feat: watcher endpoints

Author: coodos

infrastructure/evault-core/package.json

@@ -27,6 +27,7 @@
     "@fastify/swagger": "^8.14.0",
     "@fastify/swagger-ui": "^3.0.0",
     "@testcontainers/neo4j": "^10.24.2",
+    "axios": "^1.6.7",
     "fastify": "^4.26.2",
     "graphql": "^16.10.0",
     "graphql-type-json": "^0.3.2",

infrastructure/evault-core/src/http/server.ts

@@ -3,12 +3,19 @@ import swagger from "@fastify/swagger";
 import swaggerUi from "@fastify/swagger-ui";
 import { W3ID } from "../w3id/w3id";
 import { LogEvent } from "w3id";
-import {
-  WatcherSignatureRequest,
-  WatcherRequest,
-  TypedRequest,
-  TypedReply,
-} from "./types";
+import axios from "axios";
+import { WatcherRequest, TypedRequest, TypedReply } from "./types";
+import { verifierCallback } from "../utils/signer";
+
+interface WatcherSignatureRequest {
+  w3id: string;
+  logEntryId: string;
+  proof: {
+    signature: string;
+    alg: string;
+    kid: string;
+  };
+}
 
 export async function registerHttpRoutes(
   server: FastifyInstance
@@ -98,11 +105,19 @@ export async function registerHttpRoutes(
         description: "Post a signature for a specific log entry",
         body: {
           type: "object",
-          required: ["w3id", "signature", "logEntryId"],
+          required: ["w3id", "logEntryId", "proof"],
           properties: {
             w3id: { type: "string" },
-            signature: { type: "string" },
             logEntryId: { type: "string" },
+            proof: {
+              type: "object",
+              required: ["signature", "alg", "kid"],
+              properties: {
+                signature: { type: "string" },
+                alg: { type: "string" },
+                kid: { type: "string" },
+              },
+            },
           },
         },
         response: {
@@ -120,12 +135,51 @@ export async function registerHttpRoutes(
       request: TypedRequest<WatcherSignatureRequest>,
       reply: TypedReply
     ) => {
-      const { w3id, signature, logEntryId } = request.body;
-      // TODO: Implement signature verification and storage
-      return {
-        success: true,
-        message: "Signature stored successfully",
-      };
+      const { w3id, logEntryId, proof } = request.body;
+
+      try {
+        const currentW3ID = await W3ID.get();
+        if (!currentW3ID.logs) {
+          throw new Error("W3ID must have logs enabled");
+        }
+
+        const logEvent = await currentW3ID.logs.repository.findOne({
+          versionId: logEntryId,
+        });
+        if (!logEvent) {
+          throw new Error(`Log event not found with id ${logEntryId}`);
+        }
+
+        const isValid = await verifierCallback(
+          logEntryId,
+          [proof],
+          proof.kid.split("#")[0]
+        );
+        if (!isValid) {
+          throw new Error("Invalid signature");
+        }
+
+        const updatedLogEvent: LogEvent = {
+          ...logEvent,
+          proofs: [...(logEvent.proofs || []), proof],
+        };
+
+        await currentW3ID.logs.repository.create(updatedLogEvent);
+
+        return {
+          success: true,
+          message: "Signature stored successfully",
+        };
+      } catch (error) {
+        console.error("Error storing signature:", error);
+        return {
+          success: false,
+          message:
+            error instanceof Error
+              ? error.message
+              : "Failed to store signature",
+        };
+      }
     }
   );
 
@@ -158,12 +212,54 @@ export async function registerHttpRoutes(
     },
     async (request: TypedRequest<WatcherRequest>, reply: TypedReply) => {
       const { w3id, logEntryId } = request.body;
-      // TODO: Implement signature request logic
-      return {
-        success: true,
-        message: "Signature request created",
-        requestId: "req_" + Date.now(),
-      };
+
+      try {
+        // Resolve the W3ID to get its request endpoint
+        const registryResponse = await axios.get(
+          `http://localhost:4321/resolve?w3id=${w3id}`
+        );
+        const { requestWatcherSignature } = registryResponse.data;
+
+        // Get the current W3ID instance
+        const currentW3ID = await W3ID.get();
+        if (!currentW3ID.logs) {
+          throw new Error("W3ID must have logs enabled");
+        }
+
+        // Find the log event
+        const logEvent = await currentW3ID.logs.repository.findOne({
+          versionId: logEntryId,
+        });
+        if (!logEvent) {
+          throw new Error(`Log event not found with id ${logEntryId}`);
+        }
+
+        // Request signature from the watcher
+        const response = await axios.post(requestWatcherSignature, {
+          w3id: currentW3ID.id,
+          logEntryId,
+          signature: await currentW3ID.signJWT({
+            sub: logEntryId,
+            exp: Date.now() + 3600 * 1000, // 1 hour expiry
+          }),
+        });
+
+        return {
+          success: true,
+          message: "Signature request created",
+          requestId: response.data.requestId,
+        };
+      } catch (error) {
+        console.error("Error requesting signature:", error);
+        return {
+          success: false,
+          message:
+            error instanceof Error
+              ? error.message
+              : "Failed to request signature",
+          requestId: "",
+        };
+      }
     }
   );
 }

platforms/registry/src/consul.ts

@@ -19,10 +19,9 @@ export async function resolveService(w3id: string) {
       const address = `http://${services[0].ServiceAddress}:${services[0].ServicePort}`;
       return {
         graphql: `${address}/graphql`,
-        voyager: `${address}/voyager`,
         whois: `${address}/whois`,
-        logs: `${address}/logs`,
-        requestWatcherSignature: `${address}/request-signature`,
+        requestWatcherSignature: `${address}/watchers/request`,
+        wathcerSignEndpoint: `${address}/watchers/request`,
       };
     }
     return null;