypes.TelemetryComponentType.Service });
+    }
+}
+/**
+ * Configures the messaging.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureMessaging(coreConfig, envVars) {
+    coreConfig.types.messagingEmailConnector ??= [];
+    coreConfig.types.messagingSmsConnector ??= [];
+    coreConfig.types.messagingPushNotificationConnector ??= [];
+    if (envVars.messagingEmailConnector === engineTypes.MessagingEmailConnectorType.EntityStorage) {
+        coreConfig.types.messagingEmailConnector.push({
+            type: engineTypes.MessagingEmailConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.messagingEmailConnector === engineTypes.MessagingEmailConnectorType.Aws) {
+        coreConfig.types.messagingEmailConnector.push({
+            type: engineTypes.MessagingEmailConnectorType.Aws,
+            options: {
+                config: {
+                    region: envVars.awsS3Region ?? "",
+                    accessKeyId: envVars.awsS3AccessKeyId ?? "",
+                    secretAccessKey: envVars.awsS3SecretAccessKey ?? "",
+                    endpoint: envVars.awsS3Endpoint ?? ""
+                }
+            }
+        });
+    }
+    if (envVars.messagingSmsConnector === engineTypes.MessagingSmsConnectorType.EntityStorage) {
+        coreConfig.types.messagingSmsConnector.push({
+            type: engineTypes.MessagingSmsConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.messagingSmsConnector === engineTypes.MessagingSmsConnectorType.Aws) {
+        coreConfig.types.messagingSmsConnector.push({
+            type: engineTypes.MessagingSmsConnectorType.Aws,
+            options: {
+                config: {
+                    region: envVars.awsS3Region ?? "",
+                    accessKeyId: envVars.awsS3AccessKeyId ?? "",
+                    secretAccessKey: envVars.awsS3SecretAccessKey ?? "",
+                    endpoint: envVars.awsS3Endpoint ?? ""
+                }
+            }
+        });
+    }
+    if (envVars.messagingPushNotificationConnector ===
+        engineTypes.MessagingPushNotificationConnectorType.EntityStorage) {
+        coreConfig.types.messagingPushNotificationConnector.push({
+            type: engineTypes.MessagingPushNotificationConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.messagingPushNotificationConnector === engineTypes.MessagingPushNotificationConnectorType.Aws) {
+        coreConfig.types.messagingPushNotificationConnector.push({
+            type: engineTypes.MessagingPushNotificationConnectorType.Aws,
+            options: {
+                config: {
+                    region: envVars.awsS3Region ?? "",
+                    accessKeyId: envVars.awsS3AccessKeyId ?? "",
+                    secretAccessKey: envVars.awsS3SecretAccessKey ?? "",
+                    endpoint: envVars.awsS3Endpoint ?? "",
+                    applicationsSettings: core.Is.json(envVars.awsMessagingPushNotificationApplications)
+                        ? JSON.parse(envVars.awsMessagingPushNotificationApplications)
+                        : []
+                }
+            }
+        });
+    }
+    if (coreConfig.types.messagingEmailConnector.length > 0 ||
+        coreConfig.types.messagingSmsConnector.length > 0 ||
+        coreConfig.types.messagingPushNotificationConnector.length > 0) {
+        coreConfig.types.messagingComponent ??= [];
+        coreConfig.types.messagingComponent.push({ type: engineTypes.MessagingComponentType.Service });
+    }
+}
+/**
+ * Configures the faucet.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureFaucet(coreConfig, envVars) {
+    coreConfig.types.faucetConnector ??= [];
+    if (envVars.faucetConnector === engineTypes.FaucetConnectorType.EntityStorage) {
+        coreConfig.types.faucetConnector.push({
+            type: engineTypes.FaucetConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.faucetConnector === engineTypes.FaucetConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.faucetConnector.push({
+            type: engineTypes.FaucetConnectorType.Iota,
+            options: {
+                config: {
+                    endpoint: envVars.iotaFaucetEndpoint ?? "",
+                    clientOptions: iotaConfig?.clientOptions ?? { url: "" },
+                    network: iotaConfig?.network ?? ""
+                }
+            }
+        });
+    }
+}
+/**
+ * Configures the wallet.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureWallet(coreConfig, envVars) {
+    coreConfig.types.walletConnector ??= [];
