@twin.org/standards-w3c-did 0.0.1-next.9 → 0.0.2-next.1

package/dist/esm/index.mjs

@@ -1,3 +1,8 @@
+import { Guards, Is, GeneralError, ObjectHelper, Converter, JsonHelper, Uint8ArrayHelper } from '@twin.org/core';
+import { Ed25519, Sha256 } from '@twin.org/crypto';
+import { JsonLdProcessor } from '@twin.org/data-json-ld';
+import { Jwk, Jws } from '@twin.org/web';
+
 // Copyright 2024 IOTA Stiftung.
 // SPDX-License-Identifier: Apache-2.0.
 /**
@@ -5,14 +10,57 @@
  */
 // eslint-disable-next-line @typescript-eslint/naming-convention
 const DidContexts = {
+    /**
+     * The context root for DID.
+     */
+    Context: "https://www.w3.org/ns/did/v1",
     /**
      * The context root for DID VC v1.
      */
-    ContextV1: "https://www.w3.org/2018/credentials/v1",
+    ContextVCv1: "https://www.w3.org/2018/credentials/v1",
     /**
      * The context root for DID VC v2.
      */
-    ContextV2: "https://www.w3.org/ns/credentials/v2"
+    ContextVCv2: "https://www.w3.org/ns/credentials/v2",
+    /**
+     * The context root for security ed25519 suites.
+     */
+    ContextSecurityEd25519: "https://w3id.org/security/suites/ed25519-2020/v1",
+    /**
+     * The context root for security jws-2020 suites.
+     */
+    ContextSecurityJws2020: "https://w3id.org/security/suites/jws-2020/v1",
+    /**
+     * The context root for VC Data Integrity.
+     */
+    ContextDataIntegrity: "https://www.w3.org/ns/credentials/v2",
+    /**
+     * The context root for VC Data Integrity.
+     */
+    ContextControllerIdentifiers: "https://www.w3.org/ns/cid/v1",
+    /**
+     * The context root for security multikey suites.
+     */
+    ContextSecurityMultikey: "https://w3id.org/security/multikey/v1"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * The types for DID Proof crypto suites.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const DidCryptoSuites = {
+    /**
+     * The type for EdDSA crypto suite for JSON Canonicalization Scheme [RFC8785].
+     * https://www.w3.org/TR/vc-di-eddsa/#eddsa-jcs-2022
+     */
+    EdDSAJcs2022: "eddsa-jcs-2022",
+    /**
+     * The type for EdDSA crypto suite for RDF Dataset Canonicalization.
+     * https://www.w3.org/TR/vc-di-eddsa/#eddsa-rdfc-2022
+     */
+    EdDSARdfc2022: "eddsa-rdfc-2022"
 };
 
 // Copyright 2024 IOTA Stiftung.
@@ -29,7 +77,23 @@ const DidTypes = {
     /**
      * The type for Verifiable Presentation.
      */
-    VerifiablePresentation: "VerifiablePresentation"
+    VerifiablePresentation: "VerifiablePresentation",
+    /**
+     * The type for Ed25519VerificationKey2020.
+     */
+    Ed25519VerificationKey2020: "Ed25519VerificationKey2020",
+    /**
+     * The type for JsonWebKey2020.
+     */
+    JsonWebKey2020: "JsonWebKey2020",
+    /**
+     * The type for LinkedDomains.
+     */
+    LinkedDomains: "LinkedDomains",
+    /**
+     * The type for Multikey.
+     */
+    Multikey: "Multikey"
 };
 
 /**
@@ -63,4 +127,390 @@ const DidVerificationMethodType = {
     CapabilityDelegation: "capabilityDelegation"
 };
 
