Utilities for signing VCs and creating VPs
- Datadog CI Details
- Datadog Security Scanning
This library provides utilities for working with DID Documents,
Verifiable Credentials (VCs) and Presentations (VPs).
Currently it is focussed on the minimal client side capabilities of:
1. Creating SIMBA VPs given VCs that have been provided by the server where a
local public key/ethereum address is mapped to the DID subject of that VC.
2. Finding the verification method (aka DID Document key reference) mapped to a public key or address.
3. Determining issuer and subject DIDs given a VC.
4. Creating a new private key from which public key and address can be derived.
5. Signing arbitrary data outside of the ethereum use case.
6. Creating JWK serializations of public and private keys.
7. Creating a multicodec serialization of public keys.
Note that (almost) all functionality is currently based on ERC 191 capabilities that are
used by the ERC191 crypto suite defined by SIMBA.
Therefore secp256k1 keys are assumed and when we say public key we usually mean ethereum address, as the address is the
public part of the key pair as far as blockchain and the SIMBA ERC191 suites is concerned.
The non-ethereum signing (#5 above) is used to sign DPoP headers. These signatures
are verified by the public key NOT an ethereum address.
For Secp256k1, this signing uses deterministic signing (no salt/nonce) and returns
a 64 byte signature over 32 bytes of data. It is assumed that any data that is not 32 bytes needs to be hashed and the
hashing alg is SHA256. An optional nonce can be added to this signing which is simply appended to the data before signing.
Multicodec public keys (not addresses) can be used as verification methods in DID documents.