+    if (envVars.walletConnector === engineTypes.WalletConnectorType.EntityStorage) {
+        coreConfig.types.walletConnector.push({
+            type: engineTypes.WalletConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.walletConnector === engineTypes.WalletConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.walletConnector.push({
+            type: engineTypes.WalletConnectorType.Iota,
+            options: {
+                config: iotaConfig ?? {}
+            }
+        });
+    }
+}
+/**
+ * Configures the NFT.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureNft(coreConfig, envVars) {
+    coreConfig.types.nftConnector ??= [];
+    if (envVars.nftConnector === engineTypes.NftConnectorType.EntityStorage) {
+        coreConfig.types.nftConnector.push({
+            type: engineTypes.NftConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.nftConnector === engineTypes.NftConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.nftConnector.push({
+            type: engineTypes.NftConnectorType.Iota,
+            options: {
+                config: iotaConfig ?? {}
+            }
+        });
+    }
+    if (coreConfig.types.nftConnector.length > 0) {
+        coreConfig.types.nftComponent ??= [];
+        coreConfig.types.nftComponent.push({ type: engineTypes.NftComponentType.Service });
+    }
+}
+/**
+ * Configures the verifiable storage.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureVerifiableStorage(coreConfig, envVars) {
+    coreConfig.types.verifiableStorageConnector ??= [];
+    if (envVars.verifiableStorageConnector === engineTypes.VerifiableStorageConnectorType.EntityStorage) {
+        coreConfig.types.verifiableStorageConnector.push({
+            type: engineTypes.VerifiableStorageConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.verifiableStorageConnector === engineTypes.VerifiableStorageConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.verifiableStorageConnector.push({
+            type: engineTypes.VerifiableStorageConnectorType.Iota,
+            options: {
+                config: iotaConfig ?? {}
+            }
+        });
+    }
+    if (coreConfig.types.verifiableStorageConnector.length > 0) {
+        coreConfig.types.verifiableStorageComponent ??= [];
+        coreConfig.types.verifiableStorageComponent.push({
+            type: engineTypes.VerifiableStorageComponentType.Service
+        });
+        coreConfig.types.immutableProofComponent ??= [];
+        coreConfig.types.immutableProofComponent.push({
+            type: engineTypes.ImmutableProofComponentType.Service,
+            options: {
+                config: {
+                    verificationMethodId: envVars.immutableProofVerificationMethodId
+                }
+            }
+        });
+        coreConfig.types.auditableItemGraphComponent ??= [];
+        coreConfig.types.auditableItemGraphComponent.push({
+            type: engineTypes.AuditableItemGraphComponentType.Service
+        });
+        coreConfig.types.auditableItemStreamComponent ??= [];
+        coreConfig.types.auditableItemStreamComponent.push({
+            type: engineTypes.AuditableItemStreamComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the identity.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureIdentity(coreConfig, envVars) {
+    coreConfig.types.identityConnector ??= [];
+    if (envVars.identityConnector === engineTypes.IdentityConnectorType.EntityStorage) {
+        coreConfig.types.identityConnector.push({
+            type: engineTypes.IdentityConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.identityConnector === engineTypes.IdentityConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.identityConnector.push({
+            type: engineTypes.IdentityConnectorType.Iota,
+            options: {
+                config: iotaConfig ?? {}
+            }
+        });
+    }
+    if (coreConfig.types.identityConnector.length > 0) {
+        coreConfig.types.identityComponent ??= [];
+        coreConfig.types.identityComponent.push({ type: engineTypes.IdentityComponentType.Service });
+    }
+}
+/**
+ * Configures the identity resolver.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureIdentityResolver(coreConfig, envVars) {
+    coreConfig.types.identityResolverConnector ??= [];
+    if (envVars.identityResolverConnector === engineTypes.IdentityResolverConnectorType.EntityStorage) {
+        coreConfig.types.identityResolverConnector.push({
+            type: engineTypes.IdentityResolverConnectorType.EntityStorage
