Skip to content

Instun/did-key

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
lib
lib
 
 
samples
samples
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

@instun/did-key

A module for generating DID keys and issuing Verifiable Credentials (VC), which can be utilized in fibjs, Node.js, and browsers.

Install

To install from NPM:

fibjs --install @instun/did-key

Usage

To use the functions provided in this module, import them as follows:

ES6 Import

import * as dkey from '@instun/did-key';

CommonJS Require

const dkey = require('@instun/did-key');

Interface definition

The interfaces of basic functions in did-key are all async functions, and these functions are compatible in fibjs, Node.js, and browsers. In order to facilitate the usage in fibjs, when the module detects that the environment is fibjs, it will add a corresponding set of *_sync functions.

Generating a new public/secret key pair

To generate a new key pair, use the generate function. Here is an example of generating a key pair using the P-256 curve:

import * as dkey from '@instun/did-key';

const key = await dkey.generate('P-256');

The algorithms that can be used to generate keys are: P-256, P-384, P-521, Ed25519, Bls12381

Issuing a Verifiable Credential

To issue a Verifiable Credential, use the issueCredential function. Here is an example:

import * as dkey from '@instun/did-key';

const issuer_key = await dkey.generate('P-256');

const verifiableCredential = await dkey.issueCredential({
    credential: demo_credential,
    key: issuer_key
});

Issuing a Selective Disclosure Verifiable Credential

To issue a Selective Disclosure Verifiable Credential, you can specify mandatory pointers. Here is an example:

import * as dkey from '@instun/did-key';

const issuer_key = await dkey.generate('P-256');

const verifiableCredential = await dkey.issueCredential({
    credential: demo_credential,
    key: issuer_key,
    mandatoryPointers: [
        '/issuanceDate',
        '/issuer'
    ]
});

You can also use a different key type, such as Bls12381:

import * as dkey from '@instun/did-key';

const issuer_key = await dkey.generate('Bls12381');

const verifiableCredential = await dkey.issueCredential({
    credential: demo_credential,
    key: issuer_key,
    mandatoryPointers: [
        '/issuanceDate',
        '/issuer'
    ]
});

The supported algorithms for Selective Disclosure Verifiable Credential are: P-256, Bls12381. When generating a Selective Disclosure Verifiable Credential, you can set mandatoryPointers to specify the required attributes. If the key algorithm is P-256 and mandatoryPointers are not specified, a regular Verifiable Credential will be issued.

Deriving a Selective Disclosure Verifiable Credential

You can derive a Selective Disclosure Verifiable Credential by specifying selective pointers. Here is an example:

const derivedCredential = await dkey.deriveCredential({
    verifiableCredential: verifiableCredential,
    selectivePointers: [
        '/credentialSubject/dog_name'
    ]
});

When deriving a Selective Disclosure Verifiable Credential, you need to set selectivePointers to specify which attributes will be included in the Selective Disclosure Verifiable Credential.

Verifying a Verifiable Credential

To verify a Verifiable Credential, use the following code:

const result = await dkey.verifyCredential({
    credential: verifiableCredential
});

Please note that a regular Verifiable Credential can be verified directly. However, a Selective Disclosure Verifiable Credential issued directly cannot be verified directly. You need to call deriveCredential to derive a Verifiable Credential in order to verify it. verifyCredential only verifies the integrity of the Verifiable Credential itself, but does not verify its issuer. So after verifying the credential, you need to check the legitimacy of the issuer yourself.

Signing the Presentation

You can sign a presentation using the original or derived credential. Below are examples for both cases:

Signing with Original Credential

import * as dkey from '@instun/did-key';

const holder_key = await dkey.generate('P-256');

const verifiablePresentation = await dkey.signPresentation({
    credential: verifiableCredential,
    key: holder_key
});

Signing with Derived Credential

import * as dkey from '@instun/did-key';

const holder_key = await dkey.generate('P-256');

const verifiablePresentation = await dkey.signPresentation({
    credential: derivedCredential,
    key: holder_key
});

You can sign a Verifiable Presentation with a key that uses a different algorithm from the issue key of the Verifiable Credential. The verifyPresentation function will automatically load different encryption components to verify them separately according to different algorithms.

Verifying a Verifiable Presentation

To verify a Verifiable Presentation, use the following code:

const result = await dkey.verifyPresentation({
    presentation: verifiablePresentation
});

Like verifyCredential, verifyPresentation simply checks the integrity of the Verifiable Presentation and the Verifiable Credential it contains, without verifying the issuer's source. So after verifyPresentation, you need to verify the legitimacy of the issuer by yourself.

Conclusion

This documentation provides a comprehensive guide to issuing, deriving, verifying, and signing Selective Disclosure Verifiable Credentials using the @instun/did-key library. Ensure you follow the examples and adjust the parameters as needed for your specific use case.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages