@vidos-id/openid4vc-wallet 0.0.0-test1

package/dist/index.mjs

@@ -0,0 +1,1055 @@
+import { pack } from "@sd-jwt/core";
+import { hasher } from "@sd-jwt/hash";
+import { EncryptJWT, SignJWT, base64url, calculateJwkThumbprint, decodeJwt, decodeProtectedHeader, exportJWK, generateKeyPair, importJWK, jwtVerify } from "jose";
+import { z } from "zod";
+import { inflateSync } from "node:zlib";
+import { decodeSdJwt, getClaims, splitSdJwt } from "@sd-jwt/decode";
+import { present } from "@sd-jwt/present";
+import { DcqlPresentation, DcqlQuery, runDcqlQuery } from "dcql";
+//#region src/crypto.ts
+const HOLDER_KEY_ALG = "ES256";
+const SD_JWT_HASH_ALG = "sha-256";
+async function sha256Base64Url(input) {
+	const digest = hasher(input, "sha256");
+	return base64url.encode(digest);
+}
+async function sdJwtHasher(data, alg) {
+	if (alg !== "sha-256") throw new Error(`Unsupported SD-JWT hash algorithm: ${alg}`);
+	return hasher(data, "sha256");
+}
+async function createHolderKeyRecord(alg) {
+	const algorithm = alg ?? "ES256";
+	const { privateKey, publicKey } = algorithm === "EdDSA" ? await generateKeyPair("EdDSA", {
+		crv: "Ed25519",
+		extractable: true
+	}) : await generateKeyPair(algorithm, { extractable: true });
+	const publicJwk = await exportJWK(publicKey);
+	const privateJwk = await exportJWK(privateKey);
+	return {
+		id: await calculateJwkThumbprint(publicJwk),
+		algorithm,
+		publicJwk,
+		privateJwk,
+		createdAt: (/* @__PURE__ */ new Date()).toISOString()
+	};
+}
+async function getJwkThumbprint(jwk) {
+	return calculateJwkThumbprint(jwk);
+}
+async function importPrivateKey(jwk, alg = HOLDER_KEY_ALG) {
+	return importJWK(jwk, alg);
+}
+async function importPublicKey(jwk, alg) {
+	return importJWK(jwk, alg);
+}
+async function createKbJwt(input) {
+	const alg = input.alg ?? "ES256";
+	const privateKey = await importPrivateKey(input.holderPrivateJwk, alg);
+	const sdHash = await sha256Base64Url(input.sdJwtPresentation);
+	return new SignJWT({
+		aud: input.aud,
+		nonce: input.nonce,
+		sd_hash: sdHash,
+		iat: Math.floor(Date.now() / 1e3)
+	}).setProtectedHeader({
+		alg,
+		typ: "kb+jwt"
+	}).sign(privateKey);
+}
+async function createOpenId4VciProofJwt(input) {
+	const alg = input.alg ?? "ES256";
+	const privateKey = await importPrivateKey(input.holderPrivateJwk, alg);
+	return new SignJWT({
+		aud: input.aud,
+		nonce: input.nonce,
+		iat: Math.floor(Date.now() / 1e3)
+	}).setProtectedHeader({
+		alg,
+		typ: "openid4vci-proof+jwt",
+		jwk: input.holderPublicJwk
+	}).sign(privateKey);
+}
+async function issueDemoCredential(input) {
+	const signingAlg = input.issuerAlg ?? "ES256";
+	const issuerKey = await importPrivateKey(input.issuerPrivateJwk, signingAlg);
+	let saltIndex = 0;
+	const saltGenerator = input.saltGenerator ?? (async () => {
+		saltIndex += 1;
+		return `salt-${saltIndex}`;
+	});
+	const { packedClaims, disclosures } = await pack({
+		iss: input.issuer,
+		vct: input.vct,
+		cnf: { jwk: input.holderPublicJwk },
+		...input.claims
+	}, input.disclosureFrame, {
+		alg: SD_JWT_HASH_ALG,
+		hasher: sdJwtHasher
+	}, saltGenerator);
+	return [
+		await new SignJWT({
+			...packedClaims,
+			_sd_alg: input.disclosureFrame ? SD_JWT_HASH_ALG : void 0,
+			iat: input.issuedAt ?? Math.floor(Date.now() / 1e3)
+		}).setProtectedHeader({
+			alg: signingAlg,
+			typ: "dc+sd-jwt",
+			kid: input.issuerKid,
+			...input.headers
+		}).sign(issuerKey),
+		...disclosures.map((disclosure) => disclosure.encode()),
+		""
+	].join("~");
+}
+//#endregion
+//#region src/schemas.ts
+const JwkSchema = z.record(z.string(), z.unknown()).refine((value) => typeof value.kty === "string", "JWK must include kty");
+const HolderKeyRecordSchema = z.object({
+	id: z.string().min(1),
+	algorithm: z.enum([
+		"ES256",
+		"ES384",
+		"EdDSA"
+	]),
+	publicJwk: JwkSchema,
+	privateJwk: JwkSchema,
+	createdAt: z.string().datetime()
+});
+const CredentialStatusListReferenceSchema = z.object({
+	idx: z.number().int().nonnegative(),
+	uri: z.string().min(1)
+});
+const CredentialStatusSchema = z.object({ status_list: CredentialStatusListReferenceSchema });
+const StoredCredentialRecordSchema = z.object({
+	id: z.string().min(1),
+	format: z.literal("dc+sd-jwt"),
+	compactSdJwt: z.string().min(1),
+	issuer: z.string().min(1),
+	vct: z.string().min(1),
+	holderKeyId: z.string().min(1),
+	claims: z.record(z.string(), z.unknown()),
+	status: CredentialStatusSchema.optional(),
+	issuerKeyMaterial: z.lazy(() => IssuerKeyMaterialSchema).optional(),
+	importedAt: z.string().datetime()
+});
+const IssuerJwksSchema = z.object({
+	issuer: z.string().min(1),
+	jwks: z.object({ keys: z.array(JwkSchema).min(1) })
+});
+const IssuerJwkSchema = z.object({
+	issuer: z.string().min(1),
+	jwk: JwkSchema
+});
+const IssuerKeyMaterialSchema = z.union([IssuerJwksSchema, IssuerJwkSchema]);
+const ImportCredentialInputSchema = z.object({
+	credential: z.string().min(1),
+	issuer: IssuerKeyMaterialSchema.optional()
+});
+const ResponseModeSchema = z.enum(["direct_post", "direct_post.jwt"]);
+const VerifierClientMetadataSchema = z.object({
+	jwks: z.object({ keys: z.array(JwkSchema).min(1) }).optional(),
+	encrypted_response_enc_values_supported: z.array(z.string().min(1)).min(1).optional(),
+	vp_formats_supported: z.unknown().optional()
+}).passthrough();
+const OpenId4VpRequestSchema = z.object({
+	client_id: z.string().min(1),
+	nonce: z.string().min(1),
+	dcql_query: z.unknown(),
+	state: z.string().min(1).optional(),
+	response_type: z.literal("vp_token").optional(),
+	response_mode: ResponseModeSchema.optional(),
+	response_uri: z.string().min(1).optional(),
