JSON-LD Signature Support #525
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## next #525 +/- ##
===========================================
+ Coverage 67.58% 78.78% +11.20%
===========================================
Files 62 100 +38
Lines 1530 3111 +1581
Branches 247 567 +320
===========================================
+ Hits 1034 2451 +1417
- Misses 400 658 +258
+ Partials 96 2 -94 |
|
relates to #375 |
rado0x54
added
awaiting-approval
rado0x54
requested review from
simonas-notcat,
mirceanis and
awoie
and removed request for
simonas-notcat
|
mirceanis
force-pushed
the
feature/273-json-ld
branch
3 times, most recently
from
aa9909e to
0fededc
Compare
|
Does anybody know what the state of this ticket is? Given we want to be working with veramo but are also mostly using json-ld based credentials, this ticket is very much of interest to us. Is there anything we can do to help/expedite this? Also @mirceanis in the last commit 0fededc you removed ed25519 support. Do you happen to remember the reason for it? |
|
@nklomp I'm working on adding this feature. The JSON-LD landscape is incredibly fragile and I'm trying to add support for it in a way that it is optional to use in case of further conflicts. |
|
@mirceanis Happy to hear that. As mentioned we are happy to help out wherever we can, because we do believe that once this is implemented in Veramo, it can basically become the goto solution for verifiable data no matter what type of VCs you are using |
It would be helpful to know which signature suites/verification methods are most commonly used so that I can prioritize them. Each implementation has some quirks that need to be ironed out for them to come together in the same framework. |
|
@mirceanis Sorry totally overlooked you asked a question. What we are seeing and what is also my assumption is that most json-ld implementation are using ed25519 keys and then specifically Ed25519Signature2018 and these days Ed25519Signature2020 signature suites and verification methods, because of the blockchain heritage of a lot of DID methods. The latter version basically is a representation of the key in multibase format, so for ed25519 it is prefixing the proofValue of the verification method with the character 'z'. Ed25519Signature2020: https://w3c-ccg.github.io/lds-ed25519-2020/ The next interesting implementation is the ecdsa suites and verification methods, because of hardware support in mobile devices (as RSA), but they are less widely used in json-ld than ed25519 TTBOMK |
mirceanis
force-pushed
the
feature/273-json-ld
branch
3 times, most recently
from
6f47d5f to
ff1c405
Compare
…k1RecoveryMethod2020
mirceanis
force-pushed
the
feature/273-json-ld
branch
from
55e7aa1 to
0050022
Compare
simonas-notcat
approved these changes
Nov 24, 2021
|
Great work, thank you! |
|
You can already use this from npm if you install all your veramo dependencies from the This is not yet in the I'm working to fix these issues and unblock the release as well. Stay tuned. |
Merged
mirceanis
added a commit
that referenced
this pull request
Sep 22, 2022
* chore(deps): update dependency openapi-types to v9.3.1 * fix(deps): update all non-major dependencies * fix(deps): update dependency express-handlebars to v6 * chore(deps): update devdeps * fix(deps): update dependency typeorm to v0.2.41 * fix(deps): update dependency did-jwt to v5.12.0 * JSON-LD Signature Support (#525) * feat(utils): add `@veramo/utils` package * feat(core): add common type definitions for credentials and presentations * feat(credential-ld) add `@veramo/credential-ld` packages * feat(credential-ld): added EcdsaSecp256k1RecoverySignature2020 and Ed25519Signature2018 credential signature and verification. * feat(credential-ld): added presentation creation and verification. * fix(credential-w3c): delegate `lds` proof types to `@veramo/credential-ld` if available. * fix(data-store): fixed save operation for LD credentials * feat(did-provider-key): fixed did:key dependencies, supporting only ed25519 x25519 and secp256k1 for now. * feat(credential-ld): included credential context from transmute library * refactor(credential-ld): simplify `CredentialIssuerLD` plugin initialization API * feat(credential-ld): proper mapping from local database keys to DID document verificationMethods * feat(cli): update default config to use `CredentialIssuerLD` module * feat(credential-w3c): autoselect presentation audience if it's a managed DID, for verification * feat(cli): add CLI methods to verify credentials and presentations Co-authored-by: Simonas Karuzas <simonas@not.cat> Co-authored-by: Mircea Nistor <mirceanis@gmail.com> fixes #273 fixes #756 relates to #586 relates to #588 * fix(credential-ld): include LDDefaultContexts in npm bundle * fix(credential-ld): include credential context and fix context loader Map * fix(deps): update dependency did-jwt-vc to v2.1.8 * chore(deps): update devdeps * feat(credential-ld): add option to fetch remote contexts This pattern is not recommended, but useful sometimes for debugging. This is a foot-gun. * docs: link to social (#764) * docs: update badges * fix(deps): update builders-and-testers * fix(remote-server): api-key-auth (#772) fixes #771 * fix(remote-server): web-did-doc-router options (#777) * fix(deps): update builders-and-testers * docs: rewrite readme and fix links fixes #785 * chore(deps): update dependency openapi-types to v10 * fix(deps): update dependency openapi-types to v10 * fix: fix inquirer prompt for subject DID during SDR fixes #790 * fix(deps): update builders-and-testers * fix(deps): update builders-and-testers * fix(deps): update dependency @ethersproject/random to v5.5.1 * fix(did-resolver): use interface `Resolvable` instead of the `Resolver` class and update dependencies * fix(deps): update dependency dotenv to v12 * chore(deps): update dependency ts-jest to v27.1.3 * chore: upgrade ethr-did-resolver * chore(deps): update devdeps * chore(deps): update dependency semantic-release to v19 * fix(deps): update dependency dotenv to v14 * chore(deps): update devdeps * fix(deps): update dependency commander to v9 * fix(key-manager): add missing uuid dependency (#807) * chore(deps): fix lockfile * test: add headless browser testing (#809) * version added, test:browser script added. * github workflows updated * fix(deps): pin dependencies * fix(deps): update did-libraries * chore(deps): pin dependencies * fix(deps): pin dependency typescript to 4.5.5 * fix(deps): update dependency dotenv to v16 * chore(deps): update devdeps * fix(deps): update all non-major dependencies * fix(deps): update dependency inquirer-autocomplete-prompt to v2 * chore(deps): update devdeps * fix(deps): update all non-major dependencies * chore(deps): update actions/setup-node action to v3 * fix(deps): update all non-major dependencies * chore(deps): update devdeps * feat(date-store-json): add JSON object storage implementation (#819) * feat(data-store-json): add JSON backed storage option * feat(data-store-json): add private-key-store * feat(data-store-json): use the same JSON object backend for all the data stores * feat(data-store-json): simplify JSON store APIs convert integration test to use a plain file as the backend for the JSON storage. * test(browser): use data-store-json in browser tests and unlock more test scenarios * test(browser): link local packages during browser tests * feat(core): define IDataStoreORM interface at the `@veramo/core` level * docs(core): add some inline documentation for the `IDataStoreORM` plugin interface. * docs(data-store-json): add some inline documentation for types defined in data-store-json * chore: commit updated schemas * chore(deps): pin dependencies * fix(deps): pin dependencies * chore(deps): update actions/checkout action to v3 * fix(deps): update builders-and-testers * feat: add key type definitions: 'Bls12381G1Key2020' and 'Bls12381G2Key2020' (#839) * Add key types: 'Bls12381G1Key2020' and 'Bls12381G2Key2020' Co-authored-by: Ilie Circiumaru <ici@zurich.ibm.com> * fix(deps): update dependency typescript to v4.6.3 * chore(deps): update devdeps * feat(utils): add 2 utility functions for inspecting ethr dids (#842) * feat(utils): Add 2 utility functions for inspecting ethr dids * chore: regenerate plugin schemas (#843) * chore: Regenerate did-comm plugin schema (#844) Co-authored-by: Nick Reynolds * fix(deps): update did-libraries * fix(deps): update builders-and-testers * chore(deps): update actions/cache action to v3 * chore(deps): update dependency ts-json-schema-generator to v1 * fix(deps): update dependency @types/react-dom to v18 * fix(deps): update dependency ts-json-schema-generator to v1 * fix(deps): update dependency web-did-resolver to v2.0.15 * chore(deps): update devdeps * fix(deps): update builders-and-testers * fix(data-store-json): structuredClone * fix(core): plugin schema * chore(deps): update devdeps * fix(deps): update builders-and-testers * fix(deps): update dependency web-did-resolver to v2.0.16 * chore(deps): update node.js to v18 * chore(deps): update devdeps * fix(deps): update dependency typescript to v4.6.4 * fix(deps): update dependency openapi-types to v11 * fix(deps): update dependency yaml to v2 * chore(deps): update devdeps * fix(deps): update dependency @microsoft/api-extractor to v7.23.1 * feat(credential-status): add credential status check plugin for Veramo (#874) * feat: add credential status plugin * chore: fixes according the feedback * chore: bump 'credential-status' dependency version * chore: update plugin's schema * fix(deps): update dependency @types/react to v18 * chore(deps): update devdeps * fix(data-store-json): structuredClone (#885) Fixes #857 * feat(did-provider-ethr): Using meta account * fix(credential-w3c): forward domain and challenge args to createVerifiablePresentationJwt (#887) * feat: create DIDComm JWE with multiple recipients (#888) * fix(deps): update dependency @ungap/structured-clone to v1 * fix(deps): update react monorepo to v18 * fix(credential-ld): remove fs dependency for JSON LD default contexts (#868) * remove fs dependency for JSON LD default contexts * add contexts/*.json files in the build output fixes #837 * feat: add partial match for dids and aliases in did discovery provider for data store * fix (deps) : update dependency typeorm to v0.3.6 (#901) Co-authored-by: ludovic duranteau <ludovic.duranteau@signaturelnd.com> * feat(cli): add choices when selecting credential Subject in CLI (#898) * Add choices when selecting credential Subject in CLI * Change from list input type to autocomplete * Remove validation when choosing subject DID * fix(deps): update all non-major dependencies * chore(deps): update devdeps * feat: update did-discover-provider to search by DID likeness in addition to name * chore: fix didDiscovery error test * chore(build): rename jest config file (#908) * fix(credential-status): simplify credential-status scripts * chore: rebuild lockfile * fix(cli): fix typo in command description (#913) * fix(credential-ld): fix EcdsaSecp256k1RecoverySignature2020 suite context (#909) * feat(data-store-json): BrowserLocalStorageStore (#914) * feat: CredentialIssuerEIP712 (#899) * fix(credential-eip712): update plugin schema (#915) * feat(credential-ld): add support for browser environments (#916) * fix(credential-ld): use @digitalcredentials instead of @digitalbazaar packages for better browser compatibility * test: add test-utils package and move `fake-did-provider` there * fix(credential-ld): bump @transmute and did-resolver dependencies * fix(credential-ld): include default `@contexts` in build * test(browser): use `stream-browserify` to enable `did:key` (from the @transmute implementation) * test(browser): enable all integration test suites in the browser test * fix(data-store-json): enable `dom` lib in `tsconfig.json` * test(browser): move browser sample app to packages/ to simplify package linking * chore(deps): update all non-major dependencies * chore(deps): update devdeps * fix(cli): update default CLI config to account for renamed class (#919) BREAKING CHANGE: ProfileDiscoveryProvider has been renamed to DataStoreDiscoveryProvider in #597. Please update your config accordingly * fix: update and fix inline documentation of all exported types (#921) * fix(build): use correct cross-package imports * chore(build): split build scripts for better granularity * docs(data-store-json): fix and augment inline documentation for public exports * docs(key-manager): add missing inline docs to exported classes * docs(kms-local): update inline docs for public classes * docs(message-handler): fix JSDoc links and update plugin documentation * docs(remote-server): fix inline docs * docs(url-handler): add description to UrlMessageHandler * docs(core): update and fix inline docs for @veramo/core exports * docs(selective-disclosure): update inline docs for @veramo/selective-disclosure exports * docs(credential-w3c): update inline docs for @veramo/credential-w3c exports * docs(data-store): fix and augment inline documentation for `@veramo/data-store` exports * docs(did-discovery): update and fix inline docs for @veramo/did-discovery exports * docs(did-comm): update and fix inline docs for @veramo/did-comm exports * docs(credential-eip712): update and fix inline docs for @veramo/credential-eip712 exports * fix(credential-status): update and fix type definitions and inline docs * docs(credential-ld): update and fix inline docs * fix(deps): bump api-extractor tools * docs(did-manager): update inline docs * docs(did-provider-key): add some inline docs * docs(did-resolver): update inline docs * docs(remote-client): add inline documentation for exports * fix(build): update lockfile and autogen tests * fix(deps): update did-libraries * fix(deps): use did-jwt v6 and ethr-did-resolver v6 (#925) * fix(deps): bump did-jwt to v6 and all related deps to latest closes #923 closes #848 * chore(deps): use ganache instead of ganache-cli This speeds up testing * fix(docs): fix relevant errors and warnings in TSDoc to enable proper docs generation on `@next` branch * fix(deps): update builders-and-testers (#930) * chore(ci): adjust renovate bot schedule to reduce CI spam * chore(ci): disable automatic pinning of dependencies * chore(deps): update dependency ganache to v7.3.0 * chore(deps): update devdeps (major) (#881) * chore(deps): update devdeps * fix(build): adjust browser-tests for jest v28 * force `jsonld` to resolve to `@digitalbazaar/jsonld` * run browser tests with `NODE_OPTIONS=--experimental-vm-modules` * explicitly install some jest packages Co-authored-by: Mircea Nistor <mirceanis@gmail.com> * * fix(deps): pin resolution of @types/eslint to unblock build with conflicting versions (#928) * chore(deps): update all non-major dependencies * fix(deps): pin resolution of @types/eslint to unblock build with conflicting versions Co-authored-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: Mircea Nistor <mirceanis@gmail.com> * feat(kms-web3): add a KMS implementation backed by a web3 provider (#924) closes #688 * chore(deps): fix lockfile * fix(kms-web3): use ethers _signTypedData (#939) fixes #938 * fix(deps): Update dependency web-did-resolver to v2.0.19 * fix(deps): update dependency openapi-types to v12 * fix(deps): replace @transmute/lds-ecdsa-secp256k1-recovery2020 with fork (#953) The fork uses `@digitalcredentials` variants of the JSON-LD libraries and upgrades some other dependencies to more maintained