+        });
+    }
+    else if (envVars.identityResolverConnector === engineTypes.IdentityResolverConnectorType.Iota) {
+        const iotaConfig = getIotaConfig(coreConfig);
+        coreConfig.types.identityResolverConnector.push({
+            type: engineTypes.IdentityResolverConnectorType.Iota,
+            options: {
+                config: iotaConfig ?? {}
+            }
+        });
+    }
+    else if (envVars.identityResolverConnector === engineTypes.IdentityResolverConnectorType.Universal) {
+        coreConfig.types.identityResolverConnector.push({
+            type: engineTypes.IdentityResolverConnectorType.Universal,
+            options: {
+                config: {
+                    endpoint: envVars.universalResolverEndpoint ?? ""
+                }
+            }
+        });
+    }
+    if (coreConfig.types.identityResolverConnector.length > 0) {
+        coreConfig.types.identityResolverComponent ??= [];
+        coreConfig.types.identityResolverComponent.push({
+            type: engineTypes.IdentityResolverComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the identity profile.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureIdentityProfile(coreConfig, envVars) {
+    coreConfig.types.identityProfileConnector ??= [];
+    if (envVars.identityProfileConnector === engineTypes.IdentityConnectorType.EntityStorage) {
+        coreConfig.types.identityProfileConnector.push({
+            type: engineTypes.IdentityProfileConnectorType.EntityStorage
+        });
+    }
+    if (coreConfig.types.identityProfileConnector.length > 0) {
+        coreConfig.types.identityProfileComponent ??= [];
+        coreConfig.types.identityProfileComponent.push({ type: engineTypes.IdentityProfileComponentType.Service });
+    }
+}
+/**
+ * Configures the attestation.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureAttestation(coreConfig, envVars) {
+    coreConfig.types.attestationConnector ??= [];
+    if (envVars.attestationConnector === engineTypes.AttestationConnectorType.Nft) {
+        coreConfig.types.attestationConnector.push({
+            type: engineTypes.AttestationConnectorType.Nft
+        });
+    }
+    if (coreConfig.types.attestationConnector.length > 0) {
+        coreConfig.types.attestationComponent ??= [];
+        coreConfig.types.attestationComponent.push({
+            type: engineTypes.AttestationComponentType.Service,
+            options: {
+                config: {
+                    verificationMethodId: envVars.attestationVerificationMethodId
+                }
+            }
+        });
+    }
+}
+/**
+ * Configures the auditable item graph.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureAuditableItemGraph(coreConfig, envVars) {
+    if (core.Is.arrayValue(coreConfig.types.verifiableStorageConnector)) {
+        coreConfig.types.auditableItemGraphComponent ??= [];
+        coreConfig.types.auditableItemGraphComponent.push({
+            type: engineTypes.AuditableItemGraphComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the auditable item stream.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureAuditableItemStream(coreConfig, envVars) {
+    if (core.Is.arrayValue(coreConfig.types.verifiableStorageConnector)) {
+        coreConfig.types.auditableItemStreamComponent ??= [];
+        coreConfig.types.auditableItemStreamComponent.push({
+            type: engineTypes.AuditableItemStreamComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the data processing.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureDataProcessing(coreConfig, envVars) {
+    coreConfig.types.dataConverterConnector ??= [];
+    coreConfig.types.dataExtractorConnector ??= [];
+    const converterConnectors = envVars.dataConverterConnectors?.split(",") ?? [];
+    for (const converterConnector of converterConnectors) {
+        if (converterConnector === engineTypes.DataConverterConnectorType.Json) {
+            coreConfig.types.dataConverterConnector.push({
+                type: engineTypes.DataConverterConnectorType.Json
+            });
+        }
+        else if (converterConnector === engineTypes.DataConverterConnectorType.Xml) {
+            coreConfig.types.dataConverterConnector.push({
+                type: engineTypes.DataConverterConnectorType.Xml
+            });
+        }
+    }
+    const extractorConnectors = envVars.dataExtractorConnectors?.split(",") ?? [];
+    for (const extractorConnector of extractorConnectors) {