+	client_metadata: VerifierClientMetadataSchema.optional(),
+	scope: z.unknown().optional(),
+	presentation_definition: z.unknown().optional()
+}).superRefine((value, ctx) => {
+	if (value.scope !== void 0) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "scope-encoded queries are unsupported",
+		path: ["scope"]
+	});
+	if (value.presentation_definition !== void 0) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "Presentation Exchange is unsupported",
+		path: ["presentation_definition"]
+	});
+	if (value.response_type !== void 0 && value.response_type !== "vp_token") ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "Only response_type=vp_token is supported",
+		path: ["response_type"]
+	});
+	if (value.response_mode && !value.response_uri) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "response_uri is required for direct_post response modes",
+		path: ["response_uri"]
+	});
+});
+const WalletConfigSchema = z.object({ storage: z.custom((value) => typeof value === "object" && value !== null, { message: "storage is required" }) });
+//#endregion
+//#region src/wallet.ts
+const RESERVED_TOP_LEVEL_CLAIMS = new Set([
+	"_sd",
+	"_sd_alg",
+	"cnf",
+	"exp",
+	"iat",
+	"iss",
+	"jti",
+	"nbf",
+	"status",
+	"sub",
+	"vct"
+]);
+var WalletError = class extends Error {
+	constructor(message) {
+		super(message);
+		this.name = "WalletError";
+	}
+};
+var Wallet = class {
+	constructor(storage) {
+		this.storage = storage;
+	}
+	async getOrCreateHolderKey(alg) {
+		const existing = await this.storage.getHolderKey();
+		if (existing) return existing;
+		const created = await createHolderKeyRecord(alg);
+		await this.storage.setHolderKey(created);
+		return created;
+	}
+	async importHolderKey(input) {
+		if (await this.storage.getHolderKey()) throw new WalletError("Holder key already exists in this wallet");
+		const record = {
+			id: await getJwkThumbprint(input.publicJwk),
+			algorithm: input.algorithm,
+			publicJwk: input.publicJwk,
+			privateJwk: input.privateJwk,
+			createdAt: (/* @__PURE__ */ new Date()).toISOString()
+		};
+		HolderKeyRecordSchema.parse(record);
+		await this.storage.setHolderKey(record);
+		return record;
+	}
+	async listCredentials() {
+		return this.storage.listCredentials();
+	}
+	async getCredentialStatus(credentialId, options) {
+		const credential = await this.storage.getCredential(credentialId);
+		if (!credential) throw new WalletError(`Credential ${credentialId} not found`);
+		if (!credential.status?.status_list) return null;
+		const doFetch = options?.fetch ?? fetch;
+		const statusJwt = await fetchStatusListJwt(credential.status.status_list.uri, doFetch);
+		const protectedHeader = decodeProtectedHeader(statusJwt);
+		const payload = parseStatusListTokenPayload((await jwtVerify(statusJwt, await resolveIssuerVerificationKey(credential.issuerKeyMaterial ?? await fetchIssuerKeyMaterial(credential.issuer, doFetch), protectedHeader.kid, typeof protectedHeader.alg === "string" ? protectedHeader.alg : void 0), {
+			typ: "statuslist+jwt",
+			subject: credential.status.status_list.uri
+		})).payload);
+		const value = readStatusValue(payload.status_list.lst, payload.status_list.bits, credential.status.status_list.idx);
+		return {
+			credentialId: credential.id,
+			statusReference: credential.status.status_list,
+			status: {
+				value,
+				label: labelForTokenStatus(value),
+				isValid: value === 0
+			},
+			statusList: {
+				uri: credential.status.status_list.uri,
+				bits: payload.status_list.bits,
+				iat: payload.iat,
+				exp: payload.exp,
+				ttl: payload.ttl,
+				aggregationUri: payload.status_list.aggregation_uri,
+				jwt: statusJwt
+			}
+		};
+	}
+	getVpFormatsSupported() {
+		return { "dc+sd-jwt": {
+			sd_jwt_alg_values: [
+				"ES256",
+				"ES384",
+				"EdDSA"
+			],
+			kb_jwt_alg_values: [
+				"ES256",
+				"ES384",
+				"EdDSA"
+			]
+		} };
+	}
+	async importCredential(input) {
+		const parsedInput = ImportCredentialInputSchema.parse(input);
+		const holderKey = await this.getOrCreateHolderKey();
+		const compactSdJwt = normalizeSdJwt(parsedInput.credential);
+		const split = splitSdJwt(compactSdJwt);
+		if (split.kbJwt) throw new WalletError("Wallet only imports issuer-bound credentials, not presented credentials");
+		const header = decodeProtectedHeader(split.jwt);
+		if (header.typ !== "dc+sd-jwt") throw new WalletError("Unsupported credential typ");
+		let payload;
+		if (parsedInput.issuer) {
+			const verificationKey = await resolveIssuerVerificationKey(parsedInput.issuer, header.kid, header.alg);
+			payload = (await jwtVerify(split.jwt, verificationKey, {
+				issuer: parsedInput.issuer.issuer,
+				typ: "dc+sd-jwt"
+			})).payload;
+		} else {
+			const jwtPart = split.jwt.split(".")[1];
+			if (!jwtPart) throw new WalletError("Invalid credential format");
+			const decodedPayload = JSON.parse(Buffer.from(jwtPart, "base64url").toString("utf8"));
+			if (typeof decodedPayload.iss !== "string" || decodedPayload.iss.length === 0) throw new WalletError("Credential is missing issuer");
+			payload = decodedPayload;
+		}
+		const vct = readStringClaim(payload.vct, "Credential is missing vct");
+		const issuer = readStringClaim(payload.iss, "Credential is missing iss");
+		const cnfJwk = readRecordClaim(readRecordClaim(payload.cnf, "Credential is missing cnf").jwk, "Credential cnf is missing jwk");
+		if (await getJwkThumbprint(holderKey.publicJwk) !== await getJwkThumbprint(cnfJwk)) throw new WalletError("Credential cnf.jwk does not match the wallet holder key");
+		if (typeof payload._sd_alg !== "string") throw new WalletError("Credential is missing _sd_alg");
