These source files have moved here
transmute-industries / vc.js Goto Github PK
View Code? Open in Web Editor NEWHome Page: https://transmute-industries.github.io/vc.js/
License: Other
Home Page: https://transmute-industries.github.io/vc.js/
License: Other
These source files have moved here
they should be exported by linked data proof...
@vocab is a jsonld anti pattern, there should be an error or a warning when it's used
currently, not possible to use private contexts (ones that are not public on the internet)... solution is to forwards the document loader to the checker.
Hey, I get the following error when using this library:
The types returned by 'from(...)' are incompatible between these types.
Type 'Promise<Ed25519KeyPair2020>' is missing the following properties from type 'Ed25519KeyPair': id, type, controller, publicKeyBuffer, and 9 more.
Furthermore, I had to add @transmute/did-key-ed25519
manually, since it's only a devDependency
. Since Ed25519KeyPair2020
uses it directly I feel it should go into dependencies
This schema/context document defines "publicKey", which I don't think is part of the did-document specification any longer?
there are a number of places that mutate function arguments... this breaks all kinds of assumptions and should not happen.
I was testing compatibility between linked-data-proof
and jsonld-signatures
and noticed some divergence here https://github.com/transmute-industries/vc.js/blob/master/packages/linked-data-proof/src/ProofSet.ts#L150 and here https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/ProofSet.js#L188. I believe the fix would be:
+ const context = document['@context'] || constants.SECURITY_CONTEXT_URL
const proofSet = proofSet.map((proof: any) => ({
- '@context': constants.SECURITY_CONTEXT_URL,
+ '@context': context,
...proof,
}));
When testing that out I also noticed that vc.js
will need to be updated too: https://github.com/transmute-industries/vc.js/blob/master/packages/vc.js/src/vc-ld/purposes/CredentialIssuancePurpose.ts#L62. The fix here I think would be:
const issuer = jsonld.getValues(
document,
- 'https://www.w3.org/2018/credentials#issuer'
+ 'issuer'
);
+ const issuerId = const issuerId = typeof issuer[0] === 'string' ? issuer[0] : issuer[0].id;
- if (result.controller.id !== issuer[0].id) {
+ if (result.controller.id !== issuerId) {
throw new Error(
'Credential issuer must match the verification method controller.'
);
}
I tried to create a PR that fixes and tests these things but to do so I needed a signing suite that wasn't supported by sec-v2 context I tried using https://github.com/digitalbazaar/ed25519-signature-2020 but that requires the latest jsonld-signatures and that has other changes that impact compatibility (no more compact proof support)
Github actions, conventional commits, release documentation, etc...
The spec https://w3c-ccg.github.io/lds-ed25519-2018/ specifies sha512 for digests. This library uses sha256. Which one is correct?
Thanks
see revocation list... throw new TypeError('"suite" must be an object or an array of objects.');
when this PR is merged, should be able to remove the declare module "vc-js"
and see any mismatches in types.
Caused by sec/v2 not understanding publicKeyJwk
...
proposed solution, any suite that uses publicKeyJwk should have the result of get verification method to ensure the property exists as publicKeyJwk
not sec:publicKeyJwk
... move evidence that security context remains a blocker for adoption.
Would be nice to add a nodejs bin / cli with support for boring web URLs
This is a minor nitpick but would make it a lot easier to go from npm to github (and from github to github).
Two reasons:
E.g. for the @transmute/vc.js
package this will mean adding the following to the package.json:
{
"name": "@transmute/vc.js",
// ...
"repository": {
"type" : "git",
"url" : "https://github.com/transmute-industries/vc.js.git",
"directory": "packages/vc.js"
},
"homepage": "https://github.com/transmute-industries/vc.js/tree/master/packages/vc.js",
// OR
"homepage": "https://transmute-industries.github.io/vc.js/"
}
Happy to assist if you agree :)
When having a credential or vc with this date format, it causes the formatting of the datetime without milliseconds when issuing or verifying to be incorrect. This happens for fields issuanceDate and expirationDate.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.