+        if (extractorConnector === engineTypes.DataExtractorConnectorType.JsonPath) {
+            coreConfig.types.dataExtractorConnector.push({
+                type: engineTypes.DataExtractorConnectorType.JsonPath
+            });
+        }
+    }
+    if (coreConfig.types.dataConverterConnector.length > 0 ||
+        coreConfig.types.dataExtractorConnector.length > 0) {
+        coreConfig.types.dataProcessingComponent ??= [];
+        coreConfig.types.dataProcessingComponent.push({ type: engineTypes.DataProcessingComponentType.Service });
+    }
+}
+/**
+ * Configures the document management.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureDocumentManagement(coreConfig, envVars) {
+    if (core.Is.arrayValue(coreConfig.types.auditableItemGraphComponent) &&
+        core.Is.arrayValue(coreConfig.types.blobStorageComponent) &&
+        core.Is.arrayValue(coreConfig.types.attestationComponent)) {
+        coreConfig.types.documentManagementComponent ??= [];
+        coreConfig.types.documentManagementComponent.push({
+            type: engineTypes.DocumentManagementComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the federated catalogue.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureFederatedCatalogue(coreConfig, envVars) {
+    if (core.Is.arrayValue(coreConfig.types.identityResolverComponent)) {
+        coreConfig.types.federatedCatalogueComponent ??= [];
+        coreConfig.types.federatedCatalogueComponent.push({
+            type: engineTypes.FederatedCatalogueComponentType.Service,
+            options: {
+                config: {
+                    subResourceCacheTtlMs: core.Coerce.number(envVars.federatedCatalogueCacheTtlMs),
+                    clearingHouseApproverList: core.Coerce.object(envVars.federatedCatalogueClearingHouseApproverList) ?? []
+                }
+            }
+        });
+    }
+}
+/**
+ * Configures the rights management.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureRightsManagement(coreConfig, envVars) {
+    if (core.Coerce.boolean(envVars.rightsManagementEnabled) ?? false) {
+        coreConfig.types.rightsManagementPapComponent ??= [];
+        coreConfig.types.rightsManagementPapComponent.push({
+            type: engineTypes.RightsManagementPapComponentType.Service
+        });
+        coreConfig.types.rightsManagementComponent ??= [];
+        coreConfig.types.rightsManagementComponent.push({
+            type: engineTypes.RightsManagementComponentType.Service
+        });
+    }
+}
+/**
+ * Configures the task scheduler.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureTaskScheduler(coreConfig, envVars) {
+    if (core.Coerce.boolean(envVars.taskSchedulerEnabled) ?? true) {
+        coreConfig.types.taskSchedulerComponent ??= [];
+        coreConfig.types.taskSchedulerComponent.push({
+            type: engineTypes.TaskSchedulerComponentType.Default
+        });
+    }
+}
+/**
+ * Configures the DLT.
+ * @param coreConfig The core config.
+ * @param envVars The environment variables.
+ */
+function configureDlt(coreConfig, envVars) {
+    // Create centralized DLT configuration for IOTA if essential IOTA variables are set
+    if (core.Is.stringValue(envVars.iotaNodeEndpoint) && core.Is.stringValue(envVars.iotaNetwork)) {
+        coreConfig.types.dltConfig ??= [];
+        const gasStationConfig = core.Is.stringValue(envVars.iotaGasStationEndpoint) &&
+            core.Is.stringValue(envVars.iotaGasStationAuthToken)
+            ? {
+                gasStationUrl: envVars.iotaGasStationEndpoint,
+                gasStationAuthToken: envVars.iotaGasStationAuthToken
+            }
+            : undefined;
+        coreConfig.types.dltConfig.push({
+            type: engineTypes.DltConfigType.Iota,
+            isDefault: true,
+            options: {
+                config: {
+                    clientOptions: {
+                        url: envVars.iotaNodeEndpoint ?? ""
+                    },
+                    network: envVars.iotaNetwork ?? "",
+                    coinType: core.Coerce.number(envVars.iotaCoinType),
+                    gasStation: gasStationConfig
+                }
+            }
+        });
+    }
+}
+
+/**
+ * Handles the configuration of the server.
+ * @param envVars The environment variables for the engine server.
+ * @param coreEngineConfig The core engine config.
+ * @param serverInfo The server information.
+ * @param openApiSpecPath The path to the open api spec.
+ * @returns The the config for the core and the server.