+		const decoded = await decodeSdJwt(compactSdJwt, sdJwtHasher);
+		const allClaims = await getClaims(decoded.jwt.payload, decoded.disclosures, sdJwtHasher);
+		const credentialRecord = StoredCredentialRecordSchema.parse({
+			id: typeof payload.jti === "string" && payload.jti.length > 0 ? payload.jti : await sha256Base64Url(compactSdJwt),
+			format: "dc+sd-jwt",
+			compactSdJwt,
+			issuer,
+			vct,
+			holderKeyId: holderKey.id,
+			claims: stripReservedClaims(allClaims),
+			status: parseCredentialStatus(payload.status),
+			issuerKeyMaterial: parsedInput.issuer,
+			importedAt: (/* @__PURE__ */ new Date()).toISOString()
+		});
+		await this.storage.setCredential(credentialRecord);
+		return credentialRecord;
+	}
+	async matchDcqlQuery(input) {
+		const inspected = await this.inspectDcqlQuery(input);
+		return {
+			query: inspected.query,
+			credentials: inspected.queries.map((queryMatch) => {
+				const selected = queryMatch.credentials[0];
+				if (!selected) throw new WalletError(`No credential matched query ${queryMatch.queryId}`);
+				return selected;
+			})
+		};
+	}
+	async inspectDcqlQuery(input) {
+		const request = OpenId4VpRequestSchema.parse(input);
+		const query = DcqlQuery.parse(request.dcql_query);
+		assertSupportedDcqlQuery(query);
+		const credentials = await this.storage.listCredentials();
+		const result = runDcqlQuery(query, {
+			credentials: credentials.map((credential) => ({
+				credential_format: "dc+sd-jwt",
+				vct: credential.vct,
+				claims: credential.claims,
+				cryptographic_holder_binding: true
+			})),
+			presentation: false
+		});
+		if (!result.can_be_satisfied) throw new WalletError("No stored credential satisfies the supported DCQL query");
+		const queryMatches = [];
+		for (const credentialQuery of query.credentials) {
+			const queryId = credentialQuery.id;
+			const credentialMatch = result.credential_matches[queryId];
+			if (!credentialMatch?.success || credentialMatch.valid_credentials.length === 0) throw new WalletError(`No credential matched query ${queryId}`);
+			const claimPaths = (credentialQuery.claims ?? []).map((claim) => [...claim.path]);
+			queryMatches.push({
+				queryId,
+				credentials: credentialMatch.valid_credentials.map((candidate) => {
+					const storedCredential = credentials[candidate.input_credential_index];
+					if (!storedCredential) throw new WalletError(`Matched credential for query ${queryId} was not found`);
+					return {
+						queryId,
+						credentialId: storedCredential.id,
+						issuer: storedCredential.issuer,
+						vct: storedCredential.vct,
+						claims: storedCredential.claims,
+						claimPaths
+					};
+				})
+			});
+		}
+		return {
+			query,
+			queries: queryMatches
+		};
+	}
+	async createPresentation(input, options) {
+		const request = OpenId4VpRequestSchema.parse(input);
+		const holderKey = await this.getOrCreateHolderKey();
+		const inspected = await this.inspectDcqlQuery(request);
+		const matchedCredentials = inspected.queries.map((queryMatch) => {
+			const selectedCredentialId = options?.selectedCredentials?.[queryMatch.queryId];
+			if (selectedCredentialId) {
+				const selected = queryMatch.credentials.find((candidate) => candidate.credentialId === selectedCredentialId);
+				if (!selected) throw new WalletError(`Credential ${selectedCredentialId} does not satisfy query ${queryMatch.queryId}`);
+				return selected;
+			}
+			const first = queryMatch.credentials[0];
+			if (!first) throw new WalletError(`No credential matched query ${queryMatch.queryId}`);
+			return first;
+		});
+		const presentations = {};
+		for (const matched of matchedCredentials) {
+			const storedCredential = await this.storage.getCredential(matched.credentialId);
+			if (!storedCredential) throw new WalletError(`Stored credential ${matched.credentialId} not found`);
+			const frame = matched.claimPaths.length === 0 ? void 0 : claimPathsToPresentationFrame(matched.claimPaths);
+			const sdJwtPresentation = await present(normalizeSdJwt(storedCredential.compactSdJwt), frame ?? {}, sdJwtHasher);
+			const kbJwt = await createKbJwt({
+				holderPrivateJwk: holderKey.privateJwk,
+				aud: request.client_id,
+				nonce: request.nonce,
+				sdJwtPresentation
+			});
+			presentations[matched.queryId] = [`${stripTrailingEmptyPart(sdJwtPresentation)}~${kbJwt}`];
+		}
+		return {
+			query: inspected.query,
+			matchedCredentials,
+			dcqlPresentation: presentations,
+			vpToken: DcqlPresentation.encode(presentations)
+		};
+	}
+};
+function normalizeSdJwt(compact) {
+	return compact.endsWith("~") ? compact : `${compact}~`;
+}
+function stripTrailingEmptyPart(compact) {
+	return compact.endsWith("~") ? compact.slice(0, -1) : compact;
+}
+async function fetchStatusListJwt(uri, doFetch) {
+	const response = await doFetch(uri, { headers: { accept: "application/statuslist+jwt, application/jwt, text/plain" } });
+	if (!response.ok) throw new WalletError(`Status list fetch failed with status ${response.status}`);
+	const payload = (await response.text()).trim();
+	if (!payload) throw new WalletError("Status list response is empty");
+	return payload;
+}
+async function fetchIssuerKeyMaterial(issuer, doFetch) {
+	const response = await doFetch(getCredentialIssuerMetadataUrl$1(issuer), { headers: { accept: "application/json" } });
+	if (!response.ok) throw new WalletError(`Issuer metadata fetch failed with status ${response.status}`);
+	let payload;
+	try {
+		payload = await response.json();
+	} catch {
+		throw new WalletError("Failed to parse issuer metadata response");
+	}
+	return {
+		issuer,
