verify vc and vp (#17)

* upgrade wasm

* verify rootHash

* add comment

* digest verify

* did verify

* vp and vc verify

.yarnrc.yml

@@ -10,4 +10,4 @@ plugins:
   - path: .yarn/plugins/@yarnpkg/plugin-version.cjs
     spec: "@yarnpkg/plugin-version"
 
-yarnPath: .yarn/releases/yarn-3.2.3.cjs
+yarnPath: .yarn/releases/yarn-3.2.4.cjs

package.json

@@ -3,7 +3,7 @@
   "bugs": "https://github.com/zCloak-Network/zkid-sdk/issues",
   "homepage": "https://github.com/zCloak-Network/zkid-sdk#readme",
   "license": "Apache-2.0",
-  "packageManager": "yarn@3.2.3",
+  "packageManager": "yarn@3.2.4",
   "private": true,
   "repository": {
     "type": "git",
@@ -26,18 +26,15 @@
     "build": "zcloak-dev-build-ts",
     "build:release": "zcloak-ci-ghact-build",
     "clean": "zcloak-dev-clean-build",
-    "lint": "zcloak-dev-run-lint",
+    "lint": "zcloak-dev-run-lint && zcloak-dev-lint-dependencies",
     "postinstall": "zcloak-dev-yarn-only",
     "test": "zcloak-dev-run-test --coverage --forceExit --runInBand --testPathIgnorePatterns e2e",
     "test:one": "zcloak-dev-run-test --runInBand",
     "test:watch": "zcloak-dev-run-test --watch"
   },
   "devDependencies": {
     "@types/jest": "^27.4.0",
-    "@zcloak/dev": "^0.5.0",
-    "ethers": "^5.7.1",
-    "react": "^18.2.0",
-    "react-dom": "^18.2.0",
+    "@zcloak/dev": "^0.6.1",
     "typescript": "^4.8.4"
   },
   "resolutions": {

packages/crypto/src/ed25519.ts

@@ -7,7 +7,18 @@ import { u8aToU8a } from '@polkadot/util';
 import * as crypto from '@polkadot/util-crypto';
 
 /**
+ * @name ed25519Sign
+ * @summary Signs a message using the supplied secretKey
+ * @description
  * Returns message signature of `message`, using the `secretKey`.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { ed25519Sign } from '@zcloak/crypto';
+ *
+ * ed25519Sign([...], [...]); // => [...]
+ * ```
  */
 export function ed25519Sign(
   message: HexString | Uint8Array,
@@ -17,7 +28,18 @@ export function ed25519Sign(
 }
 
 /**
+ * @name ed25519Sign
+ * @summary Verifies the signature on the supplied message.
+ * @description
  * Verifies the `signature` on `message` with the supplied `publicKey`. Returns `true` on sucess, `false` otherwise.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { ed25519Verify } from '@zcloak/crypto';
+ *
+ * ed25519Verify([...], [...], [...]); // => true/false
+ * ```
  */
 export function ed25519Verify(
   message: HexString | Uint8Array,
@@ -28,7 +50,18 @@ export function ed25519Verify(
 }
 
 /**
+ * @name ed25519PairFromSeed
+ * @summary Creates a new public/secret keypair from a seed.
+ * @description
  * Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { ed25519PairFromSeed } from '@zcloak/crypto';
+ *
+ * ed25519PairFromSeed(...); // => { secretKey: [...], publicKey: [...] }
+ * ```
  */
 export function ed25519PairFromSeed(seed: HexString | Uint8Array): Keypair {
   return crypto.ed25519PairFromSeed(u8aToU8a(seed));

packages/crypto/src/index.ts

@@ -8,7 +8,6 @@ export * from './multibase';
 export * from './nacl';
 export * from './secp256k1';
 export * from './x25519';
-export * from './verify';
 export * from './rescue';
 export * from './initCrypto';
 

packages/crypto/src/multibase/index.ts

@@ -1,6 +1,22 @@
 // Copyright 2021-2022 zcloak authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
+import { base32Decode, isBase32 } from './bs32';
+import { base58Decode, isBase58 } from './bs58';
+import { base64Decode, isBase64 } from './bs64';
+
 export * from './bs32';
 export * from './bs58';
 export * from './bs64';
+
+export function decodeMultibase(multibase: string): Uint8Array {
+  if (isBase58(multibase)) {
+    return base58Decode(multibase);
+  } else if (isBase32(multibase)) {
+    return base32Decode(multibase);
+  } else if (isBase64(multibase)) {
+    return base64Decode(multibase);
+  } else {
+    throw new Error(`Decode ${multibase} error, only support base58, base32, base64`);
+  }
+}

packages/crypto/src/secp256k1.ts

@@ -7,9 +7,18 @@ import { stringToU8a, u8aConcat, u8aToU8a } from '@polkadot/util';
 import * as crypto from '@polkadot/util-crypto';
 
