Merge pull request #6 from Bhutan-NDI/refactor/did-resolution

refactor: publicKeyHex to publicKeyBase58

Author: kinxa0

.changeset/blue-hounds-kiss.md

@@ -0,0 +1,5 @@
+---
+'@bhutan-ndi/ethr-credo-module': patch
+---
+
+Refactor publicKeyHex to publicKeyBase58

patches/@credo-ts+core+0.5.3.patch

@@ -21,11 +21,6 @@ export class EthereumDidResolver implements DidResolver {
 
       const didDoc = JsonTransformer.fromJSON(didDocument, DidDocument)
 
-      didDoc.context = [
-        // 'https://www.w3.org/ns/did/v1',
-        // 'https://w3id.org/security/suites/secp256k1-2019/v1',
-        'https://w3id.org/security/v3-unstable',
-      ]
       return {
         didDocument: didDoc,
         didDocumentMetadata,

src/dids/EthrDidResolver.ts

@@ -228,20 +228,57 @@ export class EthereumLedgerService {
 
     const blockchainAccountId = getPreferredKey(didRecord.didDocument.verificationMethod)
 
-    const keyObj = didRecord.didDocument.verificationMethod.find((obj) => obj.publicKeyHex)
+    // Look for publicKeyBase58 (new format) or fallback to publicKeyHex (legacy)
+    const keyObj = didRecord.didDocument.verificationMethod.find((obj) => obj.publicKeyBase58 || obj.publicKeyHex)
 
-    if (!keyObj || !keyObj.publicKeyHex) {
-      throw new CredoError('Public Key hex not found in wallet for did: ' + did)
+    if (!keyObj) {
+      throw new CredoError('Public Key not found in wallet for did: ' + did)
     }
 
-    const publicKey = TypedArrayEncoder.fromHex(keyObj.publicKeyHex)
+    let publicKeyBase58: string
 
-    const publicKeyBase58 = TypedArrayEncoder.toBase58(publicKey)
+    if (keyObj.publicKeyBase58) {
+      publicKeyBase58 = keyObj.publicKeyBase58
+    } else if (keyObj.publicKeyHex) {
+      // Legacy support: convert hex to base58
+      const publicKey = TypedArrayEncoder.fromHex(keyObj.publicKeyHex)
+      publicKeyBase58 = TypedArrayEncoder.toBase58(publicKey)
+    } else {
+      throw new CredoError('Public Key not found in wallet for did: ' + did)
+    }
 
     return { publicKeyBase58, blockchainAccountId }
   }
 
   public async resolveDID(did: string) {
-    return await this.resolver.resolve(did)
+    const result = await this.resolver.resolve(did)
+
+    // Update context to include secp256k1-2019/v1
+    if (result.didDocument) {
+      result.didDocument['@context'] = [
+        'https://www.w3.org/ns/did/v1',
+        'https://w3id.org/security/suites/secp256k1recovery-2020/v2',
+        'https://w3id.org/security/suites/secp256k1-2019/v1',
+      ]
+
+      // Transform verification methods from publicKeyHex to publicKeyBase58
+      if (result.didDocument.verificationMethod) {
+        result.didDocument.verificationMethod = result.didDocument.verificationMethod.map((vm) => {
+          if (vm.publicKeyHex) {
+            const publicKey = TypedArrayEncoder.fromHex(vm.publicKeyHex)
+            const publicKeyBase58 = TypedArrayEncoder.toBase58(publicKey)
+            // eslint-disable-next-line @typescript-eslint/no-unused-vars
+            const { publicKeyHex, ...rest } = vm
+            return {
+              ...rest,
+              publicKeyBase58,
+            }
+          }
+          return vm
+        })
+      }
+    }
+
+    return result
   }
 }

src/ledger/EthereumLedgerService.ts

@@ -1,4 +1,3 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
 import type { DocumentLoader, JwsLinkedDataSignatureOptions, Proof } from '@credo-ts/core'
 import type { JsonLdDoc } from '@credo-ts/core/build/modules/vc/data-integrity/jsonldUtil'
 