+		jwks: readRecordClaim(readRecordClaim(payload, "Issuer metadata must be a JSON object").jwks, "Issuer metadata is missing jwks")
+	};
+}
+function getCredentialIssuerMetadataUrl$1(credentialIssuer) {
+	const issuerUrl = new URL(credentialIssuer);
+	const issuerPath = issuerUrl.pathname === "/" ? "" : issuerUrl.pathname;
+	return new URL(`/.well-known/openid-credential-issuer${issuerPath}`, issuerUrl.origin).toString();
+}
+function parseCredentialStatus(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	const statusList = value.status_list;
+	if (!statusList || typeof statusList !== "object" || Array.isArray(statusList)) return;
+	const parsedStatusList = statusList;
+	if (typeof parsedStatusList.idx !== "number" || !Number.isInteger(parsedStatusList.idx) || parsedStatusList.idx < 0 || typeof parsedStatusList.uri !== "string" || parsedStatusList.uri.length === 0) return;
+	return { status_list: {
+		idx: parsedStatusList.idx,
+		uri: parsedStatusList.uri
+	} };
+}
+function parseStatusListTokenPayload(payload) {
+	const sub = readStringClaim(payload.sub, "Status list token is missing sub");
+	const iat = readIntegerClaim(payload.iat, "Status list token is missing iat");
+	const exp = payload.exp === void 0 ? void 0 : readIntegerClaim(payload.exp, "Status list token exp must be an integer");
+	const ttl = payload.ttl === void 0 ? void 0 : readPositiveIntegerClaim(payload.ttl, "Status list token ttl must be a positive integer");
+	const statusList = readRecordClaim(payload.status_list, "Status list token is missing status_list");
+	return {
+		sub,
+		iat,
+		exp,
+		ttl,
+		status_list: {
+			bits: readStatusListBits(statusList.bits),
+			lst: readStringClaim(statusList.lst, "Status list token is missing lst"),
+			aggregation_uri: statusList.aggregation_uri === void 0 ? void 0 : readStringClaim(statusList.aggregation_uri, "Status list aggregation_uri must be a string")
+		}
+	};
+}
+function readStatusValue(lst, bits, idx) {
+	let bytes;
+	try {
+		bytes = inflateSync(Buffer.from(lst, "base64url"));
+	} catch {
+		throw new WalletError("Failed to decode status list payload");
+	}
+	const bitOffset = idx * bits;
+	const byteIndex = Math.floor(bitOffset / 8);
+	const intraByteOffset = bitOffset % 8;
+	const selectedByte = bytes[byteIndex];
+	if (selectedByte === void 0) throw new WalletError(`Status list index ${idx} is out of bounds`);
+	return selectedByte >> intraByteOffset & (1 << bits) - 1;
+}
+function readStatusListBits(value) {
+	if (value === 1 || value === 2 || value === 4 || value === 8) return value;
+	throw new WalletError("Status list bits must be one of 1, 2, 4, or 8");
+}
+function readIntegerClaim(value, message) {
+	if (typeof value !== "number" || !Number.isInteger(value)) throw new WalletError(message);
+	return value;
+}
+function readPositiveIntegerClaim(value, message) {
+	const parsed = readIntegerClaim(value, message);
+	if (parsed <= 0) throw new WalletError(message);
+	return parsed;
+}
+function labelForTokenStatus(value) {
+	if (value === 0) return "VALID";
+	if (value === 1) return "INVALID";
+	if (value === 2) return "SUSPENDED";
+	if (value === 3 || value >= 12 && value <= 15) return "APPLICATION_SPECIFIC";
+	return "UNASSIGNED";
+}
+async function resolveIssuerVerificationKey(issuer, kid, alg) {
+	if ("jwk" in issuer) return importPublicKey(issuer.jwk, alg ?? "ES256");
+	const selected = kid ? issuer.jwks.keys.find((candidate) => candidate.kid === kid) : issuer.jwks.keys.length === 1 ? issuer.jwks.keys[0] : void 0;
+	if (!selected) throw new WalletError("Unable to resolve issuer verification key from supplied metadata");
+	return importPublicKey(selected, alg ?? "ES256");
+}
+function assertSupportedDcqlQuery(query) {
+	for (const credentialQuery of query.credentials) {
+		if (credentialQuery.format !== "dc+sd-jwt") throw new WalletError(`Unsupported credential format: ${credentialQuery.format}`);
+		if (credentialQuery.multiple) throw new WalletError("multiple=true is unsupported in the demo wallet");
+		if (credentialQuery.claim_sets) throw new WalletError("claim_sets are unsupported in the demo wallet");
+		if (credentialQuery.trusted_authorities) throw new WalletError("trusted_authorities are unsupported in the demo wallet");
+		if (credentialQuery.meta && Object.keys(credentialQuery.meta).some((key) => key !== "vct_values")) throw new WalletError("Only meta.vct_values is supported for dc+sd-jwt queries");
+		for (const claim of credentialQuery.claims ?? []) {
+			if (claim.values) throw new WalletError("Claim value filters are unsupported in the demo wallet");
+			for (const segment of claim.path ?? []) if (typeof segment !== "string") throw new WalletError("Only string claim path segments are supported in the demo wallet");
+		}
+	}
+}
+function stripReservedClaims(claims) {
+	return Object.fromEntries(Object.entries(claims).filter(([key]) => !RESERVED_TOP_LEVEL_CLAIMS.has(key)));
+}
+function readStringClaim(value, message) {
+	if (typeof value !== "string" || value.length === 0) throw new WalletError(message);
+	return value;
+}
+function readRecordClaim(value, message) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) throw new WalletError(message);
+	return value;
+}
+function claimPathsToPresentationFrame(paths) {
+	const frame = {};
+	for (const path of paths) {
+		let cursor = frame;
+		for (const [index, segment] of path.entries()) {
+			if (typeof segment !== "string") throw new WalletError("Only string claim path segments are supported in presentation frames");
+			if (index === path.length - 1) {
+				cursor[segment] = true;
+				continue;
+			}
+			const next = cursor[segment];
