Signature verification

[mistermoe]

Overview

• Adds function verifyMessageSignature to verify a signed message
• scaffolds Permissions interface stuff
• Adds PermissionsRequest message validation
• Updates CONTRIBUTING.md

Review instructions

• Review code, run tests to ensure there are no failing ones

git clone https://github.com/TBD54566975/hub-sdk-js
cd hub-sdk-js
git checkout signature-verification
npm install
npm run test

output should look like this:

> hub-sdk@0.1.0 test
> ts-mocha --type-check tests/**/*.ts



  Permission Tests
    constructor
      - throws an exception if expiration is in the past
      - throws an exception if expiration is before nbf
    toUnixEpochSeconds
      ✔ adds duration to the current time and returns that as a unix epoch timestamp
      - converts a date to a unix epoch timestamp

  Message Tests
    validateMessage
      - throws exception if interface method isnt supported
      - throws exception if message is invalid relative to interface method
    verifyMessageSignature
      - throws an exception if attestation property is missing
      ✔ throws an exception if attestation payload is not a valid CID
      ✔ throws an exception if CID of descriptor !== attestation payload
      ✔ throws an exception if provided CID doesnt utilize cbor codec
      ✔ throws an exception if provided CID uses unsupported hashing algo
      ✔ throws an exception if DID could not be resolved
      ✔ throws an exception if appropriate key isnt present in DID Doc
      ✔ throws an exception if signature does not match
      ✔ resolves if signature is successfully verified


  9 passing (30ms)
  6 pending