From 7ca102d64ecec42748609ab1f0c25578be7ca99d Mon Sep 17 00:00:00 2001 From: Raphael Flechtner Date: Mon, 5 Aug 2024 11:07:05 +0200 Subject: [PATCH 1/4] refactor!: unnest disclose.{allBut,only} parameters --- packages/credentials/src/holder.ts | 30 +++++++++++++----------------- tests/bundle/bundle-test.ts | 2 +- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/packages/credentials/src/holder.ts b/packages/credentials/src/holder.ts index 2a40aef7d..ff2122b55 100644 --- a/packages/credentials/src/holder.ts +++ b/packages/credentials/src/holder.ts @@ -54,25 +54,21 @@ function pointerToAttributeName( * * @param credential A Verifiable Credential containing a proof. * @param proofOptions Options for creating the derived proof. - * @param proofOptions.disclose Allows selecting which claims/attributes in the credential should be disclosed, hiding others. - * @param proofOptions.disclose.only An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions selecting attributes to be disclosed. - * All other (non-mandatory) attributes that can be hidden will be hidden. - * Takes precedence over `allBut`. - * @param proofOptions.disclose.allBut An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions selecting attributes to be hidden. + * @param proofOptions.includeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions. + * Allows selecting which claims/attributes in the credential should be disclosed, hiding all other (non-mandatory) attributes. + * @param proofOptions.excludeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions selecting attributes to be hidden. * This means that all other properties are being revealed. * Selecting mandatory properties will result in an error. - * It is ignored if `only` is set. + * _Ignored if `includeClaims` is set_. * @returns A copy of the original credential and proof, altered according to the derivation rules and `proofOptions`. */ export async function deriveProof( credential: VerifiableCredential, // TODO: do we need a holder interface here at some point? Would be required if some holder secret would become necessary to create a derived proof, e.g., a link secret. - proofOptions?: { - disclose?: { - allBut?: string[] - only?: string[] - } - } + proofOptions: { + includeClaims?: string[] + excludeClaims?: string[] + } = {} ): Promise { const proof = getProof(credential) switch (proof.type) { @@ -81,19 +77,19 @@ export async function deriveProof( credential as KiltCredentialV1.Interface ) - const { allBut, only } = proofOptions?.disclose ?? {} + const { includeClaims, excludeClaims } = proofOptions let discloseProps: string[] = [] - if (only) { + if (includeClaims) { const attributes = new Set() - only.forEach((path) => { + includeClaims.forEach((path) => { attributes.add(pointerToAttributeName(credential, path, false)) }) discloseProps = Array.from(attributes) - } else if (allBut) { + } else if (excludeClaims) { const attributes = new Set( Object.keys(credential.credentialSubject) ) - allBut.forEach((path) => { + excludeClaims.forEach((path) => { attributes.delete(pointerToAttributeName(credential, path, true)) }) discloseProps = Array.from(attributes) diff --git a/tests/bundle/bundle-test.ts b/tests/bundle/bundle-test.ts index 53a72289f..e3f29f56a 100644 --- a/tests/bundle/bundle-test.ts +++ b/tests/bundle/bundle-test.ts @@ -234,7 +234,7 @@ async function runAll() { // The presentation includes a proof of ownership and is scoped to a verified and time frame to prevent unauthorized re-use. // const derived = await Kilt.Holder.deriveProof(credential, { - disclose: { only: ['/credentialSubject/age'] }, + includeClaims: ['/credentialSubject/age'], }) const presentation = await Kilt.Holder.createPresentation( From 5cb06b43c3c1ab338f1b5799cd0c18186fe2be97 Mon Sep 17 00:00:00 2001 From: Raphael Flechtner Date: Mon, 5 Aug 2024 11:46:52 +0200 Subject: [PATCH 2/4] feat: accept keys/signers on issue() submitter --- .../src/V1/KiltAttestationProofV1.ts | 38 +++++++++++++------ packages/credentials/src/interfaces.ts | 3 +- 2 files changed, 27 insertions(+), 14 deletions(-) diff --git a/packages/credentials/src/V1/KiltAttestationProofV1.ts b/packages/credentials/src/V1/KiltAttestationProofV1.ts index 9198e7069..61e6151f8 100644 --- a/packages/credentials/src/V1/KiltAttestationProofV1.ts +++ b/packages/credentials/src/V1/KiltAttestationProofV1.ts @@ -49,6 +49,7 @@ import type { IDelegationNode, KiltAddress, SharedArguments, + SignerInterface, } from '@kiltprotocol/types' import { Caip19, JsonSchema, SDKErrors, Signers } from '@kiltprotocol/utils' @@ -670,19 +671,14 @@ async function defaultTxSubmit({ call, signers, submitter, -}: Omit & { +}: SharedArguments & { call: Extrinsic - submitter: KiltAddress }): Promise { - let extrinsic = await authorizeTx( - didDocument, - call, - await signersForDid(didDocument, ...signers), - submitter - ) - - if (!extrinsic.isSigned) { - const accountSigners = ( + let submitterAddress: KiltAddress + let accountSigners: SignerInterface[] = [] + if (typeof submitter === 'string') { + submitterAddress = submitter + accountSigners = ( await Promise.all( signers.map((keypair) => 'algorithm' in keypair @@ -691,7 +687,25 @@ async function defaultTxSubmit({ ) ) ).flat() - extrinsic = await extrinsic.signAsync(submitter, { + } else if ('algorithm' in submitter) { + submitterAddress = submitter.id + accountSigners = [submitter] + } else { + accountSigners = await Signers.getSignersForKeypair({ + keypair: submitter, + }) + submitterAddress = accountSigners[0].id as KiltAddress + } + + let extrinsic = await authorizeTx( + didDocument, + call, + await signersForDid(didDocument, ...signers), + submitterAddress + ) + + if (!extrinsic.isSigned) { + extrinsic = await extrinsic.signAsync(submitterAddress, { signer: Signers.getPolkadotSigner(accountSigners), }) } diff --git a/packages/credentials/src/interfaces.ts b/packages/credentials/src/interfaces.ts index 9494aec61..af31267ab 100644 --- a/packages/credentials/src/interfaces.ts +++ b/packages/credentials/src/interfaces.ts @@ -11,7 +11,6 @@ import type { DidDocument, DidHelpersAcceptedSigners, HexString, - KiltAddress, SharedArguments, TransactionResult, } from '@kiltprotocol/types' @@ -36,7 +35,7 @@ export type SubmitOverride = ( ) => Promise interface SubmitterAddressOrOverride { - submitter: KiltAddress | SubmitOverride + submitter: SharedArguments['submitter'] | SubmitOverride } export type IssuerOptions = HolderOptions & SubmitterAddressOrOverride From 3c17ace73089be9b74458d6709881d576b33115b Mon Sep 17 00:00:00 2001 From: Raphael Flechtner Date: Mon, 5 Aug 2024 14:02:23 +0200 Subject: [PATCH 3/4] refactor!: switch to all named parameters on credentials functions --- packages/credentials/src/holder.ts | 74 +++++++++++++++------------- packages/credentials/src/issuer.ts | 37 +++++++------- packages/credentials/src/verifier.ts | 69 +++++++++++++------------- tests/bundle/bundle-test.ts | 29 ++++++----- tests/integration/didHelpers.spec.ts | 25 +++++----- 5 files changed, 126 insertions(+), 108 deletions(-) diff --git a/packages/credentials/src/holder.ts b/packages/credentials/src/holder.ts index ff2122b55..6de06d044 100644 --- a/packages/credentials/src/holder.ts +++ b/packages/credentials/src/holder.ts @@ -52,24 +52,27 @@ function pointerToAttributeName( /** * Allows creating derivative proofs from a Verifiable Credential, for the purpose of disclosing only a subset of the credential's claims to a verifier. * - * @param credential A Verifiable Credential containing a proof. - * @param proofOptions Options for creating the derived proof. - * @param proofOptions.includeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions. + * @param params Holds all named parameters. + * @param params.credential A Verifiable Credential containing a proof. + * @param params.proofOptions Options for creating the derived proof. + * @param params.proofOptions.includeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions. * Allows selecting which claims/attributes in the credential should be disclosed, hiding all other (non-mandatory) attributes. - * @param proofOptions.excludeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions selecting attributes to be hidden. + * @param params.proofOptions.excludeClaims An array of {@link https://www.rfc-editor.org/info/rfc6901 JSON Pointer} expressions selecting attributes to be hidden. * This means that all other properties are being revealed. * Selecting mandatory properties will result in an error. * _Ignored if `includeClaims` is set_. * @returns A copy of the original credential and proof, altered according to the derivation rules and `proofOptions`. */ -export async function deriveProof( - credential: VerifiableCredential, - // TODO: do we need a holder interface here at some point? Would be required if some holder secret would become necessary to create a derived proof, e.g., a link secret. - proofOptions: { +export async function deriveProof({ + credential, + proofOptions = {}, +}: { + credential: VerifiableCredential + proofOptions?: { includeClaims?: string[] excludeClaims?: string[] - } = {} -): Promise { + } +}): Promise { const proof = getProof(credential) switch (proof.type) { case KiltAttestationProofV1.PROOF_TYPE: { @@ -114,48 +117,53 @@ export async function deriveProof( * Creates a Verifiable Presentation from one or more credentials and adds a proof for the purpose of holder authentication. * To that end, the presentation