+			if (!next || typeof next !== "object" || Array.isArray(next)) cursor[segment] = {};
+			cursor = cursor[segment];
+		}
+	}
+	return frame;
+}
+//#endregion
+//#region src/openid4vci.ts
+const PRE_AUTHORIZED_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:pre-authorized_code";
+const OPENID_CREDENTIAL_OFFER_WELL_KNOWN = "/.well-known/openid-credential-issuer";
+const jwkSchema = z.object({
+	kty: z.string().min(1),
+	kid: z.string().min(1).optional(),
+	alg: z.string().min(1).optional(),
+	crv: z.string().min(1).optional(),
+	x: z.string().min(1).optional(),
+	y: z.string().min(1).optional(),
+	d: z.string().min(1).optional(),
+	n: z.string().min(1).optional(),
+	e: z.string().min(1).optional(),
+	x5c: z.array(z.string().min(1)).optional()
+}).catchall(z.unknown());
+const credentialOfferSchema = z.object({
+	credential_issuer: z.string().url(),
+	credential_configuration_ids: z.array(z.string().min(1)).length(1),
+	grants: z.object({ [PRE_AUTHORIZED_GRANT_TYPE]: z.object({
+		"pre-authorized_code": z.string().min(1),
+		tx_code: z.never().optional()
+	}) })
+});
+const credentialOfferReferenceSchema = z.object({ credential_offer_uri: z.string().url() });
+const issuerMetadataSchema = z.object({
+	credential_issuer: z.string().url(),
+	token_endpoint: z.string().url(),
+	credential_endpoint: z.string().url(),
+	nonce_endpoint: z.string().url().optional(),
+	jwks: z.object({ keys: z.array(jwkSchema).min(1) }),
+	credential_configurations_supported: z.record(z.string(), z.object({
+		format: z.literal("dc+sd-jwt"),
+		vct: z.string().min(1),
+		scope: z.string().min(1),
+		proof_types_supported: z.object({ jwt: z.object({ proof_signing_alg_values_supported: z.array(z.string().min(1)).min(1) }) }),
+		credential_signing_alg_values_supported: z.array(z.string().min(1)).min(1)
+	}))
+});
+const tokenResponseSchema = z.object({
+	access_token: z.string().min(1),
+	token_type: z.literal("Bearer"),
+	expires_in: z.number().int().positive(),
+	credential_configuration_id: z.string().min(1),
+	c_nonce: z.string().min(1).optional(),
+	c_nonce_expires_in: z.number().int().positive().optional()
+});
+const nonceResponseSchema = z.object({
+	c_nonce: z.string().min(1),
+	c_nonce_expires_in: z.number().int().positive()
+});
+const credentialResponseSchema = z.object({
+	format: z.literal("dc+sd-jwt"),
+	credential: z.string().min(1),
+	c_nonce: z.string().min(1).optional(),
+	c_nonce_expires_in: z.number().int().positive().optional()
+});
+function parseCredentialOffer(input) {
+	if (typeof input === "string") {
+		const trimmed = input.trim();
+		if (trimmed.startsWith("openid-credential-offer://")) return parseCredentialOfferUri(trimmed);
+		try {
+			return credentialOfferSchema.parse(JSON.parse(trimmed));
+		} catch (error) {
+			if (error instanceof z.ZodError) throw new WalletError("Unsupported credential offer input");
+			throw new WalletError("Credential offer JSON must be valid JSON");
+		}
+	}
+	try {
+		return credentialOfferSchema.parse(input);
+	} catch {
+		throw new WalletError("Unsupported credential offer input");
+	}
+}
+async function fetchIssuerMetadata(credentialIssuer, options) {
+	const json = await parseJsonResponse(await (options?.fetch ?? fetch)(getCredentialIssuerMetadataUrl(credentialIssuer), { headers: { accept: "application/json" } }), "issuer metadata");
+	const metadata = issuerMetadataSchema.parse(json);
+	if (metadata.credential_issuer !== credentialIssuer) throw new WalletError("Issuer metadata credential_issuer mismatch");
+	return metadata;
+}
+async function receiveCredentialFromOffer(wallet, offerInput, options) {
+	const doFetch = options?.fetch ?? fetch;
+	const offer = await resolveCredentialOffer(offerInput, doFetch);
+	const metadata = await fetchIssuerMetadata(offer.credential_issuer, { fetch: doFetch });
+	const credentialConfigurationId = offer.credential_configuration_ids[0];
+	if (!credentialConfigurationId) throw new WalletError("Credential offer must contain one credential configuration");
+	const configuration = metadata.credential_configurations_supported[credentialConfigurationId];
+	if (!configuration) throw new WalletError(`Issuer metadata does not support ${credentialConfigurationId}`);
+	if (!configuration.proof_types_supported.jwt) throw new WalletError("Issuer does not support jwt proofs");
+	const tokenResponse = await exchangePreAuthorizedCode(metadata.token_endpoint, offer.grants[PRE_AUTHORIZED_GRANT_TYPE]["pre-authorized_code"], doFetch);
+	const nonce = tokenResponse.c_nonce ?? (await fetchNonce(metadata.nonce_endpoint, doFetch)).c_nonce;
+	const holderKey = await wallet.getOrCreateHolderKey();
+	const proofJwt = await createOpenId4VciProofJwt({
+		holderPrivateJwk: holderKey.privateJwk,
+		holderPublicJwk: holderKey.publicJwk,
+		aud: metadata.credential_issuer,
+		nonce,
+		alg: holderKey.algorithm
+	});
+	if (!configuration.proof_types_supported.jwt.proof_signing_alg_values_supported.includes(holderKey.algorithm)) throw new WalletError(`Issuer does not support holder proof algorithm ${holderKey.algorithm}`);
+	const credentialResponse = await requestCredential(metadata.credential_endpoint, tokenResponse.access_token, {
+		format: "dc+sd-jwt",
+		credential_configuration_id: credentialConfigurationId,
+		proofs: { jwt: [{
+			proof_type: "jwt",
+			jwt: proofJwt
+		}] }
+	}, doFetch);
+	return wallet.importCredential({
+		credential: credentialResponse.credential,
+		issuer: {
+			issuer: metadata.credential_issuer,
+			jwks: metadata.jwks
+		}
+	});
+}
+async function resolveCredentialOffer(input, doFetch) {
+	if (typeof input === "string") {