variants closes #952 * fix(deps): Bump `did-jwt`, `did-jwt-vc` as direct package deps (#955) * chore(ci): add PR template (#958) * chore(ci): move the PR template file * chore(ci): simplify the PR template * chore(ci): clarify the PR template * fix(deps): Update dependency @digitalcredentials/vc to v4 * fix(deps): Update dependency ethr-did-resolver to v6.0.2 (#964) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(credential-status): check credential status for all credential types (#949) fixes #934 * fix(did-provider-key) : fix typo in error message for `addKey` (#967) * feat(did-provider-ethr): use multiple networks per EthrDIDProvider (#969) * feat(did-manager): allow DID providers to match multiple prefixes * feat(did-provider-ethr): support multi-network config for EthrDIDProvider fixes #968 fixes #893 * feat(kms-web3): add ability to list provider accounts as keys (#965) fixes #933 * feat(data-store): use DataSource instead of Connection (#970) fixes #947 * feat(cli): in explore, allow copy to clipboard the text of identifier or credential or presentation (#902) * feat(cli): in explore, allow user to copy to clipboard the text of identifier or credential or presentation * feat(cli): add command to output selected credential or presentation * feat(did-manager): add`didManagerUpdate` method for full DID document updates (#974) fixes #971 this is also related to #960 and #948 * chore(core): update plugin schema * fix: deprecate the `save` parameter (#975) closes #966 * chore: create authors.md (#972) This page contains a list of the awesome humans behind Veramo * docs: update Twitter badge * feat: define an interface for credential status manager (#956) partially fixes #937 relates to #981 * feat(credential-status): rename plugin interfaces and methods fixes #981 * feat(credential-status): expect revoked boolean property from StatusMethods docs: fix inline docs broken references docs(kms-web3): add docs to kms-web3 * feat(did-resolver): simplify DIDResolverPlugin constructor (#986) fixes #976 * feat: add support for serviceEndpoint property as defined in latest DID Spec (#988) BREAKING CHANGE: the `did-resolver` and connected libraries change the data-type for `ServiceEndpoint` to `Service` and the previous semantic has changed. Services can have multiple endpoints, not just a single string. * feat(credential-w3c): add override policies to verifyPresentation (#990) relates to #375 relates to #954 * fix(deps): Update dependency did-jwt-vc to v3 * chore(deps): update postgres docker tag to v14 * feat(credential-w3c): align verification API between formats (#996) * feat(credential-w3c): align verification API between formats fixes #935 fixes #954 fixes #375 * test: add test cases for VC/VP verification policies * feat(credential-w3c): add extra options to VC/VP issuance and verification * fix: forward the `fetchRemoteContext` parameter to the document loader fixes #989 * feat(credential-w3c): add ICredentialPlugin interface in core package (#1001) closes #941 The `ICredentialIssuer` interface was moved to the core package, but is reexported by the `credential-w3c` package for compatibility.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's here:
This PR adds support for JSON LD Credentials via vc-js and provides signature suite implementation for
EcdsaSecp256k1RecoverySignature2020Ed25519Signature2018Other LD Context definitions and LD-Signature algorithms can be included dynamically within Veramo, but they need to be wrapped.
LinkedDataSignatureInterfaces must be wrapped intoVeramoLdSignaturethat allow for the translation of the Veramo (typed) ecosystem intovc-js. Futhermore,VeramoLdSignatureoffer quite the powerful callbacks into the documentLoader and signature process in order to solve incompatibilities between Veramo andvc-js. Please have a specific look at those functions.Open Points (TBD link to related tickets).
fixes #273
new credential-ld package
Support for LD-Signatures is optional.
If the
@veramo/credential-ldplugin is not used, then creation and verification of LD VC/VPs will fail with an error that hints at installing the package.Improved API to create VC/VP
This PR also introduces a few improvements to the ways credentials and presentations are created and verified.
For creation, the data types of the payloads required have been relaxed See
CredentialPayload/PresentationPayload.Credential and Presentation related data types are now defined in
@veramo/core, since they are shared by multiplepackages (credential-w3c and credential-ld).
fixes #756
Introduced API for verification!!
Finally, you can call
agent.verifyCredential()andagent.verifyPresentation()and get a result instead of trying to force these through theMessageHandler.The result is just a
booleanfor this PR, but it will be improved by #375new package for common converters
A new
@veramo/utilspackage is now available that provides some common methods to help with low level conversions and the interpreting of some types.--
Follow up work
EcdsaSecp256k1Signature2019Ed25519Signature2020EthereumEIP712Signature2021Support LD Signature and Verification for EIP712 (TypedData) #422