can be scoped to a specific transaction, timeframe, purpose, or verifier, by means of multiple mechanisms. * - * @param credentials Array of one or more Verifiable Credentials to be included in the presentation. - * @param holder Interfaces for interacting with the holder identity for the purpose of generating a presentation proof. - * @param holder.did The Decentralized Identifier (DID) of the holder. - * @param holder.didDocument The DID Document of the holder. - * @param holder.signers An array of signer interfaces, each allowing to request signatures made with a key associated with the holder DID Document. + * @param params Holds all named parameters. + * @param params.credentials Array of one or more Verifiable Credentials to be included in the presentation. + * @param params.holder Interfaces for interacting with the holder identity for the purpose of generating a presentation proof. + * @param params.holder.didDocument The DID Document of the holder. + * @param params.holder.signers An array of signer interfaces, each allowing to request signatures made with a key associated with the holder DID Document. * The function will select the first signer that matches requirements around signature algorithm and relationship of the key to the DID as given by the DID Document. - * @param presentationOptions Object holding optional arguments for scoping the presentation. - * @param presentationOptions.validFrom A Date or date-time string indicating the earliest point in time where the presentation becomes valid. + * @param params.presentationOptions Object holding optional arguments for scoping the presentation. + * @param params.presentationOptions.validFrom A Date or date-time string indicating the earliest point in time where the presentation becomes valid. * Represented as `issuanceDate` on the presentation. * Defaults to `proofOptions.now`. - * @param presentationOptions.validUntil A Date or date-time string indicating when the presentation is no longer valid. + * @param params.presentationOptions.validUntil A Date or date-time string indicating when the presentation is no longer valid. * Represented as `expirationDate` on the presentation. - * @param presentationOptions.verifier Identifier (DID) of the verifier to prevent unauthorized re-use of the presentation. - * @param proofOptions Object holding optional arguments for creating and scoping the presentation proof. - * @param proofOptions.proofPurpose Controls the `proofPurpose` property and consequently which verificationMethods can be used for signing. - * @param proofOptions.proofType Controls the type of proof to be created for the presentation. + * @param params.presentationOptions.verifier Identifier (DID) of the verifier to prevent unauthorized re-use of the presentation. + * @param params.proofOptions Object holding optional arguments for creating and scoping the presentation proof. + * @param params.proofOptions.proofPurpose Controls the `proofPurpose` property and consequently which verificationMethods can be used for signing. + * @param params.proofOptions.proofType Controls the type of proof to be created for the presentation. * Currently, this function only produces {@link DataIntegrity.PROOF_TYPE DataIntegrityProof} type proofs; * Any other values will be mapped to a known algorithm or cryptosuite for use with this proof type, thus allowing to control the signature algorithm to be used. - * @param proofOptions.challenge A challenge supplied by a verifier in a challenge-response protocol, which allows verifiers to assure signature freshness, preventing unauthorized re-use. - * @param proofOptions.domain A domain string to be included in the proof. + * @param params.proofOptions.challenge A challenge supplied by a verifier in a challenge-response protocol, which allows verifiers to assure signature freshness, preventing unauthorized re-use. + * @param params.proofOptions.domain A domain string to be included in the proof. * This plays a role similar to the `verifier` option, but is not restricted to DIDs. * This could, for example, be the domain of a web-application requesting credential presentation. - * @param proofOptions.now Allows manipulating the current date and time for the purpose of presentation & proof generation. + * @param params.proofOptions.now Allows manipulating the current date and time for the purpose of presentation & proof generation. * Defaults to the current date and time. * @returns A holder-signed presentation. */ -export async function createPresentation( - credentials: VerifiableCredential[], - holder: HolderOptions, - presentationOptions: { +export async function createPresentation({ + credentials, + holder, + presentationOptions = {}, + proofOptions = {}, +}: { + credentials: VerifiableCredential[] + holder: HolderOptions + presentationOptions?: { validFrom?: Date validUntil?: Date verifier?: Did - } = {}, - proofOptions: { + } + proofOptions?: { proofPurpose?: string proofType?: string challenge?: string domain?: string now?: Date - } = {} -): Promise { + } +}): Promise { const { didDocument, signers } = holder const { validFrom, validUntil, verifier } = presentationOptions const { proofPurpose, proofType, challenge, domain, now } = proofOptions diff --git a/packages/credentials/src/issuer.ts b/packages/credentials/src/issuer.ts index 3cc0ce589..712b40442 100644 --- a/packages/credentials/src/issuer.ts +++ b/packages/credentials/src/issuer.ts @@ -90,34 +90,33 @@ export async function createCredential({ /** * Issues a Verifiable Credential from on the input document by attaching a proof. Edits to the document may be made depending on the proof type. * - * @param credential A credential document as returned by {@link createCredential}. - * @param issuer Interfaces for interacting with the issuer identity for the purpose of generating a proof. - * @param issuer.didDocument The DID Document of the issuer. - * @param issuer.signers An array of signer interfaces, each allowing to request signatures made with a key associated with the issuer DID Document. + * @param params Holds all named parameters. + * @param params.credential A credential document as returned by {@link createCredential}. + * @param params.issuer Interfaces for interacting with the issuer identity for the purpose of generating a proof. + * @param params.issuer.didDocument The DID Document of the issuer. + * @param params.issuer.signers An array of signer interfaces, each allowing to request signatures made with a key associated with the issuer DID Document. * The function will select the first signer that matches requirements around signature algorithm and relationship of the key to the DID as given by the DID Document. - * @param issuer.submitter Some proof types require making transactions to effect state changes on the KILT blockchain. + * @param params.issuer.submitter Some proof types require making transactions to effect state changes on the KILT blockchain. * The blockchain account whose address is specified here will be used to cover all transaction fees and deposits due for this operation. * As transactions to the blockchain need to be signed, `signers` is expected to contain a signer interface where the `id` matches this address. * * Alternatively, you can pass a {@link SubmitOverride} callback that takes care of Did-authorizing and submitting the transaction. * If you are using a service that helps you submit and pay for transactions, this is your point of integration to it. - * @param proofOptions Options that control proof generation. - * @param proofOptions.proofType The type of proof to be created. + * @param params.proofOptions Options that control proof generation. + * @param params.proofOptions.proofType The type of proof to be created. * Defaults to {@link KiltAttestationProofV1.PROOF_TYPE KiltAttestationProofV1} which, as of now, is the only type suppported. - * @param proofOptions.proofPurpose Controls which relationship to the DID is expected of the key selected for creating the proof. - * Defaults to `assertionMethod`, which is also the only value supported for {@link KiltAttestationProofV1.PROOF_TYPE KiltAttestationProofV1} proofs. - * @param proofOptions.now Allows manipulating the current date and time for the purpose of proof generation. - * As of now, this has no effect though. */ -export async function issue( - credential: UnsignedVc, - issuer: IssuerOptions, - proofOptions: { +export async function issue({ + credential, + issuer, + proofOptions = {}, +}: { + credential: UnsignedVc + issuer: IssuerOptions + proofOptions?: { proofType?: string - proofPurpose?: string - now?: Date // given that this has no effect, should I remove it for now? - } = {} -): Promise { + } +}): Promise { const { proofType } = proofOptions switch (proofType) { case undefined: diff --git a/packages/credentials/src/verifier.ts b/packages/credentials/src/verifier.ts index c3cffb36b..b6d6f4d64 100644 --- a/packages/credentials/src/verifier.ts +++ b/packages/credentials/src/verifier.ts @@ -34,13 +34,16 @@ import { appendErrors, getProof, toError } from './proofs/utils.js' * Retrieves status information on a credential, indicating for example whether or not the credential has been revoked. * After a credential has been verified using {@link verifyCredential} or {@link verifyPresentation}, this function could be called periodically to ensure it continues to be valid. * - * @param credential The Verifiable Credential