+		const trimmed = input.trim();
+		if (trimmed.startsWith("openid-credential-offer://")) {
+			const parsed = parseCredentialOfferUriOrReference(trimmed);
+			if ("credential_offer_uri" in parsed) return fetchCredentialOffer(parsed.credential_offer_uri, doFetch);
+			return parsed;
+		}
+	}
+	return parseCredentialOffer(input);
+}
+function parseCredentialOfferUri(input) {
+	const parsed = parseCredentialOfferUriOrReference(input);
+	if ("credential_offer_uri" in parsed) throw new WalletError("Credential offer URI references a remote offer; fetch it via receiveCredentialFromOffer");
+	return parsed;
+}
+function parseCredentialOfferUriOrReference(input) {
+	let url;
+	try {
+		url = new URL(input);
+	} catch {
+		throw new WalletError("Invalid credential offer URI");
+	}
+	if (url.protocol !== "openid-credential-offer:") throw new WalletError("Credential offer URI must use the openid-credential-offer:// scheme");
+	const offerUri = getSingleSearchParam$1(url, "credential_offer_uri");
+	if (offerUri) try {
+		return credentialOfferReferenceSchema.parse({ credential_offer_uri: offerUri });
+	} catch {
+		throw new WalletError("Credential offer URI contains an invalid credential_offer_uri");
+	}
+	const encodedOffer = getSingleSearchParam$1(url, "credential_offer");
+	if (!encodedOffer) throw new WalletError("Credential offer URI is missing credential_offer");
+	try {
+		return credentialOfferSchema.parse(JSON.parse(encodedOffer));
+	} catch {
+		throw new WalletError("Credential offer URI contains invalid credential_offer JSON");
+	}
+}
+async function fetchCredentialOffer(endpoint, doFetch) {
+	const json = await parseJsonResponse(await doFetch(endpoint, { headers: { accept: "application/json" } }), "credential offer");
+	return credentialOfferSchema.parse(json);
+}
+function getCredentialIssuerMetadataUrl(credentialIssuer) {
+	const issuerUrl = new URL(credentialIssuer);
+	const issuerPath = issuerUrl.pathname === "/" ? "" : issuerUrl.pathname;
+	return new URL(`${OPENID_CREDENTIAL_OFFER_WELL_KNOWN}${issuerPath}`, issuerUrl.origin).toString();
+}
+async function exchangePreAuthorizedCode(endpoint, preAuthorizedCode, doFetch) {
+	const response = await doFetch(endpoint, {
+		method: "POST",
+		headers: {
+			accept: "application/json",
+			"content-type": "application/x-www-form-urlencoded"
+		},
+		body: new URLSearchParams({
+			grant_type: PRE_AUTHORIZED_GRANT_TYPE,
+			"pre-authorized_code": preAuthorizedCode
+		})
+	});
+	return tokenResponseSchema.parse(await parseJsonResponse(response, "token exchange"));
+}
+async function fetchNonce(endpoint, doFetch) {
+	if (!endpoint) throw new WalletError("Issuer metadata is missing nonce_endpoint");
+	const response = await doFetch(endpoint, {
+		method: "POST",
+		headers: { accept: "application/json" }
+	});
+	return nonceResponseSchema.parse(await parseJsonResponse(response, "nonce"));
+}
+async function requestCredential(endpoint, accessToken, body, doFetch) {
+	const response = await doFetch(endpoint, {
+		method: "POST",
+		headers: {
+			accept: "application/json",
+			authorization: `Bearer ${accessToken}`,
+			"content-type": "application/json"
+		},
+		body: JSON.stringify(body)
+	});
+	return credentialResponseSchema.parse(await parseJsonResponse(response, "credential request"));
+}
+async function parseJsonResponse(response, label) {
+	let payload;
+	try {
+		payload = await response.json();
+	} catch {
+		throw new WalletError(`Failed to parse ${label} response`);
+	}
+	if (!response.ok) {
+		const message = payload && typeof payload === "object" && !Array.isArray(payload) ? payload.error_description ?? payload.error : void 0;
+		throw new WalletError(`${label} failed with status ${response.status}${typeof message === "string" ? `: ${message}` : ""}`);
+	}
+	return payload;
+}
+function getSingleSearchParam$1(url, key) {
+	const values = url.searchParams.getAll(key);
+	if (values.length === 0) return;
+	if (values.length > 1) throw new WalletError(`Credential offer URI must include only one ${key}`);
+	return values[0] || void 0;
+}
+//#endregion
+//#region src/openid4vp.ts
+const openid4vpAuthorizationUrlSchema = z.string().min(1);
+const requestObjectHeaderSchema = z.object({ typ: z.literal("oauth-authz-req+jwt") });
+const requestObjectClaimsSchema = z.object({
+	client_id: z.string().min(1).optional(),
+	nonce: z.string().min(1).optional(),
+	state: z.string().min(1).optional(),
+	response_type: z.literal("vp_token").optional(),
+	response_mode: z.string().min(1).optional(),
+	response_uri: z.string().min(1).optional(),
+	client_metadata: z.unknown().optional(),
+	dcql_query: z.unknown().optional(),
+	scope: z.unknown().optional(),
+	presentation_definition: z.unknown().optional()
+}).passthrough();
+const openId4VpRawRequestSchema = z.object({
+	client_id: z.string().min(1).optional(),
+	nonce: z.string().min(1).optional(),
+	state: z.string().min(1).optional(),
+	response_type: z.literal("vp_token").optional(),
+	response_mode: z.string().optional(),
+	response_uri: z.string().min(1).optional(),
+	client_metadata: z.unknown().optional(),
+	dcql_query: z.unknown().optional(),
+	request: z.string().min(1).optional(),
+	request_uri: z.string().min(1).optional(),
+	request_uri_method: z.string().optional(),
+	scope: z.unknown().optional(),
+	presentation_definition: z.unknown().optional()
+}).passthrough().superRefine((value, ctx) => {
+	if (value.request && value.request_uri) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "Use only one of request or request_uri",
+		path: ["request"]
+	});
