feat(webvh): implement WebVhAnonCredsRegistry with schema and credential definition support

- Added WebVhAnonCredsRegistry class to handle anon credentials with did:webvh identifiers.
- Implemented methods for retrieving schemas, credential definitions, and revocation registry definitions.
- Introduced validation and error handling for resource resolution and proof verification.
- Created utility functions for multihash encoding and base58 conversion.
- Added tests for WebVhAnonCredsRegistry and resource transformation.
- Updated package.json to include new dependencies for class-transformer and class-validator.

Signed-off-by: Brian Richter <brian@aviary.tech>

Author: brianorwhatever

packages/webvh/package.json

@@ -22,12 +22,17 @@
     "test:debug": "node --inspect-brk node_modules/.bin/jest --runInBand --config jest.config.js"
   },
   "dependencies": {
+    "@credo-ts/anoncreds": "workspace:*",
     "@credo-ts/core": "workspace:*",
-    "didwebvh-ts": "^2.0.0",
+    "@multiformats/base-x": "^4.0.1",
+    "class-transformer": "^0.5.1",
+    "class-validator": "0.14.1",
+    "didwebvh-ts": "file:/Users/brian/Projects/bcgov/didwebvh-ts",
+    "json-canonicalize": "^1.0.6",
     "tsyringe": "^4.8.0"
   },
   "devDependencies": {
     "rimraf": "^4.4.0",
     "typescript": "~4.9.5"
   }
-} 
+}

packages/webvh/src/anoncreds/services/WebVhAnonCredsRegistry.ts

@@ -0,0 +1,42 @@
+import { JsonTransformer } from '@credo-ts/core'
+
+import { WebVhResource } from '../../utils/transform'
+
+import { MockSchemaResource, MockCredDefResource } from './mock-resources'
+
+describe('WebVhTransform', () => {
+  it('should correctly transform a schema resource', () => {
+    const resource = JsonTransformer.fromJSON(MockSchemaResource, WebVhResource)
+
+    expect(resource).toBeInstanceOf(WebVhResource)
+    expect(resource['@context']).toEqual(['https://w3id.org/security/data-integrity/v2'])
+    expect(resource.type).toEqual(['AttestedResource'])
+
+    // Type guard to check if content is a schema
+    if ('attrNames' in resource.content) {
+      expect(resource.content.name).toBe('Meeting Invitation')
+      expect(resource.content.version).toBe('1.1')
+      expect(Array.isArray(resource.content.attrNames)).toBe(true)
+      expect(resource.content.attrNames).toContain('email')
+    } else {
+      fail('Content should be a schema')
+    }
+  })
+
+  it('should correctly transform a credential definition resource', () => {
+    const resource = JsonTransformer.fromJSON(MockCredDefResource, WebVhResource)
+
+    expect(resource).toBeInstanceOf(WebVhResource)
+    expect(resource['@context']).toEqual(['https://w3id.org/security/data-integrity/v2'])
+    expect(resource.type).toEqual(['AttestedResource'])
+
+    // Type guard to check if content is a credential definition
+    if ('schemaId' in resource.content) {
+      expect(resource.content.type).toBe('CL')
+      expect(resource.content.tag).toBe('Meeting Invitation')
+      expect(resource.content.schemaId).toContain('zQmc3ZT6N3s3UhqTcC5kWcWVoHwnkK6dZVBVfkLtYKY8YJm')
+    } else {
+      fail('Content should be a credential definition')
+    }
+  })
+})