-export { DidContexts, DidTypes, DidVerificationMethodType };
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * The types for proofs.
+ */
+// eslint-disable-next-line @typescript-eslint/naming-convention
+const ProofTypes = {
+    /**
+     * The type for Data Integrity Proof.
+     */
+    DataIntegrityProof: "DataIntegrityProof",
+    /**
+     * The type for Json Web Signature 2020.
+     */
+    JsonWebSignature2020: "JsonWebSignature2020"
+};
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Helper methods for creating and verifying proofs.
+ * https://www.w3.org/TR/vc-di-eddsa/#eddsa-jcs-2022
+ */
+class DataIntegrityProofSignerVerifier {
+    /**
+     * Runtime name for the class.
+     */
+    CLASS_NAME = "DataIntegrityProofSignerVerifier";
+    /**
+     * Create a proof for the given data.
+     * @param unsecuredDocument The data to create the proof for.
+     * @param unsignedProof The proof options.
+     * @param signKey The key to sign the proof with.
+     * @returns The created proof.
+     */
+    async createProof(unsecuredDocument, unsignedProof, signKey) {
+        Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
+        Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
+        Guards.object(this.CLASS_NAME, "signKey", signKey);
+        const rawKeys = await Jwk.toRaw(signKey);
+        if (!Is.uint8Array(rawKeys.privateKey)) {
+            throw new GeneralError(this.CLASS_NAME, "missingPrivateKey");
+        }
+        const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
+        const signedProof = ObjectHelper.clone(unsignedProof);
+        unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
+        signedProof["@context"] = unsecuredDocumentClone["@context"];
+        const combinedHash = await this.createHash(unsecuredDocument, unsignedProof);
+        const signature = Ed25519.sign(rawKeys.privateKey, combinedHash);
+        signedProof.proofValue = `z${Converter.bytesToBase58(signature)}`;
+        return signedProof;
+    }
+    /**
+     * Verify a proof for the given data in format.
+     * @param securedDocument The credential to verify.
+     * @param signedProof The proof to verify.
+     * @param verifyKey The public key to verify the proof with.
+     * @returns True if the credential was verified.
+     */
+    async verifyProof(securedDocument, signedProof, verifyKey) {
+        Guards.object(this.CLASS_NAME, "securedDocument", securedDocument);
+        Guards.object(this.CLASS_NAME, "signedProof", signedProof);
+        Guards.stringValue(this.CLASS_NAME, "signedProof.proofValue", signedProof.proofValue);
+        Guards.object(this.CLASS_NAME, "verifyKey", verifyKey);
+        const rawKeys = await Jwk.toRaw(verifyKey);
+        if (!Is.uint8Array(rawKeys.publicKey)) {
+            throw new GeneralError(this.CLASS_NAME, "missingPublicKey");
+        }
+        const combinedHash = await this.createHash(securedDocument, signedProof);
+        return Ed25519.verify(rawKeys.publicKey, combinedHash, Converter.base58ToBytes(signedProof.proofValue.slice(1)));
+    }
+    /**
+     * Create a hash for the given data.
+     * @param unsecuredDocument The data to create the proof for.
+     * @param unsignedProof The unsigned proof.
+     * @returns The created hash.
+     */
+    async createHash(unsecuredDocument, unsignedProof) {
+        Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
+        Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
+        Guards.stringValue(this.CLASS_NAME, "unsignedProof.cryptosuite", unsignedProof.cryptosuite);
+        Guards.stringValue(this.CLASS_NAME, "unsignedProof.verificationMethod", unsignedProof.verificationMethod);
+        const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
+        const proofOptionsClone = ObjectHelper.clone(unsignedProof);
+        delete unsecuredDocumentClone.proof;
+        delete proofOptionsClone.proofValue;
+        if (proofOptionsClone.cryptosuite !== DidCryptoSuites.EdDSAJcs2022) {
+            throw new GeneralError(this.CLASS_NAME, "cryptosuiteNotSupported", {
+                cryptoSuite: proofOptionsClone.cryptosuite
+            });
+        }
+        unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
+        proofOptionsClone["@context"] = unsecuredDocumentClone["@context"];
+        const transformedDocument = JsonHelper.canonicalize(unsecuredDocumentClone);