whose status is to be checked. + * @param params Holds all named parameters. + * @param params.credential The Verifiable Credential whose status is to be checked. * @returns An object containing a summary of the result (`verified`) as a boolean alongside any potential errors. * A `status` string may convey additional information on the credential's status. */ -export async function checkStatus( +export async function checkStatus({ + credential, +}: { credential: VerifiableCredential -): Promise { +}): Promise { try { switch (credential.credentialStatus?.type) { case KiltRevocationStatusV1.STATUS_TYPE: @@ -67,9 +70,7 @@ type VerificationCriteria = { type VerificationConfig = { didResolver?: typeof resolve | DidDocument[] cTypes?: CTypeLoader | ICType[] - credentialStatusLoader?: ( - credential: VerifiableCredential - ) => Promise + credentialStatusLoader?: typeof checkStatus } /** @@ -80,24 +81,24 @@ type VerificationConfig = { * - Checks the revocation status of a verified credential. * - Returns a verification result containing proof and status verification results. * - * @param args - An object holding named arguments. - * @param args.credential - The Verifiable Credential to be verified. - * @param args.verificationCriteria - Verification options. - * @param args.verificationCriteria.proofTypes - The types of acceptable proofs on the presentation. + * @param params - Holds all named parameters. + * @param params.credential - The Verifiable Credential to be verified. + * @param params.verificationCriteria - Verification options. + * @param params.verificationCriteria.proofTypes - The types of acceptable proofs on the presentation. * Defaults to {@link KiltAttestationProofV1.PROOF_TYPE KiltAttestationProofV1 } which, as of now, is the only type suppported. * @param verificationCriteria.proofPurpose - Controls which value is expected for the proof's `proofPurpose` property. * As {@link KiltAttestationProofV1.PROOF_TYPE KiltAttestationProofV1} proofs default to `assertionMethod`, any other value will currently fail verification. - * @param args.verificationCriteria.now - The reference time for verification as Date (default is current time). - * @param args.verificationCriteria.tolerance - The allowed time drift in milliseconds for time-sensitive checks (default is 0). - * @param args.config - Additional configuration (optional). - * @param args.config.didResolver - An alterative DID resolver to resolve issuer DIDs (defaults to {@link resolve}). + * @param params.verificationCriteria.now - The reference time for verification as Date (default is current time). + * @param params.verificationCriteria.tolerance - The allowed time drift in milliseconds for time-sensitive checks (default is 0). + * @param params.config - Additional configuration (optional). + * @param params.config.didResolver - An alterative DID resolver to resolve issuer DIDs (defaults to {@link resolve}). * An array of static DID documents can be provided instead, in which case the function will not try to retrieve any DID documents from a remote source. - * @param config.cTypes - To ensure that the credential structure agrees with a known CType (credential schema), with this parameter it is possible to pass: + * @param params.config.cTypes - To ensure that the credential structure agrees with a known CType (credential schema), with this parameter it is possible to pass: * - either an array of CType definitions * - or a CType-Loader that retrieves the definition of the CType linked to the credential. * * By default, this retrieves CType definitions from the KILT blockchain, using a loader with an internal definitions cache. - * @param config.credentialStatusLoader - An alternative credential status resolver. + * @param params.config.credentialStatusLoader - An alternative credential status resolver. * This function takes the credential as input and is expected to return a promise of an {@link CredentialStatusResult}. * Defaults to {@link checkStatus}. * @returns An object containing a summary of the result (`verified`) as a boolean alongside any potential errors and detailed information on proof verification results and credential status. @@ -171,7 +172,7 @@ export async function verifyCredential({ if (result.proofResults?.some(({ verified }) => verified === true)) { const { credentialStatusLoader = checkStatus } = config // TODO: shouldn't the 'now' parameter also apply to the status check? - result.statusResult = await credentialStatusLoader(credential).catch( + result.statusResult = await credentialStatusLoader({ credential }).catch( (e) => ({ verified: false, error: [toError(e)] }) ) @@ -206,29 +207,29 @@ export async function verifyCredential({ * - Checks the status of