packages/webvh/src/anoncreds/services/__tests__/WebVhAnonCredsRegistry.test.ts

@@ -0,0 +1,100 @@
+export const issuerDid =
+  'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4'
+
+export const MockSchemaResource = {
+  '@context': ['https://w3id.org/security/data-integrity/v2'],
+  type: ['AttestedResource'],
+  id: 'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmc3ZT6N3s3UhqTcC5kWcWVoHwnkK6dZVBVfkLtYKY8YJm',
+  content: {
+    issuerId:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4',
+    attrNames: ['group', 'email', 'date'],
+    name: 'Meeting Invitation',
+    version: '1.1',
+  },
+  metadata: {
+    resourceId: 'zQmc3ZT6N3s3UhqTcC5kWcWVoHwnkK6dZVBVfkLtYKY8YJm',
+    resourceType: 'anonCredsSchema',
+    resourceName: 'Meeting Invitation',
+  },
+  proof: {
+    type: 'DataIntegrityProof',
+    cryptosuite: 'eddsa-jcs-2022',
+    proofPurpose: 'assertionMethod',
+    proofValue: 'z4RCLxRSVeTM4UnZ6vDmDjEX9pbpdUptXuDTy7h8Fij2npReHXmCUzzb5jTEUg1dFtpjH7tiKNJwXztwSktdjaMtX',
+    verificationMethod:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4#key-01',
+  },
+}
+
+export const MockCredDefResource = {
+  '@context': ['https://w3id.org/security/data-integrity/v2'],
+  type: ['AttestedResource'],
+  id: 'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmVrh8pxBhaieoJZG8syFUm3axcC928JrE1gaWo9EBVWMM',
+  content: {
+    issuerId:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4',
+    schemaId:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmc3ZT6N3s3UhqTcC5kWcWVoHwnkK6dZVBVfkLtYKY8YJm',
+    type: 'CL',
+    tag: 'Meeting Invitation',
+    value: {},
+  },
+  metadata: {
+    resourceId: 'zQmVrh8pxBhaieoJZG8syFUm3axcC928JrE1gaWo9EBVWMM',
+    resourceType: 'anonCredsCredDef',
+    resourceName: 'Meeting Invitation',
+  },
+  proof: {
+    type: 'DataIntegrityProof',
+    cryptosuite: 'eddsa-jcs-2022',
+    proofPurpose: 'assertionMethod',
+    proofValue: 'z2P3cR46Qt8r3Zc47EHxou6JkU7sTWd8PFZpQwZR7k8MU2Sntt325dQ1u3bn2ZoQUvoCFdNHWYbmsf5FzpqaF1n41',
+    verificationMethod:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4#key-01',
+  },
+}
+
+export const MockRevRegDefResource = {
+  '@context': ['https://w3id.org/security/data-integrity/v2'],
+  type: ['AttestedResource'],
+  id: 'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmWnvUkdcwB3nHhAWyAdQ4Vh3WZwtoatK7rhLTVpABGMqt',
+  content: {
+    issuerId:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4',
+    revocDefType: 'CL_ACCUM',
+    credDefId:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmVrh8pxBhaieoJZG8syFUm3axcC928JrE1gaWo9EBVWMM',
+    tag: '0',
+    value: {
+      publicKeys: {
+        accumKey: {
+          z: '1 0030D63670F45350DA40A365D583E9F63DF8D354A0D413D0E6375A74619B990E 1 0D95E8FDB17C003B423BA2A525D0A0B19D9A60BCE8C661BC6FF508CD87FF1895 1 0D85DFD466C0D8D92C41F8D1F678D6CD86D3D6C3625CE2C91356C5B1E12A4560 1 00755055AE7B11333AAB9D96CB3997DF3A729971ED08FF3980A853BB7E115DAE 1 11DBDA475F2E240B8CC9B874A8ED7C061778C688BB73CB55D51BC8A47495DA4F 1 23815EC20DD84CE61102953818C475B5D4821A80D46CCEB664020CA1A22036A2 1 00FD1DD0A0767A3A3136BDA5FC6D8EC2D463F47E9DE0B2C8D5B16799EF6942B0 1 0896EDD64B8BAB579153B9E4BE73B9DA822C2D60B3D51886CA504DBC63CA8423 1 0C78EE9EAAB9137A33E580E9C9F40AB83670CD6B50F5EA63E5DD6C76617CCB73 1 1BE09416967802C5BF852CEF50E7DBD5EACA4E9F08D4F8E65F6E60A5332FD1AB 1 18C08D5EE58798D211CFF757323E20A5DBDB984CD0B3BCD5BAFF5B119E68F6B7 1 0FB0C9D143962D4A83587269003F125403E8CBAC14252CFA6B501FD577CB4BBF',
+        },
+      },
+      maxCredNum: 100,
+      tailsLocation: 'https://tails.anoncreds.vc/hash/H9YggRVzCkjeonb7VWnZfTxrfZGTvTn6oFtg8oizcCvt',
+      tailsHash: 'H9YggRVzCkjeonb7VWnZfTxrfZGTvTn6oFtg8oizcCvt',
+    },
+  },
+  metadata: {
+    resourceId: 'zQmWnvUkdcwB3nHhAWyAdQ4Vh3WZwtoatK7rhLTVpABGMqt',
+    resourceType: 'anonCredsRevocRegDef',
+    resourceName: '0',
+  },
+  links: [
+    {
+      id: 'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4/resources/zQmZPkNNca2RYyoeGhUoBkSzUeNm3vW4JDQd61c7YyFcqiA',
+      type: 'anonCredsStatusList',
+      timestamp: 1742002941,
+    },
+  ],
+  proof: {
+    type: 'DataIntegrityProof',
+    cryptosuite: 'eddsa-jcs-2022',
+    proofPurpose: 'assertionMethod',
+    proofValue: 'z61CdZfYZbgwvNXV5KWFdTmoMyih9yJsmjdTb28JdY9qCiXZJ3t2cRUJCKaEV3Ummr3RrXiZGfDuFb1548GbU8iTU',
+    verificationMethod:
+      'did:webvh:QmRxso8yoATm66gKhp3AKbPSH6ys4XcNVgKT786M99JRpN:id.anoncreds.vc:demo:863862bf-cd3b-44e3-89d4-0a2d7f5cc8d4#key-01',
+  },
+}