+        const transformedDocumentHash = Sha256.sum256(Converter.utf8ToBytes(transformedDocument));
+        const transformedProofOptions = JsonHelper.canonicalize(proofOptionsClone);
+        const proofOptionsHash = Sha256.sum256(Converter.utf8ToBytes(transformedProofOptions));
+        return Uint8ArrayHelper.concat([proofOptionsHash, transformedDocumentHash]);
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Helper methods for creating and verifying proofs.
+ */
+class JsonWebSignature2020SignerVerifier {
+    /**
+     * Runtime name for the class.
+     */
+    CLASS_NAME = "JsonWebSignature2020SignerVerifier";
+    /**
+     * Create a proof for the given data.
+     * @param unsecuredDocument The data to create the proof for.
+     * @param unsignedProof The proof options.
+     * @param signKey The key to sign the proof with.
+     * @returns The created proof.
+     */
+    async createProof(unsecuredDocument, unsignedProof, signKey) {
+        Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
+        Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
+        Guards.object(this.CLASS_NAME, "signKey", signKey);
+        const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
+        unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextSecurityJws2020);
+        const hash = await this.createHash(unsecuredDocument, unsignedProof);
+        const cryptoKey = await Jwk.toCryptoKey(signKey);
+        const signature = await Jws.create(cryptoKey, hash, signKey.alg);
+        const signedProof = ObjectHelper.clone(unsignedProof);
+        signedProof["@context"] = unsecuredDocumentClone["@context"];
+        signedProof.jws = signature;
+        return signedProof;
+    }
+    /**
+     * Verify a proof for the given data in format.
+     * @param securedDocument The credential to verify.
+     * @param signedProof The proof to verify.
+     * @param verifyKey The public key to verify the proof with.
+     * @returns True if the credential was verified.
+     */
+    async verifyProof(securedDocument, signedProof, verifyKey) {
+        Guards.object(this.CLASS_NAME, "securedDocument", securedDocument);
+        Guards.object(this.CLASS_NAME, "signedProof", signedProof);
+        Guards.object(this.CLASS_NAME, "verifyKey", verifyKey);
+        const jws = signedProof.jws;
+        if (!Is.stringValue(jws)) {
+            throw new GeneralError(this.CLASS_NAME, "jwsMissing");
+        }
+        const hash = await this.createHash(securedDocument, signedProof);
+        const cryptoKey = await Jwk.toCryptoKey(verifyKey);
+        return Jws.verify(jws, cryptoKey, hash);
+    }
+    /**
+     * Create a hash for the given data.
+     * @param unsecuredDocument The data to create the proof for.
+     * @param unsignedProof The unsigned proof.
+     * @returns The created hash.
+     */
+    async createHash(unsecuredDocument, unsignedProof) {
+        Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
+        Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
+        Guards.stringValue(this.CLASS_NAME, "unsignedProof.verificationMethod", unsignedProof.verificationMethod);
+        const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
+        const proofOptionsClone = ObjectHelper.clone(unsignedProof);
+        unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextSecurityJws2020);
+        proofOptionsClone["@context"] = unsecuredDocumentClone["@context"];
+        delete unsecuredDocumentClone.proof;
+        delete proofOptionsClone.jws;
+        const canonizedData = await JsonLdProcessor.canonize(unsecuredDocumentClone);
+        const canonizedProof = await JsonLdProcessor.canonize(proofOptionsClone);
+        const hashedProof = Sha256.sum256(Converter.utf8ToBytes(canonizedProof));
+        const hashedData = Sha256.sum256(Converter.utf8ToBytes(canonizedData));
+        return Uint8ArrayHelper.concat([hashedProof, hashedData]);
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Helper methods for multikey.
+ */
+class MultikeyHelper {
+    /**
+     * Runtime name for the class.
+     */
+    static CLASS_NAME = "MultikeyHelper";
+    /**
+     * Convert a multikey to a JWK.
+     * @param multikey The multikey to convert.
+     * @returns The JWK.
+     * @throws GeneralError if the multikey is invalid.
+     */