 /**
- * Returns message signature of `message`, using the supplied pair
+ * @name secp256k1Sign
+ * @summary Signs a message using the supplied secretKey
+ * @description Returns message signature of `message`, using the supplied pair
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { secp256k1Sign } from '@zcloak/crypto';
+ *
+ * secp256k1Sign([...], [...]); // => [...]
+ * ```
  */
-
 export function secp256k1Sign(
   message: HexString | Uint8Array,
   secretKey: HexString | Uint8Array
@@ -25,18 +34,40 @@ export function secp256k1Sign(
 }
 
 /**
- * Verifies the signature of `message`, using the supplied pair
+ * @name secp256k1Verify
+ * @summary Verifies the signature on the supplied message.
+ * @description Verifies the `signature` of `msgHash`, using the supplied `addressOrPublicKey`
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { secp256k1Verify } from '@zcloak/crypto';
+ *
+ * secp256k1Verify([...], [...], [...]); // => true/false
+ * ```
  */
 export function secp256k1Verify(
-  msgHash: HexString | Uint8Array,
+  msgHash: HexString | Uint8Array | string,
   signature: HexString | Uint8Array,
-  publicKey: HexString | Uint8Array
+  addressOrPublicKey: HexString | Uint8Array
 ): boolean {
-  return crypto.secp256k1Verify(msgHash, signature, crypto.ethereumEncode(publicKey), 'keccak');
+  const address = crypto.ethereumEncode(addressOrPublicKey);
+
+  return crypto.secp256k1Verify(msgHash, signature, address, 'keccak');
 }
 
 /**
- * Returns a object containing a `publicKey` & `secretKey` generated from the supplied secretKey.
+ * @name secp256k1PairFromSeed
+ * @summary Creates a new public/secret keypair from a seed.
+ * @description Returns a object containing a `publicKey` & `secretKey` generated from the supplied seed.
+ * @example
+ * <BR>
+ *
+ * ```javascript
+ * import { secp256k1PairFromSeed } from '@zcloak/crypto';
+ *
+ * secp256k1PairFromSeed(...); // => { secretKey: [...], publicKey: [...] }
+ * ```
  */
 export function secp256k1PairFromSeed(seed: HexString | Uint8Array): Keypair {
   const seedU8a = u8aToU8a(seed);

packages/did/src/defaults.ts → packages/did-resolver/src/defaults.ts

@@ -1,7 +1,7 @@
 // Copyright 2021-2022 zcloak authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
-import { ArweaveDidResolver } from '@zcloak/did-resolver';
-import { DidResolver } from '@zcloak/did-resolver/DidResolver';
+import { DidResolver } from './DidResolver';
+import { ArweaveDidResolver } from '.';
 
 export const defaultResolver: DidResolver = new ArweaveDidResolver();

packages/did/src/did/chain.ts

@@ -1,7 +1,7 @@
 // Copyright 2021-2022 zcloak authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
-import type { DidDocumentProof, DidDocumentWithProof, DidUrl } from '@zcloak/did-resolver/types';
+import type { DidDocumentProof, DidDocumentWithProof } from '@zcloak/did-resolver/types';
 
 import { base58Encode } from '@zcloak/crypto';
 
@@ -11,21 +11,18 @@ import { DidDetails } from './details';
 export abstract class DidChain extends DidDetails {
   /**
    * get a [[DidDocumentWithProof]] objecg, pass capability invocation key id
-   * @param keyId `this.capabilityInvocation` item
    * @returns an object of [[DidDocumentWithProof]]
    */
-  public getPublish(keyId: DidUrl): DidDocumentWithProof {
+  public getPublish(): DidDocumentWithProof {
     const document = this.getDocument();
 
     document.creationTime = Date.now();
 
     const proof: DidDocumentProof[] = document.proof ?? [];
 