+ */
+function buildEngineServerConfiguration(envVars, coreEngineConfig, serverInfo, openApiSpecPath) {
+    envVars.authSigningKeyId ??= "auth-signing";
+    const webServerOptions = {
+        port: core.Coerce.number(envVars.port),
+        host: core.Coerce.string(envVars.host),
+        methods: core.Is.stringValue(envVars.httpMethods)
+            ? envVars.httpMethods.split(",")
+            : undefined,
+        allowedHeaders: core.Is.stringValue(envVars.httpAllowedHeaders)
+            ? envVars.httpAllowedHeaders.split(",")
+            : undefined,
+        exposedHeaders: core.Is.stringValue(envVars.httpExposedHeaders)
+            ? envVars.httpExposedHeaders.split(",")
+            : undefined,
+        corsOrigins: core.Is.stringValue(envVars.corsOrigins) ? envVars.corsOrigins.split(",") : undefined
+    };
+    const authProcessorType = envVars.authProcessorType;
+    const serverConfig = {
+        ...coreEngineConfig,
+        web: webServerOptions,
+        types: {
+            ...coreEngineConfig.types,
+            informationComponent: [
+                {
+                    type: engineServerTypes.InformationComponentType.Service,
+                    options: {
+                        config: {
+                            serverInfo,
+                            openApiSpecPath
+                        }
+                    }
+                }
+            ]
+        }
+    };
+    if (core.Is.stringValue(envVars.mimeTypeProcessors)) {
+        const mimeTypeProcessors = envVars.mimeTypeProcessors.split(",");
+        if (core.Is.arrayValue(mimeTypeProcessors)) {
+            serverConfig.types.mimeTypeProcessor ??= [];
+            for (const mimeTypeProcessor of mimeTypeProcessors) {
+                serverConfig.types.mimeTypeProcessor.push({
+                    type: mimeTypeProcessor
+                });
+            }
+        }
+    }
+    serverConfig.types.restRouteProcessor ??= [];
+    serverConfig.types.socketRouteProcessor ??= [];
+    const disableNodeIdentity = core.Coerce.boolean(envVars.disableNodeIdentity);
+    if (!disableNodeIdentity) {
+        serverConfig.types.restRouteProcessor.push({
+            type: engineServerTypes.RestRouteProcessorType.NodeIdentity
+        });
+        serverConfig.types.socketRouteProcessor.push({
+            type: engineServerTypes.SocketRouteProcessorType.NodeIdentity
+        });
+    }
+    if (!coreEngineConfig.silent) {
+        serverConfig.types.restRouteProcessor.push({
+            type: engineServerTypes.RestRouteProcessorType.Logging,
+            options: {
+                config: {
+                    includeBody: coreEngineConfig.debug
+                }
+            }
+        });
+        serverConfig.types.socketRouteProcessor.push({
+            type: engineServerTypes.SocketRouteProcessorType.Logging,
+            options: {
+                config: {
+                    includeBody: coreEngineConfig.debug
+                }
+            }
+        });
+    }
+    serverConfig.types.restRouteProcessor.push({
+        type: engineServerTypes.RestRouteProcessorType.RestRoute,
+        options: {
+            config: {
+                includeErrorStack: coreEngineConfig.debug
+            }
+        }
+    });
+    serverConfig.types.socketRouteProcessor.push({
+        type: engineServerTypes.SocketRouteProcessorType.SocketRoute,
+        options: {
+            config: {
+                includeErrorStack: coreEngineConfig.debug
+            }
+        }
+    });
+    if (authProcessorType === engineServerTypes.AuthenticationComponentType.EntityStorage) {
+        serverConfig.types.authenticationComponent ??= [];
+        serverConfig.types.authenticationComponent.push({
+            type: engineServerTypes.AuthenticationComponentType.EntityStorage,
+            options: {
+                config: {
+                    signingKeyName: envVars.authSigningKeyId
+                }
+            }
+        });
+        serverConfig.types.restRouteProcessor.push({
+            type: engineServerTypes.RestRouteProcessorType.AuthHeader,
+            options: {
+                config: {
+                    signingKeyName: envVars.authSigningKeyId
+                }
+            }
+        });
+        serverConfig.types.socketRouteProcessor.push({
+            type: engineServerTypes.SocketRouteProcessorType.AuthHeader,
+            options: {
+                config: {
+                    signingKeyName: envVars.authSigningKeyId
+                }
+            }
+        });
+    }
+    engineServer.addDefaultRestPaths(serverConfig);
+    engineServer.addDefaultSocketPaths(serverConfig);
+    return serverConfig;
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/* eslint-disable no-console */
+/**
+ * Start the engine server.
+ * @param nodeOptions Optional run options for the engine server.
