Archon Keymaster
npm install @didcid/keymasterKeymaster is a client library for Archon.
It manages a wallet with any number of identities.
``bash`
npm install @didcid/keymaster
The library must be configured by calling the start function with 3 dependencies:
- a configured gatekeeper instance
- a wallet database
- a cipher library (@didcid/cipher/node for servers or @didcid/cipher/web for web browsers)
#### Node application
`js
// Import using subpaths
import GatekeeperClient from '@didcid/gatekeeper/client';
import WalletJson from '@didcid/keymaster/wallet/json';
import CipherNode from '@didcid/cipher/node';
import Keymaster from '@didcid/keymaster';
// Non-subpath imports
import { GatekeeperClient } from '@didcid/gatekeeper';
import Keymaster, { WalletJson } from '@didcid/keymaster';
import CipherNode from '@didcid/cipher';
const gatekeeper = new GatekeeperClient();
await gatekeeper.connect({
url: 'http://gatekeeper-host:4224',
waitUntilReady: true,
intervalSeconds: 5,
chatty: true,
});
const wallet = new WalletJson();
const cipher = new CipherNode();
const passphrase = 'SuperSecurePassphrase';
const keymaster = new Keymaster({
gatekeeper,
wallet,
cipher,
passphrase
});
const newId = await keymaster.createId('Bob');
`
#### Browser wallet
`js
// Import using subpaths
import GatekeeperClient from '@didcid/gatekeeper/client';
import WalletWeb from '@didcid/keymaster/wallet/web';
import CipherWeb from '@didcid/cipher/web';
import Keymaster from '@didcid/keymaster';
// Non-subpath imports
import { GatekeeperClient } from '@didcid/gatekeeper';
import Keymaster, { WalletWeb } from '@didcid/keymaster';
import CipherWeb from '@didcid/cipher';
const gatekeeper = new GatekeeperClient();
await gatekeeper.connect({
url: 'http://gatekeeper-host:4224',
waitUntilReady: true,
intervalSeconds: 5,
chatty: true
});
const wallet = new WalletWeb();
const cipher = new CipherWeb();
const passphrase = 'SuperSecurePassphrase';
const keymaster = new Keymaster({
gatekeeper,
wallet,
cipher,
passphrase
});
const newId = await keymaster.createId('Bob');
`
The package includes a command-line interface for managing wallets and identities directly.
#### Installation
`bash`
npm install -g @didcid/keymaster
#### Environment Variables
| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| ARCHON_GATEKEEPER_URL | No | http://localhost:4224 | Gatekeeper service URL |ARCHON_PASSPHRASE
| | Yes | - | Passphrase for wallet encryption |ARCHON_WALLET_PATH
| | No | ./wallet.json | Path to wallet file |ARCHON_WALLET_TYPE
| | No | json | Wallet type (json or sqlite) |ARCHON_DEFAULT_REGISTRY
| | No | hyperswarm | Default DID registry |
#### Quick Start
`bashSet required environment variables
export ARCHON_GATEKEEPER_URL=http://localhost:4224
export ARCHON_PASSPHRASE=your-secure-passphrase
#### Commands
##### Wallet Management
| Command | Description |
|---------|-------------|
|
| Create a new wallet (or show existing) |
| new-wallet | Create a new wallet |
| show-wallet | Display wallet contents |
| check-wallet | Validate DIDs in wallet |
| fix-wallet | Remove invalid DIDs from wallet |
| import-wallet | Create wallet from recovery phrase |
| show-mnemonic | Show recovery phrase |
| backup-wallet-file | Backup wallet to file |
| restore-wallet-file | Restore wallet from file |
| backup-wallet-did | Backup wallet to encrypted DID |
| recover-wallet-did [did] | Recover wallet from DID |##### Identity Management
| Command | Description |
|---------|-------------|
|
create-id | Create a new identity |
| list-ids | List all identities |
| use-id | Set current identity |
| remove-id | Delete an identity |
| rename-id | Rename an identity |
| resolve-id | Resolve current identity |
| rotate-keys | Generate new keys for current ID |
| backup-id | Backup current ID to registry |
| recover-id | Recover ID from DID |##### DID Operations
| Command | Description |
|---------|-------------|
|
resolve-did | Resolve a DID document |
| resolve-did-version | Resolve specific version |