+	if (value.request_uri_method && !value.request_uri) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "request_uri_method requires request_uri",
+		path: ["request_uri_method"]
+	});
+	if ((value.request || value.request_uri) && value.dcql_query !== void 0) ctx.addIssue({
+		code: z.ZodIssueCode.custom,
+		message: "Inline dcql_query cannot be combined with request or request_uri",
+		path: ["dcql_query"]
+	});
+});
+async function parseOpenid4VpAuthorizationUrl(input) {
+	const value = openid4vpAuthorizationUrlSchema.parse(input).trim();
+	let url;
+	try {
+		url = new URL(value);
+	} catch {
+		throw new WalletError("Invalid openid4vp authorization URL");
+	}
+	if (url.protocol !== "openid4vp:") throw new WalletError("Authorization URL must use the openid4vp:// scheme");
+	return resolveOpenId4VpRequest({
+		client_id: getSingleSearchParam(url, "client_id"),
+		nonce: getOptionalSingleSearchParam(url, "nonce"),
+		state: getOptionalSingleSearchParam(url, "state"),
+		response_type: getOptionalSingleSearchParam(url, "response_type"),
+		response_mode: getOptionalSingleSearchParam(url, "response_mode"),
+		response_uri: getOptionalSingleSearchParam(url, "response_uri"),
+		client_metadata: parseJsonParam(getOptionalSingleSearchParam(url, "client_metadata"), "client_metadata"),
+		dcql_query: parseDcqlQueryParam(getOptionalSingleSearchParam(url, "dcql_query")),
+		request: getOptionalSingleSearchParam(url, "request"),
+		request_uri: getOptionalSingleSearchParam(url, "request_uri"),
+		request_uri_method: getOptionalSingleSearchParam(url, "request_uri_method"),
+		scope: getOptionalSingleSearchParam(url, "scope"),
+		presentation_definition: getOptionalSingleSearchParam(url, "presentation_definition")
+	});
+}
+async function resolveOpenId4VpRequest(input) {
+	const request = openId4VpRawRequestSchema.parse(input);
+	const requestUriMethod = request.request_uri_method;
+	if (requestUriMethod !== void 0 && requestUriMethod !== "get" && requestUriMethod !== "post") throw new WalletError("invalid_request_uri_method");
+	const requestObject = request.request_uri ? await fetchRequestObject(request.request_uri, request.client_id) : request.request ? parseRequestObject(request.request) : void 0;
+	return OpenId4VpRequestSchema.parse({
+		client_id: request.client_id ?? requestObject?.client_id,
+		nonce: request.nonce ?? requestObject?.nonce,
+		state: request.state ?? requestObject?.state,
+		response_type: request.response_type ?? requestObject?.response_type,
+		response_mode: request.response_mode ?? requestObject?.response_mode,
+		response_uri: request.response_uri ?? requestObject?.response_uri,
+		client_metadata: parseClientMetadata(request.client_metadata ?? requestObject?.client_metadata),
+		dcql_query: request.dcql_query ?? requestObject?.dcql_query,
+		scope: request.scope ?? requestObject?.scope,
+		presentation_definition: request.presentation_definition ?? requestObject?.presentation_definition
+	});
+}
+function createOpenId4VpAuthorizationResponse(request, presentation) {
+	const parsedRequest = OpenId4VpRequestSchema.parse(request);
+	return {
+		vp_token: presentation.vpToken,
+		state: parsedRequest.state
+	};
+}
+async function submitOpenId4VpAuthorizationResponse(request, response) {
+	const parsedRequest = OpenId4VpRequestSchema.parse(request);
+	if (!parsedRequest.response_mode) throw new WalletError("response_mode is required for submission");
+	const responseUrl = parseHttpsUrl(parsedRequest.response_uri, "response_uri must use https");
+	const body = parsedRequest.response_mode === "direct_post" ? createDirectPostBody(response) : await createDirectPostJwtBody(parsedRequest, response);
+	let fetchResponse;
+	try {
+		fetchResponse = await fetch(responseUrl, {
+			method: "POST",
+			headers: { "content-type": "application/x-www-form-urlencoded" },
+			body
+		});
+	} catch {
+		throw new WalletError("Failed to submit authorization response");
+	}
+	const parsedBody = await parseSubmissionBody(fetchResponse);
+	const redirectUri = readRedirectUri(parsedBody);
+	return {
+		responseMode: parsedRequest.response_mode,
+		responseUri: responseUrl.toString(),
+		status: fetchResponse.status,
+		body: parsedBody,
+		redirectUri
+	};
+}
+async function fetchRequestObject(requestUri, clientId) {
+	let url;
+	try {
+		url = new URL(requestUri);
+	} catch {
+		throw new WalletError("request_uri must be a valid URL");
+	}
+	if (url.protocol !== "https:") throw new WalletError("request_uri must use https");
+	assertRequestUriMatchesClientId(url, clientId);
+	let response;
+	try {
+		response = await fetch(url, { headers: { accept: "application/oauth-authz-req+jwt" } });
+	} catch {
+		throw new WalletError("Failed to fetch request_uri");
+	}
+	if (!response.ok) throw new WalletError(`request_uri fetch failed with status ${response.status}`);
+	if (!(response.headers.get("content-type")?.toLowerCase())?.startsWith("application/oauth-authz-req+jwt")) throw new WalletError("request_uri response must use content-type application/oauth-authz-req+jwt");
+	return parseRequestObject(await response.text());
+}
+function parseRequestObject(compactJwt) {
+	const value = z.string().min(1).parse(compactJwt).trim();
+	if (value.split(".").length !== 3) throw new WalletError("Only compact JWS request objects are supported in the demo wallet");
+	try {
+		requestObjectHeaderSchema.parse(decodeProtectedHeader(value));
+		return requestObjectClaimsSchema.parse(decodeJwt(value));
+	} catch {
+		throw new WalletError("Request object must be a valid JWT with typ=oauth-authz-req+jwt");
+	}
+}
+function parseDcqlQueryParam(value) {
+	if (value === void 0) return;
+	try {
+		return JSON.parse(value);
