@twin.org/node-core 0.0.3-next.2 → 0.0.3-next.21

package/dist/es/commands/identityCreate.js

@@ -0,0 +1,316 @@
+// Copyright 2026 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+import { CLIDisplay, CLIUtils } from "@twin.org/cli-core";
+import { Coerce, GeneralError, I18n, Is, RandomHelper, StringHelper } from "@twin.org/core";
+import { Bip39 } from "@twin.org/crypto";
+import { WalletConnectorType } from "@twin.org/engine-types";
+import { EntityStorageConnectorFactory } from "@twin.org/entity-storage-models";
+import { Did, IdentityConnectorFactory, IdentityResolverConnectorFactory } from "@twin.org/identity-models";
+import { VaultConnectorFactory } from "@twin.org/vault-models";
+import { WalletConnectorFactory } from "@twin.org/wallet-models";
+const COMMAND_NAME = "identity-create";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionIdentityCreate(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.identity-create.description"),
+        example: I18n.formatMessage("node.cli.commands.identity-create.example"),
+        requiresNodeIdentity: false,
+        requiresTenantId: false,
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "mnemonic",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.mnemonic.description"),
+                extendedType: "24 words",
+                required: false
+            },
+            {
+                key: "identity",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.identity.description"),
+                extendedType: "did",
+                required: false
+            },
+            {
+                key: "controller",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.controller.description"),
+                extendedType: "did",
+                required: false
+            },
+            {
+                key: "fund-wallet",
+                type: "boolean",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.fund-wallet.description"),
+                required: false,
+                defaultValue: false
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.load-env.description"),
+                required: false
+            },
+            {
+                key: "output-json",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.output-json.description"),
+                required: false
+            },
+            {
+                key: "output-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.output-env.description"),
+                required: false
+            },
+            {
+                key: "output-env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-create.params.output-env-prefix.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => identityCreate(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for creating an identity.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.mnemonic The mnemonic to use for the identity.
+ * @param params.identity The DID of the identity to create.
+ * @param params.controller The controller DID for the identity.
+ * @param params.fundWallet Whether to fund the wallet associated with the identity from a faucet.
+ * @param params.outputJson The output .json file to store the command output.
+ * @param params.outputEnv The output .env file to store the command output.
+ * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.
+ * @returns The identity details.
+ */
+export async function identityCreate(engineCore, envVars, params) {
+    let workingIdentity = params?.identity;
+    let tempIdentity;
+    if (!Is.stringValue(workingIdentity)) {
+        tempIdentity = `did:temp:${RandomHelper.generateUuidV7()}`;
+        workingIdentity = tempIdentity;
+    }
+    let mnemonicStored = false;
+    const defaultVaultConnectorType = engineCore.getRegisteredInstanceType("vaultConnector");
+    const vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);
+    try {
+        const mnemonicResult = await mnemonicCreate(vaultConnector, workingIdentity, params.mnemonic);
+        mnemonicStored = mnemonicResult.stored;
+        const fundWallet = params.fundWallet ?? false;
+        let walletAddress;
+        if (fundWallet) {
+            walletAddress = await generateWallet(engineCore, workingIdentity, Coerce.integer(envVars.identityWalletAddressIndex) ?? 0);
+        }
+        const workingController = params?.controller ?? workingIdentity;
+        workingIdentity = await identityGenerate(engineCore, workingController, workingIdentity);
+        if (Is.stringValue(tempIdentity)) {
+            // If we were using a temporary identity store the mnemonic using
+            // the final identity
+            await mnemonicFinalise(vaultConnector, tempIdentity, workingIdentity);
+            await walletFinalise(engineCore, workingIdentity, walletAddress);
+        }
+        CLIDisplay.break();
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-create.labels.mnemonic"), mnemonicResult.mnemonic);
+        CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-create.labels.did"), workingIdentity);
+        if (Is.stringValue(envVars.iotaExplorerEndpoint)) {
+            const idParts = Did.parse(workingIdentity);
+            if (Is.stringValue(walletAddress)) {
+                CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-create.labels.walletAddress"), `${StringHelper.trimTrailingSlashes(envVars.iotaExplorerEndpoint)}/address/${walletAddress}?network=${idParts.network ?? envVars.iotaNetwork}`);
+            }
+            CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-create.labels.explorer"), `${StringHelper.trimTrailingSlashes(envVars.iotaExplorerEndpoint)}/object/${idParts.id}?network=${idParts.network ?? envVars.iotaNetwork}`);
+        }
+        CLIDisplay.break();
+        const json = { mnemonic: mnemonicResult.mnemonic, did: workingIdentity, walletAddress };
+        if (Is.stringValue(params.outputJson)) {
+            await CLIUtils.writeJsonFile(params.outputJson, { mnemonic: mnemonicResult.mnemonic, did: workingIdentity, walletAddress }, false);
+        }
+        if (Is.stringValue(params.outputEnv)) {
+            const output = [
+                `${params.outputEnvPrefix}MNEMONIC="${mnemonicResult.mnemonic}"`,
+                `${params.outputEnvPrefix}DID="${workingIdentity}"`
+            ];
+            if (Is.stringValue(walletAddress)) {
+                output.push(`${params.outputEnvPrefix}WALLET_ADDRESS="${walletAddress}"`);
+            }
+            await CLIUtils.writeEnvFile(params.outputEnv, output, false);
+        }
+        CLIDisplay.done();
+        return json;
+    }
+    finally {
+        // Always remove temporary identity mnemonic if created
+        if (Is.stringValue(tempIdentity) && mnemonicStored) {
+            await mnemonicRemove(vaultConnector, tempIdentity);
+        }
+    }
+}
+/**
+ * Handle the mnemonic generation or retrieval.
+ * @param vaultConnector The vault connector.
+ * @param identity The working identity.
+ * @param providedMnemonic The mnemonic provided by the user.
+ * @returns The mnemonic and the flag to determine if the mnemonic was stored.
+ */
+async function mnemonicCreate(vaultConnector, identity, providedMnemonic) {
+    if (Is.stringValue(providedMnemonic) && !Bip39.validateMnemonic(providedMnemonic)) {
+        throw new GeneralError("identityCreate", "invalidMnemonic");
+    }
+    let mnemonic = providedMnemonic;
+    let storeMnemonic = false;
+    CLIDisplay.section(I18n.formatMessage("node.cli.commands.identity-create.labels.processingMnemonic"));
+    const mnemonicKey = `${identity}/mnemonic`;
+    try {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.readingMnemonic"));
+        const storedMnemonic = await vaultConnector.getSecret(mnemonicKey);
+        if (Is.stringValue(storedMnemonic)) {
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.existingMnemonic"));
+            storeMnemonic = storedMnemonic !== mnemonic && !Is.empty(mnemonic);
+            mnemonic = storedMnemonic;
+        }
+        else {
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.noExistingMnemonic"));
+            storeMnemonic = true;
+        }
+    }
+    catch {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.noExistingMnemonic"));
+        storeMnemonic = true;
+    }
+    // If there is no mnemonic then we need to generate one
+    if (Is.empty(mnemonic)) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.generatingMnemonic"));
+        mnemonic = Bip39.randomMnemonic();
+        storeMnemonic = true;
+    }
+    // If there is no mnemonic stored in the vault then we need to store it
+    if (storeMnemonic) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.storingMnemonic"));
+        await vaultConnector.setSecret(mnemonicKey, mnemonic);
+    }
+    CLIDisplay.break();
+    return {
+        stored: storeMnemonic,
+        mnemonic
+    };
+}
+/**
+ * Finalise the mnemonic for the node identity.