+    static toJwk(multikey) {
+        Guards.object(MultikeyHelper.CLASS_NAME, "multikey", multikey);
+        const { publicKey, privateKey } = MultikeyHelper.toRaw(multikey);
+        return {
+            kty: "OKP",
+            crv: "Ed25519",
+            alg: "EdDSA",
+            x: Is.uint8Array(publicKey) ? Converter.bytesToBase64Url(publicKey) : undefined,
+            d: Is.uint8Array(privateKey) ? Converter.bytesToBase64Url(privateKey) : undefined
+        };
+    }
+    /**
+     * Convert a JWK to a Multikey.
+     * @param controller The controller of the multikey.
+     * @param id The id of the multikey.
+     * @param jwk The jwk to convert.
+     * @returns The multikey.
+     * @throws GeneralError if the jwk is invalid.
+     */
+    static fromJwk(controller, id, jwk) {
+        Guards.stringValue(MultikeyHelper.CLASS_NAME, "controller", controller);
+        Guards.stringValue(MultikeyHelper.CLASS_NAME, "id", id);
+        Guards.object(MultikeyHelper.CLASS_NAME, "jwk", jwk);
+        Guards.stringValue(MultikeyHelper.CLASS_NAME, "jwk.x", jwk.x);
+        if (jwk.kty !== "OKP") {
+            throw new GeneralError(MultikeyHelper.CLASS_NAME, "unsupportedKty", { kty: jwk.kty });
+        }
+        if (jwk.crv !== "Ed25519") {
+            throw new GeneralError(MultikeyHelper.CLASS_NAME, "unsupportedCrv", { crv: jwk.crv });
+        }
+        const publicRaw = Converter.base64UrlToBytes(jwk.x);
+        const publicKey = new Uint8Array(2 + publicRaw.length);
+        publicKey[0] = 0xed;
+        publicKey[1] = 0x01;
+        publicKey.set(publicRaw, 2);
+        const multikey = {
+            "@context": DidContexts.ContextControllerIdentifiers,
+            type: DidTypes.Multikey,
+            controller,
+            id,
+            publicKeyMultibase: `z${Converter.bytesToBase58(publicKey)}`
+        };
+        if (Is.stringValue(jwk.d)) {
+            const privateRaw = Converter.base64UrlToBytes(jwk.d);
+            const secretKey = new Uint8Array(2 + privateRaw.length);
+            secretKey[0] = 0x80;
+            secretKey[1] = 0x26;
+            secretKey.set(privateRaw, 2);
+            multikey.secretKeyMultibase = `z${Converter.bytesToBase58(secretKey)}`;
+        }
+        return multikey;
+    }
+    /**
+     * Convert a multikey to raw keys.
+     * @param multikey The multikey to convert.
+     * @returns The JWK.
+     * @throws GeneralError if the multikey is invalid.
+     */
+    static toRaw(multikey) {
+        Guards.object(MultikeyHelper.CLASS_NAME, "multikey", multikey);
+        let publicKeyRaw;
+        let secretKeyRaw;
+        if (Is.stringValue(multikey.publicKeyMultibase)) {
+            if (!multikey.publicKeyMultibase.startsWith("z")) {
+                throw new GeneralError(MultikeyHelper.CLASS_NAME, "invalidPublicKeyMultibase", {
+                    publicKeyMultibase: multikey.publicKeyMultibase
+                });
+            }
+            publicKeyRaw = Converter.base58ToBytes(multikey.publicKeyMultibase.slice(1));
+            if (publicKeyRaw[0] !== 0xed || publicKeyRaw[1] !== 0x01) {
+                throw new GeneralError(MultikeyHelper.CLASS_NAME, "publicKeyMultibaseMissingHeader", {
+                    publicKeyMultibase: multikey.publicKeyMultibase
+                });
+            }
+        }
+        if (Is.stringValue(multikey.secretKeyMultibase)) {
+            if (!multikey.secretKeyMultibase.startsWith("z")) {
+                throw new GeneralError(MultikeyHelper.CLASS_NAME, "invalidSecretKeyMultibase", {
+                    secretKeyMultibase: multikey.secretKeyMultibase
+                });
+            }
+            secretKeyRaw = Converter.base58ToBytes(multikey.secretKeyMultibase.slice(1));
+            if (secretKeyRaw[0] !== 0x80 || secretKeyRaw[1] !== 0x26) {
+                throw new GeneralError(MultikeyHelper.CLASS_NAME, "publicKeyMultibaseMissingHeader", {
+                    publicKeyMultibase: multikey.publicKeyMultibase
+                });
+            }
+        }
+        return {
+            publicKey: publicKeyRaw?.slice(2) ?? new Uint8Array(),
+            privateKey: secretKeyRaw?.slice(2, 34) ?? new Uint8Array()
+        };
+    }
+}
+
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Helper methods for creating and verifying proofs.
+ */
+class ProofHelper {
+    /**