+ * @param engineServerConfig The configuration for the engine server.
+ * @param envVars The environment variables.
+ * @returns The engine server.
+ */
+async function start(nodeOptions, engineServerConfig, envVars) {
+    envVars.storageFileRoot ??= "";
+    if ((envVars.entityStorageConnectorType === engineTypes.EntityStorageConnectorType.File ||
+        envVars.blobStorageConnectorType === engineTypes.BlobStorageConnectorType.File ||
+        core.Is.empty(nodeOptions?.stateStorage)) &&
+        !core.Is.stringValue(envVars.storageFileRoot)) {
+        throw new core.GeneralError("node", "storageFileRootNotSet", {
+            storageFileRoot: `${nodeOptions?.envPrefix ?? ""}_STORAGE_FILE_ROOT`
+        });
+    }
+    // Create the engine instance using file state storage and custom bootstrap.
+    const engine$1 = new engine.Engine({
+        config: engineServerConfig,
+        stateStorage: nodeOptions?.stateStorage ?? new engineCore.FileStateStorage(envVars.stateFilename ?? ""),
+        customBootstrap: async (core, engineContext) => bootstrap(core, engineContext, envVars)
+    });
+    // Extend the engine.
+    if (core.Is.function(nodeOptions?.extendEngine)) {
+        console.info("Extending Engine");
+        await nodeOptions.extendEngine(engine$1);
+    }
+    // Construct the server with the engine.
+    const server = new engineServer.EngineServer({ engineCore: engine$1 });
+    // Extend the engine server.
+    if (core.Is.function(nodeOptions?.extendEngineServer)) {
+        console.info("Extending Engine Server");
+        await nodeOptions?.extendEngineServer(server);
+    }
+    // Need to register the engine with the factory so that background tasks
+    // can clone it to spawn new instances.
+    engineModels.EngineCoreFactory.register("engine", () => engine$1);
+    // Start the server, which also starts the engine.
+    const canContinue = await server.start();
+    if (canContinue) {
+        return {
+            engine: engine$1,
+            server
+        };
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/* eslint-disable no-console */
+/**
+ * Run the TWIN Node server.
+ * @param nodeOptions Optional configuration options for running the server.
+ * @returns A promise that resolves when the server is started.
+ */
+async function run(nodeOptions) {
+    try {
+        nodeOptions ??= {};
+        const serverInfo = {
+            name: nodeOptions?.serverName ?? "TWIN Node Server",
+            version: nodeOptions?.serverVersion ?? "0.0.1-next.10" // x-release-please-version
+        };
+        console.log(`\u001B[4m🌩️  ${serverInfo.name} v${serverInfo.version}\u001B[24m\n`);
+        if (!core.Is.stringValue(nodeOptions?.executionDirectory)) {
+            nodeOptions.executionDirectory = getExecutionDirectory();
+        }
+        console.info("Execution Directory:", nodeOptions.executionDirectory);
+        nodeOptions.localesDirectory =
+            nodeOptions?.localesDirectory ??
+                path.resolve(path.join(nodeOptions.executionDirectory, "dist", "locales"));
+        console.info("Locales Directory:", nodeOptions.localesDirectory);
+        await initialiseLocales(nodeOptions.localesDirectory);
+        if (core.Is.empty(nodeOptions?.openApiSpecFile)) {
+            const specFile = path.resolve(path.join(nodeOptions.executionDirectory, "docs", "open-api", "spec.json"));
+            console.info("Default OpenAPI Spec File:", specFile);
+            if (await fileExists(specFile)) {
+                nodeOptions ??= {};
+                nodeOptions.openApiSpecFile = specFile;
+            }
+        }
+        nodeOptions.envPrefix ??= "TWIN_NODE_";
+        console.info("Environment Prefix:", nodeOptions.envPrefix);
+        const { engineServerConfig, nodeEnvVars: envVars } = await buildConfiguration(process.env, nodeOptions, serverInfo);
+        console.info();
+        const startResult = await start(nodeOptions, engineServerConfig, envVars);
+        if (!core.Is.empty(startResult)) {
+            for (const signal of ["SIGHUP", "SIGINT", "SIGTERM"]) {
+                process.on(signal, async () => {
+                    await startResult.server.stop();
+                });
+            }
+        }
+    }
+    catch (err) {
+        console.error(core.ErrorHelper.formatErrors(err).join("\n"));
+        // eslint-disable-next-line unicorn/no-process-exit
+        process.exit(1);
+    }
+}
+/**
+ * Build the configuration for the TWIN Node server.