+ * @param vaultConnector The vault connector to use.
+ * @param tempIdentity The identity of the node.
+ * @param identity The final identity for the node.
+ */
+async function mnemonicFinalise(vaultConnector, tempIdentity, identity) {
+    // Now that we have an identity we can remove the temporary one
+    // and store the mnemonic with the new identity
+    if (tempIdentity !== identity) {
+        const mnemonic = await vaultConnector.getSecret(`${tempIdentity}/mnemonic`);
+        await vaultConnector.setSecret(`${identity}/mnemonic`, mnemonic);
+    }
+}
+/**
+ * Remove the mnemonic.
+ * @param vaultConnector The vault connector.
+ * @param identity The working identity.
+ * @returns Nothing.
+ */
+async function mnemonicRemove(vaultConnector, identity) {
+    try {
+        await vaultConnector.removeSecret(`${identity}/mnemonic`);
+    }
+    catch { }
+}
+/**
+ * Generate an identity.
+ * @param engineCore The engine core for the node.
+ * @param controller The controller for the identity.
+ * @param providedIdentity The existing identity if there is one.
+ * @returns The addresses for the wallet.
+ */
+async function identityGenerate(engineCore, controller, providedIdentity) {
+    CLIDisplay.section(I18n.formatMessage("node.cli.commands.identity-create.labels.processingIdentity"));
+    const defaultIdentityConnectorType = engineCore.getRegisteredInstanceType("identityConnector");
+    const identityConnector = IdentityConnectorFactory.get(defaultIdentityConnectorType);
+    let identityDocument;
+    try {
+        if (Is.stringValue(providedIdentity)) {
+            CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.resolvingIdentity"));
+            const defaultIdentityResolverConnectorType = engineCore.getRegisteredInstanceType("identityResolverConnector");
+            const identityResolverConnector = IdentityResolverConnectorFactory.get(defaultIdentityResolverConnectorType);
+            identityDocument = await identityResolverConnector.resolveDocument(providedIdentity);
+            if (Is.objectValue(identityDocument)) {
+                CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.existingIdentity"));
+            }
+        }
+    }
+    catch { }
+    if (Is.empty(identityDocument)) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.noIdentityFound"));
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.creatingIdentity"));
+        CLIDisplay.spinnerStart();
+        identityDocument = await identityConnector.createDocument(controller);
+        CLIDisplay.spinnerStop();
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.createdIdentity"));
+    }
+    return identityDocument.id;
+}
+/**
+ * Bootstrap the wallet for the node.
+ * @param engineCore The engine core for the node.
+ * @param identity The identity to create the wallet for.
+ * @param walletAddressIndex The index of the wallet address to use.
+ * @returns The addresses for the wallet.
+ */
+async function generateWallet(engineCore, identity, walletAddressIndex) {
+    CLIDisplay.section(I18n.formatMessage("node.cli.commands.identity-create.labels.fundingWallet"));
+    CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-create.labels.addressIndex"), walletAddressIndex.toString());
+    const defaultWalletConnectorType = engineCore.getRegisteredInstanceType("walletConnector");
+    const walletConnector = WalletConnectorFactory.get(defaultWalletConnectorType);
+    const addresses = await walletConnector.getAddresses(identity, 0, walletAddressIndex, 5);
+    if (defaultWalletConnectorType.startsWith(WalletConnectorType.Iota)) {
+        CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-create.labels.addingTokens", {
+            address: addresses[0]
+        }));
+        CLIDisplay.break();
+        CLIDisplay.spinnerStart();
+        // Add some funds to the wallet from the faucet
+        await walletConnector.ensureBalance(identity, addresses[0], 1000000000n);
+        CLIDisplay.spinnerStop();
+    }
+    return addresses[0];
+}
+/**
+ * Bootstrap the identity for the node.
+ * @param engineCore The engine core for the node.
+ * @param identity The identity of the node.
+ * @param address The address for the wallet.
+ */
+async function walletFinalise(engineCore, identity, address) {
+    if (Is.stringValue(address)) {
+        const defaultWalletConnectorType = engineCore.getRegisteredInstanceType("walletConnector");
+        // If we are using entity storage for wallet the identity associated with the
+        // address will be wrong, so fix it
+        if (defaultWalletConnectorType.startsWith(WalletConnectorType.EntityStorage)) {
+            const walletAddress = EntityStorageConnectorFactory.get("wallet-address");
+            const addr = await walletAddress.get(address);
+            if (!Is.empty(addr)) {
+                addr.identity = identity;
+                await walletAddress.set(addr);
+            }
+        }
+    }
+}
+//# sourceMappingURL=identityCreate.js.map

package/dist/es/commands/identityCreate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"identityCreate.js","sourceRoot":"","sources":["../../../src/commands/identityCreate.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC5F,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EACN,6BAA6B,EAE7B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACN,GAAG,EACH,wBAAwB,EACxB,gCAAgC,EAChC,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAwB,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAErF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AAMjE,MAAM,YAAY,GAAG,iBAAiB,CAAC;AAEvC;;;GAGG;AACH,MAAM,UAAU,kCAAkC,CAAC,kBAElD;IACA,kBAAkB,CAAC,YAAY,CAAC,GAAG;QAClC,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC;QAChF,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,2CAA2C,CAAC;QACxE,oBAAoB,EAAE,KAAK;QAC3B,gBAAgB,EAAE,KAAK;QACvB,MAAM,EAAE;YACP;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,iEAAiE,CACjE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,YAAY,EAAE,UAAU;gBACxB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,iEAAiE,CACjE;gBACD,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,kEAAkE,CAClE;gBACD,QAAQ,EAAE,KAAK;gBACf,YAAY,EAAE,KAAK;aACnB;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,aAAa;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,kEAAkE,CAClE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,iEAAiE,CACjE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,mBAAmB;gBACxB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,wEAAwE,CACxE;gBACD,QAAQ,EAAE,KAAK;aACf;SACD;QACD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;KAC1F,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CACnC,UAA4D,EAC5D,OAAkC,EAClC,MAQC;IAED,IAAI,eAAe,GAAG,MAAM,EAAE,QAAQ,CAAC;IACvC,IAAI,YAAY,CAAC;IACjB,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;QACtC,YAAY,GAAG,YAAY,YAAY,CAAC,cAAc,EAAE,EAAE,CAAC;QAC3D,eAAe,GAAG,YAAY,CAAC;IAChC,CAAC;IACD,IAAI,cAAc,GAAG,KAAK,CAAC;IAE3B,MAAM,yBAAyB,GAAG,UAAU,CAAC,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IACzF,MAAM,cAAc,GAAG,qBAAqB,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IAE5E,IAAI,CAAC;QACJ,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,cAAc,EAAE,eAAe,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9F,cAAc,GAAG,cAAc,CAAC,MAAM,CAAC;QAEvC,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;QAC9C,IAAI,aAAa,CAAC;QAClB,IAAI,UAAU,EAAE,CAAC;YAChB,aAAa,GAAG,MAAM,cAAc,CACnC,UAAU,EACV,eAAe,EACf,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,0BAA0B,CAAC,IAAI,CAAC,CACvD,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG,MAAM,EAAE,UAAU,IAAI,eAAe,CAAC;QAChE,eAAe,GAAG,MAAM,gBAAgB,CAAC,UAAU,EAAE,iBAAiB,EAAE,eAAe,CAAC,CAAC;QAEzF,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,iEAAiE;YACjE,qBAAqB;YACrB,MAAM,gBAAgB,CAAC,cAAc,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC;YAEtE,MAAM,cAAc,CAAC,UAAU,EAAE,eAAe,EAAE,aAAa,CAAC,CAAC;QAClE,CAAC;QAED,UAAU,CAAC,KAAK,EAAE,CAAC;QAEnB,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,mDAAmD,CAAC,EACvE,cAAc,CAAC,QAAQ,CACvB,CAAC;QACF,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,8CAA8C,CAAC,EAClE,eAAe,CACf,CAAC;QACF,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAClD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC3C,IAAI,EAAE,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBACnC,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC,EAC5E,GAAG,YAAY,CAAC,mBAAmB,CAAC,OAAO,CAAC,oBAAoB,CAAC,YAAY,aAAa,YAAY,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,EAAE,CAC9I,CAAC;YACH,CAAC;YACD,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,mDAAmD,CAAC,EACvE,GAAG,YAAY,CAAC,mBAAmB,CAAC,OAAO,CAAC,oBAAoB,CAAC,WAAW,OAAO,CAAC,EAAE,YAAY,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,EAAE,CAC1I,CAAC;QACH,CAAC;QACD,UAAU,CAAC,KAAK,EAAE,CAAC;QAEnB,MAAM,IAAI,GAAG,EAAE,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE,GAAG,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC;QACxF,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YACvC,MAAM,QAAQ,CAAC,aAAa,CAC3B,MAAM,CAAC,UAAU,EACjB,EAAE,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE,GAAG,EAAE,eAAe,EAAE,aAAa,EAAE,EAC1E,KAAK,CACL,CAAC;QACH,CAAC;QAED,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG;gBACd,GAAG,MAAM,CAAC,eAAe,aAAa,cAAc,CAAC,QAAQ,GAAG;gBAChE,GAAG,MAAM,CAAC,eAAe,QAAQ,eAAe,GAAG;aACnD,CAAC;YACF,IAAI,EAAE,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBACnC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,eAAe,mBAAmB,aAAa,GAAG,CAAC,CAAC;YAC3E,CAAC;YACD,MAAM,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QAC9D,CAAC;QAED,UAAU,CAAC,IAAI,EAAE,CAAC;QAElB,OAAO,IAAI,CAAC;IACb,CAAC;YAAS,CAAC;QACV,uDAAuD;QACvD,IAAI,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,cAAc,EAAE,CAAC;YACpD,MAAM,cAAc,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;QACpD,CAAC;IACF,CAAC;AACF,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,cAAc,CAC5B,cAA+B,EAC/B,QAAgB,EAChB,gBAAyB;IAKzB,IAAI,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACnF,MAAM,IAAI,YAAY,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,QAAQ,GAAG,gBAAgB,CAAC;IAChC,IAAI,aAAa,GAAG,KAAK,CAAC;IAE1B,UAAU,CAAC,OAAO,CACjB,IAAI,CAAC,aAAa,CAAC,6DAA6D,CAAC,CACjF,CAAC;IAEF,MAAM,WAAW,GAAG,GAAG,QAAQ,WAAW,CAAC;IAE3C,IAAI,CAAC;QACJ,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,0DAA0D,CAAC,CAAC,CAAC;QAChG,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,SAAS,CAAS,WAAW,CAAC,CAAC;QAC3E,IAAI,EAAE,CAAC,WAAW,CAAC,cAAc,CAAC,EAAE,CAAC;YACpC,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,2DAA2D,CAAC,CAC/E,CAAC;YACF,aAAa,GAAG,cAAc,KAAK,QAAQ,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YACnE,QAAQ,GAAG,cAAc,CAAC;QAC3B,CAAC;aAAM,CAAC;YACP,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,6DAA6D,CAAC,CACjF,CAAC;YACF,aAAa,GAAG,IAAI,CAAC;QACtB,CAAC;IACF,CAAC;IAAC,MAAM,CAAC;QACR,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,6DAA6D,CAAC,CACjF,CAAC;QACF,aAAa,GAAG,IAAI,CAAC;IACtB,CAAC;IAED,uDAAuD;IACvD,IAAI,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACxB,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,6DAA6D,CAAC,CACjF,CAAC;QACF,QAAQ,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC;QAClC,aAAa,GAAG,IAAI,CAAC;IACtB,CAAC;IAED,uEAAuE;IACvE,IAAI,aAAa,EAAE,CAAC;QACnB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,0DAA0D,CAAC,CAAC,CAAC;QAChG,MAAM,cAAc,CAAC,SAAS,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACvD,CAAC;IACD,UAAU,CAAC,KAAK,EAAE,CAAC;IAEnB,OAAO;QACN,MAAM,EAAE,aAAa;QACrB,QAAQ;KACR,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,gBAAgB,CAC9B,cAA+B,EAC/B,YAAoB,EACpB,QAAgB;IAEhB,+DAA+D;IAC/D,+CAA+C;IAC/C,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,GAAG,YAAY,WAAW,CAAC,CAAC;QAC5E,MAAM,cAAc,CAAC,SAAS,CAAC,GAAG,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC;IAClE,CAAC;AACF,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,cAAc,CAAC,cAA+B,EAAE,QAAgB;IAC9E,IAAI,CAAC;QACJ,MAAM,cAAc,CAAC,YAAY,CAAC,GAAG,QAAQ,WAAW,CAAC,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;AACX,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,gBAAgB,CAC9B,UAAuB,EACvB,UAAkB,EAClB,gBAAyB;IAEzB,UAAU,CAAC,OAAO,CACjB,IAAI,CAAC,aAAa,CAAC,6DAA6D,CAAC,CACjF,CAAC;IAEF,MAAM,4BAA4B,GAAG,UAAU,CAAC,yBAAyB,CAAC,mBAAmB,CAAC,CAAC;IAC/F,MAAM,iBAAiB,GAAG,wBAAwB,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAErF,IAAI,gBAAgB,CAAC;IAErB,IAAI,CAAC;QACJ,IAAI,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACtC,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,4DAA4D,CAAC,CAChF,CAAC;YACF,MAAM,oCAAoC,GAAG,UAAU,CAAC,yBAAyB,CAChF,2BAA2B,CAC3B,CAAC;YAEF,MAAM,yBAAyB,GAAG,gCAAgC,CAAC,GAAG,CACrE,oCAAoC,CACpC,CAAC;YACF,gBAAgB,GAAG,MAAM,yBAAyB,CAAC,eAAe,CAAC,gBAAgB,CAAC,CAAC;YACrF,IAAI,EAAE,CAAC,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACtC,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,2DAA2D,CAAC,CAC/E,CAAC;YACH,CAAC;QACF,CAAC;IACF,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IAEV,IAAI,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAChC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,0DAA0D,CAAC,CAAC,CAAC;QAEhG,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,2DAA2D,CAAC,CAC/E,CAAC;QAEF,UAAU,CAAC,YAAY,EAAE,CAAC;QAC1B,gBAAgB,GAAG,MAAM,iBAAiB,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QACtE,UAAU,CAAC,WAAW,EAAE,CAAC;QAEzB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,0DAA0D,CAAC,CAAC,CAAC;IACjG,CAAC;IAED,OAAO,gBAAgB,CAAC,EAAE,CAAC;AAC5B,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,cAAc,CAC5B,UAAuB,EACvB,QAAgB,EAChB,kBAA0B;IAE1B,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,wDAAwD,CAAC,CAAC,CAAC;IACjG,UAAU,CAAC,KAAK,CACf,IAAI,CAAC,aAAa,CAAC,uDAAuD,CAAC,EAC3E,kBAAkB,CAAC,QAAQ,EAAE,CAC7B,CAAC;IAEF,MAAM,0BAA0B,GAAG,UAAU,CAAC,yBAAyB,CAAC,iBAAiB,CAAC,CAAC;IAE3F,MAAM,eAAe,GAAG,sBAAsB,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAC/E,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,EAAE,kBAAkB,EAAE,CAAC,CAAC,CAAC;IAEzF,IAAI,0BAA0B,CAAC,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;QACrE,UAAU,CAAC,IAAI,CACd,IAAI,CAAC,aAAa,CAAC,uDAAuD,EAAE;YAC3E,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;SACrB,CAAC,CACF,CAAC;QACF,UAAU,CAAC,KAAK,EAAE,CAAC;QAEnB,UAAU,CAAC,YAAY,EAAE,CAAC;QAE1B,+CAA+C;QAC/C,MAAM,eAAe,CAAC,aAAa,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QAEzE,UAAU,CAAC,WAAW,EAAE,CAAC;IAC1B,CAAC;IAED,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC;AACrB,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,cAAc,CAC5B,UAAuB,EACvB,QAAgB,EAChB,OAAgB;IAEhB,IAAI,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,MAAM,0BAA0B,GAAG,UAAU,CAAC,yBAAyB,CAAC,iBAAiB,CAAC,CAAC;QAE3F,6EAA6E;QAC7E,mCAAmC;QACnC,IAAI,0BAA0B,CAAC,UAAU,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAAE,CAAC;YAC9E,MAAM,aAAa,GAClB,6BAA6B,CAAC,GAAG,kBAEhC,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;gBACzB,MAAM,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC/B,CAAC;QACF,CAAC;IACF,CAAC;AACF,CAAC","sourcesContent":["// Copyright 2026 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { CLIDisplay, CLIUtils } from \"@twin.org/cli-core\";\nimport { Coerce, GeneralError, I18n, Is, RandomHelper, StringHelper } from \"@twin.org/core\";\nimport { Bip39 } from \"@twin.org/crypto\";\nimport type { IEngineCore } from \"@twin.org/engine-models\";\nimport { WalletConnectorType } from \"@twin.org/engine-types\";\nimport {\n\tEntityStorageConnectorFactory,\n\ttype IEntityStorageConnector\n} from \"@twin.org/entity-storage-models\";\nimport {\n\tDid,\n\tIdentityConnectorFactory,\n\tIdentityResolverConnectorFactory\n} from \"@twin.org/identity-models\";\nimport { nameofKebabCase } from \"@twin.org/nameof\";\nimport { type IVaultConnector, VaultConnectorFactory } from \"@twin.org/vault-models\";\nimport type { WalletAddress } from \"@twin.org/wallet-connector-entity-storage\";\nimport { WalletConnectorFactory } from \"@twin.org/wallet-models\";\nimport type { ICliCommandDefinition } from \"../models/ICliCommandDefinition.js\";\nimport type { INodeEngineConfig } from \"../models/INodeEngineConfig.js\";\nimport type { INodeEngineState } from \"../models/INodeEngineState.js\";\nimport type { INodeEnvironmentVariables } from \"../models/INodeEnvironmentVariables.js\";\n\nconst COMMAND_NAME = \"identity-create\";\n\n/**\n * Get the command definition parameters.\n * @param commandDefinitions The registered command definitions.\n */\nexport function getCommandDefinitionIdentityCreate(commandDefinitions: {\n\t[id: string]: ICliCommandDefinition;\n}): void {\n\tcommandDefinitions[COMMAND_NAME] = {\n\t\tcommand: COMMAND_NAME,\n\t\tdescription: I18n.formatMessage(\"node.cli.commands.identity-create.description\"),\n\t\texample: I18n.formatMessage(\"node.cli.commands.identity-create.example\"),\n\t\trequiresNodeIdentity: false,\n\t\trequiresTenantId: false,\n\t\tparams: [\n\t\t\t{\n\t\t\t\tkey: \"env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"mnemonic\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.mnemonic.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"24 words\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.identity.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"did\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"controller\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.controller.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"did\",\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"fund-wallet\",\n\t\t\t\ttype: \"boolean\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.fund-wallet.description\"\n\t\t\t\t),\n\t\t\t\trequired: false,\n\t\t\t\tdefaultValue: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"load-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.load-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-json\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.output-json.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.output-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"output-env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-create.params.output-env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t}\n\t\t],\n\t\taction: async (engineCore, envVars, params) => identityCreate(engineCore, envVars, params)\n\t};\n}\n\n/**\n * Command for creating an identity.\n * @param engineCore The engine core.\n * @param envVars The environment variables for the node.\n * @param params The parameters for the command.\n * @param params.mnemonic The mnemonic to use for the identity.\n * @param params.identity The DID of the identity to create.\n * @param params.controller The controller DID for the identity.\n * @param params.fundWallet Whether to fund the wallet associated with the identity from a faucet.\n * @param params.outputJson The output .json file to store the command output.\n * @param params.outputEnv The output .env file to store the command output.\n * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.\n * @returns The identity details.