@@ -62,27 +61,29 @@ export class EcdsaSecp256k1Signature2019 extends JwsLinkedDataSignature {
   }
 
   public async assertVerificationMethod(document: JsonLdDoc) {
-    // if (!_includesCompatibleContext({ document: document })) {
-    //   // For DID Documents, since keys do not have their own contexts,
-    //   // the suite context is usually provided by the documentLoader logic
-    //   throw new TypeError(
-    //     `The '@context' of the verification method (key) MUST contain the context url "${this.contextUrl}".`
-    //   )
-    // }
-    // if (!_isSecp256k12019Key(document)) {
-    //   const verificationMethodType = jsonld.getValues(document, 'type')[0]
-    //   throw new Error(
-    //     `Unsupported verification method type '${verificationMethodType}'. Verification method type MUST be 'EcdsaSecp256k1VerificationKey2019'.`
-    //   )
-    // } else if (_isSecp256k12019Key(document) && !_includesSecp256k12019Context(document)) {
-    //   throw new Error(
-    //     `For verification method type 'EcdsaSecp256k1VerificationKey2019' the '@context' MUST contain the context url "${SECURITY_CONTEXT_SECP256k1_URL}".`
-    //   )
-    // }
-    // // ensure verification method has not been revoked
-    // if (document.revoked !== undefined) {
-    //   throw new Error('The verification method has been revoked.')
-    // }
+    if (!_includesCompatibleContext({ document: document })) {
+      // For DID Documents, since keys do not have their own contexts,
+      // the suite context is usually provided by the documentLoader logic
+      throw new TypeError(
+        `The '@context' of the verification method (key) MUST contain the context url "${this.contextUrl}".`
+      )
+    }
+
+    if (!_isSecp256k12019Key(document)) {
+      const verificationMethodType = jsonld.getValues(document, 'type')[0]
+      throw new Error(
+        `Unsupported verification method type '${verificationMethodType}'. Verification method type MUST be 'EcdsaSecp256k1VerificationKey2019'.`
+      )
+    } else if (_isSecp256k12019Key(document) && !_includesSecp256k12019Context(document)) {
+      throw new Error(
+        `For verification method type 'EcdsaSecp256k1VerificationKey2019' the '@context' MUST contain the context url "${SECURITY_CONTEXT_SECP256k1_URL}".`
+      )
+    }
+
+    // ensure verification method has not been revoked
+    if (document.revoked !== undefined) {
+      throw new Error('The verification method has been revoked.')
+    }
   }
 
   public async getVerificationMethod(options: { proof: Proof; documentLoader?: DocumentLoader }) {

src/signature-suites/EcdsaSecp256k1Signature2019.ts

@@ -76,6 +76,7 @@ export function parseAddress(address: string) {
 export function getPreferredKey(methods: VerificationMethod[]): string {
   for (const m of methods) {
     if (m.blockchainAccountId) return m.blockchainAccountId
+    if (m.publicKeyBase58) return m.publicKeyBase58
     if (m.publicKeyHex) return m.publicKeyHex
   }
 

src/utils/utils.ts

@@ -185,9 +185,9 @@ export const EthereumDIDFixtures = {
   VALID_DID_DOCUMENT: {
     didDocument: {
       '@context': [
-        // 'https://www.w3.org/ns/did/v1',
-        // 'https://w3id.org/security/suites/secp256k1recovery-2020/v2',
-        'https://w3id.org/security/v3-unstable',
+        'https://www.w3.org/ns/did/v1',
+        'https://w3id.org/security/suites/secp256k1recovery-2020/v2',
+        'https://w3id.org/security/suites/secp256k1-2019/v1',
       ],
       id: 'did:ethr:sepolia:0x022527341df022c9b898999cf6035ed3addca5d30e703028deeb4408f890f3baca',
       verificationMethod: [
@@ -201,7 +201,7 @@ export const EthereumDIDFixtures = {
           id: 'did:ethr:sepolia:0x022527341df022c9b898999cf6035ed3addca5d30e703028deeb4408f890f3baca#controllerKey',
           type: 'EcdsaSecp256k1VerificationKey2019',
           controller: 'did:ethr:sepolia:0x022527341df022c9b898999cf6035ed3addca5d30e703028deeb4408f890f3baca',
-          publicKeyHex: '022527341df022c9b898999cf6035ed3addca5d30e703028deeb4408f890f3baca',
+          publicKeyBase58: 'dxfVszfXXYwayBLxAijdcdnkSG9Hw1w3fxLcHqobxUj3',
         },
       ],
       authentication: [