packages/webvh/src/anoncreds/services/__tests__/WebVhTransform.test.ts

@@ -0,0 +1,13 @@
+import base from '@multiformats/base-x'
+
+const BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
+
+const base58Converter = base(BASE58_ALPHABET)
+
+export function decodeFromBase58(base58: string) {
+  return base58Converter.decode(base58)
+}
+
+export function encodeToBase58(buffer: Uint8Array) {
+  return base58Converter.encode(buffer)
+}

packages/webvh/src/anoncreds/services/__tests__/mock-resources.ts

@@ -0,0 +1,85 @@
+import { encodeToBase58, decodeFromBase58 } from './base58'
+
+/**
+ * Note: When hashing JSON objects, you should first canonicalize the JSON using
+ * the json-canonicalize package to ensure consistent hash generation:
+ * 
+ * ```
+ * import { canonicalize } from 'json-canonicalize'
+ * const jsonString = canonicalize(jsonObject)
+ * const digestBuffer = createHash('sha256').update(jsonString).digest()
+ * const multiHash = encodeMultihash(digestBuffer)
+ * ```
+ */
+
+// Hash algorithm codes (from multiformats table)
+const HASH_CODES: Record<string, number> = {
+  sha256: 0x12,
+  sha512: 0x13,
+}
+
+/**
+ * Creates a multihash from a digest
+ * @param digest The raw hash digest bytes
+ * @param algorithm The hash algorithm used (defaults to sha256)
+ * @returns A multihash encoded buffer
+ */
+export function createMultihash(digest: Buffer, algorithm = 'sha256'): Buffer {
+  // Get the code for the hash algorithm
+  const hashCode = HASH_CODES[algorithm]
+  if (hashCode === undefined) {
+    throw new Error(`Unsupported hash algorithm: ${algorithm}`)
+  }
+
+  // Length of the digest in bytes
+  const digestLength = digest.length
+
+  // Create a buffer for the multihash:
+  // <hash-code><digest-length><digest>
+  const multihashBuffer = Buffer.alloc(2 + digestLength)
+  
+  // Write hash code as varint (assuming it fits in a single byte for simplicity)
+  multihashBuffer[0] = hashCode
+  
+  // Write length as varint (assuming it fits in a single byte for simplicity)
+  multihashBuffer[1] = digestLength
+  
+  // Copy the digest into the buffer
+  digest.copy(multihashBuffer, 2)
+  
+  return multihashBuffer
+}
+
+/**
+ * Encodes a digest as a multihash string in base58 format
+ * @param digest The raw hash digest bytes
+ * @param algorithm The hash algorithm used (default sha256)
+ * @returns A base58-encoded multihash string
+ */
+export function encodeMultihash(digest: Buffer, algorithm = 'sha256'): string {
+  const multihashBuffer = createMultihash(digest, algorithm)
+  return `z${encodeToBase58(multihashBuffer)}`
+}
+
+/**
+ * Decodes a multihash string to extract the original digest
+ * @param multihashString Base58-encoded multihash string
+ * @returns The original digest buffer
+ */
+export function decodeMultihash(multihashString: string): { algorithm: string, digest: Buffer } {
+  // Remove the 'z' prefix if present
+  const base58String = multihashString.startsWith('z') ? multihashString.slice(1) : multihashString
+  
+  // Decode from base58
+  const multihashBuffer = Buffer.from(decodeFromBase58(base58String))
+  
+  // Extract hash code, length, and digest
+  const hashCode = multihashBuffer[0]
+  const digestLength = multihashBuffer[1]
+  const digest = multihashBuffer.slice(2, 2 + digestLength)
+  
+  // Get the algorithm name from the hash code
+  const algorithm = Object.keys(HASH_CODES).find(key => HASH_CODES[key] === hashCode) || 'unknown'
+  
+  return { algorithm, digest }
+}