\n */\nexport async function identityCreate(\n\tengineCore: IEngineCore<INodeEngineConfig, INodeEngineState>,\n\tenvVars: INodeEnvironmentVariables,\n\tparams: {\n\t\tmnemonic?: string;\n\t\tidentity?: string;\n\t\tcontroller?: string;\n\t\tfundWallet?: boolean;\n\t\toutputJson?: string;\n\t\toutputEnv?: string;\n\t\toutputEnvPrefix?: string;\n\t}\n): Promise<{ mnemonic: string; did: string; walletAddress?: string }> {\n\tlet workingIdentity = params?.identity;\n\tlet tempIdentity;\n\tif (!Is.stringValue(workingIdentity)) {\n\t\ttempIdentity = `did:temp:${RandomHelper.generateUuidV7()}`;\n\t\tworkingIdentity = tempIdentity;\n\t}\n\tlet mnemonicStored = false;\n\n\tconst defaultVaultConnectorType = engineCore.getRegisteredInstanceType(\"vaultConnector\");\n\tconst vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);\n\n\ttry {\n\t\tconst mnemonicResult = await mnemonicCreate(vaultConnector, workingIdentity, params.mnemonic);\n\t\tmnemonicStored = mnemonicResult.stored;\n\n\t\tconst fundWallet = params.fundWallet ?? false;\n\t\tlet walletAddress;\n\t\tif (fundWallet) {\n\t\t\twalletAddress = await generateWallet(\n\t\t\t\tengineCore,\n\t\t\t\tworkingIdentity,\n\t\t\t\tCoerce.integer(envVars.identityWalletAddressIndex) ?? 0\n\t\t\t);\n\t\t}\n\n\t\tconst workingController = params?.controller ?? workingIdentity;\n\t\tworkingIdentity = await identityGenerate(engineCore, workingController, workingIdentity);\n\n\t\tif (Is.stringValue(tempIdentity)) {\n\t\t\t// If we were using a temporary identity store the mnemonic using\n\t\t\t// the final identity\n\t\t\tawait mnemonicFinalise(vaultConnector, tempIdentity, workingIdentity);\n\n\t\t\tawait walletFinalise(engineCore, workingIdentity, walletAddress);\n\t\t}\n\n\t\tCLIDisplay.break();\n\n\t\tCLIDisplay.value(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.mnemonic\"),\n\t\t\tmnemonicResult.mnemonic\n\t\t);\n\t\tCLIDisplay.value(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.did\"),\n\t\t\tworkingIdentity\n\t\t);\n\t\tif (Is.stringValue(envVars.iotaExplorerEndpoint)) {\n\t\t\tconst idParts = Did.parse(workingIdentity);\n\t\t\tif (Is.stringValue(walletAddress)) {\n\t\t\t\tCLIDisplay.value(\n\t\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.walletAddress\"),\n\t\t\t\t\t`${StringHelper.trimTrailingSlashes(envVars.iotaExplorerEndpoint)}/address/${walletAddress}?network=${idParts.network ?? envVars.iotaNetwork}`\n\t\t\t\t);\n\t\t\t}\n\t\t\tCLIDisplay.value(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.explorer\"),\n\t\t\t\t`${StringHelper.trimTrailingSlashes(envVars.iotaExplorerEndpoint)}/object/${idParts.id}?network=${idParts.network ?? envVars.iotaNetwork}`\n\t\t\t);\n\t\t}\n\t\tCLIDisplay.break();\n\n\t\tconst json = { mnemonic: mnemonicResult.mnemonic, did: workingIdentity, walletAddress };\n\t\tif (Is.stringValue(params.outputJson)) {\n\t\t\tawait CLIUtils.writeJsonFile(\n\t\t\t\tparams.outputJson,\n\t\t\t\t{ mnemonic: mnemonicResult.mnemonic, did: workingIdentity, walletAddress },\n\t\t\t\tfalse\n\t\t\t);\n\t\t}\n\n\t\tif (Is.stringValue(params.outputEnv)) {\n\t\t\tconst output = [\n\t\t\t\t`${params.outputEnvPrefix}MNEMONIC=\"${mnemonicResult.mnemonic}\"`,\n\t\t\t\t`${params.outputEnvPrefix}DID=\"${workingIdentity}\"`\n\t\t\t];\n\t\t\tif (Is.stringValue(walletAddress)) {\n\t\t\t\toutput.push(`${params.outputEnvPrefix}WALLET_ADDRESS=\"${walletAddress}\"`);\n\t\t\t}\n\t\t\tawait CLIUtils.writeEnvFile(params.outputEnv, output, false);\n\t\t}\n\n\t\tCLIDisplay.done();\n\n\t\treturn json;\n\t} finally {\n\t\t// Always remove temporary identity mnemonic if created\n\t\tif (Is.stringValue(tempIdentity) && mnemonicStored) {\n\t\t\tawait mnemonicRemove(vaultConnector, tempIdentity);\n\t\t}\n\t}\n}\n\n/**\n * Handle the mnemonic generation or retrieval.\n * @param vaultConnector The vault connector.\n * @param identity The working identity.\n * @param providedMnemonic The mnemonic provided by the user.\n * @returns The mnemonic and the flag to determine if the mnemonic was stored.\n */\nasync function mnemonicCreate(\n\tvaultConnector: IVaultConnector,\n\tidentity: string,\n\tprovidedMnemonic?: string\n): Promise<{\n\tstored: boolean;\n\tmnemonic: string;\n}> {\n\tif (Is.stringValue(providedMnemonic) && !Bip39.validateMnemonic(providedMnemonic)) {\n\t\tthrow new GeneralError(\"identityCreate\", \"invalidMnemonic\");\n\t}\n\tlet mnemonic = providedMnemonic;\n\tlet storeMnemonic = false;\n\n\tCLIDisplay.section(\n\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.processingMnemonic\")\n\t);\n\n\tconst mnemonicKey = `${identity}/mnemonic`;\n\n\ttry {\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-create.labels.readingMnemonic\"));\n\t\tconst storedMnemonic = await vaultConnector.getSecret<string>(mnemonicKey);\n\t\tif (Is.stringValue(storedMnemonic)) {\n\t\t\tCLIDisplay.task(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.existingMnemonic\")\n\t\t\t);\n\t\t\tstoreMnemonic = storedMnemonic !== mnemonic && !Is.empty(mnemonic);\n\t\t\tmnemonic = storedMnemonic;\n\t\t} else {\n\t\t\tCLIDisplay.task(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.noExistingMnemonic\")\n\t\t\t);\n\t\t\tstoreMnemonic = true;\n\t\t}\n\t} catch {\n\t\tCLIDisplay.task(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.noExistingMnemonic\")\n\t\t);\n\t\tstoreMnemonic = true;\n\t}\n\n\t// If there is no mnemonic then we need to generate one\n\tif (Is.empty(mnemonic)) {\n\t\tCLIDisplay.task(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.generatingMnemonic\")\n\t\t);\n\t\tmnemonic = Bip39.randomMnemonic();\n\t\tstoreMnemonic = true;\n\t}\n\n\t// If there is no mnemonic stored in the vault then we need to store it\n\tif (storeMnemonic) {\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-create.labels.storingMnemonic\"));\n\t\tawait vaultConnector.setSecret(mnemonicKey, mnemonic);\n\t}\n\tCLIDisplay.break();\n\n\treturn {\n\t\tstored: storeMnemonic,\n\t\tmnemonic\n\t};\n}\n\n/**\n * Finalise the mnemonic for the node identity.\n * @param vaultConnector The vault connector to use.\n * @param tempIdentity The identity of the node.\n * @param identity The final identity for the node.\n */\nasync function mnemonicFinalise(\n\tvaultConnector: IVaultConnector,\n\ttempIdentity: string,\n\tidentity: string\n): Promise<void> {\n\t// Now that we have an identity we can remove the temporary one\n\t// and store the mnemonic with the new identity\n\tif (tempIdentity !== identity) {\n\t\tconst mnemonic = await vaultConnector.getSecret(`${tempIdentity}/mnemonic`);\n\t\tawait vaultConnector.setSecret(`${identity}/mnemonic`, mnemonic);\n\t}\n}\n\n/**\n * Remove the mnemonic.