| revoke-did | Permanently revoke a DID |##### Encryption & Signing
| Command | Description |
|---------|-------------|
|
encrypt-message | Encrypt message for recipient |
| encrypt-file | Encrypt file for recipient |
| decrypt-did | Decrypt an encrypted message |
| decrypt-json | Decrypt encrypted JSON |
| sign-file | Sign a JSON file |
| verify-file | Verify signature in file |##### Credentials
| Command | Description |
|---------|-------------|
|
bind-credential | Create bound credential |
| issue-credential | Issue a credential |
| list-issued | List issued credentials |
| revoke-credential | Revoke a credential |
| accept-credential | Accept a credential |
| list-credentials | List held credentials |
| get-credential | Get credential by DID |
| publish-credential | Publish credential existence |
| reveal-credential | Reveal credential publicly |
| unpublish-credential | Remove from manifest |##### Challenges & Responses
| Command | Description |
|---------|-------------|
|
create-challenge [file] | Create a challenge |
| create-challenge-cc | Create challenge from credential |
| create-response | Respond to a challenge |
| verify-response | Verify a response |##### Names (Aliases)
| Command | Description |
|---------|-------------|
|
add-name | Add alias for DID |
| get-name | Get DID by alias |
| remove-name | Remove alias |
| list-names | List all aliases |##### Groups
| Command | Description |
|---------|-------------|
|
create-group | Create a group |
| list-groups | List owned groups |
| get-group | Get group details |
| add-group-member | Add member to group |
| remove-group-member | Remove member |
| test-group | Test group membership |##### Schemas
| Command | Description |
|---------|-------------|
|
create-schema | Create schema from file |
| list-schemas | List owned schemas |
| get-schema | Get schema by DID |
| create-schema-template | Generate template |##### Assets
| Command | Description |
|---------|-------------|
|
create-asset | Create empty asset |
| create-asset-json | Create from JSON file |
| create-asset-image | Create from image |
| create-asset-document | Create from document |
| get-asset | Get asset by ID |
| update-asset-json | Update with JSON |
| update-asset-image | Update with image |
| update-asset-document | Update with document |
| transfer-asset | Transfer ownership |
| clone-asset | Clone an asset |
| set-property | Set asset property |
| list-assets | List owned assets |##### Polls
| Command | Description |
|---------|-------------|
|
create-poll-template | Create poll template |
| create-poll | Create poll from file |
| view-poll | View poll details |
| vote-poll | Vote in poll |
| update-poll | Add ballot to poll |
| publish-poll | Publish results (hidden) |
| reveal-poll | Publish results (revealed) |
| unpublish-poll | Remove results |##### Vaults
| Command | Description |
|---------|-------------|
|
create-vault | Create a vault |
| list-vault-items | List vault items |
| add-vault-member | Add vault member |
| remove-vault-member | Remove member |
| list-vault-members | List members |
| add-vault-item | Add file to vault |
| remove-vault-item | Remove item |
| get-vault-item | Download item |#### Command Options
Many commands support these options:
| Option | Description |
|--------|-------------|
|
-n, --name | Assign a name to created DID |
| -r, --registry | Specify DID registry |Example:
`bash
keymaster create-id MyBot -r hyperswarm
keymaster create-schema schema.json -n my-schema -r local
`$3
The KeymasterClient is used to communicate with a keymaster REST API service.
js
// Import using subpaths
import KeymasterClient from '@didcid/keymaster/client';// Non-subpath imports
import { KeymasterClient } from '@didcid/keymaster';
const keymaster = new KeymasterClient();
await keymaster.connect({
url: 'http://keymaster-host:4226',
waitUntilReady: true,
intervalSeconds: 5,
chatty: true
});
const newId = await keymaster.createId('Bob');
``