+     * Runtime name for the class.
+     */
+    static CLASS_NAME = "ProofHelper";
+    /**
+     * Create a signer verifier.
+     * @param proofType The type of proof to create.
+     * @returns The created signer verifier.
+     * @throws GeneralError if the proof type is not supported.
+     */
+    static createSignerVerifier(proofType) {
+        Guards.arrayOneOf(this.CLASS_NAME, "proofType", proofType, Object.values(ProofTypes));
+        let signerVerifier;
+        if (proofType === ProofTypes.DataIntegrityProof) {
+            signerVerifier = new DataIntegrityProofSignerVerifier();
+        }
+        else if (proofType === ProofTypes.JsonWebSignature2020) {
+            signerVerifier = new JsonWebSignature2020SignerVerifier();
+        }
+        if (Is.empty(signerVerifier)) {
+            throw new GeneralError(ProofHelper.CLASS_NAME, "unsupportedProofType", { proofType });
+        }
+        return signerVerifier;
+    }
+    /**
+     * Create a proof for the given data.
+     * @param proofType The type of proof to create.
+     * @param unsecuredDocument The data to create the proof for.
+     * @param unsignedProof The proof options.
+     * @param signKey The key to sign the proof with.
+     * @returns The created proof.
+     */
+    static async createProof(proofType, unsecuredDocument, unsignedProof, signKey) {
+        Guards.arrayOneOf(this.CLASS_NAME, "proofType", proofType, Object.values(ProofTypes));
+        Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
+        Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
+        Guards.object(this.CLASS_NAME, "signKey", signKey);
+        return ProofHelper.createSignerVerifier(proofType).createProof(unsecuredDocument, unsignedProof, signKey);
+    }
+    /**
+     * Verify a proof for the given data.
+     * @param securedDocument The credential to verify.
+     * @param signedProof The proof to verify.
+     * @param verifyKey The public key to verify the proof with.
+     * @returns True if the credential was verified.
+     */
+    static async verifyProof(securedDocument, signedProof, verifyKey) {
+        Guards.object(this.CLASS_NAME, "securedDocument", securedDocument);
+        Guards.object(this.CLASS_NAME, "signedProof", signedProof);
+        Guards.stringValue(this.CLASS_NAME, "signedProof.type", signedProof.type);
+        Guards.object(this.CLASS_NAME, "verifyKey", verifyKey);
+        const signerVerifier = ProofHelper.createSignerVerifier(signedProof.type);
+        return signerVerifier.verifyProof(securedDocument, signedProof, verifyKey);
+    }
+    /**
+     * Create an unsigned proof.
+     * @param proofType The type of proof to create.
+     * @param verificationMethodId The verification method id.
+     * @param otherParams Other parameters for the proof.
+     * @returns The created proof.
+     * @throws GeneralError if the proof type is not supported.
+     */
+    static createUnsignedProof(proofType, verificationMethodId, 
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    otherParams) {
+        let proof;
+        if (proofType === ProofTypes.DataIntegrityProof) {
+            proof = {
+                "@context": DidContexts.ContextDataIntegrity,
+                type: ProofTypes.DataIntegrityProof,
+                cryptosuite: DidCryptoSuites.EdDSAJcs2022,
+                created: new Date(Date.now()).toISOString(),
+                verificationMethod: verificationMethodId,
+                proofPurpose: "assertionMethod",
+                ...otherParams
+            };
+        }
+        else if (proofType === ProofTypes.JsonWebSignature2020) {
+            proof = {
+                "@context": DidContexts.ContextSecurityJws2020,
+                type: ProofTypes.JsonWebSignature2020,
+                created: new Date(Date.now()).toISOString(),
+                verificationMethod: verificationMethodId,
+                proofPurpose: "assertionMethod",
+                ...otherParams
+            };
+        }
+        if (Is.empty(proof)) {
+            throw new GeneralError(ProofHelper.CLASS_NAME, "unsupportedProofType", { proofType });
+        }
+        return proof;
+    }
+}
+
+export { DataIntegrityProofSignerVerifier, DidContexts, DidCryptoSuites, DidTypes, DidVerificationMethodType, JsonWebSignature2020SignerVerifier, MultikeyHelper, ProofHelper, ProofTypes };