\n * @param vaultConnector The vault connector.\n * @param identity The working identity.\n * @returns Nothing.\n */\nasync function mnemonicRemove(vaultConnector: IVaultConnector, identity: string): Promise<void> {\n\ttry {\n\t\tawait vaultConnector.removeSecret(`${identity}/mnemonic`);\n\t} catch {}\n}\n\n/**\n * Generate an identity.\n * @param engineCore The engine core for the node.\n * @param controller The controller for the identity.\n * @param providedIdentity The existing identity if there is one.\n * @returns The addresses for the wallet.\n */\nasync function identityGenerate(\n\tengineCore: IEngineCore,\n\tcontroller: string,\n\tprovidedIdentity?: string\n): Promise<string> {\n\tCLIDisplay.section(\n\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.processingIdentity\")\n\t);\n\n\tconst defaultIdentityConnectorType = engineCore.getRegisteredInstanceType(\"identityConnector\");\n\tconst identityConnector = IdentityConnectorFactory.get(defaultIdentityConnectorType);\n\n\tlet identityDocument;\n\n\ttry {\n\t\tif (Is.stringValue(providedIdentity)) {\n\t\t\tCLIDisplay.task(\n\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.resolvingIdentity\")\n\t\t\t);\n\t\t\tconst defaultIdentityResolverConnectorType = engineCore.getRegisteredInstanceType(\n\t\t\t\t\"identityResolverConnector\"\n\t\t\t);\n\n\t\t\tconst identityResolverConnector = IdentityResolverConnectorFactory.get(\n\t\t\t\tdefaultIdentityResolverConnectorType\n\t\t\t);\n\t\t\tidentityDocument = await identityResolverConnector.resolveDocument(providedIdentity);\n\t\t\tif (Is.objectValue(identityDocument)) {\n\t\t\t\tCLIDisplay.task(\n\t\t\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.existingIdentity\")\n\t\t\t\t);\n\t\t\t}\n\t\t}\n\t} catch {}\n\n\tif (Is.empty(identityDocument)) {\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-create.labels.noIdentityFound\"));\n\n\t\tCLIDisplay.task(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.creatingIdentity\")\n\t\t);\n\n\t\tCLIDisplay.spinnerStart();\n\t\tidentityDocument = await identityConnector.createDocument(controller);\n\t\tCLIDisplay.spinnerStop();\n\n\t\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-create.labels.createdIdentity\"));\n\t}\n\n\treturn identityDocument.id;\n}\n\n/**\n * Bootstrap the wallet for the node.\n * @param engineCore The engine core for the node.\n * @param identity The identity to create the wallet for.\n * @param walletAddressIndex The index of the wallet address to use.\n * @returns The addresses for the wallet.\n */\nasync function generateWallet(\n\tengineCore: IEngineCore,\n\tidentity: string,\n\twalletAddressIndex: number\n): Promise<string> {\n\tCLIDisplay.section(I18n.formatMessage(\"node.cli.commands.identity-create.labels.fundingWallet\"));\n\tCLIDisplay.value(\n\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.addressIndex\"),\n\t\twalletAddressIndex.toString()\n\t);\n\n\tconst defaultWalletConnectorType = engineCore.getRegisteredInstanceType(\"walletConnector\");\n\n\tconst walletConnector = WalletConnectorFactory.get(defaultWalletConnectorType);\n\tconst addresses = await walletConnector.getAddresses(identity, 0, walletAddressIndex, 5);\n\n\tif (defaultWalletConnectorType.startsWith(WalletConnectorType.Iota)) {\n\t\tCLIDisplay.task(\n\t\t\tI18n.formatMessage(\"node.cli.commands.identity-create.labels.addingTokens\", {\n\t\t\t\taddress: addresses[0]\n\t\t\t})\n\t\t);\n\t\tCLIDisplay.break();\n\n\t\tCLIDisplay.spinnerStart();\n\n\t\t// Add some funds to the wallet from the faucet\n\t\tawait walletConnector.ensureBalance(identity, addresses[0], 1000000000n);\n\n\t\tCLIDisplay.spinnerStop();\n\t}\n\n\treturn addresses[0];\n}\n\n/**\n * Bootstrap the identity for the node.\n * @param engineCore The engine core for the node.\n * @param identity The identity of the node.\n * @param address The address for the wallet.\n */\nasync function walletFinalise(\n\tengineCore: IEngineCore,\n\tidentity: string,\n\taddress?: string\n): Promise<void> {\n\tif (Is.stringValue(address)) {\n\t\tconst defaultWalletConnectorType = engineCore.getRegisteredInstanceType(\"walletConnector\");\n\n\t\t// If we are using entity storage for wallet the identity associated with the\n\t\t// address will be wrong, so fix it\n\t\tif (defaultWalletConnectorType.startsWith(WalletConnectorType.EntityStorage)) {\n\t\t\tconst walletAddress =\n\t\t\t\tEntityStorageConnectorFactory.get<IEntityStorageConnector<WalletAddress>>(\n\t\t\t\t\tnameofKebabCase<WalletAddress>()\n\t\t\t\t);\n\t\t\tconst addr = await walletAddress.get(address);\n\t\t\tif (!Is.empty(addr)) {\n\t\t\t\taddr.identity = identity;\n\t\t\t\tawait walletAddress.set(addr);\n\t\t\t}\n\t\t}\n\t}\n}\n"]}

package/dist/es/commands/identityImports.js

@@ -0,0 +1,82 @@
+// Copyright 2026 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+import { CLIDisplay } from "@twin.org/cli-core";
+import { GeneralError, Guards, I18n, Is } from "@twin.org/core";
+import { Bip39 } from "@twin.org/crypto";
+import { Did, IdentityResolverConnectorFactory } from "@twin.org/identity-models";
+import { VaultConnectorFactory } from "@twin.org/vault-models";
+const COMMAND_NAME = "identity-import";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionIdentityImport(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.identity-import.description"),
+        example: I18n.formatMessage("node.cli.commands.identity-import.example"),
+        requiresNodeIdentity: false,
+        requiresTenantId: false,
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-import.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "identity",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-import.params.identity.description"),
+                extendedType: "did",
+                required: true
+            },
+            {
+                key: "mnemonic",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-import.params.mnemonic.description"),
+                extendedType: "24 words",
+                required: true
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-import.params.load-env.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => identityImport(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for importing an identity.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.identity The DID of the identity to import.