+ * @param processEnv The environment variables from the process.
+ * @param options The options for running the server.
+ * @param serverInfo The server information.
+ * @returns A promise that resolves to the engine server configuration, environment prefix, environment variables,
+ * and options.
+ */
+async function buildConfiguration(processEnv, options, serverInfo) {
+    let defaultEnvOnly = false;
+    if (core.Is.empty(options?.envFilenames)) {
+        const envFile = path.resolve(path.join(options.executionDirectory ?? "", ".env"));
+        console.info("Default Environment File:", envFile);
+        options ??= {};
+        options.envFilenames = [envFile];
+        defaultEnvOnly = true;
+    }
+    if (core.Is.arrayValue(options?.envFilenames)) {
+        const output = dotenv__namespace.config({
+            path: options?.envFilenames
+        });
+        // We don't want to throw an error if the default environment file is not found.
+        // Only if we have custom environment files.
+        if (!defaultEnvOnly && output.error) {
+            throw output.error;
+        }
+        if (core.Is.objectValue(output.parsed)) {
+            Object.assign(processEnv, output.parsed);
+        }
+    }
+    const envVars = core.EnvHelper.envToJson(processEnv, options.envPrefix ?? "");
+    // Expand any environment variables that use the @file: syntax
+    const keys = Object.keys(envVars);
+    for (const key of keys) {
+        if (core.Is.stringValue(envVars[key]) && envVars[key].startsWith("@file:")) {
+            const filePath = envVars[key].slice(6).trim();
+            const embeddedFile = path.resolve(path.join(options.executionDirectory ?? "", filePath));
+            console.info(`Expanding Environment Variable: ${key} from file: ${embeddedFile}`);
+            const fileContent = await loadJsonFile(embeddedFile);
+            envVars[key] = fileContent;
+        }
+    }
+    // Extend the environment variables with any additional custom configuration.
+    if (core.Is.function(options?.extendEnvVars)) {
+        console.info("Extending Environment Variables");
+        await options.extendEnvVars(envVars);
+    }
+    // Build the engine configuration from the environment variables.
+    const coreConfig = buildEngineConfiguration(envVars);
+    const engineServerConfig = buildEngineServerConfiguration(envVars, coreConfig, serverInfo, options?.openApiSpecFile);
+    // Merge any custom configuration provided in the options.
+    if (core.Is.arrayValue(options?.configFilenames)) {
+        for (const configFile of options.configFilenames) {
+            console.info("Loading Configuration File:", configFile);
+            const configFilePath = path.resolve(path.join(options.executionDirectory ?? "", configFile));
+            const config = await loadJsonFile(configFilePath);
+            Object.assign(engineServerConfig, config);
+        }
+    }
+    if (core.Is.objectValue(options?.config)) {
+        console.info("Merging Custom Configuration");
+        Object.assign(engineServerConfig, options.config);
+    }
+    // Merge any custom configuration provided in the options.
+    if (core.Is.function(options?.extendConfig)) {
+        console.info("Extending Configuration");
+        await options.extendConfig(engineServerConfig);
+    }
+    return { engineServerConfig, nodeEnvVars: envVars };
+}
+
+exports.NodeFeatures = NodeFeatures;
+exports.bootstrap = bootstrap;
+exports.bootstrapAttestationMethod = bootstrapAttestationMethod;
+exports.bootstrapAuth = bootstrapAuth;
+exports.bootstrapBlobEncryption = bootstrapBlobEncryption;
+exports.bootstrapImmutableProofMethod = bootstrapImmutableProofMethod;
+exports.bootstrapNodeIdentity = bootstrapNodeIdentity;
+exports.bootstrapNodeUser = bootstrapNodeUser;
+exports.buildConfiguration = buildConfiguration;
+exports.buildEngineConfiguration = buildEngineConfiguration;
+exports.fileExists = fileExists;
+exports.getExecutionDirectory = getExecutionDirectory;
+exports.getFeatures = getFeatures;
+exports.initialiseLocales = initialiseLocales;
+exports.loadJsonFile = loadJsonFile;
+exports.run = run;
+exports.start = start;