+	} catch {
+		throw new WalletError("dcql_query must be valid JSON in the openid4vp:// URL");
+	}
+}
+function parseJsonParam(value, label) {
+	if (value === void 0) return;
+	try {
+		return JSON.parse(value);
+	} catch {
+		throw new WalletError(`${label} must be valid JSON in the openid4vp:// URL`);
+	}
+}
+function parseClientMetadata(value) {
+	if (value === void 0) return;
+	return z.object({
+		jwks: z.object({ keys: z.array(z.record(z.string(), z.unknown())).min(1) }).optional(),
+		encrypted_response_enc_values_supported: z.array(z.string().min(1)).min(1).optional(),
+		vp_formats_supported: z.unknown().optional()
+	}).passthrough().parse(value);
+}
+function parseHttpsUrl(value, errorMessage) {
+	if (!value) throw new WalletError(errorMessage);
+	let url;
+	try {
+		url = new URL(value);
+	} catch {
+		throw new WalletError(errorMessage);
+	}
+	if (url.protocol !== "https:") throw new WalletError(errorMessage);
+	return url;
+}
+function createDirectPostBody(response) {
+	const body = new URLSearchParams({ vp_token: response.vp_token });
+	if (response.state) body.set("state", response.state);
+	return body;
+}
+async function createDirectPostJwtBody(request, response) {
+	const jwt = await encryptAuthorizationResponse(request, response);
+	return new URLSearchParams({ response: jwt });
+}
+async function encryptAuthorizationResponse(request, response) {
+	const parsedRequest = OpenId4VpRequestSchema.parse(request);
+	const jwk = parsedRequest.client_metadata?.jwks?.keys[0];
+	if (!jwk) throw new WalletError("direct_post.jwt requires client_metadata.jwks with one encryption key");
+	const alg = resolveJweAlg(jwk);
+	const enc = parsedRequest.client_metadata?.encrypted_response_enc_values_supported?.[0] ?? "A128GCM";
+	return new EncryptJWT(response).setProtectedHeader({
+		alg,
+		enc,
+		typ: "oauth-authz-resp+jwt"
+	}).setAudience(parsedRequest.client_id).setIssuedAt().encrypt(await importEncryptionKey(jwk, alg));
+}
+async function importEncryptionKey(jwk, alg) {
+	return importJWK(jwk, alg);
+}
+function resolveJweAlg(jwk) {
+	if (typeof jwk.alg === "string" && jwk.alg.length > 0) return jwk.alg;
+	if (jwk.kty === "RSA") return "RSA-OAEP-256";
+	if (jwk.kty === "EC" || jwk.kty === "OKP") return "ECDH-ES";
+	throw new WalletError("Unsupported verifier encryption key");
+}
+async function parseSubmissionBody(response) {
+	const contentType = response.headers.get("content-type")?.toLowerCase() ?? "";
+	const body = await response.text();
+	if (body.length === 0) return;
+	if (contentType.startsWith("application/json")) return JSON.parse(body);
+	return body;
+}
+function readRedirectUri(body) {
+	if (!body || typeof body !== "object" || Array.isArray(body)) return;
+	const value = body.redirect_uri;
+	return typeof value === "string" && value.length > 0 ? value : void 0;
+}
+function assertRequestUriMatchesClientId(url, clientId) {
+	const clientIdHostname = getClientIdHostname(clientId);
+	if (!clientIdHostname) return;
+	if (url.hostname !== clientIdHostname) throw new WalletError("request_uri hostname must match client_id hostname");
+}
+function getClientIdHostname(clientId) {
+	if (!clientId) return;
+	try {
+		return new URL(clientId).hostname;
+	} catch {}
+	if (clientId.startsWith("x509_san_dns:")) return clientId.slice(13) || void 0;
+	const separator = clientId.indexOf(":");
+	if (separator > 0) try {
+		return new URL(clientId.slice(separator + 1)).hostname;
+	} catch {
+		return;
+	}
+}
+function getSingleSearchParam(url, key) {
+	const values = url.searchParams.getAll(key);
+	if (values.length === 0 || values[0]?.length === 0) throw new WalletError(`Authorization URL is missing ${key}`);
+	if (values.length > 1) throw new WalletError(`Authorization URL must include only one ${key}`);
+	return values[0];
+}
+function getOptionalSingleSearchParam(url, key) {
+	const values = url.searchParams.getAll(key);
+	if (values.length === 0) return;
+	if (values.length > 1) throw new WalletError(`Authorization URL must include only one ${key}`);
+	return values[0] || void 0;
+}
+//#endregion
+//#region src/storage.ts
+var InMemoryWalletStorage = class {
+	holderKey = null;
+	credentials = /* @__PURE__ */ new Map();
+	async getHolderKey() {
+		return this.holderKey ? HolderKeyRecordSchema.parse(this.holderKey) : null;
+	}
+	async setHolderKey(record) {
+		this.holderKey = HolderKeyRecordSchema.parse(record);
+	}
+	async listCredentials() {
+		return [...this.credentials.values()].map((record) => StoredCredentialRecordSchema.parse(record));
+	}
+	async getCredential(id) {
+		const record = this.credentials.get(id);
+		return record ? StoredCredentialRecordSchema.parse(record) : null;
+	}
+	async setCredential(record) {
+		const parsed = StoredCredentialRecordSchema.parse(record);
+		this.credentials.set(parsed.id, parsed);
+	}
+};
+//#endregion
+export { CredentialStatusListReferenceSchema, CredentialStatusSchema, HOLDER_KEY_ALG, HolderKeyRecordSchema, ImportCredentialInputSchema, InMemoryWalletStorage, IssuerJwkSchema, IssuerJwksSchema, IssuerKeyMaterialSchema, JwkSchema, OpenId4VpRequestSchema, ResponseModeSchema, SD_JWT_HASH_ALG, StoredCredentialRecordSchema, VerifierClientMetadataSchema, Wallet, WalletConfigSchema, WalletError, createHolderKeyRecord, createKbJwt, createOpenId4VciProofJwt, createOpenId4VpAuthorizationResponse, fetchIssuerMetadata, getJwkThumbprint, importPrivateKey, importPublicKey, issueDemoCredential, parseCredentialOffer, parseOpenid4VpAuthorizationUrl, receiveCredentialFromOffer, resolveOpenId4VpRequest, sdJwtHasher, sha256Base64Url, submitOpenId4VpAuthorizationResponse };