each verified credential. * - Returns a composite verification result for the presentation and each credential. * - * @param args - An object holding named arguments. - * @param args.presentation - The Verifiable Presentation to be verified. - * @param args.verificationCriteria - Verification options. - * @param args.verificationCriteria.now - The reference time for verification as Date (default is current time). - * @param args.verificationCriteria.tolerance - The allowed time drift in milliseconds for time-sensitive checks (default is 0). - * @param args.verificationCriteria.proofTypes - The types of acceptable proofs on the presentation. + * @param params - An object holding named arguments. + * @param params.presentation - The Verifiable Presentation to be verified. + * @param params.verificationCriteria - Verification options. + * @param params.verificationCriteria.now - The reference time for verification as Date (default is current time). + * @param params.verificationCriteria.tolerance - The allowed time drift in milliseconds for time-sensitive checks (default is 0). + * @param params.verificationCriteria.proofTypes - The types of acceptable proofs on the presentation. * Defaults to {@link DataIntegrity.PROOF_TYPE DataIntegrityProof } which, as of now, is the only type suppported. * Any other values will be mapped to a known algorithm or cryptosuite for use with this proof type, thus allowing to control the signature algorithm to be used. - * @param args.verificationCriteria.proofPurpose - Controls which value is expected for the proof's `proofPurpose` property. + * @param params.verificationCriteria.proofPurpose - Controls which value is expected for the proof's `proofPurpose` property. * If specified, verification fails if the proof is issued for a different purpose. - * @param args.verificationCriteria.challenge - The expected challenge value for the presentation, if any. + * @param params.verificationCriteria.challenge - The expected challenge value for the presentation, if any. * If given, verification fails if the proof does not contain the challenge value. - * @param args.verificationCriteria.domain - Expected domain for the proof. Verification fails if mismatched. - * @param args.verificationCriteria.verifier - The expected verifier for the presentation, if any. - * @param args.verificationCriteria.credentials - Verification criteria to be passed on to {@link verifyCredential}. - * @param args.verificationCriteria.credentials.proofTypes See {@link verifyCredential}. - * @param args.verificationCriteria.credentials.proofPurpose See {@link verifyCredential}. - * @param args.config - Additional configuration (optional). - * @param args.config.didResolver - An alterative DID resolver to resolve the holder- and issuer DIDs (defaults to {@link resolve}). + * @param params.verificationCriteria.domain - Expected domain for the proof. Verification fails if mismatched. + * @param params.verificationCriteria.verifier - The expected verifier for the presentation, if any. + * @param params.verificationCriteria.credentials - Verification criteria to be passed on to {@link verifyCredential}. + * @param params.verificationCriteria.credentials.proofTypes See {@link verifyCredential}. + * @param params.verificationCriteria.credentials.proofPurpose See {@link verifyCredential}. + * @param params.config - Additional configuration (optional). + * @param params.config.didResolver - An alterative DID resolver to resolve the holder- and issuer DIDs (defaults to {@link resolve}). * An array of static DID documents can be provided instead, in which case the function will not try to retrieve any DID documents from a remote source. - * @param config.cTypes - Alternative input for the credential structural verification. It can either be an array of CTypes or a CType loader. + * @param params.config.cTypes - Alternative input for the credential structural verification. It can either be an array of CTypes or a CType loader. * See {@link verifyCredential} for details. - * @param args.config.credentialStatusLoader - An alternative credential status resolver. + * @param params.config.credentialStatusLoader - An alternative credential status resolver. * See {@link verifyCredential} for details. * @returns An object containing a summary of the result (`verified`) as a boolean alongside detailed information on presentation and credential verification results. */ diff --git a/tests/bundle/bundle-test.ts b/tests/bundle/bundle-test.ts index e3f29f56a..43ca10776 100644 --- a/tests/bundle/bundle-test.ts +++ b/tests/bundle/bundle-test.ts @@ -218,10 +218,13 @@ async function runAll() { cType: DriversLicense, }) - const credential = await