+ * @param params.mnemonic The mnemonic to use for the identity.
+ */
+export async function identityImport(engineCore, envVars, params) {
+    Did.guard("identityImport", "identity", params.identity);
+    Guards.stringValue("identityImport", "mnemonic", params.mnemonic);
+    if (!Bip39.validateMnemonic(params.mnemonic)) {
+        throw new GeneralError("identityImport", "invalidMnemonic");
+    }
+    const defaultIdentityResolverConnectorType = engineCore.getRegisteredInstanceType("identityResolverConnector");
+    const identityResolverConnector = IdentityResolverConnectorFactory.get(defaultIdentityResolverConnectorType);
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-import.labels.resolvingIdentity"));
+    const identityDocument = await identityResolverConnector.resolveDocument(params.identity);
+    if (Is.empty(identityDocument)) {
+        throw new GeneralError("identityImport", "identityNotFound", {
+            identity: params.identity
+        });
+    }
+    const defaultVaultConnectorType = engineCore.getRegisteredInstanceType("vaultConnector");
+    const vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-import.labels.storingMnemonic"));
+    const mnemonicKey = `${params.identity}/mnemonic`;
+    await vaultConnector.setSecret(mnemonicKey, params.mnemonic);
+    CLIDisplay.break();
+    CLIDisplay.done();
+}
+//# sourceMappingURL=identityImports.js.map

package/dist/es/commands/identityImports.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"identityImports.js","sourceRoot":"","sources":["../../../src/commands/identityImports.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,uCAAuC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAChE,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,OAAO,EAAE,GAAG,EAAE,gCAAgC,EAAE,MAAM,2BAA2B,CAAC;AAClF,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAM/D,MAAM,YAAY,GAAG,iBAAiB,CAAC;AAEvC;;;GAGG;AACH,MAAM,UAAU,kCAAkC,CAAC,kBAElD;IACA,kBAAkB,CAAC,YAAY,CAAC,GAAG;QAClC,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,+CAA+C,CAAC;QAChF,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,2CAA2C,CAAC;QACxE,oBAAoB,EAAE,KAAK;QAC3B,gBAAgB,EAAE,KAAK;QACvB,MAAM,EAAE;YACP;gBACC,GAAG,EAAE,YAAY;gBACjB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,iEAAiE,CACjE;gBACD,QAAQ,EAAE,KAAK;aACf;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,IAAI;aACd;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,YAAY,EAAE,UAAU;gBACxB,QAAQ,EAAE,IAAI;aACd;YACD;gBACC,GAAG,EAAE,UAAU;gBACf,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,IAAI,CAAC,aAAa,CAC9B,+DAA+D,CAC/D;gBACD,QAAQ,EAAE,KAAK;aACf;SACD;QACD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,CAAC,cAAc,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;KAC1F,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CACnC,UAA4D,EAC5D,OAAkC,EAClC,MAGC;IAED,GAAG,CAAC,KAAK,CAAC,gBAAgB,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,CAAC,WAAW,CAAC,gBAAgB,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9C,MAAM,IAAI,YAAY,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,oCAAoC,GAAG,UAAU,CAAC,yBAAyB,CAChF,2BAA2B,CAC3B,CAAC;IAEF,MAAM,yBAAyB,GAAG,gCAAgC,CAAC,GAAG,CACrE,oCAAoC,CACpC,CAAC;IAEF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,4DAA4D,CAAC,CAAC,CAAC;IAClG,MAAM,gBAAgB,GAAG,MAAM,yBAAyB,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE1F,IAAI,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,YAAY,CAAC,gBAAgB,EAAE,kBAAkB,EAAE;YAC5D,QAAQ,EAAE,MAAM,CAAC,QAAQ;SACzB,CAAC,CAAC;IACJ,CAAC;IAED,MAAM,yBAAyB,GAAG,UAAU,CAAC,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IACzF,MAAM,cAAc,GAAG,qBAAqB,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IAE5E,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,0DAA0D,CAAC,CAAC,CAAC;IAChG,MAAM,WAAW,GAAG,GAAG,MAAM,CAAC,QAAQ,WAAW,CAAC;IAClD,MAAM,cAAc,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE7D,UAAU,CAAC,KAAK,EAAE,CAAC;IACnB,UAAU,CAAC,IAAI,EAAE,CAAC;AACnB,CAAC","sourcesContent":["// Copyright 2026 IOTA Stiftung.\n// SPDX-License-Identifier: Apache-2.0.\nimport { CLIDisplay } from \"@twin.org/cli-core\";\nimport { GeneralError, Guards, I18n, Is } from \"@twin.org/core\";\nimport { Bip39 } from \"@twin.org/crypto\";\nimport type { IEngineCore } from \"@twin.org/engine-models\";\nimport { Did, IdentityResolverConnectorFactory } from \"@twin.org/identity-models\";\nimport { VaultConnectorFactory } from \"@twin.org/vault-models\";\nimport type { ICliCommandDefinition } from \"../models/ICliCommandDefinition.js\";\nimport type { INodeEngineConfig } from \"../models/INodeEngineConfig.js\";\nimport type { INodeEngineState } from \"../models/INodeEngineState.js\";\nimport type { INodeEnvironmentVariables } from \"../models/INodeEnvironmentVariables.js\";\n\nconst COMMAND_NAME = \"identity-import\";\n\n/**\n * Get the command definition parameters.\n * @param commandDefinitions The registered command definitions.\n */\nexport function getCommandDefinitionIdentityImport(commandDefinitions: {\n\t[id: string]: ICliCommandDefinition;\n}): void {\n\tcommandDefinitions[COMMAND_NAME] = {\n\t\tcommand: COMMAND_NAME,\n\t\tdescription: I18n.formatMessage(\"node.cli.commands.identity-import.description\"),\n\t\texample: I18n.formatMessage(\"node.cli.commands.identity-import.example\"),\n\t\trequiresNodeIdentity: false,\n\t\trequiresTenantId: false,\n\t\tparams: [\n\t\t\t{\n\t\t\t\tkey: \"env-prefix\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-import.params.env-prefix.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"identity\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-import.params.identity.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"did\",\n\t\t\t\trequired: true\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"mnemonic\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-import.params.mnemonic.description\"\n\t\t\t\t),\n\t\t\t\textendedType: \"24 words\",\n\t\t\t\trequired: true\n\t\t\t},\n\t\t\t{\n\t\t\t\tkey: \"load-env\",\n\t\t\t\ttype: \"string\",\n\t\t\t\tdescription: I18n.formatMessage(\n\t\t\t\t\t\"node.cli.commands.identity-import.params.load-env.description\"\n\t\t\t\t),\n\t\t\t\trequired: false\n\t\t\t}\n\t\t],\n\t\taction: async (engineCore, envVars, params) => identityImport(engineCore, envVars, params)\n\t};\n}\n\n/**\n * Command for importing an identity.\n * @param engineCore The engine core.\n * @param envVars The environment variables for the node.\n * @param params The parameters for the command.\n * @param params.identity The DID of the identity to import.\n * @param params.mnemonic The mnemonic to use for the identity.\n */\nexport async function identityImport(\n\tengineCore: IEngineCore<INodeEngineConfig, INodeEngineState>,\n\tenvVars: INodeEnvironmentVariables,\n\tparams: {\n\t\tidentity?: string;\n\t\tmnemonic?: string;\n\t}\n): Promise<void> {\n\tDid.guard(\"identityImport\", \"identity\", params.identity);\n\tGuards.stringValue(\"identityImport\", \"mnemonic\", params.mnemonic);\n\tif (!Bip39.validateMnemonic(params.mnemonic)) {\n\t\tthrow new GeneralError(\"identityImport\", \"invalidMnemonic\");\n\t}\n\n\tconst defaultIdentityResolverConnectorType = engineCore.getRegisteredInstanceType(\n\t\t\"identityResolverConnector\"\n\t);\n\n\tconst identityResolverConnector = IdentityResolverConnectorFactory.get(\n\t\tdefaultIdentityResolverConnectorType\n\t);\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-import.labels.resolvingIdentity\"));\n\tconst identityDocument = await identityResolverConnector.resolveDocument(params.identity);\n\n\tif (Is.empty(identityDocument)) {\n\t\tthrow new GeneralError(\"identityImport\", \"identityNotFound\", {\n\t\t\tidentity: params.identity\n\t\t});\n\t}\n\n\tconst defaultVaultConnectorType = engineCore.getRegisteredInstanceType(\"vaultConnector\");\n\tconst vaultConnector = VaultConnectorFactory.get(defaultVaultConnectorType);\n\n\tCLIDisplay.task(I18n.formatMessage(\"node.cli.commands.identity-import.labels.storingMnemonic\"));\n\tconst mnemonicKey = `${params.identity}/mnemonic`;\n\tawait vaultConnector.setSecret(mnemonicKey, params.mnemonic);\n\n\tCLIDisplay.break();\n\tCLIDisplay.done();\n}\n"]}