package/dist/types/index.d.ts

@@ -1,11 +1,23 @@
 export * from "./models/didContexts";
+export * from "./models/didCryptoSuites";
 export * from "./models/didTypes";
 export * from "./models/didVerificationMethodType";
+export * from "./models/IDataIntegrityProof";
+export * from "./models/IDidCredentialSchema";
 export * from "./models/IDidCredentialStatus";
 export * from "./models/IDidDocument";
 export * from "./models/IDidDocumentVerificationMethod";
+export * from "./models/IDidLabel";
 export * from "./models/IDidPresentationVerification";
-export * from "./models/IDidProof";
 export * from "./models/IDidService";
 export * from "./models/IDidVerifiableCredential";
 export * from "./models/IDidVerifiablePresentation";
+export * from "./models/IJsonWebSignature2020Proof";
+export * from "./models/IMultikey";
+export * from "./models/IProof";
+export * from "./models/IProofSignerVerifier";
+export * from "./models/proofTypes";
+export * from "./signerVerifiers/dataIntegrityProofSignerVerifier";
+export * from "./signerVerifiers/jsonWebSignature2020SignerVerifier";
+export * from "./utils/multikeyHelper";
+export * from "./utils/proofHelper";

package/dist/types/models/{IDidProof.d.ts → IDataIntegrityProof.d.ts}

@@ -1,18 +1,30 @@
+import type { IJsonLdContextDefinitionElement } from "@twin.org/data-json-ld";
+import type { DidContexts } from "./didContexts";
+import type { DidCryptoSuites } from "./didCryptoSuites";
+import type { ProofTypes } from "./proofTypes";
 /**
  * Interface describing a did proof.
  * https://www.w3.org/TR/vc-data-integrity/
  */
-export interface IDidProof {
+export interface IDataIntegrityProof {
     /**
-     * The id of the proof.
+     * JSON-LD Context.
      */
-    id?: string;
+    "@context"?: typeof DidContexts.ContextDataIntegrity | [typeof DidContexts.ContextDataIntegrity, ...IJsonLdContextDefinitionElement[]];
+    /**
+     * JSON-LD Type.
+     */
+    type: typeof ProofTypes.DataIntegrityProof;
     /**
-     * The type of the proof.
+     * An identifier for the cryptographic suite that can be used to verify the proof.
      */
-    type: string;
+    cryptosuite: DidCryptoSuites | string;
+    /**
+     * The id of the proof.
+     */
+    id?: string;
     /**
-     * The purpose of the proof.
+     * The reason the proof was created.
      */
     proofPurpose: string;
     /**

package/dist/types/models/IDidCredentialSchema.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Interface describing a DID credential schema.
+ */
+export interface IDidCredentialSchema {
+    /**
+     * The URI id.
+     */
+    id: string;
+    /**
+     * The credential schema type.
+     */
+    type: string;
+}

package/dist/types/models/IDidDocument.d.ts

@@ -1,3 +1,5 @@
+import type { IJsonLdContextDefinitionElement } from "@twin.org/data-json-ld";
+import type { DidContexts } from "./didContexts";
 import type { IDidDocumentVerificationMethod } from "./IDidDocumentVerificationMethod";
 import type { IDidService } from "./IDidService";
 /**
@@ -5,6 +7,10 @@ import type { IDidService } from "./IDidService";
  * Spec https://www.w3.org/TR/did-core/#did-document-properties.
  */
 export interface IDidDocument {
+    /**
+     * The context for the document.
+     */
+    "@context": typeof DidContexts.Context | [typeof DidContexts.Context, ...IJsonLdContextDefinitionElement[]];
     /**
      * The id for the document.
      */

package/dist/types/models/IDidDocumentVerificationMethod.d.ts

@@ -1,8 +1,9 @@
+import type { IJsonLdNodeObject } from "@twin.org/data-json-ld";
 import type { IJwk } from "@twin.org/web";
 /**
  * Interface describing a DID document verification method.
  */
-export interface IDidDocumentVerificationMethod {
+export interface IDidDocumentVerificationMethod extends IJsonLdNodeObject {
     /**
      * The id of the entry.
      */
@@ -24,7 +25,7 @@ export interface IDidDocumentVerificationMethod {
      * The public key for the entry as a JWK.
      * Spec https://datatracker.ietf.org/doc/html/rfc7517 .
      */
-    publicKeyJwk?: IJwk;
+    publicKeyJwk?: IJwk & IJsonLdNodeObject;
     /**
      * Multi key partial revocation.
      */

package/dist/types/models/IDidLabel.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Interface describing a DID Label.
+ */
+export interface IDidLabel {
+    /**
+     * The value for the label.
+     */
+    "@value": string;
+    /**
+     * The language for the label.
+     */
+    "@language": string;
+    /**
+     * The direction of the label.
+     */
+    "@direction"?: string;
+}