-    const key = this.get(keyId);
+    const { id, signature } = this.signWithKey('capabilityInvocation', hashDidDocument(document));
 
-    const signature = this.sign(key.publicKey, hashDidDocument(document));
-
-    proof.push({ id: key.id, signature: base58Encode(signature), type: 'creation' });
+    proof.push({ id, signature: base58Encode(signature), type: 'creation' });
 
     return {
       ...document,

packages/did/src/did/details.ts

@@ -1,6 +1,7 @@
 // Copyright 2021-2022 zcloak authors & contributors
 // SPDX-License-Identifier: Apache-2.0
 
+import type { HexString } from '@zcloak/crypto/types';
 import type {
   DidDocument,
   DidUrl,
@@ -10,7 +11,7 @@ import type {
 } from '@zcloak/did-resolver/types';
 import type { KeypairType, KeyringPair } from '@zcloak/keyring/types';
 import type { IDidDetails, KeyRelationship } from '../types';
-import type { DidKeys } from './types';
+import type { DidKeys, SignedData } from './types';
 
 import { assert } from '@polkadot/util';
 
@@ -78,6 +79,25 @@ export abstract class DidDetails extends DidKeyring implements IDidDetails {
     return method;
   }
 
+  public signWithKey(key: DidKeys, message: Uint8Array | HexString): SignedData {
+    const didUrl = this.getKeyUrl(key);
+
+    assert(didUrl, `can not find verification method with the key: ${key}`);
+
+    return this.signWithId(didUrl, message);
+  }
+
+  public signWithId(id: DidUrl, message: Uint8Array | HexString): SignedData {
+    const { publicKey } = this.get(id);
+    const signature = this.sign(publicKey, message);
+
+    return {
+      signature,
+      type: typeTransform(this.getPair(publicKey).type),
+      id
+    };
+  }
+
   public getDocument(): DidDocument {
     assert(this.controller.size > 0, 'Must has one controller');
 

packages/did/src/did/helpers.ts

@@ -6,34 +6,13 @@ import type { DidDocument, DidUrl } from '@zcloak/did-resolver/types';
 import type { KeyringInstance } from '@zcloak/keyring/types';
 import type { KeyGen } from './types';
 
-import {
-  base32Decode,
-  base58Decode,
-  base58Encode,
-  base64Decode,
-  ethereumEncode,
-  isBase32,
-  isBase58,
-  isBase64
-} from '@zcloak/crypto';
+import { base58Encode, decodeMultibase, ethereumEncode } from '@zcloak/crypto';
+import { defaultResolver } from '@zcloak/did-resolver/defaults';
 import { Keyring } from '@zcloak/keyring';
 
-import { defaultResolver } from '../defaults';
 import { IDidDetails } from '../types';
 import { Did } from '.';
 
-export function decodeMultibase(multibase: string): Uint8Array {
-  if (isBase58(multibase)) {
-    return base58Decode(multibase);
-  } else if (isBase32(multibase)) {
-    return base32Decode(multibase);
-  } else if (isBase64(multibase)) {
-    return base64Decode(multibase);
-  } else {
-    throw new Error(`Decode ${multibase} error, only support base58, base32, base64`);
-  }
-}
-
 /**
  * parse a did document to [[IDidDetails]]
  * @param document an object of [[DidDocument]]

packages/did/src/did/index.spec.ts

@@ -5,7 +5,6 @@ import { ethereumEncode } from '@zcloak/crypto';
 import { DidDocument } from '@zcloak/did-resolver/types';
 import { Keyring } from '@zcloak/keyring';
 
-import { verifyDidDocumentProof } from '../verify';
 import { createEcdsaFromMnemonic } from './helpers';
 
 const DOCUMENT: DidDocument = {
@@ -85,16 +84,4 @@ describe('Did', (): void => {
       expect(document.service).toEqual(DOCUMENT.service);
     });
   });
-
-  describe('did chain', (): void => {
-    it('create ecdsa did from mnemonic and getPublish and verify', (): void => {
-      const mnemonic =
-        'health correct setup usage father decorate curious copper sorry recycle skin equal';
-      const did = createEcdsaFromMnemonic(mnemonic);
-
-      const document = did.getPublish('did:zk:0x11f8b77F34FCF14B7095BF5228Ac0606324E82D1#key-0');
-
-      expect(verifyDidDocumentProof(document)).toBe(true);
-    });
-  });
 });