package/dist/es/commands/identityVerifiableCredentialCreate.js

@@ -0,0 +1,146 @@
+// Copyright 2026 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+import path from "node:path";
+import { CLIDisplay, CLIUtils } from "@twin.org/cli-core";
+import { Coerce, GeneralError, Guards, I18n, Is } from "@twin.org/core";
+import { Did, IdentityConnectorFactory } from "@twin.org/identity-models";
+const COMMAND_NAME = "identity-verifiable-credential-create";
+/**
+ * Get the command definition parameters.
+ * @param commandDefinitions The registered command definitions.
+ */
+export function getCommandDefinitionIdentityVerifiableCredentialCreate(commandDefinitions) {
+    commandDefinitions[COMMAND_NAME] = {
+        command: COMMAND_NAME,
+        description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.description"),
+        example: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.example"),
+        requiresNodeIdentity: false,
+        requiresTenantId: false,
+        params: [
+            {
+                key: "env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.env-prefix.description"),
+                required: false
+            },
+            {
+                key: "identity",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.identity.description"),
+                extendedType: "did"
+            },
+            {
+                key: "controller",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.controller.description"),
+                extendedType: "did",
+                required: false
+            },
+            {
+                key: "verification-method-id",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.verification-method-id.description"),
+                extendedType: "did with fragment"
+            },
+            {
+                key: "subject-json",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.subject-json.description"),
+                extendedType: "file",
+                required: true
+            },
+            {
+                key: "credential-id",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.credential-id.description"),
+                extendedType: "url",
+                required: false
+            },
+            {
+                key: "expiration-date",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.expiration-date.description"),
+                extendedType: "ISO date-time",
+                required: false
+            },
+            {
+                key: "load-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.load-env.description"),
+                required: false
+            },
+            {
+                key: "output-json",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.output-json.description"),
+                required: false
+            },
+            {
+                key: "output-env",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.output-env.description"),
+                required: false
+            },
+            {
+                key: "output-env-prefix",
+                type: "string",
+                description: I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.params.output-env-prefix.description"),
+                required: false
+            }
+        ],
+        action: async (engineCore, envVars, params) => identityVerifiableCredentialCreate(engineCore, envVars, params)
+    };
+}
+/**
+ * Command for creating an identity verifiable credential.
+ * @param engineCore The engine core.
+ * @param envVars The environment variables for the node.
+ * @param params The parameters for the command.
+ * @param params.verificationMethodId The ID of the verification method to create the credential with.
+ * @param params.identity The DID of the identity to create the credential for.
+ * @param params.controller The controller DID for the identity.
+ * @param params.subjectJson The subject JSON file for the verifiable credential.
+ * @param params.credentialId The ID of the verifiable credential.
+ * @param params.expirationDate The expiration date of the verifiable credential.
+ * @param params.outputJson The output .json file to store the command output.
+ * @param params.outputEnv The output .env file to store the command output.
+ * @param params.outputEnvPrefix The prefix to use for variables in the output .env file.
+ * @returns The created verifiable credential and JWT.
+ */
+export async function identityVerifiableCredentialCreate(engineCore, envVars, params) {
+    Did.guard("identityVerifiableCredentialCreate", "identity", params.identity);
+    Guards.stringValue("identityVerifiableCredentialCreate", "verification-method-id", params.verificationMethodId);
+    Guards.stringValue("identityVerifiableCredentialCreate", "subject-json", params.subjectJson);
+    const defaultIdentityConnectorType = engineCore.getRegisteredInstanceType("identityConnector");
+    const identityConnector = IdentityConnectorFactory.get(defaultIdentityConnectorType);
+    const subjectFilename = path.resolve(params.subjectJson);
+    const subject = await CLIUtils.readJsonFile(subjectFilename);
+    if (Is.empty(subject)) {
+        throw new GeneralError("identityVerifiableCredentialCreate", "subjectJsonLoadFailed", {
+            subjectFilename
+        });
+    }
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.labels.creating"));
+    CLIDisplay.spinnerStart();
+    if (!params.verificationMethodId.includes("#")) {
+        params.verificationMethodId = `${params.identity}#${params.verificationMethodId}`;
+    }
+    const credential = await identityConnector.createVerifiableCredential(params.controller ?? params.identity, params.verificationMethodId, params.credentialId, subject, {
+        expirationDate: Coerce.dateTime(params.expirationDate)
+    });
+    CLIDisplay.spinnerStop();
+    CLIDisplay.task(I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.labels.created"));
+    CLIDisplay.break();
+    CLIDisplay.value(I18n.formatMessage("node.cli.commands.identity-verifiable-credential-create.labels.jwtToken"), credential.jwt);
+    CLIDisplay.break();
+    if (Is.stringValue(params.outputJson)) {
+        await CLIUtils.writeJsonFile(params.outputJson, credential, false);
+    }
+    if (Is.stringValue(params.outputEnv)) {
+        const output = [`${params.outputEnvPrefix}VC_TOKEN="${credential.jwt}"`];
+        await CLIUtils.writeEnvFile(params.outputEnv, output, false);
+    }
+    CLIDisplay.done();
+    return credential;
+}
+//# sourceMappingURL=identityVerifiableCredentialCreate.js.map