Kilt.Issuer.issue(unsigned, { - didDocument, - signers: [...signers, submitter], - submitter: submitter.id, + const credential = await Kilt.Issuer.issue({ + credential: unsigned, + issuer: { + didDocument, + signers: [...signers, submitter], + submitter: submitter.id, + }, }) console.log('credential issued') @@ -233,18 +236,22 @@ async function runAll() { // Create a derived credential that only contains selected properties (selective disclosure), then create a credential presentation for it. // The presentation includes a proof of ownership and is scoped to a verified and time frame to prevent unauthorized re-use. // - const derived = await Kilt.Holder.deriveProof(credential, { - includeClaims: ['/credentialSubject/age'], + const derived = await Kilt.Holder.deriveProof({ + credential, + proofOptions: { includeClaims: ['/credentialSubject/age'] }, }) - const presentation = await Kilt.Holder.createPresentation( - [derived], - { + const presentation = await Kilt.Holder.createPresentation({ + credentials: [derived], + holder: { didDocument, signers, }, - { verifier: didDocument.id, validUntil: new Date(Date.now() + 100_000) } - ) + presentationOptions: { + verifier: didDocument.id, + validUntil: new Date(Date.now() + 100_000), + }, + }) console.log('presentation created') diff --git a/tests/integration/didHelpers.spec.ts b/tests/integration/didHelpers.spec.ts index 3e7c04b01..8e8a7d310 100644 --- a/tests/integration/didHelpers.spec.ts +++ b/tests/integration/didHelpers.spec.ts @@ -390,17 +390,20 @@ describe('transact', () => { cType, }) - const issued = await Issuer.issue(unsigned, { - didDocument, - signers: [keypair], - submitter: async (args) => - DidHelpers.transact({ - ...args, - submitter: paymentAccount, - expectedEvents: [ - { section: 'attestation', method: 'AttestationCreated' }, - ], - }).submit(), + const issued = await Issuer.issue({ + credential: unsigned, + issuer: { + didDocument, + signers: [keypair], + submitter: async (args) => + DidHelpers.transact({ + ...args, + submitter: paymentAccount, + expectedEvents: [ + { section: 'attestation', method: 'AttestationCreated' }, + ], + }).submit(), + }, }) expect(issued).toHaveProperty('proof', expect.any(Object)) From eb871a6aad3b10199718e05e3872cef4d1cd111c Mon Sep 17 00:00:00 2001 From: Raphael Flechtner Date: Tue, 6 Aug 2024 11:20:39 +0200 Subject: [PATCH 4/4] chore: move `now` param to top-level on createPresentation --- packages/credentials/src/holder.ts | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/packages/credentials/src/holder.ts b/packages/credentials/src/holder.ts index 6de06d044..92d9037fb 100644 --- a/packages/credentials/src/holder.ts +++ b/packages/credentials/src/holder.ts @@ -126,7 +126,7 @@ export async function deriveProof({ * @param params.presentationOptions Object holding optional arguments for scoping the presentation. * @param params.presentationOptions.validFrom A Date or date-time string indicating the earliest point in time where the presentation becomes valid. * Represented as `issuanceDate` on the presentation. - * Defaults to `proofOptions.now`. + * Defaults to `params.now`. * @param params.presentationOptions.validUntil A Date or date-time string indicating when the presentation is no longer valid. * Represented as `expirationDate` on the presentation. * @param params.presentationOptions.verifier Identifier (DID) of the verifier to prevent unauthorized re-use of the presentation. @@ -139,7 +139,7 @@ export async function deriveProof({ * @param params.proofOptions.domain A domain string to be included in the proof. * This plays a role similar to the `verifier` option, but is not restricted to DIDs. * This could, for example, be the domain of a web-application requesting credential presentation. - * @param params.proofOptions.now Allows manipulating the current date and time for the purpose of presentation & proof generation. + * @param params.now Allows manipulating the current date and time for the purpose of presentation & proof generation. * Defaults to the current date and time. * @returns A holder-signed presentation. */ @@ -148,6 +148,7 @@ export async function createPresentation({ holder, presentationOptions = {}, proofOptions = {}, + now, }: { credentials: VerifiableCredential[] holder: HolderOptions @@ -161,12 +162,12 @@ export async function createPresentation({ proofType?: string challenge?: string domain?: string - now?: Date } + now?: Date }): Promise { const { didDocument, signers } = holder const { validFrom, validUntil, verifier } = presentationOptions - const { proofPurpose, proofType, challenge, domain, now } = proofOptions + const { proofPurpose, proofType, challenge, domain } = proofOptions let presentation = await Presentation.create({ credentials,